AI繪圖之俠客行:Stable Diffusion

AI繪圖之俠客行:Stable Diffusion

用俠客行的詩詞,使用AI繪圖,會呈現出什麼影像呢?
  • 俠客行-李白-五言古詩
趙客縵胡纓,吳鉤霜雪明。
銀鞍照白馬,颯沓如流星。
十步殺一人,千里不留行。
事了拂衣去,深藏身與名。
閒過信陵飲,脫劍膝前橫。
將炙啖朱亥,持觴勸侯嬴。
三杯吐然諾,五嶽倒為輕。
眼花耳熱後,意氣素霓生。
救趙揮金槌,邯鄲先震驚。
千秋二壯士,烜赫大梁城。
縱死俠骨香,不慚世上英。
誰能書閣下,白首太玄經。


 

Posted in  on 12月 31, 2022 by Kevin |  

Azure VMware 解決方案

Azure VMware 解決方案提供私人雲端

其中包含從專用裸機 Azure 基礎結構建置的 VMware vSphere 叢集。 最基本的初始部署為三部主機,但您可以逐次新增一部額外的主機,每個叢集最多 16 部主機。 所有布建的私人雲端都有 VMware vCenter Server、VMware vSAN、VMware vSphere 和 VMware NSX-T 資料中心。 微軟會管理和維護私人雲端基礎結構與軟體。

詳情請看:

Azure VMware 解決方案文件

Posted in  on 12月 30, 2022 by Kevin |  

AI繪圖之黃鶴樓:Stable Diffusion

AI繪圖之黃鶴樓:Stable Diffusion

用黃鶴樓的詩詞,使用AI繪圖,會呈現出什麼影像呢?
  • 黃鶴樓-崔顥-七言律詩
昔人已乘黃鶴去,此地空餘黃鶴樓。
黃鶴一去不復返,白雲千載空悠悠。
晴川歷歷漢陽樹,芳草萋萋鸚鵡洲。
日暮鄉關何處是?煙波江上使人愁。 

 


Posted in  on 12月 30, 2022 by Kevin |  

CISA新增了2個弱點漏洞到已知被利用的弱點漏洞清單-2022/12/29

CISA新增了2個弱點漏洞到已知被利用的弱點漏洞清單

CISA新增了2個弱點漏洞到已知被利用的弱點漏洞清單,應盡快修補此弱點漏洞:
  • CVE-2018-5430:TIBCOIBCO JasperReports Server Information Disclosure Vulnerability
  • CVE-2018-18809:TIBCO JasperReports Library Directory Traversal Vulnerability

詳情請看:

AI繪圖之春思:Stable Diffusion

AI繪圖之春思:Stable Diffusion

用春思的詩詞,使用AI繪圖,會呈現出什麼影像呢?
  • 春思-李白-五言古詩
燕草如碧絲,秦桑低綠枝。
當君懷歸日,是妾斷腸時。
春風不相識,何事入羅幃。
 

 



Posted in  on 12月 29, 2022 by Kevin |  

AI繪圖之我的家庭:Stable Diffusion

AI繪圖之我的家庭:Stable Diffusion


用我的家庭的歌詞,使用AI繪圖,會呈現出什麼影像呢?

  • 我的家庭歌詞:
我家門前有小河,後面有山坡。
山坡上面野花多,野花紅似火。
小河裡,有白鵝,鵝兒戲綠波。
戲弄綠波,鵝兒快樂,昂首唱清歌。

 


 

Posted in  on 12月 28, 2022 by Kevin |  

CISA發布了防止網路釣魚的MFA指南

CISA發布了防止網路釣魚的MFA指南

CISA發布了防止網路釣魚的MFA指南,CISA建議使用釣魚抵抗的MFA或者最少應該使用有數字比較模式的MFA,不建議使用手機推送的MFA模式。

因為手機推送的模式,使用者沒有辦法確認這一個推送的提醒,是不是他當下驗證時所發出來的手機推送驗證。

另外也發布了釣魚抵抗MFA的指南,推薦以下2種MFA:

  • FIDO/WebAuthn Authentication
  • PKI-based MFA
詳請請看:

CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication

Implementing Number Matching in MFA Applications

Implementing Phishing-Resistant MFA




Posted in  on 12月 28, 2022 by Kevin |  

Cisco發表的雲端安全控制框架CCF 1.0

Cisco發表的雲端安全控制框架CCF 1.0

Cisco發表的雲端安全控制框架CCF 1.0,其對應了多數知名的安全框架,提供了一套完整的雲端安全控制框架免費讓組織安全人員參考,其整合了以下的知名安全框架:

- SOC 2 (A/S/C)

- SOC 2 Privacy

- ISO 27001

- ISO 27701 Processor/Controller

– ISO 27017 Provider/Customer

- ISO 22301

- ISO 27018

- BSI C5

- Fedramp Tailored

- Spanish ENS Basic/Medium/High

- ISMAP

- PCI DSS v.3.2.1

- IRAP December 2021

- EU Code of Conduct

詳情請看: 

Announcing the public availability of the Cisco Cloud Controls Framework (CCF)

Cisco Cloud Controls Framework

Posted in  on 12月 26, 2022 by Kevin |  

CISA 2023-2025的戰略計畫

CISA發佈了2023-2025的戰略計畫

該戰略計劃傳達了資訊安全和基礎設施安全局 (CISA) 的使命和願景,從中可以大概了解一下美國主要的資安組織的規劃,其中希望達到四個目標:

  1. 資安防禦
  2. 降低風險和彈性
  3. 運營協作
  4. 機構統一


詳情請看:

CISA’s 2023-2025 Strategic Plan

Posted in  on 12月 24, 2022 by Kevin |  

CISA發布了6個工業控制系統的安全公告-2022/12/20

CISA發布了6個工業控制系統的安全公告,包含安全議題,漏洞與曝露的風險(2022/12/20):

  • ICSA-22-354-01 Fuji Electric Tellus Lite V-Simulator
  • ICSA-22-354-02 Rockwell Automation GuardLogix and ControlLogix
  • ICSA-22-354-03 ARC Informatique PcVue
  • ICSA-22-354-04 Rockwell Automation MicroLogix 1100 and 1400
  • ICSA-22-354-05 Delta 4G Router DX-3021
  • ICSA-22-349-01 Prosys OPC UA Simulation Server (Update A)
詳情請看:
Posted in  on 12月 22, 2022 by Kevin |  

微軟發表了Excel的新功能-2022年12月

微軟發表了Excel的新功能-2022年12月

包含了在Windows、MAC與網頁介面都有新的功能推出:
  • 網頁版 Excel:
    • 配方建議
    • 實例公式
    • 建議鏈接
    • 在查詢窗格中添加搜索欄
    • 圖片功能
  • 適用於 Windows 的 Excel:
    • 添加鍵盤快捷方式以打開 Power Query 編輯器
    • 創建嵌套的 Power Query 數據類型(內部人員)
    • 添加從動態數組中獲取數據(內部人員)
    • 圖片功能
  • 適用於 Mac 的 Excel:
    • 圖片功能

詳情請看:

What's New in Excel (December 2022)

Posted in  on 12月 22, 2022 by Kevin |  

微軟的安全性合規性工具組

微軟的安全性合規性工具組

微軟的安全性合規性工具組是一個小工具,可以用來自動的比對微軟的基準值建議的差別,甚至可以用來比對組織的群組原則物件(GPO),包含以下的微軟產品: 

  • Windows 11安全性基準

    • Windows 11 版本 22H2
    • Windows 11 版本 21H2

  • Windows10 安全性基準

    • Windows 10 22H2 版
    • Windows 10 版本 21H2
    • Windows 10 版本 21H1
    • Windows 10 版本 20H2
    • Windows 10 版本 1809
    • Windows 10 (版本 1607)
    • Windows 10,版本 1507

  • WindowsServer 安全性基準

    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2

  • Microsoft Office 安全性基準

    • Office 2016
    • 企業版 2206 Microsoft 365 Apps

  • Microsoft Edge 安全性基準

    • Edge 版本 98

  • 工具

    • 原則分析器
    • 本機群組原則物件 (LGPO)
    • 設定物件安全性
    • GPO 至原則規則
詳請請看: 
Posted in ,  on 12月 22, 2022 by Kevin |  

微軟PowerToy新功能File Locksmith,哪些項目正在使用此檔案?

微軟PowerToy新功能File Locksmith

微軟PowerToy新功能File Locksmith,可以查出"哪些項目正在使用此檔案?"

從檔案總管選取要查詢的檔案,按右鍵後點選"哪些項目正在使用此檔案?",就可以找出哪些程式在用這個檔案。

詳情請看:

File Locksmith utility

PowerToys

CISA發布了41個工業控制系統的安全公告

CISA發布了41個工業控制系統的安全公告,包含安全議題,漏洞與曝露的風險:

  • ICSA-22-349-01 Prosys OPC UA Simulation
  • ICSA-22-349-02 Siemens SCALANCE X-200RNA Switch Devices
  • ICSA-22-349-03 Siemens Multiple Denial of Service Vulnerabilities in Industrial Products
  • ICSA-22-349-04 Siemens Multiple Vulnerabilities in SCALANCE Products
  • ICSA-22-349-05 Siemens PLM Help Server
  • ICSA-22-349-06 Siemens SIMATIC WinCC OA Ultralight Client
  • ICSA-22-349-07 Siemens Simcenter STAR-CCM+
  • ICSA-22-349-08 Siemens Polarion ALM
  • ICSA-22-349-09 Siemens Products affected by OpenSSL 3.0
  • ICSA-22-349-10 Siemens APOGEE_TALON Field Panels
  • ICSA-22-349-11 Siemens SIPROTEC 5 Devices
  • ICSA-22-349-12 Siemens Parasolid
  • ICSA-22-349-13 Siemens Mendix Workflow Commons
  • ICSA-22-349-14 Siemens SISCO MMS-EASE Third Party Component
  • ICSA-22-349-15 Siemens Teamcenter Visualization and JT2Go
  • ICSA-22-349-16 Siemens APOGEE and TALON
  • ICSA-22-349-17 Siemens Mendix Email Connector
  • ICSA-22-349-18 Siemens SCALANCE SC-600 Family
  • ICSA-22-349-19 Siemens SICAM PAS
  • ICSA-22-349-20 Siemens Teamcenter Visualization and JT2Go
  • ICSA-22-349-21 Siemens SCALANCE X-200RNA Switch Devices
  • ICSA-21-012-02 Siemens SCALANCE X Switches (Update C)
  • ICSA-20-014-03 Siemens SCALANCE X Switches (Update B)
  • ICSA-20-042-07 Siemens SCALANCE X Switches (Update C)
  • ICSA-22-069-01 Siemens RUGGEDCOM Devices (Update D)
  • ICSA-21-222-05 Siemens Industrial Products Intel CPUs (Update G)
  • ICSA-20-161-04 Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update K)
  • ICSA-22-286-09 Siemens SICAM P850 and P855 Devices (Update A)
  • ICSA-22-286-11 Siemens SCALANCE and RUGGEDCOM Products (Update B)
  • ICSA-22-258-04 Siemens Mendix SAML Module (Update B)
  • ICSA-22-104-06 Siemens PROFINET Stack Integrated on Interniche Stack (Update E)
  • ICSA-22-286-07 Siemens Nucleus RTOS FTP Server (Update A)
  • ICSA-22-314-09 Siemens Teamcenter Visualization and JT2Go (Update A)
  • ICSA-22-314-02 Siemens Missing Web Server Login Page of Industrial Controllers (Update A)
  • ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products (Update E)
  • ICSA-22-132-05 Siemens Industrial PCs and CNC devices (Update A)
  • ICSA-22-104-13 Siemens SIMATIC S7-1500 CPU GNU Linux subsystem (Update A)
  • ICSA-18-163-02 Siemens SCALANCE X Switches (Update B)
  • ICSA-22-132-12 Siemens Industrial Products (Update C)
  • ICSA-20-105-08 Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update D)
  • ICSA-19-283-02 Siemens Profinet Devices (Update L).
詳情請看:
Posted in  on 12月 16, 2022 by Kevin |  

CISA新增了5個弱點漏洞到已知被利用的弱點漏洞清單

CISA新增了5個弱點漏洞到已知被利用的弱點漏洞清單,應盡快修補此弱點漏洞:

  • CVE-2022-42475:FortiOS Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
  • CVE-2022-44698:Microsoft Defender SmartScreen Security Feature Bypass Vulnerability
  • CVE-2022-27518:Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability
  • CVE-2022-26500:Veeam Backup & Replication Remote Code Execution Vulnerability
  • CVE-2022-26501:Veeam Backup & Replication Remote Code Execution Vulnerability
詳情請看:

CISA發布了3個工業控制系統的安全公告

CISA發布了3個工業控制系統的安全公告,包含安全議題,漏洞與曝露的風險:

  • ICSA-22-347-01 ICONICS and Mitsubishi Electric Products
  • ICSA-22-347-02 Schneider Electric APC Easy UPS Online
  • ICSA-22-347-03 Contec CONPROSSYS HMI System (CHS)
詳情請看:
Posted in  on 12月 14, 2022 by Kevin |  

Microsoft Cloud Adoption Framework for Azure

Microsoft Cloud Adoption Framework for Azure

微軟提出適用於Azure 的 Microsoft 雲端採用架構,經過證實的指引和最佳做法,可協助組織放心地採用雲端並達成業務成果,分別從以下幾個層面提供建議:
  • 開始使用
  • 策略
  • 計畫
  • 就緒
  • 移轉
  • 創新
  • 安全
  • 管理
  • 治理
詳情請看: 

Posted in  on 12月 12, 2022 by Kevin |  

CISA:網絡釣魚預防海報

CISA發佈了一篇網絡釣魚預防海報,用"真的釣魚"的說法,來教導如何預防網路釣魚:

  • 阻止誘餌
  • 不要上鉤
  • 報告鉤子
  • 保護水域

詳情請看: 

PHISHING INFOGRAPHIC

Posted in  on 12月 10, 2022 by Kevin |  

Kaspersky:2023年的資安危脅預測

Kaspersky的Securelist發佈了一篇關於2023年的資安危脅預測:
  • 破壞性攻擊的興起
  • 郵件服務器成為優先目標
  • 下一個 WannaCry
  • APT 目標轉向衛星技術、生產商和運營商
  • 入侵並洩漏資料攻擊是新的趨勢
  • 更多 APT 團體將從 CobaltStrike 轉向其他替代方案
  • SIGINT 傳遞的惡意軟件
  • 無人機入侵
詳情請看:
Posted in  on 12月 08, 2022 by Kevin |  

微軟的安全性基準指南

微軟的安全性基準指南

微軟提供了系統的安全性指南,包含了以下三種方法:

  1. 安全性合規性工具組 (SCT)

  2. 行動裝置管理 (MDM) 安全性基準

  3. Microsoft Intune中設定 MDM 安全性基準


詳請請看:


Posted in ,  on 12月 04, 2022 by Kevin |  

微軟建議監視的事件清單

微軟建議監視的事件清單

文章列出微軟建議應該監視的事件,高的事件重要性表示應該即時調查的事件。 中或低的事件重要性表示,只有在這些事件非預期發生或明顯超過預期發生數量時,才應該調查這些事件。

詳情請參考:
Posted in ,  on 12月 02, 2022 by Kevin |  

CISA發布了7個工業控制系統的安全公告

CISA發布了7個工業控制系統的安全公告,包含安全議題,漏洞與曝露的風險:

  • ICSA-22-333-01 Mitsubishi Electric GOT2000
  • ICSA-22-333-02 Hitachi Energys IED Connectivity Packages and PCM600 Products
  • ICSA-22-333-03 Hitachi Energys MicroSCADA ProX SYS600 Products
  • ICSA-22-333-04 Moxa UC Series
  • ICSA-22-333-05 Mitsubishi Electric FA Engineering Software
  • ICSA-21-334-02 Mitsubishi MELSEC and MELIPC Series (Update E)
  • ICSA-19-346-02 Omron PLC CJ and CS Series (Update A)
詳情請看:
Posted in  on 11月 30, 2022 by Kevin |  

微軟的稽核原則建議

微軟的稽核原則建議

微軟建議從這個設定開始,用來協助偵測入侵,這些資料表包含Windows預設設定、基準建議,以及這些作業系統的更強建議。

文章建議了應該要監控事件類型:

  • 發生的可能性很高,表示未經授權的活動

  • 誤判數字低

  • 發生時應該會產生調查/鑒識回應

並包含兩種類型的事件:

  1. 即使發生單一事件,也會指出未經授權的活動

  2. 累積的事件高於預期和接受的基準


詳請請參考:

稽核原則建議


Posted in ,  on 11月 30, 2022 by Kevin |  

8個應該停用的安全小技巧

 8個應該停用的安全小技巧

Watchguard CSO發表了一篇8個應該停用的安全小技巧,包含的內容如下: 
  • 密碼最少應該8碼:文中建議應該改為最少12碼,最好可以到16碼。
  • 定期變更密碼:主要是人們為了記得一直改的密碼,會用容易猜的密碼,但是如果登入驗證還是只有密碼這一個方式,還是建議要定期更改。所以最好的方法應該是導入MFA,這樣只有在密碼已經可能外洩時,才需要更改密碼。
  • 推動強密碼實踐:應該改為推行密碼管理工具與MFA。
  • 對來自陌生人的鏈接和附件持懷疑態度:這個提示已經過時不是因為它是錯誤的,而是因為它的包容性不夠。 您應該告訴您的用戶對每個人的鏈接和附件持懷疑態度,即使是他們認識的人。
  • 使用者是無法教育的:資訊安全意識提升的教育還是非常重要的。
  • 防火牆與防毒軟體已經足夠了
  • 僅安全工具就足以保護我們
  • 讓 IT 或 CISO 承擔網絡安全責任
詳請請看: 
Posted in  on 11月 28, 2022 by Kevin |  

Kaspersky:安全購物的守則

Kaspersky發佈了一篇關於安全購物的守則,提出以下的重點:
  • 使用密碼複雜度夠強的密碼
  • 使用公眾網路時,要用VPN保護連線。
  • 不要連結信用卡或銀行帳號到網路購物商店。
  • 使用線上的付費服務。
  • 使用獨立的信用卡來支援網路商店。
  • 確認每一筆付款資料.
  • 使用可靠的安全保護機制。
詳情請看:

Posted in  on 11月 24, 2022 by Kevin |  

CISA發布了8個工業控制系統的安全公告

CISA發布了8個工業控制系統的安全公告,包含安全議題,漏洞與曝露的風險:
  • ICSA-22-326-01 AVEVA Edge
  • ICSA-22-326-02 Digital Alert Systems DASDEC
  • ICSA-22-326-03 Phoenix Contact Automation Worx
  • ICSA-22-326-04 GE Cimplicity
  • ICSA-22-326-05 Moxa Multiple ARM-Based Computers
  • ICSMA-21-152-01 Hillrom Medical Device Management (Update C)
  • ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update I)
  • ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update G)
詳情請看:
Posted in ,  on 11月 23, 2022 by Kevin |  

微軟發布了創新者的零信任安全性指南

微軟發布了創新者的零信任安全性指南 

微軟發布了創新者的零信任安全性指南,從幾個方向,指導如何推動零信任架構:

  1. 保護現代工作場所
  2. 零信任的六個風險區域
  3. 推動零信任部屬的策略
  4. 協調流程與自動化
  5. 打造安全性文化
  6. 如何與董事會討論零信任


詳情請看:

創新者的零信任安全性指南

Posted in  on 11月 20, 2022 by Kevin |  

微軟的30天免費學習系列

微軟的30天免費學習系列,包含以下的課程:
  • Data Science
  • Fusion
  • Serverless
  • Power Platform
  • Data Analytics
  • Static Web Apps
  • Progressive Web Apps
  • Microsoft Graph
詳情請看:
Posted in  on 11月 18, 2022 by Kevin |  

部分office版本的將終止服務

部分office版本的將終止服務,包含以下產品:

  • Office 2013 reaches end of support on April 11, 2023
  • Office 2019 for Mac reaches end of support on October 10, 2023.
  • Connecting Office 2016 and Office 2019 to Microsoft 365 reaches end of support on October 10, 2023

詳情請看:
Posted in  on 11月 17, 2022 by Kevin |  

CISA發布了本周的漏洞清單

 CISA發布了本周的漏洞清單,其中包含了很多9.8嚴重漏洞,包含了以下產品:

  • activity_log_project -- activity_log:CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
  • apache -- commons_bcel:Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.
  • citrix -- gateway:Unauthorized access to Gateway user capabilities
  • citrix -- gateway:User login brute force protection functionality bypass
  • democritus -- d8s-dates:The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-networking:The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-json package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-networking:The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-python:The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-python:The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-stats:The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-strings:The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-timer:The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-urls:The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0.
  • democritus -- d8s-xml:The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-utility package. The affected version of d8s-htm is 0.1.0.
  • flowring -- agentflow_bpm:The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service.
  • fluentforms -- contact_form:The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection
  • huawei -- emui:The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
  • huawei -- harmonyos:The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.
  • mahara -- mahara:Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript.
  • maxonerp -- maxon:A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchase_order/browse_data. The manipulation of the argument tb_search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213039.
  • mendix -- saml:A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML Module (Mendix 7 compatible) (All versions >= V1.17.0), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.3.0), Mendix SAML Module (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.2), Mendix SAML Module (Mendix 9 compatible, New Track) (All versions < V3.3.1), Mendix SAML Module (Mendix 9 compatible, New Track) (All versions >= V3.3.1 < V3.3.5), Mendix SAML Module (Mendix 9 compatible, Upgrade Track) (All versions < V3.3.0), Mendix SAML Module (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.4). Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option `'Allow Idp Initiated Authentication'` is enabled. This CVE entry describes the incomplete fix for CVE-2022-37011 in a specific non default configuration.
  • microsoft -- azure_rtos_usbx:Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when current state is `UX_SYSTEM_DFU_STATE_DFU_IDLE`. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the `UPLOAD_LENGTH` check in all possible states.
  • microsoft -- exchange_server:Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41123.
  • nec -- expresscluster_x_singleserversafe:Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.
  • nec -- expresscluster_x_singleserversafe:Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.
  • nec -- expresscluster_x_singleserversafe:Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.
  • nec -- expresscluster_x_singleserversafe:Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.
  • netwrix -- auditor:Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.
  • objectfirst -- object_first:An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret key that is generated through a function that doesn't produce cryptographically strong sequences. An attacker can predict these sequences and generate a JWT token. As a result, an attacker can get access to the Web UI. This is fixed in 1.0.13.1611.
  • online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system: Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms//classes/Master.php?f=delete_activity.
  • openfga -- openfga:OpenFGA is a high-performance authorization/permission engine inspired by Google Zanzibar. Versions prior to 0.2.5 are vulnerable to authorization bypass under certain conditions. You are affected by this vulnerability if you added a tuple with a wildcard (*) assigned to a tupleset relation (the right hand side of a ‘from’ statement). This issue has been patched in version v0.2.5. This update is not backward compatible with any authorization model that uses wildcard on a tupleset relation.
  • opmc -- woocommerce_dropshipping: The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
  • parseplatform -- parse-server:Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This issue is patched in version 5.3.1 and in 4.10.18. There are no known workarounds.
  • powercom_co_ltd -- upsmon_pro:UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service.
  • roxyfileman -- roxy_fileman:Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. (Visiting any .phar file invokes the PHP interpreter in some realistic web-server configurations.)
  • samsung -- pass:Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.
  • sanitization_management_system_project -- sanitization_management_system: A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213012.
  • symantec -- endpoint_detection_and_response: Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
  • vmware -- workspace_one_assist:VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
  • vmware -- workspace_one_assist:VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
  • vmware -- workspace_one_assist:VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
  • vmware -- workspace_one_assist:VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token.
  • wago -- i/o-check_service:In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.
  • xfce -- xfce4-settings:In Xfce xfce4-settings A2:B45before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
詳情請看: 

用wmic指令找notebook的硬體序號,型號

用wmic指令找notebook的硬體序號,型號 

打開windows的cmd,執行以下指令,就不用再把notebook翻過來了。

  • wmic bios get serialnumber
這一個指令也可以:
  • wmic csproduct get identifyingnumber
另外忘記了notebook的型號了嗎?wmic也能找:
  • wmic csproduct get version

Posted in ,  on 11月 14, 2022 by Kevin |  

Azure SC-900安全性、合規性和身分識別基礎知識的免費學習資源

Azure SC-900安全性、合規性和身分識別基礎知識的免費學習資源

Azure SC-900安全性、合規性和身分識別基礎知識的免費學習資源,主要介紹這些主題:

介绍安全性和符合性概念

描述身分識別概念

描述 Azure AD 的服务和标识类型

描述 Azure AD 的驗證功能

描述 Azure AD 的存取管理功能

描述 Azure AD 的身分識別保護和治理功能

描述 Azure 中的基本安全性功能

描述 Azure 的安全性管理功能

描述 Microsoft Sentinel 的安全功能

描述使用 Microsoft 365 Defender 威脅防護

描述 Microsoft 的服務信任入口網站與隱私權

說明 Microsoft Purview 的資訊保護和資料生命週期管理資訊

描述 Microsoft Purview 中的內部風險處理能力

描述 Microsoft Purview 的電子文件探索和稽核功能

描述 Azure 中的資源治理功能


詳請請參考:

Course SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals

 

Posted in  on 11月 12, 2022 by Kevin |  

CISA發布了12個工業控制系統的安全公告

CISA發布了3個工業控制系統的安全公告,包含安全議題,漏洞與曝露的風險:

  • ICSA-22-314-01 Siemens Parasolid
  • ICSA-22-314-02 Siemens Missing Web Server Login Page of Industrial Controllers
  • ICSA-22-314-03 Siemens SINEC Network Management System Logback Component
  • ICSA-22-314-04 Siemens SINUMERIK ONE and SINUMERIK MC
  • ICSA-22-314-05 Siemens RUGGEDCOM ROS
  • ICSA-22-314-06 Siemens QMS Automotive
  • ICSA-22-314-07 Omron NJNX-series Machine Automation Controllers
  • ICSA-22-314-08 Omron NJNX-series
  • ICSA-22-314-09 Siemens Teamcenter Visualization and JT2Go
  • ICSA-22-314-10 Siemens SCALANCE W1750D
  • ICSA-22-314-11 Siemens SICAM Q100
  • ICSA-21-350-06 Siemens CAPITAL VSTAR (Update A)
  • ICSA-22-286-15 Siemens SCALANCE X-200 and X-200IRT Families (Update A)
  • ICSA-22-258-03 Siemens RUGGEDCOM ROS (Update A)
  • ICSA-22-228-02 LS ELEC PLC and XG5000 (Update A)
  • ICSA-22-298-06 Delta Electronic DIAEnergie (Update A)
  • ICSA-22-258-04 Siemens Mendix SAML Module (Update A)
  • ICSA-22-286-11 Siemens SCALANCE and RUGGEDCOM Products (Update A)
  • ICSA-21-350-13 Siemens Questa and ModelSim (Update A)
  • ICSA-22-069-01 Siemens RUGGEDCOM Devices (Update C)
詳情請看:
Posted in ,  on 11月 11, 2022 by Kevin |  
訂閱: 文章 (Atom)