{"id":118,"date":"2021-11-27T20:43:53","date_gmt":"2021-11-27T12:43:53","guid":{"rendered":"https:\/\/www.yuyiares.com\/?p=118"},"modified":"2021-11-27T20:50:53","modified_gmt":"2021-11-27T12:50:53","slug":"%e6%83%85%e8%b3%87%e6%94%b6%e9%9b%86","status":"publish","type":"post","link":"https:\/\/www.yuyiares.com\/?p=118","title":{"rendered":"\u60c5\u8cc7\u6536\u96c6"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"118\" class=\"elementor elementor-118\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b64a1a4 elementor-section-boxed elementor-section-height-default elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no\" data-id=\"b64a1a4\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7eacc75\" data-id=\"7eacc75\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-a1ddd5e elementor-section-boxed elementor-section-height-default elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no\" data-id=\"a1ddd5e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-11d5c15\" data-id=\"11d5c15\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-accc153 elementor-widget elementor-widget-heading\" data-id=\"accc153\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">\u524d\u8a00<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ff55a0e elementor-widget elementor-widget-text-editor\" data-id=\"ff55a0e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u65bcAIS32021\u7684\u8ab2\u7a0b\u3002<\/p><p>\u8b1b\u5e2b\u70ba<a href=\"https:\/\/blog.duckll.tw\/\">DuckLL<\/a>\u3001TT\u3001Still\u3002<\/p><p>\u807d\u5b8c\u8ab2\u4e4b\u5f8c\uff0c\u7528\u81ea\u5df1\u7684\u65b9\u5f0f\u5c07\u6240\u5b78\u7d00\u9304\u4e0b\u4f86\u3002<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b120c68 elementor-section-boxed elementor-section-height-default elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no\" data-id=\"b120c68\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a644a1a\" data-id=\"a644a1a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-b4a0465 elementor-section-boxed elementor-section-height-default elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no\" data-id=\"b4a0465\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-3d5588d\" data-id=\"3d5588d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-edf248c elementor-widget elementor-widget-heading\" data-id=\"edf248c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">\u5167\u6587<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-828e5f3 elementor-widget elementor-widget-text-editor\" data-id=\"828e5f3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u5728\u4efb\u4f55\u9818\u57df\uff0c\u8cc7\u8a0a\u662f\u5f88\u91cd\u8981\u7684\u4e00\u90e8\u5206\u3002\u5728\u80a1\u5e02\u4e2d\uff0c\u6709\u8cc7\u8a0a\u5c31\u53ef\u4ee5\u8cfa\u5927\u9322\uff1b\u5728\u8ac7\u5224\u4e2d\uff0c\u6709\u8cc7\u8a0a\u66f4\u80fd\u5920\u638c\u63e1\u5c0d\u65b9\u7684\u5e95\u7dda\uff1b\u5728\u8cc7\u5b89\u4e2d\uff0c\u6709\u8cc7\u8a0a\u53ef\u4ee5\u66f4\u597d\u9632\u79a6\u5916\u4f86\u653b\u64ca\u3002<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ade7274 elementor-widget elementor-widget-text-editor\" data-id=\"ade7274\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u505a\u63d0\u524d\u66f4\u65b0\u6f0f\u6d1e\u3002<\/p><p>\u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u63d0\u524d\u90e8\u5c6c\u9632\u79a6\u8a2d\u5099\u3002<\/p><p>\u638c\u63e1\u8cc7\u8a0a\u3002\u5c31\u53ef\u4ee5\u505a\u5230\u5b89\u5168\u7121\u60a3\u3002<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f91d310 elementor-widget elementor-widget-text-editor\" data-id=\"f91d310\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u5728\u9632\u79a6\u65b9\u9762\uff0c\u6709\u4e09\u9ede\u9700\u8981\u91cd\u9ede\u53bb\u95dc\u6ce8<\/p><ul><li>Motivations &#8211; \u52d5\u6a5f<\/li><li>Intentions &#8211; \u610f\u5716<\/li><li>Methods &#8211; \u65b9\u6cd5<\/li><\/ul><p>\u53d6\u5f97\u8cc7\u6599\u5f8c\uff0c\u5c07\u4e4b\u9032\u884c\u6574\u7406\uff0c\u7d93\u904e\u4e09\u5927\u8655\u7406\uff0c\u63d0\u5347\u5404\u65b9\u9762\u7684\u4fdd\u8b77\u529b<\/p><ul><li>Collected &#8211; \u6536\u96c6<\/li><li>Analyzed &#8211; \u5206\u6790<\/li><li>Disseminated &#8211; \u50b3\u64ad<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f624221 elementor-widget elementor-widget-heading\" data-id=\"f624221\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Life Cycle<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a15790d elementor-widget elementor-widget-text-editor\" data-id=\"a15790d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u6574\u500b\u8cc7\u6599\u6536\u96c6\u7684\u904e\u7a0b\u5f88\u7c21\u55ae\uff0c\u4e3b\u8981\u5c31\u662f\u91cd\u8907\u56db\u500b\u6b65\u9a5f<\/p><ol><li>Planning &amp; Direction<\/li><li>Collection<\/li><li>Analysis &amp; Production<\/li><li>Dissemination &amp; Intedration<\/li><\/ol>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-96743b8 elementor-widget elementor-widget-heading\" data-id=\"96743b8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Planning &amp; Direction<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e51a344 elementor-widget elementor-widget-text-editor\" data-id=\"e51a344\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>1. \u78ba\u8a8d\u8a08\u756b<\/p><ul><li>\u6307\u5b9a\u6574\u9ad4\u8a08\u756b\u65b9\u5411\uff0c\u6e1b\u5c11\u6d6a\u8cbb\u6642\u9593<ul><li>\u627e\u51fa\u6700\u91cd\u8981\u7684\u5a01\u8105<\/li><li>\u6392\u5217\u5a01\u8105\u7684\u512a\u5148\u7a0b\u5ea6<\/li><li>\u8ab0\u662f\u653b\u64ca\u8005\uff0c\u8ab0\u6703\u5728\u9019\u6b21\u653b\u64ca\u53d7\u76ca<\/li><\/ul><\/li><\/ul><p>2. \u78ba\u8a8d\u653b\u64ca\u7df4\u578b<\/p><ul><li>Cyber Crime<ul><li>\u8cfa\u9322\u662f\u4e3b\u8981\u76ee\u7684\uff0c\u5982\u5077\u53d6\u4fe1\u7528\u5361\u865f<\/li><li>\u500b\u4eba\u76ee\u7684\u70ba\u5c0e\u5411<\/li><li>\u7bc4\u570d\u5f88\u5927\uff0c\u4e5f\u4e0d\u6703\u6709\u91dd\u5c0d\u6027<\/li><\/ul><\/li><li>Cyber Espionage<ul><li>\u7db2\u8def\u9593\u8adc<\/li><li>\u91dd\u5c0d\u653f\u5e9c\u3001\u653f\u5e9c\u3001\u79c1\u4eba\u4f01\u696d(\u9ad8\u79d1\u6280\u7522\u696d\u3001\u57fa\u790e\u5efa\u8a2d)<\/li><li>\u901a\u5e38\u4e0d\u6703\u727d\u626f\u5230\u91d1\u9322<\/li><li>\u80cc\u5f8c\u53ef\u80fd\u662f\u653f\u5e9c<\/li><li>\u7cbe\u78ba\u3001\u7cbe\u5bc6\u7684\u653b\u64ca<\/li><\/ul><\/li><li>Hacktivist<ul><li>\u00a0\u99ed\u5ba2\u4e3b\u7fa9<\/li><li>\u4ee5\u7834\u58de\u70ba\u5c0e\u5411<\/li><li>\u5c55\u793a\u6280\u8853<\/li><\/ul><\/li><\/ul><p>3. \u78ba\u8a8d\u76ee\u6a19<\/p><ul><li>Region &#8211; \u5340\u57df<ul><li>\u570b\u5bb6\u4e4b\u9593\u7684\u4e16\u4ec7<ul><li>\u4e2d\u570b &amp; \u53f0\u7063<\/li><li>\u5317\u97d3 &amp; \u5357\u97d3<\/li><\/ul><\/li><\/ul><\/li><li>Industry &#8211; \u696d\u754c<ul><li>\u534a\u5c0e\u9ad4\u3001\u91cd\u5de5\u696d<\/li><li>\u5077\u53d6\u6280\u8853<\/li><li>\u822a\u7a7a\u4f01\u696d\u3001\u5c0e\u5f48\u3001\u8ecd\u706b\u5546<\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d701824 elementor-widget elementor-widget-heading\" data-id=\"d701824\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Collection<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6f3895f elementor-widget elementor-widget-text-editor\" data-id=\"6f3895f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-position=\"1104\" data-size=\"5\">Data(\u6578\u64da) <\/span><span class=\"mathjax\"><span class=\"mjx-chtml MathJax_CHTML\" tabindex=\"0\" role=\"presentation\" data-mathml=\"&quot;&lt;\/p\"> \u2192<\/span><\/span><\/p><p>&#8220;&gt;<span id=\"MJXc-Node-10\" class=\"mjx-math\" aria-hidden=\"true\"><span id=\"MJXc-Node-11\" class=\"mjx-mrow\"><span id=\"MJXc-Node-12\" class=\"mjx-mo\"><span class=\"mjx-char MJXc-TeX-main-R\">\u2192<\/span><\/span><\/span><\/span><\/p><p><span id=\"MathJax-Element-4-Frame\" class=\"mjx-chtml MathJax_CHTML\" tabindex=\"0\" role=\"presentation\" data-mathml=\"&quot;&lt;\/p\"><\/span><span data-position=\"1122\" data-size=\"13\"> Information(\u8cc7\u8a0a) <\/span><span class=\"mathjax\"><span class=\"mjx-chtml MathJax_CHTML\" tabindex=\"0\" role=\"presentation\" data-mathml=\"&quot;&lt;\/p\"> \u2192<\/span><\/span><\/p><p>&#8220;&gt;<span id=\"MJXc-Node-13\" class=\"mjx-math\" aria-hidden=\"true\"><span id=\"MJXc-Node-14\" class=\"mjx-mrow\"><span id=\"MJXc-Node-15\" class=\"mjx-mo\"><span class=\"mjx-char MJXc-TeX-main-R\">\u2192<\/span><\/span><\/span><\/span><\/p><p><span id=\"MathJax-Element-5-Frame\" class=\"mjx-chtml MathJax_CHTML\" tabindex=\"0\" role=\"presentation\" data-mathml=\"&quot;&lt;\/p\"><\/span><span data-position=\"1148\" data-size=\"14\"> Intelligence(\u60c5\u5831)<\/span><\/p><p>\u6536\u96c6\u7684\u4f86\u6e90\u4e3b\u8981\u70ba\u5169\u7a2e<\/p><ul><li>External Source<\/li><li>Internal Source<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d017d69 elementor-widget elementor-widget-heading\" data-id=\"d017d69\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-small\">External Source<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b68b76b elementor-widget elementor-widget-text-editor\" data-id=\"b68b76b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li class=\"\" data-startline=\"60\" data-endline=\"60\" data-position=\"1284\" data-size=\"0\"><span data-position=\"1284\" data-size=\"13\">Community(\u793e\u7fa4)<\/span><\/li><li class=\"\" data-startline=\"61\" data-endline=\"65\" data-position=\"1300\" data-size=\"0\"><span data-position=\"1300\" data-size=\"19\">Social Media (\u793e\u4ea4\u5a92\u9ad4)<\/span><ul><li class=\"\" data-startline=\"62\" data-endline=\"65\" data-position=\"1326\" data-size=\"0\"><span data-position=\"1326\" data-size=\"8\">Twitter <\/span><a href=\"https:\/\/twitter.com\/hashtag\/APT\" target=\"_blank\" rel=\"noopener\"><span data-position=\"1334\" data-size=\"31\">https:\/\/twitter.com\/hashtag\/APT<\/span><\/a><ul><li class=\"\" data-startline=\"63\" data-endline=\"63\" data-position=\"1376\" data-size=\"0\"><strong data-position=\"1376\" data-size=\"0\"><span data-position=\"1378\" data-size=\"4\">#APT<\/span><\/strong><span data-position=\"1384\" data-size=\"12\">,\u6709\u6642\u5019\u6703\u8ddf\u5176\u4ed6\u55ae\u5b57\u649e\u5230<\/span><\/li><li class=\"\" data-startline=\"64\" data-endline=\"64\" data-position=\"1407\" data-size=\"0\"><span data-position=\"1407\" data-size=\"41\">APT: Advanced Persistent Threat (\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105)<\/span><\/li><li class=\"\" data-startline=\"65\" data-endline=\"65\" data-position=\"1456\" data-size=\"0\"><span data-position=\"1456\" data-size=\"42\">Timele9527, blackorbird, Rmy_Reserve, _re_fox<\/span><\/li><\/ul><\/li><\/ul><\/li><li class=\"\" data-startline=\"66\" data-endline=\"81\" data-position=\"1504\" data-size=\"0\"><span data-position=\"1504\" data-size=\"16\">Threat Data Feed<\/span><ul><li class=\"\" data-startline=\"67\" data-endline=\"68\" data-position=\"1527\" data-size=\"0\"><span data-position=\"1527\" data-size=\"7\">ATT&amp;CK <\/span><a href=\"https:\/\/attack.mitre.org\/groups\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"1534\" data-size=\"32\">https:\/\/attack.mitre.org\/groups\/<\/span><\/a><ul><li class=\"\" data-startline=\"68\" data-endline=\"68\" data-position=\"1577\" data-size=\"0\"><span data-position=\"1577\" data-size=\"9\">\u4e86\u89e3\u653b\u64ca\u65cf\u7fa4\u8ddf\u624b\u6cd5<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"69\" data-endline=\"71\" data-position=\"1590\" data-size=\"0\"><span data-position=\"1590\" data-size=\"9\">Malpedia <\/span><a href=\"https:\/\/malpedia.caad.fkie.fraunhofer.de\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"1599\" data-size=\"41\">https:\/\/malpedia.caad.fkie.fraunhofer.de\/<\/span><\/a><ul><li class=\"\" data-startline=\"70\" data-endline=\"70\" data-position=\"1648\" data-size=\"0\"><span data-position=\"1648\" data-size=\"12\">\u985e\u4f3c wikipedia<\/span><\/li><li class=\"\" data-startline=\"71\" data-endline=\"71\" data-position=\"1668\" data-size=\"0\"><span data-position=\"1668\" data-size=\"9\">\u653b\u64ca\u65cf\u7fa4\u7684\u516c\u958b\u5831\u544a<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"72\" data-endline=\"75\" data-position=\"1681\" data-size=\"0\"><span data-position=\"1681\" data-size=\"8\">ANY.RUN <\/span><a href=\"https:\/\/app.any.run\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"1689\" data-size=\"20\">https:\/\/app.any.run\/<\/span><\/a><ul><li class=\"\" data-startline=\"73\" data-endline=\"73\" data-position=\"1717\" data-size=\"0\"><span data-position=\"1717\" data-size=\"13\">\u7dda\u4e0a\u514d\u8cbb\u7684 sandbox<\/span><\/li><li class=\"\" data-startline=\"74\" data-endline=\"74\" data-position=\"1738\" data-size=\"0\"><span data-position=\"1738\" data-size=\"9\">\u53ef\u4ee5\u8dd1\u4e00\u4e9b\u60e1\u610f\u7a0b\u5f0f<\/span><\/li><li class=\"\" data-startline=\"75\" data-endline=\"75\" data-position=\"1755\" data-size=\"0\"><span data-position=\"1755\" data-size=\"50\">\u514d\u8cbb\u5e33\u865f\u4e0a\u50b3\u4e0a\u53bb\u7684\u60e1\u610f\u7a0b\u5f0f\u90fd\u662f\u770b\u5f97\u5230\u7684\uff0c\u5728 Twitter \u4e0a\u7684 Malware \u5e7e\u4e4e\u90fd\u53ef\u4ee5\u5728\u9019\u908a\u8dd1<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"76\" data-endline=\"78\" data-position=\"1809\" data-size=\"0\"><span data-position=\"1809\" data-size=\"8\">Awesome <\/span><a href=\"https:\/\/github.com\/hslatman\/awesome-threat-intelligence\" target=\"_blank\" rel=\"noopener\"><span data-position=\"1817\" data-size=\"55\">https:\/\/github.com\/hslatman\/awesome-threat-intelligence<\/span><\/a><ul><li class=\"\" data-startline=\"77\" data-endline=\"77\" data-position=\"1880\" data-size=\"0\"><span data-position=\"1880\" data-size=\"16\">\u5927\u96dc\u71f4 (\u5f88\u591a\u76f8\u95dc\u8cc7\u6599\u90fd\u5728\u9019\u908a)<\/span><\/li><li class=\"\" data-startline=\"78\" data-endline=\"78\" data-position=\"1904\" data-size=\"0\"><span data-position=\"1904\" data-size=\"3\">\u504f\u8907\u96dc<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"79\" data-endline=\"81\" data-position=\"1911\" data-size=\"0\"><span data-position=\"1911\" data-size=\"11\">Collection <\/span><a href=\"https:\/\/start.me\/p\/rxRbpo\/ti\" target=\"_blank\" rel=\"noopener\"><span data-position=\"1922\" data-size=\"28\">https:\/\/start.me\/p\/rxRbpo\/ti<\/span><\/a><ul><li class=\"\" data-startline=\"80\" data-endline=\"80\" data-position=\"1958\" data-size=\"0\"><span data-position=\"1958\" data-size=\"6\">\u5b78\u7fd2\u8cc7\u6e90\u7d71\u6574<\/span><\/li><li class=\"\" data-startline=\"81\" data-endline=\"81\" data-position=\"1972\" data-size=\"0\"><span data-position=\"1972\" data-size=\"14\">\u6bd4 awesome \u5b8c\u6574\u4e00\u9ede<\/span><\/li><\/ul><\/li><\/ul><\/li><li class=\"\" data-startline=\"82\" data-endline=\"89\" data-position=\"1989\" data-size=\"0\"><span data-position=\"1989\" data-size=\"24\">Open-source Intelligence<\/span><ul><li class=\"\" data-startline=\"83\" data-endline=\"83\" data-position=\"2020\" data-size=\"0\"><span data-position=\"2020\" data-size=\"10\">e.g. \u516c\u958b\u7684\u5831\u544a<\/span><\/li><li class=\"\" data-startline=\"84\" data-endline=\"89\" data-position=\"2037\" data-size=\"0\"><span data-position=\"2037\" data-size=\"23\">\u60c5\u8cc7\u5206\u6790\u516c\u53f8\u7684\u5e73\u53f0 (\u770b\u5e74\u5ea6\u7684 APT \u5831\u544a)<\/span><ul><li class=\"\" data-startline=\"85\" data-endline=\"85\" data-position=\"2071\" data-size=\"0\"><span data-position=\"2071\" data-size=\"7\">TeamT5 <\/span><a href=\"https:\/\/teamt5.org\/en\/blog\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"2078\" data-size=\"27\">https:\/\/teamt5.org\/en\/blog\/<\/span><\/a><\/li><li class=\"\" data-startline=\"86\" data-endline=\"86\" data-position=\"2116\" data-size=\"0\"><span data-position=\"2116\" data-size=\"10\">Kaspersky <\/span><a href=\"https:\/\/securelist.com\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"2126\" data-size=\"23\">https:\/\/securelist.com\/<\/span><\/a><\/li><li class=\"\" data-startline=\"87\" data-endline=\"87\" data-position=\"2160\" data-size=\"0\"><span data-position=\"2160\" data-size=\"8\">Fireeye <\/span><a href=\"https:\/\/www.fireeye.com\/blog\/threat-research.html\" target=\"_blank\" rel=\"noopener\"><span data-position=\"2168\" data-size=\"49\">https:\/\/www.fireeye.com\/blog\/threat-research.html<\/span><\/a><\/li><li class=\"\" data-startline=\"88\" data-endline=\"88\" data-position=\"2228\" data-size=\"0\"><span data-position=\"2228\" data-size=\"7\">Unit42 <\/span><a href=\"https:\/\/unit42.paloaltonetworks.com\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"2235\" data-size=\"36\">https:\/\/unit42.paloaltonetworks.com\/<\/span><\/a><\/li><li class=\"\" data-startline=\"89\" data-endline=\"89\" data-position=\"2282\" data-size=\"0\"><span data-position=\"2282\" data-size=\"12\">ESTsecurity <\/span><a href=\"https:\/\/blog.alyac.co.kr\/\" target=\"_blank\" rel=\"noopener\"><span data-position=\"2294\" data-size=\"25\">https:\/\/blog.alyac.co.kr\/<\/span><\/a><\/li><\/ul><\/li><\/ul><\/li><li class=\"\" data-startline=\"90\" data-endline=\"90\" data-position=\"2322\" data-size=\"0\"><span data-position=\"2322\" data-size=\"8\">Deep Web<\/span><\/li><li class=\"\" data-startline=\"91\" data-endline=\"92\" data-position=\"2333\" data-size=\"0\"><span data-position=\"2333\" data-size=\"8\">Dark Web<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7863717 elementor-widget elementor-widget-heading\" data-id=\"7863717\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-small\">Internal Source<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f8ccd8e elementor-widget elementor-widget-text-editor\" data-id=\"f8ccd8e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul class=\"part in-view\" data-startline=\"95\" data-endline=\"105\"><li class=\"\" data-startline=\"95\" data-endline=\"96\" data-position=\"2380\" data-size=\"0\"><span data-position=\"2380\" data-size=\"14\">SIEM \/ Sensors<\/span><ul><li class=\"\" data-startline=\"96\" data-endline=\"96\" data-position=\"2401\" data-size=\"0\"><span data-position=\"2401\" data-size=\"11\">\u50cf\u662f\u6bd4\u8f03\u57fa\u790e\u7684\u9632\u6bd2\u8edf\u9ad4<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"97\" data-endline=\"98\" data-position=\"2415\" data-size=\"0\"><span data-position=\"2415\" data-size=\"17\">Incident Response<\/span><ul><li class=\"\" data-startline=\"98\" data-endline=\"98\" data-position=\"2439\" data-size=\"0\"><span data-position=\"2439\" data-size=\"4\">\u4e8b\u4ef6\u8abf\u67e5<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"99\" data-endline=\"100\" data-position=\"2446\" data-size=\"0\"><span data-position=\"2446\" data-size=\"18\">Network Visibility<\/span><ul><li class=\"\" data-startline=\"100\" data-endline=\"100\" data-position=\"2471\" data-size=\"0\"><span data-position=\"2471\" data-size=\"8\">Firewall<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"101\" data-endline=\"102\" data-position=\"2482\" data-size=\"0\"><span data-position=\"2482\" data-size=\"19\">Endpoint Visibility<\/span><ul><li class=\"\" data-startline=\"102\" data-endline=\"102\" data-position=\"2508\" data-size=\"0\"><span data-position=\"2508\" data-size=\"14\">EDR\u7522\u54c1(\u7aef\u9ede\u5075\u6e2c\u53ca\u56de\u61c9)<\/span><\/li><\/ul><\/li><li class=\"\" data-startline=\"103\" data-endline=\"103\" data-position=\"2525\" data-size=\"0\"><span data-position=\"2525\" data-size=\"16\">Malware Analysis<\/span><\/li><li class=\"\" data-startline=\"104\" data-endline=\"105\" data-position=\"2544\" data-size=\"0\"><span data-position=\"2544\" data-size=\"12\">Research Lab<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-161600d elementor-widget elementor-widget-heading\" data-id=\"161600d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\"> Analysis &amp; Production<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3fe2347 elementor-widget elementor-widget-text-editor\" data-id=\"3fe2347\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u900f\u904e\u4e00\u4e9b\u6280\u8853\u9032\u884c\u5206\u6790&#8230;<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5bfd2f0 elementor-widget elementor-widget-heading\" data-id=\"5bfd2f0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Dissemination &amp; Integration<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5c9fbae elementor-widget elementor-widget-text-editor\" data-id=\"5c9fbae\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>\u5c0d\u624b\u7684\u7d44\u7e54<\/li><li>\u4e4b\u524d\u884c\u52d5\u7684\u6b77\u53f2<\/li><li>\u52d5\u6a5f\u548c\u610f\u5716<ul><li>\u4e2d\u570b APT \u6253\u53f0\u7063\u91cd\u5de5\u696d\u662f\u4e0d\u662f\u8ddf\u653f\u6cbb\u76ee\u7684\u6709\u9593\u63a5\u95dc\u4fc2<\/li><\/ul><\/li><li>\u76ee\u6a19<ul><li>\u5730\u5340\u3001\u4f01\u696d\u548c\u53d7\u5bb3\u8005<\/li><\/ul><\/li><li>\u653b\u64ca\u7684\u7bc4\u570d\uff0c\u5f71\u97ff\u7684\u7bc4\u570d<\/li><li>\u62c6\u89e3\u653b\u64ca\u65b9\u5f0f<\/li><li>\u8b58\u5225\u653b\u64ca\u4e8b\u4ef6<ul><li>IOC (Indicator of Compromise)<\/li><li>\u60e1\u610f\u7a0b\u5f0f\u7684\u96dc\u6e4a<\/li><li>IP\u3001Domain<\/li><\/ul><\/li><li>\u7de9\u89e3\u65b9\u5f0f\u548c\u4fdd\u8b77\u65b9\u6cd5<\/li><li>\u672a\u4f86\u53ef\u80fd\u7684\u653b\u64ca<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-bdbe023 elementor-section-boxed elementor-section-height-default elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no\" data-id=\"bdbe023\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-652171f\" data-id=\"652171f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-bbaaf4e elementor-section-boxed elementor-section-height-default elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no\" data-id=\"bbaaf4e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-5696038\" data-id=\"5696038\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f72203d elementor-widget elementor-widget-heading\" data-id=\"f72203d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">\u76f8\u95dc\u7b46\u8a18<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0aad48e elementor-widget elementor-widget-text-editor\" data-id=\"0aad48e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>\u66f4\u52a0\u8a73\u7d30\u7684\u5167\u5bb9\u8acb\u95b1\u8b80<a href=\"https:\/\/hackmd.io\/@URKcjAofRP6x-CF0KCJqaA\/SJSOvaDyt\">\u5b78\u7fd2\u7b46\u8a18<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>\u524d\u8a00 \u65bcAIS32021\u7684\u8ab2\u7a0b\u3002 \u8b1b\u5e2b\u70baDuckLL\u3001TT\u3001Still\u3002 \u807d\u5b8c\u8ab2\u4e4b\u5f8c\uff0c\u7528\u81ea\u5df1\u7684\u65b9\u5f0f\u5c07\u6240\u5b78\u7d00\u9304\u4e0b\u4f86\u3002 \u5167\u6587 \u5728\u4efb\u4f55\u9818\u57df\uff0c\u8cc7\u8a0a\u662f\u5f88\u91cd\u8981\u7684\u4e00\u90e8\u5206\u3002\u5728\u80a1\u5e02\u4e2d\uff0c\u6709\u8cc7\u8a0a\u5c31\u53ef\u4ee5\u8cfa\u5927\u9322\uff1b\u5728\u8ac7\u5224\u4e2d\uff0c\u6709\u8cc7\u8a0a\u66f4\u80fd\u5920\u638c\u63e1\u5c0d\u65b9\u7684\u5e95\u7dda\uff1b\u5728\u8cc7\u5b89\u4e2d\uff0c\u6709\u8cc7\u8a0a\u53ef\u4ee5\u66f4\u597d\u9632\u79a6\u5916\u4f86\u653b\u64ca\u3002 \u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u505a\u63d0\u524d\u66f4\u65b0\u6f0f\u6d1e\u3002 \u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u63d0\u524d\u90e8\u5c6c\u9632\u79a6\u8a2d\u5099\u3002 \u638c\u63e1\u8cc7\u8a0a\u3002\u5c31\u53ef\u4ee5\u505a\u5230\u5b89\u5168\u7121\u60a3\u3002 \u5728\u9632\u79a6\u65b9\u9762\uff0c\u6709\u4e09\u9ede\u9700\u8981\u91cd\u9ede\u53bb\u95dc\u6ce8 Motivations &#8211; \u52d5\u6a5f Intentions &#8211; \u610f\u5716 Methods &#8211; \u65b9\u6cd5 \u53d6\u5f97\u8cc7\u6599\u5f8c\uff0c\u5c07\u4e4b\u9032\u884c\u6574\u7406\uff0c\u7d93\u904e\u4e09\u5927\u8655\u7406\uff0c\u63d0\u5347\u5404\u65b9\u9762\u7684\u4fdd\u8b77\u529b Collected &#8211; \u6536\u96c6 Analyzed &#8211; \u5206\u6790 Disseminated &#8211; \u50b3\u64ad Life Cycle \u6574\u500b\u8cc7\u6599\u6536\u96c6\u7684\u904e\u7a0b\u5f88\u7c21\u55ae\uff0c\u4e3b\u8981\u5c31\u662f\u91cd\u8907\u56db\u500b\u6b65\u9a5f Planning &amp; Direction Collection Analysis &amp; Production Dissemination &amp; Intedration Planning &#038; Direction 1. \u78ba\u8a8d\u8a08\u756b \u6307\u5b9a\u6574\u9ad4\u8a08\u756b\u65b9\u5411\uff0c\u6e1b\u5c11\u6d6a\u8cbb\u6642\u9593 \u627e\u51fa\u6700\u91cd\u8981\u7684\u5a01\u8105 \u6392\u5217\u5a01\u8105\u7684\u512a\u5148\u7a0b\u5ea6 \u8ab0\u662f\u653b\u64ca\u8005\uff0c\u8ab0\u6703\u5728\u9019\u6b21\u653b\u64ca\u53d7\u76ca 2. \u78ba\u8a8d\u653b\u64ca\u7df4\u578b Cyber Crime \u8cfa\u9322\u662f\u4e3b\u8981\u76ee\u7684\uff0c\u5982\u5077\u53d6\u4fe1\u7528\u5361\u865f \u500b\u4eba\u76ee\u7684\u70ba\u5c0e\u5411 \u7bc4\u570d\u5f88\u5927\uff0c\u4e5f\u4e0d\u6703\u6709\u91dd\u5c0d\u6027 Cyber Espionage \u7db2\u8def\u9593\u8adc \u91dd\u5c0d\u653f\u5e9c\u3001\u653f\u5e9c\u3001\u79c1\u4eba\u4f01\u696d(\u9ad8\u79d1\u6280\u7522\u696d\u3001\u57fa\u790e\u5efa\u8a2d) \u901a\u5e38\u4e0d\u6703\u727d\u626f\u5230\u91d1\u9322 \u80cc\u5f8c\u53ef\u80fd\u662f\u653f\u5e9c \u7cbe\u78ba\u3001\u7cbe\u5bc6\u7684\u653b\u64ca Hacktivist \u00a0\u99ed\u5ba2\u4e3b\u7fa9 \u4ee5\u7834\u58de\u70ba\u5c0e\u5411 \u5c55\u793a\u6280\u8853 3. \u78ba\u8a8d\u76ee\u6a19 Region &#8211; \u5340\u57df \u570b\u5bb6\u4e4b\u9593\u7684\u4e16\u4ec7 \u4e2d\u570b &amp; \u53f0\u7063 \u5317\u97d3 &amp; \u5357\u97d3 Industry &#8211; \u696d\u754c \u534a\u5c0e\u9ad4\u3001\u91cd\u5de5\u696d \u5077\u53d6\u6280\u8853 \u822a\u7a7a\u4f01\u696d\u3001\u5c0e\u5f48\u3001\u8ecd\u706b\u5546 Collection Data(\u6578\u64da) \u2192 &#8220;&gt;\u2192 Information(\u8cc7\u8a0a) \u2192 &#8220;&gt;\u2192 Intelligence(\u60c5\u5831) \u6536\u96c6\u7684\u4f86\u6e90\u4e3b\u8981\u70ba\u5169\u7a2e External Source Internal Source External Source Community(\u793e\u7fa4) Social Media (\u793e\u4ea4\u5a92\u9ad4) Twitter https:\/\/twitter.com\/hashtag\/APT #APT,\u6709\u6642\u5019\u6703\u8ddf\u5176\u4ed6\u55ae\u5b57\u649e\u5230 APT: Advanced Persistent Threat (\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105) Timele9527, blackorbird, Rmy_Reserve, _re_fox Threat Data Feed ATT&amp;CK https:\/\/attack.mitre.org\/groups\/ \u4e86\u89e3\u653b\u64ca\u65cf\u7fa4\u8ddf\u624b\u6cd5 Malpedia https:\/\/malpedia.caad.fkie.fraunhofer.de\/ \u985e\u4f3c wikipedia \u653b\u64ca\u65cf\u7fa4\u7684\u516c\u958b\u5831\u544a ANY.RUN https:\/\/app.any.run\/ \u7dda\u4e0a\u514d\u8cbb\u7684 sandbox \u53ef\u4ee5\u8dd1\u4e00\u4e9b\u60e1\u610f\u7a0b\u5f0f \u514d\u8cbb\u5e33\u865f\u4e0a\u50b3\u4e0a\u53bb\u7684\u60e1\u610f\u7a0b\u5f0f\u90fd\u662f\u770b\u5f97\u5230\u7684\uff0c\u5728 Twitter \u4e0a\u7684 Malware \u5e7e\u4e4e\u90fd\u53ef\u4ee5\u5728\u9019\u908a\u8dd1 Awesome https:\/\/github.com\/hslatman\/awesome-threat-intelligence \u5927\u96dc\u71f4 (\u5f88\u591a\u76f8\u95dc\u8cc7\u6599\u90fd\u5728\u9019\u908a) \u504f\u8907\u96dc Collection https:\/\/start.me\/p\/rxRbpo\/ti \u5b78\u7fd2\u8cc7\u6e90\u7d71\u6574 \u6bd4 awesome \u5b8c\u6574\u4e00\u9ede Open-source Intelligence e.g. \u516c\u958b\u7684\u5831\u544a \u60c5\u8cc7\u5206\u6790\u516c\u53f8\u7684\u5e73\u53f0 (\u770b\u5e74\u5ea6\u7684 APT \u5831\u544a) TeamT5 https:\/\/teamt5.org\/en\/blog\/ Kaspersky https:\/\/securelist.com\/ Fireeye https:\/\/www.fireeye.com\/blog\/threat-research.html Unit42 https:\/\/unit42.paloaltonetworks.com\/ ESTsecurity https:\/\/blog.alyac.co.kr\/ Deep Web Dark Web Internal Source SIEM \/ Sensors \u50cf\u662f\u6bd4\u8f03\u57fa\u790e\u7684\u9632\u6bd2\u8edf\u9ad4 Incident Response \u4e8b\u4ef6\u8abf\u67e5 Network Visibility Firewall Endpoint Visibility EDR\u7522\u54c1(\u7aef\u9ede\u5075\u6e2c\u53ca\u56de\u61c9) Malware Analysis Research Lab &#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5,11],"tags":[],"class_list":["post-118","post","type-post","status-publish","format-standard","hentry","category-research-study","category-11"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>\u60c5\u8cc7\u6536\u96c6 - Ares Vlog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.yuyiares.com\/?p=118\" \/>\n<meta property=\"og:locale\" content=\"zh_TW\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u60c5\u8cc7\u6536\u96c6 - Ares Vlog\" \/>\n<meta property=\"og:description\" content=\"\u524d\u8a00 \u65bcAIS32021\u7684\u8ab2\u7a0b\u3002 \u8b1b\u5e2b\u70baDuckLL\u3001TT\u3001Still\u3002 \u807d\u5b8c\u8ab2\u4e4b\u5f8c\uff0c\u7528\u81ea\u5df1\u7684\u65b9\u5f0f\u5c07\u6240\u5b78\u7d00\u9304\u4e0b\u4f86\u3002 \u5167\u6587 \u5728\u4efb\u4f55\u9818\u57df\uff0c\u8cc7\u8a0a\u662f\u5f88\u91cd\u8981\u7684\u4e00\u90e8\u5206\u3002\u5728\u80a1\u5e02\u4e2d\uff0c\u6709\u8cc7\u8a0a\u5c31\u53ef\u4ee5\u8cfa\u5927\u9322\uff1b\u5728\u8ac7\u5224\u4e2d\uff0c\u6709\u8cc7\u8a0a\u66f4\u80fd\u5920\u638c\u63e1\u5c0d\u65b9\u7684\u5e95\u7dda\uff1b\u5728\u8cc7\u5b89\u4e2d\uff0c\u6709\u8cc7\u8a0a\u53ef\u4ee5\u66f4\u597d\u9632\u79a6\u5916\u4f86\u653b\u64ca\u3002 \u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u505a\u63d0\u524d\u66f4\u65b0\u6f0f\u6d1e\u3002 \u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u63d0\u524d\u90e8\u5c6c\u9632\u79a6\u8a2d\u5099\u3002 \u638c\u63e1\u8cc7\u8a0a\u3002\u5c31\u53ef\u4ee5\u505a\u5230\u5b89\u5168\u7121\u60a3\u3002 \u5728\u9632\u79a6\u65b9\u9762\uff0c\u6709\u4e09\u9ede\u9700\u8981\u91cd\u9ede\u53bb\u95dc\u6ce8 Motivations &#8211; \u52d5\u6a5f Intentions &#8211; \u610f\u5716 Methods &#8211; \u65b9\u6cd5 \u53d6\u5f97\u8cc7\u6599\u5f8c\uff0c\u5c07\u4e4b\u9032\u884c\u6574\u7406\uff0c\u7d93\u904e\u4e09\u5927\u8655\u7406\uff0c\u63d0\u5347\u5404\u65b9\u9762\u7684\u4fdd\u8b77\u529b Collected &#8211; \u6536\u96c6 Analyzed &#8211; \u5206\u6790 Disseminated &#8211; \u50b3\u64ad Life Cycle \u6574\u500b\u8cc7\u6599\u6536\u96c6\u7684\u904e\u7a0b\u5f88\u7c21\u55ae\uff0c\u4e3b\u8981\u5c31\u662f\u91cd\u8907\u56db\u500b\u6b65\u9a5f Planning &amp; Direction Collection Analysis &amp; Production Dissemination &amp; Intedration Planning &#038; Direction 1. \u78ba\u8a8d\u8a08\u756b \u6307\u5b9a\u6574\u9ad4\u8a08\u756b\u65b9\u5411\uff0c\u6e1b\u5c11\u6d6a\u8cbb\u6642\u9593 \u627e\u51fa\u6700\u91cd\u8981\u7684\u5a01\u8105 \u6392\u5217\u5a01\u8105\u7684\u512a\u5148\u7a0b\u5ea6 \u8ab0\u662f\u653b\u64ca\u8005\uff0c\u8ab0\u6703\u5728\u9019\u6b21\u653b\u64ca\u53d7\u76ca 2. \u78ba\u8a8d\u653b\u64ca\u7df4\u578b Cyber Crime \u8cfa\u9322\u662f\u4e3b\u8981\u76ee\u7684\uff0c\u5982\u5077\u53d6\u4fe1\u7528\u5361\u865f \u500b\u4eba\u76ee\u7684\u70ba\u5c0e\u5411 \u7bc4\u570d\u5f88\u5927\uff0c\u4e5f\u4e0d\u6703\u6709\u91dd\u5c0d\u6027 Cyber Espionage \u7db2\u8def\u9593\u8adc \u91dd\u5c0d\u653f\u5e9c\u3001\u653f\u5e9c\u3001\u79c1\u4eba\u4f01\u696d(\u9ad8\u79d1\u6280\u7522\u696d\u3001\u57fa\u790e\u5efa\u8a2d) \u901a\u5e38\u4e0d\u6703\u727d\u626f\u5230\u91d1\u9322 \u80cc\u5f8c\u53ef\u80fd\u662f\u653f\u5e9c \u7cbe\u78ba\u3001\u7cbe\u5bc6\u7684\u653b\u64ca Hacktivist \u00a0\u99ed\u5ba2\u4e3b\u7fa9 \u4ee5\u7834\u58de\u70ba\u5c0e\u5411 \u5c55\u793a\u6280\u8853 3. \u78ba\u8a8d\u76ee\u6a19 Region &#8211; \u5340\u57df \u570b\u5bb6\u4e4b\u9593\u7684\u4e16\u4ec7 \u4e2d\u570b &amp; \u53f0\u7063 \u5317\u97d3 &amp; \u5357\u97d3 Industry &#8211; \u696d\u754c \u534a\u5c0e\u9ad4\u3001\u91cd\u5de5\u696d \u5077\u53d6\u6280\u8853 \u822a\u7a7a\u4f01\u696d\u3001\u5c0e\u5f48\u3001\u8ecd\u706b\u5546 Collection Data(\u6578\u64da) \u2192 &#8220;&gt;\u2192 Information(\u8cc7\u8a0a) \u2192 &#8220;&gt;\u2192 Intelligence(\u60c5\u5831) \u6536\u96c6\u7684\u4f86\u6e90\u4e3b\u8981\u70ba\u5169\u7a2e External Source Internal Source External Source Community(\u793e\u7fa4) Social Media (\u793e\u4ea4\u5a92\u9ad4) Twitter https:\/\/twitter.com\/hashtag\/APT #APT,\u6709\u6642\u5019\u6703\u8ddf\u5176\u4ed6\u55ae\u5b57\u649e\u5230 APT: Advanced Persistent Threat (\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105) Timele9527, blackorbird, Rmy_Reserve, _re_fox Threat Data Feed ATT&amp;CK https:\/\/attack.mitre.org\/groups\/ \u4e86\u89e3\u653b\u64ca\u65cf\u7fa4\u8ddf\u624b\u6cd5 Malpedia https:\/\/malpedia.caad.fkie.fraunhofer.de\/ \u985e\u4f3c wikipedia \u653b\u64ca\u65cf\u7fa4\u7684\u516c\u958b\u5831\u544a ANY.RUN https:\/\/app.any.run\/ \u7dda\u4e0a\u514d\u8cbb\u7684 sandbox \u53ef\u4ee5\u8dd1\u4e00\u4e9b\u60e1\u610f\u7a0b\u5f0f \u514d\u8cbb\u5e33\u865f\u4e0a\u50b3\u4e0a\u53bb\u7684\u60e1\u610f\u7a0b\u5f0f\u90fd\u662f\u770b\u5f97\u5230\u7684\uff0c\u5728 Twitter \u4e0a\u7684 Malware \u5e7e\u4e4e\u90fd\u53ef\u4ee5\u5728\u9019\u908a\u8dd1 Awesome https:\/\/github.com\/hslatman\/awesome-threat-intelligence \u5927\u96dc\u71f4 (\u5f88\u591a\u76f8\u95dc\u8cc7\u6599\u90fd\u5728\u9019\u908a) \u504f\u8907\u96dc Collection https:\/\/start.me\/p\/rxRbpo\/ti \u5b78\u7fd2\u8cc7\u6e90\u7d71\u6574 \u6bd4 awesome \u5b8c\u6574\u4e00\u9ede Open-source Intelligence e.g. \u516c\u958b\u7684\u5831\u544a \u60c5\u8cc7\u5206\u6790\u516c\u53f8\u7684\u5e73\u53f0 (\u770b\u5e74\u5ea6\u7684 APT \u5831\u544a) TeamT5 https:\/\/teamt5.org\/en\/blog\/ Kaspersky https:\/\/securelist.com\/ Fireeye https:\/\/www.fireeye.com\/blog\/threat-research.html Unit42 https:\/\/unit42.paloaltonetworks.com\/ ESTsecurity https:\/\/blog.alyac.co.kr\/ Deep Web Dark Web Internal Source SIEM \/ Sensors \u50cf\u662f\u6bd4\u8f03\u57fa\u790e\u7684\u9632\u6bd2\u8edf\u9ad4 Incident Response \u4e8b\u4ef6\u8abf\u67e5 Network Visibility Firewall Endpoint Visibility EDR\u7522\u54c1(\u7aef\u9ede\u5075\u6e2c\u53ca\u56de\u61c9) Malware Analysis Research Lab ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.yuyiares.com\/?p=118\" \/>\n<meta property=\"og:site_name\" content=\"Ares Vlog\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-27T12:43:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-11-27T12:50:53+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005:\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u4f30\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#\\\/schema\\\/person\\\/3d4db07eab24e08cc9eea662ef3053ac\"},\"headline\":\"\u60c5\u8cc7\u6536\u96c6\",\"datePublished\":\"2021-11-27T12:43:53+00:00\",\"dateModified\":\"2021-11-27T12:50:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118\"},\"wordCount\":180,\"commentCount\":0,\"articleSection\":[\"Research &amp; Study\",\"\u9451\u8b58\u8207\u60c5\u8cc7\"],\"inLanguage\":\"zh-TW\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.yuyiares.com\\\/?p=118#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118\",\"url\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118\",\"name\":\"\u60c5\u8cc7\u6536\u96c6 - Ares Vlog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#website\"},\"datePublished\":\"2021-11-27T12:43:53+00:00\",\"dateModified\":\"2021-11-27T12:50:53+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#\\\/schema\\\/person\\\/3d4db07eab24e08cc9eea662ef3053ac\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118#breadcrumb\"},\"inLanguage\":\"zh-TW\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.yuyiares.com\\\/?p=118\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=118#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.yuyiares.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u60c5\u8cc7\u6536\u96c6\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#website\",\"url\":\"https:\\\/\\\/www.yuyiares.com\\\/\",\"name\":\"Ares Vlog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.yuyiares.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-TW\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#\\\/schema\\\/person\\\/3d4db07eab24e08cc9eea662ef3053ac\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-TW\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/www.yuyiares.com\"],\"url\":\"https:\\\/\\\/www.yuyiares.com\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u60c5\u8cc7\u6536\u96c6 - Ares Vlog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.yuyiares.com\/?p=118","og_locale":"zh_TW","og_type":"article","og_title":"\u60c5\u8cc7\u6536\u96c6 - Ares Vlog","og_description":"\u524d\u8a00 \u65bcAIS32021\u7684\u8ab2\u7a0b\u3002 \u8b1b\u5e2b\u70baDuckLL\u3001TT\u3001Still\u3002 \u807d\u5b8c\u8ab2\u4e4b\u5f8c\uff0c\u7528\u81ea\u5df1\u7684\u65b9\u5f0f\u5c07\u6240\u5b78\u7d00\u9304\u4e0b\u4f86\u3002 \u5167\u6587 \u5728\u4efb\u4f55\u9818\u57df\uff0c\u8cc7\u8a0a\u662f\u5f88\u91cd\u8981\u7684\u4e00\u90e8\u5206\u3002\u5728\u80a1\u5e02\u4e2d\uff0c\u6709\u8cc7\u8a0a\u5c31\u53ef\u4ee5\u8cfa\u5927\u9322\uff1b\u5728\u8ac7\u5224\u4e2d\uff0c\u6709\u8cc7\u8a0a\u66f4\u80fd\u5920\u638c\u63e1\u5c0d\u65b9\u7684\u5e95\u7dda\uff1b\u5728\u8cc7\u5b89\u4e2d\uff0c\u6709\u8cc7\u8a0a\u53ef\u4ee5\u66f4\u597d\u9632\u79a6\u5916\u4f86\u653b\u64ca\u3002 \u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u505a\u63d0\u524d\u66f4\u65b0\u6f0f\u6d1e\u3002 \u638c\u63e1\u8cc7\u8a0a\uff0c\u5c31\u53ef\u4ee5\u63d0\u524d\u90e8\u5c6c\u9632\u79a6\u8a2d\u5099\u3002 \u638c\u63e1\u8cc7\u8a0a\u3002\u5c31\u53ef\u4ee5\u505a\u5230\u5b89\u5168\u7121\u60a3\u3002 \u5728\u9632\u79a6\u65b9\u9762\uff0c\u6709\u4e09\u9ede\u9700\u8981\u91cd\u9ede\u53bb\u95dc\u6ce8 Motivations &#8211; \u52d5\u6a5f Intentions &#8211; \u610f\u5716 Methods &#8211; \u65b9\u6cd5 \u53d6\u5f97\u8cc7\u6599\u5f8c\uff0c\u5c07\u4e4b\u9032\u884c\u6574\u7406\uff0c\u7d93\u904e\u4e09\u5927\u8655\u7406\uff0c\u63d0\u5347\u5404\u65b9\u9762\u7684\u4fdd\u8b77\u529b Collected &#8211; \u6536\u96c6 Analyzed &#8211; \u5206\u6790 Disseminated &#8211; \u50b3\u64ad Life Cycle \u6574\u500b\u8cc7\u6599\u6536\u96c6\u7684\u904e\u7a0b\u5f88\u7c21\u55ae\uff0c\u4e3b\u8981\u5c31\u662f\u91cd\u8907\u56db\u500b\u6b65\u9a5f Planning &amp; Direction Collection Analysis &amp; Production Dissemination &amp; Intedration Planning &#038; Direction 1. \u78ba\u8a8d\u8a08\u756b \u6307\u5b9a\u6574\u9ad4\u8a08\u756b\u65b9\u5411\uff0c\u6e1b\u5c11\u6d6a\u8cbb\u6642\u9593 \u627e\u51fa\u6700\u91cd\u8981\u7684\u5a01\u8105 \u6392\u5217\u5a01\u8105\u7684\u512a\u5148\u7a0b\u5ea6 \u8ab0\u662f\u653b\u64ca\u8005\uff0c\u8ab0\u6703\u5728\u9019\u6b21\u653b\u64ca\u53d7\u76ca 2. \u78ba\u8a8d\u653b\u64ca\u7df4\u578b Cyber Crime \u8cfa\u9322\u662f\u4e3b\u8981\u76ee\u7684\uff0c\u5982\u5077\u53d6\u4fe1\u7528\u5361\u865f \u500b\u4eba\u76ee\u7684\u70ba\u5c0e\u5411 \u7bc4\u570d\u5f88\u5927\uff0c\u4e5f\u4e0d\u6703\u6709\u91dd\u5c0d\u6027 Cyber Espionage \u7db2\u8def\u9593\u8adc \u91dd\u5c0d\u653f\u5e9c\u3001\u653f\u5e9c\u3001\u79c1\u4eba\u4f01\u696d(\u9ad8\u79d1\u6280\u7522\u696d\u3001\u57fa\u790e\u5efa\u8a2d) \u901a\u5e38\u4e0d\u6703\u727d\u626f\u5230\u91d1\u9322 \u80cc\u5f8c\u53ef\u80fd\u662f\u653f\u5e9c \u7cbe\u78ba\u3001\u7cbe\u5bc6\u7684\u653b\u64ca Hacktivist \u00a0\u99ed\u5ba2\u4e3b\u7fa9 \u4ee5\u7834\u58de\u70ba\u5c0e\u5411 \u5c55\u793a\u6280\u8853 3. \u78ba\u8a8d\u76ee\u6a19 Region &#8211; \u5340\u57df \u570b\u5bb6\u4e4b\u9593\u7684\u4e16\u4ec7 \u4e2d\u570b &amp; \u53f0\u7063 \u5317\u97d3 &amp; \u5357\u97d3 Industry &#8211; \u696d\u754c \u534a\u5c0e\u9ad4\u3001\u91cd\u5de5\u696d \u5077\u53d6\u6280\u8853 \u822a\u7a7a\u4f01\u696d\u3001\u5c0e\u5f48\u3001\u8ecd\u706b\u5546 Collection Data(\u6578\u64da) \u2192 &#8220;&gt;\u2192 Information(\u8cc7\u8a0a) \u2192 &#8220;&gt;\u2192 Intelligence(\u60c5\u5831) \u6536\u96c6\u7684\u4f86\u6e90\u4e3b\u8981\u70ba\u5169\u7a2e External Source Internal Source External Source Community(\u793e\u7fa4) Social Media (\u793e\u4ea4\u5a92\u9ad4) Twitter https:\/\/twitter.com\/hashtag\/APT #APT,\u6709\u6642\u5019\u6703\u8ddf\u5176\u4ed6\u55ae\u5b57\u649e\u5230 APT: Advanced Persistent Threat (\u9032\u968e\u6301\u7e8c\u6027\u5a01\u8105) Timele9527, blackorbird, Rmy_Reserve, _re_fox Threat Data Feed ATT&amp;CK https:\/\/attack.mitre.org\/groups\/ \u4e86\u89e3\u653b\u64ca\u65cf\u7fa4\u8ddf\u624b\u6cd5 Malpedia https:\/\/malpedia.caad.fkie.fraunhofer.de\/ \u985e\u4f3c wikipedia \u653b\u64ca\u65cf\u7fa4\u7684\u516c\u958b\u5831\u544a ANY.RUN https:\/\/app.any.run\/ \u7dda\u4e0a\u514d\u8cbb\u7684 sandbox \u53ef\u4ee5\u8dd1\u4e00\u4e9b\u60e1\u610f\u7a0b\u5f0f \u514d\u8cbb\u5e33\u865f\u4e0a\u50b3\u4e0a\u53bb\u7684\u60e1\u610f\u7a0b\u5f0f\u90fd\u662f\u770b\u5f97\u5230\u7684\uff0c\u5728 Twitter \u4e0a\u7684 Malware \u5e7e\u4e4e\u90fd\u53ef\u4ee5\u5728\u9019\u908a\u8dd1 Awesome https:\/\/github.com\/hslatman\/awesome-threat-intelligence \u5927\u96dc\u71f4 (\u5f88\u591a\u76f8\u95dc\u8cc7\u6599\u90fd\u5728\u9019\u908a) \u504f\u8907\u96dc Collection https:\/\/start.me\/p\/rxRbpo\/ti \u5b78\u7fd2\u8cc7\u6e90\u7d71\u6574 \u6bd4 awesome \u5b8c\u6574\u4e00\u9ede Open-source Intelligence e.g. \u516c\u958b\u7684\u5831\u544a \u60c5\u8cc7\u5206\u6790\u516c\u53f8\u7684\u5e73\u53f0 (\u770b\u5e74\u5ea6\u7684 APT \u5831\u544a) TeamT5 https:\/\/teamt5.org\/en\/blog\/ Kaspersky https:\/\/securelist.com\/ Fireeye https:\/\/www.fireeye.com\/blog\/threat-research.html Unit42 https:\/\/unit42.paloaltonetworks.com\/ ESTsecurity https:\/\/blog.alyac.co.kr\/ Deep Web Dark Web Internal Source SIEM \/ Sensors \u50cf\u662f\u6bd4\u8f03\u57fa\u790e\u7684\u9632\u6bd2\u8edf\u9ad4 Incident Response \u4e8b\u4ef6\u8abf\u67e5 Network Visibility Firewall Endpoint Visibility EDR\u7522\u54c1(\u7aef\u9ede\u5075\u6e2c\u53ca\u56de\u61c9) Malware Analysis Research Lab ...","og_url":"https:\/\/www.yuyiares.com\/?p=118","og_site_name":"Ares Vlog","article_published_time":"2021-11-27T12:43:53+00:00","article_modified_time":"2021-11-27T12:50:53+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005:":"admin","\u9810\u4f30\u95b1\u8b80\u6642\u9593":"1 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.yuyiares.com\/?p=118#article","isPartOf":{"@id":"https:\/\/www.yuyiares.com\/?p=118"},"author":{"name":"admin","@id":"https:\/\/www.yuyiares.com\/#\/schema\/person\/3d4db07eab24e08cc9eea662ef3053ac"},"headline":"\u60c5\u8cc7\u6536\u96c6","datePublished":"2021-11-27T12:43:53+00:00","dateModified":"2021-11-27T12:50:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.yuyiares.com\/?p=118"},"wordCount":180,"commentCount":0,"articleSection":["Research &amp; Study","\u9451\u8b58\u8207\u60c5\u8cc7"],"inLanguage":"zh-TW","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.yuyiares.com\/?p=118#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.yuyiares.com\/?p=118","url":"https:\/\/www.yuyiares.com\/?p=118","name":"\u60c5\u8cc7\u6536\u96c6 - Ares Vlog","isPartOf":{"@id":"https:\/\/www.yuyiares.com\/#website"},"datePublished":"2021-11-27T12:43:53+00:00","dateModified":"2021-11-27T12:50:53+00:00","author":{"@id":"https:\/\/www.yuyiares.com\/#\/schema\/person\/3d4db07eab24e08cc9eea662ef3053ac"},"breadcrumb":{"@id":"https:\/\/www.yuyiares.com\/?p=118#breadcrumb"},"inLanguage":"zh-TW","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.yuyiares.com\/?p=118"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.yuyiares.com\/?p=118#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.yuyiares.com\/"},{"@type":"ListItem","position":2,"name":"\u60c5\u8cc7\u6536\u96c6"}]},{"@type":"WebSite","@id":"https:\/\/www.yuyiares.com\/#website","url":"https:\/\/www.yuyiares.com\/","name":"Ares Vlog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.yuyiares.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-TW"},{"@type":"Person","@id":"https:\/\/www.yuyiares.com\/#\/schema\/person\/3d4db07eab24e08cc9eea662ef3053ac","name":"admin","image":{"@type":"ImageObject","inLanguage":"zh-TW","@id":"https:\/\/secure.gravatar.com\/avatar\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.yuyiares.com"],"url":"https:\/\/www.yuyiares.com\/?author=1"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts\/118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=118"}],"version-history":[{"count":6,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts\/118\/revisions"}],"predecessor-version":[{"id":172,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts\/118\/revisions\/172"}],"wp:attachment":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}