資安事件新聞週報 2021/9/6 ~ 2021/9/10

 


資安事件新聞週報 2021/9/6  ~  2021/9/10

1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco 發布Enterprise NFV Infrastructure Software(NFVIS)軟體安全更新
https://us-cert.cisa.gov/ncas/current-activity/2021/09/02/cisco-releases-security-updates-cisco-enterprise-nfvis

多家廠商 SoC 產品中的藍牙堆疊含嚴重 BrakTooth 漏洞
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9442

數十億用戶遭殃! BrakTooth漏洞「透過藍牙」攻擊Android產品
https://finance.ettoday.net/news/2074956

Netgear 修復三個嚴重資安漏洞,影響 20 種智慧型網路交換器
https://blog.twnic.tw/2021/09/11/20052/

研究人員:Windows最新MSHTML漏洞比想像中危險
https://www.ithome.com.tw/news/146650

微軟 IE 渲染引擎爆發零時差漏洞!駭客正用來發動目標式攻擊
https://technews.tw/2021/09/10/microsoft-attackers-exploiting-windows-zero-day-flaw/

CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability
https://thehackernews.com/2021/09/cisa-warns-of-actively-exploited-zoho.html

Moving Forward After CentOS 8 EOL
https://thehackernews.com/2021/09/moving-forward-after-centos-8-eol.html

Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC Released
https://thehackernews.com/2021/09/critical-auth-bypass-bug-affect-netgear.html

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server
https://thehackernews.com/2021/09/latest-atlassian-confluence-flaw.html

3 Ways to Secure SAP SuccessFactors and Stay Compliant
https://thehackernews.com/2021/09/3-ways-to-secure-sap-successfactors-and.html

資安事件新聞週報 2021/8/30 ~ 2021/9/3

 


資安事件新聞週報 2021/8/30  ~  2021/9/3

1.重大弱點漏洞/後門/Exploit/Zero Day
QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices
https://thehackernews.com/2021/09/qnap-working-on-patches-for-openssl.html

SUSE併購後的第一個版本,Rancher 2.6大幅強化叢集配置功能
https://www.ithome.com.tw/news/146534

MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation
https://www.exploit-db.com/exploits/50236

Synology DSM 7.0 全面更新 系統、使用者、資料安全性大升級
https://www.cool3c.com/article/164641

SQL Server 2012 & Windows Server 2012 End of Support
https://cloudblogs.microsoft.com/sqlserver/2021/07/14/know-your-options-for-sql-server-2012-and-windows-server-2012-end-of-support/

微軟Exchange爆安全漏洞 黑客未經身分認證可存取郵件
https://reurl.cc/5r76VR

微軟Azure出現重大漏洞,用戶應盡速更新金鑰
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9426

小心 Email 遭監聽!微軟 Exchange 出現新「ProxyToken」重大漏洞
https://technews.tw/2021/09/01/microsoft-exchange-proxytoken-bug-email-snooping/

資安事件新聞週報 2021/9/6 ~ 2021/9/10

  資安事件新聞週報 2021/9/6  ~  2021/9/10 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 發布Enterprise NFV Infrastructure Software(NFVIS)軟體安全更新 https://us-cert.c...