資安事件新聞週報 2019/3/25 ~ 2019/3/29
1.重大弱點漏洞
Drupal 存在安全性弱點
https://www.drupal.org/sa-core-2019-004
思科修補產品重大RCE漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16219
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=50#~Vulnerabilities
Windows 10 與 Windows Server 2019 DHCP 存有可遠端執行程式碼的漏洞
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5087
Mozilla Firefox瀏覽器存在安全漏洞(CVE-2019-9810與CVE-2019-9813)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1098
Mozilla Firefox瀏覽器存在安全漏洞,允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5089
Apache Solr存在安全漏洞(CVE-2019-0192)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1096
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
https://www.exploit-db.com/exploits/46595
Apache Tomcat 阻斷服務漏洞
https://www.auscert.org.au/bulletins/77766
PuTTY存在多個安全性漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1430
研究發現羅技M185等熱門無線鼠標易受到MouseJack漏洞攻擊
https://bit.ly/2HJAnSk
1.重大弱點漏洞
Drupal 存在安全性弱點
https://www.drupal.org/sa-core-2019-004
思科修補產品重大RCE漏洞
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16219
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=50#~Vulnerabilities
Windows 10 與 Windows Server 2019 DHCP 存有可遠端執行程式碼的漏洞
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5087
Mozilla Firefox瀏覽器存在安全漏洞(CVE-2019-9810與CVE-2019-9813)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1098
Mozilla Firefox瀏覽器存在安全漏洞,允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5089
Apache Solr存在安全漏洞(CVE-2019-0192)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1096
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
https://www.exploit-db.com/exploits/46595
Apache Tomcat 阻斷服務漏洞
https://www.auscert.org.au/bulletins/77766
PuTTY存在多個安全性漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1430
研究發現羅技M185等熱門無線鼠標易受到MouseJack漏洞攻擊
https://bit.ly/2HJAnSk
WinRAR軟體漏洞曝光:可植入惡意文件 需儘快升級
https://read01.com/6BndjD5.html
Nullsoft Scriptable Install System (NSIS)軟體含有DLL Hijacking漏洞,影響多個 web 應用程式
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5090
WinRAR 先前修補好的長年漏洞,已用於多起 APT 攻擊事件
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=824
Google fixes Chrome 'evil cursor' bug abused by tech support scam sites
https://www.zdnet.com/article/google-fixes-chrome-evil-cursor-bug-abused-by-tech-support-scam-sites/#ftag=RSSbaffb68
Cisco bungled RV320/RV325 patches, routers still exposed to hacks
https://www.zdnet.com/article/cisco-bungled-rv320rv325-patches-routers-still-exposed-to-hacks/#ftag=RSSbaffb68
Microsoft officially designates Windows 10 1809 as ready for broad deployment
https://www.zdnet.com/article/microsoft-officially-designates-windows-10-1809-as-ready-for-broad-deployment/#ftag=RSSbaffb68
Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)
https://www.exploit-db.com/exploits/46604
Windows 10 update: The complete guide for businesses of every size
https://www.zdnet.com/article/windows-10-update-the-complete-guide/#ftag=RSSbaffb68
JVN#63981842 PowerActPro Master Agent Windows版におけるアクセス制限不備の脆弱性
https://jvn.jp/jp/JVN63981842/
Apache Tomcat の脆弱性 (CVE-2019-0199) について
https://www.jpcert.or.jp/newsflash/2019032601.html
Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)
https://www.exploit-db.com/exploits/46628
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)
https://www.exploit-db.com/exploits/46625
VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation
https://www.exploit-db.com/exploits/46601
VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation
https://www.exploit-db.com/exploits/46600
Apple 多個產品存在安全性弱點
https://support.apple.com/en-us/HT201222
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
金融資安演習 11月紅藍開戰
https://www.chinatimes.com/newspapers/20190322000339-260205
香港金管局:9月中對銀行網絡保安進行第三階段測試
http://hd.stheadline.com/news/realtime/fin/1462497/
香港金管局李達志:目標年內修訂網絡防衛計劃
https://bit.ly/2HHCpT4
香港作為國際金融中心,支付、融資、STO樣樣皆宜
http://news.knowing.asia/news/0e1cc40e-ccd9-4375-b99e-5c16e29ca596
永旺信用卡驚爆熄燈 6月起退出台灣
https://bit.ly/2HFpIIk
金管會:Apple Card此卡非彼卡 「非我所管」
https://udn.com/news/story/7239/3719017
電子貨幣、虛擬貨幣、數位通貨有何不同?兩張圖一次搞懂
https://money.udn.com/money/story/5613/3721397
香港銀行業新里程 3家網路銀行誕生
https://fnc.ebc.net.tw/FncNews/Content/75105
涉洗錢,瑞典銀行總部昨遭警方搜索
https://www.chinatimes.com/realtimenews/20190328004181-260410?chdtv
LINE Bank喊資料落地台灣 金管會:要確保資料監理得到
https://money.udn.com/money/story/5613/3723350
《金融》IFRS17對保險業衝擊,金管會:現在不能說
https://bit.ly/2TGBgwr
“Bad Tidings” Phishing Campaign Impersonates Saudi Government Agencies and a Saudi Financial Institution
https://www.anomali.com/blog/bad-tidings-phishing-campaign-impersonates-saudi-government-agencies-and-a-saudi-financial-institution
State-sponsored cyberattacks on banks on the rise: report
https://www.reuters.com/article/us-cyber-banks/state-sponsored-cyberattacks-on-banks-on-the-rise-report-idUSKCN1R32NJ
Meet Apple Card, no late fee: Apple becomes a banking player
https://www.zdnet.com/article/meet-apple-card-no-late-fee-apple-becomes-a-bank/#ftag=RSSbaffb68
Brazilian bank Bradesco reaches new AI high
https://www.zdnet.com/article/brazilian-bank-bradesco-reaches-new-ai-high/#ftag=RSSbaffb68
Hydro on Cyber Gate Expert: The attempts to influence financial markets – Businesses
https://satmu.com/norway/hydro-on-cyber-%E2%80%8B%E2%80%8Bgate-expert-the-attempts-to-influence-financial-markets-businesses/
Despite arrests, FIN7 launched 2018 attack campaigns featuring new malware
https://www.scmagazine.com/home/security-news/despite-arrests-fin7-launched-2018-attack-campaigns-featuring-new-malware/
UN Security Council panel finds Cosmos Bank cyber attack motivated by N Korea
https://bit.ly/2Tyi3x7
3.電子支付/電子票證/行動支付/ 新聞及資安
搶進印度行動支付市場 小米在印度推出小米支付
https://tw.appledaily.com/new/realtime/20190321/1536710/
群創組聯盟 攻行動支付辨識
https://money.udn.com/money/story/5612/3676323
蘋果新服務搶先看 用戶隱私 滴水不漏
https://bit.ly/2Uckfic
4.支付系統 / 電子支付 / 行動支付
萬事達卡創新實驗室 要讓「萬物皆可付」成真
https://www.gvm.com.tw/article.html?id=60252
電子支付百家爭鳴 台灣普及率過半
https://bit.ly/2HW4tkO
免臨櫃結帳!全家宣布開通 Fami Pay 線上支付
https://www.inside.com.tw/article/15928-famipay-online-payment
中國人行:2019年要全面推廣移動支付系統
https://hk.on.cc/hk/bkn/cnt/finance/20190329/bkn-20190329173140726-0329_00842_001.html
5.虛擬貨幣/區塊鍊 新聞及資安
林一泓批遊戲點數卡公司不負責任 歐買尬以區塊鏈防詐騙
https://tw.appledaily.com/new/realtime/20190329/1541801/
推特創始人始終支持閃電網路、公開宣布定投比特幣、大力讚美區塊鏈
http://news.knowing.asia/news/b91f931a-0c0a-4641-918d-aa9d0f6a9a0c
區塊鏈安全 - 溢出的BEC漏洞
https://xz.aliyun.com/t/4387
資安大師大批區塊鏈其實沒那麼值得信任
https://www.ptt.cc/bbs/DigiCurrency/M.1552977689.A.74A.html
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體
病毒通告:Backdoor.Win32.SLUB.A 攻擊者透過後門執行惡意指令,以達成危害並影響系統
https://www.trendmicro.com/vinfo/tw/threat-encyclopedia/malware/Trojan.Win32.CVE20151701.E
喬治亞州傑克森郡政府遭勒索軟體攻擊
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16221
上周遭勒贖軟體癱瘓的挪威海德魯鋁業公司,部分業務已逐漸復原
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=828
新種Mirai殭屍網路死灰復燃,這次目標是企業級IoT裝置
https://www.ithome.com.tw/news/129449
假防毒軟體充斥社群媒體,誘騙點入釣魚網站
https://blog.trendmicro.com.tw/?p=59760
巨集病毒Powload 再進化:從無檔案式技巧到圖像隱碼術
https://blog.trendmicro.com.tw/?p=60072
新款Android木馬程式Gustuff鎖定金融程式與加密貨幣程式
https://www.ithome.com.tw/news/129672
VirusTotal debuts retro, simplified interface for legacy systems
https://www.zdnet.com/article/virustotal-launches-new-retro-simplified-interface/#ftag=RSSbaffb68
LockerGoga bug crashes ransomware before encrypting files
https://www.zdnet.com/article/lockergoga-bug-crashes-ransomware-before-encrypting-files/#ftag=RSSbaffb68
LockerGoga Ransomware Suspected in Two More Attacks
https://www.bankinfosecurity.com/lockergoga-ransomware-suspected-in-two-more-attacks-a-12242
ASUS releases fix for Live Update tool abused in ShadowHammer attack
https://www.zdnet.com/article/asus-releases-fix-for-live-update-tool-abused-in-shadowhammer-attack/#ftag=RSSbaffb68
Analysis of the ShadowHammer backdoor
https://mauronz.github.io/shadowhammer-backdoor/
ShadowHammer: Malicious updates for ASUS laptops
https://www.kaspersky.com/blog/shadow-hammer-teaser/26149/
'Operation ShadowHammer' Shows Weakness of Supply Chains
https://www.bankinfosecurity.com/operation-shadowhammer-shows-weakness-supply-chains-a-12251
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers
https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers
Hijacked ASUS Live Update software installs backdoors on countless PCs worldwide
https://www.zdnet.com/article/supply-chain-attack-installs-backdoors-through-hijacked-asus-live-update-software/#ftag=RSSbaffb68
華碩電腦集體被植入後門病毒?卡巴斯基:恐百萬台華碩電腦中毒
https://applealmond.com/posts/50107
華碩電腦 Live Update遭駭,百萬使用者恐安裝惡意軟體
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=827
運用 GitHub 並透過 Slack 來通訊的最新 SLUB 後門程式
https://blog.trendmicro.com.tw/?p=59923
Buhtrap新動向:針對俄羅斯、白俄羅斯金融機構的攻擊活動
https://s.tencent.com/research/report/683.html
Norsk Hydro will not pay ransom demand and will restore from backups
https://www.zdnet.com/article/norsk-hydro-will-not-pay-ransom-demand-and-will-restore-from-backups/#ftag=RSSbaffb68
Norsk Hydro ransomware incident losses reach $40 million after one week
https://www.zdnet.com/article/norsk-hydro-ransomware-incident-losses-reach-40-million-after-one-week/#ftag=RSSbaffb68
Norsk Hydro's Ransomware Headache
https://www.bankinfosecurity.com/interviews/norsk-hydros-ransomware-headache-i-4277
Ransomware Attack Costs Norsk Hydro $40 Million - So Far
https://www.bankinfosecurity.com/ransomware-attack-costs-norsk-hydro-40-million-so-far-a-12269
Interception: Dissecting BokBot’s “Man in the Browser”
https://www.crowdstrike.com/blog/bokbots-man-in-the-browser-overview/
Due to the growing demand for Android banking malware, threat actors continue using Anubis even is the creator has vanished.
Introduction
https://securityaffairs.co/wordpress/82874/malware/anubis-ii-malware.html
KBuster: Fake Bank App in South Korean
https://ti.360.net/blog/articles/kbuster-fake-bank-app-in-south-korean-en/
Malware researchers at Cybaze-Yoroi ZLab team uncovered a new Ursnif malware campaign that reached several organizations across Italy
https://securityaffairs.co/wordpress/82921/malware/ursnif-threatening-italy.html
Report: Half of Breaches Trace to Hacking, Malware Attacks
https://www.bankinfosecurity.com/report-half-breaches-trace-to-hacking-malware-attacks-a-12255
Tinynuke Banking Trojan
https://www.pcrisk.com/removal-guides/14761-tinynuke-banking-trojan
Gustuff Android banking trojan targets 125+ banking, IM, and cryptocurrency apps
https://www.zdnet.com/article/gustuff-android-banking-trojan-targets-100-banking-im-and-cryptocurrency-apps/
TRICKBOT | TECHNICAL ANALYSIS OF A BANKING TROJAN MALWARE
https://www.sentinelone.com/blog/trickbot-technical-analysis-banking-trojan-malware/
B.行動安全 / iPhone / Android /穿戴裝置 /App
最新臺灣資安產業標準發展現況揭露,已有5家認可實驗室正式上路
https://www.ithome.com.tw/news/129458
愛情銀行App:因內容違規被監管部門強制要求下架整改
https://news.sina.com.tw/article/20190325/30629662.html
驚現安全漏洞 5G我們還能放心用嗎
https://iview.sina.com.tw/post/18831138
Presto手機應用漏洞 令乘車收費系統癱瘓
http://www.epochtimes.com/b5/19/3/19/n11125489.htm
資安業者:多款手機遊戲藏惡意廣告軟體 預估全球1.5億安卓使用者受害
https://www.ettoday.net/news/20190320/1403617.htm
全球1.5億安卓使用者受害!多款手機遊戲內藏惡意廣告軟體SimBad
https://newtalk.tw/news/view/2019-03-20/222414
Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely
https://bit.ly/2HZXdVm
Latest iOS 12.2 Update Patches Some Serious Security Vulnerabilities
https://bit.ly/2FJ7jrY
C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件
加密再加密!7招防盜 網路資產不外洩
https://bit.ly/2HU50Uw
英國國安單位:華為整體資安架構存有嚴重的系統化弊病
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=829
去年第四季 DDoS 攻擊量體大減 85%
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=825
巴基斯坦政府網站遭駭客植入按鍵記錄軟體
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=823
「火眼」揭秘中共網絡間諜機構APT40
https://hk.epochtimes.com/news/2019-03-18/12511001
數位戰爭 小國收編駭客戰隊
https://news.ltn.com.tw/news/world/paper/1276193
FTC asks broadband providers to disclose how they collect user data
https://www.zdnet.com/article/ftc-asks-broadband-providers-to-disclose-how-they-collect-user-data/#ftag=RSSbaffb68
Cyber attack on Dubai school network, parents warned
https://gulfnews.com/uae/cyber-attack-on-dubai-school-network-parents-warned-1.62883738
Credential stuffing attack: What is it and how to stay protected
https://cyware.com/news/credential-stuffing-attack-what-is-it-and-how-to-stay-protected-26185075
AT&T Cybersecurity Sets Sights on Threat Intelligence
https://www.bankinfosecurity.asia/att-cybersecurity-sets-sights-on-threat-intelligence-a-12246
Top dark web marketplace will shut down next month
https://www.zdnet.com/article/top-dark-web-marketplace-will-shut-down-next-month/#ftag=RSSbaffb68
Cyber attack targets Domestic Church Media audio files
https://trentonmonitor.com/main.asp?SectionID=5&SubSectionID=46&ArticleID=20394
Australia's Crypto-Cracking Law Is Spooking Big Tech
https://www.bankinfosecurity.com/australias-crypto-cracking-law-spooking-big-tech-a-12277
Leveraging Hidden DNS Information to Fight Threats
https://www.bankinfosecurity.com/leveraging-hidden-dns-information-to-fight-threats-a-12266
DOD launches milDrive, the US military's Dropbox clone
https://www.zdnet.com/article/dod-launches-mildrive-the-us-militarys-dropbox-clone/#ftag=RSSbaffb68
Report deems Russia a pioneer in GPS spoofing attacks
https://www.zdnet.com/article/report-deems-russia-a-pioneer-in-gps-spoofing-attacks/#ftag=RSSbaffb68
The Tao of Zero Trust
https://www.zdnet.com/article/the-tao-of-zero-trust/#ftag=RSSbaffb68
10 Things Security Analysts Can Do for Free in TC Open
https://threatconnect.com/10-things-security-analysts-can-do-for-free-tc-open/
Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.
https://www.symantec.com/blogs/threat-intelligence/elfin-apt33-espionage
New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep
https://bit.ly/2FxkPhf
Medtronic's Implantable Defibrillators Vulnerable to Life-Threatening Hacks
https://bit.ly/2FvICOk
Android WARNING: This scam could be draining your phone's battery life and data
https://www.express.co.uk/life-style/science-technology/1104566/Android-warning-smartphone-scam-draining-user-battery-and-internet-allowance
Informatica update revolves around multi-cloud, serverless, AI support
https://www.zdnet.com/article/informatica-update-revolves-around-multi-cloud-serverless-ai-support/#ftag=RSSbaffb68
Cryptocurrency platforms DragonEx and CoinBene disclose hacks
https://www.zdnet.com/article/cryptocurrency-platforms-dragonex-and-coinbene-disclose-hacks/#ftag=RSSbaffb68
North Korean hackers continue attacks on cryptocurrency businesses
https://www.zdnet.com/article/north-korean-hackers-continue-attacks-on-cryptocurrency-businesses/#ftag=RSSbaffb68
Corp IT- 資安網管工程師 (內湖)
https://m.104.com.tw/job/6jug6?jobsource=m104
板橋〈資安〉工程師
https://www.104.com.tw/job/?jobno=6jwq9
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
狂!報稅釣魚 電話、網路騙很大
https://vision.udn.com/vision/story/12935/3719769
假新聞等關鍵基礎設施攻擊將會更加氾濫,趨勢科技呼籲全民需提高發覺異常的意識
https://www.ithome.com.tw/news/129430
關鍵基礎設施包括網路架構與網站平台?趨勢:假消息會變換型式影響各國政經情勢
https://bit.ly/2HyV57i
強如 Google、Facebook 也難逃郵件詐騙,曾因此損失 1.23 億美元
https://bit.ly/2I3alsR
繳稅旺季!基隆市警局提醒誤陷詐騙圈套
https://tw.appledaily.com/new/realtime/20190329/1541800/
2018年全球身分外洩事件數量為2017年的4倍
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16220
Facebook 承認用明碼文字檔儲存數億用戶密碼
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=826
歷年十大資料外洩事件
https://blog.trendmicro.com.tw/?p=59745
Google 移除 23 億個廣告、帳戶,以發佈廣告政策管理工具
https://blog.trendmicro.com.tw/?p=60011
GDPR: Data Breach Notification 101
https://www.bankinfosecurity.asia/gdpr-data-breach-notification-101-a-12232
Facebook Mistakenly Stored Millions of Users' Passwords in Plaintext
https://bit.ly/2HEOTL9
Facebook takes down thousands of pages, groups, and accounts in fake news war
https://www.zdnet.com/article/facebook-takes-down-thousands-of-pages-groups-and-accounts-in-fake-news-war/#ftag=RSSbaffb68
Telegram now lets you remotely delete private chats from both devices
https://www.zdnet.com/article/telegram-now-lets-you-remotely-delete-private-chats-from-both-devices/#ftag=RSSbaffb68
E.研究報告
個案分析-網頁置換攻擊事件分析報告_10803
https://cert.tanet.edu.tw/prog/opendoc.php?id=2019032804031111927055681912994.pdf
微軟安全響應中心手把手教學:如何撰寫高質量的漏洞報告
https://www.secrss.com/articles/9151
Kunpeng:一次跨語言跨平台漏洞檢測框架使用體驗和實踐
https://www.freebuf.com/sectool/197736.html
SAP 開源SCA 工具,掃描軟件包依賴漏洞
https://www.oschina.net/news/105254/sap-opensource-vulnerability-assessment-tool
CVE-2019-0604:一個SharePoint 的RCE 漏洞
https://www.anquanke.com/post/id/173476
Microsoft Edge CVE-2019-0539漏洞分析與利用
https://www.anquanke.com/post/id/173475
CVE-2019-5786 Chrome 遠程代碼執行漏洞分析
https://paper.seebug.org/862/
elFinder遠程代碼執行漏洞(CVE-2019-9194)分析復現附:利用POC
https://zhuanlan.zhihu.com/p/59554547
Cloudflare開源能夠檢測HTTPS攔截的函式庫MITMEngine
https://www.ithome.com.tw/news/129455
Researchers find 36 new security flaws in LTE protocol
https://www.zdnet.com/article/researchers-find-36-new-security-flaws-in-lte-protocol/#ftag=RSSbaffb68
Critical flaw revealed in Facebook Fizz TLS project
https://www.zdnet.com/article/critical-flaw-revealed-in-facebook-fizz-tls-project/#ftag=RSSbaffb68
OSIF – Open Source Information Facebook
https://haxf4rall.com/2019/03/24/open-source-information-facebook/
Mac Forensics — No One Said It Would Be Easy
https://medium.com/dfir-dudes/mac-forensics-no-one-said-it-would-be-easy-8bf2f5e4956c
Over 100,000 GitHub repos have leaked API or cryptographic keys
https://www.zdnet.com/article/over-100000-github-repos-have-leaked-api-or-cryptographic-keys/
Webtech - Identify Technologies Used On Websites
https://www.kitploit.com/2019/03/webtech-identify-technologies-used-on.html
yampelo/beagle
https://github.com/yampelo/beagle
JPCERTCC/DetectLM
https://github.com/JPCERTCC/DetectLM
The Hunter Games
http://10degres.net/platform-tournament/index.html
Modlishka - An Open Source Phishing Tool With 2FA Authentication
https://www.kitploit.com/2019/02/modlishka-open-source-phishing-tool.html
GitHub key leaks and how to prevent them
https://www.kaspersky.com/blog/tokens-on-github/26238/?utm_source=dlvr.it&utm_medium=twitter
mkYARA – Writing YARA rules for the lazy analyst
https://blog.fox-it.com/2019/03/28/mkyara-writing-yara-rules-for-the-lazy-analyst/
Threat Hunting in Linux for Indicators of Rocke Cryptojacking
https://redcanary.com/blog/rocke-cryptominer/?utm_content=88188781&utm_medium=social&utm_source=linkedin&hss_channel=lcp-3621373
Threat Research Commando VM: The First of Its Kind Windows Offensive Distribution
https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html
fireeye/commando-vm
https://github.com/fireeye/commando-vm
F.商業
LINE將在臺建置網路資料中心,預計今年第三季建置完成
https://www.ithome.com.tw/news/129579
趨勢科技籲:潛在資安風險不容小覷
https://www.chinatimes.com/realtimenews/20190319001472-260410?chdtv
橋接國內業者與東南亞夥伴,跨出臺灣資安產業國際化的關鍵大步
https://ithome.com.tw/pr/129388
思科資安總工程師:應對雲端、多雲新威脅,企業防禦不僅要綜觀全局,更得要採取新一代資安防護架構迎戰
https://www.ithome.com.tw/news/129440
台灣自主研發資安產品 強攻國際市場
https://money.udn.com/money/story/5613/3705507
Windows Calculator will get a 'graphing mode'
https://www.zdnet.com/article/windows-calculator-will-get-a-graphing-mode/#ftag=RSSbaffb68
Microsoft Brings Defender ATP Platform to macOS
https://www.bankinfosecurity.com/microsoft-brings-defender-atp-platform-to-macos-a-12227
Microsoft expands its patent protection program to include Azure-powered IoT devices
https://www.zdnet.com/article/microsoft-expands-its-patent-protection-program-to-include-azure-powered-iot-devices/#ftag=RSSbaffb68
Facebook charged with violating Fair Housing Act through discriminatory ad targeting
https://www.zdnet.com/article/facebook-charged-with-violating-fair-housing-act-through-discriminatory-ad-targeting/#ftag=RSSbaffb68
Get 4 Essential CyberSecurity Software For Less Than $10 Per Month
https://bit.ly/2U0578n
G.政府
立院三讀通過銀行法、證券交易法修正案
https://bit.ly/2HTmznA
民間版鐵路訂票APP侵權 研發者賺70萬罰6萬
https://www.chinatimes.com/realtimenews/20190319002532-260402?chdtv
雲端個資 金管會3防線保護
https://ec.ltn.com.tw/article/paper/1277404
雲端資料管理辦法 兩原則出爐
https://bit.ly/2FA5TyU
防無人機闖機場 立委提加裝GPS及電子圍籬
https://udn.com/news/story/6656/3707747?from=udn-ch1_breaknews-1-cate1-news
騰訊入侵走愛奇藝模式部會踢皮球 開十次會無法度
https://ec.ltn.com.tw/article/breakingnews/2732751
中國OTT鑽漏洞攻台 沈榮津:跨部會研擬防堵
https://bit.ly/2UjIfjt
有關「政府機關(構)資通安全責任等級分級作業規定」、
「資訊系統分級與資安防護基準作業規定」、「國家資通安全通報應變作業綱要」自即日停止適用
https://www.thu.edu.tw/web/announcement/announcement_detail.php?cid=10&id=14225
台立委警告:中資包辦台鐵 高鐵 北捷Wi-Fi
http://www.epochtimes.com/b5/19/3/18/n11122129.htm
陸資取得公共無線網路標案? 政院:暫無疑慮
https://www.chinatimes.com/realtimenews/20190319004311-260407?chdtv
台鐵捷運WiFi標案 政院:未使用陸資設備
https://www.cna.com.tw/news/aie/201903190308.aspx
中科院:武器銷售依規範 勿信假訊息
https://bit.ly/2TJ02MG
政府攜手民間 建構堅強資安防禦力
https://bit.ly/2FEqlOO
政院強化公部門資安維護 資安長會議登場
https://m.ltn.com.tw/news/politics/breakingnews/2732725
「中國是資安最大威脅」 陳其邁:檢討採購法讓預算合理編列
https://tw.appledaily.com/new/realtime/20190320/1536911/
H.SCADA/ICS/工控系統
【港鐵出事警號】 SCADA/ICS 系統失陷引爆大災難
https://bit.ly/2Uo7D7S
拒絕成為下個受駭者! 全球關鍵基礎設施成資安攻防重點
https://bit.ly/2JOBRg6
I.教育訓練
看新聞學資安
https://www-ws.gov.taipei/001/Upload/305/relfile/11455/4360/cb3baf9e-604e-4809-9a31-b6864995ab8f.pdf
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機
工業資安潛在風險要警覺 趨勢科技分享應防這些駭客技術
https://www.nownews.com/news/20190318/3277296/
搶攻IIoT全球標準 日Edgecross整合同業並朝東亞擴大市場
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000555854_QV670IDB6ZKJ6H3ZT124Y
6.近期資安活動及研討會
【課程】Webduino x AIoT 深度學習實作,自製 Camera 雲台機構、實作影像處理與物體追蹤,打造 AIoT 應用 3/30
https://www.techbang.com/posts/63282-course-webduino-x-aiot-image-identification-practice
Elixir台灣 台北 Meetup # Monday, April 1, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzgbcb/
Modeling Sequences with Recurrent Neural Networks, RNN Wednesday, April 3, 2019
https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257484461/
網路封包分析實務 4/11
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3826&from_course_list_url=homepage
【課程】大數據爬蟲技術實作,使用Python實作網路爬蟲,快速有效獲取大量資料,打造自動化金融數據平台 4/13
https://www.techbang.com/posts/58613-course-python-crawler-technology-implementation
對不起駭到你 4/13
https://tfc.kktix.cc/events/hacking-you-sorry?locale=en
2019 ICANN APAC-TWNIC Engagement forum 4/16~4/17
https://forum.twnic.tw/
Industrial Control Systems (ICS) Cyber Security Conference APAC April 16-18, 2019
https://www.icscybersecurityconference.com/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, April 17, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzgbwb/
網站弱點評估實務 4/18
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3830&from_course_list_url=homepage
國立交通大學 亥客書院 - 緩衝區溢位攻擊與預防 新竹 4/20
https://hackercollege.nctu.edu.tw/?p=1052
資安健診 4/25
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3834&from_course_list_url=homepage
國立交通大學 亥客書院 - 基礎網站安全建構實務 5/4
https://hackercollege.nctu.edu.tw/?p=1045
Pwn入門 5/5
https://hackersir.kktix.cc/events/fcu190505
Elixir台灣 台北 Meetup # Monday, May 6, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/
資安健診 5/9
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3827&from_course_list_url=homepage
國立交通大學 亥客書院 -電子郵件之偽造攻擊與防護措施安全通訊協定 5/11
https://hackercollege.nctu.edu.tw/?p=1054
iTHome 台灣雲端大會 Cloud Summit 2019 2019年 5 月 15 日 (三) 09:00~17:00
https://cloudsummit.ithome.com.tw/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, May 15, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzhbtb/
網路封包分析實務 5/16
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3831&from_course_list_url=homepage
源碼檢測實作 5/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3835&from_course_list_url=homepage
第二十九屆全國資訊安全會議 5/23 ~ 5/24
https://cisc2019.cs.pu.edu.tw/index.php
International Conference CONSTRUCTIVE THEORY OF FUNCTIONS - 2019 SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/
國立交通大學 亥客書院 - 密碼系統之漏洞、修補與檢測 6/15
https://hackercollege.nctu.edu.tw/?p=1039
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, June 19, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzjbzb/
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
沒有留言:
張貼留言