topic Resposta da Check Point sobre o vazamento de ferramentas de Red Team da FireEye in Português https://community.checkpoint.com/t5/Portugu%C3%AAs/Resposta-da-Check-Point-sobre-o-vazamento-de-ferramentas-de-Red/m-p/104773#M31 <P><STRONG>Sobre o caso</STRONG></P> <P>Em 8 de dezembro de 2020, a FireEye compartilhou detalhes sobre uma violação que também teve acesso às ferramentas para Red Teams. Para obter mais informações, consulte este <A href="https://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.html" target="_blank">link</A>.</P> <P>&nbsp;</P> <P><STRONG>Solução</STRONG><STRONG>&nbsp;</STRONG></P> <P>O Check Point cobre vulnerabilidades relatadas pela FireEye com as seguintes proteções de prevenção de ameaças:</P> <OL> <LI>Pulse Connect Secure File Disclosure (CVE-2019-11510)</LI> <LI>Microsoft Netlogon Elevation of Privilege (CVE-2020-1472)</LI> <LI>Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379)</LI> <LI>Adobe ColdFusion Remote Code Execution (CVE-2018-15961)</LI> <LI>Microsoft SharePoint Remote Code Execution (CVE-2019-0604)</LI> <LI>Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708)</LI> <LI>Atlassian Crowd Remote Code Execution (CVE-2019-11580)</LI> <LI>Citrix Multiple Products Directory Traversal (CVE-2019-19781)</LI> <LI>Zoho ManageEngine Remote Code Execution (CVE-2020-10189)</LI> <LI>Microsoft Group Policy Preferences Password Elevation of Privilege (MS14-025: CVE-2014-1812)</LI> <LI>Atlassian Confluence Directory Traversal (CVE-2019-3398)</LI> <LI>Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)</LI> <LI>Microsoft Outlook Security Feature Bypass (CVE-2017-11774)</LI> <LI>Microsoft Exchange Server Privilege Escalation (CVE-2018-8581)&nbsp;</LI> </OL> <P>&nbsp;</P> <P>Além disso, o Threat Emulation cobre o CVE-2016-0167 com as proteções Trojan.Wins.Generic.F e Trojan.Wins.Generic.B.</P> <P><BR />Para mais informações, consulte o <A href="https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk170918" target="_blank">sk170918</A>.</P> Wed, 09 Dec 2020 14:28:51 GMT Eduardo_Pereira 2020-12-09T14:28:51Z Resposta da Check Point sobre o vazamento de ferramentas de Red Team da FireEye https://community.checkpoint.com/t5/Portugu%C3%AAs/Resposta-da-Check-Point-sobre-o-vazamento-de-ferramentas-de-Red/m-p/104773#M31 <P><STRONG>Sobre o caso</STRONG></P> <P>Em 8 de dezembro de 2020, a FireEye compartilhou detalhes sobre uma violação que também teve acesso às ferramentas para Red Teams. Para obter mais informações, consulte este <A href="https://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.html" target="_blank">link</A>.</P> <P>&nbsp;</P> <P><STRONG>Solução</STRONG><STRONG>&nbsp;</STRONG></P> <P>O Check Point cobre vulnerabilidades relatadas pela FireEye com as seguintes proteções de prevenção de ameaças:</P> <OL> <LI>Pulse Connect Secure File Disclosure (CVE-2019-11510)</LI> <LI>Microsoft Netlogon Elevation of Privilege (CVE-2020-1472)</LI> <LI>Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379)</LI> <LI>Adobe ColdFusion Remote Code Execution (CVE-2018-15961)</LI> <LI>Microsoft SharePoint Remote Code Execution (CVE-2019-0604)</LI> <LI>Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708)</LI> <LI>Atlassian Crowd Remote Code Execution (CVE-2019-11580)</LI> <LI>Citrix Multiple Products Directory Traversal (CVE-2019-19781)</LI> <LI>Zoho ManageEngine Remote Code Execution (CVE-2020-10189)</LI> <LI>Microsoft Group Policy Preferences Password Elevation of Privilege (MS14-025: CVE-2014-1812)</LI> <LI>Atlassian Confluence Directory Traversal (CVE-2019-3398)</LI> <LI>Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)</LI> <LI>Microsoft Outlook Security Feature Bypass (CVE-2017-11774)</LI> <LI>Microsoft Exchange Server Privilege Escalation (CVE-2018-8581)&nbsp;</LI> </OL> <P>&nbsp;</P> <P>Além disso, o Threat Emulation cobre o CVE-2016-0167 com as proteções Trojan.Wins.Generic.F e Trojan.Wins.Generic.B.</P> <P><BR />Para mais informações, consulte o <A href="https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk170918" target="_blank">sk170918</A>.</P> Wed, 09 Dec 2020 14:28:51 GMT https://community.checkpoint.com/t5/Portugu%C3%AAs/Resposta-da-Check-Point-sobre-o-vazamento-de-ferramentas-de-Red/m-p/104773#M31 Eduardo_Pereira 2020-12-09T14:28:51Z