ÐÅÏ¢°²È«Öܱ¨-2020ÄêµÚ26ÖÜ

°ä²¼¹¦·ò 2020-06-29

> ±¾ÖÜ°²È«Ì¬ÊÆ×ÛÊö


2020Äê06ÔÂ22ÈÕÖÁ06ÔÂ28ÈÕ¹²ÊÕ¼°²È«·ì϶56¸ö£¬ÖµµÃ¹Ø×¢µÄÊÇApache Dubbo hessianÔ¶³Ì´úÂëÖ´Ðзì϶; ÓÃÓÑNC·´ÐòÁл¯Ô¶³Ì´úÂëÖ´Ðзì϶£»Apache ShiroÉí·ÝÑéÖ¤Èƹý·ì϶£»Apache Tomcat HTTP/2ÒªÇó»Ø¾ø·þÎñ·ì϶£»Atlassian JIRA Server and Data Center·þÎñÆ÷¶ËÄ£°å´úÂë×¢Èë·ì϶¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂ簲ȫÊÂÎñÊÇUnit 42°ä²¼¶ñÒâÈí¼þAcidBoxµÄ·ÖÎö»ã±¨£»ÃÀ¹ú200¶à¸ö´¦Ëù¾¯¾Ö24ÄêÊý¾Ýй¶£¬±»³ÆΪBlueLeaks£»Ä¦Âå¸çµ±¾Ö»òÔÚÀûÓÃNSO GroupµÄ¼äµýÈí¼þ¼à¶½¸Ã¹ú¼ÇÕߣ»ºÚ¿ÍʹÓÃGoogle Analyticsƽ̨ÈƹýCSPÇÔÊØÐÅÓþ¿¨ÐÅÏ¢£»DarkCrewFriends»Ø¹é£¬ÀûÓÃÄÚÈÝÖÎÀíϵͳ¹¹½¨½©Ê¬ÍøÂç¡£


ƾ¾ÝÒÔÉÏ×ÛÊö£¬±¾ÖÜ°²È«ÍþвΪÖС£



>³ÁÒª°²È«·ì϶Áбí


1.Apache Dubbo hessianÔ¶³Ì´úÂëÖ´Ðзì϶


Apache Dubbo hessian´æÔÚ·´ÐòÁл¯·ì϶£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÄܹ»ÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó£¬Äܹ»ÀûÓ÷¨Ê½¸ßµÍÎÄÖ´ÐÐËÁÒâ´úÂë¡£

https://github.com/apache/dubbo/releases/tag/dubbo-2.7.7


2. ÓÃÓÑNC·´ÐòÁл¯Ô¶³Ì´úÂëÖ´Ðзì϶


ÓÃÓÑNC´æÔÚ·´ÐòÁл¯·ì϶£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÄܹ»ÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó£¬Äܹ»ÀûÓ÷¨Ê½¸ßµÍÎÄÖ´ÐÐËÁÒâ´úÂë¡£

https://www.yonyoucloud.com/


3. Apache ShiroÉí·ÝÑéÖ¤Èƹý·ì϶


ʹÓÃSpring dynamic controllerµÄApache Shiro´æÔÚ°²È«·ì϶£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇ󣬿ÉÈƹýÉí·ÝÑé֤δÊÚȨ½Ó¼û¡£

https://access.redhat.com/security/cve/cve-2020-11989


4. Apache Tomcat HTTP/2ÒªÇó»Ø¾ø·þÎñ·ì϶


ApacheTomcat´¦ÖÃHTTP/2ÒªÇó´æÔÚ°²È«·ì϶£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇ󣬿Éʹ·þÎñ·¨Ê½±ÀÀ££¬Ôì³É»Ø¾ø·þÎñ¹¥»÷¡£

https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E


5. Atlassian JIRA Server and Data Center·þÎñÆ÷¶ËÄ£°å´úÂë×¢Èë·ì϶


Atlassian JIRA Server and Data Center´¦Ö÷þÎñÆ÷¶ËÄ£°å´æÔÚ°²È«·ì϶£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÄܹ»ÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇ󣬿É×¢ÈëËÁÒâ´úÂë²¢Ö´ÐС£

https://jira.atlassian.com/browse/JRASERVER-70944



> ³ÁÒª°²È«ÊÂÎñ×ÛÊö


1¡¢Unit 42°ä²¼¶ñÒâÈí¼þAcidBoxµÄ·ÖÎö»ã±¨


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://unit42.paloaltonetworks.com/acidbox-rare-malware/


2¡¢ÃÀ¹ú200¶à¸ö´¦Ëù¾¯¾Ö24ÄêÊý¾Ýй¶£¬±»³ÆΪBlueLeaks


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/blueleaks-data-dump-exposes-over-24-years-of-police-records/


3¡¢Ä¦Âå¸çµ±¾Ö»òÔÚÀûÓÃNSO GroupµÄ¼äµýÈí¼þ¼à¶½¸Ã¹ú¼ÇÕß


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://www.cyberscoop.com/nso-group-spyware-amnesty-international-omar-radi-morocco/


4¡¢ºÚ¿ÍʹÓÃGoogle Analyticsƽ̨ÈƹýCSPÇÔÊØÐÅÓþ¿¨ÐÅÏ¢


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/hackers-use-google-analytics-to-steal-credit-cards-bypass-csp/


5¡¢DarkCrewFriends»Ø¹é£¬ÀûÓÃÄÚÈÝÖÎÀíϵͳ¹¹½¨½©Ê¬ÍøÂç


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://threatpost.com/darkcrewfriends-returns-botnet/156963/