資安事件新聞週報 2019/9/2 ~ 2019/9/6
資安事件新聞週報 2019/9/2 ~ 2019/9/6
1.重大弱點漏洞/後門/Exploit/Zero Day
PSV、PS3雙雙獲得韌體更新,但似乎忘了把漏洞補上
https://www.techbang.com/posts/72481-psv-ps3-double-get-stolic-update-but-seem-to-forget-to-fill-in-the-vulnerability
發現美國海軍網站的敏感信息洩露和SQL注入漏洞
https://nosec.org/home/detail/2909.html
企業修補進度慢!近期臺灣資安業者揭露的SSL VPN漏洞,傳出已遭駭客鎖定
https://www.ithome.com.tw/news/132764
SonarQube檢測出的bug、漏洞以及異味的修復整理
https://cloud.tencent.com/developer/article/1497624
Zimbra-RCE
https://github.com/rek7/Zimbra-RCE
Trend Micro OfficeScan (OSCE) DLL Side-Loading安全性弱點通告
https://nvd.nist.gov/vuln/detail/CVE-2019-9492
Hiding in Plain Text: Jenkins Plugin Vulnerabilities
https://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-text-jenkins-plugin-vulnerabilities/
Lightning Network用戶敦促因漏洞而緊急更新軟件
https://0xzx.com/201908302043248275.html
SA103 : October 2015 NTP Security Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1335.html
SA98 : OpenSSL Security Advisory 11-June-2015
https://support.symantec.com/us/en/article.SYMSA1325.html
SA104 : OpenSSH Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1337.html
XSS and Information Disclosure Vulnerabilities in ASG and ProxySG
https://support.symantec.com/us/en/article.SYMSA1472.html
Information Disclosure Vulnerability in Reporter
https://support.symantec.com/us/en/article.SYMSA1489.html
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
https://support.symantec.com/us/en/article.SYMSA1457.html
思科 NX-OS 多個漏洞
https://tools.cisco.com/security/center/publicationListing.x
Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection
https://www.exploit-db.com/exploits/47329
Cisco Nexus 7000 Series Switches和Nexus 7700 Series Switches NX-OS Software 輸入驗證錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1964
Company behind Foxit PDF Reader announces security breach
https://www.zdnet.com/article/company-behind-foxit-pdf-reader-announces-security-breach/#ftag=RSSbaffb68
Google Chrome 遠端執行任意程式碼漏洞
https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop_26.html
Multiple WordPress Plugins SQL Injection Vulnerabilities
https://www.fortinet.com/blog/threat-research/wordpress-plugin-sql-injection-vulnerability.html
WordPress sites under attack as hacker group tries to create rogue admin accounts
https://www.zdnet.com/article/wordpress-sites-under-attack-as-hacker-group-tries-to-create-rogue-admin-accounts/#ftag=RSSbaffb68
WordPress 10多個外掛遭駭,用以建立網站非法帳號
https://www.ithome.com.tw/news/132788
車輛跟踪系統LoJack的認證系統API存在漏洞,可以被利用實時跟踪汽車
https://www.4hou.com/vulnerable/20013.html
Hickory智能門鎖存在的多個漏洞
https://cloud.tencent.com/developer/article/1494657
來當賞金獵人?Google升級「維安計畫」 找到漏洞就有獎金拿
https://cnews.com.tw/140190903a04/
微軟著手調查造成Windows 10 CPU使用率飆高的原因
https://www.ithome.com.tw/news/132837
Analyzing and Identifying Issues with the Microsoft Patch for CVE-2018-8423
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analyzing-and-identifying-issues-with-the-microsoft-patch-for-cve-2018-8423/
Microsoft's latest Windows 10 20H1 test build adds cloud-reset option
https://www.zdnet.com/article/microsofts-latest-windows-10-20h1-test-build-adds-cloud-reset-option/#ftag=RSSbaffb68
Microsoft plans to remove Adobe Flash from all of its web browsers by December 2020
https://www.onmsft.com/news/microsoft-plans-to-remove-adobe-flash-from-all-of-its-web-browsers-by-december-2020
How MuleSoft patched a critical security flaw and avoided a disaster
https://www.zdnet.com/article/how-mulesoft-patched-a-critical-security-flaw-and-avoided-a-disaster/#ftag=RSSbaffb68
BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
https://thehackernews.com/2019/09/hacking-bmc-server.html
超微伺服器的基板傳出含有遠端攻擊漏洞
https://www.ithome.com.tw/news/132842
企業修補進度慢!近期臺灣資安業者揭露的SSL VPN漏洞,傳出已遭駭客鎖定,全球近1萬5個Pulse Secure VPN端點曝險
https://www.ithome.com.tw/news/132764
GNU Compiler Collection 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847
Wolters Kluwer Financial Services TeamMate+ 跨站請求偽造漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10253
Panasonic Video Insight VMS SQL注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5996
Over 47,000 Supermicro servers are exposing BMC ports on the internet
https://www.zdnet.com/article/over-47000-supermicro-servers-are-exposing-bmc-ports-on-the-internet/#ftag=RSSbaffb68
The latest on BlueKeep and DejaBlue vulnerabilities — Using Firepower to defend against encrypted DejaBlue
https://blogs.cisco.com/security/talos/the-latest-on-bluekeep-and-dejablue-vulnerabilities-using-firepower-to-defend-against-encrypted-dejablue
Firefox 69 Now Blocks 3rd-Party Tracking Cookies and Cryptominers By Default
https://thehackernews.com/2019/09/firefox-tracking-cookies-cryptominers.html
【Cookie 剋星】最新版 Firefox 69 上線!全面啟用追蹤保護擋追蹤軟體
https://buzzorange.com/techorange/2019/09/05/firefox-69-launch/
Mozilla Firefox 多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/09/04/mozilla-releases-security-updates-firefox-and-firefox-esr
Year-Old Samba Bug Allows Access to Forbidden Root Share Paths
https://www.bleepingcomputer.com/news/security/year-old-samba-bug-allows-access-to-forbidden-root-share-paths/
Kubernetes 爆發嚴重漏洞:可能影響所有開源版本
https://juejin.im/post/5d6ef4575188256ea517d950
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
臺北金融科技展11月底即將登場,三家純網銀將首次同臺秀特色
https://www.ithome.com.tw/news/132678
外資主導搶食網銀大餅 國家隊好想贏日韓
https://m.mirrormedia.mg/story/20190827soc006/
將來銀行將自組 AI 團隊,佈局純網銀四大重點領域
https://buzzorange.com/techorange/2019/08/28/next-bank/
純網銀徵才大戰/LINE Bank拚2020上半年開業 年底前招募逾百位專才
https://www.ettoday.net/news/20190831/1525158.htm
純網銀徵才大戰/3團隊瘋搶這4類人才 文科生、理科生也可捧金飯碗
https://www.ettoday.net/news/20190831/1525157.htm
新版人民幣來了!市民「嘗鮮」多為收藏,網點將逐步投放
https://news.sina.com.tw/article/20190830/32500274.html
新版人民幣後日面世 1蚊5毫硬幣都改款
https://hk.news.appledaily.com/china/realtime/article/20190828/59982127
將來銀行」的將來在哪裡
https://forum.ettoday.net/news/1526799?redirect=1
純網銀大舉徵才!哪種人會錄取?將來銀行總經理透露面試考題
http://bit.ly/2kqUBpT
舊手機也可保手機保險了 但僅限這家銀行信用卡持卡人
https://ec.ltn.com.tw/article/breakingnews/2904121
獨家丨繼證大后,另一家P2P平台新新貸也被上海警方立案
https://news.sina.com.tw/article/20190902/32524866.html
新加坡預計2020年中期前釋出純網銀執照
https://news.cnyes.com/news/id/4373786
湖南警方抓獲15名販賣銀行卡嫌疑人
https://news.sina.com.tw/article/20190827/32460524.html
FinTech Taipei 2019即將隆重登場
https://www.setn.com/News.aspx?NewsID=590919
港交所:出現連接問題 所有市場目前如常運作
https://www.mpfinance.com/fin/instantf2.php?node=1567653673182&issue=20190905
香港交易所期貨線路出現問題
https://www.bsgroup.com.hk/importantannouncement/important/?page=5
「死機」逾12小時 港交所三宗罪
https://hk.finance.appledaily.com/finance/realtime/article/20190905/60014169
張華峰:港交所期指交易系統非遭駭客入侵
http://www.metroradio.com.hk/news/default.aspx?NewsID=20190905163410
李小加稱期貨停市涉新系統出現漏洞 非受攻擊
http://bit.ly/2lzACWs
港交所期貨交易當機停市 否認人為破壞
https://money.udn.com/money/story/5603/4032220
P2P爆雷不斷 中國官方將全面納入徵信系統
https://www.cna.com.tw/news/acn/201909040343.aspx
重磅!P2P將納入徵信體系 互金、網貸整治辦聯合發文
https://news.sina.com.tw/article/20190905/32560468.html
瑞典9月14日將開始執行歐盟付款服務規定PSD2
https://www.trademag.org.tw/page/newsid1/?id=753310&iz=6
巴黎街頭遭搶!歹徒10分內破解台灣金融卡盜10萬
https://news.ebc.net.tw/News/society/176841
旺旺集團拿下純網銀再傳震撼彈
https://moptt.tw/p/HatePolitics.M.1567569448.A.0DE
首例!國泰人壽與易遊網合作1分鐘旅平險正式通過
https://money.udn.com/money/story/5613/4032210
旅平險可直接在旅遊平台投保 保險業沙盒首例
https://www.cna.com.tw/news/afe/201909060087.aspx
Chinese nationals hacked ATM systems in Nepal's capital
https://www.thepaypers.com/digital-identity-security-online-fraud/chinese-nationals-hacked-atm-systems-in-nepal-s-capital/780474-26#
5 Chinese nationals arrested for stealing money from ATM in Kathmandu
https://www.indiatvnews.com/news/world-chinese-nationals-arrested-stealing-money-atm-in-kathmandu-546508
Police make four more arrests in ATM robbery case
https://myrepublica.nagariknetwork.com/news/police-make-four-more-arrests-in-atm-robbery-case/
German bank loses €1.5 million in mysterious cashout of EMV cards
https://www.zdnet.com/article/german-bank-loses-eur1-5-million-in-mysterious-cashout-of-emv-cards/#ftag=RSSbaffb68
3.電子支付/電子票證/行動支付/ pay/新聞及資安
不再擔心鈔票卡魚鱗 QR Code革命將消滅新台幣紙鈔?
https://www.cw.com.tw/article/article.action?id=5096647
「LINE Pay 一卡通帳戶」行動支付於 7-ELEVEN 正式上線
http://bit.ly/2lKlzsS
三井住友推駭客險 電子支付更有保障
https://money.udn.com/money/story/5602/4023217
網路賭局易使詐 行動支付警難辦
http://bit.ly/2lNnmxn
懵漢電子支付車費 手機投錢箱
https://orientaldaily.on.cc/cnt/china_world/20190901/00178_018.html
台灣電子支付大整合 金管會:LINE Pay、街口最快明年可互轉帳
https://news.cnyes.com/news/id/4375953
金管會計畫開放電支商家可互通 最快2020年成立「跨機構共用平台」
https://www.ettoday.net/news/20190903/1527810.htm
讓電子支付「一家親」 金管會研擬互轉帳整合平台
https://www.chinatimes.com/realtimenews/20190903004408-260410?chdtv
電子支付 擬設共用平台
http://merit-times.net/2019/09/04/124160/
【0.3 秒閃付】Amazon 測試「掃手」支付系統 明年應用 Whole Foods 超級市場
http://bit.ly/2k3jSXc
中國迎向刷臉支付時代 暗藏資安隱私風險
http://bit.ly/2k0n7P7
4.虛擬貨幣/區塊鍊 新聞及資安
臉書幣Libra還活著!推出31萬「抓蟲」賞金
https://ec.ltn.com.tw/article/breakingnews/2897984
最高 1 萬美元!Facebook 加密幣 Libra 祭漏洞賞金計畫
https://www.inside.com.tw/article/17361-libra-bug-bounty-program
正式推出比特幣期貨!Bakkt 下月初開放客戶入倉
https://news.cnyes.com/news/id/4373489
門羅幣挖礦風暴襲捲廣大企業 傳統防護已難以防守
https://money.udn.com/money/story/10860/4017581
以太坊Parity客戶端曝出RPC安全漏洞用戶需盡快升級
https://www.feixiaohao.com/news/4346927
馬上升級!比特幣閃電網絡或存在安全漏洞
https://www.zilian8.com/188980.html
比特幣或出現安全漏洞
https://www.bitguai.com/bitcoin/news/40076.html
加拿大出現比特幣ATM新騙局!詐騙者誘騙用戶掃描虛假QR Code
https://news.sina.com.tw/article/20190830/32498880.html
北韓否認攻擊加密貨幣交易所 稱指控是「由美國竄起的謠言」
https://news.cnyes.com/news/id/4375010
「假」黃金正在擾亂市場,比特幣需求可能因此大漲
http://news.knowing.asia/news/978ee55e-cb6a-479f-a9f2-364701c17388
交易所幣客無預警宣布關閉:表示遭駭客攻擊,公司「資不抵債」
https://www.blocktempo.com/bitker-exchange-announced-to-put-out0of-businss/
騰訊安全:不法駭客冒充“熱心用戶”,對虛擬幣交易平台發起定向攻擊
http://big5.pconline.com.cn/b5/news.pconline.com.cn/1288/12885031.html
比特幣閃電網絡中檢測到的嚴重漏洞
https://0xzx.com/201909021654252002.html
強攻發明專利及外幣現鈔聯盟鏈平台… 一銀區塊鏈運用 四路進擊
http://bit.ly/2jWacgZ
中國將成首個擁有數字貨幣國家
http://www.hkcd.com/content/2019-09/03/content_1154888.html
中南美洲最大電子支付公司 Cielo 宣布,推出加密貨幣支付系統
https://www.blocktempo.com/14-million-brazilian-point-of-sale-devices-to-support-crypto-payments/
用 Bitcoin 買傢俱 Pricerite 首推加密貨幣支付服務
http://bit.ly/2lrxyLT
以太坊獲伊斯蘭學者「清真認證」!數位貨幣也分是否清真
http://news.knowing.asia/news/94796903-4cba-41e5-9abb-b599cbb9554a
沒有虧錢也沒有被盜幣,這家泰國主流交易所卻宣布關站
http://news.knowing.asia/news/89f5bf4e-ca3b-4b63-9cee-d0fcffebf349
比特幣突破10000美元!「Bakkt效應」終於顯現了嗎
http://news.knowing.asia/news/bfc04b40-dd96-4289-9707-23e44a1f483c
關貿:門羅幣挖礦風暴襲捲企業
http://bit.ly/2jYsJcy
電力最強挖礦機?烏克蘭核電廠員工被查出上班時間偷接電挖礦
https://technews.tw/2019/09/04/employees-connect-nuclear-plant-to-the-internet-so-they-can-mine-cryptocurrency/
匯豐銀行完成首次以「人民幣計價」的區塊鏈信用狀交易
https://www.blocktempo.com/hsbc-processes-first-blockchain-letter-of-credit-using-chinese-yuan/
要單挑臉書幣!Telegram擬發行自家加密貨幣
https://ec.ltn.com.tw/article/breakingnews/2905511
監管比特幣礦工?有專家向美國國會出了個餿主意
http://news.knowing.asia/news/f9ce1af7-723a-49a9-8cc4-a823f60d2393
牛幣學院疑似詐欺,總資金高達近二千萬台幣
https://zombit.info/suspected-fraud-total-funds-up-to-nearly-20-million-taiwan-dollars/
比特幣不夠快,但什麼樣的產品才能成為理想的支付選擇呢
http://news.knowing.asia/news/164b773f-2518-4e83-9424-4efc5f51c8c8
美國國安局在研發加密貨幣,可抵抗量子計算
http://news.knowing.asia/news/94c801bf-fca2-4578-ada6-04a6528b60f5
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
美國數百家牙科診所仰賴的備份公司遭到勒索軟體攻擊
https://www.ithome.com.tw/news/132762
窮地方政府最危險!今年至少40個美國公部門遭駭客勒索失數千萬
http://bit.ly/2ZFfvjS
衛福部晚間公布臺灣醫療院所受勒索軟體攻擊現況,已有22家遇害
https://www.ithome.com.tw/news/132804
近日22家醫療院所遭勒索病毒攻擊事件處理說明
https://www.mohw.gov.tw/cp-4343-49147-1.html
兩家衛福部所屬醫院遭勒索軟體襲擊,確認臺灣已有10多間醫院遇害
https://ithome.com.tw/news/132781
公立醫院遭駭勒索病毒入侵? 彰化醫院:已建置新系統
https://www.chinatimes.com/realtimenews/20190831001635-260405?chdtv
多家醫院電腦中勒索病毒 衛福部:時間點太尷尬
https://m.ltn.com.tw/news/society/breakingnews/2902034
勒索病毒入侵 全台10餘家醫院遇駭
http://bit.ly/2UkmRbg
全台10餘家醫院中勒索病毒 密碼管理成漏洞
https://udn.com/news/story/7266/4021200
全台18家醫院中勒索病毒 衛福部:沒有資料被外洩
http://bit.ly/2LcdSpH
勒索病毒襲衛福部院所 要比特幣付贖
https://www.pcdvd.com.tw/showthread.php?t=1165860
多家醫院中勒索病毒 衛福部:兩小時解除無個資外洩
https://udn.com/news/story/7266/4020891
高雄阮綜合醫院疑中「勒索病毒」 行政系統癱瘓重建中
https://news.ltn.com.tw/news/life/breakingnews/2901611
疑中勒索病毒 阮綜合醫院行政作業一度癱瘓
https://udn.com/news/story/7327/4021197
勒索病毒襲擊 彰化醫院、員基中標
https://news.ltn.com.tw/news/Changhua/breakingnews/2901828
勒索病毒侵台北醫院、彰化醫院 要求比特幣贖金
http://bit.ly/2PyrG27
"勒索病毒"襲衛福部院所 要比特幣付贖
https://www.ttv.com.tw/news/view/10808310002800N/579
「勒索病毒」攻佔醫院主機! 傳全台56家中鏢…個資病歷全被鎖
https://www.ettoday.net/news/20190831/1525367.htm
「勒索病毒」襲台 傳56醫療院所電腦中鏢
https://m.ltn.com.tw/news/society/breakingnews/2901521
Avast與警方聯手移除85萬臺PC上的惡意蠕蟲
https://www.ithome.com.tw/news/132713
長島學區遭駭資料被鎖 付8.8萬贖金
http://bit.ly/2PxP1kB
接收健保署電子郵件會中勒索病毒?健保署:經查非事實
https://news.ltn.com.tw/news/Taipei/breakingnews/2903434
曾秀國旗喊台灣NO.1 爆乳網美遭勒索「不給錢就刪性感照」
https://news.ltn.com.tw/news/world/breakingnews/2901243
挖礦軟體感染目標擴及英特爾伺服器
https://www.ithome.com.tw/news/132791
騰訊安全威脅感知系統截獲網銀大盜木馬提醒網友注意陌生郵件
https://guanjia.qq.com/news/n3/2546.html
開學了,小心數位論文與教科書暗藏惡意程式
https://www.ithome.com.tw/news/132818
勒索病毒攻擊加密3萬張照片欲哭無淚 專家教你這樣止血
https://udn.com/news/story/7315/4026465?from=udn-catelistnews_ch2
計算機專業畢業生驚人大案:給網吧電腦裝木馬,遠程「挖礦」獲利上億元
https://news.sina.com.tw/article/20190903/32537952.html
挖礦惡意軟件逐漸進逼 Intel 伺服器
https://unwire.pro/2019/09/03/coinmining-malware-intel/security/
網絡安全威脅增 勒索軟件飆118%
https://inews.hket.com/article/2443436
驚!無檔案式威脅成長265% 數位勒索、變臉詐騙猖獗
https://www.setn.com/News.aspx?NewsID=597558
趨勢科技警告:「無檔案」式攻擊量暴增
https://udn.com/news/story/7088/4031557
Nemty勒索病毒可能透過暴露的遠端桌面連線散播
https://blog.trendmicro.com.tw/?p=61895
開學了,小心數位論文與教科書暗藏惡意程式
https://www.ithome.com.tw/news/132818
LokiBot變種利用圖像隱碼術來隱藏蹤跡
https://blog.trendmicro.com.tw/?p=61729
MDR 找到埋伏某公司系統2年的MyKings變種
https://blog.trendmicro.com.tw/?p=61824
獅子大開口!駭客向美國麻州城市New Bedford要求530萬美元贖金遭拒
https://ithome.com.tw/news/132896
Taxpayers against cities paying up in ransomware attacks, says survey
https://www.zdnet.com/article/taxpayers-against-cities-paying-up-in-ransomware-attacks-says-survey/#ftag=RSSbaffb68
Malware being disguised as school textbooks
https://www.techradar.com/news/criminals-disguising-malware-as-school-textbooks
Kaspersky: Malware Found Hiding in Popular Android App
https://www.bankinfosecurity.com/kaspersky-malware-found-hiding-in-popular-android-app-a-13008
Ransomware Hits Dental Data Backup Service Offering Ransomware Protection
https://thehackernews.com/2019/08/dds-safe-dental-ransomware-attack.html
Trickbot Is Using Google Docs to Trick Proofpoint’s Gateway
https://cofense.com/trickbot-using-google-docs-trick-proofpoints-gateway/
New Trickbot variant targets mobile users' PIN codes
https://cyware.com/news/new-trickbot-variant-targets-mobile-users-pin-codes-f7937c93
A new variant of Trickbot banking Trojan targets Verizon, T-Mobile, and Sprint users
https://securityaffairs.co/wordpress/90508/malware/trickbot-targets-us-mobile-users.html
Emotet Botnet Is Back, Servers Active Across the World
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
TrickBot Modifications Target U.S. Mobile Users
https://www.secureworks.com/blog/trickbot-modifications-target-us-mobile-users
GOOTKIT BANKING TROJAN | DEEP DIVE INTO ANTI-ANALYSIS FEATURES
https://www.sentinelone.com/blog/gootkit-banking-trojan-deep-dive-anti-analysis-features/
GOOTKIT BANKING TROJAN | PART 2: PERSISTENCE & OTHER CAPABILITIES
https://www.sentinelone.com/blog/gootkit-banking-trojan-persistence-other-capabilities/
RAT Ratatouille: Backdooring PCs with leaked RATs
https://blog.talosintelligence.com/2019/08/rat-ratatouille-revrat-orcus.html
BRATA Android RAT Used to Infect and Spy on Brazilian Users
https://www.bleepingcomputer.com/news/security/brata-android-rat-used-to-infect-and-spy-on-brazilian-users/
Fully equipped Spying Android RAT from Brazil: BRATA
https://securelist.com/spying-android-rat-from-brazil-brata/92775/
Analysis: How Police Disrupted a Cryptomining Malware Gang
https://www.bankinfosecurity.com/interviews/analysis-how-police-disrupted-cryptomining-malware-gang-i-4430
New Android Malware for Banking Apps steal passwords by recording screens
https://www.technowize.com/new-android-malware-for-banking-apps-steal-passwords-by-recording-screens/
Hackers use Google Docs to spread TrickBot banking trojans
https://meterpreter.org/hackers-use-google-docs-to-spread-trickbot-banking-trojans/
2019-09-03 - PCAP AND MALWARE FOR AN ISC DIARY (REMCOS RAT)
https://www.malware-traffic-analysis.net/2019/09/03/index.html
Fake BleachBit Website Built to Distribute AZORult Info Stealer
https://www.bleepingcomputer.com/news/security/fake-bleachbit-website-built-to-distribute-azorult-info-stealer/
WordPress Plugins Anchor Widespread Malvertising, Rogue Backdoor Campaign
https://threatpost.com/wordpress-plugins-malvertising-backdoor-campaign/147926/
Hacked SharePoint Sites Used to Bypass Secure Email Gateways
https://www.bleepingcomputer.com/news/security/hacked-sharepoint-sites-used-to-bypass-secure-email-gateways/
Phishing Emails Are Using SharePoint to Slip Past Symantec’s Gateway and Attack Banks
https://cofense.com/phishing-emails-using-sharepoint-slip-past-symantecs-gateway-attack-banks/
Ransomware gang wanted $5.3 million from US city, but they only offered $400,000
https://www.zdnet.com/article/ransomware-gang-wanted-5-3-million-from-us-city-but-they-only-offered-400000/#ftag=RSSbaffb68
2019-08-31 - DATA DUMP: URSNIF+VIDAR WITH TRICKBOT
https://www.malware-traffic-analysis.net/2019/08/31/index.html
2019-09-03 - PCAP AND MALWARE FOR AN ISC DIARY (REMCOS RAT)
https://www.malware-traffic-analysis.net/2019/09/03/index.html
2019-09-04 - DATA DUMP: URSNIF INFECTION WITH TRICKBOT
https://www.malware-traffic-analysis.net/2019/09/04/index.html
2019-09-04 - DATA DUMP: URSNIF DOC SENDS VIDAR
https://www.malware-traffic-analysis.net/2019/09/04/index2.html
2019-09-05 - WORD DOC MACRO CAUSES URSNIF WITH TRICKBOT, OR IT CAUSES VIDAR
https://www.malware-traffic-analysis.net/2019/09/05/index.html
Glupteba Campaign Hits Network Routers and Updates C&C Servers with Data from Bitcoin Transactions
https://blog.trendmicro.com/trendlabs-security-intelligence/glupteba-campaign-hits-network-routers-and-updates-cc-servers-with-data-from-bitcoin-transactions/
TrickBot Makes Heavy Use of Evasion in Recent Attacks
https://www.securityweek.com/trickbot-makes-heavy-use-evasion-recent-attacks
JSWorm: The 4th Version of the Infamous Ransomware
https://securityaffairs.co/wordpress/90811/malware/jsworm-4-ransomware-analysis.html
New social engineering toolkit draws inspiration from previous web campaigns
https://blog.malwarebytes.com/social-engineering/2019/09/new-social-engineering-toolkit-draws-inspiration-from-previous-web-campaigns/
Spam Campaign Abuses PHP Functions for Persistence, Uses Compromised Devices for Evasion and Intrusion
https://blog.trendmicro.com/trendlabs-security-intelligence/spam-campaign-abuses-php-functions-for-persistence-uses-compromised-devices-for-evasion-and-intrusion/
Ransomware gang wanted $5.3 million from US city, but they only offered $400,000
https://www.zdnet.com/article/ransomware-gang-wanted-5-3-million-from-us-city-but-they-only-offered-400000/#ftag=RSSbaffb68
A Ransomware Tale: Mayor Describes City's Decisions
https://www.bankinfosecurity.com/ransomware-tale-mayor-describes-citys-decisions-a-13033
GOOTKIT BANKING TROJAN | PART 3: RETRIEVING THE FINAL PAYLOAD
https://www.sentinelone.com/blog/gootkit-banking-trojan-retrieving-final-payload/
Ransomware Delivery Mechanisms [Part 1]
https://www.lastline.com/labsblog/ransomware-delivery-mechanisms/
Ransomware: Too Overt to Hide [Part 2]
https://www.lastline.com/labsblog/ransomware-overt-hide-part-2/
TROJAN DROPPER
https://malwr-analysis.com/2019/08/23/trojan-dropper-bdf243b7a296f7aecc366c799e3fb865ee3aff7c72d8d942e2b2632a347fe5c3/
Banking Trojans: A Reference Guide to the Malware Family Tree
https://www.f5.com/labs/articles/education/banking-trojans-a-reference-guide-to-the-malware-family-tree
TrickBot adds new trick to its arsenal: tampering with trusted texts
https://blog.malwarebytes.com/trojans/2019/09/trickbot-adds-new-trick-to-its-arsenal-tampering-with-trusted-texts/
Windows worms. Forbix worm analysis
https://persianov.net/windows-worms-forbix-worm-analysis
Mobile Menace Monday: Android Trojan raises xHelper
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
Unprecedented new iPhone malware discovered
https://blog.malwarebytes.com/mac/2019/08/unprecedented-new-iphone-malware-discovered/
New social engineering toolkit draws inspiration from previous web campaigns
https://blog.malwarebytes.com/social-engineering/2019/09/new-social-engineering-toolkit-draws-inspiration-from-previous-web-campaigns/
B.行動安全 / iPhone / Android /穿戴裝置 /App
Android攻擊程式價格首度超過iOS
https://www.ithome.com.tw/news/132835
Android exploits are now worth more than iOS exploits for the first time
https://www.zdnet.com/article/android-exploits-are-now-worth-more-than-ios-exploits-for-the-first-time/#ftag=RSSbaffb68
知名安卓軟體「掃描全能王」被發現含有特洛伊木馬!下載量超過一億次
https://applealmond.com/posts/57647
你可能也有安裝!下載破億次、超紅 Android 手機 App 被爆是木馬
https://3c.ltn.com.tw/news/37810
學校安全零死角 中山大學開發貼身護衛App
https://udn.com/news/story/7240/4014324?from=udn-ch1_breaknews-1-cate6-news
5G設企業專網 中華電:影響企業與電信業合作
https://ec.ltn.com.tw/article/paper/1313849
iOS 12.4.1修復越獄漏洞 蘋果建議用戶更新
https://www.chinatimes.com/realtimenews/20190828001595-260412?chdtv
Google finds malicious sites pushing iOS exploits for years
https://www.zdnet.com/article/google-finds-malicious-sites-pushing-ios-exploits-for-years/#ftag=RSSbaffb68
iPhone 最安全?Google:iPhone 早已被惡意網站入侵多年
https://www.inside.com.tw/article/17391-google-iphone-secretly-hacked
Google團隊揭露駭客史上最大攻擊iPhone事件!竊取文件和即時定位 蘋果獲報修復
https://www.ettoday.net/news/20190830/1524947.htm
「用戶和Siri對話被聽光光」 蘋果正式道歉了
https://www.mirrormedia.mg/story/20190829edi021/
香港反送中爆紅Telegram安全隱憂 示威者身份恐曝光
http://bit.ly/2NIie9K
Telegram 回應香港人訴求?執法機關無法再透過電話號碼肉搜使用者參與過的群組
https://buzzorange.com/techorange/2019/08/30/telegram-hk/
Telegram 被發現洩露用戶身份漏洞!官方正式回應
http://bit.ly/2PuZ5dZ
保護示威者 Telegram關閉電話配對
https://m.ltn.com.tw/news/world/paper/1314765
外媒:中國政府疑使用Telegram漏洞辨別示威者
https://unwire.hk/2019/08/31/telegram-3/tech-secure/
用LINE集點!店家控點數自動增加…損失逾5百元
http://bit.ly/2PAd6XN
Google將下載次數超過1億的Android app列入抓漏範圍
https://www.ithome.com.tw/news/132737
Google團隊揭iPhone漏洞 黑客可裝監控程式
http://bit.ly/2LjiFod
谷歌威脅分析小組稱,IPhone IOS 10-12巨型漏洞利用:從5個鏈中劫持多年
https://0xzx.com/201909020857251643.html
美媒:監控維吾爾人 北京設釣魚網站
https://udn.com/news/story/7331/4026367
中國利用iphone 漏洞監控維吾爾族
https://www.ptt.cc/bbs/MobileComm/M.1567365381.A.4D9.html
Google:iPhone被入侵 恐是陸針對維吾爾族穆斯林之舉
https://udn.com/news/story/11017/4024824
中共駭入維吾爾族 CNN:港台人士提防
https://udn.com/news/story/7331/4030151
中國監控維族 手機Google、微軟作業系統被駭
https://m.ltn.com.tw/news/world/paper/1315236
中國利用iPhone監控新疆人?惡意程式侵入網站長達兩年,照片訊息、帳戶密碼全都竊
https://www.storm.mg/lifestyle/1664309
傳中國為監控新疆打造的iPhone攻擊鏈,也會對Windows、Android用戶下手
https://www.ithome.com.tw/news/132807
瀏覽網站就被植入惡意碼,中國政府利用 iPhone 監控維吾爾族
https://buzzorange.com/techorange/2019/09/02/code-in-iphone-to-monitor-uyghur/
間諜程式藏網站大規模侵入iPhone至少2年,疑意在監控維吾爾人
https://www.ithome.com.tw/news/132786
㩒入Google搜尋結果手機都會中招 外媒:監控黑手很可能是中國
https://hk.news.appledaily.com/international/realtime/article/20190902/60000457
Google 資安研究團隊揭發史上最大 iPhone 駭侵事件
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=911
Android 軟體更新報告出爐,Nokia 最勤快、vivo 和 LG 慘兮兮
https://technews.tw/2019/09/02/android-update-for-smartphone/
內地AI換臉軟件「ZAO」走紅 網民憂臉容遭不當利用
http://bit.ly/2ln6QUw
華為「鴻蒙」安全成疑 專家籲用黑客思維逆向思考
http://bit.ly/2lPJYNJ
「一張照演天下戲」 大陸換臉APP恐洩隱私
https://news.tvbs.com.tw/focus/1193977
Google 正式釋出 Android 10 , Pixel 系列裝置將陸續收到更新通知
https://www.cool3c.com/article/147691
Gmail隱藏圖片功能延伸至App 用戶資安更添保障
https://www.ettoday.net/news/20190904/1528397.htm
警惕手機淪為遠程竊聽器 APP偷聽今年被重點監管治理
https://news.sina.com.tw/article/20190905/32560836.html
深入理解PHP Phar反序列化漏洞原理及利用方法
https://www.4hou.com/vulnerable/18196.html
Bridgefy通訊App 港人下載急增 專家:未必可免受監控
http://bit.ly/2kiqtx7
「臉書約會」推出! 整合Instagram列「暗戀名單」秘密配對:風險自負
https://www.ettoday.net/news/20190906/1529681.htm
FB推出約會服務 聲明:結果風險自負
https://www.ctwant.com/article/6426
網釣簡訊利用OTA散布可變更手機設定,三星、LG等品牌受害
https://www.ithome.com.tw/news/132897
交友App管理消極 消基會:不乏未成年者冒充年齡進入
https://money.udn.com/money/story/5612/4032363
Google Uncovers How Just Visiting Some Sites Were Secretly Hacking iPhones For Years
https://thehackernews.com/2019/08/hacking-iphone-ios-exploits.html
Apple Changes the Way It Listens to Your Siri Recordings Following Privacy Concerns
https://thehackernews.com/2019/08/apple-siri-recording-privacy.html
New Stealthy Ad Clicking Tactics Found in Popular Apps on Google Play
https://www.symantec.com/blogs/threat-intelligence/stealthy-ad-clicking-apps-google-play
Chinese Face-Swapping App ZAO Sparks Privacy Concerns After Going Crazily Viral
https://thehackernews.com/2019/09/face-swapping-deepfake-zao.html
Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days
https://thehackernews.com/2019/09/android-full-chain-zero-day-exploit.html
Mysterious iOS Attack Changes Everything We Know About iPhone Hacking
https://www.wired.com/story/ios-attack-watering-hole-project-zero/
Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks
https://www.wired.com/story/android-zero-day-more-than-ios-zerodium/
Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn
https://thehackernews.com/2019/09/just-sms-could-let-remote-attackers.html
iPhone Hacks May Be Linked to Broader China Spying
https://www.bankinfosecurity.com/iphone-hacks-may-be-linked-to-broader-china-spying-a-13010
Zero-day disclosed in Android OS
https://www.zdnet.com/article/zero-day-disclosed-in-android-os/#ftag=RSSbaffb68
Semi‑annual balance of mobile security 2019
https://www.welivesecurity.com/2019/09/05/balance-mobile-security-2019/
Apple iOS Attack Underscores Importance of Threat Research
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/apple-ios-attack-underscores-importance-of-threat-research/
C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
「白帽黑客」組成 Project Zero屢建奇功
http://paper.wenweipo.com/2019/08/31/GJ1908310003.htm
Mozilla 調查指出台灣面臨三大網路風險,隱私、資訊壟斷與訊息誤導壟罩台灣網路環境
https://www.cool3c.com/article/147631
不只身體有!愛上網的台灣人 在網路也有「三高」
https://money.udn.com/money/story/5617/4024341
趨勢:91%駭客威脅 透過電郵入侵
http://bit.ly/2kl13yW
2019年8月十大資安新聞
https://www.ithome.com.tw/news/132843
資安 智慧醫療的罩門
https://talk.ltn.com.tw/article/paper/1314919
回應「資安,智慧醫療的罩門」
https://talk.ltn.com.tw/article/paper/1315174
Yahoo官網驚傳無預警關閉 網友哀嚎遍野
https://3c.ltn.com.tw/news/37890
國家網路安全宣傳周|你的口令會成為駭客破解的對象嗎
https://ek21.com/news/tech/134970/
入侵Capital One的駭客以遭駭的伺服器來挖礦
https://www.ithome.com.tw/news/132784
駭客組織強襲石油公司,中東恐成資訊戰最活躍戰場
http://bit.ly/2lyt4mH
中國最小的駭客,8歲黑進學校系統,13歲向360提出改進方案
https://ek21.com/news/tech/133846/
Kaspersky調查:還有4成用戶使用已終止支援或即將過期的Windows平台
https://www.ithome.com.tw/news/132792
資安即國安 電腦公會帶頭整合資安與製造業者
https://digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000567422_BZ955ZP51KP05U345QID7&cf=AG1
如何將資安導入DevOps的開發流程?白帽觀點創辦人揭露心法
https://www.ithome.com.tw/news/132778
推特執行長帳號遭駭 大發種族歧視推文
https://www.chinatimes.com/realtimenews/20190831003436-260410?chdtv
Twitter CEO 多爾西的推特帳號被駭,駭客只運用簡單的 SIM 盜換技術就搞定
https://technews.tw/2019/09/02/twitter-ceo-jack-dorsey-account-was-hacked-and-hacker-just-simply-use-sim-swap-method/
Twitter CEO Jack Dorsey 的個人 Twitter 帳號遭到駭客入侵
https://hypebeast.com/zh/2019/9/twitter-ceo-jack-dorsey-account-hacked-chuckle-squad-information
推特CEO狂發「種族歧視文」:總部有炸彈! 爆駭客1狡猾手段入侵
https://www.ettoday.net/news/20190831/1525403.htm
推特CEO推特帳號被駭!駭客放話要炸總部
https://udn.com/news/story/6811/4020663?from=udn-ch1_breaknews-1-cate5-news
駭進產品就賞3千萬!蘋果重金邀駭客查漏洞
https://fnc.ebc.net.tw/FncNews/life/97012
被指攻擊銀行及交易所獲20億美元 北韓發聲明否認
http://bit.ly/2kowqbL
網攻竊取逾600億?北韓痛批美國散播惡毒謠言
https://fnc.ebc.net.tw/FncNews/world/97586
華為再遭控竊取專利 反咬美國政府對公司發動「網路攻擊」
https://www.ftvnews.com.tw/news/detail/2019904W0025
華為有意公開原始碼 盼釋日方資安疑慮
https://www.chinatimes.com/realtimenews/20190904002756-260410?chdtv
日本防衛概算出爐 將成立太空作戰隊
https://m.ltn.com.tw/news/world/breakingnews/2901087
Defense One:應對網攻浩劫後 美須速謀對策
http://bit.ly/2LfOsHC
專家呼籲 美政府應建立「網攻第一擊後」應對方案
https://www.ydn.com.tw/News/350319
美國和波蘭簽署5G網絡安全聲明 劍指華為
http://www.epochtimes.com/b5/19/9/2/n11494094.htm
美軍駭入伊朗革命衛隊系統,摧毀其恐怖攻擊資料庫
https://www.twcert.org.tw/subpages/securityInfo/hackevent_details.aspx?id=912
澳國大學加大防堵中國滲透措施
http://bit.ly/2Zzh86B
劍橋分析吹哨者:中國干預澳大利亞選舉 比俄羅斯還危險
http://bit.ly/30MFEhU
外國勢力滲透大學校園 澳洲政府採取行動防範
https://money.udn.com/money/story/5599/4015394
聯國制裁報告:北韓續發展核武和導彈計畫
http://bit.ly/2m2vHxr
與國際接軌 北韓擴充網安發展科技
http://bit.ly/2luiCN4
已具有突破防禦體系能力 聯合國報告:北韓還在發展核導計畫
https://news.ltn.com.tw/news/world/breakingnews/2907530
中國社會信用系統2020年適用企業 歐商會示警外企也要被監控
https://ec.ltn.com.tw/article/breakingnews/2898412
路透:為北京服務的黑客侵入亞洲電信公司系統監控維族人行蹤
https://www.voacantonese.com/a/CHINA-HACEKED-ASIAN-TELCOS-TO-SPY-ON-UIGHUR-TRAVELERS-20190905/5071398.html
中國駭客入侵亞洲多國電信商 監控維吾爾人
https://news.ltn.com.tw/news/world/breakingnews/2907227
北韓37大學大舉新設資安及尖端科學系所 教改跟上世界潮流
https://www.ettoday.net/news/20190904/1528047.htm
A Chinese APT is now going after Pulse Secure and Fortinet VPN servers
https://www.zdnet.com/article/a-chinese-apt-is-now-going-after-pulse-secure-and-fortinet-vpn-servers/#ftag=RSSbaffb68
Lyceum APT Group a New Threat to Oil and Gas Companies
https://www.bankinfosecurity.com/lyceum-apt-group-new-threat-to-oil-gas-companies-a-13003
Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking
https://thehackernews.com/2019/08/paige-thompson-capital-one.html
Unix at 50: How the OS that powered smartphones started from failure
https://arstechnica.com/gadgets/2019/08/unix-at-50-it-starts-with-a-mainframe-a-gator-and-three-dedicated-researchers/
Huawei Accuses US Government of Hack Attacks
https://www.bankinfosecurity.com/huawei-accuses-us-government-hack-attacks-a-13011
How did a Chinese APT get a U.S. hacking tool before it was leaked? Check Point has a theory
https://www.cyberscoop.com/apt3-nsa-tools-smb-check-point/
網路/資安工程師 (北京)
https://www.104.com.tw/job/6pzkh
【管理】資訊安全主管
https://www.104.com.tw/job/6pxgd
北區-資安講師(資安攻防實務、專題研討)
https://www.104.com.tw/job/6puwx
5287 資安分析師 / 資安工程師 (新竹市區)
https://www.cakeresume.com/companies/66cd09/jobs/security-analyst
駐點資安服務工程師 (大安運動中心附近)
https://www.104.com.tw/job/6q2g4
系統發展中心108年第四次專案人力進用-26.研發類-資安/通訊
https://www.104.com.tw/job/6q408?jobsource=n104bank2
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
LINE不當轉傳致洩密
http://epaper.wra.gov.tw/Article_Detail.aspx?s=7E7BC791D6822D9D
Google日曆也變詐騙聖地!二步驟讓你遠離假訊息
https://www.ettoday.net/news/20190829/1524283.htm
Google 日曆被 垃圾訊息洗版,只要一個選項就乾淨溜溜
https://www.kocpc.com.tw/archives/277295
網安公司報告 揭英美多國病人私隱被賤賣
http://bit.ly/2HE6Xnb
Imperva發生資料外洩意外,影響Cloud WAF雲端防火牆客戶
https://www.ithome.com.tw/news/132687
二合一選舉 桃市已有10多件假訊息情資
http://bit.ly/2HRea3t
第一資本個資外洩案 女駭客被起訴
http://bit.ly/2PtkUKL
第一資本個資外洩案女駭客被起訴 最重可判25年
https://udn.com/news/story/6812/4017729
密碼設為123456、多網站共用一組帳密,都有嚴重資安風險!教育部教你這樣設密碼,安全又好記
http://about.storm.mg/lifestyle/1648206
FB收緊刊美國政治廣告規則減誤導及虛假訊息 但仍存漏洞
http://bit.ly/2LojD2F
警方報案電話系統有漏洞 民眾個資險外流
https://udn.com/news/story/7321/4017753?from=udn-relatednews_ch2
挽救形象?Facebook開「快閃咖啡廳」 教用戶如何設定隱私
https://news.sina.com.tw/article/20190901/32517928.html
偽裝台灣小農打悲情牌,宣稱無花果茶/桑葚,有治糖尿病/白髮療效
https://blog.trendmicro.com.tw/?p=61829
Foxit資料外洩曝露用戶密碼
https://www.ithome.com.tw/news/132790
165示警!新詐騙手法「特殊管道」助貸款 連環套錢坑越來越大
https://www.ettoday.net/news/20190901/1526150.htm
網路賭局易使詐 行動支付警難辦
http://bit.ly/2lNnmxn
網傳收健保郵件會中「勒索病毒」? 衛福部急澄清:舊聞啦
https://health.ettoday.net/news/1526731
信用卡個資外洩遭恐嚇詐騙匯款 員警及時攔阻
https://udn.com/news/story/7320/4025509?from=udn-catebreaknews_ch2
挪威涉中國公民電信詐騙頻發 中使館提醒防範
http://www.hkcna.hk/content/2019/0902/782514.shtml
又利用網路愛情詐騙 保七力阻24萬險遭騙
http://bit.ly/2lVG8mq
駐布里斯班總領館發佈提醒:謹防網上交友詐騙
https://news.sina.com.tw/article/20190902/32523692.html
學生盜取上億條個人信息境外網路販賣被公訴
https://news.sina.com.tw/article/20190903/32541836.html
買家接詐騙電話 警覺抓包蝦皮!爆系統紕漏外洩個資
https://tw.news.appledaily.com/life/realtime/20190904/1625910/
臉書一頁式購物廣告充斥詐騙
http://www.ksnews.com.tw/index.php/news/contents_page/0001298246
美國防部開發軟件打擊假新聞
https://hk.news.appledaily.com/international/daily/article/20190904/20761834
AI時代金融信息安全攻防戰危情:誰泄露了我的數據
https://news.sina.com.tw/article/20190904/32547538.html
換臉APP涉洩個資 ZAO致歉
http://bit.ly/2lx0x0O
詐騙集團以AI軟體偽裝成老板聲音指示匯錢
https://www.ithome.com.tw/news/132836
知名餅店太火紅 詐騙集團拿去當犯案招牌
https://www.nownews.com/news/20190904/3610396/
警破一條龍詐騙集團 突破斷點逮22嫌
https://www.chinatimes.com/realtimenews/20190904002854-260402?chdtv
南京破獲一起冒用他人身份證辦理信用卡並惡意透支案
https://news.sina.com.tw/article/20190905/32563998.html
惡劣!盜領癌末患者錢財 社工遭農會識破報案
https://news.tvbs.com.tw/local/1195689
FB 又爆資安漏洞!上億用戶電話資料庫曝光
https://3c.ltn.com.tw/news/37884
釣魚電郵騙個資!收到「臉書官方」這封信不要回傳
https://m.ltn.com.tw/news/life/breakingnews/2906974
安卓用戶小心!手機收到假冒電信商簡訊 恐是釣魚攻擊
http://bit.ly/2kuEjfN
北京警方打掉一「鏈條化」信用卡詐騙犯罪團伙
https://news.sina.com.tw/article/20190904/32557640.html
主管打來叫他幫忙轉帳,誰知竟是駭客詐騙!AI模仿主管聲音,七百萬現金人間蒸發
https://www.storm.mg/lifestyle/1675979
駭客用AI仿冒英國能源公司CEO 語音命令員工匯款22萬歐元
https://cnews.com.tw/140190905a05/
陸刷臉支付 暗藏資安疑慮
https://www.ydn.com.tw/News/351381
DevOps服務Circleci資料外洩事件調查,攻擊者未取得任何用戶機密資料
https://www.ithome.com.tw/news/132884
中國製GPS追蹤器洩露60萬用戶即時地點
https://www.ithome.com.tw/news/132893
【詐騙新招】偽裝台灣小農打悲情牌,宣稱無花果茶/桑葚,有治糖尿病/白髮療效
https://blog.trendmicro.com.tw/?p=61829
BEC overtakes ransomware and data breaches in cyber-insurance claims
https://www.zdnet.com/article/bec-overtakes-ransomware-and-data-breaches-in-cyber-insurance-claims/#ftag=RSSbaffb68
Google Will Now Pay Anyone Who Reports Apps Abusing Users' Data
https://thehackernews.com/2019/08/google-data-abuse-bug-bounty.html
Brazilian citizen data under threat with sale of national tech firms
https://www.zdnet.com/article/brazilian-citizen-data-under-threat-with-sale-of-national-tech-firms/#ftag=RSSbaffb68
Some of Russia's surveillance tech leaked data for more than a year
https://www.zdnet.com/article/some-of-russias-surveillance-tech-leaked-data-for-more-than-a-year/#ftag=RSSbaffb68
Foxit Software Breach Exposes Account Data
https://www.bankinfosecurity.in/foxit-software-breach-exposes-account-data-a-13006
XKCD Forum Hacked – Over 562,000 Users’ Account Details Leaked
https://thehackernews.com/2019/09/xkcd-forum-hacked.html
Phishers Use SCA Checks to Trick Banking Customers
https://www.infosecurity-magazine.com/news/phishers-use-sca-checks-trick
600,000 GPS trackers left exposed online with a default password of '123456'
https://www.zdnet.com/article/600000-gps-trackers-left-exposed-online-with-a-default-password-of-123456/#ftag=RSSbaffb68
DK-Lok data breach exposes global enterprise client data, internal emails
https://www.zdnet.com/article/dklok-data-breach-leaked-global-enterprise-client-internal-emails/#ftag=RSSbaffb68
E.研究報告
如何自己動手編寫漏洞POC
https://cloud.tencent.com/developer/article/1496209
Buhtrap CVE-2019-1132攻擊事件相關漏洞樣本分析
https://www.freebuf.com/vuls/210782.html
Confluence 文件讀取漏洞(CVE-2019-3394)分析
https://paper.seebug.org/1025/
如何解“邏輯漏洞檢測”難題?默安給你答案
https://www.aqniu.com/vendor/54318.html
CVE-2015-2546 內核Use After Free漏洞分析
https://xz.aliyun.com/t/6115
SUCTF2019,python源碼分析,漏洞原理
https://xz.aliyun.com/t/6135
vivetok 攝像頭遠程棧溢出漏洞分析
https://juejin.im/entry/5d68ecb8f265da03b95009eb
SRC 漏洞挖掘實用技巧
https://www.jishuwen.com/d/29pP
華為路由器H532G漏洞分析
https://xz.aliyun.com/t/6116
Objection:一款運行時移動設備漏洞利用工具
https://www.freebuf.com/sectool/211869.html
利用吃灰的釣魚利器(esp8266)做一個手機遠程遙控小車
https://www.freebuf.com/articles/others-articles/210044.html
大型跨國銀行系統架構的微服務與敏捷開發實踐之路
https://www.infoq.cn/article/1uZuwqSo3XIL6WtrrP33
WebLogic漏洞深入滲透利用及防范思路
https://www.freebuf.com/articles/network/212858.html
網站漏洞檢測squid反向代理存在遠程代碼執行漏洞
https://cloud.tencent.com/developer/article/1496746
Web安全-之文件上傳漏洞場景
https://blog.csdn.net/devcloud/article/details/100173321
傳統XSS攻擊引發持久型ATO漏洞技術研究
https://xz.aliyun.com/t/6186
Pulse Secure SSL VPN遠程代碼執行漏洞利用與分析
https://www.anquanke.com/post/id/185773
通用漏洞評估方法CVSS3.0介紹
https://blog.csdn.net/whatday/article/details/100552807
解除任天堂Google Authenticator二階段驗證 SWITCH帳戶解鎖流程教學
https://www.cool3c.com/article/147763
淺談ARP欺騙的實現與防禦
https://www.freebuf.com/articles/network/210852.html
CVE-2018-8639分析與復現
https://bbs.pediy.com/thread-254305.htm
西門子S7通信過程及重放攻擊分析
https://www.freebuf.com/articles/ics-articles/212283.html
日活百萬級病毒“DropperNecro”分析報告
https://www.freebuf.com/articles/terminal/213324.html
個案分析-X大學系所網站駭侵攻擊事件分析報告_10808
https://cert.tanet.edu.tw/prog/opendoc.php?id=2019083011082828195490327742851.pdf
挖洞經驗| 繞過WAF限制利用php:方法實現OOB-XXE漏洞利用
https://www.freebuf.com/vuls/211822.html
Macro_Pack中的宏代碼混淆方法分析
https://www.freebuf.com/sectool/211592.html
Dwarf:一款基於Pyqt5和Frida的逆向分析調試工具
https://www.freebuf.com/sectool/212123.html
Adobe ColdFusion RCE(CVE-2019-7839) 漏洞分析
https://www.freebuf.com/vuls/210386.html
Separ木馬分析報告案例分析
https://www.freebuf.com/articles/network/211691.html
從習總書記講話看中國網絡空間安全發展趨勢
https://www.freebuf.com/articles/network/213433.html
利用Redis未授權訪問漏洞進行門羅幣(XMR)挖礦事件分析
https://www.freebuf.com/vuls/213484.html
Gorgon APT組織再做文章:DropBox到NJRat的曲折歷程
https://www.freebuf.com/articles/system/213082.html
安全運維工作中的機器學習應用
https://www.freebuf.com/articles/es/211990.html
HiddenEye:帶有高級功能的現代釣魚工具
https://www.freebuf.com/sectool/212130.html
釣魚郵件故事一則與處理方法分享
https://www.freebuf.com/articles/es/211692.html
電子郵件安全問題分析(一)
https://www.freebuf.com/articles/network/212241.html
電子郵件安全問題分析(二)
https://www.freebuf.com/articles/network/212273.html
Hacker101白帽黑客進階之路
https://www.freebuf.com/video/213279.html
谷歌提醒iPhone用戶注意數據竊取惡意軟件攻擊
https://www.freebuf.com/articles/database/213201.html
WannaMine挖礦木馬再活躍,14萬台linux系統受攻擊廣東省為重災區
https://www.freebuf.com/articles/network/212166.html
淺談電子數字取證技術
https://www.freebuf.com/articles/network/211643.html
BoomBox Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
https://github.com/nbeede/BoomBox
GhIDA: Ghidra decompiler for IDA Pro
https://blog.talosintelligence.com/2019/09/ghida.html
Nishang
https://github.com/samratashok/nishang
xray: A powerful security assessment tool
https://securityonline.info/xray-powerful-security-assessment/
mwrlabs/C3
https://github.com/mwrlabs/C3/blob/master/README.md
CVE-2019-8790:Check Point Endpoint Security初始客戶端提權漏洞分析
https://www.anquanke.com/post/id/185338
China Chopper still active 9 years later
https://blog.talosintelligence.com/2019/08/china-chopper-still-active-9-years-later.html
Virtual Machine for Adversary Emulation and Threat Hunting
https://github.com/redhuntlabs/RedHunt-OS
Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into the Kernel with RDP PDU
http://bit.ly/2LbPNPM
Operation Fast Cash - Hidden Cobra‘s AIX PowerPC malware dissected
http://bit.ly/2ZJ9FxQ
crawlab
https://github.com/crawlab-team/crawlab
AIL Framework - Framework for Analysis of Information Leaks
https://www.kitploit.com/2019/08/ail-framework-framework-for-analysis-of.html
Backdooring My Router Firmware
https://www.secjuice.com/backdooring-dlink-router-firmware/
VB2019 preview: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry
https://www.virusbulletin.com/blog/2019/08/vb2019-preview-inside-magecart-history-behind-covert-card-skimming-assault-e-commerce-industry/
F.商業
趨勢科技推出涵蓋電郵、網絡、用戶端、伺服器及雲端 的XDR 雲端服務平台
http://n.yam.com/Article/20190827828595
中華電攻新南向 越南研討會首登場
https://www.cna.com.tw/news/afe/201908270309.aspx
中華電跨國物聯網上線 拓展行動業務及技術
https://money.udn.com/money/story/5612/4013211
【資安情報】勒索.挖掘.漏洞增 企業關注高危系統
http://bit.ly/2zFl8UH
趨勢科技作育全球網路資安英才
https://news.sina.com.tw/article/20190828/32482588.html
記錄指令活動 嚴防內鬼或駭客竊取營業秘密
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=50&id=0000566822_bpd7cao13w7o5j1qy1yg1
部分 Surface 用戶發現更新後耗電異常 , 關機再開吃掉 25% 電力
https://www.kocpc.com.tw/archives/277690
Palo Alto 以 7,500 萬美元收購 IoT 安全新創公司 Zingbox,並將首度提供安全訂閱服務
https://finance.technews.tw/2019/09/06/palo-alto-networks-intends-to-acquire-zingbox/
New Free Offering Enables Any MSP and Security Integrator to Add Incident Response to their Services Portfolio
https://thehackernews.com/2019/09/msp-incident-response.html
Palo Alto Networks delivers strong Q4, acquires Zingbox for IoT security
https://www.zdnet.com/article/palo-alto-networks-delivers-strong-q4-acquires-zingbox-for-iot-security/#ftag=RSSbaffb68
G.政府
行程很硬的一週...陳其邁深夜喊:給我三個月也很難變三浦春馬
https://www.ettoday.net/news/20190829/1523693.htm
工業局補助 資安健檢團隊到你家
https://money.udn.com/money/story/10860/4017790
網路性騷無法管? 綠委將提案修性騷擾防治法
https://www.rti.org.tw/news/view/id/2032667
網紅拍片辱護理師無法可治 立委拋修法拒網路性別罷凌
https://taronews.tw/2019/08/30/450648/
數位身分證個資 內政部怎保護
https://tw.appledaily.com/new/realtime/20190902/1626346/
外商掌握關鍵技術 廠商憂全民個資恐外流
https://m.mirrormedia.mg/story/20190902soc004/
1分鐘看懂新式身分證 八大功能一把抓
https://www.mirrormedia.mg/story/20190902soc006
資安防護觀念轉變 唐鳳:如何反擊重於防守
https://www.cna.com.tw/news/afe/201909030152.aspx
金管會明年施政 緊盯四要點
https://www.chinatimes.com/newspapers/20190903000233-260202?chdtv
新式身分證傳外包疑洩個資 內政部:集中製卡個資不外洩
https://www.chinatimes.com/realtimenews/20190903003160-260407?chdtv
如何強化台灣資安戰場?唐鳳:主動出擊重於防護
https://www.ftvnews.com.tw/news/detail/2019903W0018
蘇貞昌:數位身分證 重視資安
https://www.chinatimes.com/realtimenews/20190903003617-260407?chdtv
資通安全管理法常見問題
https://nicst.ey.gov.tw/Page/D94EC6EDE9B10E15/c14455ab-503d-4687-97ae-c514b7fa1df2
Fintech周報第114期:金管會揭露2020年金融科技八大發展重點
https://ithome.com.tw/news/132845
工研院組國家隊攜手微軟,發展國內 AI 晶片新應用商機
https://technews.tw/2019/09/05/ai-chip-itri/
有線電視用戶恐跌破500萬 CBIT籲NCC鬆綁法規限制
https://ec.ltn.com.tw/article/breakingnews/2907206
108年「資安系列競賽」9月2日起開放報名
https://www.nccst.nat.gov.tw/NewInfoDetail?lang=zh&seq=1530
H.ICS/SCADA 工控系統
推動資安標準 為工控領域灌輸防禦基本功
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000566908_kvg8pq7d1kizrg7zhw907
產能、資安面面俱到 加速智慧製造轉型進程
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000566824_tf17xahr386ov23d5ic9k
因應工業環境特殊性 選用正確設備以強化工控安全
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000566848_3fw7ibvn5bvh3e7tkfu9z
綜觀人員、流程、技術 重新定義工控安全體系
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000566306_h8a46i0tlev6pq740s2n4
援引國際規範 打造安全穩定的ICS運作環境
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000566909_85flg1q0l0lm21lc6ziba
善用超級電腦 為工業4.0工廠設計分配式智慧防駭系統
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000566911_v4dl2gwu0ou7v02pbpawz
破解一輛特斯拉Model S需要多長時間?2018年的漏洞仍未徹底修復:駭客仍能幾秒內破解特斯拉Model S
https://www.insoler.com/forum/topic/15672997979807.htm
I.教育訓練
實體安全與資安管理
https://drive.google.com/file/d/1OYFLHKPGFm9MWI-LBcEERCgXXVf-WAAM/view
參與資安稽核的緣起(一)
https://ithelp.ithome.com.tw/articles/10213103
參與資安稽核的緣起(二)
https://ithelp.ithome.com.tw/articles/10213117
訓練課程的注意事項
https://ithelp.ithome.com.tw/articles/10213691
[駭客工具 Day1] 前言
https://ithelp.ithome.com.tw/articles/10213312
[駭客工具 Day2] Port Scan王者 - Nmap
https://ithelp.ithome.com.tw/articles/10213539
[駭客工具 Day3] 網路封包側錄分析 - Wireshark
https://ithelp.ithome.com.tw/articles/10213677
(1)資安事件分析(2)資訊安全管理制度實務(3)網路安全管理實務 (4)資通安全設備管理(含 Firewall、IPS、WAF、AD 與 Exchange Server、SIEM) 等實務測驗題庫彙編
http://bit.ly/2lCKI8L
學會這些JS 小技巧,提升編碼幸福度
https://www.infoq.cn/article/wF1PorTPQiW0*Q2Jc2XU
curl 的用法指南
http://www.ruanyifeng.com/blog/2019/09/curl-reference.htm
教你如何搭建威脅情報庫
https://www.freebuf.com/articles/network/210451.html
Resource: Malware analysis - learning How To Reverse Malware: A collection of guides and tools
https://www.peerlyst.com/posts/resource-learning-how-to-reverse-malware-a-guide?trk=search_suggestion_query
Learn Ethical Hacking Online – A to Z Training Bundle 2019
https://thehackernews.com/2017/03/learn-hacking-training.html
Malware Naming Hell Part 1: Taming the mess of AV detection names
https://www.gdatasoftware.com/blog/2019/08/35146-taming-the-mess-of-av-detection-names
Cisco releases guides for incident responders handling hacked Cisco gear
https://www.zdnet.com/article/cisco-releases-guides-for-incident-responders-handling-hacked-cisco-gear/#ftag=RSSbaffb68
Cisco ASA Forensic Investigation Procedures for First Responders
https://tools.cisco.com/security/center/resources/asa_forensic_investigation
Cisco IOS Software Forensic Investigation Procedures for First Responders
https://tools.cisco.com/security/center/resources/ios_forensic_investigation
Cisco IOS XE Software Forensic Investigation Procedures for First Responders
https://tools.cisco.com/security/center/resources/iosxe_forensic_guide
Cisco Firepower Threat Defense Forensic Investigation Procedures for First Responders
https://tools.cisco.com/security/center/resources/ftd_forensic_investigation
What is MITRE ATT&CK and how is it useful
https://www.welivesecurity.com/2019/09/03/what-is-mitre-attck-useful/
PowerShell Script with a builtin DLL
https://isc.sans.edu/diary/PowerShell+Script+with+a+builtin+DLL/25302
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
根據資訊安全分類 實施物聯網雲端安全控制措施
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000566847_rby7z74d5jgvvw6w786an
借助雲端平台生態系 加速提升IoT安全性
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000566845_43d9hztj34u7o46ywu23q
物聯網資安情況堪慮 原因:欠產品保安意識
http://bit.ly/2UqW90L
你家門鈴就是監視器!智慧門鈴廠商 Ring 與警方合作,提供監視畫面打擊犯罪
https://buzzorange.com/techorange/2019/08/29/ring-cooperate-with-police/
無所不在的物聯網
http://bit.ly/2ZvyZfi
臉書、微軟辦大賽 徵求辨識深度合成造假影片的技術
https://udn.com/news/story/6811/4032078
A Hack to Steal a Tesla, a Yelp Overhaul, and More News
https://www.wired.com/story/tesla-key-fob-hack-yelp-custom-search/
Hackers Could Steal a Tesla Model S by Cloning Its Key Fob—Again
https://www.wired.com/story/hackers-steal-tesla-model-s-key-fob-encryption/
6.近期資安活動及研討會
HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
https://www.accupass.com/event/1906050355291064968019
AI 投資理財技術實作,Python爬蟲+機器學習技術實務,打造個人投資理財工具 9/7
https://www.techbang.com/posts/72056-course-ai-investment-finance-technology
交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7
https://hackercollege.nctu.edu.tw/?p=1079
DigitalOcean Hsichu x Golang TW Meetup 9/7
https://www.meetup.com/DigitalOceanHsinchu/events/263910445/
Trend Micro CTF 2019 // Raimund Genes Cup SEPTEMBER 7–8, 2019
https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html
資訊安全管理系統-基礎課程 9/8
https://www.accupass.com/event/1907160853513957042270
Scala Taiwan #32 - Introduction to Minitime 9/9
https://www.meetup.com/Scala-Taiwan-Meetup/events/263961981/
MLDM Monday|Domain Adaptation 的數學理論推導 9/9
https://www.meetup.com/Taiwan-R/events/263929941/
【AWS資安】Security Engineering on AWS高級課程 2019-09-09(一) 09:30 ~ 2019-09-11(三) 17:30 (GMT+8)
https://www.accupass.com/event/1905150854571147685105
微軟 2nd Cybersecurity Conference 2019/09/10 9:00-17:00
https://www.microsoftevents.com/profile/form/index.cfm?PKformID=0x7592629abcd
SyntaxError 9/11
https://www.meetup.com/pythonhug/events/tnzzgpyzmbpb/
Android Code Club(Taipei) 9/11
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbpb/
【AWS資安】Security Engineering on AWS高級課程 9/9 ~ 9/11
https://www.accupass.com/event/1905150854571147685105
CDX2.0推廣活動 - 台北場次 9/10
https://nchc-cdx.kktix.cc/events/cdxactivity-0910
Kubernetes Summit 9/11
https://summit.ithome.com.tw/kubernetes/
台灣賽門鐵克年度資安論壇 9/12
https://zh.surveymonkey.com/r/symantec_0912
HackingThursday 固定聚會 9/12
https://www.meetup.com/hackingthursday/events/vkhnnqyzmbqb/
資安檢核核心技術及進階技術研討會 9月16日至9月18日
http://bit.ly/2TN2UtD
MLDM Monday|TensorFlow All Around 9/16
https://www.meetup.com/Taiwan-R/events/264154315/
Kotlin/Everywhere GDG Hsinchu - Kotlin on Cloud and Web 9/17
https://www.meetup.com/GDG-Hsinchu/events/263741333/
Cosmos SDK Workshop - 打造自己的新手區塊鏈 9/17
https://www.meetup.com/Taipei-Blockchain/events/264188406/
2019網路治理分享會 台灣、亞太、與全球的焦點議題 9/17
https://www.nii.org.tw/events/igf19/
Cyber Attack Taipei Series 2019 9/17
https://www.eventbrite.com/e/cyber-attack-taipei-series-2019-tickets-68951581035
稽核主管研習班(108年第二期) 9/17 ~ 9/18
https://edu.tii.org.tw/pt_training/mpage/index/info/1072673781
Android Code Club(Taipei) 9/18
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbxb/
SyntaxError 9/18
https://www.meetup.com/pythonhug/events/tnzzgpyzmbxb/
HackingThursday 固定聚會 9/19
https://www.meetup.com/hackingthursday/events/vkhnnqyzmbzb/
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 9/20
https://signupcybersec101.ithome.com.tw/
金融資安培訓課程 9/20
https://twap.deloitte.com.tw/DTLCRA/Works/CourseDetail.aspx?CourseID=T1906002
Android Code Club(Taipei) 9/21
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbcc/
SyntaxError 9/21
https://www.meetup.com/pythonhug/events/tnzzgpyzlbcc/
資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21
https://ithome.com.tw/pr/131772
交通大學亥客書院-A011:入侵行為發覺與應變指南 9/21
https://hackercollege.nctu.edu.tw/?p=1082
資訊安全管理系統-進階課程 9/21
https://www.accupass.com/event/1907160908138705889800
Open UP Summit Fukuoka Outreach 9/21
https://www.meetup.com/TaipeiWomeninTech/events/263683783/
Build Your First Custom Blockchain - 親手打造你的第一個客制區塊鏈 9/24
https://www.meetup.com/Polkadot-Taipei/events/264188190/
TANET 2019 - 臺灣網際網路研討會 9/25
https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310
Nextlink Technology 9/25 (三)
https://www.accupass.com/event/1908020858535104977240
DEVCORE Conference 2019 9/25
https://devco.re/conf/2019/
面對 APT進階持續性滲透攻擊,企業如何建立正確防護觀念與有效、低成本的資安防護能力 9/26
https://www.techbang.com/posts/72484-lecturecorporate-apt
Thinking Thursday 第四場 9/26
https://www.meetup.com/Thinking-Thursday/events/263826166/
[CyCarrier]-奧義智慧資安活動_Fintech威脅剖析 金融科技資安升級 9/26
https://www.zerone.com.tw/TrainingDetial/Seminar/2CB2943BF5366C08%7C581222C91497B312
[Akamai]-Akamai線上研討會快速部署與高效預測抵禦的資安防護網 9/27
https://www.zerone.com.tw/TrainingDetial/Seminar/33439C9B5852933A%7C4D840EFFD881209B
交通大學亥客書院-B022:基礎網頁安全與滲透測試 9/28
https://hackercollege.nctu.edu.tw/?p=1084
JavaScript Developer Conference-2019 2019-09-28(六) 09:30 ~ 2019-10-26(六) 17:30 (GMT+8)
https://www.accupass.com/event/1907081509101081922774
GDG DevFest Taipei 2019 10/1
https://www.meetup.com/GDGTaipei/events/263142255/
資安檢核核心技術及進階技術研討會 10月7日至10月9日
http://bit.ly/2TN2UtD
HITB+ CYBER WEEK 2019/10/12 ~17
https://d2p.hitb.org/
交通大學亥客書院-A006:數位足跡追蹤與分析 10/19
https://hackercollege.nctu.edu.tw/?p=1088
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
AIoT智能物聯網開發人才就業養成班[免費諮詢] 10/22
https://ittraining.kktix.cc/events/aiot-training-2019
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
[Palo Alto Networks]-Palo Alto Networks 直播研討會Part6. MITRE ATT&CK 新資安攻防框架進階產業應用 10/24
https://www.zerone.com.tw/TrainingDetial/Seminar/7747B901A8198AC3%7C1C130FE6FEC34700
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 10/25
https://signupcybersec101.ithome.com.tw/
交通大學亥客書院-A015:進階網頁滲透測試 10/26
https://hackercollege.nctu.edu.tw/?p=1090
資安檢核核心技術及進階技術研討會 10月28日至10月30日
http://bit.ly/2TN2UtD
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/8
https://signupcybersec101.ithome.com.tw/
交通大學亥客書院-P006:高階網頁滲透測試 11/16
https://hackercollege.nctu.edu.tw/?p=1092
Trend Micro CTF 2019 // Raimund Genes Cup FINAL / NOVEMBER 23–24, 2019
https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html
資安檢核核心技術及進階技術研討會11月26日至11月28日
http://bit.ly/2TN2UtD
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/29
https://signupcybersec101.ithome.com.tw/
交通大學亥客書院-B015:惡意程式檢測 11/30
https://hackercollege.nctu.edu.tw/?p=1098
交通大學亥客書院-A018:企業網域控管-Active Directory攻擊與防禦 12/14
https://hackercollege.nctu.edu.tw/?p=1094
Japan Security Analyst Conference
https://jsac.jpcert.or.jp/
訂閱:
張貼留言 (Atom)
2024年 11 月份資安、社群活動分享
2024年 11 月份資安、社群活動分享 FinTech Taipei 2024 台北金融科技展 2024/11/1 https://www.accupass.com/event/2409220219552125240836 2024台以金融科技交流座談會:AI新紀元 Is...
-
2024年 3月份資安、社群活動分享 線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://b...
-
2023年 12月份資安、社群活動分享 零信任身份認證與存取控管 2023/12/1 https://web.tabf.org.tw/page/407020/course11.htm 線上資安專題講座-以攻擊策略演練角度協助企業評估、強化與呈現資安投資成效 2023/12/...
-
2024年 2月份資安、社群活動分享 Taipei All About API Meetup Group - Meet and Greet, 01 Feb 2024, 07:00 PM 2024/2/1 https://www.meetup.com/taipei-all-a...
沒有留言:
張貼留言