資安事件新聞週報 2019/4/8 ~ 2019/4/12
1.重大弱點漏洞
多個虛擬私人網絡應用程式未經加密儲存暫存 cookies 漏洞
https://kb.cert.org/vuls/id/192371/
CloudBees Jenkins信息洩露漏洞
https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089
Juniper 產品多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
Dell Networking OS10密鑰管理錯誤漏洞
https://www.dell.com/support/article/SLN316558/
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://www.exploit-db.com/exploits/46688
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting
https://www.exploit-db.com/exploits/46669
KindEditor上傳漏洞導致近百個黨政網站植入
http://www.52rkl.cn/xinwenzatan/040X245502019.html
TP-LINK路由器緩衝區溢出0 day 漏洞
https://www.4hou.com/vulnerable/17280.html
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
https://www.exploit-db.com/exploits/46678
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting
https://www.exploit-db.com/exploits/46687
QNAP Netatalk < 3.1.12 - Authentication Bypass
https://www.exploit-db.com/exploits/46675
關於Tenda AC系列路由器緩衝區溢出漏洞的情況通報
https://www.secrss.com/articles/9787
治標不治本,黑客仍可利用思科路由器漏洞
https://read01.com/5nzkjyK.html#.XLAAxugzbIU
Google修補Android系統11項重大及高風險安全漏洞
https://t.cj.sina.com.cn/articles/view/3022113061/b421c92500100gmju
3月macOS更新修補程序:漏洞可能會洩露受限制的信息,啟用任意代碼執行
https://bit.ly/2G8iz1o
Samba 多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/04/08/Samba-Releases-Security-Updates
Microsoft Internet Explorer 11 - XML External Entity Injection
https://www.exploit-db.com/exploits/46690
Microsoft 將於4月9日停止Windows 10 1709更新家庭版/專業版支持
https://news.xfastest.com/microsoft/61203/microsoft-4-9-windows-10-1709/
微軟將在5月釋出的Windows 10更新加入可手動延後35天升級選項
https://mashdigi.com/you-can-select-to-delayed-update-windows-10-from-may/
微軟擴大Windows 10 20H1的早期開發者測試
https://www.ithome.com.tw/news/129813
微軟Patch Tuesday修補兩個已被開採的Windows漏洞
https://www.ithome.com.tw/news/129898
微軟更新抓漏政策,外部舉報的漏洞就算官方已知情,一樣能獲得全額獎金
https://www.ithome.com.tw/news/129875
Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days
https://www.zdnet.com/article/microsofts-april-patch-tuesday-comes-with-fixes-for-two-windows-zero-days/#ftag=RSSbaffb68
Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack
https://reurl.cc/MzXQn
Microsoft is ready to move Windows 10 Fast Ring testers to build 20H1
https://www.zdnet.com/article/microsoft-is-ready-to-move-windows-10-fast-ring-testers-to-build-20h1/#ftag=RSSbaffb68
Microsoft Releases First Preview Builds of Chromium-based Edge Browser
https://bit.ly/2GdfNYP
Microsoft Edge CVE-2019-0833 Information Disclosure Vulnerability
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0833
十多個Apache HTTP Server版本含有允許駭客取得最高權限漏洞
https://bit.ly/2G5pybu
VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation
https://www.exploit-db.com/exploits/46601?utm_source=dlvr.it&utm_medium=twitter
A WINDOW OF OPPORTUNITY: EXPLOITING A CHROME 1DAY VULNERABILITY
https://blog.exodusintel.com/2019/04/03/a-window-of-opportunity/
LOADING UP A PAIR OF QT BUGS: DETAILING CVE-2019-1636 AND CVE-2019-6739
https://www.thezdi.com/blog/2019/4/3/loading-up-a-pair-of-qt-bugs-detailing-cve-2019-1636-and-cve-2019-6739
CVE-2019–5418: on WAF bypass and caching
https://blog.pentesterlab.com/cve-2019-5418-on-waf-bypass-and-caching-10e93f9a1981
CVE-2018-1994:IBM InfoSphere資產管理系統SQL注入漏洞
https://nvd.nist.gov/vuln/detail/CVE-2018-1994
CVE-2019-3395、CVE-2019-3396:Confluence Server 遠程代碼執行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-3395
https://nvd.nist.gov/vuln/detail/CVE-2019-3396
CVE-2019-9490 Trend Micro InterScan 6.5 SP2未授權訪問漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-9490
在HackerOne Singapore活動中揭露了Dropbox的264個漏洞
https://www.zdnet.com/article/dropbox-uncovers-264-vulnerabilities-in-hackerone-singapore-bug-hunt/#ftag=RSSbaffb68
研究人員揭露Wi-Fi WPA3標準的多個重大漏洞
https://www.ithome.com.tw/news/129931
Dragonblood vulnerabilities disclosed in WiFi WPA3 standard
https://www.zdnet.com/article/dragonblood-vulnerabilities-disclosed-in-wifi-wpa3-standard/#ftag=RSSbaffb68
Adobe patch update squashes critical code execution bugs
https://www.zdnet.com/article/adobe-patch-update-squashes-critical-code-execution-bugs/#ftag=RSSbaffb68
Adobe Releases Security Patches for Flash, Acrobat Reader, Other Products
https://reurl.cc/koqKq
Mozilla releases beta of Firefox for ARM-based Windows 10 laptops
https://www.zdnet.com/article/mozilla-releases-beta-of-firefox-for-arm-based-windows-10-laptops/#ftag=RSSbaffb68
JVN#01119243 Android アプリ「JR東日本 列車運行情報 プッシュ通知アプリ」が使用する API サーバにアクセス制限不備の脆弱性
https://jvn.jp/jp/JVN01119243/
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
新型態交易模式備出 就怕民眾金融知識不足
https://m.ctee.com.tw/livenews/aj/a83205002019040620214674
強化防偽造、日本紙幣將改版;相關股嗨、JCM一度漲停
https://m.moneydj.com/f1a.aspx?a=5802f4b1-3df2-42ca-8b7d-0f46c5b6a883
永齡攜手小港醫院 健康ATM進駐百家小7 啟用
https://bit.ly/2OXQUTE
電子發票全自動化管理- 載具申請、自動對獎、獎金兌現,一次搞定
https://bit.ly/2U1Uc9n
八大問題拷問互聯網保險:概念不清 監管漏洞頻出
https://news.sina.com.tw/article/20190408/30832708.html
陸P2P又爆倒閉潮
https://money.udn.com/money/story/5603/3742443
誇張! 英國搶匪開挖土機 將加油站ATM整台鏟起
https://m.ltn.com.tw/news/world/breakingnews/2754906
取經日本樂天 國票金推金融資安升級 建立自身資訊安全系統
http://bit.ly/2Ifu75d
2019網銀安全報告:54%網上銀行存竊取資金漏洞
https://www.secrss.com/articles/9778
哈日族動作快 日圓換匯又見0.27字頭 這樣做匯價更優
http://bit.ly/2X2a1i4
Congressional Report Rips Equifax for Weak Security
https://bit.ly/2U8nAKR
Group-IB and NGN International: Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised
https://www.group-ib.com/media/gib-ngn-gulf-countries-cards/
Alleged Chief of Romanian ATM Skimming Gang Arrested in Mexico
https://krebsonsecurity.com/2019/04/alleged-chief-of-romanian-atm-skimming-gang-arrested-in-mexico/
How crooks use your doppelgangers to pay with your card
https://www.kaspersky.com/blog/digital-masks-card-fraud/26357/
Report: FIN6 Shifts From Payment Card Theft to Ransomware
https://www.bankinfosecurity.com/report-fin6-shifts-from-payment-card-theft-to-ransomware-a-12358
Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware
https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html
A NEW BREED OF ATM HACKERS GETS IN THROUGH A BANK’S NETWORK
https://www.wired.com/story/atm-hacks-swift-network/
Positive Technologies: attackers can access personal data and other sensitive information in every online bank
https://www.ptsecurity.com/ww-en/about/news/attackers-can-access-personal-data-and-other-sensitive-information-in-every-online-bank/
合庫銀行擴大徵才680人
https://www.chinatimes.com/realtimenews/20190408004040-260410?chdtv
聯邦銀行行員招募
http://grad.osa.ncku.edu.tw/p/404-1054-192197-1.php?Lang=zh-tw
3.電子支付/電子票證/行動支付/ 新聞及資安
香港移動支付推廣難點 信息安全與八達通
http://hk.crntt.com/doc/1053/9/1/0/105391018.html?coluid=7&kindid=0&docid=105391018&mdate=0406134219
泰央行警告微信支付在泰業務並未獲得授權
https://www.vvfeng.com/article/52874.htm
Samsung Pay 即將支援臺灣悠遊卡
https://bit.ly/2U8lbjj
Brazil sprints ahead in mobile payments innovation
https://www.zdnet.com/article/brazil-sprints-ahead-in-mobile-payments-innovation/#ftag=RSSbaffb68
Asia driving global mobile payments, with eight in top 10 markets
https://www.zdnet.com/article/asia-driving-global-mobile-payments-with-eight-in-top-10-markets/#ftag=RSSbaffb68
5.虛擬貨幣/區塊鍊 新聞及資安
證券型代幣發行 為誰興利
https://www.chinatimes.com/newspapers/20190408000205-260202?chdtv
挖礦退燒 業者轉攻新應用
https://money.udn.com/money/story/5710/3739473
誰在幫斯洛維尼亞和克羅埃西亞打造「比特幣城」
http://news.knowing.asia/news/677c97f1-4276-44d0-8b56-4eab188894d9
Etherium交易在6秒內完成像信用卡一樣使用
http://www.robotsky.com/technology/201904/068893.html
門羅幣開發商確認修復Ledger 錢包漏洞
http://www.sohu.com/a/306787951_114774?sec=wd
基於Tron的代幣IseriCoin存在造幣漏洞,已被攻擊者利用
https://xcong.com/lives/1489499
Coinbase推出全球首張加密貨幣簽帳卡
https://www.ithome.com.tw/news/129933
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體
英媒:惡意軟體可篡改癌症檢測影像
https://news.sina.com.tw/article/20190407/30814144.html
Bashlite IoT惡意軟件更新
https://www.4hou.com/others/17210.html
華碩供應鏈攻擊事件:針對ShadowHammer惡意活動第一階段Payload的分析
https://www.4hou.com/other/17216.html
警惕!GandCrab5.2勒索病毒偽裝國家機關發送釣魚郵件進行攻擊
https://www.4hou.com/typ/17212.html
偽裝大師——XLoader新變種分析
https://www.4hou.com/web/17182.html
TA505 APT組織通過武器化Excel文檔啟動ServHelper後門
http://t.cn/E6LVdiT
亞太地區勒索軟體發生率全球最高,微軟建議企業「3 大要素」應對
https://www.limitlessiq.com/news/post/view/id/9134/
被行星家族的勒索軟體纏住了?別怕,Emsisoft釋出解密工具了
https://www.ithome.com.tw/news/129842
【俄羅斯特制新款木馬程式 Gustuff 】目標鎖定Android手機肆虐全球
https://bit.ly/2In1SAL
Android間諜程式Exodus現身iOS平台
https://www.ithome.com.tw/news/129873
利用“永恆之藍”漏洞的Yatron勒索軟件
http://www.mottoin.com/detail/3865.html
Bashlite IoT 惡意程式新增挖礦與後門功能,專門攻擊 WeMo 品牌裝置
https://blog.trendmicro.com.tw/?p=60149
這些年鎖定智慧工廠的病毒
https://blog.trendmicro.com.tw/?p=60143
【 手機病毒】XLoader變種假冒行動電話電信商,進行簡訊釣魚,Android及 iOS 皆為攻擊目標
https://blog.trendmicro.com.tw/?p=60126
全球勒索病毒持續「變種」攻擊,企業應採用資安防禦與備份方案以保護數位資產
http://www.pcdiy.com.tw/detail/12582
Google大神開掛!Chrome能一鍵幫你掃毒
https://www.ettoday.net/news/20190412/1420916.htm
LockerGoga 勒贖軟體分析
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=833
北韓駭客組織HIDDEN COBRA所利用的惡意程式HOPLIGHT
https://www.us-cert.gov/ncas/analysis-reports/AR19-100A
惡意軟體儲存在受感染的HTTPS網站隱藏目錄中
https://www.securityweek.com/attackers-store-malware-hidden-directories-compromised-https-sites
FAKE UPDATES CAMPAIGN PUSHES CHTHONIC BANKING TROJAN
https://www.malware-traffic-analysis.net/2019/04/05/index.html
IoT botnet targeting your enterprise? Nope. Just a kid with an ExploitDB account
https://www.zdnet.com/article/iot-botnet-targeting-your-enterprise-nope-just-a-kid-with-an-exploitdb-account/#ftag=RSSbaffb68
Ursnif: The Latest Evolution of the Most Popular Banking Malware
https://blog.yoroi.company/research/ursnif-the-latest-evolution-of-the-most-popular-banking-malware/
Newly discovered BasBanke banking trojan found targeting Brazilian users
https://cyware.com/news/newly-discovered-basbanke-banking-trojan-found-targeting-brazilian-users-f8ef334d
BasBanke: Trend-setting Brazilian banking Trojan
https://securelist.com/basbanke-trend-setting-brazilian-banking-trojan/90365/
Preparing for the Unpredictable: Security in a New World of Mobile Malware
https://securityintelligence.com/preparing-for-the-unpredictable-security-in-a-new-world-of-mobile-malware/
IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth
https://securityintelligence.com/icedid-banking-trojan-spruces-up-injection-tactics-to-add-stealth/
A dozen US web servers are spreading 10 malware families, Necurs link suspected
https://www.zdnet.com/article/a-dozen-us-web-servers-are-spreading-10-malware-families-necurs-botnet-link-suspected/#ftag=RSSbaffb68
Attackers Shift to Malware-Based Cryptominers
https://www.bankinfosecurity.com/attackers-shift-to-malware-based-cryptominers-a-12351
Security researchers discover iOS version of Exodus Android spyware
https://www.zdnet.com/article/security-researchers-discover-ios-version-of-exodus-android-spyware/#ftag=RSSbaffb68
LockerGoga: It's not all about the ransom
https://www.zdnet.com/article/industrial-malware-lockergoga-forces-victims-to-go-back-to-pen-and-paper/#ftag=RSSbaffb68
TrickBot Trojan seeks out weak human links in business to profit from the tax season
https://www.zdnet.com/article/trickbot-trojan-profits-from-the-tax-season/#ftag=RSSbaffb68
Analyzing the botnet infrastructure and threat actors behind TrickBot
https://technical.nttsecurity.com/post/102fhgo/analyzing-the-botnet-infrastructure-and-threat-actors-behind-trickbot
Securonix Threat Research: Detecting LockerGoga Targeted IT/OT Cyber Sabotage/Ransomware Attacks
https://www.securonix.com/securonix-threat-research-detecting-lockergoga-targeted-it-ot-cyber-sabotage-ransomware-attacks/
Ursnif: The Latest Evolution of the Most Popular Banking Malware
https://blog.yoroi.company/research/ursnif-the-latest-evolution-of-the-most-popular-banking-malware/
URSNIF – A POLYMORPHIC DELIVERY MECHANISM EXPLAINED
https://www.sentinelone.com/blog/ursnif-polymorphic-delivery-mechanism-explained/
Mapping Out a Malware Distribution Network
https://www.bromium.com/mapping-malware-distribution-network/
Grab-and-go Baldr malware enters the black market
https://www.zdnet.com/article/grab-and-go-info-stealer-baldr-malware-enters-the-black-market/#ftag=RSSbaffb68
Reveton ransomware distributor sentenced to six years in prison in the UK
https://www.zdnet.com/article/reveton-ransomware-distributor-sentenced-to-six-years-in-prison-in-the-uk/#ftag=RSSbaffb68
UK Man Gets Six-Year Sentence for Global Ransomware Scheme
https://www.bankinfosecurity.asia/uk-man-gets-six-year-sentence-for-global-ransomware-scheme-a-12361
'Exodus' Surveillance Malware Found Targeting Apple iOS Users
https://bit.ly/2InD1Nb
US government publishes details on North Korea's HOPLIGHT malware
https://www.zdnet.com/article/us-government-publishes-details-on-north-koreas-hoplight-malware/#ftag=RSSbaffb68
Sophisticated 'TajMahal APT Framework' Remained Undetected for 5 Years
https://reurl.cc/Y3da4
Attackers Insert Themselves into the Email Conversation to Spread Malware
https://blog.minerva-labs.com/attackers-insert-themselves-into-the-email-conversation-to-spread-malware
海蓮花APT 組織使用的macOS 惡意軟件更新分析 OceanLotus: macOS malware update
https://www.welivesecurity.com/2019/04/09/oceanlotus-macos-malware-update/
B.行動安全 / iPhone / Android /穿戴裝置 /App
底層通訊的資安,誰來看顧
http://www.compotechasia.com/a/opportunity/2019/0410/41546.html
小米手機預裝的安全程式Guard Provider暗藏中間人攻擊漏洞
https://www.ithome.com.tw/news/129805
小米安全中心Guard Provider APP漏洞分析
https://xz.aliyun.com/t/4689
網路安全廠商踢爆 小米手機內建App暗藏漏洞
https://www.chinatimes.com/realtimenews/20190412001735-260412?chdtv
小米薄荷瀏覽器URL欺騙漏洞(CVE-2019-10875)的安全修復被繞過
https://nosec.org/home/detail/2463.html
華為禍不單行 手機爆炸致用戶重傷
https://www.ntdtv.com/b5/2019/04/10/a102553090.html
Galaxy S10 指紋不止未完善,還被揭存嚴重保安漏洞
https://qooah.com/2019/04/07/samsung-galaxy-s10-fingerprint-hacked/
超聲波指紋辨識很安全?3分鐘不到破解Galaxy S10
https://udn.com/news/story/7098/3743860
由駭客開發、為駭客設計的手機 WiPhone ,不但能土砲客製還能當開發板使用
http://bit.ly/2IoCmv3
印度法院認為抖音「鼓勵色情內容」要求政府禁止下載
https://bit.ly/2OOUa3H
日本推動商用5G 電信商拒用中國設備
https://ec.ltn.com.tw/article/breakingnews/2755425
警告勿使用Tw3lve 越獄!完全來自複製unc0ver 代碼的工具
https://mrmad.com.tw/tw3lve-jailbreak-fake
Google Play 商店出現針對兒童客群的血腥暴力遊戲,評級機制出現漏洞
https://www.kocpc.com.tw/archives/252817
Google將讓Android 7以上手機當2FA安全金鑰
https://www.ithome.com.tw/news/129915
中共官方大肆整改網路 下架逾三萬款app
http://bit.ly/2G7A8gL
WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites
https://bit.ly/2OQG7dM
Vulnerability found in Xiaomi phones' pre-installed security app
https://www.zdnet.com/article/vulnerability-found-in-xiaomi-phones-pre-installed-security-app/#ftag=RSSbaffb68
Xiaomi URL spoofing w/ SSL vulnerability or, CVE-2019-10875 - Was it intentionally kept in the global versions by Xiaomi
https://bit.ly/2UAhCqx
Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs
https://bit.ly/2uMlgyX
Hackers Could Turn Pre-Installed Antivirus App on Xiaomi Phones Into Malware
https://bit.ly/2uQ9B2q
Google transforms Android phones into security keys
https://www.zdnet.com/article/google-transforms-android-phones-into-security-keys/#ftag=RSSbaffb68
C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件
機捷等車!月台螢幕跳出「這代Windows圖示」他驚呆 鄉民反推:這才好用
https://www.ettoday.net/news/20190406/1416327.htm
職場環境惡劣,「資深」程式設計師該如何延長職業壽命
https://www.techbang.com/posts/69225-how-can-older-programmers-extend-their-career-life-when-the-workplace-environment-is-harsh
IDC機房客戶遭駭客攻擊 中華電信緊急修復
https://taronews.tw/2019/04/09/305940/
IDC機房客戶遭駭客攻擊 中華電緊急修復
https://udn.com/news/story/7240/3746695
D-Link路由又被黑了?這回駭客利用的是它
http://big5.pconline.com.cn/b5/security.pconline.com.cn/1247/12470316.html
英情報機構:華為安全技術"太糟糕"
https://bit.ly/2v1v8W1
華爲電腦後門曝光 「外交家」呼籲審查微信
https://www.ntdtv.com/b5/2019/04/07/a102550937.html
Matebook 很不安全!微軟抓到華為系統漏洞,在筆電裝「後門」
https://www.limitlessiq.com/news/post/view/id/9139/
Bruce Schneier:萬物都是電腦,所有事也都變成了資安事
https://www.ithome.com.tw/news/129804
SMTP不夠安全,Gmail開始採用MTA-STS標準以驗證連線
https://www.ithome.com.tw/news/129925
資安高手有戰績 薪資容易談
https://news.ltn.com.tw/news/weeklybiz/paper/1279928
65% 製造環境,還在使用過時作業系統
https://blog.trendmicro.com.tw/?p=60162
駭客濫用Google平臺鎖定路由器展開DNS攻擊
https://www.ithome.com.tw/news/129819
駭侵組織鎖定 D-Link、TOTOLINK 等家用路由器進行 DNS 劫持
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=903
臺灣大型組織破千臺主機紅隊演練細節首次大公開
https://www.ithome.com.tw/news/129815
趨勢科技研究顯示 65% 製造環境仍在使用過時作業系統
https://n.yam.com/Article/20190408735558
微軟發布年度資安回顧報告,提醒臺灣偷渡式下載攻擊在亞太最嚴重
https://www.ithome.com.tw/news/129806
思科:臉書暗藏由74個社團與38萬名成員組成的網路犯罪市集
https://www.ithome.com.tw/news/129820
Hiding in Plain Sight
https://blog.talosintelligence.com/2019/04/hiding-in-plain-sight.html
迎戰中國資訊戰攻擊 李忠憲推荐「他」當台灣隊一線指揮官
https://news.ltn.com.tw/news/politics/breakingnews/2751574
香港保安局局長李家超:心急立法設窺淫罪堵塞漏洞
http://bit.ly/2UusjeY
俄國二讀爭議法案 政府得以切斷國外伺服器
https://www.taiwannews.com.tw/ch/news/3678675
日本海事協會發表網路資安方法
https://www.chinatimes.com/realtimenews/20190406002245-260410?chdtv
英國政府:資料駭侵造成的企業損失,兩年來增加 41%
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=832
北約「堅鎖之盾」網路實戰演習 模擬對抗網攻、假訊息
https://www.ydn.com.tw/News/331505
北約網路實戰演習 模擬網路攻擊及騷動訊息處理
https://bit.ly/2Itrxrt
俄駭客瞄準歐盟大選
https://bit.ly/2IjTfXN
美採用監聽法 搜集華為違法證據
https://bit.ly/2OPQQ8c
英國政府擬要求網站平臺負責移除有害內容,違者將處以天價罰金
https://www.ithome.com.tw/news/129858?fbclid=IwAR2CtVN_htyOfkZ9P8TXa9S2gvlDUHPFB8RQaC7boYZScmuhIzT0rzuDE7E
德國最大藥商拜耳遭駭 點名中共駭客
http://www.ntdtv.com.tw/b5/20190405/video/243106.html
美國政府要抓「維基解密」創辦人!阿桑奇政治庇護被撤銷、遭英國警方逮捕
http://bit.ly/2uWV5pA
美議員:中國發動網路攻擊 竊取美國政府人事資料
https://ec.ltn.com.tw/article/breakingnews/2756353
巴基斯坦監視系統遭安裝華為wi-fi模組 引發資安憂慮
https://bit.ly/2Gas3sX
巴基斯坦閉路電視系統藏華為WiFi組件 揭發後已遭移除
http://bit.ly/2UwqEpl
巴基斯坦政府網站遭駭客植入按鍵記錄軟體
https://blog.twnic.net.tw/2019/04/10/3255/
荷蘭情報局:勿採用頻繁進行駭客攻擊的國家技術 例如中國和俄羅斯
https://lihkg.com/thread/1096651/page/1
MIT、哈佛都在這裡 美國波士頓成為中國間諜重要活動目標
https://www.cmmedia.com.tw/home/articles/15062
中共首次承認自己是「匪類」
https://bit.ly/2OVS8Pm
中共對台資訊戰 朝野議論台灣防制策略
https://bit.ly/2D0fkac
中國透過舊勢力控制媒體網路 洗腦台灣
https://www.cna.com.tw/news/aipl/201904070097.aspx
「他們要讓民主國家更分裂!」七國集團會商防範俄羅斯與中國 日本:北京就曾利用網路干預台灣選舉
https://www.storm.mg/article/1148364
看過來!中國收購粉專、收買網紅 有這幾招可以防堵
https://m.ltn.com.tw/news/politics/breakingnews/2751858
中國網軍入侵! 大肆出價收購台粉絲專頁 人力銀行徵小編 月薪達5萬須"支持統一"
https://www.ttv.com.tw/news/view/10804060019100N/579
中國5G戰略 五角大廈:離不開中共背景
https://bit.ly/2D09c1E
FBI criticized for delaying breach notifications, including insufficient details
https://www.zdnet.com/article/fbi-criticized-for-delaying-breach-notifications-including-insufficient-details/#ftag=RSSbaffb68
Scary Bug in Burp Suite Upstream Proxy Allows Hackers to Hack Hackers
https://bit.ly/2D4V9I8
E-commerce JavaScript Sniffer Attacks Proliferate: Report
https://www.bankinfosecurity.com/e-commerce-javascript-sniffer-attacks-proliferate-report-a-12350
PayPal, Netflix, Gmail, and Uber users among targets in new wave of DNS hijacking attacks
https://bit.ly/2KpUzeq
Cyber Threat alert for Canada October Elections
https://www.cybersecurity-insiders.com/cyber-threat-alert-for-canada-october-elections/
Cybercrime market selling full digital fingerprints of over 60,000 users
https://www.zdnet.com/article/cybercrime-market-selling-full-digital-fingerprints-of-over-60000-users/#ftag=RSSbaffb68
Mailgun hacked part of massive attack on WordPress sites
https://www.zdnet.com/article/mailgun-hacked-part-of-massive-attack-on-wordpress-sites/#ftag=RSSbaffb68
Google Chrome engineers want to block some HTTP file downloads
https://www.zdnet.com/article/google-chrome-engineers-want-to-block-some-http-file-downloads/#ftag=RSSbaffb68
Huawei's surveillance system in Serbia threatens citizens' rights, watchdog warns
https://www.zdnet.com/article/huaweis-surveillance-system-in-serbia-threatens-citizens-rights-watchdog-warns/#ftag=RSSbaffb68
Women in Cybersecurity: A Progress Report
https://www.bankinfosecurity.com/interviews/women-in-cybersecurity-progress-report-i-4288
Dark Patterns: How Weaponized Usability Hurts Users
https://www.bankinfosecurity.com/dark-patterns-how-weaponized-usability-hurts-users-a-12364
WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum
http://bit.ly/2UwSP7v
Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password
http://bit.ly/2Z6PoTO
Online security 101: How to protect your privacy from hackers, spies, and the government
https://www.zdnet.com/article/online-security-101-how-to-protect-your-privacy-from-hackers-spies-and-the-government/#ftag=RSSbaffb68
Kaspersky: US security software ban just 'makes cybercriminals happy'
https://www.zdnet.com/article/kaspersky-us-security-software-ban-just-makes-cybercriminals-happy/#ftag=RSSbaffb68
Revealing the Dark Web: How to Leverage Technologies to Alert and Block Dark Web Access
https://www.bankinfosecurity.com/webinars/revealing-dark-web-how-to-leverage-technologies-to-alert-block-dark-w-1960
資安工程師
https://www.104.com.tw/job/?jobno=6kont
軟體工程師
https://www.104.com.tw/job/?jobno=21r8s&jobsource=freshman2009
(約聘)工程師【新竹】
https://www.104.com.tw/job/?jobno=6kp1n
資安工程師 (歡迎應屆畢業生)
https://www.104.com.tw/job/?jobno=6kr1p
LINE暑期實習計劃本月啟動 5月將招募50位開發工程師
https://udn.com/news/story/7240/3744921
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
假訊息像恐怖主義 學者提「資訊戰」佈署
http://www.ntdtv.com.tw/b5/20190408/video/243229.html
網路釣魚利用瀏覽器擴充套件SingleFile 複製合法網站, 避免被偵測
https://blog.trendmicro.com.tw/?p=60137
【網路釣魚 】「Soula」偽造搜尋引擎登入畫面,針對韓國網站發動水坑攻擊,竊取帳密
https://blog.trendmicro.com.tw/?p=60088
你的資料不是你的資料:如何在資訊世界求生存?數位青年談網路治理
https://www.thenewslens.com/article/115148
湖北一公職人員洩露公民信息5萬餘條,非法獲利23萬餘元
http://t.cn/E6LVdGI
政府打擊假新聞 藍立委抨排除異己
https://money.udn.com/money/story/7307/3745573
中國企業 3 個月外洩 5.9 億份履歷,資安與隱私問題堪慮
https://technews.tw/2019/04/08/chinese-companies-have-leaked-over-590-million-resumes/
用幾千台假iPhone換真機 兩學生騙蘋果600萬被起訴
https://news.sina.com.tw/article/20190406/30810390.html
假刷卡真套現!預借現金又跑銀樓 銀行舉黃牌
https://tw.appledaily.com/new/realtime/20190409/1547467/
7百萬Indane LPG用戶和分銷商數據息洩露
http://t.cn/E6LVd5A
國安及資安假新聞 應以法律規範
https://m.ltn.com.tw/news/life/paper/1279846
臺灣已是連續六年遭受假消息攻擊最嚴重的國家
https://www.ithome.com.tw/news/129922
厄瓜多總統個資外流怪罪維基解密 阿桑奇可能被趕出大使館
https://www.storm.mg/article/1143537
北京某銀行客戶經理私改客戶網銀密碼侵占資金2330萬元被抓
http://www.sohu.com/a/306489690_639898
思科最新報告:駭客組織在臉書兜售消費者個資
https://bit.ly/2TWqJxu
美俄亥俄州消防局:電力公司不接受比特幣付款,居民需警惕相關騙局
https://news.sina.com.tw/article/20190410/30857284.html
台灣詐騙無所不在 連投資都騙 專家教防騙三招
https://www.setn.com/News.aspx?NewsID=524765
母親節詐騙活動開跑了
https://blog.trendmicro.com.tw/?p=60190
賽門鐵克:近七成飯店網站洩露住客個資
https://www.ithome.com.tw/news/129917
愛上陽光渣男慘被騙229萬元 她還被元配狠嗆「去告啊!」
https://www.ettoday.net/news/20190411/1419791.htm
信用卡詐騙成金融詐騙案主體
http://money.people.com.cn/BIG5/n1/2019/0410/c42877-31021913.html
媽媽報警抓「內鬼」 犯人竟然是兒子
https://bit.ly/2KrYVl6
美聯邦機構破獲保險詐騙案 涉案金額達12億美元
http://dailynews.sina.com/bg/international/chinanews/2019-04-09/doc-iwtzzspp1149796.shtml
齊保網涉詐騙:瞄準保險業務員3000多人被騙2000多萬
http://finance.sina.com/bg/economy/economy_company/sinacn/2019-04-10/doc-ivkrakue2456475.shtml
中文詐騙電話捲土重來 FBI發警告 受騙者多為亞裔 其中許多受害者是學生或來自中國的客座教授
http://www.epochtimes.com/b5/19/4/11/n11178564.htm
LINE/臉書留言就抽MacBook是詐騙
https://www.chinatimes.com/realtimenews/20190409003234-260412?chdtv
雅虎達數據外洩和解協議 賠逾9億
http://bit.ly/2GlLtLH
武漢警方查處45個電信網路詐騙窩點 581人落網
https://news.sina.com.tw/article/20190411/30884484.html
WhatsApp驗證碼騙案升13倍 男子失43萬
https://hk.news.appledaily.com/local/daily/article/20190409/20652097
25%的網釣郵件可以躲過Office 365內建的安全機制
https://www.ithome.com.tw/news/129921
逾5.4億筆臉書用戶紀錄在AWS上曝光
https://www.ithome.com.tw/news/129798
540 Million Facebook User Records Found On Unprotected Amazon Servers
https://bit.ly/2OUhTj2
Cyber News Rundown: Massive Data Breach at Georgia Tech
https://www.webroot.com/blog/2019/04/05/cyber-news-rundown-massive-data-breach-at-georgia-tech/
Why Singapore's 'Fake News' Bill Should Be Enacted
https://www.bankinfosecurity.asia/blogs/singapores-fake-news-bill-should-be-enacted-p-2735
Attacking Phishing With SOAR
https://www.bankinfosecurity.com/attacking-phishing-soar-a-12353
Yahoo data breach settlement effort reaches $117.5 million
https://www.zdnet.com/article/yahoo-data-breach-settlement-effort-reaches-117-5-million/#ftag=RSSbaffb68
Yahoo Takes Second Swing at Data Breach Settlement
https://www.bankinfosecurity.com/yahoo-takes-second-swing-at-data-breach-settlement-a-12363
Ahead of Election, Facebook Takes More Steps to Curb Fake News
https://www.bankinfosecurity.asia/ahead-election-facebook-takes-more-steps-to-curb-fake-news-a-12370
E.研究報告
個案分析-網頁置換攻擊事件分析報告_10803
https://cert.tanet.edu.tw/prog/opendoc.php?id=2019032804031111927055681912994.pdf
XanXSS – 一款XSS自動檢測工具
http://t.cn/E6LVd77
Pyrit – The Famous WPA Precomputed Cracker
http://t.cn/E6LVdzm
Pe-afl:一款支持對Windows二進製程序的afl fuzz工具
http://t.cn/E6L7Hxj
主流瀏覽器阻止點擊跟踪隱私風險的措施
http://t.cn/E6LVdf3
PCILeech:動態內存分析與指紋提取工具使用與介紹
http://t.cn/E6LVdJV
雲安全- 子域名takeover漏洞原理分析與防禦(以微軟為例)
https://xz.aliyun.com/t/4673
Ruby on Rails路徑穿越與任意文件讀取漏洞分析(CVE-2019-5418)
http://www.sohu.com/a/306334931_354899?sec=wd
如何挖掘RPC漏洞
https://www.anquanke.com/post/id/176034
QT漏洞的詳細介紹:CVE-2019-1636與CVE-2019-6739
https://xz.aliyun.com/t/4677
VBScript引擎堆溢出远程代码执行漏洞分析(CVE-2019-0666)
https://www.4hou.com/vulnerable/17250.html
CVE-2019-2444漏洞利用及相關攻擊鏈介紹
https://www.anquanke.com/post/id/176093
Confluence未授權RCE(CVE-2019-3396)漏洞分析
https://paper.seebug.org/884/
CVE-2019-0211:Apache HTTP服務組件提權漏洞分析
https://paper.seebug.org/885/
Atlassian Confluence 遠程代碼執行漏洞分析
https://paper.tuisec.win/detail/cee074d9a50bba7
Ghidra插件研發系列教程1
http://t.cn/E6LVdMn
Researcher Reveals Multiple Flaws in Verizon Fios Routers — PoC Released
https://bit.ly/2P3ZRuz
NSA Releases GHIDRA Source Code — Free Reverse Engineering Tool
https://bit.ly/2TYxJcY
hlldz/APC-PPID
https://github.com/hlldz/APC-PPID
mirroredmind/Rev_shell_creator
https://bit.ly/2FWLVhK
SecureThisShit/WinPwn
https://github.com/SecureThisShit/WinPwn?fbclid=IwAR2ZIXapnrt-YJcvFOeKEPwtav2u7WDTBhE3Yatzs4jYfX3G7kR7ynroaQU
CISOfy/lynis
https://github.com/CISOfy/lynis/?fbclid=IwAR3Qun17CRAYaukuRRCUt8dS-Sf9fWoAQ6r8-WZKk1iyhkQMWFe_t6Dk-vk
Interception: Dissecting BokBot’s “Man in the Browser”
https://bit.ly/2WQXAWd
Digging into BokBot’s Core Module
https://bit.ly/2YWfdFU
Reversing the Rachio Smart Sprinkler Controller
https://bit.ly/2VwudIs
Mimikatz in the Wild: Bypassing Signature-Based Detections Using the “AK47 of Cyber”
https://www.crowdstrike.com/blog/credential-theft-mimikatz-techniques/
CB TAU Threat Intelligence Notification: Hunting APT28 Downloaders
https://www.carbonblack.com/2019/04/05/cb-threat-intelligence-notification-hunting-apt28-downloaders/
RETURN TO SENDER: A TECHNICAL ANALYSIS OF A PAYPAL PHISHING SCAM
https://www.sentinelone.com/blog/technical-analysis-paypal-phishing-scam/
使用自定義PE 格式的惡意軟件分析funky_malware_formats_TheSAS2019_slides.pdf
https://drive.google.com/file/d/1k758QQLHxgIynCYhWfnizk8k7emZk_h8/view?usp=drivesdk
Dragonblood - 對WPA3 的SAE 握手流程的安全性分析(Paper)
https://papers.mathyvanhoef.com/dragonblood.pdf
Microsoft 對利用WinRar CVE-2018-20250 目錄穿越漏洞的針對性攻擊分析
https://www.microsoft.com/security/blog/2019/04/10/analysis-of-a-targeted-attack-exploiting-the-winrar-cve-2018-20250-vulnerability/
利用WMI 事件訂閱進行持久化的攻擊方式介紹與檢測
https://paper.seebug.org/886/
FireEye 對攻擊工控設備等基礎設施的TRITON 攻擊活動的詳細分析
http://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html
研究人員在調查GOSSIPGIR 的過程中再次發現了FLAME 的踪跡並對此做了跟踪分析
https://storage.googleapis.com/chronicle-research/Flame%202.0%20Risen%20from%20the%20Ashes.pdf
F.商業
強化邊緣運算資安設計 宜鼎國際建構高安全AIoT系統
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=45&cat2=10&id=0000557026_Z6O1E2J2177QNY7PB2LAB
升級 Windows 10 黃金時刻,快速增加資安防護與 IT 生產力
https://www.inside.com.tw/article/16064-the-golden-time-of-upgrading-to-windows-10
眾至郵件SandStorm防護機制 降低惡意程式滲透攻擊
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000557269_tth1ijh97x1vmk891vqd8
The Linux desktop is in trouble
https://www.zdnet.com/article/the-linux-desktop-is-in-trouble/#ftag=RSSbaffb68
Google announces fully-managed service on GCP for Microsoft SQL Server workloads
https://www.zdnet.com/article/google-announces-fully-managed-service-on-gcp-for-microsoft-sql-server-workloads/#ftag=RSSbaffb68
Gmail becomes first major email provider to support MTA-STS and TLS Reporting
https://www.zdnet.com/article/gmail-becomes-first-major-email-provider-to-support-mta-sts-and-tls-reporting/#ftag=RSSbaffb68
Google brings Cloud Security Command Center into GA, adds new services
https://www.zdnet.com/article/google-brings-cloud-security-command-center-into-ga-adds-new-services/#ftag=RSSbaffb68
Confluent, Fivetran announce deep Google Cloud integration
https://www.zdnet.com/article/confluent-fivetran-announce-google-cloud-availability/#ftag=RSSbaffb68
Google brings Assistant to G Suite
https://www.zdnet.com/article/google-brings-assistant-to-g-suite/#ftag=RSSbaffb68
Microsoft publishes SECCON framework for securing Windows 10
https://www.zdnet.com/article/microsoft-publishes-seccon-framework-for-securing-windows-10/#ftag=RSSbaffb68
SAP Ariba Live event summary: Digital transformation in procurement
https://www.zdnet.com/article/sap-ariba-live-event-summary-digital-transformation-in-procurement/#ftag=RSSbaffb68
Carlyle Group, Schneider Electric form AlphaStruxture to ramp smart infrastructure deployments
https://www.zdnet.com/article/carlyle-group-schneider-electric-form-alphastruxture-to-ramp-smart-infrastructure-deployments/#ftag=RSSbaffb68
G.政府
台灣數位部長:「西方國家警醒了是件好事」
https://bit.ly/2I28k0B
公務機關禁中國資通訊產品 本週公布
https://m.ltn.com.tw/news/focus/paper/1280129
科技部拜會德國經濟能源部 強化工業4.0合作
https://bit.ly/2Ul4whA
防洗錢 金管會盯上虛擬貨幣業者
https://udn.com/news/story/7239/3742374?fbclid=IwAR0S0P1Kb2oqD9UvmPkCegkAiVRxRimN3scroUufVzxpE8RR24xYqqJugEE
虛擬貨幣納管 月底敲定範圍
https://udn.com/news/story/7239/3742375?from=udn-catelistnews_ch2
約有200人參與STO公聽會!金管會主委顧立雄:請大家發言盡量簡短
http://bit.ly/2Ieorse
提高使用雲端發票誘因 財部擬增小額獎項
https://bit.ly/2uU9tia
設安富金融工程研究中心 清大用FinTech助金融轉型
https://bit.ly/2G6pYOz
[歡迎報名,共同防護物聯網資安] 4/10 10:00 IOT-ISAC平台服務啟動
https://www.communications.org.tw/news/policy/item/9167-0410.html
物聯網資安防護評估機制及IoT-ISAC平台正式上線
https://money.udn.com/money/story/5635/3747602
高雄國稅局嚴格執行資安稽核,保護納稅義務人個資安全
https://www.ntbk.gov.tw/etwmain/web/ETW118W/CON/934/8121117899283650753
新北公車Wi-Fi用華為設備 侯友宜:將了解使用狀況
https://news.ltn.com.tw/news/life/breakingnews/2752899
新北公車Wi-Fi用華為設備 資安出包
https://bit.ly/2YVgi0Z
公車免費WIFI竟使用華為設備 資訊安全恐出現漏洞
https://m.ltn.com.tw/news/politics/breakingnews/2752696
新北公車Wi-Fi用華為設備 恐藏「後門」危資安
https://m.ltn.com.tw/news/focus/paper/1280220
新北市公車用華為網卡有資安疑慮?業者出面回應了
https://newtalk.tw/news/view/2019-04-09/230887
公車免費WIFI竟使用華為設備 資訊安全恐出現漏洞
http://bit.ly/2InF3wS
通勤注意!公車免費WIFI竟是華為設備 你我個資恐外洩
https://www.setn.com/News.aspx?NewsID=524040
指南客運:考慮更換華為網卡
https://ec.ltn.com.tw/article/paper/1280446
【新北客運 Wifi 設備來自華為】被踢爆用中國資安大盜,客運業者:沒人反映資訊外洩
https://buzzorange.com/2019/04/11/huawei-and-new-taipei-city-wifi-trap/
新北公車WiFi用華為網卡報資安疑慮 林佳龍下令各運輸全面徹查
https://tw.appledaily.com/new/realtime/20190410/1548078/
會議談話頻外流 柯文哲找市刑大入府秘搜竊聽器
https://www.ettoday.net/news/20190411/1419996.htm
國家級資安長揭露施政方針,持續強化整體資安與推動產業自主
https://www.ithome.com.tw/article/129424
新版數位身分證 可擴充性、資安受關注
https://news.pts.org.tw/article/428672
H.SCADA/ICS/工控系統
趨勢科技推出工業機械資安解決方案 有效提升智慧工廠安全防護
https://bit.ly/2Ik9WSK
趨勢攜夥伴成立工業物聯網公司 秀新資安解決方案
https://udn.com/news/story/7240/3744696
趨勢科技、Moxa合資成立TXOne Networks,預先展示工業機械資安解決方案
https://bit.ly/2X1ErBf
Delta Industrial Automation TPEditor越界寫入漏洞
http://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=4536&DocPath=1&hl=en-US
工業互聯網安全應急響應中心:關於Advantech WebAccess多個漏洞的情況通報
https://www.secrss.com/articles/9684
Siemens 多個產品漏洞威脅預警通告
http://copyfuture.com/blogs-details/3ac427e0c4ac6326dff4ef4c1382049b
Schneider Electric launches EcoStruxture IT Advisor for data center monitoring, analytics
https://www.zdnet.com/article/schneider-electric-launches-ecostruxture-it-advisor-for-data-center-monitoring-analytics/#ftag=RSSbaffb68
Triton hackers return with new, covert industrial attack
https://www.zdnet.com/article/triton-hackers-return-with-new-industrial-attack/#ftag=RSSbaffb68
I.教育訓練
Hashcat Tutorial – Rule Writing
https://laconicwolf.com/2019/03/29/hashcat-tutorial-rule-writing/
Termux Hacks Guide [2019] : Tutorial, Commands List, Tools, Apk, Uses, Packages
https://bit.ly/2WQLnAR
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機
慎防自駕車系統駭客 美國大學研究防禦措施
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&cat3=50&id=0000556799_p8i8e4u58aay84l29pof3
強化邊緣運算資安設計 如何建構高安全AIoT系統
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=100&id=0000557323_4sk49wtq1evz5j4fghiq2
連網汽車飽受威脅 趨勢科技推出車聯網入侵防護系統
https://bit.ly/2G6FCcE
汽車MOBI聯盟推廣區塊鏈平台 加速實現跨製造商自駕數據共享
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=35&id=0000557409_vsd51daulrzhp8ljw7jjl
海康威視在杭州舉行第二屆AI Cloud生態大會
https://n.yam.com/Article/20190408891384
Raspberry Pi accessories to take your single-board projects to the next level
https://www.zdnet.com/pictures/raspberry-pi-accessories-to-take-your-single-board-projects-to-the-next-level/#ftag=RSSbaffb68
6.近期資安活動及研討會
【課程】大數據爬蟲技術實作,使用Python實作網路爬蟲,快速有效獲取大量資料,打造自動化金融數據平台 4/13
https://www.techbang.com/posts/58613-course-python-crawler-technology-implementation
對不起駭到你 4/13
https://tfc.kktix.cc/events/hacking-you-sorry?locale=en
2019 ICANN APAC-TWNIC Engagement forum 4/16~4/17
https://forum.twnic.tw/
Industrial Control Systems (ICS) Cyber Security Conference APAC April 16-18, 2019
https://www.icscybersecurityconference.com/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, April 17, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzgbwb/
國票金控「純網銀鯰魚與資安技術漣漪」日本樂天技術與談發表會 4/18
https://www.accupass.com/event/1904020622403023353630
網站弱點評估實務 4/18
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3830&from_course_list_url=homepage
資策會「網路媒體公關經營實務班」課程,善用新媒體策略擴散您的品牌! 4/18
http://www.iiiedu.org.tw/ites/MPR.htm
國立交通大學 亥客書院 - 緩衝區溢位攻擊與預防 新竹 4/20
https://hackercollege.nctu.edu.tw/?p=1052
資安健診 4/25
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3834&from_course_list_url=homepage
國立交通大學 亥客書院 - 基礎網站安全建構實務 5/4
https://hackercollege.nctu.edu.tw/?p=1045
Pwn入門 5/5
https://hackersir.kktix.cc/events/fcu190505
Elixir台灣 台北 Meetup # Monday, May 6, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/
向資安服務看齊 我們一起讓資安從「有做」到「有效」 5/8 ~ 5/10
https://www.informationsecurity.com.tw/Seminar/2019_all/
資安健診 5/9
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3827&from_course_list_url=homepage
國立交通大學 亥客書院 -電子郵件之偽造攻擊與防護措施安全通訊協定 5/11
https://hackercollege.nctu.edu.tw/?p=1054
iTHome 台灣雲端大會 Cloud Summit 2019 2019年 5 月 15 日 (三) 09:00~17:00
https://cloudsummit.ithome.com.tw/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, May 15, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzhbtb/
網路封包分析實務 5/16
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3831&from_course_list_url=homepage
源碼檢測實作 5/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3835&from_course_list_url=homepage
第二十九屆全國資訊安全會議 5/23 ~ 5/24
https://cisc2019.cs.pu.edu.tw/index.php
International Conference CONSTRUCTIVE THEORY OF FUNCTIONS - 2019 SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/
國立交通大學 亥客書院 - 密碼系統之漏洞、修補與檢測 6/15
https://hackercollege.nctu.edu.tw/?p=1039
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, June 19, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzjbzb/
資安法規與制度研析課程-108年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」 8/29 ~ 8/30
http://www.cisanet.org.tw/News/activity_more?id=MTQzMw==
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
訂閱:
張貼留言 (Atom)
2024年 12 月份資安、社群活動分享
2024年 12 月份資安、社群活動分享 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/12/3 https://www.meetup.com/taiwan-code-camp/e...
-
2024年 3月份資安、社群活動分享 線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://b...
-
2024年 2月份資安、社群活動分享 Taipei All About API Meetup Group - Meet and Greet, 01 Feb 2024, 07:00 PM 2024/2/1 https://www.meetup.com/taipei-all-a...
-
2024年 5 月份資安、社群活動分享 資安五四三 2024/5/2 https://csa.kktix.cc/events/202405-543 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/5/2 http...
沒有留言:
張貼留言