{"id":67016,"date":"2021-02-03T09:00:00","date_gmt":"2021-02-03T01:00:00","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=67016"},"modified":"2021-02-02T15:34:01","modified_gmt":"2021-02-02T07:34:01","slug":"%e4%bc%81%e6%a5%ad%e9%ab%98%e5%b1%a4%e5%b8%b3%e8%99%9f%e8%b3%a3%e5%ae%b6%e4%bb%a5%e3%80%8coffice-365%e5%af%86%e7%a2%bc%e9%81%8e%e6%9c%9f%e3%80%8d%e9%87%a3%e9%ad%9a%e4%bf%a1%e9%8e%96%e5%ae%9a%e5%85%a8","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=67016","title":{"rendered":"\u4f01\u696d\u9ad8\u5c64\u5e33\u865f\u8ce3\u5bb6\u4ee5\u300cOffice 365\u5bc6\u78bc\u904e\u671f\u300d\u91e3\u9b5a\u4fe1,\u9396\u5b9a\u5168\u7403 CEO\u7b49\u9ad8\u968e\u4e3b\u7ba1!"},"content":{"rendered":"\n

\u8da8\u52e2\u79d1\u6280\u5f9e\u516b\u500b\u88ab\u5165\u4fb5\u7db2\u7ad9\u767c\u73fe\u8d85\u904e300\u7b46\u4e0d\u91cd\u8907\u91e3\u9b5a\u7db2\u5740\u548c70\u7b46\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\uff0c\u5305\u62ec\u4e8640\u4f4d\u516c\u53f8\u57f7\u884c\u9577\u3001\u9ad8\u968e\u4e3b\u7ba1\u3001\u64c1\u6709\u8005\u548c\u5275\u8fa6\u4eba\u53ca\u5176\u4ed6\u4f01\u696d\u54e1\u5de5\u7684\u90f5\u4ef6\u5730\u5740\u3002<\/p>

\u5730\u4e0b\u5e02\u5834\u5df2\u7d93\u51fa\u73fe\u8ca9\u552e\u7aca\u4f86\u7684Office 365\u5e33\u865f\u5bc6\u78bc\u53ca\u516c\u53f8\u8077\u4f4d\u7b49\u8cc7\u8a0a,\u85c9\u4ee5\u63d0\u4f9b\u6b79\u5f92\u9032\u884c\u5546\u52d9\u96fb\u5b50\u90f5\u4ef6\u5165\u4fb5 (Business Email Compromise,BEC)<\/a>\u7b49\u653b\u64ca\u3002<\/p>

\u9019\u4e9b\u516c\u53f8\u9ad8\u5c64\u7684\u5e33\u5bc6\u50f9\u683c\u5f9e250\u7f8e\u5143\u5230500\u7f8e\u5143\u4e0d\u7b49\u3002<\/p><\/blockquote>\n\n\n\n

\"\u4f01\u696d\u9ad8\u5c64\u5e33\u865f\u8ce3\u5bb6\u4ee5\u300cOffice<\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u8da8\u52e2\u79d1\u6280<\/a>\u81ea2020\u5e74\u4ee5\u4f86\u4e00\u76f4\u5728\u8ffd\u8e64\u4e00\u6ce2\u4ee5\u516c\u53f8\u9ad8\u5c64\u70ba\u76ee\u6a19\u7684\u7db2\u8def\u91e3\u9b5a\u6d3b\u52d5\uff0c\u91cd\u8907\u5229\u7528\u5916\u6d29\u5e33\u5bc6\u548c\u88ab\u5165\u4fb5\u7db2\u5740\u4f86\u9396\u5b9a\u66f4\u591a\u76ee\u6a19\u3002<\/p>\n\n\n\n

\u81ea2020\u5e745\u6708\u8d77\uff0c\u8da8\u52e2\u79d1\u6280<\/a>\u4e00\u76f4\u5728\u8ffd\u8e64\u4e00\u6ce2\u91dd\u5c0d\u516c\u53f8\u9ad8\u5c64\u7684\u7db2\u8def\u91e3\u9b5a\u6d3b\u52d5\u3002\u653b\u64ca\u8005\u91cd\u8907\u5229\u7528\u88ab\u5165\u4fb5\u4e3b\u6a5f\u4f86\u91dd\u5c0d\u65e5\u672c\u3001\u7f8e\u570b\u3001\u82f1\u570b\u3001\u52a0\u62ff\u5927\u3001\u6fb3\u6d32\u548c\u6b50\u6d32\u7b49\u591a\u500b\u570b\u5bb6\/\u5730\u5340\u7684\u88fd\u9020\u696d\u3001\u623f\u5730\u7522\u3001\u91d1\u878d\u696d\u3001\u653f\u5e9c\u548c\u79d1\u6280\u696d\u9032\u884c\u91e3\u9b5a\u653b\u64ca\u3002\u622a\u81f3\u672c\u6587\u64b0\u5beb\u6642\uff0c\u6211\u5011\u5f9e\u516b\u500b\u88ab\u5165\u4fb5\u7db2\u7ad9\u767c\u73fe\u8d85\u904e300\u7b46\u4e0d\u91cd\u8907\u91e3\u9b5a\u7db2\u5740\u548c70\u7b46\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\uff0c\u5305\u62ec\u4e8640\u4f4d\u516c\u53f8\u57f7\u884c\u9577\u3001\u9ad8\u968e\u4e3b\u7ba1\u3001\u64c1\u6709\u8005\u548c\u5275\u8fa6\u4eba\u53ca\u5176\u4ed6\u4f01\u696d\u54e1\u5de5\u7684\u90f5\u4ef6\u5730\u5740\u3002\u6211\u5011\u73fe\u5728\u6b63\u8207\u6709\u95dc\u7576\u5c40\u5408\u4f5c\u4f86\u9032\u884c\u9032\u4e00\u6b65\u7684\u8abf\u67e5\u3002<\/p>\n\n\n\n\n\n\n\n

<\/div>\n\n\n\n

\u507d\u9020\u7684Office 365\u5bc6\u78bc\u904e\u671f\u901a\u77e5\u8a98\u9a19\u53d7\u5bb3\u8005<\/h3>\n\n\n\n


\u8da8\u52e2\u79d1\u6280\u89c0\u5bdf\u5230\u653b\u64ca\u8005\u5229\u7528\u507d\u9020\u7684Office 365\u5bc6\u78bc\u904e\u671f\u901a\u77e5\u4f86\u8a98\u9a19\u53d7\u5bb3\u8005\u3002\u901a\u77e5\u76ee\u6a19\u5982\u679c\u60f3\u7e7c\u7e8c\u4f7f\u7528\u76f8\u540c\u5bc6\u78bc\uff0c\u5c31\u9ede\u5165\u90f5\u4ef6\u9023\u7d50\uff1b\u9078\u64c7\u300c\u4fdd\u7559\u5bc6\u78bc\u300d\u6703\u5c07\u4f7f\u7528\u8005\u5c0e\u5411\u91e3\u9b5a\u7db2\u9801\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u57161.
\u57161. \u4f5c\u70ba\u7db2\u8def\u91e3\u9b5a\u8a98\u990c\u7684Office365\u5bc6\u78bc\u91cd\u7f6e\u90f5\u4ef6\u548c\u9023\u7d50\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u5c31\u5982\u53bb\u5e74\u66fe\u7d93\u7c21\u8981\u5831\u544a<\/a>\u904e\uff0c\u653b\u64ca\u8005\u6703\u91cd\u8907\u4f7f\u7528\u88ab\u5165\u4fb5\u7db2\u7ad9\u548c\u53d7\u5bb3\u8005\u5e33\u5bc6\u4f86\u8a17\u7ba1\u91e3\u9b5a\u7db2\u9801\u4e26\u7372\u53d6\u66f4\u591a\u53d7\u5bb3\u8005\u3002\u9019\u500b\u53ef\u4f9b\u8ca9\u8ce3\u7684\u5957\u4ef6\u80fd\u5920\u5728\u53d7\u5bb3\u8005\u9ede\u5165\u5167\u5d4c\u9023\u7d50\u5f8c\u9a57\u8b49\u5e33\u5bc6\u8cc7\u8a0a\u548c\u6b63\u78ba\u6027\u3002<\/p>\n\n\n\n

\u540c\u6642\u6211\u5011\u4e5f\u5728\u6aa2\u67e5\u5730\u4e0b\u6d3b\u52d5\u6642\u767c\u73fe\u6578\u5247\u51fa\u552e\u57f7\u884c\u9577\u3001\u8ca1\u52d9\u9577\u548c\u8ca1\u52d9\u90e8\u9580\u6210\u54e1\u5e33\u865f\u5bc6\u78bc\u7684\u5ee3\u544a\u3002\u9019\u4e9b\u8cbc\u6587\u51fa\u73fe\u5728\u591a\u500b\u82f1\u8a9e\u548c\u4fc4\u8a9e\u8ad6\u58c7\uff0c\u5176\u4e2d\u4e00\u500b\u8ad6\u58c7\u4f3c\u4e4e\u4e5f\u6709\u53e6\u4e00\u540d\u6210\u54e1\u7684\u5ee3\u544a<\/a>\u3002\u503c\u5f97\u6ce8\u610f\u7684\u662f\uff0c\u4fc4\u8a9e\u8ad6\u58c7\u4e0a\u7684\u5e16\u5b50\u90fd\u662f\u7528\u82f1\u6587\u767c\u8868\uff0c\u4e26\u4e14\u662f\u7528\u65b0\u8a3b\u518a\u7684\u5e33\u865f\u3002\u4ed6\u5011\u8ca9\u552e\u7aca\u4f86\u7684\u5fae\u8edfOffice 365\u5e33\u865f\u5bc6\u78bc\u53ca\u516c\u53f8\u8077\u4f4d\u8cc7\u8a0a\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u57162.
\u57162. \u5730\u4e0b\u8ad6\u58c7\u8a0a\u606f\u63d0\u4f9b\u7aca\u4f86\u7684\u5e33\u865f\u5bc6\u78bc\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6<\/strong><\/h3>\n\n\n\n


\u60e1\u610f\u6d3b\u52d5\u7b56\u5283\u8005\u5728\u653b\u64ca\u671f\u9593\u4f7f\u7528\u4e00\u6a23\u7684\u7db2\u8def\u91e3\u9b5a\u5de5\u5177\u3002\u8da8\u52e2\u79d1\u6280<\/a>\u767c\u73fe\u6709\u4e9b\u8a17\u7ba1\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u7684\u7db2\u7ad9\u6c92\u6709\u8a2d\u5b9a\u597d\u3002\u9019\u6703\u66b4\u9732\u51fa\u8cc7\u6599\u593e\u5167\u5bb9\uff0c\u53ef\u4ee5\u4e0d\u7d93\u8a8d\u8b49\u4f86\u4e0b\u8f09\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u548c\u76f8\u95dc\u65e5\u8a8c\u6a94\u3002\u9019\u4e5f\u8b93\u6211\u5011\u5c0d\u9019\u6ce2\u653b\u64ca\u6709\u66f4\u591a\u7684\u4e86\u89e3\uff0c\u4e26\u627e\u5230\u8b49\u64da\u4f86\u5c0d\u4e0d\u540c\u90e8\u7f72\u5730\u9ede\u7684\u5957\u4ef6\u9032\u884c\u6b78\u56e0\u3002<\/p>\n\n\n\n

\u6b64\u767c\u73fe\u8b93\u6211\u5011\u76f8\u4fe1\u5957\u4ef6\u958b\u767c\u8005\u5c07\u904e\u53bb\u7684\u5c08\u6848\u529f\u80fd\u7528\u5728\u4e4b\u5f8c\u5728\u5730\u4e0b\u8ca9\u8ce3\u7684Office 365\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u3002\u4f46\u7576\u6211\u5011\u9032\u4e00\u6b65\u6aa2\u67e5\u958b\u767c\u8005\u8cc7\u6599\u6642\uff0c\u6211\u5011\u767c\u73fe\u5947\u602a\u7684\u5730\u65b9\uff0c\u53ef\u80fd\u9700\u8981\u9032\u4e00\u6b65\u7684\u6280\u8853\u548c\u6cd5\u5f8b\u8abf\u67e5\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u57163.
\u57163. \u5728\u65e5\u8a8c\u6a94\u5167\u627e\u5230\u7684\u53ef\u80fd\u6b78\u56e0\u8b49\u64da\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n
\"\u57164.
\u57164. \u8a2d\u5b9a\u4e0d\u7576\u7684\u65e5\u8a8c\u6a94\u8a73\u7d30\u63cf\u8ff0\u4e86\u53d7\u5bb3\u8005\u6703\u88ab\u5c0e\u5411\u7684\u91e3\u9b5a\u7db2\u7ad9\u53ca\u4ed6\u5011\u7684\u500b\u4eba\u8eab\u4efd\u8cc7\u8a0a\uff08\u90f5\u4ef6\u5730\u5740\u3001\u5bc6\u78bc\u3001\u57ce\u5e02\u548c\u7cfb\u7d71\u8cc7\u8a0a\uff09\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u5229\u7528\u7b2c\u4e09\u65b9RDP<\/strong>\u670d\u52d9\u767c\u9001\u96fb\u5b50\u90f5\u4ef6<\/strong><\/h3>\n\n\n\n



\u6aa2\u8996\u8a98\u990c\u6a23\u672c\u7684\u90f5\u4ef6\u6a19\u982d\uff0c\u6aa2\u67e5SMTP\u6a19\u982d\u5f8c\u767c\u73fe\u4e00\u500b\u6709\u8da3\u7684\u7d30\u7bc0\uff1a\u5927\u591a\u6578\u91e3\u9b5a\u90f5\u4ef6\u90fd\u662f\u5229\u7528FireVPS\u7684\u865b\u64ec\u5c08\u7528\u4f3a\u670d\u5668\uff08VPS\uff09\u767c\u9001\u3002<\/p>\n\n\n\n

from FireVPS-RDP (XX.X.XXX.XX) by   from FireVPS-RDP (XXX.XXX.XX.XXX) by   from FireVPS-RDP (XX.XXX.XXX.XX) by OL1P279CA0064.NORP279.PROD.OUTLOOK.COM (2603:10a6:e10:15::15) with Microsoft SMTP<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

FireVPS<\/a>\u662f\u4e00\u7a2e\u865b\u64ec\u5c08\u7528\u4f3a\u670d\u5668\uff08VPS\uff09\uff0c\u70ba\u5ba2\u6236\u63d0\u4f9b\u4e00\u7cfb\u5217\u7684Windows\u9060\u7aef\u684c\u9762\u5354\u5b9a\uff08RDP\uff09\u65b9\u6848\u3002\u767c\u9001\u7d66\u53d7\u5bb3\u8005\u7684\u96fb\u5b50\u90f5\u4ef6\u662f\u5f9eRDP\u670d\u52d9\u9001\u51fa\u3002\u6211\u5011\u5df2\u5c07\u6b64\u4e8b\u901a\u77e5\u4e86FireVPS\uff0c\u4f46\u5c1a\u672a\u6536\u5230\u4ed6\u5011\u7684\u56de\u61c9\u3002<\/p>\n\n\n\n

\u7576\u6383\u63cf\u5176\u4ed6\u90f5\u4ef6\u6a23\u672c\u4f86\u627e\u51fa\u5f9eFireVPS-RDP\u6a5f\u5668\u767c\u9001\u7684\u96fb\u5b50\u90f5\u4ef6\u6642\uff0c\u6211\u5011\u767c\u73fe\u4e86\u985e\u4f3c\u7684\u91e3\u9b5a\u90f5\u4ef6\u7bc4\u672c\uff0c\u800c\u4e14\u5bc4\u7d66\u8ca1\u52d9\u90e8\u9580\u54e1\u5de5\u7684\u7db2\u5740\u4e5f\u5305\u542b\u4e86\u6536\u4ef6\u8005\u7684\u8cc7\u8a0a\u548c\u5e33\u5bc6\u3002\u5728\u7db2\u8def\u4e0a\u641c\u5c0b\u5f8c\u767c\u73fe\u6536\u4ef6\u8005\u7684\u500b\u4eba\u8cc7\u6599\u548c\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u8207\u4ed6\u5011LinkedIn\u5e33\u865f\u6240\u5217\u51fa\u7684\u8cc7\u8a0a\u76f8\u7b26\u5408\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u5c01\u9396\u5217\u8868<\/strong><\/h3>\n\n\n\n



\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u958b\u767c\u8005\u82b1\u8cbb\u76f8\u7576\u591a\u7684\u6642\u9593\u4f86\u7de8\u5beb\u5957\u4ef6\u5167\u7684\u5c01\u9396\u5217\u8868,\u5b83\u4f7f\u7528\u4e86\u5927\u91cf\u7db2\u57df\u540d\u7a31\u548cIP\u5730\u5740\u7bc4\u570d\u5217\u8868\uff0c\u78ba\u4fdd\u5c01\u9396\u4f86\u81ea\u8cc7\u5b89\u516c\u53f8\u6216\u5927\u578b\u96f2\u7aef\u670d\u52d9\u7684\u9023\u7dda\u3002\u6211\u5011\u8a8d\u70ba\u5176\u76ee\u7684\u662f\u70ba\u4e86\u8eb2\u907f\u8cc7\u5b89\u5ee0\u5546\u7684\u5075\u6e2c\uff0c\u56e0\u70ba\u8a72\u5217\u8868\u5305\u542b\u4e86\u8a31\u591a\u9632\u6bd2\u516c\u53f8\uff1bGoogle\u3001\u5fae\u8edf\u3001VirusTotal\u53ca\u5176\u4ed6\u773e\u591a\u7db2\u8def\u5b89\u5168\u548c\u6280\u8853\u516c\u53f8\uff0c\u9084\u5305\u62ec\u4e86\u958b\u653e\u9ed1\u540d\u55ae\u7db2\u7ad9\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u57165.
\u57165. \u91e3\u9b5a\u5957\u4ef6\u958b\u767c\u8005\u52aa\u529b\u5730\u5c07\u7279\u5b9aIP\u5730\u5740\u52a0\u5165\u5c01\u9396\u5217\u8868\u4f86\u8eb2\u907f\u5075\u6e2c\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u5f88\u8af7\u523a\u5730\u7684\u662f\uff0c\u5957\u4ef6\u958b\u767c\u8005\u7a4d\u6975\u5730\u5728\u793e\u7fa4\u7db2\u8def\u63a8\u92b7\u5957\u4ef6\u7684\u540c\u6642\uff0c\u9084\u82b1\u8cbb\u9019\u9ebc\u591a\u7684\u6642\u9593\u4f86\u5efa\u7acb\u5c01\u9396\u5217\u8868\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u7684\u65e9\u671f\u7248\u672c<\/strong><\/h3>\n\n\n\n



\u6211\u5011\u9019\u6b21\u6240\u770b\u5230\u7684\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u662f\u5176\u7b2c\u56db\u4ee3\u7248\u672c\u3002\u56e0\u70ba\u5b83\u5728\u5730\u4e0b\u548c\u793e\u7fa4\u5a92\u9ad4\u4e0a\u5927\u4f5c\u5ba3\u50b3\uff0c\u56e0\u6b64\u4e4b\u524d\u7684\u7248\u672c\u90fd\u6709\u88ab\u6ce8\u610f\u5230\u4e26\u70ba\u7db2\u8def\u5b89\u5168\u793e\u7fa4\u6240\u77e5\u3002<\/p>\n\n\n\n

\u6839\u64da\u60e1\u610f\u8edf\u9ad4\u958b\u767c\u8005\u7684\u300c\u5546\u5bb6\u300d\u81c9\u66f8\u9801\u9762\uff0c\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u7684\u7b2c\u4e00\u7248\u65bc2019\u5e747\u67084\u65e5\u767c\u8868\uff0c\u7dca\u63a5\u8457\u662f15\u5929\u5f8c\u7684\u7b2c\u4e8c\u7248\uff08V2\uff09\u3002\u7b2c\u4e09\u7248\uff08V3\uff09\u6c92\u6709\u6b63\u5f0f\u516c\u4f48\u5728\u81c9\u66f8\u9801\u9762\u4e0a\uff0c\u4f46\u53ef\u4ee5\u767c\u73fe\u8a72\u7248\u672c\u7684\u5b58\u5728\uff0c\u80fd\u5920\u5728\u7db2\u8def\u4e0a\u641c\u5c0b\u5230\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u57166.
\u57166. \u60e1\u610f\u8edf\u9ad4\u958b\u767c\u8005\u5728\u5176\u793e\u7fa4\u5a92\u9ad4\u4e0a\u516c\u5e03\u60e1\u610fOffice365\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u7684\u7b2c\u4e8c\u7248\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n
\"\u57167.
\u57167. \u7db2\u8def\u91e3\u9b5a\u5957\u4ef6V2\u548cV3\u5728\u5e7e\u500b\u6708\u524d\u88ab\u5831\u5c0e\u904e\uff0c\u5728\u7db2\u8def\u5b89\u5168\u7814\u7a76\u4eba\u54e1\u4e2d\u773e\u6240\u7686\u77e5\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u5927\u90e8\u5206\u8a98\u990c\u7684\u5167\u5bb9\u4e3b\u984c\u90fd\u662f\u5728\u63d0\u793a\u53d7\u5bb3\u8005\u4fdd\u7559\u7576\u524d\u5bc6\u78bc\u3002\u6aa2\u8996\u9019\u4e9b\u6d3b\u52d5\u7684\u6a21\u5f0f\u53ef\u4ee5\u767c\u73fe\uff0c\u7db2\u8def\u91e3\u9b5a\u9023\u7d50\u7684\u7b2c\u4e00\u5c64\u5c07\u6536\u4ef6\u8005\u90f5\u4ef6\u7db2\u57df\u5305\u542b\u5728\u91e3\u9b5a\u7db2\u5740\u7684\u5b50\u7db2\u57df\u4e2d\uff0c\u7136\u5f8c\u662f\u6536\u4ef6\u8005\u90f5\u4ef6\u5730\u5740\u7684Base64\u7de8\u78bc\u5b57\u4e32\u3002\uff08\u90f5\u4ef6\u5730\u5740\u4e26\u4e0d\u4e00\u5b9a\u7528base64\u7de8\u78bc\uff0c\u6211\u5011\u4e5f\u770b\u904e\u5305\u542b\u7d14\u6587\u5b57\u683c\u5f0f\u90f5\u4ef6\u5730\u5740\u7684\u767b\u5165\u9801\u9762\uff09\u3002<\/p>\n\n\n\n

\u7576\u4f7f\u7528\u8005\u9078\u64c7\u4fdd\u7559\u5bc6\u78bc\u6642\uff0c\u6703\u88ab\u5c0e\u5411\u91e3\u9b5a\u7db2\u9801\u3002\u6211\u5011\u6ce8\u610f\u5230\u73fe\u4eca\u91e3\u9b5a\u7db2\u5740\u7684\u767b\u5165\u9801\u9762\u5f9e\u516b\u6708\u958b\u59cb\u5305\u542b\u4e86\u95dc\u9375\u5b57\u300c OfficeV4\u300d\u3002<\/p>\n\n\n\n

\u5230\u4e86\u4e5d\u6708\uff0c\u4ecd\u7136\u6709\u5305\u542b\u53d7\u5bb3\u8005\u7684\u90f5\u4ef6\u7db2\u57df\uff0c\u4f46\u524d\u7db4\u5f9e\u300c sg\u300d\u6539\u70ba\u300c pl\u300d\u3001\u300c00\u300d\u6216\u300cag\u300d\u3002\u800c\u5341\u6708\u7684\u53e6\u4e00\u6ce2\u5247\u662f\u5c07\u53d7\u5bb3\u8005\u540d\u5b57\u5305\u542b\u5728\u5b50\u7db2\u57df\uff0c\u800c\u975e\u5404\u81ea\u7684\u7db2\u57df\u540d\u7a31\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u57168.
\u57168. \u8ffd\u8e64\u6d3b\u52d5\u7db2\u57df\u8b8a\u5316<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n
\"\u57169.
\u57169. \u6240\u6709\u7248\u672c\u7684\u5171\u901a\u4e3b\u984c\uff1a\u63d0\u793a\u53d7\u5bb3\u8005\u9ede\u5165\u9023\u7d50\u4f86\u4fdd\u7559\u7576\u524d\u5bc6\u78bc\u7684\u8a0a\u606f\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6700\u65b0\u7db2\u8def\u91e3\u9b5a\u5957\u4ef6\u7684\u986f\u8457\u7279\u9ede<\/strong><\/h3>\n\n\n\n



\u9664\u4e86\u5c01\u9396\u5217\u8868\uff0cV4\u9084\u52a0\u5165\u4e86\u5176\u4ed6\u589e\u52a0\u5075\u6e2c\u96e3\u5ea6\u7684\u529f\u80fd\u3002\u5305\u62ec\u6703\u5075\u6e2c\u6a5f\u5668\u4eba\u6383\u63cf\u6216\u722c\u87f2\uff0c\u4e26\u6703\u5728\u5075\u6e2c\u5230\u6a5f\u5668\u4eba\u6642\u63d0\u4f9b\u66ff\u4ee3\u5167\u5bb9\u3002\u5e95\u4e0b\u662f\u958b\u767c\u8005\u5728\u81c9\u66f8\u9801\u9762\u6240\u5217\u51fa\u7684\u90e8\u5206V4\u529f\u80fd\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"figure10-fake-office-365-used-for-phishing-attacks-on-c-suite-targets\"\/
\u571610. \u5728\u793e\u7fa4\u5a92\u9ad4\u4e0a\u8cbc\u51fa\u7684Office365 V4\u91e3\u9b5a\u5957\u4ef6\u529f\u80fd\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6b64\u5916\uff0c\u91e3\u9b5a\u5957\u4ef6\u5728\u8ca9\u8ce3\u6642\u9084\u5305\u542b\u4e00\u4efd\u6388\u6b0a\uff0c\u6703\u900f\u904e\u6df7\u6dc6\u5316PHP\u8173\u672c\u56de\u50b3\u5230\u958b\u767c\u8005\u7cfb\u7d71\u4f86\u9a57\u8b49\u6388\u6b0a\u6709\u6548\u6027\u3002\u91e3\u9b5a\u9801\u9762\u6703\u9023\u5230\u6388\u6b0a\u4f3a\u670d\u5668\u4f86\u6aa2\u67e5\u6388\u6b0a\u91d1\u9470\u7684\u53ef\u7528\u6027\uff0c\u53ef\u4ee5\u5728config.PHP\u770b\u5230\u6388\u6b0a\u4f3a\u670d\u5668\u7684\u7db2\u5740\/IP\u3002\u6709\u610f\u601d\u7684\u662f\uff0cconfig.PHP\u53ef\u4ee5\u5728\u771f\u6b63\u7684\u91e3\u9b5a\u7db2\u7ad9\u4e0a\u88ab\u8b80\u53d6\uff0c\u88e1\u9762\u5305\u542b\u4e86\u6388\u6b0a\u91d1\u9470\u548c\u90f5\u4ef6\u5730\u5740\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"figure11-fake-office-365-used-for-phishing-attacks-on-c-suite-targets\"\/
\u571611. \u900f\u904ePHP\u6aa2\u67e5\u6388\u6b0a\u6709\u6548\u6027<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n
\"figure12-fake-office-365-used-for-phishing-attacks-on-c-suite-targets\"\/
\u571612. \u53ef\u4ee5\u5728\u91e3\u9b5a\u7db2\u7ad9\u4e0a\u8b80\u53d6\u8a2d\u5b9a\u6a94<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6211\u5011\u6703\u7e7c\u7e8c\u7814\u7a76\u6b64\u91e3\u9b5a\u6d3b\u52d5\u7684\u7279\u9ede\uff0c\u4f86\u8ffd\u8e64\u9032\u4e00\u6b65\u53ef\u80fd\u7684\u767c\u5c55\u4e26\u9810\u6e2c\u5176\u8eb2\u907f\u6280\u8853\u7684\u8b8a\u5316\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u8ffd\u8e64\u5957\u4ef6\u958b\u767c\u8005<\/strong><\/h3>\n\n\n\n


\u8072\u7a31\u70ba\u6b64\u60e1\u610f Office365 \u7684\u958b\u767c\u8005\u65bc2020\u5e74\u4e2d\u5728\u5176\u300c\u5546\u5bb6\u300d\u81c9\u66f8\u7db2\u9801\u5ba3\u5e03V4\u91e3\u9b5a\u5957\u4ef6\u7684\u63a8\u51fa\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u571613.
\u571613. \u7591\u4f3c\u91e3\u9b5a\u5957\u4ef6\u958b\u767c\u8005\u5728\u5176\u5546\u5bb6\u81c9\u66f8\u7db2\u9801\u5ba3\u5e03\u63a8\u51fa\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6211\u5011\u9084\u89c0\u5bdf\u4e86V4\u767c\u8868\u524d\u4e00\u5929\u7684\u91e3\u9b5a\u5957\u4ef6\u6e2c\u8a66\u6d41\u91cf\u65e5\u8a8c\uff0c\u5e7e\u4e4e\u6240\u6709\u7684\u8a18\u9304\u90fd\u4f86\u81ea\u6469\u6d1b\u54e5\u7684\u4e0d\u540cIP\u5730\u5740\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u571614.
\u571614. \u5b58\u53d6\u65e5\u8a8c\u8b93\u6211\u5011\u80fd\u5920\u78ba\u5b9a\u5728\u516c\u544a\u524d\u4e00\u5929\u4f7f\u7528\u7684IP\u5730\u5740\u3002\u524d\u4e94\u5927IP\u5730\u5740\u90fd\u8ffd\u8e2a\u5230\u6469\u6d1b\u54e5\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u5ba3\u5e03V4\u4e0a\u5e02\u5f8c\u5e7e\u5929\uff0c\u6211\u5011\u767c\u73fe\u4e86\u4e00\u5c01\u96fb\u5b50\u90f5\u4ef6\u8a98\u990c\u6a23\u672c\uff1b\u6aa2\u8996\u6a19\u982d\u8cc7\u8a0a\u5f8c\u53ef\u4ee5\u767c\u73fe\u5b83\u8207\u6211\u5011\u572811\u6708\u548c12\u6708\u6240\u770b\u5230\u7684\u91e3\u9b5a\u6a23\u672c\u76f8\u543b\u5408\u3002<\/p>\n\n\n\n

Subject: ID:4563|| Request is under Process on Friday, July 17, 2020   Received: FireVPS-RDP (XX.X.XXX.XX) by VI1PR08CA0138.eurprd08.prod.outlook.com (2603:10a6:800:d5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id XX.XX.XXXX.XX via Frontend Transport; Fri, 17 Jul 2020 16:46:44 +0000\u2026\u2026<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

\u9032\u4e00\u6b65\u6aa2\u8996\u8a72\u5e33\u865f\u4e4b\u524d\u7684\u8cbc\u6587\uff0c\u9084\u767c\u73fe\u4e00\u4e9b\u516c\u544a\u8072\u7a31\u9019\u4f4d\u60e1\u610fOffice 365\u958b\u767c\u8005\u4e5f\u958b\u767c\u4e86\u5176\u4ed6\u5e33\u5bc6\u7aca\u76dc\u5957\u4ef6\u3002\u96d6\u7136\u5f8c\u8005\u5df2\u7d93\u7121\u6cd5\u4f7f\u7528\uff0c\u4f46\u5b83\u80fd\u5920\u5feb\u901f\u9a57\u8b49\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u7684\u6709\u6548\u6027\uff1b\u9019\u65e9\u671f\u7684\u5c08\u6848\u53ef\u80fd\u4fc3\u6210\u4e86\u6240\u51fa\u552e\u91e3\u9b5a\u5957\u4ef6\u7248\u672c\u7684\u529f\u80fd\u3002\u6839\u64da\u8a72\u5e33\u865f\u5728\u793e\u7fa4\u5a92\u9ad4\u7684\u5176\u4ed6\u8cbc\u6587\uff0c\u9664\u4e86\u91e3\u9b5a\u5957\u4ef6\u5916\uff0c\u8a72\u5e33\u865f\u4e5f\u7e7c\u7e8c\u5728\u8ca9\u8ce3\u7aca\u76dc\u4f86\u7684\u5e33\u865f\u5bc6\u78bc\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u571615.
\u571615. \u60e1\u610f\u8edf\u9ad4\u4f5c\u8005\u4e4b\u524d\u7684\u5c08\u6848\uff0c\u5176\u529f\u80fd\u8207\u73fe\u5728\u91e3\u9b5a\u5957\u4ef6\u7684\u67d0\u4e9b\u529f\u80fd\u76f8\u4f3c<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6211\u5011\u5728\u7db2\u8def\u4e0a\u641c\u5c0b\u6642\u53ef\u4ee5\u6bd4\u5c0d\u7db2\u8def\u72af\u7f6a\u4efd\u5b50\u7684\u5546\u5bb6\u81c9\u66f8\u7db2\u9801\u8207\u500b\u4eba\u7db2\u9801,\u4e26\u5df2\u7d93\u5c07\u9019\u4e9b\u8cc7\u8a0a\u901a\u77e5\u4e86\u6709\u95dc\u7576\u5c40\u9032\u884c\u8abf\u67e5\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u53ef\u80fd\u9023\u7d50\u5230\u516c\u53f8\u9ad8\u5c64\u5e33\u865f\u8ce3\u5bb6<\/strong><\/h3>\n\n\n\n


\u5730\u4e0b\u8ad6\u58c7\u6709\u8a31\u591a\u4eba\u5728\u8ca9\u8ce3\u516c\u53f8\u9ad8\u5c64\u7684\u5e33\u865f\u3002\u6211\u5011\u767c\u73fe\u4ed6\u5011\u6703\u5230\u5404\u500b\u8ad6\u58c7\u8ca9\u8ce3\u76f8\u95dc\u7684\u516c\u53f8\u9ad8\u5c64\u5e33\u865f\uff0c\u9019\u4e9b\u5e33\u5bc6\u50f9\u683c\u5f9e250\u7f8e\u5143\u5230500\u7f8e\u5143\u4e0d\u7b49\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"figure16-fake-office-365-used-for-phishing-attacks-on-c-suite-targets\"\/
\u571616. \u4e00\u4e9b\u5728\u5730\u4e0b\u8ad6\u58c7\u8ca9\u8ce3\u516c\u53f8\u9ad8\u5c64\u5e33\u5bc6\u7684\u8ce3\u5bb6<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6709\u610f\u601d\u7684\u662f\uff0c\u8a72\u4f7f\u7528\u8005\u63d0\u5230\u95dc\u65bc\u8ca9\u8ce3\u516c\u53f8\u9ad8\u5c64\u5e33\u5bc6\u7684\u8cbc\u6587\uff0c\u4e26\u8981\u6c42\u53ea\u8ddf\u4e4b\u524d\u4ea4\u6613\u904e\u7684\u5ba2\u6236\u6253\u4ea4\u9053\u3002\u65b0\u5ba2\u6236\u81ea\u52d5\u88ab\u7981\u6b62\u67e5\u770b\u53d7\u5f71\u97ff\u516c\u53f8\u548c\u5e33\u5bc6\u7684\u5217\u8868\u3002\u8a72\u4f7f\u7528\u8005\u9084\u51fa\u552e\u91dd\u5c0d\u4f3a\u670d\u5668\u7684\u91e3\u9b5a\u7a0b\u5e8f\uff0c\u4e26\u78ba\u8a8d\u6709\u529f\u80fd\u5982cookie\u64f7\u53d6\u548c\u591a\u56e0\u5b50\u8eab\u4efd\u8a8d\u8b49\u7e5e\u904e\u7b49\u3002\u6709\u8da3\uff0c\u540c\u4e00\u500b\u5e33\u865f\u5169\u8005\u90fd\u8ce3\u3002\u5e33\u5bc6\u7aca\u76dc\u5de5\u5177\u548c\uff08\u5169\u500b\uff09\u88ab\u7aca\u5e33\u865f\u7684\u50f9\u683c\u5927\u81f4\u76f8\u540c\uff0c\u8ddf\u8072\u7a31\u91e3\u9b5a\u5957\u4ef6\u958b\u767c\u8005\u5728\u793e\u7fa4\u5a92\u9ad4\u7684\u5831\u50f9\u985e\u4f3c\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u571617.
\u571617. \u5730\u4e0b\u8ce3\u65b9\u5c0d\u8207\u8ab0\u4ea4\u6613\u7684\u8072\u660e\uff08\u4e0a\uff09\uff0c\u53e6\u4e00\u5247\u51fa\u552e\u7db2\u8def\u91e3\u9b5a\u60e1\u610f\u8edf\u9ad4\u7684\u8cbc\u6587\uff08\u4e0b\uff09\u3002<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6f5b\u5728\u76ee\u6a19\u548c\u53d7\u5bb3\u8005\u7684\u8cc7\u6599<\/strong><\/h3>\n\n\n\n


\u5206\u6790\u4f86\u81ea\u8a2d\u5b9a\u4e0d\u7576\u7db2\u7ad9\u7684\u65e5\u8a8c\u8cc7\u6599\u5f8c\u767c\u73fe\uff0c\u622a\u81ea\u672c\u6587\u64b0\u5beb\u6642\uff0c\u88ab\u7aca\u5e33\u5bc6\u4f86\u81ea\u516b\u500b\u8a17\u7ba1\u60e1\u610fOffice 365 V4\u5957\u4ef6\u7684\u91e3\u9b5a\u7db2\u7ad9\u3002\u6211\u5011\u767c\u73fe\u6bcf\u500b\u7db2\u7ad9\u53ef\u80fd\u90fd\u662f\u7531\u4e0d\u540c\u7684\u91e3\u9b5a\u8005\u88fd\u4f5c\uff0c\u7528\u65bc\u4e0d\u540c\u898f\u6a21\u548c\u7bc4\u570d\u7684\u91e3\u9b5a\u6d3b\u52d5\u3002\u5176\u4e2d\u4e00\u6ce2\u53ea\u91dd\u5c0d\u7f8e\u570b\u7684\u516c\u53f8\u57f7\u884c\u9577\u3001\u7e3d\u88c1\u548c\u5275\u8fa6\u4eba\uff0c\u800c\u53e6\u4e00\u6ce2\u6d3b\u52d5\u5247\u91dd\u5c0d\u7f8e\u570b\u3001\u82f1\u570b\u3001\u52a0\u62ff\u5927\u3001\u5308\u7259\u5229\u3001\u8377\u862d\u548c\u4ee5\u8272\u5217\u7b49\u4e0d\u540c\u570b\u5bb6\u7684\u4e2d\u9ad8\u968e\u4e3b\u7ba1\u3002\u6b64\u5916\uff0c\u91e3\u9b5a\u8005\u4f3c\u4e4e\u5927\u591a\u5f9eLinkedIn\u6536\u96c6\u76ee\u6a19\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u571618.
\u571618. \u5f9eLinkedIn\u78ba\u8a8d\u53d7\u5bb3\u8005\u7684\u516c\u53f8\u8077\u4f4d<\/figcaption><\/figure>\n\n\n\n
\"\"\/
\u571619. \u53d7\u5bb3\u570b\u5bb6\u5206\u4f48<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u6839\u64da\u8cc7\u6599\u5206\u4f48\uff0c\u60e1\u610f\u4efd\u5b50\u4f7f\u7528Office 365 V4\u91e3\u9b5a\u5957\u4ef6\u7684\u4e3b\u8981\u76ee\u6a19\u986f\u7136\u662f\u7f8e\u570b\u7684\u57f7\u884c\u9577\u3002\u57f7\u884c\u9577\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u7684\u6e05\u55ae\u7d93\u5e38\u6703\u5728\u5730\u4e0b\u5e02\u5834\u8cb7\u8ce3\uff0c\u53ef\u4ee5\u7528\u4f86\u9032\u884c\u984d\u5916\u7684\u7db2\u8def\u91e3\u9b5a\u653b\u64ca\uff0c\u7372\u53d6\u654f\u611f\u8cc7\u8a0a\u6216\u9032\u884c\u5176\u4ed6\u793e\u4ea4\u5de5\u7a0b\uff08social engineering \uff09<\/a>\u653b\u64ca\uff0c\u5982\u8b8a\u81c9\u8a50\u9a19\u653b\u64ca\u6216\u7a31\u70ba\u5546\u52d9\u96fb\u5b50\u90f5\u4ef6\u5165\u4fb5 (Business Email Compromise, BEC)<\/a>\u548c\u5192\u7528\u8eab\u4efd\u3002<\/p>\n\n\n\n

\u6aa2\u8996\u4e0d\u540c\u7684\u5730\u4e0b\u8ad6\u58c7\u548c\u7db2\u9801\u9084\u53ef\u4ee5\u767c\u73fe\u53d7\u5bb3\u5e33\u5bc6\u7684\u5177\u9ad4\u5831\u50f9\uff0c\u6839\u64da\u5e74\u4efd\u3001\u884c\u696d\u3001\u516c\u53f8\u8077\u4f4d\u548c\u793e\u7fa4\u5a92\u9ad4\u5e33\u5bc6\u9032\u884c\u5206\u985e\u3002\u6b64\u5916\uff0c\u9019\u4e9b\u8ad6\u58c7\u8a0a\u606f\u90fd\u662f\u7528\u82f1\u6587\u64b0\u5beb\uff0c\u751a\u81f3\u5728\u975e\u82f1\u8a9e\u8ad6\u58c7\uff08\u5982\u9762\u5411\u4fc4\u8a9e\u4f7f\u7528\u8005\u548c\u5718\u9ad4\u7684\u8ad6\u58c7\uff09\u4e5f\u662f\u5982\u6b64\u3002\u96d6\u7136\u4e26\u4e0d\u5c11\u898b\uff0c\u4f46\u9019\u4e9b\u5e33\u865f\u662f\u7279\u5730\u5efa\u7acb\u4f86\u767c\u5e03\u5c0d\u6f5b\u5728\u5ba2\u6236\u8ca9\u8ce3\u8cc7\u6599\u548c\u91e3\u9b5a\u5de5\u5177\u7684\u8a0a\u606f\u3002\u9019\u4e00\u9ede\u53ef\u4ee5\u5f9e\u67d0\u6b21\u60e1\u610f\u4efd\u5b50\u8cfc\u8cb7\u67d0\u8ad6\u58c7\u7528\u5e33\u865f\u53ea\u662f\u70ba\u4e86\u8ca9\u8ce3\u8cc7\u6599\u800c\u5f97\u5230\u8b49\u5be6\u3002<\/p>\n\n\n\n

\u8981\u958b\u59cb\u6e96\u5099\u76ee\u6a19\u6e05\u55ae\uff0c\u6709\u5f88\u591a\u5e73\u53f0\u90fd\u6709\u8ca9\u8ce3\u8ca1\u52d9\u9577\/\u57f7\u884c\u9577\u7684\u90f5\u4ef6\u5730\u5740\uff0c\u81c9\u66f8\u500b\u4eba\u8cc7\u6599\u7b49\u540d\u55ae\uff0c\u4e26\u6309\u5730\u5340\u548c\u570b\u5bb6\u5206\u985e\u3002\u653b\u64ca\u8005\u53ef\u80fd\u5f9e\u9019\u4e9b\u7db2\u7ad9\u8cfc\u8cb7\u4e86\u76ee\u6a19\u540d\u55ae\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n
\"\u571620.
\u571620. \u63d0\u4f9b\u57f7\u884c\u9577\/\u8ca1\u52d9\u9577\u90f5\u4ef6\u5730\u5740\u548c\u81c9\u66f8\u7db2\u9801\u540d\u55ae\u7684\u884c\u92b7\u7db2\u7ad9<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n
\"\u571621.
\u571621. \u63d0\u4f9b\u65e5\u672c\u6309\u5e74\u4efd\u3001\u516c\u53f8\u8077\u4f4d\u548c\u793e\u7fa4\u5a92\u9ad4\u5e73\u53f0\u6392\u5e8f\u540d\u55ae\u7684\u884c\u92b7\u7db2\u7ad9<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u7d50\u8ad6<\/strong><\/p>\n\n\n\n

\u7db2\u8def\u91e3\u9b5a\u653b\u64ca\u548c\u653b\u64ca\u8005\u901a\u5e38\u662f\u91dd\u5c0d\u54e1\u5de5 \u2013 \u7d44\u7e54\u5b89\u5168\u93c8\u4e2d\u6700\u8106\u5f31\u7684\u4e00\u74b0\u3002\u800c\u5f9e\u9019\u6b21\u653b\u64ca\u6d3b\u52d5\u53ef\u4ee5\u898b\u5230\u653b\u64ca\u8005\u5c07\u76ee\u6a19\u9396\u5b9a\u5728\u9ad8\u5c64\u54e1\u5de5\uff0c\u9019\u4e9b\u4eba\u53ef\u80fd\u4e26\u4e0d\u90a3\u9ebc\u7cbe\u901a\u6280\u8853\u6216\u7db2\u8def\u5b89\u5168\uff0c\u66f4\u6709\u53ef\u80fd\u88ab\u9a19\u53bb\u9ede\u64ca\u60e1\u610f\u9023\u7d50\u3002\u900f\u904e\u6709\u9078\u64c7\u6027\u5730\u91dd\u5c0d\u516c\u53f8\u9ad8\u5c64\uff0c\u653b\u64ca\u8005\u80fd\u5920\u5927\u5927\u63d0\u9ad8\u6240\u53d6\u5f97\u5e33\u5bc6\u7684\u50f9\u503c\uff0c\u56e0\u70ba\u9019\u4e9b\u5e33\u5bc6\u53ef\u80fd\u88ab\u9032\u4e00\u6b65\u5730\u7528\u4f86\u53d6\u5f97\u654f\u611f\u500b\u4eba\u548c\u7d44\u7e54\u8cc7\u8a0a\uff0c\u4e26\u7528\u65bc\u5176\u4ed6\u653b\u64ca\u3002<\/p>\n\n\n\n

\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u548c\u5e33\u865f\u5bc6\u78bc\u7684\u898f\u6a21\u548c\u6e96\u78ba\u6027\u986f\u793a\u51fa\u653b\u64ca\u8005\u64c1\u6709\u53d7\u5bb3\u8005\u548c\u6f5b\u5728\u76ee\u6a19\u7684\u6e96\u78ba\u8cc7\u6599\u96c6\u3002\u96d6\u7136\u653b\u64ca\u8005\u53ef\u4ee5\u8f15\u6613\u5730\u5f9e\u76ee\u6a19\u7db2\u7ad9\u53d6\u5f97\u90f5\u4ef6\u5730\u5740\uff0c\u4f46\u4ed6\u5011\u66f4\u9032\u4e00\u6b65\u5730\u9a57\u8b49\u9019\u4e9b\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\uff0c\u78ba\u4fdd\u5b83\u8ddf\u5f9e\u516c\u958b\u9818\u57df\u6536\u96c6\u4f86\u7684\u8cc7\u6599\u76f8\u88dc\u5168\u3002<\/p>\n\n\n\n

\u4f01\u696d\u5fc5\u9808\u4e86\u89e3\u4e26\u5c0f\u5fc3\u81ea\u5df1\u653e\u5230\u516c\u958b\u7db2\u7ad9\u548c\u5e73\u53f0\u7684\u8cc7\u8a0a\uff0c\u540c\u6642\u8981\u7d93\u5e38\u63d0\u9192\u54e1\u5de5\u6ce8\u610f\u5728\u500b\u4eba\u7db2\u9801\u62ab\u9732\u7684\u8cc7\u8a0a\u3002\u9019\u4e9b\u5f88\u5bb9\u6613\u88ab\u7528\u65bc\u793e\u4ea4\u5de5\u7a0b\u4f86\u653b\u64ca\u4ed6\u5011\u81ea\u5df1\u3002\u6240\u6709\u54e1\u5de5\uff0c\u7121\u8ad6\u8077\u7d1a\u9ad8\u4f4e\uff0c\u5728\u67e5\u770b\u96fb\u5b50\u90f5\u4ef6\u63d0\u793a\u4e26\u63a1\u53d6\u884c\u52d5\u6642\u90fd\u61c9\u683c\u5916\u5c0f\u5fc3\uff0c\u5c24\u5176\u662f\u4f86\u81ea\u672a\u77e5\u4f86\u6e90\u7684\u96fb\u5b50\u90f5\u4ef6\u3002<\/p>\n\n\n\n

\u8981\u4e86\u89e3\uff0c\u6b63\u5e38\u7684\u670d\u52d9\u5546\u548c\u4f9b\u61c9\u5546\u7d55\u4e0d\u6703\u8981\u6c42\u500b\u4eba\u6d88\u8cbb\u8005\u6216\u4f01\u696d\u7528\u6236\u63d0\u4f9b\u5982\u5e33\u865f\u5bc6\u78bc\u4e4b\u985e\u7684\u8a73\u7d30\u8cc7\u8a0a\uff0c\u5c24\u5176\u4e0d\u6703\u4fdd\u7559\u904e\u671f\u5bc6\u78bc\u3002\u9019\u4e9b\u8cc7\u8a0a\u5bb9\u6613\u53d7\u5230\u672a\u6388\u6b0a\u548c\u60e1\u610f\u500b\u4eba\u7684\u6feb\u7528\uff0c\u5fc5\u9808\u7531\u4f9b\u61c9\u5546\u6309\u7167\u4f01\u696d\u653f\u7b56\u7531\u5176\u8cc7\u5b89\u548cIT\u5718\u968a\u9032\u884c\u5ba2\u88fd\u5316\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u5165\u4fb5\u6307\u6a19\uff08IoC<\/strong>\uff09<\/strong><\/p>\n\n\n\n

\u8acb\u9ede\u5165\u9023\u7d50<\/a>\u67e5\u770b\u6211\u5011\u7684IoC\u5217\u8868\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

@\u539f\u6587\u51fa\u8655\uff1aFake Office 365 Used for Phishing Attacks on C-Suite Targets<\/a> \u4f5c\u8005\uff1aMatsukawa Bakuei\uff0cMarshall Chen\uff0cVladimir Kropotov\uff0cLoseway Lu\uff0cFyodor Yarochkin<\/p>\n","protected":false},"excerpt":{"rendered":"

\u8da8\u52e2\u79d1\u6280\u5f9e\u516b\u500b\u88ab\u5165\u4fb5\u7db2\u7ad9\u767c\u73fe\u8d85\u904e300\u7b46\u4e0d\u91cd\u8907\u91e3\u9b5a\u7db2\u5740\u548c70\u7b46\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\uff0c\u5305\u62ec\u4e8640\u4f4d\u516c\u53f8\u57f7\u884c\u9577\u3001\u9ad8\u968e\u4e3b\u7ba1\u3001 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1268,3765,65],"tags":[2633,2817,2344,4235],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/67016"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=67016"}],"version-history":[{"count":7,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/67016\/revisions"}],"predecessor-version":[{"id":67023,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/67016\/revisions\/67023"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=67016"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=67016"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=67016"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}