資安事件新聞週報 2019/6/24 ~ 2019/6/28

資安事件新聞週報  2019/6/24  ~  2019/6/28
1.重大弱點漏洞/後門/Exploit/Zero Day
Samba 產品存在安全性弱點 CVE-2019-12435
https://www.samba.org/samba/security/CVE-2019-12435.html
TP-Link 路由器多個漏洞 CVE-2018-16119
https://nvd.nist.gov/vuln/detail/CVE-2018-16119
SAPIDO RB-1732 - Remote Command Execution
https://www.exploit-db.com/exploits/47031
Fortinet FCM-MB40 - Cross-Site Request Forgery / Remote Command Execution
https://www.exploit-db.com/exploits/47033
修補漏洞優先順序及效率研究
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16256
Exim存在遠端指令執行漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16257
UNC Path Injection with Microsoft Access
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unc-path-injection-with-microsoft-access/
Oracle 發布安全更新 CVE-2019-2729
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html#AppendixFMW
Oracle WebLogic伺服器存在安全漏洞(CVE-2019-2725與CVE-2019-2729)
http://net.nthu.edu.tw/netsys/mailing:announcement:20190621_01
f5 -- big-ip_access_policy_manager CVSS V3 7.8
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-11477

資安事件新聞週報 2019/6/17 ~ 2019/6/21

資安事件新聞週報  2019/6/17  ~  2019/6/21
1.重大弱點漏洞/後門/Exploit/Zero Day
GCHQ的漏洞裁定流程
https://www.xianjivr.com/news/46587.html
Netflix揭露FreeBSD與Linux核心漏洞
https://www.ithome.com.tw/news/131329
美國情治單位成功測試利用 BlueKeep 漏洞，於目標電腦上執行任意程式碼
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=875
售至全球50個國家的醫療用輸液幫浦含有遠端攻擊漏洞
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=30648
Critical remote execution flaw lurks in TP-Link Wi-Fi Extenders
https://www.zdnet.com/article/critical-remote-execution-flaw-lurks-in-tp-link-wi-fi-extenders/#ftag=RSSbaffb68
Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control
https://securityintelligence.com/posts/critical-rce-vulnerability-in-tp-link-wi-fi-extenders-can-grant-attackers-remote-control/
TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479
https://access.redhat.com/security/vulnerabilities/tcpsack
Disgruntled security firm discloses zero-days in Facebook's WordPress plugins
https://www.zdnet.com/article/disgruntled-security-firm-discloses-zero-days-in-facebooks-wordpress-plugins/#ftag=RSSbaffb68
New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now
https://thehackernews.com/2019/06/oracle-weblogic-vulnerability.html

資安事件新聞週報 2019/6/10 ~ 2019/6/14

資安事件新聞週報  2019/6/10  ~  2019/6/14
1.重大弱點漏洞/後門/Exploit/Zero Day
VMware 發布新的安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0009.html
Xen 阻斷服務漏洞
https://xenbits.xen.org/xsa/advisory-295.html
D-Link 連網監視攝影機被爆資安漏洞，駭客可取得影像內容
https://blog.twnic.net.tw/2019/06/13/3991/
TP-Link 路由器多個漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-6989
Facebook CDN系统中的文件下载漏洞
http://521.li/post/872.html
Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
https://www.exploit-db.com/exploits/46967
phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/
校園英聽教材互動廣播系統 存在 資料庫注入攻擊 漏洞
https://www.kl.edu.tw/v7/eduweb/index.php?func=edu_msg&edumsg_id=68985
eClass平台 存在 任意檔案下載 漏洞，請盡速確認並進行修補作業
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=3003
Yubico生產的USB安全金鑰裝置也傳臭蟲，將免費換新
https://www.ithome.com.tw/news/131273

資安事件新聞週報 2019/6/3 ~ 2019/6/7

資安事件新聞週報  2019/6/3  ~  2019/6/7
1.重大弱點漏洞/後門/Exploit/Zero Day
Zimbra Collaboration Suite 信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15131
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
https://packetstormsecurity.com/files/153144/zyxelp660hn-bypass.txt
Fortinet產品存在多個漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1440
phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/
New RCE vulnerability impacts nearly half of the internet's email servers
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/#ftag=RSSbaffb68
Huawei P30和Huawei P30 Pro 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5307
京晨科技(NUUO Inc.)網路監控錄影系統(Network Video Recorder, NVR)存在安全漏洞(CVE-2019-9653)
http://net.nthu.edu.tw/2009/mailing:announcement:20190606_01
Apache Jenkins Exploited to Mine Monero Cryptocurrency
https://medium.com/pwnpizza/apache-jenkins-exploited-to-mine-monero-cryptocurrency-dc9a7281c663
Google研究人員發現微軟記事本漏洞
https://www.ithome.com.tw/news/131044
文本編輯器Vim/Neovim被曝任意代碼執行漏洞，含POC
http://bit.ly/2JZrMft

CISSP Standby

XOR - Exclusive OR - If x equals 1 or y equals 1, then the output is 1. If neither x nor y equals 1, then the output is 0.

What Boolean function returns a true value when only one of the input values is true?

EC-Council IH Standby

Evidence is clear and understandable
Believable

The Analysis, Response and Coordination of all identified vulnerabilities of a system
Vulnerability Handling

Details the characteristics and related information of a policy. Is a policy clear, concise, usable and sufficient?
Policy Attributes

The least harmful incident, should be fixed within one business day. Blocked attacks, quarantined virus, out of date signatures, AUP misuse, or user account breach
Low Level Incident

Acceptable or valid, especially as evidence in a court of law. 
Admissible 

Evidence is real and related to the incident.
Authentic