資安事件新聞週報 2019/2/11 ~ 2019/2/15

資安事件新聞週報  2019/2/11  ~  2019/2/15

1.重大弱點漏洞

Imperva:2018 Web 應用漏洞數量比2017 增加了21%
https://www.codercto.com/a/51263.html

Cisco Network Assurance Engine(NAE) 存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

The State of Web Application Vulnerabilities in 2018
https://www.imperva.com/blog/the-state-of-web-application-vulnerabilities-in-2018/

Wordpress外掛漏洞讓駭客得以接管網站
https://www.ithome.com.tw/news/128704?fbclid=IwAR3Hc8Fphi-hjS985qUa3FjCqJH6hovv94R1TL7-YwcfJxRYcbV11SUJqo4

用戶投訴美國交友平台OKCupid:系統漏洞致帳號遭攻擊
https://news.sina.com.tw/article/20190211/29990794.html

微軟一口氣推出 77 項產品更新修補程式
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=800

微軟資安中心指出,0Day 攻擊比例日漸上升
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=798

數據揭示Windows漏洞的實際破壞性正在降低
https://news.sina.com.tw/article/20190211/29989630.html

微軟為何推Windows 10強制更新?黑客漏洞攻擊沒活路
https://www.ithome.com/0/408/663.htm

微軟強調以IE為預設瀏覽器的風險
https://www.ithome.com.tw/news/128670

微軟Exchange和DHCP服務端組件漏洞預警
https://cert.360.cn/warning/detail?id=94a608ed86b1318fa409bd847d53d15f

微軟發佈02月份安全性公告
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/51503ac5-e6d2-e811-a983-000d3a33c573

Microsoft Is Urging Its Users to Stop Using Internet Explorer
https://bit.ly/2BprjgP

Microsoft: Improved security features are delaying hackers from attacking Windows users
https://zd.net/2tgARWY

Microsoft Exchange Server 權限提高弱點
https://portal.msrc.microsoft.com/zh-TW/security-guidance/advisory/CVE-2019-0686

Windows Embedded POSReady 2009 中的遠程代碼執行漏洞的安全更新的說明
https://support.microsoft.com/zh-cn/help/4487385/security-update-for-vulnerabilities-in-windows-xp-embedded

How much will staying patched on Windows 7 cost you? Here's the price list
https://zd.net/2I9v13U

phpMyAdmin 4.8.5 發佈 修復重要安全漏洞
https://www.xoer.cc/242055

亞馬遜語音助手被曝出自動收集隱私信息漏洞
https://www.linuxprobe.com/amazon-echo.html

嚇死!安卓系統漏洞 點開恐中毒死機
https://bit.ly/2GlCNG1

安卓機爆竊資漏洞!開啟PNG圖檔就中招
https://tw.lifestyle.appledaily.com/gadget/realtime/20190211/1515098/

Android系統新漏洞 駭客可利用圖片執行攻擊
https://tw.appledaily.com/new/realtime/20190209/1514723/

Android 再爆漏洞 開 PNG 相片或引致手機被駭
https://bit.ly/2tgPmdc

Opening this image file grants hackers access to your Android phone
https://www.zdnet.com/article/opening-this-image-file-grants-hackers-access-to-your-android-phone/#ftag=RSSbaffb68

 Apple 發佈多種產品多個安全性弱點
https://www.us-cert.gov/ncas/current-activity/2019/02/07/Apple-Releases-Multiple-Security-Updates

【補安全漏洞】iOS新版上線 官方「建議所有使用者安裝」
https://tw.lifestyle.appledaily.com/daily/20190210/38253009/

蘋果又被爆出漏洞!你的銀行卡密碼就這樣被陌生人隨便看!通話被竊聽到現在還沒修復
http://www.weiaozhou.com/portal.php?mod=view&aid=93516

iOS 12.1.4 更新災情:無法連上 Wi-Fi、行動網路出錯、沒有辦法讀取 SIM 卡
https://applealmond.com/posts/48138

macOS遭爆含有可存取瀏覽器歷史紀錄的隱私漏洞
https://www.ithome.com.tw/news/128717?fbclid=IwAR0hGKeVLuErDcaKVsgI1G3hzo_wnyynJC5ntxSrr_5h-g_d_VMmISJydzs

macOS 曝可獲取用戶密碼的 0day 漏洞;Fedora logo 改版三個候選方案
https://ek21.com/news/tech/67279/

New macOS zero-day allows theft of user passwords
https://www.zdnet.com/article/new-macos-zero-day-allows-theft-of-user-passwords/#ftag=RSSbaffb68

Google warns about two iOS zero-days 'exploited in the wild'
https://www.zdnet.com/article/google-warns-about-two-ios-zero-days-exploited-in-the-wild/#ftag=RSSbaffb68

Latest iOS 12.1.4 Update Patches 2 Zero-Day and FaceTime Bugs
https://bit.ly/2TzVgBW

蘋果推出 IOS 12.1.4 修補 FaceTime 群組通話安全漏洞
http://pc3mag.com/apple-release-ios-12-1-4/

Google Chrome 73 to officially support the multimedia keys on your keyboard
https://www.zdnet.com/article/chrome-73-to-officially-support-the-multimedia-keys-on-your-keyboard/#ftag=RSSbaffb68

Chrome extension with millions of users is now serving popup ads
https://www.zdnet.com/article/chrome-extension-with-millions-of-users-is-now-serving-popup-ads/#ftag=RSSbaffb68

Red Hat introduces first Kubernetes-native IDE
https://www.zdnet.com/article/red-hat-introduces-first-kubernetes-native-ide/#ftag=RSSbaffb68

研究人員表示,聯想Watch X充滿了安全漏洞
https://bit.ly/2GmZ1Yn

Xiaomi Electric Scooters Vulnerable to Life-Threatening Remote Hacks
https://bit.ly/2X7WZR8

Snapd缺陷讓攻擊者可在Linux系統上獲得root權限
http://t.cn/EckQXbf

Docker安全漏洞揭露:CVE-2019-5736緩解措施
http://t.cn/EVA0KNW

Cisco Network Assurance Engine允許使用舊密碼進行登陸
http://t.cn/EVA0KWQ

嚴重的WordPress插件漏洞可導致網站淪陷
http://t.cn/EVvxV3B

無需密碼可遠程劫持電動滑板車
http://t.cn/EVA0K8E

小米電動滑板車被曝存系統漏洞黑客可遠程控制
http://www.oushinet.com/europe/france/20190214/313638.html

研究:小米電動滑板車有漏洞 可無需身份驗證遠程訪問
https://news.sina.com.tw/article/20190213/30025768.html

小米 M365 電動滑板車傳出資安漏洞,駭客可以遠端操控
http://technews.tw/2019/02/15/xiaomi-m365-electric-scooter-hacked/

A POPULAR ELECTRIC SCOOTER CAN BE HACKED TO SPEED UP OR STOP
https://www.wired.com/story/xiaomi-scooter-hack/

Micropatch released for Adobe Reader zero-day vulnerability
https://www.zdnet.com/article/micropatch-released-for-adobe-reader-zero-day-vulnerability/#ftag=RSSbaffb68

研究人員在Adobe Reader PDF閱讀器中發現新零日漏洞
https://www.landiannews.com/archives/55499.html

Major Flaw in Runc Poses Mass Container Takeover Risk
https://www.bankinfosecurity.com/major-flaw-in-runc-poses-mass-container-takeover-risk-a-12019

runC 爆嚴重安全漏洞,主機可被攻擊!使用容器的快打補丁
https://www.infoq.cn/article/yAWax6we7lIYQ7_xOD2A

CVE-2019-5736: runc容器逃逸漏洞警報
https://www.linuxidc.com/Linux/2019-02/156873.htm

RunC 漏洞讓攻擊者可以獲得Docker、Kubernetes 主機上的root 訪問權限
https://t.cj.sina.com.cn/articles/view/3172142827/bd130eeb01900dffn

Dependabot:自動創建GitHub PR 修復潛在漏洞
https://www.infoq.cn/article/ms2k-asrFZDqw2hBrDWr

TLS 1.2 協議現漏洞New Zombie 'POODLE' Attack 應對建議
https://m.cnbeta.com/view/817497.htm

Adobe 已發布安全更新以解決 Adobe 多個產品存在安全性弱點
https://helpx.adobe.com/security/products/acrobat/apsb19-07.html

runC繞過安全機制漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1420

Linux本機提權漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1419

Android多個漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1418

多個RDP Client端程式漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1417

Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure
https://www.exploit-db.com/exploits/46345

Nexus Repository Manager 3 訪問控制缺失及遠程代碼執行漏洞安全預警
https://zhuanlan.zhihu.com/p/56666357

CVE-2019-7304:Linux包管理器snap本地提權漏洞預警
http://t.cn/EVA0K7F


2.銀行/金融/保險/證券/支付系統/ 新聞及資安

香港金管加強電子錢包保安 研開戶認證流程統一化
http://hd.stheadline.com/news/daily/fin/739300/

香港金管局擬收緊電子錢包認證要求 或推高風險交易實名制
https://bit.ly/2E2lXtJ

專家傳真-變革之風:金融科技對財富管理產業的影響
https://bit.ly/2tf3NOT

證交所新春團拜 許璋瑤揭示5大工作重點
https://money.udn.com/money/story/5613/3637072

因應嬰兒潮退休期 台銀將徵才200至250人
https://tw.finance.appledaily.com/realtime/20190211/1515312/

下一波金融危機 恐提前來到
https://news.cnyes.com/news/id/4278088

樂天國票純網銀董座爆黑馬 簡明仁出線
https://money.udn.com/money/story/5613/3638660?fbclid=IwAR1Pqw44d66lAuWrT1OhxmMft3PlEG3gde3I3JQ-mCzYtRtJk5lI_LjkOuA

富邦金今年招MA 首度擴大至大學學歷
https://tw.appledaily.com/new/realtime/20190209/1511899/

富國銀行出包 客戶薪資被隱形
https://bit.ly/2BvF6T2

郵局ATM大當機 民控存6萬顯示「0元交易」
https://bit.ly/2N4zYdg

大出包!郵局ATM年前「全台當機」 網嚇喊:存3萬全被吃
https://bit.ly/2E7tyXW

郵局ATM大當機!提領、存款出現異常
https://bit.ly/2TN8OKa

郵局ATM大當機! 網崩潰:存9000元全被吃了
https://bit.ly/2Bxhbmg

郵局ATM出包 網友驚呼:被吃掉3萬元
https://tw.appledaily.com/new/realtime/20190202/1512423/

中華郵政ATM2日傳交易異常
https://www.chinatimes.com/realtimenews/20190202002750-260410

「內鬼猖狂」!萬億華夏銀行遭技術經理植入系統病毒:賬戶「想取多少取多少」
https://news.sina.com.tw/article/20190203/29949012.html

中國華夏銀行技術經理把自家銀行系統植入病毒竊得700多萬人民幣,被捕辯稱是在測試漏洞
https://bit.ly/2Bkh4dM

華夏銀行內鬼曝光:伺服器植入病毒 賬戶餘額還不變
https://news.sina.com.tw/article/20190203/29947522.html

華夏銀行"內鬼"給系統植病毒 以測試BUG盜取700餘萬
https://news.sina.com.tw/article/20190202/29940486.html

華夏銀行內鬼在總行伺服器植病毒 賬戶餘額取之不盡
https://news.sina.com.tw/article/20190202/29938714.html

KAL的新方案免除ATM硬體升級需要
https://times.hinet.net/news/22215443

西門站領錢唱歌「ATM碎千鈔」!他傻眼撿1/4紙片… 銀行道歉了
https://www.ettoday.net/news/20190214/1378378.htm

美國驚現挖地道偷銀行 FBI:情節像電影
https://news.sina.com.tw/article/20190201/29925696.html

疑中俄盜美公司上億個資 專家:或為招募特工
http://www.epochtimes.com/b5/19/2/14/n11043113.htm

Equifax 被駭的大筆資料到哪去了?專家懷疑可能和國家組織有關
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=801

香港金管局研電子錢包實名制 看齊銀行戶口標準 料帳戶多需重新認證
https://bit.ly/2GzA4YV

Ukrainian man jailed for stealing $15 million from Russian banks
https://www.zdnet.com/article/ukrainian-man-jailed-for-stealing-15-million-from-russian-banks/#ftag=RSSbaffb68

Brazil's largest bank rolls out AI-enabled cameras in branches
https://www.zdnet.com/article/brazils-largest-bank-rolls-out-ai-enabled-cameras-in-branches/#ftag=RSSbaffb68

Failed Fraud Against UK Bank Abused Mobile Infrastructure
https://www.bankinfosecurity.asia/failed-fraud-against-uk-bank-abused-mobile-infrastructure-a-11998

SOC-as-a-Service for Financial Institutions
https://www.bankinfosecurity.com/soc-as-a-service-for-financial-institutions-a-12004

Bangladesh Bank Sues to Recover Funds After Cyber Heist
https://www.bankinfosecurity.asia/bangladesh-bank-sues-to-recover-funds-after-cyber-heist-a-11993

Single Vendor Approach to Banking Security
https://www.atmmarketplace.com/whitepapers/single-vendor-approach-to-banking-security/

Chinese bank’s software chief jailed after finding way to withdraw US$1m in ‘free’ cash from ATMs
https://www.scmp.com/news/china/society/article/2184883/chinese-banks-software-chief-jailed-after-finding-way-withdraw

Chinese programmer who found ATM system flaw gets 10 years in prison
https://www.atmmarketplace.com/news/chinese-programmer-who-found-atm-system-flaw-gets-10-years-in-prison/

Japan's Credit Card Fraud Debacle
https://www.bankinfosecurity.com/japans-credit-card-fraud-debacle-a-12021

SQL Injection Web Bank Muamalat
https://bit.ly/2GI6Nvi

Hackers tried to steal €13 million from Malta's Bank of Valletta
https://www.zdnet.com/article/hackers-tried-to-steal-eur13-million-from-maltas-bank-of-valletta/#ftag=RSSbaffb68


3.電子支付/電子票證/行動支付/ 新聞及資安

金管會核准 悠遊卡電子支付拚第四季推出
https://udn.com/news/story/7239/3640125?fbclid=IwAR0aMkpfUWsHIBIyvRnRcj66eUjBp8jXgxQ2lGUd2Z4IO0seiOEarfU1m14

電子支付使用僅1成9 日本計畫2025達4成
https://bit.ly/2tigrNf

【電子錢包】實名認證就一定安全? 專家︰仍有假冒身份的風險
https://bit.ly/2N7uIWg

微信回應「提現未到賬」情況 系銀行系統原因
https://news.sina.com.tw/article/20190212/30015638.html

有用戶指微信支付提取現金未到帳,騰訊稱屬銀行系統問題
https://bit.ly/2SDqDiE

歐盟設立支付系統幫助伊朗規避美國制裁
https://bit.ly/2SQdLEW

這三國與伊朗建新支付系統 欲「繞過」美製裁
https://bit.ly/2N5C10B

Securing Healthcare Payment Transactions
https://www.bankinfosecurity.com/interviews/securing-healthcare-payment-transactions-i-4252



4.虛擬貨幣/區塊鍊   新聞及資安

Parity安全漏洞威脅四分之一以太坊網絡
https://bit.ly/2BqUHmF

Google BigQuery公開資料集新增6種加密貨幣
https://www.ithome.com.tw/news/128661

日經:虛擬貨幣資安不進步 恐無望成真正貨幣
https://www.taiwannews.com.tw/ch/news/3634969

1月份拿出5萬美元治理漏洞!EOS會超過以太坊嗎?網友評論亮了
https://www.tuoluocaijing.cn/article/detail-28940.html

與銀行分手!美國千禧一代更青睞加密貨幣
http://news.knowing.asia/news/d96a8267-3fb5-4080-a50b-e33f2decd653

駭客偷比特幣轉幾手才能洗乾淨?犯罪報告稱 5000 次
https://www.inside.com.tw/article/15546-Crypto-Crime-Report

美國食品和藥物管理局: 採用區塊鏈技術, 提高新試點項目藥品供應鏈安全性
https://bit.ly/2I3v55f

Parity安全漏洞威脅四分之一以太坊網絡
https://bit.ly/2GxzMC1

火幣通過向全球推出美元交易來擴張美國市場
https://bit.ly/2teMAVU

區塊鏈好神?末日博士羅比尼:一場世紀騙局
https://money.udn.com/money/story/5599/3638353

以太坊parity客戶端存在拒絕服務漏洞,目前已修復
https://bcsec.org/index/detail/id/479/tag/2

惡意軟件偷加密貨幣   Google Play Store 再爆漏洞 
https://m.eprice.com.hk/mobile/talk/4247/212349/1/

破壞區塊鏈技術的安全漏洞
http://www.qukuaiwang.com.cn/news/15240.html

可直取現金!菲律賓聯合銀行推加密貨幣ATM
http://news.knowing.asia/news/ad9908d6-ef63-4626-9b1a-2591b0189fdc

〈區塊鏈大應用〉日本最大金融機構MUFG將在2020年推出區塊鏈支付網路
https://bit.ly/2DDsNo1

區塊鏈加密技術奠基人:網絡攻擊發展 威脅可如核武
https://news.mingpao.com/pns/%E5%89%B5%E7%A7%91%E7%B7%9A/article/20190201/special/1548958795242

Bitcoin’s ‘Lightning Torch’ Has Blazed Through 37 Countries So Far
https://www.coindesk.com/bitcoins-lightning-torch-has-blazed-through-37-countries-so-far

Zcash cryptocurrency fixes infinite counterfeiting vulnerability
https://www.zdnet.com/article/zcash-cryptocurrency-fixes-infinite-counterfeiting-vulnerability/#ftag=RSSbaffb68

Mt. Gox touted for relaunch, ownership claims cause social media spat
https://www.zdnet.com/article/mt-gox-bitcoin-exchange-touted-for-relaunch/#ftag=RSSbaffb68

With Doctored Photos, Thieves Try to Steal Bitcoin
https://www.bankinfosecurity.com/doctored-photos-thieves-try-to-steal-bitcoin-a-12016

How to Choose the Right Blockchain Application
https://www.bankinfosecurity.com/interviews/how-to-choose-right-blockchain-application-i-4248

Sextortion Bitcoin scam makes unwelcome return
https://blog.malwarebytes.com/cybercrime/2019/02/sextortion-bitcoin-scam-makes-unwelcome-return/




5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體

只要連上網就可能「被挖礦」 新挖礦程式迅速爆紅
http://news.ltn.com.tw/news/world/breakingnews/2694735

本報特約--產業追蹤/大陸工信部定性非法“挖礦”:嚴重威脅互聯網網路安全
https://news.sina.com.tw/article/20190211/29988862.html

《Apex 英雄》中國製「神仙產生器」大量出現,千萬別碰小心病毒入侵
https://bit.ly/2Sv7hfi

盜版 TeamViewer 內藏木馬間諜軟體,蒐集使用者電腦相關資料
https://blog.trendmicro.com.tw/?p=59306&fbclid=IwAR2whbXPerr_F6YnbCfaDFWb4rLDTSaFd1jqBkcrcxzl8MkoA8jtHgZuszE

間諜軟體 Trickbot 變種再進化,多了應用程式帳密擷取功能
https://blog.trendmicro.com.tw/?p=59353

安全專家發出警告:駭客正在測試感染Mac的新方法
http://big5.pconline.com.cn/b5/news.pconline.com.cn/1229/12299739.html

抄襲 KORKERDS 腳本,且會清除系統上所有其他惡意程式的Linux 挖礦程式
https://blog.trendmicro.com.tw/?p=59357

Sophos:目標型勒索軟體攻擊將持續
https://bit.ly/2GJtzD6

iOS 企業開發者證書成為分發盜版軟體的方式
https://chinese.engadget.com/2019/02/15/ios-pirates-are-using-apples-developer-certificates-to-share-ha/

GandCrab ransomware gang infects customers of remote IT support firms
https://www.zdnet.com/article/gandcrab-ransomware-gang-infects-customers-of-remote-it-support-firms/#ftag=RSSbaffb68

GandCrab Ransomware Discovered To Be Embedded in Super Mario Image
https://bit.ly/2SmADwz

Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
https://bit.ly/2SnhKcV

First clipper malware discovered on Google Play
https://bit.ly/2MXq4Ka

Qealler – Heavily Obfuscated JAR-based Password Stealer Malware Delivered Through Invoice-related Files
https://bit.ly/2GzQIaV

Backdoored cryptocurrency software found serving AZORult malware
https://www.zdnet.com/article/backdoored-cryptocurrency-software-found-serving-azorult-malware/#ftag=RSSbaffb68

Ransomware Victims Who Pay Cough Up $6,733 (on Average)
https://www.bankinfosecurity.asia/ransomware-victims-who-pay-cough-up-6733-on-average-a-11994

Banking Trojan IcedID switched to online shopping
https://hackernews.blog/banking-trojan-icedid-switched-to-online-shopping/

Most dangerous Banking Trojan in the world in circulation
https://newsbeezer.com/austriaeng/most-dangerous-banking-trojan-in-the-world-in-circulation/

Beware!! New Windows .exe Malware Found Targeting macOS Computers
https://thehackernews.com/2019/02/macos-windows-exe-malware.html

MacOS 變種惡意軟體新發現,偽裝為 Adobe Flash Player 更新程式
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5080

MacOS Trojan disables Gatekeeper to deploy malicious payloads
https://www.zdnet.com/article/macos-malware-disables-gatekeeper-to-deploy-malicious-payloads/#ftag=RSSbaffb68

Ransomware Sees Further Decline, Banking Trojan Use Steps Up - Infosecurity Magazine
http://www.hackbusters.com/news/stories/4334512-ransomware-sees-further-decline-banking-trojan-use-steps-up-infosecurity-magazine

Banking Trojan Attacks Dominated 10+ Billion Cybersecurity Threats in 2018
https://www.tmcnet.com/usubmit/-banking-trojan-attacks-dominated-10-billion-cybersecurity-threats-/2019/02/01/8893106.htm

TrickBot Banking Trojan Now Steals RDP, VNC, and PuTTY Credentials
https://www.bleepingcomputer.com/news/security/trickbot-banking-trojan-now-steals-rdp-vnc-and-putty-credentials/

Researchers Implant "Protected" Malware On Intel SGX Enclaves
https://bit.ly/2SVHJHS

Dark Tequila Banking Malware Uncovered After 5 Years of Activity
https://ethhack.com/2019/02/dark-tequila-banking-malware-uncovered-after-5-years-of-activity/

Fake Blockchain authentication update delivers Dark Comet RAT
https://bit.ly/2Ic1O8v

Emotet malware tweaks tactics in fresh attack wave
https://www.zdnet.com/article/emotet-trojan-tweaks-tactics-in-fresh-attack-wave/#ftag=RSSbaffb68


B.行動安全 / iPhone / Android /穿戴裝置 /App

旅遊公司App被曝秘密記錄iPhone屏幕信息
http://www.epochtimes.com/b5/19/2/8/n11033041.htm

Expedia等蘋果app偷錄手機畫面 恐洩用戶私隱
http://paper.wenweipo.com/2019/02/10/GJ1902100014.htm

360安全報告:99.9%安卓機存漏洞
https://news.sina.com.tw/article/20190212/30005408.html

沒人用 臉書宣佈二月底停止「Moments」服務
https://bit.ly/2SKKmfu

84萬份監測報告顯示 安卓手機存在安全漏洞
http://tc.people.com.cn/n1/2019/0213/c183008-30641396.html

First Android Clipboard Hijacking Crypto Malware Found On Google Play Store
https://bit.ly/2GmiurZ

McDonalds app users hatin’ it after being hacked by hungry hamburglars
https://nakedsecurity.sophos.com/2019/02/11/mcdonalds-app-users-hatin-it-after-losing-hundreds-to-thieves/

Apple sued for ‘forcing’ 2FA on accounts
https://nakedsecurity.sophos.com/2019/02/12/apple-sued-for-forcing-2fa-on-accounts/


C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件

微軟的安全專家建議:到了2019年,是時候該和Internet Explorer告別了
https://www.techbang.com/posts/68036-microsoft-its-time-to-say-goodbye-to-internet-explorer

現代IT環境的伺服器安全防護
https://blog.trendmicro.com.tw/?p=58720

白帽駭客展示了內置Wi-Fi的惡意Lightning數據線
http://big5.pconline.com.cn/b5/news.pconline.com.cn/1230/12307756.html

資通設備禁令紛爭下,你該具備的資安意識
http://technews.tw/2019/02/01/important-of-security-awareness/

Google Translate遭駭客利用以執行網釣攻擊
https://bit.ly/2Gpa8A9

美國 Email 服務商遭駭客刪除絕大部分資料
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=896

電子郵件服務VFEmail遭毀滅性攻擊,所有資料全被刪
https://www.ithome.com.tw/news/128756

又有安全研究人員展示邪惡USB攻擊
https://www.ithome.com.tw/news/128720?fbclid=IwAR3dYCby2gNtnbATSykmXfQ2jWhBCeMCZGeMQhuQRAPuB198qdjIgq4Pmsk

卡巴斯基:2018年DDoS攻擊頻率降低,但平均攻擊時間增加2倍
https://www.ithome.com.tw/news/128676

醫院與超市的冷凍控制系統使用預設帳密,駭客用瀏覽器輕鬆就能讓冰箱解凍
https://www.ithome.com.tw/news/128707

DDoS Attacks in Q4 2018
https://securelist.com/ddos-attacks-in-q4-2018/89565/

共享經濟存漏洞 Uber、Airbnb淪跨國洗錢工具
https://tw.appledaily.com/new/realtime/20190209/1514447/

補習班駭入考選部網站 竟為這事竄改考生密碼
https://tw.appledaily.com/new/realtime/20190209/1510534/

認清中共諜報滲透 捍衛民主自由
https://www.ydn.com.tw/News/324033

駭客頻竊取EV電動車技術為哪樁
https://bit.ly/2N1rQKp

駭客入侵澳國會 資訊未遭竊
https://bit.ly/2GGjEOL

美參議員將提芬太尼制裁法案 追究中共責任
https://bit.ly/2DE1wBZ

英爆遭中共APT10網攻 歐盟擬制裁 美已起訴
https://bit.ly/2TMk7CH

澳洲國會網路遭駭 尚無證據顯示數據失竊
https://taronews.tw/2019/02/08/248506/

澳洲國會電腦系統遭「駭」 懷疑外國政府所為
https://bit.ly/2SmVrUy

澳洲國會網路系統遭駭
https://www.taiwannews.com.tw/ch/news/3634598

Hack Attack Breaches Australian Parliament Network
https://www.bankinfosecurity.com/hack-attack-breaches-australian-parliament-network-a-12012

美空軍前情報官被控「叛逃伊朗當間諜」 出賣機密資料仍在逃
https://www.ettoday.net/news/20190214/1377646.htm

【網絡安全排行榜】日本排榜首成最安全國家
https://bit.ly/2RUCL9s

Which countries have the worst (and best) cybersecurity
https://www.comparitech.com/blog/vpn-privacy/cybersecurity-by-country/

國際流動電訊商協會:要籌畫一個沒有華為5G的未來
https://bit.ly/2Dv2uQE

關於華為 你應該知道的六個常識(上)
http://www.epochtimes.com/b5/19/2/8/n11032957.htm

關於華為 你應該知道的六個常識(下)
http://www.epochtimes.com/b5/19/2/8/n11033240.htm

美促歐盟 勿用華為設備
https://udn.com/news/story/12639/3634380

華為手機,能安心用嗎
https://forum.ettoday.net/news/1375979

川普將下令 禁用陸企5G設備
https://www.chinatimes.com/newspapers/20190209000100-260301

傳川普下週簽令 禁用中國電訊設備
https://www.ntdtv.com/b5/2019/02/09/a102507868.html

華為歐盟代表:對華為的指控「震驚」又「可笑」
http://ec.ltn.com.tw/article/breakingnews/2693945

美農村運營商抵制針對華為的中國電信設備禁令
https://on.wsj.com/2GDePph

捷克再封殺華為手機 華為揚言採取法律行動
https://tw.appledaily.com/new/realtime/20190210/1514840/

捷克國防部要求del遠端控制app 華為揚言採取法律行動
https://hk.news.appledaily.com/china/realtime/article/20190210/59242290

路透:憂構成安全威脅 德國對華為展開調查
http://news.dwnews.com/china/big5/news/2019-02-08/60117075.html

保護國安 英擬立法防堵華為
https://www.chinatimes.com/newspapers/20190210000231-260203

網頁匿蹤標準過期!蘋果宣布Safari將不再支援Do Not Track功能
https://www.ithome.com.tw/news/128655

德國限制臉書未經用戶同意,不得整合WhatsApp、IG及第三方網站資料
https://www.ithome.com.tw/news/128657

以色列成為全球第二大資安強國 關鍵竟是這隻部隊
https://www.cw.com.tw/article/article.action?id=5093988

普京測試境內網路安全 全俄9000萬網民被迫斷網
https://bit.ly/2Bz76oG

為測試戰時生存能力 俄擬「斷網」進行體檢
https://www.ydn.com.tw/News/324102

英國稱遭中國網路攻擊 歐盟考慮制裁北京
https://tw.news.appledaily.com/international/realtime/20190213/1516383/

英國控遭中國雇駭客攻擊 歐盟討論制裁可能性
http://globalnewstv.com.tw/201902/59260/?doing_wp_cron=1550219857.1318299770355224609375

英國提報中國相關駭侵事件證據,歐盟考慮對中國提出聯合聲明與要求
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=799

英國拿證據爆遭中共網攻 歐盟考慮制裁北京
https://bit.ly/2thPSaW

挪威澳洲指中國駭客入侵 中:都是美國抹黑
https://money.udn.com/money/story/5599/3640027

被控駭進挪威軟體公司竊取機密 中國氣噗噗:別抺黑我們
http://news.ltn.com.tw/news/world/breakingnews/2696872

中國駭客竊商業機密? 華春瑩:別無端扣帽子抺黑中國
https://udn.com/news/story/7331/3640234

遭指發動「雲端跳躍」竊密 華春瑩反批美「抹黑中國」
https://www.ettoday.net/news/20190212/1376677.htm

數位防禦新招!俄羅斯計畫測試一鍵斷外網
https://www.inside.com.tw/article/15558-Russia-plans-to-test-a-kill-switch-that-disconnects-the-country-from-the-internet

暗網出現去年遭駭的6億筆個資
https://www.ithome.com.tw/news/128727

Google開源自動除錯工具ClusterFuzz
https://www.ithome.com.tw/news/128658

Google發表鎖定低階裝置的加密模式Adiantum
https://www.ithome.com.tw/news/128660?fbclid=IwAR2x7FYsaWTDDVAXJ4GSQsuwhvSnMnksbI20vb9g_kT_6FYeUifg4oEQ7zI

Google Created Faster Storage Encryption for All Low-End Devices
https://bit.ly/2Dvw6O7

China hacked Norway's Visma cloud software provider
https://www.zdnet.com/article/china-hacked-norways-visma-cloud-software-provider/#ftag=RSSbaffb68

US Intensifies Pressure on Allies to Avoid Huawei, ZTE
https://www.bankinfosecurity.com/us-intensifies-pressure-on-allies-to-avoid-huawei-zte-a-12017

Using Wi-Fi to “see” behind closed doors is easier than anyone thought
https://bit.ly/2WUi4yh

Should you be scared of your laptop’s webcam
https://www.zdnet.com/article/should-you-be-scared-of-your-laptops-webcam/#ftag=RSSbaffb68

US Senators ask DHS to look into US government workers using foreign VPNs
https://www.zdnet.com/article/us-senators-ask-dhs-to-look-into-us-government-workers-using-foreign-vpns/#ftag=RSSbaffb68

Mirantis signs huge networking deal with AT&T
https://www.zdnet.com/article/mirantis-signs-huge-networking-deal-with-at-t/#ftag=RSSbaffb68

Forgot password? Five reasons why you need a password manager
https://www.zdnet.com/article/forgot-password-five-reasons-why-you-need-a-password-manager/#ftag=RSSbaffb68

Are enterprise app users growing more security savvy
https://www.zdnet.com/article/are-enterprise-app-users-growing-more-security-savvy/#ftag=RSSbaffb68

Two new Azure analytics GA releases, one preview and a big push on SQL DW
https://www.zdnet.com/article/two-new-azure-analytics-ga-releases-one-preview-and-big-push-on-sql-dw/#ftag=RSSbaffb68

Russia to disconnect from the internet as part of a planned test  February
https://www.zdnet.com/article/russia-to-disconnect-from-the-internet-as-part-of-a-planned-test/#ftag=RSSbaffb68

How to download your photos from Flickr before it deletes them
https://www.zdnet.com/article/how-to-download-your-photos-from-flickr-before-it-deletes-them/#ftag=RSSbaffb68

Pentesters breach 92 percent of companies, report claims
https://www.zdnet.com/article/pentesters-breach-92-percent-of-companies-report-claims/#ftag=RSSbaffb68

Police demand Google remove speed trap, drunk driver checkpoint alerts
https://www.zdnet.com/article/police-demand-google-remove-speed-camera-alerts/#ftag=RSSbaffb68

Assessing US Vulnerability to a Nation-State Cyberattack
https://www.bankinfosecurity.com/interviews/assessing-us-vulnerability-to-nation-state-cyberattack-i-4244

Report: Nation-State Malware Attack Could Cripple US
https://www.databreachtoday.com/report-nation-state-malware-attack-could-cripple-us-a-12005

U.S. Government and Private Industry Must Prepare for Cyber-Enabled Economic Warfare Escalations
https://www.fdd.org/analysis/2019/02/05/government-and-private-industry-must-prepare-for-cyber-enabled-economic-warfare-escalations/

Election Security: Protecting Voting Machines from Hacking
https://www.bankinfosecurity.asia/election-security-protecting-voting-machines-from-hacking-a-11999

Embracing Digital Risk Protection: Take Your Threat Intelligence to the Next Level
https://www.bankinfosecurity.asia/embracing-digital-risk-protection-take-your-threat-intelligence-to-next-level-a-11990

China's cybersecurity law update lets state agencies 'pen-test' local companies
https://www.zdnet.com/article/chinas-cybersecurity-law-update-lets-state-agencies-pen-test-local-companies/#ftag=RSSbaffb68

2018 in Snort Rules
https://blog.talosintelligence.com/2019/02/2018-in-snort-signatures.html

New Offensive USB Cable Allows Remote Attacks over WiFi
https://bit.ly/2N1y9h3

Cyberattacks can cost APAC healthcare firms $23.3M
https://www.zdnet.com/article/cyberattacks-can-cost-apac-healthcare-firms-23-3m/#ftag=RSSbaffb68

Microsoft: 70 percent of all security bugs are memory safety issues
https://www.zdnet.com/article/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues/#ftag=RSSbaffb68

I like Windows 7: Why should I pay to move to Windows 10
https://www.zdnet.com/article/i-like-windows-7-why-should-i-pay-to-move-to-windows-10/#ftag=RSSbaffb68

RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts
https://thehackernews.com/2019/02/linux-container-runc-docker.html

Hackers wipe US servers of email provider VFEmail
https://www.zdnet.com/article/hackers-wipe-us-servers-of-email-provider-vfemail/#ftag=RSSbaffb68

RSA Conference 2019: A Preview
https://www.bankinfosecurity.com/interviews/rsa-conference-2019-preview-i-4251

No-Deal Brexit Threatens British Crime Fighting
https://www.bankinfosecurity.com/no-deal-brexit-threatens-british-crime-fighting-a-12020

WHAT HAPPENS IF RUSSIA CUTS ITSELF OFF FROM THE INTERNET
https://www.wired.com/story/russia-internet-disconnect-what-happens/

Russian ISPs plan internet disconnection test for entire country
https://nakedsecurity.sophos.com/2019/02/12/russian-isps-plan-internet-disconnection-test-for-entire-country/

Snapd Flaw Lets Attackers Gain Root Access On Linux Systems
https://thehackernews.com/2019/02/snapd-linux-privilege-escalation.html

US AIR FORCE DEFECTOR ALLEGEDLY HELPED IRAN HACK AMERICANS
https://www.wired.com/story/us-air-force-defector-allegedly-helped-iran-hack-americans/

China link possible in cyber attack on Australian Parliament computer system, ABC understands
https://ab.co/2tnLlUw


D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞

新信用卡還未使用 卻遭盜刷近3千元
http://www.epochtimes.com/b5/19/2/1/n11017329.htm

房貸信息外洩 5.4萬借款人財務數據恐曝光
http://www.epochtimes.com/b5/19/2/12/n11038911.htm

當「網絡強國」遇見假新聞:中國網路空間的資訊亂象
https://www.thenewslens.com/article/110796

任職澳洲金融公司竊取客戶資料 中國男攜妻兒潛逃被捕
https://tw.news.appledaily.com/international/realtime/20190208/1514084/

從劍橋分析到5000萬個資外洩 網友爆狗年最擔心社群網站
https://www.ettoday.net/news/20190210/1351272.htm

貝佐斯效應/彭博觀點:有錢不代表保得住隱私
https://udn.com/news/story/6811/3634932

貝佐斯發文控八卦報 挾隱私照發函勒索
https://www.ttv.com.tw/news/view/10802100009400I/568

【密碼管理】還在用這些英文名字當密碼嗎
https://blog.trendmicro.com.tw/?p=59143

詐騙集團全年無休 小心三角詐騙
https://www.scooptw.com/popular/26954/

千里出擊 天津鐵路警方成功抓獲7名電信詐騙嫌疑人
https://news.sina.com.tw/article/20190203/29950166.html

「猜猜我是誰」俏皮詐騙老招還在用! 全台5人慘被騙百萬
https://www.ettoday.net/news/20190202/1357170.htm

國外期貨交易 小心被詐
https://money.udn.com/money/story/5617/3640511

澳門一名兼職女教師涉借出銀行戶口助詐騙集團轉帳被捕
https://news.rthk.hk/rthk/ch/component/k2/1442834-20190214.htm

美國 FTC 溫馨提醒:當心情人節網路詐騙
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=802

著名交友網 泄600萬帳戶資料 連接fb 用戶恐其他資料遭盜用
https://bit.ly/2Gr16CK

變臉詐騙(BEC)將深入基層職員,員工沒看穿的騙局,造成的損失可能比病毒還大
https://blog.trendmicro.com.tw/?p=59243

Reeling in Phish With a Pig & a Shark
https://medium.com/@mripp/reeling-in-phish-with-a-pig-a-shark-76186a95a95c

Fake news, rumour and censorship in the Middle Kingdom
https://mondaynote.com/fake-news-rumour-and-censorship-in-the-middle-kingdom-89d48f08b5d4

Hackers Are Using Google Translate for Phishing Attacks
https://bit.ly/2Dv33tH

Researcher reveals data leak at South Africa’s main electricity provider
https://www.zdnet.com/article/hackers-reveal-data-leak-at-south-africas-main-electricity-provider-on-twitter/#ftag=RSSbaffb68

Settlement Reached in Community Health Systems Breach Suit
https://www.bankinfosecurity.com/settlement-reached-in-community-health-systems-breach-suit-a-12001

Dunkin' Donuts accounts compromised in second credential stuffing attack in three months
https://www.zdnet.com/article/dunkin-donuts-accounts-compromised-in-second-credential-stuffing-attack-in-three-months/#ftag=RSSbaffb68

Singapore health ministry refutes suggestions of HIV data leak coverup
https://www.zdnet.com/article/singapore-health-ministry-refutes-suggestions-of-hiv-data-leak-coverup/#ftag=RSSbaffb68


E.研究報告

[套件介紹]監測 Proxmox VE 服務運作健康狀況
https://bit.ly/2tatEYm

DHCP DNS服務器7.29遠程拒絕服務漏洞
http://whereisk0shl.top/post/2019-02-09

ES文件瀏覽器CVE-2019-6447漏洞分析
https://www.freebuf.com/vuls/195069.html

阿里雲服務器被挖礦怎麼解決
http://www.sohu.com/a/293998655_100192631?scm=1002.590044.0.0

數據分析的力量
https://bit.ly/2GCLTNV

Nintendo Switch 破解原理:詳解Fusée Gelée 漏洞
https://zhuanlan.zhihu.com/p/56113943

[原創] CVE-2017-7533 漏洞利用
https://bbs.pediy.com/thread-249386.htm

DVP漏洞分析|某交易所框架存在嚴重邏輯漏洞,可重置任意用戶密碼
http://www.sohu.com/a/294633265_120064766?scm=1002.590044.0.0

以太坊UDP流量放大反射DDOS漏洞
https://www.anquanke.com/post/id/170611

以太坊parity客戶端全版本遠程DoS漏洞分析
http://www.qukuaiwang.com.cn/news/15278.html

Ruby on Rails靜態分析安全工具
http://t.cn/EVA0oNx

CDF – 加密差分模糊測試工具
http://t.cn/EV7hpct

Justniffer – 網絡TCP數據包嗅探器
http://t.cn/EVA0ojj

疑似Molerats APT組織針對中東地區的最新攻擊活動分析
http://t.cn/EVA0K6W

CVE-2019-0539根本原因分析
http://t.cn/EcFpNIN

LNK & ISESteroids Powershell dropper分析
http://t.cn/EVwgqXP

Adobe ColdFusion 反序列化RCE 漏洞分析(CVE-2019-7091)
https://paper.seebug.org/811/

CVE-2018-16858:開源office套件遠程代碼執行漏洞
http://www.4hou.com/vulnerable/16115.html

使用BETTERCAP和PMKID無客戶端攻擊WPA / WPA2網絡
http://t.cn/EVvaUh0

Behavior-Driven Penetration Testing
https://medium.com/nexenio/behavior-driven-penetration-testing-6ca27c621ce2

Emacs X Window Manager  ch11ng/exwm
https://bit.ly/2N1AWGS

APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign
https://go.recordedfuture.com/hubfs/reports/cta-2019-0206.pdf

Penetration testing of corporate information systems statistics and findings-2019
https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Corp-Vulnerabilities-2019-eng.pdf

Blue Team Architecture and Analysis - Part 1
https://bit.ly/2WY1Ggn

F.商業

指甲大小安全監控器 為你的系統提供硬件級加密加速
https://bit.ly/2SMDZIo

AWS支持政府立法規範臉部辨識服務,並提出5項建議作法
https://www.ithome.com.tw/news/128654

Skype視訊推出模糊背景功能,靠人體型態偵測區別用戶和背景
https://www.ithome.com.tw/news/128652

Rancher 2.2預覽版支援同時對多Kubernetes叢集部署應用程式
https://www.ithome.com.tw/news/128650

端點防護平台整合EDR 單一引擎自動化輔助資安維運 降低事件調查與回應門檻 完整提升產業防禦力
https://www.netadmin.com.tw/article_content.aspx?sn=1901290003

網攻頻傳 企業要主動參與風險管理
https://money.udn.com/money/story/5612/3636628

連親爹都警告了!微軟:瀏覽器用IE危險
https://www.ettoday.net/news/20190210/1374747.htm

呼籲用戶停止使用 IE,微軟網路安全專家:IE 已經不是適合日常使用的瀏覽器
https://bit.ly/2WTersl

雲端備份業者Carbonite買下AI安全業者Webroot
https://ithome.com.tw/news/128683

Microsoft is revamping its Office Home Use Program to feature discounted Office 365 subscriptions
https://zd.net/2I7TKp8

Microsoft to modify Office ProPlus by end of April in response to Dutch ministry's privacy concerns
https://zd.net/2Gm6tmp

以色列資安巨頭 Check Point 的年度峰會,交出了世上首個超大規模網路安全解決方案
https://buzzorange.com/techorange/2019/02/11/checkpoint-cpx360/

VMware to acquire remote support provider AtherPal
https://www.zdnet.com/article/vmware-to-acquire-remote-support-provider-atherpal/#ftag=RSSbaffb68

Firefox to get a 'site isolation' feature, similar to Chrome
https://www.zdnet.com/article/firefox-to-get-a-site-isolation-feature-similar-to-chrome/#ftag=RSSbaffb68

G.政府

陸企黑名單 中正紀念堂轉型 政院年後兩大戰
https://www.chinatimes.com/newspapers/20190209000263-260102

防範IoT資安風險 NCC力推資安認證標章
https://bit.ly/2tcCAfY

NCC呼籲已有26款電視機上盒因抽驗不合格而廢止審驗證明,違法販售最高處50萬罰金
https://bit.ly/2SpwN5F

金管會抽檢9縣市ATM 僅1銀行無現鈔
http://globalnewstv.com.tw/201902/58327/

電銷保單太擾民?金管會:民眾拒絕時應立即停止
https://fnc.ebc.net.tw/FncNews/else/69731

建構國家資安 學者籲公部門與民間協力
https://money.udn.com/money/story/7307/3643814

資安 國安第一道防線
https://talk.ltn.com.tw/article/paper/1267518

陳其邁兼任行政院資安長 統籌國家資安政策
https://udn.com/news/story/6656/3646242

統籌政策加強資安力道 陳其邁兼任蘇內閣整體資安長
https://bit.ly/2X6k8mL

H.SCADA/ICS/工控系統

SCADA/ICS-Systeme richtig absichern
https://www.computerwoche.de/a/scada-ics-systeme-richtig-absichern,3546414

New era of manufacturing: digital technology and its impact on downtime
http://www.manmonthly.com.au/news/new-era-of-manufacturing-digital-technology-and-its-impact-on-downtime/

Why SCADA Is Bad for Smart Factories
http://www.embedded-computing.com/premium-white-papers-2/whyscadaisbadforsmartfactories

To Improve Critical Infrastructure Security, Bring IT and OT Together
https://securityintelligence.com/to-improve-critical-infrastructure-security-bring-it-and-ot-together/

USB attacks: Big threats to ICS from small devices
https://searchsecurity.techtarget.com/feature/USB-attacks-Big-threats-to-ICS-from-small-devices

SCADA/ICS-Systeme richtig absichern
https://www.computerwoche.de/a/scada-ics-systeme-richtig-absichern,3546414


I.教育訓練類

遠程包含和本地包含漏洞的原理
http://www.manongjc.com/article/50905.html

網路安全(1) - 基礎密碼學
https://bit.ly/2teIvkz

透過 Google Cloud Community Tutorials 學習、提議或貢獻內容
https://bit.ly/2RVDVl3

Web Scraping Tutorial with Python: Tips and Tricks
https://bit.ly/2Slu6lw

ELF Binary Mangling Part 1 — Concepts
https://medium.com/@dmxinajeansuit/elf-binary-mangling-part-1-concepts-e00cb1352301


J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機

業界必須提高連網玩具的安全性
https://bit.ly/2tfprm7

Microchip推出安全金鑰功能端到端LoRa解決方案
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000553220_E3C1J55B3DR9J7L0RLPQX

能防範汽車駭客攻擊的檢測方案
https://www.eettaiwan.com/news/article/20190213NP21

意法與Arilou合作開發汽車駭客攻擊專用之檢測方案
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000553078_5LZL63NE8DEGW97T56JVH

川普簽署行政命令 要求優先發展人工智慧
https://bit.ly/2RVNSip

Security Experts: IoT Guidelines Come Up Short
https://www.bankinfosecurity.asia/security-experts-iot-guidelines-come-up-short-a-12011

What’s New in Deep Learning Research: Mobile Deep Learning with Google MnasNet
https://towardsdatascience.com/whats-new-in-deep-learning-research-mobile-deep-learning-with-google-mnasnet-cf9844d30ae8

Using AI to secure the global supply chain
https://www.zdnet.com/article/using-ai-to-secure-the-global-supply-chain/#ftag=RSSbaffb68

Google eliminates more spam from Gmail with TensorFlow
https://www.zdnet.com/article/google-eliminates-more-spam-from-gmail-with-tensorflow/#ftag=RSSbaffb68

New Relic acquires SignifAI to bring AI to IT operations
https://www.zdnet.com/article/new-relic-acquires-signifai-to-bring-ai-to-it-operations/#ftag=RSSbaffb68

PyTorch on Azure: Deep learning in the oil and gas industry
https://bit.ly/2GlYMgd


K.CTF

NeverLAN CTF 2019
https://ctftime.org/event/706

STEM CTF: Cyber Challenge 2019
https://ctftime.org/event/661

DEF CON CTF 2019 Quals
https://www.oooverflow.io/dc-ctf-2019-quals/

CTF 2019 - The 16th China International Tire and Wheel (Qingdao) Fair
https://bit.ly/2CWltVm

Official Website of CTF 2019 - The 16th China International Tire and Wheel (Qingdao) Fair, Qingdao, China
https://bit.ly/2VnsC8p

NeverLAN CTF
https://neverlanctf.com/


6.近期資安活動及研討會

資策會開辦ISO27002資訊安全管理國際認證班 2019/2/16
 https://ithome.com.tw/pr/128353

 Raspberry Pi 3+Google AIY Voice Kit 實作,打造智慧語音助理,學習自然語言理解  2/17
 https://www.techbang.com/posts/58439-raspberry-pi-3-google-aiy-voice-kit

 Golang Taipei Gathering #37  2/18
 https://www.meetup.com/golang-taipei-meetup/events/256740786/

 Magnet原廠授權認證課程Magnet AXIOM Examinations  2019/02/18 (一)~2019/02/21(四)  AM09:00~PM05:00
 https://www.dropbox.com/s/clxzfzel3w9ntle/Magnet%20AXIOM%E8%AA%B2%E7%B6%B1-2018.pdf?dl=0

 Android Code Club(Taipei)  Wednesday, February 20, 2019
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzdbbc/

 Women Join Tech Yilan Batch2 Session 4  Wednesday, February 20, 2019
 https://www.meetup.com/Women-Who-Code-Taipei/events/258317920/

 Weight Initialization, Under-/Over-Fitting, & Evaluation of Deep Learning Models  Wednesday, February 20, 2019
 https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257483906/

 第二屆《Hit AI & Blockchain》人工智慧暨區塊鏈產業高峰會  2019-02-20(三) 09:00 ~ 17:30 (GMT+8)
 https://www.accupass.com/event/1811190218087771003780

【PowerPoint簡報極限使用】2月主題:十倍速PPT製作  2019-02-20(三) 19:00 ~ 22:00 (GMT+8)
 https://www.accupass.com/event/1810161307265689597830

 HackingThursday 固定聚會 Thursday, February 21, 2019
 https://www.meetup.com/hackingthursday/events/vkhnnqyzdbcc/

  Flutter Codelabs 讀書會 (報名請參閱活動說明)  Thursday, February 21, 2019
 https://www.meetup.com/Women-Who-Code-Taipei/events/258377586/

  [資安專業人才培訓] 108年度培訓單位甄選公告 2/22
  https://www.acw.org.tw/News/Detail.aspx?id=55

 iTHome 台灣雲端大會 Cloud Summit  2019  Call for paper  截止日 2 月 22 日
 https://cloudsummit.ithome.com.tw/cfp/

 【課程】NLP自然語言處理分析實戰,學習非結構化文字分析技術,大幅提升人機溝通的精準與效率  2/23
 https://www.techbang.com/posts/59536-course-nlp-natural-language-processing-analysis-actual-combat

 [Visualization Series] 公投資料視覺化與選舉分析   2/24
 https://www.meetup.com/R-Ladies-Taipei/events/256933448/

 EnCase EnCE認證考試Preparation課程    2019/02/25 (一)~2019/02/27(三)  AM09:00~PM05:00
 https://www.dropbox.com/s/7bq3pb94s5rmfax/EnCE%E7%B8%BD%E8%A4%87%E7%BF%92%E7%8F%AD%E8%AA%B2%E7%A8%8B%E5%A4%A7%E7%B6%B2%20.pdf?dl=0

 Women Join Tech Coding Club新竹場第二梯營隊-「魔法種子老師培訓」session5  Tuesday, February 26, 2019
 https://www.meetup.com/Women-Who-Code-Taipei/events/258317875/

 如何導入區塊鏈  Tuesday, February 26, 2019
 https://www.meetup.com/Taipei-Blockchain/events/258326339/

 Elixir台灣 台北 Meetup # Monday, March 4, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzfbgb/

 Arduino四軸飛行器開發實作,無人機硬體、無線遙控器、飛控軟體整合、飛行教學,一天學會  3/9
 https://bit.ly/2LdYJ5H

 AI於資訊安全之應用  3/9
 https://hackercollege.nctu.edu.tw/?p=1042

 【補助專班】AI人工智慧應用系列- AIoT智能物聯網開發人才就業養成班[免費諮詢]  3/12
 https://ittraining.kktix.cc/events/aiot-training-2019

 Building and Training Convolutional Neural Networks, CNN  Wednesday, March 13, 2019
 https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257484158/

 Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, March 20, 2019
 https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzfbbc/

 國立交通大學 亥客書院 - 網路流量分析與檢測  3/23
 https://hackercollege.nctu.edu.tw/?p=1036

 Black Hat Asia 2019  2019年3月26-29日
 https://ubm.io/2zZu87q 

 Elixir台灣 台北 Meetup # Monday, April 1, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzgbcb/

 Modeling Sequences with Recurrent Neural Networks, RNN  Wednesday, April 3, 2019
 https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257484461/

 2019 ICANN APAC-TWNIC Engagement forum  4/16~4/17
 https://forum.twnic.tw/

 Industrial Control Systems (ICS) Cyber Security Conference  APAC  April 16-18, 2019
 https://www.icscybersecurityconference.com/

 Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, April 17, 2019
 https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzgbwb/

 國立交通大學 亥客書院 - 緩衝區溢位攻擊與預防 新竹  4/20
 https://hackercollege.nctu.edu.tw/?p=1052

 國立交通大學 亥客書院 - 基礎網站安全建構實務  5/4
 https://hackercollege.nctu.edu.tw/?p=1045

 Elixir台灣 台北 Meetup # Monday, May 6, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/

 國立交通大學 亥客書院 -電子郵件之偽造攻擊與防護措施安全通訊協定 5/11
 https://hackercollege.nctu.edu.tw/?p=1054

  iTHome 台灣雲端大會 Cloud Summit  2019   2019年 5 月 15 日 (三) 09:00~17:00
 https://cloudsummit.ithome.com.tw/

 Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, May 15, 2019
 https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzhbtb/

 International Conference  CONSTRUCTIVE THEORY OF FUNCTIONS - 2019  SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/

 國立交通大學 亥客書院 - 密碼系統之漏洞、修補與檢測 6/15
 https://hackercollege.nctu.edu.tw/?p=1039

 Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, June 19, 2019
 https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzjbzb/

 Splunk .conf 19  10/21 ~ 10/24
 https://conf.splunk.com/

 Industrial Control Systems (ICS) Cyber Security Conference  USA   October 21 – 24, 2019
 https://www.icscybersecurityconference.com


沒有留言:

張貼留言

資安事件新聞週報 2021/9/6 ~ 2021/9/10

  資安事件新聞週報 2021/9/6  ~  2021/9/10 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 發布Enterprise NFV Infrastructure Software(NFVIS)軟體安全更新 https://us-cert.c...