臺灣有大學遭到PHP漏洞攻擊,駭客在受害主機植入後門程式
支付動態 · 2024-08-21
2個月前揭露的重大層級PHP漏洞CVE-2024-4577出現了實際攻擊行動,資安業者賽門鐵克指出,他們看到臺灣有一所大學遭遇攻擊,並被植入後門
今年6月臺灣資安業者戴夫寇爾(Devcore)揭露PHP程式語言重大層級漏洞CVE-2024-4577,這項漏洞存在於CGI參數而有可能被用於注入攻擊,CVSS風險評分達到了9.8(滿分10分),如今傳出實際的攻擊行動。
資安業者賽門鐵克昨天(8月20日)揭露針對臺灣一所大學院校的後門程式Msupedge攻擊行動,而這支後門程式的感染途徑,很有可能就是利用前述漏洞而得逞。值得留意的是,研究人員發現有多組人馬正在尋找存在相關弱點的系統,而對於攻擊者的身分及動機,他們表示並不清楚。
在這起資安事故當中,駭客使用較為罕見的聯繫手法,那就是透過DNS進行C2通訊,他們使用能公開取得的工具dnscat2打造DNS隧道,用來進行名稱解析並接收命令。
Popular articles
British gambling levy rates confirmed for each vertical
Regulation
Crypto in gambling: Market overview 2024
Marketing
Bally’s job training program is a big deal at Community College of Rhode Island
Regulation
French Gambling Giant FDJ Completes €2.5bn Kindred Group Purchase
Regulation
Irish lawmakers at odds over change in gambling bill allowing ‘inducements’
Sports Betting
FDJ completes Kindred deal to transform into ‘Europe’s champion’
Sports Betting
Online casino in Germany: Schleswig-Holstein issues licences for live casino and table games
Online Casino
Wynn Resorts obtains United Arab Emirates gaming license
Regulation
Elevate Your Casino’s Success with Opexa Game Aggregators
HUIDU Focus
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
The ultimate gambler? How Bet365’s Denise Coates became Britain’s richest woman
Sports Betting
Indiana online casino bill stalls in House committee
Regulation
New Partnership: 1spin4win Integrates Classic Slots into Pokerdom’s Gaming Library
Online Casino
NFL player calls out NFL fans upset about bets: ‘We’re human too’
Sports Betting
People have a lot to say about Ontario’s Premier wanting to Las Vegas-ify Niagara Falls
Regulation
