資安事件新聞週報 2019/3/25 ~ 2019/3/29
1.重大弱點漏洞
Drupal 存在安全性弱點
https://www.drupal.org/sa-core-2019-004
思科修補產品重大RCE漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16219
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=50#~Vulnerabilities
Windows 10 與 Windows Server 2019 DHCP 存有可遠端執行程式碼的漏洞
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5087
Mozilla Firefox瀏覽器存在安全漏洞(CVE-2019-9810與CVE-2019-9813)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1098
Mozilla Firefox瀏覽器存在安全漏洞,允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5089
Apache Solr存在安全漏洞(CVE-2019-0192)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1096
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
https://www.exploit-db.com/exploits/46595
Apache Tomcat 阻斷服務漏洞
https://www.auscert.org.au/bulletins/77766
PuTTY存在多個安全性漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1430
研究發現羅技M185等熱門無線鼠標易受到MouseJack漏洞攻擊
https://bit.ly/2HJAnSk
2019年3月29日 星期五
2019年3月23日 星期六
資安事件新聞週報 2019/3/18 ~ 2019/3/22
資安事件新聞週報 2019/3/18 ~ 2019/3/22
1.重大弱點漏洞
BurpSuite曝出疑似Windows下的提權漏洞
https://nosec.org/home/detail/2346.html
富士通無線鍵盤漏洞將允許遠端駭客接管系統
https://www.ithome.com.tw/news/129438
VMWare Workstation 提升權限漏洞
https://www.us-cert.gov/ncas/current-activity/2019/03/15/VMware-Releases-Security-Updates-Workstation-and-Horizon
CVE-2018-7117: A Somewhat Accidental XSS in HPE iLO
https://bit.ly/2ud0Yi0
PuTTY 多個漏洞
https://thehackernews.com/2019/03/putty-software-hacking.html
Cisco 多個產品存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-sip
Oracle MySQL Server組件拒絕服務漏洞
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Oracle MySQL Server組件未授權操作漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3066
McAfee 發現超過 100 起針對 WinRAR 上 19 年漏洞的攻擊
https://chinese.engadget.com/2019/03/16/winrar-bug-malware/
Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates
https://bit.ly/2HrAHoR
'100 unique exploits and counting' for latest WinRAR security bug
https://www.zdnet.com/article/100-unique-exploits-and-counting-for-latest-winrar-security-bug/#ftag=RSSbaffb68
1.重大弱點漏洞
BurpSuite曝出疑似Windows下的提權漏洞
https://nosec.org/home/detail/2346.html
富士通無線鍵盤漏洞將允許遠端駭客接管系統
https://www.ithome.com.tw/news/129438
VMWare Workstation 提升權限漏洞
https://www.us-cert.gov/ncas/current-activity/2019/03/15/VMware-Releases-Security-Updates-Workstation-and-Horizon
CVE-2018-7117: A Somewhat Accidental XSS in HPE iLO
https://bit.ly/2ud0Yi0
PuTTY 多個漏洞
https://thehackernews.com/2019/03/putty-software-hacking.html
Cisco 多個產品存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-sip
Oracle MySQL Server組件拒絕服務漏洞
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Oracle MySQL Server組件未授權操作漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3066
McAfee 發現超過 100 起針對 WinRAR 上 19 年漏洞的攻擊
https://chinese.engadget.com/2019/03/16/winrar-bug-malware/
Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates
https://bit.ly/2HrAHoR
'100 unique exploits and counting' for latest WinRAR security bug
https://www.zdnet.com/article/100-unique-exploits-and-counting-for-latest-winrar-security-bug/#ftag=RSSbaffb68
2019年3月15日 星期五
資安事件新聞週報 2019/3/11 ~ 2019/3/15
資安事件新聞週報 2019/3/11 ~ 2019/3/15
1.重大弱點漏洞
F5 BIG-IP 安全漏洞 CVE-2019-6598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6598
Checkpoint Zonealarm CVE-2018-8790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-8790
NetApp Service Processor 遠端執行程式碼漏洞
https://security.netapp.com/advisory/ntap-20190305-0001/
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/46538
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
https://www.exploit-db.com/exploits/46527
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
https://www.exploit-db.com/exploits/46522
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
IBM DB2 提升權限漏洞
https://www.auscert.org.au/bulletins/77042
1.重大弱點漏洞
F5 BIG-IP 安全漏洞 CVE-2019-6598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6598
Checkpoint Zonealarm CVE-2018-8790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-8790
NetApp Service Processor 遠端執行程式碼漏洞
https://security.netapp.com/advisory/ntap-20190305-0001/
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/46538
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
https://www.exploit-db.com/exploits/46527
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
https://www.exploit-db.com/exploits/46522
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
IBM DB2 提升權限漏洞
https://www.auscert.org.au/bulletins/77042
2019年3月8日 星期五
資安事件新聞週報 2019/3/4 ~ 2019/3/8
資安事件新聞週報 2019/3/4 ~ 2019/3/8
1.重大弱點漏洞
NetApp SnapCenter Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15515
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
https://www.exploit-db.com/exploits/46509
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
部份單位「學生出入校園管理系統」存在資料庫注入攻擊漏洞
https://cert.tanet.edu.tw/images/20190306.jpg
Android TV 隱私出大包 暫停 Google Photos 連動,曝露數百帳號與資料圖片
https://www.kocpc.com.tw/archives/246931
Fortinet 產品FortiOS(5.6.0)等多個漏洞
https://www.auscert.org.au/bulletins/76446
https://www.auscert.org.au/bulletins/76450
Wireshark Radiotap解析器拒絕服務漏洞
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
IBM WebSphere Application Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4030
Xen 多個漏洞
https://www.auscert.org.au/bulletins/76554
https://www.auscert.org.au/bulletins/76550
X-Force Red在五大訪客管理系統發現19個安全漏洞
https://www.ithome.com.tw/news/129108
自動化的資安隱憂,訪客系統成竊取資料的熱點
http://technews.tw/2019/03/05/the-security-concerns-of-automation-visitor-system-might-be-the-hot-spot-of-data-thief/
Google 又在 Apple 推出修補前公開了一個 Mac 上嚴重的安全漏洞
https://chinese.engadget.com/2019/03/05/google-discloses-high-severity-mac-security-flaw/
1.重大弱點漏洞
NetApp SnapCenter Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15515
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
https://www.exploit-db.com/exploits/46509
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
部份單位「學生出入校園管理系統」存在資料庫注入攻擊漏洞
https://cert.tanet.edu.tw/images/20190306.jpg
Android TV 隱私出大包 暫停 Google Photos 連動,曝露數百帳號與資料圖片
https://www.kocpc.com.tw/archives/246931
Fortinet 產品FortiOS(5.6.0)等多個漏洞
https://www.auscert.org.au/bulletins/76446
https://www.auscert.org.au/bulletins/76450
Wireshark Radiotap解析器拒絕服務漏洞
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
IBM WebSphere Application Server 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4030
Xen 多個漏洞
https://www.auscert.org.au/bulletins/76554
https://www.auscert.org.au/bulletins/76550
X-Force Red在五大訪客管理系統發現19個安全漏洞
https://www.ithome.com.tw/news/129108
自動化的資安隱憂,訪客系統成竊取資料的熱點
http://technews.tw/2019/03/05/the-security-concerns-of-automation-visitor-system-might-be-the-hot-spot-of-data-thief/
Google 又在 Apple 推出修補前公開了一個 Mac 上嚴重的安全漏洞
https://chinese.engadget.com/2019/03/05/google-discloses-high-severity-mac-security-flaw/
2019年3月3日 星期日
中國製產品資安事件錄
## 中國製產品資安事件錄
Key Word:華為、Huawei、中興、ZTE、小米、Xiaomi、紅米、Redmi、大江、Dji、雄邁、聯想、大華、TVT Digital
# 2013年
驚爆全球三分之一手機 潛藏中共監控危險 2013-01-02
http://www.epochtimes.com/b5/13/1/2/n3766904.htm
# 2014年
多款Huawei產品安全漏洞 2014/12/24
https://www.huawei.com/en/psirt/security-advisories/hw-408141
家用路由器常用的嵌入式軟體傳漏洞,1200萬台裝置有被駭危險 2014/12/19
https://www.ithome.com.tw/news/93121
NCC:12款有資安疑慮 2014/12/5
https://www.chinatimes.com/newspapers/20141205000145-260204
Sony Z3有問題? 資料自動連中國 2014/11/1
https://bit.ly/1qectLl
小米將把中國海外用戶資料移出北京 2014/10/27
https://www.ithome.com.tw/news/91903
小米機沒SIM卡 資料仍傳大陸 2014/10/2
https://www.chinatimes.com/newspapers/20141002000029-260202
國產路由器開「後門」 「看」你上網 2014/9/3
https://www.ntdtv.com/b5/2014/09/03/a1135313.html
又出事! 中國 Router 被測出故意「後門常開」可偷私隱 2014/8/30
https://unwire.hk/2014/08/30/china-router-backdoor/wireless-home/
趨勢科技警告:中國 Netis路由器有後門 2014/8/28
https://www.ithome.com.tw/news/90484
小米洩個資 華為:嚴格把關 2014/8/14
https://www.chinatimes.com/realtimenews/20140814004373-260410
中國黑心軟體攻臺,政府怎能放任 2014/8/11
https://www.ithome.com.tw/voice/89993
Key Word:華為、Huawei、中興、ZTE、小米、Xiaomi、紅米、Redmi、大江、Dji、雄邁、聯想、大華、TVT Digital
# 2013年
驚爆全球三分之一手機 潛藏中共監控危險 2013-01-02
http://www.epochtimes.com/b5/13/1/2/n3766904.htm
# 2014年
多款Huawei產品安全漏洞 2014/12/24
https://www.huawei.com/en/psirt/security-advisories/hw-408141
家用路由器常用的嵌入式軟體傳漏洞,1200萬台裝置有被駭危險 2014/12/19
https://www.ithome.com.tw/news/93121
NCC:12款有資安疑慮 2014/12/5
https://www.chinatimes.com/newspapers/20141205000145-260204
Sony Z3有問題? 資料自動連中國 2014/11/1
https://bit.ly/1qectLl
小米將把中國海外用戶資料移出北京 2014/10/27
https://www.ithome.com.tw/news/91903
小米機沒SIM卡 資料仍傳大陸 2014/10/2
https://www.chinatimes.com/newspapers/20141002000029-260202
國產路由器開「後門」 「看」你上網 2014/9/3
https://www.ntdtv.com/b5/2014/09/03/a1135313.html
又出事! 中國 Router 被測出故意「後門常開」可偷私隱 2014/8/30
https://unwire.hk/2014/08/30/china-router-backdoor/wireless-home/
趨勢科技警告:中國 Netis路由器有後門 2014/8/28
https://www.ithome.com.tw/news/90484
小米洩個資 華為:嚴格把關 2014/8/14
https://www.chinatimes.com/realtimenews/20140814004373-260410
中國黑心軟體攻臺,政府怎能放任 2014/8/11
https://www.ithome.com.tw/voice/89993
2019年3月1日 星期五
資安事件新聞週報 2019/2/25 ~ 2019/3/1
資安事件新聞週報 2019/2/25 ~ 2019/3/1
1.重大弱點漏洞
Avast:數位家庭最容易有漏洞的裝置是印表機、網路裝置及監視器
https://ithome.com.tw/news/128997
F5 BIG-IP Access Policy Manager 跨站腳本漏洞 CVE-2019-6595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6595
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT
https://www.exploit-db.com/exploits/46444
報告:前十大熱門Docker映像檔都有至少30個以上的漏洞
https://www.ithome.com.tw/news/129018
有攻擊者正利用Chrome的0day漏洞偷取他人信息
https://nosec.org/home/detail/2294.html
Chrome瀏覽器被曝存在漏洞攻擊者可通過PDF收集用戶信息
http://www.sohu.com/a/298175326_114774?sec=wd
Google Chrome zero-day used in the wild to collect user data via PDF files
https://www.zdnet.com/article/google-chrome-zero-day-used-in-the-wild-to-collect-user-data-via-pdf-files/#ftag=RSSbaffb68
Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
https://bit.ly/2H4ZAWr
研究人員揭露大批Thunderclap安全漏洞,允許惡意周邊裝置竊取記憶體機密資訊
https://www.ithome.com.tw/news/129021
新發現的thunderclap 漏洞允許黑客使用Thunderbolt/USB-C 外設攻擊PC
http://hackernews.cc/archives/24946
Thunderbolt的漏洞給黑客大開方便之門
https://www.easyaq.com/news/1927126943.shtml
Supermicro伺服器元件漏洞可使IBM雲端伺服器被植入後門
https://www.ithome.com.tw/news/129001
1.重大弱點漏洞
Avast:數位家庭最容易有漏洞的裝置是印表機、網路裝置及監視器
https://ithome.com.tw/news/128997
F5 BIG-IP Access Policy Manager 跨站腳本漏洞 CVE-2019-6595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6595
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT
https://www.exploit-db.com/exploits/46444
報告:前十大熱門Docker映像檔都有至少30個以上的漏洞
https://www.ithome.com.tw/news/129018
有攻擊者正利用Chrome的0day漏洞偷取他人信息
https://nosec.org/home/detail/2294.html
Chrome瀏覽器被曝存在漏洞攻擊者可通過PDF收集用戶信息
http://www.sohu.com/a/298175326_114774?sec=wd
Google Chrome zero-day used in the wild to collect user data via PDF files
https://www.zdnet.com/article/google-chrome-zero-day-used-in-the-wild-to-collect-user-data-via-pdf-files/#ftag=RSSbaffb68
Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
https://bit.ly/2H4ZAWr
研究人員揭露大批Thunderclap安全漏洞,允許惡意周邊裝置竊取記憶體機密資訊
https://www.ithome.com.tw/news/129021
新發現的thunderclap 漏洞允許黑客使用Thunderbolt/USB-C 外設攻擊PC
http://hackernews.cc/archives/24946
Thunderbolt的漏洞給黑客大開方便之門
https://www.easyaq.com/news/1927126943.shtml
Supermicro伺服器元件漏洞可使IBM雲端伺服器被植入後門
https://www.ithome.com.tw/news/129001
訂閱:
文章 (Atom)