{"id":24742,"date":"2022-10-31T11:46:27","date_gmt":"2022-10-31T03:46:27","guid":{"rendered":"https:\/\/hongtronics.com\/?p=24742"},"modified":"2024-07-29T10:48:47","modified_gmt":"2024-07-29T02:48:47","slug":"hacker-advanced-persistent-threat","status":"publish","type":"post","link":"https:\/\/hongtronics.com\/en\/hacker-advanced-persistent-threat\/","title":{"rendered":"Endpoint Threat Defense - Why Advanced Persistent Threats (APTs) are Winning! How to stop it with Zero Trust?"},"content":{"rendered":"

\u8b49\u64da\u6e05\u695a\u5730\u8868\u660e\uff0c\u5118\u7ba1\u7db2\u8def\u5b89\u5168\u6295\u8cc7\u5728\u4e0d\u65b7\u64f4\u5927\uff0c\u4f46\u8907\u96dc\u7684\u7db2\u8def\u5a01\u8105\u8d8a\u4f86\u8d8a\u5f37\u5927\uff0c\u4e14\u5b83\u5011\u8d8a\u4f86\u8d8a\u6210\u529f\u3002UBER\u548cAPPLE\u7b49\u5bb6\u55bb\u6236\u66c9\u7684\u54c1\u724c\uff0c\u6b96\u6c11\u5730\u7ba1\u9053\u7b49\u57fa\u672c\u670d\u52d9\u63d0\u4f9b\u5546\uff0c\u751a\u81f3\u6574\u500b\u6c11\u65cf\u570b\u5bb6\u90fd\u6210\u70ba\u7db2\u8def\u653b\u64ca\u7684\u53d7\u5bb3\u8005\uff0c\u9019\u4e9b\u653b\u64ca\u9003\u907f\u4e86\u540c\u985e\u6700\u597d\u7684\u63a7\u5236\u3002\u9664\u4e86\u982d\u689d\u65b0\u805e\uff0c\u8972\u64ca\u4e8b\u4ef6\u4e5f\u5728\u87ba\u65cb\u5f0f\u4e0a\u5347\u3002\u6bcf\u5206\u9418\u4e0d\u6b62\u4e00\u6b21\uff0c\u624d\u83ef\u6a6b\u6ea2\u3001\u8cc7\u91d1\u5145\u88d5\u7684\u5b89\u5168\u5718\u968a\u5728\u7406\u61c9\u5148\u9032\u7684\u5a01\u8105\u9632\u79a6\u7cfb\u7d71\u88ab\u653b\u7834\u5f8c\uff0c\u53ea\u80fd\u6536\u62fe\u6b98\u5c40\u3002<\/p>

\u5c07\u7576\u4eca\u7684\u7db2\u8def\u653b\u64ca\u806f\u7e6b\u5728\u4e00\u8d77\u7684\u4e00\u500b\u5171\u540c\u7dda\u7d22\u662f\uff0c\u5b83\u5011\u5177\u6709\u4ee4\u4eba\u96e3\u4ee5\u7f6e\u4fe1\u7684\u7834\u58de\u6027<\/strong>\u3002\u73fe\u5728\uff0c\u5a01\u8105\u5728\u53d7\u5bb3\u8005\u7db2\u8def\u4e2d\u5f98\u5f8a\u7684\u6642\u9593\u6bd4\u4ee5\u5f80\u4efb\u4f55\u6642\u5019\u90fd\u8981\u9577\u30022020\u81f32021\u5e74\u9593\uff0c\u653b\u64ca\u8005\u505c\u7559\u6642\u9593\u589e\u52a0\u4e8636%\u3002\u800c\u4e14\u7206\u70b8\u534a\u5f91\u6bd4\u904e\u53bb\u5927\u5f97\u591a\u3002<\/strong><\/p>

\u56e0\u6b64\uff0c\u5236\u5b9a\u6709\u6548\u7684\u6230\u7565\u4f86\u963b\u6b62\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u5f9e\u672a\u50cf\u73fe\u5728\u9019\u6a23\u91cd\u8981\u3002<\/strong><\/p><\/blockquote>\n\n\n\n

\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u7684\u5de5\u4f5c\u539f\u7406<\/p>\n\n\n\n

\u5f88\u4e45\u4ee5\u524d\uff0c\u5373\u4f7f\u662f\u6700\u57fa\u672c\u7684\u8a08\u7b97\u6a5f\u75c5\u6bd2\u4e5f\u662f\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u3002\u5728\u7121\u6cd5\u963b\u6b62\u5b83\u5011\u7684\u60c5\u6cc1\u4e0b\uff0c\u50cfILOVEYOU\u8815\u87f2\u9019\u6a23\u7684\u60e1\u610f\u8edf\u9ad4\u53ef\u80fd\u6703\u572821\u4e16\u7d00\u521d\u5371\u5bb3\u6578\u5343\u842c\u53f0\u96fb\u8166\u3002\u4f5c\u70ba\u56de\u61c9\uff0c\u53cd\u75c5\u6bd2(AV)\u7a0b\u5f0f\u88ab\u69cb\u5efa\u4f86\u9632\u79a6\u9019\u4e9b\u5a01\u8105\u3002\u4ed6\u5011\u7684\u5de5\u4f5c\u524d\u63d0\u662f\u5728\u53d7\u4fdd\u8b77\u7684\u7db2\u8def\u74b0\u5883\u4e2d\u767c\u73fe\u4e26\u9694\u96e2\u770b\u8d77\u4f86\u5371\u96aa\u7684\u6587\u4ef6\u3001\u884c\u70ba\u548c\u9644\u4ef6\u3002<\/p>\n\n\n\n

\u99ed\u5ba2\u624b\u6cd5\u4e5f\u5728\u4e0d\u65b7\u7684\u9032\u5316\uff0c\u50cfWANNACRY\u3001Petya\u548cNotPetya\u9019\u6a23\u7684\u653b\u64ca\u88ab\u8a8d\u70ba\u662f\u9ad8\u7d1a\u7684\u3001\u80fd\u5920\u81ea\u6211\u50b3\u64ad\u7684\u5a01\u8105\uff0c\u800c\u4e0b\u4e00\u4ee3\u53cd\u75c5\u6bd2\u8edf\u9ad4(NGAV)\u61c9\u904b\u800c\u751f\uff0c\u9ad8\u7d1a\u52d2\u7d22\u8edf\u9ad4\u73fe\u5728\u4ee5\u670d\u52d9\u5f62\u5f0f\u63d0\u4f9b(RAAS)\u3002\u4e8b\u5be6\u8b49\u660e\uff0c\u50cfSolarWinds\u548cKaseya\u9019\u6a23\u7684\u4f9b\u61c9\u93c8\u653b\u64ca\u5c24\u5176\u5177\u6709\u7834\u58de\u6027\u3002<\/strong><\/p>\n\n\n\n

\"\u56fe\u7247\"\/<\/figure>\n\n\n\n

\u57fa\u65bc\u7aef\u9ede\u4fdd\u8b77\u5e73\u53f0(EPP)\u548c\u7aef\u9ede\u5075\u6e2c\u8207\u56de\u61c9(EDR)\u7b49\u6280\u8853\u7684\u73fe\u4ee3\u5b89\u5168\u5806\u68e7\u7684\u5de5\u4f5c\u65b9\u5f0f\u985e\u4f3c\u65bc\u65e9\u671f\u7684\u9632\u75c5\u6bd2\u7a0b\u5f0f\u3002\u9019\u4e9b\u6280\u8853\u6bd4\u65e9\u671f\u7684\u540c\u985e\u6280\u8853\uff0c\u5728\u524d\u671f\u767c\u73fe\u548c\u963b\u6b62\u5a01\u8105\u65b9\u9762\u505a\u5f97\u66f4\u597d\u3002\u4f46\u5b83\u5011\u90fd\u662f\u5728\u76f8\u540c\u7684\u201c\u641c\u7d22\u548c\u6467\u6bc0<\/strong>\u201d\u6982\u5ff5\u4e0b\u904b\u4f5c\u7684\u3002\u56e0\u6b64\uff0c\u5178\u578b\u7684\u4f01\u696d\u7d1a\u5b89\u5168\u614b\u52e2\u5e7e\u4e4e\u5b8c\u5168\u4f9d\u8cf4\u65bc\u767c\u73fe\u4e26\u9694\u96e2\u78c1\u76e4\u548c\u7db2\u8def\u74b0\u5883\u4e2d\u7684\u5df2\u77e5\u5a01\u8105\u3002<\/p>\n\n\n\n

\u9019\u4e9b\u57fa\u672c\u7684\u5b89\u5168\u63a7\u5236\u548c\u57fa\u65bc\u7c3d\u540d\u3001\u6a21\u5f0f\u548cAI\u7684\u89e3\u6c7a\u65b9\u6848\u4ecd\u7136\u662f\u5fc5\u4e0d\u53ef\u5c11\u7684\uff0c\u4f46\u5b83\u5011\u4e0d\u518d\u80fd\u5920\u78ba\u4fdd\u771f\u6b63\u7684\u5b89\u5168\u3002\u5982\u4eca\uff0c\u6700\u5371\u96aa\u7684\u5a01\u8105\u65e8\u5728\u7e5e\u904e\u548c\u9003\u907f\u7db2\u8def\u5b89\u5168\u5de5\u5177\u3002<\/p>\n\n\n\n

\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u4e0d\u6703\u51fa\u73fe\u5728\u5927\u591a\u6578\u5b89\u5168\u89e3\u6c7a\u65b9\u6848\u7684\u96f7\u9054\u4e0a\uff0c\u4ed6\u5011\u4e0d\u6703\u88ab\u5075\u6e2c\u5230\uff0c\u76f4\u5230\u70ba\u6642\u5df2\u665a\u3002\u4ed6\u5011\u4f7f\u7528\u8207\u5408\u6cd5\u7cfb\u7d71\u7ba1\u7406\u54e1\u76f8\u540c\u7684\u61c9\u7528\u7a0b\u5f0f\u4f86\u63a2\u6e2c\u7db2\u8def\u4e26\u6a6b\u5411\u79fb\u52d5\u3002<\/p>\n\n\n\n

\"\u56fe\u7247\"\/<\/figure>\n\n\n\n

\u7834\u89e3\u7248\u672c\u7684\u7d05\u8272\u5718\u968a\u5de5\u5177\uff0c\u5982Cobalt Strike\uff0c\u5141\u8a31\u99ed\u5ba2\u653b\u64ca\u5167\u90e8\u5132\u5b58\u7a7a\u9593(RAM)\u4e2d\u7684\u5408\u6cd5\u9032\u7a0b\u3002\u9019\u4e9b\u5de5\u5177\u5141\u8a31\u653b\u64ca\u8005\u5728\u4f7f\u7528\u5408\u6cd5\u61c9\u7528\u7a0b\u5f0f\u6642\u641c\u7d22RAM\u4e2d\u5b58\u5728\u7684\u5bc6\u78bc\u548c\u53ef\u5229\u7528\u7684\u932f\u8aa4\u3002\u5b83\u5011\u9084\u96b1\u85cf\u4e86\u9632\u79a6\u8005\u5728\u61c9\u7528\u7a0b\u5f0f\u904b\u884c\u6642\u7121\u6cd5\u6709\u6548\u5730\u6383\u63cfRAM\u7684\u5730\u65b9\u3002<\/p>\n\n\n\n

\u56e0\u6b64\uff0c\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u7e5e\u904e\u4e86\u57fa\u65bc\u6383\u63cf\u7684\u5b89\u5168\u89e3\u6c7a\u65b9\u6848(\u5728\u904b\u884c\u6642\u4e0d\u80fd\u67e5\u770bRAM)\u548c\u50cfAllow Listing\u9019\u6a23\u7684\u63a7\u5236\u3002\u6839\u64daPicus\u6700\u8fd1\u7684\u4e00\u4efd\u5831\u544a\uff0c91%\u7684Darkside\u52d2\u7d22\u8edf\u9ad4\u4e8b\u4ef6\u4f7f\u7528\u4e86\u5408\u6cd5\u7684\u5de5\u5177\u548c\u9032\u7a0b\u3002<\/p>\n\n\n\n

\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u5728\u904b\u884c\u6642\u5b58\u5728\u65bcRAM\u4e2d\uff0c\u5728\u91cd\u555f\u3001\u78c1\u76e4\u91cd\u65b0\u683c\u5f0f\u5316\u548c\u91cd\u65b0\u5b89\u88dd\u8a2d\u5099\u64cd\u4f5c\u7cfb\u7d71\u7684\u5617\u8a66\u4e2d\u4e5f\u53ef\u4ee5\u5016\u5b58\u4e0b\u4f86\u3002<\/p>\n\n\n\n

\u9019\u4e9b\u8907\u96dc\u7684\u653b\u64ca\u904e\u53bb\u53ea\u6709\u570b\u5bb6\u652f\u6301\u7684\u99ed\u5ba2\u624d\u80fd\u505a\uff0c\u7136\u800c\uff0c\u73fe\u5728\u8d8a\u4f86\u8d8a\u5e38\u898b\u3002\u88ab\u99ed\u5ba2\u653b\u64ca\u7684Cobalt Strike\u7248\u672c\u5141\u8a31\u99ed\u5ba2\u4ee5\u5ec9\u50f9\u548c\u8f15\u9b06\u7684\u65b9\u5f0f\u653b\u64ca\u53d7\u5bb3\u8005\u7684\u8a2d\u5099RAM\u3002\u53bb\u5e74\uff0c\u6392\u540d\u524d\u4e94\u7684\u653b\u64ca\u6280\u8853\u4e2d\u6709\u4e09\u7a2e\u6d89\u53ca\u8a2d\u5099RAM<\/strong>\u3002<\/p>\n\n\n\n

\"\u56fe\u7247\"\/<\/figure>\n\n\n\n

\u5982\u4f55\u963b\u6b62\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)<\/p>\n\n\n\n

\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u6b63\u5728\u5229\u7528\u5178\u578b\u4f01\u696d\u5b89\u5168\u72c0\u614b-\u8a2d\u5099RAM\u4e2d\u7684\u660e\u986f\u5b89\u5168\u6f0f\u6d1e\u3002\u4f46\u4ed6\u5011\u662f\u53ef\u4ee5\u88ab\u963b\u6b62\u7684\u3002<\/p>\n\n\n\n

\u5f9e\u9577\u9060\u4f86\u770b\uff0c\u9632\u6b62\u5a01\u8105\u640d\u5bb3RAM\u7684\u6700\u597d\u65b9\u6cd5\u662f\u5728\u61c9\u7528\u7a0b\u5f0f\u548c\u8a2d\u5099\u4e2d\u69cb\u5efa\u66f4\u597d\u7684\u9632\u79a6\u3002\u8edf\u9ad4\u958b\u767c\u4eba\u54e1\u53ef\u4ee5\u505a\u66f4\u591a\u7684\u5de5\u4f5c\u4f86\u69cb\u5efa\u5c0dRAM\u5229\u7528\u7684\u7de9\u89e3\u3002\u5b83\u5011\u53ef\u80fd\u6703\u4f7f\u99ed\u5ba2\u66f4\u96e3\u5229\u7528\u5408\u6cd5\u7db2\u8def\u7ba1\u7406\u54e1\u4f7f\u7528\u7684\u76f8\u540c\u5de5\u5177\u3002<\/p>\n\n\n\n

\u4f46\u662f\uff0c\u53ea\u8981\u61c9\u7528\u7a0b\u5f0f\u69cb\u5efa\u4e26\u6574\u5408\u65b0\u529f\u80fd(\u4e26\u4e14\u7e3d\u662f\u6703\u7522\u751f\u932f\u8aa4)\uff0cRAM\u640d\u58de\u5c31\u662f\u53ef\u80fd\u7684\u3002\u5c0d\u65bc\u5728\u9059\u9060\u7684\u672a\u4f86\u4ecd\u5c07\u5728IT\u74b0\u5883\u4e2d\u904b\u884c\u7684\u6578\u4ee5\u767e\u842c\u8a08\u7684\u50b3\u7d71\u8a2d\u5099\u548c\u61c9\u7528\u7a0b\u5f0f\u800c\u8a00\uff0c\u60c5\u6cc1\u5c24\u5176\u5982\u6b64\u3002<\/p>\n\n\n\n

\"\u56fe\u7247\"\/<\/figure>\n\n\n\n

\u76ee\u524d\uff0c\u5b89\u5168\u5718\u968a\u70ba\u963b\u6b62\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u6240\u80fd\u505a\u7684\u6700\u597d\u7684\u4e8b\u60c5\u662f\u6dfb\u52a0\u63a7\u5236\uff0c\u5f9e\u4e00\u958b\u59cb\u5c31\u963b\u6b62\u5c0d\u8a2d\u5099RAM\u7684\u5b58\u53d6\uff1a<\/p>\n\n\n\n

\u25cf \u5efa\u7acb\u7e31\u6df1\u9632\u79a6\u3002<\/strong>\u6c92\u6709\u4e00\u7a2e\u63a7\u5236\u6216\u89e3\u6c7a\u65b9\u6848\u53ef\u4ee5\u4fdd\u8b77\u7d44\u7e54\u514d\u53d7\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u3002\u5b89\u5168\u5718\u968a\u5fc5\u9808\u5728\u5f9e\u7d42\u7aef\u5230\u696d\u52d9\u95dc\u9375\u578b\u670d\u52d9\u5668\u7684\u6bcf\u4e00\u5c64\u5275\u5efa\u5197\u9918\u3002<\/p>\n\n\n\n

\u597d\u6587\u95b1\u8b80 >> \u7e31\u6df1\u9632\u79a6\u662f\u751a\u9ebc\uff1f<\/a><\/em><\/em><\/p>\n\n\n\n

\u25cf \u5be6\u884c\u96f6\u4fe1\u4efb\u3002<\/strong>\u96f6\u4fe1\u4efb\u7684\u6982\u5ff5\u5df2\u7d93\u670947\u5e74\u7684\u6b77\u53f2\u4e86\u3002\u7136\u800c\uff0c\u5c0d\u65bc\u5927\u591a\u6578\u4f01\u696d\u4f86\u8aaa\uff0c\u9019\u4ecd\u7136\u662f\u4e00\u500b\u96e3\u4ee5\u5be6\u73fe\u7684\u76ee\u6a19\u3002\u6839\u64daForrester\u6700\u8fd1\u7684\u4e00\u9805\u7814\u7a76\uff0c\u5be6\u65bd\u96f6\u4fe1\u4efb\u7684\u7d44\u7e54\u5c07\u6578\u64da\u6d29\u9732\u7684\u6a5f\u6703\u964d\u4f4e\u4e8650%\u3002 <\/p>\n\n\n\n

\u597d\u6587\u95b1\u8b80 >> \u96f6\u4fe1\u4efb(Zero Trust)\u662f\u751a\u9ebc\uff1f<\/a><\/p>\n\n\n\n

>> \u96f6\u4fe1\u4efb(Zero Trust)\u6848\u4f8b\u5206\u4eab<\/a><\/p>\n\n\n\n

 \u25cf \u4f7f\u7528\u79fb\u52d5\u76ee\u6a19\u9632\u79a6(MTD)\u6280\u8853\u4fdd\u8b77\u8a2d\u5099RAM\u3002<\/strong>\u60a8\u4e0d\u80fd\u5728\u904b\u884c\u6642\u6709\u6548\u5730\u6383\u63cf\u8a2d\u5099RAM\u3002\u4f46\u60a8\u53ef\u4ee5\u4f7f\u5bc6\u78bc\u7b49\u8a18\u61b6\u8cc7\u7522\u5c0d\u99ed\u5ba2\u5be6\u969b\u4e0a\u662f\u4e0d\u53ef\u898b\u7684\u3002\u4f7f\u7528\u4f7f\u7528MTD\u8b8a\u5f62(\u96a8\u6a5f\u5316)RAM\u7684\u89e3\u6c7a\u65b9\u6848\uff0c\u4f7f\u99ed\u5ba2\u7121\u6cd5\u627e\u5230\u4ed6\u5011\u7684\u76ee\u6a19\u3002<\/p>\n\n\n\n

\"\u56fe\u7247\"\/<\/figure>\n\n\n\n

\u4f7f\u7528MTD\u69cb\u5efa\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u9632\u79a6<\/p>\n\n\n\n

NGAV\u3001EPP\u548cEDR\u7b49\u89e3\u6c7a\u65b9\u6848\u4ecd\u7136\u662f\u4efb\u4f55\u7d44\u7e54\u5b89\u5168\u6230\u7565\u7684\u91cd\u8981\u7d44\u6210\u90e8\u5206\u3002\u5b83\u5011\u5c0d\u65bc\u963b\u6b62\u5927\u591a\u6578\u8868\u73fe\u51fa\u53ef\u8b58\u5225\u7279\u5fb5\u548c\u884c\u70ba\u6a21\u5f0f\u7684\u653b\u64ca\u93c8\u81f3\u95dc\u91cd\u8981\u3002<\/p>\n\n\n\n

\u7136\u800c\uff0c\u96a8\u8457\u96f6\u65e5\u653b\u64ca\u3001RAM\u5a01\u8105\u548c\u7121\u6587\u4ef6\u653b\u64ca\u65b9\u6cd5\u7684\u589e\u52a0\uff0c\u9019\u4e9b\u5de5\u5177\u7d66\u9632\u79a6\u8005\u7559\u4e0b\u4e86\u4e00\u500b\u56b4\u91cd\u7684\u5b89\u5168\u6f0f\u6d1e\u3002\u8feb\u5207\u9700\u8981\u4e00\u7a2e\u4e0d\u540c\u7684\u89e3\u6c7a\u65b9\u6848\u4f86\u6709\u6548\u9632\u79a6\u9019\u4e9b\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u76ee\u6a19\u7684\u653b\u64ca\u8f09\u9ad4\u3002\u5b83\u53ef\u4ee5\u9632\u6b62RAM\u53d7\u640d\u4e26\u963b\u6b62\u4ee5\u524d\u672a\u898b\u904e\u7684\u5a01\u8105\u3002<\/p>\n\n\n\n

\u9032\u5165\u79fb\u52d5\u76ee\u6a19\u9632\u79a6(MTD)\u3002\u88abGartner\u7a31\u70ba\u6700\u5177\u5f71\u97ff\u529b\u7684\u65b0\u8208\u6280\u8853\u4e4b\u4e00\uff0cMTD\u5275\u9020\u4e86\u4e00\u500b\u4e0d\u53ef\u9810\u6e2c\u7684RAM\u653b\u64ca\u9762<\/strong>\u3002\u9019\u4f7f\u5f97\u5a01\u8105\u4e0d\u53ef\u80fd\u627e\u5230\u5b83\u5011\u5c0b\u6c42\u7684\u8cc7\u6e90\uff0c\u7121\u8ad6\u5b83\u5011\u6709\u591a\u8907\u96dc\u3002\u540c\u6a23\u91cd\u8981\u7684\u662f\uff0cMTD\u6280\u8853\u8207\u5176\u4ed6\u7db2\u8def\u5b89\u5168\u89e3\u6c7a\u65b9\u6848\u7121\u7e2b\u6574\u5408\uff0c\u6613\u65bc\u5be6\u65bd\uff0c\u4e26\u4e14\u53ef\u64f4\u5c55\u3002<\/strong><\/p>\n\n\n\n

Morphisec\uff08\u6469\u83f2\u65af\uff09<\/strong><\/p>\n\n\n\n

Morphisec\uff08\u6469\u83f2\u65af\uff09\u4f5c\u70ba\u79fb\u52d5\u76ee\u6a19\u9632\u79a6\u7684\u9818\u5c0e\u8005\uff0c\u5df2\u7d93\u8b49\u660e\u4e86\u9019\u9805\u6280\u8853\u7684\u5a01\u529b\u3002\u4ed6\u5011\u5df2\u7d93\u57285000\u591a\u5bb6\u4f01\u696d\u90e8\u7f72\u4e86MTD\u9a45\u52d5\u7684\u6f0f\u6d1e\u9810\u9632\u89e3\u6c7a\u65b9\u6848\uff0c\u6bcf\u5929\u4fdd\u8b77800\u591a\u842c\u500b\u7aef\u9ede\u548c\u670d\u52d9\u5668\u514d\u53d7\u8a31\u591a\u6700\u5148\u9032\u7684\u653b\u64ca\u3002\u4e8b\u5be6\u4e0a\uff0cMorphisec\uff08\u6469\u83f2\u65af\uff09\u76ee\u524d\u6bcf\u5929\u963b\u6b6215,000\u81f330,000\u6b21\u52d2\u7d22\u8edf\u9ad4\u3001\u60e1\u610f\u8edf\u9ad4\u548c\u7121\u6587\u4ef6\u653b\u64ca\uff0c\u9019\u4e9b\u653b\u64ca\u662fNGAV\u3001EDR\u89e3\u6c7a\u65b9\u6848\u548c\u7aef\u9ede\u4fdd\u8b77\u5e73\u53f0\uff08EPP\uff09\u672a\u80fd\u6aa2\u6e2c\u548c\/\u6216\u963b\u6b62\u7684\u3002 (\u4f8b\u5982\uff0cMorphisec\u5ba2\u6236\u7684\u6210\u529f\u6848\u4f8b\uff0cGartner\u540c\u884c\u6d1e\u5bdf\u529b\u8a55\u8ad6\u548cPeerSpot\u8a55\u8ad6)\u5728\u5176\u4ed6NGAV\u548cEDR\u89e3\u6c7a\u65b9\u6848\u7121\u6cd5\u963b\u6b62\u7684\u60c5\u6cc1\u4e0b\uff0c\u5728\u7b2c\u96f6\u65e5\u5c31\u88ab\u963b\u6b62\u7684\u6b64\u985e\u653b\u64ca\u7684\u4f8b\u5b50\u5305\u62ec\u4f46\u4e0d\u9650\u65bc\uff1a<\/p>

– \u52d2\u7d22\u8edf\u9ad4(\u4f8b\u5982\uff0cConti\u3001Darkside\u3001Lockbit)<\/p>

– \u5f8c\u9580\u7a0b\u5f0f(\u4f8b\u5982\uff0cCobalt Strike\u3001\u5176\u4ed6RAM\u4fe1\u6a19)<\/p>

– \u4f9b\u61c9\u93c8(\u4f8b\u5982\uff0cCCleaner\u3001\u83ef\u78a9\u3001Kaseya payloads\u3001iTunes)<\/p>

– \u60e1\u610f\u8edf\u9ad4\u4e0b\u8f09\u7a0b\u5f0f(\u4f8b\u5982\uff0cEmotet\u3001QBot\u3001Qakbot\u3001Trickbot\u3001IceDid)<\/p><\/blockquote>\n\n\n\n

Morphisec\uff08\u6469\u83f2\u65af\uff09\u70ba\u95dc\u9375\u61c9\u7528\u7a0b\u5f0f<\/strong>\uff0cwindows\u548clinux\u672c\u5730\u548c\u96f2\u7aef\u670d\u52d9\u5668\u63d0\u4f9b\u89e3\u6c7a\u65b9\u6848<\/strong>\uff0c2MB\u5927\u5c0f\u5feb\u901f\u90e8\u7f72\u3002\u514d\u8cbb\u7684Guard Lite\u89e3\u6c7a\u65b9\u6848<\/strong>\uff0c\u5c07\u5fae\u8edf\u7684Defener AV\u8b8a\u6210\u4e00\u500b\u4f01\u696d\u7d1a\u7684\u89e3\u6c7a\u65b9\u6848\u3002\u8b93\u4f01\u696d\u53ef\u4ee5\u5f9e\u55ae\u4e00\u5730\u9ede\u63a7\u5236\u6240\u6709\u7d42\u7aef\u3002\u8acb\u806f\u7e6b\u6211\u5011\u514d\u8cbb\u7372\u53d6\uff01<\/p>\n\n\n\n

\u66f4\u591a\u8cc7\u8a0a\u6b61\u8fce\u5230\u5b8f\u8679\u5b98\u7db2\u4e86\u89e3\uff0c\u6216\u806f\u7e6b\u6211\u5011! >> https:\/\/hongtronics.com\/morphisec-safe-internet-situation\/<\/a><\/p>\n\n\n\n

\"\"<\/figure>","protected":false},"excerpt":{"rendered":"

\u5f88\u4e45\u4ee5\u524d\uff0c\u5373\u4f7f\u662f\u6700\u57fa\u672c\u7684\u8a08\u7b97\u6a5f\u75c5\u6bd2\u4e5f\u662f\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105(APT)\u3002\u50cfILOVEYOU\u8815\u87f2\u9019\u6a23\u7684\u60e1\u610f\u8edf\u9ad4\u53ef\u80fd\u6703\u572821\u4e16\u7d00\u521d\u5371\u5bb3\u6578\u5343\u842c\u53f0\u96fb\u8166\u3002\u4f5c\u70ba\u56de\u61c9\uff0c\u53cd\u75c5\u6bd2(AV)\u7a0b\u5f0f\u88ab\u69cb\u5efa\u4f86\u9632\u79a6\u9019\u4e9b\u5a01\u8105\uff0c\u4e26\u5728\u53d7\u4fdd\u8b77\u7684\u7db2\u8def\u74b0\u5883\u4e2d\u963b\u9694\u6709\u98a8\u96aa\u7684\u6a94\u6848\u3002\u99ed\u5ba2\u4e5f\u8ddf\u8457\u7e7c\u7e8c\u8f49\u5316\u9032\u6b65\uff0c\u50cfWANNACRY\u3001Petya\u548cNotPetya\u9019\u6a23\u7684\u653b\u64ca……<\/p>","protected":false},"author":33,"featured_media":24755,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"0","ocean_second_sidebar":"0","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"minimal","ocean_center_header_left_menu":"0","ocean_custom_header_template":"0","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"0","ocean_menu_typo_font_family":"0","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"0","iawp_total_views":25,"ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"off","ocean_gallery_id":[],"footnotes":""},"categories":[2362],"tags":[1874,1796,1875,1873,1876],"table_tags":[],"class_list":["post-24742","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-2362","tag-mtd","tag-1796","tag-1875","tag-apt","tag-zero-trust","entry","has-media","owp-thumbs-layout-horizontal","owp-btn-normal","owp-tabs-layout-horizontal","has-no-thumbnails","has-product-nav"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/hongtronics.com\/wp-content\/uploads\/2022\/10\/640-1.jpg","_links":{"self":[{"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/posts\/24742","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/comments?post=24742"}],"version-history":[{"count":4,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/posts\/24742\/revisions"}],"predecessor-version":[{"id":27712,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/posts\/24742\/revisions\/27712"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/media\/24755"}],"wp:attachment":[{"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/media?parent=24742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/categories?post=24742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/tags?post=24742"},{"taxonomy":"table_tags","embeddable":true,"href":"https:\/\/hongtronics.com\/en\/wp-json\/wp\/v2\/table_tags?post=24742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}