Skip to content

ESET發現外國駐白俄羅斯外交官遭駭客監控

國際資安大廠ESET發現一個新型威脅行為者,該威脅行為者正在針對白俄羅斯多個大使館展開網路間諜活動。ESET於2018年開始跟蹤這個稱為MoustachedBouncer組織的活動,依據8月10日發佈的報告,MoustachedBouncer的網路間諜組織對ISP(Image Signal Processor ,圖像訊號處理器)使用了中間人(Adversary-in-The-Middle,AiTM)攻擊,來入侵白俄羅斯的外國大使館。研究人員觀察到了五次不同的活動,該組織使用相當先進的C&C通訊技術,包括在ISP(Image Signal Processor ,圖像訊號處理器)級別攔截並植入Disco、NightClub惡意程式,頗具俄羅斯TURLA組織的風格。

ESET指出,該組織至少自2014年起就一直活躍,且僅針對駐白俄羅斯的外國大使館,並從2020年,MoustachedBouncer開始在白俄羅斯境內的ISP(Image Signal Processor ,圖像訊號處理器)執行中間人(Adversary-in-The-Middle,AiTM) 攻擊,以監視和控制其目標。該組織使用兩個獨立的工具集,ESET將其命名為NightClub和Disco,其用於支援資料竊取、螢幕截圖、錄製音訊等。

#若有任何資安需求,歡迎洽詢台灣二版資安專業團隊,服務電話:(02)7722-6899,或上官網查詢:https://version-2.com.tw/

原文出處:https://www.welivesecurity.com/en/eset-research/moustachedbouncer-espionage-against-foreign-diplomats-in-belarus/

關於ESET
ESET成立於1992年,是一家面向企業與個人用戶的全球性的電腦安全軟體提供商,其 獲獎產品——NOD32防病毒軟體系統,能夠針對各種已知或未知病毒、間諜軟體 (spyware)、rootkits和其他惡意軟體為電腦系統提供實時保護。ESET NOD32佔用 系統資源最少,偵測速度最快,可以提供最有效的保護,並且比其他任何防病毒產品獲 得了更多的Virus Bulletin 100%獎項。ESET連續五年被評為“德勤高科技快速成長500 強”(Deloitte’s Technology Fast 500)公司,擁有廣泛的合作夥伴網絡,包括佳 能、戴爾、微軟等國際知名公司,在布拉迪斯拉發(斯洛伐克)、布里斯托爾(英國 )、布宜諾斯艾利斯(阿根廷)、布拉格(捷克)、聖地亞哥(美國)等地均設有辦事 處,代理機構覆蓋全球超過100個國家。

關於 Version 2 Digital
資安解決方案 專業代理商與領導者
台灣二版 ( Version 2 ) 是亞洲其中一間最有活力的 IT 公司,多年來深耕資訊科技領域,致力於提供與時俱進的資安解決方案 ( 如EDR、NDR、漏洞管理 ),工具型產品 ( 如遠端控制、網頁過濾 ) 及資安威脅偵測應 變服務服務 ( MDR ) 等,透過龐大銷售點、經銷商及合作伙伴,提供廣被市場讚賞的產品及客製化、在地化的專業服務。

台灣二版 ( Version 2 ) 的銷售範圍包括台灣、香港、中國內地、新加坡、澳門等地區,客戶涵 蓋各產業,包括全球 1000 大跨國企業、上市公司、公用機構、政府部門、無數成功的中小企業及來自亞 洲各城市的消費市場客戶。

23.6.9 ‘Voyager’ released

Changes compared to 23.6.8

New Features

  • Added support for performing backups to a WebDAV based Storage Vault

Enhancements

  • Added support for macOS client notarization using notarytool (Xcode 13 or later) with a fallback to altool if not installed. Note: Apple’s notary service will not accept uploads from altool or Xcode 13 or earlier starting November 1, 2023. See this link for details
  • Added the ability to verify if versioning is enabled on the bucket when setting up Object Lock on supported S3-backed Storage Templates
  • Improved performance for accessing Storj.io Storage Vaults
  • Improved the documented types in the PHP SDK

Bug Fixes

  • Fixed an issue with WebAuthn logins for non-OIDC admins failing in the Comet Server web interface
  • Fixed an issue with jobs not appearing when clicking on segments on the Recent Activity page of the Comet Server web interface
  • Fixed an issue with the Application Aware Writer live picker in the Comet Backup desktop app not accurately displaying what is selected
  • Fixed a cosmetic issue with certain characters showing incorrectly in the Microsoft 365 Protected Item dialog in the Comet Server web interface
  • Fixed an issue with the Storage Vault “Test Connection” button crashing the Comet Server web interface when Storage Role is disabled

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.