{"id":3828,"date":"2024-05-06T08:49:10","date_gmt":"2024-05-06T08:49:10","guid":{"rendered":"https:\/\/chuyendoiso.haiphong.gov.vn\/?p=3828"},"modified":"2025-04-17T08:50:03","modified_gmt":"2025-04-17T08:50:03","slug":"canh-bao-hai-lo-hong-zero-day-tren-cac-thiet-bi-cua-cisco-nham-phat-tan-phan-mem-doc-hai","status":"publish","type":"post","link":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/2024\/05\/06\/canh-bao-hai-lo-hong-zero-day-tren-cac-thiet-bi-cua-cisco-nham-phat-tan-phan-mem-doc-hai\/","title":{"rendered":"C\u1ea3nh b\u00e1o hai l\u1ed7 h\u1ed5ng zero-day tr\u00ean c\u00e1c thi\u1ebft b\u1ecb c\u1ee7a Cisco nh\u1eb1m ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i"},"content":{"rendered":"<p><strong>M\u1edbi \u0111\u00e2y, Cisco c\u1ea3nh b\u00e1o r\u1eb1ng m\u1ed9t nh\u00f3m tin t\u1eb7c \u0111\u01b0\u1ee3c nh\u00e0 n\u01b0\u1edbc b\u1ea3o tr\u1ee3 \u0111\u00e3 khai th\u00e1c hai l\u1ed7 h\u1ed5ng zero-day trong t\u01b0\u1eddng l\u1eeda Adaptive Security Appliance (ASA) v\u00e0 Firepower Threat Defense (FTD) k\u1ec3 t\u1eeb th\u00e1ng 11\/2023 \u0111\u1ec3 c\u00e0i \u0111\u1eb7t ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng m\u1ea1ng vi\u1ec5n th\u00f4ng v\u00e0 n\u0103ng l\u01b0\u1ee3ng b\u1ecb \u1ea3nh h\u01b0\u1edfng t\u1ea1i nhi\u1ec1u qu\u1ed1c gia.<\/strong><\/p>\n<div class=\"image\"><a title=\"C\u1ea3nh b\u00e1o hai l\u1ed7 h\u1ed5ng zero-day tr\u00ean c\u00e1c thi\u1ebft b\u1ecb c\u1ee7a Cisco nh\u1eb1m ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \"><img decoding=\"async\" src=\"https:\/\/tailieu.antoanthongtin.vn\/Files\/files\/site-2\/images\/20240423\/5(1).jpg\" alt=\"C\u1ea3nh b\u00e1o hai l\u1ed7 h\u1ed5ng zero-day tr\u00ean c\u00e1c thi\u1ebft b\u1ecb c\u1ee7a Cisco nh\u1eb1m ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \" \/>.<\/a><\/div>\n<p><strong>L\u1ed7 h\u1ed5ng zero-day b\u1ecb khai th\u00e1c<\/strong><\/p>\n<p>Chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1ea1ng n\u00e0y c\u00f3 t\u00ean l\u00e0 ArcaneDoor, c\u00e1c tin t\u1eb7c \u0111\u00e3 khai th\u00e1c hai l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt bao g\u1ed3m CVE-2024-20353 (l\u1ed7 h\u1ed5ng\u00a0t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5) v\u00e0 CVE-2024-20359 (l\u1ed7 h\u1ed5ng th\u1ef1c thi m\u00e3),\u00a0cho ph\u00e9p c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda tri\u1ec3n khai ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i v\u00e0 duy tr\u00ec s\u1ef1 t\u1ed3n t\u1ea1i tr\u00ean c\u00e1c thi\u1ebft b\u1ecb ASA v\u00e0 FTD b\u1ecb x\u00e2m nh\u1eadp.<\/p>\n<p>Theo \u0111\u00f3, nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111ang \u0111\u00e3 nh\u1eafm v\u00e0o c\u00e1c l\u1ed7i ph\u1ea7n m\u1ec1m trong m\u1ed9t s\u1ed1 thi\u1ebft b\u1ecb ch\u1ea1y c\u00e1c s\u1ea3n ph\u1ea9m ASA v\u00e0 FTD \u0111\u1ec3 ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, t\u1eeb \u0111\u00f3 \u0111\u1ec3 th\u1ef1c thi l\u1ec7nh v\u00e0 c\u00f3 kh\u1ea3 n\u0103ng \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u t\u1eeb c\u00e1c thi\u1ebft b\u1ecb b\u1ecb x\u00e2m nh\u1eadp.<\/p>\n<p>Cisco bi\u1ebft \u0111\u1ebfn chi\u1ebfn d\u1ecbch ArcaneDoor v\u00e0o \u0111\u1ea7u th\u00e1ng 01\/2024 v\u00e0 t\u00ecm th\u1ea5y b\u1eb1ng ch\u1ee9ng cho th\u1ea5y nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 th\u1eed nghi\u1ec7m v\u00e0 ph\u00e1t tri\u1ec3n c\u00e1c ho\u1ea1t \u0111\u1ed9ng khai th\u00e1c nh\u1eb1m nh\u1eafm v\u00e0o hai l\u1ed7 h\u1ed5ng zero-day \u00edt nh\u1ea5t k\u1ec3 t\u1eeb th\u00e1ng 7\/2023.<\/p>\n<p>M\u1ed9t trong nh\u1eefng ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng l\u00e0 Line Dancer, \u0111\u00e2y l\u00e0 tr\u00ecnh t\u1ea3i shellcode trong b\u1ed9 nh\u1edb gi\u00fap ph\u00e2n ph\u1ed1i v\u00e0 th\u1ef1c thi c\u00e1c payload shellcode t\u00f9y \u00fd \u0111\u1ec3 v\u00f4 hi\u1ec7u h\u00f3a t\u00ednh n\u0103ng ghi nh\u1eadt k\u00fd, cung c\u1ea5p quy\u1ec1n truy c\u1eadp t\u1eeb xa v\u00e0 l\u1ecdc c\u00e1c g\u00f3i tin \u0111\u00e3 thu th\u1eadp \u0111\u01b0\u1ee3c.<\/p>\n<p>Ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i th\u1ee9 hai l\u00e0\u00a0backdoor\u00a0Line Runner v\u1edbi nhi\u1ec1u k\u1ef9 thu\u1eadt che d\u1ea5u \u0111\u1ec3 tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n b\u1edfi c\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt, \u0111\u1ed3ng th\u1eddi cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng ch\u1ea1y m\u00e3 Lua t\u00f9y \u00fd tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng b\u1ecb t\u1ea5n c\u00f4ng.<\/p>\n<p>Cisco cho bi\u1ebft: \u201cC\u00e1c tin t\u1eb7c \u0111\u00e3 s\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 \u0111\u1ed9c h\u1ea1i ri\u00eang bi\u1ec7t \u0111\u1ec3 t\u1eadp trung v\u00e0o ho\u1ea1t \u0111\u1ed9ng\u00a0gi\u00e1n \u0111i\u1ec7p, \u0111i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 l\u00e0 d\u1ea5u hi\u1ec7u c\u1ee7a m\u1ed9t t\u00e1c nh\u00e2n tinh vi \u0111\u01b0\u1ee3c nh\u00e0 n\u01b0\u1edbc b\u1ea3o tr\u1ee3. Hai ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i bao g\u1ed3m Line Runner v\u00e0 Line Dancer, \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng chung \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i nh\u1eb1m v\u00e0o m\u1ee5c ti\u00eau, bao g\u1ed3m s\u1eeda \u0111\u1ed5i c\u1ea5u h\u00ecnh, trinh s\u00e1t, thu th\u1eadp\/l\u1ecdc th\u00f4ng tin l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp m\u1ea1ng v\u00e0 c\u00f3 kh\u1ea3 n\u0103ng di chuy\u1ec3n ngang h\u00e0ng trong h\u1ec7 th\u1ed1ng\u201d.<\/p>\n<p>M\u1ed9t khuy\u1ebfn c\u00e1o chung \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 m\u1edbi nh\u1ea5t b\u1edfi Trung t\u00e2m An ninh m\u1ea1ng qu\u1ed1c gia V\u01b0\u01a1ng qu\u1ed1c Anh (NCSC), Trung t\u00e2m An ninh m\u1ea1ng Canada v\u00e0 Trung t\u00e2m An ninh m\u1ea1ng \u00dac cho bi\u1ebft c\u00e1c t\u00e1c nh\u00e2n \u0111\u1ed9c h\u1ea1i \u0111\u00e3 s\u1eed d\u1ee5ng quy\u1ec1n truy c\u1eadp c\u1ee7a h\u1ecd \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c m\u1ee5c ti\u00eau sau:<\/p>\n<p>&#8211; T\u1ea1o phi\u00ean b\u1ea3n c\u1ee7a t\u1ec7p c\u1ea5u h\u00ecnh tr\u00ean thi\u1ebft b\u1ecb \u0111\u1ec3 c\u00f3 th\u1ec3 l\u1ecdc t\u1ec7p \u0111\u00f3.<\/p>\n<p>&#8211; Ki\u1ec3m so\u00e1t vi\u1ec7c b\u1eadt v\u00e0 t\u1eaft d\u1ecbch v\u1ee5 nh\u1eadt k\u00fd h\u1ec7 th\u1ed1ng c\u1ee7a thi\u1ebft b\u1ecb \u0111\u1ec3 l\u00e0m x\u00e1o tr\u1ed9n c\u00e1c l\u1ec7nh b\u1ed5 sung.<\/p>\n<p>&#8211; S\u1eeda \u0111\u1ed5i c\u1ea5u h\u00ecnh x\u00e1c th\u1ef1c, \u1ee7y quy\u1ec1n v\u00e0 ki\u1ec3m to\u00e1n (AAA) \u0111\u1ec3 c\u00e1c thi\u1ebft b\u1ecb do c\u00e1c tin t\u1eb7c ki\u1ec3m so\u00e1t ph\u00f9 h\u1ee3p v\u1edbi \u0111\u1ecbnh danh c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c c\u1ea5p quy\u1ec1n truy c\u1eadp tr\u00ean m\u00f4i tr\u01b0\u1eddng b\u1ecb \u1ea3nh h\u01b0\u1edfng.<\/p>\n<p><strong>Khuy\u1ebfn ngh\u1ecb c\u1eadp nh\u1eadt b\u1ea3n v\u00e1<\/strong><\/p>\n<p>Cisco \u0111\u00e3 ph\u00e1t h\u00e0nh c\u00e1c b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt \u0111\u1ec3 kh\u1eafc ph\u1ee5c hai l\u1ed7 h\u1ed5ng zero-day v\u00e0 khuy\u1ebfn c\u00e1o t\u1ea5t c\u1ea3 kh\u00e1ch h\u00e0ng n\u00ean n\u00e2ng c\u1ea5p thi\u1ebft b\u1ecb c\u1ee7a h\u1ecd l\u00ean ph\u1ea7n m\u1ec1m \u0111\u00e3 \u0111\u01b0\u1ee3c v\u00e1 \u0111\u1ec3 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ti\u1ec1m t\u00e0ng.<\/p>\n<p>Qu\u1ea3n tr\u1ecb vi\u00ean Cisco c\u0169ng \u0111\u01b0\u1ee3c khuy\u1ebfn kh\u00edch gi\u00e1m s\u00e1t nh\u1eadt k\u00fd h\u1ec7 th\u1ed1ng \u0111\u1ec3 ph\u00e1t hi\u1ec7n m\u1ecdi d\u1ea5u hi\u1ec7u kh\u1edfi \u0111\u1ed9ng l\u1ea1i b\u1ea5t th\u01b0\u1eddng, thay \u0111\u1ed5i c\u1ea5u h\u00ecnh tr\u00e1i ph\u00e9p ho\u1eb7c c\u00e1c ho\u1ea1t \u0111\u1ed9ng x\u00e1c th\u1ef1c \u0111\u00e1ng ng\u1edd.<\/p>\n<p>\u0110\u1ea7u th\u00e1ng 4\/2024, Cisco \u0111\u00e3 c\u1ea3nh b\u00e1o v\u1ec1 c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng Brute Force quy m\u00f4 l\u1edbn nh\u1eafm v\u00e0o c\u00e1c d\u1ecbch v\u1ee5\u00a0VPN\u00a0v\u00e0 SSH tr\u00ean c\u00e1c thi\u1ebft b\u1ecb Cisco, CheckPoint, Fortinet, SonicWall v\u00e0 Ubiquiti tr\u00ean to\u00e0n th\u1ebf gi\u1edbi.<\/p>\n<p>Tr\u01b0\u1edbc \u0111\u00f3 v\u00e0o th\u00e1ng 3\/2024, c\u00f4ng ty c\u0169ng chia s\u1ebb h\u01b0\u1edbng d\u1eabn v\u1ec1 c\u00e1ch gi\u1ea3m thi\u1ec3u c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng\u00a0Password Spray\u00a0nh\u1eafm m\u1ee5c ti\u00eau v\u00e0o c\u00e1c d\u1ecbch v\u1ee5 VPN truy c\u1eadp t\u1eeb xa (RAVPN) \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh tr\u00ean c\u00e1c thi\u1ebft b\u1ecb t\u01b0\u1eddng l\u1eeda Cisco Secure Firewall.<\/p>\n<p><em>Ngu\u1ed3n tin: https:\/\/antoanthongtin.vn\/<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>M\u1edbi \u0111\u00e2y, Cisco c\u1ea3nh b\u00e1o r\u1eb1ng m\u1ed9t nh\u00f3m tin t\u1eb7c \u0111\u01b0\u1ee3c nh\u00e0 n\u01b0\u1edbc b\u1ea3o tr\u1ee3 \u0111\u00e3 khai th\u00e1c hai l\u1ed7 h\u1ed5ng zero-day trong t\u01b0\u1eddng l\u1eeda Adaptive Security Appliance (ASA) v\u00e0 Firepower Threat Defense (FTD) k\u1ec3 t\u1eeb th\u00e1ng 11\/2023 \u0111\u1ec3 c\u00e0i \u0111\u1eb7t ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng m\u1ea1ng vi\u1ec5n th\u00f4ng v\u00e0 n\u0103ng l\u01b0\u1ee3ng [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":3830,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[13],"tags":[],"class_list":{"0":"post-3828","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tin-tuc"},"_links":{"self":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts\/3828","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/comments?post=3828"}],"version-history":[{"count":1,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts\/3828\/revisions"}],"predecessor-version":[{"id":3832,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts\/3828\/revisions\/3832"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/media\/3830"}],"wp:attachment":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/media?parent=3828"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/categories?post=3828"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/tags?post=3828"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}