資安事件新聞週報 1/7 ~ 1/11

資安事件新聞週報  1/7 ~  1/11

1.重大弱點漏洞

網路印表機設備未正確設置存在漏洞
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=3003

D-Link 路由器部分產品發現可進行遠端執行程式碼漏洞
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5077

Juniper 產品多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES

Juniper Networks Junos OS 存在多個安全性弱點
https://www.us-cert.gov/ncas/current-activity/2019/01/09/Juniper-Networks-Releases-Multiple-Security-Updates

ESB-2019.0055 - [Linux] IBM Security Guardium: Multiple vulnerabilities
https://www.auscert.org.au/bulletins/73734

ESB-2019.0054 - [Win][Linux] IBM Rational Service Tester: Multiple vulnerabilities
https://www.auscert.org.au/bulletins/73730

ESB-2019.0047 - [Win][Linux][Solaris][AIX] IBM Case Manager: Multiple vulnerabilities
https://www.auscert.org.au/bulletins/73702

ESB-2019.0046 - [Win][Linux] IBM Rational Publishing Engine: Multiple vulnerabilities
https://www.auscert.org.au/bulletins/73698

ESB-2019.0053 - [Win][Linux] UCMDB Configuration Management Service: Access privileged data - Existing account
https://www.auscert.org.au/bulletins/73726

Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending
https://www.imperva.com/blog/scapy-sploit-python-network-tool-is-vulnerable-to-denial-of-service-dos-attack-cve-pending/

多款Hitachi Command Suite產品HTML注入漏洞
https://www.securityfocus.com/bid/60667

Cisco Email Security Appliances (ESA) 存在安全性弱點
https://www.us-cert.gov/ncas/current-activity/2019/01/09/Cisco-Releases-Security-Updates

思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x

Cisco Firepower System Software安全繞過漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15443

Adobe 每月保安更新 (2019年1月)
https://blogs.adobe.com/psirt/?p=1685

Adobe fixes vulnerabilities in Connect and Digital Editions, Flash left in the cold
https://www.zdnet.com/article/adobe-fixes-vulnerabilities-in-connect-and-digital-editions-flash-left-in-the-cold/#ftag=RSSbaffb68

Adobe 已發布安全更新以解決 Acrobat 和 Reader 中的多個弱點
https://www.us-cert.gov/ncas/current-activity/2019/01/03/Adobe-Releases-Security-Updates

Adobe Issues Emergency Patches for Two Critical Flaws in Acrobat and Reader
https://bit.ly/2RcLad5

Adobe squashes critical bugs in Acrobat, Reader
https://www.zdnet.com/article/adobe-squashes-critical-bugs-in-acrobat-reader/#ftag=RSSbaffb68

Adobe Acrobat Reader 多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/01/03/Adobe-Releases-Security-Updates

Foxit Reader和PhantomPDF for Windows 緩衝區錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5007

Foxit Reader和PhantomPDF for Windows 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18688

Foxit Reader 多個漏洞
https://www.foxitsoftware.com/support/security-bulletins.php

Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service
https://www.exploit-db.com/exploits/46089

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
https://www.exploit-db.com/exploits/46092

DENX U-Boot緩衝區溢出漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18440

Wireshark - 'get_t61_string' Heap Out-of-Bounds Read
https://www.exploit-db.com/exploits/46096

Google Partially Patches Flaw in Chrome for Android 3 Years After Disclosure
https://bit.ly/2CS88gH

Red Hat keycloak拒絕服務漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14637

Red Hat glusterfs任意代碼執行漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14651

Symantec Data Loss Prevention Enforce Server Administration Console Cross-site Scripting, Cross-site
https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1326.html

THE ELITE INTEL TEAM STILL FIGHTING MELTDOWN AND SPECTRE
https://www.wired.com/story/intel-meltdown-spectre-storm/

關於對IE瀏覽器零日漏洞及時更新補丁的通報
https://www.weibo.com/ttarticle/p/show?id=2309404324326894641736

Windows 7修補程式造成合法PC啟動失敗,網路無法共享
https://www.ithome.com.tw/news/128196

微軟每月保安更新 (2019年1月)
https://portal.msrc.microsoft.com/zh-tw/security-guidance/releasenotedetail/b4384b95-e6d2-e811-a983-000d3a33c573

US-CERT警告Windows中的安全漏洞
https://www.linuxidc.com/Linux/2019-01/156237.htm

微軟今年開春安全更新首發,修補49個安全漏洞,含7個重大漏洞
https://www.ithome.com.tw/news/128150

JVNVU#92038183 Windows Kernel Transaction Manager (KTM) における競合状態に関する脆弱性
https://jvn.jp/vu/JVNVU92038183/

Microsoft Windows DHCP Client遠程代碼執行漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0547

Microsoft Exchange Server SSRF權限提升漏洞(CVE-2018-8581)
https://www.secrss.com/articles/7527

Microsoft Azure IoT SDK欺騙漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8479

Microsoft Windows GDI Component信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8422

Microsoft Jet Database Engine緩衝區溢出漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8393

Microsoft Patches RCE, Information Disclosure Vulnerabilities in Exchange Server  January 10, 2019
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-rce-information-disclosure-vulnerabilities-in-exchange-server/#.XDcRhCDA_24.twitter

Unauthorized upgrade of Windows 10, Microsoft compensates users in Finland for 1,100 euros
https://bit.ly/2CT583A

Microsoft pulls buggy Office 2010 January updates
https://zd.net/2SHCLem

Microsoft Patch Tuesday — January 2019 Security Updates Released
https://thehackernews.com/2019/01/windows-security-updates.html

Microsoft's latest Windows 10 19H1 release adds support for coming reserved storage feature
https://www.zdnet.com/article/microsofts-latest-windows-10-19h1-release-adds-support-for-coming-reserved-storage-feature/#ftag=RSSbaffb68

Microsoft Updates Administrative Templates for Windows 10 1809
https://bit.ly/2QFtuSa

Microsoft Office Vulnerability Discovered That Could Leak Sensitive Information
https://bit.ly/2TFNcz5

MS13-046特權提升漏洞
http://www.manongjc.com/article/40641.html

Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion
https://www.exploit-db.com/exploits/46104

Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)
https://www.exploit-db.com/exploits/46101

Microsoft Windows - Windows Error Reporting Local Privilege Escalation
https://www.exploit-db.com/exploits/46098

WordPress WP Feed Plugin 'nid' Parameter SQL Injection Vulnerability
https://www.anquanke.com/vul/id/1079266

WordPress BuddyPress Extended Friendship Request插件HTML注入漏洞
https://www.anquanke.com/vul/id/1031049

Powered by Publique! SQL Injection
https://www.anquanke.com/vul/id/1044854

Atomy Maxsite 'index.php' Arbitrary File Upload Vulnerability
https://www.anquanke.com/vul/id/1079304

FileCOPA FTP Server Remote Denial of Service Vulnerability
https://www.securityfocus.com/bid/60909

C.P.Sub 'check.php' Authentication Security Bypass Vulnerability
https://www.securityfocus.com/bid/60857

微軟向360白帽黑客發放20萬美元漏洞挖掘獎勵
http://www.sohu.com/a/287164288_115060

任何人都可分享檔案給你?Google著手修補Google Drive
https://bit.ly/2sgDyHo

2018年蘋果平台漏洞情況統計報告
https://www.secrss.com/articles/7516

黑客大佬曝光微軟Edge瀏覽器漏洞,能輕易獲取系統最高權限
http://www.twoeggz.com/news/12912659.html

垃圾清理工具CleanMyMac X曝多個權限提升漏洞
https://www.secrss.com/articles/7667

研究人員揭露利用作業系統頁面快取的旁路攻擊
https://www.ithome.com.tw/news/128155

New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
https://bit.ly/2FjsoKL

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection
https://bit.ly/2THtBOR

New Linux Systemd security holes uncovered
https://www.zdnet.com/article/new-linux-systemd-security-holes-uncovered/#ftag=RSSbaffb68

phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting
https://www.exploit-db.com/exploits/46082


2.銀行/金融/保險/證券/支付系統/ 新聞及資安

全採內部升任 林國良、黃昱程 接財金公司董總
https://www.chinatimes.com/newspapers/20190105000303-260205

網攻第一金 殭屍電腦駭客栽了
https://bit.ly/2CRNYTV

第一金遭駭案犯嫌落網,向中國購買惡意軟體犯案
https://bit.ly/2Qy4ZXb

銀公新主席:KYCU需考慮系統保安
https://bit.ly/2AylYDr

太搞笑啦!披棉被盜領ATM被發現 開不了門又撞掉安全帽
https://tw.appledaily.com/new/realtime/20190106/1495984/

服務225萬陸客 銀聯卡可在ATM「閃付提款」
https://www.ettoday.net/news/20190106/1348380.htm

香港金管局將發出虛擬銀行牌照 銀行公會料可推動業界發展
http://news.tvb.com/finance/5c327dfde60383537723aa09

LINE網上銀行 傳進軍台灣
https://bit.ly/2REKQTW

雲端發票是什麼?為什麼電子發票有紙本?獺問獺答
https://agirls.aotter.net/post/54730

保險業稽核 金管會列考
https://money.udn.com/money/story/5613/3578415

3分鐘讓你成為電子承兌匯票萬事通
https://read01.com/zh-tw/4GM8gPJ.html#.XDL_uFwzaUk

鄉民貸發起P2P自律規範 金管會:樂觀其成
https://money.udn.com/money/story/5613/3581909

10餘家網路借貸P2P業者 正式遞件成立公會
https://money.udn.com/money/story/5613/3583006

因為這一點…台灣P2P不會像中國說倒就倒
https://bit.ly/2RG0CxG

台灣P2P業者屬資訊中介 避開中國倒閉潮三項元凶
https://udn.com/news/story/7239/3586060

國票金、日本樂天純網銀戰隊確定 農曆年前遞件申請
https://news.cnyes.com/news/id/4265362

樂天組隊國票金,唯一純金融機構網銀隊
https://finance.technews.tw/2019/01/09/lotte-team-national-ticket-marching-into-pure-online-banking/

滿銀設反犯罪專組 加強網絡保安防詐欺
https://bit.ly/2H2Rwa3

銀聯無卡支付現安全漏洞瀋陽一女子被盜刷近九千元
https://finance.sina.cn/2019-01-08/detail-ihqhqcis4313785.d.html?pos=17

ATM跨行全台大當機 財金公司創首罰紀錄
https://bit.ly/2RF6CXw

財金公司ATM跨行服務中斷所涉缺失,違反銀行間資金移轉帳務清算之金融資訊服務事業許可
及管理辦法第31條規定,核處新臺幣150萬元罰鍰
https://www.ey.gov.tw/Page/AE5575EAA0A37D70/abb2fd85-582c-4a2c-ae2c-d1acdcc8fd60

兆豐銀行業務公告
https://wwwfile.megabank.com.tw/other/bulletin08_1.asp?sno=977

開放API第一階段登場 Opening Bank有咩好處
https://www.planto.hk/zh/blog/open-api-banking-advantages

港虛擬銀行釋照 八強入圍
https://money.udn.com/money/story/5604/3586876

銀行業務測驗題庫彙編
https://bit.ly/2SMFaEp

徵才 - 去年獲益成長! 公股行庫搶才釋3000金飯碗
https://bit.ly/2Txlkgi

徵才 - 上萬個金飯碗、鐵飯碗搶人大作戰
https://tw.appledaily.com/new/realtime/20190105/1494331/

徵才 - 【年後轉職看這裡2】6大壽險業擴大徵才 今年增2萬生力軍
https://tw.appledaily.com/new/realtime/20190105/1494337/

徵才 - 中壽擴大規模 今年徵才3000人
https://tw.appledaily.com/new/realtime/20190108/1496498/

徵才 - 玉山金2018年獲利創新高 今年招募500名新血
https://news.cnyes.com/news/id/4264943

徵才 - 臺銀人壽108年新進人員甄試
https://bit.ly/2SOBvGf

How financial institutions can build trust with digital signage
https://www.atmmarketplace.com/blogs/how-financial-institutions-can-build-trust-with-digital-signage/

FinTech banking’s nightmare frozen customer money problem
https://www.zdnet.com/article/fintech-bankings-frozen-customer-account-nightmares-problem/#ftag=RSSbaffb68

St Xavier’s College in Kolkata to set up finance lab for data collection
https://www.financialexpress.com/education-2/st-xaviers-college-in-kolkata-to-set-up-finance-lab-for-data-collection/1438319/

The Move to Chip Payment Cards: A Work in Progress
https://www.bankinfosecurity.asia/move-to-chip-payment-cards-work-in-progress-a-11920

EMV migration timeline rolled out to Vietnam banks
https://www.atmmarketplace.com/news/emv-migration-timeline-rolled-out-to-vietnam-banks/

Neiman Marcus Settles Lawsuit Over Payment Card Breach
https://www.bankinfosecurity.com/neiman-marcus-settles-lawsuit-over-payment-card-breach-a-11923


3.電子支付/行動支付/ 新聞及資安

麥當勞結帳可刷悠遊卡、一卡通 3月初北市全面啟動
https://udn.com/news/story/7266/3574398

麥當勞開刷悠遊卡!網友哭喊等好久 肯德基支付也緊追
https://newtalk.tw/news/view/2019-01-04/189969

刷悠遊卡買漢堡!速食店開放電子支付超方便
https://bit.ly/2TvFqrn

高雄捷運正式啟用Apple Pay、Samsung Pay等行動支付乘車服務 北捷還要再等等
https://ck101.com/thread-4777104-1-1.html

高雄捷運正式啟用Apple Pay、Samsung Pay等行動支付乘車服務 北捷還要再等等
https://www.cool3c.com/article/140181

挺韓國瑜 萬事達卡嗶進高捷
https://bit.ly/2RaGmVw

免費搭高捷今登場 持這張卡綁行動支付每週這2天免錢
https://ec.ltn.com.tw/article/breakingnews/2661485

弱勢彩券商喊加薪 盼導入行動支付
https://bit.ly/2Fc7rRW

不推55899叫車 LINE PAY支付
https://www.ptt.cc/bbs/MobilePay/M.1546743858.A.F2A.html

澳門“一戶通”手機App將增加服務 擬接入電子支付
http://www.hkcna.hk/content/2019/0107/737645.shtml

日本電子支付靠優惠推動
https://blog.stheadline.com/article/detail/960829

涉盜6人資料用「轉數快」匯19萬 男子還柙3月再訊
http://hd.stheadline.com/news/realtime/hk/1404822/

小心使用流動裝置 電子錢包袋袋平安
https://bit.ly/2shbljI

行動支付 網友最愛LINE Pay
https://www.chinatimes.com/newspapers/20190109000282-260202

電子支付佔比兩年僅增7% 2020年恐難達52%目標
https://tw.appledaily.com/new/realtime/20190109/1497242/

兩種LINE Pay別搞混 聯名卡連帳戶大不同
https://bit.ly/2H4vNP2

電信小額付款遭盜刷 掛失前交易求償無門
https://bit.ly/2SHLgWL

泰國電子支付新執照通過審批 PChome Thai搶進社群商務
https://www.ettoday.net/news/20190109/1351983.htm

台灣Pay茁壯後…財金搭新平台
https://www.chinatimes.com/newspapers/20190110000269-260202

共用平台 至少3大效益
https://www.chinatimes.com/newspapers/20190110000271-260202

行動支付引爆兆元商機 嗶經濟生意做不完
https://money.udn.com/money/story/9740/3583652

輕軌票價由香港特首批示可電子支付
https://bit.ly/2LZobw0

悠遊卡買彩券、刮刮樂 財部開放了
https://ec.ltn.com.tw/article/breakingnews/2666796

從公鑰加密學談到支付寶
https://bit.ly/2FtyMhs

花蓮理想大地一月就是狂 住宿就送LINE Points500點 加補助可享2000優惠
https://n.yam.com/Article/20190110895034


4.虛擬貨幣/區塊鍊   新聞及資安

匿名特色「被消失」!中國區塊鏈實名制新法下月正式上路
https://bit.ly/2RqaeNX

企圖全面控管網路言論 中國黑手伸入區塊鏈
https://tw.appledaily.com/new/realtime/20190111/1498683/

緊急!BEAM 錢包漏洞,請盡快更新客戶端
https://bit.ly/2RkkerO

Beam Wallet中發現了嚴重漏洞,看到的趕緊補救
https://www.nahan.org/2019/01/10/beam-wallet-critical-vulnerability/

第一銀行取得區塊鏈發明專利全球首創跨鏈整合
https://www.chinatimes.com/realtimenews/20190109003866-260410

日本金融監管機構可能批准加密貨幣ETF
https://bit.ly/2C6rFbN

2019年區塊鏈:DAPP邁入多元化
http://news.knowing.asia/news/538bc366-d6dd-414d-a616-de1ce3089249

科威特國家銀行將支持Ripple匯款服務
http://news.knowing.asia/news/1916c72b-fce7-46ef-87a6-ecce25f0478e

金融時報:「美聯儲不應視區塊鏈為敵人」
http://news.knowing.asia/news/72e90ca0-bf0b-4079-8934-a224fcd3833a

逾20人墮幣少掘礦機陷阱 已報警求助
https://bit.ly/2sckOZx

稱遭幣少誘導買掘礦機 苦主最細20歲
http://www.etnet.com.hk/www/tc/lifestyle/internationalaffairs/news/57888

以太坊核心開發者對 ProgPoW 達成初步共識 提高 ASIC 挖礦難度
https://bit.ly/2QrkMGZ

以太坊挖礦新算法 ProgPoW批准!ASIC比起GPU的優勢 – 將從2x的產能降至1.2x
https://bit.ly/2SELe1R

所有硬件錢包都能被攻破?這個團隊現場揭露了Trezor和Leger的漏洞
https://ek21.com/news/tech/10424/

探討一下以太坊智能合約安全的漏洞(上)
https://www.huoxing24.com/newsdetail/20190108141503207293.html

Blockchain's Biggest Potential in Healthcare
https://www.bankinfosecurity.asia/interviews/blockchains-biggest-potential-in-healthcare-i-4215

Ethereum Classic (ETC) Hit by Double-Spend Attack Worth $1.1 Million
https://bit.ly/2Rl6xJ5

Ethereum ain’t hiding your secrets
https://medium.com/swlh/ethereum-aint-hiding-your-secrets-703e89088937

好幸福!這家企業砸逾億發數位貨幣、推彈性福利
https://udn.com/news/story/7241/3580966?fbclid=IwAR2TFcLBKy1pX3v_iiM6pMSzmxUgFFjqLfm0feYxvPavm9u0q_TiuxkCENU


5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體

IcePick-3PC 惡意軟體,鎖定媒體、電商網站,大規模竊取用戶 IP
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=782

殭屍電腦 小檔案
https://www.chinatimes.com/newspapers/20190107000664-260106

MobSTSPY間諜軟體偽裝成6款Android合法程式,殃及全球196個國家
https://bit.ly/2C2VQjW

2017各款防毒軟體技術原理剖析
https://bit.ly/2VAE3K5

FilesLocker2.1聖誕特別版勒索病毒與早期版本解密工具
https://www.freebuf.com/sectool/193554.html

防毒日:上網與電腦安全的大門,不要輕忽瀏覽器的重要
https://www.soft4fun.net/tech/information-security/defense-virus-from-browser.htm

New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet
https://www.bleepingcomputer.com/news/security/new-servhelper-backdoor-and-flawedgrace-rat-pushed-by-necurs-botnet/#.XDcTlZMe8Oo.twitter

Here’s how you can stay safe from the Android Banking Trojan that targets banking apps
https://www.palada.net/index.php/2018/01/10/news-4826/

Spyware Disguises as Android Applications on Google Play
https://blog.trendmicro.com/trendlabs-security-intelligence/spyware-disguises-as-android-applications-on-google-play/

Ransom Moves: The Dark Overlord Keeps Pressuring Victims
https://www.bankinfosecurity.com/ransom-moves-dark-overlord-keeps-pressuring-victims-a-11914

BANKING TROJAN DELIVERED BY LOLBINS: HOW THE RAMNIT TROJAN SPREADS VIA SLOAD IN A CYBERATTACK
https://www.cybereason.com/blog/banking-trojan-delivered-by-lolbins-ramnit-trojan

Danabot Banking Trojan is targeting Italian companies and users
https://us9.campaign-archive.com/?u=00093dab1cf5ca5a1d3d08535&id=23429beef2

Emotet research
https://github.com/d00rt/emotet_research

Dissecting Malicious Network Traffic To Identify Botnet Communication
https://bit.ly/2TxqEAr

Dissecting Malicious Network Traffic To Identify Botnet Communication
https://articles.forensicfocus.com/2019/01/07/dissecting-malicious-network-traffic-to-identify-botnet-communication/

Tracking the Hide and Seek Botnet
https://www.malwaretech.com/2019/01/tracking-the-hide-and-seek-botnet.html

Heartbreaking Emails: "Love You" Malspam
https://isc.sans.edu/forums/diary/Heartbreaking+Emails+Love+You+Malspam/24512

Malware found preinstalled on some Alcatel smartphones
https://www.zdnet.com/article/malware-found-preinstalled-on-some-alcatel-smartphones/#ftag=RSSbaffb68


B.行動安全 / iPhone / Android / App

七旬嬤也支持!3任部長催生 統一發票App獲好評
https://udn.com/news/story/7266/3574555

IBM旗下天氣預報App被控騙取千萬用戶分享資訊給廣告主
https://bit.ly/2CWHPG0

小米集團斥資7.6億 持股TCL集團0.48%
https://money.udn.com/money/story/5604/3577823

TCL被指秘密偷數據 全球手機用戶私隱被侵 部份被迫訂購付費服務
https://hk.epochtimes.com/news/2019-01-04/23601871

爆TCL天氣App搜集用戶個資 42款中國軟體要當心
https://tw.aboluowang.com/2019/0104/1227335.html

TCL爆資安疑慮 美國盯上
https://money.udn.com/money/story/5603/3577026

陸天氣APP 疑過度收集用戶數據
https://udn.com/news/story/11323/3577070

再有中企「竊取數據」 更多細節曝光
https://www.secretchina.com/news/b5/2019/01/06/881186.html

【華為中興之後】中國 TCL 手機 app 被控收集過量數據:用戶位置、電郵地址、IMEI、偷訂服務
https://bit.ly/2LR0Ts8

【深圳TCL】天氣App被指過度收集資料 手機IMEI都攞埋
https://hk.news.appledaily.com/china/realtime/article/20190106/59111099

中企開發天氣App 遭控過度收集用戶數據
https://tw.appledaily.com/new/realtime/20190106/1495997/

陸企天氣App 竟能蒐集「手機身分證」
https://tw.appledaily.com/international/daily/20190107/38226090/

City of LA sues Weather Channel app for sharing location data with advertisers
https://zd.net/2CVFnzP

MobSTSPY間諜軟體偽裝成6款Android合法程式,殃及全球196個國家
https://bit.ly/2C2VQjW

Google Removes 85 Adware Apps That Infect 9 Million Android Users
https://bit.ly/2FhnjTd

廣告軟體冒充 85款Android app,900萬用戶恐陷蓋版廣告夢魘
https://bit.ly/2VHSEDd

美國研發人工指紋 指紋辨識手機 逾3成恐被解鎖
https://www.chinatimes.com/newspapers/20190107000248-260202

USB Type-C 連接埠有新規範,充電更安全、可杜絕惡意攻擊
https://m.eprice.com.tw/tech/talk/1141/5177390/1/

從Google Pixel 3 看手機安全晶片發展
https://www.chinatimes.com/newspapers/20190106000251-260204

蘋果Face ID也不安全?一安全研究員稱已破解該技術
https://bit.ly/2SEXWxD

SKYPE已修復漏洞公開:不解鎖也能訪問手機數據
https://bit.ly/2QsnEDm

Android版Skype漏洞允許未經授權的駭客存取裝置資料
https://www.ithome.com.tw/news/128108

AppSigner 是網頁版Cydia Impactor 替代品?為了帳號安全請勿使用
https://mrmad.com.tw/appsigner

滴滴APP上線 搶進金融服務
https://turnnewsapp.com/global/culture/74467.html

最高200 萬美元,Zerodium 懸賞0Day 漏洞
https://www.chainnews.com/articles/103799018230.htm

Zerodium出價200萬美元收購iOS遠端越獄程式
https://www.ithome.com.tw/news/128110

Zerodium Offers to Buy Zero-Day Exploits at Higher Prices Than Ever
https://bit.ly/2QwrefV\\

5G基建憂後門 挪威擬跟進排除華為
https://ec.ltn.com.tw/article/paper/1260517

Test Driven Development with MVVM in Android
https://bit.ly/2Fh0IpS

Facial recognition doesn't work as intended on 42 of 110 tested smartphones
https://zd.net/2FjCrPc

T-Mobile marks 5G milestone with first data call on 600 MHz spectrum
https://www.zdnet.com/article/t-mobile-marks-5g-milestone-with-first-data-call-on-600-mhz-spectrum/#ftag=RSSbaffb68

Google removes 85 adware apps that were installed by millions of users
https://www.zdnet.com/article/google-removes-85-adware-apps-that-were-installed-by-millions-of-users/#ftag=RSSbaffb68


C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件

生物特徵辨識 到 國家資安建設計畫
https://home.gamer.com.tw/creationDetail.php?sn=4256097

飯店集團Hyatt也加入抓漏行列
https://www.ithome.com.tw/news/128177

網速比想像中慢!專家5理由建議機上Wifi最好別買
https://travel.ettoday.net/article/1348698.htm

利用最新flash漏洞通過“流量寶”對流量從業者的攻擊活動
https://guanjia.qq.com/news/n3/2463.html

利用服務器系統漏洞是網站遭受攻擊的常見方式
http://www.safebase.cn/article-254911-1.html

微軟警告南山3萬名業務員涉侵權 遭駁斥「搞錯」純屬誤會
https://www.ettoday.net/news/20190108/1349969.htm

微軟指業務員未被授權使用 南山:境界非微軟系統
https://www.chinatimes.com/realtimenews/20190108002784-260410

微軟鎖定壽險公司查軟體授權費 保險業掀起智財權風暴
https://www.ettoday.net/news/20190108/1351429.htm

微軟變了!招程序員的流程完全改了
https://bit.ly/2TBVYOB

Google公布2019年資安趨勢,無密碼登入將成主流、駭客瞄準原生雲端架構
https://www.ithome.com.tw/news/128039

網站主注意! Chrome封鎖入侵式網頁廣告7月將推向全球
https://bit.ly/2AFsuZb

Chrome71不給改回舊UI,用戶氣炸
https://ithome.com.tw/news/127960

Some Google Chrome extensions are blocking middle-click actions
https://www.zdnet.com/article/some-google-chrome-extensions-are-blocking-middle-click-actions/#ftag=RSSbaffb68

本機測試網站加密瀏覽更方便,Mkcert讓Localhost也能使用HTTPS憑證
https://bit.ly/2H0uxws

unCAPTCHA再升級,破解語音版reCAPTCHA的準確率達90%
https://bit.ly/2TuCv2i

【2019資安十大趨勢1】資料外洩危機吹向社群網站、觀光產業,以及雲端儲存
https://www.ithome.com.tw/news/127994

【2019資安十大趨勢2】大規模攻擊橫跨多廠牌物聯網裝置,受害範圍持續擴張
https://www.ithome.com.tw/news/127995

【2019資安十大趨勢4】臺灣政府組織受資安法規範,美國提加州隱私法與物聯網法案保護個資
https://www.ithome.com.tw/news/128033

【2019資安十大趨勢5】提升資安治理成熟度,4大標準影響力延伸到2019年
https://www.ithome.com.tw/news/128034

【2019資安十大趨勢6】身分識別安全大變革
https://www.ithome.com.tw/news/128035

【2019資安十大趨勢7】從程式開發與部署環境滲透,軟體供應鏈成駭客隱藏行跡的溫床
https://www.ithome.com.tw/news/127997

【2019資安十大趨勢8】網通基礎設施採購升格為全球各國資安與國安議題
https://www.ithome.com.tw/news/127999

【2019資安十大趨勢9】硬體安全亮紅燈,主要處理器平臺接連爆出重大漏洞
https://www.ithome.com.tw/news/128000

【2019資安十大趨勢10】網站側錄與漏洞問題更加嚴重
https://www.ithome.com.tw/news/128001

【2019 年資安預測】網路犯罪集團將運用更多魚目混珠的技巧 (6-3)
https://blog.trendmicro.com.tw/?p=58407

阿里達摩院公布「2019十大科技趨勢」:機器更聰明地聽與看
https://bit.ly/2VAKa10

維基解密致函媒體 詳列140個不該說亞桑傑的事
https://www.cna.com.tw/news/firstnews/201901070039.aspx

臉容辨識仍存漏洞 業界研攻防術化解
https://bit.ly/2F7LF1q

資安威脅朝側面、源頭進逼
https://www.ithome.com.tw/voice/127991

中科大郭光燦團隊在量子密碼安全領域研究獲重要突破
https://news.sina.com.tw/article/20190105/29553612.html

DX.Exchange上發現的洩漏用戶數據關鍵漏洞,稍後修復
https://www.coingogo.com/news/23447

欺騙類攻擊主要是利用網絡協議簇自身的漏洞發起攻擊
http://www.sohu.com/a/287908069_100302409?spm=smmt.mt-it.fd-d.6.1547078400023WRl5Apr

駭客以ZWSP手法繞過Office 365 安全功能發動網釣攻擊
https://bit.ly/2D5pnv5

調查指出,每個 PC 遊戲玩家平均遭到駭客攻擊 5 次,資安習慣仍待提升
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=780

入侵高鐵系統詐領20萬遭罰 駭客天才稱「以白帽的角度來做這件事」
https://bit.ly/2ChY4Mz

張啟元上網買高鐵票竄改退款金額 高鐵靠檢核機制抓到
https://tw.news.appledaily.com/new/realtime/20190111/1498813/

天才駭客入侵高鐵詐20萬元退款 檢諭令10萬元交保
https://bit.ly/2AFaFcC

天才駭客入侵高鐵 40元車票退票欲詐20萬元被逮
https://www.chinatimes.com/realtimenews/20190111002532-260402

【獨家】入侵票務系統吃官司 張啟元喊冤:高鐵還欠我20元
https://tw.news.appledaily.com/local/realtime/20190111/1498859/

曾破解臉書漏洞 駭客張啟元攻高鐵退票系統GG了
https://bit.ly/2D28b9H

駭客入侵Starwood酒店案 涉客量較預期少
https://www2.hkej.com/instantnews/international/article/2031779

黑客去年從加密貨幣漏洞通報機制 獲得近百萬美元
https://bit.ly/2CRgvcc

遭中國駭客集團山寨CEO電郵 印度公司5億元飛了
http://news.ltn.com.tw/news/world/breakingnews/2668099

駭旅行社「0元爽玩全球」!魯宅混高級派對、曬名人合照…照片全成犯罪證據
https://www.ettoday.net/dalemon/post/40950

駭客集團APT10至少入侵12國 背後疑由中國主導
https://bit.ly/2M2iPjG

Dark Overlord 駭客公開第一批「祕密」911 檔案
https://technews.tw/2019/01/10/dark-overlord-hackers-publish-first-batch-of-secret-911-files/

Linux版本號從4.21直跳5.0,Linux之父Linus Torvalds:指頭數完了
https://www.ithome.com.tw/news/128114

疑被通報漏洞不回應,都柏林電車網站被駭勒索1比特幣
https://www.ithome.com.tw/news/128052

保安漏洞事件環聯稱涉及有目的故意冒認 不屬洩漏數據
http://newsprd.rthk.hk/rthk/ch/component/k2/1436808-20190107.htm

保安漏洞未解決前 環聯不恢復網上服務
https://bit.ly/2Ff7PPw

Google Chromecast 現重大漏洞 電視畫面會被黑客挾持
https://unwire.hk/2019/01/04/googlechromecastexploit/life-tech/

印表機駭客新年再出招 提醒資安順便「訂閱PewDiePie」
https://www.mirrormedia.mg/story/20190104gamepewdiepie

全球第一個 5G 手術成功!華為遠端操作機器人,完成肝小葉切除手術
https://bit.ly/2skHDdI

華為就採購禁令與日本政府會談,謀求化解資安疑慮
https://technews.tw/2019/01/08/huawei-talks-with-japanese-government-information-security/

機密文件曝光:華為跟伊朗、敘利亞大有牽連
https://bit.ly/2C6lODc

中國華為高管涉嫌間諜活動被波蘭當局逮捕
https://www.bbc.com/zhongwen/trad/chinese-news-46837367?ocid=socialflow_facebook

挪威考慮5G網路升級禁用華為設備
https://www.voacantonese.com/a/norway-considers-banning-huawei-in-5g-network-20190110/4736922.html

習近平再度碰壁!路透:挪威考慮排除華為設備
https://times.hinet.net/news/22185889

美退役准將:若中掌控5G 將製造混亂與大規模監控能力
https://ec.ltn.com.tw/article/breakingnews/2665324

美國反情報機構NCSC推新一波文宣,教企業如何防範國家級網路攻擊
https://www.ithome.com.tw/news/128107

美國史上最大情報洩密案由俄國破案!這故事要從一條約炮訊息說起
https://bit.ly/2RnkcPZ

中企進軍美國大眾運輸系統 專家憂心成情蒐工具
https://bit.ly/2RgFOO0

車廂監視影像傳到北京、追蹤通勤官員
https://bit.ly/2H63zUi

擔心威脅網絡安全 美國州議員擬提案禁中國車承包地鐵
https://udn.com/news/story/12639/3585515

中俄政府駭客猖獗 美國企業積極阻擋入侵
https://news.tvbs.com.tw/world/1061609

中共如何發展空軍?智庫:竊美俄技術
https://bit.ly/2TshViQ

拒絕中國威脅國安!美參議員提法案要求白宮設新部門因應
https://www.taiwannews.com.tw/ch/news/3610799

貿易協商重啟前夕 白宮顧問驚爆 中國竊蘋果技術機密
https://tw.appledaily.com/international/daily/20190106/38225218/

越南控臉書 未移除有害內容違反網路安全法
https://www.rti.org.tw/news/view/id/2007758

Vietnam's 'Cybersecurity' Law Says Little on Security
https://www.bankinfosecurity.com/blogs/vietnams-cybersecurity-law-says-little-on-security-p-2703

Visual Journal: Black Hat Europe 2018
https://www.bankinfosecurity.com/blogs/visual-journal-black-hat-europe-2018-p-2702

FBI Seizes 15 DDoS-For-Hire Websites, 3 Operators Charged
https://bit.ly/2RbUDkS

Thousands of Google Chromecast Devices Hijacked to Promote PewDiePie
https://bit.ly/2SHMJfS

Dark Overlord hackers release alleged 9/11 lawsuit documents
https://bit.ly/2GVfxjj

Cybersecurity risks in the unlimited world
https://bit.ly/2LfIlBF

Cybersecurity Trends for 2019 — The Good and The Bad
https://medium.com/@aprilcwright/2019-cybersecurity-trends-cc86371de89e

Tired tech workers lose 27 hours of sleep per month
https://www.zdnet.com/article/tired-tech-workers-lose-27-hours-of-sleep-per-month/#ftag=RSSbaffb68

Making the Case for Zero-Trust Security
https://www.bankinfosecurity.com/interviews/making-case-for-zero-trust-security-i-4214

Moving to a Next-Generation SOC: Critical Factors
https://www.bankinfosecurity.asia/interviews/moving-to-next-generation-soc-critical-factors-i-4216

“India is the fastest growing market for MySQL in the APAC region”
https://bit.ly/2Ax21Nq

New hardware-agnostic side-channel attack works against Windows and Linux
https://www.zdnet.com/article/new-hardware-agnostic-side-channel-attack-works-against-windows-and-linux/#ftag=RSSbaffb68

Singapore must be tougher on firms that treat security as value-add service
https://www.zdnet.com/article/singapore-must-be-tougher-on-firms-that-treat-security-as-value-add-service/#ftag=RSSbaffb68

G Suite update warns you when someone is exporting your company's data
https://www.zdnet.com/article/g-suite-update-warns-you-when-someone-is-exporting-your-companys-data/#ftag=RSSbaffb68

Encryption: Avoiding the Pitfalls That Can Lead to Breaches
https://www.bankinfosecurity.com/encryption-avoiding-pitfalls-that-lead-to-breaches-a-11918

Feds Urge Private Sector 'Shields Up' Against Hackers
https://www.bankinfosecurity.com/feds-urge-private-sector-shields-up-against-hackers-a-11919

Breaking The CAPTCHA: An Application of Enhancing Machine Learning with Large-Scale Graph
https://bit.ly/2QyxZxW

A Hacker’s Perspective on Cyber Security
https://bit.ly/2SLrSYM

Google Chrome's built-in ad blocker to roll out worldwide on July 9
https://www.zdnet.com/article/google-chromes-built-in-ad-blocker-to-roll-out-worldwide-on-july-9/#ftag=RSSbaffb68

TriggerMesh brings AWS Lambda serverless computing to Kubernetes
https://www.zdnet.com/article/triggermesh-brings-aws-lambda-serverless-computing-to-kubernetes/#ftag=RSSbaffb68

Google search results listings can be manipulated for propaganda
https://www.zdnet.com/article/google-search-results-listings-can-be-manipulated-for-propaganda/#ftag=RSSbaffb68

German police ask router owners for help in identifying a bomber's MAC address
https://www.zdnet.com/article/german-police-ask-router-owners-for-help-in-identifying-a-bombers-mac-address/#ftag=

Turns Out Kaspersky Labs Helped FBI Catch Alleged NSA Leaker
https://thehackernews.com/2019/01/shadow-brokers-nsa-kaspersky.html

Google公共DNS開始支援加密的DNS-over-TLS,Android 9先行
https://www.ithome.com.tw/news/128168

Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security
https://bit.ly/2D30oZi

Anonymous hacker gets 10 years in prison for DDoS attacks on children's hospitals
https://www.zdnet.com/article/anonymous-hacker-gets-10-years-in-prison-for-ddos-attacks-on-childrens-hospitals/#ftag=RSSbaffb68

Government shutdown: TLS certificates not renewed, many websites are down
https://www.zdnet.com/article/government-shutdown-tls-certificates-not-renewed-many-websites-are-down/#ftag=RSSbaffb68

Iranian hackers suspected in worldwide DNS hijacking campaign
https://www.zdnet.com/article/iranian-hackers-suspected-in-worldwide-dns-hijacking-campaign/#ftag=RSSbaffb68

徵才 - 安全漏洞研究員
http://www.aqquan.org/index.php?m=&c=jobs&a=jobs_show&id=921

徵才 - 資安技術顧問-E10B
https://www.104.com.tw/job/?jobno=6he3h

徵才 - 希格斯 徵 軟體工程師 (.NET C#)
https://mvc.tw/jobs/details/0e6ee6fc-f489-4cb5-b760-08a3f0e1c928

徵才 - 數據庫管理工程師
https://www.liepin.com/job/1914996712.shtml

徵才 -  北京10萬年薪招聘安全運維、漏洞驗證、滲透測試工程師10人
http://www.safebase.cn/article-254924-1.html


D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷

【2019 年資安預測 】不只是企業高層主管,變臉詐騙也將開始鎖定一般員工
https://blog.trendmicro.com.tw/?p=58443

過年優惠陷阱多! 拆穿一頁式詐騙六大陷阱
https://blog.trendmicro.com.tw/?p=58545

【MongoDB出事】 超過 2 億份 CV 任攞
https://bit.ly/2FoSzig

看到這種截圖千萬別信 網銀轉賬截圖也可偽造
http://news.yznews.com.cn/2019-01/11/content_7018834.htm

警方提示:防電信網路詐騙需重點提防十類手法
https://news.sina.com.tw/article/20190110/29629196.html

魁北克男子狂刷商店信用卡 在Home Depot騙了16萬多
https://bit.ly/2RCKbSQ

李顯龍病歷遭駭報告出爐,直指網路維安人員未即時因應
https://asean.thenewslens.com/article/111848

李顯龍病歷遭駭 調查報告:網安不敵先進駭客
https://www.cna.com.tw/news/aopl/201901100452.aspx

李顯龍病歷被駭 星國政府調查:外國政府幕後指使
https://shareba.com/module/news/303662938770639510.html

涉盜用電郵冒名檢舉 陸軍專科學校主管15萬交保
https://bit.ly/2sfxSxi

陸軍專校博士被控冒用帳號 法界人士存疑
https://udn.com/news/story/7321/3581988

陸軍專校主管 涉當駭客
https://udn.com/news/story/7321/3582435?from=udn-ch1_breaknews-1-cate2-news

臉書淪為網路詐騙濫用最嚴重平台 一頁式詐騙氾濫
https://money.udn.com/money/story/5617/3580916

防詐騙最新絕招!這張信用卡連騙子都怕了
https://focus.cari.com.my/portal.php?mod=view&aid=127397&fromhome=1

湖內警分局向上溯源逾半年展成效 詐欺車手11人集團首腦終落網
https://www.101newsmedia.com/news/50026

手機存前女友裸照 新歡發現放生渣男
https://bit.ly/2TyJ2Jo

內神通外鬼!高階主管勾結離職員工 竊30億商業機密交對岸
https://tw.news.appledaily.com/local/realtime/20190107/1496309/

陸企2千萬利誘 台主管淪間諜
https://tw.appledaily.com/headline/daily/20190108/38226819/

電郵詐騙藏細節 刑事局傳授4招
https://udn.com/news/story/7320/3577497

就多一個「e」!歹徒詭仿冒客戶電郵 鞋品業務不察匯數十萬慘GG
https://www.ettoday.net/news/20190106/1349652.htm

遇電騙反入夥 19歲大專生冒官詐3老
https://bit.ly/2QwABwk

瀏覽器存密碼好方便 當心因小失大
https://www.ntdtv.com/b5/2019/01/05/a102481705.html

麗寶樂園爆個資外洩 去年12月被害件數17件
https://tw.appledaily.com/new/realtime/20190105/1494963/

曝光假社安局電話錄音 聯貿委籲民眾警覺
https://www.ntdtv.com/b5/2019/01/05/a102482123.html

誤信「蘋果」郵件 帳號從德國被登入
https://bit.ly/2sfYXAo

時事拼盤:駭客曝光數百德國政治家個資 30年不遇風暴襲泰國
https://www.ntdtv.com/b5/2019/01/04/a102481484.html

駭客竊取政壇個資 畫報:德政府未受波及
https://bit.ly/2TrGMn1

德國數百位政客名人資料洩露案破案,20 歲男學生遭逮捕
https://technews.tw/2019/01/09/german-man-confesses-to-hacking-of-public-figures-data-officials-say/

德國檢方以涉嫌駭入多位大臣有關私人數據為由,逮捕一位駭客
https://bit.ly/2RFwQcc

德國政界名人個資遭駭 警方逮捕20歲嫌犯
https://newtalk.tw/news/view/2019-01-08/191579

德國數百政治人物「個資遭駭」…全PO推特上 梅克爾也在名單上
https://www.ettoday.net/news/20190104/1348379.htm

德國數百政客名流遭駭 個資被公開上網
https://tw.appledaily.com/new/realtime/20190104/1495145/

梅克爾上網資料全外洩! 德資安局不認有被駭紀錄
https://news.tvbs.com.tw/world/1060680

德政治人物個資遭駭 資安當局挨批忙辯駁
https://www.ydn.com.tw/News/319541

梅克爾與數百政客資料遭洩!德尋求美安全局援手
http://m.match.net.tw/pc/news/international/20190108/4768750

Heartbreaking Emails: "Love You" Malspam
https://bit.ly/2Fr3GHy

German Police Identify Suspect Behind Massive Data Leak
https://www.bankinfosecurity.com/german-police-identify-suspect-behind-massive-data-leak-a-11921

Germany's Mega-Leak Takeaway: Noisy Young Hacker Got Caught
https://www.bankinfosecurity.com/blogs/germanys-mega-leak-takeaway-noisy-young-hacker-got-caught-p-2704

Hackers Leak Personal Data from Hundreds of German Politicians On Twitter
https://bit.ly/2Aukvhu

Town of Salem Data Breach Exposes 7.6 Million Gamers' Accounts
https://bit.ly/2AxD844

Hackers dump data of hundreds of German politicians on Twitter
https://www.zdnet.com/article/hackers-dump-data-of-hundreds-of-german-politicians-on-twitter/#ftag=RSSbaffb68

A MAJOR HACKING SPREE GETS PERSONAL FOR GERMAN POLITICIANS
https://www.wired.com/story/germany-hacking-politicians-personal-information/

萬豪受「駭」者減少 525萬未加密個資外洩
https://bit.ly/2FfiYz8

駭客盜個資後續調查公布,萬豪酒店被盜近 4 億筆訂房紀錄及 2,555 萬組護照號碼
https://bit.ly/2RzrYWd

萬豪國際酒店集團證實數億客戶信息被盜
https://bit.ly/2SF8tsz

萬豪國際確認駭客獲取了數以百萬計的護照號碼
https://on.wsj.com/2sbOhmF

Marriott 酒店集團被盜取近 4 億訂房記錄及 2,555 萬護照號碼
https://unwire.pro/2019/01/07/marriott-stolen-passport-numbers/news/

Marriott Mega-Breach: Victim Count Drops to 383 Million
https://www.bankinfosecurity.com/marriott-mega-breach-victim-count-drops-to-383-million-a-11916

萬豪稱黑客竊取了超過500萬客戶護照數據
https://news.sina.com.tw/article/20190106/29559698.html

Marriott says less than 383 million guests impacted by breach, not 500 million
https://www.zdnet.com/article/marriott-says-less-than-383-million-guests-impacted-by-breach-not-500-million/#ftag=RSSbaffb68

Bitcoin scam spoofing BBC news
https://myonlinesecurity.co.uk/bitcoin-scam-spoofing-bbc-news/

新加坡航空公司軟件錯誤 逾280名KrisFlyer會員資料外洩
https://bit.ly/2SE7M2M

Singapore Airlines data breach affects 284 accounts, exposes travel details
https://www.zdnet.com/article/singapore-airlines-data-breach-affects-284-accounts-exposes-travel-details/#ftag=RSSbaffb68

路透:新文件曝光孟晚舟詐欺證據
https://bit.ly/2skxJcg

Real-time location data for over 11,000 Indian buses left exposed online
https://www.zdnet.com/article/real-time-location-data-for-over-11000-indian-buses-left-exposed-online/#ftag=RSSbaffb68

Card-Not-Present Fraud Growth: No End in Sight
https://www.bankinfosecurity.com/interviews/card-not-present-fraud-growth-no-end-in-sight-i-4217

Phone fraudsters are stealing billions each year through a scheme known as IRSF
https://www.zdnet.com/article/phone-fraudsters-are-stealing-billions-each-year-through-a-scheme-known-as-irsf/#ftag=RSSbaffb68

Three random words or #thinkrandom
https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0

俄客中環遇竊 被狂碌卡29萬
https://bit.ly/2VJeDKm

屯門漢遺失信用卡被「碌」3萬元貨 重案組拘3男女
https://bit.ly/2FnF2Hz

Over 202 Million Chinese Job Seekers' Details Exposed On the Internet
https://bit.ly/2SPkATS

Neiman Marcus agrees to $1.5 million data breach settlement
https://www.zdnet.com/article/neiman-marcus-agrees-to-1-5-million-data-breach-settlement/#ftag=RSSbaffb68

OXO International discloses data breach, customer data over two years impacted
https://www.zdnet.com/article/oxo-international-discloses-data-breach-customer-data-over-two-years-impacted/#ftag=RSSbaffb68

SingHealth breach review recommends remedies that should already be basic security policies
https://www.zdnet.com/article/singhealth-breach-review-recommends-remedies-that-should-already-be-basic-security-policies/#ftag=RSSbaffb68

BEC Scam Leads to Theft of $18.6 Million Fraud
https://www.bankinfosecurity.in/bec-scam-leads-to-theft-186-million-fraud-a-11930

Phishing Attacks Bypass Two-Factor Authentication
https://www.infosecurity-magazine.com/news/phishing-attacks-bypass-two-factor/


E.研究報告

tknk_scanner:基於社區的集成惡意軟件識別系統
https://www.freebuf.com/sectool/193165.html

Magento商務平台的XSS漏洞
https://xz.aliyun.com/t/3813

多層次資安情資與分析
https://bit.ly/2BZw9AH

行動寬頻資安技術的剖析
https://bit.ly/2F9cSAX

T-Pot18.11的安裝與使用
https://www.freebuf.com/news/193347.html

針對密幣交易所gate.io的供應鏈攻擊技術分析
https://www.freebuf.com/articles/web/191959.html

區塊鏈安全 - 經典溢出漏洞CVE分析
https://xz.aliyun.com/t/3743

Microsoft Exchange SSRF任意用户偽造漏洞(CVE-2018-8581)處置手冊
https://hk.saowen.com/a/21591739308ed0bf01fc116892e263b6bcaead86e95acd2debc54acf69e8f855

通過web應用中的文件下載漏洞竊取NTLMv2哈希
http://www.4hou.com/system/15391.html

利用NSA鏈接EternalBlue漏洞進行新的加密攻擊
https://www.anquanke.com/post/id/169127

R3Con1Z3R:一款功能強大的輕量級Web信息收集工具
https://www.freebuf.com/sectool/193222.html

網站劫持的解決方案
https://ek21.com/news/tech/17280/

Struts2-005遠程代碼執行漏洞分析
https://www.freebuf.com/vuls/193078.html

XML外部實體注入(XXE)漏洞學習資源及相關開源項目
https://nosec.org/home/detail/2139.html

滲透之——操作系統支持的管道符(在命令執行漏洞中常用)
https://blog.csdn.net/l1028386804/article/details/85919481

從 Web Log 學習系統漏洞 31
https://weysnote.blogspot.com/2019/01/web-log-31.html

CVE-2018-19518:PHP imap_open函數任意命令執行漏洞復現
http://www.sohu.com/a/286986335_354899?referid=001cxzs00020004

漏洞分析:解析Windows XP版永恆之藍中的一個Bug
https://hk.saowen.com/a/603fca55572cfabf2673b010b78a8c2d7bfeb760456ce4b82593912ac8c6d755

生活中處處都有CVE——CVE-2019-3498 Django 404頁面漏洞淺談
https://www.anquanke.com/post/id/169218

Struts2-005遠程代碼執行漏洞分析
https://www.freebuf.com/vuls/193078.html

前端打包編譯時代來臨對漏洞挖掘的影響
https://www.freebuf.com/articles/web/193230.html

啟明星辰ADLab:Linux內核CVE-2017-11176漏洞分析與復現
https://paper.seebug.org/785/

SSMA: Python編寫的靜態病毒分析工具
http://blog.topspeedsnail.com/archives/9382

Struts2-057/CVE-2018-11776兩個版本RCE漏洞分析(含EXP)
https://www.cnblogs.com/Ivan1ee/p/10202016.html

gogs/gitea CVE-2018-20303文檔上傳到RCE漏洞分析
https://hk.saowen.com/a/92e787f94f33e49e9656a0860b3b11c56fe00a2a671ccc7a8aa28cc5b5b98fd6

嘗試進行RPC漏洞挖掘
https://cert.360.cn/report/detail?id=44669690fc7a8daab42472cebd8cfb88

HIMSS網絡報告:聖誕節病毒,Kubernetes的漏洞和一年中最糟糕的密碼
https://www.investank.com/news/detail/114997

Windows 0day任意文件讀取漏洞POC分析
https://www.freebuf.com/vuls/192876.html

漏洞分析:解析Windows XP版永恆之藍中的一個Bug
https://www.freebuf.com/vuls/192236.html

挖洞經驗| Facebook CDN服務器的XSS漏洞
https://www.freebuf.com/vuls/191898.html

CVE-2018-5560:Guardzilla IoT攝像機硬編碼憑證漏洞
https://paper.tuisec.win/detail/36093c4aec77543

用於漏洞排查的pocsuite驗證POC代碼
https://www.ctolib.com/hanc00l-some_pocsuite.html

zergRush (CVE-2011-3874) 提權漏洞分析
http://www.21ic.com/tougao/article/5847.html

安全研究者的自我修養
https://bit.ly/2AAfMe9

Magento Commerce XSS漏洞分析
https://www.anquanke.com/post/id/169277

如何在 macOS Sierra 安裝 Yahoo! 奇摩輸入法
https://bit.ly/2sqzIMd

How to get a free Windows (or Linux) recovery image for your OEM PC
https://www.zdnet.com/article/how-to-get-a-free-windows-recovery-image-for-your-oem-pc/#ftag=RSSbaffb68

Pure In-Memory (Shell)Code Injection In Linux Userland
https://bit.ly/2FaJ0Et

Phishing template uses fake fonts to decode content and evade detection
https://bit.ly/2FhDoaD

Hidden directories and files as a source of sensitive information about web application
https://bit.ly/2SFRVk5

Interactive Beginner's Guide to ROP
https://bit.ly/2Fg3R8l

The Practical Guide to Hacking Bluetooth Low Energy
https://bit.ly/2AzDSpb

pyrdp
https://bit.ly/2SFNFkM

SlackPirate
https://bit.ly/2RClmq7

Perun 是一款主要適用於乙方安服,滲透測試人員和甲方RedTeam紅隊人員的網絡資產漏洞掃描器/掃描框架
https://github.com/WyAtu/Perun

Modlishka. Reverse Proxy. Phishing NG.
https://bit.ly/2AyIsUK

Everything you should know about certificates and PKI but are too afraid to ask
https://bit.ly/2TCU5kN

RDP Man-in-the-Middle – Smile! You’re on Camera
https://bit.ly/2CaToI3

IPBan v1.3.6 releases: Monitors failed logins and bans ip addresses
https://bit.ly/2FgBIxZ

sqlmap v1.3 releases: Update of WAF script for Cloudfront
https://bit.ly/2Fb7Gwt

stronghold: Easily configure macOS security settings
https://bit.ly/2TAxJQR

Introducing a simple and intuitive Python API for UCI machine learning repository
https://bit.ly/2Qp21UN

Ping Power — ICMP Tunnel
https://medium.com/bugbountywriteup/ping-power-icmp-tunnel-31e2abb2aaea

Tips and Tricks that you may need to know when you work in JavaScript(Q&A)
https://bit.ly/2Qsh1RE

Bypassing Windows User Account Control
https://medium.com/@z3roTrust/bypassing-windows-user-account-control-9051c6a85734

Extracting Activity History from PowerShell Process Dumps
http://www.leeholmes.com/blog/2019/01/04/extracting-activity-history-from-powershell-process-dumps/

NSA準備釋出免費的逆向工程工具GHIDRA
https://bit.ly/2VzznE3

NSA to release a free reverse engineering tool
https://www.zdnet.com/article/nsa-to-release-a-free-reverse-engineering-tool/#ftag=RSSbaffb68

NSA Releasing the GHIDRA Reverse Engineering Tool at RSAConference
https://bit.ly/2FebAF0

NSA to release its GHIDRA reverse engineering tool for free
https://bit.ly/2AyC3ca

New year, new GitHub: Announcing unlimited free private repos and unified Enterprise offering
https://bit.ly/2TBFRk5

Unlimited free private repositories with GitHub Free and a unified business offering with GitHub Enterprise
https://bit.ly/2C7iHuG

M$ 收購 Github 後的善舉:免費 Private repositories
https://bit.ly/2VIZfh0

Bash 5.0 Release Candidate Packing Many Changes & A Lot Of Fixes
https://bit.ly/2TFRTsT

利用PNG像素隱藏PE代碼:分析PNG Dropper新樣本
https://www.freebuf.com/articles/system/191833.html

DevOps健康度雷達@SAFe
https://bit.ly/2Qv5rFe

用於存儲服務的輕量級 Linux 發行版 OviOS 發布 3.00 版
https://openingsource.org/5593/zh-tw/?fbclid=IwAR3HXMW-3hrXjj9TJ2WO-gTpZiaR0nZJJ8Ds9FJHEi29qvDK67tEVihd1lk

ECTouch xxe漏洞分析
http://foreversong.cn/archives/1354

公鏈安全之比特幣任意盜幣漏洞淺析(CVE-2010-5141)
https://www.anquanke.com/post/id/169455

Pass-the-Cache to Domain Compromise
https://bit.ly/2FcuD2r

FortiAppMonitor:用於監控macOS上的系統活動的強大工具
https://www.freebuf.com/sectool/193258.html

patoolkit
https://bit.ly/2Ff3wDT

Exploiting the Math.expm1 typing bug in V8
https://bit.ly/2AytvCg

docx-embeddedhtml-injection
https://bit.ly/2VxRz13

luckystrike
https://bit.ly/2C8YSmL

Reading ASP secrets for $17,000
https://bit.ly/2Qt8y0I

TUTORIAL – UNIVERSAL ANDROID SSL PINNING IN 10 MINUTES WITH FRIDA
https://bit.ly/2LYew8W

Knock and Pass: Kerberos Exploitation
https://bit.ly/2RFzy1q

Standards for Information Security Professionals
https://blog.securityevaluators.com/standards-for-information-security-professionals-d8773a89ab99

Attacking end-to-end email encryption
https://bit.ly/2RDdrbZ

Provable Security How I learned to stop worrying and love the backdoor
https://bit.ly/2SL95wG

Our Friends CSV and JSON
https://medium.com/@martindrapeau/the-state-of-csv-and-json-d97d1486333

Digging Up the Past: Windows Registry Forensics Revisited
https://bit.ly/2RnjZwb

Volatility Workbench: graphical user interface for the Volatility tool
https://bit.ly/2M6DUtl

Metasploit 5.0 releases: bring many features and capabilities
https://bit.ly/2D4SZsx

WinPwn: Automation for internal Windows Penetration Testing
https://bit.ly/2Fo2MeS

bypass-firewalls-by-DNS-history
https://bit.ly/2D4j6Q8


F.商業

從GDPR看下一代物聯網資安架構 實體隔離操作環境 雲端分析阻絕高風險存取
https://www.netadmin.com.tw/article_content.aspx?sn=1812270007

可橫跨雲端服務控管應用程式派送與防護,A10推出控制器平臺
https://bit.ly/2RDIkx8

資訊系統透明度 成資訊保安關鍵
https://bit.ly/2LVQcVk

過年防詐騙 趨勢科技防詐達人強化功能
https://udn.com/news/story/7239/3580957

結合ADC、WAF與集中管理系統,F5應用服務平臺橫跨多雲
https://www.ithome.com.tw/review/125006

個資外洩頻傳 「保護隱私」成消費電子展賣點
https://bit.ly/2VGFhTM

企業行動力的創造者 MobileReport一指搞定辦公事
https://n.yam.com/Article/20190110214410

防IoT威脅 趨勢科技推出新軟體TMIS 2.0
https://money.udn.com/money/story/5612/3585404

趨勢科技 IoT Security 2.0 改善使用者防護、提升裝置製造商信譽
https://www.techbang.com/posts/64008-trend-micro-iot-security-20-improve-user-protection-boost-device-manufacturer-reputation

Yubico 發表 Lightning 版安全密鑰,iPhone 用戶安全升級新選擇
https://technews.tw/2019/01/10/yubico-the-first-lightning-security-key-for-iphone/

Palo Alto提2019網路安全5大預測,電郵詐騙與供應鏈攻擊成焦點
https://www.ithome.com.tw/news/128178

微軟正式宣布放棄Win10 Mobile:今年12月10日停止支援
https://cnews.com.tw/002190110a02/?fbclid=IwAR2iEKhFemO6xEl03sKudBdrgopq_7NdZkoc6dmypNn519BMBfAs1j0Rw7g

無線路由器 Atom Inside,Asus 發表使用 Intel 802.11ax/Wi-Fi 6 晶片組的 RT-AX58U
https://www.techbang.com/posts/63934

Do you really need an eGPU with a 2018 Mac mini
https://www.zdnet.com/article/do-you-really-need-an-egpu-with-a-2018-mac-mini/#ftag=RSSbaffb68

More details emerge on Citrix's plans for Microsoft's Windows Virtual Desktop
https://www.zdnet.com/article/more-details-emerge-on-citrixs-plans-for-microsofts-windows-virtual-desktop/#ftag=RSSbaffb68

Akamai acquires Janrain to strengthen identity access controls, bot protection
https://www.zdnet.com/article/akamai-acquires-janrain-to-strengthen-identity-access-controls/#ftag=RSSbaffb68

Alibaba’s data Artisans acquisition breathes new life into Apache Flink
https://www.zdnet.com/article/alibabas-data-artisans-acquisition-breathes-new-life-into-apache-flink/#ftag=RSSbaffb68

Alibaba Blinks: Building an open source, data-driven cloud empire in real-time
https://www.zdnet.com/article/alibaba-blinks-building-an-open-source-data-driven-cloud-empire-in-real-time/#ftag=RSSbaffb68

Cloud Native Monitoring at Entrust Datacard with Splunk
https://www.bankinfosecurity.com/webinars/cloud-native-monitoring-at-entrust-datacard-splunk-w-1856


G.政府

Super TaiRa聯盟成立 中科院軍通技術釋商亮點
https://money.udn.com/money/story/5635/3579607

監控中國海漂死豬 農委會啟用無人機
http://news.ltn.com.tw/news/focus/paper/1259785

意外頻傳!南澳海岸線將封鎖 引水上活動業者反彈
https://news.ftv.com.tw/news/detail/2019107N03M1

政院協調成功!Expedia網站刷卡免國外交易手續費
http://news.ltn.com.tw/news/life/breakingnews/2664758

【2019資安十大趨勢4】臺灣政府組織受資安法規範,美國提加州隱私法與物聯網法案保護個資
https://www.ithome.com.tw/news/128033

澎縣調查站主任考掄元榮升 獲頒榮譽縣民證
http://www.taiwanhot.net/?p=668432

政戰局專文批習 企圖瓦解國人心防
http://news.ltn.com.tw/news/focus/paper/1259971

108年度「中小企業行動支付智慧應用服務」申請須知
https://www.moea.gov.tw/MNS/populace/news/News.aspx?kind=2&menu_id=41&news_id=82443

學術界再傳論文造假 科技部:修法教育雙管齊下
https://udn.com/news/story/12744/3585208

台大醫再爆論文造假 科技部:未來停權2年以上皆公布
https://tw.appledaily.com/new/realtime/20190110/1498080/

科技部火速規定 學倫違規案以公開為原則
http://news.ltn.com.tw/news/life/paper/1260411

廢「調度司法警察條例」目標是增進檢警和諧
https://tw.news.appledaily.com/forum/realtime/20190110/1498605

經濟部工業局攜手電子設備協會與工研院將於22日舉行資安解決技術論壇
http://www.investor.com.tw/onlineNews/NewsContent.asp?articleNo=14201901100122

拚經濟 財經首長多數將留任
https://www.chinatimes.com/newspapers/20190111001411-260118

金管會三面向規劃「開放銀行」 並研議配套措施
https://bit.ly/2RkjT8y

電子腳鐐有漏洞! GPS定位若沒訊號難追蹤
https://news.ebc.net.tw/News/society/147922


H.工控系統/ICS/SCADA 安全相關

【2019資安十大趨勢3】ICS系統漏洞激增,暴露在外的數量眾多
https://www.ithome.com.tw/news/127996

【2019 年資安預測】工業控制系統 (ICS) 的攻擊將成為一項日益嚴重的問題
https://blog.trendmicro.com.tw/?p=58410

Bedrock Automation Receives Achilles® Certification for Cyber Hardening on OSA® Remote
https://bit.ly/2RAkJND

New IIoT Application Gateway Technology Enhances DER and Smart-Grid Monitoring
https://www.powermag.com/press-releases/new-iiot-application-gateway-technology-enhances-der-and-smart-grid-monitoring/

Interview Udo Schneider, Trend Micro, zu Security im IIoT-UmfeldMehr Sicherheit für die vernetzte Industrie
https://www.lanline.de/mehr-sicherheit-fuer-die-vernetzte-industrie/

How Will Cyber Risk Evolve In 2019
https://www.forbes.com/sites/dantedisparte/2019/01/07/how-will-cyber-risk-evolve-in-2019/#38db72d45bd5

ICS Built-in Security in Today’s Connected Enterprise
https://www.automation.com/ics-built-in-security-in-todays-connected-enterprise

Industrial Control System (ICS) Security Market Overview and Market Application 2018-2023 in
Information and Communication Technology
https://bit.ly/2H97tMe

OT Threat Shamoon Returns with its Biggest Attack Yet
https://blog.skyboxsecurity.com/shamoon-ot-attack/

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting
https://www.exploit-db.com/exploits/46081


I.教育訓練類

黑帽 Python : 給駭客與滲透測試者的 Python 開發指南
https://bit.ly/2RhOELl

資安防禦指南:資訊安全架構實務典範
https://bit.ly/2HaWMsy

CTF中區塊鏈入門教程
https://www.freebuf.com/articles/blockchain-articles/193357.html

Python Flask:REST API筆記
https://bit.ly/2ABFnTV

Windows Sandbox:輕量級桌面環境專為安全運行應用程序而設計
https://www.freebuf.com/sectool/193164.html

How to debug Node.js in a Docker container
https://bit.ly/2LXDN3p

Secure socket programming in Python
https://medium.com/@md.julfikar.mahmud/secure-socket-programming-in-python-d37b93233c69

Get 10 Popular Books To Learn Advanced Hacking [2018 Bundle]
https://bit.ly/2AFjkvy

Dispatch Tables in Python
https://medium.com/@andreacolangelo/dispatch-tables-in-python-d37bcc443b0b

The React Handbook
https://bit.ly/2FogUVw


J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機

IT/OT/IoT數據全面匯流 莫讓物聯網成為網路威脅互聯網
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000551515_TML40DD82EC8OA4CKTRK6

【2019 年資安預測】銀髮族可能成為智慧裝置攻擊的第一個受害者
https://blog.trendmicro.com.tw/?p=58415

非萬靈丹!AI完整訓練 才能不出錯
https://bit.ly/2TsWhva

AI 偽造色情影片流竄,女星 Scarlett Johansson 坦言無能為力
http://technews.tw/2019/01/04/scarlett-johansson-can-not-stop-deepfakes-fake-porn/

物聯網裝置存漏洞 3貼士保安全
https://www.hkpc.org/zh-HK/corporate-info/media-centre/media-focus/203-corp-info/media-focus/7794-iot3st

防駭客入侵 日本 Denso 與 Dellfer 簽訂車聯網資安協議
https://www.7car.tw/articles/read/54982

本年首個科技趨勢預測 人工智能及數據安全獨領風騷
https://bit.ly/2SMSQiE

15%智慧門鎖 小黑盒能破解.它一出:輕易開
https://bit.ly/2LXF4rd

從晶片、系統到雲端全面備戰 物聯網資安危機/商機並呈
https://www.mem.com.tw/arti.php?sn=1901080004

DTA 2019創新創業論壇 邀麻省理工教授開講
https://www.chinatimes.com/newspapers/20190109000390-260210

2018年IoT那些事
https://www.freebuf.com/articles/terminal/193303.html

Most home routers don't take advantage of Linux's improved security features
https://zd.net/2RxWj7n

Expert View: Building a Future-Proof Smart Home
https://medium.com/edtech-trends/expert-view-building-a-future-proof-smart-home-70ddb60e3611

Raspberry Pi 3: Testing out Manjaro ARM 18.12
https://www.zdnet.com/article/raspberry-pi-3-testing-out-manjaro-arm-18-12/#ftag=RSSbaffb68

Autonomous Robot Hit And ‘Killed’ By Self-Driving Tesla
https://www.unilad.co.uk/technology/autonomous-robot-hit-and-killed-by-self-driving-tesla/

Worldwide spending on IoT to reach $745 billion in 2019
https://www.helpnetsecurity.com/2019/01/09/worldwide-iot-spending-2019/

Singapore utility group rolls out first batch of electric vehicle charging points
https://www.zdnet.com/article/singapore-utility-group-rolls-out-first-batch-of-electric-vehicle-charging-points/#ftag=RSSbaffb68


K.CTF

NeverLAN CTF 2019
https://ctftime.org/event/706

STEM CTF: Cyber Challenge 2019
https://ctftime.org/event/661

DEF CON CTF 2019 Quals
https://www.oooverflow.io/dc-ctf-2019-quals/

CTF 2019 - The 16th China International Tire and Wheel (Qingdao) Fair
https://bit.ly/2CWltVm

Official Website of CTF 2019 - The 16th China International Tire and Wheel (Qingdao) Fair, Qingdao, China
https://bit.ly/2VnsC8p

International Conference  CONSTRUCTIVE THEORY OF FUNCTIONS - 2019  SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/

NeverLAN CTF
https://neverlanctf.com/


6.近期資安活動及研討會

  【課程】用Google TensorFlow實作推薦系統,讓機器學習應用各種商務情境、提升商品曝光達到精準行銷 1/12
  https://bit.ly/2PysEaH

 【課程】自製Tinker Board、小車跟著走。ASUS開發板Tinker Board智慧工作坊,第一節~開課  1/12
 https://www.techbang.com/posts/63531-asus-high-performance-sbc-tinker-board-smart-robot-car-making-course

 COBINHOOD x INSIDE 虛擬貨幣暨區塊鏈新知交流會 2019-01-12(六) 14:00 ~ 17:30 (GMT+8)
 https://www.accupass.com/event/1812280802071741265805

 Amber MD 軟體訓練課程 ( 延後至 2019/01/14 開課)  2019/01/14 (一) ~ 2019/01/15 (二)
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3706&from_course_list_url=homepage

 Corda Taipei Meetup #8 - firechat with Ben Tan( R3 Solution Architect 解決方案架構師)  Wednesday, January 16, 2019
 https://www.meetup.com/Taipei-Corda-Meetup/events/257129225/

 易禧創意|【AR/VR擴增虛擬實境】實戰課(6hr)  2019-01-14(一) 19:00 ~ 2019-01-16(三) 22:00 (GMT+8)
 https://www.accupass.com/event/1811300243489098237350

【課程】Webduino x AIoT 影像辨識實作,自製 Camera 雲台機構、實作影像處理與物體追蹤,打造 AIoT 應用 1/19
 https://www.techbang.com/posts/63282-course-webduino-x-aiot-image-identification-practice

 【講座】2019年5G通訊產業趨勢(台北場) 2019-01-19(六) 18:30 ~ 21:30 (GMT+8)
 https://www.accupass.com/event/1811300349581657089441

 Binance Blockchain Week Singapore 2019 - Binance Conference   2019-01-21(一) 08:30 ~ 2019-01-22(二) 18:00 (GMT+8)
 https://www.accupass.com/event/1812051911121792888735

 Taipei 暗号通貨 (Cryptocurrency) Meetup  Wednesday, January 23, 2019
https://bit.ly/2VgDPr1

 Deep Learning Conversations and the Happy Hour  Wednesday, January 23, 2019
 https://www.meetup.com/Deep-Learning-Conversations/events/vqkwnqyzcbfc/

 Taipei.py 一月月會 (Monthly Meeting) 2019  Thursday, January 24, 2019
 https://www.meetup.com/Taipei-py/events/257299890/

 程式不再是風潮,是未來趨勢【7年級以上.國高中】C++程式設計專題班 2019-01-21 ~ 2019-01-30
 https://www.accupass.com/event/1810250742361123352640

 超強區塊鏈應用開發實戰課程(週六班)  2019-01-26(六) 13:00 ~ 17:00 (GMT+8)
 https://www.accupass.com/event/1812030821059275625140

 第二屆《Hit AI & Blockchain》人工智慧暨區塊鏈產業高峰會  2019-02-20(三) 09:00 ~ 17:30 (GMT+8)
 https://www.accupass.com/event/1811190218087771003780

【PowerPoint簡報極限使用】2月主題:十倍速PPT製作  2019-02-20(三) 19:00 ~ 22:00 (GMT+8)
https://www.accupass.com/event/1810161307265689597830

iTHome 台灣雲端大會 Cloud Summit  2019  Call for paper  截止日 2 月 22 日
https://cloudsummit.ithome.com.tw/cfp/

iTHome 台灣雲端大會 Cloud Summit  2019   2019年 5 月 15 日 (三) 09:00~17:00
https://cloudsummit.ithome.com.tw/

Splunk .conf 19  10/21 ~ 10/24
https://conf.splunk.com/



沒有留言:

張貼留言

資安事件新聞週報 2021/9/6 ~ 2021/9/10

  資安事件新聞週報 2021/9/6  ~  2021/9/10 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 發布Enterprise NFV Infrastructure Software(NFVIS)軟體安全更新 https://us-cert.c...