資安事件新聞週報 2021/4/12 ~ 2021/4/16


 資安事件新聞週報 2021/4/12  ~  2021/4/16

1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers
https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html

Cisco 發布多種產品的安全更新
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy

美國國家安全局發表 4 個最新 Microsoft Exchange Server 嚴重漏洞,應立即修補
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9167

快升級 Windows 10!微軟宣布 1909 等 3 個版本將於2021年5月終止支援
https://reurl.cc/V3ZgyA

Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems
https://thehackernews.com/2021/04/severe-bugs-reported-in-ethernetip.html

New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
https://thehackernews.com/2021/04/new-javascript-exploit-can-now-carry.html

Chromium第二項漏洞又有概念驗證攻擊程式公布
https://www.ithome.com.tw/news/143851

Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits
https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html

Chrome 90問世:以HTTPS作為預設,嵌入隱私沙箱控制
https://www.ithome.com.tw/news/143874

RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
https://thehackernews.com/2021/04/rce-exploit-released-for-unpatched.html

資安事件新聞週報 2021/4/5 ~ 2021/4/9

 

資安事件新聞週報 2021/4/5  ~  2021/4/9

1.重大弱點漏洞/後門/Exploit/Zero Day
美國政府警告Fortinet軟體漏洞恐遭國家駭客開採
https://www.ithome.com.tw/news/143629

Critical Auth Bypass Bug Found in VMware Data Center Security Product
https://thehackernews.com/2021/04/critical-auth-bypass-bug-found-in.html

還不快更新FortiOS?極惡勒索軟體Cring開始攻擊歐洲公司
https://reurl.cc/9Zqpv8

FBI及CISA發現有國家支持的駭客組織,正在針對尚未修補Fortinet軟體已知漏洞的使用單位發動滲透攻擊
https://reurl.cc/V3g13Y

思科修補SD-WAN vManage的遠端程式攻擊漏洞
https://www.ithome.com.tw/news/143708

Oracle PeopleSoft Enterprise PeopleTools存在未明漏洞
https://vul.wangan.com/a/CNVD-2018-08455

VMware 發布多種產品的安全更新
https://www.vmware.com/security/advisories/VMSA-2021-0004.html

VMware Security Advisory VMSA-2021-0005
https://www.vmware.com/security/advisories/VMSA-2021-0005.html

Cisco Security Advisories April 7 2021
https://reurl.cc/Kx5QpM

資安事件新聞週報 2021/3/29 ~ 2021/4/2

 

 

資安事件新聞週報 2021/3/29  ~  2021/4/2

1.重大弱點漏洞/後門/Exploit/Zero Day
VMware Security Advisory VMSA-2021-0004
https://www.vmware.com/security/advisories/VMSA-2021-0004.html

VMware IT環境管理系統出現8.6分的重大漏洞,該公司發布公告
https://www.ithome.com.tw/news/143566

在所有受支持的Ubuntu版本中修補了一個Sudo漏洞
https://reurl.cc/R6Qa0Z

GitLab發現高達9.6分的嚴重漏洞,並發布公告
https://www.ithome.com.tw/news/143613

ClamAV 0.102.3隨附針對兩個安全漏洞的解決方案
https://ubunlog.com/zh-TW/clamav-0-102-3-llega-con-solucion-a-dos-fallos-de-seguridad/

Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack
https://thehackernews.com/2021/03/apple-issues-urgent-patch-update-for.html

MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27928

Chrome Browser Updates - March 30 2021
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html

資安事件新聞週報 2021/4/12 ~ 2021/4/16

 資安事件新聞週報 2021/4/12  ~  2021/4/16 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers...