{"id":4050,"date":"2013-02-04T09:18:51","date_gmt":"2013-02-04T01:18:51","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=4050"},"modified":"2013-01-29T18:21:20","modified_gmt":"2013-01-29T10:21:20","slug":"apt-%e9%a7%ad%e5%ae%a2%e5%b7%a5%e5%85%b7%e8%a7%a3%e5%af%86","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=4050","title":{"rendered":"APT \u99ed\u5ba2\u5de5\u5177\u89e3\u5bc6"},"content":{"rendered":"<p>\u5728<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a>\u7684<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/predictions-for-2013\/\">2013\u5b89\u5168\u9810\u6e2c<\/a>\u4e2d\uff0c\u6211\u5011\u63d0\u5230\u60e1\u610f\u8edf\u9ad4\u6703\u9010\u6f38\u5730\u6f14\u8b8a\uff0c\u4e0d\u6703\u6709\u592a\u591a\u986f\u8457\u5730\u8b8a\u5316\u3002\u9019\u53ef\u4ee5\u5f9e<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u4f7f\u7528\u4e00\u4e9b\uff08\u5408\u6cd5\uff09\u99ed\u5ba2\u5de5\u5177\u4e2d\u770b\u5f97\u51fa\u4f86\u3002<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/?attachment_id=3917\" rel=\"attachment wp-att-3917\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3917\" alt=\"attack\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack.jpg\" width=\"1253\" height=\"834\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack.jpg 1253w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack-300x200.jpg 300w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack-768x511.jpg 768w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack-1024x682.jpg 1024w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack-600x399.jpg 600w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack-30x20.jpg 30w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2013\/01\/attack-800x532.jpg 800w\" sizes=\"(max-width: 1253px) 100vw, 1253px\" \/><\/a><\/p>\n<p>\u9019\u70ba\u4ec0\u9ebc\u662f\u500b\u554f\u984c\u5462\uff1f\u99ed\u5ba2\u5de5\u5177\u662f\u7a2e\u7070\u8272\u8edf\u9ad4\uff0c\u4e26\u4e0d\u4e00\u5b9a\u6703\u88ab<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2677&amp;name=20110927\">\u9632\u6bd2\u8edf\u9ad4<\/a>\u9632\u6bd2\u8edf\u9ad4\u6240\u5075\u6e2c\uff0c\u6216\u56e0\u70ba\u9053\u5fb7\u6cd5\u5f8b\u8003\u91cf\u8b93\u4ed6\u5011\u4e0d\u9019\u6a23\u505a\u3002\u4e0d\u5e78\u7684\u662f\uff0c\u9019\u610f\u5473\u8457\u5728<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u9451\u8b58\u8abf\u67e5\u88e1\u66f4\u96e3\u767c\u89ba\u5b83\u3002\u6b64\u5916\uff0c\u5b83\u4e5f\u8b93\u653b\u64ca\u8005\u7701\u4e0b\u81ea\u5df1\u958b\u767c\u5de5\u5177\u7684\u9ebb\u7169\u3002\u5e38\u898b\u5230\u7684\u99ed\u5ba2\u5de5\u5177\u6709\uff1a<\/p>\n<p><b><i>\u5bc6\u78bc\u56de\u5fa9\u5de5\u5177<\/i><\/b> \u2013 \u7528\u4f86\u5c07\u61c9\u7528\u7a0b\u5f0f\u6216\u4f5c\u696d\u7cfb\u7d71\u5b58\u653e\u5728\u672c\u5730\u786c\u789f\u6216\u8a3b\u518a\u8868\u5167\u7684\u5bc6\u78bc\u6216\u5bc6\u78bc\u96dc\u6e4a\u503c\u53d6\u51fa\u7684\u5de5\u5177\u3002\u901a\u5e38\u88ab\u7528\u4f86\u8907\u88fd\u6216\u507d\u9020\u4f7f\u7528\u8005\u5e33\u865f\u4ee5\u53d6\u5f97\u7ba1\u7406\u8005\u6b0a\u9650\u3002\u96dc\u6e4a\u503c\u6ce8\u5165\uff08Pass-the-hash\uff09\u662f\u7a2e\u5e38\u898b\u7684\u65b9\u5f0f\u8b93\u653b\u64ca\u8005\u900f\u904e\u5077\u4f86\u7684\u5bc6\u78bc\u96dc\u6e4a\u503c\u53d6\u5f97\u7ba1\u7406\u8005\u6b0a\u9650\u3002<\/p>\n<ul>\n<li><b><i>\u4f7f\u7528\u8005\u5e33\u865f\u8907\u88fd\u5de5\u5177<\/i><\/b> \u2013 \u7576\u653b\u64ca\u8005\u53d6\u5f97\u5bc6\u78bc\u5f8c\uff0c\u7528\u4f86\u8907\u88fd\u4f7f\u7528\u8005\u5e33\u865f\u7684\u5de5\u5177\u3002\u4e00\u65e6\u53d6\u5f97\u8db3\u5920\u6b0a\u9650\uff0c\u653b\u64ca\u8005\u5c31\u53ef\u4ee5\u7e5e\u904e\u7cfb\u7d71\u7684\u5b89\u5168\u63aa\u65bd\uff0c\u57f7\u884c\u60e1\u610f\u4f01\u5716\u3002<\/li>\n<li><b><i>\u6a94\u6848\u64cd\u4f5c\u5de5\u5177<\/i><\/b>\u2013 \u7528\u4f86\u64cd\u4f5c\u6a94\u6848\uff08\u8907\u88fd\u3001\u522a\u9664\u3001\u4fee\u6539\u6642\u9593\u6a19\u8a18\u3001\u641c\u5c0b\u7279\u5b9a\u6a94\u6848\uff09\u7684\u5de5\u5177\u3002\u5b83\u88ab\u7528\u4f86\u4fee\u6539\u5b58\u53d6\u904e\u6a94\u6848\u7684\u6642\u9593\u6a19\u8a18\u6216\u522a\u9664\u7279\u5b9a\u7d44\u4ef6\u4ee5\u63a9\u98fe\u5165\u4fb5\u7684\u75d5\u8de1\u3002\u5b83\u4e5f\u53ef\u4ee5\u8b93\u653b\u64ca\u8005\u900f\u904e\u526f\u6a94\u540d\u641c\u5c0b\u6240\u9700\u8981\u7684\u95dc\u9375\u6587\u4ef6\u3002<\/li>\n<li><b><i>\u6392\u7a0b\u5de5\u5177<\/i><\/b>\u2013 \u7528\u4f86\u95dc\u9589\u6216\u5efa\u7acb\u6392\u7a0b\u7684\u8edf\u9ad4\u3002\u9019\u53ef\u4ee5\u8b93\u653b\u64ca\u8005\u900f\u904e\u95dc\u9589\u8edf\u9ad4\u66f4\u65b0\u6392\u7a0b\u4ee5\u964d\u4f4e\u53d7\u611f\u67d3\u7cfb\u7d71\u7684\u5b89\u5168\u6027\u3002\u540c\u6a23\u5730\uff0c\u4e5f\u53ef\u4ee5\u505a\u70ba\u60e1\u610f\u7528\u9014\u3002\u4f8b\u5982\uff0c\u653b\u64ca\u8005\u53ef\u4ee5\u5efa\u7acb\u6392\u7a0b\u4ee5\u5728\u7279\u5b9a\u6642\u9593\u81ea\u52d5\u7aca\u53d6\u6a94\u6848\u3002<\/li>\n<li><b><i>FTP<\/i><\/b><b><i>\u5de5\u5177<\/i><\/b> \u2013 \u7528\u4f86\u57f7\u884cFTP\u50b3\u8f38\u7684\u5de5\u5177\uff0c\u50cf\u662f\u5c07\u6a94\u6848\u4e0a\u50b3\u5230\u7279\u5b9aFTP\u7ad9\u53f0\u3002\u56e0\u70ba\u5728\u7db2\u8def\u4e0a\u7684FTP\u50b3\u8f38\u770b\u8d77\u4f86\u6bd4\u8f03\u4e0d\u90a3\u9ebc\u53ef\u7591\uff0c\u6709\u4e9bAPT\uff08\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\uff09\u5e55\u5f8c\u9ed1\u624b\u6703\u504f\u597d\u5c07\u7aca\u53d6\u4f86\u7684\u8cc7\u6599\u4e0a\u50b3\u5230\u9060\u7aefFTP\u7ad9\u53f0\uff0c\u800c\u4e0d\u662f\u4e0a\u50b3\u5230C\uff06C\u4f3a\u670d\u5668\u3002\u8981\u7279\u5225\u6307\u51fa\u7684\u662f\uff0c\u6709\u597d\u5e7e\u500b\u5408\u6cd5\u7684FTP\u61c9\u7528\u7a0b\u5f0f\u4e5f\u88ab\u7db2\u8def\u72af\u7f6a\u4efd\u5b50\u6240\u7528\u3002<\/li>\n<li><b><i>\u8cc7\u6599\u58d3\u7e2e\u5de5\u5177<\/i><\/b>\u2013 \u9019\u4e9b\u5de5\u5177\u672c\u8eab\u4e26\u975e\u60e1\u610f\uff0c\u4e5f\u4e0d\u88ab\u8996\u70ba\u5165\u4fb5\u7528\u7684\u5de5\u5177\u3002\u5728\u5927\u591a\u6578\u60c5\u6cc1\u4e0b\uff0c\u9019\u4e9b\u90fd\u662f\u5408\u6cd5\u7684\u6a94\u6848\u58d3\u7e2e\u5de5\u5177\uff0c\u50cf\u662fWinRAR\uff0c\u53ea\u662f\u88ab\u653b\u64ca\u8005\u7528\u4f86\u5c07\u591a\u500b\u5077\u4f86\u7684\u6a94\u6848\u52a0\u4ee5\u58d3\u7e2e\u5408\u4f75\u3002\u9019\u53ef\u4ee5\u5728\u8cc7\u6599\u7aca\u53d6\u968e\u6bb5\uff0c\u5e6b\u653b\u64ca\u8005\u5c07\u5077\u4f86\u7684\u6587\u4ef6\u5408\u6210\u4e00\u500b\u55ae\u4e00\u6a94\u6848\u4e0a\u50b3\u3002\u5728\u5c11\u6578\u60c5\u6cc1\u4e0b\uff0c\u6211\u5011\u4e5f\u770b\u5230\u9019\u4e9b\u61c9\u7528\u7a0b\u5f0f\u88ab\u7d44\u5408\u8a2d\u5b9a\u4f86\u58d3\u7e2e\u9810\u5148\u5b9a\u7fa9\u597d\u7684\u4e00\u7d44\u6a94\u6848\u3002<\/li>\n<\/ul>\n<p><b>\u8981\u5982\u4f55\u5224\u65b7APT\uff08\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\uff09\u4f7f\u7528\u9019\u4e9b\u99ed\u5ba2\u5de5\u5177\uff1f<\/b><\/p>\n<p>\u6211\u5011\u5df2\u7d93\u770b\u5230\u8981\u5982\u4f55\u4f7f\u7528\u9019\u4e9b\u5de5\u5177\u5728<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u4e2d\u53d6\u5f97\u7ba1\u7406\u8005\u6b0a\u9650\uff0c\u4e26\u4e14\u6536\u96c6\u95dc\u9375\u6587\u4ef6\u3002\u90a3\u9ebcIT\u7ba1\u7406\u54e1\u548c\u9032\u968e\u4f7f\u7528\u8005\u8a72\u5982\u4f55\u5229\u7528\u9019\u8cc7\u8a0a\u4f86\u5224\u65b7\u6709\u4f7f\u7528\u9019\u4e9b\u5de5\u5177\u7684<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\uff1f<!--more--><\/p>\n<ol>\n<li><b>\u51fa\u73fe\u53ef\u7591\u7684\u547d\u4ee4\u5217\u7a0b\u5e8f\u5728\u57f7\u884c\uff0c\u5c31\u8868\u793a\u53ef\u80fd\u6709\u88ab\u5165\u4fb5<\/b>\u3002\u4e0a\u9762\u6240\u5217\u8209\u7684\u5de5\u5177\uff0c\u4e0d\u662f\u547d\u4ee4\u5217\u5de5\u5177\uff0c\u6216\u662f\u540c\u6642\u5177\u5099\u547d\u4ee4\u5217\u548c\u5716\u5f62\u754c\u9762\u3002\u653b\u64ca\u8005\u900f\u904e\u5728\u80cc\u666f\u57f7\u884c\u7684\u547d\u4ee4\u5217\u7a0b\u5e8f\u4f86\u4f7f\u7528\u9019\u4e9b\u5de5\u5177\uff0c\u6240\u4ee5\u5b9a\u671f\u6aa2\u67e5\u74b0\u5883\u5167\u672a\u77e5\u7684\u547d\u4ee4\u5217\u57f7\u884c\u7a0b\u5e8f\u53ef\u4ee5\u5e6b\u4f60\u627e\u51fa\u53ef\u80fd\u7684\u653b\u64ca\u3002\u6b64\u5916\uff0c\u5229\u7528\u985e\u4f3cProcess Explorer\u7684\u7a0b\u5e8f\u7ba1\u7406\u5de5\u5177\u53ef\u4ee5\u8b93\u4f60\u770b\u5230\u547d\u4ee4\u5217\u7a0b\u5e8f\u6240\u7528\u7684\u53c3\u6578\u3002\u9019\u53ef\u4ee5\u5e6b\u4f60\u627e\u51fa<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u53ef\u80fd\u7684\u76f8\u95dc\u7d44\u4ef6\u3002<\/li>\n<li>\u653b\u64ca\u8005\u65e9\u5c31\u5df2\u7d93\u958b\u59cb\u5229\u7528\u5408\u6cd5\u8edf\u9ad4\u505a\u70ba\u60e1\u610f\u7528\u9014\u3002\u56e0\u6b64\uff0c\u4f7f\u7528\u8005<b>\u61c9\u8a72\u8981\u5c0d\u51fa\u73fe\u5728\u81ea\u5df1\u7cfb\u7d71\u4e0a\u7684\u8edf\u9ad4\u62b1\u6301\u8457\u5c0f\u5fc3\u8b39\u614e\u7684\u614b\u5ea6<\/b>\uff0c\u4e5f\u61c9\u8a72\u8981\u53ef\u4ee5\u8b58\u5225\u662f\u5426\u70ba\u81ea\u5df1\u6240\u5b89\u88dd\u3002\u9019\u53ef\u80fd\u5f88\u7121\u8da3\uff0c\u4f46\u662f\u5426\u80fd\u5920\u767c\u89ba\u7cfb\u7d71\u5167\u7570\u5e38\u7684\u6a94\u6848\uff0c\u4e5f\u6c7a\u5b9a\u4e86\u53ef\u4ee5\u89e3\u6c7aAPT\uff08\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105\uff09\u653b\u64ca\uff0c\u6216\u662f\u8b93\u7d44\u7e54\u5167\u5927\u91cf\u6a5f\u5bc6\u6587\u4ef6\u88ab\u5916\u6d29\u7684\u5dee\u5225\u3002<\/li>\n<li>\u6b64\u5916\uff0c\u6211\u5011\u9084\u89c0\u5bdf\u5230\uff0c<b>\u653b\u64ca\u8005\u6709\u6642\u6703\u5c07\u9019\u4e9b\u5de5\u5177\u6539\u6210\u5947\u602a\u7684\u6a94\u540d\uff0c\u6216\u662f\u5047\u7684\u526f\u6a94\u540d<\/b>\u3002\u518d\u6b21\u63d0\u8d77\uff0c\u53ef\u4ee5\u53bb\u8fa8\u5225\u9019\u4e9b\u88ab\u52a0\u5165\u7684\u6a94\u6848\u662f\u8fa8\u8b58\u53ef\u80fd\u5165\u4fb5\u7684\u95dc\u9375\u3002<\/li>\n<li><b>\u5728\u7db2\u8def\u6d3b\u52d5\u65e5\u8a8c\u4e2d\u6ce8\u610fFTP\u9023\u7dda<\/b>\u4e5f\u662f\u500b\u597d\u4f5c\u6cd5\u3002\u96d6\u7136\u6bd4\u8f03\u5e38\u898b\u7684\u4f5c\u6cd5\u662f\u6aa2\u67e5\u60e1\u610fC\uff06C\u9023\u7dda\uff0c\u6aa2\u67e5FTP\u9023\u7dda\u5247\u6703\u8b93\u4f60\u591a\u4e00\u500b\u6a5f\u6703\u53bb\u767c\u89ba\u7db2\u8def\u4e2d\u662f\u5426\u6709\u8cc7\u6599\u5916\u6d29\u7684\u60c5\u6cc1\u3002\u5728\u4f01\u696d\u74b0\u5883\u88e1\uff0cFTP\u7ad9\u53f0\u901a\u5e38\u662f\u4f4d\u5728\u5167\u90e8\u7db2\u8def\uff0c\u6240\u4ee5\u53ef\u4ee5\u5f88\u5bb9\u6613\u7684\u5206\u8fa8\u60e1\u610f\u6216\u6b63\u5e38\u7684\u7ad9\u53f0\u3002FTP\u7684\u7db2\u8def\u6d3b\u52d5\u4e5f\u6bd4\u5176\u4ed6\u985e\u578b\u7684\u901a\u8a0a\u5354\u5b9a\u4f86\u5f97\u5c11\u591a\u4e86\uff0c\u53ef\u4ee5\u8b93\u4f60\u66f4\u5feb\u53bb\u8fa8\u5225\u662f\u5426\u6709\u554f\u984c\u3002\u6b64\u5916\uff0c\u6aa2\u67e5\u88ab\u4e0a\u50b3\u5230\u9060\u7aef\u7ad9\u53f0\u7684\u6a94\u6848\u6216\u58d3\u7e2e\u6a94\u662f\u5426\u4f7f\u7528\u5947\u602a\u7684\u6a94\u540d\u4e5f\u662f\u500b\u8fa8\u5225\u7684\u65b9\u5f0f\u3002<\/li>\n<li><b>\u6aa2\u67e5\u5de5\u4f5c\u6392\u7a0b\u3002<\/b>\u5de5\u4f5c\u6392\u7a0b\u662f\u7a2e\u5e38\u898b\u7684\u81ea\u52d5\u555f\u52d5\u6a21\u5f0f\uff0c\u4e0d\u50c5\u88ab\u7528\u5728<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\uff0c\u4e00\u822c\u7684\u60e1\u610f\u8edf\u9ad4\u4e5f\u6703\u7528\u3002\u6aa2\u67e5\u5de5\u4f5c\u6392\u7a0b\u4e0d\u50c5\u53ef\u4ee5\u8b93\u4f60\u8fa8\u5225\u662f\u5426\u53d7\u5230\u653b\u64ca\uff0c\u9084\u6709\u6a5f\u6703\u53bb\u900f\u904e\u5b83\u5011\u6240\u57f7\u884c\u7684\u6a94\u6848\u4f86\u627e\u51fa\u653b\u64ca\u6d3b\u52d5\u88e1\u7684\u5176\u4ed6\u7d44\u4ef6\u3002\u6709\u9451\u65bc\u4eca\u65e5\u7684APT\u6d3b\u52d5\u8d8a\u4f86\u8d8a\u591a\uff0c\u53ef\u4ee5\u5f9e\u7d44\u7e54\u7db2\u8def\u6d3b\u52d5\u5167\u8b58\u5225\u51fa\u73fe\u884c\u7684APT\u653b\u64ca\u5c31\u8ddf\u9632\u6b62<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u5165\u4fb5\u662f\u4e00\u6a23\u91cd\u8981\u3002<\/li>\n<\/ol>\n<p>\u5f9e\u4e0d\u540c\u89d2\u5ea6\uff08\u50cf\u662f\u4f7f\u7528\u8005\uff0c\u5b89\u5168\u7ba1\u7406\u54e1\uff0c\u9084\u6709\u5b89\u5168\u7814\u7a76\u4eba\u54e1\uff09\u4f86\u4e86\u89e3\u76ee\u6a19\u653b\u64ca\uff0c\u53ef\u4ee5\u66f4\u6709\u6548\u5730\u53bb\u6253\u64ca\u9019\u4e9b\u5a01\u8105\u3002\u5f37\u8abf<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=1803\">APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)<\/a>\u6240\u7528\u7684\u7d44\u4ef6\uff0c\u53ef\u4ee5\u8b93\u6211\u5011\u77e5\u9053\u8a72\u53bb\u54ea\u88e1\u5c0b\u627e\uff0c\u4ee5\u8b58\u5225\u51fa\u53ef\u80fd\u7684\u5165\u4fb5\u6d3b\u52d5\u3002<\/p>\n<p><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=3878\">\u4e4b\u524d\u63d0\u904e<\/a>\uff0c\u76f8\u5c0d\u65bc\u5e36\u6709\u9593\u8adc\u76ee\u7684\u653b\u64ca\uff0c\u6211\u5011\u5c07\u6703\u770b\u5230\u589e\u52a0\u7684\u662f\u5e36\u6709<a href=\"https:\/\/www.youtube.com\/watch?feature=player_embedded&amp;v=3NcEm-UoV5U\">\u7834\u58de\u6027<\/a>\u7684\u653b\u64ca\u3002\u6b64\u5916\uff0c\u5e36\u6709\u67d0\u4e9b\u7279\u5b9a\u689d\u4ef6\uff08\u5982\u7279\u5b9a\u8a9e\u8a00\u8a2d\u5b9a\u6216\u5730\u7406\u4f4d\u7f6e\uff09\u7684\u672c\u5730\u5316\u653b\u64ca\u4e5f\u5c07\u6703\u589e\u52a0\u3002<\/p>\n<p>\uff20\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/throwing-some-light-on-apt-hacktools\/\">Throwing Some Light on APT Hacktools<\/a>\u4f5c\u8005\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/roland-dela-paz\/\">Roland Dela Paz\uff08\u5a01\u8105\u7814\u7a76\u54e1\uff09<\/a><\/p>\n<p>\u60f3\u4e86\u89e3\u66f4\u591a\u95dc\u65bc\u7db2\u8def\u5b89\u5168\u7684\u79d8\u8a23\u548c\u5efa\u8b70\uff0c\u53ea\u8981\u5230<a href=\"https:\/\/www.facebook.com\/trendmicrotaiwan\">\u8da8\u52e2\u79d1\u6280\u7c89\u7d72\u7db2\u9801<\/a> \u6216\u4e0b\u9762\u7684\u6309\u9215\u6309\u8b9a<br \/>\n<iframe loading=\"lazy\" style=\"width: 350px; height: 62px; overflow: hidden;\" src=\"https:\/\/www.facebook.com\/plugins\/likebox.php?id=255176705131&amp;width=350&amp;connections=0&amp;stream=false&amp;header=false&amp;height=62\" height=\"240\" width=\"320\" frameborder=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p>\u25ce\u5ef6\u4f38\u95b1\u8b80<\/p>\n<p>&nbsp;<\/p>\n<p><a title=\"\u4ec0\u9ebc\u662f APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)\uff1f \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=123&amp;apt\/%e4%bb%80%e9%ba%bc%e6%98%af-apt%e9%80%b2%e9%9a%8e%e6%8c%81%e7%ba%8c%e6%80%a7%e5%a8%81%e8%84%85-advanced-persistent-threat-apt%ef%bc%9f\">\u4ec0\u9ebc\u662f APT\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105 (Advanced Persistent Threat, APT)\uff1f<\/a><\/p>\n<p><a title=\"\u300aAPT \u653b\u64ca\u300b\u9000\u4fe1\u548c\u8b80\u53d6\u56de\u689d\u81ea\u52d5\u56de\u8986\u7684\u98a8\u96aa \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3588\" rel=\"bookmark\">\u300aAPT \u653b\u64ca\u300b\u9000\u4fe1\u548c\u8b80\u53d6\u56de\u689d\u81ea\u52d5\u56de\u8986\u7684\u98a8\u96aa<\/a><\/p>\n<p><a title=\"APT \u653b\u64ca\u8005\u504f\u597d\u7684DDOS \u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\u653b\u64ca\u8207\u5bc6\u78bc\u64f7\u53d6\u5de5\u5177\uff0c\u81ea\u6211\u66f4\u65b0\u66f4\u53b2\u201d\u99ed\u201d \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3565\" rel=\"bookmark\">APT \u653b\u64ca\u8005\u504f\u597d\u7684DDOS \u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\u653b\u64ca\u8207\u5bc6\u78bc\u64f7\u53d6\u5de5\u5177\uff0c\u81ea\u6211\u66f4\u65b0\u66f4\u53b2\u201d\u99ed\u201d<\/a><\/p>\n<p><a title=\"\u6728\u99ac\u5c08\u9580\u7aca\u53d6\u5716\u6a94\/\u5f71\u50cf\u6a94\u6848,\u5f97\u624b\u8cc7\u6599\u50b3\u9001\u9060\u7aef FTP,\u53ef\u80fd\u70baAPT \u653b\u64ca\u5e03\u5c40 \u6c38\u4e45\u93c8\u7d50\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=3383\" rel=\"bookmark\">\u6728\u99ac\u5c08\u9580\u7aca\u53d6\u5716\u6a94\/\u5f71\u50cf\u6a94\u6848,\u5f97\u624b\u8cc7\u6599\u50b3\u9001\u9060\u7aef FTP,\u53ef\u80fd\u70baAPT \u653b\u64ca\u5e03\u5c40<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2928&amp;name=20120702\"><img loading=\"lazy\" decoding=\"async\" alt=\"APT \u653b\u64ca\" src=\"https:\/\/www.trendmicro.com.tw\/apt\/tw\/images\/banner.jpg\" width=\"500\" height=\"150\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<div><strong>\u25ce\u5373\u523b\u52a0\u5165\u8da8\u52e2\u79d1\u6280\u793e\u7fa4\u7db2\u7ad9,\u7cbe\u5f69\u4e0d\u6f0f\u7db2<\/strong><\/div>\n<div><strong>\u00a0<\/strong><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2762&amp;name=20111213\"><img decoding=\"async\" alt=\"\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/FBICON.PNG\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2763&amp;name=20111213\"><img decoding=\"async\" alt=\"\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/plurk.PNG\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2764&amp;name=20111213\"><img decoding=\"async\" alt=\"\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/YOUTUBE.PNG\" \/><\/a><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2766&amp;name=20111213\"><img decoding=\"async\" alt=\"\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/G+.PNG\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2765&amp;name=20111213\"><img decoding=\"async\" alt=\"\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/RSS.PNG\" \/><\/a><\/div>\n<div id=\"toolbar-box\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u5728\u8da8\u52e2\u79d1\u6280\u76842013\u5b89\u5168\u9810\u6e2c\u4e2d\uff0c\u6211\u5011\u63d0\u5230\u60e1\u610f\u8edf\u9ad4\u6703\u9010\u6f38\u5730\u6f14\u8b8a\uff0c\u4e0d\u6703\u6709\u592a\u591a\u986f\u8457\u5730\u8b8a\u5316\u3002\u9019\u53ef\u4ee5\u5f9eAPT\u9032\u968e\u6301\u7e8c\u6027\u5a01 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[10],"tags":[44,2280,498],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4050"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4050"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4050\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4050"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4050"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}