| 本帖最后由 mehui 于 2022-8-11 08:38 编辑
昨天收到Netcraft Takedown Service的两封安全提示邮件,机器应该可能是被黑了
- Hello,
-
- We have discovered a phishing attack on your network.
-
- hxxps://*****.**/about.php [140.238.*.*]
- hxxps://*****.**/session [140.238.*.*]
- hxxps://*****.**/login?return_to=https%3A%2F%2Fgithub.com%2Fabout.php [140.238.*.*]
- hxxp://*****.**/ [140.238.*.*]
- hxxps://*****.**/ [140.238.*.*]
-
- We previously contacted you about this issue on 2022-08-10 03:32:11 (UTC).
- Since our last notification, the following additional URL(s) have been detected:
-
- hxxp://*****.**/
- hxxps://*****.**/about.php
- hxxps://*****.**/login?return_to=https%3A%2F%2Fgithub.com%2Fabout.php
- hxxps://*****.**/session
-
- You may not have been aware of this attack, however, you are still responsible for removing it.
-
- This attack targets our customer, GitHub, website URL https://github.com/.
-
- Please remove this fraudulent content, and any other associated fraudulent content, as soon as possible.
-
- Additionally, please keep the fraudulent content safe so that our customer and law enforcement agencies can investigate this incident further once the site is offline.
-
- More information about the detected issue is provided at https://incident.netcraft.com/e6bee1634826/
-
- Kind regards,
-
- Netcraft
-
- Phone: +44(0)1225 447500
- Fax: +44(0)1225 448600
- Netcraft Issue Number: 34779823
-
- To contact us about updates regarding this attack, please respond to this email. Please note: replies to this address will be logged, but aren’t always read. If you believe you have received this email in error, or you require further support, please contact: [email protected]
-
- This mail can be parsed with x-arf tools. Visit http://www.xarf.org/ for more information about x-arf.
复制代码
半夜收到探针告警,三台机器全部离线,刚刚登录一下后台,结果提示
your account has been disabled due to either tenant/user disable operation. |
![[疑问] 吃灰两年半的甲骨文首尔无了](https://bbs.toot.su/static/image/smiley/default/cry.gif){kind=small}
