AWS CodeBuildÅäÖ÷ì϶Òý·¢¹©¸øÁ´°²È«Î£»ú

°ä²¼¹¦·ò 2026-01-20

1. AWS CodeBuildÅäÖ÷ì϶Òý·¢¹©¸øÁ´°²È«Î£»ú


1ÔÂ15ÈÕ £¬Wiz Research·¢ÏÖ²¢¶¨Ãû¡°CodeBreach¡±·ì϶ £¬½ÒʾAWS CodeBuildÒòÕýÔò±í°×ʽÅäÖÃÃýÎóµ¼ÖÂÑϳÁ°²È«·çÏÕ ¡£¸Ã·ì϶ԴÓÚCodeBuild´¦ÖÃÀ­È¡ÒªÇó´¥·¢Æ÷µÄ°²È«¹ýÂËÆ÷´æÔÚ΢Ó×ȱµã £¬½ö¶ÌȱÁ½¸ö×Ö·û £¬µ¼ÖÂδ¾­Éí·ÝÑéÖ¤µÄ¹¥»÷Õß¿Éͨ¹ýÔ̺¬ÒѺË×¼ID×Ó×Ö·û´®µÄGitHubÓû§IDÈÆ¹ýÏÞ¶È £¬´¥·¢ÌØÈ¨¹¹½¨¹¤×÷ ¡£¹¥»÷Õß½è´Ë½Ó¼û¹¹½¨ÄÚ´æÖеÄGitHubƾ֤ £¬×îÖÕÆëÈ«½ÚÔìÖ÷ÌâAWS GitHub´úÂë¿â £¬Ô̺¬Ö§³ÖAWS½ÚÔį̀µÄJavaScript SDK ¡£·ì϶ӰÏìÁìÓò¿í·º £¬×îÃô¸ÐÖ¸±êΪAWS SDK for JavaScript ¡£¸Ã¿â¿í·ºÓÃÓÚ¿Í»§ÀûÓü°AWS½ÚÔį̀×ÔÉí £¬¾Ý¹À¼Æ66%µÄÔÆ»·¾³Ô̺¬´ËSDK £¬ÏÔÖø·Å´ó¹©¸øÁ´¹¥»÷µÄDZÔÚÓ°Ïì ¡£Wiz×êÑÐÈËԱͨ¹ý×Ô¶¯»¯´´½¨GitHubÀûÓà £¬ÀûÓÃGitHubÓû§ID·ÖÅä·¨¹æ £¬³É¹¦Ô¤²â²¢»ñÈ¡¿ÉÈÆ¹ý¹ýÂËÆ÷µÄID £¬ÑÝʾÁ˶Ôaws/aws-sdk-js-v3´úÂë¿âµÄÊÕÊÜ £¬ÇÔÈ¡ÖÎÀíԱȨÏÞ ¡£´Ë±í £¬ÖÁÉÙÈý¸öÆäËûAWS´úÂë¿â´æÔÚÒ»ÑùÈõµã £¬ÆäÖÐÒ»Àý¹ØÁªAWSÔ±¹¤Ó×ÎÒÕË»§ ¡£


https://www.infosecurity-magazine.com/news/codebuild-flaw-aws-console-risk/


2. Ó¢ÖÒ¸æÇ×¶íºÚ¿ÍDDoS¹¥»÷Íþв¹Ø¼üÉèÊ©°²È«


1ÔÂ19ÈÕ £¬Ó¢¹ú¹ú¶ÈÍøÂ簲ȫÖÐÐÄ£¨NCSC£©½üÈÕ°ä²¼´¹Î£¾¯±¨ £¬Ö¸³öÓë¶íÂÞ˹¹ØÁªµÄºÚ¿Í×éÖ¯Õý³ÖÐø¶ÔÓ¢¹ú¹Ø¼ü»ù´¡ÉèÊ©¼°´¦Ëùµ±¾Ö»ú¹¹·¢Æð·ÛËéÐÔÉ¢²¼Ê½»Ø¾ø·þÎñ£¨DDoS£©¹¥»÷ ¡£´ËÀ๥»÷ͨ¹ýÏòÖ¸±ê·þÎñÆ÷·¢Ëͺ£Á¿ÐéαҪÇóµ¼Ö·þÎṉ̃»¾ £¬Ëä¼¼ÊõÃż÷½ÏµÍ £¬µ«³É¹¦Ö´ÐÐÈÔ¿ÉÄÜÔì³ÉÖ¸±ê»ú¹¹¸ß°ºµÄ¹¦·ò¡¢×ʽð¼°ÔËÓªµ¯ÐÔËðʧ ¡£NCSC³ö¸ñµãÃûÇ×¶íºÚ¿ÍÐж¯Ö÷Òå×éÖ¯NoName057(16) £¬¸Ã×éÖ¯×Ô2022Äê3ÔÂÆð»îÔ¾ £¬ÔËÓªÃûΪDDoSiaµÄ¶à°üƽ̨ £¬Í¨¹ýÕÐļ×ÔÔ¸Õß¹±Ï×ÍÆËã×ÊÔ´Ö´Ðй¥»÷ £¬²Î¼ÓÕ߿ɻñ½ðÇ®¼Î½±»òÉçÇøÈÏ¿É ¡£2025Äê7Ô £¬¹ú¼Ê·¨ÂÉÐж¯¡°ÒÁË¹ÌØÎéµÂÐÔ¶¯¡±Ëä¿ÛÁôÁ½Ãû³ÉÔ±¡¢Ç©·¢°Ë·Ý¿ÛÁôÁî²¢¹Ø¹Ø100̨·þÎñÆ÷ £¬µ«ÒòÖØÒªÔËÓªÕß¾ÝÐÅÒþÄä¶íÂÞ˹¾³ÄÚδ±»¿ÛÁô £¬¸Ã×éÖ¯ÒѳÁ·µ·¸×ï»î¶¯ ¡£NCSCÇ¿µ÷ £¬NoName057(16)µÄ¶¯»ú·Ç¾­¼ÃÀûÒæ £¬¶øÊÇÒâʶ״̬Çý¶¯ £¬ÆäÍþвÕýÑݱäΪӰÏìÔËÓª¼¼Êõ£¨OT£©»·¾³µÄÐÂ״̬ ¡£¸Ã×éÖ¯ÒÔ±±Ô¼³ÉÔ±¹ú¼°Å·ÖÞÆäËû¹ú¶ÈÖзñ¾ö¡°¶íÂÞ˹µØÔµÕþÖÎÒ°ÐÄ¡±µÄ¹«¹²¼°Ë½Óª²¿ÃÅ×é֯Ϊָ±ê £¬×é³É³ÖÐø°²È«ÌôÕ½ ¡£


https://www.bleepingcomputer.com/news/security/uk-govt-warns-about-ongoing-russian-hacktivist-group-attacks/


3. ¶ñÒâ¸æ°×À©´óNexShieldÖÂä¯ÀÀÆ÷ÕæÊµ±ÀÀ£


1ÔÂ19ÈÕ £¬½üÈÕ £¬ÍøÂ簲ȫ×êÑÐÈËÔ±·¢ÏÖһ·ÀûÓÃÐéαChromeºÍEdgeÀ©´óNexShieldÖ´ÐеĶñÒâ¸æ°×¹¥»÷»î¶¯ ¡£¸ÃÀ©´ó¼Ù×°³ÉÓɳÛÃû¸æ°×À¹½ØÆ÷uBlock Origin¿ª·¢ÕßRaymond Hill´´½¨µÄ"¸ß»úÄÜÇáÁ¿¼¶¸æ°×À¹½ØÆ÷" £¬ÏÖʵͨ¹ýÎÞÏÞÑ­»·´´½¨"chrome.runtime"¶Ë¿ÚÏνӺľ¡ÄÚ´æ×ÊÔ´ £¬µ¼ÖÂä¯ÀÀÆ÷±êǩҳ¿¨ËÀ¡¢CPUºÍÄÚ´æÊ¹ÓÃÂÊì­Éý £¬×îÖÕÒý·¢ÕæÊµ±ÀÀ£ ¡£¹¥»÷Õß½«´Ë³ÆÎª"CrashFix"¹¥»÷ £¬ÊôÓÚClickFix¹¥»÷±äÖÖ ¡£¹¥»÷Á÷³ÌÏÔʾ £¬ä¯ÀÀÆ÷±ÀÀ£³ÁÆôºó £¬À©´ó»áµ¯³öÐéαÖÒ¸æÓÕµ¼Óû§Ö´ÐжñÒâºÅÁî ¡£Í¨¹ý¸´ÔìºÅÁîµ½¼ôÌù°å²¢Êèµ¼Óû§Õ³ÌùÖ´ÐÐ £¬¹¥»÷Á´×îÖÕ´¥·¢»ìºÏµÄPowerShell¾ç±¾ÏÂÔØÖ´ÐжñÒâ´úÂë ¡£ÖµÍ×ÌùÐĵÄÊÇ £¬ÓÐÐ§ÔØºÉÔÚ×°Öúó60·ÖÖӲŻáÖ´ÐÐ £¬ÒԴ˶ã±Ü¼ì²â ¡£Õë¶ÔÆóÒµ»·¾³ £¬¹¥»÷Õß²¿ÊðÁË»ùÓÚPythonµÄÐÂÐÍÔ¶³Ì½Ó¼û¹¤¾ßModeloRAT £¬¿ÉÖ´ÐÐϵͳ¿úËÅ¡¢×¢²á±íÅú¸Ä¡¢ÓÐÐ§ÔØºÉ×¢Èë¼°×ÔÎÒ¸üеȲÙ×÷ ¡£¶ÔÓÚ·ÇÆóÒµÖ÷»ú £¬½ÚÔì·þÎñÆ÷½ö·µ»Ø"²âÊÔÓÐÐ§ÔØºÉ!!!!"ÐÂÎÅ £¬ÏÔʾ·ÖÆçÓÅÏȼ¶´¦ÖÃÕ½Êõ ¡£


https://www.bleepingcomputer.com/news/security/fake-ad-blocker-extension-crashes-the-browser-for-clickfix-attacks/


4. ²Æ¸»°ÙÇ¿½ðÈÚÆóÒµÔâPDFSider¶ñÒâÈí¼þ¹¥»÷


1ÔÂ19ÈÕ £¬½üÈÕ £¬ÍøÂ簲ȫ¹«Ë¾ResecurityÔÚÕë¶Ôij²Æ¸»100Ç¿½ðÈÚÆóÒµµÄÀÕË÷Èí¼þÊÂÎñÏìÓ¦ÖÐ £¬·¢ÏÖÒ»ÖÖÃûΪPDFSiderµÄÐÂÐͶñÒâÈí¼þÕý±»ÓÃÓÚͶ·Å¶ñÒâÔØºÉ ¡£¸Ã¶ñÒâÈí¼þͨ¹ýÉç»á¹¤³Ì¼¿Á©Ö´Ðй¥»÷ £¬¹¥»÷Õß¼ÙÒâ¼¼ÊõÖ§³ÖÈËÔ±ÓÕÆ­Ô±¹¤×°ÖÃ΢Èí¼±¾ç¸±ÊÖ¹¤¾ß £¬²¢ÀûÓÃÓã²æÊ½ÍøÂç´¹µöÓʼþ´«²¼ ¡£Óʼþ¸½¼þÔ̺¬ºÏ·¨PDF24 Creator¹¤¾ßÓë¶ñÒâDLLÎļþ £¬Í¨¹ýDLL²à¼ÓÔØ¼¼Êõ £¬ÔںϷ¨¿ÉÖ´ÐÐÎļþÔËÐÐʱ¼ÓÔØ¶ñÒâ´úÂë £¬´Ó¶øÈƹýEDRϵͳ¼ì²â ¡£PDFSider±»ÃèÊöΪӵÓи߼¶³ÖÐøÐÔÍþв£¨APT£©ÌصãµÄÒñ±ÎºóÃÅ £¬Éè¼ÆÓÃÓڳ־ðÂÃØ½Ó¼ûÖ¸±êϵͳ ¡£Æä¼¼ÊõʵÏÖÔ̺¬£ºÀûÓÃPDF24Èí¼þ·ì϶¼ÓÔØ¶ñÒâÈí¼þ£»ÄÚ´æÖм«ÉٵĴÅÅ̺ۼ££»Í¨¹ýÄäÃû¹Ü·ÒÔCMDÆô¶¯ºÅÁʹÓÃBotan 3.0.0¼ÓÃÜ¿âÓëAES-256-GCM¼ÓÃÜC2ͨѶ £¬²¢ÔÚÄÚ´æÖнâÃÜÊý¾ÝÒÔÏ÷¼õÓ°Ï죻ѡȡ¹ØÁªÊý¾ÝÈÏÖ¤¼ÓÃÜ£¨AEAD£©Ä£Ê½±£ÏÕͨѶÆëÈ«ÐÔ£»Í¨¹ýDNS£¨¶Ë¿Ú53£©Ð¹Â¶ÏµÍ³ÐÅÏ¢ÖÁ¹¥»÷ÕßVPS·þÎñÆ÷ ¡£´Ë±í £¬¸Ã¶ñÒâÈí¼þ¾ß±¸·´·ÖÎö»úÔì £¬ÈçRAM´óÓײ鳭ºÍµ÷ÊÔÆ÷¼ì²â £¬¿ÉÔÚɳÏä»·¾³ÖÐ×Ô¶¯Í˳ö ¡£


https://www.bleepingcomputer.com/news/security/new-pdfsider-windows-malware-deployed-on-fortune-100-firms-network/


5. Ó¢Âõ¹ú¼ÊÔâÀÕË÷¹¥»÷ÖÂ4.2ÍòÈËÊý¾Ýй¶


1ÔÂ19ÈÕ £¬È«Çò×î´óB2B¼¼Êõ·ÖÏúÉÌÓ¢Âõ¹ú¼Ê£¨Ingram Micro£©ÓÚ2025Äê7ÔÂ2ÈÕÖÁ3ÈÕÆÚ¼äÔâ·êÑϳÁÀÕË÷Èí¼þ¹¥»÷ £¬µ¼Ö³¬¹ý4.2ÍòÈ˵ÄÃô¸ÐÊý¾Ýй¶ ¡£¸Ã¹«Ë¾Åû¶ £¬¹¥»÷ÕßÇÔÈ¡ÁËÔ̺¬ÐÕÃû¡¢ÁªÏµ·½Ê½¡¢µ®ÉúÈÕÆÚ¡¢Éç±£ºÅÂë¡¢¼ÝÕÕºÅÂë¡¢»¤ÕÕºÅÂë¼°¹¤×÷ÆÀ¹ÀµÈÓ×ÎÒÐÅÏ¢µÄÎļþ £¬²¢²¿ÊðÀÕË÷Èí¼þ¼ÓÃÜϵͳ ¡£Õâ´ÎÊÂÎñµ¼ÖÂÆäÄÚ²¿ÏµÍ³ºÍÍøÕ¾Ì±»¾ £¬Ô±¹¤±»ÆÈÔ¶³Ì°ì¹« £¬ÒµÎñÔËÓªÔâ·ê³Á´ó³å»÷ ¡£SafePayÀÕË÷Èí¼þÍÅ»ïÐû³Æ¶ÔÊÂÎñÕÆ¹Ü £¬²¢½«Ó¢Âõ¹ú¼ÊÁÐÈëÆä°µÍøÐ¹Â¼ûÅ»§ÍøÕ¾ £¬Ðû³ÆÇÔÈ¡ÁË3.5TBÎļþ ¡£Ó¢Âõ¹ú¼ÊÔÚÊý¾Ýй¶֪ͨÐÅÖÐÇ¿µ÷ £¬¹«Ë¾Ñ¸ËÙÆô¶¯µ÷²éÒÔÈ·¶¨ÊÂÎñÐÔÖʺÍÁìÓò £¬µ«ÉÐ佫ÊÂÎñÓëÌØ¶¨Íþв×éÖ¯Ö±½Ó¹ØÁª ¡£È»¶ø £¬¹¥»÷¹¦·òÏßÓëSafePayµÄ×÷°¸Ä£Ê½¸ß¶ÈÎǺÏ £¬ÇÒ¸Ã×éÖ¯ÔÚ2025ÄêÒÑÖð²½³ÉΪ×î»îÔ¾µÄÀÕË÷Èí¼þ×éÖ¯Ö®Ò» £¬Ìí²¹ÁËLockBitºÍBlackCat£¨ALPHV£©³ö³¡ºóµÄÊг¡¿Õȱ ¡£


https://www.bleepingcomputer.com/news/security/ingram-micro-says-ransomware-attack-affected-42-000-people/


6. ÌïÄÉÎ÷ÄÐ×ÓÈëÇÖÁª¹úϵͳй¼ûô¸ÐÐÅÏ¢


1ÔÂ19ÈÕ £¬2023Äê8ÔÂÖÁ10ÔÂÆÚ¼ä £¬ÌïÄÉÎ÷ÖÝ24ËêÄÐ×ÓÄá¹ÅÀ­Ë¹¡¤Ä¦¶ûͨ¹ýÇÔÈ¡µÄƾ֤ £¬ÂŴη¸·¨½Ó¼ûÃÀ¹ú×î¸ß·¨Ôºµç×ӹ鵵ϵͳ¡¢AmeriCorpsÕË»§¼°ÍËÒÛÎäÊ¿ÊÂÎñ²¿ÔÚÏß½¡¿µ¼Í¼ϵͳ ¡£¾ÝÁª¹ú¼ì²ì¹ÙÅû¶ £¬Ä¦¶ûÔÚ×î¸ß·¨ÔºÏµÍ³ÖÐʹÓñ»µÁƾ֤ÖÁÉÙ25´ÎµÇ¼ £¬ÓÐʱµ¥ÈÕÂŴνӼû £¬²¢½ØÈ¡Ô̺¬Êܺ¦ÕßÐÕÃû¡¢ÕË»§ÏêÇéµÈÐÅÏ¢µÄ½çÃæ½ØÍ¼ £¬°ä²¼ÖÁÆäInstagramÕ˺Å@ihackedthegovernment½øÐпäÒ« ¡£ÔÚAmeriCorpsÕË»§ÈëÇÖÊÂÎñÖÐ £¬Ä¦¶ûÆß´Î½Ó¼ûµÚ¶þÃûÊܺ¦ÕßµÄÕË»§ £¬´Ó·þÎñÆ÷»ñÈ¡Ô̺¬ÐÕÃû¡¢µ®ÉúÈÕÆÚ¡¢µç×ÓÓÊÏä¡¢¼Òͥסַ¡¢µç»°ºÅÂë¡¢¹«ÃñÉí·Ý¡¢ÍËÒÛÎäÊ¿Éí·Ý¡¢·þÒÛº¹Ç༰Éç»á±£ÏÕºÅÂëºóËÄλµÈÓ×ÎÒÐÅÏ¢ £¬²¢ÔÚÉ罻ýÌåÉϹ«¿ªÐ¹Â¶ ¡£Õë¶ÔÍËÒÛÎäÊ¿ÊÂÎñ²¿ £¬ËûÎå´ÎʹÓôÓÒ»Ãûˮʦ½ս¶ÓÍËÒÛÎäÊ¿´¦ÇÔÈ¡µÄƾ֤ £¬µÇ¼My HealtheVetÓ×ÎÒ½¡¿µ¼Í¼ÃÅ»§ £¬»ñÈ¡¸ÃÍËÒÛÎäÊ¿µÄ¸öÈ˽¡¿µÐÅÏ¢ £¬Èç´¦·½Ò©Îï¼Í¼¼°ÆäËûÃô¸ÐÒ½ÁÆÊý¾Ý £¬ËæºóͬÑùÔÚInstagramÉϰ䲼ÓйؽØÍ¼²¢Ðû³Æ¡°ÈëÇֳɹ¦¡± ¡£Ä¿Ç° £¬Ä¦¶ûÒÑÈϿɷ¸×ïÊÂʵ £¬°¸¼þ½øÈëÁ¿Ð̽׶Î ¡£


https://www.bleepingcomputer.com/news/security/hacker-admits-to-leaking-stolen-supreme-court-data-on-instagram/