1.重大弱點漏洞/後門/Exploit/Zero Day
Apple電腦存在重大漏洞 惡意程式可被輕鬆安裝
http://bit.ly/2W4fHfr
FreeBSD rtld execl權限提升漏洞
http://www.cnvd.org.cn/patchInfo/show/162201
Fortinet 產品多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.1899/
Fortinet FortiOS 授權問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13382
Docker 漏洞允許攻擊者獲得主機root 訪問權限
https://www.solidot.org/story?sid=60807
Researcher Describes Docker Vulnerability
https://www.bankinfosecurity.com/researcher-describes-docker-vulnerability-a-12535
隱私瀏覽器DuckDuckGo爆出漏洞,可導致URL欺騙攻擊
https://read01.com/AzNdky5.html
兆芯發布關於Zombie Load漏洞的聲明
https://xueqiu.com/9983210953/127543310
谷歌安全研究人員發現Notepad的代碼執行漏洞
https://nosec.org/home/detail/2687.html
Synology-SA-19:25 Virtual Machine Manager存在安全漏洞,請儘速確認並進行更新
http://www.cpcm.pu.edu.tw/app/news.php?Sn=139
研究人員發現可繞過Gatekeeper安全機制的macOS漏洞
https://ithome.com.tw/news/130908
大疆無人機有漏洞 專家:你可劫持它
http://bit.ly/2QCN42R
Researcher Finds New Way Around Apple's Gatekeeper
https://www.bankinfosecurity.com/researcher-finds-new-way-around-apples-gatekeeper-a-12525
macOS 10.14.5爆漏洞!略過防禦認證機制執行未辨識的App
https://udn.com/news/story/11017/3837011
蘋果產品多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.1921/
Windows RDP漏洞PoC攻擊程式問世,疑似有駭客開始掃瞄
https://www.ithome.com.tw/news/130930
Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service
https://www.exploit-db.com/exploits/46946
Spring Cloud Config目錄遍歷漏洞(CVE-2019-3799)
http://bit.ly/30ZkUnQ
Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw
http://bit.ly/2Xcrp43
Almost one million Windows systems vulnerable to BlueKeep (CVE-2019-0708)
https://www.zdnet.com/article/almost-one-million-windows-systems-vulnerable-to-bluekeep-cve-2019-0708/#ftag=RSSbaffb68
Windows使用者注意!新版Windows 10更新即日起推送
https://www.techbang.com/posts/70374-latest-windows-10-updates-start-pushing-now
微軟於 Windows 10 安全更新中加強警示不安全 WiFi 連線
https://twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=858
最新 Windows 10 0-Day 漏洞在推特上出現,可執行任意檔案
https://twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=856
【Windows 10 1903更新災情】部份AMD電腦當機,有電腦無法Wi-Fi連網及連接藍牙裝置
https://www.ithome.com.tw/news/130927?fbclid=IwAR2-dqA1ZhdzV0p3j8zr4wUbs7wIGwqc7nfmpkZfKBENDXhz3xpqD6HT9O0
新的Windows漏洞被公開!從Win10到XP全體陷落
https://www.expreview.com/68649.html
Windows 10 發現新零日漏洞,駭客可取得管理員權限
https://technews.tw/2019/05/27/windows-zero-day/
使用Windows 10注意了 黑客惡意公開其0day漏洞
https://news.sina.com.tw/article/20190528/31443736.html
黑客發動第一波攻勢 鎖定 Windows 系統漏洞目標
http://bit.ly/30QEMsT
Windows 10 Losing Connectivity From Outdated Wi-Fi Drivers
http://bit.ly/2QvCKtx
Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours
http://bit.ly/2HCGiYg
WhatsApp's Massive Security Flaw Serves To Remind Us The Limits Of Consumer Encryption Apps
http://bit.ly/2YWQkcH
Windows 10 1903 Being Blocked If Using Older BattlEye Software
http://bit.ly/2WqNa30
Windows 10 to warn about insecure WiFi networks using WEP or TKIP
https://www.zdnet.com/article/windows-10-to-warn-about-insecure-wifi-networks-using-wep-or-tkip/#ftag=RSSbaffb68
Windows 10 version 1903: When will you get the next big feature update?
https://www.zdnet.com/article/windows-10-when-will-you-get-the-next-big-feature-update/#ftag=RSSbaffb68
Microsoft adds more Your Phone app features; rolls out another Windows 10 20H1 test build
https://www.zdnet.com/article/microsoft-adds-more-your-phone-app-features-rolls-out-another-windows-10-20h1-test-build/#ftag=RSSbaffb68
Windows Update KB4497936 for Insiders Breaks Windows Sandbox
https://www.bleepingcomputer.com/news/microsoft/windows-update-kb4497936-for-insiders-breaks-windows-sandbox/
Beers with Talos Ep. #54: Patch after listening, RDP and wild 0-days
https://blog.talosintelligence.com/2019/05/beers-with-talos-ep-54-patch-after.html
Microsoft Says Windows 10 Your Phone App Can't Be Uninstalled
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-10-your-phone-app-cant-be-uninstalled/
All The Latest Features of the Windows 10 May 2019 Update
https://www.bleepingcomputer.com/news/microsoft/all-the-latest-features-of-the-windows-10-may-2019-update/
RDP Stands for “Really DO Patch!” – Understanding the Wormable RDP Vulnerability CVE-2019-0708
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/rdp-stands-for-really-do-patch-understanding-the-wormable-rdp-vulnerability-cve-2019-0708/
10 years of virtual dynamite: A high-level retrospective of ATM malware
https://blog.talosintelligence.com/2019/05/10-years-of-virtual-dynamite.html
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
日本樂天 佐伯和彥 咻時代下的資安悍將
http://bit.ly/2W4YaE5
TransferWise 跨境匯款打趴傳統銀行,成歐洲最強金融科技獨角獸
http://bit.ly/2VMRLs0
陸擁抱金融科技 最大挑戰在人才
https://www.chinatimes.com/newspapers/20190527000121-260309?chdtv
富邦銀驚傳當機 ATM無法提款 網銀無法登入
https://www.ttv.com.tw/news/view/10805250012300N/579
ATM、網銀中午大當機 北富銀︰不斷電系統演練發生異常
http://bit.ly/2HBvauy
ATM網銀當機!台北富邦:系統演練時異常已全數恢復
https://www.setn.com/News.aspx?NewsID=546427
台北富邦銀行ATM全線故障2小時 民眾相當焦急
https://hk.news.appledaily.com/china/realtime/article/20190525/59640075
ATM網銀當機 北富銀:系統演練切回時異常
https://money.udn.com/money/story/5613/3833899
網銀及ATM當機 北富銀:已恢復正常
https://m.ctee.com.tw/livenews/ch/a78817002019052515171096
萬能的超商 金管會將開放六項業務可刷卡
https://money.udn.com/money/story/5613/3832726
網上銀行被盜密碼轉帳
https://orientaldaily.on.cc/cnt/news/20190525/00176_058.html
銀行戶口未獲授權轉帳8戶被盜7萬元 專家:小心管理密碼避免接駁公共wi-fi
https://topick.hket.com/article/2358992
中國監管機構承諾加大對包商銀行支持力度
https://on.wsj.com/2wlW4jI
內地鼓勵人幣跨境收付存託憑證業務
https://www2.hkej.com/instantnews/china/article/2147480
扣不到錢就說保單失效! 南山人壽百億新系統出包工會高喊杜英宗下台
https://www.cmmedia.com.tw/home/articles/15763
〈南山人壽再遭重罰〉因炒股案再開鍘660萬元 今年已苦吞5張罰單
https://news.cnyes.com/news/id/4329071
再重罰660萬!前經理人用LINE報明牌 南山又吞罰單
https://fnc.ebc.net.tw/FncNews/else/82036
保險局「根本沒有」核准儲蓄險 決定出手斬斷行銷話術
https://www.ettoday.net/news/20190527/1454114.htm
印尼央行改革支付系統 聯手金融業開發應用程式
https://money.udn.com/money/story/5602/3837869
收發232萬紅包最大挑戰是突發爆量,北富銀CIO揭露如何靠既有IT架構也能支撐新應用
https://www.ithome.com.tw/news/130947
國台辦:台資銀行在大陸獲批籌建信用卡業務
https://www.chinatimes.com/realtimenews/20190529003151-260410?chdtv
新安東京爆程式瑕疵 92件未成年人竟可網路投保旅平險
https://tw.finance.appledaily.com/realtime/20190530/1574717/
單靠手機就讓ATM乖乖吐鈔:LINE力拚全民網銀,少了這道手續,盜領案可能再現
https://www.storm.mg/lifestyle/1342018?srcid=73746f726d2e6d675f63373766396366313733396365313337_1559287594
LINE為純網銀暖身 東京「資安高峰會」聚焦數位身份認證
https://www.ettoday.net/news/20190530/1456662.htm
LINE Bank網銀有三大優勢 強化反洗錢、金融犯罪防制
https://udn.com/news/story/7240/3843994
LINE Bank 以三優勢打造負責任的全民銀行 強化反洗錢、金融犯罪防制
https://linecorp.com/zh-hant/pr/news/zh-hant/2019/2726
LINE Bank:將在台灣推出信用評等機制LINE Score
https://udn.com/news/story/7239/3844351
金管會開罰 台灣產物保險投資等多項缺失
https://udn.com/news/story/7239/3843772
台產7大缺失 被罰60萬還被限制不能這樣
https://www.chinatimes.com/realtimenews/20190530003905-260410?chdtv
The Netherlands becomes the first country to show Amber alerts on ATMs
https://zd.net/2JHP3m8
Equifax rating outlook decimated over cybersecurity breach
https://www.zdnet.com/article/equifax-rated-outlook-decimated-over-cybersecurity-breach/#ftag=RSSbaffb68
Skimming Threat Landscape: Technology Advances Lower Barriers of Entry for Novice Skimming Operators
http://bit.ly/2JLQ8JC
Equifax stripped of ‘stable’ outlook over 2017 breach
https://www.welivesecurity.com/2019/05/28/equifax-negative-rating-outlook-breach/
3.電子支付/電子票證/行動支付/ pay/新聞及資安
電子支付 電子票證下波戰場
http://bit.ly/30LURjS
顧立雄:台灣什麼pay都不賺
https://udn.com/news/story/7239/3833090
國人最愛用這3大Pay 顧立雄:行動支付都沒賺錢
https://news.wearn.com/c231511.html
免用支付寶 轉帳免手續費還能繳税!台灣7大多功能行動支付你下載了嗎
http://bit.ly/2wu3Xn7
MTA新式感應刷卡 下週測試Google Pay
http://www.epochtimes.com/b5/19/5/24/n11276616.htm
台灣Pay綁定鼓勵變脅迫 黃國昌爆:一銀納行員考績
https://www.ettoday.net/news/20190527/1453662.htm
隔空盜刷微信QR Code偷錢案頻生 騰訊:深表歉意並將全額賠付
http://bit.ly/2wo94Fx
Global Payments, TSYS merge in $21.5 billion deal as fintech, payments market evolves to be software driven
https://www.zdnet.com/article/global-payments-tsys-merge-in-21-5-billion-deal-as-fintech-payments-market-evolves-to-be-software-driven/#ftag=RSSbaffb68
Fitbit Pay rolls out access to seven transit systems worldwide, including New York's MTA
https://www.zdnet.com/article/fitbit-pay-rolls-out-access-to-seven-worldwide-transit-systems-including-new-yorks-mta/#ftag=RSSbaffb68
4.虛擬貨幣/區塊鍊 新聞及資安
紐西蘭加密貨幣交易所遭駭 在美聲請破產保護
https://money.udn.com/money/story/5602/3834483
COBINHOOD 解散!工程副總裁 FB「解散貼文」變成徵才串,各方人馬都在下面急著搶人才
http://bit.ly/2Wl9aMV
區塊鏈代幣支付 現身國際體育賽事嘉年華活動
https://money.udn.com/money/story/5636/3835211
Facebook明年將推加密貨幣GlobalCoin 計劃年底前開始試用
https://news.sina.com.tw/article/20190527/31438528.html
以區塊鏈結合保險科技提升電商誠信
http://bit.ly/30LB0Rz
投資ETN免利息所得稅 永豐外資50N緊追外資布局
https://udn.com/news/story/7251/3836869
加密貨幣與穿戴設備完美結合Franck Muller 比特幣奢華錶「Encrypto」
https://news.cnyes.com/news/id/4326922
STO證券型代幣草案初評
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=45&id=0000559851_rsv7x6pz6i0l860xgb9xv
比特幣升穿8900美元 1年新高
http://bit.ly/2HD5A8u
雅虎日本加密貨幣交易平台終上線!TaoTao 落實 5 月 30 日營運
https://news.cnyes.com/news/id/4327338
漏洞被抓包! WalletGenerator.net 將同組密鑰重複發送給多名用戶
https://blockcast.it/2019/05/28/researcher-reveal-walletgenerator-net-vulnerability/
區塊科技 開啟數位合約新紀元
http://bit.ly/2I7V1JE
區塊鏈基本知識
http://bit.ly/2QBom2Q
Facebook set to launch own brand of cryptocurrency in 2020
https://www.zdnet.com/article/facebook-set-to-launch-own-brand-of-cryptocurrency-in-2020/#ftag=RSSbaffb68
Cryptocurrency Laundering Service, BestMixer.io, Taken Down by Law Enforcement
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/crypto-currency-laundering-service-bestmixer-io-taken-down-by-law-enforcement/
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / APT
害人害己?美城市遭軟體勒贖 來源竟是美政府網路武器
https://udn.com/news/story/6813/3834928
巴爾的摩遭軟體勒贖 駭客工具竟來自國安局
https://www.cna.com.tw/news/aopl/201905260113.aspx
美網路武器外流 變病毒勒贖多州政府
https://udn.com/news/story/6813/3836082
美國安局開發程式 成駭客工具 巴爾的摩拒付贖金
https://www.ntdtv.com/b5/2019/05/29/a102588790.html
美市政府電腦遭入侵 拜「自己友」所賜 國安局失竊程式 變黑客勒索軟件
https://hk.news.appledaily.com/international/daily/article/20190527/20688452
美國安局外流「攻擊微軟」網路武器 北韓用這創Wanna cry
https://www.ettoday.net/news/20190527/1453526.htm
紐時:駭客以美國安局打造的EternalBlue工具作跳板,癱瘓美國政府單位與其它組織
https://www.ithome.com.tw/news/130910
駭客綁架美市政系統,勒索比特幣贖金!上萬台政府電腦全面癱瘓邁入第三週
https://buzzorange.com/techorange/2019/05/30/baltimore-robbinhood-blackmail/
發現Mirai新變種:使用多達13種漏洞利用攻擊目標路由器和其他設備
https://www.4hou.com/malware/18225.html
ScarCruft 駭客集團開發具備藍牙裝置掃描能力的惡意程式
https://blog.trendmicro.com.tw/?p=60732
瞄準Linux平臺的惡意軟體HiddenWasp現身
https://www.ithome.com.tw/news/131017
TA505 is Expanding its Operations
https://blog.yoroi.company/research/ta505-is-expanding-its-operations/
マルウエアが含まれたショートカットファイルをダウンロードさせる攻撃
https://blogs.jpcert.or.jp/ja/2019/05/darkhotel_lnk.html
マルウエアTSCookieの設定情報を正常に読み込めないバグ(続報)
https://blogs.jpcert.or.jp/ja/2019/05/tscookie-2.html
Google adds to Baltimore’s ransomware woes
http://bit.ly/2JG3TJK
Campanha de phishing usa arquivo MSI para disseminar malware bancário no Brasil
https://morphuslabs.com/campanha-de-phishing-usa-arquivo-msi-para-disseminar-malware-bancário-no-brasil-2362439f042a
Hackers Attack MySQL Servers on Windows to Deliver GandCrab Ransomware
http://bit.ly/2Qwpxkn
Hackers are scanning for MySQL servers to deploy GandCrab ransomware
https://www.zdnet.com/article/hackers-are-scanning-for-mysql-servers-to-deploy-gandcrab-ransomware/#ftag=RSSbaffb68
WannaCry Still Causing Tears 2 Years On
https://www.bankinfosecurity.in/interviews/wannacry-still-causing-tears-2-years-on-i-4335
Malware designed to steal cash from banks grew 60 p.c in Q1
https://www.releasesoon.com/malware-designed-to-steal-cash-from-banks-grew-60-p-c-in-q1/
US City of Baltimore Under Attack by NSA Cyber Weapon – Report
https://actu.cc/story/us-city-of-baltimore-under-attack-by-nsa-cyber-weapon-report-16771
Ransomware and malware attacks decline, attackers adopting covert tactics
https://www.helpnetsecurity.com/2019/05/20/ransomware-attacks-decline/
La actividad del ransomware disminuye, pero continúa siendo una amenaza peligrosa
https://www.symantec.com/blogs/america-latina/la-actividad-de-ransomware-disminuye
Malicious Bot Attacks: Why They're More Dangerous than Ever
https://www.symantec.com/blogs/feature-stories/malicious-bot-attacks-why-theyre-more-dangerous-ever
New Bitcoin Scam Leads to Ransomware and Info-Stealing Trojans
https://www.bleepingcomputer.com/news/security/new-bitcoin-scam-leads-to-ransomware-and-info-stealing-trojans/
LockerGoga Ransomware Family Used in Targeted Attacks
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/lockergoga-ransomware-family-used-in-targeted-attacks/
Let adware be treated as malware, Canuck boffins declare after breaking open Wajam ad injector
https://www.theregister.co.uk/2019/05/20/wajam_malware_claims/
Emotet Malware Revives Old Email Conversations Threads to Increase Infection Rates
https://www.spamtitan.com/blog/emotet-malware-revives-old-email-conversations-threads-to-increase-infection-rates/
Unpack malware with Process Hollowing technique
https://www.reddit.com/r/Malware/comments/bt5whf/unpack_malware_with_process_hollowing_technique/
Shade Ransomware Hits High-Tech, Wholesale, Education Sectors in U.S, Japan, India, Thailand, Canada
https://unit42.paloaltonetworks.com/shade-ransomware-hits-high-tech-wholesale-education-sectors-in-u-s-japan-india-thailand-canada/
Surge of MegaCortex ransomware attacks detected
https://www.zdnet.com/article/sudden-surge-of-megacortex-ransomware-infections-detected/
Campanha de phishing usa arquivo MSI para disseminar malware bancário no Brasil
https://morphuslabs.com/campanha-de-phishing-usa-arquivo-msi-para-disseminar-malware-banc%C3%A1rio-no-brasil-2362439f042a
HiddenWasp Malware Stings Targeted Linux Systems
https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/
A dive into Turla PowerShell usage
https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/
Infected Cryptocurrency-Mining Containers Target Docker Hosts With Exposed APIs, Use Shodan to Find Additional Victims
https://blog.trendmicro.com/trendlabs-security-intelligence/infected-cryptocurrency-mining-containers-target-docker-hosts-with-exposed-apis-use-shodan-to-find-additional-victims/
Kaspersky Lab reports 61% jump in mobile banking malware
https://www.atmmarketplace.com/news/kaspersky-lab-reports-61-jump-in-mobile-banking-malware/
Emotet Botnet Behind Most Email-Based Threats in Q1 2019
https://www.bleepingcomputer.com/news/security/emotet-botnet-behind-most-email-based-threats-in-q1-2019/
Emotet: How to stop ‘the most destructive malware’ in existence
https://www.itgovernance.co.uk/blog/emotet-how-to-stop-the-most-destructive-malware-in-existence
B.行動安全 / iPhone / Android /穿戴裝置 /App
華為遭MicroSD協會除名、禁參與Wi-Fi事務
https://www.ithome.com.tw/news/130891
親情號被爆監聽漏洞?手機插入SIM卡定位器即可實現
https://news.sina.com.tw/article/20190527/31436728.html
南韓唯一使用華為5G設備電信商:未收到指示禁用華為
https://ec.ltn.com.tw/article/breakingnews/2803296
Line Mobile 自動扣款失敗該怎麼解決與處理? 客服處理效率不敢領教
https://mrmad.com.tw/line-mobile-automatic-deduction
權威調查:100款常用App申請收集使用個人信息權限情況
https://www.freebuf.com/news/204575.html
赫爾大學四名駭客開發APP改變了英國校園生活
https://www.xoer.cc/1268028
智能手機出現漏洞黑客可記錄手機網絡活動
https://www.chainnews.com/articles/849934724053.htm
愛瘋程式暗藏追蹤器 入夜上傳個資
https://www.chinatimes.com/hottopic/20190530003651-260804?chdtv
iOS 12.3.1 for iPhone and iPad is out
https://www.zdnet.com/article/ios-12-3-1-for-iphone-and-ipad-is-out/#ftag=RSSbaffb68
Tor Browser for Android — First Official App Released On Play Store
http://bit.ly/2whuHr9
Apple's App Store ads make finding the app you want frustrating
https://www.zdnet.com/article/apples-app-store-ads-make-finding-the-app-you-want-frustrating/#ftag=RSSbaffb68
The winner in the war on Huawei is Samsung
https://www.zdnet.com/article/the-winner-in-the-war-on-huawei-is-samsung/#ftag=RSSbaffb68
OnePlus 7 Pro Fingerprint Reader Hacked In Matter Of Minutes
http://bit.ly/2VMkrRW
Huawei woes, OnePlus 7 Pro, Forerunner 945, and Pixel Slate improvements (MobileTechRoundup show #470)
https://www.zdnet.com/article/huawei-woes-oneplus-7-pro-forerunner-945-and-pixel-slate-improvements-mobiletechroundup-show-470/#ftag=RSSbaffb68
C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
台灣開發者自學能力很強,但缺乏大型專案經驗
https://www.inside.com.tw/article/16517-facebook-taiwan-developer
駭客犯罪 AI 化!在暗網裡,駭客可以用 AI 創造我們的「分身」
https://buzzorange.com/techorange/2019/05/27/hacker-use-ai-to-hack/
【HITCON CMT 2019 售票】詳細資訊公吿
https://blog.hitcon.org/2019/05/hitcon-2019-cmt-reg.html?m=1
【HITCON Free - CMT 2018 問卷贈票】
https://blog.hitcon.org/2019/05/hitcon-2019-cmt-questionnaire-lottery.html
LINE資安高峰會登場 聚焦數位身分與信任
https://www.cna.com.tw/news/ait/201905290270.aspx
LINE攜手Intertrust舉辦第五屆資安高峰會,聚焦數位身分與信任
https://www.techbang.com/posts/70534-line-intertrust-to-host-the-fifth-ninth-security-summit-to-focus-on-digital-identity-and-trust
頂尖白帽駭客投入資安人才培養 推動跨國交流強化網路安全環境
https://ithome.com.tw/pr/130855
無線電遙控器潛藏5大攻擊手法
https://www.ithome.com.tw/tech/130754
「資安真經」之中途轉機篇 - HKUSPACE
http://bit.ly/2QnFpFH
撿到美國的槍…北韓、俄國駭慘全球
https://money.udn.com/money/story/5599/3836078
美官員:華為有情報機構等級祕室
http://bit.ly/2MdnQtq
美媒警告,禁華為直接衝擊美國農村無線網路服務
http://bit.ly/30OmwAn
華為「偷竊之路」大曝光 軟件漏洞也照抄
https://www.ntdtv.com/b5/2019/05/27/a102587312.html
美遭親密盟友背叛 英使用華為5G設備
https://www.chinatimes.com/realtimenews/20190531001665-260410?chdtv
任正非:我是從未來偷取美國技術
http://bit.ly/2YO9scH
中國首個大數據安全分析比賽收官,冠軍亮相
http://www.hkcna.hk/content/2019/0525/764975.shtml
DataCon大數據安全分析比賽在貴陽數博會收官
https://news.sina.com.tw/article/20190525/31420962.html
中共間諜活動五花八門 美強力反擊
http://bit.ly/2I3ymxY
彭定康視港為攻擊中國工具
http://www.hkcd.com/content/2019-05/25/content_1139570.html
重慶網安部門偵破系列涉外網絡黑客案,涉案金額高達2千餘萬元
https://www.freebuf.com/news/204427.html
中共網軍入侵華碩雲端 台政府機關遭駭
http://bit.ly/2WyVXjo
中國網軍入侵華碩雲端 資安業者:5個A級政府機關遭駭
http://bit.ly/2MdwTL2
台美日聯手 推進印太地區資安防禦網
http://bit.ly/2HKB2lz
台美日合辦GCTF網路安全營 智利墨西哥首度與會
https://udn.com/news/story/7314/3839401?from=udn-ch1_breaknews-1-cate1-news
紐西蘭預算文件提前曝光 財政部宣稱遭駭客攻擊
https://money.udn.com/money/story/5599/3841215
印太資安聯盟成立!美高層級登場
http://bit.ly/2VYqUte
成立「印太資安聯盟」!AIT官員Ryan Engen:資安問題不應被政治因素影響
http://bit.ly/2KhIq9l
印太資安聯盟成立 推動國家資安實力
https://www.chinatimes.com/realtimenews/20190530004300-260410?chdtv
錫安主義、殖民與以色列核武發展
https://www.coolloud.org.tw/node/92927
政府系統遭黑客48小時攻擊2000次 財政預算案文件外洩
https://hk.on.cc/hk/bkn/cnt/aeanews/20190530/bkn-20190530010224498-0530_00912_001.html
Hackers Stole Customers' Credit Cards from 103 Checkers and Rally's Restaurants
https://thehackernews.com/2019/05/credit-card-checkers-restaurants.html
The phenomena of targeted attacks
http://bit.ly/2XcXiK4
The dark web: Not so anonymous after all
https://medium.com/futuresin/the-dark-web-not-so-anonymous-after-all-450854d9805f
Chinese military to replace Windows OS amid fears of US hacking
https://zd.net/2VWKCFJ
Chinese Spy Group Mixes Up Its Malware Arsenal with Brand-New Loaders
http://bit.ly/2JIwdeF
U.S. Charges WikiLeaks' Julian Assange With Violating Espionage Act
http://bit.ly/2EyGoOG
As EternalBlue Racks Up Damages It Reminds Us There Is No Such Thing As A Safe Cyber Weapon
http://bit.ly/2I0PO6k
Tax delays and canceled home sales: Cyberattacks are taking a big personal toll on people’s lives
https://cnb.cx/2K4IgSR
Huawei: Beijing Retaliates, New Cyber Law Could Block U.S. Technology From China
http://bit.ly/2HRuhgg
DDoS attacks in Q1 2019
https://securelist.com/ddos-report-q1-2019/90792/
This week NATO Secretary General Jens Stoltenberg explained during a conference
at the Cyber Defence Pledge conference in London how the Alliance is countering cyber threats
https://securityaffairs.co/wordpress/86133/breaking-news/nato-cyber-offensive.html
Russia receives a stern warning from NATO for Cyber Attacks
https://www.cybersecurity-insiders.com/russia-receives-a-stern-warning-from-nato-for-cyber-attacks/
Council now able to impose sanctions for cyber attacks
http://bit.ly/2MdC3qs
Ethiopia suffers increased cyber attacks
http://apanews.net/index.php/en/news/ethiopia-suffers-increased-cyber-attacks/
Cyber attack on several Sri Lankan websites including Kuwait Embassy
http://www.themorning.lk/cyber-attack-on-several-sri-lankan-websites-including-kuwait-embassy/
Google’s security tools can shield from cyber-attacks
https://www.ehackingnews.com/2019/05/googles-security-tools-can-shield-from.html
Google Advice to Avoid Cyber Attack
https://www.collegenp.com/technology/google-advice-to-avoid-cyber-attack/
Open Source Security - How to Defend at the Speed of Attack
https://www.bankinfosecurity.asia/interviews/open-source-security-how-to-defend-at-speed-attack-i-4343
What Happens in the First 24 Hours of a Cyber Attack
https://www.realworldsurvivor.com/2019/05/20/cyber-attack/
Red Cross website hacked in latest Singapore cyber attack
http://www.digitaljournal.com/news/world/red-cross-website-hacked-in-latest-singapore-cyber-attack/article/549903#ixzz5pCCJ2tpA
Donald Trump emergency announcement in the United States on cyber security
http://blogsauthor.com/donald-trump-emergency-announcement-in-the-united-states-on-cyber-security/
Cyber Battle Damage Assessment Framework and Detection of Unauthorized Wireless Access Point Using Machine Learning
https://link.springer.com/chapter/10.1007/978-981-13-3648-5_59
GAME OF THRONES LEAKED IN HBO CYBER ATTACK
https://thebeat99.com/game-thrones-leaked-hbo-cyber-attack-02-08-2017
ACHD cyber attack under investigation by FBI, Homeland Security
http://bit.ly/2XgdGcQ
Iranian Nation-State APT Groups 'Black Box' Leak
https://www.clearskysec.com/wp-content/uploads/2019/05/Iranian-Nation-State-APT-Leak-Analysis-and-Overview.pdf
Governments increasingly eye social media meltdown
https://blog.malwarebytes.com/cybercrime/2019/05/governments-increasingly-eye-social-media-meltdown/
Botnet-led DDoS Attacks Are Hitting Record Intensities. Imperva is Mitigating All of Them
https://www.imperva.com/blog/botnet-led-ddos-attacks-are-hitting-record-intensities-imperva-is-mitigating-all-of-them/
Modern Database Security Buys Down More Risks for Enterprises
https://www.imperva.com/blog/modern-database-security-buys-down-more-risks-for-enterprises/
61 percent of organizations are worried about email-borne threats
http://bit.ly/2EIJpMh
Russian military moves closer to replacing Windows with Astra Linux
https://www.zdnet.com/article/russian-military-moves-closer-to-replacing-windows-with-astra-linux/#ftag=RSSbaffb68
The FBI's most wanted cybercriminals
https://zd.net/2Wx9Gr6
安碁資訊股份有限公司-求才職缺
https://www.iiiedu.org.tw/32070/
資安工程師 - D91
https://www.104.com.tw/job/6mhcb
高雄市教育局/資安系統管理約聘人員
https://www.ptt.cc/bbs/job/M.1558943415.A.FA2.html
CMoney培訓軟體工程師
https://money.udn.com/money/story/5607/3837609
應用程式資安 助理工程師 (新竹)
https://www.104.com.tw/job/6imvc
招聘| 奇安信集團觀星實驗室招聘安全研究員(JAVA漏洞挖掘方向)
https://www.anquanke.com/post/id/179233
資安事件調查員
https://www.104.com.tw/job/6j3cl
資安系統工程師-(台中商軟)
https://www.104.com.tw/job/6jxfn
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
散播食安假消息 重罰百萬
http://bit.ly/2Wo6ZrF
美國保險公司網絡出現漏洞 8.85億交易資料或流出
http://bit.ly/2JFglt9
超大漏洞!美國房地產權巨擘 驚傳洩漏8.85億產權保險紀錄
https://news.pchome.com.tw/science/cnews/20190528/index-55903699585444227005.html
超大漏洞!美國房地產權巨擘 驚傳洩漏8.85億產權保險紀錄
https://cnews.com.tw/140190528a05/
美金融集團被指2003年起泄露數億份產權保險記錄
https://news.sina.com.tw/article/20190525/31419286.html
利用 Apple Care 漏洞騙取真 iPhone 中國騙徒被判有罪
https://unwire.hk/2019/05/26/apple-care-trick/fun-tech/
比悲傷還悲傷的故事…設置高強度密碼結果自己忘記!網推這招1秒登入
https://www.ettoday.net/news/20190527/1446751.htm
臉書打擊假帳號,大砍二十億個假帳號
http://bit.ly/2W9PwnN
印度機密文件失竊!保險柜被直接偷走,87億美元軍購要白瞎
https://kknews.cc/military/o34zmem.html
美國保險公司網絡出現漏洞 8.85億交易資料或流出
http://bit.ly/2JFglt9
一頁式詐騙廣告有6特徵 售價遠低行情就該提高警覺
https://news.ltn.com.tw/news/society/breakingnews/2802721
仔細檢查你信用卡的消費明細。iTunes 的消費是被盜刷的
https://www.backchina.com/blog/135369/article-306971.html
在LINE使用PAYPAL綁定信用卡,隔天居然被盜刷大筆金額
https://www.bc3ts.com/post/19707
新型騙局:「有人打算出價5億元購買您的網路關鍵詞」
https://news.sina.com.tw/article/20190526/31424744.html
越南警方向中方移交8名網路詐騙嫌疑人 涉案金額近億元
https://news.sina.com.tw/article/20190528/31442648.html
搭建虛假交易平台騙近億元 越南向中國移交8名網絡詐騙犯
http://bit.ly/2VPPix3
安哥拉現新型詐騙方式 華人需提高警惕
https://news.sina.com.tw/article/20190528/31445844.html
冒名專頁鎖定粉專下手 知名部落客險遭詐
https://news.tvbs.com.tw/local/1140169
詐騙高風險賣場 假網拍「臉書」最多
https://news.ltn.com.tw/news/society/breakingnews/2805198
為資料把關,隱私保護漸成為蘋果產品的真正賣點
https://technews.tw/2019/05/30/apple-selling-point/
伺服器、儲存、雲端服務組態不當,23億份高敏感資料檔曝光
https://www.ithome.com.tw/news/131016
你是Flipboard用戶嗎?該公司被駭了
https://www.ithome.com.tw/news/130951
Flipboard Database Hacked — Users' Account Information Exposed
http://bit.ly/30VGnOu
Flipboard says hackers stole user details
https://www.zdnet.com/article/flipboard-says-hackers-stole-user-details/#ftag=RSSbaffb68
NOTICE OF SECURITY INCIDENT
https://about.flipboard.com/support-information-incident-May-2019/
Unsecured database exposes 85GB in security logs of major hotel chains
https://www.zdnet.com/article/unsecured-database-exposes-security-logs-of-major-hotel-chains/#ftag=RSSbaffb68
Under GDPR, UK Data Breach Reports Quadruple
https://www.bankinfosecurity.asia/under-gdpr-uk-data-breach-reports-quadruple-a-12530
Netanyahu among millions exposed on open travel company data base
http://bit.ly/2Qp2TKE
Australian tech unicorn Canva suffers security breach
https://www.zdnet.com/article/australian-tech-unicorn-canva-suffers-security-breach/#ftag=RSSbaffb68
Snapchat internal tools abused to spy on users and pillage data
https://www.zdnet.com/article/snapchat-internal-tools-used-to-spy-on-users-pillage-their-data/#ftag=RSSbaffb68
Instagram Bans Social Media Company After Data Exposure
https://www.bankinfosecurity.com/instagram-bans-social-media-company-after-data-exposure-a-12518
Researcher: Data Leaked for 300 Million Truecaller Users
https://www.bankinfosecurity.asia/researcher-data-leaked-for-300-million-truecaller-users-a-12519
A Blurry Birthday For GDPR
http://bit.ly/2VTEWwa
Medical industry struggles with PACS data leaks
https://blog.malwarebytes.com/threat-analysis/2019/05/medical-industry-struggles-with-pacs-data-leaks/
The aftermath of a data breach: A personal story
https://www.welivesecurity.com/2019/05/30/aftermath-data-breach-personal-story/
E.研究報告
Netflix 幕後最大功臣是 Python!工程師: 每個數據工具都靠 Python 建構
https://buzzorange.com/techorange/2019/05/27/python-at-netflix/
InfoSteal 竊聽程式攻擊事件分析報告
https://portal.cert.tanet.edu.tw/docs/pdf/2019053002054242865263875600067.pdf
CVE-2019-11815:Linux kernel漏洞
https://www.4hou.com/vulnerable/18224.html
實戰篇丨聊一聊SSRF漏洞的挖掘思路與技巧
https://read01.com/kzymKL5.html
C#winform應用程序安全性漏洞測試工具
http://hk.voidcc.com/question/p-bzddffhv-td.html
Windows版“碟中諜”:如何利用Win32k漏洞實現Chrome沙盒逃逸
https://www.anquanke.com/post/id/179234
Wormable RDP漏洞CVE-2019-0708詳細分析
https://xz.aliyun.com/t/5243
挖洞經驗| 從XSS漏洞到四步CSRF利用實現賬戶劫持
https://www.freebuf.com/vuls/203257.html
MalConfScan:從已知的惡意軟件家族中提取配置信息
https://www.freebuf.com/sectool/203732.html
揭開病毒的面紗:惡意代碼自解密技術
https://www.freebuf.com/articles/rookie/204069.html
模擬飛行:看我如何生成並分析惡意網絡流量
https://www.freebuf.com/sectool/203534.html
在沒有源代碼的情況下對Linux二進制代碼進行模糊測試
https://www.freebuf.com/articles/system/203302.html
Reverie:一款針對Parrot Linux的自動化滲透測試工具
https://www.freebuf.com/sectool/203539.html
二維碼掃碼登錄“剋星”QRLJacker攻擊向量分析及演示
https://www.freebuf.com/vuls/202192.html
某HR業務網站邏輯漏洞挖掘案例以及POC編寫思路分享
https://www.freebuf.com/articles/web/201438.html
易到用車遭遇勒索攻擊,周鴻禕隔空聲援
https://www.freebuf.com/news/204528.html
關於Metasploit 5中測試模塊的移植與驗證
https://www.freebuf.com/articles/system/203541.html
通過ee-outliers與Elasticsearch檢測TLS beaconing
https://www.freebuf.com/sectool/202735.html
小眾CMS vaeThink v1.0.1 代碼執行漏洞挖掘分析
https://www.freebuf.com/vuls/203562.html
SilkETW:一款針對Windows事件追踪的自定義C#封裝工具
https://www.freebuf.com/sectool/203531.html
挖洞經驗| 獲取Facebook Marketplace賣家精確地理位置信息
https://www.freebuf.com/vuls/202820.html
整理網絡安全措施的5個小技巧
https://www.freebuf.com/news/203807.html
原來的Java反序列化遠程執行漏洞這麼簡單
https://www.freebuf.com/articles/database/203727.html
針對國內IP發起攻擊的DDoS樣本分析
https://www.freebuf.com/articles/network/203796.html
BlueKeep RCE漏洞遭黑客利用,大規模掃描受影響Windows系統
https://zhuanlan.zhihu.com/p/67250811
跟網路安全工具 PK,網路釣魚技術愈來愈刁鑽
https://blog.trendmicro.com.tw/?p=59976
CVE-2018-12067及類似漏洞分析與相關思考
https://xz.aliyun.com/t/5248
CVE-2019-0708漏洞: RDP= Really DO Patch
https://www.4hou.com/vulnerable/18181.html
挖洞經驗| 從XSS漏洞到四步CSRF利用實現賬戶劫持
http://www.sohu.com/a/316997479_354899?sec=wd
路由器漏洞挖掘之DIR-815棧溢出漏洞分析
https://www.anquanke.com/post/id/179510
CVE-2019-0725: An Analysis of Its Exploitability
https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2019-0725-an-analysis-of-its-exploitability/
Threat Research Learning to Rank Strings Output for Speedier Malware Analysis
http://bit.ly/2JNXlsM
THE NANSH0U CAMPAIGN – HACKERS ARSENAL GROWS STRONGER
https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
DACL Permissions Overwrite Privilege Escalation (CVE-2019-0841)
http://bit.ly/2wlqRgL
hasherezade/pe-sieve
https://github.com/hasherezade/pe-sieve/releases/tag/v0.1.8
hasherezade/hollows_hunter
https://github.com/hasherezade/hollows_hunter/releases/tag/v0.2.1
5 Cybersecurity Tools Every Business Needs to Know
http://bit.ly/2Eym4N8
A Kubernetes Developer Workflow for MacOS
http://bit.ly/2K5Kb9D
Intense scanning activity detected for BlueKeep RDP flaw
https://www.zdnet.com/article/intense-scanning-activity-detected-for-bluekeep-rdp-flaw/#ftag=RSSbaffb68
How to Capture Keystrokes & Passwords Remotely
https://null-byte.wonderhowto.com/how-to/hacking-windows-10-capture-keystrokes-passwords-remotely-0183612/
BlackArch Linux Penetration Testing Distribution
https://blackarch.org/index.html?fbclid=IwAR0jyQYaD5z-TVBZPJlJS9bBnTKq8LiZT-S5fQK_d72iNhKowA-p-hMvljU
GFWaaS - GFW as a Service
https://gfwaas.github.io/?fbclid=IwAR2ylgkS-xqQa7rfvx7ydjSlLVEsi-8Yc9ztIM8B_0jGicySKdcQPNZoaF4
CYBERSECURITY FOR MANAGERS: A PLAYBOOK
https://executive-ed.mit.edu/cybersecurity/index.php?fbclid=IwAR0ZOkKynpPHUgG2dSksUamR2SSMcZV6mZsEhVhjekZXlxVH4RQABpWKoMU
10 Ground Rules for Red Teams
https://www.symantec.com/blogs/expert-perspectives/10-ground-rules-red-teams
RSAC 2019: Entrando en la mente de un hacker
https://www.symantec.com/blogs/america-latina/rsac-2019-entrando-en-la-mente-de-un-hacker
Security Alert: A critical vulnerability in Microsoft RDP could lead to another WannaCry-magnitude attack
https://heimdalsecurity.com/blog/rdp-vulnerability-microsoft/
Q1 2019 Cyber Attacks Statistics
https://www.hackmageddon.com/2019/05/23/q1-2019-cyber-attacks-timeline/
Don’t Use Public USB Charging Stations, and Other Cyber Travel Tips
https://medium.com/swlh/dont-use-public-usb-charging-stations-and-other-cyber-travel-tips-6389e5371683
My Data Science Blogging Journey on Medium till now
https://towardsdatascience.com/my-technical-blogging-journey-on-medium-till-now-38aa9b9804b6
A Debugging Primer with CVE-2019–0708
https://www.vxrl.hk/2019/05/24/CVE-2019-0708/?fbclid=IwAR3r8RXv24eHtOGIQHBmbh4LJlV6-DJQ-LhF_7eaMNWMLAU7h4lZxoeBNzA
Threat Research Framing the Problem: Cyber Threats and Elections
http://bit.ly/2YYY51r
情報セキュリティ早期警戒パートナーシップガイドライン2019年版
https://www.jpcert.or.jp/vh/partnership_guideline2019.pdf
F.商業
零壹推四大方案 搶攻數位轉型商機
http://bit.ly/2WpqGj0
資訊安全技術服務機構服務能量登錄通過名單
https://www.acw.org.tw/News/Detail.aspx?id=73
中華電信前進COMPUTEX 首次秀超越1Gbps 5G無線下載
https://udn.com/news/story/7240/3835042
微軟Windows 傳也封殺華為 「藍牙技術聯盟」下一個跟進
https://udn.com/news/story/120490/3836486
ILCoin抗量子攻擊C2P協議成功通過Palo Alto Networks Partner認證
https://money.udn.com/money/story/9529/3838261
承租雲空間成資料管理新趨勢 適切保證承諾贏得客戶信心 避免營業秘密暴露 雲端租賃首重資料安全
https://www.netadmin.com.tw/article_content.aspx?sn=1905080003
FireEye買下安全檢測新創,強化滲透測試技術
https://www.ithome.com.tw/news/130955
Google Chrome、Drive將限制外掛程式存取用戶資料
https://www.ithome.com.tw/news/131010
Palo Alto買下二家專攻新興技術的資安公司
https://www.ithome.com.tw/news/130997
CrowdStrike, NSS Labs resolve court battle over product testing
https://www.zdnet.com/article/crowdstrike-nss-labs-withdraw-court-battle-over-product-testing/#ftag=RSSbaffb68
Palo Alto Networks announces Prisma for cloud security
https://www.zdnet.com/article/palo-alto-networks-announces-prisma-for-cloud-security/?fbclid=IwAR23dk231np3hcY-HYJohKUqT57ZewvRV7UG6UWRiEs1qnEeXf-ml-IvZDA
G.政府
臺灣資安業者揭露:5個A級政府機關及地方政府於4月被植入Plead惡意程式
https://www.ithome.com.tw/news/130895
朱立倫提資安國防 不主動引戰、不畏懼作戰、不存僥倖
https://udn.com/news/story/6656/3832884?from=udn-ch1_breaknews-1-cate1-news
中共駭全球 國際級資安加速器看好台灣
http://bit.ly/2M6Gymp
馬來西亞、新加坡資安周 徵集臺灣資安解決方案商進駐
https://www.acw.org.tw/News/Detail.aspx?id=74
桃園資安員額 擴大爭取
http://bit.ly/2W1gRIy
「資安認證」全推臨時人員 陳海山曝原因:沒加薪恐還倒貼
https://penghudaily.blogspot.com/2019/05/blog-post_177.html
唐鳳:台灣善用社群媒體打假消息 反制迅速
https://www.cna.com.tw/news/aopl/201905240335.aspx
唐鳳訪加 將宣布啟動研議開放政府國家行動方案
https://www.cna.com.tw/news/aipl/201905260038.aspx?fbclid=IwAR1sFkvFCXAuePmO8fYPUqmAfSZQrefv6pWhpF7OljKuwNJz0oWo9iC-TtE
防中國駭客上萬機關資安訂5級 外交部等列A級
https://news.ltn.com.tw/news/politics/breakingnews/2804097
金融研訓院開辦資訊安全暨數位鑑識系列課程
http://service.tabf.org.tw/tw/user/369833/
工研院:台灣是網攻熱點,造就資安人才經實戰演練素質高
https://technews.tw/2019/05/20/irti-taiwan-is-small-but-a-hotspot-cyber-attack-taiwan-have-good-quality-of-security-talants/
對付台版水門案!老馬拆手機電池... 韓國瑜除了擔心還能做什麼
https://udn.com/news/story/6656/3840079?from=udn-catelistnews_ch2
行政院公告:預告「資通安全責任等級分級辦法」部分條文修正草案
https://join.gov.tw/policies/detail/9b69f9ab-fff8-4072-85c4-257e2953de7c
跟進美國禁用華為?經濟部:關鍵基礎設施已停用華為設備
https://www.storm.mg/article/1335418?srcid=73746f726d2e6d675f6e756c6c_1559119164
華為被封殺 沈榮津:我影響有限
https://udn.com/news/story/7238/3840811
唐鳳:中國電信設備私營國營不分 台灣5年前已禁用華為
http://bit.ly/30VKREv
桃市青年局網站有資安危機 議員要求改善
http://bit.ly/2wt2TQM
數位人才需求高 政院拍板每年新增培育7500名資通訊人才
https://www.rti.org.tw/news/view/id/2022420
培育8.3萬資通訊人才 109學年起相關科系名額外加10%
https://www.cna.com.tw/news/firstnews/201905300137.aspx
精進資通訊數位人才培育策略
http://bit.ly/2JLLcV6
跟進美國禁用華為?經濟部:關鍵基礎設施已停用華為設備
http://bit.ly/2VYrzuI
「5年前建4G就禁止中國組件」唐鳳:所以台灣在國際上很有話語權
https://www.ftvnews.com.tw/news/detail/2019530W0004
離譜!國安局上校「手賤」 侵入機密電腦遭查獲
https://www.chinatimes.com/realtimenews/20190531002453-260402?chdtv
H.SCADA/ICS/工控系統
標準/嵌入式保護元件並行 工業系統網路安全有保障
https://www.mem.com.tw/arti.php?sn=1905240009
某工控4G路由器存在大量弱口令
https://www.freebuf.com/articles/ics-articles/203802.html
臺灣帶頭推動半導體資安標準,解決高科技產業資安防護難題
https://www.ithome.com.tw/news/130943
工控系統資安防護 ( 應用理論、進階實務 ) 課程
http://bit.ly/2wukt6R
多款Schneider Electric產品拒絕服務漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6807
Modicon Quantum權限和訪問控制漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6815
JVNVU#93268101 三菱電機製 MELSEC-Q シリーズ Ethernet インタフェースユニットにおけるサービス運用妨害(DoS)の脆弱性
https://jvn.jp/vu/JVNVU93268101/
IoT cyber attacks cost the UK economy £1 billion
https://gdpr.report/news/2019/05/24/iot-cyber-attacks-cost-the-uk-economy-1-billion/
I.教育訓練
JavaScript | ES6 中最容易誤會的語法糖 Class - 基本用法
http://bit.ly/2HFxkcU
從一道CTF題零基礎學V8漏洞利用
https://www.freebuf.com/vuls/203721.html
高科大資研社 Flutter社課資源
https://hackmd.io/s/rkLScjudE?fbclid=IwAR1xDJcOP2CShGdlDSwL8v2CDy-C-ERfMJP3_qb8-lNWtBBKZCQE93n61No
Web安全漏洞系列:跨站請求偽造
https://www.freebuf.com/video/204952.html
How to Set Up an SSH Server with Tor to Hide It from Shodan & Hackers
http://bit.ly/30PNNm5
Hacking and Cyber Security Certification Training Bundle 2019 (10 Courses)
http://bit.ly/2Wl7a7n
Creating Custom Vue.js Plugins
https://alligator.io/vuejs/creating-custom-plugins/?fbclid=IwAR2k4HT1uHnVwX0u0i0Aeo2GZrgZCjJWIam0Mhw5k4wuWgWqErlvsejtPgo
Converto : Installing Kali Linux on VPS Server
https://kalilinuxtutorials.com/converto/?fbclid=IwAR0OgzBEIEA8gXtcqQooIFWpEb1LAIVbsVGHJiyCPYWRXQlKtsiUe9L5WCY
Tales From the SOC: Hunting for Persistent Malware
https://blog.paloaltonetworks.com/2019/05/xdr-tales-from-the-soc-hunting-for-persistent-malware/
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
周鴻禕:如果不能解決網路安全問題,物聯網可能會讓世界走向悲觀
https://news.sina.com.tw/article/20190525/31422546.html
2019臺灣資安產業與IoT發展現況大公開
https://www.ithome.com.tw/news/130936
Synaptics智能SoC晶片 迎接安全AI智慧家庭
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=55&id=0000560017_5pkladvy2yfy1m6l0gz1e
微軟提出開放式語言 IoT Plug and Play,物聯網裝置將可無縫連線雲端
https://buzzorange.com/techorange/2019/05/29/microsoft-keynote-forum-in-computex-2019/
圓民眾無人機攝影夢 台工程師創無人機共享平台
https://ec.ltn.com.tw/article/breakingnews/2805613
「約有 8% 的醫療裝置是假的! 」是時候正視裝置造假所衍生的資安問題了
https://blog.trendmicro.com.tw/?p=60619
【Edvance Beacon 2019】 學習人工智能思考方法 緊急調整企業防禦策略
http://bit.ly/2EKhlbB
産業用IoT導入のためのセキュリティファーストステップ英語版リリース
https://blogs.jpcert.or.jp/ja/2019/04/ICSR_2019-01.html
Your Smart Home is Vulnerable to Cyber Attacks
https://heimdalsecurity.com/blog/smart-home-vulnerable-hacking/
Artificial intelligence, cybersecurity talent top list of hard-to-find skills
https://www.zdnet.com/article/artificial-intelligence-cybersecurity-talent-top-list-of-hard-to-find-skills/#ftag=RSSbaffb68
6.近期資安活動及研討會
學生資安新手村 相關活動整理 淡江大學場 工作坊 6/1(六) 10:00 - 16:00
https://forms.gle/aBgGfLUYcvJh7hzk9
學生資安新手村 相關活動整理 高雄科技大學場 06/02(日) 08:30~18:00
https://nkust-itc.kktix.cc/events/security-beginner-workshop
資安新手村-網站照妖鏡 SITCON x NKUST_CSIE & ITC 6/2
https://nkust-itc.kktix.cc/events/security-beginner-workshop
PyTorch Tainan x CCNS 聚會 #23 6/2
https://pytorch-tainan.kktix.cc/events/2019-06-02-m23?fbclid=IwAR1s_n_piEyMN0e8NMHk-jjP97-1mjqI-favSKBAdxAglQ3j1aN17_fMmbk
【課程】Raspberry Pi 相機 x OpenCV 進階應用:攝影拍照、人臉偵測、影像處理與實作 6/2
https://www.techbang.com/posts/69830-course-raspberry-pi-camera-x-opencv-photo-photography-face-detection-image-processing-and-application
International Conference CONSTRUCTIVE THEORY OF FUNCTIONS - 2019 SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/
TW BECKS No.2 6/3
https://becks.kktix.cc/events/20190603
軟體安全性測試實務 6/3 ~ 6/4
https://www.accupass.com/event/1904230701335964656400
c++ array library: xtensor and xtensor-python 6/5
https://www.meetup.com/pythonhug/events/261778921/?fbclid=IwAR3W1Eo0Xk-ZZLhwSbRuoU_WomifnbLU61G8PgystESPX-tWLGKAosu_n40
HackingThursday 固定聚會 6/6
https://www.meetup.com/hackingthursday/events/vkhnnqyzjbjb/
突破困境:資安開源工具之應用分享 6/8
https://tfc.kktix.cc/events/nomoney-infosec
Cypherpunks Taiwan 密碼龐克 (5)- 區塊鏈存在證明與抗審查性 & 零知識證明 6/11
https://www.facebook.com/events/2371184796499787/
國家高速網路與計算中心教育訓練-源碼檢測實作 6/13
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3828&from_course_list_url=homepage
HackingThursday 固定聚會 6/13
https://www.meetup.com/hackingthursday/events/vkhnnqyzjbrb/
React Hooks 實戰會議室 ─ 前端工程師的潮流技能不私藏 6/14
https://www.facebook.com/events/447646755985628/
【課程】Julia 資料科學實作,2019年強勢來襲的科學計算語言,集Python、C++、R 各家特色於一身 6/15
https://www.techbang.com/posts/70251-course-julia-data-science-practice
國立交通大學 亥客書院 - 密碼系統之漏洞、修補與檢測 6/15
https://hackercollege.nctu.edu.tw/?p=1039
The Artificial Intelligence Conference 6/18
https://www.facebook.com/events/278255853036175/?event_time_id=360038254857934
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, June 19, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzjbzb/
HackingThursday 固定聚會 6/20
https://www.meetup.com/hackingthursday/events/vkhnnqyzjbbc/
國家高速網路與計算中心教育訓練-資安健診 6/20
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3832&from_course_list_url=homepage
Edvance Beacon 2019 6/21
https://docs.google.com/forms/d/e/1FAIpQLSe70uw8Pi862IkL_rQXDJhzd7QnGXiuhcWwttOEN2BZwUbyMw/viewform
CCNS 定期聚 — 當 Python 遇上 JIT / PyPy 淺談 6/23
https://ccns.kktix.cc/events/ccns-pypy-talk?fbclid=IwAR1wa3cZuyNZQv-pGo5Eh3u5uik69nLY1t-sXb2R6wTd9HsrMBw02ybbkJw
HackingThursday 固定聚會 6/27
https://www.meetup.com/hackingthursday/events/vkhnnqyzjbkc/
HackingThursday 固定聚會 7/4
https://www.meetup.com/hackingthursday/events/vkhnnqyzkbgb/
2019國際資訊安全組織台灣高峰會 7/9 ~ 7/11
https://csa.kktix.cc/events/2019con
工業局補助網路安全檢測教育訓練 7/10 ~ 7/12
https://www.accupass.com/event/1904080311551119077841
HackingThursday 固定聚會 7/11
https://www.meetup.com/hackingthursday/events/vkhnnqyzkbpb/
HackingThursday 固定聚會 7/18
https://www.meetup.com/hackingthursday/events/vkhnnqyzkbxb/
HackingThursday 固定聚會 7/25
https://www.meetup.com/hackingthursday/events/vkhnnqyzkbhc/
CDX2.0推廣活動 - 台南場次 7/26
https://nchc-cdx.kktix.cc/events/cdxactivity-0726
資安事故處理實務課程 8/7 ~ 8/8
http://bit.ly/2VW0Lv9
DEF CON 27 2019/8/8–8/11
https://www.defcon.org/
數位鑑識處理實務 8/14 ~ 8/15
http://bit.ly/2VW0Lv9
WEB應用滲透測試 8/21 ~ 8/23
https://www.accupass.com/event/1904080221358963463590
資安法規與制度研析課程-108年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」 8/29 ~ 8/30
http://www.cisanet.org.tw/News/activity_more?id=MTQzMw==
108年資安職能訓練-行動裝置安全(8/29-8/30)
https://cee.ksu.edu.tw/recruitinfo/1443.html
CDX2.0推廣活動 - 台北場次 9/10
https://nchc-cdx.kktix.cc/events/cdxactivity-0910
TANET 2019 - 臺灣網際網路研討會 9/25
https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310
HITB+ CYBER WEEK 2019/10/12 ~17
https://d2p.hitb.org/?fbclid=IwAR2gU17bz0Y7TH8THIIskIX1vziWBpMY152mJiwk7AAeVS752f_eNcZ0NzU
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
AIoT智能物聯網開發人才就業養成班[免費諮詢] 10/22
https://ittraining.kktix.cc/events/aiot-training-2019
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
沒有留言:
張貼留言