{"id":20427,"date":"2024-09-17T15:31:26","date_gmt":"2024-09-17T08:31:26","guid":{"rendered":"https:\/\/thegioifirewall.com\/?p=20396"},"modified":"2025-03-24T07:27:22","modified_gmt":"2025-03-24T07:27:22","slug":"tong-hop-ve-ransomware-underground","status":"publish","type":"post","link":"https:\/\/vacif.com\/en\/tong-hop-ve-ransomware-underground\/","title":{"rendered":"T\u1ed4NG H\u1ee2P V\u1ec0 RANSOMWARE \u2013 UNDERGROUND"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Ng\u00e0y 30 th\u00e1ng 8 n\u0103m 2024<\/p>\n\n\n\n<p>FortiGuard Labs thu th\u1eadp d\u1eef li\u1ec7u v\u1ec1 c\u00e1c bi\u1ebfn th\u1ec3 ransomware \u0111\u00e1ng quan t\u00e2m \u0111ang thu h\u00fat s\u1ef1 ch\u00fa \u00fd trong c\u00e1c t\u1eadp d\u1eef li\u1ec7u c\u1ee7a ch\u00fang t\u00f4i v\u00e0 c\u1ed9ng \u0111\u1ed3ng OSINT. B\u00e1o c\u00e1o Ransomware Roundup nh\u1eb1m m\u1ee5c \u0111\u00edch cung c\u1ea5p cho \u0111\u1ed9c gi\u1ea3 nh\u1eefng hi\u1ec3u bi\u1ebft ng\u1eafn g\u1ecdn v\u1ec1 b\u1ed1i c\u1ea3nh ransomware \u0111ang ph\u00e1t tri\u1ec3n v\u00e0 c\u00e1c gi\u1ea3i ph\u00e1p Fortinet b\u1ea3o v\u1ec7 ch\u1ed1ng l\u1ea1i c\u00e1c bi\u1ebfn th\u1ec3 \u0111\u00f3.<\/p>\n\n\n\n<p>Phi\u00ean b\u1ea3n n\u00e0y c\u1ee7a Ransomware Roundup \u0111\u1ec1 c\u1eadp \u0111\u1ebfn ransomware Underground.<\/p>\n\n\n\n<p><strong>N\u1ec1n t\u1ea3ng b\u1ecb \u1ea3nh h\u01b0\u1edfng:<\/strong>&nbsp;&nbsp;Microsoft Windows<br><strong>C\u00e1c b\u00ean b\u1ecb \u1ea3nh h\u01b0\u1edfng:<\/strong>&nbsp;&nbsp;Microsoft Windows<br><strong>T\u00e1c \u0111\u1ed9ng:<\/strong>&nbsp;&nbsp;M\u00e3 h\u00f3a t\u1ec7p c\u1ee7a n\u1ea1n nh\u00e2n v\u00e0 y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c \u0111\u1ec3 gi\u1ea3i m\u00e3 t\u1ec7p<br><strong>M\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng:<\/strong>&nbsp;&nbsp;Cao<\/p>\n\n\n\n<p><strong>T\u1ed5ng quan v\u1ec1 Ransomware ng\u1ea7m<\/strong><\/p>\n\n\n\n<p>M\u1eabu \u0111\u1ea7u ti\u00ean c\u1ee7a ransomware Underground \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n l\u1ea7n \u0111\u1ea7u ti\u00ean v\u00e0o \u0111\u1ea7u th\u00e1ng 7 n\u0103m 2023, tr\u00ean m\u1ed9t trang web qu\u00e9t t\u1ec7p c\u00f4ng khai. \u0110i\u1ec1u n\u00e0y g\u1ea7n nh\u01b0 tr\u00f9ng kh\u1edbp v\u1edbi th\u1eddi \u0111i\u1ec3m n\u1ea1n nh\u00e2n \u0111\u1ea7u ti\u00ean \u0111\u01b0\u1ee3c \u0111\u0103ng tr\u00ean trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u c\u1ee7a h\u1ecd v\u00e0o ng\u00e0y 13 th\u00e1ng 7 n\u0103m 2023.<\/p>\n\n\n\n<p>Gi\u1ed1ng nh\u01b0 h\u1ea7u h\u1ebft c\u00e1c ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n kh\u00e1c, ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n n\u00e0y m\u00e3 h\u00f3a c\u00e1c t\u1eadp tin tr\u00ean m\u00e1y t\u00ednh Windows c\u1ee7a n\u1ea1n nh\u00e2n v\u00e0 y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c \u0111\u1ec3 gi\u1ea3i m\u00e3 th\u00f4ng qua c\u00e1c ghi ch\u00fa \u0111\u00f2i ti\u1ec1n chu\u1ed9c.<\/p>\n\n\n\n<p><strong>Vect\u01a1 l\u00e2y nhi\u1ec5m<\/strong><\/p>\n\n\n\n<p>C\u00e1c b\u00e1o c\u00e1o tr\u1ef1c tuy\u1ebfn cho bi\u1ebft nh\u00f3m RomCom c\u00f3 \u200b\u200btr\u1ee5 s\u1edf t\u1ea1i Nga, c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 Storm-0978, \u0111ang tri\u1ec3n khai ransomware Underground. Nh\u00f3m \u0111e d\u1ecda n\u00e0y \u0111\u01b0\u1ee3c bi\u1ebft l\u00e0 khai th\u00e1c CVE-2023-36884 (L\u1ed7 h\u1ed5ng RCE HTML c\u1ee7a Microsoft Office v\u00e0 Windows), c\u00f3 th\u1ec3 l\u00e0 vect\u01a1 l\u00e2y nhi\u1ec5m cho ransomware.<\/p>\n\n\n\n<p>FortiGuard Labs \u0111\u00e3 c\u00f4ng b\u1ed1 C\u1ea3nh b\u00e1o b\u00f9ng ph\u00e1t v\u1ec1 CVE-2023-36884 v\u00e0o ng\u00e0y 13 th\u00e1ng 7 n\u0103m 2024.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.fortiguard.com\/outbreak-alert\/microsoft-office-and-windows-html-attack\">C\u1ea3nh b\u00e1o b\u00f9ng ph\u00e1t: L\u1ed7 h\u1ed5ng RCE HTML c\u1ee7a Microsoft Office v\u00e0 Windows<\/a><\/li>\n<\/ul>\n\n\n\n<p>Nh\u00f3m n\u00e0y c\u0169ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng c\u00e1c ph\u01b0\u01a1ng th\u1ee9c l\u00e2y nhi\u1ec5m ph\u1ed5 bi\u1ebfn kh\u00e1c nh\u01b0 email v\u00e0 mua quy\u1ec1n truy c\u1eadp t\u1eeb Nh\u00e0 m\u00f4i gi\u1edbi truy c\u1eadp ban \u0111\u1ea7u (IAB).<\/p>\n\n\n\n<p><strong>Ph\u01b0\u01a1ng ph\u00e1p t\u1ea5n c\u00f4ng<\/strong><\/p>\n\n\n\n<p>Sau khi th\u1ef1c thi, ransomware Underground s\u1ebd x\u00f3a c\u00e1c b\u1ea3n sao \u1ea9n b\u1eb1ng l\u1ec7nh sau:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>vssadmin.exe x\u00f3a b\u00f3ng t\u1ed1i \/all \/quiet<\/li>\n<\/ul>\n\n\n\n<p>Ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n \u0111\u1eb7t th\u1eddi gian t\u1ed1i \u0111a m\u00e0 phi\u00ean RemoteDesktop\/TerminalServer c\u00f3 th\u1ec3 duy tr\u00ec ho\u1ea1t \u0111\u1ed9ng tr\u00ean m\u00e1y ch\u1ee7 l\u00e0 14 ng\u00e0y (14 ng\u00e0y sau khi ng\u01b0\u1eddi d\u00f9ng ng\u1eaft k\u1ebft n\u1ed1i) b\u1eb1ng l\u1ec7nh sau:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>reg.exe th\u00eam HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services \/ v MaxDisconnectionTime \/ t REG_DWORD \/ d 1209600000 \/ f<\/li>\n<\/ul>\n\n\n\n<p>Sau \u0111\u00f3 d\u1eebng d\u1ecbch v\u1ee5 MS SQL Server b\u1eb1ng l\u1ec7nh sau:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>net.exe d\u1eebng MSSQLSERVER \/f \/m<\/li>\n<\/ul>\n\n\n\n<p>Sau \u0111\u00f3, ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n s\u1ebd t\u1ea1o v\u00e0 th\u1ea3 m\u1ed9t ghi ch\u00fa \u0111\u00f2i ti\u1ec1n chu\u1ed9c c\u00f3 t\u00ean \u201c!!readme!!!.txt\u201d:<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-1.png\" alt=\"H\u00ecnh 1: Ghi ch\u00fa v\u1ec1 ti\u1ec1n chu\u1ed9c ransomware Underground\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 1: Ghi ch\u00fa v\u1ec1 ti\u1ec1n chu\u1ed9c ransomware Underground<\/p>\n\n\n\n<p>M\u1eb7c d\u00f9 ransomware m\u00e3 h\u00f3a c\u00e1c t\u1eadp tin nh\u01b0ng n\u00f3 kh\u00f4ng thay \u0111\u1ed5i ho\u1eb7c th\u00eam ph\u1ea7n m\u1edf r\u1ed9ng t\u1eadp tin.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-2.png\" alt=\"H\u00ecnh 2: M\u1ed9t t\u1eadp tin v\u0103n b\u1ea3n tr\u01b0\u1edbc khi m\u00e3 h\u00f3a t\u1eadp tin\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 2: M\u1ed9t t\u1eadp tin v\u0103n b\u1ea3n tr\u01b0\u1edbc khi m\u00e3 h\u00f3a t\u1eadp tin<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-3.png\" alt=\"H\u00ecnh 3: M\u1ed9t t\u1eadp tin v\u0103n b\u1ea3n sau khi m\u00e3 h\u00f3a t\u1eadp tin\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 3: M\u1ed9t t\u1eadp tin v\u0103n b\u1ea3n sau khi m\u00e3 h\u00f3a t\u1eadp tin<\/p>\n\n\n\n<p>N\u00f3 c\u0169ng tr\u00e1nh m\u00e3 h\u00f3a c\u00e1c t\u1eadp tin c\u00f3 ph\u1ea7n m\u1edf r\u1ed9ng sau:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>.sys<\/td><td>.exe<\/td><td>.dll<\/td><td>.bat<\/td><td>.bin<\/td><td>.cmd<\/td><\/tr><tr><td>.com<\/td><td>.cpl<\/td><td>.gadget<\/td><td>.inf1<\/td><td>.ins<\/td><td>.inx<\/td><\/tr><tr><td>.isu<\/td><td>.job<\/td><td>.jse<\/td><td>.lnk<\/td><td>.msc<\/td><td>.msi<\/td><\/tr><tr><td>.mst<\/td><td>.paf<\/td><td>.pif<\/td><td>.ps1<\/td><td>.reg<\/td><td>.rgs<\/td><\/tr><tr><td>.scr<\/td><td>.sct<\/td><td>.shb<\/td><td>shs<\/td><td>.u3p<\/td><td>.vb<\/td><\/tr><tr><td>.vbe<\/td><td>.vbs<\/td><td>.vbscript<\/td><td>.ws<\/td><td>.wsh<\/td><td>.wsf<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>Ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n n\u00e0y t\u1ea1o v\u00e0 th\u1ef1c thi temp.cmd, th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng sau:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>X\u00f3a t\u1ec7p ransomware g\u1ed1c<\/li>\n\n\n\n<li>L\u1ea5y danh s\u00e1ch c\u00e1c b\u1ea3n ghi S\u1ef1 ki\u1ec7n Windows v\u00e0 x\u00f3a ch\u00fang<\/li>\n<\/ul>\n\n\n\n<p><strong>Trang web v\u1ec1 n\u1ea1n nh\u00e2n v\u00e0 r\u00f2 r\u1ec9 d\u1eef li\u1ec7u<\/strong><\/p>\n\n\n\n<p>Ransomware Underground c\u00f3 m\u1ed9t trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u \u0111\u0103ng th\u00f4ng tin n\u1ea1n nh\u00e2n, bao g\u1ed3m d\u1eef li\u1ec7u b\u1ecb \u0111\u00e1nh c\u1eafp t\u1eeb n\u1ea1n nh\u00e2n. Hi\u1ec7n t\u1ea1i, trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u li\u1ec7t k\u00ea 16 n\u1ea1n nh\u00e2n, v\u1edbi n\u1ea1n nh\u00e2n g\u1ea7n \u0111\u00e2y nh\u1ea5t \u0111\u01b0\u1ee3c \u0111\u0103ng v\u00e0o ng\u00e0y 3 th\u00e1ng 7 n\u0103m 2024. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 ph\u00e2n t\u00edch chi ti\u1ebft v\u1ec1 c\u00e1c n\u1ea1n nh\u00e2n v\u00e0 ng\u00e0nh d\u1ecdc c\u1ee7a h\u1ecd:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Ng\u00e0y \u0111\u0103ng<\/strong><\/td><td><strong>V\u1ecb tr\u00ed c\u1ee7a n\u1ea1n nh\u00e2n<\/strong><\/td><td><strong>Ng\u00e0nh<\/strong><\/td><\/tr><tr><td>2024\/07\/03<\/td><td>Hoa K\u1ef3<\/td><td>S\u1ef1 thi c\u00f4ng<\/td><\/tr><tr><td>2024\/07\/01<\/td><td>Ph\u00e1p<\/td><td>D\u01b0\u1ee3c ph\u1ea9m<\/td><\/tr><tr><td>2024\/06\/17<\/td><td>Hoa K\u1ef3<\/td><td>D\u1ecbch v\u1ee5 chuy\u00ean nghi\u1ec7p<\/td><\/tr><tr><td>27\/05\/2024<\/td><td>Hoa K\u1ef3<\/td><td>Ng\u00e2n h\u00e0ng<\/td><\/tr><tr><td>2024\/05\/15<\/td><td>Hoa K\u1ef3<\/td><td>Thu\u1ed1c<\/td><\/tr><tr><td>2024\/05\/01<\/td><td>Hoa K\u1ef3<\/td><td>Ng\u00e0nh c\u00f4ng nghi\u1ec7p<\/td><\/tr><tr><td>2024\/04\/09<\/td><td>Hoa K\u1ef3<\/td><td>D\u1ecbch v\u1ee5 kinh doanh<\/td><\/tr><tr><td>2024\/04\/09<\/td><td>Hoa K\u1ef3<\/td><td>S\u1ef1 thi c\u00f4ng<\/td><\/tr><tr><td>2024\/03\/25<\/td><td>Hoa K\u1ef3<\/td><td>Ch\u1ebf t\u1ea1o<\/td><\/tr><tr><td>2024\/03\/06<\/td><td>H\u00e0n Qu\u1ed1c<\/td><td>Ch\u1ebf t\u1ea1o<\/td><\/tr><tr><td>2024\/02\/12<\/td><td>T\u00e2y ban nha<\/td><td>Ch\u1ebf t\u1ea1o<\/td><\/tr><tr><td>2024\/02\/02<\/td><td>\u0110\u1ee9c<\/td><td>Ng\u00e0nh c\u00f4ng nghi\u1ec7p<\/td><\/tr><tr><td>2023\/07\/31<\/td><td>Slovakia<\/td><td>D\u1ecbch v\u1ee5 kinh doanh<\/td><\/tr><tr><td>2024\/07\/18<\/td><td>\u0110\u00e0i Loan<\/td><td>Ng\u00e0nh c\u00f4ng nghi\u1ec7p<\/td><\/tr><tr><td>2024\/07\/18<\/td><td>Singapore<\/td><td>Ch\u1ebf t\u1ea1o<\/td><\/tr><tr><td>2024\/07\/14<\/td><td>Canada<\/td><td>Ch\u1ebf t\u1ea1o<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-4.png\" alt=\"H\u00ecnh 4: Trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u c\u1ee7a ransomware Underground\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 4: Trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u c\u1ee7a ransomware Underground<\/p>\n\n\n\n<p>Trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u c\u0169ng bao g\u1ed3m h\u1ed9p th\u1ea3 xu\u1ed1ng v\u1edbi danh s\u00e1ch c\u00e1c ng\u00e0nh m\u00e0 nh\u00f3m ransomware \u0111ang nh\u1eafm t\u1edbi ho\u1eb7c \u0111\u01b0\u1ee3c ph\u00e9p nh\u1eafm t\u1edbi.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-5.png\" alt=\"ng\u00e0nh c\u00f4ng nghi\u1ec7p ransomware ng\u1ea7m\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-6.png\" alt=\"H\u00ecnh 5: M\u1ed9t trong nh\u1eefng n\u1ea1n nh\u00e2n tr\u00ean trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 5: M\u1ed9t trong nh\u1eefng n\u1ea1n nh\u00e2n tr\u00ean trang web r\u00f2 r\u1ec9 d\u1eef li\u1ec7u<\/p>\n\n\n\n<p>Nh\u00f3m ransomware Underground c\u0169ng c\u00f3 k\u00eanh Telegram \u0111\u01b0\u1ee3c t\u1ea1o v\u00e0o ng\u00e0y 21 th\u00e1ng 3 n\u0103m 2024.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-7.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 6: K\u00eanh Telegram ransomware Underground<\/p>\n\n\n\n<p>Theo k\u00eanh Telegram, nh\u00f3m ransomware \u0111\u00e3 c\u00f4ng khai th\u00f4ng tin b\u1ecb \u0111\u00e1nh c\u1eafp c\u1ee7a n\u1ea1n nh\u00e2n tr\u00ean Mega, m\u1ed9t nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5 l\u01b0u tr\u1eef \u0111\u00e1m m\u00e2y \u0111ang b\u1ecb l\u1ea1m d\u1ee5ng.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/09\/tong-hop-ve-ransomware-underground-8.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>H\u00ecnh 7: K\u00eanh Telegram ch\u1ee9a li\u00ean k\u1ebft \u0111\u1ebfn th\u00f4ng tin b\u1ecb \u0111\u00e1nh c\u1eafp tr\u00ean Mega<\/p>\n\n\n\n<p><strong>B\u1ea3o v\u1ec7 Fortinet<\/strong><\/p>\n\n\n\n<p>Ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n Underground \u0111\u01b0\u1ee3c m\u00f4 t\u1ea3 trong b\u00e1o c\u00e1o n\u00e0y \u0111\u01b0\u1ee3c FortiGuard Antivirus ph\u00e1t hi\u1ec7n v\u00e0 ch\u1eb7n nh\u01b0 sau:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>W64\/IndustrySpy.C!tr.ransom<\/li>\n\n\n\n<li>W64\/Filecoder_IndustrialSpy.C!tr.ransom<\/li>\n\n\n\n<li>Ph\u1ea7n m\u1ec1m qu\u1ea3ng c\u00e1o\/Filecoder_IndustrialSpy<\/li>\n\n\n\n<li>Ph\u1ea7n m\u1ec1m r\u1ee7i ro\/Ti\u1ec1n chu\u1ed9c<\/li>\n<\/ul>\n\n\n\n<p>FortiGate, FortiMail, FortiClient v\u00e0 FortiEDR h\u1ed7 tr\u1ee3&nbsp;<a href=\"https:\/\/www.fortinet.com\/support\/support-services\/fortiguard-security-subscriptions\/antivirus\">d\u1ecbch v\u1ee5 FortiGuard AntiVirus<\/a>&nbsp;. C\u00f4ng c\u1ee5 FortiGuard AntiVirus l\u00e0 m\u1ed9t ph\u1ea7n c\u1ee7a m\u1ed7i gi\u1ea3i ph\u00e1p \u0111\u00f3. Do \u0111\u00f3, kh\u00e1ch h\u00e0ng c\u00f3 c\u00e1c s\u1ea3n ph\u1ea9m n\u00e0y v\u1edbi c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o v\u1ec7 c\u1eadp nh\u1eadt s\u1ebd \u0111\u01b0\u1ee3c b\u1ea3o v\u1ec7.<\/p>\n\n\n\n<p>Vui l\u00f2ng \u0111\u1ecdc c\u1ea3nh b\u00e1o v\u1ec1 d\u1ecbch b\u1ec7nh \u0111\u1ec3 b\u1ea3o v\u1ec7 b\u1ea3n th\u00e2n kh\u1ecfi t\u00e1c nh\u00e2n l\u00e2y nhi\u1ec5m ti\u1ec1m \u1ea9n (CVE-2023-36884) b\u1ecb ransomware Underground l\u1ee3i d\u1ee5ng:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.fortiguard.com\/outbreak-alert\/microsoft-office-and-windows-html-attack\">C\u1ea3nh b\u00e1o b\u00f9ng ph\u00e1t: L\u1ed7 h\u1ed5ng RCE HTML c\u1ee7a Microsoft Office v\u00e0 Windows<\/a><\/li>\n<\/ul>\n\n\n\n<p><strong>IOCs<\/strong><\/p>\n\n\n\n<p>IOC t\u1ec7p ransomware ng\u1ea7m<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>SHA2<\/strong><\/td><td><strong>Ghi ch\u00fa<\/strong><\/td><\/tr><tr><td>9543f71d7c4e394223c9d41ccef71541e1f1eb0cc76e8fa0f632b8365069af64<\/td><td rowspan=\"6\">&nbsp;&nbsp;Ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n ng\u1ea7m<\/td><\/tr><tr><td>9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f<\/td><\/tr><tr><td>eb8ed3b94fa978b27a02754d4f41ffc95ed95b9e62afb492015d0eb25f89956f<\/td><\/tr><tr><td>9d41b2f7c07110fb855c62b5e7e330a597860916599e73dd3505694fd1bbe163<\/td><\/tr><tr><td>cc80c74a3592374341324d607d877dcf564d326a1354f3f2a4af58030e716813<\/td><\/tr><tr><td>d4a847fa9c4c7130a852a2e197b205493170a8b44426d9ec481fc4b285a92666<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>H\u01b0\u1edbng d\u1eabn FortiGuard Labs<\/strong><\/p>\n\n\n\n<p>Do d\u1ec5 b\u1ecb gi\u00e1n \u0111o\u1ea1n, g\u00e2y thi\u1ec7t h\u1ea1i cho ho\u1ea1t \u0111\u1ed9ng h\u00e0ng ng\u00e0y, t\u00e1c \u0111\u1ed9ng ti\u1ec1m \u1ea9n \u0111\u1ebfn danh ti\u1ebfng c\u1ee7a t\u1ed5 ch\u1ee9c v\u00e0 vi\u1ec7c ph\u00e1 h\u1ee7y ho\u1eb7c ti\u1ebft l\u1ed9 th\u00f4ng tin nh\u1eadn d\u1ea1ng c\u00e1 nh\u00e2n (PII) kh\u00f4ng mong mu\u1ed1n, v.v., n\u00ean vi\u1ec7c c\u1eadp nh\u1eadt t\u1ea5t c\u1ea3 c\u00e1c ch\u1eef k\u00fd AV v\u00e0 IPS l\u00e0 r\u1ea5t quan tr\u1ecdng.<\/p>\n\n\n\n<p>V\u00ec ph\u1ea7n l\u1edbn ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n \u0111\u01b0\u1ee3c ph\u00e1t t\u00e1n qua l\u1eeba \u0111\u1ea3o, c\u00e1c t\u1ed5 ch\u1ee9c n\u00ean c\u00e2n nh\u1eafc s\u1eed d\u1ee5ng c\u00e1c gi\u1ea3i ph\u00e1p c\u1ee7a Fortinet \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 \u0111\u00e0o t\u1ea1o ng\u01b0\u1eddi d\u00f9ng hi\u1ec3u v\u00e0 ph\u00e1t hi\u1ec7n c\u00e1c m\u1ed1i \u0111e d\u1ecda l\u1eeba \u0111\u1ea3o:<\/p>\n\n\n\n<p>D\u1ecbch&nbsp;&nbsp;<a href=\"https:\/\/www.fortinet.com\/products\/phishing-simulation\">v\u1ee5 m\u00f4 ph\u1ecfng l\u1eeba \u0111\u1ea3o FortiPhish<\/a>&nbsp;&nbsp;s\u1eed d\u1ee5ng c\u00e1c m\u00f4 ph\u1ecfng th\u1ef1c t\u1ebf \u0111\u1ec3 gi\u00fap c\u00e1c t\u1ed5 ch\u1ee9c ki\u1ec3m tra nh\u1eadn th\u1ee9c v\u00e0 m\u1ee9c \u0111\u1ed9 c\u1ea3nh gi\u00e1c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng \u0111\u1ed1i v\u1edbi c\u00e1c m\u1ed1i \u0111e d\u1ecda l\u1eeba \u0111\u1ea3o v\u00e0 \u0111\u00e0o t\u1ea1o c\u0169ng nh\u01b0 c\u1ee7ng c\u1ed1 c\u00e1c bi\u1ec7n ph\u00e1p th\u1ef1c h\u00e0nh ph\u00f9 h\u1ee3p khi ng\u01b0\u1eddi d\u00f9ng g\u1eb7p ph\u1ea3i c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng l\u1eeba \u0111\u1ea3o c\u00f3 ch\u1ee7 \u0111\u00edch.<\/p>\n\n\n\n<p><a href=\"https:\/\/training.fortinet.com\/local\/staticpage\/view.php?page=fcf_cybersecurity\">Kh\u00f3a \u0111\u00e0o t\u1ea1o Fortinet Certified Fundamentals (FCF)<\/a>&nbsp;MI\u1ec4N PH\u00cd&nbsp;&nbsp;&nbsp;v\u1ec1 An ninh m\u1ea1ng c\u1ee7a ch\u00fang t\u00f4i. Kh\u00f3a \u0111\u00e0o t\u1ea1o \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 gi\u00fap ng\u01b0\u1eddi d\u00f9ng cu\u1ed1i t\u00ecm hi\u1ec3u v\u1ec1 b\u1ed1i c\u1ea3nh \u0111e d\u1ecda hi\u1ec7n nay v\u00e0 s\u1ebd gi\u1edbi thi\u1ec7u c\u00e1c kh\u00e1i ni\u1ec7m v\u00e0 c\u00f4ng ngh\u1ec7 an ninh m\u1ea1ng c\u01a1 b\u1ea3n.<\/p>\n\n\n\n<p>C\u00e1c t\u1ed5 ch\u1ee9c s\u1ebd c\u1ea7n th\u1ef1c hi\u1ec7n nh\u1eefng thay \u0111\u1ed5i c\u01a1 b\u1ea3n v\u1ec1 t\u1ea7n su\u1ea5t, v\u1ecb tr\u00ed v\u00e0 b\u1ea3o m\u1eadt cho c\u00e1c b\u1ea3n sao l\u01b0u d\u1eef li\u1ec7u c\u1ee7a m\u00ecnh \u0111\u1ec3 x\u1eed l\u00fd hi\u1ec7u qu\u1ea3 r\u1ee7i ro \u0111ang ph\u00e1t tri\u1ec3n v\u00e0 m\u1edf r\u1ed9ng nhanh ch\u00f3ng c\u1ee7a ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n. Khi k\u1ebft h\u1ee3p v\u1edbi s\u1ef1 x\u00e2m ph\u1ea1m chu\u1ed7i cung \u1ee9ng k\u1ef9 thu\u1eadt s\u1ed1 v\u00e0 l\u1ef1c l\u01b0\u1ee3ng lao \u0111\u1ed9ng l\u00e0m vi\u1ec7c t\u1eeb xa v\u00e0o m\u1ea1ng, c\u00f3 nguy c\u01a1 th\u1ef1c s\u1ef1 r\u1eb1ng c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 \u0111\u1ebfn t\u1eeb b\u1ea5t k\u1ef3 \u0111\u00e2u. C\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt d\u1ef1a tr\u00ean \u0111\u00e1m m\u00e2y, ch\u1eb3ng h\u1ea1n nh\u01b0&nbsp;&nbsp;<a href=\"https:\/\/www.fortinet.com\/resources\/cyberglossary\/sase?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=sase\">SASE<\/a>&nbsp;, \u0111\u1ec3 b\u1ea3o v\u1ec7 c\u00e1c thi\u1ebft b\u1ecb ngo\u00e0i m\u1ea1ng; b\u1ea3o m\u1eadt \u0111i\u1ec3m cu\u1ed1i ti\u00ean ti\u1ebfn, ch\u1eb3ng h\u1ea1n nh\u01b0&nbsp; c\u00e1c gi\u1ea3i ph\u00e1p&nbsp;<a href=\"https:\/\/www.fortinet.com\/products\/endpoint-security\/fortiedr?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=edr\">EDR<\/a>&nbsp;&nbsp;(ph\u00e1t hi\u1ec7n v\u00e0 ph\u1ea3n h\u1ed3i \u0111i\u1ec3m cu\u1ed1i) c\u00f3 th\u1ec3 ph\u00e1 v\u1ee1 ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i gi\u1eefa cu\u1ed9c t\u1ea5n c\u00f4ng; v\u00e0&nbsp;&nbsp;<a href=\"https:\/\/www.fortinet.com\/solutions\/enterprise-midsize-business\/network-access?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=zta\">Zero Trust Access<\/a>&nbsp;&nbsp;v\u00e0 c\u00e1c chi\u1ebfn l\u01b0\u1ee3c ph\u00e2n \u0111o\u1ea1n m\u1ea1ng h\u1ea1n ch\u1ebf quy\u1ec1n truy c\u1eadp v\u00e0o c\u00e1c \u1ee9ng d\u1ee5ng v\u00e0 t\u00e0i nguy\u00ean d\u1ef1a tr\u00ean ch\u00ednh s\u00e1ch v\u00e0 b\u1ed1i c\u1ea3nh, t\u1ea5t c\u1ea3 \u0111\u1ec1u n\u00ean \u0111\u01b0\u1ee3c nghi\u00ean c\u1ee9u \u0111\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro v\u00e0 gi\u1ea3m t\u00e1c \u0111\u1ed9ng c\u1ee7a m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n th\u00e0nh c\u00f4ng.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.fortinet.com\/solutions\/enterprise-midsize-business\/security-fabric?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=security-fabric\">L\u00e0 m\u1ed9t ph\u1ea7n c\u1ee7a Security Fabric<\/a>&nbsp;t\u00edch h\u1ee3p \u0111\u1ea7y \u0111\u1ee7 h\u00e0ng \u0111\u1ea7u trong ng\u00e0nh&nbsp;&nbsp;, mang l\u1ea1i s\u1ef1 hi\u1ec7p l\u1ef1c v\u00e0 t\u1ef1 \u0111\u1ed9ng h\u00f3a trong to\u00e0n b\u1ed9 h\u1ec7 sinh th\u00e1i b\u1ea3o m\u1eadt c\u1ee7a b\u1ea1n, Fortinet c\u0169ng cung c\u1ea5p danh m\u1ee5c c\u00f4ng ngh\u1ec7 v\u00e0 d\u1ecbch v\u1ee5 theo y\u00eau c\u1ea7u c\u1ee7a con ng\u01b0\u1eddi. C\u00e1c d\u1ecbch v\u1ee5 n\u00e0y \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3 b\u1edfi \u0111\u1ed9i ng\u0169 chuy\u00ean gia an ninh m\u1ea1ng d\u00e0y d\u1ea1n kinh nghi\u1ec7m c\u1ee7a FortiGuard to\u00e0n c\u1ea7u.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.fortinet.com\/products\/fortirecon\">FortiRecon<\/a>&nbsp;&nbsp;l\u00e0 D\u1ecbch v\u1ee5 Ph\u00f2ng ng\u1eeba R\u1ee7i ro K\u1ef9 thu\u1eadt s\u1ed1 d\u1ef1a tr\u00ean SaaS \u0111\u01b0\u1ee3c c\u00e1c chuy\u00ean gia an ninh m\u1ea1ng h\u1ed7 tr\u1ee3 \u0111\u1ec3 cung c\u1ea5p th\u00f4ng tin t\u00ecnh b\u00e1o v\u1ec1 m\u1ed1i \u0111e d\u1ecda v\u00f4 song v\u1ec1 ho\u1ea1t \u0111\u1ed9ng m\u1edbi nh\u1ea5t c\u1ee7a t\u00e1c nh\u00e2n \u0111e d\u1ecda tr\u00ean dark web, cung c\u1ea5p hi\u1ec3u bi\u1ebft s\u00e2u s\u1eafc v\u1ec1 \u0111\u1ed9ng c\u01a1 v\u00e0 TTP c\u1ee7a t\u00e1c nh\u00e2n \u0111e d\u1ecda. D\u1ecbch v\u1ee5 c\u00f3 th\u1ec3 ph\u00e1t hi\u1ec7n b\u1eb1ng ch\u1ee9ng v\u1ec1 c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng \u0111ang di\u1ec5n ra, cho ph\u00e9p kh\u00e1ch h\u00e0ng ph\u1ea3n \u1ee9ng nhanh ch\u00f3ng v\u00e0 ng\u0103n ch\u1eb7n c\u00e1c m\u1ed1i \u0111e d\u1ecda \u0111ang ho\u1ea1t \u0111\u1ed9ng.<\/p>\n\n\n\n<p><strong>T\u1ed1t nh\u1ea5t kh\u00f4ng tr\u1ea3 ti\u1ec1n chu\u1ed9c<\/strong><\/p>\n\n\n\n<p>C\u00e1c t\u1ed5 ch\u1ee9c nh\u01b0 CISA, NCSC,&nbsp;&nbsp;<a href=\"https:\/\/www.fbi.gov\/scams-and-safety\/common-scams-and-crimes\/ransomware\">FBI<\/a>&nbsp;v\u00e0 HHS c\u1ea3nh b\u00e1o n\u1ea1n nh\u00e2n ransomware kh\u00f4ng n\u00ean tr\u1ea3 ti\u1ec1n chu\u1ed9c m\u1ed9t ph\u1ea7n v\u00ec kho\u1ea3n thanh to\u00e1n kh\u00f4ng \u0111\u1ea3m b\u1ea3o r\u1eb1ng c\u00e1c t\u1ec7p s\u1ebd \u0111\u01b0\u1ee3c kh\u00f4i ph\u1ee5c. Theo&nbsp;&nbsp;<a href=\"https:\/\/home.treasury.gov\/system\/files\/126\/ofac_ransomware_advisory_10012020_1.pdf\">khuy\u1ebfn c\u00e1o c\u1ee7a V\u0103n ph\u00f2ng Ki\u1ec3m so\u00e1t T\u00e0i s\u1ea3n N\u01b0\u1edbc ngo\u00e0i (OFAC) thu\u1ed9c B\u1ed9 T\u00e0i ch\u00ednh Hoa K\u1ef3<\/a>&nbsp;, c\u00e1c kho\u1ea3n thanh to\u00e1n ti\u1ec1n chu\u1ed9c c\u0169ng c\u00f3 th\u1ec3 khuy\u1ebfn kh\u00edch k\u1ebb th\u00f9 nh\u1eafm m\u1ee5c ti\u00eau v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c kh\u00e1c, khuy\u1ebfn kh\u00edch c\u00e1c t\u00e1c nh\u00e2n t\u1ed9i ph\u1ea1m kh\u00e1c ph\u00e2n ph\u1ed1i ransomware v\u00e0\/ho\u1eb7c t\u00e0i tr\u1ee3 cho c\u00e1c ho\u1ea1t \u0111\u1ed9ng b\u1ea5t h\u1ee3p ph\u00e1p c\u00f3 kh\u1ea3 n\u0103ng l\u00e0 b\u1ea5t h\u1ee3p ph\u00e1p. \u0110\u1ed1i v\u1edbi c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 c\u00e1 nh\u00e2n b\u1ecb \u1ea3nh h\u01b0\u1edfng b\u1edfi ransomware, FBI c\u00f3 trang Khi\u1ebfu n\u1ea1i v\u1ec1 Ransomware,&nbsp;&nbsp;<a href=\"https:\/\/www.ic3.gov\/Home\/Ransomware\">n\u01a1i<\/a>&nbsp;&nbsp;n\u1ea1n nh\u00e2n c\u00f3 th\u1ec3 g\u1eedi c\u00e1c m\u1eabu ho\u1ea1t \u0111\u1ed9ng ransomware th\u00f4ng qua Trung t\u00e2m Khi\u1ebfu n\u1ea1i v\u1ec1 T\u1ed9i ph\u1ea1m Internet (IC3) c\u1ee7a h\u1ecd.<\/p>\n\n\n\n<p>Fortinet c\u00f3 th\u1ec3 gi\u00fap g\u00ec<\/p>\n\n\n\n<p><a href=\"https:\/\/www.fortinet.com\/support\/support-services\/fortiguard-security-subscriptions\/incident-response?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=incident-response-service\">D\u1ecbch v\u1ee5 \u1ee9ng ph\u00f3 s\u1ef1 c\u1ed1 kh\u1ea9n c\u1ea5p<\/a>&nbsp;c\u1ee7a FortiGuard Labs&nbsp;&nbsp;&nbsp;cung c\u1ea5p ph\u1ea3n h\u1ed3i nhanh ch\u00f3ng v\u00e0 hi\u1ec7u qu\u1ea3 khi ph\u00e1t hi\u1ec7n s\u1ef1 c\u1ed1.&nbsp;&nbsp;<a href=\"https:\/\/www.fortinet.com\/content\/dam\/fortinet\/assets\/solution-guides\/sb-fortiguard-incident-readiness-subscription-service.pdf?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=fg-incident-readiness-service\">D\u1ecbch v\u1ee5 \u0111\u0103ng k\u00fd s\u1eb5n s\u00e0ng \u1ee9ng ph\u00f3 s\u1ef1 c\u1ed1<\/a>&nbsp;c\u1ee7a ch\u00fang t\u00f4i &nbsp;cung c\u1ea5p c\u00e1c c\u00f4ng c\u1ee5 v\u00e0 h\u01b0\u1edbng d\u1eabn \u0111\u1ec3 gi\u00fap b\u1ea1n chu\u1ea9n b\u1ecb t\u1ed1t h\u01a1n cho s\u1ef1 c\u1ed1 m\u1ea1ng th\u00f4ng qua c\u00e1c \u0111\u00e1nh gi\u00e1 v\u1ec1 m\u1ee9c \u0111\u1ed9 s\u1eb5n s\u00e0ng, ph\u00e1t tri\u1ec3n s\u1ed5 tay h\u01b0\u1edbng d\u1eabn \u1ee9ng ph\u00f3 s\u1ef1 c\u1ed1 an ninh m\u1ea1ng v\u00e0 th\u1eed nghi\u1ec7m s\u1ed5 tay h\u01b0\u1edbng d\u1eabn \u1ee9ng ph\u00f3 s\u1ef1 c\u1ed1 an ninh m\u1ea1ng (b\u00e0i t\u1eadp th\u1ef1c h\u00e0nh).<\/p>\n\n\n\n<p>Ngo\u00e0i ra,&nbsp;&nbsp;<a href=\"https:\/\/www.fortinet.com\/products\/fortirecon?utm_source=blog&amp;utm_medium=blog&amp;utm_campaign=fortirecon\">FortiRecon Digital Risk Protection (DRP)<\/a>&nbsp;&nbsp;l\u00e0 d\u1ecbch v\u1ee5 d\u1ef1a tr\u00ean SaaS cung c\u1ea5p c\u00e1i nh\u00ecn v\u1ec1 nh\u1eefng g\u00ec k\u1ebb th\u00f9 \u0111ang nh\u00ecn th\u1ea5y, l\u00e0m v\u00e0 l\u1eadp k\u1ebf ho\u1ea1ch \u0111\u1ec3 gi\u00fap b\u1ea1n ch\u1ed1ng l\u1ea1i c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng \u1edf giai \u0111o\u1ea1n trinh s\u00e1t v\u00e0 gi\u1ea3m \u0111\u00e1ng k\u1ec3 r\u1ee7i ro, th\u1eddi gian v\u00e0 chi ph\u00ed gi\u1ea3m thi\u1ec3u m\u1ed1i \u0111e d\u1ecda \u1edf giai \u0111o\u1ea1n sau.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ng\u00e0y 30 th\u00e1ng 8 n\u0103m 2024 FortiGuard Labs thu th\u1eadp d\u1eef li\u1ec7u v\u1ec1 c\u00e1c bi\u1ebfn th\u1ec3 ransomware \u0111\u00e1ng quan t\u00e2m \u0111ang thu h\u00fat s\u1ef1 ch\u00fa \u00fd trong c\u00e1c t\u1eadp d\u1eef li\u1ec7u c\u1ee7a ch\u00fang t\u00f4i v\u00e0 c\u1ed9ng \u0111\u1ed3ng OSINT. B\u00e1o c\u00e1o Ransomware Roundup nh\u1eb1m m\u1ee5c \u0111\u00edch cung c\u1ea5p cho \u0111\u1ed9c gi\u1ea3 nh\u1eefng hi\u1ec3u bi\u1ebft ng\u1eafn g\u1ecdn [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":20567,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[80,10],"tags":[496,92],"class_list":["post-20427","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-huong-dan-tai-lieu","category-tin-tuc","tag-microsoft-windows","tag-ransomware","entry","has-media"],"_links":{"self":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20427","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/comments?post=20427"}],"version-history":[{"count":1,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20427\/revisions"}],"predecessor-version":[{"id":20579,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20427\/revisions\/20579"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media\/20567"}],"wp:attachment":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media?parent=20427"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/categories?post=20427"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/tags?post=20427"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}