跳到主要內容

資安事件新聞週報 2019/8/5 ~ 2019/8/9






資安事件新聞週報  2019/8/5  ~  2019/8/9

1.重大弱點漏洞/後門/Exploit/Zero Day
PuTTY繼0.71版本修正8個高風險漏洞後,再次更新0.72版本
http://bit.ly/2YDMIM5

修補 Fortigate SSL VPN Web門戶中的不正當授權漏洞
https://ithelp.ithome.com.tw/articles/10212691

研究者警告:眾多Jira伺服器的錯誤配置,讓員工及專案資訊全曝光
https://www.ithome.com.tw/news/132265

研究人員發現可劫持數百萬Android裝置的高通晶片漏洞
https://www.ithome.com.tw/news/132291

DRAGONBLOOD新漏洞劫持WPA3密碼
https://www.4hou.com/vulnerable/19554.html

IBM WebSphere Application Server 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10960159
https://www-01.ibm.com/support/docview.wss?uid=ibm10888425

NVIDIA Patches High Severity Flaws in Windows GPU Display Driver
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/

NVIDIA顯卡驅動被曝5個高危漏洞官方建議升級最新版
http://www.elecfans.com/emb/dsp/201908041031073.html

VMWare 產品多個漏洞
https://www.vmware.com/security/advisories/VMSA-2019-0012.html


思科 Small Business 220 Series Smart Switches 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19080701

思科智慧網路交換器爆重大漏洞,可讓駭客執行指令攻擊、接管系統
https://www.ithome.com.tw/news/132310

Security bugs in popular Cisco switch brand allow hackers to take over devices
https://www.zdnet.com/article/security-bugs-in-popular-cisco-switch-brand-allow-hackers-to-take-over-devices/

Cisco Email Security Appliance 拒絕服務漏洞CVE-2018-15460
https://aliyunnew.com/a/CVE-2018-15460.html

Symantec Endpoint Protection Privilege Escalation
https://support.symantec.com/us/en/article.SYMSA1487.html

Symantec Endpoint Encryption Privilege Escalation
https://21d8286f-4cc4-4069-893f-156d70582d3a.cloudapp.net/us/en/article.SYMSA1485.html

Symantec Messaging Gateway Privilege Escalation
https://21d8286f-4cc4-4069-893f-156d70582d3a.cloudapp.net/us/en/article.SYMSA1486.html

Google Chrome privacy extensions (2019 edition)
https://www.zdnet.com/article/google-chrome-privacy-extensions/#ftag=RSSbaffb68

DHCP Client Remote Code Execution Vulnerability Demystified
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/dhcp-client-remote-code-execution-vulnerability-demystified/

Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/jet-database-engine-flaw-may-lead-to-exploitation-analyzing-cve-2018-8423/

What Is Mshta, How Can It Be Used and How to Protect Against It
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/what-is-mshta-how-can-it-be-used-and-how-to-protect-against-it/

New Dragonblood vulnerabilities found in WiFi WPA3 standard
https://www.zdnet.com/article/new-dragonblood-vulnerabilities-found-in-wifi-wpa3-standard/

漏洞多得補不完,微軟本月將關閉Windows 7、8上IE11的VBScript
https://www.ithome.com.tw/news/132294

CVE-2019-1125 | Windows Kernel Information Disclosure Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125

研究人員踢爆:微軟忽視RDP漏洞直至察覺它影響Hyper-V
https://www.ithome.com.tw/news/132337

Microsoft releases two new Windows 10 19H2 test builds
https://www.zdnet.com/article/microsoft-releases-two-new-windows-10-19h2-test-builds/#ftag=RSSbaffb68

Microsoft's newest Windows 10 20H1 test build tweaks network status page
https://www.zdnet.com/article/microsofts-newest-windows-10-20h1-test-build-tweaks-network-status-page/#ftag=RSSbaffb68

Microsoft Confirms New Windows CPU Attack Vulnerability, Advises All Users To Update Now
http://bit.ly/31jgUO0

Microsoft launches Azure Security Lab, expands bug bounty rewards
https://www.zdnet.com/article/microsoft-announces-azure-security-lab-azure-bug-bounty-expansion/#ftag=RSSbaffb68

New Windows hack warning: Patch Intel systems now to block SWAPGSAttack exploits
https://www.zdnet.com/article/new-windows-hack-warning-patch-intel-systems-now-to-block-swapgsattack-exploits/

安全漏洞潛伏十四年,你的Google 賬號還好嗎
http://ggycshw.com/forum.php?mod=viewthread&tid=434249

微軟成立Azure安全實驗室找出漏洞最高獎勵30萬美元
http://www.twoeggz.com/news/14926597.html

Why Software Patches Don't Fix Everything
https://www.forbes.com/sites/forbestechcouncil/2019/08/06/why-software-patches-dont-fix-everything/

CVE-2019-1125 “SWAPGS”是最新的Spectre漏洞
https://www.linuxidc.com/Linux/2019-08/159893.htm

Unpatched KDE vulnerability disclosed on Twitter
https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/#ftag=RSSbaffb68

KDE存在一個易於被利用的0DAY 漏洞影響廣泛
http://bit.ly/2YBaKfz

最新英特爾晶片出現駭客攻擊漏洞 windows使用者首先遭殃
https://news.cnyes.com/news/id/4365753

立即修補英特爾系統以阻止SWAPGS攻擊漏洞
http://www.gjfs.com.cn/keji/201908/080719995.html

SWIFT Alliance Web Platform 7.1.23  CVE-2018-16386
https://nvd.nist.gov/vuln/detail/CVE-2018-16386
https://gist.github.com/shiham101/8763642e768582e0182f92cd41c482ec

10秒就被盜?調查稱英國部分車輛無鑰匙系統存漏洞
https://news.sina.com.tw/article/20190808/32246116.html

想賺錢嗎?美國空軍發出懸賞鼓勵民間高手找漏洞
https://www.easyaq.com/news/2147307179.shtml

Android 多個漏洞
https://source.android.com/security/bulletin/2019-08-01

Google 安全團隊展示駭人漏洞!一條短訊就能入侵 IPhone
http://pc3mag.com/hackers-show-a-bug-that-can-inject-iphone-with-one-imessage-text/

黑帽大會揭露致命SSL VPN漏洞,臺資安研究員藉入侵Twitter喚醒企業重視漏洞修補
https://ithome.com.tw/news/132332

有 Bug!夢幻客機 787 爆系統漏洞,波音澄清飛安疑慮
https://www.inside.com.tw/article/17156-boeing-787-cyber-security-leak

Apple expands bug bounty to macOS, raises bug rewards
https://www.zdnet.com/article/apple-expands-bug-bounty-to-macos-raises-bug-rewards/#ftag=RSSbaffb68

Steam含有權限擴張漏洞,波及1億用戶
https://www.ithome.com.tw/news/132344

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
Akamai威脅研究﹕憑證填充攻擊及網絡釣魚仍是金融產業的最大威脅
https://money.udn.com/money/story/9529/3966143

金管會放行3間純網銀 民團提出3大質疑
https://m.ltn.com.tw/news/life/breakingnews/2872301

這 3 家全中!純網銀執照放榜,將對你的生活帶來哪些影響
https://finance.technews.tw/2019/08/04/online-bank-life/

【突破盲腸】 Visa 卡感應式付款漏洞,實現「真‧無限簽帳」
http://bit.ly/2YHQcx4

將來銀行 國家隊資安保證
https://ec.ltn.com.tw/article/paper/1307211

將來銀行 優先布建資安
https://money.udn.com/money/story/5648/3960390

將來銀行新團隊亮相 籌備處執行長劉奕成將專任董事
https://ec.ltn.com.tw/article/breakingnews/2870854

將來銀行目標2020年第2季開業,年底前要招募近百位IT人員
https://www.ithome.com.tw/news/132190

純網銀搶人大作戰 兩類人才爆紅
https://ctee.com.tw/news/finance/127829.html

金融業挫著等!罰鍰大幅拉高 金管會罰款收入預算創新高
https://www.ettoday.net/news/20181002/1271580.htm

台灣人壽攜手高雄榮總啟動「eClaim理賠區塊鏈」
https://www.chinatimes.com/realtimenews/20190731002625-260410?chdtv

蘋果信用卡細則出爐!禁止用戶越獄用
http://bit.ly/2KgVDil

Apple Card無法購買加密貨幣!高盛銀行協議曝光:賭場籌碼商品也禁買
https://www.ettoday.net/news/20190805/1505869.htm

IDEMIA宣佈RHB成為首家在東南亞推出MOTION CODE™信用卡的銀行
https://times.hinet.net/news/22489686

資安研究人員成功繞過Visa感應式卡片支付的刷卡金額限制
https://ithome.com.tw/news/132255

臺灣期貨交易所舉辦期貨商資訊安全人員及資安查核人員資通安全講座
http://tnr.com.tw/txtsemple.aspx?id=21352

期交所資通安全講座 吸引近百人參加
https://www.chinatimes.com/realtimenews/20190806003078-260410?chdtv

農發行福建省分行被罰35萬:客戶身份識別現漏洞
https://news.sina.com.tw/article/20190807/32226944.html

國泰世華銀行行動銀行將於8月18日更新版本至 6.10.0
https://www.cathaybk.com.tw/cathaybk/personal/news/announcement/2019/0805AnnounceInfo/

土地銀行Debit金融卡約定書約定條款修訂通知
https://www.landbank.com.tw/Bulletin/Detail/c39d6df2-9f57-47b1-9d49-aaa0003be37c

別傻了 信用卡掉了不是最危險
https://www.chinatimes.com/realtimenews/20190721001386-260410?chdtv

發生了什麼?威士萬事達或將退出俄羅斯
https://news.sina.com.tw/article/20190715/31967582.html

因應純網銀時代 德明培育金融專才
https://money.udn.com/money/story/5723/3976112

樂天網銀 2020 年第二季上線,將招募 100 人
https://finance.technews.tw/2019/08/02/lotte-online-banking-online-in-2020-q2/

香港港金管局澄清網路傳言 未將外匯存底借給中國大陸
https://www.ettoday.net/news/20190807/1507535.htm

新加坡金管局表示,2020年8月起金融業者須遵守六項新網路資安規範
http://bit.ly/2yLAPJd

Check Point:銀行惡意攻擊自2018年來提升50%
http://bit.ly/2MMmhBj

純網銀來了,沒有實體門市的銀行你敢用嗎?看懂LINE跟中華電信瞄準的背後商機
https://www.businessweekly.com.tw/article.aspx?id=26552&type=Blog

Visa Contactless Cards Vulnerable to Fraudsters: Report
https://www.bankinfosecurity.com/visa-contactless-cards-vulnerable-to-fraudsters-report-a-12867

Contactless Visa Card Vulnerability Can Trigger Fraud to Bypass Payment Limits
https://latesthackingnews.com/2019/08/02/contactless-visa-card-vulnerability-can-trigger-fraud-to-bypass-payment-limits/

Surveillance videos show alleged criminals attacking ATMs — and the crime is getting more common
https://www.cnbc.com/2019/08/01/atm-hack-attacks-caught-on-video.html

Lloyds Bank swipes Callsign deal to bolster cyber security
https://www.ft.com/content/02037454-a312-11e9-a282-2df48f366f7d

Only three global banks given top website security score by ImmuniWeb
https://www.zdnet.com/article/only-three-global-banks-given-top-website-security-score-by-immuniweb/

QR code scam can clean out your bank account
https://blog.malwarebytes.com/scams/2019/07/qr-code-scam-can-clean-out-your-bank-account/

Everything you need to know about ATM attacks and fraud: Part 1
https://blog.malwarebytes.com/101/2019/05/everything-you-need-to-know-about-atm-attacks-and-fraud-part-1/

Everything you need to know about ATM attacks and fraud: part 2
https://blog.malwarebytes.com/101/2019/08/atm-attacks-and-fraud-part-2/

No summer break for Magecart as web skimming intensifies
https://blog.malwarebytes.com/web-threats/2019/08/no-summer-break-for-magecart-as-web-skimming-intensifies/

How to get your Equifax money and stay safe doing it
https://blog.malwarebytes.com/awareness/2019/07/how-to-get-your-equifax-money-and-stay-safe/

Monzo admits to storing payment card PINs in internal logs
https://www.zdnet.com/article/monzo-admits-to-storing-payment-card-pins-in-internal-logs/#ftag=RSSbaffb68

We’ve fixed an issue that meant we weren’t storing some customers’ PINs correctly
https://monzo.com/blog/2019/08/05/weve-fixed-an-issue-storing-some-customers-pins

MAS Launches Sandbox Express for Faster Market Testing of Innovative Financial Services
https://www.mas.gov.sg/news/media-releases/2019/mas-launches-sandbox-express-for-faster-market-testing-of-innovative-financial-services

The Risk of Weak Online Banking Passwords
https://krebsonsecurity.com/2019/08/the-risk-of-weak-online-banking-passwords/

Ex-Secret Service Agent Tackles Banking Cybercrime
https://www.bankinfosecurity.com/interviews/ex-secret-service-agent-tackles-banking-cybercrime-i-4410

State Farm Investigates Credential-Stuffing Attack
https://www.bankinfosecurity.com/state-farm-investigates-credential-stuffing-attack-a-12893

3.電子支付/電子票證/行動支付/ pay/新聞及資安
行動支付「7pay」推1天就遭盜刷!9/30收攤
http://bit.ly/339hpvX

歐盟與伊朗支付系統完成首單俄羅斯稱中國也有意加入
http://news.dwnews.com/global/news/2019-07-29/60143115.html

上海盛付通電子支付服務有限公司“違反支付業務規定”近兩年被罰十多次
http://www.shanghai12345.com/html/2019/xinwen_0731/3710.html

香港第三方支付廠商AsiaPay進軍臺灣,要搶攻大型跨境電商交易市場
https://ithome.com.tw/news/132110

專注於電子商務的區塊鏈,aBey活躍用戶增長驚人
https://www.businesswirechina.com/hk/news/41200.html

中國女留學生因盜刷日本7-11手機支付被捕
https://zh.cn.nikkei.com/politicsaeconomy/politicsasociety/36439-2019-07-12-13-10-14.html

4天就壽終正寢的電子支付,日本小七慘痛經驗
https://www.storm.mg/article/1572832?srcid=73746f726d2e6d675f63373766396366313733396365313337_1565324565

聯準會擬推即時支付系統
https://www.chinatimes.com/realtimenews/20190806001183-260410?chdtv

Fed 推 24 小時即時支付系統「FedNow」,最快 2023 上線
https://buzzorange.com/techorange/2019/08/06/fed-now-the-fed-is-getting-into-the-real-time-payments-business/

Fed將推出即時支付系統?加密貨幣社群:比特幣早已實現這點
http://news.knowing.asia/news/e4047a33-2012-40a4-a399-a6a21e0ea0ae

新加坡的金融服務和電子支付公司必須遵循明年8月的新網絡安全規則
http://www.orgs.one/show/833165

一卡通電子支付機構業務定型化契約修訂
https://www.ptt.cc/bbs/MobilePay/M.1565105702.A.62D.html

掃碼支付規格整合將帶來新氣象
http://bit.ly/2MKS6e3

一中國男子涉嫌盜刷7pay被岐阜警方逮捕
https://tchina.kyodonews.net/news/2019/08/ab6b98937a45-7pay.html

HUAWEI Pay 正式宣布在港推出!挑機 Apple、Samsung
http://bit.ly/33jRstx

Google Pay、Apple Pay、Line Pay、台灣Pay、街口支付0800免費客服電話、受理時間整理
https://www.cool3c.com/article/146819

Mastercard以32億美元買下Nets的即時支付平台
https://www.ithome.com.tw/news/132300

CLS歡迎首位加入CLS結算服務的中國第三方銀行
http://bit.ly/2OJUHaM

點數平台牽手FinTech 助力商家拿回數據自主權
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&id=0000565816_ab49e8mw06uaor7gmkrve

兩家支付公司卡殼:新疆一卡通停止業務 天下支付懸而未決
https://news.sina.com.tw/article/20190808/32246892.html

The Threat of Online Skimming to Payment Security
https://blog.pcisecuritystandards.org/the-threat-of-online-skimming-to-payment-security

THE THREAT OF ONLINE SKIMMING TO PAYMENT SECURITY
https://www.pcisecuritystandards.org/pdfs/PCISSC_Magecart_Bulletin_RHISAC_FINAL.pdf

Soon You Might Not Need An Internet Connection to Make Payments Using WeChat
http://fintechnews.hk/9829/mobilepayment/wechat-offline-payments-flight/

4.虛擬貨幣/區塊鍊   新聞及資安
比特幣支付未死,閃電網路成為新創公司的新戰場
http://news.knowing.asia/news/a6fa9bd4-d756-41fa-a8cb-da3f6697a7ba

NTWD上線交易所,以後夜市小吃也能直接用密碼貨幣買單
https://www.bnext.com.tw/article/54085/ntwd-ego

MaiCoin實體店面紮根台灣 邀證期局喝咖啡
https://www.chinatimes.com/realtimenews/20190716004178-260410?chdtv

MaiCoin從虛擬走向實體門市,將提供三大項服務
http://bit.ly/2yBkd70

央行成立專案小組 關切比特幣、臉書幣發展
https://ec.ltn.com.tw/article/breakingnews/2855142

遭駭客攻擊後的幣安....上半年過得好嗎
http://news.knowing.asia/news/a7f75b73-ad41-4fde-95c2-10d63df9dcec

幣寶日本(Bitpoint Japan)遭駭後重啟交易服務,今日將開啟法幣出入金
https://www.blocktempo.com/japanese-crypto-exchange-bitpoint-restarting-trade-services/

北韓政府利用駭客,竊取交易所近 430 億台幣加密貨幣:用來資助大規模殺傷性武器
https://www.blocktempo.com/north-korea-stole-2-billion-in-crypto-and-fiat-to-fund-weapons-programs/

北韓四度射彈!路透:駭客網攻偷走638億
https://news.tvbs.com.tw/world/1178990

BitPoint在遭黑客攻擊後恢復交易服務
https://www.fxshell.com/article/40884

加密貨幣浪潮席捲全球!亞洲地區的這些國家正在推出「城市幣」
http://news.knowing.asia/news/2a341704-0866-4326-91d8-7513df00e3fb

幣安與"KYC黑客"談判疑似曝光:可能是內部人士泄密
https://news.sina.com.tw/article/20190808/32240306.html

幣安KYC勒索事件追蹤:駭客親自現身說法
https://www.ptt.cc/bbs/DigiCurrency/M.1565259423.A.77E.html

幣安回應信息泄露:曾遭勒索300枚BTC 現懸賞征線索
https://news.sina.com.tw/article/20190807/32237092.html

「帥過頭」遭爆虛擬貨幣割韭菜,誆人投資卻遲不上架
https://www.inside.com.tw/article/17155-Taiwan-real-estate-investors-are-suspected-of-virtual-currency-fraud

交易所面臨多重安全隱患 越賺錢越必須捨得花錢
https://news.sina.com.tw/article/20190808/32246184.html

ShapeShift解決了KeepKey硬件錢包的漏洞
http://chainb.com/?P=Cont&id=17370

North Carolina county falls for BEC scam, to the tune of $1,728,083
https://nakedsecurity.sophos.com/2019/08/01/north-carolina-county-falls-for-bec-scam-to-the-tune-of-1728083/

Binance KYC Data Leak — Crypto Exchange Sets $290,000 Bounty On Blackmailer
https://thehackernews.com/2019/08/binance-kyc-data-leak.html


5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
程式碼竟有中文字!有毒軟體「Winnti」入侵德國百大企業 攻擊敏感產業
https://cnews.com.tw/140190804a02/

挖礦木馬WatchBog新變種來襲,利用多款工具新漏洞
https://www.4hou.com/web/19421.html

黑客瞄準移動銀行應用 惡意程式攻擊大增5成
http://bit.ly/2YDGhs9

Proofpoint揭露新的代理惡意程式SystemBC
https://www.ithome.com.tw/news/132243

網絡安全:破解勒索軟件 備份工夫要足
http://bit.ly/2YHF5Z8

紐約一私人院校 遭黑客勒索200萬
http://www.epochtimes.com/b5/19/7/12/n11380144.htm

免費的最貴! 男欲看國中生迷片 遭惡意連結鎖哀鳳勒索
https://www.ettoday.net/news/20190805/1506359.htm

廣告程式DealPly濫用微軟及McAfee服務來躲避偵測
https://ithome.com.tw/news/132262

IBM:破壞性惡意軟體攻擊數過去半年來暴增二倍
https://www.ithome.com.tw/news/132283

AT&T員工收受賄賂,在公司網路植入惡意軟體
https://www.zdnet.com/article/at-t-employees-took-bribes-to-plant-malware-on-the-companys-network/

2019 年 9 款 免費防毒軟體下載 總整理、介紹、推薦
https://www.kocpc.com.tw/archives/273273

新的Echobot殭屍網​​路變種使用超過50個漏洞進行傳播
https://www.bleepingcomputer.com/news/security/new-echobot-botnet-variant-uses-over-50-exploits-to-propagate/

AT&T employees took bribes to plant malware on the company's network
https://www.zdnet.com/article/at-t-employees-took-bribes-to-plant-malware-on-the-companys-network/

금성121 조직, 라자루스로 위장한 APT '이미테이션 게임' 등장
https://blog.alyac.co.kr/2453

MegaCortex Returns
https://blogs.quickheal.com/megacortex-returns/

Rocke’in the NetFlow
https://unit42.paloaltonetworks.com/rockein-the-netflow/

Zegost from Within – New Campaign Targeting Internal Interests
https://www.fortinet.com/blog/threat-research/zegost-campaign-targets-internal-interests.html

GermanWiper ransomware hits Germany hard, destroys files, asks for ransom
https://www.zdnet.com/article/germanwiper-ransomware-hits-germany-hard-destroys-files-asks-for-ransom/#ftag=RSSbaffb68

DealPly adware abuses Microsoft, McAfee services to evade detection
https://www.zdnet.com/article/dealply-adware-abuses-microsoft-mcafee-services-to-evade-detection/#ftag=RSSbaffb68

New Windows malware sets up proxies on your PC to relay malicious traffic
https://www.zdnet.com/article/new-windows-malware-sets-up-proxies-on-your-pc-to-relay-malicious-traffic/#ftag=RSSbaffb68

New Mirai botnet lurks in the Tor network to stay under the radar
https://www.zdnet.com/article/new-mirai-botnet-lurks-in-the-tor-network-to-stay-under-the-radar/#ftag=RSSbaffb68

WARNING: 250 Million Account Trojan Can Disable Windows Defender
https://www.partitionwizard.com/partitionmagic/250m-account-trojan-can-disable-windows-defender-006.html

Laut Kaspersky waren 2019 430.000 Menschen von finanzieller Malware betroffen
https://todotech20.com/ge/laut-kaspersky-waren-2019-430-000-menschen-von-finanzieller-malware-betroffen/

Hackers use SystemBC Malware to Hide C&C Server Communication by Deploying Proxies on Infected Computer
https://threatravens.com/hackers-use-systembc-malware-to-hide-cc-server-communication-by-deploying-proxies-on-infected-computer/

SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits
https://www.proofpoint.com/us/threat-insight/post/systembc-christmas-july-socks5-malware-and-exploit-kits

Check Point: number of mobile banking attacks doubled in a year
https://www.anti-malware.name/news/check-point-number-of-mobile-banking-attacks-doubled-in-a-year/

ESET takes deep dive into Latin American banking trojans, starting with new Amavaldo malware family
https://www.eset.com/int/about/newsroom/press-releases/research/eset-takes-deep-dive-into-latin-american-banking-trojans-starting-with-new-amavaldo-malware-family-1/

Fiendish Amavaldo banking trojan strikes in Mexico after targeting Brazilians
https://www.scmagazine.com/home/security-news/cybercrime/fiendish-amavaldo-banking-trojan-strikes-in-mexico-after-targeting-brazilians/

THIS MALWARE IS STEALING MONEY FROM BANKS IN MEXICO AND BRAZIL
https://www.securitynewspaper.com/2019/08/01/this-malware-is-stealing-money-from-banks-in-mexico-and-brazil/

Banking Trojan Disables Windows Defender
https://tweaklibrary.com/how-banking-trojan-disables-windows-defender-on-windows-10/

Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info
https://www.bleepingcomputer.com/news/security/trickbot-trojan-gets-icedid-proxy-module-to-steal-banking-info/

2019-08-02 - DATA DUMP: TWO EXAMPLES OF RIG EK
https://www.malware-traffic-analysis.net/2019/08/02/index2.html

2019-08-02 - QUICK POST: LORD EK SENDS ERIS RANSOMWARE
https://www.malware-traffic-analysis.net/2019/08/02/index.html

2019-08-01 - NEWLY-DISCOVERED LORD EXPLOIT KIT
https://www.malware-traffic-analysis.net/2019/08/01/index.html

A cyber-espionage group has been stealing files from the Venezuelan military
https://www.zdnet.com/article/a-cyber-espionage-group-has-been-stealing-files-from-the-venezuelan-military/#ftag=RSSbaffb68

Sharpening the Machete
https://www.welivesecurity.com/2019/08/05/sharpening-machete-cyberespionage/

Virus Bulletin researcher discovers new Lord exploit kit
https://www.virusbulletin.com/blog/2019/08/virus-bulletin-researcher-discovers-new-lord-exploit-kit/

Clop Ransomware
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/clop-ransomware/

Say hello to Lord Exploit Kit
https://blog.malwarebytes.com/threat-analysis/2019/08/say-hello-to-lord-exploit-kit/

Exploit kits: summer 2019 review
https://blog.malwarebytes.com/threat-analysis/2019/07/exploit-kits-summer-2019-review/

MegaCortex ransomware slams enterprise firms with $5.8 million blackmail demands
https://www.zdnet.com/article/megacortex-ransomware-slams-eu-firms-with-demands-of-up-to-5-8-million/#ftag=RSSbaffb68

New version of MegaCortex targets business disruption
https://www.accenture.com/us-en/blogs/blogs-megacortex-business-disruption

MegaCortex Ransomware Demands Millions From Victims
https://www.bankinfosecurity.com/megacortex-ransomware-demands-millions-from-victims-a-12872

Latest Trickbot Campaign Delivered via Highly Obfuscated JS File
https://blog.trendmicro.com/trendlabs-security-intelligence/latest-trickbot-campaign-delivered-via-highly-obfuscated-js-file/

LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks
https://blog.trendmicro.com/trendlabs-security-intelligence/lokibot-gains-new-persistence-mechanism-uses-steganography-to-hide-its-tracks/

Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections
https://threatpost.com/gwmndy-botnet-proxy-connections/146963/

New Lord Exploit Kit Pushes njRAT and ERIS Ransomware
https://www.bleepingcomputer.com/news/security/new-lord-exploit-kit-pushes-njrat-and-eris-ransomware/

New Windows malware can also brute-force WordPress websites
https://www.zdnet.com/article/new-windows-malware-can-also-brute-force-wordpress-websites/#ftag=RSSbaffb68

LokiBot malware now hides its source code in image files
https://www.zdnet.com/article/lokibot-information-stealer-now-hides-malware-in-image-files/#ftag=RSSbaffb68

How a Prominent Cryptomining Botnet is Paving the Way for a Lucrative and Illicit Revenue Model
https://www.carbonblack.com/wp-content/uploads/2019/08/Carbon-Black-Access-Mining.pdf

Smominru hijacks half a million PCs to mine cryptocurrency, steals access data for Dark Web sale
https://www.zdnet.com/article/new-cryptojacking-campaign-strikes-half-a-million-pcs/#ftag=RSSbaffb68

MoqHao Related Android Spyware Targeting Japan and Korea Found on Google Play
http://bit.ly/2ZIOTPL

Tricky Chinese-Targeted Trojan Bypasses Authentication
https://www.fortinet.com/blog/threat-research/chinese-targeted-trojan-analysis.html

Trojan targets news website with watering hole attack to backdoor your PC
https://www.zdnet.com/article/tricky-trojan-targets-news-website-to-backdoor-your-pc/#ftag=RSSbaffb68

Windows malware strain records users on adult sites
https://www.zdnet.com/article/windows-malware-strain-records-users-on-adult-sites/#ftag=RSSbaffb68

Three ads generate 5.5 times more revenue than a web-based cryptojacking script
https://www.zdnet.com/article/three-ads-generate-5-5-times-more-revenue-than-a-web-based-cryptojacking-script/#ftag=RSSbaffb68

Baldr Credential-Stealing Malware Targets Gamers
https://www.bankinfosecurity.com/baldr-credential-stealing-malware-targets-gamers-a-12892

Are You Ready for Malware-as-a-Service
https://www.symantec.com/blogs/expert-perspectives/are-you-ready-malware-service



B.行動安全 / iPhone / Android /穿戴裝置 /App
智慧型手機系統內建軟體資安檢測指引
https://www.ncc.gov.tw/chinese/gradation.aspx?site_content_sn=5091&is_history=0

蘋果將向安全人員提供特別版iPhone 用來尋找bug
https://news.sina.com.tw/article/20190806/32215058.html

「抖音」是中共的網路間諜?談短片App資安爭議
https://opinion.udn.com/opinion/story/120611/3973187

研究員將在Black Hat 2019上展示偽冒5G基地台技術
https://www.secrss.com/articles/12736

採用Linux作業系統的Librem 5,讓你完全掌握手機自主權
https://www.techbang.com/posts/71926-librem-5-with-linux-operating-system-gives-you-full-control-of-your-phone

不爽被抽30%!交友軟體Tinder新付費流程「繞過」Google Play
https://udn.com/news/story/7088/3946272

受賄百萬!AT&T員工供駭客解鎖200萬支手機
https://news.wearn.com/c292633.html

創紀錄!蘋果砸3千萬邀請「賞金獵人」抓手機漏洞
https://ec.ltn.com.tw/article/breakingnews/2879286

Slack 增強資安防護程度,希望吸引有一定要求的企業青睞
https://technews.tw/2019/08/08/slack-improve-security-feature-give-admin-more-power-to-attract-business-with-certain-standard/

What’s App爆資安漏洞 用戶對話恐遭變造
https://news.cts.com.tw/cts/life/201908/201908081970543.html

WhatsApp現安全漏洞能竄改訊息
https://news.now.com/home/international/player?newsId=358410

40款APP被點名批評整改 靠啥保護個人信息和隱私
https://news.sina.com.tw/article/20190803/32186984.html

Face ID安全性破功!只要戴上貼著黑色膠帶的眼鏡  使用者昏迷也可解鎖手機
https://www.ettoday.net/news/20190809/1509497.htm

New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking
https://thehackernews.com/2019/08/android-qualcomm-vulnerability.html

QualPwn vulnerabilities in Qualcomm chips let hackers compromise Android devices
https://www.zdnet.com/article/qualpwn-vulnerabilities-in-qualcomm-chips-let-hackers-compromise-android-devices/#ftag=RSSbaffb68

New FAA app allows drone operators to check air space before they fly
https://www.zdnet.com/article/new-faa-app-allows-drone-operators-to-check-air-space-before-they-fly/#ftag=RSSbaffb68

Five Eyes nations demand access to encrypted messaging
https://nakedsecurity.sophos.com/2019/08/01/five-eyes-nations-demand-access-to-encrypted-messaging/

Facebook Sues Two Android App Developers for Click Injection Fraud
https://thehackernews.com/2019/08/facebook-ads-click-injection.html

Black Hat 2019 – WhatsApp Protocol Decryption for Chat Manipulation and More
https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/

Decade-old remote code execution bug found in phones used by Fortune 500
https://www.zdnet.com/article/decade-old-remote-code-execution-bug-found-in-phone-used-by-up-to-90-percent-of-fortune-500/#ftag=RSSbaffb68

C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
2019年7月十大資安新聞
https://www.ithome.com.tw/news/132282

新州TAFE系統遭駭 近30人工資發放卡殼
http://www.epochtimes.com/b5/19/8/9/n11441687.htm

回顧歷年針對未修補系統的攻擊
https://blog.trendmicro.com.tw/?p=61388

24小時內建立600個詐騙帳號! ERP漏洞沒修補,62所美國大專院校遇駭
https://blog.trendmicro.com.tw/?p=61485

玩家遊戲作弊出奇招:用DDoS攻擊來獲勝、一拳不發就讓你輸掉全局
https://www.techbang.com/posts/72076-play-the-game-with-ddos-attack-to-win-but-also-steal-your-money-spread-to-the-network

IBM展示最新軍艦攻擊,直接寄送具網路攻擊能力的實體裝置到目標企業
https://www.ithome.com.tw/news/132327

淘寶都關事?網傳阿里巴巴暗植入程式線上監控用戶 專家教檢查瀏覽器+移除方法
http://bit.ly/2YLOxL3

工程師注意!5 種程式語言未來可能會消失
https://technews.tw/2019/08/07/5-programming-languages-might-extinct/

6成網攻來自陸!台灣59萬筆公僕個資外洩只是一角
https://www.chinatimes.com/realtimenews/20190804002119-260410?chdtv

公司自動監控設備留「漏洞」 涉偽造監測數據被查
https://news.sina.com.tw/article/20190805/32209704.html

比瀏覽器綁架更惡劣!中國網友發現家中電腦的 Chrome 竟被「託管」、別人可遠端更改他的設定
https://www.techbang.com/posts/71988

打假訊息 英陸軍重啟第6師編制
https://www.ydn.com.tw/News/346895

美國政略統籌下的網軍軍事戰略
https://mp.weixin.qq.com/s/7ybAHkQ-AR-f63EQ22AAnw

南華早報:遭中國「邊控」人士恐逾百萬
https://news.ltn.com.tw/news/world/breakingnews/2875025

中國駭客又出手 歐洲宗教自由論壇遭攻擊、影片惡意刪除
https://news.ltn.com.tw/news/world/breakingnews/2875355

監控挨轟 哈薩克取消安裝網路憑證規定
https://money.udn.com/money/story/5599/3976097

據報北韓藉網絡攻擊竊取資金 發展大規模殺傷武器
http://bit.ly/2YOE15z

聯合國密報:北韓駭客入侵交易所 獲益至少20億美金「作為核武資金」
https://www.ettoday.net/news/20190806/1506700.htm

大陸財經:招商銀行等三家中資銀行遭美點名涉北韓核計畫籌資交易
http://bit.ly/2YP3cVC

微軟:俄國駭客使用IoT裝置入侵企業網路
https://www.ithome.com.tw/news/132271

玩真的!美正式落實禁購華為 這些陸企也中槍
https://www.chinatimes.com/realtimenews/20190808001426-260408?chdtv

誇張!中國御用駭客私下「兼職」 勒索民間企業、消費者
https://news.ltn.com.tw/news/world/breakingnews/2877649

陸駭客組織APT41肆虐 雇用16歲以下青少年
https://www.chinatimes.com/realtimenews/20190808004585-260409?chdtv

火眼點名中共駭客團體APT41 :間諜、商業犯罪雙管齊下 14個國家港台媒體都曾「被駭」
http://bit.ly/2YD1ebw

火眼:中共駭客「兼職」商業犯罪勒索私企
https://www.ntdtv.com/b5/2019/08/07/a102639664.html

不只北韓,中國也暗地支持駭客組織?資安報告揭示:間諜機構在配合中國的「五年計劃」
https://www.blocktempo.com/state-sponsored-chinese-hacking-group-is-targeting-crypto-firms-report/

疑似伊朗駭客侵入巴林關鍵基礎設施和政府電腦系統
https://on.wsj.com/31rPHZH

中越破獲特大跨境網路賭博案 自越南緝捕解回77人
https://news.sina.com.tw/article/20190729/32125006.html

Threat Research APT41: A Dual Espionage and Cyber Crime Operation
https://www.fireeye.com/blog/threat-research/2019/08/apt41-dual-espionage-and-cyber-crime-operation.html

Chinese hacker group that works for both Beijing and personal gain identified
https://www.ft.com/content/965ceffc-b8ea-11e9-8a88-aa6628ac896c

North Korea reportedly stole $2B in wave of cyber attacks
https://www.zdnet.com/article/north-korea-reportedly-stole-2b-in-wave-of-cyber-attacks/#ftag=RSSbaffb68

Cobalt Group Returns To Kazakhstan
https://research.checkpoint.com/cobalt-group-returns-to-kazakhstan/

Massive Magecart attack campaign breaches over 960 e-commerce stores
https://cyware.com/news/massive-magecart-attack-campaign-breaches-over-960-e-commerce-stores-548f3605
http://bit.ly/2YO6mJd
https://gist.github.com/gwillem/5d936f5a84837d5c1dcb488ce256294a

It’s Time to Tear Up Lockheed’s Cyber Kill Chain, Says Carbon Black
https://www.cbronline.com/news/cyber-kill-chain-carbon-black

A dismal industry: The unsustainable burden of cybersecurity
https://www.zdnet.com/article/a-dismal-industry-the-unsustainable-burden-of-cyber-security/#ftag=RSSbaffb68

Official Cybersecurity Review Finds U.S. Military Buying High-Risk Chinese Tech (Updated)
https://www.forbes.com/sites/zakdoffman/2019/08/02/u-s-military-spends-millions-on-dangerous-chinese-tech-with-known-cyber-risks/

US military purchased $32.8m worth of electronics with known security risks
https://www.zdnet.com/article/us-military-purchased-32-8m-worth-of-electronics-with-known-security-risks/#ftag=RSSbaffb68

Microsoft: Russia Probes Office Printers, VOIP Phones
https://www.bankinfosecurity.in/microsoft-russia-probes-office-printers-voip-phones-a-12875

LookBack Mlaware Cyberattacks Target U.S. Utilities Sector
https://www.msspalert.com/cybersecurity-breaches-and-attacks/phishing/lookback-malware-targets-us-utilities/

KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files
https://thehackernews.com/2019/08/kde-desktop-linux-vulnerability.html

New ‘warshipping’ technique gives hackers access to enterprise offices
https://www.zdnet.com/article/new-warshipping-technique-gives-hackers-access-to-enterprise-offices/#ftag=RSSbaffb68

Exclusive: High-security locks for government and banks hacked by researcher
https://reut.rs/2M58BC4

North Korean Hacking Funds WMD Programs, UN Report Warns
https://www.bankinfosecurity.com/north-korean-hacking-funds-wmd-programs-un-report-warns-a-12884

資安工程師(客戶 : 政府公共事業) NEC (台灣恩益禧股份有限公司)
https://www.cakeresume.com/companies/nec/jobs/993c50?locale=ko

軟體專案工程師(R&D Project Manager)
https://www.104.com.tw/job/6p1uq

資安維運工程師 Security Operations Engineer (SecOps)
https://www.104.com.tw/job/6p2ar

AT-台灣最大資安公司找約聘測試工程師
https://www.cakeresume.com/companies/recruit-express-f52d7b/jobs/700a7e.amp?locale=ko

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
網路詐騙如何巧妙地讓你上鉤?網路詐騙的最新手段及6種對策
https://blog.trendmicro.com.tw/?p=60974

利用未成年少年充當車手 台東警破獲網路購物詐騙集團
https://www.ettoday.net/news/20190804/1505586.htm

亞馬遜前員工被控盜取Capital One 1億多客戶數據 AWS安全性遭質疑
https://news.sina.com.tw/article/20190802/32180540.html

E3遊戲展官網出現安全漏洞 2000多位記者信息遭洩露
https://pttnews.cc/01b434bba7

雲南嚴打欺詐騙保 上半年追回醫保基金6000餘萬元
https://news.sina.com.tw/article/20190802/32179998.html

黑客組織用假谷歌域名註入多網卡側取器竊取數據
https://www.cnbeta.com/articles/tech/872299.htm

釣魚詐騙手法提醒
https://www.citibank.com.tw/global_docs/chi/pressroom/press_20190725.htm

【跨境賣銀行卡】流入東南亞電訊詐騙集團 主犯:目標月賺$113萬
https://hk.news.appledaily.com/china/realtime/article/20190726/59867019

新北警:假監管帳戶 詐騙簡訊騙個資
http://bit.ly/2YBvI9a

前男友雲端藏客戶個資 女向遠傳檢舉身分竟暴露
https://tw.news.appledaily.com/local/realtime/20190805/1611331/

歹徒冒邊境局官員 圖騙取SIN卡號碼 一般手法隨機發電郵或打電話
https://www.mingpaocanada.com/tor/htm/News/20190803/tda1_r.htm

盜用健保卡5年虧175萬!他詐90萬醫療費成史上最高
https://fnc.ebc.net.tw/FncNews/life/93723

信用卡加油奇案!她離開15分鐘竟被盜刷 怒告下一名無辜顧客
https://tw.appledaily.com/new/realtime/20190721/1599166/

有100萬張南韓的支付卡資訊在黑市求售
https://www.ithome.com.tw/news/132244

球鞋轉售平台 StockX 遭駭客竊取超過 680 萬筆會員個資
https://hypebeast.com/zh/2019/8/stockx-password-reset-suspicious-activity

Akamai 2019年互聯網安全報告:66%網路釣魚域直接瞄準消費者
https://news.sina.com.tw/article/20190805/32206810.html

中國新型騙局特製品·“充電寶”盜手機信息
https://www.sinchew.com.my/content/content_2091797.html

調查局籲請民眾慎防手機簡訊詐騙
https://www.chinatimes.com/realtimenews/20190718001617-260402?chdtv

加拿大邊境服務局指 有騙徒冒認局方人員索取個人資料
http://bit.ly/2GMcXtC

Capital One泄私隱 加律師行提集體訴訟
http://www.mingpaocanada.com/Tor/htm/News/20190804/tdc1_r.htm

沒訂貨卻收「快遞包裹已發」簡訊 刑事局:詐騙集團釣魚手法
http://bit.ly/33arl8u

IT高手Gumtree上賣電腦 遭詐騙
http://www.epochtimes.com/b5/19/8/5/n11431518.htm

假網拍騙訂金 台東破獲網路詐騙集團
http://www.ksnews.com.tw/index.php/news/contents_page/0001290034

驚!國泰航空證實:用機上攝影機掌握乘客一舉一動
https://udn.com/news/story/6809/3972187

她幫同事辦信用卡,偷記密碼盜刷3萬
https://www.pearvideo.com/video_1586610

警籲換手機慎防個資外洩
http://bit.ly/2Zzc26V

詔安:撿到熟人信用卡騙取密碼多次盜刷
http://zzpd.fjsen.com/2019-07/30/content_22555724.htm

[北部] 偵破蕭○○為首及陳○○為首共14人信用卡網路盜刷集團
http://www.8news.net/thread-1392-1-1.html

偵破蕭○○為首及陳○○為首共14人信用卡網路盜刷集團
https://www.cib.gov.tw/News/Detail/40458

刑事局偵破信用卡網路盜刷 逮2集團14人
https://news.tvbs.com.tw/local/1172945

信用卡盜刷集團入侵 知名購物網、電信公司損失百萬
http://photo.udn.com/money/story/5648/3952755

電商平台未綁定3D認證 成盜刷集團肥羊
https://www.ttv.com.tw/news/view/10807260026000N/575

網購信用卡資料 2集團網路盜刷200多萬被查獲
https://m.ltn.com.tw/news/society/breakingnews/2864862

收到短訊指卡被盜用女子無故欠1千6卡債
http://news.seehua.com/?p=468350

洛縣法院遭釣魚攻擊 肇事者恐判350年
http://www.epochtimes.com/b5/19/7/27/n11412317.htm

2高中生用偽鈔買東西!得不償失
https://news.ltn.com.tw/news/society/breakingnews/2875585

偽裝訂房網信送回饋金! 民輸入卡號遭盜刷
https://news.tvbs.com.tw/local/1173063

客製化T恤網站CafePress外洩2,300萬名用戶資料
https://ithome.com.tw/news/132278

線上球鞋交易平台Stock X驚傳駭客入侵 600萬客戶資料被竊取
https://cnews.com.tw/140190806a04/

什麼是「橫向網路釣魚」(lateral phishing)
https://blog.trendmicro.com.tw/?p=61367

騰訊發佈網路詐騙治理報告:90後成被騙主要對象,中老年被騙錢最多
https://www.ithome.com/0/437/708.htm

上海姑娘好心幫「半個老鄉」轉帳 竟成詐欺犯
https://tw.news.appledaily.com/local/realtime/20190807/1612735/

1千元買個資 這些人瘋狂盜刷3百萬
http://bit.ly/2yH9qZ3

飯店服務生翻拍4客人信用卡 上網冒用消費2萬多
https://money.udn.com/money/story/12524/3952416

臉書遇假故友借錢 銀行員偕員警成功攔詐
https://www.cna.com.tw/news/asoc/201908070101.aspx

烏龍盜刷案 警研判機器出現bug
https://news.ltn.com.tw/news/society/paper/1305002

台中加油站離奇盜刷!女刷卡竟無辜被告 中信銀回應了
https://www.ettoday.net/news/20190722/1495448.htm

臉書 越被罵越賺錢 利用個資遭重罰 轉型面臨難題
https://tw.finance.appledaily.com/daily/20190807/38411976/

可惡!任達華遇刺 網竟冒詐騙「借手術費」
http://bit.ly/2MNiljR

宅急騙!詐團偽造黑貓 偷用戶個資騙百億
https://fnc.ebc.net.tw/FncNews/video/92732

Uber誤收100倍車資 信用卡公司發詐騙警告乘客才知
https://hk.news.appledaily.com/international/realtime/article/20190719/59839278

惡劣竊賊! 專偷騎士錢包 盜刷信用卡
https://www.ttv.com.tw/news/view/10808070014300N/568

製偽卡盜刷 竹聯孝堂大老儲著光遭起訴
https://www.chinatimes.com/realtimenews/20190717001535-260402?chdtv

【住宿】 Booking.com信用卡資料這樣外流的
https://www.backpackers.com.tw/forum/showthread.php?t=10308224

50萬乘客資訊被盜 英航被罰1.83億鎊
http://www.epochtimes.com/b5/19/7/12/n11381990.htm

馬來西亞國防部遭盜用名義發信銀行職員
http://bit.ly/2yNio6Y

FBI發布網路約會詐騙警告
https://ithome.com.tw/news/132296

不法分子冒充國際刑警詐騙老人 被銀行員工成功阻止
https://news.sina.com.tw/article/20190801/32160336.html

上海市電信網路詐騙案件立案數同比下降30.2%
https://news.sina.com.tw/article/20190803/32189634.html

兩年非法獲利2400萬 禮品卡詐騙集團被檢控
http://bit.ly/2OLJ17q

土耳其中國公民遭遇婚戀詐騙 中領館吁提高警惕
https://news.sina.com.tw/article/20190808/32241242.html

重慶警方破獲一「殺豬盤」式特大系列網路詐騙案
https://news.sina.com.tw/article/20190808/32244964.html

多部門將加大網路灰黑產業打擊力度
https://news.sina.com.tw/article/20190807/32224894.html

廣州獵狐行動已拉172經濟犯罪疑犯 追繳1.2億人民幣
https://hk.on.cc/hk/bkn/cnt/cnnews/20190808/bkn-20190808014949594-0808_00952_001.html

北市今年攔阻詐騙7千萬元 假檢警占4成
https://udn.com/news/story/7315/3957727?from=udn-catelistnews_ch2

公安部指揮破獲特大販賣銀行卡和企業對公賬戶案 抓獲犯罪嫌疑人631名
https://news.sina.com.tw/article/20190726/32098062.html

Analysis: The Capital One Breach
https://www.bankinfosecurity.com/interviews/analysis-capital-one-breach-i-4406

Poshmark clothing marketplace says hacker stole customer details
https://www.zdnet.com/article/poshmark-clothing-marketplace-says-hacker-stole-customer-details/#ftag=RSSbaffb68

Breach alert in South Korea after 1m card details were put up for sale online
https://www.zdnet.com/article/breach-alert-in-south-korea-after-1m-card-details-were-put-up-for-sale-online/

South Korean Breach Exposes Over 1 Million Payment Cards
https://geminiadvisory.io/south-korean-breach-exposes-over-1-million-payment-cards/

3 out of 4 phishing scams get to your inbox untouched
https://www.zdnet.com/article/3-out-of-4-phishing-scams-get-to-your-inbox-untouched/#ftag=RSSbaffb68

GitHub sued for aiding hacking in Capital One breach
https://www.zdnet.com/article/github-sued-for-aiding-hacking-in-capital-one-breach/#ftag=RSSbaffb68

Breach alert in South Korea after 1m card details were put up for sale online
https://www.zdnet.com/article/breach-alert-in-south-korea-after-1m-card-details-were-put-up-for-sale-online/#ftag=RSSbaffb68

The Revival and Rise of Email Extortion Scams
https://www.symantec.com/blogs/threat-intelligence/email-extortion-scams

A Deeper Look at the Phishing Campaigns Targeting Bellingcat Researchers Investigating Russia
https://www.riskiq.com/blog/labs/bellingcat-phishing/

Capital One Data Breach: How Impacted Users Can Stay More Secure
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/capital-one-breach/

Capital One Data Breach Spurs More Lawsuits
https://www.bankinfosecurity.com/capital-one-data-breach-spurs-more-lawsuits-a-12873

Capital One breach exposes over 100 million credit card applications
https://blog.malwarebytes.com/reports/2019/08/capital-one-breach-exposes-over-100-million-credit-card-applications/

Capital One's Breach May Be a Server Side Request Forgery
https://www.bankinfosecurity.com/capital-ones-breach-may-be-server-side-request-forgery-a-12871

Beware of Emails Asking You to "Confirm Your Unsubscribe" Request
https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/

CafePress Hacked, 23M Accounts Compromised. Is Yours One Of Them
https://www.forbes.com/sites/daveywinder/2019/08/05/cafepress-hacked-23m-accounts-compromised-is-yours-one-of-them/#793b15a9407e

FBI warns of new trend where cybercriminals recruit money mules via dating sites
https://www.zdnet.com/article/fbi-warns-of-new-trend-where-cybercriminals-recruit-money-mules-via-dating-sites/#ftag=RSSbaffb68

CYBER ACTORS USE ONLINE DATING SITES TO CONDUCT CONFIDENCE/ROMANCE FRAUD AND RECRUIT MONEY MULES
https://www.ic3.gov/media/2019/190805.aspx

Mobile-Only Bank Monzo Warns 480,000 Customers to Reset PINs
https://www.bankinfosecurity.com/mobile-only-bank-monzo-warns-480000-customers-to-reset-pins-a-12878

Fake influencer follower fraud to cost companies $1.3B in 2019
https://www.zdnet.com/article/fake-influencer-follower-fraud-to-cost-companies-1-3b-in-2019/#ftag=RSSbaffb68

FBI warns of romance scams using online daters as money mules
https://www.welivesecurity.com/2019/08/07/fbi-scams-money-mules-dating-sites/

CYBER ACTORS USE ONLINE DATING SITES TO CONDUCT CONFIDENCE/ROMANCE FRAUD AND RECRUIT MONEY MULES
https://www.ic3.gov/media/2019/190805.aspx

National Baseball Hall of Fame Hit By Payment Card Stealing Attack
https://www.bleepingcomputer.com/news/security/national-baseball-hall-of-fame-hit-by-payment-card-stealing-attack/

Spanish brothel chain leaves internal database exposed online
https://www.zdnet.com/article/spanish-brothel-chain-leaves-internal-database-exposed-online/#ftag=RSSbaffb68

Instagram boots ad partner Hyp3r for mass collection of user data
https://www.zdnet.com/article/instagram-boots-ad-partner-hyp3r-for-mass-collection-of-user-data/#ftag=RSSbaffb68

Democratic Campaign Group Left 6 Million Emails Exposed
https://www.bankinfosecurity.com/democratic-campaign-group-left-6-million-emails-exposed-a-12895

E.研究報告
Check Point 發布網路攻擊趨勢報告 從供應鏈到電子郵件、行動設備到雲端都難逃網路攻擊
https://gnn.gamer.com.tw/detail.php?sn=183747

關於安全體系中WAF的探討
https://www.freebuf.com/articles/es/209756.html

資料庫安全能力內容——安全准入控制矩陣模型構建與實踐
http://bit.ly/2YNGwoG

“方程式組織”攻擊中東SWIFT服務商事件复盤分析報告
https://www.freebuf.com/articles/paper/205080.html

銀鉤:針對國內網銀用戶的釣魚的攻擊活動
https://ti.qianxin.com/blog/articles/betabot-targets-chinese-people/

文字檔案上傳漏洞[任意.繞過.解析]
https://www.itread01.com/content/1564934524.html

分析Belkin SURF路由器中的多個漏洞
https://www.anquanke.com/post/id/183326

淺析CSRF漏洞的利用與防禦機制
https://xz.aliyun.com/t/5871

CVE-2017-11882漏洞分析
https://blog.csdn.net/qq_38474570/article/details/98513146

CVE-2018-1158 MikroTik RouterOS漏洞分析之發現CVE-2019-13955
https://www.anquanke.com/post/id/183451

SRC漏洞挖掘經驗+技巧篇
https://cloud.tencent.com/developer/article/1480899

Apache ActiveMQ序列化漏洞(CVE-2015-5254)復現
https://www.cnblogs.com/yuzly/p/11278073.html

SURF路由器安全漏洞研究
https://xz.aliyun.com/t/5884

利用CVE-2018-8120漏洞簡單提權
http://www.sohu.com/a/331793556_609556

CVE-2017-11826:Office Open XML wwlib模塊解析混淆漏洞分析
https://www.freebuf.com/vuls/209778.html

近年APT組織常用的攻擊漏洞
https://cloud.tencent.com/developer/article/1481886

知乎XSS存儲型漏洞利用及方式
https://www.52pojie.cn/thread-1004610-1-1.html

Arduino的鍵盤漏洞演示及解決辦法
http://www.elecfans.com/d/1039202.html

KDE4 / 5命令執行漏洞(CVE-2019-14744)簡析
https://paper.seebug.org/1006/

CVE-2019-13272'PTRACE_TRACEME'本地提權漏洞分析(二)
https://www.anquanke.com/post/id/183528

Buhtrap CVE-2019-1132 0day攻擊事件相關漏洞樣本分析
https://www.cnblogs.com/goabout2/p/11324168.html

Apache Solr DataImportHandler遠程代碼執行漏洞(CVE-2019-0193) 分析
https://paper.seebug.org/1009/

VxWorks面臨嚴重RCE攻擊風險
https://www.freebuf.com/vuls/210241.html

Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
https://thehackernews.com/2019/08/reverse-rdp-windows-hyper-v.html

TOR Forensics: Investingating Tor for Evidence
https://netseedblog.com/security/tor-forensics-investingating-tor-for-evidence/

Modlishka – An Open Source Phishing Tool With 2FA Authentication
https://latesthackingnews.com/2019/01/13/modlishka-open-source-tool-for-advanced-phishing-campaigns/

DealPly Adware Abuses Microsoft Smartscreen to Boost AV Evasion
https://www.bleepingcomputer.com/news/security/dealply-adware-abuses-microsoft-smartscreen-to-boost-av-evasion/

How to capture serial console dump from HPE iLO4 using VSP (with screenshots)
https://www.golinuxcloud.com/capture-serial-console-dump-hpe-ilo4-vsp/

All Cybercrime IP Feeds
http://iplists.firehol.org/

New Re2PCAP tool speeds up PCAP process for Snort rules
https://blog.talosintelligence.com/2019/07/new-re2pcap-tool-speeds-up-pcap-process.html

Development stops on PowerShell Empire framework after project reaches its goal
https://www.zdnet.com/article/development-stops-on-powershell-empire-framework-after-project-reaches-its-goal/#ftag=RSSbaffb68

Enterprise vendors increasingly dominate the open source software scene
https://www.zdnet.com/article/enterprise-vendors-now-dominate-the-open-source-software-scene/#ftag=RSSbaffb68

Double DragonAPT41, a dual espionage andcyber crime operationAPT41
https://content.fireeye.com/apt-41/rpt-apt41/

Phishing-Simulation
https://github.com/jenyraval/Phishing-Simulation

Unveiling 11 New Adversary Playbooks
https://unit42.paloaltonetworks.com/unveiling-11-new-adversary-playbooks/

F.商業
Enpass 知名老牌密碼管理器,安全度高、跨平台、密碼儲存信任雲端
https://mrmad.com.tw/enpass

打造適用各產業資安框架 為新型態數位應用增添防護 資料湖彙整大數據 及時偵測回應安全威脅
https://www.netadmin.com.tw/netadmin/zh-tw/market/9696AD96E9DE464E979C78F36390CD47

軟銀將向網絡安全公司Cybereason投資2億美元
https://on.wsj.com/2KjaWas

Google App Engine雲端安全掃描工具,現在也能保護GKE與Compute Engine網頁應用程式
https://www.ithome.com.tw/news/132297

一、二類電信聯手攻雲端 台灣大公有雲正式上線
https://m.ctee.com.tw/livenews/kj/a79860002019080811404701?area=

HENNGE降低資安風險 雲端與大數據助企業價值變現
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=13&id=0000565013_14il9avt2yukw82gozzhy

別再用 VPN 存取你的 VM 了,改用 Cloud IAP 吧
http://bit.ly/2Kl87p7

博通擬耗資100億美元 買賽門鐵客資安部門
https://money.udn.com/money/story/5602/3978834

雲端大數據論壇從網路、AI分析及垂直應用三面向落實數據價值
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&id=0000565267_5dk1xs7672o1gz6s9fidg

Google Titan: Why Use A Key To Fight Fraud When You Could Use A Selfie
https://www.forbes.com/sites/renehendrikse/2019/08/02/google-titan-why-use-a-key-to-fight-fraud-when-you-could-use-a-selfie/

Cloudflare acquired an old Sun Microsystems slogan and I’m feeling nostalgic
https://thenextweb.com/dd/2019/07/11/cloudflare-acquired-an-old-sun-microsystems-slogan-and-im-feeling-nostalgic/

Half of all Google Chrome extensions have fewer than 16 installs
https://www.zdnet.com/article/half-of-all-google-chrome-extensions-have-fewer-than-16-installs/#ftag=RSSbaffb68

RiskIQ Launches JavaScript Threats Solution Amidst Surge in Browser-based Attacks
https://www.riskiq.com/blog/external-threat-management/javascript-threats/

G.政府
農委會砸千萬請中國衛星拍台灣 真巧
https://tw.appledaily.com/new/realtime/20190806/1611756/

獨家踢爆 離譜農委會砸千萬 找中國衛星拍台灣
https://tw.appledaily.com/headline/daily/20190807/38411996/

中國衛星遙測台灣農糧涉國安 農委會:過度聯想
https://tw.appledaily.com/new/realtime/20190806/1611739/

農試所採購暴露「國安三漏洞」 買中國衛星圖資竟無法管
https://tw.appledaily.com/new/realtime/20190806/1611729/

挨批資安疑慮 農委會花近千萬買中國衛星圖資喊卡
https://news.ltn.com.tw/news/politics/breakingnews/2875326

農試所買中國衛星影像挨批!農委會:無國家資安外洩疑慮
https://newtalk.tw/news/view/2019-08-06/282390

買中國衛星拍台灣圖資爭議,農委會:事後發現已解約,記者查證:事前應可預知
https://www.newsmarket.com.tw/blog/123289/

砸千萬找中國衛星 藍委批:國安問題源自蔡施政無能
https://www.chinatimes.com/realtimenews/20190808001841-260407?chdtv

農委會監控農作 竟用"中國衛星"資料
https://news.cts.com.tw/cts/local/201908/201908061970329.html

衛星圖資採購遭批「國安送中」 農委會:無洩漏資安
https://www.chinatimes.com/realtimenews/20190808003165-260405?chdtv

比照銀行業 保險業試辦機制將上路
https://udn.com/news/story/7239/3971188

純網銀效應 金管會鬆綁數位存款帳戶規定
https://money.udn.com/money/story/5613/3943077

打擊網路犯罪需全球合作,臺執法單位加入No More Ransom計畫
https://www.ithome.com.tw/news/132273

108年第2季資通安全技術報告
http://bit.ly/2T9juDw

科技部斥資7千萬啟動專案,陳良基:量子電腦發展需要「破風者」
https://www.bnext.com.tw/article/54229/the-development-of-quantum-computers

北市府攜手思科 提升市府資訊專業職能
http://www.ctimes.com.tw/DispNews/tw/%E5%8C%97%E5%B8%82%E5%BA%9C/190807105317.shtml

國防部強化保密警覺 確保資安
https://www.ydn.com.tw/News/347397

群暉科技 Synology® 及 TWCERT/CC 與國際資安組織展開協作, 阻止全球 NAS 勒索事件擴散
http://bit.ly/2YWXkcU

美禁採購華為 政院:正做資安黑名單最後確認
https://taronews.tw/2019/08/08/427950/

【打造國家級資安情報力:八大CI打造資安資訊分享平臺】多數ISAC早在2017年完成,陸續加入CERT與二線SOC功能
https://www.ithome.com.tw/news/132220

【全面盤點國家級資安情報力:金管會打造F-ISAC】F-ISAC預計2021年開始針對會員收費
https://www.ithome.com.tw/news/132224

【全面盤點國家級資安情報力:交通部打造T-ISAC】納入高鐵臺鐵風險評鑑結果,提供有效資安情資
https://www.ithome.com.tw/news/132225

【全面盤點國家級資安情報力:經濟部打造E-ISAC】管理水資源與能源OT系統,維運難度高
https://www.ithome.com.tw/news/132227

【全面盤點國家級資安情報力:衛福部打造H-ISAC】善用病安文化,溝通醫院資安重要性
https://www.ithome.com.tw/news/132221

【全面盤點國家級資安情報力:科技部打造SP-ISAC】主動通知會員威脅情資,吸引大量業者加入
https://www.ithome.com.tw/news/132223

看見台灣下一波競爭力,政府與產業聯手落實智慧製造與資安防護
http://bit.ly/2GWeAFa

H.ICS/SCADA 工控系統
汽車業推聯網車 易遭駭客攻擊
https://money.udn.com/money/story/5599/3966998

「連網汽車」一旦遇駭 估奪3000條命
http://bit.ly/2Zxc4ML

ICS工業控制系統下的OT(操作科技) 您有所不知
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=8747

新世代資安產品輩出 提供IT/OT安全防護
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=8746

微軟警告駭客組織Fancy Bear正試圖利用物聯網設備漏洞
http://big5.pconline.com.cn/b5/news.pconline.com.cn/1282/12823280.html

IBM:針對工業目標的侵入事件半年來成長一倍
https://technews.tw/2019/08/07/ibm-says-there-are-double-cyber-event-target-industrial-company/

Cyberattacks against industrial targets have doubled over the last 6 months
https://www.zdnet.com/article/cyberattacks-against-industrial-targets-double-over-the-last-6-months/#ftag=RSSbaffb68

I.教育訓練
( 免費 Python 電子書 ) Python Data Science Handbook ( Python 資料科學學習手冊)
http://bit.ly/2YzMkhy

Notes for AWS Certified Solutions Architect Associate
https://github.com/SkullTech/aws-solutions-architect-associate-notes

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
俄羅斯政府黑客利用物聯網入侵網絡
https://www.solidot.org/story?sid=61621

機器學習案例實戰:信用卡欺詐檢測
https://www.itread01.com/content/1546246098.html

python 機器學習實戰:信用卡欺詐異常值檢測
https://www.itread01.com/content/1550216897.html

迴歸演算法的應用——信用卡欺詐檢測案例
https://www.itread01.com/content/1544119446.html

機器學習專案實戰----信用卡欺詐檢測(一)
https://www.itread01.com/content/1563465842.html

機器學習專案實戰----信用卡欺詐檢測(二)
https://www.itread01.com/content/1563501902.html

python實現信用卡欺詐檢測 logistic迴歸邏輯迴歸演算法
https://www.itread01.com/content/1546727590.html

機器學習案例實戰之信用卡欺詐檢測(從零開始,附資料,程式碼)
https://www.itread01.com/content/1549140318.html

Tokyo offers $1 billion research grant for human augmentation, cyborg tech
https://www.zdnet.com/article/tokyo-offers-1-billion-research-grant-for-human-augmentation-cyborg-tech/#ftag=RSSbaffb68

Manufacturers’ digital transformation will fail without both IT and OT
https://www.zdnet.com/article/manufacturers-digital-transformation-will-fail-without-both-it-and-ot/#ftag=RSSbaffb68

Smart TVs: Yet another way for attackers to break into your home
https://www.welivesecurity.com/2019/08/02/smart-tvs-way-attackers-home/

Microsoft: Russian state hackers are using IoT devices to breach enterprise networks
https://www.zdnet.com/article/microsoft-russian-state-hackers-are-using-iot-devices-to-breach-enterprise-networks/#ftag=RSSbaffb68

Brazilian healthcare CIOs plan IoT boost
https://www.zdnet.com/article/brazilian-healthcare-cios-plan-iot-boost/#ftag=RSSbaffb68

Corporate IoT – a path to intrusion
https://msrc-blog.microsoft.com/2019/08/05/corporate-iot-a-path-to-intrusion/

6.近期資安活動及研討會
 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 DEF CON 27  2019/8/8–8/11
 https://www.defcon.org/

 大數據軟體開發平台與AI(人工智慧)開發應用案例 8/9
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3805&from_course_list_url=homepage

 Android Code Club(Taipei)  8/14
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbsb/

 數位鑑識處理實務 8/14 ~ 8/15
 http://bit.ly/2VW0Lv9

 HackingThursday 固定聚會 8/15
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbtb/

 108 年度臺灣學術網路危機處理中心資安巡迴研討會 -資安趨勢暨網路安全概要  8/19 ~ 8/27
 http://www.hssh.tp.edu.tw/ezfiles/1/1001/attach/42/pta_17520_7551835_06329.pdf

 台灣駭客年會 HITCON Summer Training 2019 - 學生報名  2019-08-19 ~ 2019-08-22
 https://www.accupass.com/event/1906050919271598677460

 工業自動化資安攻擊與防護 8/21
 https://www.moea.gov.tw/MNS/populace/news/NewsAction.aspx?menu_id=43&news_id=86058

 ᅵYahoo奇摩電商專題講座ᅵ 我們與詐騙的距離_電商不可承受的資安之重  8/21
 https://www.accupass.com/event/1906120307261445013215

 資訊安全攻防實務- 企業紅藍隊對抗演練實務  08/21 星期三 09:00 ~ 08/23 星期五 16:30
 https://www.moea.gov.tw/Mns/populace/news/NewsAction.aspx?menu_id=43&news_id=86049

 WEB應用滲透測試 8/21 ~ 8/23
 https://www.accupass.com/event/1904080221358963463590

 Thinking Thursday 第三場 8/22
 https://www.meetup.com/Thinking-Thursday/events/lrqddryzlbdc/

 台灣駭客年會 HITCON Community 2019  2019-08-23(五) 09:00 ~ 2019-08-24(六) 17:00 (GMT+8)
 https://www.accupass.com/event/1906040921594609934250

 第四屆臺灣好厲駭~開放報名 至108年8月26日(一)下午5點截止
 http://bit.ly/2ZlpP0Q

 NISRA Enlightened 2019 2019/08/26 ~ 2019/08/29
 https://nisra.kktix.cc/events/2019enlightened

 數位政府高峰會 2019  8/28
 https://egov.ithome.com.tw/

 ModernWeb 19  8/28 ~ 8/29
 https://modernweb.tw/

 資安法規與制度研析課程-108年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」  8/29 ~ 8/30
 http://www.cisanet.org.tw/News/activity_more?id=MTQzMw==

 108年資安職能訓練-行動裝置安全(8/29-8/30)
 https://cee.ksu.edu.tw/recruitinfo/1443.html

 2019 NGO 資安種子講師訓練 8/29
 https://ocftw.kktix.cc/events/cscs2019tot

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  9/6
 https://signupcybersec101.ithome.com.tw/

 交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7
 https://hackercollege.nctu.edu.tw/?p=1079

 資訊安全管理系統-基礎課程(免費!)9/8
 https://www.accupass.com/event/1907160853513957042270

 【AWS資安】Security Engineering on AWS​高級課程 9/9 ~ 9/11
 https://www.accupass.com/event/1905150854571147685105

 CDX2.0推廣活動 - 台北場次 9/10
 https://nchc-cdx.kktix.cc/events/cdxactivity-0910

 Kubernetes Summit 9/11
 https://summit.ithome.com.tw/kubernetes/

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  9/20
 https://signupcybersec101.ithome.com.tw/

 金融資安培訓課程 9/20
 https://twap.deloitte.com.tw/DTLCRA/Works/CourseDetail.aspx?CourseID=T1906002

 資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21
 https://ithome.com.tw/pr/131772

 交通大學亥克書院-A011:入侵行為發覺與應變指南 9/21
 https://hackercollege.nctu.edu.tw/?p=1082

 資訊安全管理系統-進階課程(免費!)9/21
 https://www.accupass.com/event/1907160908138705889800

 TANET 2019 - 臺灣網際網路研討會  9/25
 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310

 交通大學亥克書院-B022:基礎網頁安全與滲透測試 9/28
 https://hackercollege.nctu.edu.tw/?p=1084

 HITB+ CYBER WEEK 2019/10/12 ~17
 https://d2p.hitb.org/

 交通大學亥克書院-A006:數位足跡追蹤與分析 10/19
 https://hackercollege.nctu.edu.tw/?p=1088

 Splunk .conf 19  10/21 ~ 10/24
 https://conf.splunk.com/

  AIoT智能物聯網開發人才就業養成班[免費諮詢]  10/22
 https://ittraining.kktix.cc/events/aiot-training-2019

 Industrial Control Systems (ICS) Cyber Security Conference  USA   October 21 – 24, 2019
 https://www.icscybersecurityconference.com

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  10/25
 https://signupcybersec101.ithome.com.tw/

 交通大學亥克書院-A015:進階網頁滲透測試 10/26
 https://hackercollege.nctu.edu.tw/?p=1090

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  11/8
 https://signupcybersec101.ithome.com.tw/

 交通大學亥克書院-P006:高階網頁滲透測試 11/16
 https://hackercollege.nctu.edu.tw/?p=1092

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  11/29
 https://signupcybersec101.ithome.com.tw/

 交通大學亥克書院-B015:惡意程式檢測 11/30
 https://hackercollege.nctu.edu.tw/?p=1098

 交通大學亥克書院-A018:企業網域控管-Active Directory攻擊與防禦  12/14
 https://hackercollege.nctu.edu.tw/?p=1094

 Japan Security Analyst Conference
 https://jsac.jpcert.or.jp/

留言

這個網誌中的熱門文章

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/



8月份資安社群及教育訓練活動分享

8月份資安社群及教育訓練活動分享

 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/

 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/

 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/

5月份資安、社群活動分享

5月份資安、社群活動分享

 108年度資安初學者挑戰活動 (MyFirstCTF) 5/1 ~ 5/10 報名
 https://ais3.org/mfctf/

 HackingThursday 固定聚會  5/2
 https://www.meetup.com/hackingthursday/events/vkhnnqyzhbdb/

 Python 商務網站 * 極速學習 (2019春季 - 台北)  5/2
 https://cjltsod.kktix.cc/events/django-2019-spring-taipei

 國票金控「純網銀鯰魚與資安技術漣漪」日本樂天技術結合台灣AI 人工智慧發表會  5/2
 https://www.accupass.com/event/1904111400151860776797

 資安法 X 技術實務論壇  5/2
 https://csa.kktix.cc/events/csa190502

 國立交通大學 亥客書院 - 基礎網站安全建構實務  5/4
 https://hackercollege.nctu.edu.tw/?p=1045

 ISDA 白帽菁英萌芽計劃II 0505 
 https://reg.shield.org.tw/info.php?no=54

 Pwn入門  5/5
 https://hackersir.kktix.cc/events/fcu190505

 Elixir台灣 台北 Meetup # Monday, May 6, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/

 公部門之AI資安防護新思維研討會 5/7
 http://www.cisanet.org.tw/News/activity_more?id=MTQzOA==

 向資安服務看齊 我們一起讓資安從「有做」到「有效」  5/8 ~ 5/10
 https://www.informationsecurity.com.tw/Seminar/2019_all/

 資安危機 - 進擊的勒索加密軟體 2019-05-09(四) 14:45 ~ 17:00
 https://www.accupass.com/event/19041703435474776…