跳到主要內容

資安事件新聞週報 2019/12/9 ~ 2019/12/13



資安事件新聞週報  2019/12/9  ~  2019/12/13

1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco DNA Spaces:Connector SQL注入漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-dna-sqlinjection

Cisco 指控 Zoom Connector for Cisco 會造成嚴重資安漏洞
https://www.twcert.org.tw/tw/cp-104-3118-53912-1.html

IBM QRadar SIEM跨站脚本漏洞
https://www.ibm.com/support/pages/node/1103499

VMware ESXi 和 Horizon DaaS 發布安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0022.html

DroneSense 現安全漏洞 警用無人機監視路線被公開
http://bit.ly/2RMjPxp

Google瀏覽器推出Chrome 79版!密碼遭盜用會發出警告 提醒進入網路釣魚網址
https://www.ettoday.net/news/20191211/1599471.htm

Chrome79問世,新增即時網釣保護,整合密碼外洩通知功能
https://ithome.com.tw/news/134761

Chrome now warns you if your password has been stolen
https://www.welivesecurity.com/2019/12/12/chrome-warnings-password-stolen/

谷歌緊急修復兩個嚴重的零日漏洞,Chrome用戶需盡快更新
https://www.freebuf.com/news/222816.html

OpenBSD多個嚴重認證繞過漏洞
https://www.4hou.com/vulnerable/21966.html

卡巴斯基透露有黑客同時利用Windows 10和Chrome零日漏洞發動攻擊
https://tech.sina.com.cn/roll/2019-12-12/doc-iihnzhfz5387740.shtml

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
https://thehackernews.com/2019/12/linux-vpn-hacking.html

Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD
https://thehackernews.com/2019/12/openbsd-authentication-vulnerability.html

HAProxy 'tcp-request content'緩衝區溢出漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1912

「軟帝學院」:研究人員:Java 的新漏洞被發現
https://kknews.cc/tech/8gag3pl.html

New vulnerability lets attackers sniff or hijack VPN connections
https://www.zdnet.com/article/new-vulnerability-lets-attackers-sniff-or-hijack-vpn-connections/#ftag=RSSbaffb68

騰訊Blade Team發現雲虛擬化平台逃逸漏洞
http://www.jifang360.com/news/2019127/n5731125165.html

微軟正計畫強制部分 Windows 10 用戶升級到最新 1909 版本
https://www.kocpc.com.tw/archives/296211

微軟Patch Tuesday列出36個安全漏洞
https://ithome.com.tw/news/134769

微軟發佈12月份安全性公告
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec
https://support.microsoft.com/en-us/help/20191210/security-update-deployment-information-december-10-2019

December Patch Tuesday: Vulnerabilities in Windows components, RDP, and PowerPoint Get Fixes
https://blog.trendmicro.com/trendlabs-security-intelligence/december-patch-tuesday-vulnerabilities-in-windows-components-rdp-and-powerpoint-get-fixes/

Bypass discovered to allow Windows 7 Extended Security Updates on all systems
https://www.zdnet.com/article/bypass-discovered-to-allow-windows-7-extended-security-updates-on-all-systems/#ftag=RSSbaffb68

Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
https://blog.talosintelligence.com/2019/12/microsoft-patch-tuesday-dec-2019.html

Latest Microsoft Update Patches New Windows 0-Day Under Active Attack
https://thehackernews.com/2019/12/windows-zero-day-patch.html

Microsoft Security Essentials updates not included in Windows 7 ESU
https://www.zdnet.com/article/microsoft-security-essentials-updates-not-included-in-windows-7-esu/#ftag=RSSbaffb68

一個的時代終結,微軟Windows 10 Mobile全面終止更新
http://bit.ly/35cTKvk

2019年12月マイクロソフトセキュリティ更新プログラムに関する注意喚起
https://www.jpcert.or.jp/at/2019/at190046.html

不再提供安全更新 Windows 10 Mobile將於12/10後正式步入歷史
https://udn.com/news/story/11017/4215856

CVE-2019-9512 – A MICROSOFT WINDOWS HTTP/2 PING FLOOD DENIAL OF SERVICE
https://www.thezdi.com/blog/2019/12/4/cve-2019-9512-a-microsoft-windows-http2-ping-flood-denial-of-service

Vulnerability Spotlight: Two vulnerabilities in RDP for Windows 7, XP
https://blog.talosintelligence.com/2019/12/vuln-spotlight-RDP-Dec-19.html

Windows 7壽命倒數計時,微軟對其「臨終關懷」也只剩一個月了
https://www.techbang.com/posts/74928-win7-countdown-microsofts-hospice-care-is-only-a-month-away

預警!Windows BlueKeep RDP來了
https://www.4hou.com/system/22078.html

IBM Cloud Pak System Platform System Manager 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4521

IBM WebSphere Application Server 多個漏洞
https://www.ibm.com/support/pages/node/1127397

Android內核防禦學習——CVE-2014-3153分析
https://xz.aliyun.com/t/6907

Adobe Releases Patches for 'Likely Exploitable' Critical Vulnerabilities
https://thehackernews.com/2019/12/adobe-software-update.html

Adobe patches 17 critical code execution bugs in Photoshop, Reader, Brackets
https://www.zdnet.com/article/adobe-patches-17-critical-code-execution-bugs-in-photoshop-reader-brackets/#ftag=RSSbaffb68

Vulnerability Spotlight: Information leak vulnerability in Adobe Acrobat Reader
https://blog.talosintelligence.com/2019/12/vuln-spotlight-Adobe-Acrobat-JS-leak.html

Vulnerability Spotlight: Multiple vulnerabilities in LEADTOOLS software
https://blog.talosintelligence.com/2019/12/vuln-spotlight-multiple-leadtools-dec-2019.html

部分英特爾CPU存在Plundervolt漏洞,駭客可透過操縱電壓來偷取敏感資料
https://www.ithome.com.tw/news/134758

CloudBees Jenkins跨站脚本漏洞
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17

Vulnerability Spotlight: Two vulnerabilities in EmbedThis GoAhead
https://blog.talosintelligence.com/2019/12/vulnerability-spotlight-EmbedThis-GoAhead.html

安全研究人員發現亞馬遜上銷售的兒童智能手錶存在嚴重安全漏洞
https://www.cnbeta.com/articles/tech/920535.htm

美國網絡安全機構調查 3 款中國製兒童智能手錶或成黑客追蹤對象
http://bit.ly/36xQs5Q

Samba 產品存在多個安全性弱點
https://www.samba.org/samba/security/CVE-2019-14870.html
https://www.samba.org/samba/security/CVE-2019-14861.html

adobe 已發布安全更新以解決多個產品中的弱點
https://www.us-cert.gov/ncas/current-activity/2019/12/10/adobe-releases-security-updates

Intel 近日發布更新以解決多個產品中的弱點
https://www.us-cert.gov/ncas/current-activity/2019/12/10/intel-releases-security-updates

Openfind Mail2000 存在多個安全性弱點
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15071
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15072
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15073

Apple 發布多個安全更新
https://support.apple.com/zh-tw/HT201222

Huawei Nova 5i pro和Nova 5數組下標校驗不當漏洞
https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191120-01-smartphone-cn

phpMyAdmin SQL注入漏洞
https://www.phpmyadmin.net/security/PMASA-2019-5/

McAfee Client Proxy身份驗證繞過漏洞
https://kc.mcafee.com/corporate/index?page=content&id=SB10305

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
林國良:金融數位落差驚人 這單位最嚴重
https://ec.ltn.com.tw/article/breakingnews/2972920

迎接金融科技/林國良:資料交換 架高速公路
https://koin.kcg.gov.tw/?p=2322

銀行公會 舉行金融資安聯防教育訓練研討會
https://www.chinatimes.com/realtimenews/20191211004360-260410?chdtv

千萬美金都假的!台灣最大偽鈔集團落網
http://bit.ly/2sc0jzK

值台幣3.3億!印刷廠學徒「國中畢業」變偽鈔大師 竟騙過驗鈔機
https://www.ettoday.net/news/20191207/1596328.htm

一堂百億的金融課:系統更新引風暴 南山人壽轉型啟示錄
https://www.cmmedia.com.tw/home/articles/18863

中介管理漏洞多 中國大陸地區交易所重罰5家券商
http://finance.eastmoney.com/a/201912071316176019.html

中國大陸多家金融APP被下架整改銀行紛紛發聲明回應
https://3g.163.com/money/article/EVUSKFRA002580S6.html

LINE Bank開出20職缺 力拚明年第二季開業
https://www.yes123.com.tw/admin/aboutwork/article.asp?w_id=16680

LINE資安團隊任務分工首度在臺公開
https://www.ithome.com.tw/news/134689

Open Bank箭在弦上 美商鄧白氏助台解決資安風險
https://money.udn.com/money/story/5636/4217871

純網銀上路 資安業者:為駭客帶來新機會
https://www.cna.com.tw/news/ait/201912110116.aspx

財團法人金融聯合徵信中心「109年度防火牆設備與資安管理設備維護案」
https://www.jcic.org.tw/main_ch/docDetail.aspx?uid=71&pid=71&docid=1133

對抗針對金融機構的駭侵攻擊,衣索比亞暫時斷網
https://www.twcert.org.tw/tw/cp-104-3123-b6ea4-1.html

網路犯罪集團覬覦的銀行與金融業
https://blog.trendmicro.com.tw/?p=62446

There’s an app for that: web skimmers found on PaaS Heroku
https://blog.malwarebytes.com/web-threats/2019/12/theres-an-app-for-that-web-skimmers-found-on-paas-heroku/

European Money Mule Action (EMMA 5) leads to 228 Arrests Posted on 05/12/2019
https://www.association-secure-transactions.eu/european-money-mule-action-emma-5-leads-to-228-arrests/

Cloud Security and Artificial Intelligence in the Financial Sector
https://securingtomorrow.mcafee.com/blogs/other-blogs/executive-perspectives/cloud-security-and-artificial-intelligence-in-the-financial-sector/

Hackers steal credit card details from Sweaty Betty customers
https://hotforsecurity.bitdefender.com/blog/hackers-steal-credit-card-details-from-sweaty-betty-customers-21888.html

Hundreds of counterfeit online shoe stores injected with credit card skimmer
https://blog.malwarebytes.com/threat-analysis/2019/12/hundreds-of-counterfeit-online-shoe-stores-injected-with-credit-card-skimmer/

Huge set of Turkish banks’ cards on sale on dark net marketplace
https://www.group-ib.com/media/turkish-banks-cards/

3.電子支付/電子票證/行動支付/ pay/新聞及資安
支付寶安全實驗室發佈最新安全技術 獲全球頂級黑帽大會認可
https://news.sina.com.tw/article/20191212/33643486.html

人臉辨識遭印刷面具破解 中國海關.支付系統存漏洞
http://bit.ly/2LQEFrE

4.虛擬貨幣/區塊鍊相關新聞及資安
區塊鏈漏洞:如何降低安全風險
https://0xzx.com/201912061710400590.html

只投加密貨幣的基金將消亡?投資者仍未放棄對區塊鏈的探索
https://news.knowing.asia/news/72b89b00-613b-4f86-b718-9307d5cbf209

開放原始碼就代表硬體錢包已升級?讓我們從風險開始談起
https://news.knowing.asia/news/6119c503-523b-447d-8932-6880892806fb

MakerDAO系統存在安全漏洞?Maker方面如此回應
https://news.knowing.asia/news/e40262fa-610f-4b55-8152-6f050e223804

Mac 惡意軟體隱藏在電腦,偽裝成加密貨幣交易程式 UnionCryptoTrade 疑似來自北韓駭客
https://www.blocktempo.com/new-mac-malware-hides-in-memory-and-masquerades-as-a-crypto-app/

台電內鬼爽收491萬回扣 助挖礦業者竊電!三點看懂到底什麼是「挖礦」
https://news.knowing.asia/news/eb443f14-d97e-42a0-90da-7f87e80b3ee8

數字貨幣投資詐欺 Shopin執行長被定罪
https://www.ntdtv.com/b5/2019/12/13/a102728421.html

國際駭客團體「匿名者」7,500 萬美元比特幣基金最新進度:「所有項目都已經投資完畢。」
https://www.blocktempo.com/mysterious-bitcoin-fund-completes-75m-donation-to-preserve-privacy/

FinTech金融科技創新 「區塊鏈/加密貨幣」投資正夯
http://n.yam.com/Article/20191212134412

基因嗨寶:區塊鏈+寵物養成,這款遊戲帶你入門區塊鏈|創業
http://bit.ly/2PgGdNx

Shopin founder charged by SEC for running $42 million scam cryptocurrency ICO
https://www.zdnet.com/article/shopin-founder-charged-by-sec-for-running-scam-cryptocurrency-ico/#ftag=RSSbaffb68

DoJ arrests Ponzi operators planning to retire ‘RAF’ through cryptocurrency scam
https://www.zdnet.com/article/doj-arrests-ponzi-operators-planning-to-retire-raf-through-cryptocurrency-scam/#ftag=RSSbaffb68

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
美國資料中心供應商CyrusOne也成勒索軟體受害者
https://www.ithome.com.tw/news/134717

利用IQY(Excel Web Query)文件分發,Buran勒索病毒又出新變種
https://www.freebuf.com/articles/system/220725.html

北韓駭客發展出Mac版無檔案攻擊程式手法
https://www.ithome.com.tw/news/134748

Sfone蠕蟲分析之看片需謹慎
https://www.freebuf.com/articles/system/221420.html

Emsisoft:付費的Ryuk解密工具可能造成資料遺失
https://www.ithome.com.tw/news/134749

警惕會“說話”的新型迷宮勒索病毒
https://www.freebuf.com/articles/terminal/221517.html

MacOs 危險!新木馬病毒可隱藏在內存並偽裝成加密應用程式
http://bit.ly/38pfMwV

警惕SODINOKIBI勒索病毒再變種,勒索巨額贖金
https://www.freebuf.com/articles/terminal/221845.html

2019年全球十大流行勒索病毒
https://www.freebuf.com/articles/system/222029.html

企業感染惡意軟件的處理建議
https://www.freebuf.com/articles/security-management/220758.html

CrySiS勒索病毒最新變種來襲,加密後綴為kharma
https://www.freebuf.com/articles/system/221128.html

勒索軟體將電腦以安全模式重開機以躲過防毒偵測
https://www.ithome.com.tw/news/134771

Windows與Linux雙平台無文件攻擊:PowerGhost挖礦病毒最新變種感染多省份
https://www.freebuf.com/articles/system/219715.html

PyXie RAT 木馬惡意程式被用來竊取密碼並散布勒索病毒
https://www.zdnet.com/article/this-trojan-malware-is-being-used-to-steal-passwords-and-spread-ransomware/

CallerSpy 行動間諜軟體,偽裝聊天APP竊個資,可能發動針對性攻擊
https://blog.trendmicro.com.tw/?p=62851

Ginp銀行木馬使用螢幕覆蓋攻擊,竊取帳密和信用卡資料
https://blog.trendmicro.com.tw/?p=62820

New Zeppelin Ransomware Targeting Tech and Health Companies
https://thehackernews.com/2019/12/zeppelin-ransomware-attacks.html

Caution! Ryuk Ransomware decryptor damages larger files, even if you pay
https://blog.emsisoft.com/en/35023/bug-in-latest-ryuk-decryptor-may-cause-data-loss/

Snatch ransomware reboots PCs into Safe Mode to bypass protection
https://news.sophos.com/en-us/2019/12/09/snatch-ransomware-reboots-pcs-into-safe-mode-to-bypass-protection/

FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware
https://thehackernews.com/2019/12/dridex-russian-hackers-wanted-by-fbi.html

ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector
https://thehackernews.com/2019/12/zerocleare-data-wiper-malware.html

Cyber News Rundown: ZeroCleare Malware
https://www.webroot.com/blog/2019/12/06/cyber-news-rundown-zerocleare-malware/

Ryuk ransomware contains a bug causing data loss for some victims
https://www.zdnet.com/article/ryuk-ransomware-contains-a-bug-causing-data-loss-for-some-victims/#ftag=RSSbaffb68

East Greenwich town computers fall victim to ‘ransomware’ attack
https://www.wpri.com/news/local-news/west-bay/east-greenwich-town-computers-fall-victim-to-cyber-attack/

マルウエア Emotet の感染に関する注意喚起
https://www.jpcert.or.jp/at/2019/at190044.html

マルウエアEmotetへの対応FAQ
https://blogs.jpcert.or.jp/ja/2019/12/emotetfaq.html

Reveton ransomware schemer stripped of six years of freedom, £270,000, and a Rolex
https://www.zdnet.com/article/reveton-ransomware-operator-stripped-of-six-years-of-freedom-270000-and-a-rolex/#ftag=RSSbaffb68

Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus
https://thehackernews.com/2019/12/snatch-ransomware-safe-mode.html

Snatch ransomware reboots PCs in Windows Safe Mode to bypass antivirus apps
https://www.zdnet.com/article/snatch-ransomware-reboots-pcs-in-windows-safe-mode-to-bypass-antivirus-apps/#ftag=RSSbaffb68

Snatch ransomware reboots PCs into Safe Mode to bypass protection
https://news.sophos.com/en-us/2019/12/09/snatch-ransomware-reboots-pcs-into-safe-mode-to-bypass-protection/

MalwinX: A framework for learning Malware and win32 functions
http://securityviacode.in/view_article/+MalwinX:+A+framework+for+learning+Malware+and+win32+functions

TrickBot Campaign Uses Fake Payroll Emails to Conduct Phishing Attacks
https://unit42.paloaltonetworks.com/trickbot-campaign-uses-fake-payroll-emails-to-conduct-phishing-attacks/

New ransomware attacks target your NAS devices, backup storage
https://www.zdnet.com/article/new-ransomware-attack-targets-your-nas-devices-backup-storage/#ftag=RSSbaffb68

Reveton ransomware schemer stripped of six years of freedom, £270,000, and a Rolex
https://www.zdnet.com/article/reveton-ransomware-operator-stripped-of-six-years-of-freedom-270000-and-a-rolex/#ftag=RSSbaffb68

Sodinokibi ransomware gang infects yet another IT provider serving dentists; 100+ offices hit
https://hotforsecurity.bitdefender.com/blog/sodinokibi-ransomware-gang-infects-yet-another-it-provider-serving-dentists-100-offices-hit-21881.html

‘Professional’ ransomware gang targets 1,800 large organizations worldwide, Dutch investigators find
https://hotforsecurity.bitdefender.com/blog/professional-ransomware-gang-targets-1800-large-organizations-worldwide-dutch-investigators-find-21837.html

Attackers now use process hollowing to hide cryptocurrency miners on your PC
https://www.zdnet.com/article/monero-miners-can-lurk-undetected-through-new-process-hollowing-technique/#ftag=RSSbaffb68

(Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing
https://blog.trendmicro.com/trendlabs-security-intelligence/almost-hollow-and-innocent-monero-miner-remains-undetected-via-process-hollowing/

B.行動安全 / iPhone / Android /穿戴裝置 /App
抖音頻被質疑!下週赴華府見國會議員
http://bit.ly/2LBVfv6

Android爆安全漏洞 黑客冒合法程式竊資料
http://bit.ly/38nok7h

挪威安全公司在Android上發現了一個漏洞,允許黑客訪問用戶的錢包
https://0xzx.com/201912070436401520.html

iPhone 11 Pro 偷偷蒐集定位資訊?Apple :未來禁用該超寬頻功能
https://cnews.com.tw/137191209a04/

蘋果用千禧年著作權法要推特刪 iPhone加密文 引起眾怒
https://www.ettoday.net/news/20191212/1600492.htm

修復超過10項漏洞!蘋果推出iOS 13.3版本更新
https://newtalk.tw/news/view/2019-12-11/339003

AirDrop遭爆「超煩人」漏洞 攻擊者可不停發送垃圾訊息讓對方設備無法使用
https://www.ettoday.net/news/20191211/1599651.htm

專家展示利用 AirDrop 對周遭 iPhone、iPad 進行 DoS 攻擊的方法
https://www.twcert.org.tw/tw/cp-104-3127-d22f4-1.html

15 個防止智能手機被駭的方法
https://www.techritual.com/2019/12/11/193784/

臉書公開拒絕開啟傳訊程式後門供政府使用
https://ithome.com.tw/news/134770

從SIM卡劫持到不良決策:非公共網路內的5G威脅及安全建議
https://blog.trendmicro.com.tw/?p=62709

The Role of Evil Downloaders in the Android Mobile Malware Kill Chain
https://securityintelligence.com/posts/the-role-of-evil-downloaders-in-the-android-mobile-malware-kill-chain/

Dangerous Android Vulnerability that Lets Attackers Steal Sensitive Data Found in Wild
https://hotforsecurity.bitdefender.com/blog/dangerous-android-vulnerability-that-lets-attackers-steal-sensitive-data-found-in-wild-21856.html

Lawsuit alleges TikTok sends user videos to Chinese servers for surveillance
https://hotforsecurity.bitdefender.com/blog/lawsuit-alleges-tiktok-sends-user-videos-to-chinese-servers-for-surveillance-21847.html

C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
商務人士自我保護、避免資安攻擊的10個方法:下篇
https://tuna.to/information-security-2-9f08402c9d72

10 個自我保護、避免駭侵攻擊的方法(下篇)
http://bit.ly/35gK430

駭客入侵你Linux服務器的一萬種玩法
https://ek21.com/news/tech/164346/

駭客天涯若比鄰 標章產品保安心
https://www.chinatimes.com/newspapers/20191210000486-260210?chdtv

誕生於麻省理工:黑客曾是編程高手的代名詞
https://kknews.cc/tech/najapo2.html

你的電腦安全嗎?專家分析:明年三大資安風險強勢來襲
https://newtalk.tw/news/view/2019-12-11/339002

量子電腦破解公鑰加密倒數 15 年!台灣企業如何 100% 備戰資安危機
https://buzzorange.com/techorange/2019/12/11/quantum-computing-tech-forum/

滲透測試服務前期對客戶網站APP的信息收集分享
https://www.admin5.com/article/20191209/936982.shtml

悠遊卡娃娃機台有漏洞 他用這招免費夾娃娃1萬次
https://tw.news.appledaily.com/local/realtime/20191210/1675244/

趨勢科技公佈2020年資安年度預測報告 三大威脅挑戰重重
https://www.chinatimes.com/realtimenews/20191211002366-260412?chdtv

駭客串連Windows與Chrome漏洞以執行WizardOpium攻擊
https://www.ithome.com.tw/news/134767

更多影音服務將報到?駭客從程式碼挖出大批特斯拉未上線的娛樂頻道
http://bit.ly/36qeHmE

北韓駭侵印度核能電廠,目的為竊取放射性釷核能科技
http://bit.ly/2Podmpm

美軍基地槍擊案後 佛州彭薩科拉市網路遭駭
https://www.cna.com.tw/news/aopl/201912100027.aspx

警方查抄裝載駭客工具的監視車
https://ek21.com/news/tech/164591/

朴敘俊Youtube賬號被駭客入侵 過往影片全數慘遭刪除
https://www.koreastardaily.com/tc/news/122531

傑尼斯官網驚爆被駭客入侵! 「LOGO被換掉+發出怪聲」連APP都遭殃
https://star.ettoday.net/news/1600850

智慧門鈴保全系統Ring在四州傳出遭駭客入侵
http://bit.ly/36BngLD

女兒房監視器傳「陌生男唱歌罵髒話」...媽嚇歪!大廠Ring爆安全問題
https://www.ettoday.net/news/20191213/1600987.htm

《Special Force 2》伺服器受駭客攻擊導致玩家資料全數消失 現正研擬相關補償方案
https://gnn.gamer.com.tw/detail.php?sn=189673

黑客入侵 喇沙小等3校泄師生資料 出事校管系統教局提供 姓名地址出世紙號碼或被盜
http://bit.ly/351TFdG

駭客釋出工具以免費使用Windows 7的延伸安全更新、這個工具顯然是違法!另一個選擇就是免費升級到Windows 10
https://www.insoler.com/forum/topic/15759876824511.htm

法國電商平台曝稅務大漏洞 華商需註意按規納稅
http://www.hkcna.hk/content/2019/1210/798298.shtml

部分英特爾CPU存在Plundervolt漏洞,駭客可透過操縱電壓來偷取敏感資料
https://www.ptt.cc/bbs/PC_Shopping/M.1576065234.A.1C8.html

英國核發電廠遭受網絡攻擊,疑似法國電力公司受影響
https://www.freebuf.com/articles/system/221713.html

日海上保安廳憂資安 禁中製無人機
https://ec.ltn.com.tw/article/paper/1337972

中國2前員工竊無人車機密 蘋果憂恐潛逃
https://tw.news.appledaily.com/international/realtime/20191210/1675266/

中共「網路大炮」 欲癱瘓香港抗爭者輿論陣地|中國一分鐘
http://bit.ly/36hS8AA

近日發現「網路巨砲」,針對香港線上論壇發動 DDoS 攻擊
https://www.twcert.org.tw/tw/cp-104-3143-07e7e-1.html

洩露「中國電文」揭新疆慘況卻飽受威脅 荷籍維吾爾女子曝光身分:我必須冒險
https://www.storm.mg/article/2045925

俄羅斯Evil Corp犯罪組織被指控竊取超過1億美元
https://www.freebuf.com/news/222194.html

俄駭客網路竊取數千萬美元 在美被起訴
http://mobile.chinesedaily.com/plus/view.php?aid=401122

中美漸行漸遠!陸公家機構將耗時3年剷除外國PC、軟體
https://www.moneydj.com/KMDJ/News/NewsViewer.aspx?a=7dd4a27b-9064-4b76-ae2c-90eb690d8a43

中國下令公家機關3年內換掉外國軟硬體 微軟、惠普、戴爾中槍
https://www.cmmedia.com.tw/home/articles/18920

美《國防授權法》協商版 加強與臺資安、軍事合作
https://www.ydn.com.tw/News/363426

美起訴俄羅斯情治官員與駭客 卻難以遏制莫斯科食髓知味
https://newtalk.tw/news/view/2019-12-13/339964

美國會推法案預防政府退出北約 特朗普曾批北約
https://news.sina.com.tw/article/20191213/33650652.html

OTT恐替中共宣傳 立委:政府應解決
http://bit.ly/34ixL4Z

長期休暇に備えて 2019/12
https://www.jpcert.or.jp/newsflash/2019120501.html

McAfee Labs 2020 Threats Predictions Report
https://securingtomorrow.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-labs-2020-threats-predictions-report/

Download: The 2020 Cybersecurity Salary Survey Results
https://thehackernews.com/2019/12/cybersecurity-jobs-salary.html

Hackers Can Mess With Voltages to Steal Intel Chips' Secrets
https://www.wired.com/story/plundervolt-intel-chips-sgx-hack/

New PlunderVolt Attack Targets Intel SGX Enclaves by Tweaking CPU Voltage
https://thehackernews.com/2019/12/intel-sgx-voltage-attack.html

Hackers breach top plastic surgery clinic
https://www.bbc.com/news/technology-41735104

Dark Web: A cheat sheet for business professionals
https://www.techrepublic.com/article/dark-web-the-smart-persons-guide/?ftag=CMG-01-10aaa1b

Russian Police Raided NGINX Moscow Office, Detained Co-Founders
https://thehackernews.com/2019/12/nginx-copyright-rumbler.html

Russian police raid NGINX Moscow office
https://www.zdnet.com/article/russian-police-raid-nginx-moscow-office/#ftag=RSSbaffb68

Cybersecurity: This password-stealing hacking campaign is targeting governments around the world
https://www.zdnet.com/article/cybersecurity-this-password-stealing-hacking-campaign-is-targeting-governments-around-the-world/

Two of China's largest tech firms are uniting to create a new 'domestic OS'
https://www.zdnet.com/article/two-of-chinas-largest-tech-firms-are-uniting-to-create-a-new-domestic-os/#ftag=RSSbaffb68

櫃買中心招新進人員 即日起受理報名
https://www.1111.com.tw/zone/school_fresh/article_In.asp?artCat=3&id=130796&agent=out_Epaper25_school_fresh2019121114post08

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
詐團先扮假警  再變身銀行員  謊稱退詐款實則詐空帳戶
https://times.hinet.net/news/22686663

iPhone 11未經同意收集用戶位置數據?蘋果掃隱私疑雲稱:新功能惹禍
https://www.bnext.com.tw/article/55815/iphone-11-is-requesting-location-data-without-permission

大陸網上公開販賣人臉數據 信息疑遭洩露
https://hk.epochtimes.com/news/2019-12-06/55052253

當中共掌握你的長相——黑色產業鏈賤賣臉孔數據
https://opinion.udn.com/opinion/story/120611/4215597

被駭還是遭洩 英調查與美貿易機密文件外流疑雲
https://www.cna.com.tw/news/aopl/201912090069.aspx

美國入出境人臉辨識面臨諸多挑戰且招致隱私侵犯與資安風險疑慮
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&id=0000574035_M22144172X6G83680SZ7N

網詐案飆升 年末網購季警3招籲防詐
https://udn.com/news/story/7315/4217353

75萬筆的美國出生證明申請書在AWS上曝光
https://www.ithome.com.tw/news/134734

駭客快速AI化 怎麼提升資安意識技術應用 防堵竊取個資
https://www.zi.media/@zitalkpw/post/LKcGa2

這些謠言你聽過了嗎?LINE TODAY 公布 2019 前十大謠言
https://saydigi-tech.com/2019/12/16189.html

網路謠言滿天飛 「毒熱狗」話題驚悚LINE破65萬人瀏覽
https://www.chinatimes.com/realtimenews/20191213002052-260412?chdtv

《BEC 變臉詐騙 》多了個「s」, 騙走一百萬美元
https://blog.trendmicro.com.tw/?p=62891

數十萬張美國手機用戶帳單曝露在網路上,全無保護
https://www.twcert.org.tw/tw/cp-104-3121-0567a-1.html

El MINJUSDH inicia proceso administrativo sancionador al BCP
https://www.gob.pe/institucion/minjus/noticias/70447-el-minjusdh-inicia-proceso-administrativo-sancionador-al-bcp

Facebook Sued Hong Kong Firm for Hacking Users and Ad Fraud Scheme
https://thehackernews.com/2019/12/facebook-account-hacking.html

A Saudi Telecom Exposed a Streaming List of GPS Locations
https://www.vice.com/en_us/article/3kxxe9/saudi-telecom-stcs-exposed-gps-locations

Cyberattack cripples city of Pensacola, officials not sure if personal data was exposed
https://www.pnj.com/story/news/2019/12/09/city-pensacola-currently-experiencing-cyber-attack-mayor-says/2629993001/

Fake news probe in Brazil exposes "Office of Hate" within government
https://www.zdnet.com/article/fake-news-probe-in-brazil-exposes-office-of-hate-within-government/#ftag=RSSbaffb68

Microsoft to help Office 365 customers track entire phishing campaigns, not just lone emails
https://www.zdnet.com/article/microsoft-to-help-office-365-customers-track-entire-phishing-campaigns-not-just-lone-emails/#ftag=RSSbaffb68

2.7 billion email addresses exposed online, more than 1 billion of them include passwords
https://www.comparitech.com/blog/information-security/2-7-billion-email-addresses-exposed-online/

BEC Scam Successfully Steals US$1 Million Using Look-alike Domains
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/bec-scam-successfully-steals-us-1-million-using-look-alike-domains

These are the worst hacks, cyberattacks, and data breaches of 2019
https://www.zdnet.com/article/these-are-the-worst-hacks-cyberattacks-and-data-breaches-of-2019/#ftag=RSSbaffb68

Unsecured AWS bucket exposes personal data of 750,000 U.S. residents
https://hotforsecurity.bitdefender.com/blog/unsecured-aws-bucket-exposes-personal-data-of-750000-u-s-residents-21895.html

Data leak exposes 750,000 birth certificate applications
https://www.welivesecurity.com/2019/12/10/data-leak-exposes-750000-birth-certificate-applications/

The quiet evolution of phishing
https://www.microsoft.com/security/blog/2019/12/11/the-quiet-evolution-of-phishing/

E.研究報告
網絡安全中的好,壞和醜陋
https://www.aurigasec.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-49

Platinum黑客組織攻擊分析
https://www.freebuf.com/articles/network/219741.html

CVE-2019-18276 :Bash 5.0 Patch 11 - SUID Priv Drop Exploit
https://paper.seebug.org/1093/

零信任+:邊界信任模型,零信任模型與零信任+淺談
https://www.freebuf.com/articles/es/220633.html

PHP安全之道3:常見漏洞和攻防
https://www.cnblogs.com/freephp/p/12001901.html

Windows 7即將停止支持:這款破解工具能繞過ESU審查三年免費升級
https://www.cnbeta.com/articles/tech/919161.htm

#黑客基礎學習| 利用模糊測試來挖掘邏輯漏洞
https://www.bilibili.com/read/cv4111138/

衛達信息:“動態防禦技術”—數字化網絡防護新突破
http://news.tom.com/201912/4684168997.html

如何寫出沒有安全漏洞的代碼?前微博安全研發負責人爲你揭祕
https://www.chainnews.com/zh-hant/articles/541068253715.htm

Windows COM 特權提升漏洞利用
https://www.77169.net/video/247035.html

代碼分析引擎CodeQL 初體驗
https://www.freebuf.com/articles/network/220497.html

Don’t break the Web:以 SmooshGate 以及 keygen 為例
https://blog.techbridge.cc/2019/11/30/smooshgate-and-keygen/

淺談滲透測試之前期信息蒐集
https://www.freebuf.com/articles/web/221242.html

老趙說安全系列:淺談數據安全和隱私保護
https://www.freebuf.com/articles/database/221056.html

Cacti:一套完整的網絡圖形化解決方案
https://www.freebuf.com/articles/network/221608.html

uTorrent被多個殺軟攔截,疑似捆綁推廣行為導致
https://www.freebuf.com/news/222454.html

2019第三季度網絡威脅分析
https://www.freebuf.com/articles/network/221640.html

如何使用ADSI接口和反射型DLL枚舉活動目錄
https://www.freebuf.com/articles/system/218855.html

冰蠍動態二進制加密WebShell基於流量側檢測方案
https://www.freebuf.com/articles/web/221241.html

深入分析一個Pwn2Own的優質Webkit漏洞
https://www.freebuf.com/vuls/221577.html

關於2020年的安全預測
https://www.freebuf.com/articles/network/220732.html

從Avast殺毒軟件發現價值5000美金的反射型XSS
https://www.freebuf.com/vuls/219686.html

安全小遊戲:尋找漏洞
https://www.freebuf.com/articles/web/221415.html

HAL:一款功能強大的硬件安全分析工具
https://www.freebuf.com/articles/terminal/221644.html

如何繞過PowerShell訪問限制並實現PowerShell代碼執行
https://www.freebuf.com/articles/system/218883.html

將MITRE ATT&CK模型應用於網絡設備
https://www.freebuf.com/articles/es/220628.html

揭秘美國網絡安全體系架構
https://www.freebuf.com/articles/network/221852.html

針對Steam平台的攻擊分析
https://www.freebuf.com/articles/network/218771.html

不傳之密:殺毒軟件開發,原理、設計、編程實戰
https://www.freebuf.com/articles/system/220061.html

Hack the box靶機實戰:Haystack
https://www.freebuf.com/articles/web/219163.html

一步一步學習某Json1.2.47遠程命令執行漏洞
https://xz.aliyun.com/t/6914

資安名詞:PUAs 非必要應用程式
https://blog.trendmicro.com.tw/?p=62874

インターネットガバナンスフォーラム参加記
https://blogs.jpcert.or.jp/ja/2019/12/post-4.html

VB2019 paper: A study of Machete cyber espionage operations in Latin America
https://www.virusbulletin.com/blog/2019/12/vb2019-paper-study-machete-cyber-espionage-operations-latin-america/

IT threat evolution Q3 2019
https://securelist.com/it-threat-evolution-q3-2019/95268/

25 Most Dangerous Software Errors List Shows SQL Injections Dropping in Frequency
https://hotforsecurity.bitdefender.com/blog/25-most-dangerous-software-errors-list-shows-sql-injections-dropping-in-frequency-21901.html

AVCLASS++: Yet Another Massive Malware Labeling Tool
https://github.com/malrev/avclassplusplus

Penta - Open Source All-In-One CLI Tool To Automate Pentesting
https://hakin9.org/penta-open-source-all-in-one-cli-tool-to-automate-pentesting/

Splunk Attack Range
https://github.com/splunk/attack_range

Discord Dll Hijacking, An Old Attack On A Popular Chat Application
https://medium.com/@AndrewRollins/discord-dll-hijack-cb77a6a288cf

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/

F.商業
趨勢科技2020資安預測報告,3大關鍵要點迅速掌握
https://www.techbang.com/posts/74946-trend-micro-announces-2020-capital-forecast-report-three-key-points-quickly-mastered

騰訊發布“TSRC安全情報平台”, 打造安全情報共享生態
http://news.tom.com/201912/1449175803.html

勤業眾信聯合會計師事務所 排除資安、信心風險 AI助攻純網銀系統優勢
http://bit.ly/2LCpBh9

安碁資訊跨足泰國 啟用資安監控防護中心
http://pchome.megatime.com.tw/news/cat1/20191209/15758908997437718003.html

安碁資訊跨足泰國資安市場
http://bit.ly/2sVQBSa

安碁資訊(6690)結盟泰國SI業者DCS,跨足東南亞SOC資安服務
https://fnc.ebc.net.tw/FncNews/stock/108898

保護中小企業資安 關貿防駭推月租型服務
https://money.udn.com/money/story/5635/4219075

網路安全風險增 TAICS積極推展物聯網標章產品
http://bit.ly/348apid

喚起產業意識 打造資安防護網
http://bit.ly/2RDv7nC

微軟:5大招提高網絡安全 防黑客盜取個人資料
http://bit.ly/2PrWJcA

防駭!關貿等三大領域龍頭攜手 推資安閘門防護服務
https://tw.nextmgz.com/realtimenews/news/485682

資安業大整併? 傳McAfee擬和NortonLifeLock合併
https://ec.ltn.com.tw/article/breakingnews/3004699

擺脫隱私爭議負面形象?FB積極發展產品「資安」保護系統
http://bit.ly/2qHaYSz

NEC資安防禦解決方案 FinTech Taipei 大放異彩
https://news.wearn.com/c400191.html

Google 宣布採用 feature drop 策略,讓你的 Pixel 性能持續升級
https://buzzorange.com/techorange/2019/12/11/google-feature-drop/

Google釋出Packet Mirroring服務可轉發雲端流量供用戶進行額外分析
https://www.ithome.com.tw/news/134762

Google為Messages加入驗證與垃圾訊息偵測功能
https://ithome.com.tw/news/134811

McAfee傳想與NortonLifeLock合併 若談成將是資安業近期最大案
https://www.ettoday.net/news/20191211/1599824.htm

So-net x Nexusguard 攜手合作,打造全新資安防禦服務
https://www.inside.com.tw/article/18355-so-net

VMware首度在臺介紹新一代K8s產品線Tanzu,臺灣市場先聚焦金融業
https://www.ithome.com.tw/news/134801

It’s Time to Rethink Vulnerability Management. Welcome to the Age of Attack Surface Management
https://www.riskiq.com/blog/external-threat-management/rethink-vulnerability-management/

HackerOne pays $20,000 bounty after breach of own systems
https://nakedsecurity.sophos.com/2019/12/09/hackerone-pays-20000-bounty-after-accidental-breach-of-own-systems/

NordVPN launches promised bug bounty program
https://www.zdnet.com/article/nordvpn-launches-promised-bug-bounty-program/#ftag=RSSbaffb68

Cybersecurity Trends 2020: Technology is getting smarter – are we
https://www.welivesecurity.com/2019/12/10/cybersecurity-trends-2020-technology-is-getting-smarter-are-we/

Get yourself a USB condom
https://www.zdnet.com/article/get-yourself-a-usb-condom/#ftag=RSSbaffb68

Don’t Forget to Pack a USB Condom When Traveling
https://hotforsecurity.bitdefender.com/blog/dont-forget-to-pack-a-usb-condom-when-traveling-21898.html

Fortinet acquires security automation provider CyberSponse
https://www.zdnet.com/article/fortinet-acquires-security-automation-provider-cybersponse/#ftag=RSSbaffb68

G.政府
唐鳳:假訊息應60分內澄清
https://udn.com/news/story/11322/4214161

如何對付網軍假訊息 政委唐鳳提出2方法
https://tw.news.appledaily.com/politics/realtime/20191211/1675803/

台美跨國網路攻防實兵演練 唐鳳:未來每年至少一次
https://times.hinet.net/news/22691755

唐鳳:台美資安演練常態化辦理
https://www.chinatimes.com/realtimenews/20191211002999-260407?chdtv

網軍帶風向 唐鳳:政府有必要在60分鐘內給予澄清
https://udn.com/news/story/6656/4213426

力保台灣數位競爭力!蔡英文宣布設「數位發展部」:突破性整合 5 大領域專門機關
https://buzzorange.com/2019/12/06/tsai-ing-wen-taiwan-satellites-space-industries/

建立「數位發展部門」是台灣關鍵政策,蔡英文在未來科技展打通台灣未來
https://buzzorange.com/techorange/2019/12/06/government-tech-department/

批蔡英文數位政策「又抄襲」 張善政酸:乾脆換我們執政不是更好
https://www.ettoday.net/news/20191206/1596219.htm

5G釋照競標今開跑 NCC關注未來資安風險
https://www.rti.org.tw/news/view/id/2044376

5G釋照起跑!陳耀祥:得標者要有獨立資安維護計畫
https://www.ettoday.net/news/20191210/1598509.htm

5G競標第一日今結束 暫時總得標金額267.74億元
https://www.wealth.com.tw/home/articles/23368

數位身分證系統建置招標文件出爐! 明年6月完成相關系統建置
https://ithome.com.tw/news/134747

台美數位論壇10聲明 5G資安合作將更緊密
https://www.cna.com.tw/news/afe/201912110201.aspx

NCC協同TTC辦理「5G垂直應用實證與資安策略國際趨勢論壇」剖析5G應用前景與規範以及資安之策略與布局
https://market.ltn.com.tw/article/7437

資安就是國安 美拉攏台灣防堵華為產品
https://udn.com/news/story/7238/4220664

美2020「國防授權法」增美台資安合作
http://www.epochtimes.com/b5/19/12/12/n11717845.htm

台美數位論壇10聲明 5G資安合作將更緊密
https://wp.taronews.tw/2019/12/11/555773/

成立數位部會 政院明年啟動組織調整盤點工作
https://www.rti.org.tw/news/view/id/2044663

唐鳳:成立數位發展部、數位發展委員會 研議中
https://www.chinatimes.com/realtimenews/20191211004726-260410?chdtv

政院成立專責數位部會 陳其邁:明年啟動研擬、組織調整
https://money.udn.com/money/story/5612/4222479

第15任總統副總統競選活動起跑暨電腦計票及資安記者會
https://clarify.cec.gov.tw/central/cms/108news/31982

中選會選務資安防護 防範網路大規模攻擊
http://bit.ly/2YGDBvJ

立院三讀!從事間諜行為洩漏特定資訊 可判無期並終身追訴
https://news.ltn.com.tw/news/politics/breakingnews/3007814

108第2次政府資通安全防護巡迴研討會ー議題一:資安威脅趨勢與案例
http://bit.ly/2PJPKfh

108第2次政府資通安全防護巡迴研討會ー議題二之一:深化各機關落實資訊安全管理系統(CNS 27001)規劃
http://bit.ly/34gIWeb

108第2次政府資通安全防護巡迴研討會ー議題二之二:因應微軟Windows 7作業系統終止支援服務之防護措施建議
http://bit.ly/2Ea1Dps

108第2次政府資通安全防護巡迴研討會ー議題三:108年網路攻防演練暨資安檢測重要發現事項
http://bit.ly/38E64XJ

H.ICS/SCADA 工控系統
工控安全入門之攻與防
https://www.freebuf.com/articles/ics-articles/220302.html

Siemens SPPA-T3000堆緩衝區溢出漏洞
https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf

駭客透過漏洞能控制ABB變電站的保護設備
https://www.securityweek.com/vulnerability-allows-hackers-take-control-abb-substation-protection-devices

JVNVU#94348866 オムロン製 PLC CS, CJ および NJ シリーズにおける総当たり攻撃に対する脆弱性
https://jvn.jp/vu/JVNVU94348866/

JVNVU#91952379 オムロン製 PLC CJ および PLC CS における複数の脆弱性
https://jvn.jp/vu/JVNVU91952379/

I.教育訓練
Hacker 101 CTF Write Up Part 6 - Encrypted Pastebin (Padding Oracle 以及翻轉攻擊)
https://yu-jack.github.io/2019/10/20/hacker101-part6/

Web安全漏洞系列:2019 Google CTF題型講解
https://www.freebuf.com/video/216237.html

深入浅出理解操作系统安全
https://www.freebuf.com/articles/system/220576.html

Linux Cheat Sheet
https://hakin9.org/linux-cheat-sheet/

有關對Kubernetes部署進行故障排除的直觀指南
https://learnk8s.io/troubleshooting-deployments

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
智慧路燈系統資安標準與測試規範
https://www.taics.org.tw/LatestASSForm.aspx?Ass_id=5059&Type=1

與Vinfast合作被盯上 BMW遭越南駭客組織攻擊、欲竊商業機密
https://speed.ettoday.net/news/1598959

BMW與現代汽車遭越南駭客鎖定
https://ithome.com.tw/news/134707

越南駭侵團體 APT32 駭入 BMW、現代車廠
https://www.twcert.org.tw/tw/cp-104-3124-3caaa-1.html

以人為先發展AI 應對網絡攻擊
http://bit.ly/2LEvDOo

2020資安預測 趨勢科技:家中物聯網成駭客目標
https://www.setn.com/News.aspx?NewsID=652048

2020資安大預測/5G、物聯網 成駭客攻擊管道
https://ec.ltn.com.tw/article/paper/1338503

臺灣物聯網資安標章發展上軌道,已有9家業者的22款產品取得資安標準合格證書
https://www.ithome.com.tw/news/134764

FBI recommends that you keep your IoT devices on a separate network
https://www.zdnet.com/article/fbi-recommends-that-you-keep-your-iot-devices-on-a-separate-network/#ftag=RSSbaffb68

6.近期資安活動及研討會
 交通大學亥客書院-A018:企業網域控管-Active Directory攻擊與防禦  12/14
 https://hackercollege.nctu.edu.tw/?p=1094

 台灣駭客年會 HITCON Winter Training 2019 12/16
 https://hitcon.kktix.cc/events/hitcon-winter-training-2019

 台灣駭客年會 HITCON Winter Training 2019 - 學生報名 12/16
 https://hitcon.kktix.cc/events/hitcon-winter-training-2019-student

 Japan Security Analyst Conference
 https://jsac.jpcert.or.jp/

 PWN2OWN MIAMI – BRINGING ICS INTO THE PWN2OWN WORLD 2020/1/21~23
 https://www.zerodayinitiative.com/blog/2019/10/28/pwn2own-miami-bringing-ics-into-the-pwn2own-world

 制御システムセキュリティカンファレンス 2020  2020年2月14日
 https://www.jpcert.or.jp/event/ics-conference2020.html


留言

這個網誌中的熱門文章

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/



8月份資安社群及教育訓練活動分享

8月份資安社群及教育訓練活動分享

 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/

 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/

 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I

 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/

 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/

1月份資安社群及教育訓練活動分享

1月份資安社群及教育訓練活動分享

Android Code Club(Taipei) 1/1
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybccbcb/

From Reactive to Functional FunTh#80 1/2
https://www.meetup.com/Functional-Thursday/events/266805309/

Hacking Thursday 1/2
http://www.hackingthursday.org/invite

大數據爬蟲技術實作,使用Python實作網路爬蟲,快速有效獲取大量資料,打造自動化金融數據平台 1/4
https://www.techbang.com/posts/58613-course-python-crawler-technology-implementation

[Birthday Series] R-Ladies Taipei 五歲拉 1/6
https://www.meetup.com/rladies-taipei/events/266131216/

SDN x Cloud Native Meetup #24 1/6
https://www.meetup.com/CloudNative-Taiwan/events/267390135/

WizardAmigos CodeCamp [Taipei,JavaScript,­English] 1/6
https://www.meetup.com/WizardAmigos/events/bbdclrybccbjb/

新型郵件威脅與挑戰因應策略 1/7
https://engage2demand.cisco.com/LP=19240?dtid=oemels001119&ccid=cc000828&ecid=22859

發現 CNN 新大陸 (人工智慧小聚 - Hsinchu#20200108 ) 1/8
https://www.meetup.com/AIA-Hsinchu/events/266704469/

LISP talk: LISP in surrounding parentheses is supremely powerful #3  1/8
https…