資安事件新聞週報 2019/12/23 ~ 2019/12/27
1.重大弱點漏洞/後門/Exploit/Zero Day
IBM WebSphere Application Server 遠端執行任意程式碼漏洞
https://www.ibm.com/support/pages/node/1115085
Dropbox含有可取得系統權限的安全漏洞
https://www.ithome.com.tw/news/134979
360安全大腦發現並協助修復VMware遠程高危漏洞
https://finance.jrj.com.cn/2019/12/25151428585242.shtml
你找到1個大漏洞拿4500萬!蘋果撒錢擴大漏洞懸賞計畫
https://www.setn.com/News.aspx?NewsID=659037
重賞 $11,680,000 ! Apple 開放舉報保安漏洞懸賞機制
http://bit.ly/2MntKWL
OnePlus推賞金獎勵計劃 找出系統漏洞最高獎逾5萬元
https://reurl.cc/EKN48a
Citrix修補遠端程式攻擊漏洞
https://www.ithome.com.tw/news/135005
Citrix Systems Citrix ADC and NetScaler Gateway和Citrix Application Delivery Controller 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781
Citrix產品中的漏洞使80000家公司面臨風險
https://www.linuxidc.com/Linux/2019-12/161805.htm
2019年12月27日 星期五
2019年12月20日 星期五
資安事件新聞週報 2019/12/16 ~ 2019/12/20
資安事件新聞週報 2019/12/16 ~ 2019/12/20
1.重大弱點漏洞/後門/Exploit/Zero Day
Micro Focus ArcSight Logger 跨站請求偽造漏洞 CVE-2019-11657
https://nvd.nist.gov/vuln/detail/CVE-2019-11657
Trend Micro HouseCall for Home Networks 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19689
TP-Link 路由器遠端執行任意程式碼漏洞
https://www.securitywizardry.com/the-radar-page/alert-details#alerts
TP-Link修補不用密碼就能登入路由器的安全漏洞
https://www.ithome.com.tw/news/134878
TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover
https://securityintelligence.com/posts/tp-link-archer-router-vulnerability-voids-admin-password-can-allow-remote-takeover/
新的攻擊 CPU 手法 Plundervolt 出現,超頻降頻也能觸發漏洞
https://technews.tw/2019/12/17/cpu-plundervolt/
1.重大弱點漏洞/後門/Exploit/Zero Day
Micro Focus ArcSight Logger 跨站請求偽造漏洞 CVE-2019-11657
https://nvd.nist.gov/vuln/detail/CVE-2019-11657
Trend Micro HouseCall for Home Networks 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19689
TP-Link 路由器遠端執行任意程式碼漏洞
https://www.securitywizardry.com/the-radar-page/alert-details#alerts
TP-Link修補不用密碼就能登入路由器的安全漏洞
https://www.ithome.com.tw/news/134878
TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover
https://securityintelligence.com/posts/tp-link-archer-router-vulnerability-voids-admin-password-can-allow-remote-takeover/
新的攻擊 CPU 手法 Plundervolt 出現,超頻降頻也能觸發漏洞
https://technews.tw/2019/12/17/cpu-plundervolt/
2019年12月13日 星期五
資安事件新聞週報 2019/12/9 ~ 2019/12/13
資安事件新聞週報 2019/12/9 ~ 2019/12/13
1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco DNA Spaces:Connector SQL注入漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-dna-sqlinjection
Cisco 指控 Zoom Connector for Cisco 會造成嚴重資安漏洞
https://www.twcert.org.tw/tw/cp-104-3118-53912-1.html
IBM QRadar SIEM跨站脚本漏洞
https://www.ibm.com/support/pages/node/1103499
VMware ESXi 和 Horizon DaaS 發布安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0022.html
DroneSense 現安全漏洞 警用無人機監視路線被公開
http://bit.ly/2RMjPxp
1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco DNA Spaces:Connector SQL注入漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-dna-sqlinjection
Cisco 指控 Zoom Connector for Cisco 會造成嚴重資安漏洞
https://www.twcert.org.tw/tw/cp-104-3118-53912-1.html
IBM QRadar SIEM跨站脚本漏洞
https://www.ibm.com/support/pages/node/1103499
VMware ESXi 和 Horizon DaaS 發布安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0022.html
DroneSense 現安全漏洞 警用無人機監視路線被公開
http://bit.ly/2RMjPxp
2019年12月6日 星期五
資安事件新聞週報 2019/12/2 ~ 2019/12/6
資安事件新聞週報 2019/12/2 ~ 2019/12/6
1.重大弱點漏洞/後門/Exploit/Zero Day
MISP 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19379
Linux漏洞將允許駭客挾持VPN連線
https://ithome.com.tw/news/134652
安全預警- 某些華為設備中存在DoS安全漏洞
https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-03-dos-cn
IBM WebSphere eXtreme Scale Admin Console點擊劫持漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4109
IBM DataPower Gateway 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4621
HP Workstation BIOS安全特征问题漏洞
https://support.hp.com/us-en/document/c06318199
可重複的模擬攻擊技術在漏洞管理領域的應用
https://www.chainnews.com/zh-hant/articles/215260357729.htm
索尼再現網站安全漏洞宣布關閉隱患網頁
https://nosec.org/home/detail/3252.html
GoAhead Web 服務器又現關鍵漏洞
https://www.chainnews.com/zh-hant/articles/100479860666.htm
Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices
https://thehackernews.com/2019/12/goahead-web-server-hacking.html
1.重大弱點漏洞/後門/Exploit/Zero Day
MISP 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19379
Linux漏洞將允許駭客挾持VPN連線
https://ithome.com.tw/news/134652
安全預警- 某些華為設備中存在DoS安全漏洞
https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-03-dos-cn
IBM WebSphere eXtreme Scale Admin Console點擊劫持漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4109
IBM DataPower Gateway 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4621
HP Workstation BIOS安全特征问题漏洞
https://support.hp.com/us-en/document/c06318199
可重複的模擬攻擊技術在漏洞管理領域的應用
https://www.chainnews.com/zh-hant/articles/215260357729.htm
索尼再現網站安全漏洞宣布關閉隱患網頁
https://nosec.org/home/detail/3252.html
GoAhead Web 服務器又現關鍵漏洞
https://www.chainnews.com/zh-hant/articles/100479860666.htm
Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices
https://thehackernews.com/2019/12/goahead-web-server-hacking.html
2019年11月29日 星期五
資安事件新聞週報 2019/11/25 ~ 2019/11/29
資安事件新聞週報 2019/11/25 ~ 2019/11/29
1.重大弱點漏洞/後門/Exploit/Zero Day
Google 已發布安全更新以解決多個產品中的弱點
https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html
CWE公布2019年最危險的25個軟體錯誤
https://www.ithome.com.tw/news/134475
Fortinet 多個產品存在加密金鑰弱點,可能造成中間人成功竊聽或披露機敏資訊
https://fortiguard.com/psirt/FG-IR-18-100
TOP25 漏洞類型 8 年後首次迎來更新
https://www.chainnews.com/zh-hant/articles/142025348603.htm
phpMyAdmin 遠端執行任意程式碼漏洞
https://www.phpmyadmin.net/security/PMASA-2019-5/
Red Hat JBoss Enterprise Application Platform 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.4484/
部份Fortinet產品加密金鑰漏洞,可讓駭客竊聽用戶活動
https://ithome.com.tw/news/134415
一加公佈個人信息安全漏洞並向受影響客戶致歉
https://www.cnbeta.com/articles/tech/913985.htm
TP-Link TL-WR841N 遠端執行程式碼漏洞
https://www.zerodayinitiative.com/advisories/ZDI-19-992/
ClamAV CVE-2013-7088
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7088
ClamAV CVE-2013-7087
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7087
2019年11月23日 星期六
資安事件新聞週報 2019/11/18 ~ 2019/11/22
資安事件新聞週報 2019/11/18 ~ 2019/11/22
1.重大弱點漏洞/後門/Exploit/Zero Day
中彈!高通晶片有漏洞 手機個資不保
https://www.chinatimes.com/realtimenews/20191118003422-260410?chdtv
透過智慧門鈴就可攻擊整個房子聯網設備!Amazon 已修補Ring Video Doorbell Pro 漏洞
https://blog.trendmicro.com.tw/?p=62657
Grin核心開發者解析Mimblewimble「漏洞」:非根本性缺陷,Grin很安全
https://news.knowing.asia/news/0cc8c2e7-222c-40e0-a7c8-5c010ede7023
Grin 隱私模型漏洞!駭客每週花費60美元的AWS服務,就能追蹤 96% 金流地址
https://www.blocktempo.com/former-google-engineer-uncovers-96-of-privacy-altcoin-addresses/
Fortinet FortOS 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19111802
Fortinet FortiClient 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19111901
Google動態郵件功能出現XSS漏洞,可讓駭客透過Gmail發動攻擊
https://www.ithome.com.tw/news/134279
IBM WebSphere Application 遠端執行任意程式碼漏洞
https://www.hkcert.org/my_url/zh/alert/19111801
HKCERT 呼籲關注Windows 7、Windows伺服器2008 及 2008 R2 終止支援服務
https://www.hkcert.org/my_url/zh/blog/19112201
引發 BSoD 的BlueKeep漏洞攻擊,造成系統崩潰的原因
https://blog.trendmicro.com.tw/?p=62621
High-Severity Windows UAC Flaw Enables Privilege Escalation
https://threatpost.com/windows-uac-flaw-privilege-escalation/150463/
1.重大弱點漏洞/後門/Exploit/Zero Day
中彈!高通晶片有漏洞 手機個資不保
https://www.chinatimes.com/realtimenews/20191118003422-260410?chdtv
透過智慧門鈴就可攻擊整個房子聯網設備!Amazon 已修補Ring Video Doorbell Pro 漏洞
https://blog.trendmicro.com.tw/?p=62657
Grin核心開發者解析Mimblewimble「漏洞」:非根本性缺陷,Grin很安全
https://news.knowing.asia/news/0cc8c2e7-222c-40e0-a7c8-5c010ede7023
Grin 隱私模型漏洞!駭客每週花費60美元的AWS服務,就能追蹤 96% 金流地址
https://www.blocktempo.com/former-google-engineer-uncovers-96-of-privacy-altcoin-addresses/
Fortinet FortOS 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19111802
Fortinet FortiClient 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19111901
Google動態郵件功能出現XSS漏洞,可讓駭客透過Gmail發動攻擊
https://www.ithome.com.tw/news/134279
IBM WebSphere Application 遠端執行任意程式碼漏洞
https://www.hkcert.org/my_url/zh/alert/19111801
HKCERT 呼籲關注Windows 7、Windows伺服器2008 及 2008 R2 終止支援服務
https://www.hkcert.org/my_url/zh/blog/19112201
引發 BSoD 的BlueKeep漏洞攻擊,造成系統崩潰的原因
https://blog.trendmicro.com.tw/?p=62621
High-Severity Windows UAC Flaw Enables Privilege Escalation
https://threatpost.com/windows-uac-flaw-privilege-escalation/150463/
2019年11月15日 星期五
資安事件新聞週報 2019/11/11 ~ 2019/11/15
資安事件新聞週報 2019/11/11 ~ 2019/11/15
1.重大弱點漏洞/後門/Exploit/Zero Day
開機載入程式Das U-Boot暗藏程式攻擊漏洞
https://ithome.com.tw/news/134091
McAfee antivirus software impacted by code execution vulnerability
https://www.zdnet.com/article/mcafee-antivirus-software-impacted-by-code-execution-vulnerability/#ftag=RSSbaffb68
JVNVU#91935870 Trend Micro Anti-Threat Toolkit (ATTK) における任意のコード実行が可能な脆弱性
https://jvn.jp/vu/JVNVU91935870/
蘋果 macOS 系統內建郵件功能藏重大漏洞!快用一招防堵個資遭外洩
https://3c.ltn.com.tw/news/38577
Apple Mail on macOS leaves parts of encrypted emails in plaintext
https://www.zdnet.com/article/apple-mail-on-macos-leaves-parts-of-encrypted-emails-in-plaintext/#ftag=RSSbaffb68
思科Talos發現LEADTOOLS工具包中存在多個漏洞,可能導致遠程代碼執行
https://www.t00ls.net/articles-53771.html
思科產品遠端執行任意程式碼漏洞
https://tools.cisco.com/security/center/publicationListing.x
Pulse Secure VPN Arbitrary Command Execution
https://packetstormsecurity.com/files/155277/pulse_secure_cmd_exec.rb.txt
1.重大弱點漏洞/後門/Exploit/Zero Day
開機載入程式Das U-Boot暗藏程式攻擊漏洞
https://ithome.com.tw/news/134091
McAfee antivirus software impacted by code execution vulnerability
https://www.zdnet.com/article/mcafee-antivirus-software-impacted-by-code-execution-vulnerability/#ftag=RSSbaffb68
JVNVU#91935870 Trend Micro Anti-Threat Toolkit (ATTK) における任意のコード実行が可能な脆弱性
https://jvn.jp/vu/JVNVU91935870/
蘋果 macOS 系統內建郵件功能藏重大漏洞!快用一招防堵個資遭外洩
https://3c.ltn.com.tw/news/38577
Apple Mail on macOS leaves parts of encrypted emails in plaintext
https://www.zdnet.com/article/apple-mail-on-macos-leaves-parts-of-encrypted-emails-in-plaintext/#ftag=RSSbaffb68
思科Talos發現LEADTOOLS工具包中存在多個漏洞,可能導致遠程代碼執行
https://www.t00ls.net/articles-53771.html
思科產品遠端執行任意程式碼漏洞
https://tools.cisco.com/security/center/publicationListing.x
Pulse Secure VPN Arbitrary Command Execution
https://packetstormsecurity.com/files/155277/pulse_secure_cmd_exec.rb.txt
2019年11月8日 星期五
資安事件新聞週報 2019/11/4 ~ 2019/11/8
資安事件新聞週報 2019/11/4 ~ 2019/11/8
1.重大弱點漏洞/後門/Exploit/Zero Day
BlueKeep漏洞發生第一波大規模攻擊,引發藍色死亡螢幕
https://www.ithome.com.tw/news/133987
First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild
https://thehackernews.com/2019/11/bluekeep-rdp-vulnerability.html
Snyk釋出最新JavaScript框架安全性報告,不少熱門框架模組存在XSS漏洞
https://www.ithome.com.tw/news/134029
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
https://www.exploit-db.com/exploits/47590
ZTE 9000E 權限許可和訪問控制問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3425
多款D-Link產品遠程代碼執行漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16920
F5 BIG-IP AFM SQL注入漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6658
1.重大弱點漏洞/後門/Exploit/Zero Day
BlueKeep漏洞發生第一波大規模攻擊,引發藍色死亡螢幕
https://www.ithome.com.tw/news/133987
First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild
https://thehackernews.com/2019/11/bluekeep-rdp-vulnerability.html
Snyk釋出最新JavaScript框架安全性報告,不少熱門框架模組存在XSS漏洞
https://www.ithome.com.tw/news/134029
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
https://www.exploit-db.com/exploits/47590
ZTE 9000E 權限許可和訪問控制問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3425
多款D-Link產品遠程代碼執行漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16920
F5 BIG-IP AFM SQL注入漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6658
2019年11月1日 星期五
資安事件新聞週報 2019/10/28 ~ 2019/11/1
資安事件新聞週報 2019/10/28 ~ 2019/11/1
1.重大弱點漏洞/後門/Exploit/Zero Day
Symantec antivirus crashes something again. This time Chrome 78 browsers
https://www.zdnet.com/article/symantec-antivirus-crashes-something-again-this-time-chrome-78-browsers/#ftag=RSSbaffb68
VMWare vCenter 伺服器設備資料洩露漏洞
https://www.vmware.com/security/advisories/VMSA-2019-0018.html
MikroTik RouterOS 6.45.6 - DNS Cache Poisoning
https://www.exploit-db.com/exploits/47566
主流虛擬化平臺 QEMU-KVM 被曝存在漏洞,可完全控制宿主機及其虛擬機
https://www.chainnews.com/zh-hant/articles/730633063482.htm
Google Chrome/Microsoft Edge Chromium version 78.0.x error "Aw, Snap! Something went wrong while displaying this webpage." when using Endpoint Protection
https://support.symantec.com/us/en/article.tech256047.html
Where the beep is Reopen Closed Tab in Chrome 78? (and how to get it back)
https://www.zdnet.com/article/where-the-beep-is-reopen-closed-tab-in-chrome-78-and-how-to-get-it-back/#ftag=RSSbaffb68
Samba Releases Security Updates
https://www.samba.org/samba/security/CVE-2019-10218.html
https://www.samba.org/samba/security/CVE-2019-14833.html
https://www.samba.org/samba/security/CVE-2019-14847.html
1.重大弱點漏洞/後門/Exploit/Zero Day
Symantec antivirus crashes something again. This time Chrome 78 browsers
https://www.zdnet.com/article/symantec-antivirus-crashes-something-again-this-time-chrome-78-browsers/#ftag=RSSbaffb68
VMWare vCenter 伺服器設備資料洩露漏洞
https://www.vmware.com/security/advisories/VMSA-2019-0018.html
MikroTik RouterOS 6.45.6 - DNS Cache Poisoning
https://www.exploit-db.com/exploits/47566
主流虛擬化平臺 QEMU-KVM 被曝存在漏洞,可完全控制宿主機及其虛擬機
https://www.chainnews.com/zh-hant/articles/730633063482.htm
Google Chrome/Microsoft Edge Chromium version 78.0.x error "Aw, Snap! Something went wrong while displaying this webpage." when using Endpoint Protection
https://support.symantec.com/us/en/article.tech256047.html
Where the beep is Reopen Closed Tab in Chrome 78? (and how to get it back)
https://www.zdnet.com/article/where-the-beep-is-reopen-closed-tab-in-chrome-78-and-how-to-get-it-back/#ftag=RSSbaffb68
Samba Releases Security Updates
https://www.samba.org/samba/security/CVE-2019-10218.html
https://www.samba.org/samba/security/CVE-2019-14833.html
https://www.samba.org/samba/security/CVE-2019-14847.html
2019年10月25日 星期五
資安事件新聞週報 2019/10/21 ~ 2019/10/25
資安事件新聞週報 2019/10/21 ~ 2019/10/25
1.重大弱點漏洞/後門/Exploit/Zero Day
SRLabs發現智能揚聲器新漏洞或變身監聽用戶的間諜設備
https://www.cnbeta.com/articles/tech/901805.htm
Google、Amazon智能喇叭偷錄密碼
http://bit.ly/2P77wue
Symantec antivirus crashes something again. This time Chrome 78 browsers
https://www.zdnet.com/article/symantec-antivirus-crashes-something-again-this-time-chrome-78-browsers/#ftag=RSSbaffb68
Apache Traffic Server 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
Docker Hub現支援TOTP雙因素驗證
https://www.ithome.com.tw/news/133748
PHP遠程代碼執行漏洞預警(CVE-2019-11043)
https://www.huaweicloud.com/notice/2018/20191024155807348.html
PHP 遠程代碼執行漏洞(CVE-2019-11043)[附exploit]
http://vulsee.com/archives/vulsee_2019/1023_9128.html
Fortinet FortiOS 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15703
NETGEAR JNR1010訪問控制錯誤漏洞
https://kb.netgear.com/30177/JNR1010-Firmware-Version-1-0-0-32
Oracle Java SE 安全漏洞(CVE-2019-11068)
http://www.dukulong.com/article/CVE-2019-11068.html
Weblogic反序列化遠程代碼執行漏洞預警通告
https://cloud.tencent.com/developer/article/1526492
1.重大弱點漏洞/後門/Exploit/Zero Day
SRLabs發現智能揚聲器新漏洞或變身監聽用戶的間諜設備
https://www.cnbeta.com/articles/tech/901805.htm
Google、Amazon智能喇叭偷錄密碼
http://bit.ly/2P77wue
Symantec antivirus crashes something again. This time Chrome 78 browsers
https://www.zdnet.com/article/symantec-antivirus-crashes-something-again-this-time-chrome-78-browsers/#ftag=RSSbaffb68
Apache Traffic Server 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
Docker Hub現支援TOTP雙因素驗證
https://www.ithome.com.tw/news/133748
PHP遠程代碼執行漏洞預警(CVE-2019-11043)
https://www.huaweicloud.com/notice/2018/20191024155807348.html
PHP 遠程代碼執行漏洞(CVE-2019-11043)[附exploit]
http://vulsee.com/archives/vulsee_2019/1023_9128.html
Fortinet FortiOS 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15703
NETGEAR JNR1010訪問控制錯誤漏洞
https://kb.netgear.com/30177/JNR1010-Firmware-Version-1-0-0-32
Oracle Java SE 安全漏洞(CVE-2019-11068)
http://www.dukulong.com/article/CVE-2019-11068.html
Weblogic反序列化遠程代碼執行漏洞預警通告
https://cloud.tencent.com/developer/article/1526492
2019年10月18日 星期五
資安事件新聞週報 2019/10/14 ~ 2019/10/18
資安事件新聞週報 2019/10/14 ~ 2019/10/18
1.重大弱點漏洞/後門/Exploit/Zero Day
Juniper 10月產品安全性更新公告
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
GitHub 首席安全工程師:Linux 暗藏嚴重漏洞,存在至少4 年
https://www.infoq.cn/article/WSWoSgGNk9iz0Had5XmU?utm_source=rss&utm_medium=article
FDA對影響醫療裝置和醫院網路的URGENT/11漏洞發出警報
https://blog.trendmicro.com.tw/?p=62255
BMC Software Patrol Agent 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17043
ReportLab 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17626
BIND 多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/10/17/isc-releases-security-advisories-bind
LimeSurvey 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17660
HiNet GPON 3097 埠允許遠端執行任意指令
https://tvn.twcert.org.tw/taiwanvn/TVN-201908005
NETGEAR JNR1010 訪問控制錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-11014
TOPMeeting 全球行動視訊會議系統含有機敏資料暴露漏洞
https://tvn.twcert.org.tw/taiwanvn/TVN-201907002
Sonatype Nexus Repository Manager 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15893
Firefox部署程式碼注射攻擊保護
https://www.ithome.com.tw/news/133620
Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks
https://thehackernews.com/2019/10/firefox-javascript-injection.html
DEVCORE 剖析 Mail2000 漏洞已於去年修補正式聲明
https://www.openfind.com.tw/taiwan/news_detail.php?news_id=10198
1.重大弱點漏洞/後門/Exploit/Zero Day
Juniper 10月產品安全性更新公告
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
GitHub 首席安全工程師:Linux 暗藏嚴重漏洞,存在至少4 年
https://www.infoq.cn/article/WSWoSgGNk9iz0Had5XmU?utm_source=rss&utm_medium=article
FDA對影響醫療裝置和醫院網路的URGENT/11漏洞發出警報
https://blog.trendmicro.com.tw/?p=62255
BMC Software Patrol Agent 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17043
ReportLab 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17626
BIND 多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/10/17/isc-releases-security-advisories-bind
LimeSurvey 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17660
HiNet GPON 3097 埠允許遠端執行任意指令
https://tvn.twcert.org.tw/taiwanvn/TVN-201908005
NETGEAR JNR1010 訪問控制錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-11014
TOPMeeting 全球行動視訊會議系統含有機敏資料暴露漏洞
https://tvn.twcert.org.tw/taiwanvn/TVN-201907002
Sonatype Nexus Repository Manager 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15893
Firefox部署程式碼注射攻擊保護
https://www.ithome.com.tw/news/133620
Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks
https://thehackernews.com/2019/10/firefox-javascript-injection.html
DEVCORE 剖析 Mail2000 漏洞已於去年修補正式聲明
https://www.openfind.com.tw/taiwan/news_detail.php?news_id=10198
2019年10月11日 星期五
資安事件新聞週報 2019/10/7 ~ 2019/10/11
資安事件新聞週報 2019/10/7 ~ 2019/10/11
1.重大弱點漏洞/後門/Exploit/Zero Day
英國政府警告:Pulse Secure、Palo Alto和Fortinet的VPN存在APT攻擊漏洞
https://www.ithome.com.tw/news/133480
Unpatched VPN Servers Targeted by Nation-State Attackers
https://www.bankinfosecurity.com/unpatched-vpn-servers-targeted-by-nation-state-attackers-a-13202
Vulnerabilities exploited in VPN products used worldwide
https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities
Palo Alto PAN-OS 遠端執行程式碼漏洞
https://www.hkcert.org/my_url/zh/alert/19072402
Fortinet FortOS 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19100802
Juniper Networks 產品安全性漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0074
IBM WebSphere Application 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.3731/
https://www.auscert.org.au/bulletins/ESB-2019.3728/
熱門UI設計工具Figma的擴充套件系統存在漏洞,官方抽換底層基礎架構
https://www.ithome.com.tw/news/133492
Notepad++ (x64) before 7.7 CVE-2019-16294 – Remote Code Execution
https://0day.life/exploits/0day-940.html
1.重大弱點漏洞/後門/Exploit/Zero Day
英國政府警告:Pulse Secure、Palo Alto和Fortinet的VPN存在APT攻擊漏洞
https://www.ithome.com.tw/news/133480
Unpatched VPN Servers Targeted by Nation-State Attackers
https://www.bankinfosecurity.com/unpatched-vpn-servers-targeted-by-nation-state-attackers-a-13202
Vulnerabilities exploited in VPN products used worldwide
https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities
Palo Alto PAN-OS 遠端執行程式碼漏洞
https://www.hkcert.org/my_url/zh/alert/19072402
Fortinet FortOS 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19100802
Juniper Networks 產品安全性漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0074
IBM WebSphere Application 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.3731/
https://www.auscert.org.au/bulletins/ESB-2019.3728/
熱門UI設計工具Figma的擴充套件系統存在漏洞,官方抽換底層基礎架構
https://www.ithome.com.tw/news/133492
Notepad++ (x64) before 7.7 CVE-2019-16294 – Remote Code Execution
https://0day.life/exploits/0day-940.html
2019年10月4日 星期五
資安事件新聞週報 2019/9/30 ~ 2019/10/4
資安事件新聞週報 2019/9/30 ~ 2019/10/4
1.重大弱點漏洞/後門/Exploit/Zero Day
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x
Red Hat JBoss 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.3689/
https://www.auscert.org.au/bulletins/ESB-2019.3672/
IBM WebSphere Application Server 多個漏洞
https://www.ibm.com/support/pages/node/960171
蘋果產品多個漏洞
https://support.apple.com/en-us/HT201222
Checkm8漏洞有多恐怖永久性破解蘋果A5-A11設備
https://new.qq.com/omn/20190928/20190928A09R9900.html
谷歌Google軟件現嚴重漏洞導致部分蘋果Mac電腦無法正常啟動
http://www.sohu.com/a/343990168_499322
vBulletin緊急修補本周被揭露的零時差漏洞
https://ithome.com.tw/news/133295
物聯網裝置攻擊頻傳,戴夫寇爾揭露中華電信數據機設置不當的漏洞
https://www.ithome.com.tw/news/133322
關於CVE-2019-1367 IE瀏覽器遠程代碼執行高危漏洞安全加固的緊急通報
https://www.heibai.org/post/1526.html
1.重大弱點漏洞/後門/Exploit/Zero Day
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x
Red Hat JBoss 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.3689/
https://www.auscert.org.au/bulletins/ESB-2019.3672/
IBM WebSphere Application Server 多個漏洞
https://www.ibm.com/support/pages/node/960171
蘋果產品多個漏洞
https://support.apple.com/en-us/HT201222
Checkm8漏洞有多恐怖永久性破解蘋果A5-A11設備
https://new.qq.com/omn/20190928/20190928A09R9900.html
谷歌Google軟件現嚴重漏洞導致部分蘋果Mac電腦無法正常啟動
http://www.sohu.com/a/343990168_499322
vBulletin緊急修補本周被揭露的零時差漏洞
https://ithome.com.tw/news/133295
物聯網裝置攻擊頻傳,戴夫寇爾揭露中華電信數據機設置不當的漏洞
https://www.ithome.com.tw/news/133322
關於CVE-2019-1367 IE瀏覽器遠程代碼執行高危漏洞安全加固的緊急通報
https://www.heibai.org/post/1526.html
2019年9月27日 星期五
資安事件新聞週報 2019/9/23 ~ 2019/9/27
資安事件新聞週報 2019/9/23 ~ 2019/9/27
1.重大弱點漏洞/後門/Exploit/Zero Day
泰國司法部長就電子跟蹤器手環EM漏洞 司法部索賠逾8300萬銖
http://www.udnbkk.com/article-286128-1.html
清華大學發現ARM、Intel處理器漏洞;華為發布Mate 30系列手機
https://kknews.cc/tech/qlklg5r.html
makandra consul gem for Ruby 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16377
Agwl駭客組織再攻Phpstudy,新增Apache Solr漏洞利用
https://s.tencent.com/research/report/813.html
全球最大同性交友網站化身漏洞管理者,還有25個潛在漏洞排名
https://www.jishuwen.com/d/pmdz/zh-tw
Kubernetes Kubectl曝安全漏洞,Rancher產品不受影響
https://segmentfault.com/a/1190000020464083
1.重大弱點漏洞/後門/Exploit/Zero Day
泰國司法部長就電子跟蹤器手環EM漏洞 司法部索賠逾8300萬銖
http://www.udnbkk.com/article-286128-1.html
清華大學發現ARM、Intel處理器漏洞;華為發布Mate 30系列手機
https://kknews.cc/tech/qlklg5r.html
makandra consul gem for Ruby 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16377
Agwl駭客組織再攻Phpstudy,新增Apache Solr漏洞利用
https://s.tencent.com/research/report/813.html
全球最大同性交友網站化身漏洞管理者,還有25個潛在漏洞排名
https://www.jishuwen.com/d/pmdz/zh-tw
Kubernetes Kubectl曝安全漏洞,Rancher產品不受影響
https://segmentfault.com/a/1190000020464083
2019年9月20日 星期五
資安事件新聞週報 2019/9/16 ~ 2019/9/20
資安事件新聞週報 2019/9/16 ~ 2019/9/20
1.重大弱點漏洞/後門/Exploit/Zero Day
Atlassian Jira 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14996
Windows Defender malware scans are failing after a few seconds
https://www.zdnet.com/article/windows-defender-malware-scans-are-failing-after-a-few-seconds/
Haxx curl 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
IBM WebSphere Application Server 多個漏洞
https://www.ibm.com/support/pages/security-bulletin-information-disclosure-vulnerability-websphere-application-server-cve-2019-4477
https://www.ibm.com/support/pages/security-bulletin-file-traversal-vulnerability-websphere-application-server-admin-console-cve-2019-4268
https://www.ibm.com/support/pages/security-bulletin-cross-site-scripting-vulnerability-websphere-application-server-admin-console-cve-2019-4270
CVE-2019-1579:-- #Critical Pre-Authentication #Vulnerability
https://github.com/securifera/CVE-2019-1579
Vivotek VIVOTEK IP Camera 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14458
Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions
https://thehackernews.com/2019/09/phpmyadmin-csrf-exploit.html
安全專家在多家廠商的SOHO路由器和NAS設備中發現了125個新漏洞
https://nosec.org/home/detail/2966.html
125 New Flaws Found in Routers and NAS Devices from Popular Brands
https://thehackernews.com/2019/09/hacking-soho-routers.html
1.重大弱點漏洞/後門/Exploit/Zero Day
Atlassian Jira 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14996
Windows Defender malware scans are failing after a few seconds
https://www.zdnet.com/article/windows-defender-malware-scans-are-failing-after-a-few-seconds/
Haxx curl 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
IBM WebSphere Application Server 多個漏洞
https://www.ibm.com/support/pages/security-bulletin-information-disclosure-vulnerability-websphere-application-server-cve-2019-4477
https://www.ibm.com/support/pages/security-bulletin-file-traversal-vulnerability-websphere-application-server-admin-console-cve-2019-4268
https://www.ibm.com/support/pages/security-bulletin-cross-site-scripting-vulnerability-websphere-application-server-admin-console-cve-2019-4270
CVE-2019-1579:-- #Critical Pre-Authentication #Vulnerability
https://github.com/securifera/CVE-2019-1579
Vivotek VIVOTEK IP Camera 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14458
Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions
https://thehackernews.com/2019/09/phpmyadmin-csrf-exploit.html
安全專家在多家廠商的SOHO路由器和NAS設備中發現了125個新漏洞
https://nosec.org/home/detail/2966.html
125 New Flaws Found in Routers and NAS Devices from Popular Brands
https://thehackernews.com/2019/09/hacking-soho-routers.html
2019年9月13日 星期五
資安事件新聞週報 2019/9/9 ~ 2019/9/13
資安事件新聞週報 2019/9/9 ~ 2019/9/13
1.重大弱點漏洞/後門/Exploit/Zero Day
藏在純文字檔的Jenkins外掛漏洞
https://blog.trendmicro.com.tw/?p=61935
上百萬台網路收音機暗藏可遭駭客挾持的安全漏洞
https://ithome.com.tw/news/132984
Palo Alto Global 漏洞(CVE-2019-1579)
https://nosec.org/home/detail/2951.html
Pulse Secure VPN嚴重漏洞(CVE-2019-11510)警報
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution
https://www.exploit-db.com/exploits/47354
Telnet backdoor vulnerabilities impact over a million IoT radio devices
https://www.zdnet.com/article/critical-vulnerabilities-impact-over-a-million-iot-radio-devices/#ftag=RSSbaffb68
Imperial & Dabman Internet Radio - Undocumented Telnetd & Code Execution
https://www.vulnerability-db.com/?q=articles/2019/09/09/imperial-dabman-internet-radio-undocumented-telnetd-code-execution
Java finally goes all in on open source with the Jakarta EE 8 release
https://www.zdnet.com/article/java-finally-goes-all-in-on-open-source-with-the-release-of-jakarta-ee-8/#ftag=RSSbaffb68
OfficeScan 11.0 SP1終止技術服務通知
https://esupport.trendmicro.com/zh-tw/business/topic_techsupport/topic_eosproduct.aspx
Vulnerability Spotlight: Denial-of-service vulnerabilities in some NETGEAR routers
https://blog.talosintelligence.com/2019/09/vuln-spotlight-Netgear-N300-routers-DoS-sept-2019.html
1.重大弱點漏洞/後門/Exploit/Zero Day
藏在純文字檔的Jenkins外掛漏洞
https://blog.trendmicro.com.tw/?p=61935
上百萬台網路收音機暗藏可遭駭客挾持的安全漏洞
https://ithome.com.tw/news/132984
Palo Alto Global 漏洞(CVE-2019-1579)
https://nosec.org/home/detail/2951.html
Pulse Secure VPN嚴重漏洞(CVE-2019-11510)警報
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution
https://www.exploit-db.com/exploits/47354
Telnet backdoor vulnerabilities impact over a million IoT radio devices
https://www.zdnet.com/article/critical-vulnerabilities-impact-over-a-million-iot-radio-devices/#ftag=RSSbaffb68
Imperial & Dabman Internet Radio - Undocumented Telnetd & Code Execution
https://www.vulnerability-db.com/?q=articles/2019/09/09/imperial-dabman-internet-radio-undocumented-telnetd-code-execution
Java finally goes all in on open source with the Jakarta EE 8 release
https://www.zdnet.com/article/java-finally-goes-all-in-on-open-source-with-the-release-of-jakarta-ee-8/#ftag=RSSbaffb68
OfficeScan 11.0 SP1終止技術服務通知
https://esupport.trendmicro.com/zh-tw/business/topic_techsupport/topic_eosproduct.aspx
Vulnerability Spotlight: Denial-of-service vulnerabilities in some NETGEAR routers
https://blog.talosintelligence.com/2019/09/vuln-spotlight-Netgear-N300-routers-DoS-sept-2019.html
2019年9月6日 星期五
資安事件新聞週報 2019/9/2 ~ 2019/9/6
資安事件新聞週報 2019/9/2 ~ 2019/9/6
1.重大弱點漏洞/後門/Exploit/Zero Day
PSV、PS3雙雙獲得韌體更新,但似乎忘了把漏洞補上
https://www.techbang.com/posts/72481-psv-ps3-double-get-stolic-update-but-seem-to-forget-to-fill-in-the-vulnerability
發現美國海軍網站的敏感信息洩露和SQL注入漏洞
https://nosec.org/home/detail/2909.html
企業修補進度慢!近期臺灣資安業者揭露的SSL VPN漏洞,傳出已遭駭客鎖定
https://www.ithome.com.tw/news/132764
SonarQube檢測出的bug、漏洞以及異味的修復整理
https://cloud.tencent.com/developer/article/1497624
Zimbra-RCE
https://github.com/rek7/Zimbra-RCE
Trend Micro OfficeScan (OSCE) DLL Side-Loading安全性弱點通告
https://nvd.nist.gov/vuln/detail/CVE-2019-9492
Hiding in Plain Text: Jenkins Plugin Vulnerabilities
https://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-text-jenkins-plugin-vulnerabilities/
Lightning Network用戶敦促因漏洞而緊急更新軟件
https://0xzx.com/201908302043248275.html
SA103 : October 2015 NTP Security Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1335.html
SA98 : OpenSSL Security Advisory 11-June-2015
https://support.symantec.com/us/en/article.SYMSA1325.html
SA104 : OpenSSH Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1337.html
1.重大弱點漏洞/後門/Exploit/Zero Day
PSV、PS3雙雙獲得韌體更新,但似乎忘了把漏洞補上
https://www.techbang.com/posts/72481-psv-ps3-double-get-stolic-update-but-seem-to-forget-to-fill-in-the-vulnerability
發現美國海軍網站的敏感信息洩露和SQL注入漏洞
https://nosec.org/home/detail/2909.html
企業修補進度慢!近期臺灣資安業者揭露的SSL VPN漏洞,傳出已遭駭客鎖定
https://www.ithome.com.tw/news/132764
SonarQube檢測出的bug、漏洞以及異味的修復整理
https://cloud.tencent.com/developer/article/1497624
Zimbra-RCE
https://github.com/rek7/Zimbra-RCE
Trend Micro OfficeScan (OSCE) DLL Side-Loading安全性弱點通告
https://nvd.nist.gov/vuln/detail/CVE-2019-9492
Hiding in Plain Text: Jenkins Plugin Vulnerabilities
https://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-text-jenkins-plugin-vulnerabilities/
Lightning Network用戶敦促因漏洞而緊急更新軟件
https://0xzx.com/201908302043248275.html
SA103 : October 2015 NTP Security Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1335.html
SA98 : OpenSSL Security Advisory 11-June-2015
https://support.symantec.com/us/en/article.SYMSA1325.html
SA104 : OpenSSH Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1337.html
2019年8月30日 星期五
資安事件新聞週報 2019/8/26 ~ 2019/8/30
資安事件新聞週報 2019/8/26 ~ 2019/8/30
1.重大弱點漏洞/後門/Exploit/Zero Day
2019年HITCON ZeroDay漏洞通報現況,注意弱密碼問題通報數量增,還有人才媒合新功能上線
https://www.ithome.com.tw/news/132620
企業弱密碼今年狂被駭!HITCON資安漏洞申報平台連台電、群暉都拜託「抓漏」
http://bit.ly/2PfQM5x
Kubernetes嚴重漏洞致服務器DoS攻擊
https://www.4hou.com/vulnerable/19863.html
IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10964780
台灣資安公司揭露多家企業級 VPN 服務漏洞後,駭客便用來攔截流量
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=919
Palo Alto PAN-OS 多個漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/159
https://securityadvisories.paloaltonetworks.com/Home/Detail/160
https://securityadvisories.paloaltonetworks.com/Home/Detail/161
Palo Alto Networks PAN-OS 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1582
Cisco 多個產品發布新的安全更新
https://www.us-cert.gov/ncas/current-activity/2019/08/22/cisco-releases-security-updates
思科 NX-OS 多個漏洞
https://tools.cisco.com/security/center/publicationListing.x
1.重大弱點漏洞/後門/Exploit/Zero Day
2019年HITCON ZeroDay漏洞通報現況,注意弱密碼問題通報數量增,還有人才媒合新功能上線
https://www.ithome.com.tw/news/132620
企業弱密碼今年狂被駭!HITCON資安漏洞申報平台連台電、群暉都拜託「抓漏」
http://bit.ly/2PfQM5x
Kubernetes嚴重漏洞致服務器DoS攻擊
https://www.4hou.com/vulnerable/19863.html
IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10964780
台灣資安公司揭露多家企業級 VPN 服務漏洞後,駭客便用來攔截流量
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=919
Palo Alto PAN-OS 多個漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/159
https://securityadvisories.paloaltonetworks.com/Home/Detail/160
https://securityadvisories.paloaltonetworks.com/Home/Detail/161
Palo Alto Networks PAN-OS 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1582
Cisco 多個產品發布新的安全更新
https://www.us-cert.gov/ncas/current-activity/2019/08/22/cisco-releases-security-updates
思科 NX-OS 多個漏洞
https://tools.cisco.com/security/center/publicationListing.x
2019年8月23日 星期五
資安事件新聞週報 2019/8/19 ~ 2019/8/23
資安事件新聞週報 2019/8/19 ~ 2019/8/23
1.重大弱點漏洞/後門/Exploit/Zero Day
卡巴斯基殺毒軟件被曝出用戶上網痕跡洩露漏洞
https://zhuanlan.zhihu.com/p/78480931
被HTTP/2漏洞拖累,所有Kubernetes版本受影響
https://www.kubernetes.org.cn/5746.html
UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks
https://www.zdnet.com/article/uk-cybersecurity-agency-warns-devs-to-drop-python-2-due-to-looming-eol-security-risks/#ftag=RSSbaffb68
npm撤下含有可竊取登入憑證的bb-builder套件
https://www.ithome.com.tw/news/132572
npm Pulls Malicious Package that Stole Login Passwords
https://www.bleepingcomputer.com/news/security/npm-pulls-malicious-package-that-stole-login-passwords/
The NPM package that walked away with all your passwords
https://blog.reversinglabs.com/blog/the-npm-package-that-walked-away-with-all-your-passwords
IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10964780
1.重大弱點漏洞/後門/Exploit/Zero Day
卡巴斯基殺毒軟件被曝出用戶上網痕跡洩露漏洞
https://zhuanlan.zhihu.com/p/78480931
被HTTP/2漏洞拖累,所有Kubernetes版本受影響
https://www.kubernetes.org.cn/5746.html
UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks
https://www.zdnet.com/article/uk-cybersecurity-agency-warns-devs-to-drop-python-2-due-to-looming-eol-security-risks/#ftag=RSSbaffb68
npm撤下含有可竊取登入憑證的bb-builder套件
https://www.ithome.com.tw/news/132572
npm Pulls Malicious Package that Stole Login Passwords
https://www.bleepingcomputer.com/news/security/npm-pulls-malicious-package-that-stole-login-passwords/
The NPM package that walked away with all your passwords
https://blog.reversinglabs.com/blog/the-npm-package-that-walked-away-with-all-your-passwords
IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10964780
2019年8月16日 星期五
資安事件新聞週報 2019/8/12 ~ 2019/8/16
資安事件新聞週報 2019/8/12 ~ 2019/8/16
1.重大弱點漏洞/後門/Exploit/Zero Day
Steam驚爆安全漏洞 逾1億玩家恐受影響
https://newtalk.tw/news/view/2019-08-11/284396
托最新藍牙漏洞的“福”,我險些把小電影和賬戶密碼親手給黑客
https://tech.ifeng.com/c/7p8gRStrlcA
JVNVU#90240762 Bluetooth BR/EDR での暗号鍵エントロピーのネゴシエーションにおける問題
https://jvn.jp/vu/JVNVU90240762/
賽門鐵克防毒軟體和Windows SHA-2不相容,微軟暫停更新
https://www.ithome.com.tw/news/132435
Kasper-Spy: Kaspersky Anti-Virus puts users at risk
https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html
Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online
https://thehackernews.com/2019/08/kaspersky-antivirus-online-tracking.html
Trend Micro fixes privilege escalation security flaw in Password Manager
https://www.zdnet.com/article/trend-micro-fixes-hijack-security-flaw-in-password-manager/#ftag=RSSbaffb68
Trend Micro Password Manager - Privilege Escalation to SYSTEM
https://safebreach.com/Post/Trend-Micro-Password-Manager-Privilege-Escalation-to-SYSTEM
HTTP/2含有多個服務阻斷漏洞,亞馬遜、臉書、蘋果、微軟全遭殃
https://www.ithome.com.tw/news/132414
8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks
https://thehackernews.com/2019/08/http2-dos-vulnerability.html
New HTTP/2 Flaws Expose Unpatched Web Servers to DoS Attacks
https://www.bleepingcomputer.com/news/security/new-http-2-flaws-expose-unpatched-web-servers-to-dos-attacks/
1.重大弱點漏洞/後門/Exploit/Zero Day
Steam驚爆安全漏洞 逾1億玩家恐受影響
https://newtalk.tw/news/view/2019-08-11/284396
托最新藍牙漏洞的“福”,我險些把小電影和賬戶密碼親手給黑客
https://tech.ifeng.com/c/7p8gRStrlcA
JVNVU#90240762 Bluetooth BR/EDR での暗号鍵エントロピーのネゴシエーションにおける問題
https://jvn.jp/vu/JVNVU90240762/
賽門鐵克防毒軟體和Windows SHA-2不相容,微軟暫停更新
https://www.ithome.com.tw/news/132435
Kasper-Spy: Kaspersky Anti-Virus puts users at risk
https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html
Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online
https://thehackernews.com/2019/08/kaspersky-antivirus-online-tracking.html
Trend Micro fixes privilege escalation security flaw in Password Manager
https://www.zdnet.com/article/trend-micro-fixes-hijack-security-flaw-in-password-manager/#ftag=RSSbaffb68
Trend Micro Password Manager - Privilege Escalation to SYSTEM
https://safebreach.com/Post/Trend-Micro-Password-Manager-Privilege-Escalation-to-SYSTEM
HTTP/2含有多個服務阻斷漏洞,亞馬遜、臉書、蘋果、微軟全遭殃
https://www.ithome.com.tw/news/132414
8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks
https://thehackernews.com/2019/08/http2-dos-vulnerability.html
New HTTP/2 Flaws Expose Unpatched Web Servers to DoS Attacks
https://www.bleepingcomputer.com/news/security/new-http-2-flaws-expose-unpatched-web-servers-to-dos-attacks/
2019年8月9日 星期五
資安事件新聞週報 2019/8/5 ~ 2019/8/9
資安事件新聞週報 2019/8/5 ~ 2019/8/9
1.重大弱點漏洞/後門/Exploit/Zero Day
PuTTY繼0.71版本修正8個高風險漏洞後,再次更新0.72版本
http://bit.ly/2YDMIM5
修補 Fortigate SSL VPN Web門戶中的不正當授權漏洞
https://ithelp.ithome.com.tw/articles/10212691
研究者警告:眾多Jira伺服器的錯誤配置,讓員工及專案資訊全曝光
https://www.ithome.com.tw/news/132265
研究人員發現可劫持數百萬Android裝置的高通晶片漏洞
https://www.ithome.com.tw/news/132291
DRAGONBLOOD新漏洞劫持WPA3密碼
https://www.4hou.com/vulnerable/19554.html
IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10960159
https://www-01.ibm.com/support/docview.wss?uid=ibm10888425
NVIDIA Patches High Severity Flaws in Windows GPU Display Driver
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/
NVIDIA顯卡驅動被曝5個高危漏洞官方建議升級最新版
http://www.elecfans.com/emb/dsp/201908041031073.html
VMWare 產品多個漏洞
https://www.vmware.com/security/advisories/VMSA-2019-0012.html
1.重大弱點漏洞/後門/Exploit/Zero Day
PuTTY繼0.71版本修正8個高風險漏洞後,再次更新0.72版本
http://bit.ly/2YDMIM5
修補 Fortigate SSL VPN Web門戶中的不正當授權漏洞
https://ithelp.ithome.com.tw/articles/10212691
研究者警告:眾多Jira伺服器的錯誤配置,讓員工及專案資訊全曝光
https://www.ithome.com.tw/news/132265
研究人員發現可劫持數百萬Android裝置的高通晶片漏洞
https://www.ithome.com.tw/news/132291
DRAGONBLOOD新漏洞劫持WPA3密碼
https://www.4hou.com/vulnerable/19554.html
IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10960159
https://www-01.ibm.com/support/docview.wss?uid=ibm10888425
NVIDIA Patches High Severity Flaws in Windows GPU Display Driver
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/
NVIDIA顯卡驅動被曝5個高危漏洞官方建議升級最新版
http://www.elecfans.com/emb/dsp/201908041031073.html
VMWare 產品多個漏洞
https://www.vmware.com/security/advisories/VMSA-2019-0012.html
2019年8月2日 星期五
資安事件新聞週報 2019/7/29 ~ 2019/8/2
資安事件新聞週報 2019/7/29 ~ 2019/8/2
1.重大弱點漏洞/後門/Exploit/Zero Day
Critical Flaws in 'OXID eShop' Software Expose eCommerce Sites to Hacking
https://thehackernews.com/2019/07/oxid-eshop-ecommerce.html
LibreOffice 遠端執行任意程式碼漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-9848
Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery
https://www.exploit-db.com/exploits/47203
Oracle WebLogic遠程命令執行漏洞預警
http://www.oracle-training.cc/jiaocheng/8267850.html
JVNVU#99222951 Oracle Solaris における任意のコード実行の脆弱性
https://jvn.jp/vu/JVNVU99222951/
Symantec Endpoint Protection 提升權限漏洞
https://support.symantec.com/us/en/article.SYMSA1487.html
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-16-090
https://fortiguard.com/psirt/FG-IR-19-111
1.重大弱點漏洞/後門/Exploit/Zero Day
Critical Flaws in 'OXID eShop' Software Expose eCommerce Sites to Hacking
https://thehackernews.com/2019/07/oxid-eshop-ecommerce.html
LibreOffice 遠端執行任意程式碼漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-9848
Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery
https://www.exploit-db.com/exploits/47203
Oracle WebLogic遠程命令執行漏洞預警
http://www.oracle-training.cc/jiaocheng/8267850.html
JVNVU#99222951 Oracle Solaris における任意のコード実行の脆弱性
https://jvn.jp/vu/JVNVU99222951/
Symantec Endpoint Protection 提升權限漏洞
https://support.symantec.com/us/en/article.SYMSA1487.html
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-16-090
https://fortiguard.com/psirt/FG-IR-19-111
2019年7月26日 星期五
資安事件新聞週報 2019/7/22 ~ 2019/7/26
資安事件新聞週報 2019/7/22 ~ 2019/7/26
1.重大弱點漏洞/後門/Exploit/Zero Day
為何漏洞修補會成為企業的一項挑戰?談虛擬修補( Virtual Patching)
https://blog.trendmicro.com.tw/?p=61059
新版 Chrome 讓網站無法檢測到用戶是否在使用隱身模式
http://chinese.engadget.com/2019/07/19/chrome-76-to-stop-private-browsing-checks/
RDP Bug Takes New Approach to Host Compromise
https://www.darkreading.com/risk/rdp-bug-takes-new-approach-to-host-compromise/d/d-id/1335297
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-19-144
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-16-090
https://fortiguard.com/psirt/FG-IR-19-111
IBM QRadar SIEM 跨站請求偽造漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4212
1.重大弱點漏洞/後門/Exploit/Zero Day
為何漏洞修補會成為企業的一項挑戰?談虛擬修補( Virtual Patching)
https://blog.trendmicro.com.tw/?p=61059
新版 Chrome 讓網站無法檢測到用戶是否在使用隱身模式
http://chinese.engadget.com/2019/07/19/chrome-76-to-stop-private-browsing-checks/
RDP Bug Takes New Approach to Host Compromise
https://www.darkreading.com/risk/rdp-bug-takes-new-approach-to-host-compromise/d/d-id/1335297
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-19-144
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-16-090
https://fortiguard.com/psirt/FG-IR-19-111
IBM QRadar SIEM 跨站請求偽造漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4212
2019年7月19日 星期五
資安事件新聞週報 2019/7/15 ~ 2019/7/19
資安事件新聞週報 2019/7/15 ~ 2019/7/19
1.重大弱點漏洞/後門/Exploit/Zero Day
NetApp 阻斷服務漏洞
https://security.netapp.com/advisory/ntap-20190715-0001/
Palo Alto PAN-OS 多個漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/155
https://securityadvisories.paloaltonetworks.com/Home/Detail/156
https://securityadvisories.paloaltonetworks.com/Home/Detail/157
Sprint發布安全漏洞警告:黑客通過三星網站竊取用戶敏感數據
https://finance.ifeng.com/c/7oNcPBGrCGe
Sprint:三星網站害用戶帳號遭駭、資料曝光
https://www.ithome.com.tw/news/131878
藍牙裝置漏洞可用來追蹤iOS/Mac、Windows 10裝置、Fitbit用戶位置
https://www.ithome.com.tw/news/131907
Oracle Critical Patch Update Advisory - July 2019
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Palo Alto GlobalProtect 資安通報
https://devco.re/blog/2019/07/17/Palo-Alto-GlobalProtect-advisory/
羅技舊款Unifying無線產品爆漏洞 疑遭駭客安裝惡意軟體
https://udn.com/news/story/7087/3934932
羅技無線接收器再現漏洞,攻擊者可輕易通過其控制他人電腦
https://www.expreview.com/69456.html
羅技 Unifying 接收器可能被駭客入侵,同時羅技有漏洞的舊款滑鼠也依在市場銷售
https://www.cool3c.com/article/146051
羅技無線設備出現4個安全漏洞,羅技官方只會修復一半
http://www.udaxia.com/xtzx/18896.html
1.重大弱點漏洞/後門/Exploit/Zero Day
NetApp 阻斷服務漏洞
https://security.netapp.com/advisory/ntap-20190715-0001/
Palo Alto PAN-OS 多個漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/155
https://securityadvisories.paloaltonetworks.com/Home/Detail/156
https://securityadvisories.paloaltonetworks.com/Home/Detail/157
Sprint發布安全漏洞警告:黑客通過三星網站竊取用戶敏感數據
https://finance.ifeng.com/c/7oNcPBGrCGe
Sprint:三星網站害用戶帳號遭駭、資料曝光
https://www.ithome.com.tw/news/131878
藍牙裝置漏洞可用來追蹤iOS/Mac、Windows 10裝置、Fitbit用戶位置
https://www.ithome.com.tw/news/131907
Oracle Critical Patch Update Advisory - July 2019
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Palo Alto GlobalProtect 資安通報
https://devco.re/blog/2019/07/17/Palo-Alto-GlobalProtect-advisory/
羅技舊款Unifying無線產品爆漏洞 疑遭駭客安裝惡意軟體
https://udn.com/news/story/7087/3934932
羅技無線接收器再現漏洞,攻擊者可輕易通過其控制他人電腦
https://www.expreview.com/69456.html
羅技 Unifying 接收器可能被駭客入侵,同時羅技有漏洞的舊款滑鼠也依在市場銷售
https://www.cool3c.com/article/146051
羅技無線設備出現4個安全漏洞,羅技官方只會修復一半
http://www.udaxia.com/xtzx/18896.html
2019年7月12日 星期五
資安事件新聞週報 2019/7/8 ~ 2019/7/12
資安事件新聞週報 2019/7/8 ~ 2019/7/12
1.重大弱點漏洞/後門/Exploit/Zero Day
安全公告:LEN-27828 Intel PROSet/Wireless WiFi Software 漏洞
http://iknow.lenovo.com/detail/dc_183380.html
Juniper Junos OS 多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10938
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10940
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10942
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10946
Lodash 嚴重安全漏洞背後你不得不知道的JavaScript 知識
https://juejin.im/post/5d271332f265da1b934e2d48
Lodash庫爆出嚴重安全漏洞,波及400萬+項目
https://mp.weixin.qq.com/s/tfZq2PZylGfMjOp8h8eeTw
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/47111
知名飯店Kiosk系統漏洞讓後台資料庫憑證曝險,可致客戶資料被竊
https://ithome.com.tw/news/131809
Jira Server and Data Center Update Patches Critical Vulnerability
https://www.bleepingcomputer.com/news/security/jira-server-and-data-center-update-patches-critical-vulnerability/
JIRA Security Advisory 2019-07-10
https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html
Bad McAfee Exploit Prevention Update Blocked Windows Logins
https://www.bleepingcomputer.com/news/security/bad-mcafee-exploit-prevention-update-blocked-windows-logins/
1.重大弱點漏洞/後門/Exploit/Zero Day
安全公告:LEN-27828 Intel PROSet/Wireless WiFi Software 漏洞
http://iknow.lenovo.com/detail/dc_183380.html
Juniper Junos OS 多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10938
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10940
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10942
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10946
Lodash 嚴重安全漏洞背後你不得不知道的JavaScript 知識
https://juejin.im/post/5d271332f265da1b934e2d48
Lodash庫爆出嚴重安全漏洞,波及400萬+項目
https://mp.weixin.qq.com/s/tfZq2PZylGfMjOp8h8eeTw
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/47111
知名飯店Kiosk系統漏洞讓後台資料庫憑證曝險,可致客戶資料被竊
https://ithome.com.tw/news/131809
Jira Server and Data Center Update Patches Critical Vulnerability
https://www.bleepingcomputer.com/news/security/jira-server-and-data-center-update-patches-critical-vulnerability/
JIRA Security Advisory 2019-07-10
https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html
Bad McAfee Exploit Prevention Update Blocked Windows Logins
https://www.bleepingcomputer.com/news/security/bad-mcafee-exploit-prevention-update-blocked-windows-logins/
2019年7月5日 星期五
資安事件新聞週報 2019/7/1 ~ 2019/7/5
資安事件新聞週報 2019/7/1 ~ 2019/7/5
1.重大弱點漏洞/後門/Exploit/Zero Day
PlayStation Network 存在安全性漏洞,駭客可繞過驗證盜刷信用卡
https://www.kocpc.com.tw/archives/267793
Palo Alto PAN-OS 阻斷攻擊漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/151
Ubuntu 內核阻斷攻擊漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2378/
Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)
https://www.exploit-db.com/exploits/47073
Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit)
https://www.exploit-db.com/exploits/47039
Fortinet FCM-MB40 - Cross-Site Request Forgery / Remote Command Execution
https://www.exploit-db.com/exploits/47033
Symantec DLP 15.5 MP1 - Cross-Site Scripting
https://www.exploit-db.com/exploits/47071
McAfee ePolicy Orchestrator 多個漏洞
http://bit.ly/2JhMfLb
IBM InfoSphere Information Server 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4371
IBM WebSphere Application Server 資料洩露漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-4269
IBM WebSphere Application Server 阻斷攻擊漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10875692
IBM Patches Critical, High-Severity Flaws in Spectrum Protect
https://threatpost.com/ibm-patches-critical-high-severity-flaws-in-spectrum-protect/146201/
1.重大弱點漏洞/後門/Exploit/Zero Day
PlayStation Network 存在安全性漏洞,駭客可繞過驗證盜刷信用卡
https://www.kocpc.com.tw/archives/267793
Palo Alto PAN-OS 阻斷攻擊漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/151
Ubuntu 內核阻斷攻擊漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2378/
Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)
https://www.exploit-db.com/exploits/47073
Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit)
https://www.exploit-db.com/exploits/47039
Fortinet FCM-MB40 - Cross-Site Request Forgery / Remote Command Execution
https://www.exploit-db.com/exploits/47033
Symantec DLP 15.5 MP1 - Cross-Site Scripting
https://www.exploit-db.com/exploits/47071
McAfee ePolicy Orchestrator 多個漏洞
http://bit.ly/2JhMfLb
IBM InfoSphere Information Server 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4371
IBM WebSphere Application Server 資料洩露漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-4269
IBM WebSphere Application Server 阻斷攻擊漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10875692
IBM Patches Critical, High-Severity Flaws in Spectrum Protect
https://threatpost.com/ibm-patches-critical-high-severity-flaws-in-spectrum-protect/146201/
2019年6月28日 星期五
資安事件新聞週報 2019/6/24 ~ 2019/6/28
資安事件新聞週報 2019/6/24 ~ 2019/6/28
1.重大弱點漏洞/後門/Exploit/Zero Day
Samba 產品存在安全性弱點 CVE-2019-12435
https://www.samba.org/samba/security/CVE-2019-12435.html
TP-Link 路由器多個漏洞 CVE-2018-16119
https://nvd.nist.gov/vuln/detail/CVE-2018-16119
SAPIDO RB-1732 - Remote Command Execution
https://www.exploit-db.com/exploits/47031
Fortinet FCM-MB40 - Cross-Site Request Forgery / Remote Command Execution
https://www.exploit-db.com/exploits/47033
修補漏洞優先順序及效率研究
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16256
Exim存在遠端指令執行漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16257
UNC Path Injection with Microsoft Access
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unc-path-injection-with-microsoft-access/
Oracle 發布安全更新 CVE-2019-2729
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html#AppendixFMW
Oracle WebLogic伺服器存在安全漏洞(CVE-2019-2725與CVE-2019-2729)
http://net.nthu.edu.tw/netsys/mailing:announcement:20190621_01
f5 -- big-ip_access_policy_manager CVSS V3 7.8
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-11477
1.重大弱點漏洞/後門/Exploit/Zero Day
Samba 產品存在安全性弱點 CVE-2019-12435
https://www.samba.org/samba/security/CVE-2019-12435.html
TP-Link 路由器多個漏洞 CVE-2018-16119
https://nvd.nist.gov/vuln/detail/CVE-2018-16119
SAPIDO RB-1732 - Remote Command Execution
https://www.exploit-db.com/exploits/47031
Fortinet FCM-MB40 - Cross-Site Request Forgery / Remote Command Execution
https://www.exploit-db.com/exploits/47033
修補漏洞優先順序及效率研究
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16256
Exim存在遠端指令執行漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16257
UNC Path Injection with Microsoft Access
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unc-path-injection-with-microsoft-access/
Oracle 發布安全更新 CVE-2019-2729
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html#AppendixFMW
Oracle WebLogic伺服器存在安全漏洞(CVE-2019-2725與CVE-2019-2729)
http://net.nthu.edu.tw/netsys/mailing:announcement:20190621_01
f5 -- big-ip_access_policy_manager CVSS V3 7.8
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-11477
2019年6月21日 星期五
資安事件新聞週報 2019/6/17 ~ 2019/6/21
資安事件新聞週報 2019/6/17 ~ 2019/6/21
1.重大弱點漏洞/後門/Exploit/Zero Day
GCHQ的漏洞裁定流程
https://www.xianjivr.com/news/46587.html
Netflix揭露FreeBSD與Linux核心漏洞
https://www.ithome.com.tw/news/131329
美國情治單位成功測試利用 BlueKeep 漏洞,於目標電腦上執行任意程式碼
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=875
售至全球50個國家的醫療用輸液幫浦含有遠端攻擊漏洞
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=30648
Critical remote execution flaw lurks in TP-Link Wi-Fi Extenders
https://www.zdnet.com/article/critical-remote-execution-flaw-lurks-in-tp-link-wi-fi-extenders/#ftag=RSSbaffb68
Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control
https://securityintelligence.com/posts/critical-rce-vulnerability-in-tp-link-wi-fi-extenders-can-grant-attackers-remote-control/
TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479
https://access.redhat.com/security/vulnerabilities/tcpsack
Disgruntled security firm discloses zero-days in Facebook's WordPress plugins
https://www.zdnet.com/article/disgruntled-security-firm-discloses-zero-days-in-facebooks-wordpress-plugins/#ftag=RSSbaffb68
New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now
https://thehackernews.com/2019/06/oracle-weblogic-vulnerability.html
1.重大弱點漏洞/後門/Exploit/Zero Day
GCHQ的漏洞裁定流程
https://www.xianjivr.com/news/46587.html
Netflix揭露FreeBSD與Linux核心漏洞
https://www.ithome.com.tw/news/131329
美國情治單位成功測試利用 BlueKeep 漏洞,於目標電腦上執行任意程式碼
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=875
售至全球50個國家的醫療用輸液幫浦含有遠端攻擊漏洞
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=30648
Critical remote execution flaw lurks in TP-Link Wi-Fi Extenders
https://www.zdnet.com/article/critical-remote-execution-flaw-lurks-in-tp-link-wi-fi-extenders/#ftag=RSSbaffb68
Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control
https://securityintelligence.com/posts/critical-rce-vulnerability-in-tp-link-wi-fi-extenders-can-grant-attackers-remote-control/
TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479
https://access.redhat.com/security/vulnerabilities/tcpsack
Disgruntled security firm discloses zero-days in Facebook's WordPress plugins
https://www.zdnet.com/article/disgruntled-security-firm-discloses-zero-days-in-facebooks-wordpress-plugins/#ftag=RSSbaffb68
New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now
https://thehackernews.com/2019/06/oracle-weblogic-vulnerability.html
2019年6月14日 星期五
資安事件新聞週報 2019/6/10 ~ 2019/6/14
資安事件新聞週報 2019/6/10 ~ 2019/6/14
1.重大弱點漏洞/後門/Exploit/Zero Day
VMware 發布新的安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0009.html
Xen 阻斷服務漏洞
https://xenbits.xen.org/xsa/advisory-295.html
D-Link 連網監視攝影機被爆資安漏洞,駭客可取得影像內容
https://blog.twnic.net.tw/2019/06/13/3991/
TP-Link 路由器多個漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-6989
Facebook CDN系统中的文件下载漏洞
http://521.li/post/872.html
Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
https://www.exploit-db.com/exploits/46967
phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/
校園英聽教材互動廣播系統 存在 資料庫注入攻擊 漏洞
https://www.kl.edu.tw/v7/eduweb/index.php?func=edu_msg&edumsg_id=68985
eClass平台 存在 任意檔案下載 漏洞,請盡速確認並進行修補作業
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=3003
Yubico生產的USB安全金鑰裝置也傳臭蟲,將免費換新
https://www.ithome.com.tw/news/131273
1.重大弱點漏洞/後門/Exploit/Zero Day
VMware 發布新的安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0009.html
Xen 阻斷服務漏洞
https://xenbits.xen.org/xsa/advisory-295.html
D-Link 連網監視攝影機被爆資安漏洞,駭客可取得影像內容
https://blog.twnic.net.tw/2019/06/13/3991/
TP-Link 路由器多個漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-6989
Facebook CDN系统中的文件下载漏洞
http://521.li/post/872.html
Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
https://www.exploit-db.com/exploits/46967
phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/
校園英聽教材互動廣播系統 存在 資料庫注入攻擊 漏洞
https://www.kl.edu.tw/v7/eduweb/index.php?func=edu_msg&edumsg_id=68985
eClass平台 存在 任意檔案下載 漏洞,請盡速確認並進行修補作業
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=3003
Yubico生產的USB安全金鑰裝置也傳臭蟲,將免費換新
https://www.ithome.com.tw/news/131273
2019年6月7日 星期五
資安事件新聞週報 2019/6/3 ~ 2019/6/7
資安事件新聞週報 2019/6/3 ~ 2019/6/7
1.重大弱點漏洞/後門/Exploit/Zero Day
Zimbra Collaboration Suite 信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15131
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
https://packetstormsecurity.com/files/153144/zyxelp660hn-bypass.txt
Fortinet產品存在多個漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1440
phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/
New RCE vulnerability impacts nearly half of the internet's email servers
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/#ftag=RSSbaffb68
Huawei P30和Huawei P30 Pro 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5307
京晨科技(NUUO Inc.)網路監控錄影系統(Network Video Recorder, NVR)存在安全漏洞(CVE-2019-9653)
http://net.nthu.edu.tw/2009/mailing:announcement:20190606_01
Apache Jenkins Exploited to Mine Monero Cryptocurrency
https://medium.com/pwnpizza/apache-jenkins-exploited-to-mine-monero-cryptocurrency-dc9a7281c663
Google研究人員發現微軟記事本漏洞
https://www.ithome.com.tw/news/131044
文本編輯器Vim/Neovim被曝任意代碼執行漏洞,含POC
http://bit.ly/2JZrMft
1.重大弱點漏洞/後門/Exploit/Zero Day
Zimbra Collaboration Suite 信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15131
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
https://packetstormsecurity.com/files/153144/zyxelp660hn-bypass.txt
Fortinet產品存在多個漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1440
phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/
New RCE vulnerability impacts nearly half of the internet's email servers
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/#ftag=RSSbaffb68
Huawei P30和Huawei P30 Pro 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5307
京晨科技(NUUO Inc.)網路監控錄影系統(Network Video Recorder, NVR)存在安全漏洞(CVE-2019-9653)
http://net.nthu.edu.tw/2009/mailing:announcement:20190606_01
Apache Jenkins Exploited to Mine Monero Cryptocurrency
https://medium.com/pwnpizza/apache-jenkins-exploited-to-mine-monero-cryptocurrency-dc9a7281c663
Google研究人員發現微軟記事本漏洞
https://www.ithome.com.tw/news/131044
文本編輯器Vim/Neovim被曝任意代碼執行漏洞,含POC
http://bit.ly/2JZrMft
2019年6月6日 星期四
CISSP Standby
XOR - Exclusive OR - If x equals 1 or y equals 1, then the output is 1. If neither x nor y equals 1, then the output is 0.
What Boolean function returns a true value when only one of the input values is true?
What Boolean function returns a true value when only one of the input values is true?
2019年6月4日 星期二
EC-Council IH Standby
Evidence is clear and understandable
Believable
The Analysis, Response and Coordination of all identified vulnerabilities of a system
Vulnerability Handling
Details the characteristics and related information of a policy. Is a policy clear, concise, usable and sufficient?
Policy Attributes
The least harmful incident, should be fixed within one business day. Blocked attacks, quarantined virus, out of date signatures, AUP misuse, or user account breach
Low Level Incident
Acceptable or valid, especially as evidence in a court of law.
Admissible
Evidence is real and related to the incident.
Authentic
Believable
The Analysis, Response and Coordination of all identified vulnerabilities of a system
Vulnerability Handling
Details the characteristics and related information of a policy. Is a policy clear, concise, usable and sufficient?
Policy Attributes
The least harmful incident, should be fixed within one business day. Blocked attacks, quarantined virus, out of date signatures, AUP misuse, or user account breach
Low Level Incident
Acceptable or valid, especially as evidence in a court of law.
Admissible
Evidence is real and related to the incident.
Authentic
2019年5月31日 星期五
資安事件新聞週報 2019/5/27 ~ 2019/5/31
資安事件新聞週報 2019/5/27 ~ 2019/5/31
1.重大弱點漏洞/後門/Exploit/Zero Day
Apple電腦存在重大漏洞 惡意程式可被輕鬆安裝
http://bit.ly/2W4fHfr
FreeBSD rtld execl權限提升漏洞
http://www.cnvd.org.cn/patchInfo/show/162201
Fortinet 產品多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.1899/
Fortinet FortiOS 授權問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13382
Docker 漏洞允許攻擊者獲得主機root 訪問權限
https://www.solidot.org/story?sid=60807
Researcher Describes Docker Vulnerability
https://www.bankinfosecurity.com/researcher-describes-docker-vulnerability-a-12535
隱私瀏覽器DuckDuckGo爆出漏洞,可導致URL欺騙攻擊
https://read01.com/AzNdky5.html
兆芯發布關於Zombie Load漏洞的聲明
https://xueqiu.com/9983210953/127543310
谷歌安全研究人員發現Notepad的代碼執行漏洞
https://nosec.org/home/detail/2687.html
Synology-SA-19:25 Virtual Machine Manager存在安全漏洞,請儘速確認並進行更新
http://www.cpcm.pu.edu.tw/app/news.php?Sn=139
研究人員發現可繞過Gatekeeper安全機制的macOS漏洞
https://ithome.com.tw/news/130908
大疆無人機有漏洞 專家:你可劫持它
http://bit.ly/2QCN42R
1.重大弱點漏洞/後門/Exploit/Zero Day
Apple電腦存在重大漏洞 惡意程式可被輕鬆安裝
http://bit.ly/2W4fHfr
FreeBSD rtld execl權限提升漏洞
http://www.cnvd.org.cn/patchInfo/show/162201
Fortinet 產品多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.1899/
Fortinet FortiOS 授權問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13382
Docker 漏洞允許攻擊者獲得主機root 訪問權限
https://www.solidot.org/story?sid=60807
Researcher Describes Docker Vulnerability
https://www.bankinfosecurity.com/researcher-describes-docker-vulnerability-a-12535
隱私瀏覽器DuckDuckGo爆出漏洞,可導致URL欺騙攻擊
https://read01.com/AzNdky5.html
兆芯發布關於Zombie Load漏洞的聲明
https://xueqiu.com/9983210953/127543310
谷歌安全研究人員發現Notepad的代碼執行漏洞
https://nosec.org/home/detail/2687.html
Synology-SA-19:25 Virtual Machine Manager存在安全漏洞,請儘速確認並進行更新
http://www.cpcm.pu.edu.tw/app/news.php?Sn=139
研究人員發現可繞過Gatekeeper安全機制的macOS漏洞
https://ithome.com.tw/news/130908
大疆無人機有漏洞 專家:你可劫持它
http://bit.ly/2QCN42R
2019年5月24日 星期五
資安事件新聞週報 2019/5/20 ~ 2019/5/24
資安事件新聞週報 2019/5/20 ~ 2019/5/24
1.重大弱點漏洞/後門/Exploit/Zero Day
Fortinet FortiClient 遠端執行任意程式碼漏洞 CVE-2019-5589
https://fortiguard.com/psirt/FG-IR-19-060
Fortinet FortiOS 緩衝區錯誤漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13381
Fortinet FortiOS VM 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5587
多款Huawei S系列交換機安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5285
揭秘“0 day漏洞”:一款強大卻脆弱的武器
https://www.4hou.com/vulnerable/18116.html
Some Elasticsearch security features are now free for everyone
https://www.zdnet.com/article/some-elasticsearch-security-features-are-now-free-for-everyone/#ftag=RSSbaffb68
McAfee 產品多個漏洞
https://kc.mcafee.com/corporate/index?page=content&id=SB10282
https://kc.mcafee.com/corporate/index?page=content&id=SB10280
女黑客SandboxEscaper又曝光4個Windows 10零日漏洞
https://www.sohu.com/a/316244133_223764?sec=wd
專家促微軟用戶修補遠端漏洞 警告黑客或發動蠕蟲攻擊
http://bit.ly/2HzCve0
最新 Windows 10 0-Day 漏洞在推特上出現,可執行任意檔案
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=856
1.重大弱點漏洞/後門/Exploit/Zero Day
Fortinet FortiClient 遠端執行任意程式碼漏洞 CVE-2019-5589
https://fortiguard.com/psirt/FG-IR-19-060
Fortinet FortiOS 緩衝區錯誤漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13381
Fortinet FortiOS VM 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5587
多款Huawei S系列交換機安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5285
揭秘“0 day漏洞”:一款強大卻脆弱的武器
https://www.4hou.com/vulnerable/18116.html
Some Elasticsearch security features are now free for everyone
https://www.zdnet.com/article/some-elasticsearch-security-features-are-now-free-for-everyone/#ftag=RSSbaffb68
McAfee 產品多個漏洞
https://kc.mcafee.com/corporate/index?page=content&id=SB10282
https://kc.mcafee.com/corporate/index?page=content&id=SB10280
女黑客SandboxEscaper又曝光4個Windows 10零日漏洞
https://www.sohu.com/a/316244133_223764?sec=wd
專家促微軟用戶修補遠端漏洞 警告黑客或發動蠕蟲攻擊
http://bit.ly/2HzCve0
最新 Windows 10 0-Day 漏洞在推特上出現,可執行任意檔案
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=856
2019年5月17日 星期五
資安事件新聞週報 2019/5/13 ~ 2019/5/17
資安事件新聞週報 2019/5/13 ~ 2019/5/17
1.重大弱點漏洞/後門/Exploit/Zero Day
Fortinet FortiSandbox跨站腳本漏洞 CVE-2018-1356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1356
GPS追蹤器的安全漏洞將允許駭客得知用戶位置或竊聽
https://www.ithome.com.tw/news/130585
Titan藍牙硬體金鑰有安全漏洞,Google將免費換新
https://ithome.com.tw/news/130673
WordPress網站的安全漏洞有98%來自外掛程式
https://www.ithome.com.tw/news/130713
VMWare 產品權限提升漏洞
https://www.us-cert.gov/ncas/current-activity/2019/05/14/VMware-Releases-Security-Updates
Toshiba 和 Brother 印表機Web Services列印存在安全漏洞
https://net.nthu.edu.tw/netsys/mailing:announcement:20190515_02
Coros announces VERTIX GPS adventure watch: 45-day battery life and extreme operating profile
https://www.zdnet.com/article/coros-announces-vertix-gps-adventure-watch-45-day-battery-life-and-extreme-operating-profile/#ftag=RSSbaffb68
HAProxy 安全漏洞 CVE-2019-11323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11323
1.重大弱點漏洞/後門/Exploit/Zero Day
Fortinet FortiSandbox跨站腳本漏洞 CVE-2018-1356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1356
GPS追蹤器的安全漏洞將允許駭客得知用戶位置或竊聽
https://www.ithome.com.tw/news/130585
Titan藍牙硬體金鑰有安全漏洞,Google將免費換新
https://ithome.com.tw/news/130673
WordPress網站的安全漏洞有98%來自外掛程式
https://www.ithome.com.tw/news/130713
VMWare 產品權限提升漏洞
https://www.us-cert.gov/ncas/current-activity/2019/05/14/VMware-Releases-Security-Updates
Toshiba 和 Brother 印表機Web Services列印存在安全漏洞
https://net.nthu.edu.tw/netsys/mailing:announcement:20190515_02
Coros announces VERTIX GPS adventure watch: 45-day battery life and extreme operating profile
https://www.zdnet.com/article/coros-announces-vertix-gps-adventure-watch-45-day-battery-life-and-extreme-operating-profile/#ftag=RSSbaffb68
HAProxy 安全漏洞 CVE-2019-11323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11323
2019年5月10日 星期五
資安事件新聞週報 2019/5/6 ~ 2019/5/10
資安事件新聞週報 2019/5/6 ~ 2019/5/10
1.重大弱點漏洞/後門/Exploit/Zero Day
八種無線演示系統中的關鍵漏洞
https://www.chainnews.com/articles/111363306365.htm
Dell 預載軟體成為 PC 被駭的後門
https://chinese.engadget.com/2019/05/04/supportassist-dell-vulnerability-windows/
安全研究人員發現戴爾支持助手客戶端存在安全漏洞會引發遠程攻擊
https://www.landiannews.com/archives/58210.html
Office 2016更新臭蟲引發當機,遭微軟緊急撤除
https://www.ithome.com.tw/news/130505?fbclid=IwAR1Q5Dpo1wj_lF95EFYrGqzbb0u9bJu3yG7-UoeARiAB1VAXNAcxQ1Y_zxU
華碩與技嘉的驅動程式遭爆含有權限擴張漏洞
https://0nion.com/article/27466
Jenkins外掛存在安全漏洞,衍生密碼外洩或跨站攻擊風險
https://www.ithome.com.tw/news/130412
Jenkins外掛程序存在安全漏洞,有資料外洩和跨網站攻擊等風險
http://www.twoeggz.com/news/14467228.html
黑客三年來一直向APT組織提供微軟零日漏洞
http://521.li/post/628.html
1.重大弱點漏洞/後門/Exploit/Zero Day
八種無線演示系統中的關鍵漏洞
https://www.chainnews.com/articles/111363306365.htm
Dell 預載軟體成為 PC 被駭的後門
https://chinese.engadget.com/2019/05/04/supportassist-dell-vulnerability-windows/
安全研究人員發現戴爾支持助手客戶端存在安全漏洞會引發遠程攻擊
https://www.landiannews.com/archives/58210.html
Office 2016更新臭蟲引發當機,遭微軟緊急撤除
https://www.ithome.com.tw/news/130505?fbclid=IwAR1Q5Dpo1wj_lF95EFYrGqzbb0u9bJu3yG7-UoeARiAB1VAXNAcxQ1Y_zxU
華碩與技嘉的驅動程式遭爆含有權限擴張漏洞
https://0nion.com/article/27466
Jenkins外掛存在安全漏洞,衍生密碼外洩或跨站攻擊風險
https://www.ithome.com.tw/news/130412
Jenkins外掛程序存在安全漏洞,有資料外洩和跨網站攻擊等風險
http://www.twoeggz.com/news/14467228.html
黑客三年來一直向APT組織提供微軟零日漏洞
http://521.li/post/628.html
2019年5月3日 星期五
資安事件新聞週報 2019/4/29 ~ 2019/5/3
資安事件新聞週報 2019/4/29 ~ 2019/5/3
1.重大弱點漏洞
Symantec 產品多個漏洞
https://www.auscert.org.au/bulletins/79594
Fortinet FortiManager 洩露敏感資料漏洞
https://www.auscert.org.au/bulletins/79762
思科修補Nexus 9000網路交換器重大漏洞
https://www.ithome.com.tw/news/130397
New Exploits for Unsecure SAP Systems
https://www.us-cert.gov/ncas/alerts/AA19-122A
九成SAP用戶權限沒關好!13年前問題設定恐讓駭客任意存取App
https://www.ithome.com.tw/news/122772
Memcached 阻斷攻擊漏洞
https://github.com/memcached/memcached/wiki/ReleaseNotes1514
CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting
https://www.exploit-db.com/exploits/46784
思科產品多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/05/01/Cisco-Releases-Security-Updates
D-Link camera vulnerability allows attackers to tap into the video stream
https://www.welivesecurity.com/2019/05/02/d-link-camera-vulnerability-video-stream/
Netgear DGN2200 / DGND3700 - Admin Password Disclosure
https://www.exploit-db.com/exploits/46764
Dell laptops and computers vulnerable to remote hijacks
https://www.zdnet.com/article/dell-laptops-and-computers-vulnerable-to-remote-hijacks/#ftag=RSSbaffb68
Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking
http://bit.ly/2J1Wt3p
Dell電腦內建支援軟體含有遠端攻擊漏洞
https://www.ithome.com.tw/news/130381
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
https://www.dell.com/support/article/tw/zh/twbsd1/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en
Dell Remote Code Execution Demo
https://www.youtube.com/watch?time_continue=28&v=0cTfnZ04jgQ
Oracle WebLogic Server傳零時差漏洞,已遭開採植入勒索軟體、挖礦程式
https://www.ithome.com.tw/news/130363
Oracle WebLogic Server 存在反序列化弱點,可能導致遠端執行任意程式碼
https://www.us-cert.gov/ncas/current-activity/2019/04/26/Oracle-Releases-Security-Alert
Recent Oracle WebLogic zero-day used to infect servers with ransomware
https://www.zdnet.com/article/recent-oracle-weblogic-zero-day-used-to-infect-servers-with-ransomware/#ftag=RSSbaffb68
Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware
http://bit.ly/2vzaRHv
1.重大弱點漏洞
Symantec 產品多個漏洞
https://www.auscert.org.au/bulletins/79594
Fortinet FortiManager 洩露敏感資料漏洞
https://www.auscert.org.au/bulletins/79762
思科修補Nexus 9000網路交換器重大漏洞
https://www.ithome.com.tw/news/130397
New Exploits for Unsecure SAP Systems
https://www.us-cert.gov/ncas/alerts/AA19-122A
九成SAP用戶權限沒關好!13年前問題設定恐讓駭客任意存取App
https://www.ithome.com.tw/news/122772
Memcached 阻斷攻擊漏洞
https://github.com/memcached/memcached/wiki/ReleaseNotes1514
CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting
https://www.exploit-db.com/exploits/46784
思科產品多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/05/01/Cisco-Releases-Security-Updates
D-Link camera vulnerability allows attackers to tap into the video stream
https://www.welivesecurity.com/2019/05/02/d-link-camera-vulnerability-video-stream/
Netgear DGN2200 / DGND3700 - Admin Password Disclosure
https://www.exploit-db.com/exploits/46764
Dell laptops and computers vulnerable to remote hijacks
https://www.zdnet.com/article/dell-laptops-and-computers-vulnerable-to-remote-hijacks/#ftag=RSSbaffb68
Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking
http://bit.ly/2J1Wt3p
Dell電腦內建支援軟體含有遠端攻擊漏洞
https://www.ithome.com.tw/news/130381
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
https://www.dell.com/support/article/tw/zh/twbsd1/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en
Dell Remote Code Execution Demo
https://www.youtube.com/watch?time_continue=28&v=0cTfnZ04jgQ
Oracle WebLogic Server傳零時差漏洞,已遭開採植入勒索軟體、挖礦程式
https://www.ithome.com.tw/news/130363
Oracle WebLogic Server 存在反序列化弱點,可能導致遠端執行任意程式碼
https://www.us-cert.gov/ncas/current-activity/2019/04/26/Oracle-Releases-Security-Alert
Recent Oracle WebLogic zero-day used to infect servers with ransomware
https://www.zdnet.com/article/recent-oracle-weblogic-zero-day-used-to-infect-servers-with-ransomware/#ftag=RSSbaffb68
Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware
http://bit.ly/2vzaRHv
2019年4月26日 星期五
資安事件新聞週報 2019/4/22 ~ 2019/4/26
資安事件新聞週報 2019/4/22 ~ 2019/4/26
1.重大弱點漏洞
CVE-2019-3799:spring-cloud-config-server目錄遍歷漏洞警告
https://www.linuxidc.com/Linux/2019-04/158191.htm
jQuery 的“原型污染”安全漏洞
https://www.oschina.net/news/106124/jquery-impacted-by-prototype-pollution-flaw
Symantec 產品多個漏洞
https://www.auscert.org.au/bulletins/79594
Google Android System信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2021
Google Chrome 74 released with Dark Mode support for Windows users
https://www.zdnet.com/article/google-chrome-74-released-with-dark-mode-support-for-windows-users/#ftag=RSSbaffb68
CyberDairy Solutions SQLi
https://www.anquanke.com/vul/id/1576754
D-Link DI-524跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11017
甲骨文 WebLogic 遠端執行程式碼漏洞
https://www.zdnet.com/article/new-oracle-weblogic-zero-day-discovered-in-the-wild/
Oracle MySQL Server拒絕服務漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2634
Oracle WebLogic Deserialization RCE Vulnerability (0day) Alert
http://bit.ly/2vikKch
關於Oracle WebLogic反序列化遠程命令執行漏洞的預警通報
https://news.163.com/19/0425/18/EDKL1D32000189FH.html
New Oracle WebLogic zero-day discovered in the wild
https://www.zdnet.com/article/new-oracle-weblogic-zero-day-discovered-in-the-wild/#ftag=RSSbaffb68
[KnownSec 404 Team] Oracle WebLogic Deserialization RCE Vulnerability (0day) Alert
https://medium.com/@knownseczoomeye/knownsec-404-team-oracle-weblogic-deserialization-rce-vulnerability-0day-alert-90dd9a79ae93
Oracle WebLogic多個安全漏洞預警
http://www.twoeggz.com/news/14304046.html
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal
https://www.exploit-db.com/exploits/46728
Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection
https://www.exploit-db.com/exploits/46729
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4
https://www.exploit-db.com/exploits/46722
1.重大弱點漏洞
CVE-2019-3799:spring-cloud-config-server目錄遍歷漏洞警告
https://www.linuxidc.com/Linux/2019-04/158191.htm
jQuery 的“原型污染”安全漏洞
https://www.oschina.net/news/106124/jquery-impacted-by-prototype-pollution-flaw
Symantec 產品多個漏洞
https://www.auscert.org.au/bulletins/79594
Google Android System信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2021
Google Chrome 74 released with Dark Mode support for Windows users
https://www.zdnet.com/article/google-chrome-74-released-with-dark-mode-support-for-windows-users/#ftag=RSSbaffb68
CyberDairy Solutions SQLi
https://www.anquanke.com/vul/id/1576754
D-Link DI-524跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11017
甲骨文 WebLogic 遠端執行程式碼漏洞
https://www.zdnet.com/article/new-oracle-weblogic-zero-day-discovered-in-the-wild/
Oracle MySQL Server拒絕服務漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2634
Oracle WebLogic Deserialization RCE Vulnerability (0day) Alert
http://bit.ly/2vikKch
關於Oracle WebLogic反序列化遠程命令執行漏洞的預警通報
https://news.163.com/19/0425/18/EDKL1D32000189FH.html
New Oracle WebLogic zero-day discovered in the wild
https://www.zdnet.com/article/new-oracle-weblogic-zero-day-discovered-in-the-wild/#ftag=RSSbaffb68
[KnownSec 404 Team] Oracle WebLogic Deserialization RCE Vulnerability (0day) Alert
https://medium.com/@knownseczoomeye/knownsec-404-team-oracle-weblogic-deserialization-rce-vulnerability-0day-alert-90dd9a79ae93
Oracle WebLogic多個安全漏洞預警
http://www.twoeggz.com/news/14304046.html
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal
https://www.exploit-db.com/exploits/46728
Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection
https://www.exploit-db.com/exploits/46729
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4
https://www.exploit-db.com/exploits/46722
2019年4月19日 星期五
資安事件新聞週報 2019/4/15 ~ 2019/4/19
資安事件新聞週報 2019/4/15 ~ 2019/4/19
1.重大弱點漏洞
阿里巴巴被發現了一個可以繞過WAF的漏洞
https://nosec.org/home/detail/2483.html
中國蟻劍被曝XSS 漏洞,可導致遠程命令執行
http://www.sohu.com/a/307475721_354899?sec=wd
Electronic Arts修補含有遠端程式攻擊漏洞的客戶端程式
https://www.ithome.com.tw/news/130052
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
https://www.exploit-db.com/exploits/46706
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
https://www.exploit-db.com/exploits/46693
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://www.exploit-db.com/exploits/46688
卡巴斯基實驗室:win32k.sys又曝出了新的零日漏洞
https://nosec.org/home/detail/2490.html
New zero-day vulnerability CVE-2019-0859 in win32k.sys
https://securelist.com/new-win32k-zero-day-cve-2019-0859/90435/
Shimo VPN 輸入驗證錯誤漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4009
Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN's helper tool
https://blog.talosintelligence.com/2019/04/vulnerability-spotlight-multiple.html
甲骨文每季修補又來了,這次補297個漏洞
https://www.ithome.com.tw/news/130078
甲骨文產品多個漏洞
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Weblogic反序列化遠程代碼執行漏洞
http://www.cnvd.org.cn/webinfo/show/4989
漏洞預警:WebLogic Blind XXE漏洞預警
http://nic.jiangnan.edu.cn/info/1046/2515.htm
1.重大弱點漏洞
阿里巴巴被發現了一個可以繞過WAF的漏洞
https://nosec.org/home/detail/2483.html
中國蟻劍被曝XSS 漏洞,可導致遠程命令執行
http://www.sohu.com/a/307475721_354899?sec=wd
Electronic Arts修補含有遠端程式攻擊漏洞的客戶端程式
https://www.ithome.com.tw/news/130052
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
https://www.exploit-db.com/exploits/46706
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
https://www.exploit-db.com/exploits/46693
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://www.exploit-db.com/exploits/46688
卡巴斯基實驗室:win32k.sys又曝出了新的零日漏洞
https://nosec.org/home/detail/2490.html
New zero-day vulnerability CVE-2019-0859 in win32k.sys
https://securelist.com/new-win32k-zero-day-cve-2019-0859/90435/
Shimo VPN 輸入驗證錯誤漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4009
Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN's helper tool
https://blog.talosintelligence.com/2019/04/vulnerability-spotlight-multiple.html
甲骨文每季修補又來了,這次補297個漏洞
https://www.ithome.com.tw/news/130078
甲骨文產品多個漏洞
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Weblogic反序列化遠程代碼執行漏洞
http://www.cnvd.org.cn/webinfo/show/4989
漏洞預警:WebLogic Blind XXE漏洞預警
http://nic.jiangnan.edu.cn/info/1046/2515.htm
2019年4月12日 星期五
資安事件新聞週報 2019/4/8 ~ 2019/4/12
資安事件新聞週報 2019/4/8 ~ 2019/4/12
1.重大弱點漏洞
多個虛擬私人網絡應用程式未經加密儲存暫存 cookies 漏洞
https://kb.cert.org/vuls/id/192371/
CloudBees Jenkins信息洩露漏洞
https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089
Juniper 產品多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
Dell Networking OS10密鑰管理錯誤漏洞
https://www.dell.com/support/article/SLN316558/
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://www.exploit-db.com/exploits/46688
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting
https://www.exploit-db.com/exploits/46669
KindEditor上傳漏洞導致近百個黨政網站植入
http://www.52rkl.cn/xinwenzatan/040X245502019.html
TP-LINK路由器緩衝區溢出0 day 漏洞
https://www.4hou.com/vulnerable/17280.html
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
https://www.exploit-db.com/exploits/46678
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting
https://www.exploit-db.com/exploits/46687
QNAP Netatalk < 3.1.12 - Authentication Bypass
https://www.exploit-db.com/exploits/46675
關於Tenda AC系列路由器緩衝區溢出漏洞的情況通報
https://www.secrss.com/articles/9787
1.重大弱點漏洞
多個虛擬私人網絡應用程式未經加密儲存暫存 cookies 漏洞
https://kb.cert.org/vuls/id/192371/
CloudBees Jenkins信息洩露漏洞
https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089
Juniper 產品多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
Dell Networking OS10密鑰管理錯誤漏洞
https://www.dell.com/support/article/SLN316558/
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://www.exploit-db.com/exploits/46688
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting
https://www.exploit-db.com/exploits/46669
KindEditor上傳漏洞導致近百個黨政網站植入
http://www.52rkl.cn/xinwenzatan/040X245502019.html
TP-LINK路由器緩衝區溢出0 day 漏洞
https://www.4hou.com/vulnerable/17280.html
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
https://www.exploit-db.com/exploits/46678
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting
https://www.exploit-db.com/exploits/46687
QNAP Netatalk < 3.1.12 - Authentication Bypass
https://www.exploit-db.com/exploits/46675
關於Tenda AC系列路由器緩衝區溢出漏洞的情況通報
https://www.secrss.com/articles/9787
2019年4月5日 星期五
資安事件新聞週報 2019/4/1 ~ 2019/4/5
資安事件新聞週報 2019/4/1 ~ 2019/4/5
1.重大弱點漏洞
WinRAR Zero-day Abused in Multiple Campaigns
https://www.fireeye.com/blog/threat-research/2019/03/winrar-zero-day-abused-in-multiple-campaigns.html
新披露Jenkins RCE 漏洞成ImposterMiner 挖礦木馬新" 跳板"
https://www.chainnews.com/articles/931620544952.htm
因配置失誤超過1.3萬 iSCSI 存儲集群暴露在網路上
https://www.zdnet.com/article/over-13k-iscsi-storage-clusters-left-exposed-online-without-a-password/
甲骨文「通知」用戶付費取得Java 8安全修補程式,否則小心被駭
https://www.ithome.com.tw/news/129726
研究人員:HTTPS不如你想的安全,5.5%含有TLS漏洞
https://www.ithome.com.tw/news/129684
PuTTY 多個漏洞
https://thehackernews.com/2019/03/putty-software-hacking.html
Windows 10 收到奇怪的通知訊息?不是中毒,只是微軟不小心誤發的 Bug
https://www.kocpc.com.tw/archives/252222
微軟警告Windows 7用戶:安全更新即將結束
https://fnc.ebc.net.tw/FncNews/else/74214
Windows 10 1809進一步全面釋出
https://www.ithome.com.tw/news/129656
Microsoft Office Access Connectivity Engine遠程代碼執行漏洞
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2019-0748
Microsoft Windows Kernel信息洩露漏洞
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0755
Improving the Windows 10 update experience with control, quality and transparency
https://bit.ly/2VsbI88
Microsoft Edge and Internet Explorer Zero-Days Allow Access to Confidential Session Data
https://bit.ly/2G2qKw0
Windows 10 Home edition users are big winners as Microsoft overhauls its update process
https://zd.net/2VnVLQt
Microsoft is making big Windows 10 update changes starting with the May 2019 release
https://zd.net/2uKVoUp
去年10個最常被駭客開採的漏洞中,有8個是微軟漏洞
https://www.ithome.com.tw/news/129487
1.重大弱點漏洞
WinRAR Zero-day Abused in Multiple Campaigns
https://www.fireeye.com/blog/threat-research/2019/03/winrar-zero-day-abused-in-multiple-campaigns.html
新披露Jenkins RCE 漏洞成ImposterMiner 挖礦木馬新" 跳板"
https://www.chainnews.com/articles/931620544952.htm
因配置失誤超過1.3萬 iSCSI 存儲集群暴露在網路上
https://www.zdnet.com/article/over-13k-iscsi-storage-clusters-left-exposed-online-without-a-password/
甲骨文「通知」用戶付費取得Java 8安全修補程式,否則小心被駭
https://www.ithome.com.tw/news/129726
研究人員:HTTPS不如你想的安全,5.5%含有TLS漏洞
https://www.ithome.com.tw/news/129684
PuTTY 多個漏洞
https://thehackernews.com/2019/03/putty-software-hacking.html
Windows 10 收到奇怪的通知訊息?不是中毒,只是微軟不小心誤發的 Bug
https://www.kocpc.com.tw/archives/252222
微軟警告Windows 7用戶:安全更新即將結束
https://fnc.ebc.net.tw/FncNews/else/74214
Windows 10 1809進一步全面釋出
https://www.ithome.com.tw/news/129656
Microsoft Office Access Connectivity Engine遠程代碼執行漏洞
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2019-0748
Microsoft Windows Kernel信息洩露漏洞
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0755
Improving the Windows 10 update experience with control, quality and transparency
https://bit.ly/2VsbI88
Microsoft Edge and Internet Explorer Zero-Days Allow Access to Confidential Session Data
https://bit.ly/2G2qKw0
Windows 10 Home edition users are big winners as Microsoft overhauls its update process
https://zd.net/2VnVLQt
Microsoft is making big Windows 10 update changes starting with the May 2019 release
https://zd.net/2uKVoUp
去年10個最常被駭客開採的漏洞中,有8個是微軟漏洞
https://www.ithome.com.tw/news/129487
2019年3月29日 星期五
資安事件新聞週報 2019/3/25 ~ 2019/3/29
資安事件新聞週報 2019/3/25 ~ 2019/3/29
1.重大弱點漏洞
Drupal 存在安全性弱點
https://www.drupal.org/sa-core-2019-004
思科修補產品重大RCE漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16219
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=50#~Vulnerabilities
Windows 10 與 Windows Server 2019 DHCP 存有可遠端執行程式碼的漏洞
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5087
Mozilla Firefox瀏覽器存在安全漏洞(CVE-2019-9810與CVE-2019-9813)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1098
Mozilla Firefox瀏覽器存在安全漏洞,允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5089
Apache Solr存在安全漏洞(CVE-2019-0192)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1096
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
https://www.exploit-db.com/exploits/46595
Apache Tomcat 阻斷服務漏洞
https://www.auscert.org.au/bulletins/77766
PuTTY存在多個安全性漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1430
研究發現羅技M185等熱門無線鼠標易受到MouseJack漏洞攻擊
https://bit.ly/2HJAnSk
1.重大弱點漏洞
Drupal 存在安全性弱點
https://www.drupal.org/sa-core-2019-004
思科修補產品重大RCE漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16219
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=50#~Vulnerabilities
Windows 10 與 Windows Server 2019 DHCP 存有可遠端執行程式碼的漏洞
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5087
Mozilla Firefox瀏覽器存在安全漏洞(CVE-2019-9810與CVE-2019-9813)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1098
Mozilla Firefox瀏覽器存在安全漏洞,允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5089
Apache Solr存在安全漏洞(CVE-2019-0192)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1096
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
https://www.exploit-db.com/exploits/46595
Apache Tomcat 阻斷服務漏洞
https://www.auscert.org.au/bulletins/77766
PuTTY存在多個安全性漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1430
研究發現羅技M185等熱門無線鼠標易受到MouseJack漏洞攻擊
https://bit.ly/2HJAnSk
2019年3月23日 星期六
資安事件新聞週報 2019/3/18 ~ 2019/3/22
資安事件新聞週報 2019/3/18 ~ 2019/3/22
1.重大弱點漏洞
BurpSuite曝出疑似Windows下的提權漏洞
https://nosec.org/home/detail/2346.html
富士通無線鍵盤漏洞將允許遠端駭客接管系統
https://www.ithome.com.tw/news/129438
VMWare Workstation 提升權限漏洞
https://www.us-cert.gov/ncas/current-activity/2019/03/15/VMware-Releases-Security-Updates-Workstation-and-Horizon
CVE-2018-7117: A Somewhat Accidental XSS in HPE iLO
https://bit.ly/2ud0Yi0
PuTTY 多個漏洞
https://thehackernews.com/2019/03/putty-software-hacking.html
Cisco 多個產品存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-sip
Oracle MySQL Server組件拒絕服務漏洞
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Oracle MySQL Server組件未授權操作漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3066
McAfee 發現超過 100 起針對 WinRAR 上 19 年漏洞的攻擊
https://chinese.engadget.com/2019/03/16/winrar-bug-malware/
Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates
https://bit.ly/2HrAHoR
'100 unique exploits and counting' for latest WinRAR security bug
https://www.zdnet.com/article/100-unique-exploits-and-counting-for-latest-winrar-security-bug/#ftag=RSSbaffb68
1.重大弱點漏洞
BurpSuite曝出疑似Windows下的提權漏洞
https://nosec.org/home/detail/2346.html
富士通無線鍵盤漏洞將允許遠端駭客接管系統
https://www.ithome.com.tw/news/129438
VMWare Workstation 提升權限漏洞
https://www.us-cert.gov/ncas/current-activity/2019/03/15/VMware-Releases-Security-Updates-Workstation-and-Horizon
CVE-2018-7117: A Somewhat Accidental XSS in HPE iLO
https://bit.ly/2ud0Yi0
PuTTY 多個漏洞
https://thehackernews.com/2019/03/putty-software-hacking.html
Cisco 多個產品存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-sip
Oracle MySQL Server組件拒絕服務漏洞
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Oracle MySQL Server組件未授權操作漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3066
McAfee 發現超過 100 起針對 WinRAR 上 19 年漏洞的攻擊
https://chinese.engadget.com/2019/03/16/winrar-bug-malware/
Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates
https://bit.ly/2HrAHoR
'100 unique exploits and counting' for latest WinRAR security bug
https://www.zdnet.com/article/100-unique-exploits-and-counting-for-latest-winrar-security-bug/#ftag=RSSbaffb68
2019年3月15日 星期五
資安事件新聞週報 2019/3/11 ~ 2019/3/15
資安事件新聞週報 2019/3/11 ~ 2019/3/15
1.重大弱點漏洞
F5 BIG-IP 安全漏洞 CVE-2019-6598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6598
Checkpoint Zonealarm CVE-2018-8790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-8790
NetApp Service Processor 遠端執行程式碼漏洞
https://security.netapp.com/advisory/ntap-20190305-0001/
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/46538
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
https://www.exploit-db.com/exploits/46527
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
https://www.exploit-db.com/exploits/46522
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
IBM DB2 提升權限漏洞
https://www.auscert.org.au/bulletins/77042
1.重大弱點漏洞
F5 BIG-IP 安全漏洞 CVE-2019-6598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6598
Checkpoint Zonealarm CVE-2018-8790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-8790
NetApp Service Processor 遠端執行程式碼漏洞
https://security.netapp.com/advisory/ntap-20190305-0001/
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/46538
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
https://www.exploit-db.com/exploits/46527
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
https://www.exploit-db.com/exploits/46522
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
IBM DB2 提升權限漏洞
https://www.auscert.org.au/bulletins/77042
2019年3月8日 星期五
資安事件新聞週報 2019/3/4 ~ 2019/3/8
資安事件新聞週報 2019/3/4 ~ 2019/3/8
1.重大弱點漏洞
NetApp SnapCenter Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15515
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
https://www.exploit-db.com/exploits/46509
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
部份單位「學生出入校園管理系統」存在資料庫注入攻擊漏洞
https://cert.tanet.edu.tw/images/20190306.jpg
Android TV 隱私出大包 暫停 Google Photos 連動,曝露數百帳號與資料圖片
https://www.kocpc.com.tw/archives/246931
Fortinet 產品FortiOS(5.6.0)等多個漏洞
https://www.auscert.org.au/bulletins/76446
https://www.auscert.org.au/bulletins/76450
Wireshark Radiotap解析器拒絕服務漏洞
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
IBM WebSphere Application Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4030
Xen 多個漏洞
https://www.auscert.org.au/bulletins/76554
https://www.auscert.org.au/bulletins/76550
X-Force Red在五大訪客管理系統發現19個安全漏洞
https://www.ithome.com.tw/news/129108
自動化的資安隱憂,訪客系統成竊取資料的熱點
http://technews.tw/2019/03/05/the-security-concerns-of-automation-visitor-system-might-be-the-hot-spot-of-data-thief/
Google 又在 Apple 推出修補前公開了一個 Mac 上嚴重的安全漏洞
https://chinese.engadget.com/2019/03/05/google-discloses-high-severity-mac-security-flaw/
1.重大弱點漏洞
NetApp SnapCenter Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15515
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
https://www.exploit-db.com/exploits/46509
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
部份單位「學生出入校園管理系統」存在資料庫注入攻擊漏洞
https://cert.tanet.edu.tw/images/20190306.jpg
Android TV 隱私出大包 暫停 Google Photos 連動,曝露數百帳號與資料圖片
https://www.kocpc.com.tw/archives/246931
Fortinet 產品FortiOS(5.6.0)等多個漏洞
https://www.auscert.org.au/bulletins/76446
https://www.auscert.org.au/bulletins/76450
Wireshark Radiotap解析器拒絕服務漏洞
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
IBM WebSphere Application Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4030
Xen 多個漏洞
https://www.auscert.org.au/bulletins/76554
https://www.auscert.org.au/bulletins/76550
X-Force Red在五大訪客管理系統發現19個安全漏洞
https://www.ithome.com.tw/news/129108
自動化的資安隱憂,訪客系統成竊取資料的熱點
http://technews.tw/2019/03/05/the-security-concerns-of-automation-visitor-system-might-be-the-hot-spot-of-data-thief/
Google 又在 Apple 推出修補前公開了一個 Mac 上嚴重的安全漏洞
https://chinese.engadget.com/2019/03/05/google-discloses-high-severity-mac-security-flaw/
2019年3月3日 星期日
中國製產品資安事件錄
## 中國製產品資安事件錄
Key Word:華為、Huawei、中興、ZTE、小米、Xiaomi、紅米、Redmi、大江、Dji、雄邁、聯想、大華、TVT Digital
# 2013年
驚爆全球三分之一手機 潛藏中共監控危險 2013-01-02
http://www.epochtimes.com/b5/13/1/2/n3766904.htm
# 2014年
多款Huawei產品安全漏洞 2014/12/24
https://www.huawei.com/en/psirt/security-advisories/hw-408141
家用路由器常用的嵌入式軟體傳漏洞,1200萬台裝置有被駭危險 2014/12/19
https://www.ithome.com.tw/news/93121
NCC:12款有資安疑慮 2014/12/5
https://www.chinatimes.com/newspapers/20141205000145-260204
Sony Z3有問題? 資料自動連中國 2014/11/1
https://bit.ly/1qectLl
小米將把中國海外用戶資料移出北京 2014/10/27
https://www.ithome.com.tw/news/91903
小米機沒SIM卡 資料仍傳大陸 2014/10/2
https://www.chinatimes.com/newspapers/20141002000029-260202
國產路由器開「後門」 「看」你上網 2014/9/3
https://www.ntdtv.com/b5/2014/09/03/a1135313.html
又出事! 中國 Router 被測出故意「後門常開」可偷私隱 2014/8/30
https://unwire.hk/2014/08/30/china-router-backdoor/wireless-home/
趨勢科技警告:中國 Netis路由器有後門 2014/8/28
https://www.ithome.com.tw/news/90484
小米洩個資 華為:嚴格把關 2014/8/14
https://www.chinatimes.com/realtimenews/20140814004373-260410
中國黑心軟體攻臺,政府怎能放任 2014/8/11
https://www.ithome.com.tw/voice/89993
Key Word:華為、Huawei、中興、ZTE、小米、Xiaomi、紅米、Redmi、大江、Dji、雄邁、聯想、大華、TVT Digital
# 2013年
驚爆全球三分之一手機 潛藏中共監控危險 2013-01-02
http://www.epochtimes.com/b5/13/1/2/n3766904.htm
# 2014年
多款Huawei產品安全漏洞 2014/12/24
https://www.huawei.com/en/psirt/security-advisories/hw-408141
家用路由器常用的嵌入式軟體傳漏洞,1200萬台裝置有被駭危險 2014/12/19
https://www.ithome.com.tw/news/93121
NCC:12款有資安疑慮 2014/12/5
https://www.chinatimes.com/newspapers/20141205000145-260204
Sony Z3有問題? 資料自動連中國 2014/11/1
https://bit.ly/1qectLl
小米將把中國海外用戶資料移出北京 2014/10/27
https://www.ithome.com.tw/news/91903
小米機沒SIM卡 資料仍傳大陸 2014/10/2
https://www.chinatimes.com/newspapers/20141002000029-260202
國產路由器開「後門」 「看」你上網 2014/9/3
https://www.ntdtv.com/b5/2014/09/03/a1135313.html
又出事! 中國 Router 被測出故意「後門常開」可偷私隱 2014/8/30
https://unwire.hk/2014/08/30/china-router-backdoor/wireless-home/
趨勢科技警告:中國 Netis路由器有後門 2014/8/28
https://www.ithome.com.tw/news/90484
小米洩個資 華為:嚴格把關 2014/8/14
https://www.chinatimes.com/realtimenews/20140814004373-260410
中國黑心軟體攻臺,政府怎能放任 2014/8/11
https://www.ithome.com.tw/voice/89993
訂閱:
文章 (Atom)