{"id":32121,"date":"2016-10-31T09:00:09","date_gmt":"2016-10-31T01:00:09","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=32121"},"modified":"2016-11-08T17:51:12","modified_gmt":"2016-11-08T09:51:12","slug":"%e4%bc%81%e6%a5%ad%e5%b9%b3%e5%9d%87%e7%b4%84%e9%9c%80%e8%a6%81-30-%e5%a4%a9%e5%ae%8c%e6%88%90%e4%bf%ae%e8%a3%9c%e7%a8%8b%e5%bc%8f%e6%b8%ac%e8%a9%a6%e3%80%8c%e6%bc%8f%e6%b4%9e%e6%94%bb%e6%93%8a","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=32121","title":{"rendered":"\u4f01\u696d\u5e73\u5747\u7d04\u9700\u8981 30 \u5929\u5b8c\u6210\u4fee\u88dc\u7a0b\u5f0f\u6e2c\u8a66,\u300c\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6 + \u52d2\u7d22\u75c5\u6bd2\u300d,\u8003\u9a57\u548c\u6642\u9593\u8cfd\u8dd1\u7684 IT \u7ba1\u7406\u54e1"},"content":{"rendered":"<h1><\/h1>\n<ul>\n<li><span style=\"color: #333399;\">\u81f3\u5c11\u6709 <a style=\"color: #333399;\" href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/reports\/rpt-the-reign-of-ransomware.pdf\">18%<\/a> \u7684\u5df2\u77e5<a style=\"color: #333399;\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=12412\">\u52d2\u7d22\u75c5\u6bd2 Ransomware<\/a> (\u52d2\u7d22\u8edf\u9ad4\/\u7d81\u67b6\u75c5\u6bd2)\u5bb6\u65cf\u73fe\u5728\u90fd\u7d93\u7531\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6563\u5e03<\/span><\/li>\n<li><span style=\"color: #333399;\">\u5149\u662f 2016 \u5e74\u7b2c\u4e00\u5b63\uff0c\u52d2\u7d22\u75c5\u6bd2\u5c31\u5f9e\u4f01\u696d\u8eab\u4e0a\u6d77\u6488\u4e86\u5c07\u8fd1<a style=\"color: #333399;\" href=\"https:\/\/money.cnn.com\/2016\/04\/15\/technology\/ransomware-cyber-security\/\">2.09 \u5104\u7f8e\u5143<\/a>\u7684\u4e0d\u6cd5\u6240\u5f97<\/span><\/li>\n<\/ul>\n<p><span style=\"color: #333399;\">\u4e0d\u8ad6\u4efb\u4f55\u6642\u523b\uff0c\u7db2\u8def\u7e3d\u662f\u6703\u5b58\u5728\u8457\u6f0f\u6d1e\uff0c\u5c24\u5176\u82e5\u7db2\u8def\u4e0a\u9084\u6709\u4e00\u4e9b\u8001\u820a\u7684\u7cfb\u7d71\u6216\u8edf\u9ad4,\u518d\u52a0\u4e0a\u96f6\u6642\u5dee\u6f0f\u6d1e\uff0c\u90a3\u9ebc\u7cfb\u7d71\u7ba1\u7406\u54e1\u6839\u672c\u5c31\u6c38\u9060\u5728\u548c\u6642\u9593\u8cfd\u8dd1\u3002IT \u7cfb\u7d71\u7ba1\u7406\u54e1\u751a\u81f3\u5fc5\u9808\u60f3\u8fa6\u6cd5\u5728\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u5df2\u6536\u9304\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\u4fee\u88dc\u4e4b\u524d\u9632\u7bc4\u7db2\u8def\u906d\u53d7\u653b\u64ca\u3002\u4ed6\u5011\u5fc5\u9808\u9762\u5c0d\u5404\u7a2e\u6311\u6230\uff0c\u4f8b\u5982\uff0c\u4ed6\u5011\u4e0d\u50c5\u8981\u7dad\u8b77\u95dc\u9375\u7cfb\u7d71\u7684\u71df\u904b\u4e0d\u9593\u65b7\uff0c\u9084\u8981\u4fdd\u8b77\u7db2\u8def\u908a\u5883\u3002\u5c31\u7b97\u62ff\u5230\u4e86\u6f0f\u6d1e\u4fee\u88dc\u7a0b\u5f0f\uff0c\u4e5f\u8981\u5148\u5b8c\u6210\u6e2c\u8a66\u624d\u80fd\u958b\u59cb\u90e8\u7f72\u3002\u4f01\u696d\u5e73\u5747\u7d04\u9700\u8981 <a style=\"color: #333399;\" href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/virtual-patching-patch-those-vulnerabilities-before-they-can-be-exploited\">30 \u5929<\/a>\u7684\u6642\u9593\u4f86\u5b8c\u6210\u4fee\u88dc\u7a0b\u5f0f\u6e2c\u8a66\u3002\u9019\u6a23\u7684\u60c5\u6cc1\u518d\u52a0\u4e0a\u5176\u4ed6\u56e0\u7d20\uff0c\u5c31\u6703\u5c0e\u81f4\u7a7a\u7a97\u671f\uff0c\u8b93\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6709\u6a5f\u53ef\u4e58\u3002<\/span><\/p>\n<p><span style=\"color: #333399;\"><strong>\u00a0&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;-<\/strong><\/span><\/p>\n<h2>\u6f0f\u6d1e\u653b\u64ca\u670d\u52d9(Exploits as a Service)\uff1a\u300c\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6 + \u52d2\u7d22\u75c5\u6bd2\u300d\u5982\u4f55\u5f71\u97ff\u4f01\u696d\u751f\u8a08?<\/h2>\n<p>2013 \u5e74\uff0cBlackhole \u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u548c \u641c\u5c0b<a href=\"https:\/\/blog.trendmicro.com.tw\/?s=CryptoLocker\">CryptoLocker <\/a>\u958b\u5275\u4e86\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u8207\u52d2\u7d22\u75c5\u6bd2\u806f\u624b\u51fa\u64ca\u7684\u5148\u4f8b\u3002\u6c92\u904e\u591a\u4e45\uff0c\u5176\u4ed6\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\uff0c\u5982\uff1aAngler\u3001Neutrino\u3001Magnitude \u548c Rig \u4e5f\u96a8\u4e4b\u8ddf\u9032\u3002\u81f3\u5c11\u6709 <a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/reports\/rpt-the-reign-of-ransomware.pdf\">18%<\/a> \u7684\u5df2\u77e5<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=12412\">\u52d2\u7d22\u75c5\u6bd2 Ransomware<\/a> (\u52d2\u7d22\u8edf\u9ad4\/\u7d81\u67b6\u75c5\u6bd2)\u5bb6\u65cf\u73fe\u5728\u90fd\u7d93\u7531\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6563\u5e03\u3002<\/p>\n<p>\u503c\u5f97\u4e00\u63d0\u7684\u662f\uff0c\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6700\u65e9\u5f9e 2006\u5e74\u8d77\u4fbf\u4e00\u76f4\u662f\u5404\u7a2e\u5a01\u8105\u7684\u6563\u5e03\u7ba1\u9053\u30022010 \u5e74\u81f3\u4eca\uff0c<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a>\u81f3\u5c11\u5df2\u767c\u73fe 100 \u500b\u6f0f\u6d1e\u88ab\u6536\u9304\u5230\u5e7e\u5341\u500b\u5957\u4ef6\u7576\u4e2d\u3002\u52d2\u7d22\u75c5\u6bd2\u50c5\u662f\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u53ef\u80fd\u690d\u5165\u7cfb\u7d71\u7576\u4e2d\u7684\u773e\u591a\u5a01\u8105\u985e\u578b\u4e4b\u4e00\u3002<\/p>\n<p><strong>[\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong><a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/exploit-kit\"><strong>\u9032\u4e00\u6b65\u8a8d\u8b58\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6<\/strong><\/a><strong>]<\/strong><\/p>\n<p>\u5149\u662f 2016 \u5e74\u7b2c\u4e00\u5b63\uff0c\u52d2\u7d22\u75c5\u6bd2\u5c31\u5f9e\u4f01\u696d\u8eab\u4e0a\u6d77\u6488\u4e86\u5c07\u8fd1<a href=\"https:\/\/money.cnn.com\/2016\/04\/15\/technology\/ransomware-cyber-security\/\">2.09 \u5104\u7f8e\u5143<\/a>\u7684\u4e0d\u6cd5\u6240\u5f97\u3002\u96d6\u7136\u52d2\u7d22\u75c5\u6bd2\u7684\u76f4\u63a5\u98a8\u96aa\u5c31\u662f\u8cc7\u6599\u640d\u5931\uff0c\u4f46\u5b83\u9084\u6703\u5e36\u4f86\u5176\u4ed6\u7684\u4e0d\u826f\u5f8c\u679c\uff0c\u5305\u62ec\uff1a\u54c1\u724c\u548c\u5546\u8b7d\u640d\u5931\u3001\u6cd5\u5f8b\u8ce0\u511f\u4ee5\u53ca\u5fa9\u539f\u95dc\u9375\u8cc7\u6599\u7684\u984d\u5916\u6210\u672c\u3002<\/p>\n<p><strong>[\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=28643\"><strong>\u52d2\u7d22\u75c5\u6bd2\u7576\u9053\u7684\u6642\u4ee3 <\/strong><\/a><strong>]<\/strong><\/p>\n<p>\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u70ba\u4f55\u6703\u6210\u70ba\u5404\u7a2e\u5a01\u8105\u7684\u6709\u6548\u7684\u6563\u5e03\u7ba1\u9053\uff1f\u9996\u5148\uff0c\u9019\u985e\u653b\u64ca\u7121\u9700\u5047\u501f\u4f7f\u7528\u8005\u4e4b\u624b\uff0c\u56e0\u70ba\u5b83\u5011\u5229\u7528\u7684\u662f\u71b1\u9580\u8edf\u9ad4\u672a\u4fee\u88dc\u7684\u6f0f\u6d1e\u3002\u5149\u662f\u4eca\u5e74\u4e0a\u534a\u5e74\uff0c\u8da8\u52e2\u79d1\u6280 (\u52a0\u4e0a TippingPoint) \u548c ZDI \u6f0f\u6d1e\u61f8\u8cde\u8a08\u5283\u5c31\u767c\u73fe\u4e86 473 \u500b\u6f0f\u6d1e\u3002<!--more--><\/p>\n<p>\u4e0d\u8ad6\u4efb\u4f55\u6642\u523b\uff0c\u7db2\u8def\u7e3d\u662f\u6703\u5b58\u5728\u8457\u6f0f\u6d1e\uff0c\u5c24\u5176\u82e5\u7db2\u8def\u4e0a\u9084\u6709\u4e00\u4e9b\u8001\u820a\u7684\u7cfb\u7d71\u6216\u8edf\u9ad4,\u518d\u52a0\u4e0a\u96f6\u6642\u5dee\u6f0f\u6d1e\uff0c\u90a3\u9ebc\u7cfb\u7d71\u7ba1\u7406\u54e1\u6839\u672c\u5c31\u6c38\u9060\u548c\u6642\u9593\u8cfd\u8dd1\u3002IT \u7cfb\u7d71\u7ba1\u7406\u54e1\u751a\u81f3\u5fc5\u9808\u60f3\u8fa6\u6cd5\u5728\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u5df2\u6536\u9304\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\u4fee\u88dc\u4e4b\u524d\u9632\u7bc4\u7db2\u8def\u906d\u53d7\u653b\u64ca\u3002\u4ed6\u5011\u5fc5\u9808\u9762\u5c0d\u5404\u7a2e\u6311\u6230\uff0c\u4f8b\u5982\uff0c\u4ed6\u5011\u4e0d\u50c5\u8981\u7dad\u8b77\u95dc\u9375\u7cfb\u7d71\u7684\u71df\u904b\u4e0d\u9593\u65b7\uff0c\u9084\u8981\u4fdd\u8b77\u7db2\u8def\u908a\u5883\u3002\u5c31\u7b97\u62ff\u5230\u4e86\u6f0f\u6d1e\u4fee\u88dc\u7a0b\u5f0f\uff0c\u4e5f\u8981\u5148\u5b8c\u6210\u6e2c\u8a66\u624d\u80fd\u958b\u59cb\u90e8\u7f72\u3002\u4f01\u696d\u5e73\u5747\u7d04\u9700\u8981 <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/virtual-patching-patch-those-vulnerabilities-before-they-can-be-exploited\">30 \u5929<\/a>\u7684\u6642\u9593\u4f86\u5b8c\u6210\u4fee\u88dc\u7a0b\u5f0f\u6e2c\u8a66\u3002\u9019\u6a23\u7684\u60c5\u6cc1\u518d\u52a0\u4e0a\u5176\u4ed6\u56e0\u7d20\uff0c\u5c31\u6703\u5c0e\u81f4\u7a7a\u7a97\u671f\uff0c\u8b93\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6709\u6a5f\u53ef\u4e58\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large\" src=\"https:\/\/documents.trendmicro.com\/images\/TEx\/graphs\/exploit-exposure-2016.jpg\" alt=\"\" width=\"1724\" height=\"1582\" \/><\/p>\n<p><em>2016 \u4e0a\u534a\u5e74\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6536\u9304\u6f0f\u6d1e\u7684\u7a7a\u7a97\u671f\u3002<\/em><\/p>\n<p>&nbsp;<\/p>\n<p>\u5118\u7ba1\u6f0f\u6d1e\u4fee\u88dc\u662f\u964d\u4f4e\u6f0f\u6d1e\u653b\u64ca\u98a8\u96aa\u7684\u95dc\u9375\uff0c\u4f46\u9762\u5c0d\u9019\u6a23\u7684\u6311\u6230\uff0c\u85c9\u7531\u5165\u4fb5\u9632\u8b77 (IPS) \u4f86<a href=\"https:\/\/www.trendmicro.tw\/tw\/enterprise\/product-security\/vulnerability-protection\/\">\u8da8\u52e2\u79d1\u6280 Vulnerability Protection \u6f0f\u6d1e\u9632\u8b77<\/a>\u4fdd\u8b77\u7aef\u9ede\u548c\u7db2\u8def\u4ea6\u662f\u4e0d\u53ef\u6216\u7f3a\u7684\u4e00\u74b0\u3002\u9019\u4e9b\u6280\u8853\u80fd\u4fdd\u8b77\u7cfb\u7d71\uff0c\u9632\u7bc4\u96f6\u6642\u5dee\u653b\u64ca\u4e26\u9632\u5835\u5176\u4ed6\u6f0f\u6d1e\uff0c\u751a\u81f3\u662f\u90a3\u4e9b\u6c38\u9060\u4e0d\u53ef\u80fd\u6709\u4fee\u88dc\u7a0b\u5f0f\u7684\u6f0f\u6d1e\u3002<\/p>\n<p>\u8acb\u53c3\u95b1\u96a8\u9644\u7684<em>\u6f0f\u6d1e\u653b\u64ca\u670d\u52d9 (EaaS) <\/em>\u6307\u5357\u4f86\u4e86\u89e3\u76f8\u95dc\u7684\u653b\u64ca\u5982\u4f55\u5f71\u97ff\u4f01\u696d\u751f\u8a08\uff0c\u4ee5\u53ca\u4f01\u696d\u5982\u4f55\u4fdd\u8b77\u81ea\u5df1\u7684\u7db2\u8def\u908a\u5883\u548c\u8cc7\u6599\u3002<\/p>\n<p>\u539f\u6587\u51fa\u8655: <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/exploits-as-a-service-how-exploit-kit-ransomware-affects-bottom-line\">Exploits as a Service: How the Exploit Kit + Ransomware Tandem Affects a Company<strong>\u2019<\/strong>s Bottom Line<\/a><\/p>\n<p>&nbsp;<\/p>\n<h1><a href=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2016\/10\/executive-brief-exploits-as-a-service.pdf\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large\" src=\"https:\/\/documents.trendmicro.com\/images\/TEx\/guides\/executive-brief-exploits-as-a-service-ai.jpg\" alt=\"\" width=\"210\" height=\"270\" \/><\/a><\/h1>\n<p>\u6aa2\u8996\u8cc7\u5b89\u6307\u5357\uff1a<a href=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2016\/10\/executive-brief-exploits-as-a-service.pdf\">\u6f0f\u6d1e\u653b\u64ca\u670d\u52d9 (Exploits as a Service)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u81f3\u5c11\u6709 18% \u7684\u5df2\u77e5\u52d2\u7d22\u75c5\u6bd2 Ransomware (\u52d2\u7d22\u8edf\u9ad4\/\u7d81\u67b6\u75c5\u6bd2)\u5bb6\u65cf\u73fe\u5728\u90fd\u7d93\u7531\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6563\u5e03 \u5149 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7383,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[12,1268,2266,156],"tags":[2919,2292],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/32121"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=32121"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/32121\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/media\/7383"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=32121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=32121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=32121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}