{"id":2781,"date":"2023-08-05T18:12:12","date_gmt":"2023-08-05T10:12:12","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=2781"},"modified":"2023-08-05T18:12:12","modified_gmt":"2023-08-05T10:12:12","slug":"%e7%be%8e%e5%9c%8bfbi%e3%80%81cisa-%e5%92%8c-nsa-%e4%bb%a5%e5%8f%8a%e4%ba%94%e7%9c%bc%e8%81%af%e7%9b%9f%e7%99%bc%e5%b8%83-2022-%e5%b9%b412-%e5%80%8b%e6%9c%80%e5%b8%b8%e8%a2%ab%e9%a7%ad%e5%ae%a2","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=2781","title":{"rendered":"\u7f8e\u570bFBI\u3001CISA \u548c NSA \u4ee5\u53ca\u4e94\u773c\u806f\u76df\u767c\u5e03 2022 \u5e7412 \u500b\u6700\u5e38\u88ab\u99ed\u5ba2\u958b\u63a1\u7684\u6f0f\u6d1e\u6e05\u55ae"},"content":{"rendered":"\n<p>8\u67083\u65e5\uff0c\u7f8e\u570bCISA\u3001NSA \u548c FBI \u8207\u4e94\u773c\u806f\u76df\u7684\u7db2\u8def\u6a5f\u69cb\u5408\u4f5c\uff0c<a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/08\/03\/cisa-nsa-fbi-and-international-partners-release-joint-csa-top-routinely-exploited-vulnerabilities\">\u5171\u540c\u767c\u5e03<\/a>\u4e862022\u5e74\u524d12\u540d\u6700\u5e38\u88ab\u99ed\u5ba2\u958b\u63a1\u7684\u6f0f\u6d1e\u6e05\u55ae\uff0c\u5176\u4e2d\u8a31\u591a\u6f0f\u6d1e\u51fa\u73fe\u5728\u4e0a\u4e00\u5e74\u7684\u6e05\u55ae\u4e2d\uff0c\u9451\u65bc\u9019\u4e9b\u6a5f\u69cb\u5c0d\u91dd\u5c0d\u7f8e\u570b\u3001\u6fb3\u6d32\u3001\u52a0\u62ff\u5927\u3001\u65b0\u897f\u862d\u548c\u82f1\u570b\u7d44\u7e54\u7684\u653b\u64ca\u7684\u6240\u6709\u4e86\u89e3\uff0c\u806f\u5408\u8aee\u8a62\u8b66\u544a\u7a31\uff0c\u653b\u64ca\u8005\u66f4\u559c\u6b61\u820a\u7684\u6f0f\u6d1e\uff0c\u800c\u4e0d\u662f\u65b0\u7684\u6f0f\u6d1e\u3002\u8a72\u6e05\u55ae\u8207\u53bb\u5e74\u767c\u5e03\u7684\u6e05\u55ae\u6c92\u6709\u4ec0\u9ebc\u4e0d\u540c\uff0c\u5305\u62ec\u5e38\u88ab\u99ed\u5ba2\u958b\u63a1\u7684 Log4Shell\uff08\u8ffd\u8e2a\u70ba CVE-2021-44228\uff09\u548c Zoho \u6f0f\u6d1e\uff08CVE -2021- 40539\uff09\u7b49\u3002\u82f1\u570b\u570b\u5bb6\u7db2\u8def\u5b89\u5168\u4e2d\u5fc3 (NCSC) \u8868\u793a\uff0c\u6e05\u55ae\u4e0a\u91cd\u65b0\u51fa\u73fe\u7684\u6f0f\u6d1e\u6578\u91cf\u7a81\u986f\u4e86\uff0c<a>\u653b\u64ca\u8005<\/a>\u6301\u7e8c\u91dd\u5c0d\u5148\u524d\u62ab\u9732\u7684\u9762\u5411\u4e92\u806f\u7db2\u7684\u7cfb\u7d71\u4e2d\u7684\u6f0f\u6d1e\u3002\u53bb\u5e74\u88ab\u958b\u63a1\u6700\u591a\u7684\u982d\u865f\u6f0f\u6d1e\u5be6\u969b\u4e0a\u65e9\u5728 2018 \u5e74\u5c31\u5df2\u62ab\u9732\uff0c\u5404\u5927\u7d44\u7e54\u548c\u4f01\u696d\u5df2\u6709\u56db\u5e74\u7684\u6642\u9593\u4f86\u4fee\u88dc\uff0c\u8a72\u6f0f\u6d1e\u4e26\u4e14\u4e00\u76f4\u662fCISA\uff0cFBI\u548cNCSC\u91cd\u8907\u8b66\u544a\u7684\u6f0f\u6d1e\u70baFortiOS SSL VPN Web\u4e2d\u7684\u8def\u5f91\u6f0f\u6d1e\uff0c\u6b64\u6f0f\u6d1e\u8b93\u653b\u64ca\u8005\u53ef\u4ee5\u900f\u904e\u4e0b\u8f09FortiOS\u7cfb\u7d71\u6a94\u6848\u4f86\u7aca\u53d6VPN\u6191\u64da\u3002\u4e16\u754c\u5404\u5730\u6709\u95dc\u90e8\u9580\u5df2\u7559\u610f\u5230\u9019\u500b\u6f0f\u6d1e\u53ef\u88ab\u5229\u7528\u7684\u60c5\u6cc1\uff0c\u9019\u6f0f\u6d1e\u66f4\u53ef\u5305\u62ec\u4f7f\u7528Fortinet VPN\u8a2d\u5099\u7684\u6a5f\u69cb\u7684VPN\u7db2\u8def\uff0c\u8a72\u6f0f\u6d1e\u7de8\u865f\u70baCVE-2018-13379\uff0c\u9577\u671f\u4ee5\u4f86\uff0c\u9019\u662f\u4e00\u500b\u773e\u6240\u5468\u77e5\u7684\u6f0f\u6d1e\uff0c\u897f\u65b9\u7576\u5c40\u8b66\u544a\u7a31\uff0c\u8a72\u6f0f\u6d1e\u88ab\u8207\u4fc4\u7f85\u65af SVR \u5916\u570b\u60c5\u5831\u670d\u52d9\u6a5f\u69cb\u6709\u95dc\u806f\u7684\u99ed\u5ba2\u7d44\u7e54 APT29 \u4ee5\u53ca\u5176\u4ed6\u60e1\u610f\u7d44\u7e54\u6240\u5229\u7528\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"770\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-3-1024x770.png\" alt=\"\" class=\"wp-image-2782\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-3-1024x770.png 1024w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-3-300x226.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-3-768x577.png 768w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-3.png 1390w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>\u6700\u5e38\u88ab\u99ed\u5ba2\u958b\u63a1\u7684\u6f0f\u6d1e\u6e05\u55ae\u4e2d\u7684\u7b2c2, 3\u548c4\u540d\u662fMicrosoft Exchange \u4f3a\u670d\u5668\u7684\u4e00\u7cfb\u5217\u6f0f\u6d1e\uff0c\u901a\u5e38\u7a31\u70baProxyShell\uff08\u6f0f\u6d1e\u7de8\u865f\u70ba CVE-2021-34473\u3001CVE-2021-31207\u3001CVE-2021-34523\uff09\uff0c\u5206\u5c6c\u9060\u7aef\u7a0b\u5f0f\u653b\u64ca\u6f0f\u6d1e\u3001\u6b0a\u9650\u64f4\u5f35\u6f0f\u6d1e\u8207\u5b89\u5168\u529f\u80fd\u7e5e\u904e\u6f0f\u6d1e\uff0c\u5f71\u97ffMicrosoft Exchange Server 2013\u30012016\u82072019\u3002\u5fae\u8edf\u5df2\u5728\u4eca\u5e744\u30015\u6708\u4fee\u88dc\uff0c\u9019\u4e9b\u6f0f\u6d1e\u65bc2021\u5e74\u767c\u73fe\u3002<\/p>\n\n\n\n<p>NCSC \u8868\u793a\uff1a\u201c\u653b\u64ca\u8005\u901a\u5e38\u6703\u5728\u516c\u958b\u62ab\u9732\u7684\u982d\u5169\u5e74\u5167\u5229\u7528\u5df2\u77e5\u6f0f\u6d1e\u53d6\u5f97\u6700\u5927\u6210\u529f\uff0c\u4e26\u53ef\u80fd\u5c07\u5176\u5229\u7528\u76ee\u6a19\u6700\u5927\u5316\uff0c\u5f9e\u800c\u5f37\u8abf\u7d44\u7e54\u53ca\u6642\u61c9\u7528\u5b89\u5168\u66f4\u65b0\u7684\u597d\u8655\u3002\u201d<\/p>\n\n\n\n<p>\u5118\u7ba1\u622a\u81f3 2022 \u5e74\u5e95\uff0c\u901a\u7528\u6f0f\u6d1e\u63ed\u9732(CVE)\u8a08\u756b\u767c\u5e03\u4e86\u8d85\u904e 25,000 \u500b\u65b0\u5b89\u5168\u6f0f\u6d1e\uff0c\u4ee5\u4e0b\u662f\u53bb\u5e74\u524d12\u500b\u6700\u5bb9\u6613\u88ab\u5229\u7528\u7684\u5b89\u5168\u6f0f\u6d1e:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"466\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-4-1024x466.png\" alt=\"\" class=\"wp-image-2783\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-4-1024x466.png 1024w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-4-300x137.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-4-768x349.png 768w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/08\/image-4.png 1189w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>\u9019\u500b\u6f0f\u6d1e\u6e05\u55ae\u63d0\u4f9b\u4e86\u5c0d\u7db2<a>\u8def<\/a>\u72af\u7f6a\u6d3b\u52d5\u80cc\u5f8c\u7b56\u7565\u7684\u6df1\u5165\u4e86\u89e3\uff0c\u65b0\u897f\u862d\u570b\u5bb6\u7db2\u8def\u5b89\u5168\u4e2d\u5fc3\u526f\u4e3b\u4efb Lisa Fong \u8868\u793a\uff0c\u9019\u4e00\u5efa\u8b70\u5f37\u5316\u4e86\u7db2\u8def\u5b89\u5168\u7684\u4e00\u500b\u57fa\u672c\u65b9\u9762\uff0c\u60e1\u610f\u884c\u70ba\u8005\u7e7c\u7e8c\u4e00\u904d\u53c8\u4e00\u904d\u5730\u4f7f\u7528\u76f8\u540c\u7684\u6280\u8853\u53d6\u5f97\u6210\u529f\uff0c\u901a\u904e\u4e86\u89e3\u60a8\u7684\u8cc7\u7522\u4e26\u5728\u4fee\u88dc\u53ef\u7528\u6642\u5feb\u901f\u61c9\u7528\u4fee\u88dc\u3002\u5f37\u8abf\u505a\u597d\u57fa\u672c\u9762\u7684\u91cd\u8981\u6027\u3002Fong\u9032\u4e00\u6b65\u8aaa\uff0c\u7531\u65bc\u653b\u64ca\u8005\u901a\u5e38\u5728\u6f0f\u6d1e\u516c\u958b\u62ab\u9732\u5f8c\u7684\u982d\u5169\u5e74\u5167\u7372\u5f97\u6700\u5927\u7684\u5229\u7528\u6210\u529f\uff0c\u53ca\u6642\u4fee\u88dc\u6703\u964d\u4f4e\u5df2\u77e5\u3001\u53ef\u5229\u7528\u6f0f\u6d1e\u7684\u6709\u6548\u6027\uff0c\u53ef\u964d\u4f4e\u60e1\u610f\u7db2\u8def\u884c\u70ba\u8005\u7684\u884c\u52d5\u901f\u5ea6\uff0c\u4e26\u8feb\u4f7f\u653b\u64ca\u8005\u5c0b\u6c42\u6210\u672c\u66f4\u9ad8\u3001\u66f4\u8017\u6642\u7684\u65b9\u6cd5\uff08\u4f8b\u5982\u958b\u767c\u96f6\u65e5\u6f0f\u6d1e\u6216\u9032\u884c\u8edf\u9ad4\u4f9b\u61c9\u93c8\u64cd\u4f5c\uff09<\/p>\n\n\n\n<p>\u8a72\u806f\u5408\u8aee\u8a62\u9084\u5305\u62ec 2022 \u5e74\u53e6\u5916 30 \u500b\u7d93\u5e38\u88ab\u5229\u7528\u7684\u6f0f\u6d1e\uff0c\u6b64\u5916\u8a72\u8aee\u8a62\u9084\u70ba\u4f9b\u61c9\u5546\u548c\u958b\u767c\u4eba\u54e1\u63d0\u4f9b\u4e86\u7de9\u89e3\u63aa\u65bd\u3002<\/p>\n\n\n\n<p>\u4e86\u89e3\u66f4\u591a\uff0c\u6709\u95dc\u8a72\u8aee\u8a62:<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-215a\">https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-215a<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>8\u67083\u65e5\uff0c\u7f8e\u570bCISA\u3001NSA \u548c FBI \u8207\u4e94\u773c\u806f\u76df\u7684\u7db2\u8def\u6a5f\u69cb\u5408\u4f5c\uff0c\u5171\u540c\u767c\u5e03\u4e862022\u5e74\u524d12\u540d\u6700\u5e38\u88ab\u99ed\u5ba2\u958b <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=2781\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-2781","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2781","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2781"}],"version-history":[{"count":1,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2781\/revisions"}],"predecessor-version":[{"id":2784,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2781\/revisions\/2784"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}