資安新聞及事件週報 2017/8/14 ~ 2017/8/18

1.重大弱點漏洞
【漏洞公告】Git、SVN、Mercurial版本控制系統被爆遠程命令執行漏洞
http://it.uu01.me/p/ovggpf.html

NetSarang的Xmanager和Xshell多種產品源碼被植入後門
http://www.freebuf.com/company-information/144271.html
http://it.uu01.me/p/ooopkd.html

Acunetix WVS 10 - Remote Command Execution (System)
https://www.exploit-db.com/exploits/39755/
https://www.youtube.com/watch?v=gWcRlam59Fs

Fortinet FortiManager 跨站腳本漏洞
https://fortiguard.com/psirt/FG-IR-15-011

Fortinet FortiManager SQL注入漏洞(CVE-2015-3616)
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3616

比特幣硬件錢包TREZOR曝安全漏洞,開發商已發布更新
http://www.bitett.com/forum.php?mod=viewthread&tid=8816

Juniper Networks Junos OS存在安全弱點
https://www.twcert.org.tw/twcert/advdetail/3421
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10798&cat=SIRT_1&actp=LIST

Symantec Messaging Gateway 存在多個安全性弱點
https://www.twcert.org.tw/twcert/advdetail/3422

Rsyslog CVE-2017-12588
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12588

Read on →

資安新聞及事件週報 2017/8/7 ~ 2017/8/11

1.重大弱點漏洞
Cisco Secure Access Control System 跨站脚本漏洞(CVE-2017-6769)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-acs

思科 Meeting Server 阻斷服務漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms

【漏洞公告】CVE-2017-11610:Supervisord 遠程命令執行漏洞
https://www.leavesongs.com/PENETRATION/supervisord-RCE-CVE-2017-11610.html

Trend Micro Control Manager SQL注入漏洞 CVE-2017-11386
https://success.trendmicro.com/solution/1117722

【漏洞預警】關於Windows SMBLoris漏洞情況的通報
https://support.microsoft.com/zh-cn/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and-windows

Autodesk ® AutoCAD ® 2017 SP1 FBX ® 漏洞
https://knowledge.autodesk.com/zh-hans/search-result/caas/downloads/downloads/CHS/content/autodesk-C2-AE-autocad-C2-AE-2017-sp1-fbx-C2-AE-vulnerability-hotfix.html

IBM Security Guardium安全繞過漏洞
http://www.ibm.com/support/docview.wss?uid=swg22004424

Juniper Junos 阻斷服務漏洞
https://www.us-cert.gov/ncas/current-activity/2017/08/09/Juniper-Networks-Releases-Junos-OS-Security-Updates

Read on →

TDOH-PIPE 中區 資安交流活動 | 201708

TDOH-PIPE 中區 資安交流活動 | 201708

關於 TDOH

TDOH 成立於 2013 年中,是當時一群對資安極具熱情的學生們所創立,期望利用社群的方式來推廣資訊安全、增加技術交流、改善台灣資安學習環境等。目前依舊耕耘著台灣資安人才培育的土壤,並且在全台各地與多所大專院校都有相關合作經驗和人手,是一個初具規模全國性校園資安社群。

TDOH 近年來已有數十場講座舉辦經歷,也協助過多個社群單位與教育單位舉辦講座、課程,並發展多個資安教育平台的專案。平常則舉辦許多小型活動熱絡資安社群間的交流,而從 2016 年開始舉辦如 TDOH - PIPE、Conf 等大型活動,致力於打造更完善的資訊安全學習環境。

關於 逢甲黑客社

黑客社是由一群喜歡資訊安全的人們所創立,因緣際會之下成立了這個社團。
我們致力推廣「資訊安全」及「程式設計」,秉持著「創新與實作」的理念, 除了推廣資訊安全的基礎概念、程式設計普及化、開源文化, 希望可以讓每位社員甚至每位學生都能了解到資安的重要性及體驗到更加便利、有趣的未來!

本月內容

Read on →

資安新聞及事件週報 2017/7/31 ~ 2017/8/4

1.重大弱點漏洞
Apple Mac_os_x CVE-2017-7050 CVE-2017-7051 CVE-2017-7054
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7050
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7051
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7054

Microsoft釋出Outlook安全更新(July 2017) CVE-2017-8572
https://www.us-cert.gov/ncas/current-activity/2017/07/28/Microsoft-Releases-Security-Updates
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8572
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8571
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8572
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8663

Fortinet FortiOS輸入驗證之漏洞將讓駭客使用遠端方式進行跨網站指令碼(Cross-Site Scripting)攻擊
http://securitytracker.com/id/1039020
http://fortiguard.com/psirt/FG-IR-17-104

Google釋出Chrom OS安全更新(60.0.3112.80) CVE-2017-9417
https://www.us-cert.gov/ncas/current-activity/2017/08/03/Google-Releases-Security-Updates-Chrome-OS
https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-chrome-os.html

PHPMailer發布安全更新,該漏洞可能導致跨站指令碼(Cross-Site Scripting)攻擊
http://securitytracker.com/id/1039026
https://github.com/PHPMailer/PHPMailer

BMW、福特、Infiniti等部份車款使用的2G數據機遭爆含安全漏洞
http://www.ithome.com.tw/news/116029

Cisco IOS、IOSXE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6736
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6737
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6738
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6739
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6740
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6741
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6742
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6744

FreeRADIUS CVE-2017-10985
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11164

Read on →

8月資安活動分享

物聯網安全概論與實習
http://www.sharecourse.net/sharecourse/course/view/courseInfo/1268

智慧型手機破密教育訓練 2017/08/02 AM09:00~PM05:00
https://www.dropbox.com/s/6xzxuym8kdkytvf/%E6%99%BA%E6%85%A7%E5%9E%8B%E6%89%8B%E6%A9%9F%E7%A0%B4%E5%AF%86%E8%AA%B2%E7%A8%8B%E5%A4%A7%E7%B6%B2V1.pdf?dl=0

106年安全資訊系統開發訓練研討會【研討會】 7/31 8/2 8/3 8/7
https://register.nccst.nat.gov.tw/Active/registerDetail.do?activeId=722&activeType=conf

2017軟體品質與APP資安研討會 8/9 8/10 8/17
http://cttierp.iii.org.tw/cttierp/content/application/cttierp/seminar/guest-cnt-new.php?vars=209dffcebd37c0906cd3da96397ea8efd67d9438a046cb63c2489a610d375376dbdc4abfe13597810ba1d1a1aac75d6baee96e1bf21f209e714222012dbb52303d2bf208d7c5f33556d12dac59e1cc35e052c99b615e4fafd3cc47314acbfb0bb3dcd7b0cbec8837f9d506f6ffb71447accf36b9886bcf193b77dddaee98713ffc14da2188f8d84069896861605c4f82

臺灣學術網路危機處理中心(TACERT)辦理之「網路威脅手法暨DDoS分析資安巡迴研討會」 8/10 8/17 8/24
http://www.rwm.ks.edu.tw/upload/news/NEWS15470001.pdf
http://tacert.mis.nsysu.edu.tw/files/11-1238-83.php

Modern Web 2017 08/10~08/11
https://ithomeonline.typeform.com/to/b7zq5F

Read on →

資安新聞及事件週報 2017/7/24 ~ 2017/7/28

1.重大弱點漏洞
Cisco AsyncOS Software 漏洞(CVE-2017-6746)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa1

Cisco Email Security和Content Security Management Appliance 跨站腳本漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esa

思科 IOS/ IOS XE 多個漏洞
http://securitytracker.com/id/1038999
http://securitytracker.com/id/1038997
http://securitytracker.com/id/1038998

VMware vCenter Server 遠端認證漏洞 CVE-2017-4919
https://kb.vmware.com/kb/2151027
http://securitytracker.com/id/1039004
https://www.vmware.com/security/advisories/VMSA-2017-0012.html
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2151027

Microsoft Exchange Server跨站腳本漏洞
https://nvd.nist.gov/vuln/detail/CVE-2017-8560

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 關於Sudo get_process_ttyname() (Linux CVE-2017-1000367)與Proxy命令注入遠端程式碼執行等安全性弱點
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000367

IBM 釋出Cisco MDS系列交換器安全更新
http://0rz.tw/2rwyO
https://www.us-cert.gov/ncas/current-activity/2017/07/21/IBM-Cisco-Security-Update

Read on →

資安新聞及事件週報 2017/7/17 ~ 2017/7/21

1.重大弱點漏洞
SAP 發布安全漏洞報告:修復影響5000 億次安裝的SAP POS 漏洞
http://hackernews.cc/archives/12307

關於Samba Orpheus' Lyre KDC-REP服務名校驗漏洞通知
http://bbs.qcloud.com/thread-33652-1-1.html

鎖定「SambaCry」漏洞的新威脅現身, Linux 使用者請盡速更新系統
https://blog.trendmicro.com.tw/?p=51159

Samba 軟體存在安全性弱點(CVE-2017-11103)
https://www.us-cert.gov/ncas/current-activity/2017/07/12/Samba-Releases-Security-Updates
https://www.samba.org/samba/

未來四年之內,零時差漏洞出現的頻率很可能提高到每天一次
https://blog.trendmicro.com.tw/?p=50864

FreeRADIUS 安全漏洞
http://freeradius.org/security/fuzzer-2017.html

Trend Micro Control Manager (TMCM) 6.0安全性弱點
http://files.trendmicro.com/products/tmcm/06/patch/Readme_tmcm_60_win_en_sp3_patch3.txt

Siemens SIMATIC WinCC Sm@rtClient for Android中間人攻擊漏洞
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf

思科WebEx爆高危漏洞,允許遠程執行代碼
https://www.hackeye.net/securitytetchnology/netsec/6445.aspx

VMware虛擬機逃逸漏洞攻擊代碼
http://www.weibo.com/1645903643/Fdh9uaijT?type=comment#_rnd1500654171991

IBM HTTP Server 多個漏洞
http://www.ibm.com/support/docview.wss?uid=swg22005280

Read on →

資安新聞及事件週報 2017/7/10 ~ 2017/7/14

1.重大弱點漏洞
Struts 2 再曝高危遠程代碼執行漏洞
https://zhuanlan.zhihu.com/p/27762032
https://cwiki.apache.org/confluence/display/WW/S2-048

微軟7月安全性更新 這項漏洞最好先修補
http://www.cna.com.tw/news/ait/201707130386-1.aspx

Samba 繞過保安限制漏洞
https://www.us-cert.gov/ncas/current-activity/2017/07/12/Samba-Releases-Security-Updates
https://www.samba.org/samba/security/CVE-2017-11103.html

微軟Windows作業系統的NTLM驗證通訊協定存在允許攻擊者透過重送攻擊進而取得整個網域控制權之漏洞(CVE-2017-8563)
https://www.nccst.nat.gov.tw/VulnerabilityDetail.aspx?lang=zh&seq=1065

Apache mod_http2 及 mod_auth_digest 多個漏洞
http://securitytracker.com/id/1038907
http://securitytracker.com/id/1038906

Apache Struts 遠端執行程式碼漏洞
http://www.cnvd.org.cn/flaw/show/CNVD-2017-13259
http://securitytracker.com/id/1038838

微軟發布7月補丁修復55個安全問題
http://blog.nsfocus.net/microsoft-released-july-patch-fix-55-security-issues/

Samba釋出重大安全更新 CVE-2017-11103
https://www.samba.org/samba/security/CVE-2017-11103.html
https://www.us-cert.gov/ncas/current-activity/2017/07/12/Samba-Releases-Security-Updates

RoundCube Webmail 多個權限提升漏洞(CVE-2017-8114)
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8114

Adobe Flash Player 及Adobe Connect 存在多個安全性弱點
https://www.us-cert.gov/ncas/current-activity/2017/07/11/Adobe-Releases-Security-Updates
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html
https://helpx.adobe.com/security/products/connect/apsb17-22.html

微軟修補19個重大安全漏洞
http://www.ithome.com.tw/news/115546

微軟釋出Windows重大更新 保護資料動作快
https://www.nownews.com/news/20170713/2588338

Juniper Junos 多個漏洞
https://www.auscert.org.au/bulletins/49870
https://www.auscert.org.au/bulletins/49846

Read on →

資安新聞及事件週報 2017/7/3 ~ 2017/7/7

1.重大弱點漏洞
[重要通知] 【安全預警】關於Systemd遠程代碼執行漏洞通知
http://bbs.qcloud.com/thread-32573-1-1.html

CentOS 7發佈內核安全更新:修復五處漏洞
http://www.cnbeta.com/articles/soft/627595.htm

10塊錢買你隱私 簡單四步就能破解家庭攝像頭
http://news.sina.com.tw/article/20170703/22894886.html

英特爾芯片嚴重漏洞 西門子38款工業產品中招
http://it.big5.enorth.com.cn/system/2017/07/06/033300755.shtml

Huawei AR1220 安全漏洞
http://www.huawei.com/en/psirt/security-advisories/hw-417840

IBM WebSphere 應用程式伺服器多個漏洞
https://www.auscert.org.au/bulletins/49530

Cisco Elastic Services Controller 安全漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-esc2

ISC BIND安全限制繞過漏洞(CVE-2017-3142)
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142

特定版本Samba軟體存在允許攻擊者遠端執行任意程式碼之漏洞(CVE-2017-7494)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1062

SWFTools 安全漏洞
https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8420

Read on →

7月資安活動分享

7月份資安活動分享

TDOH - PIPE 資訊安全讀書會 北區 | 201707 7/8 10:00 ~ 12:00
https://tdohackerparty.kktix.cc/events/tdoh-pipe-201707

TDOH-PIPE 資安交流活動 北區 | 201707 7/8 13:00 ~ 17:00
https://tdohackerparty.kktix.cc/events/tdoh-north-party-201707

【課程】LoRa廣域物聯網實作,設計LoRa Node、架設LoRa Gateway、打造圖形化資料Dashboard 7/8
http://www.techbang.com/posts/51410-course-lora-internet-implementation-designed-by-icblock-lora-node-set-up-lora-gateway-dashboard-graphical-data-society

HITCON GIRLS 資安萌芽推廣 - 青少年資安暑期營 2017/07/08 09:20(+0800)~17:00
https://hitcon.kktix.cc/events/hitcongirls2017summer

OWASP Taiwan Day 7/11
http://2017.twcsa.org/index.html

Honey con 2017 台灣誘捕技術研討會 7/11 ~ 7/12
http://2017.twcsa.org/index.html

2017國際資訊安全組織台灣高峰會 2017/07/11 09:00 ~ 2017/07/13 18:00
http://csa.kktix.cc/events/2017con

以IBM技術實作Chatbot,Watson人工智能+Bluemix Node-RED,讓Chatbot聊天還能辨識影像 7/12
http://www.techbang.com/posts/52035-course-ibm-chatbot-implementations-with-watson-bluemix-development-of-cloud-service-node-red-to-create-robot-image-identification-learning?from=flash_message

Read on →