{"id":118550,"date":"2021-04-15T18:55:26","date_gmt":"2021-04-16T01:55:26","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=118550"},"modified":"2021-04-29T18:51:57","modified_gmt":"2021-04-30T01:51:57","slug":"network-attack-trends-winter-2020","status":"publish","type":"post","link":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/","title":{"rendered":"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)"},"content":{"rendered":"<h1>\u6982\u8981<\/h1>\n<p>Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u30012020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u52d5\u5411\u3092\u5206\u6790\u3057\u3001\u591a\u304f\u306e\u8208\u5473\u6df1\u3044\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u5b9f\u969b\u306b\u62e1\u6563\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u30022020\u5e7411\u6708\u304b\u30892021\u5e741\u6708\u306e\u671f\u9593\u306b\u3001\u78ba\u8a8d\u3055\u308c\u305f\u653b\u6483\u306e\u307b\u3068\u3093\u3069(75%)\u306fcritical(\u91cd\u5927)\u3068\u3057\u3066\u5206\u985e\u3055\u308c\u307e\u3057\u305f(<a href=\"https:\/\/unit42.paloaltonetworks.com\/network-attack-trends-internet-threats\/\">2020\u5e74\u79cb<\/a>\u306b\u3001\u3053\u306e\u6bd4\u7387\u306f50.4%\u3067\u3057\u305f)\u3002<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-28188\">CVE-2020-28188<\/a>\u3001<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17519\">CVE-2020-17519<\/a>\u3001<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-29227\">CVE-2020-29227<\/a>\u306a\u3069\u3001\u65b0\u305f\u306b\u78ba\u8a8d\u3055\u308c\u305f\u8907\u6570\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u51fa\u73fe\u3057\u30012020\u5e74\u5f8c\u534a\u304b\u30892021\u5e74\u524d\u534a\u306e\u6642\u70b9\u3067\u5b9f\u969b\u306b\u7d99\u7d9a\u7684\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002<\/p>\n<p>\u672c\u30d6\u30ed\u30b0\u3067\u306f\u3001\u65b0\u305f\u306b\u78ba\u8a8d\u3055\u308c\u305f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u52a0\u3048\u3066\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u5206\u6790\u3001\u30d9\u30f3\u30c0\u30fc\u306e\u5206\u6790\u3001\u653b\u6483\u306e\u767a\u751f\u5730\u57df\u3068\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u306e\u5206\u5e03\u306b\u3064\u3044\u3066\u8a73\u8ff0\u3057\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306e\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u3054\u4f7f\u7528\u306e\u304a\u5ba2\u69d8\u306f\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/products\/threat-detection-and-prevention\/web-security\">WildFire<\/a>\u3068<a href=\"https:\/\/www.paloaltonetworks.jp\/products\/secure-the-network\/wildfire\">URL\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0<\/a>\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u306b\u3088\u3063\u3066\u3053\u308c\u3089\u306e\u653b\u6483\u304b\u3089\u4fdd\u8b77\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<h2>\u30c7\u30fc\u30bf\u53ce\u96c6<\/h2>\n<p>Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306e<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/next-generation-firewall\">\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb<\/a>\u3092\u5883\u754c\u30bb\u30f3\u30b5\u30fc\u3068\u3057\u3066\u5229\u7528\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u30012020\u5e7411\u6708\u304b\u30892021\u5e741\u6708\u306b\u304b\u3051\u3066\u7121\u5bb3\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u304b\u3089\u60aa\u610f\u306e\u3042\u308b\u30a2\u30af\u30c6\u30a3\u30d3\u30c6\u30a3\u3092\u5206\u96e2\u3057\u307e\u3057\u305f\u3002\u6b21\u306b\u3001IP\u30a2\u30c9\u30ec\u30b9\u3001\u30dd\u30fc\u30c8\u3001\u30bf\u30a4\u30e0\u30b9\u30bf\u30f3\u30d7\u306a\u3069\u306e\u30e1\u30c8\u30ea\u30c3\u30af\u306b\u57fa\u3065\u3044\u3066\u3001\u60aa\u610f\u306e\u3042\u308b\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u3055\u3089\u306b\u51e6\u7406\u3057\u307e\u3057\u305f\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u5404\u653b\u6483\u30bb\u30c3\u30b7\u30e7\u30f3\u306e\u4e00\u610f\u6027\u3092\u7279\u5b9a\u3057\u3066\u3001\u6f5c\u5728\u7684\u306a\u30c7\u30fc\u30bf\u306e\u504f\u308a\u3092\u6392\u9664\u3057\u307e\u3057\u305f\u3002\u6b21\u306b\u3001Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001\u51e6\u7406\u6e08\u307f\u306e\u30c7\u30fc\u30bf\u3092\u3001\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u3084\u30d9\u30f3\u30c0\u30fc\u5206\u6790\u306a\u3069\u306e\u4ed6\u306e\u5c5e\u6027\u3068\u76f8\u95a2\u3055\u305b\u3066\u3001\u6642\u9593\u306e\u7d4c\u904e\u306b\u4f34\u3046\u653b\u6483\u306e\u52d5\u5411\u3092\u63a8\u6e2c\u3057\u3001\u8105\u5a01\u306e\u72b6\u6cc1\u3092\u628a\u63e1\u3057\u307e\u3057\u305f\u3002<\/p>\n<h2>2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u6df1\u523b\u5ea6<\/h2>\n<p>609\u4e07\u4ef6\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30c8\u30e9\u30d5\u30a3\u30c3\u30af \u30c8\u30ea\u30ac\u30fc\u304b\u3089\u3001informational(\u901a\u77e5)\u3068low(\u4f4e)\u306e\u6df1\u523b\u5ea6\u306b\u5206\u985e\u3055\u308c\u305f\u30b7\u30b0\u30cd\u30c1\u30e3\u3092\u4f7f\u7528\u3057\u3066\u3001\u30b9\u30ad\u30e3\u30f3\u3084\u30d6\u30eb\u30fc\u30c8\u30d5\u30a9\u30fc\u30b9\u306e\u8a66\u307f\u3092\u691c\u51fa\u3057\u307e\u3057\u305f\u3002\u5f0a\u793e\u306f\u3001(<a href=\"https:\/\/nvd.nist.gov\/vuln-metrics\/cvss\">CVSS v3\u30b9\u30b3\u30a2<\/a>\u306b\u57fa\u3065\u3044\u3066)\u6df1\u523b\u5ea6\u304cmedium(\u4e2d)\u4ee5\u4e0a\u306e\u60aa\u7528\u53ef\u80fd\u306a\u8106\u5f31\u6027\u3092\u691c\u8a3c\u6e08\u307f\u306e\u653b\u6483\u3068\u307f\u306a\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_118402\" class=\"wp-caption aligncenter\" style=\"width: 250px;\" aria-describedby=\"caption-attachment-118402\">\n<p><figure id=\"attachment_118558\" aria-describedby=\"caption-attachment-118558\" style=\"width: 250px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-64-jp.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-118558 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-64-jp.png\" alt=\"\u5206\u6790\u3055\u308c\u305f\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30c8\u30e9\u30d5\u30a3\u30c3\u30af \u30c8\u30ea\u30ac\u30fc\u306e\u5206\u5e03\u3092\u793a\u3059\u5186\u30b0\u30e9\u30d5\u306e\u753b\u50cf\u300275%\u304c\u300cCritical(\u91cd\u5927)\u300d\u300110.7%\u304c\u300cHigh(\u9ad8)\u300d\u300114.3%\u304c\u300cMedium(\u4e2d)\u300d\u306e\u6df1\u523b\u5ea6\u3068\u5206\u985e\u3055\u308c\u3066\u3044\u307e\u3059\u3002\" width=\"250\" height=\"231\" \/><\/a><figcaption id=\"caption-attachment-118558\" class=\"wp-caption-text\">\u56f31 2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306e\u653b\u6483\u306e\u6df1\u523b\u5ea6\u5206\u5e03<\/figcaption><\/figure><\/figure>\n<p>\u4e0a\u8a18\u306e609\u4e07\u4ef6\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30c8\u30e9\u30d5\u30a3\u30c3\u30af \u30c8\u30ea\u30ac\u30fc\u306e\u3046\u3061\u3001\u5408\u8a08347\u4e07\u4ef6\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u304c\u5b9f\u969b\u306e\u653b\u6483\u3067\u3059\u3002 \u88681\u306f\u3001\u3055\u307e\u3056\u307e\u306a\u8106\u5f31\u6027\u306e\u6df1\u523b\u5ea6\u3092\u6301\u3064\u653b\u6483\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u6570\u3068\u6bd4\u7387\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002\u524d\u56de\u306e\u5206\u6790\u7d50\u679c\u3068\u540c\u69d8\u306b\u3001\u6df1\u523b\u5ea6\u304ccritical(\u91cd\u5927)\u306a\u8106\u5f31\u6027\u306e\u60aa\u7528\u306f\u5897\u52a0\u50be\u5411\u306b\u3042\u308a\u307e\u3059\u3002<\/p>\n<table style=\"border-style: solid; border-color: #000000;\">\n<tbody>\n<tr>\n<td>\n<p style=\"text-align: center;\"><strong>\u6df1\u523b\u5ea6<\/strong><\/p>\n<\/td>\n<td><strong>\u30bb\u30c3\u30b7\u30e7\u30f3\u6570<\/strong><\/td>\n<td><strong>\u6bd4\u7387<\/strong><\/td>\n<\/tr>\n<tr>\n<td>Critical (\u91cd\u5927)<\/td>\n<td>2,602,996<\/td>\n<td>75.0%<\/td>\n<\/tr>\n<tr>\n<td>High (\u9ad8)<\/td>\n<td>369,597<\/td>\n<td>10.7%<\/td>\n<\/tr>\n<tr>\n<td>Medium (\u4e2d)<\/td>\n<td>495,969<\/td>\n<td>14.3%<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"text-align: center;\"><span style=\"font-size: 10pt;\"><em>\u88681 2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306e\u653b\u6483\u306e\u6df1\u523b\u5ea6\u5206\u5e03\u7387<\/em><\/span><\/p>\n<h2>\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u767a\u751f\u6642\u671f<\/h2>\n<figure id=\"attachment_118404\" class=\"wp-caption aligncenter\" style=\"width: 1198px;\" aria-describedby=\"caption-attachment-118404\">\n<p><figure id=\"attachment_118560\" aria-describedby=\"caption-attachment-118560\" style=\"width: 1198px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-65-jp.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-118560 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-65-jp.png\" alt=\"\u300cSeverity Distribution Bi-Weekly(\u9694\u9031\u306e\u6df1\u523b\u5ea6\u5206\u5e03)\u300d\u3068\u3044\u3046\u8868\u984c\u306e\u68d2\u30b0\u30e9\u30d5\u306e\u753b\u50cf\u3002\u3053\u306e\u30b0\u30e9\u30d5\u306f\u3001\u7e26\u65b9\u5411\u306b6\u3064\u306e\u30b0\u30eb\u30fc\u30d7\u306b\u5206\u304b\u308c\u3066\u3044\u307e\u3059\u3002X\u8ef8\u306b\u306f\u30012020\u5e7411\u67081\u65e5\u304b\u30892021\u5e741\u670815\u65e5\u307e\u3067\u306e\u65e5\u4ed8\u306e\u30e9\u30d9\u30eb\u304c\u8868\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u5404\u30b0\u30eb\u30fc\u30d7\u306e\u9593\u9694\u306f\u30012\u9031\u9593\u3067\u3059\u3002Y\u8ef8\u306b\u306f\u3001\u300cSeverity Count(\u5404\u6df1\u523b\u5ea6\u306e\u4ef6\u6570)\u300d\u3068\u3044\u3046\u30e9\u30d9\u30eb\u304c\u8868\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u30022020\u5e7411\u670816\u65e5\u306e\u65e5\u4ed8\u306b\u5bfe\u3059\u308b2\u756a\u76ee\u306e\u30b0\u30eb\u30fc\u30d7\u3067\u306f\u3001\u6df1\u523b\u5ea6\u304c\u300cCritical(\u91cd\u5927)\u300d\u306e\u4ef6\u6570\u304c\u6700\u3082\u591a\u304f\u306a\u3063\u3066\u3044\u307e\u3059\u3002\" width=\"1198\" height=\"601\" \/><\/a><figcaption id=\"caption-attachment-118560\" class=\"wp-caption-text\">\u56f32 2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306e\u9694\u9031\u3067\u6e2c\u5b9a\u3057\u305f\u653b\u6483\u306e\u6df1\u523b\u5ea6\u5206\u5e03<\/figcaption><\/figure><\/figure>\n<p>\u3053\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u52d5\u5411\u5206\u6790\u3067\u306f\u30012020\u5e7411\u6708\u304b\u30892021\u5e741\u6708\u307e\u3067\u306e\u30c7\u30fc\u30bf\u3092\u53ce\u96c6\u3057\u3001critical(\u91cd\u5927)\u306b\u5206\u985e\u3055\u308c\u308b\u653b\u6483\u304c\u6700\u3082\u591a\u3044\u3053\u3068\u304c\u5224\u660e\u3057\u307e\u3057\u305f\u3002\u307e\u305f\u3001\u653b\u6483\u8005\u306f\u3001\u904e\u53bb1\u5e74\u4ee5\u5185\u306b\u516c\u958b\u3055\u308c\u305f\u6bd4\u8f03\u7684\u65b0\u3057\u3044\u8106\u5f31\u6027\u3084\u30012017\u5e74\u304b\u30892020\u5e74\u306b\u304b\u3051\u3066\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u3092\u983b\u7e41\u306b\u5229\u7528\u3057\u3066\u3044\u307e\u3057\u305f\u3002 \u3053\u306e\u3053\u3068\u306f\u3001\u76f4\u8fd1\u3067\u767a\u898b\u3055\u308c\u305f\u8106\u5f31\u6027\u304b\u3089\u306e\u4fdd\u8b77\u306e\u305f\u3081\u306b\u3001\u5229\u7528\u53ef\u80fd\u306b\u306a\u308a\u6b21\u7b2c\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u304c\u3044\u304b\u306b\u91cd\u8981\u304b\u3092\u7269\u8a9e\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_118562\" aria-describedby=\"caption-attachment-118562\" style=\"width: 1198px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-66-jp.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-118562 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-66-jp.png\" alt=\"\u300cCVE Year Distribution Bi-Weekly(\u9694\u9031\u306eCVE\u60aa\u7528\u306e\u5e74\u9593\u5206\u5e03)\u300d\u3068\u3044\u3046\u8868\u984c\u306e\u68d2\u30b0\u30e9\u30d5\u306e\u753b\u50cf\u3002\u3053\u306e\u30b0\u30e9\u30d5\u306f\u3001\u7e26\u65b9\u5411\u306b6\u3064\u306e\u30b0\u30eb\u30fc\u30d7\u306b\u5206\u304b\u308c\u3066\u3044\u307e\u3059\u3002X\u8ef8\u306b\u306f\u30012020\u5e7411\u67081\u65e5\u304b\u30892021\u5e741\u670815\u65e5\u307e\u3067\u306e\u65e5\u4ed8\u306e\u30e9\u30d9\u30eb\u304c\u8868\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u5404\u30b0\u30eb\u30fc\u30d7\u306e\u9593\u9694\u306f\u30012\u9031\u9593\u3067\u3059\u3002Y\u8ef8\u306b\u306f\u3001\u300cCVE Year Count(CVE\u60aa\u7528\u306e\u5e74\u9593\u4ef6\u6570)\u300d\u3068\u3044\u3046\u30e9\u30d9\u30eb\u304c\u8868\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u30022000\u5e7411\u670816\u65e5\u306b\u5bfe\u3059\u308b2\u756a\u76ee\u306e\u30b0\u30eb\u30fc\u30d7\u3067\u306f\u3001\u6df1\u523b\u306aCVE\u60aa\u7528\u4ef6\u6570\u304c\u6700\u3082\u9ad8\u304f\u306a\u3063\u3066\u3044\u307e\u3059(\u3053\u306e\u30b0\u30eb\u30fc\u30d7\u5185\u3067\u306f\u30012017\u5e74\uff5e2018\u5e74\u30682019\u5e74\uff5e2020\u5e74\u304c\u3001\u305d\u308c\u4ee5\u524d\u306e\u5e74\u306b\u6bd4\u3079\u3066\u7279\u306b\u9ad8\u304f\u306a\u3063\u3066\u3044\u307e\u3059)\" width=\"1198\" height=\"601\" \/><\/a><figcaption id=\"caption-attachment-118562\" class=\"wp-caption-text\">\u56f33 \u60aa\u7528\u3055\u308c\u305fCVE\u304c\u516c\u958b\u6e08\u307f\u306e\u653b\u6483\u306b\u3064\u3044\u3066\u3001\u5404\u5e74\u306b\u78ba\u8a8d\u3055\u308c\u305f\u4ef6\u6570\u306e\u5185\u8a33\u30012020\u5e7411\u6708\u304b\u30892021\u5e741\u6708\u306b\u9694\u9031\u3067\u6e2c\u5b9a<\/figcaption><\/figure>\n<h2>2020\u5e74\u51ac\u306b\u7279\u306b\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027<\/h2>\n<p>2020\u5e7411\u6708\u304b\u30892021\u5e741\u6708\u306b\u304b\u3051\u3066\u30ad\u30e3\u30d7\u30c1\u30e3\u3057\u305f\u653b\u6483\u30bb\u30c3\u30b7\u30e7\u30f3\u306e\u653b\u6483\u30d1\u30bf\u30fc\u30f3\u306b\u57fa\u3065\u304d\u3001\u8105\u5a01\u306e\u73fe\u72b6\u306b\u304a\u3044\u3066\u78ba\u8a8d\u3055\u308c\u305f\u7279\u306b\u4e00\u822c\u7684\u306a\u8105\u5a01\u3092\u57fa\u6e96\u3068\u3057\u3066\u88682\u3067\u30d9\u30f3\u30c0\u30fc\u3092\u30e9\u30f3\u30af\u4ed8\u3051\u3057\u307e\u3057\u305f\u3002\u653b\u6483\u8005\u306f\u3001\u3055\u307e\u3056\u307e\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3068\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u306b\u95a2\u9023\u3059\u308b\u5927\u304d\u306a\u9867\u5ba2\u57fa\u76e4\u3092\u7406\u7531\u3068\u3057\u3066\u3001\u60aa\u7528\u3059\u308bCVE\u3092\u9078\u629e\u3059\u308b\u50be\u5411\u304c\u5f37\u3044\u70b9\u306b\u6ce8\u610f\u3059\u308b\u3053\u3068\u304c\u91cd\u8981\u3067\u3059\u3002<\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td style=\"width: 10.055%;\"><strong>\u30e9\u30f3\u30ad\u30f3\u30b0\u00a0 \u00a0 \u00a0\u00a0<\/strong><\/td>\n<td style=\"width: 12.0974%;\"><strong>\u30d9\u30f3\u30c0\u30fc\u540d<\/strong><strong>\u00a0 \u00a0 \u00a0 \u00a0<\/strong><\/td>\n<td style=\"width: 77.0621%;\"><strong>\u4e00\u822c\u7684\u306a\u8106\u5f31\u6027<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">1<\/td>\n<td style=\"width: 12.0974%;\">Linksys<\/td>\n<td style=\"width: 77.0621%;\">CVE-2017-17411, CVE-2014-8244<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">2<\/td>\n<td style=\"width: 12.0974%;\">D-Link<\/td>\n<td style=\"width: 77.0621%;\">CVE-2019-16920, CVE-2019-19597, CVE-2019-13372, CVE-2018-19986, CVE-2015-2051,<\/p>\n<p>CVE-2013-7389, CVE-2013-1599, CVE-2013-7471<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">3<\/td>\n<td style=\"width: 12.0974%;\">ThinkPHP<\/td>\n<td style=\"width: 77.0621%;\">CVE-2018-20062, CVE-2019-9082<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">4<\/td>\n<td style=\"width: 12.0974%;\">Drupal<\/td>\n<td style=\"width: 77.0621%;\">CVE-2020-13671, CVE-2019-6340, CVE-2018-9205, CVE-2018-7600, CVE-2018-7602, CVE-2014-3704<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">5<\/td>\n<td style=\"width: 12.0974%;\">WordPress<\/td>\n<td style=\"width: 77.0621%;\">CVE-2020-27615, CVE-2020-25213, CVE-2020-5766, CVE-2020-12800, CVE-2020-11738, CVE-2020-11732, CVE-2019-8942, CVE-2019-9881, CVE-2019-9879, CVE-2019-14205, CVE-2019-9880, CVE-2018-9118, CVE-2018-7422<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">6<\/td>\n<td style=\"width: 12.0974%;\">Thinkcmf<\/td>\n<td style=\"width: 77.0621%;\"><a href=\"https:\/\/github.com\/taosir\/wtcms\/issues\/12\">https:\/\/github.com\/taosir\/wtcms\/issues\/12<\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">7<\/td>\n<td style=\"width: 12.0974%;\">VBulletin<\/td>\n<td style=\"width: 77.0621%;\">CVE-2020-17496, CVE-2020-12720, CVE-2019-16759, CVE-2015-7808<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">8<\/td>\n<td style=\"width: 12.0974%;\">Joomla!<\/td>\n<td style=\"width: 77.0621%;\">CVE-2020-23972, CVE-2018-7482, CVE-2018-7314, CVE-2018-6605, CVE-2017-5215, CVE-2016-8869, CVE-2015-8562<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">9<\/td>\n<td style=\"width: 12.0974%;\">PHPUnit<\/td>\n<td style=\"width: 77.0621%;\">CVE-2017-9841<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">10<\/td>\n<td style=\"width: 12.0974%;\">HP<\/td>\n<td style=\"width: 77.0621%;\">CVE-2017-12542, CVE-2014-2617<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">11<\/td>\n<td style=\"width: 12.0974%;\">MikroTik<\/td>\n<td style=\"width: 77.0621%;\">CVE-2018-14847<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">12<\/td>\n<td style=\"width: 12.0974%;\">Microsoft<\/td>\n<td style=\"width: 77.0621%;\">CVE-2020-0796, CVE-2020-1350, CVE-2020-1472, CVE-2019-0606, CVE-2019-0708, CVE-2017-0147, CVE-2017-0144, CVE-2015-1635<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10.055%;\">13<\/td>\n<td style=\"width: 12.0974%;\">Apache<\/td>\n<td style=\"width: 77.0621%;\">CVE-2020-17519, CVE-2020-17530, CVE-2020-13942, CVE-2020-11975, CVE-2020-1957, CVE-2019-17554, CVE-2019-0193, CVE-2019-0232, CVE-2019-0192<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><em>\u88682 2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306b\u88ab\u5bb3\u3092\u53d7\u3051\u305f\u4e0a\u4f4d13\u306e\u30d9\u30f3\u30c0\u30fc\u306e\u30e9\u30f3\u30ad\u30f3\u30b0<\/em><\/p>\n<h2>\u95a2\u9023\u3059\u308b\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u306e\u5206\u5e03<\/h2>\n<figure style=\"width: 2074px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118409 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/chart.png\" alt=\"\u30bb\u30c3\u30b7\u30e7\u30f3\u30d9\u30fc\u30b9\u306e\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u306e\u5206\u5e03\u306e\u6982\u8981\u3092\u793a\u3059\u68d2\u30b0\u30e9\u30d5\u306e\u753b\u50cf\u3002\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u300146.4%\u306e\u6700\u5927\u306e\u6bd4\u7387\u3092\u5360\u3081\u3066\u3044\u307e\u3059\u3002\" width=\"2074\" height=\"742\" \/><figcaption class=\"wp-caption-text\">\u56f34 2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306e\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u306e\u5206\u5e03<\/figcaption><\/figure>\n<p>\u56f34\u306f\u3001\u30bb\u30c3\u30b7\u30e7\u30f3\u30d9\u30fc\u30b9\u306e\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u306e\u5206\u5e03\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002\u30a2\u30af\u30bb\u30b9\u6027\u3068\u60aa\u7528\u306e\u53ef\u80fd\u6027\u306b\u95a2\u3059\u308b\u8a73\u7d30\u3092\u78ba\u8a8d\u3059\u308b\u5fc5\u8981\u304c\u3042\u3063\u305f\u305f\u3081\u3001\u653b\u6483\u30ab\u30c6\u30b4\u30ea\u3092\u5206\u985e\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30c8\u30e9\u30d5\u30a3\u30c3\u30af \u30c8\u30ea\u30ac\u30fc\u306e\u6bd4\u7387\u3092\u8a08\u7b97\u3057\u307e\u3057\u305f\u3002\u30b3\u30fc\u30c9\u5b9f\u884c\u306f\u653b\u6483\u306e46.6%\u3092\u5360\u3081\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u3053\u3068\u306f\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u304a\u3044\u3066\u3001\u3053\u306e\u30ab\u30c6\u30b4\u30ea\u306e\u30ea\u30b9\u30af\u304c\u9ad8\u3044\u3053\u3068\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002\u30b3\u30fc\u30c9\u5b9f\u884c\u3068\u7279\u6a29\u6607\u683c\u306e\u4e21\u65b9\u3092\u542b\u3080\u30ab\u30c6\u30b4\u30ea\u306f\u3001\u653b\u6483\u306e17.3%\u3092\u5360\u3081\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u3053\u3068\u306f\u3001\u653b\u6483\u8005\u304c\u30eb\u30fc\u30c8\u7279\u6a29\u3092\u53d6\u5f97\u3067\u304d\u305f\u5834\u5408\u3001\u60aa\u7528\u304c\u6df1\u523b\u306b\u306a\u308b\u3053\u3068\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u653b\u6483\u306e9.9%\u3092\u5360\u3081\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u3053\u3068\u306f\u3001\u653b\u6483\u8005\u304c\u6a5f\u5bc6\u30c7\u30fc\u30bf\u3092\u5165\u624b\u3057\u3001\u3088\u308a\u5e83\u7bc4\u306a\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u30c1\u30a7\u30fc\u30f3\u3092\u78ba\u7acb\u3057\u3066\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306a\u3069\u306e\u3088\u308a\u5f37\u529b\u306a\u653b\u6483\u3092\u8a66\u307f\u7d9a\u3051\u3066\u3044\u308b\u3053\u3068\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<h2>\u6700\u65b0\u306e\u653b\u6483: \u5b9f\u969b\u306b\u62e1\u6563\u3057\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/h2>\n<p>\u6df1\u523b\u5ea6\u304cmedium(\u4e2d)\u3092\u8d85\u3048\u308b\u76e3\u8996\u5bfe\u8c61\u306e\u3059\u3079\u3066\u306e\u653b\u6483\u306e\u4e2d\u3067\u3001\u4ee5\u4e0b\u306e9\u3064\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u30012020\u5e74\u306ecritical(\u91cd\u5927)\u306a\u6df1\u523b\u5ea6\u3068\u5168\u4f53\u7684\u306a\u611f\u67d3\u7387\u306e\u305f\u3081\u306b\u3001\u7279\u306b\u6ce8\u76ee\u306b\u5024\u3057\u307e\u3059\u3002\u3053\u308c\u3089\u306f\u3001\u653b\u6483\u8005\u304c\u95a2\u5fc3\u306e\u3042\u308b\u30bf\u30fc\u30b2\u30c3\u30c8\u3092\u4fb5\u5bb3\u3059\u308b\u305f\u3081\u306b\u3001\u65b0\u3057\u3044\u30c4\u30fc\u30eb\u3084\u6226\u8853\u3092\u901f\u3084\u304b\u306b\u3001\u304b\u3064\u52b9\u7387\u7684\u306b\u63a1\u7528\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002\u5f0a\u793e\u306f\u3001\u4ee5\u4e0b\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u3001(\u767a\u898b\u3068\u516c\u958b\u306e\u65e5\u4ed8\u306b\u57fa\u3065\u3044\u3066)\u5b9f\u969b\u306b\u30ad\u30e3\u30d7\u30c1\u30e3\u3055\u308c\u305f\u6700\u65b0\u306e\u8106\u5f31\u6027\u3068\u307f\u306a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-28188\"><strong>CVE-2020-28188<\/strong><\/a><\/p>\n<p>TerraMaster\u30aa\u30da\u30ec\u30fc\u30c6\u30a3\u30f3\u30b0\u30b7\u30b9\u30c6\u30e0\u306ePHP\u30da\u30fc\u30b8<span style=\"font-family: 'courier new', courier, monospace;\"> \/include\/makecvs.php<\/span>\u306f\u3001<a href=\"https:\/\/owasp.org\/www-community\/attacks\/Command_Injection\">\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483<\/a>\u306b\u5bfe\u3057\u3066\u8106\u5f31\u3067\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u306b\u5bfe\u3057\u3066\u3001\u653b\u6483\u8005\u306f\u3001<span style=\"font-family: 'courier new', courier, monospace;\">makecvs<\/span> PHP\u30da\u30fc\u30b8\u306eevent\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u60aa\u7528\u3059\u308b\u30da\u30a4\u30ed\u30fc\u30c9\u3092\u9001\u4fe1\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u60aa\u7528\u306b\u6210\u529f\u3057\u305f\u5f8c\u306b\u3001\u653b\u6483\u8005\u306f\u30b5\u30fc\u30d0\u30fc\u306e\u3059\u3079\u3066\u306e\u5236\u5fa1\u3092\u53d6\u5f97\u3067\u304d\u307e\u3059\u3002\u8a73\u7d30\u306f\u3001\u300c\u56f35\u300d\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<figure style=\"width: 2024px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118411 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-67.png\" alt=\"\u653b\u6483\u8005\u304cmakecvs PHP\u30da\u30fc\u30b8\u3067event\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u60aa\u7528\u3059\u308b\u305f\u3081\u306b\u9001\u4fe1\u3059\u308b\u30da\u30a4\u30ed\u30fc\u30c9\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\u3002\" width=\"2024\" height=\"284\" \/><figcaption class=\"wp-caption-text\">\u56f35 TerraMaster TOS\u306e\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17519\"><strong>CVE-2020-17519<\/strong><\/a><\/p>\n<p>\u3053\u306e\u8106\u5f31\u6027\u306e\u539f\u56e0\u306f\u3001Apache Flink\u306e<span style=\"font-family: 'courier new', courier, monospace;\">org.apache.flink.runtime.rest.handler.cluster.JobManagerCustomLogHandler<\/span>\u30af\u30e9\u30b9\u3067\u3001\u30e6\u30fc\u30b6\u30fc\u304c\u5165\u529b\u3059\u308b\u30d5\u30a1\u30a4\u30eb\u30d1\u30b9\u304c\u9069\u5207\u306b\u30c1\u30a7\u30c3\u30af\u3055\u308c\u306a\u3044\u3053\u3068\u306b\u3042\u308a\u307e\u3059\u3002\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30ea\u30e2\u30fc\u30c8\u653b\u6483\u8005\u306f\u3001<a href=\"https:\/\/owasp.org\/www-community\/attacks\/Path_Traversal\">\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb<\/a>\u8981\u6c42\u3092\u7c21\u5358\u306b\u4f5c\u6210\u3057\u3066\u9001\u4fe1\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u4efb\u610f\u306e\u30d5\u30a1\u30a4\u30eb\u5f62\u5f0f\u306e\u6a5f\u5bc6\u60c5\u5831\u306b\u5bfe\u3057\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3067\u304d\u307e\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30b5\u30f3\u30d7\u30eb\u3092\u56f36\u306b\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure style=\"width: 1892px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118413 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-68.png\" alt=\"Apache Flink\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\u3092\u793a\u3059\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u306e\u753b\u50cf\u3002\" width=\"1892\" height=\"280\" \/><figcaption class=\"wp-caption-text\">\u56f36 Apache Flink\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-29227\"><strong>CVE-2020-29227<\/strong><\/a><\/p>\n<p>Car Rental Management System 1.0\u306b\u306f\u3001<a href=\"https:\/\/en.wikipedia.org\/wiki\/File_inclusion_vulnerability\">\u30ed\u30fc\u30ab\u30eb \u30d5\u30a1\u30a4\u30eb \u30a4\u30f3\u30af\u30eb\u30fc\u30b8\u30e7\u30f3\u8106\u5f31\u6027<\/a>\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u3001\u653b\u6483\u8005\u306f<span style=\"font-family: 'courier new', courier, monospace;\">index.php<\/span>\u30d5\u30a1\u30a4\u30eb\u306epage\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u5236\u5fa1\u3067\u304d\u307e\u3059\u3002\u653b\u6483\u8005\u306fNull\u30d0\u30a4\u30c8(<span style=\"font-family: 'courier new', courier, monospace;\">%00<\/span>)\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u901a\u3058\u3066\u4efb\u610f\u306e\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3067\u304d\u307e\u3059\u3002\u56f37\u306b\u306f\u3001\u5b9f\u969b\u306b\u62e1\u6563\u3057\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure style=\"width: 1080px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118415 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-69.png\" alt=\"\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u306e\u753b\u50cf\" width=\"1080\" height=\"412\" \/><figcaption class=\"wp-caption-text\">\u56f37 Car Rental Management System\u306e\u30d5\u30a1\u30a4\u30eb \u30a4\u30f3\u30af\u30eb\u30fc\u30b8\u30e7\u30f3\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-17530\"><strong>CVE-2020-17530<\/strong><\/a><\/p>\n<p>\u3053\u306e\u8106\u5f31\u6027\u306e\u539f\u56e0\u306f\u3001<a href=\"https:\/\/en.wikipedia.org\/wiki\/OGNL\">OGNL\u5f0f<\/a>\u3067\u5229\u7528\u3067\u304d\u308b\u30af\u30e9\u30b9\u3068\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u5236\u9650\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u3067\u3059\u3002\u653b\u6483\u8005\u306f\u3001\u4f5c\u6210\u3057\u305f\u8981\u6c42\u3092\u9001\u4fe1\u3057\u3066\u3001OGNL\u5f0f\u306e\u500d\u7cbe\u5ea6\u8a08\u7b97\u4e0a\u306e\u554f\u984c\u3092\u767a\u751f\u3055\u305b\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c(RCE)\u3092\u53ef\u80fd\u306b\u3057\u307e\u3059\u3002\u8a73\u7d30\u306f\u56f38\u306b\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure style=\"width: 2500px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118417 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-70.png\" alt=\"Apache Struts\u3067\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"2500\" height=\"882\" \/><figcaption class=\"wp-caption-text\">\u56f38 Apache Struts OGNL\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-13942\"><strong>CVE-2020-13942<\/strong><\/a><\/p>\n<p>RCE\u8106\u5f31\u6027\u306e\u539f\u56e0\u306f\u3001\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u30d7\u30ed\u30d1\u30c6\u30a3\u306e\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u6761\u4ef6\u3092\u51e6\u7406\u3059\u308b\u3068\u304d\u306b\u3001<a href=\"https:\/\/en.wikipedia.org\/wiki\/OGNL\">OGNL<\/a>\u5f0f\u3068<a href=\"https:\/\/mvel.documentnode.com\/\">MVEL2<\/a>\u5f0f\u306e\u691c\u8a3c\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u3067\u3059\u3002\u653b\u6483\u8005\u306f\u3001\u3053\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u3001\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u30d7\u30ed\u30d1\u30c6\u30a3\u3092\u30bf\u30fc\u30b2\u30c3\u30c8\u3068\u3059\u308b\u8981\u6c42\u3092\u4f5c\u6210\u3057\u3066\u9001\u4fe1\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u3053\u306e\u653b\u6483\u304c\u6210\u529f\u3059\u308b\u3068\u3001\u653b\u6483\u8005\u306f\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3057\u3066\u3001\u30b7\u30b9\u30c6\u30e0\u306b\u5bfe\u3059\u308b\u5236\u5fa1\u3092\u53d6\u5f97\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u56f39\u306f\u3001\u5f0a\u793e\u306e\u30b7\u30b9\u30c6\u30e0\u3067\u30ad\u30e3\u30d7\u30c1\u30e3\u3055\u308c\u305f\u653b\u6483\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure style=\"width: 2016px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118419 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-71.png\" alt=\"Apache Unomi\u3067RCE\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"2016\" height=\"1220\" \/><figcaption class=\"wp-caption-text\">\u56f39 Apache Unomi\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-14882\"><strong>CVE-2020-14882<\/strong><\/a><strong>\u3001<\/strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-14883\"><strong>CVE-2020-14883<\/strong><\/a><strong>\u3001<\/strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-14750\"><strong>CVE-2020-14750<\/strong><\/a><\/p>\n<p>Oracle WebLogic Server\u306e<span style=\"font-family: 'courier new', courier, monospace;\">HandleFactory<\/span>\u30af\u30e9\u30b9\u5185\u306e<span style=\"font-family: 'courier new', courier, monospace;\">getHandle<\/span>\u30e1\u30bd\u30c3\u30c9\u3068<span style=\"font-family: 'courier new', courier, monospace;\">MBeanUtilsInitSingleFileServlet<\/span>\u30af\u30e9\u30b9\u5185\u306eservice\u30e1\u30bd\u30c3\u30c9\u3067\u306f\u3001\u30e6\u30fc\u30b6\u30fc\u306b\u3088\u3063\u3066\u5165\u529b\u3055\u308c\u308b\u30c7\u30fc\u30bf\u304c\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3055\u308c\u307e\u305b\u3093\u3002\u653b\u6483\u8005\u304c\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u3068\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002\u56f310\u306b\u3001\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u4f8b\u3092\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure style=\"width: 1386px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118421 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-72.png\" alt=\"WebLogic Server\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"1386\" height=\"214\" \/><figcaption class=\"wp-caption-text\">\u56f310 Oracle WebLogic Server\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-14864\"><strong>CVE-2020-14864<\/strong><\/a><\/p>\n<p>Oracle Business Intelligence Enterprise Edition\u306b\u306f\u3001<a href=\"https:\/\/owasp.org\/www-community\/attacks\/Path_Traversal\">\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb<\/a>\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3059\u308b\u3068\u3001\u653b\u6483\u8005\u306fgetPreviewImage\u95a2\u6570\u306epreviewFilePath\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u30bf\u30fc\u30b2\u30c3\u30c8\u3068\u3057\u3066\u3001\u7ba1\u7406\u8005\u306e\u6a29\u9650\u3067\u4efb\u610f\u306e\u30b7\u30b9\u30c6\u30e0\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3067\u304d\u307e\u3059\u3002\u56f311\u306b\u306f\u3001\u3053\u306e\u7279\u5b9a\u306e\u653b\u6483\u3092\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure style=\"width: 1276px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118423 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-73.png\" alt=\"Oracle Business Intelligence\u306e\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"1276\" height=\"320\" \/><figcaption class=\"wp-caption-text\">\u56f311 Oracle Business Intelligence\u306e\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-27615\"><strong>CVE-2020-27615<\/strong><\/a><\/p>\n<p>WordPress\u306eLoginizer\u30d7\u30e9\u30b0\u30a4\u30f3\u306b\u306f\u3001<a href=\"https:\/\/owasp.org\/www-community\/attacks\/SQL_Injection\">SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3(SQLi)\u8106\u5f31\u6027<\/a>\u304c\u3042\u308a\u307e\u3059\u3002\u5165\u529b\u306e\u30b5\u30cb\u30bf\u30a4\u30ba\u304c\u884c\u308f\u308c\u306a\u3044\u305f\u3081\u3001\u653b\u6483\u8005\u306f\u3001\u30b5\u30cb\u30bf\u30a4\u30ba\u3055\u308c\u306a\u3044\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u8981\u6c42\u3092<span style=\"font-family: 'courier new', courier, monospace;\">loginizer_login_failed<\/span>\u95a2\u6570\u306b\u9001\u4fe1\u3057\u3066\u3001\u6a5f\u5bc6\u60c5\u5831\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u5f0a\u793e\u306e\u30b7\u30b9\u30c6\u30e0\u3067\u306e\u30e9\u30a4\u30d6\u653b\u6483\u30ad\u30e3\u30d7\u30c1\u30e3\u3092\u56f312\u306b\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure style=\"width: 1412px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118425 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-74.png\" alt=\"WordPress Loginizer\u30d7\u30e9\u30b0\u30a4\u30f3\u306eSQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"1412\" height=\"312\" \/><figcaption class=\"wp-caption-text\">\u56f312 WordPress Loginizer\u30d7\u30e9\u30b0\u30a4\u30f3\u306eSQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-13671\"><strong>CVE-2020-13671<\/strong><\/a><\/p>\n<p><a href=\"https:\/\/owasp.org\/www-community\/vulnerabilities\/Improper_Data_Validation\">Improper sanitization<\/a>Drupal\u30b3\u30a2\u3067\u30d5\u30a1\u30a4\u30eb\u540d\u306e\u62e1\u5f35\u5b50\u306b\u5bfe\u3059\u308b\u30b5\u30cb\u30bf\u30a4\u30ba\u304c\u4e0d\u9069\u5207\u3067\u3042\u308a\u3001\u4e8c\u91cd\u306e\u62e1\u5f35\u5b50\u304c\u9069\u5207\u306b\u30c1\u30a7\u30c3\u30af\u3055\u308c\u306a\u3044\u305f\u3081\u3001\u653b\u6483\u8005\u306f\u4e0d\u9069\u5207\u306a\u62e1\u5f35\u5b50\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u3053\u306e\u3088\u3046\u306a\u30d5\u30a1\u30a4\u30eb\u306f\u3001\u8aa4\u3063\u305fMIME\u30bf\u30a4\u30d7\u3068\u3057\u3066\u52d5\u4f5c\u3059\u308b\u304b\u3001\u30b5\u30fc\u30d0\u30fc\u306e\u7279\u6a29\u3067\u5b9f\u884c\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u56f313a\u3068\u56f313b\u306f\u3001\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure style=\"width: 2500px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118427 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-75.png\" alt=\"Drupal\u306e\u4e8c\u91cd\u62e1\u5f35\u5b50\u306e\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"2500\" height=\"607\" \/><figcaption class=\"wp-caption-text\">\u56f313a.Drupal\u306e\u4e8c\u91cd\u62e1\u5f35\u5b50\u306e\u8106\u5f31\u6027<\/figcaption><\/figure>\n<figure style=\"width: 1348px\" class=\"wp-caption alignnone\"><img  class=\"wp-image-118429 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-76.png\" alt=\"Drupal\u306e\u4e8c\u91cd\u62e1\u5f35\u5b50\u306e\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u306e\u7d50\u679c\u306e\u30b3\u30fc\u30c9\u30d3\u30e5\u30fc\u3092\u793a\u3059\u753b\u50cf\" width=\"1348\" height=\"410\" \/><figcaption class=\"wp-caption-text\">\u56f313b.Drupal\u306e\u4e8c\u91cd\u62e1\u5f35\u5b50\u306e\u8106\u5f31\u6027<\/figcaption><\/figure>\n<h2>\u653b\u6483\u306e\u8d77\u70b9<\/h2>\n<p>\u5404\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u767a\u751f\u5730\u57df\u3092\u7279\u5b9a\u3057\u305f\u3068\u3053\u308d\u3001\u30ed\u30b7\u30a2\u3001\u7c73\u56fd\u3001\u4e2d\u56fd\u306e\u9806\u306b\u591a\u6570\u306e\u653b\u6483\u304c\u767a\u898b\u3055\u308c\u307e\u3057\u305f\u3002\u305f\u3060\u3057\u3001\u5f0a\u793e\u306f\u3001\u653b\u6483\u8005\u304c\u4e0a\u8a18\u306e\u56fd\u306b\u8a2d\u7f6e\u3055\u308c\u305f\u30d7\u30ed\u30ad\u30b7\u30b5\u30fc\u30d0\u30fc\u3084VPN\u3092\u5229\u7528\u3057\u3066\u3001\u5b9f\u969b\u306e\u7269\u7406\u7684\u306a\u5834\u6240\u3092\u96a0\u853d\u3057\u3066\u3044\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u8a8d\u8b58\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_118564\" aria-describedby=\"caption-attachment-118564\" style=\"width: 1111px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-77-jp.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-118564 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-77-jp.png\" alt=\"Y\u8ef8\u306b\u56fd\u3001X\u8ef8\u306b\u653b\u6483\u56de\u6570\u3092\u793a\u3057\u305f\u68d2\u30b0\u30e9\u30d5\u306e\u753b\u50cf\u3002\u30ed\u30b7\u30a2\u3001\u7c73\u56fd\u3001\u4e2d\u56fd\u306e\u9806\u3067\u3001\u653b\u6483\u56de\u6570\u304c\u591a\u304f\u306a\u3063\u3066\u3044\u307e\u3059\u3002\" width=\"1111\" height=\"642\" \/><\/a><figcaption id=\"caption-attachment-118564\" class=\"wp-caption-text\">\u56f314 2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306b\u78ba\u8a8d\u3055\u308c\u305f\u653b\u6483\u306e\u767a\u751f\u983b\u5ea6\u306b\u95a2\u3059\u308b\u56fd\u306e\u30e9\u30f3\u30ad\u30f3\u30b0 (\u5bfe\u6570\u8868\u793a)<\/figcaption><\/figure>\n<figure id=\"attachment_118432\" class=\"wp-caption aligncenter\" style=\"width: 1950px;\" aria-describedby=\"caption-attachment-118432\">\n<p><figure id=\"attachment_118566\" aria-describedby=\"caption-attachment-118566\" style=\"width: 1950px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-78-jp.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-118566 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2021\/04\/word-image-78-jp.png\" alt=\"\u300cAttacker Geographical Location Distribution(\u653b\u6483\u8005\u306e\u5730\u57df\u5206\u5e03)\u300d\u3068\u3044\u3046\u8868\u984c\u306e\u5730\u56f3\u306e\u753b\u50cf\u3002\u8272\u306e\u6fc3\u3044\u90e8\u5206\u304c\u4e0a\u4f4d\u306e\u56fd(\u30ed\u30b7\u30a2\u3001\u7c73\u56fd\u3001\u4e2d\u56fd)\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002 \" width=\"1950\" height=\"1198\" \/><\/a><figcaption id=\"caption-attachment-118566\" class=\"wp-caption-text\">\u56f315.2020\u5e7411\u6708\uff5e2021\u5e741\u6708\u306e\u653b\u6483\u306e\u5730\u57df\u5206\u5e03<\/figcaption><\/figure><\/figure>\n<h2>\u7d50\u8ad6<\/h2>\n<p>2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u52d5\u5411\u30c7\u30fc\u30bf\u306b\u3088\u308b\u3068\u3001\u653b\u6483\u8005\u306f\u7c21\u5358\u306b\u5c0e\u5165\u3067\u304d\u3001\u304b\u3064\u65b0\u305f\u306b\u516c\u958b\u3055\u308c\u305f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u512a\u5148\u7684\u306b\u60aa\u7528\u3057\u3066\u3044\u307e\u3059\u3002\u653b\u6483\u8005\u306f\u3001\u6b66\u5668\u5316\u3055\u308c\u305f\u65e2\u88fd\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u5e38\u5099\u3059\u308b\u4e00\u65b9\u3067\u3001\u65b0\u305f\u306b\u516c\u958b\u3055\u308c\u305f\u8106\u5f31\u6027\u3084\u305d\u308c\u306b\u95a2\u9023\u3059\u308b\u6982\u5ff5\u5b9f\u8a3c\u3092\u5229\u7528\u3057\u3066\u6b66\u5668\u3092\u5897\u3084\u3057\u7d9a\u3051\u307e\u3059\u3002\u3057\u305f\u304c\u3063\u3066\u3001\u7d44\u7e54\u306f\u5b9a\u671f\u7684\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u3001\u6700\u5584\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u3092\u5b9f\u65bd\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306e\u304a\u5ba2\u69d8\u306f\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/next-generation-firewall\">\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb<\/a>\u3068\u4ee5\u4e0b\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u3067\u5c0e\u5165\u3055\u308c\u305f\u4fdd\u8b77\u6a5f\u80fd\u306b\u3088\u308a\u3001\u5f53\u793e\u306e\u88fd\u54c1\u30b9\u30a4\u30fc\u30c8\u5168\u4f53\u3067\u4fdd\u8b77\u3055\u308c\u307e\u3059\u3002<\/p>\n<ul>\n<li><a href=\"https:\/\/www.paloaltonetworks.jp\/products\/secure-the-network\/subscriptions\/threat-prevention\">\u8105\u5a01\u9632\u5fa1<\/a>(\u4e0a\u8a18\u306e\u3059\u3079\u3066\u306e\u8106\u5f31\u6027\u3092\u691c\u51fa\u3059\u308bContent Pack 8381\u3092\u5c0e\u5165)<\/li>\n<li><a href=\"https:\/\/www.paloaltonetworks.jp\/products\/threat-detection-and-prevention\/web-security\">URL\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0<\/a><\/li>\n<li><a href=\"https:\/\/www.paloaltonetworks.jp\/products\/secure-the-network\/wildfire\">WildFire<\/a><\/li>\n<\/ul>\n<p>\u5f0a\u793e\u306f\u3001\u30b5\u30a4\u30d0\u30fc\u653b\u6483\u306e\u6210\u529f\u304c\u6700\u9069\u306b\u691c\u51fa\u30fb\u9632\u6b62\u3055\u308c\u308b\u3088\u3046\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u88fd\u54c1\u3092\u78ba\u5b9f\u306b\u8a2d\u5b9a\u3059\u308b\u305f\u3081\u306b\u3001<a href=\"https:\/\/docs.paloaltonetworks.com\/best-practices\">\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>\u3092\u63a1\u7528\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6982\u8981 Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u30012020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u52d5\u5411\u3092\u5206\u6790\u3057\u3001\u591a\u304f\u306e\u8208\u5473\u6df1\u3044\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u5b9f\u969b\u306b\u62e1\u6563\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u30022020\u5e7411\u6708\u304b\u30892021\u5e741\u6708\u306e\u671f\u9593\u306b\u3001\u78ba\u8a8d\u3055\u308c\u305f\u653b\u6483\u306e\u307b\u3068\u3093\u3069<\/p>\n","protected":false},"author":332,"featured_media":134410,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4469,4430,1974,4470],"tags":[4689,5769,6030,4679,5181],"product_categories":[4346,4442,4443,4444,4456],"coauthors":[2612,1725,2516],"class_list":["post-118550","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerabilities","category-trend-reports-ja","category-malware-ja","category-vulnerabilities-ja","tag-botnet-ja","tag-ddos-ja","tag-exploit-kit","tag-iot-ja","tag-network-security-trends-ja","product_categories-advanced-threat-prevention","product_categories-advanced-threat-prevention-ja","product_categories-advanced-url-filtering-ja","product_categories-advanced-wildfire-ja","product_categories-next-generation-firewall-ja"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)<\/title>\n<meta name=\"description\" content=\"2020\u5e74\u51ac\u671f\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u50be\u5411\u3092\u5206\u6790\u3057\u307e\u3057\u305f\u3002\u5b9f\u969b\u306b\u5e83\u304f\u884c\u308f\u308c\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3064\u3044\u3066\u3001Unit 42 \u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u767a\u898b\u3057\u305f\u5185\u5bb9\u3092\u3053\u3061\u3089\u3067\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)\" \/>\n<meta property=\"og:description\" content=\"2020\u5e74\u51ac\u671f\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u50be\u5411\u3092\u5206\u6790\u3057\u307e\u3057\u305f\u3002\u5b9f\u969b\u306b\u5e83\u304f\u884c\u308f\u308c\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3064\u3044\u3066\u3001Unit 42 \u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u767a\u898b\u3057\u305f\u5185\u5bb9\u3092\u3053\u3061\u3089\u3067\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-16T01:55:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-30T01:51:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/02_Vulnerabilities_1920x900.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Lei Xu, Yue Guan, Vaibhav Singhal\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)","description":"2020\u5e74\u51ac\u671f\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u50be\u5411\u3092\u5206\u6790\u3057\u307e\u3057\u305f\u3002\u5b9f\u969b\u306b\u5e83\u304f\u884c\u308f\u308c\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3064\u3044\u3066\u3001Unit 42 \u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u767a\u898b\u3057\u305f\u5185\u5bb9\u3092\u3053\u3061\u3089\u3067\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/","og_locale":"ja_JP","og_type":"article","og_title":"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)","og_description":"2020\u5e74\u51ac\u671f\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u50be\u5411\u3092\u5206\u6790\u3057\u307e\u3057\u305f\u3002\u5b9f\u969b\u306b\u5e83\u304f\u884c\u308f\u308c\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3064\u3044\u3066\u3001Unit 42 \u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u767a\u898b\u3057\u305f\u5185\u5bb9\u3092\u3053\u3061\u3089\u3067\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002","og_url":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/","og_site_name":"Unit 42","article_published_time":"2021-04-16T01:55:26+00:00","article_modified_time":"2021-04-30T01:51:57+00:00","og_image":[{"width":1920,"height":900,"url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/02_Vulnerabilities_1920x900.jpg","type":"image\/jpeg"}],"author":"Lei Xu, Yue Guan, Vaibhav Singhal","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#article","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/"},"author":{"name":"Yue Guan","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/c4ea1ea434f2bb940596f13000471495"},"headline":"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)","datePublished":"2021-04-16T01:55:26+00:00","dateModified":"2021-04-30T01:51:57+00:00","mainEntityOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/"},"wordCount":385,"commentCount":0,"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#primaryimage"},"thumbnailUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/02_Vulnerabilities_1920x900.jpg","keywords":["botnet","DDoS","exploit kit","IoT","network security trends"],"articleSection":["Vulnerabilities","\u30c8\u30ec\u30f3\u30c9 \u30ec\u30dd\u30fc\u30c8","\u30de\u30eb\u30a6\u30a7\u30a2","\u8106\u5f31\u6027"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/","name":"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#primaryimage"},"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#primaryimage"},"thumbnailUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/02_Vulnerabilities_1920x900.jpg","datePublished":"2021-04-16T01:55:26+00:00","dateModified":"2021-04-30T01:51:57+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/c4ea1ea434f2bb940596f13000471495"},"description":"2020\u5e74\u51ac\u671f\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u306e\u50be\u5411\u3092\u5206\u6790\u3057\u307e\u3057\u305f\u3002\u5b9f\u969b\u306b\u5e83\u304f\u884c\u308f\u308c\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3064\u3044\u3066\u3001Unit 42 \u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u767a\u898b\u3057\u305f\u5185\u5bb9\u3092\u3053\u3061\u3089\u3067\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#primaryimage","url":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/02_Vulnerabilities_1920x900.jpg","contentUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/02_Vulnerabilities_1920x900.jpg","width":1920,"height":900,"caption":"Abstract illustration of a digital machine surface with SYSTEM HACKED in glowing orange letters."},{"@type":"BreadcrumbList","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/network-attack-trends-winter-2020\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"2020\u5e74\u51ac\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u653b\u6483\u50be\u5411\u300e\u8105\u5a01\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u300f(2020\u5e7411\u6708\u301c2021\u5e741\u6708)"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/c4ea1ea434f2bb940596f13000471495","name":"Yue Guan","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/9213e49ea48b7676660bac40d05c9e3e","url":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","contentUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","caption":"Yue Guan"},"url":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/author\/yue-guan\/"}]}},"_links":{"self":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/118550","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/332"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=118550"}],"version-history":[{"count":8,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/118550\/revisions"}],"predecessor-version":[{"id":118733,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/118550\/revisions\/118733"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media\/134410"}],"wp:attachment":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=118550"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=118550"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=118550"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=118550"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=118550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}