Qhov tseem ceeb Apache Log4j 2 qhov tsis zoo yog ua rau txoj hauv kev rau lub xeev txhawb nqa hackers nyiag cov ntaub ntawv thiab tso tawm ransomware tawm tsam, raws li Microsoft.
Hnub Tuesday, tuam txhab ceeb toom nws tau pom lub teb chaws-xeev hacking pab pawg los ntawm Tuam Tshoj, Iran, North Kauslim, thiab Qaib Cov Txwv sim siv lub Log4j 2 qhov tsis haum. Lawv cov kev ua haujlwm suav nrog kev sim nrog cov kab laum thiab ua phem rau qhov tsis zoo kom txo qis kev them nyiaj siab phem thiab rho tawm cov ntaub ntawv los ntawm cov neeg raug tsim txom.
Raws li Microsoft, ib pab pawg neeg Iranian nyiag nkas, hu ua Phosphorus lossis Charming Kitten, tau liam tias tau siv Log4j 2 txhawm rau kis ransomware. Ib pab pawg sib cais los ntawm Tuam Tshoj hu ua Hafnium tau pom tias siv cov kev tsis zoo los pab nws tsom cov neeg raug tsim txom.
"Nyob rau hauv cov kev tawm tsam no, Hafnium-txuas nrog cov tshuab tau soj ntsuam siv DNS kev pabcuam feem ntau cuam tshuam nrog kev sim ua haujlwm rau cov tshuab ntiv tes," Microsoft hais.
Qhov tsis zoo yog tsa lub tswb nrov vim tias Apache's Log4j 2 software yog siv thoob plaws hauv kev lag luam hauv internet ua ib qho cuab yeej los teev cov kev hloov pauv hauv software lossis web application. Los ntawm kev siv qhov tsis zoo, tus neeg nyiag nkag tuaj yeem nkag mus rau hauv IT system txhawm rau nyiag cov ntaub ntawv lossis khiav lub program phem. Tsis pab qhov teeb meem yog yuav ua li cas qhov tsis txaus yog qhov tsis tseem ceeb los teeb tsa, ua rau nws yooj yim heev rau leej twg los siv nws.
Daim ntawv tshaj tawm los ntawm Microsoft qhia txog qhov xav tau rau tag nrho cov kev lag luam thev naus laus zis txhawm rau kho qhov tsis zoo ua ntej yuav muaj teeb meem tshwm sim. Lub tuam txhab tsis tau txheeb xyuas lub xeev txhawb nqa hacking pab pawg los ntawm North Kauslim lossis Turkey. Tab sis Microsoft tau hais ntxiv tias lwm pab pawg neeg ua phem hauv cybercriminal, hu ua "tus neeg ua haujlwm nkag mus," tau pom tias siv cov kab laum Log4j 2 kom tau txais ib qho foothold hauv tes hauj lwm.
Pom zoo los ntawm Peb Cov Kws Kho Mob
Microsoft tau hais tias "Cov kev nkag mus rau cov tuam txhab no muag nkag mus rau cov tes hauj lwm no rau ransomware-as-a-service koom nrog," Microsoft hais. "Peb tau pom cov pab pawg no sim siv rau ob qho tib si Linux thiab Windows systems, uas yuav ua rau muaj kev nce ntxiv hauv tib neeg kev ua haujlwm ransomware cuam tshuam rau ob qho tib si ntawm cov txheej txheem kev ua haujlwm no."
Lwm lub tuam txhab kev ruaj ntseg cybersecurity, suav nrog Mandiant, kuj tau pom lub xeev txhawb nqa pab pawg neeg nyiag khoom los ntawm Tuam Tshoj thiab Iran tsom qhov tsis zoo. "Peb cia siab tias lwm lub xeev cov neeg ua yeeb yam tseem tab tom ua ib yam nkaus, lossis npaj ua," Mandiant VP ntawm Kev Tshawb Fawb Kev Tshawb Fawb John Hultquist hais. "Peb ntseeg tias cov neeg ua yeeb yam no yuav ua haujlwm sai sai los tsim cov foothold hauv kev xav tau kev sib koom tes rau kev ua raws li kev ua ub no, uas yuav kav ntev mus ntev."
Zoo li koj nyeem dab tsi?
Sau npe rau Saib xyuas kev ruaj ntseg tsab ntawv xov xwm rau peb sab saum toj kev ceev ntiag tug thiab kev ruaj ntseg cov dab neeg xa ncaj qha rau koj lub inbox.
Tsab ntawv xov xwm no yuav muaj kev tshaj tawm, kev sib cog lus, lossis kev sib koom ua ke. Kev sau npe rau tsab ntawv xov xwm qhia koj qhov kev tso cai rau peb Cov ntsiab lus uas siv thiab Tsis pub twg paub Txoj cai. Koj tuaj yeem tshem tawm cov ntawv xov xwm txhua lub sijhawm.
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
English
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba