ÐÅÏ¢Äþ¾²Öܱ¨-2020ÄêµÚ26ÖÜ

Ðû²¼Ê±¼ä 2020-06-29

> ±¾ÖÜÄþ¾²Ì¬ÊÆ×ÛÊö


2020Äê06ÔÂ22ÈÕÖÁ06ÔÂ28ÈÕ¹²ÊÕ¼Äþ¾²Â©¶´56¸ö£¬ÖµµÃ¹Ø×¢µÄÊÇApache Dubbo hessianÔ¶³Ì´úÂëÖ´ÐЩ¶´; ÓÃÓÑNC·´ÐòÁл¯Ô¶³Ì´úÂëÖ´ÐЩ¶´£»Apache ShiroÉí·ÝÑéÖ¤Èƹý©¶´£»Apache Tomcat HTTP/2ÇëÇó¾Ü¾ø·þÎñ©¶´£»Atlassian JIRA Server and Data Center·þÎñÆ÷¶ËÄ£°å´úÂë×¢È멶´¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂçÄþ¾²Ê¼þÊÇUnit 42Ðû²¼¶ñÒâÈí¼þAcidBoxµÄ·ÖÎö³ÂËߣ»ÃÀ¹ú200¶à¸öµØ·½¾¯¾Ö24ÄêÊý¾Ýй¶£¬±»³ÆΪBlueLeaks£»Ä¦Âå¸çÕþ¸®»òÔÚÀûÓÃNSO GroupµÄ¼äµýÈí¼þ¼àÊӸùú¼ÇÕߣ»ºÚ¿ÍʹÓÃGoogle Analyticsƽ̨ÈƹýCSPÇÔÈ¡ÐÅÓÿ¨ÐÅÏ¢£»DarkCrewFriends»Ø¹é£¬ÀûÓÃÄÚÈݹÜÀíϵͳ¹¹½¨½©Ê¬ÍøÂç¡£


ƾ¾ÝÒÔÉÏ×ÛÊö£¬±¾ÖÜÄþ¾²ÍþвΪÖС£



>ÖØÒªÄþ¾²Â©¶´Áбí


1.Apache Dubbo hessianÔ¶³Ì´úÂëÖ´ÐЩ¶´


Apache Dubbo hessian´æÔÚ·´ÐòÁл¯Â©¶´£¬ÔÊÐíÔ¶³Ì¹¥»÷Õß¿ÉÒÔÀûÓ鶴Ìá½»ÌØÊâµÄÇëÇ󣬿ÉÒÔÓ¦Ó÷¨Ê½ÉÏÏÂÎÄÖ´ÐÐÈÎÒâ´úÂë¡£

https://github.com/apache/dubbo/releases/tag/dubbo-2.7.7


2. ÓÃÓÑNC·´ÐòÁл¯Ô¶³Ì´úÂëÖ´ÐЩ¶´


ÓÃÓÑNC´æÔÚ·´ÐòÁл¯Â©¶´£¬ÔÊÐíÔ¶³Ì¹¥»÷Õß¿ÉÒÔÀûÓ鶴Ìá½»ÌØÊâµÄÇëÇ󣬿ÉÒÔÓ¦Ó÷¨Ê½ÉÏÏÂÎÄÖ´ÐÐÈÎÒâ´úÂë¡£

https://www.yonyoucloud.com/


3. Apache ShiroÉí·ÝÑéÖ¤Èƹý©¶´


ʹÓÃSpring dynamic controllerµÄApache Shiro´æÔÚÄþ¾²Â©¶´£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ鶴Ìá½»ÌØÊâµÄÇëÇ󣬿ÉÈƹýÉí·ÝÑé֤δÊÚȨ·ÃÎÊ¡£

https://access.redhat.com/security/cve/cve-2020-11989


4. Apache Tomcat HTTP/2ÇëÇó¾Ü¾ø·þÎñ©¶´


ApacheTomcat´¦ÖÃHTTP/2ÇëÇó´æÔÚÄþ¾²Â©¶´£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ鶴Ìá½»ÌØÊâµÄÇëÇ󣬿Éʹ·þÎñ·¨Ê½Í߽⣬Ôì³É¾Ü¾ø·þÎñ¹¥»÷¡£

https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E


5. Atlassian JIRA Server and Data Center·þÎñÆ÷¶ËÄ£°å´úÂë×¢È멶´


Atlassian JIRA Server and Data Center´¦Ö÷þÎñÆ÷¶ËÄ£°å´æÔÚÄþ¾²Â©¶´£¬ÔÊÐíÔ¶³Ì¹¥»÷Õß¿ÉÒÔÀûÓ鶴Ìá½»ÌØÊâµÄÇëÇ󣬿É×¢ÈëÈÎÒâ´úÂë²¢Ö´ÐС£

https://jira.atlassian.com/browse/JRASERVER-70944



> ÖØÒªÄþ¾²Ê¼þ×ÛÊö


1¡¢Unit 42Ðû²¼¶ñÒâÈí¼þAcidBoxµÄ·ÖÎö³ÂËß


¶«É­¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://unit42.paloaltonetworks.com/acidbox-rare-malware/


2¡¢ÃÀ¹ú200¶à¸öµØ·½¾¯¾Ö24ÄêÊý¾Ýй¶£¬±»³ÆΪBlueLeaks


¶«É­¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/blueleaks-data-dump-exposes-over-24-years-of-police-records/


3¡¢Ä¦Âå¸çÕþ¸®»òÔÚÀûÓÃNSO GroupµÄ¼äµýÈí¼þ¼àÊӸùú¼ÇÕß


¶«É­¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://www.cyberscoop.com/nso-group-spyware-amnesty-international-omar-radi-morocco/


4¡¢ºÚ¿ÍʹÓÃGoogle Analyticsƽ̨ÈƹýCSPÇÔÈ¡ÐÅÓÿ¨ÐÅÏ¢


¶«É­¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/hackers-use-google-analytics-to-steal-credit-cards-bypass-csp/


5¡¢DarkCrewFriends»Ø¹é£¬ÀûÓÃÄÚÈݹÜÀíϵͳ¹¹½¨½©Ê¬ÍøÂç


¶«É­¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


Ô­ÎÄÁ´½Ó£º

https://threatpost.com/darkcrewfriends-returns-botnet/156963/