{"id":3281,"date":"2024-08-21T17:17:37","date_gmt":"2024-08-21T09:17:37","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=3281"},"modified":"2024-08-21T17:35:26","modified_gmt":"2024-08-21T09:35:26","slug":"toyota%e8%b1%90%e7%94%b0%e6%b1%bd%e8%bb%8a%e5%8f%8acannondesign%e8%a2%ab%e9%a7%ad%e8%b3%87%e6%96%99%e9%81%ad%e5%88%b0%e5%a4%96%e6%b4%a9","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=3281","title":{"rendered":"Toyota\u8c50\u7530\u6c7d\u8eca\u53caCannonDesign\u88ab\u99ed\u8cc7\u6599\u906d\u5230\u5916\u6d29"},"content":{"rendered":"\n<p><strong>&nbsp;<\/strong>Toyota\u8c50\u7530\u6c7d\u8eca\u906d\u5230\u52d2\u7d22\u8edf\u9ad4\u96c6\u5718\u99ed\u5165\uff0c\u5171\u8a08240GB\u8cc7\u6599\u5916\u6d29<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"709\" height=\"456\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2024\/08\/Data-breach-Main-image.jpg\" alt=\"\" class=\"wp-image-3282\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2024\/08\/Data-breach-Main-image.jpg 709w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2024\/08\/Data-breach-Main-image-300x193.jpg 300w\" sizes=\"auto, (max-width: 709px) 100vw, 709px\" \/><figcaption class=\"wp-element-caption\">   Photo Credit: StealthLabs<\/figcaption><\/figure>\n\n\n\n<p>\u65e5\u524dToyota\u8c50\u7530\u6c7d\u8eca\u8b49\u5be6\uff0c\u4ed6\u5011\u7684\u5ba2\u6236\u8cc7\u6599\u906d\u5230\u6d29\u9732\u3002\u4e00\u540d\u7db2\u8def\u653b\u64ca\u8005\u5728\u99ed\u5ba2\u8ad6\u58c7\u4e0a\u6d29\u9732\u4e86\u4ed6\u5011\u5f9e\u8c50\u7530\u7684IT\u7cfb\u7d71\u4e2d\u7aca\u53d6\u7684 240GB \u6a94\u6848\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>\u91dd\u5c0d\u9019\u8d77\u4e8b\u4ef6\uff0c\u8c50\u7530\u56de\u61c9\u9053\uff1a\u300c\u6211\u5011\u5df2\u7d93\u4e86\u89e3\u4e8b\u4ef6\u72c0\u6cc1\u3002\u6b64\u6b21\u4e8b\u4ef6\u7684\u7bc4\u570d\u662f\u5c40\u90e8\u6027\u7684\uff0c\u4e26\u6c92\u6709\u64f4\u53ca\u6574\u500bIT\u7cfb\u7d71\u3002\u300d<\/p>\n\n\n\n<p>\u8c50\u7530\u88dc\u5145\u8aaa\uff0c\u300c\u4ed6\u5011\u6b63\u5728\u806f\u7e6b\u53d7\u5230\u5f71\u97ff\u7684\u5ba2\u6236\u53ca\u4eba\u54e1\uff0c\u4e26\u5728\u9700\u8981\u6642\u63d0\u4f9b\u5354\u52a9\u3002\u300d\u76ee\u524d\u5c1a\u672a\u63d0\u4f9b\u6709\u95dc\u4f55\u6642\u767c\u73fe\u88ab\u5165\u4fb5\u3001\u653b\u64ca\u8005\u5982\u4f55\u7372\u5f97\u5b58\u53d6\u6b0a\u9650\u4ee5\u53ca\u6709\u591a\u5c11\u4eba\u7684\u8cc7\u6599\u88ab\u66b4\u9732\u7b49\u8cc7\u8a0a\u3002<\/p>\n\n\n\n<p>\u653b\u64ca\u53c3\u8207\u8005 ZeroSevenGroup \u8072\u7a31\u5df2\u5165\u4fb5\u8c50\u7530\u7f8e\u570b\u5206\u516c\u53f8\uff0c\u4e26\u7aca\u53d6\u4e86 240GB \u7684\u6a94\u6848\u8cc7\u6599\uff0c\u5167\u5bb9\u6db5\u84cb\u5305\u62ec\u806f\u7d61\u4eba\u3001\u8ca1\u52d9\u3001\u5ba2\u6236\u8cc7\u6599\u3001\u8a08\u756b\u65b9\u6848\u3001\u54e1\u5de5\u8cc7\u6599\u3001\u7167\u7247\u3001\u8cc7\u6599\u5eab\u3001\u7db2\u8def\u57fa\u790e\u8a2d\u65bd\u3001\u96fb\u5b50\u90f5\u4ef6\u548c\u5927\u91cf\u5176\u4ed6\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>\u4ed6\u5011\u8072\u7a31\u5df2\u7d93\u4f7f\u7528\u958b\u6e90 ADRecon \u5de5\u5177\u6536\u96c6\u4e86\u7db2\u8def\u57fa\u790e\u8a2d\u65bd\u8cc7\u8a0a\uff0c\u5305\u542b\u6191\u8b49\uff0c\u9019\u985e\u5de5\u5177\u53ef\u4ee5\u5e6b\u52a9\u65bc\u5f9e Active Directory \u74b0\u5883\u4e2d\u63d0\u53d6\u5927\u91cf\u8cc7\u8a0a\u3002<\/p>\n\n\n\n<p>\u8c50\u7530\u4e26\u672a\u900f\u9732\u8cc7\u6599\u906d\u6d29\u7684\u78ba\u5207\u65e5\u671f\uff0c\u6839\u64da\u5831\u5c0e\u767c\u73fe\u9019\u4e9b\u6a94\u6848\u88ab\u7aca\u6700\u65e9\u53ef\u4ee5\u8ffd\u6eaf\u5230 2022 \u5e74 12 \u6708 25 \u65e5\u3002\u5728\u9019\u500b\u6642\u9593\u9ede\uff0c\u653b\u64ca\u8005\u4fb5\u5165\u5099\u5206\u4f3a\u670d\u5668\uff0c\u9032\u800c\u53d6\u5f97\u5132\u5b58\u65bc\u6b64\u7684\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>2023 \u5e74 12 \u6708\uff0c\u8c50\u7530\u91d1\u878d\u670d\u52d9\u516c\u53f8 (Toyota Financial Services) <a href=\"https:\/\/securityaffairs.com\/155652\/data-breach\/toyota-financial-services-data-breach.html\">\u901a\u77e5<\/a>\u5ba2\u6236\uff0c\u516c\u53f8\u906d\u9047\u4e86\u8cc7\u6599\u5916\u4e8b\u4ef6\uff0c<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/toyota-warns-customers-of-data-breach-exposing-personal-financial-info\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u654f\u611f\u6027\u7684\u500b\u4eba\u8cc7\u6599\u53ca\u8ca1\u52d9\u8cc7\u6599\u56e0<\/a><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/toyota-confirms-breach-after-medusa-ransomware-threatens-to-leak-data\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u52d2\u7d22\u8edf\u9ad4\u653b\u64ca<\/a>\u800c\u6d29\u9732\uff0c\u9019\u8d77\u653b\u64ca\u4e8b\u4ef6\u7684\u5f71\u97ff\u7bc4\u570d\u6ce2\u53ca\u8c50\u7530\u7684\u6b50\u6d32\u548c\u975e\u6d32\u5206\u516c\u53f8\u3002<\/p>\n\n\n\n<p>2023 \u5e74 11 \u6708 17 \u65e5\uff0cMedusa \u52d2\u7d22\u8edf\u9ad4\u96c6\u5718&nbsp;<a href=\"https:\/\/securityaffairs.com\/154319\/data-breach\/toyota-financial-services-medusa-ransomware.html\"><strong>\u8072\u7a31<\/strong><\/a>&nbsp;\u53c3\u8207\u4e86\u9019\u8d77\u653b\u64ca\uff0c\u4e26\u4e14\u5a01\u8105\u8c50\u7530\u5982\u679c\u4e0d\u652f\u4ed8\u8d16\u91d1\uff0c\u5c31\u6703\u6d29\u9732\u88ab\u99ed\u7684\u8cc7\u6599\u3002<\/p>\n\n\n\n<p><strong>CannonDesign<\/strong><strong>\u8cc7\u6599\u5916\u6d29<\/strong><\/p>\n\n\n\n<p>Cannon Corporation (\u4f73\u80fd\u96c6\u5718) \u65d7\u4e0bCannonDesign \u6b63\u5411 13,000 \u591a\u540d\u5ba2\u6236\u767c\u9001\u8cc7\u6599\u5916\u6d29\u901a\u77e5\uff0c\u544a\u77e5\u5ba2\u6236\u5728 2023 \u5e74\u521d\u7684\u4e00\u6b21\u653b\u64ca\u4e8b\u4ef6\u4e2d\u99ed\u5ba2\u5165\u4fb5\u4e86\u516c\u53f8\u7db2\u8def\u4e26\u7aca\u53d6\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>CannonDesign \u662f\u4e00\u5bb6\u7e3d\u90e8\u4f4d\u65bc\u7f8e\u570b\u7d10\u7d04\u5dde\uff0c\u5c62\u7372\u6b8a\u69ae\u7684\u5efa\u7bc9\u3001\u5de5\u7a0b\u548c\u9867\u554f\u516c\u53f8\uff0c\u5728\u5b78\u8853\u6027\u5efa\u7bc9\u3001\u91ab\u9662\u548c\u9ad4\u80b2\u5834\u9928\u7b49\u9805\u76ee\u4e0a\u7684\u5353\u8d8a\u8868\u73fe\u800c\u53d7\u5230\u696d\u754c\u8a8d\u53ef\u3002<\/p>\n\n\n\n<p>CannonDesign \u958b\u59cb\u5411\u53d7\u5f71\u97ff\u7684\u500b\u4eba\u767c\u9001\u901a\u77e5\u4fe1\uff0c\u4fe1\u4e2d\u901a\u5831\u4e86 2023 \u5e74 1 \u6708 19 \u65e5\u81f3 25 \u65e5\u9019\u6bb5\u671f\u9593\u767c\u751f\u7684\u8cc7\u5b89\u4e8b\u4ef6\uff0c\u8a72\u4e8b\u4ef6\u6d89\u53ca\u672a\u7d93\u6388\u6b0a\u7684\u7db2\u8def\u5b58\u53d6\u548c\u8cc7\u6599\u5916\u6d29\u3002<\/p>\n\n\n\n<p>\u6839\u64da\u8abf\u67e5\u986f\u793a\uff0c\u9019\u5834\u653b\u64ca\u80cc\u5f8c\u7684\u57f7\u884c\u8005\u53ef\u80fd\u53d6\u5f97\u4e86\u59d3\u540d\u3001\u5730\u5740\u3001\u793e\u6703\u5b89\u5168\u865f\u78bc (SSNs) \u548c\u99d5\u7167\u865f\u78bc\u7b49\u8cc7\u8a0a\u3002<\/p>\n\n\n\n<p>2023 \u5e74 2 \u6708 2 \u65e5\uff0cAvos Locker \u52d2\u7d22\u8edf\u9ad4\u96c6\u5718\u5ba3\u7a31\u4ed6\u5011\u5165\u4fb5\u4e86 CannonDesign \u7684\u7cfb\u7d71\uff0c\u4e26\u4e14\u6301\u6709 5.7 TB \u7684\u88ab\u99ed\u8cc7\u6599\uff0c\u5176\u4e2d\u5305\u62ec\u516c\u53f8\u548c\u5ba2\u6236\u76f8\u95dc\u6a94\u6848\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>\u5728\u52d2\u7d22\u8edf\u9ad4\u96c6\u5718\u7d22\u8981\u8d16\u91d1\u7684\u8a08\u756b\u53ef\u80fd\u5931\u6557\u5f8c\uff0c\u4ed6\u5011\u5c07\u76dc\u53d6\u8cc7\u6599\u8f49\u5230 Dunghill Leaks\u7db2\u7ad9\uff0c\u8a72\u7db2\u7ad9\u65bc 2023 \u5e74 9 \u6708 26 \u65e5\u516c\u4f48\u4e86\u5f9e CannonDesign \u7aca\u53d6\u7684 2TB \u8cc7\u6599\u3002\u9019\u4e9b\u8cc7\u6599\u5305\u62ec\u8cc7\u6599\u5eab\u8f49\u5132 (database dumps)\u3001\u5c08\u6848\u5716\u8868\u3001\u8058\u50f1\u6587\u4ef6\u3001\u5ba2\u6236\u8a73\u7d30\u8cc7\u8a0a\u3001\u884c\u92b7\u8cc7\u6599\u3001IT\u548c\u57fa\u790e\u8a2d\u65bd\u8a73\u7d30\u8cc7\u8a0a\u4ee5\u53ca\u54c1\u8cea\u4fdd\u8b49\u5831\u544a\u7b49\u3002<\/p>\n\n\n\n<p>Dunghill Leaks\u662f&nbsp;<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/building-automation-giant-johnson-controls-hit-by-ransomware-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">Dark Angels\u52d2\u7d22\u8edf\u9ad4\u7d44\u7e54<\/a>\u65bc 2023 \u5e74 4 \u6708\u63a8\u51fa\u7684\u8cc7\u6599\u5916\u6d29\u7db2\u7ad9\uff0c\u7528\u65bc\u8feb\u4f7f\u53d7\u5bb3\u8005\u652f\u4ed8\u52d2\u7d22\u8edf\u9ad4\u96c6\u5718\u8981\u6c42\u7684\u8d16\u91d1\u3002<\/p>\n\n\n\n<p>\u653b\u64ca\u8c50\u7530\u7684\u52d2\u7d22\u8edf\u9ad4Medusa\u7684\u90e8\u5206\u7684\u5165\u4fb5\u6307\u6a19\uff08IOCs\uff09:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>a57f84e3848ab36fd59c94d32284a41e<\/td><\/tr><tr><td>e4b7fdabef67a0550877e6439beb093d<\/td><\/tr><tr><td>042ce9ab1afe035e0924753f076fcb20de0d1a1d<\/td><\/tr><tr><td>0823d067541de16325e5454a91b57262365a0705<\/td><\/tr><tr><td>4d5992de4601c4306885c71b0ba197184bb69221<\/td><\/tr><tr><td>78daa8b99d2fa422926465f36e13f31587b9e142<\/td><\/tr><tr><td>db5e29c0729486ba3833426093652451c5fca9b5<\/td><\/tr><tr><td>ee4575cf9818636781677d63236d3dc65652deab<\/td><\/tr><tr><td>3e19d1653c08206c55e1f835bd890b067b652b99a7b38bad4d78ad7490c6a0f8<\/td><\/tr><tr><td>4d4df87cf8d8551d836f67fbde4337863bac3ff6b5cb324675054ea023b12ab6<\/td><\/tr><\/tbody><\/table><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp;Toyota\u8c50\u7530\u6c7d\u8eca\u906d\u5230\u52d2\u7d22\u8edf\u9ad4\u96c6\u5718\u99ed\u5165\uff0c\u5171\u8a08240GB\u8cc7\u6599\u5916\u6d29 \u65e5\u524dToyota\u8c50\u7530\u6c7d\u8eca\u8b49\u5be6\uff0c\u4ed6 <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=3281\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[183,174,213],"class_list":["post-3281","post","type-post","status-publish","format-standard","hentry","category-6","tag-iocs","tag-news","tag-ransomware"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3281","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3281"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3281\/revisions"}],"predecessor-version":[{"id":3284,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3281\/revisions\/3284"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3281"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3281"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3281"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}