2019년 12월 11일 보안정보 입니다.

12월 11일 보안정보 입니다.

=================================================

+ 주요 취약점 - Apple, 여러 가지 보안 업데이트 발표 외 4건

1. Apple, 여러 가지 보안 업데이트 발표
[요약]
Xcode 11.3
watchOS 5.3.4
watchOS 6.1.1
tvOS 13.3
macOS Catalina 10.15.2, 보안 업데이트 2019-002 Mojave 및 보안 업데이트 2019-007 High Sierra
사파리 13.0.4
iOS 12.4.4
iOS 13.3 및 iPadOS 13.3
- https://www.us-cert.gov/ncas/current-activity/2019/12/10/apple-releases-multiple-security-updates

2. Intel, 보안 업데이트 발표
[요약]
공격자는 이 취약점를 악용하여 자신의 권한을 상승 시킬수 있음.
- https://www.us-cert.gov/ncas/current-activity/2019/12/10/intel-releases-security-updates

3. Adobe 보안 업데이트 발표
[요약]
ColdFusion APSB19-58
Brackets APSB19-57
Photoshop CC APSB19-56
Acrobat and Reader APSB19-55
- https://www.us-cert.gov/ncas/current-activity/2019/12/10/adobe-releases-security-updates

4. Samba 보안 업데이트 발표
[요약]
침입자는 이 취약점 중 하나를 악용하여 시스템을 제어 할 수 있음. (CVE-2019-14861, CVE-2019-14870)
- https://www.us-cert.gov/ncas/current-activity/2019/12/10/samba-releases-security-updates

5. Windows 10 KB4530684 & KB4530715 누적 보안 덥데이트 발표
[요약]
KB4530684 (빌드 18362.535 및 18363.535), KB4530684 (빌드 18362.535 및 18363.535) 누적 보안 업데이트 권고
- https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4530684-and-kb4530715-cumulative-updates-released/

=================================================

+ 취약점 - Microsoft 제품 취약점 외 2건

1. Microsoft 제품 취약점
Microsoft VBScript code execution (CVE-2019-1485)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/172390

Microsoft Word CVE-2019-1461 Remote Denial of Service Vulnerability
- https://www.symantec.com/security-center/vulnerabilities/writeup/111055?om_rssid=sr-advisories

Multiple vulnerabilities in Microsoft Access (CVE-2019-1463, CVE-2019-1400)
- https://www.cybersecurity-help.cz/vdb/SB2019121023?affChecked=1

2. Apache Olingo OData 4.6.x XML Injection
[요약]
XML external entity injection vulnerability
- https://packetstormsecurity.com/files/155619/Apache-Olingo-OData-4.6.x-XML-Injection.html

3. WordPress Scoutnet Kalender 1.1.0 Cross Site Scripting
[요약]
cross site scripting vulnerability
- https://packetstormsecurity.com/files/155615/WordPress-Scoutnet-Kalender-1.1.0-Cross-Site-Scripting.html

=================================================

+ 보안정보 - 초록색 자물쇠가 브라우저에 뜨면 안전하다? 외 2건

1. 초록색 자물쇠가 브라우저에 뜨면 안전하다?
[요약]
연말연시에 각종 피싱 사이트 난립하고 있음.
요즘 공격자들은 정상 인증서까지 취득해서 초록색 자물쇠 아이콘을 보유함.
따라서 초록색 자물쇠 아이콘이 있다고 해서 무조건 안심하면 안 됨.
- https://www.boannews.com/media/view.asp?idx=85104

2. Operation WizardOpium 공격(CVE-2019-1458)에 사용된 Windows zero-day exploit 탐지
[요약]
카스퍼스키는 Operation WizardOpium 공격에 사용 된 Chrome zero-day 악용 사례를 성공적으로 탐지.
감염된 시스템에 대한 높은 권한을 얻거나 Chrome 프로세스 샌드 박스를 탈출하는 데 사용되는 zero-day EoP 악용(CVE-2019-1458)이 포함.
이 특정 공격 샌드 박스 솔루션은 격리 된 환경에서 URL / 악성 페이로드를 분석하고 EPROCESS 토큰 조작을 탐지 할 수 있음.
- https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/

3. 2019 년 중국에 대한 "OceanLotus"공격 요약
[요약]
Sea Lotus(APT32, OceanLotus라고도 함)는 베트남의 APT 공격 조직으로 간주되며 2012 년에 활동 한 이래 중국 본토의 민감한 표적을 공격.
이 조직은 피싱, 페이로드 변조, 새로운 익스플로잇 등 기술을 지속적으로 업데이트.
전자 메일의 첨부 파일을 임의로 실행하지 않아야 하며 피싱 메시지를 열지 말아야 함.
- http://hackernews.cc/archives/28699

=================================================