跳到主要內容

發表文章

目前顯示的是 五月, 2019的文章

資安事件新聞週報 2019/5/20 ~ 2019/5/24

資安事件新聞週報  2019/5/20  ~  2019/5/24

1.重大弱點漏洞/後門/Exploit/Zero Day
Fortinet FortiClient 遠端執行任意程式碼漏洞  CVE-2019-5589
https://fortiguard.com/psirt/FG-IR-19-060

Fortinet FortiOS 緩衝區錯誤漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13381

Fortinet FortiOS VM 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5587

多款Huawei S系列交換機安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5285

揭秘“0 day漏洞”:一款強大卻脆弱的武器
https://www.4hou.com/vulnerable/18116.html

Some Elasticsearch security features are now free for everyone
https://www.zdnet.com/article/some-elasticsearch-security-features-are-now-free-for-everyone/#ftag=RSSbaffb68

McAfee 產品多個漏洞
https://kc.mcafee.com/corporate/index?page=content&id=SB10282
https://kc.mcafee.com/corporate/index?page=content&id=SB10280

女黑客SandboxEscaper又曝光4個Windows 10零日漏洞
https://www.sohu.com/a/316244133_223764?sec=wd

專家促微軟用戶修補遠端漏洞 警告黑客或發動蠕蟲攻擊
http://bit.ly/2HzCve0

最新 Windows 10 0-Day 漏洞在推特上出現,可執行任意檔案
https://www.twcert.org.tw/subpages/securityInfo/securitypol…

資安事件新聞週報 2019/5/13 ~ 2019/5/17

資安事件新聞週報  2019/5/13  ~  2019/5/17

1.重大弱點漏洞/後門/Exploit/Zero Day
Fortinet FortiSandbox跨站腳本漏洞   CVE-2018-1356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1356

GPS追蹤器的安全漏洞將允許駭客得知用戶位置或竊聽
https://www.ithome.com.tw/news/130585

Titan藍牙硬體金鑰有安全漏洞,Google將免費換新
https://ithome.com.tw/news/130673

WordPress網站的安全漏洞有98%來自外掛程式
https://www.ithome.com.tw/news/130713

VMWare 產品權限提升漏洞
https://www.us-cert.gov/ncas/current-activity/2019/05/14/VMware-Releases-Security-Updates

Toshiba 和 Brother 印表機Web Services列印存在安全漏洞
https://net.nthu.edu.tw/netsys/mailing:announcement:20190515_02

Coros announces VERTIX GPS adventure watch: 45-day battery life and extreme operating profile
https://www.zdnet.com/article/coros-announces-vertix-gps-adventure-watch-45-day-battery-life-and-extreme-operating-profile/#ftag=RSSbaffb68

HAProxy 安全漏洞 CVE-2019-11323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11323

資安事件新聞週報 2019/5/6 ~ 2019/5/10

資安事件新聞週報  2019/5/6  ~  2019/5/10

1.重大弱點漏洞/後門/Exploit/Zero Day
八種無線演示系統中的關鍵漏洞
https://www.chainnews.com/articles/111363306365.htm

Dell 預載軟體成為 PC 被駭的後門
https://chinese.engadget.com/2019/05/04/supportassist-dell-vulnerability-windows/

安全研究人員發現戴爾支持助手客戶端存在安全漏洞會引發遠程攻擊
https://www.landiannews.com/archives/58210.html

Office 2016更新臭蟲引發當機,遭微軟緊急撤除
https://www.ithome.com.tw/news/130505?fbclid=IwAR1Q5Dpo1wj_lF95EFYrGqzbb0u9bJu3yG7-UoeARiAB1VAXNAcxQ1Y_zxU

華碩與技嘉的驅動程式遭爆含有權限擴張漏洞
https://0nion.com/article/27466

Jenkins外掛存在安全漏洞,衍生密碼外洩或跨站攻擊風險
https://www.ithome.com.tw/news/130412

Jenkins外掛程序存在安全漏洞,有資料外洩和跨網站攻擊等風險
http://www.twoeggz.com/news/14467228.html

黑客三年來一直向APT組織提供微軟零日漏洞
http://521.li/post/628.html

資安事件新聞週報 2019/4/29 ~ 2019/5/3

資安事件新聞週報  2019/4/29  ~  2019/5/3

1.重大弱點漏洞
Symantec 產品多個漏洞
https://www.auscert.org.au/bulletins/79594

Fortinet FortiManager 洩露敏感資料漏洞
https://www.auscert.org.au/bulletins/79762

思科修補Nexus 9000網路交換器重大漏洞
https://www.ithome.com.tw/news/130397

New Exploits for Unsecure SAP Systems
https://www.us-cert.gov/ncas/alerts/AA19-122A

九成SAP用戶權限沒關好!13年前問題設定恐讓駭客任意存取App
https://www.ithome.com.tw/news/122772

Memcached 阻斷攻擊漏洞
https://github.com/memcached/memcached/wiki/ReleaseNotes1514

CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting
https://www.exploit-db.com/exploits/46784

思科產品多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/05/01/Cisco-Releases-Security-Updates

D-Link camera vulnerability allows attackers to tap into the video stream
https://www.welivesecurity.com/2019/05/02/d-link-camera-vulnerability-video-stream/

Netgear DGN2200 / DGND3700 - Admin Password Disclosure
https://www.exploit-db.com/exploits/46764

Dell laptops and computers vulner…