跳到主要內容

資安事件新聞週報 2019/9/16 ~ 2019/9/20






資安事件新聞週報  2019/9/16  ~  2019/9/20

1.重大弱點漏洞/後門/Exploit/Zero Day
Atlassian Jira 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14996

Windows Defender malware scans are failing after a few seconds
https://www.zdnet.com/article/windows-defender-malware-scans-are-failing-after-a-few-seconds/

Haxx curl 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481

IBM WebSphere Application Server 多個漏洞
https://www.ibm.com/support/pages/security-bulletin-information-disclosure-vulnerability-websphere-application-server-cve-2019-4477
https://www.ibm.com/support/pages/security-bulletin-file-traversal-vulnerability-websphere-application-server-admin-console-cve-2019-4268
https://www.ibm.com/support/pages/security-bulletin-cross-site-scripting-vulnerability-websphere-application-server-admin-console-cve-2019-4270

CVE-2019-1579:-- #Critical Pre-Authentication #Vulnerability
https://github.com/securifera/CVE-2019-1579

Vivotek VIVOTEK IP Camera 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14458

Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions
https://thehackernews.com/2019/09/phpmyadmin-csrf-exploit.html

安全專家在多家廠商的SOHO路由器和NAS設備中發現了125個新漏洞
https://nosec.org/home/detail/2966.html

125 New Flaws Found in Routers and NAS Devices from Popular Brands
https://thehackernews.com/2019/09/hacking-soho-routers.html


新的NetCAT 漏洞利用英特爾至強處理器上的DDIO 竊取數據
https://www.bilibili.com/read/cv3579340/

使用ASPEED AST2400和 AST2500 system-on-chips (SoCs) 的系統相關的Baseboard Management Controller (BMC)安全漏洞
https://www.supermicro.com/support/security_CVE-2019-6260.cfm?mlg=1

CVE-2019-12922:零日phpMyAdmin跨站點請求偽造漏洞警報
https://www.linuxidc.com/Linux/2019-09/160657.htm

phpMyAdmin 4.9.0.1 Cross Site Request Forgery
https://packetstormsecurity.com/files/154483/phpmyadmin4901-xsrf.txt

FTPShell Client 6.74 Buffer Overflow
https://packetstormsecurity.com/files/154482/ftpshell674-overflow.txt

[漏洞預警] CVE-2019-10392 / Jenkins Git Client插件遠程命令執行漏洞
https://qiita.com/shimizukawasaki/items/a4bd7e329252a90be3d4

必升!佳能連發8款單反升級固件:修復主要漏洞
https://news.sina.com.tw/article/20190917/32674210.html

微軟發佈09月份安全性公告
https://support.microsoft.com/en-us/help/20190910/security-update-deployment

Red Hat OpenShift Container Platform 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10213

Popular consumer and enterprise routers, IoT devices contain remote access vulnerabilities
https://www.zdnet.com/article/iot-security-has-become-worse-in-the-last-five-years/#ftag=RSSbaffb68

jenkins -- script_security
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10399

jenkins -- script_security
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10400

dlink -- dir-806_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10891

dlink -- dir-806_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10892

dlink -- dir-868l_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-16190

teamviewer
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-11769

Symantec Advanced Secure Gateway (ASG) / ProxySG - Unrestricted File Upload
https://www.exploit-db.com/exploits/47392

Misuse of WordPress update_option() function Leads to Website Infections
https://blog.sucuri.net/2019/09/misuse-of-wordpress-update_option-function-leads-to-website-infections.html

LastPass緊急修補會洩露用戶前一個登入網站密碼的漏洞
https://www.ithome.com.tw/news/133083

VMware Releases Security Updates for Multiple Products
https://www.us-cert.gov/ncas/current-activity/2019/09/17/vmware-releases-security-updates-multiple-products

VMware 產品多個漏洞
https://www.vmware.com/security/advisories/VMSA-2019-0013.html

Webmin 1.920 Remote Code Execution
https://packetstormsecurity.com/files/154485/CVE_2019_15107.c

phpMyAdmin 4.9.0.1 Cross Site Request Forgery
https://packetstormsecurity.com/files/154483/phpmyadmin4901-xsrf.txt

FTPShell Client 6.74 Buffer Overflow
https://packetstormsecurity.com/files/154482/ftpshell674-overflow.txt

Western Digital My Book World II NAS 1.02.12 Hardcoded Credential
https://packetstormsecurity.com/files/154524/wdmbwiinas10212-exec.txt

TOR Virtual Network Tunneling Tool 0.4.1.6
https://packetstormsecurity.com/files/154534/tor-0.4.1.6.tar.gz

Google Chrome 多個漏洞
https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop_18.html

Dell EMC RSA Archer 信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3756

Microsoft Windows遠端桌面服務存在安全漏洞(CVE-2019-1181、CVE-2019-1182、CVE-2019-1222及CVE-2019-1226),允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1107

JVN#97845465 LINE (Android版) における複数の整数オーバーフローの脆弱性
https://jvn.jp/jp/JVN97845465/

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
港交所擬收購倫敦證券交易所  傳英國政府或否決交易
https://unwire.pro/2019/09/12/hkex/news/

「世紀併購」香港出價收購倫敦證券交易所,代表什麼?
https://www.cw.com.tw/article/article.action?id=5096845

外銀自建境外私有雲 採報備即可
https://www.chinatimes.com/realtimenews/20190912005557-260410?chdtv

銀行資料 可存境外雲端
https://udn.com/news/story/7239/4045210

金融科技淘金 考驗資安風險管控
https://money.udn.com/money/story/5613/4047131

資安險叫好不叫座 去年僅141張保單
https://news.wearn.com/c323744.html

澳門金融管理局:“亞洲證券交易所”未獲許可從事金融活動
http://www.hkcna.hk/content/2019/0914/784505.shtml

憂中共滲透!倫交所拒港交所兆元「提親」
http://bit.ly/2lWHoW9

就像在 ATM 上安裝盜卡裝置一樣, 「Magecart」專偷線上刷卡資料
https://blog.trendmicro.com.tw/?p=61779

Firstrade最新聲明與白帽駭客
https://coldbloodinvestment.blogspot.com/2019/09/firstrade.html

Firstrade客戶資料被竄改 官方指是安全測試
http://bit.ly/2koMB8U

發票存載具...陌生伯吐槽「都沒人在用」 網反揭「長輩友善功能」:超好用
https://www.ettoday.net/news/20190913/1534730.htm

瑞士信用卡目前並不適用歐盟「嚴格顧客驗證機制規定」
http://bit.ly/2kzdIhP

出現金融獨角獸?顧立雄:跟金融業合作拓展海外就有機會
https://money.udn.com/money/story/12926/4050343

關注純網銀資訊安全 將來銀行打造生活Ⅹ金融生態圈
https://news.cnyes.com/news/id/4383013

《金融》保險、洗錢防制缺失,8金融機構挨罰
https://www.chinatimes.com/realtimenews/20190917001046-260410?chdtv

〈南山人壽遭重罰〉保險業今年罰單近億元 南山就苦吞5460萬元、占比55%
https://news.cnyes.com/news/id/4383257

全球裂聯網與金融雅爾達體系
https://udn.com/news/story/7238/4053395

美商第一證券客戶資料遭竄改,官方宣稱是執行漏洞獎勵計畫的測試
https://www.ithome.com.tw/news/133101

數位銀行超車傳統金融 KPMG:整合、資安是關鍵
http://bit.ly/2kpLtlB

大馬銀行 擬來台發伊斯蘭債
https://udn.com/news/story/7239/4053410

網銀沒有獨立App被瘋狂抱怨,永豐大戶:要靠「金融美學」突圍
https://moptt.tw/p/creditcard.M.1568691509.A.D8A

財金Open API開發者平臺首度大公開,第二階段消費者資訊查詢API標準年底出爐
https://www.ithome.com.tw/news/133124

趨勢科技指歐洲最新銀行法規可能帶來資訊保安風險
https://times.hinet.net/topic/22563440

保險區塊鏈10月上路? 壽險公會:系統優化仍需時間
https://tw.finance.appledaily.com/realtime/20190918/1635266

加州網路保險問市 防遭駭客攻擊勒索
http://bit.ly/2m922m6

加強控管壽險?金管會祭債券ETF、目標到期基金限募令
http://bit.ly/2kHqqLz

壽險區塊鏈 保單存摺先行
https://www.chinatimes.com/newspapers/20190919000323-260205?chdtv%3

開放銀行浪潮席捲各行業,資策會MIC:未來10年金融服務將無所不在
https://www.bnext.com.tw/article/54811/mic-fintech-trend-openbanking

純網銀混搭零售...金融新服務來了
https://money.udn.com/money/story/9740/4057784

10/1 (二)遠東銀行系統維護
https://www.ecpay.com.tw/Announcement/DetailAnnouncement?nID=3677

Credit Card Theft Ringleader Pleads Guilty
https://www.bankinfosecurity.com/credit-card-theft-ringleader-pleads-guilty-a-13088

PSD2 Authentication Requirements: The Implementation Hurdles
https://www.bankinfosecurity.com/psd2-authentication-requirements-implementation-hurdles-a-13086

When PSD2 Opens More Doors: The Risks of Open Banking
https://blog.trendmicro.com/trendlabs-security-intelligence/when-psd2-opens-more-doors-the-risks-of-open-banking/

The Risks of Open Banking
http://bit.ly/2m0gMnc

ATM theft link: Alert highway patrolling staff nab 2 criminals
http://www.millenniumpost.in/delhi/atm-theft-link-alert-highway-patrolling-staff-nab-2-criminals-375034

LCPD in search of suspects for attempted ATM theft
https://www.americanpress.com/news/crime/crime_brief/lcpd-in-search-of-suspects-for-attempted-atm-theft/article_c1f16f24-da4d-11e9-8109-aff32ce339e4.html

Financial asset firm PCI ordered to pay $1.5 million for poor cybersecurity practices
https://www.zdnet.com/article/company-ordered-to-pay-1-5-million-for-poor-cybersecurity-practices/

Old Magecart web domains resurrected for fraudulent ad schemes
https://www.zdnet.com/article/old-magecart-domains-reincarnated-in-new-attacks/#ftag=RSSbaffb68

Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites
http://bit.ly/2krnD93

Vacationers Hit by Skimming Attack
https://www.infosecurity-magazine.com/news/vacationers-hit-by-skimming/

Two years later, hackers are still breaching local government payment portals
https://www.zdnet.com/article/two-years-later-hackers-are-still-breaching-local-government-payment-portals/#ftag=RSSbaffb68

Hotel websites infected with skimmer via supply chain attack
https://www.scmagazine.com/home/security-news/hotel-websites-infected-with-skimmer-via-supply-chain-attack/

Police release video of driver who almost pinned officer to ATM
http://www.fox5atlanta.com/news/police-release-video-of-driver-who-almost-pinned-officer-to-atm

Police: Man burglarized South Middleton gas station, stole ATM and work van
http://bit.ly/2kT13X1

Police investigating another attempted burglary of ATM at a local bank
https://www.kbtx.com/content/news/Police-investigating-another-attempted-burglary-of-ATM-at-a-local-bank-560832841.html

Nepal cautions Beijing as five Chinese men hack into ATMs
https://www.dnaindia.com/world/report-nepal-cautions-beijing-as-five-chinese-men-hack-into-atms-2791052

3.電子支付/電子票證/行動支付/ pay/新聞及資安
來旅遊!大陸網紅行動支付碰壁 嗆台灣發展落後
https://news.ebc.net.tw/News/entertainment/177845

支付寶如果被駭或公司破產會怎樣
https://disp.cc/b/163-bH1q

【台灣Pay體檢1】綁金融卡痛失先機 連犯五大缺失!「國家品牌」市佔難破5%
https://tw.appledaily.com/new/realtime/20190914/1630308/

【台灣Pay體檢2】行銷費用和對手沒得比 公股銀行咬牙配合財政部
https://tw.appledaily.com/recommend/realtime/20190914/1630311

台灣Pay總體檢 5缺失輸很大 行銷銀彈不足 信用卡整合慢
https://tw.appledaily.com/finance/daily/20190915/38445031/

埃塞俄比亞航空透過CellPoint Digital的Velocity支付平臺推出微信支付和KNET
https://n.yam.com/Article/20190916599244

支付方式整理
https://www.dcard.tw/f/money/p/232087406

推動環保、分散通勤潮!東京推「電子貨幣」新政策獎勵民眾
https://fnc.ebc.net.tw/FncNews/world/99793

騰訊旗下財付通被央行罰149萬,因違反支付結算管理等制度
https://news.sina.com.tw/article/20190916/32666274.html

義大利新政府將加強現金管控 力推電子支付手段
https://news.sina.com.tw/article/20190918/32688848.html

支付寶澳門服務上線 居民可使用澳門手機號註冊
https://www.finet.hk/newscenter/news_content/5d82dfc0bde0b37e69366d57

台灣行動支付慘輸大陸? 眾人揭「真相」打臉:不懂裝懂
https://www.nownews.com/news/20190919/3640170/

4.虛擬貨幣/區塊鍊   新聞及資安
瑞士警告 Libra 加密貨幣可能會受進一步審查
https://unwire.pro/2019/09/12/facebooks-libra-seeks-swiss-payment-system-license/blockchain/crytocurrency/

FB天秤幣申請牌照遭質疑 瑞士監管機構表示歡迎審查
https://news.sina.com.tw/article/20190912/32643708.html

以太坊項目AirSwap中的關鍵漏洞
https://0xzx.com/201909150604272060.html

台日虛擬貨幣糾紛 應付金額被灌水 幣寶台灣要告BPJ
https://newtalk.tw/news/view/2019-09-11/297466

Libra 開源代碼含安全漏洞!網路安全公司:耗時近 1 個月完成修補
https://news.cnyes.com/news/id/4381023

黑市出現新型「洗錢」服務:支付一折價格的比特幣,向駭客購入十倍的黑錢
https://www.blocktempo.com/cybercriminals-selling-hacked-fiat-money-for-bitcoin-at-10-of-its-value/

「目標年底 400 家!」——德意志銀行宣布加入摩根大通的「區塊鏈金融網路」
https://www.blocktempo.com/germanys-largest-bank-joins-jpmorgans-blockchain-network/

Mastercard區塊鏈與R3的跨境支付
https://0xzx.com/201909130601268938.html

中國推數位貨幣 意在挑戰美元地位
https://ec.ltn.com.tw/article/paper/1317766

德法反對臉書加密貨幣進入歐洲
https://tech.sina.com.cn/roll/2019-09-18/doc-iicezueu6560338.shtml

FB天秤幣再遭質疑 歐洲央行官員稱將擾亂金融系統
https://news.sina.com.tw/article/20190918/32687050.html

天秤幣接受26國央行聯合會考,「批准的門檻肯定會很高」
https://news.sina.com.tw/article/20190917/32683432.html

加密貨幣成銀行業標配?「富國銀行數位現金」試點明年開跑
https://blockcast.it/2019/09/18/wells-fargo-is-developing-usd-stablecoin/

中國央行虛擬貨幣來了!地位等同法定貨幣、可離線交易… 一次看懂「數位版人民幣」
https://buzzorange.com/techorange/2019/09/18/china-dcep/

LINE PAY 也能買幣了!LINE 旗下第二間交易所「BITMAX」上線
https://www.bnext.com.tw/article/54804/bitmax-cryptocurrency-exchange-for-japan-begins-operations

櫃買中心針對STO推出細部規範!將透過這5種方式管理虛擬通貨交易平台業者
http://news.knowing.asia/news/40dd5198-4378-4967-996c-a536cef079a2

證券型STO細部規範公佈,許毓仁:畫虎不成反類犬
http://news.knowing.asia/news/c9d3567a-a05d-4dcf-b90c-62292421bc78

富國銀行開發加密貨幣 明年試用於內部結算
https://news.sina.com.tw/article/20190918/32688320.html

Two Ethereum consultants charged with extorting a cryptocurrency startup
https://www.zdnet.com/article/two-ethereum-consultants-charged-with-extorting-a-cryptocurrency-startup/#ftag=RSSbaffb68

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
調查:惡意軟件Echobot正廣泛攻擊全球物聯網設備
http://bit.ly/2mgilxI

網絡漏洞多多 惡意軟件肆虐全球
http://bit.ly/2kLIkfQ

8 月三大惡意軟件 + 常被利用的漏洞出爐!殭屍網絡病毒 Echobot 對物聯網發起攻擊
http://bit.ly/2mdxzDr

升級漏洞受攻擊者“青睞”即時通信軟件被劫持用於傳播病毒
http://bit.ly/2ktMXLF

2019-09-13 - WSHRAT INFECTION FROM MALSPAM
https://www.malware-traffic-analysis.net/2019/09/13/index.html

InnfiRAT malware lurks in your machine to steal cryptocurrency wallet data
https://www.zdnet.com/article/innfirat-malware-lurks-in-your-machine-to-steal-cryptocurrency-wallet-data/

InnfiRAT: A new RAT aiming for your cryptocurrency and more
https://www.zscaler.com/blogs/research/innfirat-new-rat-aiming-your-cryptocurrency-and-more

Emotet, today's most dangerous botnet, comes back to life
https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/#ftag=RSSbaffb68

2019-09-16 - DATA DUMP: URSNIF INFECTION WITH ICEDID AND TRICKBOT (GTAG: LEO16)
https://www.malware-traffic-analysis.net/2019/09/16/index2.html

2019-09-16 - DATA DUMP: EMOTET INFECTION WITH TRICKBOT (GTAG: MOR1)
https://www.malware-traffic-analysis.net/2019/09/16/index.html

2019-09-17 - PCAP AND MALWARE FOR AN ISC DIARY (EMOTET + TRICKBOT)
https://www.malware-traffic-analysis.net/2019/09/17/index.html

2019-09-18 - DATA DUMP: EMOTET INFECTION WITH TRICKBOT (GTAG: MOR3)
https://www.malware-traffic-analysis.net/2019/09/18/index.html

2019-09-19 - DATA DUMP: URSNIF, EMOTET, AND FORMBOOK INFECTIONS
https://www.malware-traffic-analysis.net/2019/09/19/index.html

Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload
http://bit.ly/2kNZyJG

Emotet is back: botnet springs back to life with new spam campaign
https://blog.malwarebytes.com/botnets/2019/09/emotet-is-back-botnet-springs-back-to-life-with-new-spam-campaign/

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware
https://threatpost.com/threat-actor-buys-digital-certs-spreads-malware/148345/

Digital Certificates - Models for Trust and Targets for Misuse
https://blog.reversinglabs.com/blog/digital-certificates-impersonated-executives-as-certificate-identity-fronts

Researchers: Emotet Botnet Is Active Again
https://www.bankinfosecurity.com/researchers-emotet-botnet-active-again-a-13099

Gootkit malware crew left their database exposed online without a password
https://www.zdnet.com/article/gootkit-malware-crew-left-their-database-exposed-online-without-a-password/#ftag=RSSbaffb68

Banking Trojan Database Exposed – Millions of Users At Risk
https://securitydiscovery.com/banking-trojan-database-exposed-millions-of-users-at-risk/

Emotet is back after a summer break
https://blog.talosintelligence.com/2019/09/emotet-is-back-after-summer-break.html

Researchers: Emotet Botnet Is Active Again
https://www.bankinfosecurity.com/researchers-emotet-botnet-active-again-a-13099

Nemty Ransomware 1.0: A Threat in its Early Stage
https://www.fortinet.com/blog/threat-research/nemty-ransomware-early-stage-threat.html

Cryptocurrency miners aren’t dead yet: Documenting the voracious but simple “Panda”
https://blog.talosintelligence.com/2019/09/panda-evolution.html

Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month
https://thehackernews.com/2019/09/smominru-botnet.html

Cryptoming Botnet Smominru Returns With a Vengeance
https://www.bankinfosecurity.com/cryptoming-botnet-smominru-returns-vengeance-a-13123

THE MASSIVE PROPAGATION OF THE SMOMINRU BOTNET
https://www.guardicore.com/2019/09/smominru-botnet-attack-breaches-windows-machines-using-eternalblue-exploit

Malware Moves: The Rise of LookBack – And Return of Emotet
https://threatpost.com/malware-moves-the-rise-of-lookback-and-return-of-emotet/148365/

Crypto-mining malware saw new life over the summer as Monero value tripled
https://www.zdnet.com/article/crypto-mining-malware-saw-new-life-over-the-summer-as-monero-value-tripled/#ftag=RSSbaffb68

New ransomware strain uses ‘overkill’ encryption to lock down your PC
https://www.zdnet.com/article/this-ransomware-uses-overkill-encryption-to-lock-down-your-pc/#ftag=RSSbaffb68

TFlower Ransomware - The Latest Attack Targeting Businesses
https://www.bleepingcomputer.com/news/security/tflower-ransomware-the-latest-attack-targeting-businesses/

CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency
https://www.tripwire.com/state-of-security/featured/cookieminer-malware-targets-macs-steals-passwords-messages-mines-cryptocurrency/#new_tab

B.行動安全 / iPhone / Android /穿戴裝置 /App
APP個資無法可刪 江雅綺:個資保護一片混亂
http://bit.ly/2lNtgi4

手機內置中國防毒軟件技術 Samsung:不會傳送任何資料至個人裝置以外地方
http://bit.ly/2kznuAB

iOS 13又現大漏洞:不解鎖iPhone的情況下可查看聯繫人
https://www.xfastest.com/thread-233466-1-1.html

iOS 13驚傳有漏洞!就算iPhone有上鎖 駭客還是可輕鬆竊取個資
http://bit.ly/2kPzgXv

新型手機黑客攻擊 Simjacker 漏洞或影響全球逾 10 億用家
http://bit.ly/2kzNdJ8

CHECK POINT RESEARCH:部分 ANDROID 手機有 OTA 漏洞,黑客可發假 OMA CP 訊息
https://ysnweb.net/2019/09/news/international/check-point-research-android-ota-vulnerable/

中美貿易戰背後的祕密!台灣5G產業的新商機來了
http://bit.ly/2lUiJ4U

駭客利用 SIM 卡漏洞來追蹤人們位置至少 2 年
https://chinese.engadget.com/2019/09/15/simjacker-attack/

資安業者揭新漏洞! SIM卡被「挾持」 iOS、安卓都中招
https://news.ltn.com.tw/news/Taipei/breakingnews/2917170

涉超額採集個人私隱 內地手機App被點名
https://hk.on.cc/hk/bkn/cnt/cnnews/20190916/bkn-20190916110239643-0916_00952_001.html

IG再傳會洩露用戶電話、姓名的漏洞
https://www.ithome.com.tw/news/133043

【照片一上傳,想刪都刪不掉】手機 APP 藏個資「霸王條款」!專家警告:心理測驗、遊戲儘量別點
https://buzzorange.com/2019/09/16/personal-data-online-is-at-risk/

iPhone有「危險設定」要關閉? 3C達人:不必過慮...除非不想用地圖導航服務
https://www.ettoday.net/news/20190916/1536414.htm

APP服務下市 個資無法可刪
https://money.udn.com/money/story/5617/4045606

防濫用Spotify共享計劃 突擊檢查家庭用家位置
http://bit.ly/2kwU7Pj

違規手機App 官方點名「碧桂園售樓」 金山詞霸涉擅取手機資料
http://bit.ly/2lXqMh2

App涉超額採集隱私 將進行監管
https://www.ydn.com.tw/News/352811

SIM卡漏洞遭SimJacker入侵! 駭客發送簡訊即可監控掌握手機 10億用戶面臨威脅
https://www.ettoday.net/news/20190917/1537183.htm

頻繁被點名 App侵犯隱私何時休
https://news.sina.com.tw/article/20190917/32674010.html

國家計算機病毒中心發布違規APP和SDK 金山詞霸、墨跡天氣等被點名
https://m.nbd.com.cn/articles/2019-09-17/1372309.html

斯諾登警告法國政要不要用WhatsApp:絕對是個錯誤
https://news.sina.com.tw/article/20190918/32686174.html

黑龍江安卓用戶:你的手機有20.9個漏洞!男士更要注意
https://read01.com/BJGEex3.html

工程師開發程式助避收費陷阱 Apps試用到期自動取消
https://hk.on.cc/hk/bkn/cnt/aeanews/20190917/bkn-20190917190008988-0917_00912_001.html

Google Fi 推「全球吃到飽」電信套餐,最低只要 45 美元起
https://www.inside.com.tw/article/17569-google-fi-launches-a-more-traditional-unlimited-plan

手機被駭入 大陸30萬台手機被控制用作詐騙
https://udn.com/news/story/7332/4056759

你一直被追蹤位置你知道嗎?教你看懂什麼是「定位」、「權限」
https://blog.trendmicro.com.tw/?p=61296

Check Point Research揭露Android手機安全性漏洞
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000568584_P176MAFP77ELXF53MRLZZ

Instagram再傳資安疑慮 安全漏洞恐讓用戶電話、姓名全外洩
http://bit.ly/2kOboDu

Instagram fixed after researcher finds way to link account info to PII
http://bit.ly/2lYa3KQ

WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users
https://thehackernews.com/2019/09/whatsapp-delete-for-everyone-privacy.html

Yikes! iOS 13 Coming Next Week With iPhone LockScreen Bypass Bug
https://thehackernews.com/2019/09/ios-13-lockscreen-bypass.html

New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS
https://thehackernews.com/2019/09/simjacker-mobile-hacking.html

When is Android 10 coming to my phone
https://www.zdnet.com/article/when-is-android-10-coming-to-my-phone/#ftag=RSSbaffb68

WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users
https://thehackernews.com/2019/09/whatsapp-delete-for-everyone-privacy.html

C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
用來驗證真人的Captcha遭駭客利用,變成釣魚網頁的新工具
https://www.techbang.com/posts/72847-captcha-used-by-hackers-to-turn-it-into-a-new-tool-for-phishing-pages

月初同時DDoS《魔獸世界》、《鬥陣特攻》,官方:已經抓到人了
https://tw.news.yahoo.com/wowddoscaught-045540631.html

利用軟件漏洞侵占充值款食堂員工“揩油”120萬
http://www.51testing.com/html/74/n-4462474.html

15個新興崛起成長的工作
https://www.1111.com.tw/news/jobns/127323/

連 Google 都在用!中國網友開發的「翻牆神器」Shadowsocks 為何比傳統 VPN 工具更受歡迎
https://buzzorange.com/techorange/2019/09/16/shadowsocks/

國際電子戰研討會 成果展示
https://www.mitac.com.tw/article.cfm?id=301

資通安全事件通報應變推動淺談
https://www.acw.org.tw/Events/Detail.aspx?id=33

駭客冒名申請合法數位憑證以四處兜售
https://www.ithome.com.tw/news/133102

民眾黨官網遭駭客攻擊 警:機器人程式癱瘓註冊
http://bit.ly/2lTYvbs

獨/遭駭「開告」 民眾黨今前往信義分局報案
https://udn.com/news/story/7321/4052860

簡訊驗證機制遭濫用,臺灣民眾黨網站驚傳剛上線就被駭
https://www.ithome.com.tw/news/133089

出師不利!官網才上線秒掛...民眾黨:有心人士蓄意癱瘓
https://www.setn.com/News.aspx?NewsID=603343

DDoS攻擊?民眾黨不懂資安還推線上入黨
https://www.setn.com/News.aspx?NewsID=603127

台灣民眾黨官網遭駭客入侵癱瘓 柯文哲:報警處理
https://udn.com/news/story/6656/4049604

台灣民眾黨網站遭駭客入侵緊急關站維修中
https://boba.ettoday.net/video/1/698/179477

台灣民眾黨官網遭駭客入侵? 黨員註冊系統被癱瘓
https://udn.com/news/story/6656/4049470

民眾黨網站上線 遭駭客入侵關閉
http://m.match.net.tw/pc/news/politics/20190916/5024781

台灣民眾黨網站遭駭客入侵
https://www.ptt.cc/bbs/HatePolitics/M.1568599276.A.BFB.html

台灣民眾黨官網昨暝上線 半暝受駭客攻擊
https://news.pts.org.tw/article/446415

資安疑慮監視器入侵校園 綠委籲全面汰換
https://www.cna.com.tw/news/aipl/201909200097.aspx

台大傳出安裝中國監視器 立委呼籲教部立即全面檢查
https://udn.com/news/story/6656/4058251

台大裝中國監視器 校方:依規儘速處理
https://www.cna.com.tw/news/ahel/201909190342.aspx

Armor 揭暗網洗錢新招:比特幣支付 800 美元換取 1 萬美元現金
https://blockcast.it/2019/09/16/new-trend-of-illicit-conversions-from-btc-to-cash-on-dark-web/amp/

應對亞太區暗網崛起的威脅  企業的四大關鍵策略
https://unwire.pro/2019/09/15/lenovo-3/news/

俄羅斯網路監控系統SORM曝光
https://ithome.com.tw/news/133162

伊朗駭客集團Cobalt Dickens於全球大學展開大規模網釣行動
https://ithome.com.tw/news/133071

澳洲國會被「駭」 中國國安部幹的
https://news.ltn.com.tw/news/world/paper/1318467

未公開報告:澳洲選前國會與3大黨都駭客入侵 中國是幕後黑手
http://bit.ly/2kDv8dc

路透:澳國會、政黨遭駭客入侵「是中國出手」 怕得罪集體噤聲
https://www.ettoday.net/news/20190916/1536302.htm

路透:澳洲傳查出網攻是「中國發動」!怕破壞關係不敢說
https://ec.ltn.com.tw/article/breakingnews/2917234

傳澳洲查出中國發動網攻 擔心損及貿易秘而不宣
https://money.udn.com/money/story/5599/4050832

中國侵害台灣不夠,連澳洲選舉都要干預
https://taronews.tw/2019/09/18/468984/

美國務院:阿里巴巴騰訊百度或從事間諜活動
https://hk.on.cc/hk/bkn/cnt/cnnews/20190916/bkn-20190916084239982-0916_00952_001.html

中國駭客危及台灣資安 學者籲尋求國際合作
https://udn.com/news/story/7088/4045670

業務和網絡控制各自為戰是網絡安全的最大漏洞
http://finance.eastmoney.com/a/201909161238190056.html

無孔不入 中共挾陸企滲透全球
https://www.ydn.com.tw/News/352712

中共滲透台灣——網絡篇 「網攻台灣」 中共網軍盯上明年台灣大選
http://www.epochtimes.com/b5/19/9/16/n11524852.htm

全球網絡安全行業組織First 暫停華為成員資格
http://bit.ly/2lZ2JOT

中國大陸網絡安全宣傳周千鋒教育積極構建網絡安全新格局
http://info.chinabyte.com/111/410111.shtml

中國大陸湖北省網絡與信息安全保障工作進入臨戰階段
http://www.hb.xinhuanet.com/2019-09/20/c_1125017605.htm

中國大陸外交部:網路安全應防備思科、蘋果 非華為
https://www.chinatimes.com/realtimenews/20190916003650-260410?chdtv

中國大陸共同織密網絡安全防護網——黨的十八大以來網絡安全工作綜述
http://finance.eastmoney.com/a/201909161237318943.html

中國工程院院士鄔江興:網絡空間安全最大的威脅是不確定威脅
http://it.people.com.cn/n1/2019/0917/c1009-31357755.html

北京軍事專家:香港反送中 具「超限戰」特徵
https://udn.com/news/story/120538/4049892

傳許家印被邊控 中共對富豪下手
http://www.epochtimes.com/b5/19/9/19/n11531193.htm

網攻竊密攫奪資金 美制裁3北韓駭客集團
http://bit.ly/2mdzNmk

美制裁3受北韓資助惡意網攻團體
https://www.ydn.com.tw/News/352599

北韓駭客組織因網絡攻擊事件而遭到美國制裁
http://bit.ly/2kgioJ5

北韓網攻攫奪飛彈資金 陷受害美企於兩難
https://www.cna.com.tw/news/firstnews/201909140036.aspx

朝鮮黑客「戰績彪炳」 受害企業陷道德兩難
http://bit.ly/2kyLN1v

美財政部:北韓駭客用勒索軟體攫取飛彈資金
http://bit.ly/2mgu3Zc

美財政部:北韓利用3大駭客組織籌錢 網攻竊密勒索樣樣來
https://ec.ltn.com.tw/article/breakingnews/2915934

美制裁3個朝鮮網絡組織
http://bit.ly/2kNw4vk

美國制裁 3 個北韓駭客組織,WannaCry 病毒兇手入列
http://technews.tw/2019/09/18/us-treasury-sanctions-three-north-korean-hacking-groups-lazarus-group-bluenoroff-and-andarial/

利用WannaCry發動全球網攻 3北韓黑客組織遭制裁
https://hk.on.cc/hk/bkn/cnt/aeanews/20190914/bkn-20190914011159570-0914_00912_001.html

國際產經:美國制裁北韓政府支持的三個駭客組織
http://bit.ly/2kyHIKJ

賴岳謙:日本國安局長換人做!安倍外交戰略起變化
https://www.chinatimes.com/opinion/20190909000002-262115?chdtv

俄媒:斯諾登否認與俄情報機關合作
https://news.sina.com.tw/article/20190914/32654270.html

加國皇家騎警情報部總長被控洩密
https://hk.news.appledaily.com/international/daily/article/20190915/20768539

加拿大資安漏洞 皇家騎警情報高官涉洩密
http://bit.ly/2kJqBG1

加警操流利中文情報官員涉嫌洩密 恐危害五眼聯盟
http://bit.ly/2kkmBeY

“五眼聯盟”或受損‧加高官涉洩密被捕
https://www.sinchew.com.my/content/content_2116009.html

美眾院反壟斷調查 要求蘋果臉書等交內部電郵
http://bit.ly/2kfZi5S

「全球最強大的國家希望我從這世界消失」史上最強揭密者史諾登回憶錄暢談童年與揭密心境
https://www.storm.mg/article/1711355

出身軍事情報世家 中學曾入侵校網
http://paper.wenweipo.com/2019/09/15/GJ1909150009.htm

普亭身旁臥底 美在俄最高階間諜險曝光 CIA急撤人
http://bit.ly/2kFkbrp

去年砸650億買美國武器 沙國卻難擋廉價科技偷襲
http://bit.ly/2kRux7J

越南再推本土新版社群網站 加強控制網路自由
https://www.cna.com.tw/news/aopl/201909170122.aspx

共同強化資安 AIT:台美11月首度網路攻防演練
https://www.cna.com.tw/news/firstnews/201909170216.aspx

中國對台網攻2年暴增20倍!台美11月將聯合舉行網路攻防演練,15國齊聚強化資安
https://www.storm.mg/article/1725930

周曉輝:美台將聯合舉行網絡攻防演練 威懾中共
http://www.epochtimes.com/b5/19/9/20/n11534130.htm

多國聯軍稱襲擊武器來自伊朗 特朗普指暫不動武
http://www.hkcna.hk/content/2019/0917/785005.shtml

美國有官員稱華為設備具嚴重安全漏洞 電訊商或須移除
http://bit.ly/2kRGKcp

美國官員:可能需移除華為生產的通信設備
https://hk.finance.appledaily.com/finance/realtime/article/20190918/60056818

印度國產航母「4台電腦+硬碟」失竊! 未完工卻創「下水3次」奇蹟
https://www.ettoday.net/news/20190919/1538513.htm?from=news-sitemap

糗!印首艘國產航母還在建 電腦設備竟遭竊
https://www.chinatimes.com/realtimenews/20190920000013-260417?chdtv

還敢買中國貨? 美軍精銳部隊遭爆採購中國無人機
https://news.ltn.com.tw/news/world/breakingnews/2919013

台灣已進入準戰爭狀態? 專家揭秘中共對台資訊戰背後秘密
http://bit.ly/2ksbbG7

禁公費購陸製無人機 美跨黨派議員提案
http://bit.ly/2m0lCBb

US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks
https://thehackernews.com/2019/09/north-korea-cyber-attack.html

Israeli police arrest execs from vendor of mobile surveillance tech
https://www.zdnet.com/article/israeli-police-arrest-execs-from-vendor-of-mobile-surveillance-tech/#ftag=RSSbaffb68

Disqus & Kickstarter hacker warns against password reuse
https://www.zdnet.com/article/disqus-kickstarter-hacker-warns-against-password-reuse/#ftag=RSSbaffb68

US Treasury sanctions three North Korean hacking groups
https://www.zdnet.com/article/us-treasury-sanctions-three-north-korean-hacking-groups/#ftag=RSSbaffb68

How Cloud-Based Automation Can Keep Business Operations Secure
https://thehackernews.com/2019/09/how-cloud-based-automation-can-keep.html

Drones attack Saudi Arabia oil production plants, slice output in half
https://www.zdnet.com/article/drone-attack-slices-saudi-arabia-oil-production-in-half/#ftag=RSSbaffb68

Israeli police arrest execs from vendor of mobile surveillance tech
https://www.zdnet.com/article/israeli-police-arrest-execs-from-vendor-of-mobile-surveillance-tech/#ftag=RSSbaffb68

Brokerage Firm Hit With $500,000 Data Breach Penalty
https://www.bankinfosecurity.com/brokerage-firm-hit-500000-data-breach-penalty-a-13095

Cyberattackers now pose as business executives to secure security certificates
https://www.zdnet.com/article/cyberattackers-now-pose-as-executives-to-secure-security-certificates/#ftag=RSSbaffb68

Mainframe Security Challenges: An Encroaching Perimeter
https://www.bankinfosecurity.com/interviews/mainframe-security-challenges-encroaching-perimeter-i-4444

US government sues ex-IT guy for breaking his NDA (Yes, we mean Edward Snowden)
https://www.theregister.co.uk/2019/09/17/us_govt_sues_snowden/

The Definitive RFP Templates for EDR/EPP and APT Protection
https://thehackernews.com/2019/09/rfp-templates-for-edr-epp.html

United States Sues Edward Snowden and You'd be Surprised to Know Why
https://thehackernews.com/2019/09/edward-snowden-lawsuit.html

Ubisoft to send out cease & desist requests to DDoS-for-hire services
https://www.zdnet.com/article/ubisoft-to-send-out-cease-desist-legal-letters-to-ddos-for-hire-services/#ftag=RSSbaffb68

Senators Urge FCC to Review Licenses for Chinese Telecoms
https://www.bankinfosecurity.asia/senators-urge-fcc-to-review-licenses-for-chinese-telecoms-a-13118

A new type of DDoS attack can amplify attack strength by more than 15,300%
https://www.techrepublic.com/article/a-new-type-of-ddos-attack-can-amplify-attack-strength-by-more-than-15300/

THE AIR FORCE IS INVITING HACKERS TO BREACH A SATELLITE
https://futurism.com/the-byte/air-force-invite-hackers-breach-satellite

Massive Gaming DDoS Exploits Widespread Technology
https://threatpost.com/massive-gaming-ddos-attack-widespread-technology/148443/

Patch now: 1,300 Harbor cloud registries open to attack
https://www.zdnet.com/article/patch-now-1300-harbor-cloud-registries-open-to-attack/#ftag=RSSbaffb68

Microsoft plans to rearchitect Azure Stack by making it container-based
https://www.zdnet.com/article/microsoft-plans-to-rearchitect-azure-stack-by-making-it-container-based/#ftag=RSSbaffb68

Supply Chain Attacks: Hackers Hit IT Providers
https://www.bankinfosecurity.com/supply-chain-attacks-hackers-hit-providers-a-13122

資訊室誠徵契約資訊工程師
http://bit.ly/2lVDLQj

資訊專員
https://www.104.com.tw/job/6qezh

資安技術工程師【PM一部】
https://www.104.com.tw/job/6qiwu?jobsource=jolist_a_relevance

知名人壽 - 資安助理 FL
http://bit.ly/2m0MYXJ

業務代表_資安系統(19091901B)
https://www.104.com.tw/job/6qmnu?jobsource=keyword2Keyword

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
起底「神秘」西安詐騙集團:互稱首長將軍 涉「聯合國搬遷」假項目
http://bit.ly/2kf7qDH

伊朗駭客集團Cobalt Dickens於全球大學展開大規模網釣行動
https://www.ithome.com.tw/news/133071

衛報的SecureDrop匿名爆料平台遭網釣駭客鎖定
https://ithome.com.tw/news/133088

國際警方聯手在全球逮捕281名商業電子郵件詐騙嫌犯
https://www.ithome.com.tw/news/133018

「人臉辨識」洩台人個資?銀行監視器爆中貨
https://www.setn.com/News.aspx?NewsID=601681

聯邦銀行員機警阻匯款 愛情騙子終失敗
https://news.ltn.com.tw/news/society/breakingnews/2914642

個資管理多頭馬車 成立專責機構當務之急
https://www.cna.com.tw/news/afe/201909140061.aspx

廣告追蹤器定位訪客拉票 眾院撤國會議員網站鏈接
http://www.mingpaocanada.com/Tor/htm/News/20190914/tdc1_r.htm

罪犯來自新南向 詐欺酒駕激增
https://www.chinatimes.com/newspapers/20190915001046-260106?chdtv

日本企業求才秘辛:從日本最大人力銀行Rikunabi驚傳個資不當使用說起
https://udn.com/news/story/6871/4044109

假賽馬誘賭客投資再榨乾 不給錢嗆炸掉你家...11人慘淪ATM被吸600萬
https://www.ettoday.net/news/20190914/1535464.htm

“剪刀手”照片或洩露指紋信息專家:舊手機恢復出廠設置還不夠
http://sh.eastday.com/m/20190915/u1ai12833407.html

從源頭把關 資策會科法所攜手業者對抗網購詐騙
http://n.yam.com/Article/20190916179844

韓星假賣票真詐騙 徐永明:售票平台應負連帶責任
https://www.ctwant.com/article/7311

3 年內 FBI 接獲商業電子郵件詐騙投訴金額高達 262 億美元,企業不可不慎
https://www.openfind.com.tw/taiwan/news_detail.php?news_id=10194

借記卡在北京卻在美國被盜刷超5萬元,持卡人起訴銀行獲全賠
https://news.sina.com.tw/article/20190916/32667548.html

Garmin南非網站洩露顧客姓名、完整信用卡號、地址
https://www.ithome.com.tw/news/133045

女子遇新型網絡詐騙 下載App後被匯走6萬人仔
https://hk.on.cc/hk/bkn/cnt/cnnews/20190914/bkn-20190914191512871-0914_00952_001.html

電影看到飽 MoviePass結束服務 客戶個資恐外洩
http://bit.ly/2kOasyX

高中同學「出錢出力」組詐騙集團 騙大陸人上千萬元
https://udn.com/news/story/7321/4044149

給甜頭誘投資 博奕網站詐600萬
https://money.udn.com/money/story/12524/4047852

金融聯防反詐有成  士林警偕行員聯手阻詐
https://times.hinet.net/news/22556677

吸金216億元 刑事局查獲中資網路簽賭
http://bit.ly/2klk1Fz

刑事局破獲中資非法博弈產業鏈來台
https://news.pts.org.tw/article/446489

網路廉價詐售蘋果手機 警逮5嫌送辦
http://bit.ly/2mmjVyd

偷手機後利用App漏洞盜刷信用卡 團伙獲利百萬元被抓
http://finance.sina.com/bg/tech/technews/thepaper/2019-09-16/doc-ifznycny5952067.shtml

厄瓜多全民個資幾全遭外洩 亞桑傑也在其中
https://www.rti.org.tw/news/view/id/2034769

厄瓜多爾全國人民資料外洩 總統維基創辦人俱受害
https://hk.news.appledaily.com/international/realtime/article/20190917/60055558

資安大漏洞!厄瓜多全國2000萬筆個資遭外洩 連總統也受害
https://cnews.com.tw/140190918a05/

逾3千萬名印尼獅子航空乘客資料外洩
https://www.ithome.com.tw/news/133115

陌生號碼發來年檢簡訊 車主被高仿公眾號騙走兩千
https://news.sina.com.tw/article/20190917/32673884.html

如何防止師生信息泄露被竊取?專家給了這些建議
https://news.sina.com.tw/article/20190917/32685064.html

海南原人防辦報賬員7年間300多次造假騙取公款超百萬
https://news.sina.com.tw/article/20190918/32686996.html

隨手按個讚綁定臉書當帳號 都有個資外洩風險
https://udn.com/news/story/7088/4053706

看待個資大不同 日本可換咖啡韓改身分證號碼
https://udn.com/news/story/7088/4053726

假身份刷卡後退貨索錢 2男騙招遭拆穿落網
http://bit.ly/2kn2sVw

相同投資網卻不同IP?警方:有詐騙風險
https://news.ltn.com.tw/news/society/breakingnews/2919258

深圳福田警方打掉一利用網銀U盾作案犯罪團伙
http://www.legaldaily.com.cn/index/content/2019-09/17/content_7994996.htm

馬印航空公司發生數據泄露 數百萬名乘客或受影響
https://news.sina.com.tw/article/20190918/32693834.html

保險業現新型詐騙 企業內控再臨考
https://news.sina.com.tw/article/20190919/32698646.html

數億張醫療影像在網路上曝光
https://ithome.com.tw/news/133132

堵陸媒惡行港法院禁洩《蘋果》員工個資
https://tw.appledaily.com/column/article/860/twapple/20190920/38450020/

YouTube 更改認證條件,大量用戶遭到撤銷資格引發批評與緊張
https://tw.mobi.yahoo.com/news/changeyoutube-032232611.html

冒牌AdBlock、uBlock廣告封鎖外掛實則廣告詐欺,300網站受害
https://www.ithome.com.tw/news/133164

Heatstrok網路釣魚攻擊,為何鎖定科技產業員工免費信箱
https://blog.trendmicro.com.tw/?p=62007

Smart TVs send user data to tech heavyweights including Facebook, Google, Netflix
https://www.zdnet.com/article/smart-tvs-send-user-data-to-tech-heavyweights-including-facebook-google-netflix/#ftag=RSSbaffb68

Data of 24.3 million Lumin PDF users shared on hacking forum
https://www.zdnet.com/article/data-of-24-3-million-lumin-pdf-users-shared-on-hacking-forum/#ftag=RSSbaffb68

LastPass bug leaks credentials from previous site
https://www.zdnet.com/article/lastpass-bug-leaks-credentials-from-previous-site/#ftag=RSSbaffb68

Database leaks data on most of Ecuador's citizens, including 6.7 million children
https://www.zdnet.com/article/database-leaks-data-on-most-of-ecuadors-citizens-including-6-7-million-children/#ftag=RSSbaffb68

Thousands of Google Calendars Possibly Leaking Private Information Online
https://thehackernews.com/2019/09/google-calendar-search.html

Investigation Launched After Ecuadorian Records Exposed
https://www.bankinfosecurity.com/investigation-launched-after-ecuadorian-records-exposed-a-13097

Arrest made in Ecuador's massive data breach
https://www.zdnet.com/article/arrest-made-in-ecuadors-massive-data-breach/#ftag=RSSbaffb68

If you are a Restaurant Depot customer, don’t open that phishing email
https://www.zdnet.com/article/if-you-are-a-restaurant-depot-customer-dont-open-that-phishing-email/#ftag=RSSbaffb68

IT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador’s History
https://thehackernews.com/2019/09/ecuador-data-breach.html

Scotiabank slammed for 'muppet-grade security' after internal source code and credentials spill onto open internet
https://www.theregister.co.uk/2019/09/18/scotiabank_code_github_leak/

E.研究報告
K8S 漏洞報告|近期重要bug fix 分析
https://www.infoq.cn/article/rLHhx2V8sXmkXx7RHTDl

基於鯤鵬雲服務器的MongoDB未授權訪問漏洞檢測及整改建議
https://bbs.huaweicloud.com/forum/thread-24668-1-1.html

釣魚攻擊姿勢老套,不明真相還是上當
https://www.freebuf.com/articles/system/212565.html

Heatstrok網路釣魚攻擊,為何鎖定科技產業員工免費信箱
https://blog.trendmicro.com.tw/?p=62007

深入分析Adobe忽略了6年的PDF漏洞
https://xlab.tencent.com/cn/2019/09/12/deep-analysis-of-cve-2019-8014/

一款漏洞驗證框架的構思
https://www.jishuwen.com/d/251d/zh-tw

Fortigate SSL VPN從漏洞挖掘到漏洞利用分析
https://www.4hou.com/vulnerable/20170.html

一次無聊的APP漏洞挖掘
https://zhuanlan.zhihu.com/p/82513348

一篇RPO漏洞挖掘文章翻譯加深理解
https://www.cnblogs.com/piaomiaohongchen/p/11528205.html

記一次內部系統滲透測試:小漏洞組合拳
https://www.freebuf.com/articles/web/213675.html

Jenkins RCE漏洞分析匯總
https://xz.aliyun.com/t/6361

深入探索在野外發現的iOS漏洞利用鏈
https://www.anquanke.com/post/id/186456

BlueKeep 漏洞利用分析
https://paper.seebug.org/1035/

细数Android系统那些DOS漏洞
http://www.tiejiang.org/25242.html

安全漏洞XSS、CSRF、SQL注入以及DDOS攻擊
https://www.cnblogs.com/rinack/p/11549410.html

CORS介紹及其漏洞檢測
http://www.saucer-man.com/information_security/331.html

攻撃グループBlackTechが侵入後に使用するマルウエア
https://blogs.jpcert.or.jp/ja/2019/09/tscookie_loader.html

Hacking LED Wristbands: A ‘Lightning’ Recap of RF Security Basics
https://blog.trendmicro.com/trendlabs-security-intelligence/hacking-led-wristbands-a-lightning-recap-of-rf-security-basics/

2019 CWE Top 25 Most Dangerous Software Errors
https://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html

These software vulnerabilities top MITRE’s most dangerous list
https://www.zdnet.com/article/these-software-vulnerabilities-top-mitres-most-dangerous-list-in-2019/#ftag=RSSbaffb68

SQL Injection Cheat Sheet
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

GitHub security alerts now support PHP projects
https://www.zdnet.com/article/github-security-alerts-now-support-php-projects/#ftag=RSSbaffb68

guillaC/wsManager
https://github.com/guillaC/wsManager

Sumeet-R/HackTheKeyboard
https://github.com/Sumeet-R/HackTheKeyboard

Leviathan36/kaboom
https://github.com/Leviathan36/kaboom

BullsEye0/shodan-eye
https://github.com/BullsEye0/shodan-eye

dlfernando/Instagram-downloader
https://github.com/dlfernando/Instagram-downloader

fkasler/dolos_cloak
https://github.com/fkasler/dolos_cloak

The TIDoS Framework - The Offensive Manual Web Application Penetration Testing Framework
https://hakin9.org/the-tidos-framework-the-offensive-manual-web-application-penetration-testing-framework/

Edward Snowden - Permanent Record
https://kaketosdelano.ml/threads/edward-snowden-permanent-record-2019-mp3-epub.8599/

GNU Radio CON 2019
https://www.gnuradio.org/grcon/grcon19/presentations/

[macOS, CTF] ChiChou/DezhouInstrumenz
https://github.com/ChiChou/DezhouInstrumenz

F.商業
Nexusguard研究顯示,DNS DNS放大攻擊去年以來增加了1,000%
https://times.hinet.net/news/22559475

微軟資料中心逐步融合資安防護與GDPR合規服務
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=70&id=0000568592_AH06L6AJ8B537J35H5MKK

瀏覽網頁變不一樣了!Chrome 77 最新版增添3項實用功能
https://3c.ltn.com.tw/news/38018

Palo Alto Networks:打擊網路犯罪企業用AI了嗎
https://news.sina.com.tw/article/20190917/32684284.html

迎戰中國削價競爭 台灣安全監控產業資安升級
https://www.cna.com.tw/news/ahel/201909180037.aspx

甲骨文推出自主Linux作業系統
https://www.ithome.com.tw/news/133110

Office 365 vs. LibreOffice 比一比 ,誰才是你最得心應手的生產力工具
https://www.kocpc.com.tw/archives/275178

Windows 7 即將停止更新!即刻升級 Windows 10,保障資安、商用作業系統維護
https://www.cool3c.com/article/147971

GitHub 收購程式碼分析工具商 Semmle,協助開發人員發現程式碼漏洞
https://finance.technews.tw/2019/09/19/github-acquires-semmle-to-help-developers-spot-code-exploits/

Chrome v77推3項新功能 改善文字傳送消失問題
https://udn.com/news/story/7086/4056208

Firefox 瀏覽器從明年開始,將進入每 4 週就更新一次的週期
https://www.kocpc.com.tw/archives/281165

甲骨文以上千台Raspberry Pi組成超級電腦叢集
https://www.ithome.com.tw/news/133137

Microsoft acquires code-analysis platform vendor Semmle
https://www.zdnet.com/article/microsoft-acquires-code-analysis-platform-vendor-semmle/#ftag=RSSbaffb68

Microsoft pushes back end of support for Exchange Server 2010 by nine months
https://www.zdnet.com/article/microsoft-pushes-back-end-of-support-for-exchange-server-2010-by-nine-months/#ftag=RSSbaffb68

Is Microsoft getting closer to launching its expected Microsoft 365 Consumer subscription
https://www.zdnet.com/article/is-microsoft-getting-closer-to-launching-its-expected-microsoft-365-consumer-subscription/#ftag=RSSbaffb68

How Cloud-Based Automation Can Keep Business Operations Secure
https://thehackernews.com/2019/09/how-cloud-based-automation-can-keep.html

Dremio releases Data Lake Engines for AWS and Azure
https://www.zdnet.com/article/dremio-releases-data-lake-engines-for-aws-azure-and-hybrid-cloud/#ftag=RSSbaffb68

Google removes two Chrome ad blocker extensions caught 'cookie stuffing'
https://www.zdnet.com/article/google-removes-two-chrome-ad-blocker-extensions-caught-cookie-stuffing/#ftag=RSSbaffb68

G.政府
數位身分證會掌握你的行蹤?無稽之談
http://bit.ly/2kzNpbk

政院強推數位身分證監控人民? 內政部駁斥
https://news.sina.com.tw/article/20190916/32667930.html

再轟內政部新式身分證具追蹤機制 許毓仁:哪條法律授權政府在人民身上放eTag
https://www.storm.mg/article/1716278

新式身分證 恐釀資安危機/關鍵「私人金鑰」發包民間廠商處理 晶片、系統將成駭客攻擊對象
https://news.ltn.com.tw/news/life/paper/1316927

揭露數位身分證2大隱憂 台權會:個資外洩及國家機器監控
http://bit.ly/2kKaEPR

內政部:數位身分證私密金鑰無法重製 資安無虞
https://money.udn.com/money/story/7307/4041268

新身分證具追蹤機制 藍委:這不叫監控什麼叫監控
https://www.chinatimes.com/realtimenews/20190916001996-260407?chdtv

政府領域聯防監控情資回傳作業常見問題
http://bit.ly/2kB75LZ

陳美伶:個資涉及層面廣 需跨領域規管整合
http://bit.ly/2kAPSlS

黃國昌稱時力不賣亡國感 學者李忠憲:論述真是矛盾
https://news.ltn.com.tw/news/politics/breakingnews/2915732

廖世偉觀點:純網銀的身分認證的監理與資安
https://www.storm.mg/article/1671595

防「自己人」亂查/查過必留痕跡 警方不定期資安稽核
https://news.ltn.com.tw/news/society/paper/1318159

案情反推諜對諜:調查局調查官教你如何就營業秘密案件搜證
https://udn.com/news/story/6871/4044037

網路賭博無罪 法部修法堵漏洞
https://money.udn.com/money/story/5618/4047850

​網路賭博不一樣 法務部修法改這2項
https://tw.appledaily.com/new/realtime/20190916/1633987/

防恐攻 大型無人機零件進口要納管
https://www.chinatimes.com/newspapers/20190917000255-260202?chdtv

台商回流重視供電 台電、調查局推「資安聯防」阻駭
https://news.ltn.com.tw/news/politics/breakingnews/2917999

金管會修訂「金融機構作業委託他人處理內部作業制度及程序辦法」
http://bit.ly/2kPhio1

H.ICS/SCADA 工控系統
工業資安保衛戰 IT/OT各司其職
https://www.mem.com.tw/arti.php?sn=1909160005

智慧工廠暴露製造端安全風險 半導體、資安業者跨界合作推動資安平台
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000568850_YTS76D756XWIV4LEZRSXB

半導體資安標準動起來 鏈結供需更有感
https://www.mem.com.tw/arti.php?sn=1909190002

advantech -- webaccess
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-3975

頂象:工控設備被遠程瞬間摧毀企業該怎麼防
http://nx.sina.com.cn/finance/2019-09-20/detail-iicezueu7161266.shtml

I.教育訓練
【資安講座#2】揭露郵件與惡的距離,談Openfind BEC反詐騙應用與技術發展
https://funny-video-online.com/watch/j5d4f4d415o494m4a445v4.html

『 Day 2 』認識 CTF
https://ithelp.ithome.com.tw/articles/10215497

[駭客工具 Day12] 密碼暴力破解 - Hydra
https://ithelp.ithome.com.tw/articles/10215072

[駭客工具 Day13] 密碼字典檔生成工具 - crunch
https://ithelp.ithome.com.tw/articles/10215234?sc=rss.qu

[駭客工具 Day14] 快速網站弱點掃描- Nikto
https://ithelp.ithome.com.tw/articles/10215447

[駭客工具 Day15] 主機系統弱點掃描 - Nessus
https://ithelp.ithome.com.tw/articles/10215646

[駭客工具 Day16] 滲透神器 - Metasploit
https://ithelp.ithome.com.tw/articles/10216722

[駭客工具 Day17] SQL Injection漏洞利用 - sqlmap
https://ithelp.ithome.com.tw/articles/10217184

[Day 1] 話說這個人會講些啥
https://ithelp.ithome.com.tw/articles/10213662

[Day 2] Template Injection:欸不是,你真的懂 Python 嗎?
https://ithelp.ithome.com.tw/articles/10217309

[Day04] AI實例-將來銀行
https://ithelp.ithome.com.tw/articles/10217786?sc=iThelpR

Day4 駭客&滲透階段
https://ithelp.ithome.com.tw/articles/10217638

資安開源工具:神兵利器還是雙面利刃? (二)
https://ithelp.ithome.com.tw/articles/10215297

那個夜裡的資安-9
https://ithelp.ithome.com.tw/articles/10215354

Day01 前言x初探CTF
https://ithelp.ithome.com.tw/articles/10215346

[Day 01] 資安百物語-第零談:前言 &百物語
https://ithelp.ithome.com.tw/articles/10216250

利用Decorator進行參數型別檢查
https://www.uuu.com.tw/Public/content/article/19/20190916.htm

[Day1] 淺談 Kubernetes 設計原理
https://ithelp.ithome.com.tw/articles/10215384

[Day01]源自於同事的困擾
https://ithelp.ithome.com.tw/articles/10213187

[Day02]來自駭客的預告信
https://ithelp.ithome.com.tw/articles/10213967

[Day-1] Tensorflow 介紹 及 Tensorflow 2.0相關知識
https://ithelp.ithome.com.tw/articles/10215969

馬坤:成立網絡安全學院專注人才培養
http://m.cnwest.com/sxxw/a/2019/09/14/17995033.html

[英語面試大秘訣] – 北美軟體工程師面試實戰分享
http://bit.ly/2lYU9zu

從拉麵店的販賣機理解什麼是 API
https://medium.com/@hulitw/ramen-and-api-6238437dc544

鐵人賽:初入程式語言,沒想到是 JavaScript 的親戚啊
https://wcc723.github.io/ironman/2019/09/18/start-to-learn-program/

PyCon TW 2019 共同筆記
https://hackmd.io/@PyConTW/2019/%2FitlYBVanTbSrdXhjlbEdyA

DVWA(Damn Vulnerable Web Application)- Brute Force
http://bit.ly/2mryP6c

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
全國IoT資安挑戰賽 民眾玩密室逃脫找資安弱點
https://udn.com/news/story/7266/4045825

2019IoT資安挑戰賽成果揭曉 UCCU Hacker奪冠
http://bit.ly/2kp9Css

智慧家庭要防駭 「2019 IoT資安挑戰賽」成果揭曉
https://times.hinet.net/news/22556980

趨勢科技:物聯網已成網路犯罪地下市場熱門話題
https://newtalk.tw/news/view/2019-09-17/299906

防堵網路攝影機資安漏洞 消費者自保有道
https://money.udn.com/money/story/7307/4053660

網路攝影機不設防 資安漏洞隱私被看光
https://money.udn.com/money/story/7307/4053658

工控系統資安認證網路攝影機也有家用款
http://bit.ly/2kStW5J

This Week in Security News: IoT Devices Are a Target in Cybercriminal Underground
https://blog.trendmicro.com/this-week-in-security-news-iot-devices-are-a-target-in-cybercriminal-underground/

Protocol found in webcams and DVRs is fueling a new round of big DDoSes
https://arstechnica.com/information-technology/2019/09/in-the-wild-ddoses-are-abusing-webcams-and-dvrs-to-amplify-their-crippling-effects/

6.近期資安活動及研討會
 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 PyTorch Tainan x CCNS 聚會 #28 9/21
 https://pytorch-tainan.kktix.cc/events/2019-09-21-m28

 Android Code Club(Taipei) 9/21
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbcc/

 SyntaxError  9/21
 https://www.meetup.com/pythonhug/events/tnzzgpyzlbcc/

 資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21
 https://ithome.com.tw/pr/131772

 交通大學亥客書院-A011:入侵行為發覺與應變指南 9/21
 https://hackercollege.nctu.edu.tw/?p=1082

 AIC課程 _ Python 入門 9/21 ~ 9/22
 https://www.facebook.com/events/429157554391837/?event_time_id=429157561058503

 資訊安全管理系統-進階課程 9/21
 https://www.accupass.com/event/1907160908138705889800

 Open UP Summit Fukuoka Outreach 9/21
 https://www.meetup.com/TaipeiWomeninTech/events/263683783/

 Python 入門 台北 2019/09 月份 9/21
 https://www.meetup.com/PyLadiesTW/events/264464501/

 TEM 基礎教育課程第二階段:「工程師的即戰力」 9/21
 https://www.meetup.com/Taipei-Ethereum-Meetup/events/264544639/

 【CIT週末玩程式】- (9月)認識電腦與程式邏輯訓練 9/21
 https://www.meetup.com/Women-Who-Code-Taipei/events/264121660/

 Developer Meetup Taipei 2019 9/22
 https://www.meetup.com/Taipei-Dapp-com-Meetup-Group/events/264898014/

 Coffee & Code 9/22
 https://www.meetup.com/Innovate-Taiwan/events/hkdmgryzmbdc/

 Build Your First Custom Blockchain - 親手打造你的第一個客制區塊鏈  9/24
 https://www.meetup.com/Polkadot-Taipei/events/264188190/

 Golang Taipei Gathering #44 x Wanted 9/24
  https://www.meetup.com/golang-taipei-meetup/events/264492552/

 Android Taipei - 2019 九月聚會 9/24
 https://www.facebook.com/events/421900911784891/

 智慧型手機破密 9/24
 https://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=37

 Women Who Code <> VMware Taiwan 帶你進入K8s的世界 9/25
 https://www.meetup.com/Women-Who-Code-Taipei/events/264860059/

 TANET 2019 - 臺灣網際網路研討會  9/25
 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310

 不起眼的讀書會 #12 9/25
 https://www.meetup.com/cschat-taichung/events/264917307/

 Nextlink Technology 9/25 (三)
 https://www.accupass.com/event/1908020858535104977240

 DEVCORE Conference 2019  9/25
 https://devco.re/conf/2019/

 Nextlink Technology  | 企業資安防護能力再升級 | Nextlink 資安論壇9/25 (三)
 https://www.accupass.com/event/1908020858535104977240

 面對 APT進階持續性滲透攻擊,企業如何建立正確防護觀念與有效、低成本的資安防護能力 9/26
 https://www.techbang.com/posts/72484-lecturecorporate-apt

 Thinking Thursday 第四場  9/26
 https://www.meetup.com/Thinking-Thursday/events/263826166/

 Taipei.py 七週年慶 No. 7 Anniversary 9/26
 https://www.meetup.com/Taipei-py/events/264775361/

 [CyCarrier]-奧義智慧資安活動_Fintech威脅剖析 金融科技資安升級 9/26
 https://www.zerone.com.tw/TrainingDetial/Seminar/2CB2943BF5366C08%7C581222C91497B312

 [Akamai]-Akamai線上研討會快速部署與高效預測抵禦的資安防護網 9/27
 https://www.zerone.com.tw/TrainingDetial/Seminar/33439C9B5852933A%7C4D840EFFD881209B

 交通大學亥客書院-B022:基礎網頁安全與滲透測試 9/28
 https://hackercollege.nctu.edu.tw/?p=1084

 【Flutter Brunch】: 一起來交流 Flutter 技術 9/28
 https://www.meetup.com/Women-Who-Code-Taipei/events/264801570/

 WTM Networking - UXers' Breakfast #3 9/28
 https://www.meetup.com/GDGTaipei/events/264719986/

 JavaScript Developer Conference-2019  2019-09-28(六) 09:30 ~ 2019-10-26(六) 17:30 (GMT+8)
 https://www.accupass.com/event/1907081509101081922774

 AI/BigData技能養成系列課程-資料工程實務應用精鍊假日班(確定開課) 9/28 ~ 10/6
 https://www.accupass.com/event/1908010601311553672560

 NSPA實作課程(假日班)報名表 9/29
 https://docs.google.com/forms/d/e/1FAIpQLSf6g7LmwAk_T6RFCaZL3dvgxjS9qlMrHlLtkXDC-nqNza_V9w/viewform

 軟體安全測試實務 9/29
 https://www.sce.pccu.edu.tw/event/chtweb/index.html

 2019 NASA黑客松賽前技術分享[Microsoft]_Azure 雲端運算與認知識別服務 10/1
 https://www.facebook.com/events/421753888461417/

 技職校院物聯網創新應用賽 10/1 受理報名
 https://iot2gather.ntust.edu.tw/

 Gnss海面反射訊號之技術及應用 10/1
 https://www.facebook.com/events/384731849123773/

 Nasa黑客松,太空中心能幫你什麼 10/2
 https://www.facebook.com/events/390573691633383/

 GDG DevFest Taipei 2019 10/1
 https://www.meetup.com/GDGTaipei/events/263142255/

 108 年「先進製造 AI 與物聯網資安實務應用研討會」 10/3
 https://seminars.tca.org.tw/D15e02340.aspx

 我們與資安的距離 10/5
 https://hackersir.kktix.cc/events/20191005

 安全程式碼撰寫基礎 10/6
 https://www.sce.pccu.edu.tw/event/chtweb/index.html

 XRY Certification 教育訓練 10/7 ~ 10/8
 https://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=38

 資安檢核核心技術及進階技術研討會 10月7日至10月9日
 http://bit.ly/2TN2UtD

 2019年台灣資安通報應變年會 10/8
 https://www.informationsecurity.com.tw/Seminar/ISevent20191008/

 Cloud Native Forum 2019   10/9
 https://www.meetup.com/Cloud-Native-Taipei-User-Group/events/264613646/

 HITB+ CYBER WEEK 2019/10/12 ~17
 https://d2p.hitb.org/

 白帽駭客體驗實作 10/13
 https://www.sce.pccu.edu.tw/event/chtweb/index.html

 國家高速網路與計算中心 台灣杉一號高速計算主機使用進階課程 10/14
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3869&from_course_list_url=course_index

 數位時代,自已的權利自己顧 -- 不可不知!基礎資安教戰講座  10/15
 https://ocftw.kktix.cc/events/e0c1048b

 智資時代 2019 科技法制前瞻論壇 10/15
 https://seminar.ithome.com.tw/live/iii20191015/index.html?eDM_iThome

 AI時代下,資安與視覺化的觀點與實例 10/16
 https://www.tiai.org.tw/tiaiActDetailClass?sno=19

 TFUG Taipei | TensorFlow All Around 10/16
 https://www.meetup.com/TensorFlow-User-Group-Taipei/events/264713077/

 Kotlin/Everywhere GDG Hsinchu - Kotlin on Cloud and Web 10/17
 https://www.meetup.com/GDG-Hsinchu/events/263741333/

 2019 Space Apps Challenge_NASA 黑客松台北場 10/18
 https://www.facebook.com/events/2112377919060176/

 2019 邊緣運算論壇 - AI + IoT 備戰台商回流潮,IIoT 智慧升級 10/18
 https://www.accupass.com/event/1909040655361186052756

 Crosslink Taiwan 2019 10/19
 https://www.meetup.com/Taipei-Ethereum-Meetup/events/264302796/

 交通大學亥客書院-A006:數位足跡追蹤與分析 10/19
 https://hackercollege.nctu.edu.tw/?p=1088

 無痛上手-WiFi無線網路安全檢測 10/20
 https://www.sce.pccu.edu.tw/event/chtweb/index.html

 日盛金融黑客松 報名至10/20 止
 https://app.jsun.com/hackathon/Main

 Splunk .conf 19  10/21 ~ 10/24
 https://conf.splunk.com/

 國家高速網路與計算中心 平行計算程式設計基礎課程 10/22
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3778&from_course_list_url=course_index

  AIoT智能物聯網開發人才就業養成班[免費諮詢]  10/22
 https://ittraining.kktix.cc/events/aiot-training-2019

 Industrial Control Systems (ICS) Cyber Security Conference  USA   October 21 – 24, 2019
 https://www.icscybersecurityconference.com

 [Palo Alto Networks]-Palo Alto Networks 直播研討會Part6. MITRE ATT&CK 新資安攻防框架進階產業應用 10/24
 https://www.zerone.com.tw/TrainingDetial/Seminar/7747B901A8198AC3%7C1C130FE6FEC34700

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  10/25
 https://signupcybersec101.ithome.com.tw/

 國家高速網路與計算中心 大數據軟體開發平台與深度學習、HBase(大數據資料庫)開發應用案例 10/25
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3867&from_course_list_url=course_index

 交通大學亥客書院-A015:進階網頁滲透測試 10/26
 https://hackercollege.nctu.edu.tw/?p=1090

 資安檢核核心技術及進階技術研討會 10月28日至10月30日
 http://bit.ly/2TN2UtD

 Foundations in Digital Forensics with EnCase® (DF120) (原CF1) 10/28 ~ 10/31
 https://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=39

 行政院資安學院 物聯網資安培訓課程 11/3 ~ 11/30
 https://www.accupass.com/event/1810080517061259295030

 Red Hat Forum Taipei 2019  11/5
 https://www.facebook.com/events/1390202967799392/

 駭客攻防暨數位鑑識系列一(第1期) 11/7
 https://service.tabf.org.tw/Training/CourseDetail.aspx?PID=384540

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  11/8
 https://signupcybersec101.ithome.com.tw/

 Kotlin/Everywhere GDG Taoyuan - 運用 Ktor 建置一個以 Kotlin 打造的後端服務  11/9
 https://www.meetup.com/GDGTaoyuan/events/264776152/

 交通大學亥客書院-P006:高階網頁滲透測試 11/16
 https://hackercollege.nctu.edu.tw/?p=1092

 Trend Micro CTF 2019 // Raimund Genes Cup  FINAL / NOVEMBER 23–24, 2019
 https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html

 資安檢核核心技術及進階技術研討會11月26日至11月28日
 http://bit.ly/2TN2UtD

 人資人員必修的職安法規定 11/26
 https://www.accupass.com/event/1909121441141977826554

 Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會  11/29
 https://signupcybersec101.ithome.com.tw/

 交通大學亥客書院-B015:惡意程式檢測 11/30
 https://hackercollege.nctu.edu.tw/?p=1098

 交通大學亥客書院-A018:企業網域控管-Active Directory攻擊與防禦  12/14
 https://hackercollege.nctu.edu.tw/?p=1094

 Japan Security Analyst Conference
 https://jsac.jpcert.or.jp/

留言

這個網誌中的熱門文章

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/



8月份資安社群及教育訓練活動分享

8月份資安社群及教育訓練活動分享

 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/

 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/

 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/

5月份資安、社群活動分享

5月份資安、社群活動分享

 108年度資安初學者挑戰活動 (MyFirstCTF) 5/1 ~ 5/10 報名
 https://ais3.org/mfctf/

 HackingThursday 固定聚會  5/2
 https://www.meetup.com/hackingthursday/events/vkhnnqyzhbdb/

 Python 商務網站 * 極速學習 (2019春季 - 台北)  5/2
 https://cjltsod.kktix.cc/events/django-2019-spring-taipei

 國票金控「純網銀鯰魚與資安技術漣漪」日本樂天技術結合台灣AI 人工智慧發表會  5/2
 https://www.accupass.com/event/1904111400151860776797

 資安法 X 技術實務論壇  5/2
 https://csa.kktix.cc/events/csa190502

 國立交通大學 亥客書院 - 基礎網站安全建構實務  5/4
 https://hackercollege.nctu.edu.tw/?p=1045

 ISDA 白帽菁英萌芽計劃II 0505 
 https://reg.shield.org.tw/info.php?no=54

 Pwn入門  5/5
 https://hackersir.kktix.cc/events/fcu190505

 Elixir台灣 台北 Meetup # Monday, May 6, 2019
 https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/

 公部門之AI資安防護新思維研討會 5/7
 http://www.cisanet.org.tw/News/activity_more?id=MTQzOA==

 向資安服務看齊 我們一起讓資安從「有做」到「有效」  5/8 ~ 5/10
 https://www.informationsecurity.com.tw/Seminar/2019_all/

 資安危機 - 進擊的勒索加密軟體 2019-05-09(四) 14:45 ~ 17:00
 https://www.accupass.com/event/19041703435474776…