資安事件新聞週報 2019/3/11 ~ 2019/3/15
1.重大弱點漏洞
F5 BIG-IP 安全漏洞 CVE-2019-6598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6598
Checkpoint Zonealarm CVE-2018-8790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-8790
NetApp Service Processor 遠端執行程式碼漏洞
https://security.netapp.com/advisory/ntap-20190305-0001/
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/46538
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
https://www.exploit-db.com/exploits/46527
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
https://www.exploit-db.com/exploits/46522
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
https://www.exploit-db.com/exploits/46508
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
https://www.exploit-db.com/exploits/46506
IBM DB2 提升權限漏洞
https://www.auscert.org.au/bulletins/77042
Google Chrome 瀏覽器零時差弱點,可導致遠程攻擊者執行任意程式碼並完全控制主機
https://www.anquanke.com/post/id/172383
Chrome舊版本漏洞 解決法在這
https://bit.ly/2EQrX7Z
Chrome 漏洞嚴重影響 Windows 7 用戶,官方呼籲快盡快升級
https://3c.ltn.com.tw/news/36107
Google Chrome 73 released with dark mode support on macOS
https://www.zdnet.com/article/google-chrome-73-released-with-dark-mode-support-on-macos/#ftag=RSSbaffb68
穀歌首席安全工程師警告:立即更新穀歌瀏覽器
https://zh.wenxuecity.com/news/2019/03/12/8154854.html
研究人員一時手癢,玩壞英航影音系統發現DoS漏洞
https://www.ithome.com.tw/news/129225?fbclid=IwAR29MV10DhCTZlapA-k5g15Wn2QElfTqbsJzew6ng5ZEOaEjWEP2MliggGA
價值1250 美元的ERPNext 模版註入漏洞
https://www.chainnews.com/articles/516075102439.htm
D-link Dir-825_rev.b_firmware, dir-878_firmware CVE-2019-9123
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-9123
D-link Dir-825_rev.b_firmware, dir-878_firmware CVE-2019-9124
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-9124
D-link Dir-825_rev.b_firmware, dir-878_firmware CVE-2019-9125
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-9125
IBM QRadar SIEM內容欺騙漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10794523
Cisco Rv110w_firmware CVE-2019-1663
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-1663
Cisco Common Services Platform Collector Static Credential Vulnerability Alert
https://meterpreter.org/cisco-common-services-platform-collector-vulnerability/
微軟發佈03月份安全性公告
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ac45e477-1019-e911-a98b-000d3a33a34d
Proof-of-concept code published for Windows 7 zero-day
https://www.zdnet.com/article/proof-of-concept-code-published-for-windows-7-zero-day/#ftag=RSSbaffb68
Microsoft Windows JScript本地安全繞過漏洞
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2018-8417
微軟修補64個安全漏洞,當中兩個已遭開採
https://www.ithome.com.tw/news/129323
Windows 10 Now Automatically Uninstalls Updates That Cause Problems
https://bit.ly/2u7jw2U
Microsoft March Patch Tuesday comes with fixes for two Windows zero-days
https://www.zdnet.com/article/microsoft-march-patch-tuesday-comes-with-fixes-for-two-windows-zero-days/#ftag=RSSbaffb68
Windows 10 Will Now Automatically Uninstall Corrupted Updates
https://bit.ly/2HsFl53
Microsoft Releases Patches for 64 Flaws — Two Under Active Attack
https://bit.ly/2T3B0Yb
Microsoft might give Windows 10 Home users the option to pause updates for 35 days
https://www.zdnet.com/article/microsoft-might-give-windows-10-home-users-the-option-to-pause-updates-for-35-days/#ftag=RSSbaffb68
Microsoft Patches Fresh Flaws Hit by Hackers
https://www.bankinfosecurity.com/microsoft-patches-fresh-flaws-hit-by-hackers-a-12162
Checkstyle 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9658
Boeing plans autopilot software update after two 737 MAX crashes
https://www.zdnet.com/article/boeing-plans-autopilot-software-update-after-two-737-max-crashes/#ftag=RSSbaffb68
Mozilla launches Firefox Send, a free, encrypted file-sharing service
https://www.zdnet.com/article/mozilla-launches-firefox-send-a-free-encrypted-file-sharing-service/#ftag=RSSbaffb68
Firefox Send — Free Encrypted File Transfer Service Now Available For All
https://bit.ly/2O0TLe3
Vulnerability in Swiss e-voting system could have led to vote alterations
https://www.zdnet.com/article/vulnerability-in-swiss-e-voting-system-could-have-led-to-vote-alterations/#ftag=RSSbaffb68
Adobe Releases Patches for Critical Flaws in Photoshop CC and Digital Edition
https://bit.ly/2UyRYPO
Adobe 存在嚴重安全性弱點
https://helpx.adobe.com/security/products/photoshop/apsb19-15.html
https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html
Polycom Trio跨站腳本漏洞
https://support.polycom.com/PolycomService/home/home.htm
March’s Patch Tuesday Fixes Privilege Escalation Vulnerabilities Exploited in the Wild
https://blog.trendmicro.com/trendlabs-security-intelligence/marchs-patch-tuesday-fixes-privilege-escalation-vulnerabilities-exploited-in-the-wild/
The fourth horseman: CVE-2019-0797 vulnerability
https://securelist.com/cve-2019-0797-zero-day-vulnerability/89885/
CVE-2019-7238: Insufficient Access Controls in Sonatype Nexus Repository Manager 3 Allows Remote Code Execution
https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2019-7238-insufficient-access-controls-in-sonatype-nexus-repository-manager-3-allows-remote-code-execution/
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
店家禁止完全無現金交易 美國費城立法通過
https://www.ettoday.net/news/20190308/1394657.htm
金融科技新挑戰 法遵科技vs.資安應用新視野
https://www.chinatimes.com/realtimenews/20190308003530-260410
涉案人員100餘人、涉案金額達4000多萬,中國大陸巴州區公安打擊一個“信用卡”犯罪團伙
https://k.sina.com.cn/article_6142603556_16e20b12402000k5yz.html
刷我卡卻保別人車! 車主控產險「代刷漏洞」
https://bit.ly/2TofwKJ
央行副行長:丈母娘挑女婿都用上了個人徵信報告
https://news.sina.com.tw/article/20190310/30396296.html
超危險!網購刷卡當心遭「表單劫持」
https://bit.ly/2CfGzNL
【純網銀來了】完全網路作業 再也不用大小事都跑銀行
https://bit.ly/2u39XSX
英國蘇格蘭皇家銀行宣布 將試用指紋識別銀行卡
https://hk.on.cc/hk/bkn/cnt/aeanews/20190312/bkn-20190312041038090-0312_00912_001.html
香港東亞銀行電腦系統出現故障,17間分行受影響未能提供櫃位服務
https://hk.on.cc/hk/bkn/cnt/news/20190309/bkn-20190309103843786-0309_00822_001.html
香港東亞銀行冧機17分行癱瘓 區議員促公布故障原因
https://hk.on.cc/hk/bkn/cnt/news/20190309/bkn-20190309103843786-0309_00822_001.html
香港東亞銀行表示系統陸續回復正常 正跟進網絡不穩原因
https://bit.ly/2VN1PS9
彰銀稅前盈餘創新高 下半年發數位帳戶卡
https://bit.ly/2VMuwyA
開發金控首創銀行及證券雙向數位身分認證
https://www.chinatimes.com/realtimenews/20190307003344-260410
加薪不求人 遠銀:「人人都是分行經理」月月自動加薪
https://ec.ltn.com.tw/article/breakingnews/2722834
科技人跳金融圈 將來銀行老總自爆克服3大差異
https://tw.finance.appledaily.com/realtime/20190310/1530580
英金融業去年遇駭 暴增5倍
https://www.chinatimes.com/newspapers/20190311000216-260203
駭客攻擊金融機構的手法和技巧(含歷年重大攻擊事件表)
https://blog.trendmicro.com.tw/?p=59601
【純網銀來了】資安與監理最重要 創新服務才有可能獲利
https://bit.ly/2HfDSQn
《財經觀測站》當「純網銀」遇上「金金分離」
https://ec.ltn.com.tw/article/paper/1273488
雙重認證防洩私隱 確保網上帳戶安全
https://bit.ly/2VWkdbn
虛擬銀行中資天下 6熱門4間紅色背景 開張初期料高息吸客
https://bit.ly/2u5wZIQ
金融業主動端菜搶先機
https://www.chinatimes.com/newspapers/20190313000266-260210
中國P2P網貸平臺的新風險比爆雷還危險
https://www.secretchina.com/news/b5/2019/03/13/887220.html
ATM鍵盤藏危機 塑膠鍵恐導致密碼遭破解
https://www.ttv.com.tw/news/view/10803130027400N/579
小額免簽盜刷多 英銀行邀用戶測試指紋辨識信用卡
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=45&id=0000555567_0pf6dsqm589juv8ns6wpi
蘋果踢爆:星展ATM爆食錢羅生門 事主稱存入6.6萬 銀行指無紀錄
https://hk.news.appledaily.com/local/daily/article/20190315/20633861
Advanced ATM Penetration Testing Methods
https://gbhackers.com/advanced-atm-penetration-testing-methods/
Insert Skimmer + Camera Cover PIN Stealer
https://krebsonsecurity.com/2019/03/insert-skimmer-camera-cover-pin-stealer/
Financial Cyberthreats in 2018
https://securelist.com/financial-cyberthreats-in-2018/89788/
Breaking the Bank: Weakness in Financial AI Applications
https://www.fireeye.com/blog/threat-research/2019/03/breaking-the-bank-weakness-in-financial-ai-applications.html
南山今年擬徵才6500人 提供新人專案獎金1年最高30萬
https://tw.appledaily.com/new/realtime/20190308/1529784/
〈台大校園徵才〉Fintech改寫金融業生態 金融業跨界爭搶科技高手
https://bit.ly/2tYjf2j
玉山金搶人才 科技理工、會計稅務吃香
https://www.chinatimes.com/realtimenews/20190309001698-260410
金融業向跨領域人才招手
https://news.cnyes.com/news/id/4286685
【新鮮人年薪百萬】10大金控獵3萬名好手 科技金融人才都要
https://tw.appledaily.com/new/realtime/20190309/1529913/
10大金控搶先跑 年薪上看百萬
https://tw.appledaily.com/headline/daily/20190310/38276950/
3.電子支付/電子票證/行動支付/ 新聞及資安
女用QR code付款 遭隔空盜刷8百人民幣
https://bit.ly/2TCzKQ9
巴克萊與支付寶達成協議接入英國商戶進行交易
http://www.aastocks.com/tc/stocks/news/aafn-news/NOW.928769/2
國內速食業嗶起來!麥當勞全台啟用悠遊卡等四票證支付
https://bit.ly/2Jcr8M4
8000萬張悠遊卡Q4可享線上電子支付
https://news.cnyes.com/news/id/4289535
墨攻結合4大連鎖民生消費業 提供國內及境外行動支付
https://www.ettoday.net/news/20190315/1399857.htm
純網銀、數位銀、網路銀分不清 這張表一次看懂
https://money.udn.com/money/story/5613/3698562
4.虛擬貨幣/區塊鍊 新聞及資安
非洲:一個不容小覷的加密貨幣市場
http://news.knowing.asia/news/ef9a3d62-2c4b-4cb0-8bbb-89b5da495dd3
SWIFT宣布與金融機構合作,將推出區塊鏈電子投票PoC
https://www.55coin.com/article/7020.html
躲制裁、賺外匯 聯合國:北韓駭進加密貨幣交易所
https://ec.ltn.com.tw/article/breakingnews/2721794
聯合國調查小組查出,北韓駭客不停駭進交易所、運用區塊鏈「規避經濟制裁」
https://www.blocktempo.com/north-korea-stole-cryptocurrency-via-hacking-un-panel/
損失5萬EOS!EOS非競猜類DApp遭駭客攻擊
https://news.sina.com.tw/article/20190311/30407214.html
JP摩根、高盛、富國銀行紛紛入局區塊鏈,只因這7個關鍵因素
http://news.knowing.asia/news/fc052bb5-2c17-4e7c-b908-ddcab0cf4faf
都是駭客攻擊惹的禍?日本加密投資「熱情消退」
http://news.knowing.asia/news/749a1bac-1e6a-4bca-8218-2b55c7c27d24
Ledger調查報告:Trezor硬體錢包具有五個漏洞
https://news.sina.com.tw/article/20190312/30426152.html
透過 Apple & Samsung Pay 實踐加密貨幣支付:比特現金 BSV 宣布與 Zeux 合作
https://technews.tw/2019/03/12/bsv-zeux-action-payment/
把台灣人病歷放上「區塊鏈」!健康護照 App 要打破醫院之間的數據隔閡
https://buzzorange.com/techorange/2019/03/12/healthpass-app/
波蘭國際事務研究所研究員:加密貨幣為當前國際經濟和政治體系帶來了挑戰
https://bit.ly/2FbmIBj
會 Go 語言獲得最多面試邀約!Hired 調查:區塊鏈工程師需求暴增 517%
https://technews.tw/2019/03/14/the-state-of-software-engineers/
美國一連鎖超市擬棄VISA用比特幣? 零售業瞄準加密貨幣支付潛力 大規模應用面臨挑戰
https://iview.sina.com.tw/post/18767440
比特幣大盜鑽提款漏洞 四人幫得手112次騙20萬
https://bit.ly/2O72smS
虛擬貨幣平台出事 Gatecoin遭頒令清盤
http://www.hkcd.com/content/2019-03/15/content_1128528.html
以太坊智能合約漏洞實戰詳解:整數溢出攻擊
https://www.huoxing24.com/newsdetail/20190314173040282612.html
因竊取價值1500萬日元的加密貨幣,日本駭客被起訴
https://life.tw/?app=view&no=908160
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體
McAfee 研究人員發現已披露的 WinRAR 漏洞正被利用來植入木馬
https://www.kocpc.com.tw/archives/248664
7 個常見病毒、木馬、惡意程式的來源
https://blog.trendmicro.com.tw/?p=59351
美國喬治亞州傑克森郡政府遭勒索軟體攻擊,選擇付錢了事
https://www.ithome.com.tw/news/129226
Georgia county pays a whopping $400,000 to get rid of a ransomware infection
https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-infection/#ftag=RSSbaffb68
RTM網銀木馬在2018年對130,000家企業實施了攻擊
https://www.weibo.com/ttarticle/p/show?id=2309404348612808162843
網路犯罪再進化:勒索病毒退流行,你該注意的是「挖礦綁架」
https://www.thenewslens.com/feature/timefortune/115174
網絡犯罪再進化:勒索軟件被「挖礦綁架」取代
https://hk.thenewslens.com/article/115359
PoS惡意程式鎖定中小企業,潛藏至少4年
https://www.ithome.com.tw/news/129333?fbclid=IwAR30kveu0HIe0uOkuDPhzlEUeYmDt_7Z90DOTb00ZKd8C6XEsx1iYwquQYE
‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses
https://www.flashpoint-intel.com/blog/dmsniff-pos-malware-actively-leveraged-target-medium-sized-businesses/
Fileless Banking Trojan Targeting Brazilian Banks Downloads Possible Botnet Capability, Info Stealers
https://blog.trendmicro.com/trendlabs-security-intelligence/fileless-banking-trojan-targeting-brazilian-banks-downloads-possible-botnet-capability-info-stealers/
Chinese hacking group backdoors products from three Asian gaming companies
https://www.zdnet.com/article/chinese-hacking-group-backdoors-products-from-three-asian-gaming-companies/#ftag=RSSbaffb68
Gaming industry still in the scope of attackers in Asia
https://www.welivesecurity.com/2019/03/11/gaming-industry-scope-attackers-asia/
Avast and Emsisoft release free decrypters for BigBobRoss ransomware
https://www.zdnet.com/article/avast-and-emsisoft-release-free-decrypters-for-bigbobross-ransomware/#ftag=RSSbaffb68
Emotet trojan implicated in Wolverine Solutions ransomware attack
https://portswigger.net/daily-swig/emotet-trojan-implicated-in-wolverine-solutions-ransomware-attack
Massive Ryuk Ransomware Attack on Entire Computers of Jackson County, Georgia – $400,000 Ransom Paid
https://gbhackers.com/jackson-county-ransomware-attack/
Transferring Backdoor Payloads with BMP Image Pixels | By Damon Mohammadbagher
https://bit.ly/2Y0xgum
Zahl der Opfer von Banking-Trojanern 2018 um 16 Prozent gestiegen
http://www.av-finance.com/geldinstitute/newsdetails-gi/artikel/334/zahl-der-opfer-von-banking-trojanern-2018-um-16-prozent-gestiegen/
NEW URSNIF VARIANT TARGETS JAPAN PACKED WITH NEW FEATURES
https://www.cybereason.com/blog/new-ursnif-variant-targets-japan-packed-with-new-features
Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware
https://www.zdnet.com/article/malicious-counter-strike-1-6-servers-used-zero-days-to-infect-users-with-malware/#ftag=RSSbaffb68
Ransomware Attack on Vendor Affects 600,000
https://www.bankinfosecurity.com/ransomware-attack-on-vendor-affects-600000-a-12164
A DANGEROUS MALWARE THAT STEALS BANKING INFORMATION
https://www.securitynewspaper.com/2019/03/12/a-dangerous-malware-that-steals-banking-information/
Ursnif Banking Trojan Variant Steals More Than Financial Data
https://www.bankinfosecurity.com/ursnif-banking-trojan-variant-steals-more-than-financial-data-a-12165
4% Indian users hit by banking Trojans in 2018: Report
https://samajweekly.com/4-indian-users-hit-by-banking-trojans-in-2018-report/
This banking malware just returned with new sneaky tricks to steal your data
https://www.zdnet.com/google-amp/article/this-banking-malware-just-returned-with-new-sneaky-tricks-to-steal-you-data/
From Fileless Techniques to Using Steganography: Examining Powload’s Evolution
https://blog.trendmicro.com/trendlabs-security-intelligence/from-fileless-techniques-to-using-steganography-examining-powloads-evolution/
A Machine Learning Model to Detect Malware Variants
https://blog.trendmicro.com/trendlabs-security-intelligence/a-machine-learning-model-to-detect-malware-variants/
GlitchPOS: New PoS malware for sale
https://blog.talosintelligence.com/2019/03/glitchpos-new-pos-malware-for-sale.html
Two-thirds of all Android antivirus apps are frauds
https://www.zdnet.com/article/two-thirds-of-all-android-antivirus-apps-are-frauds/#ftag=RSSbaffb68
Android Test 2019 – 250 Apps
https://www.av-comparatives.org/tests/android-test-2019-250-apps/
Fresh POS Malware Strikes Small and Midsize Companies
https://www.bankinfosecurity.com/fresh-pos-malware-strikes-small-midsize-companies-a-12167
Ransomware attack news trending on Google
https://www.cybersecurity-insiders.com/ransomware-attack-news-trending-on-google/
B.行動安全 / iPhone / Android /穿戴裝置 /App
面部解鎖被相片破解 Galaxy S10 用戶建議使用指紋辨識
https://unwire.hk/2019/03/09/unlock-galaxy-s10-with-photo/mobile-phone/
三星S10被曝安全漏洞,視頻就能解鎖手機,人臉識別形同擺設
https://www.sohu.com/a/300249089_100219861?sec=wd
Galaxy S10 容貌辨識有漏洞 哥哥手機被妹妹面部解鎖
https://unwire.hk/2019/03/12/sister-unlock-brother-galaxy-s10-with-her-face/mobile-phone/
臉書帳號登App 曝隱私3大風險
https://bit.ly/2UtbtsQ
詐騙新手法!測試app遊戲 手機被鎖還勒索你
https://udn.com/news/story/7315/3687290
刑事局電偵大隊記者會 偵破藥妝APP遭竄改詐欺案
https://www.upmedia.mg/news_info.php?SerialNo=59050
安卓粉的痛、跪求Google快點改!外媒點名 Android 手機五大缺點
https://3c.ltn.com.tw/news/36106
安卓粉心中痛!這5大缺點怒到想摔機
https://bit.ly/2u9kJal
Google快改進!盤點Android作業系統5大缺點
https://www.ettoday.net/news/20190311/1396726.htm
鑽網購APP漏洞 男沒花錢得手1500萬商品
https://www.ttv.com.tw/news/view/10803110015300N/579
曾任物流竟能取得工程師APP 警方懷疑有內賊
https://tw.appledaily.com/new/realtime/20190311/1531347/
用工程師版App 囂張男嫌爽買
https://tw.appledaily.com/headline/daily/20190312/38278858/
鑽屈臣氏APP漏洞 網拍主詐300萬元商品大做無本生意
https://news.ltn.com.tw/news/society/breakingnews/2723235
屈臣氏網購結帳程式被破解,5 天遭詐近 300 萬元
https://technews.tw/2019/03/12/watsons-e-shopping-app-hacked/
網購屈臣氏1500萬結帳0元 駭客冷笑「花100萬請我不回去」
https://www.ettoday.net/news/20190311/1396641.htm
詐財誆報復 自稱卡神第2
https://www.chinatimes.com/newspapers/20190312000549-260106
超強開發者在 Google Pixel 3 XL,成功啟動 Windows 10
https://bit.ly/2VRwLRe
手機網路掛點大當機 中華電信認故障教這招
https://bit.ly/2EWyoWS
行動裝置測試軟體 Antutu 7.2.6 釋出 , 更新日誌直言修復部分廠商惡意利用問題
https://www.kocpc.com.tw/archives/248063
台灣超過一半人口使用手機上網 資安觀念卻十分欠缺
https://udn.com/news/story/7315/3695239?from=udn-ch1_breaknews-1-cate2-news
更多Android Q Beta的更新細節,改善隱私以及強化折疊手機App管理
https://bit.ly/2XYdTC8
Check Point:中國業者利用Android程式竊取使用者通訊錄
https://www.ithome.com.tw/news/129330?fbclid=IwAR0Vpf4CRnk2lLXIqGLeRYOOwWs9nql1AvwzjsT-0rhUlcFf-4v7rCFySTA
Operation Sheep: Pilfer-Analytics SDK in Action
https://research.checkpoint.com/operation-sheep-pilfer-analytics-sdk-in-action/
A Mobile App Scanner is Not Just Another App
https://blog.trendmicro.com/a-mobile-app-scanner-is-not-just-another-app/
Free Mobile Application Security and Privacy Test
https://medium.com/@htbridge/free-mobile-application-security-and-privacy-test-a138bbae8ba0
C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件
回顧2018年五個資安情勢
https://blog.trendmicro.com.tw/?p=59848
新發現透過 GitHub 和 Slack 進行的定位攻擊事件
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=898
Gmail、Google硬碟大規模掛點 搶修3小時才恢復
https://tw.appledaily.com/new/realtime/20190313/1532386/
什麼日子? Gmail當機後,FB、IG接力
https://www.cw.com.tw/article/article.action?id=5094326
【緊接Google之後】FB、IG全球大當機 官方改用推特道歉:非網路攻擊
https://bit.ly/2HhUhUv
日月光資安管理 運用人工智慧和大數據
https://money.udn.com/money/story/5612/3694944
兒童智能手錶被入侵監聽跟蹤 消委會教設高強度密碼
https://topick.hket.com/article/2294393
《刀塔自走棋》手遊官網上線,預約首日遭駭客癱瘓
https://www.4gamers.com.tw/news/detail/38267/dota-auto-chess-mobile-being-attacked-by-hacker
亞洲多款遊戲於開發階段再遭中國駭侵團體「供應鏈攻擊」植入後門
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=900
2018年度十大網站攻擊技法出爐,臺灣資安專家研究再獲全球肯定,連續兩年蟬聯第一
https://www.ithome.com.tw/news/129314
美麻省理工期刊:量子加密技術被上海交大破解
https://www.chinatimes.com/realtimenews/20190312004882-260409
建立網路戰平台!北約在塔林打造「數字戰壕」
https://news.sina.com.tw/article/20190312/30434764.html
中國侵門踏戶 註冊台灣網域名稱宣傳 31條
https://m.ltn.com.tw/news/politics/breakingnews/2725122
美國雲端企業服務大廠 Citrix 遭駭,6TB 文件恐遭伊朗駭客竊走
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=899
科技大廠 Citrix 遭「密碼噴灑」手法攻陷!大量白宮、FBI 機密恐被竊
http://technews.tw/2019/03/13/iranian-backed-hackers-stole-data-from-major-us-government-contractor/
網路安全專家談劍鋒委員:網路上不要輕易「刷臉」
https://news.sina.com.tw/article/20190311/30415482.html
加碼禁用大陸產品 為資安還是為表態
https://www.storm.mg/article/1002760
美國逼德國封殺華為5G 情報分享當籌碼
https://www.rti.org.tw/news/view/id/2014204
美首度警告柏林:封殺華為、否則情資分享不再暢通
https://wealth.businessweekly.com.tw/m/GArticle.aspx?id=ARTL000131799
美國警告後 梅克爾:德國將自訂5G網路安全標準
https://bit.ly/2Tzgzrh
梅克爾不吃川普那套...美國威脅德國「不可採用華為設備」,德國總理強勢回應:這是我們自己的事
https://bit.ly/2Cn9E9X
美國圍堵華為 海底通訊電纜成新戰場
https://www.cna.com.tw/news/aopl/201903130017.aspx
政府面對華為產品資安威脅應有做法
https://bit.ly/2HCTMDV
大陸產經:華為願與德國簽防諜協議,並針對資安議題進行合作
https://bit.ly/2HxJ80V
賽門鐵克:駭客對購物網站進行「表單劫持」成新主流,直接將你在網路上的信用卡刷卡資訊轉走
https://bit.ly/2UsxFDH
TWNIC首度發表臺灣網路資安態勢分析,對外攻擊是頭號威脅
https://ithome.com.tw/news/129208
臺灣面臨的10大惡意攻擊皆為全球兩倍,並是Botnet攻擊最多國家
https://www.ithome.com.tw/news/129187
瑞士和澳大利亞的電子投票系統爆嚴重漏洞,可操縱選票
https://www.secrss.com/articles/9037
瑞士電子投票系統漏洞可能遭竄改票數
https://www.ithome.com.tw/news/129311
個資被看光?杜奕瑾示警中共隱私竊密
https://bit.ly/2UtpczZ
文彩元官方否認點讚鄭俊英相關事件:帳號被駭客攻擊
http://tw.fansyes.com/content/20190314/kr3x0q513y6l.shtml
4/6類千禧蟲再現? 資安專家:當天我不搭機
https://www.ttv.com.tw/news/view/10803100016600N/568
美內部報告坦言軍事強權受威脅,海軍遭陸駭客"圍攻"
https://bit.ly/2u5ETBU
憂網路版珍珠港事變 美學者:遠離陸製設備
https://bit.ly/2J74S6h
美海軍提高保密性「防中國駭客」 停止公布晉升軍官名單
https://www.ettoday.net/news/20190315/1399788.htm
中國OTT大舉攻台 學者:意圖影響台灣2020大選
https://news.ltn.com.tw/news/politics/breakingnews/2726253
中國騰訊擬來台「落地」 循愛奇藝走灰色地帶
https://tw.appledaily.com/new/realtime/20190314/1532869/
中共網路盜竊技術 美國開始反擊
https://bit.ly/2XMkyPP
中國全國青聯:建議明確禁止未成年人擔任網路主播
https://news.sina.com.tw/article/20190309/30387630.html
中共賬本三千億去向不明 財政報告漏洞多
https://m.secretchina.com/news/b5/2019/03/10/886947.html
2018年日本警方查獲網路犯罪逾9000起創新高
https://bit.ly/2Jj0CRt
對抗供應鏈攻擊 日政府與大公司助中小企業強化資安防禦能力
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000554957_FWULVG4I42EPMC8VPI3LR
網路攻擊日益猖獗 日本將成立亞洲第一個資安聯盟
https://news.wearn.com/c170598.html
網路攻擊日益猖獗 日本將成立亞洲第一個資安聯盟+蔡英文提七項綱領 綠稱有必要表態、藍批恐嚇民眾
https://www.anntw.com/articles/20190311-ntVI
委內瑞拉供電無法恢復 馬杜洛怪罪駭客攻擊
https://bit.ly/2u1meav
當整個國家都陷入黑暗...委內瑞拉指控遭美國網路攻擊:「已請求中國協助調查」
https://www.storm.mg/article/1052507
印尼大選4/17登場 選委會控中俄駭客捏造幽靈選民
https://newtalk.tw/news/view/2019-03-13/219119
俄網軍干擾美大選換招式 操作社媒由明轉暗
https://udn.com/news/story/6809/3688700
俄羅斯網軍改變策略,激發政治對立干擾美國總統大選
http://technews.tw/2019/03/12/russian-internet-research-agency-shift-strategy/
俄網軍假帳號 干擾美2020大選
https://bit.ly/2UuoB0T
俄國萬人上街 抗議政府以資安為由控制網路
https://lihkg.com/thread/1056151/page/1
北韓可能準備發射「衛星」 威力超出「光明星4號」
https://www.chinatimes.com/realtimenews/20190311003557-260408
聯合國報告:朝鮮規避制裁升級 獲大量資金
http://www.epochtimes.com/b5/19/3/11/n11105689.htm
聯合國報告稱朝鮮對虛擬貨幣等網路攻擊造成逾6.7億美元損失
https://tchina.kyodonews.net/news/2019/03/8935717f02f7-67.html
制裁破功 北韓靠駭客海撈7億
https://tw.appledaily.com/international/daily/20190312/38278503/
突破制裁網:竊盜6.7億美金虛擬貨幣的「北韓駭客經濟」
https://global.udn.com/global_vision/story/8662/3692257
美國雲端大廠 Citrix 遭伊朗駭客竊取 6TB 資料,白宮、FBI、NASA 機密恐遭竊
https://buzzorange.com/techorange/2019/03/13/citrix-crisis/
伊朗駭客入侵 Citrix 系統 竊取超過 6TB 資料
https://unwire.pro/2019/03/11/iranian-backed-hackers-stole-data-major-u-s-government-contractor/security/
Citrix內部網路遭國際犯罪集團駭入,傳為伊朗駭客所為
https://www.ithome.com.tw/news/129224?fbclid=IwAR1cNeCcwctUqT_kk1yndmPCQA8xLxo8bfJ-x31FO_w76eFP4ajyXHrMDC8
Citrix discloses security breach of internal network
https://www.zdnet.com/article/citrix-discloses-security-breach-of-internal-network/#ftag=RSSbaffb68
Citrix investigating unauthorized access to internal network
https://www.citrix.com/blogs/2019/03/08/citrix-investigating-unauthorized-access-to-internal-network/
Citrix Hacked by Password-Spraying Attackers, FBI Warns
https://www.bankinfosecurity.com/citrix-hacked-by-password-spraying-attackers-fbi-warns-a-12154
US senators want to know how many times they've been hacked
https://www.zdnet.com/article/us-senators-want-to-know-how-many-times-theyve-been-hacked/#ftag=RSSbaffb68
Iranian hackers behind mass cyber attack, says Microsoft
https://www.thenational.ae/world/gcc/iranian-hackers-behind-mass-cyber-attack-says-microsoft-1.834208
Marriott CEO shares post-mortem on last year's hack
https://www.zdnet.com/article/marriott-ceo-shares-post-mortem-on-last-years-hack/#ftag=RSSbaffb68
WordPress shopping sites under attack
https://www.zdnet.com/article/wordpress-shopping-sites-under-attack/#ftag=RSSbaffb68
'Yelp for conservatives' MAGA app leaks users data
https://www.zdnet.com/article/yelp-for-conservatives-maga-app-leaks-users-data/#ftag=RSSbaffb68
Open Distro for Elasticsearch is Amazon's move to show it's pro-open source
https://www.zdnet.com/article/open-distro-for-elasticsearch-is-amazons-move-to-show-its-pro-open-source/#ftag=RSSbaffb68
Chinese hackers fish for naval secrets
https://www.bbc.com/news/technology-47468443
New BitLocker attack puts laptops storing sensitive data at risk
https://www.zdnet.com/article/new-bitlocker-attack-puts-laptops-storing-sensitive-data-at-risk/#ftag=RSSbaffb68
Red Team to help secure open-source software
https://www.zdnet.com/article/red-team-to-help-secure-open-source-software/#ftag=RSSbaffb68
Apple, Google, GoDaddy misissued TLS certificates with weak serial numbers
https://www.zdnet.com/article/apple-google-godaddy-misissued-tls-certificates-with-weak-serial-numbers/#ftag=RSSbaffb68
Hackers Love to Strike on Saturday
https://www.bankinfosecurity.eu/blogs/hackers-love-to-strike-on-saturday-p-2731
Operation Comando: How to Run a Cheap and Effective Credit Card Business
https://unit42.paloaltonetworks.com/operation-comando-or-how-to-run-a-cheap-and-effective-credit-card-business/
Hackers are Ready to Exploit Zero-Day Flaws; Companies are Slow to Act
https://medium.com/readwrite/hackers-are-ready-to-exploit-zero-day-flaws-companies-are-slow-to-act-162bd6340ce5
Revisiting Election Security Threats FBI's Elvis Chan on What's Being Done to Secure the 2020 Election
https://www.bankinfosecurity.com/revisiting-election-security-threats-a-12166
Hacking And Cyber Attack Ruled Out As Cause Of Mystery 14-Hour Facebook Outage
https://start.att.net/news/read/article/fortune-hacking_and_cyber_attack_ruled_out_as_cause_of_mys-rtime/category/finance
Hackers used the Roskomnadzor registry for attacks on Yandex
http://www.ehackingnews.com/2019/03/hackers-used-roskomnadzor-registry-for.html
宏碁今年徵才500人 釋出電競資安多元職缺
https://www.cna.com.tw/news/afe/201903090170.aspx
中華電信前進校園 招募500新血
https://udn.com/news/story/7005/3687496
鐵飯碗來了!中華電徵才開跑 底薪最高49K
https://www.chinatimes.com/realtimenews/20190309001691-260410
中華電信徵才團隊南下交大、成大校園
https://tw.news.appledaily.com/new/realtime/20190311/1530936/
【資安所】網駭科技研析中心-程式開發工讀
https://www.104.com.tw/job/?jobno=6ji1z
軟體研發工程師
https://www.cakeresume.com/companies/onwardsecurity/jobs/software-r-amp-d-engineer
7C03_網路資安工程師
https://m.1111.com.tw/job/85869764/
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
中國電商網站Gearbest洩露150多萬筆消費者個資、訂單資料
https://www.ithome.com.tw/news/129364
網絡攻擊者使用GoDaddy漏洞來詐騙用戶
https://www.cyclonis.com/zh-cn/cyber-attackers-used-godaddy-vulnerability-scam-users/
富士精工陸籍員工涉竊密!被捕時稱:為了學習
https://fnc.ebc.net.tw/FncNews/else/72751
Facebook 控告兩名開發者藉瀏覽器擴展偷竊用戶資料
https://technews.tw/2019/03/14/facebook-sues-two-ukranians-over-data-stealing-browser-add-ons/
擅自與150家公司分享用戶資訊 傳臉書遭刑事調查
https://www.chinatimes.com/realtimenews/20190314003068-260408
刑事局打擊詐騙列重點工作
https://bit.ly/2TLsyBe
浙江警方跨省破獲特大網路詐騙案
https://news.sina.com.tw/article/20190311/30415476.html
北京警方打擊防範電詐 1300餘萬電詐攔截資金被返還
https://news.sina.com.tw/article/20190309/30388502.html
打擊電信網路詐騙犯罪 警方提示有竅門
https://news.sina.com.tw/article/20190309/30387938.html
赴日本與哥斯大黎加設詐騙機房 檢方起訴7人
https://taronews.tw/2019/03/07/273795/
玩10分鐘領1000!女應徵測試手遊APP 手機慘遭鎖再被勒索1500
https://www.ettoday.net/news/20190310/1395737.htm
中國180萬女性個資外洩 連生育能力都紀錄
https://tw.appledaily.com/new/realtime/20190312/1531535/
中國數據庫列出180萬名女性於「可配種」狀態
https://news.ltn.com.tw/news/world/breakingnews/2723642
荷蘭專家揭露毛骨悚然的中國女人個資:有關 180 萬「可生育」的女人
https://buzzorange.com/2019/03/12/dutch-found-creepy-databases-about-1-8-million-chinese-woman/
臉書控告兩名開發人員搜括用戶資訊並覆蓋臉書廣告
https://www.ithome.com.tw/news/129223
醫院洩密 新加坡總理都中招
https://bit.ly/2UxYm9T
會員控疑個資外洩害盜刷 海帝斯健身房:釐清中
https://bit.ly/2HvF8OE
1堂英語課竟要4萬元! 女大生無卡分期成冤大頭
https://tw.news.appledaily.com/new/realtime/20190314/1533091/
網購DimBuy資料庫被入侵 顧客信用卡電話外洩
https://hk.on.cc/hk/bkn/cnt/news/20190314/bkn-20190314111028586-0314_00822_001.html
《BEC 詐騙 》一封信丟了工作,還被雇主索賠 400 多萬台幣
https://blog.trendmicro.com.tw/?p=59718
809 million records exposed by email marketing giant
https://www.zdnet.com/article/809-million-records-exposed-by-email-marketing-giant/#ftag=RSSbaffb68
Breach of 'Verifications.io' Exposes 763 Million Records
https://www.bankinfosecurity.com/breach-verificationsio-exposes-763-million-records-a-12158
BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To
https://bit.ly/2UzSUmS
Report: Facebook faces criminal probe for sharing user data
https://www.zdnet.com/article/report-facebook-faces-criminal-probe-for-sharing-user-data/#ftag=RSSbaffb68
Data Breaches 101: How They Happen, What Gets Stolen, and Where It All Goes
https://bit.ly/2J8yGiS
E.研究報告
開源無線網路與管理方案 OpenWRT & OpenWISP
https://bit.ly/2XRJlBV
NSA逆向分析工具-Ghidra 使用心得與實例展示
https://bit.ly/2XUtJ0H
微軟Word中新漏洞允許攻擊者繞過所有防惡意軟體防禦
https://read01.com/P5zLPDa.html
路由器漏洞挖掘之命令執行
https://xz.aliyun.com/t/4291
[原創]“深入”探索CVE-2018-8174
https://bbs.pediy.com/thread-249933.htm
WinRAR遠程代碼執行漏洞結合Metasploit+Ngrok實現遠程上線
https://www.freebuf.com/articles/network/197025.html
BuleHero蠕蟲病毒變種新增thinkphp5漏洞攻擊方式
https://s.tencent.com/research/report/675.html
AFL 漏洞挖掘技術漫談(一):用AFL 開始你的第一次Fuzzing
https://paper.seebug.org/841/
CVE-2018-15982任意代碼執行漏洞復現
https://www.freebuf.com/column/197760.html
PXE Dust:Windows Servers Deployment Services漏洞分析
https://www.anquanke.com/post/id/172888
Phpshe v1.7 SQL盲注漏洞(CVE-2019-9626)分析
https://anquan.baidu.com/article/684
ThinkPHP5核心類Request遠程代碼漏洞分析
https://www.freebuf.com/vuls/196934.html
Microsoft Word OLE模塊再次出現已被黑客利用的漏洞
https://www.landiannews.com/archives/56379.html
Pompem :一款功能强大的漏洞利用&挖洞工具
https://www.freebuf.com/sectool/197478.html
Xsuite遠程代碼執行漏洞:代碼筆誤導致獲得域管理權限(CVE-2018-9022)
https://www.4hou.com/vulnerable/16664.html
Q1, 2019 SPECIAL REPORT BY A10 SECURITY RESEARCH
https://www.a10networks.com/sites/default/files/A10-EB-14115-EN.pdf
Regipy: Automating registry forensics with python
https://bit.ly/2O0Nxuq
利用網頁套接字跨站劫持(CSWH)漏洞接管帳戶
https://nosec.org/home/detail/2335.html
SSRFmap:一款功能強大的自動化SSRF模糊測試和漏洞利用工具
https://www.freebuf.com/sectool/197353.html
找到盲XSS漏洞的簡單方法
https://nosec.org/home/detail/2339.html
WinRAR目錄穿越漏洞淺析及復現(CVE-2018-20250)
https://www.freebuf.com/vuls/197745.html
CVE-2019-0797 windows 0 day漏洞分析
https://www.4hou.com/vulnerable/16768.html
CVE-2019-9213——linux內核用戶空間0虛擬地址映射漏洞分析
https://www.anquanke.com/post/id/173356
HACKING WEB SOCKETS: ALL WEB PENTEST TOOLS WELCOMED
https://bit.ly/2HfTvqS
HiSilicon DVR hack pwn-hisilicon-dvr
https://github.com/mcw0/pwn-hisilicon-dvr/blob/master/README.adoc
Playing with CloudGoat part 1: hacking AWS EC2 service for privilege escalation
https://medium.com/@rzepsky/playing-with-cloudgoat-part-1-hacking-aws-ec2-service-for-privilege-escalation-4c42cc83f9da
Playing with CloudGoat part 2: fooling AWS CloudTrail and getting persistent access
https://medium.com/@rzepsky/playing-with-cloudgoat-part-2-fooling-cloudtrail-and-getting-persistence-access-6a1257bb3f7c
Playing with CloudGoat part 3: using AWS Lambda for privilege escalation and exploring a LightSail service
https://medium.com/@rzepsky/playing-with-cloudgoat-part-3-using-aws-lambda-for-privilege-escalation-and-exploring-a-lightsail-4a48688335fa
Playing with CloudGoat part 4: security nuances of AWS Glue, CodeBuild and S3 services
https://medium.com/@rzepsky/playing-with-cloudgoat-part-4-security-nuances-of-aws-glue-codebuild-and-s3-services-cc67fb88cc46
Playing with CloudGoat part 5: hacking AWS with Pacu
https://medium.com/@rzepsky/playing-with-cloudgoat-part-5-hacking-aws-with-pacu-6abe1cf5780d
Post 0x18.1: Analysing ISFB – The First Loader
https://0ffset.net/reverse-engineering/malware-analysis/analysing-isfb-loader/
F.商業
打造全台第一座! 中台灣全新國際高防數據中心
https://www.nownews.com/news/20190311/3264363/
資安廠商 F5 Networks 宣布以 6 億 7,000 萬美元,朝應用服務業務轉型
https://technews.tw/2019/03/12/security-company-f5-networks-buy-ngnix-fox-670-million/
中華電信攜手日本軟銀公司簽署合作備忘錄 共同發展物聯網與人工智能
http://n.yam.com/Article/20190314767291
BlackBerry 強化與美國政府資安解決方案合作,成立全資子公司 BlackBerry Goverment Solution
https://www.cool3c.com/article/141807
【打破傳統主控臺條列呈現,端點攻擊事件調查也可以非常酷炫】臺灣3大EDR系統功能總覽
https://www.ithome.com.tw/tech/129302
國際雲端信箱服務異常 Openfind 雲服務提供緊急收發救援
https://times.hinet.net/news/22274884
善用 Fortify 檢測工具建立應用程式安全性
https://marketing.ares.com.tw/dm/newsletter-2019-03-cyber-security/it
Fortify 程式碼檢測 全方位防範網路安全威脅與攻擊
https://marketing.ares.com.tw/dm/newsletter-2019-03-cyber-security/focus
F5 Acquires NGINX to Bridge NetOps & DevOps, Providing Customers with Consistent
Application Services Across Every Environment
https://bit.ly/2CicWeu
F5 Networks Acquires NGINX For $670 Million
https://bit.ly/2CjMhxU
G.政府
金融業雲端服務委外 金管會要求備退場機制
https://bit.ly/2NVjNiE
政院成立即時新聞澄清專區 公部門卻相互打臉
https://tw.appledaily.com/new/realtime/20190310/1530406/
雲嘉嘉南四縣市 智慧資安區域聯防啟動
https://udn.com/news/story/7326/3690497
防業界高薪挖角,行政院資安處竟想出
https://www.ptt.cc/bbs/Tech_Job/M.1517194818.A.7BD.html
5G國安監控比照大陸無所遁形? 蘇貞昌:用來服務人民不是監控
https://www.ettoday.net/news/20190312/1397150.htm
資訊系統分級與資安防護基準作業規定 108年3月5日停止適用
http://www.rootlaw.com.tw/LawArticle.aspx?LawID=A040020001004100-1080305
宜蘭縣政府強化資安,投入四千一百餘萬預算
https://bit.ly/2F6s4xj
世界第一新技術 蔡英文臉書高喊「台灣難波萬」
https://m.ltn.com.tw/news/politics/breakingnews/2726030
NCC:國安機制已啟動調查「關注31條」
https://bit.ly/2VXYOhR
有線電視收費上限600元、2台機上盒免費提供 業者盼不設限
https://tw.news.appledaily.com/life/realtime/20190314/1533048/
電信管理法初審通過 偏鄉將開放國內漫遊
https://tw.news.appledaily.com/life/realtime/20190314/1533047/
電信管理法初審 增訂國安條款
https://news.ltn.com.tw/news/focus/paper/1274264
反制一國兩制,蔡英文提指導綱領因應新型態國安威脅
https://www.ithome.com.tw/news/129322
國防安全研究院網路作戰講座 強化安全能量
https://n.yam.com/Article/20190314655994
中國騰訊疑鑽法律漏洞來台 陸委會:將與NCC、文化部等嚴格把關
https://bit.ly/2HnmA3B
中共邏輯異於常人 陸委會:應多翻牆
https://bit.ly/2HnhsfS
傳騰訊5月進軍台灣 陸委會示警:恐挾帶中國戰略指示
https://www.taiwannews.com.tw/ch/news/3658576
中國國台辦註冊台灣網域NCC軟綿綿無作為? 綠委痛批:歐美都已加強戒備,「只有台灣繼續裝睡!」
https://bit.ly/2Y0Cy9g
ICO升級STO 金管會:相關法規預計6月出爐
https://bit.ly/2Co7HKk
Kolas:扯到「養網軍」太離譜了 政院新媒體勞務預算449萬
https://udn.com/news/story/12789/3698308
H.SCADA/ICS/工控系統
Kunbus工業網關爆高危漏洞,可被黑客控制
https://www.secrss.com/articles/8881
工控機與物聯網裝置所面臨的安全挑戰
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=8719
工業以太網交換機中的漏洞允許黑客攻擊
https://bit.ly/2JdYYjR
2018 A Defining Year for ICS Cyber Security Leader Nozomi Networks
https://www.apnews.com/Globe%20Newswire/deac1159f17c7bd52defbe6c207e7f46
I.教育訓練
107年度資安教育訓練-區塊鍊與虛擬貨幣發展趨勢
http://ic.cgu.edu.tw/ezfiles/18/1018/img/322/152228104.pdf
107年度資安教育訓練-智慧型行動裝置安全管理
http://ic.cgu.edu.tw/ezfiles/18/1018/img/322/746328414.pdf
108年度上半年資訊安全教育訓練教材
https://www.boaf.gov.tw/site/boaf/public/Attachment/931515585371.pdf
惡意程式發展趨勢及防範機制
https://bit.ly/2HleloP
AWS Certification Training Courses – Get 2019 Bundle @ 96% OFF
https://bit.ly/2UzTjFU
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機
賽迪機器人報告:多款服務機器人存安全漏洞
https://news.sina.com.tw/article/20190315/30480188.html
消委會:家電引入通訊功能 籲慎用智能裝置保私隱
https://hk.on.cc/hk/bkn/cnt/news/20190314/bkn-20190314100027534-0314_00822_001.html
資安專家:汽車防盜系統可被遠端挾持,可能讓汽車更不安全
https://www.ithome.com.tw/news/129241
Pandora Viper 汽車防盜系統被曝漏洞,黑客可挾持車輛中途停車
http://www.sohu.com/a/300653890_100028490?sec=wd
培養第三語言能力 成大AI課程正流行
https://bit.ly/2F57uxr
邊緣運算在工業物聯網扮演的角色
https://tw.appledaily.com/new/realtime/20190313/1532042/
日月光整合資安、數位轉型 推動半導體工業4.0風險管理思維
https://news.cnyes.com/news/id/4288674?exp=b
風險與資安管理 SEMI:發展工業4.0的核心技術與挑戰
https://times.hinet.net/news/22272168
全球智能產品231億個 不設防小心成實境秀被看光光
https://udn.com/news/story/7240/3698851
居家遭陌生人看光光 消保處籲智能產品務必更改密碼
https://tw.appledaily.com/new/realtime/20190315/1533701/
網路攝影機恐讓私密外漏 消基會籲:別買白牌產品
https://news.ltn.com.tw/news/life/breakingnews/2727813
物聯網興起 智能產品隱私保護成課題
https://news.pts.org.tw/article/425654
物聯網怎麼防被「駭」?智能產品密碼確保複雜度
https://bit.ly/2O2YFac
駭客看光光!OL上班嚇傻「套房攝影機自轉」 消保處:別買白牌
https://www.ettoday.net/news/20190315/1400015.htm
This Week in Security News: IoT Threats and Risks
https://blog.trendmicro.com/this-week-in-security-news-iot-threats-and-risks/
Smart 'unhackable' car alarms open the doors of 3 million vehicles to hackers
https://www.zdnet.com/article/smart-car-alarms-opened-the-doors-of-3-million-vehicles-to-hackers/#ftag=RSSbaffb68
This Week in Security News: IoT Threats and Risks
https://blog.trendmicro.com/this-week-in-security-news-iot-threats-and-risks/
6.近期資安活動及研討會
臺灣好厲駭資安實務培訓暨資安實務攻防研習營Hacking Weekend 3/16
https://docs.google.com/forms/d/e/1FAIpQLSeGLmh8DnV3dvJpyDD1XF9wxQ9bM-yC6VYeJpR0XnCgSmWzYg/viewform
【課程】社群力:Instagram 行銷策略,熱門 IG 必勝操作公式、平台關鍵數據分析,打造優質內容行銷 3/16
https://www.techbang.com/posts/68116-course-society-qunli-instagram-marketing-strategy
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, March 20, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzfbbc/
網路封包分析實務 3/20
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3833&from_course_list_url=homepage
HackingThursday 固定聚會 March 21, 2019
https://www.meetup.com/hackingthursday/events/vkhnnqyzfbcc/
網路封包分析實務 3/21
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3833&from_course_list_url=homepage
iOS反編譯及繞過相關檢測概念 3/22
https://hackersir.kktix.cc/events/fcu190322
【課程】深度學習 x 語意分析實戰,學習自然語言處理、語意分析的深入概念,從零打造真正懂語意的人工智慧 3/23
https://www.techbang.com/posts/60588-course-deep-learning-practice-as-a-chat-robot
國立交通大學 亥客書院 - 網路流量分析與檢測 3/23
https://hackercollege.nctu.edu.tw/?p=1036
UCCU 2019 技術交流小聚 3月 3/23
https://kktix.com/events?utf8=%E2%9C%93&search=%E8%B3%87%E5%AE%89&start_at=2019%2F03%2F15
Black Hat Asia 2019 2019年3月26-29日
https://ubm.io/2zZu87q
「以AI之矛,攻AI之盾」研討會 3/27
https://twnic-icann.kktix.cc/events/108-1
kubernetes 入門實作 3/28
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3789&from_course_list_url=homepage
HackingThursday 固定聚會 March 28, 2019
https://www.meetup.com/hackingthursday/events/vkhnnqyzfblc/
【課程】Webduino x AIoT 深度學習實作,自製 Camera 雲台機構、實作影像處理與物體追蹤,打造 AIoT 應用 3/30
https://www.techbang.com/posts/63282-course-webduino-x-aiot-image-identification-practice
Elixir台灣 台北 Meetup # Monday, April 1, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzgbcb/
Modeling Sequences with Recurrent Neural Networks, RNN Wednesday, April 3, 2019
https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257484461/
網路封包分析實務 4/11
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3826&from_course_list_url=homepage
【課程】大數據爬蟲技術實作,使用Python實作網路爬蟲,快速有效獲取大量資料,打造自動化金融數據平台 4/13
https://www.techbang.com/posts/58613-course-python-crawler-technology-implementation
2019 ICANN APAC-TWNIC Engagement forum 4/16~4/17
https://forum.twnic.tw/
Industrial Control Systems (ICS) Cyber Security Conference APAC April 16-18, 2019
https://www.icscybersecurityconference.com/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, April 17, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzgbwb/
網站弱點評估實務 4/18
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3830&from_course_list_url=homepage
國立交通大學 亥客書院 - 緩衝區溢位攻擊與預防 新竹 4/20
https://hackercollege.nctu.edu.tw/?p=1052
資安健診 4/25
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3834&from_course_list_url=homepage
國立交通大學 亥客書院 - 基礎網站安全建構實務 5/4
https://hackercollege.nctu.edu.tw/?p=1045
Pwn入門 5/5
https://hackersir.kktix.cc/events/fcu190505
Elixir台灣 台北 Meetup # Monday, May 6, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/
資安健診 5/9
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3827&from_course_list_url=homepage
國立交通大學 亥客書院 -電子郵件之偽造攻擊與防護措施安全通訊協定 5/11
https://hackercollege.nctu.edu.tw/?p=1054
iTHome 台灣雲端大會 Cloud Summit 2019 2019年 5 月 15 日 (三) 09:00~17:00
https://cloudsummit.ithome.com.tw/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, May 15, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzhbtb/
網路封包分析實務 5/16
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3831&from_course_list_url=homepage
源碼檢測實作 5/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3835&from_course_list_url=homepage
第二十九屆全國資訊安全會議 5/23 ~ 5/24
https://cisc2019.cs.pu.edu.tw/index.php
International Conference CONSTRUCTIVE THEORY OF FUNCTIONS - 2019 SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/
國立交通大學 亥客書院 - 密碼系統之漏洞、修補與檢測 6/15
https://hackercollege.nctu.edu.tw/?p=1039
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, June 19, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzjbzb/
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
訂閱:
張貼留言 (Atom)
2024年 12 月份資安、社群活動分享
2024年 12 月份資安、社群活動分享 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/12/3 https://www.meetup.com/taiwan-code-camp/e...
-
2024年 3月份資安、社群活動分享 線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://b...
-
2024年 2月份資安、社群活動分享 Taipei All About API Meetup Group - Meet and Greet, 01 Feb 2024, 07:00 PM 2024/2/1 https://www.meetup.com/taipei-all-a...
-
2024年 5 月份資安、社群活動分享 資安五四三 2024/5/2 https://csa.kktix.cc/events/202405-543 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/5/2 http...
沒有留言:
張貼留言