{"id":592,"date":"2020-09-29T11:52:15","date_gmt":"2020-09-29T03:52:15","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=592"},"modified":"2020-09-29T11:55:13","modified_gmt":"2020-09-29T03:55:13","slug":"ryuk%e5%8b%92%e7%b4%a2%e8%bb%9f%e9%ab%94%e5%85%a5%e4%be%b5%e4%b8%8a%e5%b8%82%e9%86%ab%e9%99%a2%e9%9b%86%e5%9c%98universal-health-serviceuhs-%e5%bd%b1%e9%9f%bf%e4%ba%86%e7%b6%b2%e8%b7%af%e7%b3%bb","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=592","title":{"rendered":"Ryuk\u52d2\u7d22\u8edf\u9ad4\u5165\u4fb5\u4e0a\u5e02\u91ab\u9662\u96c6\u5718Universal Health Service(UHS) , \u5f71\u97ff\u4e86\u7db2\u8def\u7cfb\u7d71, \u7db2\u50b3\u5df2\u6709\u56db\u540d\u75c5\u60a3\u9593\u63a5\u53d7\u5f71\u97ff\u800c\u6b7b\u4ea1\u3002"},"content":{"rendered":"\n

UHS\u5728\u7f8e\u570b\u548c\u82f1\u570b\u7d93\u71df\u8457400\u591a\u5bb6\u91ab\u9662\u3002\u81ea\u5468\u65e5\u4ee5\u4f86\uff0c\u4e00\u4e9b\u7f8e\u570b\u91ab\u9662\u7cfb\u7d71\u53d7\u5f71\u97ff\u800c\u65b7\u7db2\u3002UHS\u5de5\u4f5c\u4eba\u54e1\u8868\u793a\uff0c\u7531\u65bc\u96fb\u8166\u7cfb\u7d71\u51fa\u73fe\u6545\u969c\uff0c\u4ed6\u5011\u4e0d\u5f97\u4e0d\u4f7f\u7528\u7b46\u548c\u7d19\u3002<\/p>\n\n\n\n

\u91cd\u9ede:<\/p>\n\n\n\n

*\u7f8e\u570b\u548c\u82f1\u570b\u7684\u4e3b\u8981\u9023\u9396\u91ab\u9662Universal Health Services(UHS)\u8868\u793a\uff0c\u5176\u96fb\u8166\u7db2\u8def\u56e0\u201c\u5b89\u5168\u554f\u984cSecurity issue\u201d\u800c\u65b7\u7db2<\/p>\n\n\n\n

*\u300a\u8ca1\u5bccFortune\u300b500\u5f37\u516c\u53f8\u4e4b\u4e00\uff0cUHS\u64c1\u6709400\u5bb6\u91ab\u9662\u548c\u8a3a\u6240\uff0c\u64c1\u670990,000\u540d\u54e1\u5de5<\/p>\n\n\n\n

*UHS\u8868\u793a\u6b63\u5728\u4f7f\u7528\u5099\u4efd\u4f86\u5617\u8a66\u9084\u539f\u7db2\u8def<\/p>\n\n\n\n

*\u7f8e\u570b\u7684UHS\u91ab\u9662\uff08\u5305\u62ec\u52a0\u5dde\uff0c\u4f5b\u7f85\u91cc\u9054\uff0c\u5fb7\u5dde\uff0c\u4e9e\u5229\u6851\u90a3\u5dde\u548c\u83ef\u76db\u9813\u7279\u5340\u7684\u91ab\u9662\uff09\u7121\u6cd5\u4f7f\u7528\u96fb\u8166\u548c\u96fb\u8a71\u7cfb\u7d71<\/p>\n\n\n\n

*UHS\u8aaa\u4f3c\u4e4e\u6c92\u6709\u60a3\u8005\uff0c\u54e1\u5de5\u6578\u64da\u88ab\u8a2a\u554f\uff0c\u8907\u88fd\u6216\u4ee5\u5176\u4ed6\u65b9\u5f0f\u6d29\u9732<\/p>\n\n\n\n

*\u8a72\u516c\u53f8\u7684\u7db2\u7ad9\u8aaa\uff0cUHS\u6bcf\u5e74\u6cbb\u7642350\u842c\u60a3\u8005<\/p>\n\n\n\n

\"\"
UHS\u7684\u8072\u660e<\/figcaption><\/figure>\n\n\n\n

\u64da\u54e1\u5de5\u548c\u60a3\u8005\u7a31\uff0c\u81ea\u5468\u65e5\u4e0a\u5348\u4ee5\u4f86\uff0cUHS\u91ab\u9662\u4e00\u76f4\u5728\u6c92\u6709\u5167\u90e8IT\u7cfb\u7d71\u7684\u60c5\u6cc1\u4e0b\u904b\u71df\u3002\u7531\u65bcUHS\u5be6\u9a57\u5ba4\u7684\u8a2d\u65bd\u7121\u6cd5\u6b63\u5e38\u904b\u4f5c\uff0c\u4e00\u4e9b\u60a3\u8005\u88ab\u62d2\u4e4b\u9580\u5916\uff0c\u7dca\u6025\u60c5\u6cc1\u7684\u60a3\u8005\u5df2\u8f49\u79fb\u5230\u5176\u4ed6\u91ab\u9662\u3002<\/p>\n\n\n\n

\u4e00\u4f4d\u77e5\u60c5\u4eba\u58eb\u8aaa\uff0c\u96fb\u8166\u87a2\u5e55\u51fa\u73fe\u4e86\u201c\u5f71\u5b50\u5b87\u5b99shadow universe\u201d\u7684\u5b57\u6a23\uff0c\u53e6\u4e00\u540d\u54e1\u5de5\u544a\u8a34\u5916\u5a92BleepingComputer\uff0c\u6a94\u6848\u88ab\u65b0\u91cd\u547d\u540d\u70ba\u5305\u62ec.ryk\u526f\u6a94\u540d\uff0c\u8207Ryuk\u52d2\u7d22\u8edf\u9ad4\u7279\u5fb5\u4e00\u81f4\u3002\u77e5\u60c5\u4eba\u58eb\u4e5f\u8aaa\uff1a\u201c\u6bcf\u500b\u4eba\u90fd\u88ab\u544a\u77e5\u8981\u95dc\u9589\u6240\u6709\u96fb\u8166\uff0c\u4e0d\u8981\u518d\u6b21\u6253\u958b\u5b83\u5011\u3002\u201d\u201c\u6211\u5011\u88ab\u544a\u77e5\u8981\u5e7e\u5929\u5f8c\u624d\u80fd\u518d\u6b21\u555f\u52d5\u96fb\u8166\u3002\u201d<\/p>\n\n\n\n

\u6839\u64da\u8cc7\u5b89\u5c08\u5bb6Vitali Kremez\uff0c\u4ed6\u5011\u57282020\u5e74\u4ee5\u53ca\u6700\u8fd1\u76849\u6708\u90fd\u6aa2\u6e2c\u5230\u6709\u5f71\u97ffUHS Inc.\u7684Emotet\u548cTrickBot\u6728\u99ac\u3002<\/p>\n\n\n\n

\u8a72Emotet\u6728\u99ac\u901a\u904e\u7db2\u8def\u91e3\u9b5a\u5305\u5b89\u88dd\u5728\u53d7\u5bb3\u8005\u7684\u96fb\u8166\u4e0a\u4e26\u96a8\u96fb\u5b50\u90f5\u4ef6\u7684\u60e1\u610f\u9644\u4ef6\u6563\u64ad\u3002\u4e00\u6bb5\u6642\u9593\u5f8c\uff0cEmotet\u9084\u6703\u5b89\u88ddTrickBot\uff0c \u5728\u5f9e\u53d7\u611f\u67d3\u7684\u7db2\u8def\u4e2d\u6536\u96c6\u654f\u611f\u8cc7\u6599\u5f8c\uff0c\u518d\u70baRyuk\u6253\u958breverse shell\u3002\u4e00\u65e6Ryuk\u8a2a\u554f\u7db2\u8def\uff0c\u4ed6\u5011\u4fbf\u6703\u958b\u59cb\u5075\u5bdf\uff0c\u5728\u7372\u5f97\u7ba1\u7406\u54e1\u6191\u8b49\u5f8c\uff0c\u4fbf\u4f7f\u7528PSExec\u6216PowerShell Empire\u5728\u7db2\u8def\u8a2d\u5099\u4e0a\u90e8\u7f72\u52d2\u7d22\u8edf\u9ad4\u7684payloads\u3002<\/p>\n\n\n\n

\u6b64\u8cc7\u5b89\u4e8b\u4ef6\u5f71\u97ff\u4e86UHS\u8a2d\u65bd\u5f8c\uff0c\u9084\u50b3\u51fa\u7b49\u5f85\u5be6\u9a57\u5ba4\u7d50\u679c\u4e2d\u6709\u56db\u540d\u75c5\u4eba\u6b7b\u4ea1\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

\u4e0a\u9031\u5fb7\u570b\u4e00\u540d\u5a66\u5973\u56e0\u52d2\u7d22\u8edf\u9ad4\u653b\u64ca\u800c\u8f49\u79fb\u5230\u53e6\u4e00\u5bb6\u91ab\u9662\u6b7b\u4ea1\u5f8c\uff0c\u5fb7\u570b\u8b66\u65b9\u767c\u8d77\u4e86\u5147\u6bba\u6848\u8abf\u67e5\u3002<\/p>\n\n\n\n

Ryuk\u52d2\u7d22\u8edf\u9ad4\u7684\u76f8\u95dc\u60c5\u8cc7, \u5c31\u5728\u7ae3\u76df\u79d1\u6280\u4ee3\u7406\u7684 AlienVault OTX \u60c5\u8cc7\u5e73\u53f0\u4e0a:<\/p>\n\n\n\n

https:\/\/otx.alienvault.com\/pulse\/5e8369d35fd7d069d77f06ea<\/a><\/p>\n\n\n\n

https:\/\/otx.alienvault.com\/pulse\/5e7cc5274bea708f20593bec<\/a><\/p>\n\n\n\n

\u4f86\u6e90\u53c3\u8003: https:\/\/www.bleepingcomputer.com\/news\/security\/uhs-hospitals-hit-by-reported-country-wide-ryuk-ransomware-attack\/<\/p>\n\n\n\n

https:\/\/www.nbcnews.com\/tech\/security\/cyberattack-hits-major-u-s-hospital-system-n1241254<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

UHS\u5728\u7f8e\u570b\u548c\u82f1\u570b\u7d93\u71df\u8457400\u591a\u5bb6\u91ab\u9662\u3002\u81ea\u5468\u65e5\u4ee5\u4f86\uff0c\u4e00\u4e9b\u7f8e\u570b\u91ab\u9662\u7cfb\u7d71\u53d7\u5f71\u97ff\u800c\u65b7\u7db2\u3002UHS\u5de5\u4f5c\u4eba\u54e1\u8868\u793a\uff0c\u7531\u65bc\u96fb\u8166 READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-592","post","type-post","status-publish","format-standard","hentry","category-6"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=592"}],"version-history":[{"count":4,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/592\/revisions"}],"predecessor-version":[{"id":598,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/592\/revisions\/598"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}