{"id":46656,"date":"2025-09-09T15:28:24","date_gmt":"2025-09-09T08:28:24","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=46656"},"modified":"2025-09-12T15:30:25","modified_gmt":"2025-09-12T08:30:25","slug":"ban-tin-an-toan-thong-tin-tuan-so-17","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/ban-tin-an-toan-thong-tin-tuan-so-17\/","title":{"rendered":"B\u1ea3n tin An to\u00e0n th\u00f4ng tin tu\u1ea7n s\u1ed1 17"},"content":{"rendered":"
\n
<\/i>\u00a0H\u1ed3ng \u0110\u1ea1t<\/a><\/div>\n<\/div>\n

To\u00e0n c\u1ea3nh v\u1ec1 nh\u1eefng s\u1ef1 ki\u1ec7n, tin t\u1ee9c n\u1ed5i b\u1eadt v\u1ec1 b\u1ea3o m\u1eadt v\u00e0 an to\u00e0n th\u00f4ng tin trong Tu\u1ea7n 36 (01\/9 – 7\/9), B\u1ea3n tin g\u1ed3m c\u00e1c s\u1ef1 ki\u1ec7n an to\u00e0n th\u00f4ng tin n\u1ed5i b\u1eadt trong n\u01b0\u1edbc v\u00e0 qu\u1ed1c t\u1ebf. Trong tu\u1ea7n qua, C\u1ee5c T\u1ea7n s\u1ed1 v\u00f4 tuy\u1ebfn \u0111i\u1ec7n, B\u1ed9 Khoa h\u1ecdc v\u00e0 C\u00f4ng ngh\u1ec7 (KH&CN) \u0111\u00e3 t\u1ed5 ch\u1ee9c L\u1ec5 Khai tr\u01b0\u01a1ng H\u1ec7 th\u1ed1ng gi\u00e1m s\u00e1t v\u00e0 ph\u00e1t hi\u1ec7n nhi\u1ec5u th\u00f4ng tin di \u0111\u1ed9ng iSpectra, \u0111\u00e2y l\u00e0 gi\u1ea3i ph\u00e1p \u1ea7n \u0111\u1ea7u \u0111\u01b0\u1ee3c tri\u1ec3n khai tr\u00ean th\u1ebf gi\u1edbi. Nhi\u1ec1u v\u1ee5 vi ph\u1ea1m d\u1eef li\u1ec7u v\u1eabn ti\u1ebfp di\u1ec5n, c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng, l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt v\u00e0 c\u1ea3nh b\u00e1o v\u1ec1 ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i m\u1edbi,\u2026 l\u00e0 m\u1ed9t s\u1ed1 th\u00f4ng tin \u0111\u00e1ng ch\u00fa \u00fd kh\u00e1c.<\/p>\n

\u0110I\u1ec2M TIN TRONG N\u01af\u1edaC<\/strong><\/p>\n

Ph\u00e1t \u0111\u1ed9ng gi\u1ea3i th\u01b0\u1edfng \u201cS\u1ea3n ph\u1ea9m c\u00f4ng ngh\u1ec7 s\u1ed1 Make in Viet Nam\u201d n\u0103m 2025<\/strong><\/p>\n

S\u00e1ng 4\/9, t\u1ea1i h\u1ecdp b\u00e1o th\u01b0\u1eddng k\u1ef3 th\u00e1ng 8\/2025, B\u1ed9 KH&CN ph\u1ed1i h\u1ee3p v\u1edbi Li\u00ean \u0111o\u00e0n Th\u01b0\u01a1ng m\u1ea1i v\u00e0 C\u00f4ng nghi\u1ec7p Vi\u1ec7t Nam (VCCI) ph\u00e1t \u0111\u1ed9ng gi\u1ea3i th\u01b0\u1edfng\u00a0\u201cS\u1ea3n ph\u1ea9m c\u00f4ng ngh\u1ec7 s\u1ed1 Make in Viet Nam\u201d<\/a>\u00a0n\u0103m 2025. \u0110\u1eb7c bi\u1ec7t, Gi\u1ea3i th\u01b0\u1edfng s\u1ea3n ph\u1ea9m c\u00f4ng ngh\u1ec7 s\u1ed1 Make in Viet Nam n\u0103m nay l\u1ea7n \u0111\u1ea7u t\u00f4n vinh c\u00e1c s\u1ea3n ph\u1ea9m c\u00f4ng ngh\u1ec7 s\u1ed1 chi\u1ebfn l\u01b0\u1ee3c.<\/p>\n

Theo \u00f4ng Nguy\u1ec5n Kh\u1eafc L\u1ecbch, C\u1ee5c tr\u01b0\u1edfng C\u1ee5c C\u00f4ng nghi\u1ec7p c\u00f4ng ngh\u1ec7 th\u00f4ng tin, B\u1ed9 KH&CN, Make in Viet Nam n\u0103m 2025 s\u1ebd t\u00f4n vinh c\u00e1c s\u1ea3n ph\u1ea9m c\u00f4ng ngh\u1ec7 s\u1ed1 xu\u1ea5t s\u1eafc, mang t\u1ef1 h\u00e0o tr\u00ed tu\u1ec7 Vi\u1ec7t Nam, th\u00fac \u0111\u1ea9y\u00a0chuy\u1ec3n \u0111\u1ed5i s\u1ed1<\/a>\u00a0to\u00e0n d\u00e2n, to\u00e0n di\u1ec7n, to\u00e0n tr\u00ecnh \u0111\u1ec3 t\u0103ng t\u1ed1c b\u1ee9t ph\u00e1 ph\u00e1t tri\u1ec3n kinh t\u1ebf s\u1ed1, s\u1ed1 h\u00f3a c\u00e1c ng\u00e0nh kinh t\u1ebf, t\u1ea1o b\u01b0\u1edbc nh\u1ea3y v\u1ecdt v\u1ec1 n\u0103ng su\u1ea5t, ch\u1ea5t l\u01b0\u1ee3ng, hi\u1ec7u qu\u1ea3 v\u00e0 s\u1ee9c c\u1ea1nh tranh c\u1ee7a n\u1ec1n kinh t\u1ebf.<\/p>\n

C\u1ea3nh b\u00e1o chi\u00eau tr\u00f2 l\u1eeba \u0111\u1ea3o d\u01b0\u1edbi h\u00ecnh th\u1ee9c \u201cThi to\u00e1n Timo\u201d<\/strong><\/p>\n

Ng\u00e0y 4\/9,\u00a0C\u00f4ng an<\/a>\u00a0th\u00e0nh ph\u1ed1 \u0110\u00e0 N\u1eb5ng cho bi\u1ebft, tr\u00ean m\u1ea1ng x\u00e3 h\u1ed9i th\u1eddi gian qua xu\u1ea5t hi\u1ec7n m\u1ed9t fanpage mang t\u00ean \u201cThi To\u00e1n Timo\u201d, thu h\u00fat s\u1ef1 quan t\u00e2m v\u00e0 tham gia c\u1ee7a \u0111\u00f4ng \u0111\u1ea3o ng\u01b0\u1eddi d\u00f9ng. Tuy nhi\u00ean, \u0111\u1eb1ng sau \u0111\u00f3 l\u00e0 m\u1ed9t chi\u00eau tr\u00f2 l\u1eeba \u0111\u1ea3o \u0111\u01b0\u1ee3c t\u1ed5 ch\u1ee9c kh\u00e1 tinh vi. \u0110\u1eb7c bi\u1ec7t \u0111\u1ed1i t\u01b0\u1ee3ng \u0111\u01b0\u1ee3c gi\u1edbi thi\u1ec7u \u0111\u1ec3 m\u1eddi g\u1ecdi ng\u01b0\u1eddi d\u00e2n v\u00e0o nh\u00f3m chat c\u00f2n m\u1ea1o danh l\u00e0 c\u1ed9ng t\u00e1c vi\u00ean c\u1ee7a \u0110\u00e0i Truy\u1ec1n h\u00ecnh Vi\u1ec7t Nam.<\/p>\n

C\u00f4ng an th\u00e0nh ph\u1ed1 \u0110\u00e0 N\u1eb5ng khuy\u1ebfn c\u00e1o ng\u01b0\u1eddi d\u00e2n c\u1ea7n c\u1ea9n tr\u1ecdng v\u1edbi c\u00e1c cu\u1ed9c thi tr\u1ef1c tuy\u1ebfn khi y\u00eau c\u1ea7u \u0111\u00f3ng ph\u00ed qua chuy\u1ec3n kho\u1ea3n, \u0111\u1ed3ng th\u1eddi, n\u00ean x\u00e1c minh th\u00f4ng tin t\u1eeb ngu\u1ed3n ch\u00ednh th\u1ed1ng tr\u01b0\u1edbc khi tham gia. Tuy\u1ec7t \u0111\u1ed1i kh\u00f4ng l\u00e0m theo y\u00eau c\u1ea7u, h\u01b0\u1edbng d\u1eabn c\u1ee7a c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng, kh\u00f4ng th\u1ef1c hi\u1ec7n giao d\u1ecbch chuy\u1ec3n ti\u1ec1n v\u00e0 cung c\u1ea5p c\u00e1c th\u00f4ng tin c\u00e1 nh\u00e2n.<\/p>\n

Khai tr\u01b0\u01a1ng H\u1ec7 th\u1ed1ng gi\u00e1m s\u00e1t v\u00e0 ph\u00e1t hi\u1ec7n nhi\u1ec5u th\u00f4ng tin di \u0111\u1ed9ng iSpectra<\/strong><\/p>\n

Ng\u00e0y 4\/9 t\u1ea1i H\u00e0 N\u1ed9i, C\u1ee5c T\u1ea7n s\u1ed1 v\u00f4 tuy\u1ebfn \u0111i\u1ec7n, B\u1ed9 KH&CN \u0111\u00e3 t\u1ed5 ch\u1ee9c L\u1ec5 Khai tr\u01b0\u01a1ng H\u1ec7 th\u1ed1ng gi\u00e1m s\u00e1t v\u00e0 ph\u00e1t hi\u1ec7n nhi\u1ec5u th\u00f4ng tin di \u0111\u1ed9ng iSpectra. Theo k\u1ebft qu\u1ea3 th\u1eed nghi\u1ec7m trong 3 th\u00e1ng, h\u1ec7 th\u1ed1ng \u0111\u00e3 ph\u00e1t hi\u1ec7n 600 v\u1ee5 nhi\u1ec5u, t\u0103ng g\u1ea5p \u0111\u00f4i so v\u1edbi khi kh\u00f4ng d\u00f9ng. Khi \u1ee9ng d\u1ee5ng t\u1ea1i m\u1ed9t nh\u00e0 m\u1ea1ng, h\u1ec7 th\u1ed1ng \u0111\u01b0\u1ee3c ghi nh\u1eadn gi\u00fap gi\u1ea3m 30% t\u1ef7 l\u1ec7 r\u1edbt cu\u1ed9c g\u1ecdi do nhi\u1ec5u.<\/p>\n

V\u1ec1 kh\u1ea3 n\u0103ng k\u1ebft n\u1ed1i \u0111\u1ebfn c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c, ngo\u00e0i h\u1ec7 th\u1ed1ng tr\u1ea1m c\u1ee7a c\u00e1c nh\u00e0 m\u1ea1ng, iSpectra s\u1ebd \u0111\u01b0\u1ee3c th\u00f4ng minh h\u00f3a, \u00e1p d\u1ee5ng c\u00f4ng ngh\u1ec7 tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o (AI) v\u00e0\u00a0h\u1ecdc m\u00e1y<\/a>\u00a0ph\u00e2n t\u00edch chuy\u00ean s\u00e2u v\u1edbi kh\u1ed1i l\u01b0\u1ee3ng d\u1eef li\u1ec7u l\u1edbn h\u01a1n \u0111\u1ec3 d\u1ef1 \u0111o\u00e1n thi\u1ebft b\u1ecb g\u00e2y nhi\u1ec5u v\u00e0 khoanh v\u00f9ng v\u1ecb tr\u00ed ngu\u1ed3n nhi\u1ec5u.<\/p>\n

\u0110I\u1ec2M TIN QU\u1ed0C T\u1ebe<\/strong><\/p>\n

Cloudflare ng\u0103n ch\u1eb7n cu\u1ed9c t\u1ea5n c\u00f4ng DDoS l\u1edbn nh\u1ea5t \u0111\u01b0\u1ee3c ghi nh\u1eadn v\u1edbi 11,5 Tbps<\/strong><\/p>\n

Ng\u00e0y 02\/9,\u00a0Cloudflare<\/a>\u00a0cho bi\u1ebft \u0111\u00e3 ng\u0103n ch\u1eb7n th\u00e0nh c\u00f4ng cu\u1ed9c t\u1ea5n c\u00f4ng t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 ph\u00e2n t\u00e1n (DDoS) l\u1edbn nh\u1ea5t t\u1eebng \u0111\u01b0\u1ee3c ghi nh\u1eadn, \u1edf m\u1ee9c 11,5 Tbps (terabit m\u1ed7i gi\u00e2y).<\/p>\n

<\/p>\n

Bi\u1ec3u \u0111\u1ed3 t\u1ea5n c\u00f4ng DDoS<\/em><\/p>\n

Theo \u0111\u00f3, Cloudflare chia s\u1ebb r\u1eb1ng \u0111\u00e2y l\u00e0 ki\u1ec3u t\u1ea5n c\u00f4ng UDP Flood, ch\u1ee7 y\u1ebfu b\u1eaft ngu\u1ed3n t\u1eeb c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng Google Cloud v\u00e0 k\u00e9o d\u00e0i kho\u1ea3ng 35 gi\u00e2y. \u201cH\u1ec7 th\u1ed1ng ph\u00f2ng th\u1ee7 c\u1ee7a Cloudflare \u0111\u00e3 ho\u1ea1t \u0111\u1ed9ng h\u1ebft c\u00f4ng su\u1ea5t. Trong v\u00e0i tu\u1ea7n qua, ch\u00fang t\u00f4i \u0111\u00e3 t\u1ef1 \u0111\u1ed9ng ng\u0103n ch\u1eb7n h\u00e0ng tr\u0103m cu\u1ed9c t\u1ea5n c\u00f4ng DDoS, v\u1edbi c\u00e1c \u0111\u1ee3t t\u1ea5n c\u00f4ng l\u1edbn nh\u1ea5t \u0111\u1ea1t \u0111\u1ec9nh \u0111i\u1ec3m 5,1 Bpps v\u00e0 11,5 Tbps\u201d, c\u00f4ng ty cho bi\u1ebft.<\/p>\n

Cloudflare b\u1ecb x\u00e2m ph\u1ea1m d\u1eef li\u1ec7u trong cu\u1ed9c t\u1ea5n c\u00f4ng chu\u1ed7i cung \u1ee9ng Salesloft Drift<\/strong><\/p>\n

Cloudflare l\u00e0 c\u00f4ng ty m\u1edbi nh\u1ea5t b\u1ecb \u1ea3nh h\u01b0\u1edfng trong chu\u1ed7i vi ph\u1ea1m\u00a0Salesloft Drift<\/a>\u00a0g\u1ea7n \u0111\u00e2y. Ng\u00e0y 02\/9, Cloudflare ti\u1ebft l\u1ed9 r\u1eb1ng nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 truy c\u1eadp v\u00e0o m\u1ed9t phi\u00ean b\u1ea3n\u00a0Salesforce<\/a>\u00a0m\u00e0 h\u1ecd s\u1eed d\u1ee5ng \u0111\u1ec3 qu\u1ea3n l\u00fd kh\u00e1ch h\u00e0ng n\u1ed9i b\u1ed9 v\u00e0 h\u1ed7 tr\u1ee3 ng\u01b0\u1eddi d\u00f9ng, trong \u0111\u00f3 c\u00f3 104 m\u00e3 token API c\u1ee7a Cloudflare.<\/p>\n

Trong m\u1ed9t \u0111\u1ed9ng th\u00e1i m\u1edbi nh\u1ea5t, g\u00e3 kh\u1ed5ng l\u1ed3 cung c\u1ea5p d\u1ecbch v\u1ee5 Internet \u0111\u00e3 thay \u0111\u1ed5i 104 token do n\u1ec1n t\u1ea3ng Cloudflare ph\u00e1t h\u00e0nh b\u1ecb \u0111\u00e1nh c\u1eafp trong v\u1ee5 vi ph\u1ea1m, m\u1eb7c d\u00f9 v\u1eabn ch\u01b0a ph\u00e1t hi\u1ec7n ra b\u1ea5t k\u1ef3 ho\u1ea1t \u0111\u1ed9ng \u0111\u00e1ng ng\u1edd n\u00e0o li\u00ean quan \u0111\u1ebfn c\u00e1c token n\u00e0y.<\/p>\n

M\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng c\u1ee7a l\u1ed7 h\u1ed5ng API Argo CD l\u00e0m r\u00f2 r\u1ec9 th\u00f4ng tin \u0111\u0103ng nh\u1eadp kho l\u01b0u tr\u1eef<\/strong><\/p>\n

L\u1ed7 h\u1ed5ng Argo CD cho ph\u00e9p c\u00e1c m\u00e3 th\u00f4ng b\u00e1o c\u00f3 quy\u1ec1n truy c\u1eadp v\u00e0o \u0111i\u1ec3m cu\u1ed1i API v\u00e0 truy xu\u1ea5t th\u00f4ng tin x\u00e1c th\u1ef1c kho l\u01b0u tr\u1eef li\u00ean quan \u0111\u1ebfn d\u1ef1 \u00e1n. L\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c theo d\u00f5i v\u1edbi m\u00e3 \u0111\u1ecbnh danh CVE-2025-55190 (\u0111i\u1ec3m CVSS: 10.0), cho ph\u00e9p b\u1ecf qua c\u00e1c c\u01a1 ch\u1ebf c\u00f4 l\u1eadp \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 b\u1ea3o v\u1ec7 th\u00f4ng tin \u0111\u1ecbnh danh nh\u1ea1y c\u1ea3m. Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng n\u1eafm gi\u1eef nh\u1eefng th\u00f4ng tin x\u00e1c th\u1ef1c \u0111\u00f3 c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng ch\u00fang \u0111\u1ec3 sao ch\u00e9p codebases v\u00e0 ch\u00e8n t\u1ec7p manifests \u0111\u1ed9c h\u1ea1i.<\/p>\n

Amazon ph\u00e1 v\u1ee1 chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1ea1ng nh\u1eafm v\u00e0o ng\u01b0\u1eddi d\u00f9ng Microsoft<\/strong><\/p>\n

Amazon<\/a>\u00a0\u0111\u00e3 ng\u0103n ch\u1eb7n chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng c\u1ee7a c\u00e1c tin t\u1eb7c Nga nh\u1eafm v\u00e0o ng\u01b0\u1eddi d\u00f9ng Microsoft th\u00f4ng qua c\u00e1c trang web b\u1ecb x\u00e2m nh\u1eadp, chuy\u1ec3n h\u01b0\u1edbng c\u00e1c n\u1ea1n nh\u00e2n \u0111\u1ebfn c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng \u0111\u1ed9c h\u1ea1i.<\/p>\n

\u0110\u01b0\u1ee3c cho l\u00e0 do nh\u00f3m\u00a0gi\u00e1n \u0111i\u1ec7p m\u1ea1ng<\/a>\u00a0Midnight Blizzard (hay c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 APT29, Cozy Bear, the Dukes v\u00e0 Yttrium) th\u1ef1c hi\u1ec7n, c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y t\u1eadp trung v\u00e0o vi\u1ec7c thu th\u1eadp th\u00f4ng tin x\u00e1c th\u1ef1c v\u00e0 t\u00ecnh b\u00e1o. C\u00e1c tin t\u1eb7c Midnight Blizzard \u0111\u00e3 x\u00e2m ph\u1ea1m c\u00e1c trang web h\u1ee3p ph\u00e1p v\u00e0 ch\u00e8n m\u00e3 JavaScript \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi truy c\u1eadp \u0111\u1ebfn c\u00e1c t\u00ean mi\u1ec1n \u0111\u1ed9c h\u1ea1i, ch\u1eb3ng h\u1ea1n nh\u01b0 findcloudflare[.]com, m\u1ea1o danh trang x\u00e1c minh Cloudflare.<\/p>\n

Chi\u1ebfn d\u1ecbch ZipLine ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i MixShell<\/strong><\/p>\n

Theo b\u00e1o c\u00e1o c\u1ee7a h\u00e3ng b\u1ea3o m\u1eadt CheckPoint, c\u00e1c c\u00f4ng ty s\u1ea3n xu\u1ea5t t\u1ea1i M\u1ef9 \u0111\u00e3 b\u1ecb nh\u1eafm m\u1ee5c ti\u00eau trong m\u1ed9t chi\u1ebfn d\u1ecbch tinh vi mang t\u00ean ZipLine, trong \u0111\u00f3 k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng c\u00e1c t\u01b0\u01a1ng t\u00e1c kinh doanh c\u00f3 v\u1ebb h\u1ee3p ph\u00e1p \u0111\u1ec3 ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i t\u00f9y ch\u1ec9nh c\u00f3 t\u00ean MixShell. K\u1ebb t\u1ea5n c\u00f4ng thi\u1ebft l\u1eadp c\u00e1c t\u00ean mi\u1ec1n gi\u1ea3 m\u1ea1o d\u01b0\u1edbi t\u00ean c\u00e1c c\u00f4ng ty h\u1ee3p ph\u00e1p v\u00e0 trao \u0111\u1ed5i\u00a0email<\/a>\u00a0v\u1edbi n\u1ea1n nh\u00e2n trong nhi\u1ec1u tu\u1ea7n tr\u01b0\u1edbc khi ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i.<\/p>\n

Vi ph\u1ea1m d\u1eef li\u1ec7u Vital Imaging \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn 260.000 c\u00e1 nh\u00e2n<\/strong><\/p>\n

Trung t\u00e2m ch\u1ea9n \u0111o\u00e1n h\u00ecnh \u1ea3nh Vital Imaging m\u1edbi \u0111\u00e2y x\u00e1c nh\u1eadn b\u1ecb\u00a0x\u00e2m ph\u1ea1m d\u1eef li\u1ec7u<\/a>\u00a0\u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn th\u00f4ng tin v\u00e0 s\u1ee9c kh\u1ecfe c\u1ee7a kho\u1ea3ng 260.000 c\u00e1 nh\u00e2n. V\u1ee5 vi\u1ec7c \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n v\u00e0o th\u00e1ng 2\/2025 v\u00e0 cu\u1ed9c \u0111i\u1ec1u tra \u0111ang \u0111\u01b0\u1ee3c ti\u1ebfn h\u00e0nh nh\u1eb1m x\u00e1c \u0111\u1ecbnh c\u1ee5 th\u1ec3 nh\u1eefng t\u00e1c nh\u00e2n b\u1ecb \u1ea3nh h\u01b0\u1edfng v\u00e0 lo\u1ea1i d\u1eef li\u1ec7u n\u00e0o \u0111\u00e3 b\u1ecb x\u00e2m ph\u1ea1m.<\/p>\n

Google nh\u1eadn \u00e1n ph\u1ea1t 325 tri\u1ec7u Euro<\/strong><\/p>\n

Ng\u00e0y 01\/9, C\u01a1 quan b\u1ea3o v\u1ec7 d\u1eef li\u1ec7u Ph\u00e1p (CNIL) \u0111\u00e3 ph\u1ea1t\u00a0Google<\/a>\u00a0325 tri\u1ec7u Euro (380 tri\u1ec7u USD), v\u00ec hi\u1ec3n th\u1ecb qu\u1ea3ng c\u00e1o trong email c\u1ee7a ng\u01b0\u1eddi d\u00f9ng m\u00e0 kh\u00f4ng c\u00f3 s\u1ef1 \u0111\u1ed3ng \u00fd c\u1ee7a h\u1ecd, c\u0169ng nh\u01b0 \u0111\u1eb7t cookie khi t\u1ea1o t\u00e0i kho\u1ea3n Google m\u00e0 kh\u00f4ng c\u00f3 s\u1ef1 \u0111\u1ed3ng \u00fd h\u1ee3p l\u1ec7 c\u1ee7a ng\u01b0\u1eddi d\u00f9ng Ph\u00e1p. \u0110i\u1ec1u n\u00e0y vi ph\u1ea1m quy \u0111\u1ecbnh\u00a0GDPR<\/a>\u00a0v\u00e0 Ch\u1ec9 th\u1ecb v\u1ec1 Quy\u1ec1n ri\u00eang t\u01b0 \u0111i\u1ec7n t\u1eed c\u1ee7a Li\u00ean minh ch\u00e2u \u00c2u (EU).<\/p>\n

Bridgestone b\u1ecb nh\u1eafm m\u1ee5c ti\u00eau trong cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng<\/strong><\/p>\n

G\u00e3 kh\u1ed5ng l\u1ed3 s\u1ea3n xu\u1ea5t ph\u1ee5 t\u00f9ng xe h\u01a1i Bridgestone Americas \u0111\u00e3 b\u1ecb nh\u1eafm m\u1ee5c ti\u00eau trong m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng, \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn m\u1ed9t s\u1ed1 nh\u00e0 m\u00e1y s\u1ea3n xu\u1ea5t. Cu\u1ed9c \u0111i\u1ec1u tra c\u1ee7a c\u00f4ng ty v\u1eabn \u0111ang \u0111\u01b0\u1ee3c ti\u1ebfn h\u00e0nh, nh\u01b0ng ch\u01b0a t\u00ecm th\u1ea5y b\u1ea5t k\u1ef3 b\u1eb1ng ch\u1ee9ng n\u00e0o cho th\u1ea5y d\u1eef li\u1ec7u kh\u00e1ch h\u00e0ng b\u1ecb x\u00e2m ph\u1ea1m. Bridgestone tr\u01b0\u1edbc \u0111\u00e2y \u0111\u00e3 t\u1eebng b\u1ecb nh\u1eafm m\u1ee5c ti\u00eau trong m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng\u00a0m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n<\/a>, nh\u01b0ng d\u01b0\u1eddng nh\u01b0 kh\u00f4ng c\u00f3 nh\u00f3m tin t\u1eb7c n\u00e0o nh\u1eadn tr\u00e1ch nhi\u1ec7m v\u1ec1 v\u1ee5 vi\u1ec7c m\u1edbi nh\u1ea5t n\u00e0y.<\/p>\n

L\u1ed7 h\u1ed5ng SAP S\/4HANA g\u1ea7n \u0111\u00e2y b\u1ecb khai th\u00e1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng<\/strong><\/p>\n

Ng\u00e0y 4\/9, nh\u00e0 cung c\u1ea5p gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt SecurityBridge c\u1ea3nh b\u00e1o l\u1ed7 h\u1ed5ng\u00a0SAP<\/a>\u00a0S\/4HANA m\u1edbi \u0111\u01b0\u1ee3c v\u00e1 CVE-2025-42957 hi\u1ec7n \u0111ang b\u1ecb khai th\u00e1c tr\u00ean th\u1ef1c t\u1ebf. Theo c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u, l\u1ed7 h\u1ed5ng n\u00e0y c\u00f3 th\u1ec3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 \u0111\u1eb7c quy\u1ec1n th\u1ea5p\u00a0th\u1ef1c thi m\u00e3<\/a>\u00a0t\u00f9y \u00fd v\u00e0 ki\u1ec3m so\u00e1t ho\u00e0n to\u00e0n h\u1ec7 th\u1ed1ng SAP b\u1ecb \u1ea3nh h\u01b0\u1edfng.<\/p>\n

Tin t\u1eb7c khai th\u00e1c l\u1ed7 h\u1ed5ng zero-day c\u1ee7a Sitecore \u0111\u1ec3 ph\u00e1t t\u00e1n backdoor WeepStell<\/strong><\/p>\n

C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u c\u1ee7a c\u00f4ng ty an ninh m\u1ea1ng Mandiant (M\u1ef9) cho bi\u1ebft, tin t\u1eb7c \u0111\u00e3 khai th\u00e1c l\u1ed7 h\u1ed5ng zero-day CVE-2025-53690 trong m\u1ed9t s\u1ed1 s\u1ea3n ph\u1ea9m CMS Sitecore tr\u01b0\u1edbc \u0111\u00e2y. Theo \u0111\u00f3, nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng nh\u1eafm v\u00e0o \u0111i\u1ec3m cu\u1ed1i \u201c\/sitecore\/blocked.aspx\u201d, ch\u1ee9a tr\u01b0\u1eddng ViewState ch\u01b0a \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c v\u00e0 th\u1ef1c thi m\u00e3 t\u1eeb xa trong t\u00e0i kho\u1ea3n IIS NETWORK SERVICE, b\u1eb1ng c\u00e1ch khai tahsc CVE-2025-53690, t\u1eeb \u0111\u00f3 ph\u00e1t t\u00e1n WeepStell, m\u1ed9t backdoor trinh s\u00e1t thu th\u1eadp th\u00f4ng tin h\u1ec7 th\u1ed1ng, quy tr\u00ecnh, \u1ed5 \u0111\u0129a v\u00e0 m\u1ea1ng, ng\u1ee5y trang qu\u00e1 tr\u00ecnh truy\u1ec1n d\u1eef li\u1ec7u ra ngo\u00e0i d\u01b0\u1edbi d\u1ea1ng ph\u1ea3n h\u1ed3i ViewState ti\u00eau chu\u1ea9n.<\/p>\n

C\u00e1c b\u1ea3n c\u1eadp nh\u1eadt Windows g\u1ea7n \u0111\u00e2y g\u00e2y ra s\u1ef1 c\u1ed1 c\u00e0i \u0111\u1eb7t \u1ee9ng d\u1ee5ng<\/strong><\/p>\n

Ng\u00e0y 3\/9,\u00a0Microsoft<\/a>\u00a0cho bi\u1ebft c\u00e1c b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt th\u00e1ng 8\/2025 \u0111ang k\u00edch ho\u1ea1t c\u00e1c l\u1eddi nh\u1eafc Ki\u1ec3m so\u00e1t t\u00e0i kho\u1ea3n ng\u01b0\u1eddi d\u00f9ng (UAC), \u0111\u00e1ng ch\u00fa \u00fd l\u00e0 s\u1ef1 c\u1ed1 c\u00e0i \u0111\u1eb7t \u1ee9ng d\u1ee5ng \u0111\u1ed1i v\u1edbi t\u00e0i kho\u1ea3n kh\u00f4ng ph\u1ea3i l\u00e0 qu\u1ea3n tr\u1ecb vi\u00ean tr\u00ean t\u1ea5t c\u1ea3 c\u00e1c phi\u00ean b\u1ea3n Windows \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3.<\/p>\n

M\u1ed9t c\u1ea3i ti\u1ebfn v\u1ec1 b\u1ea3o m\u1eadt \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u01b0a v\u00e0o b\u1ea3n v\u00e1 Windows th\u00e1ng 8\/2025 (KB5063878) v\u00e0 c\u00e1c b\u1ea3n c\u1eadp nh\u1eadt sau \u0111\u00f3 \u0111\u1ec3 th\u1ef1c thi y\u00eau c\u1ea7u UAC, nh\u1eafc nh\u1edf ng\u01b0\u1eddi d\u00f9ng nh\u1eadp th\u00f4ng tin \u0111\u0103ng nh\u1eadp c\u1ee7a qu\u1ea3n tr\u1ecb vi\u00ean khi th\u1ef1c hi\u1ec7n s\u1eeda ch\u1eefa Windows Installer (MSI) v\u00e0 c\u00e1c ho\u1ea1t \u0111\u1ed9ng li\u00ean quan. N\u1ebfu ch\u1ea1y m\u1ed9t \u1ee9ng d\u1ee5ng kh\u1edfi t\u1ea1o thao t\u00e1c s\u1eeda ch\u1eefa MSI m\u00e0 kh\u00f4ng hi\u1ec3n th\u1ecb giao di\u1ec7n UI, \u1ee9ng d\u1ee5ng s\u1ebd kh\u00f4ng th\u00e0nh c\u00f4ng v\u00e0 hi\u1ec3n th\u1ecb th\u00f4ng b\u00e1o l\u1ed7i. V\u00ed d\u1ee5, vi\u1ec7c c\u00e0i \u0111\u1eb7t v\u00e0 ch\u1ea1y Office Professional Plus 2010 v\u1edbi quy\u1ec1n ng\u01b0\u1eddi d\u00f9ng s\u1ebd kh\u00f4ng th\u00e0nh c\u00f4ng v\u00e0 hi\u1ec3n th\u1ecb l\u1ed7i 1730 trong qu\u00e1 tr\u00ecnh c\u1ea5u h\u00ecnh\u201d, Microsoft gi\u1ea3i th\u00edch.<\/p>\n

Google v\u00e1 c\u00e1c l\u1ed7 h\u1ed5ng Android b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c trong b\u1ea3n c\u1eadp nh\u1eadt th\u00e1ng 9<\/strong><\/p>\n

Google \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt th\u00e1ng 9 d\u00e0nh cho c\u00e1c thi\u1ebft b\u1ecb\u00a0Android<\/a>, gi\u1ea3i quy\u1ebft t\u1ed5ng c\u1ed9ng 84 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt, bao g\u1ed3m 02 l\u1ed7 h\u1ed5ng \u0111ang b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c. C\u00e1c l\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n l\u00e0 b\u1ecb khai th\u00e1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng zero-day l\u1ea7n l\u01b0\u1ee3t l\u00e0: CVE-2025-38352 v\u00e0 CVE-2025-48543.<\/p>\n

<\/p>\n

Theo Google, CVE-2025-38352 l\u00e0 lo\u1ea1i l\u1ed7 h\u1ed5ng Race Condition trong b\u1ed9 \u0111\u1ebfm CPU POSIX timer, cho ph\u00e9p gi\u00e1n \u0111o\u1ea1n vi\u1ec7c d\u1ecdn d\u1eb9p c\u00e1c t\u00e1c v\u1ee5 v\u00e0 g\u00e2y ra s\u1ef1 c\u1ed1 v\u1edbi kernel, c\u00f3 kh\u1ea3 n\u0103ng d\u1eabn \u0111\u1ebfn t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 v\u00e0 leo thang \u0111\u1eb7c quy\u1ec1n. M\u1eb7t kh\u00e1c, CVE-2025-48543 \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn Android Runtime, n\u01a1i c\u00e1c \u1ee9ng d\u1ee5ng Java\/Kotlin v\u00e0 d\u1ecbch v\u1ee5 h\u1ec7 th\u1ed1ng th\u1ef1c thi. L\u1ed7 h\u1ed5ng n\u00e0y c\u00f3 kh\u1ea3 n\u0103ng cho ph\u00e9p \u1ee9ng d\u1ee5ng \u0111\u1ed9c h\u1ea1i v\u01b0\u1ee3t qua c\u00e1c h\u1ea1n ch\u1ebf c\u1ee7a sandbox v\u00e0 truy c\u1eadp c\u00e1c ch\u1ee9c n\u0103ng h\u1ec7 th\u1ed1ng c\u1ea5p cao h\u01a1n.<\/p>\n

Tin t\u1eb7c l\u1ee3i d\u1ee5ng Grok AI c\u1ee7a X \u0111\u1ec3 ph\u00e1t t\u00e1n c\u00e1c li\u00ean k\u1ebft \u0111\u1ed9c h\u1ea1i<\/strong><\/p>\n

Chatbot Grok, m\u1ed9t chatbot AI th\u1ebf h\u1ec7 m\u1edbi c\u1ee7a X, \u0111\u00e3 b\u1ecb c\u00e1c tin t\u1eb7c l\u1ee3i d\u1ee5ng \u0111\u1ec3 d\u1ee5 ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp v\u00e0o trang web c\u1ee7a ch\u00fang. Theo ph\u00e1t hi\u1ec7n c\u1ee7a nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt Nati Tal, c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda \u0111ang l\u00e1ch l\u1ec7nh c\u1ea5m li\u00ean k\u1ebft trong c\u00e1c b\u00e0i \u0111\u0103ng \u0111\u01b0\u1ee3c qu\u1ea3ng c\u00e1o c\u1ee7a X, b\u1eb1ng c\u00e1ch th\u00eam li\u00ean k\u1ebft v\u00e0o tr\u01b0\u1eddng metadata \u201cFrom:\u201d c\u1ee7a b\u00e0i \u0111\u0103ng. Sau \u0111\u00f3, ch\u00fang tr\u1ea3 l\u1eddi b\u00e0i \u0111\u0103ng \u0111\u00f3 b\u1eb1ng c\u00e1ch h\u1ecfi Grok \u201cVideo n\u00e0y \u0111\u1ebfn t\u1eeb \u0111\u00e2u?\u201d, k\u1ebft qu\u1ea3 l\u00e0\u00a0chatbot<\/a>\u00a0s\u1ebd tr\u1ea3 l\u1eddi b\u1eb1ng m\u1ed9t li\u00ean k\u1ebft c\u00f3 th\u1ec3 nh\u1ea5p v\u00e0o d\u1eabn \u0111\u1ebfn trang web c\u1ee7a t\u1ed9i ph\u1ea1m m\u1ea1ng.<\/p>\n

Tin t\u1eb7c s\u1eed d\u1ee5ng c\u00f4ng c\u1ee5 HexStrike-AI m\u1edbi \u0111\u1ec3 nhanh ch\u00f3ng khai th\u00e1c l\u1ed7 h\u1ed5ng n-day<\/strong><\/p>\n

Tin t\u1eb7c c\u00f3 xu h\u01b0\u1edbng ng\u00e0y c\u00e0ng s\u1eed d\u1ee5ng nhi\u1ec1u h\u01a1n m\u1ed9t n\u1ec1n t\u1ea3ng b\u1ea3o m\u1eadt t\u1ea5n c\u00f4ng m\u1edbi h\u1ed7 tr\u1ee3 AI c\u00f3 t\u00ean l\u00e0 HexStrike-AI, \u0111\u1ec3 khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng n-day g\u1ea7n \u0111\u00e2y. Ho\u1ea1t \u0111\u1ed9ng n\u00e0y \u0111\u01b0\u1ee3c b\u00e1o c\u00e1o b\u1edfi CheckPoint Research, c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u \u0111\u00e3 quan s\u00e1t th\u1ea5y nhi\u1ec1u cu\u1ed9c tr\u00f2 chuy\u1ec7n \u0111\u00e1ng k\u1ec3 tr\u00ean dark web xung quanh HexStrike-AI, li\u00ean quan \u0111\u1ebfn vi\u1ec7c s\u1eed d\u1ee5ng c\u00e1c\u00a0l\u1ed7 h\u1ed5ng Citrix<\/a>\u00a0m\u1edbi \u0111\u01b0\u1ee3c ti\u1ebft l\u1ed9, bao g\u1ed3m CVE-2025-7775, CVE-2025-7776 v\u00e0 CVE-2025-8424.<\/p>\n

HexStrike-AI l\u00e0 m\u1ed9t c\u00f4ng c\u1ee5 red team h\u1ee3p ph\u00e1p do nh\u00e0 nghi\u00ean c\u1ee9u Muhammad Osama ph\u00e1t tri\u1ec3n, cho ph\u00e9p t\u00edch h\u1ee3p c\u00e1c t\u00e1c nh\u00e2n AI \u0111\u1ec3 t\u1ef1 \u0111\u1ed9ng ch\u1ea1y h\u01a1n 150 c\u00f4ng c\u1ee5 b\u1ea3o m\u1eadt nh\u1eb1m m\u1ee5c \u0111\u00edch ki\u1ec3m tra x\u00e2m nh\u1eadp t\u1ef1 \u0111\u1ed9ng v\u00e0 ph\u00e1t hi\u1ec7n l\u1ed7 h\u1ed5ng.<\/p>\n

C\u00f4ng ty d\u1ecbch v\u1ee5 t\u00e0i ch\u00ednh Wealthsimple ti\u1ebft l\u1ed9 v\u1ee5 vi ph\u1ea1m d\u1eef li\u1ec7u<\/strong><\/p>\n

Wealthsimple, m\u1ed9t d\u1ecbch v\u1ee5 qu\u1ea3n l\u00fd \u0111\u1ea7u t\u01b0 tr\u1ef1c tuy\u1ebfn h\u00e0ng \u0111\u1ea7u c\u1ee7a Canada, \u0111\u00e3 ti\u1ebft l\u1ed9 m\u1ed9t v\u1ee5 vi ph\u1ea1m d\u1eef li\u1ec7u, sau khi nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u c\u00e1 nh\u00e2n c\u1ee7a m\u1ed9t s\u1ed1 kh\u00e1ch h\u00e0ng trong m\u1ed9t s\u1ef1 c\u1ed1 g\u1ea7n \u0111\u00e2y. C\u00f4ng ty \u0111\u00e3 th\u00f4ng b\u00e1o cho nh\u1eefng kh\u00e1ch h\u00e0ng b\u1ecb \u1ea3nh h\u01b0\u1edfng qua email, \u0111\u1ed3ng th\u1eddi khuy\u1ebfn c\u00e1o b\u1ea3o m\u1eadt t\u00e0i kho\u1ea3n b\u1eb1ng x\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1, kh\u00f4ng s\u1eed d\u1ee5ng l\u1ea1i m\u1eadt kh\u1ea9u c\u0169 v\u00e0 lu\u00f4n c\u1ea3nh gi\u00e1c v\u1edbi c\u00e1c n\u1ed7 l\u1ef1c\u00a0l\u1eeba \u0111\u1ea3o<\/a>\u00a0ti\u1ec1m \u1ea9n m\u1ea1o danh Whealthsimple.<\/p>\n

Tin t\u1eb7c APT28 tri\u1ec3n khai backdoor NotDoor nh\u1eafm v\u00e0o c\u00e1c qu\u1ed1c gia th\u00e0nh vi\u00ean NATO<\/strong><\/p>\n

Tin t\u1eb7c APT28 \u0111\u01b0\u1ee3c cho l\u00e0 \u201ct\u00e1c gi\u1ea3\u201d c\u1ee7a m\u1ed9t backdoor m\u1edbi tr\u00ean Microsoft\u00a0Outlook<\/a>\u00a0c\u00f3 t\u00ean l\u00e0 NotDoor, \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng nh\u1eafm v\u00e0o nhi\u1ec1u c\u00f4ng ty t\u1eeb nhi\u1ec1u l\u0129nh v\u1ef1c kh\u00e1c nhau t\u1ea1i c\u00e1c qu\u1ed1c gia th\u00e0nh vi\u00ean T\u1ed5 ch\u1ee9c Hi\u1ec7p \u01b0\u1edbc B\u1eafc \u0110\u1ea1i T\u00e2y D\u01b0\u01a1ng (NATO).<\/p>\n

Theo c\u00f4ng ty an ninh m\u1ea1ng S2 Grupo (T\u00e2y Ban Nha), NotDoor l\u00e0 m\u1ed9t macro VBA d\u00e0nh cho Outlook nh\u1eb1m theo d\u00f5i c\u00e1c email \u0111\u1ebfn \u0111\u1ec3 t\u00ecm m\u1ed9t t\u1eeb kh\u00f3a k\u00edch ho\u1ea1t c\u1ee5 th\u1ec3. Khi ph\u00e1t hi\u1ec7n m\u1ed9t email nh\u01b0 v\u1eady, n\u00f3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng\u00a0\u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u<\/a>, t\u1ea3i t\u1ec7p l\u00ean v\u00e0 th\u1ef1c thi c\u00e1c l\u1ec7nh tr\u00ean m\u00e1y t\u00ednh c\u1ee7a n\u1ea1n nh\u00e2n.<\/p>\n

Tin t\u1eb7c Iran s\u1eed d\u1ee5ng email l\u1eeba \u0111\u1ea3o nh\u1eafm v\u00e0o c\u00e1c nh\u00e0 ngo\u1ea1i giao<\/strong><\/p>\n

M\u1ed9t nh\u00f3m\u00a0tin t\u1eb7c Iran<\/a>\u00a0\u0111\u00e3 ph\u00e1t \u0111\u1ed9ng chi\u1ebfn d\u1ecbch l\u1eeba \u0111\u1ea3o qua th\u01b0 \u0111i\u1ec7n t\u1eed nh\u1eafm v\u00e0o c\u00e1c \u0111\u1ea1i s\u1ee9 qu\u00e1n, l\u00e3nh s\u1ef1 qu\u00e1n \u1edf ch\u00e2u \u00c2u v\u00e0 c\u00e1c khu v\u1ef1c kh\u00e1c tr\u00ean th\u1ebf gi\u1edbi. C\u00f4ng ty an ninh m\u1ea1ng Dream (Israel) \u0111\u00e3 quy k\u1ebft ho\u1ea1t \u0111\u1ed9ng n\u00e0y b\u1edfi nh\u00f3m Homeland Justice th\u1ef1c hi\u1ec7n.<\/p>\n

<\/p>\n

Chu\u1ed7i t\u1ea5n c\u00f4ng bao g\u1ed3m vi\u1ec7c s\u1eed d\u1ee5ng email l\u1eeba \u0111\u1ea3o c\u00f3 ch\u1ee7 \u0111\u1ec1 li\u00ean quan \u0111\u1ebfn c\u0103ng th\u1eb3ng \u0111\u1ecba ch\u00ednh tr\u1ecb gi\u1eefa\u00a0Iran v\u00e0 Israel<\/a>, \u0111\u1ec3 g\u1eedi m\u1ed9t t\u1ec7p Microsoft Word \u0111\u1ed9c h\u1ea1i, khi m\u1edf ra, s\u1ebd y\u00eau c\u1ea7u ng\u01b0\u1eddi nh\u1eadn \u201cEnable Content\u201d \u0111\u1ec3 th\u1ef1c thi macro Visual Basic for Applications (VBA) \u0111\u01b0\u1ee3c nh\u00fang, macro n\u00e0y ch\u1ecbu tr\u00e1ch nhi\u1ec7m tri\u1ec3n khai ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i.<\/p>\n

CISA b\u1ed5 sung l\u1ed7 h\u1ed5ng TP-Link m\u1edbi v\u00e0o danh m\u1ee5c KEV<\/strong><\/p>\n

Ng\u00e0y 02\/9, C\u01a1 quan An ninh m\u1ea1ng v\u00e0 C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng M\u1ef9 (CISA<\/a>) \u0111\u00e3 th\u00eam m\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn B\u1ed9 m\u1edf r\u1ed9ng\u00a0Wifi<\/a>\u00a0Ranger TP-Link TL-WA855RE v\u00e0o danh m\u1ee5c L\u1ed7 h\u1ed5ng khai th\u00e1c \u0111\u00e3 bi\u1ebft (KEV), tr\u00edch d\u1eabn b\u1eb1ng ch\u1ee9ng v\u1ec1 vi\u1ec7c khai th\u00e1c \u0111ang di\u1ec5n ra. Theo \u0111\u00f3, l\u1ed7 h\u1ed5ng CVE-2020-24363 (\u0111i\u1ec3m CVSS: 8,8), li\u00ean quan \u0111\u1ebfn tr\u01b0\u1eddng h\u1ee3p thi\u1ebfu x\u00e1c th\u1ef1c c\u00f3 th\u1ec3 b\u1ecb l\u1ee3i d\u1ee5ng \u0111\u1ec3 c\u00f3 quy\u1ec1n truy c\u1eadp cao h\u01a1n v\u00e0o thi\u1ebft b\u1ecb d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng.<\/p>\n

C\u1ea3nh b\u00e1o v\u1ec1 backdoor MystRodX s\u1eed d\u1ee5ng DNS v\u00e0 ICMP \u0111\u1ec3 thu th\u1eadp d\u1eef li\u1ec7u<\/strong><\/p>\n

M\u1edbi \u0111\u00e2y, c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u c\u1ee7a c\u00f4ng ty an ninh m\u1ea1ng QiAnXin (Trung Qu\u1ed1c) \u0111\u00e3 ti\u1ebft l\u1ed9 m\u1ed9t\u00a0backdoor<\/a>\u00a0m\u1edbi c\u00f3 t\u00ean l\u00e0 MystRodX, v\u1edbi v\u1edbi nhi\u1ec1u t\u00ednh n\u0103ng \u0111\u1ec3 thu th\u1eadp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m t\u1eeb c\u00e1c h\u1ec7 th\u1ed1ng b\u1ecb x\u00e2m ph\u1ea1m. MystRodX l\u00e0 m\u1ed9t backdoor \u0111\u01b0\u1ee3c bi\u00ean d\u1ecbch b\u1eb1ng C++, h\u1ed7 tr\u1ee3 c\u00e1c t\u00ednh n\u0103ng nh\u01b0 qu\u1ea3n l\u00fd t\u1ec7p, chuy\u1ec3n ti\u1ebfp c\u1ed5ng, reverse shell v\u00e0 qu\u1ea3n l\u00fd socket. So v\u1edbi c\u00e1c backdoor th\u00f4ng th\u01b0\u1eddng, MystRodX n\u1ed5i b\u1eadt v\u1ec1 kh\u1ea3 n\u0103ng \u1ea9n m\u00ecnh v\u00e0 t\u00ednh linh ho\u1ea1t.<\/p>\n

C\u1ea3nh s\u00e1t ph\u00e1 v\u1ee1 Streameast: M\u1ea1ng l\u01b0\u1edbi ph\u00e1t tr\u1ef1c tuy\u1ebfn th\u1ec3 thao b\u1ea5t h\u1ee3p ph\u00e1p l\u1edbn nh\u1ea5t th\u1ebf gi\u1edbi<\/strong><\/p>\n

Li\u00ean minh S\u00e1ng t\u1ea1o v\u00e0 Gi\u1ea3i tr\u00ed (ACE) v\u00e0 ch\u00ednh quy\u1ec1n Ai C\u1eadp \u0111\u00e3 \u0111\u00f3ng c\u1eeda Streameast, m\u1ed9t m\u1ea1ng l\u01b0\u1edbi ph\u00e1t tr\u1ef1c ti\u1ebfp th\u1ec3 thao b\u1ea5t h\u1ee3p ph\u00e1p l\u1edbn nh\u1ea5t th\u1ebf gi\u1edbi v\u00e0 b\u1eaft gi\u1eef hai ng\u01b0\u1eddi b\u1ecb c\u00e1o bu\u1ed9c c\u00f3 li\u00ean quan \u0111\u1ebfn ho\u1ea1t \u0111\u1ed9ng n\u00e0y. Hi\u1ec7n t\u1ea1i, 80 t\u00ean mi\u1ec1n tr\u01b0\u1edbc \u0111\u00e2y thu\u1ed9c v\u1ec1 Streameast hi\u1ec7n \u0111\u01b0\u1ee3c chuy\u1ec3n h\u01b0\u1edbng \u0111\u1ebfn trang web \u201cWatch Legally\u201d c\u1ee7a ACE, n\u01a1i ch\u1ee9a c\u00e1c li\u00ean k\u1ebft \u0111\u1ebfn c\u00e1c n\u1ec1n t\u1ea3ng l\u01b0u tr\u1eef n\u1ed9i dung h\u1ee3p ph\u00e1p.<\/p>\n

G\u00e3 kh\u1ed5ng l\u1ed3 SaaS Workiva ti\u1ebft l\u1ed9 v\u1ee5 vi ph\u1ea1m d\u1eef li\u1ec7u sau cu\u1ed9c t\u1ea5n c\u00f4ng c\u1ee7a Salesforce<\/strong><\/p>\n

Workiva, nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5 SaaS (ph\u1ea7n m\u1ec1m d\u01b0\u1edbi d\u1ea1ng d\u1ecbch v\u1ee5) h\u00e0ng \u0111\u1ea7u tr\u00ean n\u1ec1n t\u1ea3ng\u00a0\u0111\u00e1m m\u00e2y<\/a>, \u0111\u00e3 th\u00f4ng b\u00e1o \u0111\u1ebfn kh\u00e1ch h\u00e0ng r\u1eb1ng nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng qu\u1ea3n l\u00fd CRM c\u1ee7a b\u00ean th\u1ee9 ba v\u00e0 \u0111\u00e1nh c\u1eafp m\u1ed9t s\u1ed1 d\u1eef li\u1ec7u c\u1ee7a h\u1ecd. Theo th\u00f4ng b\u00e1o qua email, nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 \u0111\u00e1nh c\u1eafp m\u1ed9t s\u1ed1 th\u00f4ng tin li\u00ean h\u1ec7 kinh doanh h\u1ea1n ch\u1ebf, bao g\u1ed3m h\u1ecd t\u00ean, \u0111\u1ecba ch\u1ec9 email, s\u1ed1 \u0111i\u1ec7n tho\u1ea1i v\u00e0 n\u1ed9i dung phi\u1ebfu h\u1ed7 tr\u1ee3.<\/p>\n

Google x\u00e1c nh\u1eadn nh\u1eefng tuy\u00ean b\u1ed1 v\u1ec1 c\u1ea3nh b\u00e1o b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng c\u1ee7a Gmail l\u00e0 sai s\u1ef1 th\u1eadt<\/strong><\/p>\n

Ng\u00e0y 01\/9, Google \u0111\u00e3 ch\u00ednh th\u1ee9c\u00a0b\u00e1c b\u1ecf<\/a>\u00a0nh\u1eefng b\u00e1o c\u00e1o lan truy\u1ec1n v\u1ec1 vi\u1ec7c c\u00f4ng ty c\u1ea3nh b\u00e1o t\u1ea5t c\u1ea3 ng\u01b0\u1eddi d\u00f9ng Gmail \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u do v\u1ee5 vi ph\u1ea1m d\u1eef li\u1ec7u g\u1ea7n \u0111\u00e2y c\u0169ng \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn m\u1ed9t s\u1ed1 t\u00e0i kho\u1ea3n Workspace, \u0111\u1ed3ng th\u1eddi kh\u1eb3ng \u0111\u1ecbnh c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o v\u1ec7 c\u1ee7a Gmail r\u1ea5t m\u1ea1nh m\u1ebd v\u00e0 hi\u1ec7u qu\u1ea3, nh\u1eefng tuy\u00ean b\u1ed1 nh\u01b0 v\u1eady l\u00e0 ho\u00e0n to\u00e0n sai s\u1ef1 th\u1eadt.<\/p>\n

G\u00e3 kh\u1ed5ng l\u1ed3 c\u00f4ng ngh\u1ec7 l\u01b0u \u00fd r\u1eb1ng h\u01a1n 99,9% c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng l\u1eeba \u0111\u1ea3o v\u00e0 ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u1ec1u b\u1ecb ch\u1eb7n b\u1edfi h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt c\u1ee7a\u00a0Gmail<\/a>, khuy\u1ebfn c\u00e1o ng\u01b0\u1eddi d\u00f9ng chuy\u1ec3n sang s\u1eed d\u1ee5ng m\u00e3 kh\u00f3a \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o t\u00e0i kho\u1ea3n c\u1ee7a h\u1ecd kh\u00f4ng b\u1ecb chi\u1ebfm \u0111o\u1ea1t ngay c\u1ea3 khi th\u00f4ng tin \u0111\u0103ng nh\u1eadp b\u1ecb \u0111\u00e1nh c\u1eafp.<\/p>\n<\/article>\n","protected":false},"excerpt":{"rendered":"

\u00a0H\u1ed3ng \u0110\u1ea1t To\u00e0n c\u1ea3nh v\u1ec1 nh\u1eefng s\u1ef1 ki\u1ec7n, tin t\u1ee9c n\u1ed5i b\u1eadt v\u1ec1 b\u1ea3o m\u1eadt v\u00e0 an to\u00e0n th\u00f4ng tin trong Tu\u1ea7n 36 (01\/9 – 7\/9), B\u1ea3n tin g\u1ed3m c\u00e1c s\u1ef1 ki\u1ec7n an to\u00e0n th\u00f4ng tin n\u1ed5i b\u1eadt trong n\u01b0\u1edbc v\u00e0 qu\u1ed1c t\u1ebf. Trong tu\u1ea7n qua, C\u1ee5c T\u1ea7n s\u1ed1 v\u00f4 tuy\u1ebfn \u0111i\u1ec7n, B\u1ed9 Khoa h\u1ecdc […]<\/p>\n","protected":false},"author":20,"featured_media":46657,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[4,35],"tags":[],"class_list":["post-46656","post","type-post","status-publish","format-standard","has-post-thumbnail","category-kien-thuc-an-toan-thong-tin","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46656","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=46656"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46656\/revisions"}],"predecessor-version":[{"id":46658,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46656\/revisions\/46658"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/46657"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=46656"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=46656"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=46656"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}