跳到主要內容

資安事件新聞週報 2019/7/15 ~ 2019/7/19






資安事件新聞週報  2019/7/15  ~  2019/7/19

1.重大弱點漏洞/後門/Exploit/Zero Day
NetApp 阻斷服務漏洞
https://security.netapp.com/advisory/ntap-20190715-0001/

Palo Alto PAN-OS 多個漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/155
https://securityadvisories.paloaltonetworks.com/Home/Detail/156
https://securityadvisories.paloaltonetworks.com/Home/Detail/157

Sprint發布安全漏洞警告:黑客通過三星網站竊取用戶敏感數據
https://finance.ifeng.com/c/7oNcPBGrCGe

Sprint:三星網站害用戶帳號遭駭、資料曝光
https://www.ithome.com.tw/news/131878

藍牙裝置漏洞可用來追蹤iOS/Mac、Windows 10裝置、Fitbit用戶位置
https://www.ithome.com.tw/news/131907

Oracle Critical Patch Update Advisory - July 2019
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Palo Alto GlobalProtect 資安通報
https://devco.re/blog/2019/07/17/Palo-Alto-GlobalProtect-advisory/

羅技舊款Unifying無線產品爆漏洞 疑遭駭客安裝惡意軟體
https://udn.com/news/story/7087/3934932

羅技無線接收器再現漏洞,攻擊者可輕易通過其控制他人電腦
https://www.expreview.com/69456.html

羅技 Unifying 接收器可能被駭客入侵,同時羅技有漏洞的舊款滑鼠也依在市場銷售
https://www.cool3c.com/article/146051

羅技無線設備出現4個安全漏洞,羅技官方只會修復一半
http://www.udaxia.com/xtzx/18896.html


LenovoEMC儲存裝置含有資料外洩漏洞
https://www.ithome.com.tw/news/131899

數位學習平台 WMPro 智慧大師含有 Command Injection 漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11062

索尼BRAVIA智能電視存在漏洞
https://4hou.win/wordpress/?p=34166

CentOS Control Web Panel 0.9.8.838 - User Enumeration
https://www.exploit-db.com/exploits/47125

Sun Solaris Doors Kernel Functionality 多個漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0874

Magento 2.3.1: Unauthenticated Stored XSS to RCE
https://blog.ripstech.com/2019/magento-rce-via-xss/

Zoom Zero Day Followup: Getting the RCE
https://blog.assetnote.io/bug-bounty/2019/07/17/rce-on-zoom/

Zoom Video Conferencing for macOS Also Vulnerable to Critical RCE Flaw
https://thehackernews.com/2019/07/zoom-video-conferencing-hacking.html

Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu
https://thehackernews.com/2019/07/zoom-ringcentral-vulnerabilities.html

Wormable BlueKeep Bug Still Threatens Legions of Windows Systems
https://threatpost.com/805k-windows-systems-open-bluekeep/146529/

BlueKeep patching isn’t progressing fast enough
https://www.welivesecurity.com/2019/07/17/bluekeep-patching-progress/

Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation
https://www.exploit-db.com/exploits/47135

Windows 7用戶注意! 微軟明年1月終止支援
https://ec.ltn.com.tw/article/breakingnews/2853622

Windows 7終止支援倒數6個月!微軟呼籲把握時機完成Windows 10升級與部署
http://bit.ly/2Ghujy3

微軟視窗 Defender Application Control 繞過保安限制漏洞
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1167

Microsoft is starting to auto-update Windows 10 Home, Pro users on 1803 or older to 1903
https://www.zdnet.com/article/microsoft-is-starting-to-auto-update-windows-10-home-pro-users-on-1803-or-older-to-1903/#ftag=RSSbaffb68

Here's Microsoft's updated roadmap for Chromium-based Edge features for the enterprise
https://www.zdnet.com/article/heres-microsofts-updated-roadmap-for-chromium-based-edge-features-for-the-enterprise/#ftag=RSSbaffb68

Security Flaw Exposed Valid Airline Boarding Passes
https://www.bankinfosecurity.com/security-flaw-exposed-valid-airline-boarding-passes-a-12783

Payment Fraud: Criminals Enroll Stolen Cards on Apple Pay
https://www.bankinfosecurity.com/payment-fraud-criminals-enroll-stolen-cards-on-apple-pay-a-12779

CTM籲用戶升級路由器固件 防範網絡攻擊
https://www.exmoo.com/article/115827.html

聯想和技嘉服務器固件發現可利用的漏洞
https://www.solidot.org/story?sid=61408

BMC韌體重大漏洞波及技嘉、聯想、宏碁等8家伺服器
https://ithome.com.tw/news/131908

VULNERABLE FIRMWARE IN THE SUPPLY CHAIN OF ENTERPRISE SERVERS
https://eclypsium.com/wp-content/uploads/2019/07/Vulnerable-Firmware-in-the-Supply-Chain.pdf

Vulnerability Allows Hackers to Take Control of Drupal 8 Websites
https://www.securityweek.com/vulnerability-allows-hackers-take-control-drupal-8-websites

Jenkins Admins: Relying on Default Settings Could Put Master at Risk of Remote Code Execution Attacks
https://blog.trendmicro.com/trendlabs-security-intelligence/jenkins-admins-relying-on-default-settings-could-put-master-at-risk-of-remote-code-execution-attacks/

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
國銀分行連5年減少 ATM台數資安人才需求增加
https://taronews.tw/2019/07/11/399258/

解放銀行數據力的鑰匙
https://www.ithome.com.tw/voice/131810

網路金融安全時代來臨
https://news.cnyes.com/news/id/4356845?exp=b

純網銀結合金、物流 央行評估風險
https://money.udn.com/money/story/5613/3927374

女員工利用銀行漏洞挪用1億多買下10多套房產
http://news.cctv.com/2019/07/12/VIDEf4ewe205yeXgPFtPa09X190712.shtml

發生了什麼?威士萬事達或將退出俄羅斯
https://news.sina.com.tw/article/20190715/31967582.html

電信大斷訊 澳洲櫃員機和商店支付系統癱瘓
https://taronews.tw/2019/07/11/399255/

費時三年 台大金融科技中心將揭牌
https://ctee.com.tw/news/finance/118372.html

傳統銀行接招! 7月底開放新設2家純網銀
https://news.tvbs.com.tw/life/1168122

又現擅自修改數據!中信證券頂風作案 違規修改科創板招股書被罰
https://news.sina.com.tw/article/20190717/31993634.html

首例!不甩金管會檢查 禮正投顧遭開罰60萬元
https://ec.ltn.com.tw/article/breakingnews/2854571

李氏證券內部監控缺失遭譴責及罰款52萬
http://bit.ly/2M2rrc7

RBI, HDFC Bank and others warned about this app. Here's what
http://bit.ly/2LtgKjm

German banks are moving away from SMS one-time passcodes
https://www.zdnet.com/article/german-banks-are-moving-away-from-sms-one-time-passcodes/


3.電子支付/電子票證/行動支付/ pay/新聞及資安
EMV國際通用掃碼支付正式在臺上線,一張QR Code貼紙就能接軌多個支付App
https://www.ithome.com.tw/news/131895

網友爆料騰訊充值業務出現漏洞,有網友充值高達萬元的Q幣
https://www.bilibili.com/read/cv3088587/

Huawei Pay在港推出 擴至4萬個銷售點
http://bit.ly/2GfwDFS

國際財經:俄羅斯表態加入歐盟針對伊朗的支付管道Instex
http://bit.ly/2JEuohF

網絡故障導致全澳零售業付款系統大癱瘓
http://www.epochtimes.com/b5/19/7/15/n11385721.htm

4.虛擬貨幣/區塊鍊   新聞及資安
日本幣寶交易所遭駭約 35 億日圓的數位貨幣,台灣幣寶用戶暫不受影響
https://news.xfastest.com/%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3/67028/bitpoint-japan-hacked/

日本加密貨幣交易所 BITPoint 證實被盜官方:台灣分公司不受影響
https://news.cnyes.com/news/id/4356999

日業者虛擬貨幣遭盜 損失估逾10億元
https://money.udn.com/money/story/5599/3925210

全球比特幣 ATM 數量已經超過 5000 台,在歐洲恐成反洗錢(AML)防制漏洞
https://www.blocktempo.com/bitcoin-atms-show-gap-in-eu-s-money-laundering-rules-police-say/

這次又坑多少人?深度解析Dash錢包關鍵漏洞
https://www.feixiaohao.com/news/3834282

加密貨幣大戰 正邪難辨
https://hk.finance.appledaily.com/finance/daily/article/20190715/20729425

獲新交所投資!新加坡首家持牌證券型代幣交易所 1exchange 宣告上線
https://news.cnyes.com/news/id/4356202

MaiCoin擬發碳權證券型代幣 金管會:沒來談過
https://money.udn.com/money/story/5613/3933516

MaiCoin盼年底發「碳權STO」 金管會尚未點頭
https://www.chinatimes.com/realtimenews/20190717000881-260410?chdtv

去中心化交易所協議0x 發現安全漏洞交易合約暫時關閉
https://www.linksfin.com/article/299255

如何挑選比特幣交易所
https://www.inside.com.tw/article/16924-how-to-choose-crytpo-exchanges

facebook擬發行虛擬貨幣 G7同意控制發展
http://bit.ly/2xQ2AzV

出面回應 BITPoint Japan 遭駭事件社長小田玄紀:承擔責任、徹查到底
https://news.cnyes.com/news/id/4358595

駭客正在將幣安(Binance)被盜的比特幣,轉移到其他交易所中
https://www.blocktempo.com/hackers-are-turning-binances-stolen-bitcoin-into-fiat/

不翼而飛 − 日本加密貨幣交易所遭駭客入侵盜走 $3,200 萬美元
http://bit.ly/2SwZOtb

傳日本推虛擬幣支付國際網絡
https://hk.finance.appledaily.com/finance/realtime/article/20190718/59836161

打擊洗錢活動 傳日本擬開發加密貨幣支付網絡
https://ec.ltn.com.tw/article/breakingnews/2856514

G7“嚴重關切”Libra 同意抓緊出臺對策
https://tchina.kyodonews.net/news/2019/07/84e074b100c4-g7libra-.html

交大FinTech中心攜手奧丁丁 發展區塊鏈與AI
https://money.udn.com/money/story/5613/3936549

Brazil completes first blockchain real estate sale
https://www.zdnet.com/article/brazil-completes-first-blockchain-real-estate-sale/#ftag=RSSbaffb68

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
專門攻擊 QNAP 網路儲存裝置的 eCh0raix 勒索病毒
https://blog.trendmicro.com.tw/?p=61210

夾帶惡意軟體App 下載百萬次
http://bit.ly/32sPUNu

惡意軟件襲 Android!自動取代正版軟件防不勝防
https://m.eprice.com.hk/mobile/talk/124/213526/1/

Emotet神隱一個月 復活後或變超惡程式
http://bit.ly/2XKlveW

Panda反病毒軟件本地提權漏洞分析(CVE-2019-12042)
https://www.freebuf.com/vuls/207765.html

拒受勒索軟體要脅 巴爾的摩高代價重建系統
https://money.udn.com/money/story/10511/3928055

新款Android惡意程式出現 香港逾萬部手機受感染
http://bit.ly/30FgPns

惡意軟體「Agent Smith」已感染全球 2,500 萬安卓設備 台灣也有 479 台中標
https://saydigi-tech.com/2019/07/8727.html

請小心這位探員!惡意程式「Agent Smith」傳在全球感染超過2500萬支Android手機
https://cnews.com.tw/140190712a03/

被超難解密的勒索軟體纏身,美國又有地方政府選擇支付贖金給駭客
https://ithome.com.tw/news/131832

新型Android變種惡意軟體 全球有2500萬台裝置受感染
https://tw.finance.appledaily.com/realtime/20190717/1601346/

Telegram多功能版MobonoGram 2019會偷下載惡意網站
https://ithome.com.tw/news/131874

【NotPetya】史上破壞力最強的一次網絡攻擊(五):癱瘓烏克蘭
http://bit.ly/2JDf0BX

2019 下半年勒索病毒將如何發展
https://blog.trendmicro.com.tw/?p=61165

Ransomware: As GandCrab Retires, Sodinokibi Rises
https://www.bankinfosecurity.com/ransomware-as-gandcrab-retires-sodinokibi-rises-a-12788

OpenNIC drops support for .bit domain names after rampant malware abuse
https://www.zdnet.com/article/opennic-drops-support-for-bit-domain-names-after-rampant-malware-abuse/#ftag=RSSbaffb68

This Week in Security News: Banking Malware and Phishing Campaigns
https://blog.trendmicro.com/weekinsecurity7-12-19/

2019-07-12 - DRIDEX ACTIVITY
https://www.malware-traffic-analysis.net/2019/07/12/index.html

2019-07-09 - MALSPAM WITH PASSWORD-PROTECTED WORD DOC PUSHES DRIDEX
https://www.malware-traffic-analysis.net/2019/07/09/index.html

Should governments pay extortion payments after a ransomware attack
https://blog.talosintelligence.com/2019/07/ransomware-extortion-roundtable-government-payments.html

Wannacry ransomware attack: Industry experts offer their tips for prevention
https://www.techrepublic.com/article/wannacry-ransomware-attack-industry-experts-offer-their-tips-for-prevention/

New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices
https://thehackernews.com/2019/07/whatsapp-android-malware.html

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices
https://thehackernews.com/2019/07/ransomware-nas-devices.html

Powerful FinSpy Spyware Found Targeting iOS and Android Users in Myanmar
https://thehackernews.com/2019/07/finspy-spyware-android-ios.html

Security Advisory for eCh0raix Ransomware
https://www.qnap.com/zh-tw/security-advisory/nas-201907-11

Malware framework creates one billion fake Google Adsense ad impressions in only a few months
https://www.zdnet.com/article/malware-framework-creates-one-billion-fake-google-adsense-ad-impressions-in-only-a-few-months/#ftag=RSSbaffb68

Newly Discovered Malware Framework Cashing in on Ad Fraud
https://www.flashpoint-intel.com/blog/newly-discovered-malware-framework-cashing-in-on-ad-fraud/

Hong Kong malvertiser blamed for malicious ads that invaded Microsoft apps
https://www.zdnet.com/article/hong-kong-malvertiser-blamed-for-malicious-ads-that-invaded-microsoft-apps/#ftag=RSSbaffb68

Hong Kong Based Malvertiser Brokers Traffic To Fake Antivirus Scams — Over 100 Million Ads Compromised In 2019 So Far
https://blog.confiant.com/hong-kong-based-malvertiser-brokers-traffic-to-fake-antivirus-scams-over-100-million-ads-300e251eff06

資安公司在Python套件儲存庫PyPI發現3個惡意後門套件
https://www.ithome.com.tw/news/131912

Malicious Python libraries targeting Linux servers removed from PyPI
https://www.zdnet.com/article/malicious-python-libraries-targeting-linux-servers-removed-from-pypi/#ftag=RSSbaffb68

SupPy Chain Malware - Detecting malware in package manager repositories
https://blog.reversinglabs.com/blog/suppy-chain-malware-detecting-malware-in-package-manager-repositories

Powload Loads Up on Evasion Techniques Posted
https://blog.trendmicro.com/trendlabs-security-intelligence/powload-loads-up-on-evasion-techniques/

EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users
https://thehackernews.com/2019/07/linux-gnome-spyware.html

Unofficial Telegram App Secretly Loads Infinite Malicious Sites
https://www.symantec.com/blogs/threat-intelligence/unofficial-telegram-app-malicious-sites

Trojan-Riddled WinRAR, Winbox, IDM Spreads StrongPity Spyware
https://www.bleepingcomputer.com/news/security/trojan-riddled-winrar-winbox-idm-spreads-strongpity-spyware/

Banking Trojan TrickBot learned to spam and has already collected 250 million email addresses
https://trojan-killer.net/banking-trojan-trickbot-learned-to-spam-and-has-already-collected-250-million-email-addresses/

Tenga cuidado con el Malware de Anubis Banking que puede poner en riesgo su privacidad virtual
https://www.todotech20.com/tenga-cuidado-con-el-malware-de-anubis-banking-que-puede-poner-en-riesgo-su-privacidad-virtual/

EvilGnome: Rare Malware Spying on Linux Desktop Users
https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/

SLUB Gets Rid of GitHub, Intensifies Slack Use
https://blog.trendmicro.com/trendlabs-security-intelligence/slub-gets-rid-of-github-intensifies-slack-use/

Okrum: Ke3chang group targets diplomatic missions
https://www.welivesecurity.com/2019/07/18/okrum-ke3chang-targets-diplomatic-missions/

New Okrum Malware Used by Ke3chang Group to Target Diplomats
https://www.bleepingcomputer.com/news/security/new-okrum-malware-used-by-ke3chang-group-to-target-diplomats/

Mirai Botnet Sees Big 2019 Growth, Shifts Focus to Enterprises
https://threatpost.com/mirai-botnet-sees-big-2019-growth-shifts-focus-to-enterprises/146547/

The rising tide of ransomware requires a commitment to best practices
https://www.zdnet.com/article/the-rising-tide-of-ransomware-requires-a-commitment-to-best-practices/#ftag=RSSbaffb68

B.行動安全 / iPhone / Android /穿戴裝置 /App
2500萬台安卓手機遭陸公司入侵 靠掉包APP廣告來賺錢
https://n.yam.com/Article/20190712751863

Apple 宣佈暫時禁用 Apple Watch 上的對講機功能
http://bit.ly/2JxaYuJ

有人在偷聽你的iPhone對話!蘋果手錶曝竊聽漏洞
https://news.sina.com.tw/article/20190713/31953066.html

臉書今晨大當機!介面「一片空白」 網友哀號:又掛了
https://tw.news.appledaily.com/life/realtime/20190718/1601967/

中國警方運用間諜軟體監控智慧型手機
https://technews.tw/2019/07/18/china-police-spyapp-smartphone/

注意!iOS 13測試版出現漏洞未經授權可訪問“設置”中保存的密碼
http://www.sohu.com/a/327163131_114774

iOS 13現安全漏洞 繞過權限認證獲取帳號密碼
http://bit.ly/2LpZLOZ

Android版WhatsApp、Telegram漏洞,可使駭客篡改影像檔案
https://www.ithome.com.tw/news/131856

Telegram多功能版MobonoGram 2019會偷下載惡意網站
https://ithome.com.tw/news/131874

研究人員破解IG的密碼復原程序,可取得任何用戶的登入憑證
https://www.ithome.com.tw/news/131888

警示片《原本以為只是手機掉了》揭資安死角! 一不小心連命都沒了
https://www.ettoday.net/dalemon/post/44801

變老App被爆有資安漏洞 引起社群資安恐慌
https://newtalk.tw/news/view/2019-07-18/274296

「抖音」疑設「後門」直通中國政府 印度IT部要求解釋
https://m.ltn.com.tw/news/world/breakingnews/2857377

區塊科技推「存證王APP」 隨時隨地都可自保
https://www.chinatimes.com/realtimenews/20190718003566-260410?chdtv

網友亂留言,區塊鏈技術可快速蒐證
https://ec.ltn.com.tw/article/breakingnews/2857318

iOS URL Scheme Susceptible to Hijacking
https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/

Slack to reset passwords for tens of thousands of users
https://www.zdnet.com/article/slack-to-reset-passwords-for-tens-of-thousands-of-users/#ftag=RSSbaffb68

How your Instagram account could have been hijacked
https://www.welivesecurity.com/2019/07/16/instagram-account-could-have-been-hijacked/

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission
https://thehackernews.com/2019/07/android-side-channel-attacks.html

This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes
https://thehackernews.com/2019/07/hack-instagram-accounts.html

Unofficial Telegram App Secretly Loads Infinite Malicious Sites
https://www.symantec.com/blogs/threat-intelligence/unofficial-telegram-app-malicious-sites

Hackers Can Manipulate Media Files You Receive Via WhatsApp and Telegram
https://thehackernews.com/2019/07/media-files-whatsapp-telegram.html

Unofficial Telegram app secretly loads malicious sites
http://bit.ly/2Lp605r

iOS URL Scheme Could Let App-in-the-Middle Attackers Hijack Your Accounts
https://thehackernews.com/2019/07/ios-custom-url-scheme.html

Latest technology could miss Australia due to encryption laws: Telstra
https://www.zdnet.com/article/latest-technology-could-miss-australia-due-to-encryption-laws-telstra/

Bluetooth exploit can track and identify iOS, Microsoft mobile device users
https://www.zdnet.com/article/bluetooth-vulnerability-can-be-exploited-to-track-and-id-iphone-smartwatch-microsoft-tablet-users/#ftag=RSSbaffb68

Major Chinese Android developer booted from Google Play for drowning users in adverts
https://www.zdnet.com/article/google-boots-chinese-android-developer-for-drowning-users-in-ads/#ftag=RSSbaffb68

C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
驚人!高手自製「解壓縮炸彈」能把 46MB 變 4.5PB
https://3c.ltn.com.tw/news/37385

不破解wifi密碼就出不去!HITCON推出「駭客版」密室逃脫遊戲
https://www.bnext.com.tw/article/53847/hitcon-hacker-escaperoom

FCC新規則將處罰海外電話詐騙犯
https://www.ntdtv.com/b5/2019/07/17/a102624481.html

依規劃制定回應程序 設計Playbook輔助跨部門協防  資安事件編排與回應平台 補強領域知識缺口
https://www.netadmin.com.tw/netadmin/zh-tw/trend/49D92C0E8E55432ABC9EA52C7A53625D

調查:網絡安全最大威脅來自內部
http://paper.wenweipo.com/2019/07/18/MC1907180003.htm

56%台企遭網攻 專家:駭客獲利4次
https://www.secretchina.com/news/b5/2019/07/16/900487.html

駭走38億元貨款 1堂台企不能忽視的資安課
https://www.chinatimes.com/realtimenews/20190715002709-260410?chdtv

自學抓漏 「白帽駭客」錄取交大資工
https://news.ltn.com.tw/news/life/paper/1303492

五分之一的大型企業依然使用Windows 7系統
https://news.sina.com.tw/article/20190716/31978478.html

提供駭客代管服務的網路罪犯遭美方通緝多年後終於被逮捕
https://www.ithome.com.tw/news/131882

上市櫃公司若遭駭 資安專家:恐付4重代價
https://udn.com/news/story/7251/3929846

駭客攻擊勒贖個資「一魚四吃」 台CEO做好防範數位攻擊年增4成
https://www.ettoday.net/news/20190712/1488765.htm

9月奧斯陸論壇聚焦資訊戰 何韻詩將出席
http://www.epochtimes.com/b5/19/7/13/n11382796.htm

強暴+烹殺…太便宜?警方抓暗網交易
http://bit.ly/2NUmtRc

駭客變國安全危機 直擊資安戰情室
https://news.cts.com.tw/cts/international/201907/201907141967522.html

Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits
https://thehackernews.com/2019/07/best-cybersecurity-frameworks.html

數位電子駕照取代紙卡 手機存取美試行
https://news.tvbs.com.tw/focus/1165209

認定資安無虞 陸大疆無人機 美國意外放行
https://readers.ctee.com.tw/cm/20190712/a01aa1/993264/share

〈紅色滲透〉台網媒負責人曾是駭客挨告 公司登記在住家
https://www.nextmag.com.tw/realtimenews/news/474144

密電曝光讓駐外大使丟官 英情報機構發現洩密者了
https://news.ltn.com.tw/news/world/breakingnews/2852495

共諜利用民主開放滲透 學者:立法補黑洞
http://bit.ly/2Gd8Pm6

指控Google遭陸滲透 川普大金主促FBI快來查
https://www.chinatimes.com/realtimenews/20190717000004-260408?chdtv

國軍退將是共諜 學者:價值觀被混淆
http://bit.ly/2YUnkCz

捲入上海仟和億 公安曝光涉案台灣分析師名單
https://ec.ltn.com.tw/article/breakingnews/2853908

台灣分析師上海遭逮 真正內幕曝光
https://www.chinatimes.com/realtimenews/20190718000007-260410?chdtv

內幕:中共五千間諜侵台 滲透軍方五大手法
http://www.epochtimes.com/b5/19/7/15/n11385101.htm

微軟:過去一年將近1萬個企業用戶也面臨國家級駭客的攻擊威脅
https://www.ithome.com.tw/news/131926

Equifax前信息官涉內部交易 被判罰款
http://www.epochtimes.com/b5/19/7/18/n11394044.htm

全國斷網數小時損失超1億美元 澳大利亞尷尬了
https://news.sina.com.tw/article/20190714/31959098.html

澳大利亞電訊2019網絡安全調查報告: 安全漏洞持續上升,網絡安全仍然是香港企業最高優先事項
http://bit.ly/2xPVn2V

港藝術家編程式 自動收集全球「反送中」照片影片 無篩選展示觀眾眼前
http://bit.ly/32rJxdk

南韓新法上路 縱容職場霸凌恐判刑
https://news.cts.com.tw/cts/international/201907/201907181968074.html

多數德人願為資安支付更高費用 安全標籤有助購買決策
https://www.chinatimes.com/realtimenews/20190716001256-260408?chdtv

英國會議員:英國應擴大限制華為 但不是資安理由
https://ec.ltn.com.tw/article/breakingnews/2853749

華為證實在美刪減千名員工、今後三年將在義大利投資31億美元
https://news.cnyes.com/news/id/4358220

美國選舉委員會改弦易轍,允許政治活動接受優惠的網路安全服務
https://www.ithome.com.tw/news/131831

新加坡資安新措施將加強機密數據保障
https://twbusiness.nat.gov.tw/news.do?id=402620439

美軍官妄稱中國使委內瑞拉人民背負債務,外交部:酸葡萄心理
https://news.sina.com.tw/article/20190716/31985170.html

狼蹤再現!中國伺服器國家隊 藏身新北市第一高樓
https://udn.com/news/story/6841/3929083

Magecart駭客集團專找配置錯誤的Amazon S3儲存貯體
https://times.hinet.net/news/22460421

Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets
https://thehackernews.com/2019/07/magecart-amazon-s3-hacking.html

Microsoft notified 10,000 victims of nation-state attacks
https://www.zdnet.com/article/microsoft-notified-10000-victims-of-nation-state-attacks/#ftag=RSSbaffb68

Cyber Command tested ‘persistent engagement’ in June exercise
https://www.fifthdomain.com/dod/cybercom/2019/07/16/cyber-command-tested-persistent-engagement-in-june-exercise/

U.S. Cyber Command simulated a seaport cyberattack to test digital readiness
https://www.cyberscoop.com/us-cyber-command-simulated-seaport-cyberattack-test-digital-readiness/

Brazil gears up to enhance data analytics to tackle benefit fraud
https://www.zdnet.com/article/brazil-gears-up-to-enhance-data-analytics-to-tackle-benefit-fraud/#ftag=RSSbaffb68

Brazil is at the forefront of a new type of router attack
https://www.zdnet.com/article/brazil-is-at-the-forefront-of-a-new-type-of-router-attack/#ftag=RSSbaffb68

Surprising Password Guidelines from NIST
https://www.bankinfosecurity.com/blogs/surprising-password-guidelines-from-nist-p-2764

Engineer flees to China after stealing source code of US train firm
https://www.zdnet.com/article/engineer-flees-to-china-after-stealing-source-code-of-us-train-firm/#ftag=RSSbaffb68

Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits
https://thehackernews.com/2019/07/best-cybersecurity-frameworks.html

Organizations expect to boost their cybersecurity investments by 34%
https://www.helpnetsecurity.com/2019/07/15/boost-cybersecurity-investments/

Engage Your Management with the Definitive 'Security for Management' Presentation Template
https://thehackernews.com/2019/07/security-for-management.html

Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques
https://blog.talosintelligence.com/2019/07/sea-turtle-keeps-on-swimming.html

NCSC report warns of DNS Hijacking Attacks
https://securityaffairs.co/wordpress/88366/hacking/dns-hijacking-ncsc-report.html

Ministry of Home Affairs Needs to Go Beyond Security Basics
https://www.bankinfosecurity.asia/blogs/ministry-home-affairs-needs-to-go-beyond-security-basics-p-2775

Kazakhstan government is now intercepting all HTTPS traffic
https://www.zdnet.com/article/kazakhstan-government-is-now-intercepting-all-https-traffic/

APAC firms must transform cybersecurity approach
https://www.zdnet.com/article/apac-firms-must-transform-cybersecurity-approach/#ftag=RSSbaffb68

【資安所】產業合作專員
https://www.104.com.tw/job/6o9ga

Security Engineer
https://www.cakeresume.com/companies/maicoin/jobs/security-engineer-ae8ff9

Security Engineer
https://github.com/MaiAmis/Careers/blob/master/MaiCoin/security-engineer.md

#徵才 台北/群聚整合資安/解決方案架構師(售前)
https://www.dcard.tw/f/job/p/231681330

資安管制人員/北市大安
https://m.yes123.com.tw/memmvc/jobsearch/JobDetailPage?pid=20091202100256_16890535&subid=20190709110004_2377997

契約資訊(副)工程師(資安)甄選公告
https://www.vhlc.gov.tw/News_Content.aspx?n=D65DB00DDAEFC920&sms=21B65CD3BBA62A7F&s=0FE8E032A0B37B7C

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
黑貓宅急騙 跟真正的黑貓官網相似度99%
https://blog.trendmicro.com.tw/?p=61179

相似度99%! 駭客偽「宅配網」 詐單號騙個資
https://news.tvbs.com.tw/life/1167303

【詐騙】黑貓宅急騙 跟真正的黑貓官網相似度99%,收到送貨進度簡訊,別點連結
https://blog.trendmicro.com.tw/?p=61179

中國江蘇省公安局洩漏超過九千萬筆個人與公司行號資料
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=893

【獨家】人力銀行1111有20萬筆個資遭外洩,來源同外洩銓敘部個資的論壇
https://www.ithome.com.tw/news/131930

駭客論壇兜售! 1111人力銀行驚傳20萬筆個資外洩
http://bit.ly/2XOXMKB

1111人力銀行遭駭 舊個資外洩警方偵辦中
https://www.cna.com.tw/news/asoc/201907190107.aspx

1111人力銀行 予人煏講漏洩求職者個資
https://news.pts.org.tw/article/438646

1111人力銀行20萬筆個資 遭駭客惡意外洩
https://tw.news.appledaily.com/life/realtime/20190719/1602555/

秦嗣葵:銓敘部個資外洩 資安戰略待強化
https://tw.appledaily.com/new/realtime/20190719/1602387/

駭客竊取個資 四招放空企業
http://bit.ly/2LWRq4B

知名飯店Kiosk系統漏洞讓後台資料庫憑證曝險,可致客戶資料被竊
https://www.ithome.com.tw/news/131809

美調查侵犯隱私案 傳重罰臉書逾1550億元
https://taronews.tw/2019/07/13/401105/

fb洩私隱和解 罰390億破紀錄 不及去年收入十分一 被指欠阻嚇力
http://bit.ly/2Y5uAhU

投資虛擬貨幣發大財?詐騙案層出不窮
http://bit.ly/2LTBD6W

保加利亞國稅局遭到駭客入侵,數百萬納稅人資料外洩
https://www.ithome.com.tw/news/131879

「付款設定錯誤」狂詐69名網拍店家 10車手海削440萬全上繳
https://www.ettoday.net/news/20190716/1491538.htm

假檢警騙很大 桃園去年財損1.3億
https://udn.com/news/story/11322/3930579

電腦密碼發明人逝世享年93歲 曾稱「密碼」已成網路惡夢
https://cnews.com.tw/140190715a06/

SAS:2021年25%組織採用 AI將成反詐欺主流技術
https://www.chinatimes.com/newspapers/20190716000277-260204?chdtv

Phishing Scheme Targets Amex Cardholders
https://www.bankinfosecurity.com/new-phishing-scheme-targets-amex-card-holders-a-12796

This Phishing Attacker Takes American Express—and Victims’ Credentials
https://cofense.com/phishing-attacker-takes-american-express-victims-credentials/

93% of porn sites leak data to a third-party
https://www.zdnet.com/article/93-of-porn-sites-leak-data-to-a-third-party/#ftag=RSSbaffb68

The use of compromised accounts to send phishing emails to contacts inside and outside an organization is an increasing security threat
https://www.techrepublic.com/article/lateral-phishing-hackers-are-taking-over-business-accounts-to-send-malicious-emails/

Threat Spotlight: Lateral Phishing
https://blog.barracuda.com/2019/07/18/threat-spotlight-lateral-phishing/

Bulgarian Authorities Arrest Suspect in Massive Data Breach
https://www.bankinfosecurity.com/bulgarian-authorities-arrest-suspect-in-massive-data-breach-a-12790

Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers
https://thehackernews.com/2019/07/bulgaria-nra-data-breach.html

Sweden and UK's surveillance programs on trial at the European Court of Human Rights
https://www.zdnet.com/article/sweden-and-uks-surveillance-programs-on-trial-at-the-european-court-of-human-rights/#ftag=RSSbaffb68

Evite Invites Over 100 Million People to Their Data Breach
https://www.bleepingcomputer.com/news/security/evite-invites-over-100-million-people-to-their-data-breach/

Bulgaria's hacked database is now available on hacking forums
https://www.zdnet.com/article/bulgarias-hacked-database-is-now-available-on-hacking-forums/#ftag=RSSbaffb68

Hacker steals data of millions of Bulgarians, emails it to local media
https://www.zdnet.com/article/hacker-steals-data-of-millions-of-bulgarians-emails-it-to-local-media/#ftag=RSSbaffb68

Singapore hopes to groom data protection officers with training framework
https://www.zdnet.com/article/singapore-hopes-to-groom-data-protection-officers-with-training-framework/#ftag=RSSbaffb68

E.研究報告
賽門鐵克雲端安全威脅研究報告探討雲端的真實風險
https://symc.ly/2GdRhX3

靈活運用Serverless運算 雲原生系統也能輕鬆遷移 建構K8S容器管理平台 打底Knative無伺服器框架
https://www.netadmin.com.tw/netadmin/zh-tw/technology/78E2B931705C4C4B974991B7CA31938D

WebLogic 任意文件上傳遠程代碼執行_CVE-2018-2894漏洞復現
https://www.cnblogs.com/yuzly/p/11152895.html

0x協議漏洞原理剖析:惡意掛單可擾亂正常交易秩序
https://www.xcong.com/articles/3560727

Ubuntu桌面版USBCreator D-Bus權限提升漏洞分析
https://www.anquanke.com/post/id/181937

CVE-2019-12272 OpenWrt圖形化管理界面LuCI命令注入分析
https://www.4hou.com/vulnerable/19135.html

網站安全滲透測試服務之discuz漏洞挖掘與利用
http://blog.itpub.net/31542418/viewspace-2650648/

Atlassian JIRA模板注入漏洞预警
https://www.freebuf.com/vuls/208365.html

Apache struts2遠端命令執行_CVE-2017-9805(S2-052)漏洞復現
https://www.itread01.com/content/1563294303.html

某報表v8.0​​ Getshell漏洞分析
https://xz.aliyun.com/t/5652

深入分析macOS漏洞CVE-2019-8507
https://www.jishuwen.com/d/2nNj/zh-tw

挖洞經驗| 看我如何發現微軟Outlook for Android移動應用的XSS漏洞
https://www.freebuf.com/vuls/208038.html

[經驗分享]phpIPAM 安裝流程與使用心得
http://blog.jason.tools/2019/07/phpipam-install.html

CVE-2019-5596 : FreeBSD UaF提權漏洞分析
https://www.anquanke.com/post/id/182014

Calling Syscalls Directly from Visual Studio to Bypass AVs/EDRs
https://ired.team/offensive-security/defense-evasion/using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs

Bypassing Python3.8 Audit Hooks [Part 1]
https://daddycocoaman.dev/posts/bypassing-python38-audit-hooks-part-1/

dfvfs v20190714 releases: Digital Forensics Virtual File System
https://securityonline.info/dfvfs/?fbclid=IwAR1i268fFZAnoljTFeF2ojmpr5zeQqLO5BbHrNsughrc67aArz26FhM4Byc

HiedaNaKan/FuckMFS
https://github.com/HiedaNaKan/FuckMFS

Endpoint Hunting in an AntiEDR World
https://mgreen27.github.io/projects/AntiEDRWorld/

0DAYZ OF OUR LIFE
https://objectivebythesea.com/v2/talks/OBTS_v2_Hill.pdf

posixninja/pppoccl
https://github.com/posixninja/pppoccl

Fuzzing File Systems via Two-Dimensional Input Space Exploration – Summary
http://bit.ly/2YUmsxI

macOS - getting root with benign App Store apps
https://objectivebythesea.com/v2/talks/OBTS_v2_Fitzl.pdf

Breaking mobile userland w[0x42] alls
https://drive.google.com/file/d/1HwG6Ks_2dO0ut2plyPx1-svfNVKL1Mhu/view

How I Hacked the Microsoft Outlook Android App and Found CVE-2019-1105
http://bit.ly/2NQARtM

Analysis of a use-after-unmap vulnerability in Edge: CVE-2019-0609
https://gts3.org/2019/cve-2019-0609.html

Ghidra Python Scripting - AZORult
http://rinseandrepeatanalysis.blogspot.com/2019/07/ghidra-python-scripting-azorult.html

Automated AD and Windows test lab deployments with Invoke-ADLabDeployer
http://bit.ly/2XXtm8k

WCTF2019 Writeup
https://bit.ly/wctf2019-gtf

IronPython, darkly: how we uncovered an attack on government entities in Europe
http://blog.ptsecurity.com/2019/07/ironpython-darkly-how-we-uncovered.html

Facebook to Pay $5 Billion Fine to Settle FTC Privacy Investigation
https://thehackernews.com/2019/07/facebook-data-privacy-ftc.html

SWEED: Exposing years of Agent Tesla campaigns
https://blog.talosintelligence.com/2019/07/sweed-agent-tesla.html

Meet Extenbro, a new DNS-changer Trojan protecting adware
https://blog.malwarebytes.com/trojans/2019/07/extenbro-a-new-dns-changer-trojan-protecting-adware/

Turla renews its arsenal with Topinambour
https://securelist.com/turla-renews-its-arsenal-with-topinambour/91687/

Turla APT Returns with New Malware, Anti-Censorship Angle
https://threatpost.com/turla-apt-malware-anti-censorship/146472/

'Sea Turtle' DNS Hijackers Expand Reach
https://www.bankinfosecurity.com/sea-turtle-dns-hijackers-expand-reach-a-12780

Attacking SSL VPN - Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study
https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/

RDP exposed: the wolves already at your door
https://nakedsecurity.sophos.com/2019/07/17/rdp-exposed-the-wolves-already-at-your-door/

SLUB Gets Rid of GitHub, Intensifies Slack Use
https://blog.trendmicro.com/trendlabs-security-intelligence/slub-gets-rid-of-github-intensifies-slack-use/

JShielder : Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G
https://kalilinuxtutorials.com/jshielder-hardening-script/

Passpie : Multiplatform Command-line Password Manager
https://kalilinuxtutorials.com/passpie-command-line-password-manager/

iKy : OSINT Project To Collect Information From Mail
https://kalilinuxtutorials.com/iky-osint-project/

Multi-Cloud Security Best Practices Guide
https://www.tripwire.com/state-of-security/security-data-protection/cloud/multi-cloud-security-best-practices-guide/

curi0usJack/.htaccess
https://gist.github.com/curi0usJack/971385e8334e189d93a6cb4671238b10

Attacking Private Networks from the Internet with DNS Rebinding
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325

Evading Sysmon DNS Monitoring
https://blog.xpnsec.com/evading-sysmon-dns-monitoring/

Bypassing Web Application Firewalls with HTTP Parameter Pollution
https://www.exploit-db.com/docs/47082

Apache Camel Exploitation
https://www.exploit-db.com/docs/47074

F.商業
過濾8.9 Gbps進階威脅,Check Point增設企業級新機型
https://www.ithome.com.tw/review/131610

威脅情資平台 Anomali 談火紅的 AI,AI 已經被說得太誇大了
https://technews.tw/2019/07/18/anomali-thinks-what-ai-can-d-is-said-too-big-compare-to-the-reality/

KX906指紋智慧鑰匙 奪回資安主導權
https://ctee.com.tw/industrynews/117511.html

趨勢科技為 Amazon Web Services 用戶提供高效能在線式網絡防護
https://money.udn.com/money/story/12987/3925277

Win7終止支援倒數6個月 主流Win10市占高出去年10%
https://tw.lifestyle.appledaily.com/gadget/realtime/20190716/1600724/

中信國際電訊CPC 提供新一代雲網融合服務
https://ctee.com.tw/industrynews/technology/118414.html

外商MDR攜手在地夥伴 培育專人運用iSIGHT情資解惑 事件回應並非直接阻斷 目的在判斷真假攻擊
https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/110F1FFE087C4013BEEBB8070EF0A454

基於EDR建構分析平台 自主研發判斷規則輔助偵查  遠端及時獵捕威脅 主動回應採取行動
https://www.netadmin.com.tw/netadmin/zh-tw/trend/7E268013919D43049D3E7184E7C101FA

防止駭客破解演算法並偽造,富士通用FRAM物理特性認證電子設備身分安全
https://www.ithome.com.tw/news/131901

趨勢科技在 Microsoft Azure Marketplace 上推出 Deep Security as a Service 雲端資安服務
http://bit.ly/2YZ9aA7

上海控安自研國內首款同時支持源代碼與二進製文件的漏洞掃描工具
https://www.aqniu.com/vendor/51398.html

Firefox follows in Chrome's footsteps and will mark all HTTP pages as 'not secure'
https://www.zdnet.com/article/firefox-follows-in-chromes-footsteps-and-will-mark-all-http-pages-as-not-secure/#ftag=RSSbaffb68

Google to remove Chrome's built-in XSS protection (XSS Auditor)
https://www.zdnet.com/article/google-to-remove-chromes-built-in-xss-protection-xss-auditor/#ftag=RSSbaffb68

Companies with zero-trust network security move toward biometric authentication
https://www.csoonline.com/article/3409785/companies-with-zero-trust-network-security-move-toward-biometric-authentication.html

Microsoft thrives on Android, iOS as bet away from Windows pays off
https://www.zdnet.com/article/microsoft-thrives-on-android-ios-as-bet-away-from-windows-pays-off/#ftag=RSSbaffb68

Hostinger web hosting review: Good support and a killer entry-level price
https://www.zdnet.com/article/hostinger-web-hosting-review-good-support-and-a-killer-entry-level-price/#ftag=RSSbaffb68

New Azure Marketplace Pay-As-You-Go Billing for Trend Micro Deep Security as a Service
https://blog.trendmicro.com/azuremarketplace/

Cloud-Based IoT Solutions: Responding to Traditional Limits and Security Concerns
https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/cloud-based-iot-solutions-responding-to-traditional-limits-and-security-concerns

G.政府
銓敘部59萬筆文官個資外洩 監委調查
https://news.ltn.com.tw/news/politics/breakingnews/2852408

公務禁購 華為、中興、海康威視上黑榜
https://ec.ltn.com.tw/article/paper/1304118

福衛七號傳回第一筆資料 7個月後開放免費使用
http://bit.ly/2O0s5cG

驚!台中出現中國海康威視監視器 議員促拆光
https://news.ltn.com.tw/news/politics/breakingnews/2856574

海康威視入侵台中市 台灣大道沿線幾乎全淪陷
https://news.ltn.com.tw/news/politics/breakingnews/2856723

高雄市議會也用中國監視器 黃捷嘆:早就提醒過了
https://news.ltn.com.tw/news/politics/breakingnews/2857235

貿易戰助攻 工研院:台灣資安產值明年估550億
https://udn.com/news/story/7240/3936290

本土業者驚爆:還有很多公部門裝「中國天網」
https://news.ltn.com.tw/news/politics/breakingnews/2857356

不止台中地下道 業者︰中國監視器 瓜分台1/3大餅
https://m.ltn.com.tw/news/politics/paper/1304358

標準及測試規範
https://www.taics.org.tw/Validation04.aspx?validateType_id=14

108年第1季資通安全技術報告ー開放下載
http://bit.ly/2SnyRYJ

H.ICS/SCADA 工控系統
Schneider Electric ProClima 緩衝區錯誤漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6824

研究人員披露了西門子ICS軟件中的漏洞
https://www.easyaq.com/news/2147307135.shtml

I.教育訓練
工程師好用資源來了!超完整 Python 查詢表,程式碼複製貼上不用自己寫
https://buzzorange.com/techorange/2019/07/16/github-python-resources/

SSRF漏洞Bypass技巧
https://zhuanlan.zhihu.com/p/73736127

Windows Registry Forensics: Investigating the Registry for Evidence
https://netseedblog.com/security/windows-registry-forensics-investigating-the-registry-for-evidence/

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
心理戰也沒在怕!臉書與卡內基美隆大學共同打造的AI機器人擊敗5名德州撲克專家
https://ithome.com.tw/news/131822

網絡安全﹕智能家居設備的安全風險
http://bit.ly/30E0U9e

智慧城市危機?趨勢總經理洪偉淦:萬物聯網,代表萬物皆可被駭
https://www.cw.com.tw/article/article.action?id=5096080

SparkLabs Taipei 第二屆 Demo Day,集結 AI、IoT、區塊鏈新創
https://technews.tw/2019/07/18/sparklabs-taipei-second-time-demo-day-for-startup/

How a Big Rock Revealed a Tesla XSS Vulnerability
https://www.bankinfosecurity.com/blogs/how-big-rock-revealed-tesla-xss-vulnerability-p-2772

Leak Confirms Google Speakers Often Record Without Warning
https://www.bankinfosecurity.com/blogs/leak-confirms-google-speakers-often-record-without-warning-p-2771

How Will Companies Deploy Industrial IoT Security Solutions
https://blog.trendmicro.com/how-will-companies-deploy-industrial-iot-security-solutions/

6.近期資安活動及研討會
 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 HackingThursday 固定聚會 7/25
 https://www.meetup.com/hackingthursday/events/vkhnnqyzkbhc/

 新加坡資安市場解密講座: 台灣資安浴血東南亞叢林戰鬥之起點-獅城站​  7/26
 https://ievents.iii.org.tw/eventS.aspx?t=0&id=547

 2019扭轉資安營運研討會  7/26
 https://www.netfos.com.tw/event/2019event/20190726netfos/20190726-NETFOS-seminar-reg.html

 CDX2.0推廣活動 - 台南場次  7/26
 https://nchc-cdx.kktix.cc/events/cdxactivity-0726

 Agile Hsinchu 七月聚會: 當領域驅動上了雲 7/27
 https://agilecommtw.kktix.cc/events/dddcloud

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 資安事故處理實務課程 8/7 ~ 8/8
 http://bit.ly/2VW0Lv9

 DEF CON 27  2019/8/8–8/11
 https://www.defcon.org/

 大數據軟體開發平台與AI(人工智慧)開發應用案例 8/9
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3805&from_course_list_url=homepage

 數位鑑識處理實務 8/14 ~ 8/15
 http://bit.ly/2VW0Lv9

 108 年度臺灣學術網路危機處理中心資安巡迴研討會 -資安趨勢暨網路安全概要  8/19 ~ 8/27
 http://www.hssh.tp.edu.tw/ezfiles/1/1001/attach/42/pta_17520_7551835_06329.pdf

 台灣駭客年會 HITCON Summer Training 2019 - 學生報名  2019-08-19 ~ 2019-08-22
 https://www.accupass.com/event/1906050919271598677460

 ᅵYahoo奇摩電商專題講座ᅵ 我們與詐騙的距離_電商不可承受的資安之重  8/21
 https://www.accupass.com/event/1906120307261445013215

 WEB應用滲透測試 8/21 ~ 8/23
 https://www.accupass.com/event/1904080221358963463590

 台灣駭客年會 HITCON Community 2019  2019-08-23(五) 09:00 ~ 2019-08-24(六) 17:00 (GMT+8)
 https://www.accupass.com/event/1906040921594609934250

 數位政府高峰會 2019  8/28
 https://egov.ithome.com.tw/

 ModernWeb 19  8/28 ~ 8/29
 https://modernweb.tw/

 資安法規與制度研析課程-108年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」  8/29 ~ 8/30
 http://www.cisanet.org.tw/News/activity_more?id=MTQzMw==

 108年資安職能訓練-行動裝置安全(8/29-8/30)
 https://cee.ksu.edu.tw/recruitinfo/1443.html

 2019 NGO 資安種子講師訓練 8/29
 https://ocftw.kktix.cc/events/cscs2019tot

 交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7
 https://hackercollege.nctu.edu.tw/?p=1079

 【AWS資安】Security Engineering on AWS​高級課程 9/9 ~ 9/11
 https://www.accupass.com/event/1905150854571147685105

 CDX2.0推廣活動 - 台北場次 9/10
 https://nchc-cdx.kktix.cc/events/cdxactivity-0910

 Kubernetes Summit 9/11
 https://summit.ithome.com.tw/kubernetes/

 資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21
 https://ithome.com.tw/pr/131772

 交通大學亥克書院-A011:入侵行為發覺與應變指南 9/21
 https://hackercollege.nctu.edu.tw/?p=1082

 TANET 2019 - 臺灣網際網路研討會  9/25
 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310

 交通大學亥克書院-B022:基礎網頁安全與滲透測試 9/28
 https://hackercollege.nctu.edu.tw/?p=1084

 HITB+ CYBER WEEK 2019/10/12 ~17
 https://d2p.hitb.org/

 交通大學亥克書院-A006:數位足跡追蹤與分析 10/19
 https://hackercollege.nctu.edu.tw/?p=1088

 Splunk .conf 19  10/21 ~ 10/24
 https://conf.splunk.com/

  AIoT智能物聯網開發人才就業養成班[免費諮詢]  10/22
 https://ittraining.kktix.cc/events/aiot-training-2019

 Industrial Control Systems (ICS) Cyber Security Conference  USA   October 21 – 24, 2019
 https://www.icscybersecurityconference.com

 交通大學亥克書院-A015:進階網頁滲透測試 10/26
 https://hackercollege.nctu.edu.tw/?p=1090

 交通大學亥克書院-P006:高階網頁滲透測試 11/16
 https://hackercollege.nctu.edu.tw/?p=1092

 交通大學亥克書院-B015:惡意程式檢測 11/30
 https://hackercollege.nctu.edu.tw/?p=1098

 交通大學亥克書院-A018:企業網域控管-Active Directory攻擊與防禦  12/14
 https://hackercollege.nctu.edu.tw/?p=1094

 Japan Security Analyst Conference
 https://jsac.jpcert.or.jp/

留言

這個網誌中的熱門文章

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/



8月份資安社群及教育訓練活動分享

8月份資安社群及教育訓練活動分享

 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/

 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/

 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/

5月份資安、社群活動分享

5月份資安、社群活動分享

 108年度資安初學者挑戰活動 (MyFirstCTF) 5/1 ~ 5/10 報名
 https://ais3.org/mfctf/

 HackingThursday 固定聚會  5/2
 https://www.meetup.com/hackingthursday/events/vkhnnqyzhbdb/

 Python 商務網站 * 極速學習 (2019春季 - 台北)  5/2
 https://cjltsod.kktix.cc/events/django-2019-spring-taipei

 國票金控「純網銀鯰魚與資安技術漣漪」日本樂天技術結合台灣AI 人工智慧發表會  5/2
 https://www.accupass.com/event/1904111400151860776797

 資安法 X 技術實務論壇  5/2
 https://csa.kktix.cc/events/csa190502

 國立交通大學 亥客書院 - 基礎網站安全建構實務  5/4
 https://hackercollege.nctu.edu.tw/?p=1045

 ISDA 白帽菁英萌芽計劃II 0505 
 https://reg.shield.org.tw/info.php?no=54

 Pwn入門  5/5
 https://hackersir.kktix.cc/events/fcu190505

 Elixir台灣 台北 Meetup # Monday, May 6, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/

 公部門之AI資安防護新思維研討會 5/7
 http://www.cisanet.org.tw/News/activity_more?id=MTQzOA==

 向資安服務看齊 我們一起讓資安從「有做」到「有效」  5/8 ~ 5/10
 https://www.informationsecurity.com.tw/Seminar/2019_all/

 資安危機 - 進擊的勒索加密軟體 2019-05-09(四) 14:45 ~ 17:00
 https://www.accupass.com/event/19041703435474776…