資安事件新聞週報 2021/5/3 ~ 2021/5/7

 

資安事件新聞週報 2021/5/3  ~  2021/5/7

1.重大弱點漏洞/後門/Exploit/Zero Day
Pulse Connect Secure 9.0R3 / 9.1R1
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-22893

Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://github.com/antonioCoco/RemotePotato0

PULSE SECURE設備存在安全漏洞(CVE-2021-22893~22894與CVE-2021-22899~22900)，允許攻擊者遠端執行任意程式碼，請儘速確認並進行更新
https://www.isda.org.tw/2021/05/05/9b3d7c9821f97596a142e527c0b6a914/

多個駭客組織鎖定美國國防產業與全球政府機關之Pulse Connect Secure VPN裝置漏洞
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9213

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks
https://thehackernews.com/2021/04/hackers-exploit-sonicwall-zero-day-bug.html

VMware vRealize Business for Cloud 遠程代碼執行漏洞（CVE-2021-21984）
https://s.tencent.com/research/bsafe/1306.html

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack
https://thehackernews.com/2021/05/critical-patch-out-for-month-old-pulse.html

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide
https://thehackernews.com/2021/05/bios-privesc-bug-affects-hundreds-of.html

資安事件新聞週報 2021/4/26 ~ 2021/4/30

 

資安事件新聞週報 2021/4/26  ~  2021/4/30

1.重大弱點漏洞/後門/Exploit/Zero Day
中華資安國際發現CVE弱點，國內某電子簽核平台具有多項漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-28173

駭客利用Pulse Secure VPN裝置4項安全漏洞，對各國政府組織發動攻擊
https://us-cert.cisa.gov/ncas/alerts/aa21-110a

Google Chrome 90 新版修復多個資安漏洞
https://www.twcert.org.tw/tw/cp-104-4686-384be-1.html

Chrome Browser Update - April 26 2021
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html

ISC BIND - Multiple Vulnerabilities Addressed
https://kb.isc.org/docs/cve-2021-25214
https://kb.isc.org/docs/cve-2021-25215
https://kb.isc.org/docs/cve-2021-25216

Nagios XI Vulnerability Used for Cryptomining
https://unit42.paloaltonetworks.com/nagios-xi-vulnerability-cryptomining/

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability
https://thehackernews.com/2021/04/f5-big-ip-found-vulnerable-to-kerberos.html

Apple Security Updates April 26 2021 - Exploitation in the Wild Reported
https://www.jamf.com/blog/shlayer-malware-abusing-gatekeeper-bypass-on-macos/

蘋果釋出macOS Big Sur 11.3，修補已被開採的零時差漏洞
https://www.ithome.com.tw/news/144063

Hackers Exploit 0-Day Gatekeeper Flaw to Attack macOS Computers
https://thehackernews.com/2021/04/hackers-exploit-0-day-gatekeeper-flaw.html

2021年 5 月份資安、社群活動分享

 

 

 2021年 5 月份資安、社群活動分享

Coffee & Code 5/2
https://www.meetup.com/Innovate-Taiwan/events/277643752/

教育部先進資通安全實務人才培育計畫  110年度資安初學者挑戰活動 (MyFirstCTF)  4/26 ~ 5/3 報名
https://drive.google.com/file/d/1SkflOJ1nitQ2m8swotqZ2HNFDP2DWU_r/view

從Python到TensorFlow線上讀書會-二部曲(10) -邏輯回歸 5/4
https://www.meetup.com/TensorFlow-User-Group-Taipei/events/274981279/

ITHOME 台灣資安大會2021 5/4 ~ 5/6
https://cyber.ithome.com.tw/

Taipei Creative Coders Meetup #8 5/5
https://www.meetup.com/tpecreativecoders/events/277806092/

UX Study Group- 設計的心理學 5/5
https://www.meetup.com/GDGTaipei/events/277723592/

2021國際商會數位經濟委員會春季議題分享會 5/7
http://registration.cieca.org.tw/visit/?d=116

In here it's WordPress Friday - 桃園晚餐小聚 #19 5/7
https://www.meetup.com/Taoyuan-WordPress-Meetup/events/277824803/

塔羅牌與 UX 的火花 5/8
https://www.meetup.com/GDGTaipei/events/277707447/

從Python到TensorFlow線上讀書會-二部曲(11) -決策樹 5/11
https://www.meetup.com/TensorFlow-User-Group-Taipei/events/274981288/

【Flutter Night】5/12
https://www.meetup.com/Flutter-Taipei/events/277647481/

SDN x Cloud Native Meetup #38 5/13
https://www.meetup.com/CloudNative-Taiwan/events/277643179/

OWASP Taiwan Meetup (May) 5/18
https://www.meetup.com/Taipei-OWASP-Meetup-Group/events/277773931/

資安事件新聞週報 2021/4/19 ~ 2021/4/23

 

資安事件新聞週報 2021/4/19  ~  2021/4/23

1.重大弱點漏洞/後門/Exploit/Zero Day
Juniper 多個產品存在安全性弱點
https://us-cert.cisa.gov/ncas/current-activity/2021/04/15/juniper-networks-releases-security-updates

Juniper 近日發布更新以解決 Junos OS 多項版本中的安全性弱點
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11147&cat=SIRT_1&actp=LIST

Cisco Security Advisories April 21 2021
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-info-disclos-gGvm9Mfu
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-cql-inject-c7z9QqyB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-xml-ext-entity-q6Z7uVUg
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-cmdinj-nRHKgfHX
https://tools.cisco.com/security/center/Search.x?publicationTypeIDs=1&firstPublishedStartDate=2021%2F04%2F21&firstPublishedEndDate=2021%2F04%2F21

趨勢科技軟體舊漏洞遭駭客攻擊
https://www.ithome.com.tw/news/144011

趨勢科技Apex One
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-25250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-25253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-28645

資安事件新聞週報 2021/4/12 ~ 2021/4/16

 資安事件新聞週報 2021/4/12  ~  2021/4/16

1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers
https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html

Cisco 發布多種產品的安全更新
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy

美國國家安全局發表 4 個最新 Microsoft Exchange Server 嚴重漏洞，應立即修補
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9167

快升級 Windows 10！微軟宣布 1909 等 3 個版本將於2021年5月終止支援
https://reurl.cc/V3ZgyA

Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems
https://thehackernews.com/2021/04/severe-bugs-reported-in-ethernetip.html

New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
https://thehackernews.com/2021/04/new-javascript-exploit-can-now-carry.html

Chromium第二項漏洞又有概念驗證攻擊程式公布
https://www.ithome.com.tw/news/143851

Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits
https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html

Chrome 90問世：以HTTPS作為預設，嵌入隱私沙箱控制
https://www.ithome.com.tw/news/143874

RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
https://thehackernews.com/2021/04/rce-exploit-released-for-unpatched.html

資安事件新聞週報 2021/4/5 ~ 2021/4/9

 

資安事件新聞週報 2021/4/5  ~  2021/4/9

1.重大弱點漏洞/後門/Exploit/Zero Day
美國政府警告Fortinet軟體漏洞恐遭國家駭客開採
https://www.ithome.com.tw/news/143629

Critical Auth Bypass Bug Found in VMware Data Center Security Product
https://thehackernews.com/2021/04/critical-auth-bypass-bug-found-in.html

還不快更新FortiOS？極惡勒索軟體Cring開始攻擊歐洲公司
https://reurl.cc/9Zqpv8

FBI及CISA發現有國家支持的駭客組織，正在針對尚未修補Fortinet軟體已知漏洞的使用單位發動滲透攻擊
https://reurl.cc/V3g13Y

思科修補SD-WAN vManage的遠端程式攻擊漏洞
https://www.ithome.com.tw/news/143708

Oracle PeopleSoft Enterprise PeopleTools存在未明漏洞
https://vul.wangan.com/a/CNVD-2018-08455

VMware 發布多種產品的安全更新
https://www.vmware.com/security/advisories/VMSA-2021-0004.html

VMware Security Advisory VMSA-2021-0005
https://www.vmware.com/security/advisories/VMSA-2021-0005.html

Cisco Security Advisories April 7 2021
https://reurl.cc/Kx5QpM

資安事件新聞週報 2021/3/29 ~ 2021/4/2

 

 

資安事件新聞週報 2021/3/29  ~  2021/4/2

1.重大弱點漏洞/後門/Exploit/Zero Day
VMware Security Advisory VMSA-2021-0004
https://www.vmware.com/security/advisories/VMSA-2021-0004.html

VMware IT環境管理系統出現8.6分的重大漏洞，該公司發布公告
https://www.ithome.com.tw/news/143566

在所有受支持的Ubuntu版本中修補了一個Sudo漏洞
https://reurl.cc/R6Qa0Z

GitLab發現高達9.6分的嚴重漏洞，並發布公告
https://www.ithome.com.tw/news/143613

ClamAV 0.102.3隨附針對兩個安全漏洞的解決方案
https://ubunlog.com/zh-TW/clamav-0-102-3-llega-con-solucion-a-dos-fallos-de-seguridad/

Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack
https://thehackernews.com/2021/03/apple-issues-urgent-patch-update-for.html

MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27928

Chrome Browser Updates - March 30 2021
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html