風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Google Chrome 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況及遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 操作系統 - Network
於 F5 BIG-IP 發現一個漏洞,遠端攻擊者可利用這漏洞,於目標系統觸發繞過保安限制。
BIG-IP Next SPK
BIG-IP Next CNF
BIG-IP (AFM)
Traffix SDC
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
注: 其他受影響之系統暫無可用的保安更新.
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
A vulnerability was identified in F5 BIG-IP, a remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.
BIG-IP Next SPK
BIG-IP Next CNF
BIG-IP (AFM)
Traffix SDC
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
Note: Other affected products have no patch released yet.
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Microsoft Edge 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發資料洩露、遠端執行任意程式碼、繞過保安限制及阻斷服務狀況。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, remote code execution, security restriction bypass and denial of service condition on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in NetApp Product. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, data manipulation and denial of service condition on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
RISK: Medium Risk
TYPE: Operating Systems - Others OS
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor. For detail, please refer to the link below:
Hybrid Work 是未來主流 準備好迎接新時代工作模式的來臨嗎?
一場世紀疫情,改變了全球公司企業的工作模式。隨著一切復常,Hybrid Work(混合辦公)也逐漸成為常態,這種上班模式能夠讓員工靈活自主地安排工作時間和地點,同時也能平衡辦公室的功能和運作。 然而,隨之而來的是一系列與網路安全相關的挑戰,例如自攜裝置(BYOD)和安全連接等問題。
在面對這些挑戰時,公司和員工應該如何減輕相關的網絡風險,並保護企業和客戶的資料安全呢? 雖然沒有通用的解決方案,但以下幾項措施可幫助保護公司免受損害:
一)減少攻擊面:員工使用未受監控的裝置,特別是在沒有限制的情況下,可能對企業數據構成重大威脅。 在這個時代,惡意攻擊者不斷尋找企業的弱點,因此減少潛在入侵點的數量至關重要。 企業需要監控所有存取其網絡的裝置,並設定安全標準和配置要求,以確保員工的裝置達到基本的安全水準。
二)更新軟件和操作系統:及時安裝安全性更新以修補已知漏洞的重要性不可小覷。每天都有關於廣泛使用軟件新漏洞的報導,因此確保裝置上的軟件和操作系統永遠保持最新狀態,可以減少已知漏洞被利用的風險,提供更好的防禦能力。
三)強化身分驗證和存取控制:在混合辦公環境中,員工可能使用不同的裝置和網絡連接進行工作。 為了保護敏感資料和系統,加強身分驗證和存取控制至關重要。企業可以實施多重身分驗證,如密碼加指紋或短訊驗證碼,確保只有授權人員能夠存取資料和系統。此外,使用虛擬專用網絡(VPN)建立安全的遙距連接,可加密資料傳輸並提供額外的保護層。
四)教育和培訓員工:教育和培訓員工是預防網絡風險的關鍵,企業應提供有關網絡安全的培訓,教育員工如何識別和應對釣魚郵件、惡意軟件等常見威脅。員工應該了解不隨意點擊陌生連結或下載可疑附件的重要性,並遵守企業制定的安全政策和最佳實踐。
總結起來,隨著混合辦公模式的普及,公司和員工都需要重新思考網絡安全的措施。減少攻擊面、更新軟件和作業系統、強化身分驗證和存取控制,以及教育和培訓員工都是重要的步驟。這樣可以幫助保護企業和客戶的資料安全,並降低潛在的網路風險。
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Mozilla 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、彷冒、遠端執行任意程式碼、權限提升及繞過保安限制。
以下版本之前的版本﹕
在安裝軟體之前,請先瀏覽供應商之官方網站,以獲得更多詳細資料。
更新至版本:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution, elevation of privilege and security restriction bypass on the targeted system.
Versions prior to:
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Google Chrome 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發資料洩露、繞過保安限制、遠端執行任意程式碼及阻斷服務狀況。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, security restriction bypass, remote code execution and denial of service condition on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
類別: 惡意程式
近日,網絡資訊保安公司Group-IB發布了一份惡意軟件分析報告,內容提及發現一種名為GoldDigger的新惡意軟件,主要針對越南及泰國用戶的Android及iOS裝置。目的為收集受害者的敏感資料,例如:身分證明文件、簡訊和臉部辨識(Face ID)資料。最終利用得到的資料,通過換臉等深偽(Deepfake)技術騙過銀行應用程式(App)認證,存取受害者銀行帳戶盜取金錢。
報告提到犯罪份子主要利用社交工程,例如假扮政府機構誘騙受害者點擊惡意網站連結下載惡意軟件。犯罪份子會指示受害者透過Apple 的 TestFlight App或行動裝置管理 (MDM) 最終下載惡意軟件至受害者的裝置。
TestFlight App是一個讓iOS App開發者在正式發布至App Store上架前,將Beta 版本App予用戶測試。經TestFlight發送的Beta 版App能簡單下載及安裝,甚至不需要通過App Store的審核。但受害者或因下載合法的TestFlight App後,讓惡意軟件有機可乘,透過TestFlight App下載至受害者的裝置中。
而MDM會提供大量功能,例如遠端刪除、裝置追蹤和App管理等,犯罪分子會利用這些功能來安裝惡意軟件並偷取資訊。透過MDM分發,需要受害者點擊惡意網站連結、下載及安裝MDM設定檔,最後將惡意軟件下載到受害者的裝置。
mickmick.net 提醒iOS用戶提高警惕,並採取以下保安最佳實踐以保障自己:
Type: Malware
Recently, the cybersecurity company Group-IB released a malware analysis report about a new malware called GoldDigger, which mainly targets Android and iOS devices of users in Vietnam and Thailand. The malware aims to collect sensitive information from victims, such as identity documents, text messages and facial recognition (Face ID) data. The data is then used to create deepfake for face-swapping to deceive bank application (App) authentication, and finally gain access to the victim's bank account to steal money.
According to the report, the criminals mainly use social engineering techniques, such as impersonating a government agency, to trick victims into clicking on links to malicious websites to download malware. The criminals would instruct the victim to download the malware to the victim's device through Apple's TestFlight App or Mobile Device Management (MDM).
TestFlight App is a tool for iOS App developers to distribute beta versions of App to users for testing before they formally release the App on the App Store. Beta App distributed through TestFlight can be easily downloaded and installed without passing the vetting requirements and security checks of App Store. However, if the victim downloads the legitimate TestFlight App, it may allow the malware to take advantage of it to download malware to the victim's device through the legitimate TestFlight App.
MDM provides a number of features, such as remote deletion, device tracking, and App management, which criminals can exploit it for install malware and steal information. Distribution via MDM requires the victim to click on a link to a malicious website, download and install the MDM profile, and finally download the malware to the victim's device.
mickmick.net would like to remind iOS users to be vigilant and adopt the following security best practices to protect themselves:
RISK: Medium Risk
TYPE: Operating Systems - Others OS
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor. For detail, please refer to the link below:
風險: 中度風險
類型: 伺服器 - 互聯網應用伺服器
於 IBM WebSphere 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼及洩露敏感資料。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in IBM WebSphere Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and sensitive information disclosure on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 操作系統 - Network
於 F5 產品發現多個漏洞,遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行程式碼、繞過保安限制、敏感資料洩露及資料篡改。
BIG-IP
BIG-IP (AFM)
BIG-IP (IPS)
BIG-IP (Advanced WAF/ASM)
BIG-IP (PEM)
BIG-IP Next CNF
BIG-IP Next SPK
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass, sensitive information disclosure and data manipulation on the targeted system.
BIG-IP
BIG-IP (AFM)
BIG-IP (IPS)
BIG-IP (Advanced WAF/ASM)
BIG-IP (PEM)
BIG-IP Next CNF
BIG-IP Next SPK
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 伺服器 - 網絡管理
於 ISC BIND 發現多個漏洞,遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Servers - Network Management
Multiple vulnerabilities were identified in ISC BIND. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 伺服器 - 其他伺服器
於 Node.js 發現一些漏洞,遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務、繞過保安限制、權限提升及敏感資料洩露。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
