資安事件新聞週報 2022/6/13 ~ 2022/6/17

 資安事件新聞週報 2022/6/13  ~  2022/6/17

1.重大弱點漏洞/後門/Exploit/Zero Day
Sophos防火牆3月底的漏洞修補，傳出中國駭客在此之前就已經著手濫用
https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/

中國駭客攻擊Sophos防火牆漏洞
https://www.ithome.com.tw/news/151493

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html

F5重大資安漏洞已陸續出現嚴重攻擊，請盡快修補及管控
https://www.cc.ntu.edu.tw/chinese/cert/cert20220616.asp

資安事件新聞週報 2022/6/6 ~ 2022/6/10

 資安事件新聞週報 2022/6/6  ~  2022/6/10

1.重大弱點漏洞/後門/Exploit/Zero Day
已修補的SAP商用軟體漏洞遭到濫用
https://onapsis.com/blog/three-actively-exploited-sap-vulnerabilities-identified-onapsis-research-labs

Even the Most Advanced Threats Rely on Unpatched Systems
https://thehackernews.com/2022/06/even-most-advanced-threats-rely-on.html

Windows又有新零時差漏洞DogWalk
https://times.hinet.net/news/23959255

研究人員揭露另一個MSDT零時差漏洞DogWalk
https://twitter.com/j00sean/status/1533889445027536899

繼 Follina 之後，又出現另一個微軟 MSDT 零時差漏洞「DogWalk」
https://technews.tw/2022/06/10/dogwalk-another-microsoft-ignored-msdt-vulnerability-like-follina-gets-unofficial-patch/

有人利用微軟Office的MSHTML、MSDT重大漏洞，在烏克蘭散布Cobalt Strike
https://cert.gov.ua/article/40559

MSDT零時差漏洞再度遭到利用，TA570用於散布惡意軟體QBot
https://www.bleepingcomputer.com/news/security/qbot-malware-now-uses-windows-msdt-zero-day-in-phishing-attacks/

Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability
https://thehackernews.com/2022/06/researchers-warn-of-unpatched-dogwalk.html

Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices
https://thehackernews.com/2022/06/unpatched-critical-flaws-disclosed-in-u.html

資安事件新聞週報 2022/5/30 ~ 2022/6/3

 資安事件新聞週報 2022/5/30  ~  2022/6/3

1.重大弱點漏洞/後門/Exploit/Zero Day
逾360萬臺MySQL伺服器曝露於網際網路，恐成為攻擊目標
https://www.shadowserver.org/news/over-3-6m-exposed-mysql-servers-on-ipv4-and-ipv6/

Microsoft 已發布安全更新，以解決服務診斷工具（MSDT）中的弱點
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190

Windows搜尋通訊協定存在零時差漏洞
https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/

Office零時差漏洞讓駭客執行惡意指令，關閉巨集也不見得擋得了
https://www.ithome.com.tw/news/151211

研究人員揭露Office零時差漏洞，駭客可藉由RTF檔案觸發
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/

中共國TA413 APT駭客組織正在利用微軟Follina漏洞進行瘋狂攻擊
https://gnews.org/zh-hant/2655908/