【HVV情报】2024-08-28

公众号新规只对常读和星标的公众号才能展示大图推送，建议大家把公众号“night安全”设为星标，否则可能就看不到啦！

免责声明

night安全致力于分享技术学习和工具掌握。然而请注意不得将此用于任何未经授权的非法行为，请您严格遵守国家信息安全法律法规。任何违反法律、法规的行为，均与本人无关。如有侵权烦请告知，我们会立即删除并致歉。谢谢！

风险情报

【0day】新华三s6800系列交换机存在内存泄露【0day】广联达OA mobileAction.ashx/do.asmx 任意文件读取漏洞【0day】锐明Crocus系统存在SQL注入漏洞【0day】锐明Crocus系统存在SQL注入漏洞【0day】锐明Crocus系统存在任意文件上传漏洞【0day】锐明Crocus系统存在任意文件读取漏洞【0day】锐明Crocus系统存在管理员用户添加漏洞畅捷通CRM newleadset.php 存在SQL注入漏洞Windows AFD.SYS驱动程序存在特权提升漏洞统信UOS某服务进程存在本地越权漏洞赛蓝企业管理系统 SystemModule 任意文件上传漏洞Ivanti vTM 身份认证绕过漏洞(CVE-2024-7593)【老洞】泛微OA E-Cology action.jsp 任意文件上传漏洞

样本情报

样本主题：【电脑版】车辆信息-12辆轿车购买车险.zipSHA256: 03f06a02d09b92faa360eec8d937f2d87ea1abb06832ac315090dfc9dabf1ba4MD5: f3c971d691cbf93e84be4010628662c4相关IP和域名（非IOC，仅可用于排查参考，不可封禁）：upgrade.k.sohu.com、adstatic.zhihu.com、huiyan.lenovo.com.cn、static.asus.com.cn、smartpc.lenovo.com.cn攻击手法：域前置分析结论：CobaltStrike木马样本主题：2024重点保障安全意识培训参会人员名单.zipSHA256: 9b2f6e6b2cf24e295bc22b125f643b954eec43effbae196dedc2deddf3faf645MD5: 5f596ddc392395cfd14541a12a9d3157C2：113.96.111.58:8888分析结论：CobaltStrike木马样本主题：直播系统异常信息.rarSHA256: 0b028d56eef5b5dbdea36279397ec5d6c0c828ff92933ac37c5dfa86b64740cfMD5: eae97ef0ba7c95ef97954b02169ca14b恶意软件：yk4uljy7akvsc.oss-cn-heyuan.aliyuncs.com分析结论：CobaltStrike木马样本主题：***流量推广业务需求.zipSHA256: b6bf832d054331ab898bf66e2a82dcc70a37a5529816a0bbc24e55c2a644f93dMD5: 1a31bfe2c0358e5418f4cce5c5c3505b恶意软件：oss-alipay.oss-cn-shenzhen.aliyuncs.com分析结论：CobaltStrike木马

ip情报

206.168.34.203103.70.59.130219.131.70.107104.234.140.4169.195.132.43.101.240.4447.128.127.6740.83.134.212222.186.141.207103.179.72.166193.3.19.235149.192.216.96123.253.140.24211.162.237.21470.49.20.158116.255.32.73156.232.186.19757.152.78.149222.59.232.28182.146.156.250120.239.138.169118.164.53.58180.101.145.20077.37.43.47119.8.242.6139.105.130.7054.152.101.7851.68.24.1163.142.169.125154.215.16.17712.167.113.32200.189.27.84162.220.12.8743.143.223.104213.202.233.147220.181.108.169139.227.195.70126.157.142.244202.189.8.24343.134.204.13718.192.31.16518.64.169.51183.92.23.15050.114.155.14264.227.24.147201.189.166.4466.85.173.48121.40.136.19791.92.249.21138.57.129.2093.7.114.59180.75.250.51116.203.52.24364.69.41.141146.56.204.18254.254.91.19163.232.188.134154.215.16.171103.73.119.84117.148.86.174107.149.196.114164.201.236.223119.23.143.238108.21.237.93126.133.207.7189.178.62.188185.26.160.185212.51.144.13123.224.93.20481.70.19.68107.189.14.134200.101.83.108.210.224.32120.194.198.92103.120.132.113109.107.171.138104.234.140.468.137.86.54180.98.15.42125.34.40.187217.67.222.140124.71.205.24747.128.118.246119.208.108.24223.104.10.247116.233.165.7195.217.6.10127.189.85.163106.54.19.20864.225.7.51115.239.219.156152.115.131.142164.90.225.21681.70.204.12038.61.6.120183.168.15.4845.77.6.21645.251.10.196188.214.128.13052.81.60.542.2.230.194