跳到主要內容

資安新聞及事件週報 2018/09/17 ~ 2018/09/21

1.重大弱點漏洞

NUUO產品被曝0Day漏洞,黑客可遠程入侵數​​十萬攝像頭
https://www.easyaq.com/news/550008787.shtml

一個通殺絕大多數交易平台的XSS 0day 漏洞
https://www.anquanke.com/post/id/160193

安全公司:某第三方知名JS庫存在XSS 0day漏洞,可盜取交易所賬號
https://www.8btc.com/article/276428

Win平台Tor瀏覽器匿名機制繞過漏洞可洩露用戶IP
https://www.anquanke.com/post/id/159899

IBM DB2 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10731657

30 年前的漏洞,竟可引起2018 年的電腦操作崩潰
https://blog.csdn.net/csdnnews/article/details/82731527

新漏洞允許黑客訪問睡眠模式電腦:所有品牌都受影響
https://iview.sina.com.tw/post/17145570

ISC BIND 篡改漏洞
https://www.us-cert.gov/ncas/current-activity/2018/09/19/ISC-Releases-Security-Advisory-BIND

Imperva SecureSphere WAF 11.5 Bypass - CXSecurity.com
https://cxsecurity.com/issue/WLB-2018090136

F5 BIG-IP APM portal access 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15310

D-Link DIR-600M跨站腳本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16605

Red Hat 389-ds-base競爭條件漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10850

Silicon Graphics LibTIFF 安全漏洞
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201809-673

CCleaner再出包!擅自將用戶升級到5.46
https://www.ithome.com.tw/news/125947

微軟 Jet Database Engine 遠端程式碼執行漏洞
https://www.theregister.co.uk/2018/09/20/microsofts_jet_database_zero_day/

Microsoft Internet Explorer/Edge遠程內存破壞安全漏洞
http://www.twoeggz.com/news/10957055.html

Microsoft Windows Device Guard本地安全繞過漏洞
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200

Critical Security Update Released for Adobe Reader and Acrobat
https://malwaretips.com/threads/critical-security-update-released-for-adobe-reader-and-acrobat.86893/

Cisco Patches Network Recording Player Remote Code Execution Vulnerabilities
https://malwaretips.com/threads/cisco-patches-network-recording-player-remote-code-execution-vulnerabilities.86892/

Cisco Network Assistant拒絕服務漏洞
https://packetstormsecurity.com/files/149121/Cisco-Network-Assistant-6.3.3-Denial-Of-Service.html

Cisco SD-WAN Solution命令注入漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection

Intel releases firmware update for ME flaw
https://nakedsecurity.sophos.com/2018/09/18/intel-releases-firmware-update-for-me-flaw/

知道還不補!研究人員踢爆WD低階NAS有身分驗證繞過漏洞,但WD知情一年遲遲未修
https://www.ithome.com.tw/news/125993

Western Digital's My Cloud NAS Devices Turn Out to Be Easily Hacked
https://bit.ly/2DfUnLb

Western Digital My Cloud 多個漏洞
https://www.securify.nl/advisory/SFY20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html

A REMOTE CODE EXECUTION VULNERABILITY IN THE MICROSOFT WINDOWS JET DATABASE ENGINE
https://bit.ly/2OGkVX6

NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
https://www.exploit-db.com/exploits/45427/

CA Release Automation NiMi 6.5 - Remote Command Execution
https://www.exploit-db.com/exploits/45425/

Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)
https://www.exploit-db.com/exploits/45367/

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution
https://www.exploit-db.com/exploits/45345/

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting
https://www.exploit-db.com/exploits/45422/

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)
https://www.exploit-db.com/exploits/45424/

Solaris - libnspr NSPR_LOG_FILE Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/45433/

Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
https://www.exploit-db.com/exploits/45407/

Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
https://www.exploit-db.com/exploits/45421/

Adobe Acrobat Reader 多個漏洞
https://helpx.adobe.com/security/products/acrobat/apsb18-34.html


2.銀行/金融/保險/證券/電子支付/行動支付/虛擬貨幣/區塊鍊 新聞及資安

富士通實驗室開發出區塊鏈擴展技術「ChainedLineage」
https://bit.ly/2xtvFl1

日交易所又遭駭! 駭客從 Zaif 熱錢包盜走近 6,000 萬美元加密幣
https://blockcast.it/2018/09/20/jp-exchange-zaif-hacked/

日本交易所 Zaif 遭駭客攻擊,共損失 18 億加密資產
https://www.blocktempo.com/japanese-cryptocurrency-exchange-hacked-59-million-in-losses/

日本虛擬貨幣再出包 損失6,000萬美元
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000542751_9KL8PW5N4CQP7F2UQ81U7

日本又爆大型虛幣竊案 逾18億加密資產遭盜匯
https://news.tvbs.com.tw/world/996006

駭客現身?疑似發現攻擊Zaif交易所的比特幣位址
http://m.life.tw/?app=view&no=846439

日本加密貨幣交易所Zaif遭駭 損失67億日圓
https://coineast.com/japanese-cryptocurrency-exchange-zaif-hacked/

俄羅斯多間大銀行皆希望與加密貨幣產業合作
https://bit.ly/2DutSBR

比特幣拋售過了頭? Trefis Team:年底前將漲回8500美元
https://bit.ly/2D0VnSY

一定限額以下 比特幣現金交易擬鬆綁
https://udn.com/news/story/11316/3379134

超商仍可買比特幣 金管會「管不了」望業者自律
https://www.chinatimes.com/realtimenews/20180920004494-260410

虛擬通貨實名制落實到超商,單日限額不超過 10 萬
https://bit.ly/2xu4xT0

虛擬貨幣交易採實名制 超商現金購買 金管會有條件放寬
https://bit.ly/2NXsqMa

交易速度大勝比特幣!加密貨幣教父推新平台
https://m.ctee.com.tw/focus/vvgc/196001

中國人民銀行再發通告 警告民眾勿沾 ICO
https://bit.ly/2xxoDeh

擁有7.2億美元比特幣的「大金主」突然甦醒 數位貨幣「嚇跌」
https://news.cnyes.com/news/id/4203418

為修復漏洞,Everipedia宣布將暫停有關「IQ合約」的服務一天
https://bit.ly/2NS5he0

加密貨幣暴露風險中 Google專家警告:別做這些事
https://www.ettoday.net/news/20180918/1261103.htm

新加坡金管局主管:證券型代幣適用於現有的新加坡證券及期貨法
https://bit.ly/2pjKIJF

從WiMAX到區塊鏈 又一個神話即將破滅
http://talk.ltn.com.tw/article/paper/1233202

新型數字資產交易所BitMax首來台 實習月薪5萬獵才
https://www.chinatimes.com/realtimenews/20180918003685-260410

加密貨幣市場面臨新一波賣壓?10億美元比特幣恐遭拋售
https://udn.com/news/story/6811/3372630

火幣、吉富兩肋插刀,加密貨幣交易所「數寶」登陸台灣
https://www.inside.com.tw/2018/09/18/taiwan-cryptocurrency-exchange-shubao-opening

在加密貨幣市場掀起波瀾,「受監管」的穩定幣究竟是怎麼一回事
https://bit.ly/2D8dPcF

中國多家大銀行將接受CADE的加密貨幣壟斷調查
https://bit.ly/2Nofcsb

中國央行數字貨幣研究所規劃部負責人彭楓:區塊鏈將建構新的「價值互聯網」
https://bit.ly/2D4Qs3y

EOSBet將熱錢包內的75%資金,轉移至冷錢包
https://bit.ly/2xx0lRN

以太坊安全漏洞最全總結及安全建議(截至現在)
https://www.coingogo.com/news/14114

立委提案修法 將虛擬通貨納入洗錢防制規範
http://news.ltn.com.tw/news/politics/breakingnews/2551960

跨行無卡提款來了 用手機命令ATM吐鈔
https://tw.appledaily.com/new/realtime/20180917/1431379/

歐洲央行:影子銀行及新興市場的風險要注意
http://www.epochtimes.com/b5/18/9/17/n10719233.htm

商業銀行「乙方換人」:再見ATM機 你好數據平台
https://news.sina.com.tw/article/20180918/28220352.html

LINE Pay 一卡通爆漏洞:未加密網址暴露使用者個資,這樣的資安標準你接受嗎
https://buzzorange.com/techorange/2018/09/18/line-pay-ipass-leaked-user-real-name/

LINE Pay 一卡通轉帳洩用戶本名,官方回覆:之後遮掉一部分就是了
https://buzzorange.com/techorange/2018/09/20/line-pay-ipass-respond-2018/

LINE Pay一卡通轉帳洩隱私?一卡通建議姓名部分隱碼
https://news.cnyes.com/news/id/4204733

台灣Pay無卡跨行提款 國泰世華ATM全支援
https://bit.ly/2xhWoRE

台灣Pay台北101園遊會 掃碼綁卡送藍芽耳機
https://bit.ly/2PQJT6f

電子支付個資恐遭盜 一卡通:依法實名制
https://bit.ly/2xhWwR8

一卡通電子支付機構業務定型化契約修正
https://www.ptt.cc/bbs/MobilePay/M.1537191986.A.7B9.html

陸P2P倒閉潮 恐連累純網銀
https://www.chinatimes.com/newspapers/20180915000270-260205

顧立雄:大陸P2P風暴若發生在台灣 金管會早就「爆掉了」
https://www.ettoday.net/news/20180918/1261538.htm

中國P2P倒閉潮在台發生 顧立雄:金管會就被包圍了
https://tw.finance.appledaily.com/realtime/20180918/1432126/

傳馬雲宣布辭職當天 支付寶被中共「收編」
http://www.epochtimes.com/b5/18/9/14/n10715698.htm

銀行信用卡廣告 金管會解禁
https://money.udn.com/money/story/5613/3373073

國家隊純網銀 泛公股股權將過半
https://www.ettoday.net/news/20180918/1261725.htm

金融科技監理 要顧四原則
https://bit.ly/2OAs23h

金融科技園區開幕 37家廠商進駐
https://udn.com/news/story/7239/3373546

金融科技創新園區開幕 監理門診問到飽
https://news.sina.com.tw/article/20180918/28225070.html

台灣金融科技園區落成,將成國際接軌單一窗口
https://bit.ly/2MIs9be

金融科技創新第二座園區,不排除落腳高雄
https://bit.ly/2xpiyBe

拚金融科技 金管會昨審查首件「監理沙盒」申請案
http://ec.ltn.com.tw/article/breakingnews/2554445

金融監理沙盒,凱基銀搶頭香
https://bit.ly/2MGHzNe

上海資安中心 制定區塊鏈安全標準
https://udn.com/news/story/7333/3377068

台灣金融科技大升級 - 關貿網路與金融研訓院打造Fintech創新聚落
http://www.trade-van.com/news/index.do?act=detail&articleId=830

部分收單機構對網路特約商戶和網路支付介面管理不到位 中國支付清算協會發佈風險提示
https://news.sina.com.tw/article/20180917/28216300.html

傳土耳其擬成立機構處理當地銀行壞帳
http://www.aastocks.com/tc/stocks/news/aafn-news/NOW.897510/2

台北金融科技展,12月登場
https://bit.ly/2xo3XWL

彰銀強化資安防護,獲ISO 22301 BCMS驗證
http://pchome.megatime.com.tw/news/cat2/20180919/9800019001084260410.html

攻互聯網金融 富邦華一銀將參與設立消費金融公司
https://udn.com/news/story/7239/3376948

一次十個 遠銀行動APP 轉帳社群通知服務上線
https://www.chinatimes.com/realtimenews/20180919003587-260410

刷臉支付考驗網安
http://www.chinatimes.com/newspapers/20180920000218-260310

第3屆T-Brain AI競賽出爐 成功挑戰保險產業AI新應用
http://ec.ltn.com.tw/article/breakingnews/2556975

摩根大通戴蒙:網路戰是金融體系的最大威脅
https://udn.com/news/story/6811/3379204

中秋連假 金管會要求保險公司保戶服務不中斷
https://www.ydn.com.tw/News/305955

iPhone為什麼還不能支援悠遊卡和一卡通原因,金管會給出獨家答案
https://mrmad.com.tw/iphone-support-easycard-ipass

結合LINE Pay 鄭文燦:桃園市民卡變得更好用
http://www.peoplenews.tw/news/f8b8fdd2-6291-4769-87d7-8f52dcde11c1

桃園市市民卡發行3周年 擬再擴大功能 與LINE Pay、一卡通合作
https://bit.ly/2xF4F1j

桃園市民卡3周年 小額消費抽石垣島郵輪雙人行
https://www.chinatimes.com/realtimenews/20180920003542-260410

手機支付好先進? 數據全被中央監控
https://hk.finance.appledaily.com/finance/realtime/article/20180920/58703918

金融科技崗“搶戲” 20家銀行總行“招賢”
http://capital.people.com.cn/BIG5/n1/2018/0921/c405954-30307135.html

權證交易稅 擬降至千分之1
https://money.udn.com/money/story/6710/3379391

越南電子支付蓬勃發展
http://vn-cs.com/_30621.html?lang=cn

銀行櫃臺也可共享了
http://big5.xinhuanet.com/gate/big5/www.xinhuanet.com/info/2018-09/21/c_137483262.htm

要有資安的危機意識
https://udn.com/news/story/7239/3380723?from=udn-ch1_breaknews-1-cate6-news

薪資匯款帳號變成駭客銀行帳戶?!美國大學員工被竊逾600萬美元
https://blog.trendmicro.com.tw/?p=57161

India Post Payments Bank taps FSS to bring banking, payment services to underserved populations
https://bit.ly/2NfOTEC

California judge determines that ATM dynamiting was an act of 'shoplifting'
https://www.atmmarketplace.com/news/california-judge-determines-that-atm-dynamiting-was-an-act-of-shoplifting/

Greece U-Turns — Now Approves Mr. Bitcoin's Extradition To Russia
https://bit.ly/2xiqF2n

Credential Stuffing Attacks Generate Billions of Login Attempts
https://www.bleepingcomputer.com/news/security/credential-stuffing-attacks-generate-billions-of-login-attempts/


3.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體


資安威脅──挖礦殭屍網路構成新型態暗黑經濟
https://technews.tw/2018/09/17/mining-dark-economy/

安全公司:勒索病毒GandCrab已升级到4.3
https://www.bianews.com/news/flash?id=20552

Fbot:一款Satori相關的、基於區塊鏈DNS的蠕蟲
http://www.freebuf.com/articles/blockchain-articles/184574.html

國外安全研究者爆料中國黑客組織針對越南政府的APT攻擊樣本
http://www.freebuf.com/articles/network/183631.html

數位貨幣非法挖礦去年暴增459% 國安局軟體洩底助長歪風
https://bit.ly/2NYbfKm

網路威脅聯盟:今年非法挖礦行為成長459%
https://www.ithome.com.tw/news/126009

薪資匯款帳號變成駭客銀行帳戶?!美國大學員工被竊逾600萬美元
https://blog.trendmicro.com.tw/?p=57161

澳洲流行非觸式付款 銀行加快技術投資
http://www.epochtimes.com/b5/18/9/19/n10725346.htm

陸修訂新規 銀行理財或投資A股
https://bit.ly/2NtJZE7

具有殭屍網路、勒索軟體等多項功能的新型蠕蟲
https://news.softpedia.com/news/researchers-found-new-worm-with-botnet-ransomware-and-coinmining-abilities-522736.shtml

新的殭屍網路藏在區塊鏈的DNS Mist中並會移除加密貨幣挖礦程式
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=30379

惡意Kodi附加元件安裝Windows和Linux加密貨幣挖掘木馬
https://www.bleepingcomputer.com/news/security/malicious-kodi-add-ons-install-windows-and-linux-coin-mining-trojans/

Urpage 與 Bahamut、Confucius 及 Patchwork 等駭客集團的關聯性
https://blog.trendmicro.com.tw/?p=57158

無檔案式挖礦惡意程式出現新技巧,並已發現變種
https://blog.trendmicro.com.tw/?p=57099

Russian Hacker Pleads Guilty to Operating Kelihos Botnet
https://bit.ly/2OvmyXC

Ransomware Attack Takes Down Bristol Airport's Flight Display Screens
https://bit.ly/2OzcoVE

Ramnit Banking Trojan, August 2018’s Top Malware
https://satoshinakamotoblog.com/ramnit-banking-trojan-august-2018s-top-malware

仮想通貨を要求する日本語の脅迫メールについて
http://www.jpcert.or.jp/newsflash/2018091901.html

Mirai Botnet Creators Helping FBI Fight Cybercrime to Stay Out of Jail
https://bit.ly/2xnFn8i

公民實驗室指控:間諜程式Pegasus被部署在45國!但開發商NSO Group否認:沒這回事
https://www.ithome.com.tw/news/125971

Two New Monero Malware Attacks Target Windows and Android Users
https://securityintelligence.com/news/two-new-monero-malware-attacks-target-windows-and-android-users/

ThreatList: Malware Samples Targeting IoT More Than Double in 2018
https://threatpost.com/threatlist-malware-samples-targeting-iot-more-than-double-in-2018/137528/

Spam Campaigns Using IQY Files Infect Japanese Users With BEBLOH and URSNIF Malware
https://securityintelligence.com/news/spam-campaigns-using-iqy-files-infect-japanese-users-with-bebloh-and-ursnif-malware/

Cybercrime: 15 Top Threats and Trends
https://www.bankinfosecurity.com/cybercrime-15-top-threats-trends-a-11522

New Malware Combines Ransomware, Coin Mining and Botnet Features in One
https://bit.ly/2QMYRLO

B.行動安全 / iPhone / Android / App

5G無線技術引發安全擔憂
https://cn.wsj.com/articles/CT-BIZ-20180914154501

蘋果iOS Safari的弱點被發現了?打開網頁就強迫重開機、只需要15行CSS語法
https://applealmond.com/posts/40188

iOS 瀏覽器最新漏洞 程式碼即令iPhone、iPad重新開機
https://unwire.hk/2018/09/17/ios-css-attack/tech-secure/

iOS 瀏覽器最新漏洞,程式碼會讓 iPhone、iPad 重新開機
http://technews.tw/2018/09/18/a-new-css-based-web-attack-will-crash-and-restart-your-iphone/

Safari 被發現有漏洞!用這幾句 CSS 就可以令你的 iPhone 崩潰
https://www.techapple.com/archives/25609

iOS 12正式版來了,更強大的AR體驗,還修補了16個安全漏洞
https://www.ithome.com.tw/news/125956

世界最快!阿里巴巴實驗室成功越獄 iOS 12
https://www.inside.com.tw/2018/09/20/ios-12-jailbroken-hours-after-release-alibabas-cybersecurity-division

Apple已開始為iPhone漏洞利用支付黑客費用
https://www.anquanke.com/post/id/159894

強化生態系安全新對策,第三方App有漏洞,臉書抓漏方案也給獎金
https://www.ithome.com.tw/news/125945

近似灰帽駭客 蘋果若告恐觸法
https://tw.news.appledaily.com/headline/daily/20180920/38130875/

分身術?停車10分APP計時破百 民恐扣近6000
https://news.tvbs.com.tw/life/995481

維護個資安全 青報APP通過資安檢測
https://www.ydn.com.tw/News/305909

台鐵訂票當機元兇逮到了!APP設計者被送辦
http://news.ltn.com.tw/news/life/breakingnews/2556957

9 個你必須知道的 iOS 12 隱藏功能
https://www.kocpc.com.tw/archives/218754

【FinTech理財】手機支付保安存疑 6招教你自保
https://bit.ly/2PW0Lsu

推特以雙重保護防止用戶遭Silhouette技術線上線下交叉追蹤
https://www.ithome.com.tw/news/126036

eSIM功能 電信商:今年無法上
https://bit.ly/2MQ6EoV

趨勢科技聲明:針對 Mac App 商店中趨勢科技 App問題的回應
https://blog.trendmicro.com.tw/?p=57109

Watch Out! This New Web Exploit Can Crash and Restart Your iPhone
https://bit.ly/2PJjoQ8

Hackers selling research phished from universities on WhatsApp
https://nakedsecurity.sophos.com/2018/09/18/hackers-selling-research-phished-from-universities-on-whatsapp/

State Department scores an F on 2FA security
https://nakedsecurity.sophos.com/2018/09/18/state-department-scores-an-f-on-2fa-security/

Powerful Android and iOS Spyware Found Deployed in 45 Countries
https://thehackernews.com/2018/09/android-ios-hacking-tool.html

This Powerful Off-the-Shelf Phone-Hacking Tool Is Spreading
https://medium.com/fast-company/this-powerful-off-the-shelf-phone-hacking-tool-is-spreading-adab67e8590c

Nearly half of US mobile phone calls will be scams by 2019: report
https://www.smh.com.au/world/north-america/nearly-half-of-us-mobile-phone-calls-will-be-scams-by-2019-report-20180920-p504uf.html


C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件
利用機器學習(Machine Learning)協助識別網頁竄改(Web Defacement)
https://blog.trendmicro.com.tw/?p=56695

強化生態系安全新對策,第三方App有漏洞,臉書抓漏方案也給獎金
https://www.ithome.com.tw/news/125945

Facebook 採用人工智慧工具協助開發者除蟲
https://technews.tw/2018/09/19/finding-and-fixing-software-bugs-automatically-with-sapfix-and-sapienz/

Google推出容器儲存庫漏洞掃描服務,加強公有雲容器環境安全
https://times.hinet.net/news/21972426

密碼字數要多長?駭客剋星告訴你
https://udn.com/news/story/7240/3380442

如何為 Tor Network 出一分力?建立 Tor Relay 分享頻寬吧
https://nicholas.hk/2018/09/tor-relay-setup/

企業抵禦駭客 防團體戰入侵
https://money.udn.com/money/story/5612/3369796

駭客竊取飛行哩程上暗網便宜賣
https://www.ithome.com.tw/news/125987

利用機器學習(Machine Learning)協助識別網頁竄改(Web Defacement)
https://blog.trendmicro.com.tw/?p=56695

駭客利用零日漏洞訪問CCTV監視器
https://threatpost.com/zero-day-bug-allows-hackers-to-access-cctv-surveillance-cameras/137499/

勞基法變程式碼 工程師一秒判讀過勞班表
https://vision.udn.com/vision/story/12425/3352655

台灣駭客破解ApplePay、用1塊錢買到502台iPhone:不知道會不會真的寄來
https://applealmond.com/posts/40288

張啟元「以駭止駭」!曾有妹私訊「願肉體換新台幣」
https://tw.news.appledaily.com/life/realtime/20180919/1432594

張啟元遭打臉改暱稱「智障駭客」 專家:努力學習才是王道
https://www.ettoday.net/news/20180919/1262536.htm

網酸:1元是驗證扣款 張啟元解嘲以後改刷「7元」
https://tw.lifestyle.appledaily.com/gadget/realtime/20180919/1432685

1元買400萬特斯拉!張啟元自爆「6駭客創舉」領賞34萬 台灣卻關60天
https://www.ettoday.net/news/20180920/1262959.htm

駭客張啟元!自爆:曾窮到快全家輕生
https://bit.ly/2QNtaBW

駭客事蹟數不完!張啟元曾破解ibon、鑽臉書漏洞刪貼文
http://webtest1.sanlih.com.tw/News.aspx?NewsID=431882

Magecart駭客集團犯案連連,除了英航和Ticketmaster售票網,Newegg也陷災情,數百萬卡號曝險一個月
https://www.ithome.com.tw/news/125991

成功黑入蘋果係統的澳洲少年或將面臨數年監禁
https://bit.ly/2PVjdkN

視頻監控出現新漏洞:駭客可以讓監控鏡頭失靈
https://bit.ly/2pgUVGP

國產監視器軟體有漏洞!數十萬台監視器恐有遭駭客控制的高風險
https://www.ithome.com.tw/news/125954

強化資安 我將組跨國聯防體系
http://news.ltn.com.tw/news/focus/paper/1233217

中國散播假訊息 蔡向國際示警
http://news.ltn.com.tw/news/focus/paper/1233814

臉書「作戰室」300壯士對抗假新聞 嚴防干預選情
https://udn.com/news/story/6812/3379137

白宮國安顧問:美台將合作對付中國網軍攻撃
https://www.cmmedia.com.tw/home/articles/11942

白宮國安顧問:美台將合作對付中國網軍攻撃
https://www.cmmedia.com.tw/home/articles/11942

白宮國安顧問波頓:網路戰威脅日甚,將助台灣等盟友一臂之力
https://www.storm.mg/article/506137

應對中網攻威脅 波頓:會與台灣在內盟邦合作
http://news.ltn.com.tw/news/world/breakingnews/2557697

新加坡副總理:星國扮演東協資安主導者,年底舉辦漏洞獎勵計畫
https://www.ithome.com.tw/news/125957

反制中俄網路攻擊 美國防部授權軍方自行殲敵
https://bit.ly/2DisJx2

中國恐在11月選前發動猛烈網攻 台灣做好準備
https://udn.com/news/story/6656/3378848

中國駭客對台灣政府炸彈式網攻,除了妨礙 11 月大選還有其他全球性陰謀
https://buzzorange.com/2018/09/21/chinese-hackers-emerge/

應對中共選前可能網攻 台灣已做好準備
http://www.epochtimes.com/b5/18/9/21/n10730269.htm

認清中共輿論戰真相 破除假新聞危害
https://www.ydn.com.tw/News/305079

破共軍假新聞 政戰局、軍聞處扛重責
http://news.ltn.com.tw/news/focus/paper/1233220

僵屍網路 Kelihos 俄籍藏鏡人在美認罪,可能得吃 52 年牢飯
https://www.inside.com.tw/2018/09/16/notorious-russian-cybercriminal-pleads-guilty-to-us-charges

中國江蘇啟動2018年網絡安全宣傳周活動
http://big5.xinhuanet.com/gate/big5/www.js.xinhuanet.com/2018-09/17/c_1123443637.htm

美媒調查發現朝鮮利用社交媒體漏洞逃避制裁
https://bit.ly/2QCyNmD

美國制裁中共中央軍委裝備發展部
https://bit.ly/2PR0RBt

《美國海外賬戶稅收遵從法》在美首起定罪涉及釣魚執法
https://cn.wsj.com/articles/CT-BIZ-20180919110011

防禦網攻 美國重要單位卯足勁遏駭客威脅
https://bit.ly/2NZ2cZv

東南亞網路安全中心 泰國揭牌
https://bit.ly/2Owwsbd

俄情報員曾密謀網攻瑞士化武實驗室
https://www.chinatimes.com/realtimenews/20180915002993-260408

疑似間諜活動接連曝光 瑞士要求俄羅斯立刻停手
https://udn.com/news/story/6809/3372472

美國控北韓駭客攻擊 朝中社:子虛烏有
https://www.taiwannews.com.tw/ch/news/3529907

美參議員電郵 谷歌警告駭客企圖入侵
https://udn.com/news/story/6813/3380086

為了挖掘加密貨幣,駭客攻擊印度政府網站
https://bit.ly/2NQfsQp

數百個印度網站遭駭客劫持 挖比特幣獲利
https://bit.ly/2Otlwv4

徵才 - 【資安所】資深系統開發工程師
https://www.104.com.tw/job/?jobno=6d206

徵才 - Specialist, Malware Analysis
https://bit.ly/2NQyi9V

Why Cybercrime Remains Impossible to Eradicate
https://www.bankinfosecurity.com/blogs/cybercrime-remains-impossible-to-eradicate-p-2662

Launching an Insider Threat Program: Practical Tips
https://www.bankinfosecurity.asia/interviews/launching-insider-threat-program-practical-tips-i-4116

Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off
https://bit.ly/2xngg5z

Protecting India's Government From Cyberattacks
https://www.bankinfosecurity.asia/blogs/protecting-indias-government-from-cyberattacks-p-2665

Should There Be a Backdoor to Google’s Secret Algorithm
https://medium.com/inc./should-there-be-a-backdoor-to-googles-secret-algorithm-c2920bcacb23

New Hacker Exploits and How to Fight Them
https://www.bankinfosecurity.com/new-hacker-exploits-how-to-fight-them-a-11527

The Need for Security Collaboration
https://www.bankinfosecurity.com/need-for-security-collaboration-a-11525

Major Irish utility networks vulnerable to cyber attacks set to have security increased
https://bit.ly/2Dg7FY1

Cyber attack simulation platform, SCYTHE, gets $3 million investment
https://bit.ly/2NmF9Zn

LUTHERAN HEALTH NETWORK SUFFERED A CYBER ATTACK TUESDAY
https://www.wbcl.org/news/lutheran-health-network-suffered-a-cyber-attack-tuesday

Europol warns against these Cyber Crimes
https://www.cybersecurity-insiders.com/europol-warns-against-these-cyber-crimes/

Innovate and Attack: North Korea Doubles Down on Cyber
https://player.fm/series/the-korea-society-3129/innovate-and-attack-north-korea-doubles-down-on-cyber

Let’s Stop Pretending Our Automated Systems Are Secure
https://medium.com/inc./lets-stop-pretending-our-automated-systems-are-secure-175d264aaa2d

California Wants to Stop Hackers from Taking Control of Smart Gadgets
https://bit.ly/2xr91Kb

RESEARCHING THE FAX MACHINE ATTACK SURFACE
https://www.x41-dsec.de/lab/blog/fax/

'Magecart' Card-Sniffing Gang Cracks Newegg
https://www.bankinfosecurity.com/magecart-card-sniffing-gang-cracks-newegg-a-11530

Cryptojacking a Growing Threat to Government Sites
https://www.bankinfosecurity.asia/cryptojacking-growing-threat-to-government-sites-a-11531

Rethinking Modern-Day DDoS Attacks And Their Risk
https://www.itspmagazine.com/from-the-newsroom/rethinking-modern-day-ddos-attacks-and-their-risk

Hackers Say Windows 8 and 10 Easiest Entry Points
https://www.infosecurity-magazine.com/news/hackers-say-windows-8-10-easiest/

Experts at the CSE Cybsec Z-Lab have found a Gafgyt variant implementing the “Non Un-Packable” technique recently presented in a cyber security conference
https://securityaffairs.co/wordpress/76362/malware/gafgyt-bot-nup-technique.html


D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷

「比特幣挖礦機」詐財 14人被騙230萬元
https://tw.appledaily.com/new/realtime/20180915/1430419/

LINE 成詐騙溫床,只因暗黑勢力動員加上 AI 能耐越來越強大
https://technews.tw/2018/09/15/line-fraud-trouble/

留言幫小戴! 戴資穎帳號被駭20萬粉絲放水流
https://bit.ly/2NML9Kb

LINE Pay 一卡通恐洩隱私,網傳撈個資攻略
https://technews.tw/2018/09/17/line-pay-a-card-venting-privacy/

強化郵件帳號及認證機制 導入偽造信偵測及加密DLP技術 拆解五大BEC攻擊手法 防範商業電郵詐騙有撇步
https://www.netadmin.com.tw/article_content.aspx?sn=1809060002

詐騙翻新 陸民睡夢中慘遭網貸
https://www.ydn.com.tw/News/305070

「刷卡買自己的課」健康APP淪老鼠會騙局!捲款135億倒閉
https://fnc.ebc.net.tw/FncNews/world/51685

FB帳號狂被刪!改名「蜘蛛人」約妹都被當詐騙 怪男哭:人生毀了
https://www.ettoday.net/dalemon/post/38484

疑似方正集團子公司簽名洩露,遭黑客利用盜取Steam賬號
http://www.freebuf.com/news/184400.html

詐騙者冒充美國電力服務公司,威脅受害者交出比特幣
https://bit.ly/2xkjx5W

PayMe帳戶失竊 3人報案 綑綁信用卡被過數再遭提走
https://m.mingpao.com/pns/dailynews/web_tc/article/20180920/s00002/1537380587482

PayMe 綁定信用卡資料被盜用失款! 方保僑:SVF、發卡銀行應深化合作加強保安
https://bit.ly/2DfKj4J

【PayMe用戶注意】離奇增值 5千元不翼而飛 警方列「以欺騙手段取得財產」
https://hk.finance.appledaily.com/finance/realtime/article/20180919/58701562

無申請PayMe都被轉走錢 專家:個別信用卡資料被盜用
https://bit.ly/2Ns1AMS

數名PayMe客疑遭盜取信用卡增值
http://www.aastocks.com/tc/stocks/news/aafn-news/NOW.897906/2

老梗詐騙橫行騙全台 12名成員落網
https://tw.appledaily.com/new/realtime/20180920/1433607/

PayMe客被盜$5,000  警揭多人中招
https://hk.news.appledaily.com/local/daily/article/20180920/20503731

非PayMe用戶突收銀行過數短訊 疑無故被轉帳$5000
http://hk.on.cc/hk/bkn/cnt/news/20180920/bkn-20180920132004374-0920_00822_001.html

美國政府支付網站存漏洞 1400萬用戶信息遭泄露
https://bit.ly/2QOwvAY

Magecart駭客集團犯案連連,除了英航和Ticketmaster售票網,Newegg也陷災情,數百萬卡號曝險一個月
https://www.ithome.com.tw/news/125991

刑事局公布 9/03~9/09 詐騙高風險網站
https://blog.trendmicro.com.tw/?p=57229

Flood Your ISP with Random, Noisy Data to Protect Your Privacy on the Internet
https://null-byte.wonderhowto.com/how-to/flood-your-isp-with-random-noisy-data-protect-your-privacy-internet-0186193/

Europe Catches GDPR Breach Notification Fever
https://www.bankinfosecurity.com/europe-catches-gdpr-breach-notification-fever-a-11515

UK Regulator Fines Equifax £500,000 Over 2017 Data Breach
https://bit.ly/2PTdtb7

Hackers Steal Customers' Credit Cards From Newegg Electronics Retailer
https://bit.ly/2xDEmZh

Equifax Hit With Maximum UK Privacy Fine After Mega-Breach
https://www.bankinfosecurity.com/equifax-hit-maximum-uk-privacy-fine-after-mega-breach-a-11532

Equifax fined £500,000 for failing to protect customer details in cyber attack
http://www.cybersecurity-review.com/news-september-2018/equifax-fined-500000-for-failing-to-protect-customer-details-in-cyber-attack/

Equifax fined by ICO over data breach that hit Britons
https://stockmarket.london/equifax-fined-by-ico-over-data-breach-that-hit-britons/

Data breach bill is really a fight about federal preemption
https://www.ecommercedailynews.com/data-breach-bill-is-really-a-fight-about-federal-preemption/


E.研究報告

白名單繞過UAC方法原理介紹
http://www.freebuf.com/vuls/183914.html

利用了Office公式編輯器特殊處理邏輯的最新免殺技術分析(CVE-2017-11882)
http://www.freebuf.com/vuls/183734.html

技術討論| 信息外帶漏洞(OOB)利用技巧
http://www.freebuf.com/articles/database/183997.html

Facebook的安卓客戶端任意的JavaScript代碼執行漏洞分析
https://www.aqbeta.com/data/201809/153689040814630.html

TTLScan 一款插件化的漏洞掃描器框架
https://www.ctolib.com/tiaotiaolong-TTLScan.html

中國工程院院士鄔江興院士:網絡空間擬態防禦原理簡介(上)
https://read01.com/J0Bxx0Q.html

中國工程院院士鄔江興院士:網絡空間擬態防禦原理簡介(下)
https://read01.com/zh-tw/E8mPGoM.html#.W6BxfegzbIU

Alpine Linux APK包管理器遠程代碼執行漏洞分析
http://www.4hou.com/vulnerable/13640.html

疑似“海蓮花”組織早期針對國內高校的攻擊活動分析
http://www.freebuf.com/articles/system/184120.html

lynis插件編寫:從入門到放棄
http://www.freebuf.com/articles/system/183977.html

淺析智能助手真正的價值和風險
http://www.freebuf.com/articles/network/183645.html

解析漏洞管理的五個階段
http://www.freebuf.com/articles/security-management/183647.html

某客服系統任意文件讀取漏洞分析
https://xz.aliyun.com/t/2763

Malicious Command Execution via bash-completion (CVE-2018-7738)
https://blog.grimm-co.com/post/malicious-command-execution-via-bash-completion-cve-2018-7738/

Is two-factor authentication (2FA) as secure as it seems
https://blog.malwarebytes.com/101/2018/09/two-factor-authentication-2fa-secure-seems/

BULK SQL Injection Test on Burp Requests
https://www.exploit-db.com/docs/english/45428-bulk-sql-injection-using-burp-to-sqlmap.pdf


F.商業

AI護身 果核全方位防駭
https://bit.ly/2Ou4a1j

中華電數位轉型由內而外,讓「連結」不是問題
https://bit.ly/2xsIprr

中華電攜凱基銀,首件金融監理沙盒創新計畫起跑
https://bit.ly/2OBJiVE

衝刺企業客戶 中華電大數據處接案逾百件涵蓋公私機關
https://news.cnyes.com/news/id/4203653

中華電信0800免費客服電話總整理:光世代、手機、漫遊、MOD
https://www.cool3c.com/article/137832

力推分散式網路架構,Cloudflare發表星際檔案系統IPFS閘道
https://www.ithome.com.tw/news/125953

中華電信AWS Direct Connect 服務上線
https://www.chinatimes.com/realtimenews/20180920003106-260410


G.政府

北市公衛系統遭駭 資訊局:已封存系統
https://tw.appledaily.com/new/realtime/20180917/1431351/

北市公衛系統成駭客「練功房」 70多個網站全下架檢查
http://news.ltn.com.tw/news/politics/breakingnews/2553694

北市公衛系統被駭 李明賢:百萬個資外洩=百萬帳戶遭盜
https://bit.ly/2OyW7jR

資安破了個大洞 可以怎麼補
https://tw.appledaily.com/new/realtime/20180917/1431621/

綠委促修國安法管網路 政院:言論自由及國安求平衡
https://udn.com/news/story/6656/3374878

打擊犯罪 總統:台灣是國際安全網不可或缺一環
https://bit.ly/2pnI3Pb

行政院誤算假新聞 中華郵政澄清稿也入列
https://newtalk.tw/news/view/2018-09-20/141998

戴資穎心得文、慰安婦銅像遭踹 竟被政院列為「假新聞」
http://news.ltn.com.tw/news/politics/breakingnews/2556713

虛擬通貨交易監管 政府不能再互推責任
https://udn.com/news/story/6871/3378232

推行動支付 國發會:市場機制較租稅優惠有效
https://bit.ly/2NXjh6i

保險法大修 鎖定八大面向
https://money.udn.com/money/story/5613/3379378

談保險法修法 顧立雄:上任以來最難的修法
https://udn.com/news/story/7239/3379224

南山人壽勞資紛爭 金管會將啟動金檢
https://tw.news.appledaily.com/new/realtime/20180920/1433476/

行政院會通過「簡易人壽保險法」第7條、第8條、第20條修正草案
https://www.ey.gov.tw/Page/9277F759E41CCD91/81ed1fee-49c3-4dc5-ae13-aadccfb10890

財政部:多元繳庫管道歡迎選擇採用
https://n.yam.com/Article/20180920771042


H.工控系統  SCADA / ICS Security

德國製造業遭駭現況!2/3德國製造商曾遭受攻擊,47%的損失源自網路攻擊行動
https://www.ithome.com.tw/news/125910

工業互聯網安全| 台積電之後,下一個“中毒”的會是誰
http://www.freebuf.com/articles/neopoints/184129.html

工業互聯網信息安全漏洞逐年激增
http://dz.jjckb.cn/www/pages/webpage2009/html/2018-09/19/content_46976.htm

工業物聯網黑客炮製了哪些糟糕場景
http://netsecurity.51cto.com/art/201809/583681.htm


I.教育訓練類

基於機器學習的WEB攻擊分類檢測模型
http://www.freebuf.com/news/184687.html

Web安全漏洞之CSRF
https://cnodejs.org/topic/5ba1a93a8f5b0c1c59ea0fb0

完整的 Web 開發初級到高級修煉地圖 (2018)
https://softnshare.com/2018/07/19/completejunior-to-senior-web-developer-roadmap-2018/

學習 DevOps : 運用 Terraform 做基礎架構的自動化
https://softnshare.com/2018/01/22/devops-infrastructure-automation-with-terraform/

[Raspberry Pi] 電腦跨網段,也可遠端連線樹莓派喔
https://bit.ly/2QPI8aS

從基礎學習 Python 與道德駭客
https://softnshare.com/2018/07/11/learn-python-ethical-hacking-from-scratch/

Learn Ethical Hacking Online – A to Z Online Training Pack
https://bit.ly/2xsgIPl

J.玄武實驗室每日安全動態推送

每日安全動態推送(09-17)
https://tw.weibo.com/xuanwulab/4285315315396972

每日安全動態推送(09-18)
https://tw.weibo.com/xuanwulab/4285581662542541

每日安全動態推送(09-19)
https://tw.weibo.com/xuanwulab/4285945232363171

每日安全動態推送(09-20)
https://tw.weibo.com/xuanwulab/4286310468535583

每日安全動態推送(09-21)
https://tw.weibo.com/xuanwulab/4286669518089844


K.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機

加州議會通過全美首個IoT法案,要求每個IoT裝置都要有獨立密碼
https://www.ithome.com.tw/news/125921

Week In Review: IoT, Security, Auto
https://semiengineering.com/week-in-review-iot-security-auto-11/

IoT Marks the Convergence of Physical Security and Cybersecurity
https://www.iotforall.com/iot-physical-security-cybersecurity/

IoT Security Concerns Remain
https://www.eetasia.com/news/article/18092104-iot-security-concerns-remain

IoT security in the spotlight
https://www.channelnomics.com/channelnomics-us/analysis/3063061/iot-security-in-the-spotlight

IoT malware grew significantly during the first half of 2018
https://www.techradar.com/news/iot-malware-grew-significantly-during-the-first-half-of-2018

Thales announces advanced security for automotive, FinTech and IoT
https://www.cambridgenetwork.co.uk/news/thales-advanced-security-automotive-fintech-iot/

LoRa Alliance comes prepared to talk IoT security
https://www.fiercewireless.com/wireless/lora-alliance-comes-prepared-to-talk-iot-security

Who foots the bill for medical IoT security
https://www.the-parallax.com/2018/09/21/billing-code-medical-iot-security-opinion-domas/

Fortinet Launches Network Access Control for IoT Security
https://www.rtinsights.com/fortinet-launches-network-access-control-for-iot-security/


4.近期資安活動及研討會
 
  Call For Paper | HITCON PACIFIC 2018  9/17 ~ 10/14
  https://blog.hitcon.org/2018/09/call-for-paper-hitcon-pacific-2018.html
 
  資訊安全-駭客攻防入門班  9/24 前
  https://aps.ncue.edu.tw/cee/show_crs.php?crs_no=3336

  企業如何面對新世代破壞式攻擊 9/25
  http://www.caa.org.tw/news-detail.asp?id=1017

  台大電機系  資訊安全碩士班   碩士甄試說明會
  https://www.ptt.cc/bbs/NTU/M.1537152503.A.122.html

  國家高速網路與計算中心教育訓練 - 系統監控 9/26
  https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3645&from_course_list_url=homepage

  以色列資安政府高峰會議  9/27
  https://www.ticc.org.tw/archives/1620

  網路與系統及資料實務查核  9/27
  http://www.caa.org.tw/news-detail.asp?id=1010

  從遵循和實務角度談內控內稽 9/28
  http://www.caa.org.tw/news-detail.asp?id=1015

  智慧型手機破密 9/28
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=38

  【課程】金融大數據分析技術與演算法實戰,用 Python + 機器學習技術,分析房價、股價、匯率數據及預測趨勢  9/29
  https://bit.ly/2PwvT2g

  亥客書院 - 數位鑑識概念與實作  9/29
  https://hackercollege.nctu.edu.tw/?p=594

  ISDA 教育訓練 Burpsuite實戰百分百  9/29
  https://reg.isda.org.tw/info.php?no=36

  TDOH Conf 2018 9/29
  https://tdoh-conf.online/

  TWCERT / CC 2018年台灣資安通報應變年會  10/3
  https://www.informationsecurity.com.tw/edm/IS_EDM_181003/

  亥客書院 -網路流量分析與檢測 10/6
  https://hackercollege.nctu.edu.tw/?p=891

  國家高速網路與計算中心教育訓練 - 惡意程式分析 10/9
  https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3646&from_course_list_url=homepage

  Windows Server 高峰會  10/9
  https://www.microsoftevents.com/profile/form/index.cfm?PKformID=0x4938443abcd&wt.mc_id=AID738824_EML_5710125

  中部科學園區管理局 - 跨平台資安防範全面啟動研討會 10/11
  http://www.fstopsoft.com/DynamicContent.aspx?id=3DB42D1290F9C34F

   XRY Certification 教育訓練 10/17 ~ 10/18
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=39

  JCCONF 2018  10/19
  https://jcconf.tw/2018/

  2018 健康物聯網黑客松  10/19 ~ 10/21
  http://hack.tmu.edu.tw/2018.php

  Foundations in Digital Forensics with EnCase? (DF120) (原CF1)  10/23 ~ 10/26
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=40

  國家高速網路與計算中心教育訓練 - 網路封包分析  10/23
  https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3650&from_course_list_url=homepage

  亥客書院 -惡意程式檢測實務 10/27
  https://hackercollege.nctu.edu.tw/?p=885

  ISDA 白帽駭客巡迴入門〈1〉10/27
  https://reg.isda.org.tw/info.php?no=27

  TANET 2018-台灣網際網路研討會 暨資訊工程X智慧計算學門成果發表會 10/21 ~ 10/26
  https://cis.ncu.edu.tw/SeminarSys/activity/TANET2018/home

  Red Hat Forum 2018 TAIPEI  11/2
  https://www.redhat.com/en/events/red-hat-forum-taipei-2018?sc_cid=701f2000001OEJMAA4

  ISDA 白帽駭客巡迴入門〈1〉11/03
  https://reg.isda.org.tw/info.php?no=28

  Building and Investigation with EnCase? (DF210) (原CF2)  11/5 ~ 11/8
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=41

  亥客書院 - DDoS原理與實務  11/10
  https://hackercollege.nctu.edu.tw/?p=774

  Magnet原廠授權認證課程Magnet AXIOM Examinations 11/12 ~ 11/15
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=42

  原廠認證Cellebrite Certified Operator (CCO)  11/19 ~ 11/20
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=43

  Metasploit與滲透測試實務 11/25 ~ 11/26
  https://hackercollege.nctu.edu.tw/?p=641

  EnCase EnCE 認證考試 Preparation 課程  12/5 ~ 12/7
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=44

  駭客入侵調查暨資安緊急應變實務 12/10 ~ 12/11
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=45

  亥客書院 - 進階網頁滲透測試  12/15
  https://hackercollege.nctu.edu.tw/?p=323

  專業手機暨硬碟資料救援教育訓練課程 12/26 ~ 12/28
  http://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=46

  亥客書院 - 高階網頁滲透測試    2019/1/5
  https://hackercollege.nctu.edu.tw/?p=768

留言

這個網誌中的熱門文章

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/



8月份資安社群及教育訓練活動分享

8月份資安社群及教育訓練活動分享

 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/

 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/

 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/

5月份資安、社群活動分享

5月份資安、社群活動分享

 108年度資安初學者挑戰活動 (MyFirstCTF) 5/1 ~ 5/10 報名
 https://ais3.org/mfctf/

 HackingThursday 固定聚會  5/2
 https://www.meetup.com/hackingthursday/events/vkhnnqyzhbdb/

 Python 商務網站 * 極速學習 (2019春季 - 台北)  5/2
 https://cjltsod.kktix.cc/events/django-2019-spring-taipei

 國票金控「純網銀鯰魚與資安技術漣漪」日本樂天技術結合台灣AI 人工智慧發表會  5/2
 https://www.accupass.com/event/1904111400151860776797

 資安法 X 技術實務論壇  5/2
 https://csa.kktix.cc/events/csa190502

 國立交通大學 亥客書院 - 基礎網站安全建構實務  5/4
 https://hackercollege.nctu.edu.tw/?p=1045

 ISDA 白帽菁英萌芽計劃II 0505 
 https://reg.shield.org.tw/info.php?no=54

 Pwn入門  5/5
 https://hackersir.kktix.cc/events/fcu190505

 Elixir台灣 台北 Meetup # Monday, May 6, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/

 公部門之AI資安防護新思維研討會 5/7
 http://www.cisanet.org.tw/News/activity_more?id=MTQzOA==

 向資安服務看齊 我們一起讓資安從「有做」到「有效」  5/8 ~ 5/10
 https://www.informationsecurity.com.tw/Seminar/2019_all/

 資安危機 - 進擊的勒索加密軟體 2019-05-09(四) 14:45 ~ 17:00
 https://www.accupass.com/event/19041703435474776…