臺灣有大學遭到PHP漏洞攻擊,駭客在受害主機植入後門程式
支付動態 · 2024-08-21
2個月前揭露的重大層級PHP漏洞CVE-2024-4577出現了實際攻擊行動,資安業者賽門鐵克指出,他們看到臺灣有一所大學遭遇攻擊,並被植入後門
今年6月臺灣資安業者戴夫寇爾(Devcore)揭露PHP程式語言重大層級漏洞CVE-2024-4577,這項漏洞存在於CGI參數而有可能被用於注入攻擊,CVSS風險評分達到了9.8(滿分10分),如今傳出實際的攻擊行動。
資安業者賽門鐵克昨天(8月20日)揭露針對臺灣一所大學院校的後門程式Msupedge攻擊行動,而這支後門程式的感染途徑,很有可能就是利用前述漏洞而得逞。值得留意的是,研究人員發現有多組人馬正在尋找存在相關弱點的系統,而對於攻擊者的身分及動機,他們表示並不清楚。
在這起資安事故當中,駭客使用較為罕見的聯繫手法,那就是透過DNS進行C2通訊,他們使用能公開取得的工具dnscat2打造DNS隧道,用來進行名稱解析並接收命令。
Popular articles
Indiana online casino bill stalls in House committee
Regulation
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
