跳到主要內容

資安事件新聞週報 2019/12/23 ~ 2019/12/27






資安事件新聞週報  2019/12/23  ~  2019/12/27

1.重大弱點漏洞/後門/Exploit/Zero Day
IBM WebSphere Application Server 遠端執行任意程式碼漏洞
https://www.ibm.com/support/pages/node/1115085

Dropbox含有可取得系統權限的安全漏洞
https://www.ithome.com.tw/news/134979

360安全大腦發現並協助修復VMware遠程高危漏洞
https://finance.jrj.com.cn/2019/12/25151428585242.shtml

你找到1個大漏洞拿4500萬!蘋果撒錢擴大漏洞懸賞計畫
https://www.setn.com/News.aspx?NewsID=659037

重賞 $11,680,000 ! Apple 開放舉報保安漏洞懸賞機制
http://bit.ly/2MntKWL

OnePlus推賞金獎勵計劃 找出系統漏洞最高獎逾5萬元
https://reurl.cc/EKN48a

Citrix修補遠端程式攻擊漏洞
https://www.ithome.com.tw/news/135005

Citrix Systems Citrix ADC and NetScaler Gateway和Citrix Application Delivery Controller 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781

Citrix產品中的漏洞使80000家公司面臨風險
https://www.linuxidc.com/Linux/2019-12/161805.htm

SonicWall SMA100 SQL注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7484

思科 Talos 2019 年漏洞發現回顧
https://www.weibo.com/ttarticle/p/show?id=2309404452749252100473#_0

Cisco ASA DoS bug attacked in wild
https://blog.talosintelligence.com/2019/12/ASA-Bug-Attacked-In-The-Wild.html

ASUS ATK Package可信路徑代碼執行漏洞(CVE-2019-19235)
https://www.venustech.com.cn/article/1/10862.html

F5 BIG-IP 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6683

F5 BIG-IP ASM 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6682

F5 BIG-IP tmrouted 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6681

安全研究員披露Chrome 的Magellan 2.0 漏洞
https://www.solidot.org/story?sid=63057

知名嵌入式資料庫SQLite藏匿遠端程式攻擊漏洞
https://www.ithome.com.tw/news/135058

騰訊刀鋒安全團隊發現嚴重SQLite漏洞收到谷歌蘋果致謝
https://www.cnbeta.com/articles/tech/925215.htm

安全人員發現SQLite新漏洞谷歌Chrome瀏覽器受影響
http://finance.eastmoney.com/a/201912241334541865.html

谷歌警告印度用戶:Chrome 79可能存在洩漏網站密碼bug
http://finance.sina.com.cn/stock/relnews/us/2019-12-24/doc-iihnzhfz7898381.shtml

Google Chrome impacted by new Magellan 2.0 vulnerabilities
https://www.zdnet.com/article/google-chrome-impacted-by-new-magellan-2-0-vulnerabilities/#ftag=RSSbaffb68

Drupal 產品存在安全性弱點
https://www.us-cert.gov/ncas/current-activity/2019/12/19/drupal-releases-security-updates

Microsoft 產品 SharePoint 存在 API 資訊洩露弱點
https://www.us-cert.gov/ncas/current-activity/2019/12/18/microsoft-releases-information-cve-2019-1491

ZTE ZXCLOUD GoldenData VAP 加密問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3431

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
香港首家虛擬銀行ZA Bank正式啟動試業,僅開放2千名用戶率先體驗
https://times.hinet.net/news/22706541

純網銀時代來臨!專家預測資安問題恐升溫
https://newtalk.tw/news/view/2019-12-22/343441

老行庫資訊系統更新 五層面先行
http://bit.ly/2roynZk

專家建議:開放銀行也要「放開」銀行
http://bit.ly/2QcX5UF

消費者擔心網路上處理銀行服務可能存在風險
https://news.sina.com.tw/article/20191223/33773512.html

第一銀行 獲聯徵中心金安獎、金優獎雙獎
https://www.chinatimes.com/realtimenews/20191225004324-260410?chdtv

銀行、券商明年可跨機構查信用資料
https://m.ctee.com.tw/livenews/aj/a91617002019122514342247?area=

銀行證券信用資料互通 負面聯徵第1季上線
http://n.yam.com/Article/20191227926173

資策會推個資保護管理,集保獲績優廠商
https://www.chinatimes.com/realtimenews/20191226003556-260410?chdtv

金融業徵才考試新變革 研訓院推「金融學測」明年上線
https://fnc.ebc.net.tw/FncNews/stock/110890

2020新趨勢:臺灣開放銀行邁進下一步,異業結盟將成為金融業全新戰場
https://ithome.com.tw/news/135053

Canadian banks targeted in a massive phishing campaign
https://research.checkpoint.com/2019/canadian-banks-targeted-in-a-massive-phishing-campaign/

One Day, Three Credit Card Data Breach Notifications
https://www.bleepingcomputer.com/news/security/one-day-three-credit-card-data-breach-notifications/

Banks to shut outdoor ATMs at night to reduce the risk of explosive attacks
https://www.dutchnews.nl/news/2019/12/banks-to-shut-outdoor-atms-at-night-to-reduce-the-risk-of-explosive-attacks/

Alleged bank vault robber posed with cash on Instagram, Facebook
https://nakedsecurity.sophos.com/2019/12/18/alleged-bank-vault-robber-posed-with-cash-on-instagram-facebook/

FBI Arrests Former Bank Employee Charged With Stealing Cash From Bank Vault
https://www.justice.gov/usao-wdnc/pr/fbi-arrests-former-bank-employee-charged-stealing-cash-bank-vault

Ambitious scam wants far more than just PayPal logins
https://www.welivesecurity.com/2019/12/20/scam-wants-more-than-paypal-logins/

Hackers Stole Customers' Payment Card Details From Over 700 Wawa Stores
December 20, 2019
https://thehackernews.com/2019/12/wawa-store-hacking.html

Ambitious scam wants far more than just PayPal logins
https://www.welivesecurity.com/2019/12/20/scam-wants-more-than-paypal-logins/

NCR ATM Security Update Combination Lock Filming
http://bit.ly/2tMMf0h

3.電子支付/電子票證/行動支付/ pay/新聞及資安
行動支付大爆發,前 10 月總交易額近 900 億元
https://technews.tw/2019/12/25/taiwan-mobile-payment-total-transaction-volume-growth/

悠遊卡遭電子支付打趴? 網曝真相:曾經一手好牌
http://bit.ly/2QATv7l

電子支付使用人數破 600 萬,一卡通及街口占五成
https://technews.tw/2019/12/04/taiwan-the-number-of-electronic-payment-users-exceeded-6-million/

悠遊卡公司開始試營運電子支付服務「悠遊付」,明年Q1正式上路
https://ithome.com.tw/news/134885

長榮航空App優化 護照、登機證存入Google pay
https://udn.com/news/story/7241/4252919

4.虛擬貨幣/區塊鍊相關新聞及資安
法國銀行將於2020年測試數字貨幣
http://bit.ly/2ELZKzq

道阻且長仍續進 區塊鏈新創BITMARK為精準醫療鋪路
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=70&id=0000575366_XKJ4DEOS528R6E70A8LOT

xdite鄭伊庭的虛擬貨幣交易所倒了
https://disp.cc/b/163-bWaK

管理區塊鏈!中國頒布"密碼法"元旦上路
https://www.ustv.com.tw/UstvMedia/news/109/20191225A164

中國密碼法將上路 分析:為控制區塊鏈而部署
https://www.cna.com.tw/news/firstnews/201912250366.aspx

中國大陸密碼法將上路 專家:為控制區塊鏈而部署
https://www.chinatimes.com/realtimenews/20191225005383-260409?chdtv

Upbit交易所大額ETH被盜事件詳細分析
https://learnblockchain.cn/2019/11/28/Upbit/

BPJ 近況整理|幣寶日本聖誕節重啟「新用戶註冊」,宣布已恢復駭客「事件前的所有服務功能」
https://www.blocktempo.com/bitpoint-japan-process-after-got-hacked/

全景掃描2019區塊鏈安全事件:數字資產被盜,項目方跑路
https://tech.sina.com.cn/roll/2019-12-26/doc-iihnzhfz8361458.shtml

600架挖礦機人間蒸發 冰島「史上最大竊案」至今成謎
http://bit.ly/2QqWZJe

倒數計時4天,澳本聰聲稱「即將解鎖」百萬枚比特幣真的會流入市場嗎
https://www.techbang.com/posts/75240-countdown-7-days-will-aoben-congs-on-the-road-huge-wealth-destroy-the-market

冷錢包又雙叒叕被發現有漏洞?到底有沒有安全的冷錢包
https://www.chainnews.com/zh-hant/articles/647103147109.htm

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
2019年最活躍的銀行木馬:Trickbot更新密碼擷取模組,鎖定更多應用程式和服務
https://blog.trendmicro.com.tw/?p=62934

Waterbear 又回來了,這次使用 API 攔截技巧躲避資安產品偵測
https://blog.trendmicro.com.tw/?p=62956

採礦殭屍網路MyKings將惡意程式藏泰勒絲照片,中國、臺灣和日本都是災區
https://www.ithome.com.tw/news/134972

兩隻新勒索病毒:Snatch重啟電腦進入安全模式/ Zepplin鎖定歐美
https://blog.trendmicro.com.tw/?p=62964

FBI警告企業留意LockerGoga與MegaCortex勒索軟體
https://ithome.com.tw/news/135008

勒贖軟體 Emotet 假借瑞典環保女孩或耶誕節之名散布釣魚郵件
https://www.twcert.org.tw/tw/cp-104-3174-45c2e-1.html

Maze勒索軟體駭客公布佛州彭薩科拉市資料
https://www.ithome.com.tw/news/135042

美國廣播公司Entercom遭駭客攻擊,被迫拿錄音節目墊檔
https://ithome.com.tw/news/135033

攜帶數十個惡意軟件的《星戰9》種子資源,你還敢下載嗎
https://www.freebuf.com/news/223674.html

北韓駭客Lazarus開發出瞄準Linux的木馬程式
https://www.ithome.com.tw/news/135048

Avast這個過去被大力推薦的免費防毒軟體,現在怎麼「墮落」成了流氓軟體
https://www.techbang.com/posts/75263-anti-virus-software-once-used-to-keep-computers-safe-is-now-depraved-into-rogue-software

Spelevo工具包利用Flash Player漏洞,分發Maze勒索軟件
https://redqueen.tj-un.com/IntelDetails.html?id=361f65d4ff6b4cb2a10da4150aafb17d

被植惡意軟件Wawa大量客戶數據洩露
http://www.epochtimes.com/gb/19/12/26/n11747508.htm

藏有惡意程式之PDFReader,竊取使用者Facebook金融及廣告資訊
https://www.twcert.org.tw/tw/cp-104-3191-7edbf-1.html

Emotet Wishes You a Merry Christmas from Greta Thunberg
https://www.proofpoint.com/us/corporate-blog/post/emotet-wishes-you-merry-christmas-greta-thunberg

Emotet Malware Uses Greta Thunberg Demonstration Invites as Lure
https://www.bleepingcomputer.com/news/security/emotet-malware-uses-greta-thunberg-demonstration-invites-as-lure/

Emotet Gang Changes Tactics Ahead of the Winter Holidays
https://www.bleepingcomputer.com/news/security/emotet-gang-changes-tactics-ahead-of-the-winter-holidays/

Emotet Modifies Command & Control URI Structure and Brings Back Link-based Emails
https://cofense.com/emotet-modifies-command-control-uri-structure-brings-back-link-based-emails/

Emotet Spammers Send Christmas Phishing Emails
https://www.infosecurity-magazine.com/news/emotet-spammers-send-christmas/

Emotet Modifies Command & Control URI Structure and Brings Back Link-based Emails Cofense • Phishing
https://cofense.com/emotet-modifies-command-control-uri-structure-brings-back-link-based-emails/

Frankfurt shuts down IT network following Emotet infection
https://www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/

Achtung: Schadhafte SPAM-Mails im Namen mehrerer Bundesbehörden
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2019/Spam-Bundesbehoerden_181219.html

Report: 267 million Facebook users IDs and phone numbers exposed online
https://www.comparitech.com/blog/information-security/267-million-phone-numbers-exposed-online/

Hackers Behind GozNym Malware Sentenced for Stealing $100 Million
https://thehackernews.com/2019/12/goznym-malware-sentenced.html

Manitoba insurance brokerage falls victim to ransomware attack
https://www.insurancebusinessmag.com/ca/news/cyber/manitoba-insurance-brokerage-falls-victim-to-ransomware-attack-195367.aspx

Andrew Agencies Ltd. – December 19, 2019 Re: Ransomware incident
https://www.andrewagencies.com/news/ransomware-incident/

Canada's broadcasting agency fines company behind the Orcus malware
https://www.zdnet.com/article/canadas-broadcasting-agency-fines-company-behind-the-orcus-rat/#ftag=RSSbaffb68

Windows Remote Desktop Services Used for Fileless Malware Attacks
https://www.bleepingcomputer.com/news/security/windows-remote-desktop-services-used-for-fileless-malware-attacks/

Emotet Reigns in Sandbox's Top Malware Threats of 2019
https://www.bleepingcomputer.com/news/security/emotet-reigns-in-sandboxs-top-malware-threats-of-2019/

B.行動安全 / iPhone / Android /穿戴裝置 /App
騰訊、新浪、小米都中槍,中國官方公布 41 款違法蒐集個資 APP
https://www.inside.com.tw/article/18427-tencent-sina-targeted-in-chinas-privacy-crackdown-on-41-apps

新興聊天 App「ToTok」遭爆是來自阿拉伯聯合大公國的間諜工具
https://www.inside.com.tw/article/18439-totok-app-may-be-uae-spying-tool

阿國開發訊息程式ToTok涉嫌竊資 美專家:網路從不安全
https://www.nownews.com/news/20191226/3843521/

中東熱門App疑政府間諜工具 蘋果和Google急下架
https://www.cna.com.tw/news/firstnews/201912240033.aspx

蘋果、Google緊急下架!外媒踢爆:這聊天軟體是政府竊聽工具
https://fnc.ebc.net.tw/FncNews/tech/110892

中東視訊軟體ToTok傳實為阿聯的間諜工具
https://www.ithome.com.tw/news/135004

傳不堪美國施壓 字節跳動有意出售TikTok股權套利
https://ec.ltn.com.tw/article/breakingnews/3018700

Android端Twitter應用曝出安全漏洞:信息恐已洩漏推薦盡快更改密碼
https://finance.sina.cn/stock/relnews/us/2019-12-22/detail-iihnzhfz7496610.d.html?vt=4&pos=102&cid=76524

兒童智能手錶存漏洞 黑客輕易盜取數據資料
http://bit.ly/395CA4X

兒童追蹤智慧手錶的雲端後台易生漏洞 可能洩漏重要個資
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&id=0000575402_j863l8lv1khlt219l2og9

國產兒童智能錶 或易遭黑客攻擊
https://reurl.cc/L1x6yL

截取通訊監管制度落後 須立即改革
https://reurl.cc/M7mypp

公共USB充電危機滿滿!Juice Jacking令手機隨時被駭加中毒
https://www.esquirehk.com/gear/gadget/usb-charging-juice-jacking

手機使用公共USB充電 插入前請記得戴套
https://www.chinatimes.com/realtimenews/20191223004262-260405?chdtv

美國 CERT / CC 指出蘋果自 iPhone 4S 到 iPhone X 的處理器有致命安全漏洞,且可能無法修補
https://www.cool3c.com/article/150561

傻眼!發票App系統異常 竟出現單筆10億元消費款項
https://tw.finance.appledaily.com/realtime/20191224/1681158/

2020 安卓手機最佳防毒 App !外媒評選:這 6款最實用
https://3c.ltn.com.tw/news/39027

eSIM 收費吃定用戶 ?NCC:尚未普及前,仍具一定成本
https://www.kocpc.com.tw/archives/298751

被指eSIM讓5大電信獲暴利5億 NCC嚴正澄清聲明
https://www.nownews.com/news/20191224/3838825/

你的好友會變少、網紅會褪色...2020年社群網站會發生這5件事
https://www.businessweekly.com.tw/international/blog/3001372

勤業眾信:2020年全球將有超過百家企業測試5G專網
https://ithome.com.tw/news/135045

台灣明年5G商轉 電信三雄招募逾4000名資通訊人才
https://news.cnyes.com/news/id/4427109

電信業者明年持續徵才 遠傳預計招募逾千人
https://money.udn.com/money/story/5612/4249072

500萬人用山寨12123查違章?高仿APP不只是坑錢
https://www.cnbeta.com/articles/tech/925087.htm

iPhone 11越獄不遠!駭客成功取得A13設備iOS 13.3的Root權限
https://mrmad.com.tw/ibsparkes-tfp0-a13-ios13-3

義大利國會對政府發警訊:應禁止華為等中資廠商供應 5G設備
https://www.inside.com.tw/article/18468-italian-lawmakers-urge-government-to-consider-huawei-5g-ban

一次對客戶APP滲透測試服務 深挖漏洞防止攻擊的辦法
https://read01.com/nEeQjdn.html#.XgVkPEczbIU

讓 iPhone 與 iPad 數秒內淪陷的 62078 蘋果後門
https://www.techbang.com/posts/75216-ios-62078

WhatsApp驚爆漏洞 黑客可傳群組信息致程式癱瘓
http://www.orangenews.hk/news/system/2019/12/27/010135329.shtml

C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
HITCON DEFENSE 2019 花絮
https://www.facebook.com/watch/?v=1212796132240987

台灣上網人數突破2千萬 唯付費資安防護意願低 恐成隱憂
https://ec.ltn.com.tw/article/breakingnews/3021319

資安人必看!SecBuzzer 暗網情資整理(2019 年 11、12 月號)
https://secbuzzer.co/post/165

有插就有風險 USB也戴起保險套
https://www.mirrormedia.mg/story/20161108int001

駭客將《異塵餘生 76》公共伺服器玩家身上的裝備全部偷光光
https://chinese.engadget.com/chinese-2019-12-25-fallout-76-hackers-wiped-out-players-inventories.html

聖誕夜《英雄聯盟》玩家收恐嚇簡訊 官方賠償道歉被批沒誠意
http://bit.ly/2F82SGh

資安專家發現網頁上的明星圖像資料中暗藏挖礦機器人程式碼
https://www.twcert.org.tw/tw/cp-104-3185-76db0-1.html

2019大型網路攻擊事件頻發,AI能擋住每39秒一次的攻擊嗎
https://www.techbang.com/posts/75122-with-a-high-incidence-of-cyber-attacks-in-2019-can-ai-block-every-39-seconds

22歲英國青年勒索Apple 300萬落網 遭法院判2年緩刑、300小時無償勞動
https://www.ettoday.net/news/20191224/1608867.htm

網攻美科技巨頭 駭客返陸開班授課
https://www.chinatimes.com/realtimenews/20191225001811-260408?chdtv

涉美網攻 大陸駭客服刑期滿回國續任教
https://www.chinatimes.com/realtimenews/20191225001970-260409?chdtv

曾駭高通、Riot 中國駭客在美服刑期滿、回上海續授課
https://ec.ltn.com.tw/article/breakingnews/3019638

技術員月薪萬余黑客年薪過億 神秘黑手伸向交易所
https://news.sina.com.tw/article/20191225/33792262.html

“女駭客”攻破博彩網站?男子被騙走38000元
http://big5.eastday.com:82/gate/big5/sh.eastday.com/m/20191224/u1ai20249858.html

英國航空供應商前員工駭進英航系統,被判10個月的刑期
https://ithome.com.tw/news/134987

以色列間諜軟件技術很強?英媒爆料:巴基斯坦多名高官手機被入侵
http://www.sohu.com/a/361895622_253257

英媒:至少24名巴基斯坦政府官員手機被黑客攻擊
https://news.sina.com.tw/article/20191224/33776458.html

抖音存資安疑慮 美國海軍公告禁用
https://www.taiwannews.com.tw/ch/news/3842101

當全球都在反中國滲透,台灣能不警覺
https://reurl.cc/rlb6M4

「不希望人民使用不能破解的密碼」中國密碼法 2020 上路,要求加密技術給政府審查
https://buzzorange.com/techorange/2019/12/25/law-of-cyber-password/

中國駭客組織捲土重來! 對10個國家進行間諜活動
https://news.ltn.com.tw/news/world/breakingnews/3014877

資安專家警告中國駭客團重出江湖 攻擊範圍已擴展至10國
https://times.hinet.net/news/22704751

可怕:中共駭客已能入侵雙要素驗證系統
https://www.bldaily.com/us-news/p-443951.html

中國知名駭客繞過兩階段認證,侵入企業用戶 VPN 網路
http://bit.ly/350c2Pf

中國知名駭客繞過兩階段認證,侵入企業用戶 VPN 網路
https://technews.tw/2019/12/24/china-well-known-hacker-could-bypas-two-factor-authentication-make-it-in-enterprise-vpn-network/

中國駭客組織APT20破解雙因素認證 發動Wocao攻擊行動受害者遍佈10個國家
http://bit.ly/39ayAAg

中國駭客集團APT20已破解2FA認證
https://www.ithome.com.tw/news/135031

恐怖 中資駭客組織似能繞過兩步驟驗證
https://www.newmobilelife.com/2019/12/24/apt20-hacker-2fa/

中國官方駭客現蹤!入侵失敗還爆「粗口」被記下
https://3c.ltn.com.tw/news/39019

針對東南亞國家 越南駭客強化間諜活動
https://reurl.cc/qDb0QN

中國科技大佬紛退休 41家民企被收歸中共
http://www.ntdtv.com.tw/b5/20191219/video/260288.html

美國五角大廈 AI 首席官,就戰鬥位置
https://www.inside.com.tw/article/18458-pentagon-ai-chief-prepares-for-battle

美軍曝中國無人機資安漏洞 駭客竊取數據發動恐怖攻擊
https://www.upmedia.mg/news_info.php?SerialNo=77868

美組聯合陣線 譴責並制裁中國駭客與間諜
https://living.taronews.tw/2018/12/21/208411/

防紅色資本科技戰 台學者:境外透明法.FIRRMA法
http://bit.ly/2rsGTGJ

澳門實施資安惡法! 辦手機採實名制、警察可匿名執法
https://tw.appledaily.com/new/realtime/20191222/1680877/

澳門《網路安全法》正式生效 手機用戶須實名登記
http://bit.ly/2QfxCdz

澳門「網路安全法」加強監控? 手機、預付卡改實名制
https://reurl.cc/vnb6lo

俄國成功測試切斷和全球網路的連線
https://www.ithome.com.tw/news/135029

伊朗網友號召新一輪示威 傳當局再「斷網」
https://tw.news.appledaily.com/international/realtime/20191226/1682346/

仿中國築長城!拒駭客又兼監控 俄羅斯斷網系統測試成功
https://tag.analysis.tw/news/rti/6367/

俄羅斯成功「斷網」? RuNet 架構通過測試或加強人民監控
http://bit.ly/37cUnpb

美網戰司令部 嚴防2020大選「俄軍」網攻
http://bit.ly/353gZH3

Hacker who blackmailed Apple in 2017 gets no prison time
https://www.zdnet.com/article/hacker-who-blackmailed-apple-in-2017-gets-no-prison-time/#ftag=RSSbaffb68

Chinese hacker group caught bypassing 2FA
https://www.zdnet.com/article/chinese-hacker-group-caught-bypassing-2fa/#ftag=RSSbaffb68

China-Based Cyber Espionage Group Targeting Orgs in 10 Countries
https://www.darkreading.com/attacks-breaches/china-based-cyber-espionage-group-targeting-orgs-in-10-countries/d/d-id/1336676

Operation Wocao Shining a light on one of China’s hidden hacking groups
https://resources.fox-it.com/rs/170-CAK-271/images/201912_Report_Operation_Wocao.pdf

Hacker Who Tried to Blackmail Apple for $100,000 Sentenced in London
https://thehackernews.com/2019/12/hacker-who-tried-to-blackmail-apple-for.html

British Hacker Accused of Blackmailing healthcare Firms Extradited to U.S.
https://thehackernews.com/2019/12/dark-overlord-hacker-extradited.html

CrowdStrike Blog:中国政府がTURBINE PANDA(タービンパンダ)と中国のトップスパイを働かせてジェット旅客機C919の製造で楽をした方法
https://scan.netsecurity.ne.jp/article/2019/12/19/43426.html

Attackers hacked a Spanish TV channel and showed an interview with the separatist leader of Catalonia
https://www.ehackingnews.com/2019/12/attackers-hacked-spanish-tv-channel-and.html?utm_source=dlvr.it&utm_medium=twitter

Russia successfully disconnected from the internet
https://www.zdnet.com/article/russia-successfully-disconnected-from-the-internet/#ftag=RSSbaffb68

Jet2 hacker, a former contractor with axe to grind, jailed for 10 months
https://www.zdnet.com/article/jet2-hacker-a-former-employee-with-axe-to-grind-jailed-for-10-months/#ftag=RSSbaffb68

Hackers keep dumping Ring credentials online 'for the giggles'
https://www.zdnet.com/article/hackers-keep-dumping-ring-credentials-online-for-the-giggles/#ftag=RSSbaffb68

What should we expect from cybersecurity in 2020
https://www.itproportal.com/features/what-should-we-expect-from-cybersecurity-in-2020/

Indian Tier-2 cities increasingly targetted by cyber criminals: K7 Computing report
http://bit.ly/34PIP9S

How Organizations Can Defend Against Advanced Persistent Threats
https://thehackernews.com/2019/12/apt-cyber-attacks.html

資安解決方案架構師(PreSales/售前規劃工程師)
https://www.104.com.tw/job/6tu0n

資通所108年第四次聯合專案人力進用-6.研發類-資安
https://www.104.com.tw/job/6tvhp

中華電 要招募3,000新血
https://money.udn.com/money/story/5612/4249516

資訊通信研究所108-4-6.研發類-資安
https://m.1111.com.tw/job/91260294/

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
天兵校長當眾洩露學生個資 議員痛斥「不適任」
https://www.mirrormedia.mg/story/20191225soc008

含有1.7億筆憑證的Zynga玩家資料庫加入HIBP
https://www.ithome.com.tw/news/134952

中國跨境電商蘭亭集勢數據庫存漏洞 泄漏超 1TB 客戶數據
https://www.chainnews.com/zh-hant/articles/875508800509.htm

Facebook 再傳大規模資料外洩,總共 2.67 億筆至暗網
https://www.inside.com.tw/article/18434-267-million-facebook-users-data-leaked-dark-web

連居住地都公開!擁有1.5億用戶交友App「Plenty of Fish」外洩用戶個資
https://www.bnext.com.tw/article/56016/plenty-of-fish-app-data-leak

專家籲加強網絡安全 保護私隱列首要考量
http://bit.ly/2SuZHQu

當心!這五大常見「網路詐騙偽裝法」:LINE 免費貼圖騙個資、網購盜圖賣假貨、人氣 App 陷阱通通上榜
http://bit.ly/2Soh9WZ

警惕:新型犯罪“第四方支付平台”噱頭大有人被騙8萬
https://www.cnbeta.com/articles/tech/924943.htm

【資安提醒】STEAM使用中華電信門號認證的請小心被盜
https://home.gamer.com.tw/creationDetail.php?sn=4633381

Phishing Scams Target Canadian Bank Customers
https://www.bankinfosecurity.com/phishing-scams-target-canadian-bank-customers-a-13551

Two-Year Long Phishing Campaign Impersonates Canadian Banks
https://www.bleepingcomputer.com/news/security/two-year-long-phishing-campaign-impersonates-canadian-banks/

Canadian banks targeted in a massive phishing campaign
https://research.checkpoint.com/2019/canadian-banks-targeted-in-a-massive-phishing-campaign/

38,000 people forced to pick up email passwords in person
https://www.welivesecurity.com/2019/12/19/38000-people-retrieve-passwords-person/

Telangana: QR code scam can empty your wallet
https://timesofindia.indiatimes.com/city/hyderabad/qr-code-scam-can-empty-your-wallet/articleshow/72930101.cms

Massive leak leaves 267 million Facebook users' data exposed
https://www.androidcentral.com/massive-data-breach-leaves-267-million-facebook-users-data-exposed

E.研究報告
DDoS攻擊和IoT漏洞攻擊:Momentum殭屍網路的新動態
https://blog.trendmicro.com.tw/?p=62968

物聯網韌體安全檢測技術相關研究介紹(上)
https://secbuzzer.co/post/107

win32k.sys驅動CreateSurfacePa的本地提權漏洞分析(CVE-2019-1362)(上)
https://www.4hou.com/vulnerable/22221.html

win32k.sys驅動CreateSurfacePa的本地提權漏洞分析(CVE-2019-1362)(下)
https://www.4hou.com/vulnerable/22279.html

Penetration_Testing_POC /通過2.0存在路徑長度漏洞.md進行打包
http://bit.ly/2EEPMQm

從網站漏洞著手,來詳細的分析2020年網站安全的發展趨勢
https://www.admin5.com/article/20191223/938965.shtml

對烏雲漏洞庫payload的整理以及Burp輔助插件
https://www.77169.net/html/247932.html

飛鴿傳書 - 紅隊演練中的數位擄鴿
https://devco.re/blog/2019/12/23/how-binary-dog-survives-in-web-world/

內網穿透及端口轉發大合集
https://xz.aliyun.com/t/6966

評估一個新的安全數據源的有效性: Windows Defender 漏洞利用防護
https://www.4hou.com/system/22277.html

Openfind Mail2000電子郵件系統RCE漏洞分析
https://nosec.org/home/detail/3602.html

研究人員透過Twitter臭蟲找到1,700萬組電話號碼的主人
https://www.ithome.com.tw/news/135046

研究員利用Twitter一應用漏洞將1700萬個電話號碼跟用戶賬號配對起來
https://www.cnbeta.com/articles/tech/925211.htm

P2P殭屍網絡:Mozi分析報告
https://blog.netlab.360.com/p2p-botnet-mozi/

通過沙盒逃逸和內核R / W導致RCE的iOS越獄漏洞
https://www.anquanke.com/post/id/195619

[網絡安全自學篇] 三十四.Windows系統漏洞之5次Shift漏洞啟動計算機
https://blog.csdn.net/Eastmount/article/details/103618914

安全實驗室的發展及展望
https://www.freebuf.com/articles/es/211571.html

Cyberthreat intelligence for Banking & Financial services
https://blueliv.com/resources/white-papers/Finance_whitepaper_ENG.pdf

Getting started with Python Plugins
https://cutter.re/docs/plugins/tutorial-python

Here Be Dragons: Reverse Engineering with Ghidra - Part 1 [Data, Functions & Scripts]
https://www.shogunlab.com/blog/2019/12/22/here-be-dragons-ghidra-1.html

Opening Up the Samsung Q60 series smart TV
https://labs.f-secure.com/blog/samsung-q60r-smart-tv-opening-up-the-samsung-q60-series-smart-tv/

Out-of-band Attacks
https://omercitak.com/out-of-band-attacks-en/

PRIVILEGE ESCALATION VIA THE CORE SHELL COM REGISTRAR OBJECT
https://www.thezdi.com/blog/2019/12/19/privilege-escalation-via-the-core-shell-com-registrar-object

PWNING AN OUTDATED KIBANA WITH NOT SO SAD VULNERABILITIES
https://www.synacktiv.com/posts/pentest/pwning-an-outdated-kibana-with-not-so-sad-vulnerabilities.html

Automating Mapping to ATT&CK: The Threat Report ATT&CK Mapper (TRAM) Tool
https://medium.com/mitre-attack/automating-mapping-to-attack-tram-1bb1b44bda76

Using WebRTC ICE Servers for Port Scanning in Chrome
https://medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474

Creating your own GSM Network with LimeSDR
https://lucasteske.dev/2019/12/creating-your-own-gsm-network-with-limesdr/

Tool-X - A Kali Linux Hacking Tool Installer
https://www.kitploit.com/2019/01/tool-x-kali-linux-hacking-tool-installer.html

Full Account Takeover (Android Application)
https://medium.com/@vbharad/full-account-takeover-android-application-78fa922f78c5

Why Running a Privileged Container in Docker Is a Bad Idea
https://blog.trendmicro.com/trendlabs-security-intelligence/why-running-a-privileged-container-in-docker-is-a-bad-idea/

Mass Surveillance, is an (un)Complicated Business
https://objective-see.com/blog/blog_0x52.html

AWS Security Incident Response Guide
https://d1.awsstatic.com/whitepapers/aws_security_incident_response.pdf

Catalog of Supply Chain Compromises
https://github.com/cncf/sig-security/blob/master/supply-chain-security/compromises/README.md

ATT&CK;™ Navigator
https://mitre-attack.github.io/attack-navigator/enterprise/

Android Root Detection Bypass Using Objection and Frida Scripts
https://medium.com/@GowthamR1/android-root-detection-bypass-using-objection-and-frida-scripts-d681d30659a7

miaoski/ttx
https://github.com/miaoski/ttx

Looking into Attacks and Techniques Used Against WordPress Sites
https://blog.trendmicro.com/trendlabs-security-intelligence/looking-into-attacks-and-techniques-used-against-wordpress-sites/

Living off the land: Attackers leverage legitimate tools for malicious ends
https://www.symantec.com/blogs/threat-intelligence/living-land-legitimate-tools-malicious

iDEFENSE 2019 CYBER THREATSCAPE REPORT
https://www.accenture.com/_acnmedia/pdf-107/accenture-security-cyber.pdf

F.商業
趨勢科技2020資安預測報告 三大要點迅速掌握
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=50&id=0000574911_SOZ86EPN26J47B018BT8T

Windows 7退場倒數24天 微軟:把握最後時機更新至10
http://bit.ly/2PMR3Lv

Windows 7最終道別 25天倒數 擁抱主流Windows 10 資安風險全面防護
https://ctee.com.tw/industrynews/activity/193648.html

關貿網路股份有限公司 支持公益新書發表
http://n.yam.com/Article/20191221252187

Fortinet資安鐵三角中文簡介影片
https://ithelp.ithome.com.tw/articles/10229449?sc=rss.qu

Windows 7終止支援最後倒數
https://www.chinatimes.com/realtimenews/20191221003255-260410?chdtv

導入中信國際資安防護 台灣大車隊讓搭乘更安心
http://bit.ly/2Swplon

微軟為Windows 10用戶送上主題禮包 4K桌布任你換
https://www.chinatimes.com/realtimenews/20191224001824-260412?chdtv

強攻網路安全 戴爾擬收購Secureworks剩餘股份
https://news.cnyes.com/news/id/4426431

Akamai從源頭全程阻絕威脅入侵 「雲地聯防」捍衛應用安全
https://www.zerone.com.tw/Content/Product/2F06359FD5037E47

Extreme提供IoT隔離與流量監控,涵蓋有線與無線網路
https://www.ithome.com.tw/review/134982

運用Office 365防禦資安威脅、滿足客戶需求
https://www.businessweekly.com.tw/management/indep/1000284

G.政府
南科講座 聚焦資安防護
http://bit.ly/35MVtrv

健康存摺有資安疑慮 健保署年底前推出管理規範
https://www.chinatimes.com/realtimenews/20191224003008-260405?chdtv

健保署"健康寄金簿" 百六萬外人下載用
https://news.pts.org.tw/article/460162

經濟部領軍 打造公版智慧機械雲
https://m.ctee.com.tw/livenews/kj/a00616002019122417100957?area=

李副總長主持年終網通安全會報 勉強化資安防護能量
http://n.yam.com/Article/20191225147745

國軍年終網通安全會報 強化資安防護能量
https://www.ydn.com.tw/News/365234

國防部強化資安防護 確保機密安全
http://bit.ly/2tRs4yg

調查班結訓 總統肯定調查局反滲透工作
https://www.cna.com.tw/news/aipl/201912260059.aspx

調查局添新血!99名新科調查官結業 蔡英文勉:未來將承擔國安維護更大的責任
https://www.storm.mg/article/2109025

總統嘉勉99名新調查官 她克服溺水恐懼第1名結業
https://www.rti.org.tw/news/view/id/2046109

調查班56期結業 總統勉提升專業知能
https://www.ydn.com.tw/News/365379

總統期勉調查局結業學員提升專業知能 發揚團隊榮譽 為社會貢獻力量
http://www.secjie.com.tw/newsview_3761.html

不只對公部門查賄 調查局鎖定企業貪腐四大類型犯罪
https://udn.com/news/story/6871/4252075

數位治理與數位國防,科技研發政策如何搭配
https://buzzorange.com/techorange/2019/12/27/digital-government-and-national-defense/

H.工控系統/SCADA/ICS
銳電發佈風電場智管新品 加快Windows替代等措施確保電廠網路安全
https://news.sina.com.tw/article/20191223/33773140.html

工業控制系統安全量化評估
https://mp.weixin.qq.com/s/ymJVNWUoPksgG4CXtFzXGA

Advantech DiagAnywhere Server CVE-2019-18257
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-18257

I.教育訓練
<十分鐘系列> 淺談 EPP/EDR/MDR/XDR/SIEM
http://peggywulifelab.blogspot.com/2019/06/eppedrmdrxdrsiem.html

為什麼企業需要打造CSIRT
https://www.ithome.com.tw/news/115713

Kali Linux滲透測試工具: 花小錢做資安, 你也是防駭高手 (第3版)
http://bit.ly/352BJyO

CCNA將於2020年改版重點整理
https://showipprotocols-tw.blogspot.com/2019/06/ccna-2020-summary.html

CEH v10 考試心得與讀書資料分享
https://ithelp.ithome.com.tw/m/articles/10222141

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
歐盟網路資安局發表 IoT 資安報告,聚焦軟體開發設計安全
https://technews.tw/2019/12/23/enisa-good-practices-for-security-of-iot/

Good Practices for Security of IoT - Secure Software Development Lifecycle
https://www.enisa.europa.eu/publications/good-practices-for-security-of-iot-1

2020年,聯網汽車黑客攻擊如何解
https://tech.sina.com.cn/roll/2019-12-23/doc-iihnzhfz7778630.shtml

“360 給奔馳挖了 19 個漏洞”,車聯網給黑客留下的空子要有人來補
https://www.chainnews.com/zh-hant/articles/898532687825.htm

當智能魚缸也成為駭客攻擊目標
https://ek21.com/news/tech/167250/

AI語音助手勸人「自殺」 ,智能家居真的安全嗎
http://bit.ly/2ZnUVWo

亞馬遜攝影鏡頭被駭客入侵,智慧家居隱私問題引人憂慮
https://news.knowing.asia/news/484849b2-bbaf-4529-9607-3d665cd82bc8

亞馬遜Alexa教唆自殺 疑維基百科內容被惡意編寫
https://inews.hket.com/article/2527534

人妻愛愛隨你看!家用監視器淪偷拍工具…中國再爆隱私危機
https://www.setn.com/News.aspx?NewsID=661422

The biggest Internet of Things, smart home hacks of 2019
https://www.zdnet.com/pictures/the-biggest-internet-of-things-smart-home-hacks-over-2019/#ftag=RSSbaffb68

Russian quality system made recommendations for the safe use of IP cameras
https://www.ehackingnews.com/2019/12/russian-quality-system-made.html?utm_source=dlvr.it&utm_medium=twitter

6.近期資安活動及研討會
 Japan Security Analyst Conference
 https://jsac.jpcert.or.jp/

 資安實務專題課程-Windows 惡意程式分析實務 1/14 ~ 1/17
 https://isip.moe.edu.tw/wordpress/?p=1789

 2020核果資訊冬季班 Python 程式語言 (Level 1) 1/22~ 2/13
 https://www.accupass.com/event/1911150442131985092910

 PWN2OWN MIAMI – BRINGING ICS INTO THE PWN2OWN WORLD 2020/1/21~23
 https://www.zerodayinitiative.com/blog/2019/10/28/pwn2own-miami-bringing-ics-into-the-pwn2own-world

 制御システムセキュリティカンファレンス 2020  2020年2月14日
 https://www.jpcert.or.jp/event/ics-conference2020.html

CYBERSEC 2020 臺灣資安大會 3/17 ~ 3/19
https://cyber.ithome.com.tw/

留言

這個網誌中的熱門文章

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/



8月份資安社群及教育訓練活動分享

8月份資安社群及教育訓練活動分享

 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/

 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/

 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/

1月份資安社群及教育訓練活動分享

1月份資安社群及教育訓練活動分享

Android Code Club(Taipei) 1/1
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybccbcb/

From Reactive to Functional FunTh#80 1/2
https://www.meetup.com/Functional-Thursday/events/266805309/

Hacking Thursday 1/2
http://www.hackingthursday.org/invite

大數據爬蟲技術實作,使用Python實作網路爬蟲,快速有效獲取大量資料,打造自動化金融數據平台 1/4
https://www.techbang.com/posts/58613-course-python-crawler-technology-implementation

[Birthday Series] R-Ladies Taipei 五歲拉 1/6
https://www.meetup.com/rladies-taipei/events/266131216/

SDN x Cloud Native Meetup #24 1/6
https://www.meetup.com/CloudNative-Taiwan/events/267390135/

WizardAmigos CodeCamp [Taipei,JavaScript,­English] 1/6
https://www.meetup.com/WizardAmigos/events/bbdclrybccbjb/

新型郵件威脅與挑戰因應策略 1/7
https://engage2demand.cisco.com/LP=19240?dtid=oemels001119&ccid=cc000828&ecid=22859

發現 CNN 新大陸 (人工智慧小聚 - Hsinchu#20200108 ) 1/8
https://www.meetup.com/AIA-Hsinchu/events/266704469/

LISP talk: LISP in surrounding parentheses is supremely powerful #3  1/8
https…