2022年6月18日 星期六

資安事件新聞週報 2022/6/13 ~ 2022/6/17

 資安事件新聞週報 2022/6/13  ~  2022/6/17

1.重大弱點漏洞/後門/Exploit/Zero Day
Sophos防火牆3月底的漏洞修補,傳出中國駭客在此之前就已經著手濫用
https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/

中國駭客攻擊Sophos防火牆漏洞
https://www.ithome.com.tw/news/151493

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html

F5重大資安漏洞已陸續出現嚴重攻擊,請盡快修補及管控
https://www.cc.ntu.edu.tw/chinese/cert/cert20220616.asp

2022年6月11日 星期六

資安事件新聞週報 2022/6/6 ~ 2022/6/10

 資安事件新聞週報 2022/6/6  ~  2022/6/10

1.重大弱點漏洞/後門/Exploit/Zero Day
已修補的SAP商用軟體漏洞遭到濫用
https://onapsis.com/blog/three-actively-exploited-sap-vulnerabilities-identified-onapsis-research-labs

Even the Most Advanced Threats Rely on Unpatched Systems
https://thehackernews.com/2022/06/even-most-advanced-threats-rely-on.html

Windows又有新零時差漏洞DogWalk
https://times.hinet.net/news/23959255

研究人員揭露另一個MSDT零時差漏洞DogWalk
https://twitter.com/j00sean/status/1533889445027536899

繼 Follina 之後,又出現另一個微軟 MSDT 零時差漏洞「DogWalk」
https://technews.tw/2022/06/10/dogwalk-another-microsoft-ignored-msdt-vulnerability-like-follina-gets-unofficial-patch/

有人利用微軟Office的MSHTML、MSDT重大漏洞,在烏克蘭散布Cobalt Strike
https://cert.gov.ua/article/40559

MSDT零時差漏洞再度遭到利用,TA570用於散布惡意軟體QBot
https://www.bleepingcomputer.com/news/security/qbot-malware-now-uses-windows-msdt-zero-day-in-phishing-attacks/

Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability
https://thehackernews.com/2022/06/researchers-warn-of-unpatched-dogwalk.html

Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices
https://thehackernews.com/2022/06/unpatched-critical-flaws-disclosed-in-u.html

2022年6月4日 星期六

資安事件新聞週報 2022/5/30 ~ 2022/6/3

 資安事件新聞週報 2022/5/30  ~  2022/6/3

1.重大弱點漏洞/後門/Exploit/Zero Day
逾360萬臺MySQL伺服器曝露於網際網路,恐成為攻擊目標
https://www.shadowserver.org/news/over-3-6m-exposed-mysql-servers-on-ipv4-and-ipv6/

Microsoft 已發布安全更新,以解決服務診斷工具(MSDT)中的弱點
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190

Windows搜尋通訊協定存在零時差漏洞
https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/

Office零時差漏洞讓駭客執行惡意指令,關閉巨集也不見得擋得了
https://www.ithome.com.tw/news/151211

研究人員揭露Office零時差漏洞,駭客可藉由RTF檔案觸發
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/

中共國TA413 APT駭客組織正在利用微軟Follina漏洞進行瘋狂攻擊
https://gnews.org/zh-hant/2655908/

2022年5月27日 星期五

資安事件新聞週報 2022/5/23 ~ 2022/5/27

 資安事件新聞週報 2022/5/23  ~  2022/5/27

1.重大弱點漏洞/後門/Exploit/Zero Day
Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers
https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html

雲達修補存在3年的伺服器BMC韌體漏洞Pantsdown
https://eclypsium.com/2022/05/26/quanta-servers-still-vulnerable-to-pantsdown/

Google:Cytrox開採5個零時差漏洞以植入Predator間諜程式
https://www.ithome.com.tw/news/151066

思科修補的IOS XR路由器作業系統軟體零時差漏洞,已出現攻擊行動
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK

Zyxel修補防火牆、無線基地臺、AP控制器漏洞
https://www.zyxel.com/tw/zh/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml

VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others)
https://unit42.paloaltonetworks.com/cve-2022-22954-vmware-vulnerabilities/

2022年5月20日 星期五

資安事件新聞週報 2022/5/16 ~ 2022/5/20

 資安事件新聞週報 2022/5/16  ~  2022/5/20

1.重大弱點漏洞/後門/Exploit/Zero Day
Oracle Security Alert for CVE-2022-21500
https://www.oracle.com/security-alerts/alert-cve-2022-21500.html

SonicWall修補SSL VPN設備的高風險漏洞
https://www.sonicwall.com/support/knowledge-base/security-notice-sma-1000-series-unauthenticated-access-control-bypass/220510172939820/

Microsoft 推出 2022 年 5 月 Patch Tuesday 資安更新修補包
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9861

微軟發佈5月份安全性公告
https://msrc.microsoft.com/update-guide/deployments

三個月前修補的SharePoint漏洞被研究人員繞過,微軟再度進行修補
https://starlabs.sg/blog/2022/05/new-wine-in-old-bottle-microsoft-sharepoint-post-auth-deserialization-rce-cve-2022-29108/

Windows Local Security Authority(LSA) 存在高風險漏洞(CVE-2022-26925)
https://www.klcg.gov.tw/tw/education/3522-255125.html

Adobe 已發布安全更新,以解決多個 Adobe 產品中的弱點
https://www.cisa.gov/uscert/ncas/current-activity/2022/05/12/adobe-releases-security-updates-multiple-products

High-Severity Bug Reported in Google's OAuth Client Library for Java
https://thehackernews.com/2022/05/high-severity-bug-reported-in-googles.html

VMware Releases Patches for New Vulnerabilities Affecting Multiple Products
https://thehackernews.com/2022/05/vmware-releases-patches-for-new.html

VMware修補旗下產品的身分驗證繞過漏洞,美國要求公部門限期完成修補
https://www.bleepingcomputer.com/news/security/vmware-patches-critical-auth-bypass-flaw-in-multiple-products/

2022年5月13日 星期五

資安事件新聞週報 2022/5/9 ~ 2022/5/13

 資安事件新聞週報 2022/5/9  ~  2022/5/13

1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco 近日發布 NFV 基礎軟體的安全性更新
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-MUL-7DySRX9

駭客透過F5的BIG-IP重大漏洞進行破壞性攻擊,意圖清除該系統上的所有檔案
https://www.bleepingcomputer.com/news/security/critical-f5-big-ip-vulnerability-targeted-by-destructive-attacks/

F5 Networks之BIG-IP產品存在高風險安全漏洞(CVE-2022-1388)
https://www.klcg.gov.tw/tw/education/3522-254843.html

F5 修補重大的BIG-IP遠端執行漏洞,概念性驗證攻擊程式即將現身
https://www.ithome.com.tw/news/150831

F5 BIG-IP 16.0.x - Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50932

兩家資安業者發現BIG-IP系統重大漏洞極為容易利用,呼籲用戶儘速修補
https://www.bleepingcomputer.com/news/security/exploits-created-for-critical-f5-big-ip-flaw-install-patch-immediately/

HP修補逾200款HP電腦與筆電的韌體漏洞,若不修補,恐被攻擊者取得作業系統核心權限執行程式碼
https://www.bleepingcomputer.com/news/security/hp-fixes-bug-letting-attackers-overwrite-firmware-in-over-200-models/

HP修補波及逾200款裝置的BIOS漏洞
https://www.ithome.com.tw/news/150889

2022年5月6日 星期五

資安事件新聞週報 2022/5/2 ~ 2022/5/6

 資安事件新聞週報 2022/5/2  ~  2022/5/6

1.重大弱點漏洞/後門/Exploit/Zero Day
F5 BIG-IP 多版本存在安全性弱點
https://support.f5.com/csp/article/K23605346

Cisco 近日發布更新以解決多個產品的安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-security-bypass-JhOd29Gg

Linux 系統拉警報!全新 Nimbuspwn 漏洞讓駭客成功獲取系統最高權限
https://technews.tw/2022/05/03/new-nimbuspwn-linux-vulnerability-gives-hackers-root-privileges/

Google修補Chrome逾30個漏洞,當中7個存在重大風險
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html

Google Releases Android Update to Patch Actively Exploited Vulnerability
https://thehackernews.com/2022/05/google-releases-android-update-to-patch.html