資安事件新聞週報 2020/6/22 ~ 2020/6/26
1.重大弱點漏洞/後門/Exploit/Zero Day
微軟六月發佈之漏洞修補數量,創有史以來最高
https://www.eset.tw/html/86/202006191/
Netgear路由器安全漏洞六個月後終於修復
https://bit.ly/315KOZz
瀚淶科技發佈NETGEAR 產品安全性通知 建議使用者更新韌體修補
https://bit.ly/3178OeE
國內網通設備廠商修復存於家用路由器的嚴重資安漏洞
https://www.twcert.org.tw/tw/cp-104-3721-9ca72-1.html
Cisco WebEx 被發現記憶體傾印資安漏洞
https://www.twcert.org.tw/tw/cp-104-3717-c993a-1.html
Webex修復兩個嚴重漏洞,兩者可使黑客運行任意程序以及代碼
https://www.expreview.com/74776.html
Cisco Wireless LAN Controller Software緩衝區溢出漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3273
物聯網設備「驚爆」底層漏洞
https://kknews.cc/tech/lv4xvvz.html
New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking
https://thehackernews.com/2020/06/new-critical-flaws-put-billions-of.html
Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations
https://thehackernews.com/2020/06/oracle-e-business-suite.html
IBM Security Guardium漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4193
2020年6月26日 星期五
2020年6月19日 星期五
資安事件新聞週報 2020/6/15 ~ 2020/6/19
資安事件新聞週報 2020/6/15 ~ 2020/6/19
1.重大弱點漏洞/後門/Exploit/Zero Day
GeoVision門禁控制設備 - Shared cryptographic keys
https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html
中華資安國際發現CVE弱點,日本知名電子郵件系統具有跨網站指令碼漏洞
https://www.chtsecurity.com/news/ca1c22e7-d523-4c8d-86c2-ebb43aa193df
WordPress 多個漏洞
https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/
蘋果電腦存在硬體漏洞?黑客5分鐘就可以入侵
https://kknews.cc/digital/x4elgmo.html
Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks
https://thehackernews.com/2020/06/intel-sgaxe-crosstalk-attacks.html
CVE-2020-13844 | ARM CPU SLS漏洞通告
https://www.venustech.com.cn/article/1/11830.html
79款Netgear路由器被曝遠程劫持0day,暫無補丁
https://www.secrss.com/articles/20405
Cisco WebEx 被發現記憶體傾印資安漏洞
https://www.twcert.org.tw/tw/cp-104-3717-c993a-1.html
多款Cisco產品輸入驗證錯誤漏洞(CNVD-2020-32900)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3228
IBM QRadar SIEM代碼問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4509
1.重大弱點漏洞/後門/Exploit/Zero Day
GeoVision門禁控制設備 - Shared cryptographic keys
https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html
中華資安國際發現CVE弱點,日本知名電子郵件系統具有跨網站指令碼漏洞
https://www.chtsecurity.com/news/ca1c22e7-d523-4c8d-86c2-ebb43aa193df
WordPress 多個漏洞
https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/
蘋果電腦存在硬體漏洞?黑客5分鐘就可以入侵
https://kknews.cc/digital/x4elgmo.html
Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks
https://thehackernews.com/2020/06/intel-sgaxe-crosstalk-attacks.html
CVE-2020-13844 | ARM CPU SLS漏洞通告
https://www.venustech.com.cn/article/1/11830.html
79款Netgear路由器被曝遠程劫持0day,暫無補丁
https://www.secrss.com/articles/20405
Cisco WebEx 被發現記憶體傾印資安漏洞
https://www.twcert.org.tw/tw/cp-104-3717-c993a-1.html
多款Cisco產品輸入驗證錯誤漏洞(CNVD-2020-32900)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3228
IBM QRadar SIEM代碼問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4509
2020年6月12日 星期五
資安事件新聞週報 2020/6/8 ~ 2020/6/12
資安事件新聞週報 2020/6/8 ~ 2020/6/12
1.重大弱點漏洞/後門/Exploit/Zero Day
Totolink等多家廠商無線分享器存在漏洞,已遭駭客鎖定駭入並設定VPN作為跳板
https://www.ithome.com.tw/news/138103
Fortinet FortiAnalyzer 跨站脚本漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6640
思科(Cisco)路由器和交換機重大漏洞:可被控製或導致癱瘓
https://tech.sina.com.cn/roll/2020-06-08/doc-iirczymk5859335.shtml
Sophos 防火牆作業系統爆0日漏洞,應用伺服器被批量掛勒索病毒
https://kknews.cc/tech/oq295gm.html
UPNP 協議存在嚴重漏洞 , 攻擊者可劫持智能設備發起 DDoS 攻擊
https://www.chainnews.com/zh-hant/articles/964410354333.htm
CallStranger UPnP漏洞影響了數十億台設備
https://zhuanlan.zhihu.com/p/147188406
1.重大弱點漏洞/後門/Exploit/Zero Day
Totolink等多家廠商無線分享器存在漏洞,已遭駭客鎖定駭入並設定VPN作為跳板
https://www.ithome.com.tw/news/138103
Fortinet FortiAnalyzer 跨站脚本漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6640
思科(Cisco)路由器和交換機重大漏洞:可被控製或導致癱瘓
https://tech.sina.com.cn/roll/2020-06-08/doc-iirczymk5859335.shtml
Sophos 防火牆作業系統爆0日漏洞,應用伺服器被批量掛勒索病毒
https://kknews.cc/tech/oq295gm.html
UPNP 協議存在嚴重漏洞 , 攻擊者可劫持智能設備發起 DDoS 攻擊
https://www.chainnews.com/zh-hant/articles/964410354333.htm
CallStranger UPnP漏洞影響了數十億台設備
https://zhuanlan.zhihu.com/p/147188406
2020年6月7日 星期日
翻譯小品:惡意程式分析系列-如何使用Yara Rule檢測惡意程式
翻譯小品:惡意程式分析系列-如何使用Yara Rule檢測惡意程式
Malware Analysis: How to use Yara rules to detect malware
原文來源:peerlyst
原文作者: Chiheb Chebbi
當進行惡意程式分析作業時,分析師需要收集可以識別惡意程式的所有的資訊,而其中一項就是Yara Rule。在本文中,我們將探討Yara Rule以及使用它來檢測惡意程式。
When performing malware analysis, the analyst needs to collect every piece of information that can be used to identify malicious software. One of the techniques is Yara rules. In this article, we are going to explore Yara rules and how to use them in order to detect malware.
本篇文章大概會討論到的範圍如下:
The article outline is the following:
什麼是惡意程式分析 What is malware analysis
靜態惡意程式分析技術 Static malware analysis techniques
什麼是Yara以及如何安裝它 What is Yara and how to install it
偵測惡意程式與Yara規則Detect malware with Yara
Yara規則結構 Yara Rule Yara rule structure
如何撰寫你的第一個Yara Rule How to write your first Yara rule
Yara Python
在閱讀完本文之後,你也可以參考其他的Yara Rule相關資源,並且下載
After reading this article you can download this small document that includes other helpful resources:
https://static.peerlyst.com/image/upload/v1571381124/post-attachments/Yara_Rules_Resources_unj0lm
Malware Analysis: How to use Yara rules to detect malware
原文來源:peerlyst
原文作者: Chiheb Chebbi
當進行惡意程式分析作業時,分析師需要收集可以識別惡意程式的所有的資訊,而其中一項就是Yara Rule。在本文中,我們將探討Yara Rule以及使用它來檢測惡意程式。
When performing malware analysis, the analyst needs to collect every piece of information that can be used to identify malicious software. One of the techniques is Yara rules. In this article, we are going to explore Yara rules and how to use them in order to detect malware.
本篇文章大概會討論到的範圍如下:
The article outline is the following:
什麼是惡意程式分析 What is malware analysis
靜態惡意程式分析技術 Static malware analysis techniques
什麼是Yara以及如何安裝它 What is Yara and how to install it
偵測惡意程式與Yara規則Detect malware with Yara
Yara規則結構 Yara Rule Yara rule structure
如何撰寫你的第一個Yara Rule How to write your first Yara rule
Yara Python
在閱讀完本文之後,你也可以參考其他的Yara Rule相關資源,並且下載
After reading this article you can download this small document that includes other helpful resources:
https://static.peerlyst.com/image/upload/v1571381124/post-attachments/Yara_Rules_Resources_unj0lm
2020年6月5日 星期五
資安事件新聞週報 2020/6/1 ~ 2020/6/5
資安事件新聞週報 2020/6/1 ~ 2020/6/5
1.重大弱點漏洞/後門/Exploit/Zero Day
VMware Security Advisories VMSA-2020-0011
https://www.vmware.com/security/advisories/VMSA-2020-0011.html
VMware雲監測平台被曝嚴重漏洞,可導致黑客接管企業服務器
https://www.secrss.com/articles/19954
Critical VMware Cloud Director Flaw Lets Hackers Take Over Corporate Servers
https://thehackernews.com/2020/06/vmware-cloud-director-exploit.html
研究員從主流操作系統上發現26個USB驅動漏洞
https://www.secrss.com/articles/19860
IBM MQ 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4352
Chrome瀏覽器重大資安問題7成都出在記憶體?Google回應這麼說
https://bit.ly/2XfxL5d
MINDSHARE: HARDWARE REVERSING WITH THE TP-LINK TL-WR841N ROUTER
https://www.zerodayinitiative.com/blog/2019/9/2/mindshare-hardware-reversing-with-the-tp-link-tl-wr841n-router
MINDSHARE: HARDWARE REVERSING WITH THE TP-LINK TL-WR841N ROUTER - PART 2
https://www.zerodayinitiative.com/blog/2019/12/2/mindshare-hardware-reversing-with-the-tp-link-tl-wr841n-router-part-2
1.重大弱點漏洞/後門/Exploit/Zero Day
VMware Security Advisories VMSA-2020-0011
https://www.vmware.com/security/advisories/VMSA-2020-0011.html
VMware雲監測平台被曝嚴重漏洞,可導致黑客接管企業服務器
https://www.secrss.com/articles/19954
Critical VMware Cloud Director Flaw Lets Hackers Take Over Corporate Servers
https://thehackernews.com/2020/06/vmware-cloud-director-exploit.html
研究員從主流操作系統上發現26個USB驅動漏洞
https://www.secrss.com/articles/19860
IBM MQ 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4352
Chrome瀏覽器重大資安問題7成都出在記憶體?Google回應這麼說
https://bit.ly/2XfxL5d
MINDSHARE: HARDWARE REVERSING WITH THE TP-LINK TL-WR841N ROUTER
https://www.zerodayinitiative.com/blog/2019/9/2/mindshare-hardware-reversing-with-the-tp-link-tl-wr841n-router
MINDSHARE: HARDWARE REVERSING WITH THE TP-LINK TL-WR841N ROUTER - PART 2
https://www.zerodayinitiative.com/blog/2019/12/2/mindshare-hardware-reversing-with-the-tp-link-tl-wr841n-router-part-2
訂閱:
文章 (Atom)