{"id":50526,"date":"2017-06-16T17:32:05","date_gmt":"2017-06-16T09:32:05","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=50526"},"modified":"2017-06-30T17:43:42","modified_gmt":"2017-06-30T09:43:42","slug":"erebus-linux-%e5%8b%92%e7%b4%a2%e7%97%85%e6%af%92%e4%be%86%e8%a5%b2%ef%bc%9a%e5%a6%82%e4%bd%95%e9%81%bf%e5%85%8d%e4%bc%ba%e6%9c%8d%e5%99%a8%e9%81%ad%e6%ae%83","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=50526","title":{"rendered":"Erebus Linux \u52d2\u7d22\u75c5\u6bd2\u4f86\u8972\uff1a\u5982\u4f55\u907f\u514d\u4f3a\u670d\u5668\u906d\u6b83?"},"content":{"rendered":"<p>6 \u6708 10 \u65e5\uff0c\u5357\u97d3\u7db2\u7ad9\u4ee3\u7ba1\u516c\u53f8 <a href=\"https:\/\/www.ajudaily.com\/view\/20170612145809915\">NAYANA<\/a>\u00a0 \u906d\u5230\u6700\u65b0\u7684\u00a0\u8972\u64ca\uff0c<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=12412\">\u52d2\u7d22\u75c5\u6bd2 Ransomware<\/a> (\u52d2\u7d22\u8edf\u9ad4\/\u7d81\u67b6\u75c5\u6bd2)\u5171\u6709 153 \u53f0 Linux \u4f3a\u670d\u5668\u00a0<a href=\"https:\/\/www.networkworld.com\/article\/3200194\/security\/south-korean-web-hosting-company-infected-by-erebus-ransomware.html\">\u611f\u67d3 Linux \u7248 Erebus \u52d2\u7d22\u75c5\u6bd2<\/a> (\u8da8\u52e2\u79d1\u6280\u547d\u540d\u70ba RANSOM_ELFEREBUS.A)\uff0c\u9019\u9805\u653b\u64ca\u5c0e\u81f4\u8a72\u516c\u53f8\u7684 3,400 \u5bb6\u4ee3\u7ba1\u670d\u52d9\u5ba2\u6236\u7684\u4f01\u696d\u7db2\u7ad9\u3001\u8cc7\u6599\u5eab\u8207\u591a\u5a92\u9ad4\u6a94\u6848\u906d\u5230\u52a0\u5bc6\u3002<\/p>\n<p>\u6839\u64da NAYANA \u5b98\u7db2\u4e0a\u6240\u767c\u5e03\u7684\u6700\u65b0\u00a0<a href=\"https:\/\/www.nayana.com\/bbs\/set_view.php?b_name=notice&amp;w_no=964\">\u6d88\u606f<\/a>\uff0c\u99ed\u5ba2\u986f\u7136\u5df2\u6210\u529f\u903c\u8feb\u8a72\u516c\u53f8\u652f\u4ed8\u8d16\u91d1\uff0c\u4e26\u4e14\u7d04\u5b9a\u5206\u4e09\u968e\u6bb5\u4ed8\u6b3e\u4ee5\u53d6\u5f97\u6240\u6709\u6a94\u6848\u7684\u89e3\u5bc6\u91d1\u9470\u3002\u4e0d\u904e\u672c\u6587\u622a\u7a3f\u70ba\u6b62\uff0cNAYANA \u9084\u672a\u53d6\u5f97\u7b2c\u4e00\u968e\u6bb5\u7684\u89e3\u5bc6\u91d1\u9470\u3002<\/p>\n<p>Erebus \u8b93 IT \u7cfb\u7d71\u7ba1\u7406\u54e1\u4e86\u89e3\u5230\u8cc7\u5b89\u5c0d\u4f01\u696d\u6d41\u7a0b\u7cfb\u7d71\u8207\u4f3a\u670d\u5668\u7684\u91cd\u8981\u6027\u3002\u9019\u985e\u7cfb\u7d71\u548c\u4f3a\u670d\u5668\u82e5\u672a\u59a5\u5584\u52a0\u4ee5\u4fdd\u8b77\uff0c\u5f88\u53ef\u80fd\u5c0d\u4f01\u696d\u7684\u71df\u904b\u3001\u5546\u8b7d\u53ca\u7372\u5229\u80fd\u529b\u9020\u6210\u52a0\u500d\u7684\u640d\u5931\u3002<\/p>\n<p><strong>[\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong>\u00a0<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=17699\">\u8fd1\u4e09\u6210\u4f01\u696d\u91cd\u8907\u611f\u67d3\u52a0\u5bc6\u52d2\u7d22\u75c5\u6bd2,\u900f\u6f0f\u4ec0\u9ebc\u8a0a\u606f?<\/a><strong>]<\/strong><\/p>\n<h2>Erebus \u5f9e\u539f\u672c\u5229\u7528\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6\u6f14\u5316\u6210\u53ef\u907f\u958b\u4f7f\u7528\u8005\u5e33\u6236\u63a7\u5236<\/h2>\n<p>Erebus \u52d2\u7d22\u75c5\u6bd2 (<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/threat-encyclopedia\/malware\/ransom_erebus.a\">RANSOM_EREBUS.A<\/a>) <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/ransomware-recap-sept-23-2016\">\u9996\u6b21\u73fe\u8eab\u65bc 2016 \u5e74 9 \u6708<\/a>\uff0c\u7576\u6642\u662f\u7d93\u7531<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/malvertisement\">\u60e1\u610f\u5ee3\u544a<\/a>\u6563\u5e03\u3002\u9019\u4e9b\u60e1\u610f\u5ee3\u544a\u6703\u5c07\u53d7\u5bb3\u8005\u91cd\u5c0e\u81f3\u542b\u6709 Rig <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/exploit-kit\">\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6<\/a>\u7684\u7db2\u7ad9\uff0c\u8a72\u5957\u4ef6\u6703\u5728\u53d7\u5bb3\u8005\u7684\u96fb\u8166\u4e0a\u690d\u5165\u52d2\u7d22\u75c5\u6bd2\u3002\u9019\u500b Erebus \u8b8a\u7a2e\u53ef\u52a0\u5bc6\u7684\u6a94\u6848\u985e\u578b\u6709 423 \u7a2e\uff0c\u63a1\u7528 RSA-2048 \u52a0\u5bc6\u6f14\u7b97\u6cd5\uff0c\u88ab\u52a0\u5bc6\u7684\u6a94\u6848\u6703\u591a\u4e86\u4e00\u500b\u300c<em>.ecrypt<\/em>\u300d\u526f\u6a94\u540d\u3002\u6b64\u7248\u672c\u7684 Erebus \u662f\u5229\u7528\u5357\u97d3\u5883\u5167\u5df2\u906d\u5165\u4fb5\u7684\u7db2\u7ad9\u4f86\u7576\u6210\u5e55\u5f8c\u64cd\u7e31 (C&amp;C) \u4f3a\u670d\u5668\u3002<\/p>\n<p>2017 \u5e74 2 \u6708\uff0c<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/ransomware-recap-january-30-february-15-2017\">Erebus \u53c8\u91cd\u65b0\u6f14\u5316\u51fa\u65b0\u7684\u7248\u672c\u8207\u624b\u6cd5<\/a>\uff0c\u9019\u4e00\u6b21\uff0c\u5b83\u4f7f\u7528\u4e86\u4e00\u7a2e\u53ef\u4ee5<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/erebus-ransomware-utilizes-a-uac-bypass-and-request-a-90-ransom-payment\/\">\u907f\u958b<\/a> Windows \u96fb\u8166\u300c\u4f7f\u7528\u8005\u5e33\u6236\u63a7\u5236 (UAC)\u300d\u6a5f\u5236\u7684\u6280\u5de7\uff0c\u4ee5\u4fbf\u53ef\u4ee5\u7528\u7ba1\u7406\u54e1\u6b0a\u9650\u4f86\u57f7\u884c\u52d2\u7d22\u75c5\u6bd2\u3002Erebus \u6703\u5728\u52d2\u7d22\u8a0a\u606f\u7576\u4e2d\u5a01\u8105\u53d7\u5bb3\u8005\u5fc5\u9808\u5728 96 \u5c0f\u6642\u5167\u652f\u4ed8 0.085 \u6bd4\u7279\u5e63 (\u4f9d 2017 \u5e74 6 \u6708 15 \u65e5\u7684\u532f\u7387\u7d04\u5408 216 \u7f8e\u5143) \u7684\u8d16\u91d1\uff0c\u5426\u5247\u5c07\u522a\u9664\u53d7\u5bb3\u8005\u88ab\u52a0\u5bc6\u7684\u6a94\u6848\u3002\u6b64\u7248\u672c\u7684 Erebus \u75c5\u6bd2 (RANSOM_EREBUS.TOR) \u9084\u6703\u522a\u9664\u7cfb\u7d71\u9084\u539f\u9ede\u4f86\u9632\u6b62\u53d7\u5bb3\u8005\u9084\u539f\u7cfb\u7d71\u3002<\/p>\n<p><strong>[\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong><strong>\u00a0<\/strong><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=50453\"><strong>\u5f9e\u6280\u8853\u9762\u5206\u6790\u5177\u5099\u7a0b\u5f0f\u78bc\u6ce8\u5c04\u8207\u7db2\u8def\u5171\u7528\u8cc7\u6599\u593e\u52a0\u5bc6\u80fd\u529b\u7684 SOREBRECT \u7121\u6a94\u6848\u5f0f\u52d2\u7d22\u75c5\u6bd2\u3002<\/strong><\/a><strong>]<\/strong><\/p>\n<h2>Erebus \u52d2\u7d22\u75c5\u6bd2\u73fe\u5728\u53ef\u611f\u67d3\u4f3a\u670d\u5668<\/h2>\n<p>NAYANA \u516c\u53f8\u7684\u4f3a\u670d\u5668\u6240\u611f\u67d3\u7684\u662f\u79fb\u690d\u5230 Linux \u5e73\u53f0\u7684 Erebus \u52d2\u7d22\u75c5\u6bd2\u7248\u672c\u3002\u6839\u64da\u8da8\u52e2\u79d1\u6280\u7684\u6301\u7e8c\u5206\u6790\u986f\u793a\uff0c\u6b64\u8b8a\u7a2e\u63a1\u7528\u975e\u91cd\u8907\u7684 AES \u91d1\u9470\u4f86\u52a0\u5bc6\u6a94\u6848\uff0c\u800c AES \u91d1\u9470\u518d\u7528 RSA \u6f14\u7b97\u6cd5\u52a0\u5bc6\u3002\u5b83\u751a\u81f3\u5167\u542b\u4e00\u500b\u5047\u7684\u85cd\u7259\u670d\u52d9\u4f86\u78ba\u4fdd\u5373\u4f7f\u7cfb\u7d71\u6216\u4f3a\u670d\u5668\u91cd\u65b0\u958b\u6a5f\u4e5f\u6703\u518d\u81ea\u52d5\u57f7\u884c\u3002\u6b64\u5916\uff0c\u66f4\u5229\u7528\u4e86 UNIX \u7cfb\u7d71\u7684 cron \u5de5\u4f5c\u6392\u7a0b\u5de5\u5177\u4f86\u5b9a\u671f\u6bcf\u5c0f\u6642\u6aa2\u67e5\u4e00\u6b21\u52d2\u7d22\u75c5\u6bd2\u662f\u5426\u9084\u5728\u57f7\u884c\u3002\u5982\u540c NAYANA \u7684\u6848\u4f8b\uff0c\u525b\u958b\u59cb\u5b83\u6240\u8981\u6c42\u7684\u8d16\u91d1\u70ba 10 \u6bd4\u7279\u5e63 (\u7d04 24,689 \u7f8e\u5143)\uff0c\u4f46\u5f8c\u4f86\u8d16\u91d1\u964d\u5230\u4e86 5 \u6bd4\u7279\u5e63 (\u7d04 12,344 \u7f8e\u5143)\u3002<\/p>\n<p>\u6b64\u7248\u672c\u7684 Erebus \u75c5\u6bd2\u53ef\u52a0\u5bc6 433 \u7a2e\u6a94\u6848\u985e\u578b\uff0c\u5305\u62ec\u4ee5\u4e0b\u5e7e\u7a2e\uff1a<!--more--><\/p>\n<ul>\n<li>Office \u6587\u4ef6 (.pptx\u3001.docx\u3001.xlsx)<\/li>\n<li>\u8cc7\u6599\u5eab\u6a94\u6848 (.sql\u3001.mdb\u3001.dbf\u3001.odb)<\/li>\n<li>\u58d3\u7e2e\u6a94 (.zip\u3001.rar)<\/li>\n<li>\u96fb\u5b50\u90f5\u4ef6\u6a94\u6848 (.eml\u3001.msg)<\/li>\n<li>\u7db2\u7ad9\u76f8\u95dc\u6a94\u6848\u8207\u7a0b\u5f0f\u958b\u767c\u6a94\u6848 (.html\u3001.css\u3001.php\u3001.java)<\/li>\n<li>\u591a\u5a92\u9ad4\u6a94\u6848 (.avi\u3001.mp4)<\/li>\n<\/ul>\n<p><strong>[\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=47496\"><strong>\u50cf Linux \u9019\u7a2e\u7684\u985e UNIX \u7cfb\u7d71\u5c0d\u52d2\u7d22\u75c5\u6bd2\u60c5\u52e2\u6709\u4f55\u5f71\u97ff<\/strong><\/a><strong>]<\/strong><\/p>\n<p>Erebus \u4e26\u975e\u7b2c\u4e00\u500b\u627e\u4e0a Linux \u96fb\u8166\u751a\u81f3\u662f\u4f3a\u670d\u5668\u7684\u6a94\u6848\u52a0\u5bc6\u60e1\u610f\u7a0b\u5f0f\u3002<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/ransomware-recap-january-30-february-15-2017\">Linux.Encoder<\/a>\u3001<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/the-rise-and-fall-of-encryptor-raas\/\">Encryptor RaaS<\/a>\u3001<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/ransomware-recap-january-1-13-2017\">KillDisk<\/a> \u7684\u67d0\u500b\u7248\u672c\u3001<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/linux-security-a-closer-look-at-the-latest-linux-threats\">Rex<\/a>\u3001<a href=\"https:\/\/blog.trendmicro.com\/web-site-offline-new-server-focused-fairware-ransomware\/\">Fairware<\/a> \u548c \u00a0<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/a-new-ransomware-dubbed-kimcilware-targets-magento-websites\">KimcilWare<\/a> \u5168\u90fd\u662f\u91dd\u5c0d Linux \u7cfb\u7d71\u7684\u52d2\u7d22\u75c5\u6bd2\u3002\u5176\u5be6\uff0c\u65e9\u5728 2014 \u5e74\u5c31\u66fe\u51fa\u73fe\u904e Linux \u52d2\u7d22\u75c5\u6bd2\uff0c\u4e26\u4e14\u662f<a href=\"https:\/\/news.softpedia.com\/news\/new-open-source-linux-ransomware-shows-infosec-community-divide-508669.shtml\">\u884d\u751f\u81ea<\/a>\u00a0\u6559\u80b2\u7528\u7684\u958b\u653e\u539f\u59cb\u78bc\u52d2\u7d22\u75c5\u6bd2\u3002SAMSAM\u3001<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/petya-crypto-ransomware-overwrites-mbr-lock-users-computers\/\">Petya<\/a> \u548c <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/crysis-targeting-businesses-in-australia-new-zealand-via-brute-forced-rdps\/\">Crysis<\/a> \u7b49\u52d2\u7d22\u75c5\u6bd2\u53ea\u662f\u5176\u4e2d\u5e7e\u500b\u5c08\u9580\u653b\u64ca\u4f3a\u670d\u5668\u7684\u52d2\u7d22\u75c5\u6bd2\u3002<\/p>\n<p>\u5118\u7ba1 Linux \u52d2\u7d22\u75c5\u6bd2\u4e0d\u50cf Windows \u52d2\u7d22\u75c5\u6bd2\u90a3\u6a23\u666e\u904d\uff0c\u4f46\u4f9d\u7136\u6703\u5c0d\u4f7f\u7528\u8005\u9020\u6210\u91cd\u5927\u5f71\u97ff\uff0c\u5c24\u5176\u662f\u4f01\u696d\u6a5f\u69cb\u3002\u5982 NAYANA \u7684\u6848\u4f8b\u6240\u793a\uff0cLinux \u662f\u4e00\u500b\u9010\u6f38\u71b1\u9580\u7684\u4f5c\u696d\u7cfb\u7d71\uff0c\u800c\u4e14\u5728\u5404\u7a2e\u7522\u696d\u7684\u4f01\u696d\u6d41\u7a0b\u69cb\u7576\u4e2d\u90fd\u7d93\u5e38\u7528\u5230\uff1a\u5f9e\u4f3a\u670d\u5668\u548c\u8cc7\u6599\u5eab\uff0c\u5230\u7db2\u7ad9\u958b\u767c\u8207\u884c\u52d5\u88dd\u7f6e\u3002\u6b64\u5916\uff0c\u8cc7\u6599\u4e2d\u5fc3\u8207\u4ee3\u7ba1\/\u5132\u5b58\u670d\u52d9\u4f9b\u61c9\u5546\uff0c\u4e5f\u666e\u904d\u4f7f\u7528 Linux \u7cfb\u7d71\u3002<\/p>\n<p><strong>[\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong><strong>\u00a0<\/strong><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=32376\"><strong>\u591a\u5c64\u5f0f\u7684\u4f3a\u670d\u5668\u7aef\u52d2\u7d22\u75c5\u6bd2\u9632\u8b77<\/strong><\/a><strong>]<\/strong><\/p>\n<h2>Linux \u7cfb\u7d71\u8207\u4f3a\u670d\u5668\u7684\u6700\u4f73\u8cc7\u5b89\u5be6\u52d9\u539f\u5247<\/h2>\n<p>\u50cf Erebus \u9019\u985e\u52d2\u7d22\u75c5\u6bd2\u5c0d\u4f01\u696d\u71df\u904b\u3001\u8072\u8b7d\u548c\u7372\u5229\u7684\u56b4\u91cd\u5f71\u97ff\uff0c\u7a81\u986f\u4e86\u4fdd\u8b77\u4f01\u696d\u6d41\u7a0b\u7cfb\u7d71\u8207\u4f3a\u670d\u5668\u7684\u91cd\u8981\u6027\u3002\u9664\u6b64\u4e4b\u5916\uff0c\u5047\u4f7f\u52d2\u7d22\u75c5\u6bd2\u4e0d\u50c5\u611f\u67d3\u4e86\u7aef\u9ede\u88dd\u7f6e\uff0c\u66f4\u611f\u67d3\u4e86\u4f3a\u670d\u5668\u6216\u7db2\u8def\uff0c\u90a3\u5c07\u9020\u6210\u52a0\u500d\u7684\u885d\u64ca\u3002IT \u7cfb\u7d71\u7ba1\u7406\u54e1\u53ef\u63a1\u53d6\u4ee5\u4e0b\u6700\u4f73\u5be6\u52d9\u539f\u5247\u4f86\u5f37\u5316\u5176\u7cfb\u7d71\u8207\u4f3a\u670d\u5668\u7684\u5b89\u5168\uff1a<\/p>\n<ul>\n<li><em><strong>\u96a8\u6642\u4fdd\u6301\u7cfb\u7d71\u8207\u4f3a\u670d\u5668\u66f4\u65b0\u3002<\/strong><\/em>\u56b4\u683c\u8cab\u5fb9\u4fee\u88dc\u66f4\u65b0\u7ba1\u7406\u653f\u7b56\uff0c\u53ef\u78ba\u4fdd\u7cfb\u7d71\u96a8\u6642\u63a1\u7528\u6700\u65b0\u7684\u4fee\u88dc\u3001\u4fee\u6b63\u8207\u6838\u5fc3\u3002<\/li>\n<li><em><strong>\u907f\u514d\u6216\u5118\u91cf\u5c11\u4f7f\u7528\u7b2c\u4e09\u65b9\u6216\u4e0d\u660e\u4f86\u6e90\u7684\u7a0b\u5f0f\u5eab\u6216\u5957\u4ef6\u3002<\/strong><\/em>\u5982\u6b64\u53ef\u6e1b\u5c11\u7cfb\u7d71\u6216\u4f3a\u670d\u5668\u7684\u6f0f\u6d1e\uff0c\u4e5f\u5c31\u662f\u6e1b\u5c11\u99ed\u5ba2\u53ef\u5229\u7528\u7684\u5165\u4fb5\u9ede\u3002\u6b64\u5916\uff0c\u82e5\u80fd\u79fb\u9664\u6216\u505c\u7528\u975e\u5fc5\u8981\u7684\u4f3a\u670d\u5668\u5143\u4ef6\u6216\u670d\u52d9\uff0c\u9084\u53ef\u518d\u9032\u4e00\u6b65\u964d\u4f4e\u98a8\u96aa\u3002<\/li>\n<li><em><strong>\u63a1\u53d6\u6700\u4f4e\u6388\u6b0a\u7684\u539f\u5247 (\u80fd\u4e0d\u958b\u653e\u7684\u6b0a\u9650\u5c31\u4e0d\u958b\u653e)\u3002<\/strong><\/em>Linux \u7684\u6b0a\u9650\u5206\u96e2\u529f\u80fd\u662f\u4e00\u500b\u9632\u6b62\u7a0b\u5f0f\u5c0d\u7cfb\u7d71\u505a\u4e0d\u7576\u4fee\u6539\u7684\u4e0d\u932f\u6a5f\u5236\u3002\u6b64\u5916\uff0c\u6709\u9650\u5236\u5730\u958b\u653e\u6b0a\u9650\u4e5f\u6709\u52a9\u65bc\u964d\u4f4e\u66b4\u96aa\u4e26\u964d\u4f4e\u640d\u5bb3\uff0c\u540c\u6642\u9084\u53ef\u9632\u7bc4\u672a\u7d93\u6388\u6b0a\u7684\u5b58\u53d6\u3002IT \u7cfb\u7d71\u7ba1\u7406\u54e1\u53ef\u8003\u616e\u63a1\u7528\u5f37\u5236\u8cab\u5fb9\u653f\u7b56\u7684\u64f4\u5145\u529f\u80fd\u4f86\u9650\u5236\u4e00\u500b\u7a0b\u5f0f\u53ef\u5b58\u53d6\u7684\u6a94\u6848\u7cfb\u7d71\u8207\u7db2\u8def\u8cc7\u6e90\u7bc4\u570d\u3002<\/li>\n<li><em><strong>\u4e3b\u52d5\u76e3\u63a7\u4e26\u6aa2\u67e5\u60a8\u7684\u7db2\u8def\u6d41\u91cf\u3002<\/strong><\/em><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/network-solutions-ransomware-stopping-containing-spread\/\">\u59a5\u5584\u4fdd\u8b77\u7db2\u8def\u4ee5\u9632\u7bc4\u5a01\u8105<\/a>\u5c0d\u4efb\u4f55\u4f01\u696d\u4f86\u8aaa\u90fd\u662f\u4e00\u9805\u5fc5\u8981\u7684\u5de5\u4f5c\u3002\u90e8\u7f72\u5165\u4fb5\u9632\u8b77\u7cfb\u7d71\u8207\u9632\u706b\u7246\uff0c\u53ef\u6709\u52a9\u65bc\u767c\u6398\u3001\u904e\u6ffe\u3001\u6514\u622a\u56e0\u60e1\u610f\u7a0b\u5f0f\u611f\u67d3\u6240\u7522\u751f\u7684\u6d41\u91cf\u3002\u7cfb\u7d71\u4e8b\u4ef6\u8a18\u9304\u6a94\u53ef\u63d0\u4f9b\u4e00\u4e9b\u9451\u8b58\u5206\u6790\u8cc7\u8a0a\u4f86\u5354\u52a9 IT \u7cfb\u7d71\u7ba1\u7406\u54e1\u5075\u6e2c\u99ed\u5ba2\u8a66\u5716\u5165\u4fb5\u8207\u5be6\u969b\u653b\u64ca\u7684\u8de1\u8c61\u3002<\/li>\n<li><em><strong>\u5099\u4efd\u60a8\u7684\u6a94\u6848\u3002<\/strong><\/em>\u9632\u7bc4\u52d2\u7d22\u75c5\u6bd2\u6050\u5687\u4f0e\u5006\u8207\u56b4\u91cd\u5f8c\u679c\u6700\u6709\u6548\u7684\u9632\u7bc4\u63aa\u65bd\u4e4b\u4e00\u5c31\u662f<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/world-backup-day-the-3-2-1-rule\/\">\u5099\u4efd\u6a94\u6848<\/a>\uff1a\u81f3\u5c11\u4e09\u4efd\u526f\u672c\u3001\u5169\u7a2e\u5132\u5b58\u5a92\u9ad4\u3001\u4e00\u4efd\u653e\u5728\u7570\u5730\u4fdd\u5b58\u3002<\/li>\n<li><em><strong>\u5be6\u65bd\u7db2\u8def\u5206\u5272\u8207\u8cc7\u6599\u5206\u985e\u3002<\/strong><\/em><a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cyber-attacks\/protecting-data-through-network-segmentation\">\u7db2\u8def\u5206\u5272<\/a>\u53ef\u9632\u6b62\u611f\u67d3\u64f4\u6563\uff0c<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/identifying-and-dividing-networks-and-users\/\">\u8cc7\u6599\u5206\u985e<\/a>\u5247\u53ef\u4ee5\u6e1b\u8f15\u906d\u53d7\u653b\u64ca\u7684\u640d\u5bb3\u7a0b\u5ea6\u3002<\/li>\n<\/ul>\n<p><strong>\u8da8\u52e2\u79d1\u6280\u89e3\u6c7a\u65b9\u6848<\/strong><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/us\/enterprise\/cloud-solutions\/deep-security\/index.html\">\u8da8\u52e2\u79d1\u6280 Deep Security\u2122<\/a> \u53ef\u9632\u7bc4\u52d2\u7d22\u75c5\u6bd2\u5165\u4fb5\u4f01\u696d\u7684\u5be6\u9ad4\u3001\u865b\u64ec\u3001\u96f2\u7aef\u6216\u5bb9\u5668\u74b0\u5883\u4e2d\u7684\u4f3a\u670d\u5668\u548c\u5de5\u4f5c\u8ca0\u8f09\u3002Deep Security\u2122 \u53ef\u85c9\u7531\u5165\u4fb5\u9632\u8b77 (IPS) \u548c\u4e3b\u6a5f\u9632\u706b\u7246\u4f86\u9632\u7bc4\u7db2\u8def\u5a01\u8105\uff0c\u5229\u7528\u865b\u64ec\u4fee\u88dc\u6280\u8853\u4f86\u9632\u5835\u4f3a\u670d\u5668\u6f0f\u6d1e\uff0c\u76f4\u5230\u8edf\u9ad4\u5ee0\u5546\u91cb\u51fa\u4fee\u88dc\u66f4\u65b0\u70ba\u6b62\u3002Deep Security\u2122 \u7684\u60e1\u610f\u7a0b\u5f0f\u9632\u8b77\u548c\u884c\u70ba\u5206\u6790\u53ef\u9632\u6b62\u5404\u7a2e\u60e1\u610f\u7a0b\u5f0f (\u5305\u62ec\u52d2\u7d22\u75c5\u6bd2) \u9032\u5165\u4f3a\u670d\u5668\uff0c\u5373\u6642\u4e2d\u6b62\u5404\u7a2e\u60e1\u610f\u884c\u70ba\u3002Deep Security\u2122\u2122 \u540c\u6642\u9084\u63d0\u4f9b\u4e86\u7cfb\u7d71\u5c64\u6b21\u7684\u5b89\u5168\u63aa\u65bd\uff0c\u5305\u62ec\u53ef\u9396\u5b9a\u4f3a\u670d\u5668\u7528\u9014\u7684\u61c9\u7528\u7a0b\u5f0f\u63a7\u7ba1\uff0c\u4ee5\u53ca\u53ef\u5075\u6e2c\u6f5b\u5728\u5165\u4fb5\u6307\u6a19 (\u4f8b\u5982\u52d2\u7d22\u75c5\u6bd2) \u7684\u4e00\u81f4\u6027\u76e3\u63a7\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cyber-attacks\/erebus-linux-ransomware-impact-to-servers-and-countermeasures\">Erebus Linux Ransomware: Impact to Servers and Countermeasures<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>6 \u6708 10 \u65e5\uff0c\u5357\u97d3\u7db2\u7ad9\u4ee3\u7ba1\u516c\u53f8 NAYANA\u00a0 \u906d\u5230\u6700\u65b0\u7684\u00a0\u8972\u64ca\uff0c\u52d2\u7d22\u75c5\u6bd2 Ransomware (\u52d2\u7d22\u8edf [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1268,1943],"tags":[3322,1759,2559],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/50526"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=50526"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/50526\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=50526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=50526"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=50526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}