資安事件新聞週報 2019/10/7 ~ 2019/10/11
資安事件新聞週報 2019/10/7 ~ 2019/10/11
1.重大弱點漏洞/後門/Exploit/Zero Day
英國政府警告:Pulse Secure、Palo Alto和Fortinet的VPN存在APT攻擊漏洞
https://www.ithome.com.tw/news/133480
Unpatched VPN Servers Targeted by Nation-State Attackers
https://www.bankinfosecurity.com/unpatched-vpn-servers-targeted-by-nation-state-attackers-a-13202
Vulnerabilities exploited in VPN products used worldwide
https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities
Palo Alto PAN-OS 遠端執行程式碼漏洞
https://www.hkcert.org/my_url/zh/alert/19072402
Fortinet FortOS 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19100802
Juniper Networks 產品安全性漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0074
IBM WebSphere Application 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.3731/
https://www.auscert.org.au/bulletins/ESB-2019.3728/
熱門UI設計工具Figma的擴充套件系統存在漏洞,官方抽換底層基礎架構
https://www.ithome.com.tw/news/133492
Notepad++ (x64) before 7.7 CVE-2019-16294 – Remote Code Execution
https://0day.life/exploits/0day-940.html
PHP 7.3 disable_functions Bypass
https://packetstormsecurity.com/files/154728/php7073-bypass.txt
Linux/x86 NOT + XOR-N + Random Encoded /bin/sh Shellcode
https://packetstormsecurity.com/files/154727/linuxnotxorn-shellcode.txt
Hisilicon Hi3518 HD Camera Remote Configuration Disclosure
https://packetstormsecurity.com/files/154720/Hi3518.pl.txt
Slackware Security Advisory - tcpdump Updates
https://packetstormsecurity.com/files/154710/SSA-2019-274-01.txt
DHS and FDA warn about much broader impact of Urgent/11 vulnerabilities
https://www.zdnet.com/article/dhs-and-fda-warn-about-much-broader-impact-of-urgent11-vulnerabilities/#ftag=RSSbaffb68
Fedora drops 32-bit Linux
https://www.zdnet.com/article/fedora-drops-32-bit-linux/#ftag=RSSbaffb68
macOS Catalina beta版可先爽玩Apple Arcade
https://tw.lifestyle.appledaily.com/gadget/20191005/J7YNUDNVO4Q3HWORSRV6ISPD6A/
7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App
https://thehackernews.com/2019/10/iterm2-macos-terminal-rce.html
SA115 : Multiple nginx DNS resolver vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1352.html
SA100 : Apache Tomcat Vulnerabilities
https://support.symantec.com/us/en/article.SYMSA1329.html
思科交換機新漏洞被發現,恐引起新一輪全球掃描
https://anquan.baidu.com/article/922
Cisco 多個產品發布多個安全更新
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-72541
微軟再發佈IE漏洞例外修補程式,所有版本都要安裝
https://www.ithome.com.tw/news/133453
Microsoft Releases October 2019 Patch Tuesday Updates
https://thehackernews.com/2019/10/microsoft-patch-tuesday-october.html
Microsoft October 2019 Patch Tuesday is a light one
https://www.zdnet.com/article/microsoft-october-2019-patch-tuesday-is-a-light-one/#ftag=RSSbaffb68
Microsoft 產品存在安全性弱點
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367
Windows 10 Mobile新漏洞曝光,微軟放棄修復
https://tech.sina.com.cn/mobile/n/n/2019-10-11/doc-iicezuev1362480.shtml
SharePoint 企業伺服器 2016 的安全更新說明:2019 年 10 月 8 日
https://support.microsoft.com/zh-tw/help/4484111/security-update-for-sharepoint-enterprise-server-2016
分析多款D-Link路由器中的未授權RCE漏洞
https://www.anquanke.com/post/id/187923
D-Link router remote code execution vulnerability will not be patched
https://www.zdnet.com/article/d-link-routers-contain-remote-code-execution-vulnerability/#ftag=RSSbaffb68
D-Link -- dhp-1565_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-16920
四款D-Link路由器發現無法修復的漏洞唯一選擇是棄之不用
https://www.cnbeta.com/articles/tech/897255.htm
D-Link路由器曝出RCE漏洞,牽涉多個型號
https://nosec.org/home/detail/3020.html
rsyslog
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-14454
How to Prioritize Vulnerability Patching
https://www.bankinfosecurity.asia/how-to-prioritize-vulnerability-patching-a-13200
Zero-day published for old Joomla CMS versions
https://www.zdnet.com/article/zero-day-published-for-old-joomla-cms-versions/#ftag=RSSbaffb68
vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities
https://thehackernews.com/2019/10/vBulletin-hacking-exploit.html
Adobe Suspends Accounts for All Venezuela Users Citing U.S. Sanctions
https://thehackernews.com/2019/10/adobe-venezuela-sanctions.html
Thunderbird to add built-in support for OpenPGP email encryption standard
https://www.zdnet.com/article/thunderbird-to-add-built-in-support-for-openpgp-email-encryption-standard/#ftag=RSSbaffb68
Intel處理器再爆MDS資安漏洞,更新處理器微碼犧牲效能換取安全
https://buy.line.me/u/article/96367
Android 多個漏洞
https://www.hkcert.org/my_url/zh/alert/19100902
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
強化數位帳戶 迎戰純網銀
https://money.udn.com/money/story/9740/3980473
違反證券法 又傳台灣分析師在上海遭收押 6人限制出境
https://news.cnyes.com/news/id/4388984
手握信用評分執照AISP通吃31國 CRIF集團 歐洲開放銀行先驅
https://www.chinatimes.com/newspapers/20191007000220-260202?chdtv
降低純網銀流動風險 金管會將建置即時監理系統
https://udn.com/news/story/7239/4090726
鯰魚有不同管法 金管會強化純網銀六大管理
https://www.chinatimes.com/realtimenews/20191007003104-260410?chdtv
3家純網銀來襲 公股銀免驚!財部:善用自身業務與優勢
https://www.ettoday.net/news/20191008/1552854.htm
台資被誤認成中資! 上海商銀在香港遭攻擊 金管會說明
https://ec.ltn.com.tw/article/breakingnews/2940657
兆豐金:純網銀與實體銀行,5年內不會有競合問題
http://bit.ly/2OBO1cM
Magecart: New Research Shows the State of a Growing Threat
https://www.riskiq.com/blog/external-threat-management/magecart-growing-threat/
Old Magecart Domains are Being Bought Up for Monetization
https://www.riskiq.com/blog/labs/magecart-reused-domains/
3.電子支付/電子票證/行動支付/ pay/新聞及資安
財金公司建行動支付高速路
https://udn.com/news/story/7239/4086695
掃碼支付 最快年底共用TWQR
https://udn.com/news/story/7239/4086532
「台灣Pay」市占率低迷 財金董座:不以市場競爭為目的
https://www.cmmedia.com.tw/home/articles/17901
電子支付好夯使用人數衝上568萬 一卡通最多人用穩坐冠軍寶座
https://www.ettoday.net/news/20191005/1550457.htm
三星Samsung Pay推出47國跨境轉帳、金融預付卡
https://news.cnyes.com/news/id/4390432
APP綁信用卡消費爭議 金管會建議2步驟解決
http://bit.ly/2Olhp73
台灣不適合行動支付?他曝致命陋習
https://www.chinatimes.com/hottopic/20191005001678-260804?chdtv
北捷e-Shop試辦4個月 支援11種支付購票卡
http://bit.ly/35lb8ya
個資存三方外洩有難度 專家:交換過程也可遭駭客鎖定
https://tw.news.appledaily.com/life/realtime/20191008/1645595/
日本10%消費者稅一週 電子支付系統大當機
http://bit.ly/2ATmnQr
Samsung Pay Cash now available: Budget your spending with this prepaid virtual card
https://zd.net/2AYKDRx
4.虛擬貨幣/區塊鍊相關新聞及資安
讓手機變身加密貨幣離線錢包!Parity發布新版本應用程式
http://news.knowing.asia/news/a17be8f5-84ef-4492-8bb4-99cdd40434bc
日本金融廳發布「基金投資加密資產」準則草案!10 月底前聽取各界意見
https://news.cnyes.com/news/id/4390614
拯救10%的資產安全!MakerDAO修復多抵押品系統重要漏洞
http://news.knowing.asia/news/3e7ad17e-8bfc-41c8-a14d-5cb6feb77e82
郭台銘學院要唸什麼?郭董首推台版Libra
https://udn.com/news/story/7238/4085132?from=udn-catelistnews_ch2
PayPal宣佈退出虛擬貨幣Libra 衝擊臉書推動加密貨幣計劃
https://www.ettoday.net/news/20191005/1550569.htm
加密貨幣持續撼動銀行系統!預計未來10年美國銀行將裁員20萬人
http://news.knowing.asia/news/4bf64ad2-05ac-452b-9410-42bfa539c989
比特幣閃電網路的規格通過了首個「形式化驗證」的安全性測試
http://bit.ly/33loSre
PayPal drops out of Facebook's Libra
https://www.atmmarketplace.com/news/paypal-drops-out-of-facebooks-libra/
PayPal backs out: what does this mean for the future of Facebook’s Libra cryptocurrency
https://www.zdnet.com/article/paypal-backs-out-what-does-this-mean-for-the-future-of-facebooks-libra-cryptocurrency/#ftag=RSSbaffb68
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
駭客專挑企業下手! 無檔案式攻擊暴增265%
https://tw.news.appledaily.com/life/realtime/20191005/1644095/
疑似俄國駭客發展新式RAT,可突破HTTPS加密追蹤上網行蹤
https://www.ithome.com.tw/news/133468
駭客攻擊新手法:用木馬程式破解 HTTPS 加密,透過 Chrome 監視你的上網資料
http://bit.ly/35mNFN7
GalactiCrypter勒索軟體有解了
https://www.ithome.com.tw/news/133476
烏茲別克斯坦黑客組織犯低級錯誤在有卡巴斯基的機器上測試病毒被披露
https://www.cnbeta.com/articles/tech/897049.htm
雲端電子商務平台Volusion的結帳頁面被注入惡意程式
https://ithome.com.tw/news/133560
新的 Muhstik Ransomware 瞄準 NAS 進行攻擊
https://www.twcert.org.tw/tw/cp-104-3009-9f878-1.html
Hackers breach Volusion and start collecting card details from thousands of sites
https://www.zdnet.com/article/hackers-breach-volusion-and-start-collecting-card-details-from-thousands-of-sites/
Sesame Street Store & Volusion customers are comprised; how the cookie monster is stealing credit card info
http://bit.ly/2AYE4yd
Researchers Say They Uncovered Uzbekistan Hacking Operations Due to Spectacularly Bad OPSEC
https://www.vice.com/en_us/article/3kx5y3/uzbekistan-hacking-operations-uncovered-due-to-spectacularly-bad-opsec
Hospitals in US, Australia hobbled by ransomware
https://www.welivesecurity.com/2019/10/03/hospitals-us-australia-ransomware/
The Week in Ransomware - October 4th 2019 - That's all Folks
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-4th-2019-thats-all-folks/
2019-10-03 - DATA DUMP: CLASSIC-STYLE HANCITOR MALSPAM
https://www.malware-traffic-analysis.net/2019/10/03/index.html
Just How Widespread Is Ransomware Epidemic
https://www.bankinfosecurity.com/just-how-widespread-ransomware-epidemic-a-13183
Malware Most Foul: Emotet, Trickbot, Cryptocurrency Miners
https://www.bankinfosecurity.com/malware-most-foul-emotet-trickbot-cryptocurrency-miners-a-13181
If a Bank Sends You Your Passwords via a Text Message, This Android Trojan Could Steal Them
https://www.cyclonis.com/if-bank-sends-passwords-via-text-this-android-trojan-steal-them/
Malware Botnet of $160 planned to rob Crypto from 72,000 Devices
https://orlanko.com/2019/10/04/malware-botnet-of-160-planned-to-rob-crypto-from-72000-devices/
Antivirus Firm, ESET, Reveals Cryptojacking Trojan Targeting Cryptocurrency Users
https://bitcoinexchangeguide.com/antivirus-firm-eset-reveals-cryptojacking-trojan-targeting-cryptocurrency-users/
ANDROID: THIS MALWARE HAS STOLEN MONEY FROM 800 000 BANK ACCOUNTS SINCE 2016
https://www.gizchina.com/2019/10/04/android-this-malware-has-stolen-money-from-800-000-bank-accounts-since-2016/
IC3 Issues Alert on Ransomware
https://www.us-cert.gov/ncas/current-activity/2019/10/04/ic3-issues-alert-ransomware
HIGH-IMPACT RANSOMWARE ATTACKS THREATEN U.S. BUSINESSES AND ORGANIZATIONS
https://www.ic3.gov/media/2019/191002.aspx
Casbaneiro: Dangerous cooking with a secret ingredient
https://www.welivesecurity.com/2019/10/03/casbaneiro-trojan-dangerous-cooking/
More Hidden App Malware Found on Google Play with over 2.1 Million Downloads
https://www.symantec.com/blogs/threat-intelligence/hidden-adware-google-play
Ramnit Targets Japanese Shoppers, Aiming at Top Fashion Brands
https://securityintelligence.com/posts/ramnit-targets-japanese-shoppers-aiming-at-top-fashion-brands/
2019-10-05 - TRAFFIC ANALYSIS EXERCISE
https://www.malware-traffic-analysis.net/2019/10/05/index.html
HildaCrypt Ransomware Developer Releases Decryption Keys
https://www.bleepingcomputer.com/news/security/hildacrypt-ransomware-developer-releases-decryption-keys/
DCH Hospital Pays Ryuk Ransomware for Decryption Key
https://www.bleepingcomputer.com/news/security/dch-hospital-pays-ryuk-ransomware-for-decryption-key/
Report: Android Banking Botnet Targeted Russians
https://www.bankinfosecurity.com/report-android-banking-botnet-targeted-russians-a-13201
GEOST BOTNET. THE STORY OF THE DISCOVERY OF A NEW ANDROID BANKING TROJAN FROM AN OPSEC ERROR
http://public.avast.com/research/VB2019-Garcia-etal.pdf
White-hat hacks Muhstik ransomware gang and releases decryption keys
https://www.zdnet.com/article/white-hat-hacks-muhstik-ransomware-gang-and-releases-decryption-keys/#ftag=RSSbaffb68
Security Advisory for Muhstik Ransomware
https://www.qnap.com/en-us/security-advisory/NAS-201910-02
New sextortion campaign taps altcoins to avoid detection
https://www.zdnet.com/article/new-sextortion-campaign-taps-altcoins-to-avoid-detection/#ftag=RSSbaffb68
B.行動安全 / iPhone / Android /穿戴裝置 /App
Android版WhatsApp含有遠端攻擊漏洞,波及全球數億用戶
https://www.ithome.com.tw/news/133445
攻擊者宣稱可利用0day漏洞完全控制Android手機
https://www.cnbeta.com/articles/tech/895947.htm
安卓再曝零日漏洞,谷歌/三星/華為/小米等多款手機可被控制
https://www.ithome.com/0/448/676.htm
Android 系統曝重大漏洞,手機恐遭駭控制!Google 公佈14款機型清單
https://3c.ltn.com.tw/news/38178
谷歌發佈高危漏洞,18款安卓手機機型受影響
http://finance.sina.com/bg/usstock/usstock_news/thepaper/2019-10-07/doc-ifzpqvem1946556.shtml
國際特赦組織調查!16 款通訊軟體保密排行,WeChat 零分出局
https://3c.ltn.com.tw/news/27035
WhatsApp爆漏洞 一張GIF圖就能讓駭客控制帳戶
https://www.chinatimes.com/realtimenews/20191008003797-260412?chdtv
紐約市執法部購以色列程式 解鎖iPhone取證據
https://inews.hket.com/article/2468182
歐盟警告:5G網路供應商單一 恐受國家支持駭客攻擊
https://ec.ltn.com.tw/article/breakingnews/2942544
愛瘋傳災情!「警示訊息」狂跳關不掉
http://bit.ly/2M6O7I5
SimJacker 漏洞 揭重大私隱危機
http://bit.ly/2AWwrbw
三星:20多處安全漏洞影響所有Galaxy旗艦機型
http://finance.sina.com/bg/tech/technews/sinacn/2019-10-09/doc-ifzpuztq0594053.shtml
三星多款機型現漏洞:涉21個安全問題 影響4000萬用戶
http://finance.sina.com/bg/economy/economy_company/thepaper/2019-10-10/doc-ifzpuztq0618287.shtml
再也看不到追蹤對象按了誰的讚!IG黑暗模式、刪除追蹤中功能等4大更新
https://www.niusnews.com/=P31p0002
西班牙電信阿根廷公司推出由Mavenir提供的信令防火牆
https://times.hinet.net/news/22596533
資料誤用另一例,Twitter 坦承把救急的雙因子認證電話號碼用在針對性廣告
https://technews.tw/2019/10/09/twitter-misuse-of-2fa-on-targeted-ad/
Twitter 承認利用兩步驟認證電話號碼,對使用者進行精準廣告投放
https://www.techbang.com/posts/73415-twitter-admits-it-used-two-factor-phone-numbers-and-emails-for-targeted-advertising
Yubico 向香港抗爭者贊助安全金鑰 Yubikey
http://bit.ly/320fSay
瑞典Yubikey捐港人500條最強網絡保安鎖匙
http://bit.ly/318m1jQ
蘋果為何軟了?下架香港地圖軟體和Quartz新聞
https://www.secretchina.com/news/b5/2019/10/11/910059.html
You Gave Your Phone Number to Twitter for Security and Twitter Used it for Ads
https://thehackernews.com/2019/10/twitter-advertising-privacy.html
Twitter used 2FA phone numbers for ad targeting
https://www.zdnet.com/article/twitter-used-2fa-phone-numbers-for-ad-targeting/#ftag=RSSbaffb68
Google finds Android zero-day impacting Pixel, Samsung, Huawei, Xiaomi devices
https://www.zdnet.com/article/google-finds-android-zero-day-impacting-pixel-samsung-huawei-xiaomi-devices/#ftag=RSSbaffb68
New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
https://thehackernews.com/2019/10/android-kernel-vulnerability.html
Signal fixes FaceTime-like eavesdropping bug
https://www.zdnet.com/article/signal-fixes-facetime-like-eavesdropping-bug/
Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers' Interaction
https://thehackernews.com/2019/10/signal-messenger-bug.html
C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
九毛九收銀系統現漏洞 一門店四名員工截留32萬營收
https://news.sina.com.tw/article/20191009/32891906.html
「2020 全美重要資安大會」
https://www.tca.org.tw/market_info1.php?n=2262
暗網潛航——信息安全風險保險 (一)——偷樑換柱
http://bit.ly/322XkX7
網絡衝突不斷學者:網絡空間急需國際安全架構
https://news.sina.com.cn/c/2019-10-10/doc-iicezuev1112741.shtml
如果ISO 27001證書沒有TAF標誌,還有效嗎
https://www.ithome.com.tw/news/133528
盜用AWS與Cloud雲端運算挖礦,29歲駭客面臨至少34年牢獄刑責
https://www.ithome.com.tw/news/133562
執行紅隊演練,別受制於手上資訊與已知手法、漏洞
https://ithome.com.tw/news/133469
戴夫寇爾剖析漏洞與製作攻擊驗證工具
https://www.ithome.com.tw/news/133523
以攻擊者的角度制定防禦策略
https://devco.re/blog/2019/10/09/def-strategy/
關於台灣首次「網路風暴」聯合演習的幾點看法
https://www.upmedia.mg/news_info.php?SerialNo=72714
追蹤東南亞網路間諜攻擊 Palo Alto發現「PKPLUG」團體
https://udn.com/news/story/7238/4092225
資安報告:23 間大型 VPN 有 6 間中國 VPN公司資料安全成疑
https://unwire.hk/2019/07/10/chinavpn-2/tech-secure/
中共形象全球急速惡化 歐美澳亞皆厭惡
http://bit.ly/333k8Gh
西班牙地方網路遭駭 中央伸援
http://news.m.pchome.com.tw/internation/gpwb/20191005/index-57029084087357201011.html
哈利王子語音郵件被駭 怒控英國2媒體 拒黛妃事件重演
https://www.nownews.com/news/20191007/3675805/
黑客攻擊事件被爆,100萬新西蘭人的健康信息或處於危險之中
http://www.chinesenzherald.co.nz/news/new-zealand/hack-attack-puts-health-details-at-risk/
Algorand 投資部門的CTO手機遭駭,損失高達200萬美元
https://zombit.info/algorands-cto-mobile-phone-in-the-investment-department-suffered-a-loss-of-up-to-2-million/
英國政府警告,有APT組織正利用VPN漏洞大肆攻擊
https://nosec.org/home/detail/3014.html
袁桂笙:若網遭攻擊癱瘓台灣會變網絡孤島
http://news.stnn.cc/hk_taiwan/2019/1006/677080.shtml
路透:伊朗駭客疑試圖侵入川普競選團隊
https://udn.com/news/story/6809/4087238?from=udn-ch1_breaknews-1-cate5-news
不是假消息!微軟證實伊朗駭客發動「網路攻擊」 企圖干涉2020美總統大選
http://n.yam.com/Article/20191007158000
《基督日報》香港版被駭客入侵 強烈譴責違反新聞自由
http://bit.ly/2MmD8sC
干擾美國大選?世界駭客大賽測試發現 超過百款「投票機器」易遭駭客攻陷
https://cnews.com.tw/140191006a02/
領先全歐洲!法國下個月全國實施「臉部辨識」計畫
https://cnews.com.tw/140191007a05/
美國黑名單再增8中企 多數曾助中共監控新疆維族
https://news.ltn.com.tw/news/world/breakingnews/2940829
美國聯邦調查局大轉型 反恐怖主義改成網路安全
https://news.ltn.com.tw/news/world/breakingnews/2744481
泰國新例嚴管網絡言論 用咖啡店 WiFi 會被儲存瀏覽紀錄
http://bit.ly/2OCaoij
英國護照人臉辨識現漏洞 無法檢測深膚色人士
http://bit.ly/2MKipiX
Microsoft: Iran-Backed Group Targeted a Presidential Campaign
https://www.bankinfosecurity.com/microsoft-iran-backed-group-targeted-presidential-campaign-a-13198
Microsoft: Iranian hackers targeted a 2020 presidential campaign
https://www.zdnet.com/article/microsoft-iranian-hackers-targeted-a-2020-presidential-campaign/#ftag=RSSbaffb68
Iranian Hackers Targeted a US Presidential Candidate
https://www.wired.com/story/iran-hackers-target-us-presidential-candidate/
Russian hacker group patches Chrome and Firefox to fingerprint TLS traffic
https://www.zdnet.com/article/russian-hacker-group-patches-chrome-and-firefox-to-fingerprint-tls-traffic/
Report: Nation state hackers and cyber criminals are spoofing each other
https://www.zdnet.com/article/optiv-report-nation-state-hackers-and-cyber-criminals-are-spoofing-each-other/#ftag=RSSbaffb68
Optiv Security Releases Cyber Threat Intelligence Estimate Report to Increase Understanding of Cyber Threat Landscape, Offer Best Practices
https://www.optiv.com/press-releases/optiv-security-releases-cyber-threat-intelligence-estimate-report-increase
New CrowdStrike Threat Hunting Report Reveals Prolific Adversary Trends and Tactics
https://www.crowdstrike.com/resources/news/crowdstrike-releases-falcon-overwatch-mid-year-report-2019/
A 2019 Mid-Year Review From the CrowdStrike Falcon OverWatch Team
https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Microsoft: MFA bypass attacks are so rare we don't have good statistics on them
https://www.zdnet.com/article/microsoft-mfa-bypass-attacks-are-so-rare-we-dont-have-good-statistics-on-them/#ftag=RSSbaffb68
FBI warns about attacks that bypass multi-factor authentication (MFA)
https://www.zdnet.com/article/fbi-warns-about-attacks-that-bypass-multi-factor-authentication-mfa/#ftag=RSSbaffb68
Hacker to 5 Million Victims: “Get Outside More”
https://www.cbronline.com/news/toms-hacked
Schneier slams Australia's encryption laws and CyberCon speaker bans
https://www.zdnet.com/article/schneier-slams-australias-encryption-laws-cybercon-speaker-bans/#ftag=RSSbaffb68
Government interference in Australia's premier cybersecurity conference is a worry
https://www.zdnet.com/article/government-interference-in-australias-premier-cybersecurity-conference-is-a-worry/#ftag=RSSbaffb68
Hackers breach Volusion and start collecting card details from thousands of sites
https://www.zdnet.com/article/hackers-breach-volusion-and-start-collecting-card-details-from-thousands-of-sites/#ftag=RSSbaffb68
France warns of cyberattacks against service providers and engineering offices
https://www.zdnet.com/article/france-warns-of-cyberattacks-against-service-providers-and-engineering-offices/#ftag=RSSbaffb68
76 percent of US businesses have experienced a cyberattack in the past year
https://www.zdnet.com/article/76-percent-of-us-businesses-have-experienced-a-cyberattack-in-the-past-year/#ftag=RSSbaffb68
資安專案管理
http://bit.ly/30Tj9ar
網管兼資安工程師
https://www.104.com.tw/job/6r7uk
趨勢科技/物聯網資安軟體測試實習生(薪高、福利好)
https://worknowapp.com/jobs/ba13f31b-0d9d-4782-ad36-8324f491c4e7
金融聯合徵信中心招考 大學畢43K
https://www.1111.com.tw/zone/school_fresh/article_In.asp?artCat=3&id=128050&agent=out_Epaper25_school_fresh2019100912post03
【資訊】資訊安全管理師-ISO27001
https://www.104.com.tw/job/69jq5?jobsource=jolist_a_relevance
資訊安全管理師 / 資安工程師
https://www.104.com.tw/job/56qde?jobsource=jolist_a_relevance
資訊部門-資訊安全管理師
https://www.104.com.tw/job/4ws6j?jobsource=jolist_a_relevance
V資訊安全管理師
https://www.104.com.tw/job/6fmty?jobsource=jolist_a_relevance
〔資訊〕資深資訊安全管理師(台北)
https://www.104.com.tw/job/5gcqu?jobsource=jolist_a_relevance
資訊安全輔導顧問(台中辦公室)
https://www.104.com.tw/job/6kq0j?jobsource=jolist_a_relevance
資訊安全輔導顧問(台北辦公室)
https://www.104.com.tw/job/6kq0b?jobsource=jolist_a_relevance
資訊安全輔導顧問(台北/台中/高雄辦公室)
https://www.104.com.tw/job/3ra34?jobsource=jolist_a_relevance
合規處-資訊安全顧問
https://www.104.com.tw/job/5nttf?jobsource=jolist_a_relevance
I3601 資訊安全資深工程師(板橋)
https://www.104.com.tw/job/6dd4o?jobsource=jolist_a_relevance
I3601 資訊安全工程師(板橋)
https://www.104.com.tw/job/6doj9?jobsource=jolist_a_relevance
資訊安全事件中心(SOC)輪班正職人員-夜班
https://www.104.com.tw/job/4dzpm?jobsource=jolist_a_relevance
資訊安全售前架構師
https://www.104.com.tw/job/673hb?jobsource=jolist_a_relevance
行政_資訊安全工程師(SOC)
https://www.104.com.tw/job/6gssv?jobsource=jolist_a_relevance
行政_資訊安全工程師(DLP)
https://www.104.com.tw/job/5ucdb?jobsource=jolist_a_relevance
資安管理師
https://www.104.com.tw/job/6m54y?jobsource=jolist_a_relevance
【資訊處】資安規範管理師 Security Compliance
https://www.104.com.tw/job/6p7v6?jobsource=jolist_a_relevance
【資安】資安管理專業人員
https://www.104.com.tw/job/67bcx?jobsource=jolist_a_relevance
ISMS 資安顧問
https://www.104.com.tw/job/6fis1?jobsource=jolist_a_relevance
資訊系統管理師
https://www.104.com.tw/job/6jhgr?jobsource=jolist_a_relevance
資安專案經理
https://www.104.com.tw/job/64mq7?jobsource=jolist_a_relevance
網路系統管理師
https://www.104.com.tw/job/6f3f6?jobsource=jolist_a_relevance
資安技術顧問-E10B
https://www.104.com.tw/job/6he3h?jobsource=jolist_a_relevance
資安技術服務工程師(正職)
https://www.104.com.tw/job/3kmxs?jobsource=jolist_a_relevance
F 資訊作業管理人員
https://www.104.com.tw/job/6beps?jobsource=jolist_a_relevance
[幸福企業人才召募]網路資安工程顧問
https://www.104.com.tw/job/5x4dt?jobsource=jolist_a_relevance
資安專案經理/Project Manager
https://www.104.com.tw/job/2w0gs?jobsource=jolist_a_relevance
數位鑑識與舞弊偵防顧問
https://www.104.com.tw/job/2wf7t?jobsource=jolist_a_relevance
法金_國際資訊管理人員
https://www.104.com.tw/job/5cqzk?jobsource=jolist_a_relevance
專案管理高級工程師【福利佳】
https://www.104.com.tw/job/3cdtq?jobsource=jolist_a_relevance
金融科技、內控人員
https://www.104.com.tw/job/6j1x0?jobsource=jolist_a_relevance
資安Presales-E10B
https://www.104.com.tw/job/6he3g?jobsource=jolist_a_relevance
【資安】資安科技專業人員
https://www.104.com.tw/job/67cru?jobsource=jolist_a_relevance
F-資訊服務規劃師
https://www.104.com.tw/job/4gtpx?jobsource=jolist_a_relevance
海外資安稽核_某知名網路公司 (3003292)
https://m.1111.com.tw/job/91186564/
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
法國下月實施臉部辨識身分 馬克宏「提升行政效率」挨轟
http://bit.ly/352ltPH
AI黑客整合資料 度身定造釣魚電郵
http://bit.ly/2VqTPY1
推特認了 用戶個資不慎用作廣告目的
http://bit.ly/35nzEz2
美司法部要求fb「開路」 讓執法部門調查時閱覽加密訊息
https://hk.news.appledaily.com/international/realtime/article/20191004/60115291
「加州消費者隱私法」明年生效,消費者可以要求刪除什麼樣的數據
https://www.thenewslens.com/feature/timefortune/125541
網路交易三方詐騙難防範 台灣司法人權進步協會:盡量選擇合法交易網站平台
http://bit.ly/2Isdq55
你的個資被外洩? 用這網站搜尋自己就知道
https://udn.com/news/story/7088/4096237
訂房網驚傳個資外洩 228名會員被騙3362萬
https://news.ltn.com.tw/news/Taipei/breakingnews/2938050
訂房網疑洩個資 醫師被騙164萬
https://news.ltn.com.tw/news/society/paper/1323071
Booking.com訂房網疑個資外洩 228會員遭騙3千多萬元
http://bit.ly/2oUZVE5
Booking訂房網疑個資外洩!228會員慘淪詐騙提款機…被騙逾3千萬
https://www.ettoday.net/news/20191006/1551287.htm
Booking訂房網228台人被騙 驚動荷蘭總公司
https://udn.com/news/story/7315/4096205?from=udn-catelistnews_ch2
Booking.com疑似個資外洩非單一案例,近半年民眾通報各網購平臺解除分期詐騙破千件
https://www.ithome.com.tw/news/133558
知名訂房網疑個資外洩 荷蘭總公司與刑事局合作防堵
https://gotv.ctitv.com.tw/2019/10/1141435.htm
北京警方發佈電信網路詐騙犯罪安全防範提示
https://news.sina.com.tw/article/20191001/32830418.html
紐西蘭初級衛生組織Tū Ora遭駭客入侵,外洩100萬名用戶資料
https://ithome.com.tw/news/133509
呼叫器洩漏加拿大溫哥華病患敏感資料:這對企業的意義為何
https://blog.trendmicro.com.tw/?p=62214
小心落入電郵詐騙騙局 駭客造假有3手法
https://money.udn.com/money/story/5648/4097851
電郵詐騙 一個字母坑千萬
https://money.udn.com/money/story/5648/4097807
企業電郵詐騙案沒停過 今年36件拐走上億元
https://money.udn.com/money/story/5648/4097814
防制電郵詐騙五秘訣 幫金庫上安全鎖
https://money.udn.com/money/story/5648/4097844
小心落入電郵詐騙騙局 駭客造假有3手法
https://money.udn.com/money/story/5648/4097851
California Consumer Privacy Act (CCPA): What you need to know to be compliant
https://www.csoonline.com/article/3292578/california-consumer-privacy-act-what-you-need-to-know-to-be-compliant.html
Turkey fines Facebook $282,000 over privacy breach
https://www.reuters.com/article/us-facebook-lawsuit-privacy-turkey/turkey-fines-facebook-282000-over-privacy-breach-idUSKBN1WI0LJ
Nigerian Man Charged in Phishing Scam Targeting US Agencies
https://www.bankinfosecurity.com/nigerian-man-charged-in-phishing-scam-targeting-us-agencies-a-13195
Check If You Are in the Sephora and StreetEasy Data Breaches
https://www.bleepingcomputer.com/news/security/check-if-you-are-in-the-sephora-and-streeteasy-data-breaches/
Turkey Fines Facebook After Data Breach
https://www.bankinfosecurity.asia/turkey-fines-facebook-after-data-breach-a-13199
Data breach at Russian ISP impacts 8.7 million customers
https://www.zdnet.com/article/data-breach-at-russian-isp-impacts-8-7-million-customers/#ftag=RSSbaffb68
Tū Ora Compass Health data breach exposes medical data of one million people
https://www.zdnet.com/article/tu-ora-data-breach-exposes-medical-data-of-one-million-new-zealand-residents/#ftag=RSSbaffb68
Phishing attempts increase 400%, many malicious URLs found on trusted domains
https://www.helpnetsecurity.com/2019/10/09/phishing-increase-2019/
Beware of Fake Amazon AWS Suspension Emails for Unpaid Bills
https://www.bleepingcomputer.com/news/security/beware-of-fake-amazon-aws-suspension-emails-for-unpaid-bills/
E.研究報告
騰訊Blade Team發現雲虛擬化平台QEMU-KVM逃逸漏洞各大雲廠或受影響
http://www.kaixian.tv/gd/2019/1010/1057889.html
《李忠憲專欄》科幻小說與資安
https://living.taronews.tw/2019/10/09/491257/
《李忠憲專欄》資訊安全忙起來就不要
https://taronews.tw/2019/10/10/491557/
《李忠憲專欄》V怪客面具
https://living.taronews.tw/2019/10/10/491581/
如何查看與操弄 Android/iOS App 裡的 HTTPS Request 及 Response
http://bit.ly/30SsBuL
除了 Web API 之外的新選擇 - gRPC 服務
https://dotblogs.com.tw/supershowwei/2019/10/07/090708
「網絡安全預警通報」關於Windows RPD服務遠程代碼執行漏洞的預警通報
http://www.sohu.com/a/345229127_100160592
釣魚郵件的投遞和偽造
https://xz.aliyun.com/t/6325
瀏覽器中的資料庫
https://www.ithome.com.tw/voice/133384
解決最近駭客透過UUIDSpoof入侵其分流並獲取OP進行破壞的四個方案
https://forum.gamer.com.tw/C.php?bsn=18673&snA=179712
GitHub 準備集成Semmle 代碼分析用於持續的漏洞檢測
https://www.infoq.cn/article/D7C0Wgu1N2fsdm0jmwqR?utm_source=rss&utm_medium=article
一篇了解Redis 未授權漏洞利用
https://mp.weixin.qq.com/s/Oy63HY68MdDzL0WBdFLDBQ
網站命令執行滲透測試步驟詳情
https://www.admin5.com/article/20191010/928029.shtml
直抄程式碼惹禍 Stack Overflow成重災區
http://bit.ly/35mGO6z
CVE-2019-1315:基於錯誤報告機制的Windows提權漏洞
https://nosec.org/home/detail/3027.html
主流虛擬化平台QEMU-KVM被曝存在漏洞,可完全控制母機及其虛擬機
https://www.leiphone.com/news/201910/rFUAnGxghqK8M4sa.html
File upload vulnerability scanner and exploitation tool.
https://github.com/almandin/fuxploider
Setup a Centralized Log Server with Rsyslog in CentOS/RHEL 8
https://www.tecmint.com/create-centralized-log-server-with-rsyslog-in-centos-8/
Using the MITRE ATT&CK Navigator for Intelligence Gathering Pre-purple Teaming
https://pentestmag.com/using-the-mitre-attck-navigator-for-intelligence-gathering-pre-purple-teaming/
DNS-over-HTTPS causes more problems than it solves, experts say
https://www.zdnet.com/article/dns-over-https-causes-more-problems-than-it-solves-experts-say/#ftag=RSSbaffb68
ThreadBoat : Program Uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application
https://kalilinuxtutorials.com/threadboat-thread-execution-hijacking/
Web App for Volatility framework
https://github.com/kevthehermit/VolUtility
F.商業
Google資料中心實習計畫曝光 想要進去要有這幾種能力
http://bit.ly/35amjcY
IBM資訊安全部門全球威脅情報防禦產品協理謝明君 100%客製方案 資安缺了OT就Out
https://times.hinet.net/magazine/cp105/22590343
泉順食品攜手精品科技活用X-FORT強化網路監控力
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=50&id=0000569770_40O8444D67OEYJ1PFO5O7
CloudMile 攜手 Multi CDN 專家 mlytics 推出一站式平台 MileCDN
http://n.yam.com/Article/20191008136276
開放原始碼漏洞翻倍,趨勢科技與Snyk聯手出擊
http://bit.ly/35gqbJA
17 Media 資料遷移:從全託管 MongoDB 到 MongoDB Atlas,用戶體驗與工作效率雙提升
https://www.inside.com.tw/article/17763-MongoDB
Arm 為提供嵌入式平台客戶差異化,推出嵌入式 CPU 客製化指令集服務
https://www.cool3c.com/article/148770
Arm enables SoC makers to create custom instructions for embedded CPUs
https://www.zdnet.com/article/arm-enables-soc-makers-to-create-custom-instructions-for-embedded-cpus/#ftag=RSSbaffb68
Cybersecurity giants join forces to combat cyberthreats under OASIS umbrella
https://www.zdnet.com/article/cybersecurity-firms-join-forces-to-combat-open-source-security-woes-under-oasis-umbrella/#ftag=RSSbaffb68
Microsoft's Azure Data Box Edge gets rugged, portable option
https://www.zdnet.com/article/microsofts-azure-data-box-edge-gets-rugged-portable-option/#ftag=RSSbaffb68
Microsoft's unified Office Mobile app: What it is and why it matters
https://www.zdnet.com/article/microsofts-unified-office-mobile-app-what-it-is-and-why-it-matters/#ftag=RSSbaffb68
New Comic Videos Take CISO/Security Vendor Relationship to the Extreme
https://thehackernews.com/2019/10/ciso-cyber-security-videos.html
Breaches are now commonplace, but Reason Cybersecurity lets users guard their privacy
https://thehackernews.com/2019/10/reason-antivirus-protection.html
G.政府
29個法院遭駭攻 綠委憂司院資安不足
http://pchome.megatime.com.tw/news/cat8/20191003/57010460429856224001.html
NCC:專網不一定需要專頻
http://bit.ly/2AI3cJg
中科院列管名單從出入境電腦下線逾2個月 出國管制出現5個月大漏洞
http://bit.ly/2OrBmZZ
修法清查現空窗?中科院:境管並無漏洞
https://news.pchome.com.tw/society/newstaiwandigi/20191006/photo-57035655016335279002.html
傳中科院曝出境管制漏洞 國防部:管制出境人數達1516人
https://newtalk.tw/news/view/2019-10-06/308035
《謠言終結站》國防部:中科院人員出境都納管
https://news.ltn.com.tw/news/politics/paper/1323091
國防部:中科院涉密人員已調整出入境納管期限
https://living.taronews.tw/2019/10/06/487819/
中科院轉型行政法人脫離國安管制 綠委提案補強安全稽核疏漏
http://bit.ly/35fiDXp
政策 人員 技術 打造資安防護金鐘罩
https://udn.com/news/story/6868/4087551
美台國防工業會議展開 許毓仁:資安科技將成為決勝的第一道防線
http://news.knowing.asia/news/dae13976-dcd0-4c8d-9610-ba31493231e6
訂房免用境外平台 台灣旅宿網2.0月底上線
https://www.ttv.com.tw/news/view/10810080013000I/579
柯市府推「智慧販賣機」入校園,成大資安教授揭「AI 潛在危機」
https://buzzorange.com/2019/10/08/taipei-ai-vending-machine/
因應金融環境變化與挑戰 金管會提發展新策略
https://money.udn.com/money/story/5613/4091801
資通電軍資通2大隊國慶假期軍紀宣教 維護國軍榮譽
https://www.ydn.com.tw/News/355665
H.ICS/SCADA 工控系統
10月15日國際工控系統資安研討會台北登場
https://digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000570042_PDQ1G2BW38493N3YLUJ94&cat=60
駭客新招術 癱瘓機台系統
https://money.udn.com/money/story/5648/4097856
Qualcomm -- ipq4019_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10499
Qualcomm -- ipq8074_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10539
Qualcomm -- ipq8074_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10540
Qualcomm -- mdm9205_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-2294
Qualcomm -- mdm9206_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10489
Qualcomm -- mdm9607_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10492
Qualcomm -- mdm9650_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-2252
Qualcomm -- msm8909w_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10509
Qualcomm -- msm8909w_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10538
Qualcomm -- qcs405_firmware
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10510
I.教育訓練
改變歷史的加密訊息
https://ithelp.ithome.com.tw/users/20111946/ironman/2582
網路世界的奇怪冒險
https://ithelp.ithome.com.tw/users/20112000/ironman/2908
Cissp 系列
https://ithelp.ithome.com.tw/users/20118530/ironman/2224
JavaScript 中的同步與非同步(上):先成為 callback 大師吧
https://blog.huli.tw/2019/10/04/javascript-async-sync-and-callback/
資安攻防最後一步:學會滲透測試
https://ithome.com.tw/pr/133484
讓駭客走過,就留下痕跡!你需要學會資安分析實務
http://bit.ly/2VoGTlK
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
想躲過AI 監控? 戰鬥民族研發「反臉孔辨識」化妝術
https://fnc.ebc.net.tw/FncNews/business/101960
OT人效率擺第一 資安危機應對心態要調整
https://www.mem.com.tw/arti.php?sn=1910050010
2020 年智慧工廠資安趨勢:AI、邊緣運算為何成為駭客最愛的攻擊弱點
https://buzzorange.com/techorange/2019/10/07/iiot-security-trends-2020/
別讓物聯網成「惡」聯網 政策 人員 技術 打造資安防護金鐘罩
http://bit.ly/2VrcAKX
科技連接未來! 你該知道的物聯網重點有這些
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=13&id=0000569868_5GR79QQA7W90067CDC7NK
Answering IoT Security Questions for CISOs
https://blog.trendmicro.com/answering-iot-security-questions-for-cisos/
6.近期資安活動及研討會
HITB+ CYBER WEEK 2019/10/12 ~17
https://d2p.hitb.org/
白帽駭客體驗實作 10/13
https://www.sce.pccu.edu.tw/event/chtweb/index.html
HAKON – International Information Security Meet 10/13
https://infosec-conferences.com/events-in-2019/hakon/
國家高速網路與計算中心 台灣杉一號高速計算主機使用進階課程 10/14
https://edu.nchc.org.tw/course/one_course_introduction.asp
M3AAWG 47th General Meeting 10/14 ~ 10/17
https://infosec-conferences.com/events-in-2019/m3aawg-47th-general-meeting/
數位時代,自已的權利自己顧 -- 不可不知!基礎資安教戰講座 10/15
https://ocftw.kktix.cc/events/e0c1048b
AWS Transformation Day 10/15
https://amzn.to/2ksO8Lb
智資時代 2019 科技法制前瞻論壇 10/15
https://seminar.ithome.com.tw/live/iii20191015/index.html?eDM_iThome
AI時代下,資安與視覺化的觀點與實例 10/16
https://www.tiai.org.tw/tiaiActDetailClass?sno=19
2019 IBM Cloud 用戶實作課程秋季班 10/16
https://ibm.co/2n4VNQQ
BSides Ahmedabad 10/16
https://infosec-conferences.com/events-in-2019/bsides-ahmedabad/
TFUG Taipei | TensorFlow All Around 10/16
https://www.meetup.com/TensorFlow-User-Group-Taipei/events/264713077/
第八屆國際程式競賽 CodeVita Season 8 即日起至10/17日報名截止
https://bhuntr.com/tw/competitions/104724210865172005190909102w
Data Connectors Toronto Tech-Security – October 10/17
https://infosec-conferences.com/events-in-2019/data-connectors-toronto-october/
Kotlin/Everywhere GDG Hsinchu - Kotlin on Cloud and Web 10/17
https://www.meetup.com/GDG-Hsinchu/events/263741333/
2019 Space Apps Challenge_NASA 黑客松台北場 10/18
https://www.facebook.com/events/2112377919060176/
2019 邊緣運算論壇 - AI + IoT 備戰台商回流潮,IIoT 智慧升級 10/18
https://www.accupass.com/event/1909040655361186052756
2019 CYBERSPACE聯合研討會 10/18 ~ 10/19
https://cyberspace.ttu.edu.tw/cyber2019/
Crosslink Taiwan 2019 10/19
https://www.meetup.com/Taipei-Ethereum-Meetup/events/264302796/
交通大學亥客書院-A006:數位足跡追蹤與分析 10/19
https://hackercollege.nctu.edu.tw/?p=1088
無痛上手-WiFi無線網路安全檢測 10/20
https://www.sce.pccu.edu.tw/event/chtweb/index.html
日盛金融黑客松 報名至10/20 止
https://app.jsun.com/hackathon/Main
DEVCORE 那些年我回報的漏洞踩雷經驗 10/21
https://hackersir.kktix.cc/events/orange1021
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
國家高速網路與計算中心 平行計算程式設計基礎課程 10/22
https://edu.nchc.org.tw/course/one_course_introduction.asp
AIoT智能物聯網開發人才就業養成班[免費諮詢] 10/22
https://ittraining.kktix.cc/events/aiot-training-2019
IEEE Symposium on Visualization for Cyber Security (VizSec) 10/23
https://infosec-conferences.com/events-in-2019/vizsec/
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
從網路基礎建設安全談RPKI與DDoS 10/24
https://twnic-icann.kktix.cc/events/108-7
[Palo Alto Networks]-Palo Alto Networks 直播研討會Part6. MITRE ATT&CK 新資安攻防框架進階產業應用 10/24
https://www.zerone.com.tw/TrainingDetial/Seminar/7747B901A8198AC3%7C1C130FE6FEC34700
Cybersecurity Conference Rhein-Neckar 10/24 ~ 10/25
https://infosec-conferences.com/events-in-2019/cybersecurity-rhein-neckar/
Identity Days 10/24
https://infosec-conferences.com/events-in-2019/identity-days/
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 10/25
https://signupcybersec101.ithome.com.tw/
國家高速網路與計算中心 大數據軟體開發平台與深度學習、HBase(大數據資料庫)開發應用案例 10/25
https://edu.nchc.org.tw/course/one_course_introduction.asp
交通大學亥客書院-A015:進階網頁滲透測試 10/26
https://hackercollege.nctu.edu.tw/?p=1090
International Conference on Networks & Communications (NETWORKS) 10/26 ~ 10/27
https://infosec-conferences.com/events-in-2019/networks/
亞洲‧矽谷學院108年免費認證考試 10/27
https://college.asvda.org.tw/
International Conference on Emerging Security Information, Systems and Technologies (SECURWARE) 10/27 ~ 10/31
https://infosec-conferences.com/events-in-2019/securware/
SANS Amsterdam October 10/28
https://infosec-conferences.com/events-in-2019/sans-amsterdam-october/
工業自動化資安管理與實務 10/29 ~ 10/30
https://www.ivendor.com.tw/website/featured_detial/91
資安檢核核心技術及進階技術研討會 10月28日至10月30日
http://bit.ly/2TN2UtD
Foundations in Digital Forensics with EnCase® (DF120) (原CF1) 10/28 ~ 10/31
https://www.iforensics.com.tw/cgi-bin/registform.cgi?pick=39
International Workshop on Reliability and Security Data Analysis (RSDA) 10/28 ~ 10/31
https://infosec-conferences.com/events-in-2019/rsda/
International Symposium on Software Reliability Engineering (ISSRE) 10/28 ~ 11/1
https://infosec-conferences.com/events-in-2019/issre/
Securing New Ground 10/29 ~ 10/30
https://infosec-conferences.com/events-in-2019/securing-new-ground/
CEBIT Australia 10/29 ~ 10/31
https://infosec-conferences.com/events-in-2019/cebit-australia/
OWASP AppSec Day Melbourne 11/1
https://infosec-conferences.com/events-in-2019/owasp-appsec-day-melbourne/
Hackfest 2019 11/1 ~ 11/3
https://infosec-conferences.com/events-in-2019/hackfest-2019/
行政院資安學院 物聯網資安培訓課程 11/3 ~ 11/30
https://www.accupass.com/event/1810080517061259295030
Elite East Coast CISO Summit 11/3~11/5
https://infosec-conferences.com/events-in-2019/elite-east-coast-ciso-summit/
Red Hat Forum Taipei 2019 11/5
https://www.facebook.com/events/1390202967799392/
Cyber Security Summit: Boston 11/6
https://infosec-conferences.com/events-in-2019/cyber-security-summit-boston/
駭客攻防暨數位鑑識系列一(第1期) 11/7
https://service.tabf.org.tw/Training/CourseDetail.aspx?PID=384540
網路攻擊鏈( Cyber Kill Chain)各階段實作 (6hr) 11/7
http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384540
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/8
https://signupcybersec101.ithome.com.tw/
BSides Charleston 11/9
https://infosec-conferences.com/events-in-2019/bsides-charleston/
Kotlin/Everywhere GDG Taoyuan - 運用 Ktor 建置一個以 Kotlin 打造的後端服務 11/9
https://www.meetup.com/GDGTaoyuan/events/264776152/
OpenInfra Day Taiwan 11/12
http://openinfra.digitimes.com.tw/
CLEAR Cyber Leaders Conference 11/12 ~ 11/13
https://infosec-conferences.com/events-in-2019/clear-cyber-leaders-conference/
Windows檔案系統及檔案還原 (6hr) 11/14
http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384541
Digital Internet Summit 11/14
https://infosec-conferences.com/events-in-2019/digital-internet-summit/
INTERFACE – Nebraska 11/14
https://infosec-conferences.com/events-in-2019/interface-nebraska/
SecureWV – Hack3rCon 11/15 ~ 11/17
https://infosec-conferences.com/events-in-2019/securewv-hack3rcon/
交通大學亥客書院-P006:高階網頁滲透測試 11/16
https://hackercollege.nctu.edu.tw/?p=1092
FS-ISAC Fall Summit 11/17 ~ 11/20
https://infosec-conferences.com/events-in-2019/fs-isac-fall-summit/
Microsoft IoT in Action 11/20
https://www.iotinactionevents.com/event/taipei
Infosecurity ISACA North America Expo and Conference 11/20 ~ 11/21
https://infosec-conferences.com/events-in-2019/isaca-north-america-expo-conference/
檔案特徵值比對與關鍵字搜尋 (2hr) Open Source數位鑑識工具實務操作 (5hr) 11/21
http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384542
Trend Micro CTF 2019 // Raimund Genes Cup FINAL / NOVEMBER 23–24, 2019
https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html
資安檢核核心技術及進階技術研討會11月26日至11月28日
http://bit.ly/2TN2UtD
人資人員必修的職安法規定 11/26
https://www.accupass.com/event/1909121441141977826554
模擬案例鑑識分析實務 (6hr) 11/28
http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384543
Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/29
https://signupcybersec101.ithome.com.tw/
交通大學亥客書院-B015:惡意程式檢測 11/30
https://hackercollege.nctu.edu.tw/?p=1098
亞洲‧矽谷學院108年免費認證考試 11/30
https://college.asvda.org.tw/
Digital Summit Dallas 12/4
https://infosec-conferences.com/events-in-2019/digital-summit-dallas/
Kansas City Cyber Security Conference 12/5
https://infosec-conferences.com/events-in-2019/kc-cyber-security-conference/
CyberMaryland Conference 12/5 ~ 12/6
https://infosec-conferences.com/events-in-2019/cybermaryland-conference/
FutureCon Nashville Cyber Security Conference 12/11
https://infosec-conferences.com/events-in-2019/futurecon-nashville/
Utility Cyber Security Forum December 12/11
https://infosec-conferences.com/events-in-2019/utility-cyber-security-forum-dec/
交通大學亥客書院-A018:企業網域控管-Active Directory攻擊與防禦 12/14
https://hackercollege.nctu.edu.tw/?p=1094
Japan Security Analyst Conference
https://jsac.jpcert.or.jp/
訂閱:
張貼留言 (Atom)
2024年 12 月份資安、社群活動分享
2024年 12 月份資安、社群活動分享 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/12/3 https://www.meetup.com/taiwan-code-camp/e...
-
2024年 3月份資安、社群活動分享 線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://b...
-
2024年 2月份資安、社群活動分享 Taipei All About API Meetup Group - Meet and Greet, 01 Feb 2024, 07:00 PM 2024/2/1 https://www.meetup.com/taipei-all-a...
-
2024年 5 月份資安、社群活動分享 資安五四三 2024/5/2 https://csa.kktix.cc/events/202405-543 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/5/2 http...
沒有留言:
張貼留言