中国AutoXが完全無人の自動運転車を使った配車サービスを深センで開始! (12/04)
https://techable.jp/archives/143725
『第5世代の自動運転システム
歩行者に道を譲ったり、路肩に停まっている車を避けるためにレーンを変更したり、と誰もいない運転席のハンドルが自動で動く』
その様子がこれ(↓)
AutoX puts fully driverless RoboTaxis on the roads in China (12/02)
https://www.youtube.com/watch?v=7GVL9Na1_9Q
CVE-2018-13379の件、
前にもここで取り上げた(1, 2)が、続報が先週から色々挙がっている。
6.7 GB worth of sensitive details citing Fortinet SSL VPNs vulnerability have been leaked on a prominent hacker forum. (11/25)
https://www.hackread.com/hacker-leaks-vulnerable-fortinet-ssl-vpns-login-credentials/
Hacker publishes credentials stolen from Fortinet’s FortiGate VPNs (11/25)
https://siliconangle.com/2020/11/25/hacker-publishes-credentials-stolen-fortinet-fortigate-vpns/
『Sridhara added that about 50,000 records belonging to banks, telecoms and government organizations were exposed by this data leak, including session-related information and plain-text usernames and passwords of Fortinet VPN users. “What’s most concerning is that even if the vulnerability is patched, the credentials are still at risk for credential stuffing attacks,” he said.』
2018の発表以降にパッチ適用した or これからする所は、全員パスワード変更した方が良い。
また、同じIDを他のサイトで使っている人は、そっちのパスワード変更もした方が良い。
FortiGate VPN Default Config Allows MitM Attacks (09/25)
https://threatpost.com/fortigate-vpn-default-config-mitm-attacks/159586/
『more than 230,000 vulnerable FortiGate appliances using the VPN functionality, researchers found. Out of those, a full 88 percent, or more than 200,000 businesses, are using the default configuration and can be easily breached in an MitM attack.』
解決には『manually replace the certificate in order to secure their connections appropriately』すれば良い。
また『Fortinet strongly recommends adhering to its provided installation documentation and process, paying close attention to warnings throughout that process to avoid exposing the organization to risk.』にも留意すべし。
Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers (09/25)
https://thehackernews.com/2020/09/fortigate-vpn-security.html
『"The Fortigate issue is only an example of the current issues with security for the small-medium businesses, especially during the epidemic work-from-home routine," Hertz and Tashimov noted.
"These types of businesses require near enterprise grade security these days, but do not have the resources and expertise to maintain enterprise security systems. Smaller businesses require leaner, seamless, easy-to-use security products that may be less flexible, but provide much better basic security."』
IT共同組合のような組織化を行い、多くの中小企業が加盟、インフラは共通化、サポート人員も共通化、ビジネスそのもので勝負、という体制ができれば良いのだろうが。
How to better defend your organization against remote access threats (03/08)
https://www.techrepublic.com/article/how-to-better-defend-your-organization-against-remote-access-threats/
次の脅威への対抗策紹介
- DDoS attacks
- VPNs : Palo Alto Networks, Fortinet, Pulse Secure それぞれアップデート他
- Bluekeep exploits
- Remote Desktop Protocol Attacks : 停止を安直に呼びかける代わりに、モニタリングを提案
- Phishing
Why Virtual Patching is Essential for Vulnerability Mitigation (06/26)
https://www.fortinet.com/blog/business-and-technology/why-virtual-patching-essential-for-vulnerability-mitigation
『 A virtual patching is similar to a patch released by a vendor because it provides protection against a specific exploit. But in this case, the difference is that this patch is deployed at the network level using a IPS rule rather than on the device itself. It is sometimes also referred to as a proximity control as it stops a threat before it reaches its intended target.
..
In today’s dynamically changing environments, the traditional patch cycle simply cannot scale to keep pace with the sophistication and frequency of attacks, and the rate at which new vulnerabilities are being discovered and exploited as a result of the expansion of the digital attack surface.
Virtual patching should be considered an integral component of every organization’s patch management strategy. 』
