{"id":3785,"date":"2013-01-07T09:33:26","date_gmt":"2013-01-07T01:33:26","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=3785"},"modified":"2013-01-07T09:34:18","modified_gmt":"2013-01-07T01:34:18","slug":"2012%e5%b9%b4%e7%9a%84%e7%9b%ae%e6%a8%99%e6%94%bb%e6%93%8a%e8%b6%a8%e5%8b%a2","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=3785","title":{"rendered":"2012\u5e74\u76ee\u6a19\u653b\u64ca\/ APT \u653b\u64ca\u56de\u9867"},"content":{"rendered":"<p>\u4f5c\u8005\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/nartv\/\">Nart Villeneuve\uff08\u8da8\u52e2\u79d1\u6280\u8cc7\u6df1\u5a01\u8105\u7814\u7a76\u54e1\uff09<\/a><\/p>\n<p>\u7d93\u904e\u4e86\u6574\u500b2012\u5e74\uff0c\u6211\u5011\u7814\u7a76\u4e86\u5404\u5f0f\u5404\u6a23\u7684<a href=\"https:\/\/domynews.blog.ithome.com.tw\/category\/1252\/6995\">\u76ee\u6a19\u653b\u64ca<\/a>\uff0c\u5305\u62ec\u597d\u5e7e\u500b<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u653b\u64ca\u6d3b\u52d5\uff08\u50cf<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp_luckycat_redux.pdf\">LuckyCat<\/a>\u548c<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp_ixeshe.pdf\">Ixeshe<\/a>\uff09\uff0c\u4e5f\u66f4\u65b0\u4e86\u4e00\u4e9b\u5df2\u7d93\u904b\u884c\u4e00\u6bb5\u6642\u9593\u7684\u653b\u64ca\u6d3b\u52d5\uff08\u50cf<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/modified-enfal-variants-compromised-874-systems\/\">Lurid\/Enfal\u548c<\/a><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/taidoor-update-taidoor-gang-tags-its-victims\/\">Taidoor<\/a>\uff09\u3002\u8cc7\u5b89\u793e\u7fa4\u5728\u4eca\u5e74\u6709\u8a31\u591a\u95dc\u65bc\u76ee\u6a19\u653b\u64ca\u7684\u7cbe\u91c7\u7814\u7a76\u767c\u8868\uff0c\u6211\u5c07\u9019\u4e9b\u6709\u610f\u601d\u7684\u7814\u7a76\u96c6\u7d50\u8d77\u4f86\uff0c\u5206\u6210\u516d\u500b\u6211\u8a8d\u70ba\u53ef\u4ee5\u4ee3\u88682012\u5e74<a href=\"https:\/\/domynews.blog.ithome.com.tw\/category\/1252\/6995\">\u76ee\u6a19\u653b\u64ca<\/a>\u8da8\u52e2\u7684\u4e3b\u984c\uff1a<\/p>\n<p style=\"text-align: center\">\u00a0<a href=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter  wp-image-2917\" title=\"attack hacker \u9375\u76e4\u653b\u64ca\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack-1024x695.jpg\" alt=\"\" width=\"512\" height=\"347\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack-1024x695.jpg 1024w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack-300x204.jpg 300w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack-768x521.jpg 768w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack-600x407.jpg 600w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack-800x543.jpg 800w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2012\/09\/attack.jpg 1243w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/a><\/p>\n<ul>\n<li><strong>\u76ee\u6a19\u548c\u5de5\u5177<\/strong>\u00a0\u2013<br \/>\n\u96d6\u7136\u57282011\u5e74\uff0c\u76ee\u6a19\u653b\u64ca\u5e7e\u4e4e\u5c31\u7b49\u540c\u65bc<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u3002\u57282012\u5e74\u51fa\u73fe\u4e86\u5404\u5f0f\u5404\u6a23\u7684\u653b\u64ca\uff0c\u7279\u5225\u662f\u5728\u4e2d\u6771\u5730\u5340\uff0c\u5305\u62ec\u6c99\u70cf\u5730\u963f\u62c9\u4f2f\u7684<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193786\/Shamoon_the_Wiper_Copycats_at_Work\">Shamoon<\/a>\uff0c<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193677\/The_Madi_Campaign_Part_I\">Mahdi\u653b\u64ca\u6d3b\u52d5<\/a>\uff0c<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193767\/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan\">GAUSS<\/a>\u548c<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193522\/\">Wiper\/Flame<\/a>\uff0c\u9019\u4e9b\u90fd\u88ab\u5361\u5df4\u65af\u57fa\u6240\u8a18\u9304\u8d77\u4f86\u3002\u9084\u6709\u4e00\u4e9b\u653b\u64ca\u548c\u4e2d\u6771\u5730\u5340\u885d\u7a81\u6709\u95dc\uff0c\u6700\u986f\u8457\u7684\u662f<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/darkcomet-surfaced-in-the-targeted-attacks-in-syrian-conflict\/\">\u6558\u5229\u4e9e<\/a>\u3001<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/new-xtreme-rat-attacks-on-usisrael-and-other-foreign-governments\/\">\u4ee5\u8272\u5217\u548c\u5df4\u52d2\u65af\u5766<\/a>\uff08\u53c3\u8003Norman\u7684<a href=\"https:\/\/download01.norman.no\/whitepapers\/Cyberattack_against_Israeli_and_Palestinian_targets.pdf\">\u7814\u7a76\u5206\u6790<\/a>\uff09\u3002APT\u6d3b\u52d5\u57282012\u5e74\u4ecd\u7136\u662f\u500b\u91cd\u5927\u7684\u554f\u984c\uff0cDell SecureWorks\u767c\u8868\u4e86\u4e00\u4efd<a href=\"https:\/\/www.secureworks.com\/cyber-threat-intelligence\/threats\/chasing_apt\/\">\u96c6\u7d50<\/a>\u5404\u7a2eAPT\u6d3b\u52d5\u7684\u5831\u544a\uff0c\u9084\u6709\u95dc\u65bc<a href=\"https:\/\/www.secureworks.com\/cyber-threat-intelligence\/threats\/the-mirage-campaign\/\">Mirage<\/a>\u548c<a href=\"https:\/\/www.secureworks.com\/cyber-threat-intelligence\/threats\/sindigoo\/\">SinDigoo<\/a>\u7684\u5831\u544a\u4f86\u95e1\u8ff0\u554f\u984c\u7684\u5f71\u97ff\u7bc4\u570d\u3002\u5f6d\u535a\u793e\u767c\u8868\u4e86\u4e00\u7cfb\u5217\u95dc\u65bc\u300c<a href=\"https:\/\/www.bloomberg.com\/news\/2012-07-26\/china-hackers-hit-eu-point-man-and-d-c-with-byzantine-candor.html\">Comment Crew<\/a>\u300d\u7684\u6587\u7ae0\uff0c\u8a73\u7d30\u4ecb\u7d39\u4e86APT\u653b\u64ca\u6d3b\u52d5\u7684\u5ee3\u5ea6\u548c\u5f71\u97ff\u3002\u9084\u6709\u91dd\u5c0d<a href=\"https:\/\/blog.fireeye.com\/research\/2012\/12\/to-russia-with-apt.html\">\u4fc4\u7f85\u65af<\/a>\u3001<a href=\"https:\/\/blog.xecure-lab.com\/2012\/07\/prepare-for-advanced-persistent-threat.html\">\u53f0\u7063<\/a>\u3001<a href=\"https:\/\/www.commandfive.com\/papers\/C5_APT_C2InTheFifthDomain.pdf\">\u97d3\u570b<\/a>\u3001<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/modified-enfal-variants-compromised-874-systems\/\">\u8d8a\u5357<\/a>\u3001<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp_luckycat_redux.pdf\">\u5370\u5ea6\u548c\u65e5\u672c<\/a>\u7684\u6d3b\u52d5\u4e5f\u76f8\u7576\u6d3b\u8e8d\u3002\u9664\u4e86\u76ee\u6a19\u5730\u7406\u4f4d\u7f6e\u7684\u64f4\u5f35\u4e4b\u5916\uff0c\u6211\u5011\u4e5f\u770b\u5230\u4e86\u6240\u91dd\u5c0d\u6280\u8853\u7684\u64f4\u5c55\uff0c\u5305\u62ec<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp_adding-android-and-mac-osx-malware-to-the-apt-toolbox.pdf\">Android\u884c\u52d5\u8a2d\u5099\u548cMac\u5e73\u53f0<\/a>\u3002\u4f86\u81eaCitizen Lab\u7684Seth Hardy\u5728SecTor\u4e0a\u4f5c\u4e86\u4e00\u5834\u5f88\u68d2\u7684<a href=\"https:\/\/2012.video.sector.ca\/video\/50956195\">\u6f14\u8b1b<\/a>\uff0c\u4ecb\u7d39\u4e86\u4eca\u5e74\u6240\u65b0\u8208\u7684\u5404\u7a2eMac\u76f8\u95dc\u9060\u7aef\u5b58\u53d6\u6728\u99ac\uff08RAT\uff09\uff08<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193470\/New_Version_of_OSX_SabPub_Confirmed_Mac_APT_attacks\">SabPub<\/a>\u3001<a href=\"https:\/\/labs.alienvault.com\/labs\/index.php\/2012\/ms-office-exploit-that-targets-macos-x-seen-in-the-wild-delivers-mac-control-rat\/\">MacControl<\/a>\u3001<a href=\"https:\/\/nakedsecurity.sophos.com\/2012\/11\/13\/new-mac-trojan\/\">IMULER<\/a>\/<a href=\"https:\/\/nakedsecurity.sophos.com\/2011\/09\/23\/mac-os-x-trojan-hides-behind-malicious-pdf-disguise\/\">Revir<\/a>\u548c<a href=\"https:\/\/www.f-secure.com\/weblog\/archives\/00002466.html\">Dokster<\/a>\uff09\u3002\u96d6\u7136\u6211\u5011\u5728\u904e\u53bb\u770b\u904e\u667a\u6167\u5361\u7684\u76f8\u95dc<a href=\"https:\/\/www.rsa.com\/node.aspx?id=3891\">\u653b\u64ca<\/a>\uff0c\u4e0d\u904e\u611f\u8b1d\u4f86\u81eaSykipot\u548cAlienVault\u7684\u7cbe\u91c7\u5206\u6790\uff0c\u63d0\u4f9b\u84c4\u610f\u7528<a href=\"https:\/\/labs.alienvault.com\/labs\/index.php\/2012\/when-the-apt-owns-your-smart-cards-and-certs\/\">\u667a\u6167\u5361<\/a>\u505a\u76ee\u6a19\u653b\u64ca\u7684\u6280\u8853\u7d30\u7bc0\u3002<\/li>\n<li><strong>\u96b1\u533f\u6027\u548c\u6301\u4e45\u6027<\/strong>\u00a0\u2013<br \/>\n\u9019\u4e9b\u662f\u4e3b\u8981\u7684\u8da8\u52e2\u4e4b\u4e00\uff0c\u6839\u64daMandiant\u57282012\u5e74\u7684\u6587\u4ef6\uff0cAPT\u6d3b\u52d5\u4e4b\u6240\u4ee5<a href=\"https:\/\/www.mandiant.com\/resources\/m-trends\/\">\u4e0d\u53ea\u662f\u60e1\u610f\u8edf\u9ad4<\/a>\uff0c\u6b63\u56e0\u70ba\u78ba\u4fdd\u6301\u4e45\u5b58\u53d6\u6703\u4f7f\u7528\u6b63\u5e38\u61c9\u7528\u7a0b\u5f0f\uff08\u4f8b\u5982VPN\uff09\u3002\u6b64\u5916\uff0c\u96d6\u7136\u8a31\u591a\u9032\u884c\u4e2d\u7684APT\u653b\u64ca\u6d3b\u52d5\u6240\u7528\u7684\u60e1\u610f\u8edf\u9ad4\u53ef\u4ee5<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp-detecting-apt-activity-with-network-traffic-analysis.pdf\">\u7d93\u7531\u7db2\u8def\u6d41\u91cf\u5206\u6790\u800c\u5075\u6e2c<\/a>\uff0c\u5fae\u8edf\u767c\u73fe\u4e00\u500b\u820a<a href=\"https:\/\/blogs.technet.com\/b\/mmpc\/archive\/2012\/12\/09\/the-quot-hidden-quot-backdoor-virtool-winnt-exforel-a.aspx\">\u60e1\u610f\u8edf\u9ad4\u7d44\u4ef6<\/a>\u6703\u5728NDIS\uff08\u7db2\u8def\u9a45\u52d5\u7a0b\u5f0f\u4ecb\u9762\u898f\u7bc4\uff09\u5c64\u5efa\u7acb\u4e00\u500b\u96b1\u853d\u7684\u5f8c\u9580\uff0c\u8b93\u5075\u6e2c\u8b8a\u5f97\u66f4\u52a0\u56f0\u96e3\u3002\u9664\u4e86\u96b1\u8eab\u5728\u7db2\u8def\u5c64\uff0c\u6211\u5011\u4e5f\u770b\u5230\u5728\u67d0\u4e9b\u6848\u4f8b\u4e2d\uff0c\u51fa\u73fe\u6709\u6578\u4f4d\u7c3d\u7ae0\u7684\u60e1\u610f\u8edf\u9ad4\u8b93\u6a94\u6848\u7cfb\u7d71\u5c64\u7d1a\u7684\u5075\u6e2c\u8b8a\u5f97\u66f4\u52a0\u56f0\u96e3\u3002\u6709\u6578\u4f4d\u7c3d\u7ae0\u7684\u60e1\u610f\u8edf\u9ad4\u7576\u7136\u4e0d\u662f\u65b0\u4f0e\u5006\uff0c\u9084\u6709\u500b\u5927\u91cf\u88ab\u7528\u5728<a href=\"https:\/\/citizenlab.org\/2012\/09\/human-rights-groups-targeted-by-plugx-rat\/\">\u76ee\u6a19\u653b\u64ca<\/a>\u4e0a\u7684\u9060\u7aef\u5b58\u53d6\u6728\u99ac\uff08\u88ab\u7a31\u70ba<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/unplugging-plugx-capabilities\/\">PlugX<\/a>\uff09\uff0c\u4f7f\u7528\u4e00\u7a2eDLL\u641c\u5c0b\u8def\u5f91\u52ab\u6301\uff08\u9019\u6280\u8853\u672c\u8eab\u4e5f<a href=\"https:\/\/www.mandiant.com\/blog\/archives\/1207\">\u4e0d\u662f\u65b0\u7684<\/a>\uff09\u3002<br \/>\n\u53e6\u4e00\u500b\u51fa\u73fe\u5728Mandiant\u5831\u544a\u4e2d\u7684<a href=\"https:\/\/www.mandiant.com\/blog\/archives\/3189\">HiKit<\/a>\u5de5\u5177\u4e5f\u6703\u5229\u7528DLL\u641c\u5c0b\u8def\u5f91\u96b1\u85cf\u5728\u6a94\u6848\u7cfb\u7d71\u5c64\u7d1a\uff0c\u540c\u6642\u6703\u5728\u7db2\u8def\u5c64\u7aca\u807d\u9032\u5165\u6d41\u91cf\uff08\u50cf\u662f\u65e9\u671f\u7684\u9060\u7aef\u5b58\u53d6\u6728\u99ac\uff09\uff0c\u800c\u975e\u53ea\u662f\u5c0d\u5916\u9023\u63a5\u5230\u547d\u4ee4\u548c\u63a7\u5236\u4f3a\u670d\u5668\u3002Flame\u60e1\u610f\u8edf\u9ad4\u5247\u6703\u5229\u7528<a href=\"https:\/\/blogs.technet.com\/b\/srd\/archive\/2012\/06\/06\/more-information-about-the-digital-certificates-used-to-sign-the-flame-malware.aspx?Redirected=true\">MD5\u78b0\u649e\u653b\u64ca<\/a>\uff0c<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193558\/Gadget_in_the_middle_Flame_malware_spreading_vector_identified\">\u52ab\u6301<\/a>Windows Update\u529f\u80fd\u4f86\u6563\u64ad\u3002\u5c07\u96b1\u533f\u6027\u53ca\u6301\u4e45\u6027\u5e36\u5230\u53e6\u4e00\u500b\u5883\u754c\u3002<\/li>\n<li><strong><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=101\">\u793e\u4ea4\u5de5\u7a0b\u9677\u9631<\/a><\/strong><strong>( Social Engineering)<\/strong><strong>\u00a0<\/strong>\u2013<br \/>\n\u6beb\u7121\u610f\u5916\u5730\uff0c<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp-spear-phishing-email-most-favored-apt-attack-bait.pdf\">\u9b5a\u53c9\u5f0f\u7db2\u8def\u91e3\u9b5a\u90f5\u4ef6<\/a>\u4ecd\u7136\u662f\u76ee\u6a19\u653b\u64ca\u4e3b\u8981\u7528\u4f86\u50b3\u905e\u60e1\u610f\u8edf\u9ad4\u7684\u6a5f\u5236\u3002\u4f46\u5176\u4ed6\u6280\u8853\uff0c\u50cf\u662f\u300c<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/watering-holes-and-zero-day-attacks\/\">Watering Hole<\/a>\u300d\u653b\u64ca\u4e5f\u8b93\u4eba\u6975\u70ba\u6ce8\u76ee\u3002Shadowserver\u767c\u8868\u4e86\u88ab\u4ed6\u5011\u7a31\u4e4b\u70ba\u300c<a href=\"https:\/\/blog.shadowserver.org\/2012\/05\/15\/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results\/\">\u7b56\u7565\u6027\u7db2\u7ad9\u5165\u4fb5\uff08Strategic Web Compromises\uff09<\/a>\u300d\u7684\u7814\u7a76\u5206\u6790\uff0c\u5229\u7528\u4e86Java\u548cFlash\u7684\u6f0f\u6d1e\u653b\u64ca\u78bc\uff0c\u800cRSA\u5831\u544a\u4e2d\u6240\u63d0\u5230\u7684<a href=\"https:\/\/blogs.rsa.com\/lions-at-the-watering-hole-the-voho-affair\/\">VOHO<\/a>\u653b\u64ca\u6d3b\u52d5\uff0c\u4e5f\u4f7f\u7528\u4e86\u76f8\u540c\u7684\u6280\u8853\u3002\u4f46\u57282012\u5e74\uff0c\u53e6\u4e00\u500b\u6709\u8da3\u7684\u793e\u4ea4\u5de5\u7a0b\u4f0e\u5006\u5c31\u662f\u5229\u7528\u5b89\u5168\u5ee0\u5546\u5c0d\u60e1\u610f\u8edf\u9ad4\u7684\u5206\u6790\u505a\u70ba\u8a98\u990c\uff0c\u4f86\u50b3\u64ad\u60e1\u610f\u8edf\u9ad4\u3002\u4e0d\u904e\uff0c\u9b5a\u53c9\u5f0f\u7db2\u8def\u91e3\u9b5a\u90f5\u4ef6\u548c\u6dea\u9677\u7db2\u7ad9\u4e26\u4e0d\u662f\u552f\u4e00\u7684\u653b\u64ca\u9014\u5f91\u3002\u5373\u6642\u901a\uff08<a href=\"https:\/\/www.nytimes.com\/2010\/04\/20\/technology\/20google.html\">\u88ab\u8a8d\u70ba\u7528\u5728<\/a>\u91dd\u5c0dGoogle\u7684Aurora\u653b\u64ca\uff09\u4e5f\u63d0\u4f9b\u4e86\u53e6\u4e00\u689d\u653b\u64ca\u8def\u7dda\u3002<a href=\"https:\/\/articles.cnn.com\/2012-02-17\/tech\/tech_web_computer-virus-syria_1_opposition-activists-computer-viruses-syrian-town\/2?_s=PM:TECH\">Skype\u4e5f\u88ab\u5831\u5c0e\u63d0\u5230\u7528\u5728<\/a>\u6558\u5229\u4e9e\u885d\u7a81\u7684<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/darkcomet-surfaced-in-the-targeted-attacks-in-syrian-conflict\/\">DarkComet RAT<\/a>\u653b\u64ca\u5167\u3002<\/li>\n<li><strong>\u653b\u64ca\u662f\u6700\u597d\u7684\u9632\u79a6<\/strong>\u00a0\u2013<br \/>\n\u57282012\u5e74\uff0c\u6709\u500b\u65b0\u8208\u8cc7\u5b89\u516c\u53f8 \u2013 Crowdstrike\u63d0\u51fa\u4e86\u300c\u653b\u64ca\u662f\u6700\u597d\u7684\u9632\u79a6\u300d\u6982\u5ff5\uff0c\u96d6\u7136\u9019\u6982\u5ff5\u5e38\u88ab\u72f9\u9698\u5730\u7406\u89e3\u70ba\u300c\u99ed\u56de\u53bb\u300d\uff0c\u4f46\u6211\u537b\u60f3\u5f9eDavid Dittrich\u6240\u8b02\u7684\u300c\u00a0<a href=\"https:\/\/www.honeynet.org\/node\/1004\">\u4e3b\u52d5\u56de\u61c9\u9023\u7e8c\uff08Active Response Continuum\uff09<\/a>\u300d\u80cc\u666f\u4e0b\u4f86\u7406\u89e3\u9019\u4ef6\u4e8b\u3002\u6709\u5404\u7a2e\u6230\u8853\u53ef\u4ee5\u61c9\u7528\uff0c\u6ef2\u900f\uff0c\u5f37\u8feb\u4e0b\u7dda\uff08\u4e0d\u7ba1\u662f\u901a\u904e<a href=\"https:\/\/blog.crowdstrike.com\/2012\/03\/p2p-botnet-kelihosb-with-100000-nodes.html\">\u6280\u8853\u624b\u6bb5<\/a>\u3001<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/trend-micro-sinkholes-and-eliminates-a-zeus-botnet-cc\/\">\u56de\u5831\u6feb\u7528\u884c\u70ba<\/a>\u3001<a href=\"https:\/\/www.washingtonpost.com\/wp-dyn\/content\/article\/2008\/11\/12\/AR2008111200658.html\">\u7b56\u53cd<\/a>\u3001<a href=\"https:\/\/nakedsecurity.sophos.com\/koobface\/\">\u9ede\u540d\u548c\u7f9e\u8fb1<\/a>\u3001<a href=\"https:\/\/www.microsoft.com\/en-us\/news\/press\/2012\/mar12\/03-25CybercrimePR.aspx\">\u6cd5\u5f8b\u6a5f\u5236<\/a>\u6216<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp_the_rove_digital_takedown.pdf\">\u548c\u57f7\u6cd5\u55ae\u4f4d\u5408\u4f5c<\/a>\uff09\u6216\u662f<a href=\"https:\/\/www.jimyuill.com\/research-papers\/DoD-Cyber-Crime-deception-process.pdf\">\u6b3a\u6575\u884c\u52d5<\/a>\uff0c\u597d\u4f86\u9032\u884c\u53cd\u64ca\uff0c\u800c\u4e0d\u662f\u53ea\u80fd\u300c\u99ed\u56de\u53bb\u300d\u3002\u9019\u4e9b\u90fd\u662f\u7d93\u5e38\u7528\u4f86\u5c0d\u4ed8\u72af\u7f6a\u4efd\u5b50\u7684\u884c\u52d5\uff0c\u4f46\u4e5f\u53ef\u4ee5\u61c9\u7528\u5728\u9019\u88e1\u3002\u5728\u4e00\u5b9a\u7a0b\u5ea6\u4e0a\uff0c\u91dd\u5c0d\u57fa\u790e\u8a2d\u65bd\u7684\u653b\u64ca\uff0c\u901a\u5e38\u90fd\u662f\u570b\u5bb6\u9ed8\u8a31\u6216\u570b\u5bb6\u8cc7\u52a9\u7684\u3002\u6240\u4ee5\u9019\u4e9b\u63aa\u65bd\u4ee5\u5916\u7684\u53cd\u64ca\u4f5c\u6cd5\u4e5f\u5f88\u5438\u5f15\u4eba\uff0c\u56e0\u70ba\u6709\u570b\u5bb6\u8cc7\u52a9\u7684\u6848\u4f8b\u901a\u5e38\u662f\u4e0d\u9069\u7528\u65bc\u6cd5\u5f8b\u9014\u5f91\u7684\uff0c\u6240\u4ee5\u6211\u5011\u4e5f\u958b\u59cb\u770b\u5230\u9019\u6a23\u7684\u884c\u52d5\u51fa\u73fe\u3002\u57282012\u5e74\u7684\u4e00\u500b\u6848\u4f8b\u4e2d\uff0cCERT-GOV-GE\u4e0d\u50c5\u53d6\u5f97\u5b58\u53d6\u300c<a href=\"https:\/\/dea.gov.ge\/uploads\/CERT%20DOCS\/Cyber%20Espionage.pdf\">Georbot<\/a>\u300d\u6bad\u5c4d\u7db2\u8def\u547d\u4ee4\u548c\u63a7\u5236\u4f3a\u670d\u5668\u7684\u80fd\u529b\uff0c\u9084\u8a98\u4f7f\u6bad\u5c4d\u7db2\u8def\u904b\u71df\u8005\u53bb\u5077\u53d6\u4e00\u500b\u60e1\u610f\u6a94\u6848\u3002\u57f7\u884c\u4e4b\u5f8c\uff0c\u5c31\u8b93CERT-GOV-GE\u53ef\u4ee5\u9060\u7aef\u9304\u4e0b\u904b\u71df\u8005\u7684\u5f71\u50cf\u3002<\/li>\n<li><strong>\u300c\u8d85\u9650\u300d\u6b66\u5668\u4ea4\u6613\u00a0<\/strong>\u2013<br \/>\n\u9019\u500b\u5099\u53d7\u722d\u8b70\u7684\u8a71\u984c \u2013\u00a0<a href=\"https:\/\/www.forbes.com\/sites\/andygreenberg\/2012\/03\/23\/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits\/\">\u8ca9\u8ce3\u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u78bc<\/a>\u53ca<a href=\"https:\/\/citizenlab.org\/2012\/07\/from-bahrain-with-love-finfishers-spy-kit-exposed\/\">\u642d\u914d\u7684\u60e1\u610f\u8edf\u9ad4<\/a>\uff0c\u57282012\u5e74\u5df2\u7d93\u662f\u500b\u516c\u958b\u7684\u7955\u5bc6\u3002\u7f8e\u570b\u516c\u6c11\u81ea\u7531\u806f\u76df\u7684Christopher Soghoian\u5728VB2012\u5927\u6703\u4e0a\u7528\u9019\u984c\u76ee\u505a\u4e86<a href=\"https:\/\/www.virusbtn.com\/pdf\/conference_slides\/2012\/Soghoian-VB2012.pdf\">\u4e3b\u984c\u6f14\u8b1b<\/a>\u3002\u9664\u4e86\u6703\u8cb7\u8ce3\u6f0f\u6d1e\u548c\u653b\u64ca\u78bc\u4e4b\u5916\uff0c\u4e5f\u6709\u60e1\u610f\u8edf\u9ad4\u7684\u4ea4\u6613\u662f\u5728\u653f\u5e9c\u6388\u610f\u4e0b\u3002Morgan Marguis-Boire\u767c\u8868\u4e86\u88ab\u7a31\u70ba<a href=\"https:\/\/www.bloomberg.com\/news\/2012-07-25\/cyber-attacks-on-activists-traced-to-finfisher-spyware-of-gamma.html\">FinFisher<\/a>\u7684\u7522\u54c1\uff08\u4e5f\u53ef\u7528\u4f86<a href=\"https:\/\/citizenlab.org\/2012\/08\/the-smartphone-who-loved-me-finfisher-goes-mobile\/\">\u5075\u67e5\u667a\u6167\u578b\u624b\u6a5f<\/a>\uff09\u662f\u5982\u4f55\u88ab\u82f1\u570b\u653f\u5e9c\u6563\u64ad\u7684\u76f8\u95dc\u8cc7\u6599\u3002\u9084\u6709\u88ab\u7fa9\u5927\u5229\u516c\u53f8\u6240\u6563\u64ad\u7684<a href=\"https:\/\/citizenlab.org\/2012\/10\/backdoors-are-forever-hacking-team-and-the-targeting-of-dissent\/\">\u5f8c\u9580\u7a0b\u5f0f<\/a>\uff0c\u64da\u5831\u5c0e\u662f\u88ab\u653f\u5e9c\u7528\u4f86\u76e3\u63a7\u7570\u8b70\u4efd\u5b50\u3002\u53e6\u5916Dell SecureWorks\u7684Joe Stewart<a href=\"https:\/\/www.secureworks.com\/cyber-threat-intelligence\/threats\/chasing_apt\/\">\u767c\u73fe<\/a>\u300c\u4e00\u500b\u7531\u4f4d\u5728\u67d0\u4e9e\u6d32\u570b\u5bb6\uff08\u975e\u4e2d\u570b\uff09\u7684\u79c1\u71df\u96fb\u8166\u5b89\u5168\u516c\u53f8\u6240\u7d93\u71df\u7684\u9f90\u5927\u7db2\u8def\u9593\u8adc\u6d3b\u52d5\u91dd\u5c0d\u570b\u5916\u8ecd\u4e8b\u55ae\u4f4d\u300d\uff0c\u9032\u4e00\u6b65\u8aaa\u660e\u4e86\u554f\u984c\u7684\u56b4\u91cd\u7a0b\u5ea6\u3002<!--more--><\/li>\n<li><strong>\u8cc7\u6599\u92b7\u6bc0<\/strong>\u00a0\u2013<br \/>\n\u96d6\u7136\u76ee\u6a19\u653b\u64ca\u901a\u5e38\u662f\u70ba\u4e86\u9593\u8adc\u6d3b\u52d5\u76ee\u7684\uff0c\u4f46\u6709\u6642\u5b83\u5011\u4e5f\u6703\u6709\u7834\u58de\u6027\u884c\u70ba\uff08\u770b\u770bStuxnet\uff09\u3002\u57282012\u5e74\uff0c\u5361\u5df4\u65af\u57fa\u7684\u5831\u544a\u4e2d\u63d0\u5230\u4e00\u500b\u88ab\u7a31\u70ba<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193808\/What_was_that_Wiper_thing\">Wiper<\/a>\u7684\u4f8b\u5b50\u6703\u53bb\u7834\u58de\u8cc7\u6599\uff0c\u9084\u6709<a href=\"https:\/\/www.securelist.com\/en\/blog\/208193786\/Shamoon_the_Wiper_Copycats_at_Work\">Shamoon<\/a>\uff08\u53c3\u8003Seculert\u7684<a href=\"https:\/\/blog.seculert.com\/2012\/08\/shamoon-two-stage-targeted-attack.html\">\u5206\u6790<\/a>\uff09\u6703\u91dd\u5c0d\u4e2d\u6771\u7684\u77f3\u6cb9\u516c\u53f8\u4e26\u6467\u6bc0\u8cc7\u6599\uff0c\u9019\u60e1\u610f\u8edf\u9ad4\u88ab<a href=\"https:\/\/www.nytimes.com\/2012\/12\/10\/business\/global\/saudi-aramco-says-hackers-took-aim-at-its-production.html\">\u8a8d\u70ba<\/a>\u7528\u4f86\u7834\u58de\u6c99\u70cf\u5730\u963f\u62c9\u4f2f\u548c<a href=\"https:\/\/in.reuters.com\/article\/2012\/08\/30\/qatar-rasgas-idINL6E8JUD1K20120830\">\u5361\u9054<\/a>\u6210\u5343\u4e0a\u842c\u7684\u96fb\u8166\u3002\u800c\u9019\u6a23\u7684\u9593\u8adc\u7834\u58de\u884c\u70ba<a href=\"https:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/spotlight-articles\/sp-trend-micro-predictions-for-2013-and-beyond.pdf\">\u53ef\u80fd\u9084\u6703\u7e7c\u7e8c\u4e0b\u53bb<\/a>\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>2012\u5e74\u662f\u500b\u76ee\u6a19\u653b\u64ca\u8086\u8650\u7684\u4e00\u5e74\uff0c\u6211\u8a8d\u70ba2013\u5e74\u4e5f\u5c07\u6703\u975e\u5e38\u7cbe\u91c7\uff0c\u751a\u81f3\u53ef\u80fd\u66f4\u52a0\u56b4\u91cd\u3002\u5f88\u5feb\u5730\uff0c\u6211\u5c31\u6703\u767c\u8868\u6211\u5c0d2013\u5e74<a href=\"https:\/\/domynews.blog.ithome.com.tw\/category\/1252\/6995\">\u76ee\u6a19\u653b\u64ca<\/a>\u7684\u9810\u6e2c\uff0c\u656c\u8acb\u671f\u5f85\uff01<\/p>\n<p>&nbsp;<\/p>\n<p>\uff20\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/the-trends-in-targeted-attacks-of-2012\/\">The Trends in Targeted Attacks of 2012<\/a><\/p>\n<p>\u60f3\u4e86\u89e3\u66f4\u591a\u95dc\u65bc\u7db2\u8def\u5b89\u5168\u7684\u79d8\u8a23\u548c\u5efa\u8b70\uff0c\u53ea\u8981\u5230<a href=\"https:\/\/www.facebook.com\/trendmicrotaiwan\">\u8da8\u52e2\u79d1\u6280\u7c89\u7d72\u7db2\u9801<\/a>\u00a0\u6216\u4e0b\u9762\u7684\u6309\u9215\u6309\u8b9a<\/p>\n<p><strong>\u25ce\u5ef6\u4f38\u95b1\u8b80<\/strong><\/p>\n<p><a title=\"\u4ec0\u9ebc\u662f APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)\uff1f \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=123&amp;apt\/%e4%bb%80%e9%ba%bc%e6%98%af-apt%e9%80%b2%e9%9a%8e%e6%8c%81%e7%ba%8c%e6%80%a7%e5%a8%81%e8%84%85-advanced-persistent-threat-apt%ef%bc%9f\">\u4ec0\u9ebc\u662f APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)\uff1f<\/a><\/p>\n<p><a title=\"\u300aAPT \u653b\u64ca\u300b\u9000\u4fe1\u548c\u8b80\u53d6\u56de\u689d\u81ea\u52d5\u56de\u8986\u7684\u98a8\u96aa \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3588\" rel=\"bookmark\">\u300aAPT \u653b\u64ca\u300b\u9000\u4fe1\u548c\u8b80\u53d6\u56de\u689d\u81ea\u52d5\u56de\u8986\u7684\u98a8\u96aa<\/a><\/p>\n<p><a title=\"APT \u653b\u64ca\u8005\u504f\u597d\u7684DDOS \u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\u653b\u64ca\u8207\u5bc6\u78bc\u64f7\u53d6\u5de5\u5177\uff0c\u81ea\u6211\u66f4\u65b0\u66f4\u53b2\u201d\u99ed\u201d \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3565\" rel=\"bookmark\">APT \u653b\u64ca\u8005\u504f\u597d\u7684DDOS \u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\u653b\u64ca\u8207\u5bc6\u78bc\u64f7\u53d6\u5de5\u5177\uff0c\u81ea\u6211\u66f4\u65b0\u66f4\u53b2\u201d\u99ed\u201d<\/a><\/p>\n<p><a title=\"\u6728\u99ac\u5c08\u9580\u7aca\u53d6\u5716\u6a94\/\u5f71\u50cf\u6a94\u6848,\u5f97\u624b\u8cc7\u6599\u50b3\u9001\u9060\u7aef FTP,\u53ef\u80fd\u70baAPT \u653b\u64ca\u5e03\u5c40 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3383\" rel=\"bookmark\">\u6728\u99ac\u5c08\u9580\u7aca\u53d6\u5716\u6a94\/\u5f71\u50cf\u6a94\u6848,\u5f97\u624b\u8cc7\u6599\u50b3\u9001\u9060\u7aef FTP,\u53ef\u80fd\u70baAPT \u653b\u64ca\u5e03\u5c40<\/a><\/p>\n<p><a title=\"\u300aAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105~\u4e3b\u8981\u76ee\u6a19\u653b\u64ca\u4fb5\u5165\u9ede:eMail\u300b63%\u7522\u54c1\u898f\u5283\u85cd\u5716 ,76%\u9810\u7b97\u8a08\u756b\u7d93\u7531 email \u50b3\u9001 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3178\" rel=\"bookmark\">\u300aAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105~\u4e3b\u8981\u76ee\u6a19\u653b\u64ca\u4fb5\u5165\u9ede:eMail\u300b63%\u7522\u54c1\u898f\u5283\u85cd\u5716 ,76%\u9810\u7b97\u8a08\u756b\u7d93\u7531 email \u50b3\u9001<\/a><\/p>\n<p><a title=\"\u300aAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\u300bAPT \u653b\u64ca\u5e38\u7528\u7684\u4e09\u7a2e\u96fb\u5b50\u90f5\u4ef6\u63a9\u8b77\u6f5b\u5165\u6280\u5de7(\u542b\u591a\u5247\u4e2d\u82f1\u6587\u4fe1\u4ef6\u6a23\u672c) \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3160\" rel=\"bookmark\">\u300aAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\u300bAPT \u653b\u64ca\u5e38\u7528\u7684\u4e09\u7a2e\u96fb\u5b50\u90f5\u4ef6\u63a9\u8b77\u6f5b\u5165\u6280\u5de7(\u542b\u591a\u5247\u4e2d\u82f1\u6587\u4fe1\u4ef6\u6a23\u672c)<\/a><\/p>\n<p><a title=\"\u6dfa\u8ac7APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)~\u542b\u4e2d\u6587\u793e\u4ea4\u5de5\u7a0b\u90f5\u4ef6\u6848\u4f8b \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=2566\" rel=\"bookmark\">\u6dfa\u8ac7APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)~\u542b\u4e2d\u6587\u793e\u4ea4\u5de5\u7a0b\u90f5\u4ef6\u6848\u4f8b<\/a><\/p>\n<p><a title=\"\u300aAPT \u5a01\u8105\u300b\u795e\u4e0d\u77e5\u9b3c\u4e0d\u89ba\u7684APT\u653b\u64ca \u2014 \u591a\u5247APT \u771f\u5be6\u6848\u4ef6\u5206\u4eab(\u542b\u7db2\u8def\u91e3\u9b5a\u4fe1\u4ef6\u6a23\u672c) \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=2549\" rel=\"bookmark\">\u300aAPT \u5a01\u8105\u300b\u795e\u4e0d\u77e5\u9b3c\u4e0d\u89ba\u7684APT\u653b\u64ca \u2014 \u591a\u5247APT \u771f\u5be6\u6848\u4ef6\u5206\u4eab(\u542b\u7db2\u8def\u91e3\u9b5a\u4fe1\u4ef6\u6a23\u672c)<\/a><\/p>\n<p><a title=\"\u300a\u8da8\u52e2\u5c08\u5bb6\u8ac7\u96f2\u7aef\u904b\u7b97\u300b\u76ee\u6a19\u653b\u64ca\u5728Web 3.0\u7684\u6f14\u8b8a \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=2071\" rel=\"bookmark\">\u300a\u8da8\u52e2\u5c08\u5bb6\u8ac7\u96f2\u7aef\u904b\u7b97\u300b\u76ee\u6a19\u653b\u64ca\u5728Web 3.0\u7684\u6f14\u8b8a<\/a><\/p>\n<p><a title=\"\u300aJava \u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u300bNitro\u653b\u64ca\u6d3b\u52d5\u548cJava\u96f6\u6642\u5dee\u653b\u64ca \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=2469\" rel=\"bookmark\">\u300aJava \u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u300bNitro\u653b\u64ca\u6d3b\u52d5\u548cJava\u96f6\u6642\u5dee\u653b\u64ca<\/a><\/p>\n<p><a title=\"\u300c\u674e\u5b97\u745e\u5f71\u7247\uff0c\u8d95\u5feb\u4e0b\u8f09\u5466\uff01\u300d\u5f9e\u516c\u50d5\u8aa4\u958b\u6e2c\u8a66\u4fe1,\u770b\u597d\u5947\u5fc3\u6240\u4ed8\u51fa\u7684\u8cc7\u5b89\u4ee3\u50f9(\u542bAPT \u76ee\u6a19\u5f0f\u96fb\u5b50\u90f5\u4ef6\u653b\u64ca\u5be6\u969b\u6848\u4f8b) \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=2662\" rel=\"bookmark\">\u300c\u674e\u5b97\u745e\u5f71\u7247\uff0c\u8d95\u5feb\u4e0b\u8f09\u5466\uff01\u300d\u5f9e\u516c\u50d5\u8aa4\u958b\u6e2c\u8a66\u4fe1,\u770b\u597d\u5947\u5fc3\u6240\u4ed8\u51fa\u7684\u8cc7\u5b89\u4ee3\u50f9(\u542bAPT \u76ee\u6a19\u5f0f\u96fb\u5b50\u90f5\u4ef6\u653b\u64ca\u5be6\u969b\u6848\u4f8b)<\/a><\/p>\n<p><a title=\"Permanent Link: \u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105LURID: \u5165\u4fb5\u4e8661\u500b\u570b\u5bb61465\u53f0\u96fb\u8166,\u5305\u542b\u5916\u4ea4\u7b49\u55ae\u4f4d\" href=\"https:\/\/domynews.blog.ithome.com.tw\/post\/1252\/126643\">\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105LURID: \u5165\u4fb5\u4e8661\u500b\u570b\u5bb61465\u53f0\u96fb\u8166,\u5305\u542b\u5916\u4ea4\u7b49\u55ae\u4f4d<\/a><\/p>\n<p><a title=\"\u300a APT \u9032\u968e\u6301\u7e8c\u6027\u6ef2\u900f\u653b\u64ca\u300bBKDR_POISON \u672a\u4f86\u5c07\u51fa\u73fe\u66f4\u591a\u6311\u6230 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=854&amp;apt\/%e3%80%8a-apt-%e9%80%b2%e9%9a%8e%e6%8c%81%e7%ba%8c%e6%80%a7%e6%bb%b2%e9%80%8f%e6%94%bb%e6%93%8a%e3%80%8bbkdr_poison-%e6%9c%aa%e4%be%86%e5%b0%87%e5%87%ba%e7%8f%be%e6%9b%b4%e5%a4%9a%e6%8c%91%e6%88%b0\">\u300a APT \u9032\u968e\u6301\u7e8c\u6027\u6ef2\u900f\u653b\u64ca\u300bBKDR_POISON \u672a\u4f86\u5c07\u51fa\u73fe\u66f4\u591a\u6311\u6230<\/a><\/p>\n<p><a title=\"APT \u9032\u968e\u6301\u7e8c\u6027\u6ef2\u900f\u653b\u64ca\u7814\u7a76\u5831\u544a10\u500b\u61f6\u4eba\u5305 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=824&amp;apt\/apt-%e9%80%b2%e9%9a%8e%e6%8c%81%e7%ba%8c%e6%80%a7%e6%bb%b2%e9%80%8f%e6%94%bb%e6%93%8a%e7%a0%94%e7%a9%b6%e5%a0%b1%e5%91%8a%e6%87%b6%e4%ba%ba%e5%8c%85\">APT \u9032\u968e\u6301\u7e8c\u6027\u6ef2\u900f\u653b\u64ca\u7814\u7a76\u5831\u544a10\u500b\u61f6\u4eba\u5305<\/a><\/p>\n<p><a title=\"\u5f9e\u5be6\u9ad4\u5230\u96f2\u7aef\uff0c\u91cd\u91cd\u98a8\u96aa\u600e\u628a\u95dc ? \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=2236\" rel=\"bookmark\">\u5f9e\u5be6\u9ad4\u5230\u96f2\u7aef\uff0c\u91cd\u91cd\u98a8\u96aa\u600e\u628a\u95dc ?<\/a><\/p>\n<p><a title=\"\u60e1\u610fPowerPoint\u6587\u4ef6\u593e\u5e36\u6f0f\u6d1e\u653b\u64ca\u53ca\u5f8c\u9580\u7a0b\u5f0f \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1728\" rel=\"bookmark\">\u60e1\u610fPowerPoint\u6587\u4ef6\u593e\u5e36\u6f0f\u6d1e\u653b\u64ca\u53ca\u5f8c\u9580\u7a0b\u5f0f<\/a><\/p>\n<p><a title=\"[\u5716\u8868] APT\u653b\u64ca\u7684 5 \u500b\u8ff7\u601d\u8207\u6311\u6230 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1764\" rel=\"bookmark\">[\u5716\u8868] APT\u653b\u64ca\u7684 5 \u500b\u8ff7\u601d\u8207\u6311\u6230<\/a><\/p>\n<p><a title=\"&lt;  APT \u76ee\u6a19\u653b\u64ca &gt;\u77e5\u540d\u97d3\u570b\u4f01\u696d\u6536\u5230\u91cf\u8eab\u8a02\u88fd\u7684\u793e\u4ea4\u5de5\u7a0b\u4fe1\u4ef6,\u54e1\u5de5\u958b\u555f\u5f8c\u906d\u9060\u7aef\u63a7\u5236\u7aca\u53d6\u500b\u8cc7 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1689\" rel=\"bookmark\">&lt; APT \u76ee\u6a19\u653b\u64ca &gt;\u77e5\u540d\u97d3\u570b\u4f01\u696d\u6536\u5230\u91cf\u8eab\u8a02\u88fd\u7684\u793e\u4ea4\u5de5\u7a0b\u4fe1\u4ef6,\u54e1\u5de5\u958b\u555f\u5f8c\u906d\u9060\u7aef\u63a7\u5236\u7aca\u53d6\u500b\u8cc7<\/a><\/p>\n<p><a title=\"\uff1cAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\uff1e\u7d93\u7531Email \u767c\u9001\u7684\uff02\u54e1\u5de5\u6eff\u610f\u5ea6\u8abf\u67e5\uff02PDF\u6a94\u6848\u542bSYKIPOT\uff0c\u5c55\u958b\u76ee\u6a19\u653b\u64ca\u884c\u52d5 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=551&amp;apt\/%ef%bc%9capt%e9%80%b2%e9%9a%8e%e6%8c%81%e7%ba%8c%e6%80%a7%e5%a8%81%e8%84%85%ef%bc%9e%e7%b6%93%e7%94%b1email-%e7%99%bc%e9%80%81%e7%9a%84%ef%bc%82%e5%93%a1%e5%b7%a5%e6%bb%bf%e6%84%8f%e5%ba%a6%e8%aa%bf\">\uff1cAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\uff1e\u7d93\u7531Email \u767c\u9001\u7684\uff02\u54e1\u5de5\u6eff\u610f\u5ea6\u8abf\u67e5\uff02PDF\u6a94\u6848\u542bSYKIPOT\uff0c\u5c55\u958b\u76ee\u6a19\u653b\u64ca\u884c\u52d5<\/a><\/p>\n<p><a title=\"\u300aAPT\u653b\u64ca \u300b\u53e6\u4e00\u8d77\u96fb\u5b50\u90f5\u4ef6\u76ee\u6a19\u653b\u64ca\u5229\u7528\u7814\u7a76\u55ae\u4f4d\u505a\u63a9\u8b77 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1328\" rel=\"bookmark\">\u300aAPT\u653b\u64ca \u300b\u53e6\u4e00\u8d77\u96fb\u5b50\u90f5\u4ef6\u76ee\u6a19\u653b\u64ca\u5229\u7528\u7814\u7a76\u55ae\u4f4d\u505a\u63a9\u8b77<\/a><\/p>\n<p><a title=\"\u300aAPT \u653b\u64ca\u300b\u4e0b\u8f09\u85cf\u6587\u8f38\u5165\u6cd5\u81f3Apple iOS,\u7adf\u5f15\u72fc\u5165\u5ba4 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1341\" rel=\"bookmark\">\u300aAPT \u653b\u64ca\u300b\u4e0b\u8f09\u85cf\u6587\u8f38\u5165\u6cd5\u81f3Apple iOS,\u7adf\u5f15\u72fc\u5165\u5ba4<\/a><\/p>\n<p><a title=\"\u300aAPT \/MAC \u653b\u64ca\u300b\u53e6\u4e00\u8d77\u548c\u897f\u85cf\u76f8\u95dc\u7684\u653b\u64ca\u6d3b\u52d5\u91dd\u5c0dWindows\u548cMac\u7cfb\u7d71 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1256\" rel=\"bookmark\">\u300aAPT \/MAC \u653b\u64ca\u300b\u53e6\u4e00\u8d77\u548c\u897f\u85cf\u76f8\u95dc\u7684\u653b\u64ca\u6d3b\u52d5\u91dd\u5c0dWindows\u548cMac\u7cfb\u7d71<\/a><\/p>\n<p><a title=\"\u5fae\u8edf\u63a7\u544a\u6bad\u5c4d\u7db2\u8defZeuS\u3001SpyEye\u548cIce IX\u5e55\u5f8c\u9ed1\u624b \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=1203\" rel=\"bookmark\">\u5fae\u8edf\u63a7\u544a\u6bad\u5c4d\u7db2\u8defZeuS\u3001SpyEye\u548cIce IX\u5e55\u5f8c\u9ed1\u624b<\/a><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2928&amp;name=20120702\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/apt\/tw\/images\/banner.jpg\" alt=\"APT \u653b\u64ca\" width=\"500\" height=\"150\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<div><strong>\u25ce\u5373\u523b\u52a0\u5165\u8da8\u52e2\u79d1\u6280\u793e\u7fa4\u7db2\u7ad9,\u7cbe\u5f69\u4e0d\u6f0f\u7db2<\/strong><\/div>\n<div><strong>\u00a0<\/strong><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2762&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/FBICON.PNG\" alt=\"\" \/><\/a>\u00a0<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2763&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/plurk.PNG\" alt=\"\" \/><\/a>\u00a0<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2764&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/YOUTUBE.PNG\" alt=\"\" \/><\/a><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2766&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/G+.PNG\" alt=\"\" \/><\/a>\u00a0<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2765&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/RSS.PNG\" alt=\"\" \/><\/a><\/div>\n<div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u4f5c\u8005\uff1aNart Villeneuve\uff08\u8da8\u52e2\u79d1\u6280\u8cc7\u6df1\u5a01\u8105\u7814\u7a76\u54e1\uff09 \u7d93\u904e\u4e86\u6574\u500b2012\u5e74\uff0c\u6211\u5011\u7814\u7a76\u4e86\u5404\u5f0f\u5404\u6a23\u7684\u76ee\u6a19 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[10,195],"tags":[885,45,358,357,2280],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3785"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3785"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3785\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}