資安事件新聞週報 2020/1/27 ~ 2020/1/31



資安事件新聞週報 2020/1/27 ~ 2020/1/31

1.重大弱點漏洞/後門/Exploit/Zero Day
AMD官方驅動疑似包含礦機漏洞,遭Cisco安全檢測系統監控
https://kknews.cc/tech/pvzraxz.html

ASUS SmartHome Gateway HG100拒絕服務漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11060

D-Link DIR-601認證繞過漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16327

IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781
https://www.helpnetsecurity.com/2020/01/23/cve-2019-19781-ioc-scanner/

Citrix Application Delivery Controller 嚴重漏洞(CVE-2019-19781)警報
https://www.hkcert.org/my_url/zh/blog/20011702

修補CVE-2020-0601 漏洞了嗎?別讓 Vulnera-Bullies 得逞,快用免費工具檢測
https://blog.trendmicro.com.tw/?p=63228

JIRA plugin ScriptRunner安全漏洞SRPLAT-876
https://blog.51cto.com/13851865/2468436

Patching the Citrix ADC Bug Doesn't Mean You Weren't Hacked
https://www.bleepingcomputer.com/news/security/patching-the-citrix-adc-bug-doesnt-mean-you-werent-hacked/

Fortinet removes SSH and database backdoors from its SIEM product
https://www.zdnet.com/article/fortinet-removes-ssh-and-database-backdoors-from-its-siem-product/

Fortinet FortiSIEM Hardcoded SSH Key
https://seclists.org/fulldisclosure/2020/Jan/10

Re: Fortinet FortiSIEM Hardcoded SSH Key
https://seclists.org/fulldisclosure/2020/Jan/25

FortiSIEM Database hard-coded Credentials
https://fortiguard.com/psirt/FG-IR-19-195

FortiSIEM default SSH key for the "tunneluser" account is the same across all appliances
https://fortiguard.com/psirt/FG-IR-19-296

Zoom Bug Could Have Let Uninvited People Join Private Meetings
https://thehackernews.com/2020/01/zoom-meeting-password.html

New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave
https://thehackernews.com/2020/01/new-cacheout-attack-leaks-data-from.html

Intel 第三次針對 Zombieload 漏洞推出補丁程序
https://chinese.engadget.com/chinese-2020-01-28-intel-third-mds-patch.html

搞不定的 Zombieload 處理器漏洞!英特爾發布第三次更新修補程式
http://technews.tw/2020/01/28/intel-is-patching-its-zombieload-cpu-security-flaw-for-the-third-time/

微軟確認IE零日漏洞 破壞了Windows列印功能
https://read01.com/BJj20Je.html#.XjEMHGgzbIU

美國國土安全部(DHS)建議不要使用IE瀏覽器防止零日漏洞引發攻擊
https://kknews.cc/tech/q98853y.html

Windows 10 Optional Cumulative Update KB4532695 Released
https://www.bleepingcomputer.com/news/microsoft/windows-10-optional-cumulative-update-kb4532695-released/

思科Webex Meetings的安全漏洞將允許任何人加入私人會議
https://times.hinet.net/news/22757033

思科交換器多個漏洞
https://tools.cisco.com/security/center/publicationListing.x

電子商務軟件Magento修復了代碼執行漏洞
https://nosec.org/home/detail/4055.html

黑客從Google安全漏洞中發了財,Google向安全研究人員支付了650萬美元的獎金
https://www.linuxidc.com/Linux/2020-01/162164.htm

RCE in OpenSMTPD library impacts BSD and Linux distros
https://www.zdnet.com/article/rce-in-opensmtpd-library-impacts-bsd-and-linux-distros/#ftag=RSSbaffb68

Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers
https://thehackernews.com/2020/01/microsoft-azure-vulnerabilities.html

Remote Cloud Execution – Critical Vulnerabilities in Azure Cloud Infrastructure (Part I)
https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/

Remote Cloud Execution – Critical Vulnerabilities in Azure Cloud Infrastructure (Part II)
https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-ii/

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges
https://threatpost.com/dell-hp-memory-access-bugskernel-privileges/152369/

DIRECT MEMORY ACCESS ATTACKS – A WALK DOWN MEMORY LANE
https://eclypsium.com/2020/01/30/direct-memory-access-attacks/

Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers
https://thehackernews.com/2020/01/openbsd-opensmtpd-hacking.html

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
春節金融機構ATM運作不休息 金管會全台實地抽測
https://money.udn.com/money/story/5613/4305614

金管會抽測9縣市ATM 全部運作正常
https://ec.ltn.com.tw/article/breakingnews/3049311

〈年後換工作〉金控徵才、MA招募提前開打 首選「二跨」人才
https://news.cnyes.com/news/id/4435533

開放銀行第2階段開放消費者資料 專家提建言
https://udn.com/news/story/7239/4307124

公股銀換新血 召喚資訊高手
https://udn.com/news/story/7239/4309215

加國保險公司被駭遭勒索 付高額贖金
https://www.epochtimes.com/b5/20/1/31/n11833408.htm

Cyber Risk and the U.S. Financial System: A Pre-Mortem Analysis
https://www.newyorkfed.org/medialibrary/media/research/staff_reports/sr909.pdf

Travelex says some in-store systems are back up and running after ransomware attack
https://www.zdnet.com/article/travelex-says-some-in-store-systems-are-back-up-and-running-18-days-after-ransomware-attack/

Russian National Pleads Guilty to Running Online Criminal Marketplace
https://www.justice.gov/opa/pr/russian-national-pleads-guilty-running-online-criminal-marketplace

Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards
https://thehackernews.com/2020/01/russian-credit-card-hacker.html

Magecart gang arrested in Indonesia
https://www.zdnet.com/article/magecart-gang-arrested-in-indonesia/

Malware stealing payment card details identified with support of private partner
https://www.interpol.int/en/News-and-Events/News/2020/INTERPOL-supports-arrest-of-cybercriminals-targeting-online-shopping-websites

Wawa's massive card breach: 30 million customers' details for sale online
https://www.zdnet.com/article/wawa-card-breach-may-rank-as-one-of-the-biggest-of-all-times/

Breached Wawa Payment Card Records Reach Dark Web
https://geminiadvisory.io/breached-wawa-payment-card-records-reach-dark-web/

A Christian-friendly payments processor spilled 6 million transaction records online
https://techcrunch.com/2020/01/28/cornerstone-payments-credit-cards/

Travelex says UK money transfer and wire services back online after hack
https://www.reuters.com/article/us-britain-travelex/travelex-says-uk-money-transfer-and-wire-services-back-online-after-hack-idUSKBN1ZR1S5

Making Sure You're PCI DSS 3.2 Compliant? MFA to the Rescue
https://www.bankinfosecurity.com/blogs/making-sure-youre-pci-dss-32-compliant-mfa-to-rescue-p-2849

3.電子支付/電子票證/行動支付/ pay/新聞及資安
恩智浦、NTT DOCOMO、Sony合作 共推UWB行動支付
https://www.chinatimes.com/realtimenews/20200115004060-260410?chdtv

近5成沒用過行動支付 在意個資付款安全性
https://www.cardu.com.tw/news/detail.php?39330

4.虛擬貨幣/區塊鍊相關新聞及資安
市場震盪|伊拉克飛彈襲擊美國大使館,比特幣突破 9,000 美元、黃金等避險資產大漲
https://www.blocktempo.com/us-iran-war-makes-bitcoin-surged-9000-again/

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
紐約州參議員提議立法禁止當地城鎮支付勒索軟體贖金
https://times.hinet.net/news/22757934

警惕駭客借「武漢新型冠狀病毒名單」發財
https://ek21.com/news/health/37736/

英國法院凍結勒索軟體比特幣帳戶以追回贖款
https://www.ithome.com.tw/news/135563

Mac惡意程式排行榜由Shlayer木馬居首
https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=30871

Sodinokibi 勒索病毒在年終活動加劇,攻擊了機場及其他企業
https://blog.trendmicro.com.tw/?p=63152

Clop 勒索病毒終止Windows 10 應用程式
https://blog.trendmicro.com.tw/?p=63085

Emotet Uses Coronavirus Scare to Infect Japanese Targets
https://www.bleepingcomputer.com/news/security/emotet-uses-coronavirus-scare-to-infect-japanese-targets/

Iran-Linked PupyRAT backdoor used in recent attacks on European energy sector
https://securityaffairs.co/wordpress/96733/malware/pupyrat-backdoor-european-energy-sector.html

European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019
https://www.recordedfuture.com/pupyrat-malware-analysis/

Fake AmeriCommerce Shopping Cart
https://blog.sucuri.net/2020/01/fake-americommerce-shopping-cart.html

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says
https://www.darkreading.com/threat-intelligence/ryuk-ransomware-hit-multiple-oil-and-gas-facilities-ics-security-expert-says-/d/d-id/1336865

Ryuk and Sodinokibi Surge as Ransom Payments Double
https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654

New Ryuk Info Stealer Targets Government and Military Secrets
https://www.bleepingcomputer.com/news/security/new-ryuk-info-stealer-targets-government-and-military-secrets/

Breaking down a two-year run of Vivin’s cryptominers
https://blog.talosintelligence.com/2020/01/vivin-cryptomining-campaigns.html

DOD contractor suffers ransomware infection
https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/#ftag=RSSbaffb68

제목 : 금융보안원, 국내 금융권 피싱 공격 배후 분석 결과 발표
https://www.fsec.or.kr/user/bbs/fsec/41/18/bbsDataView/1373.do

B.行動安全 / iPhone / Android /穿戴裝置 /App
鑑識報告曝光:貝佐斯開啟可疑影片後,iPhone X流量暴增300倍
https://www.ithome.com.tw/news/135508

WhatsApp傳資安疑慮 聯合國官員不使用
https://news.wearn.com/c434362.html

隱私權回歸用戶!蘋果軟體更新取消背景定位追蹤 傳SE後繼機春季發表
https://cnews.com.tw/137200126a02/

能限制網路使用時間跟掌握行蹤!避免孩子手機成癮的App:Family Link
https://www.niusnews.com/=P1y9byn6

具慧善絕美曬自拍拜年 下一秒卻警告…小心手機遭駭客入侵
https://www.setn.com/News.aspx?NewsID=678441

專家親授避免中毒的秘訣!保護手機該這樣選防毒軟體
https://newtalk.tw/news/view/2020-01-28/357739

力挽狂瀾!臉書推新工具讓用戶可控制第三方蒐集資訊 盼減少資安問題
https://cnews.com.tw/134200130a01/

臉書推出隱私工具 Off-Facebook activity,讓你知道自己的個資被誰蒐集
https://buzzorange.com/techorange/2020/01/30/off-facebook-activity/

手機監控武漢肺炎隔離者 指揮中心借鏡南韓經驗
http://bit.ly/2uR2PNa

Apple wants to standardize the format of SMS OTPs (one-time passcodes)
https://www.zdnet.com/article/apple-wants-to-standardize-the-format-of-sms-otps-one-time-passcodes/

18 Year old Teenager Charged for Stealing Over $50 Million in Cryptocurrency using SIM-Swapping Technique
https://cybersecuritynews.com/sim-swapping/

Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp
https://thehackernews.com/2020/01/saudi-prince-allegedly-hacked-worlds.html

LINEが16億円の損失計上、システム開発中止で
https://tech.nikkeibp.co.jp/atcl/nxt/news/18/06961/

The Million Dollar Dissident NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender
https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/

C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
2020 要留意的五大資安威脅
https://blog.trendmicro.com.tw/?p=63093

暗網潛航——黑客術概覽(三)——伏而深謀
http://bit.ly/2ObDnsq

澳門衛生局強烈譴責駭客惡意攻擊電腦系統 將確保口罩質量供應如有問題可更換
https://www.gov.mo/zh-hant/news/315399/

閃擊希臘 威脅中國:土耳其藉駭客掀起網絡世界大戰
http://bit.ly/2S2Wi9O

特區政府積極抗疫 籲不法人士停止惡意攻擊網絡
http://bit.ly/2RYjvtJ

館長新網站被駭客擊潰 怒告求償「絕對數百萬起跳」
https://tw.appledaily.com/life/20200125/O5OPJBVN3TZ4X34H45ZRB2253M/

別再用「123456」當密碼啦!BBC教你自創好記又不易攻破的安全密碼
https://www.ettoday.net/news/20200125/1607310.htm

3大密碼流言破解!混合字符、頻繁更換無助於密碼的安全性
https://www.ettoday.net/news/20200126/1611849.htm

網絡攻擊增長 專家建議渥京加強打擊駭客
https://www.epochtimes.com/b5/20/1/26/n11823471.htm

【武漢肺炎】企業准員工在家工作 需注意潛在保安風險
http://bit.ly/2O8vzYq

日本三菱電機遭多個駭侵團體同時大規模駭侵
https://www.twcert.org.tw/tw/cp-104-3276-f6a98-1.html

頂住美國壓力!英國允許華為參與網路建設 歐盟不建議會員國排除任何供應商
https://cnews.com.tw/137200130a01/

暗助中共「千人計畫」 哈佛教授被捕
https://www.ydn.com.tw/News/370728

聯合國被踢爆去年曾遭駭客入侵卻噤聲不語
https://www.ithome.com.tw/news/135570

聯合國被爆隱瞞大型被入侵事件 大量個人資料外洩
https://unwire.pro/2020/01/30/united-nations-cyber-attack/security/

聯合國驚傳遭大規模駭侵攻擊
https://www.twcert.org.tw/tw/cp-104-3284-59ccc-1.html

德媒爆:德國政府已掌握華為和中國情報部門合作證據
https://ec.ltn.com.tw/article/breakingnews/3051832

You can get a lifetime of VPN Unlimited for only $40
https://www.engadget.com/2019/07/25/lifetime-vpn-unlimited/

Get creative: The average US user recycles online passwords at least four times
https://www.zdnet.com/article/get-creative-the-average-us-user-recycles-online-passwords-at-least-four-times/

情報セキュリティ10大脅威 2020
https://www.ipa.go.jp/security/vuln/10threats2020.html

インターネット定点観測レポート(2019年 10~12月)
https://www.jpcert.or.jp/tsubame/report/report201910-12.html

日本政府、クラウド採用に基準導入 サイバーセキュリティ戦略本部
https://www.sankeibiz.jp/macro/news/200130/mca2001301014006-n1.htm

政府情報システムにおけるクラウドサービスのセキュリティ評価制度の基本的枠組みについて
https://www.nisc.go.jp/active/general/pdf/wakugumi2020.pdf

Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs
https://thehackernews.com/2020/01/managed-cybersecurity-services.html

Iranian hackers target US government workers in new campaign
https://www.zdnet.com/article/iranian-hackers-target-us-government-workers-in-new-campaign/#ftag=RSSbaffb68

New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset
https://intezer.com/blog-new-iranian-campaign-tailored-to-us-companies-uses-updated-toolset/

UN Kept Hacker Attacks Under Wraps
https://www.bankinfosecurity.com/un-kept-hacker-attacks-under-wraps-a-13664

NY Times Reporter Targeted by Spyware: Report
https://www.bankinfosecurity.com/ny-times-reporter-targeted-by-spyware-report-a-13662

Russian Cops Crash Pill Pusher Party
https://krebsonsecurity.com/2011/02/russian-cops-crash-pill-pusher-party/

大型主機系統開發人員
https://www.104.com.tw/job/6ephq?jobsource=hotjob_chr

IT's Time Ver.3.0_資安防護策略工程師
https://www.104.com.tw/job/6ugrk?jobsource=hotjob_chr

IT's Time Ver.3.0_資訊安全制度管理工程師
https://www.104.com.tw/job/6ugrl?jobsource=hotjob_chr

資訊安全分析師-高雄(HN)
https://www.104.com.tw/job/6pt09?jobsource=n104bank2

資訊安全管理顧問師(台中)
https://www.104.com.tw/job/5ixbl?jobsource=n104bank2

【資訊安全管理】顧問副理/經理
https://www.104.com.tw/job/6otv4?jobsource=n104bank2

資訊安全管理稽核員
https://www.104.com.tw/job/kyb5?jobsource=n104bank2

【資訊】資訊安全管理人員-ISO27001
https://www.104.com.tw/job/69jq5?jobsource=n104bank2

V 資訊安全架構師
https://www.104.com.tw/job/6fmw0?jobsource=n104bank2

資訊安全技術顧問
https://www.104.com.tw/job/48aak?jobsource=n104bank2

資訊安全管理師 / 資安工程師
https://www.104.com.tw/job/56qde?jobsource=n104bank2

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
防毒軟件公司Avast被揭 出售用戶瀏覽數據
http://bit.ly/2tQfcZI

小心!手機掃碼網購 恐被連結到詐騙帳戶
https://tw.appledaily.com/property/20200126/YHGTRWQFIIIJ4LAZ5F2LN5QLJU/

春節詐騙高峰期 金管會公開網路詐騙態樣
https://money.udn.com/money/story/5613/4306698

接到 Deepfake 詐騙電話?一招破解:先掛斷,再重撥
https://www.inside.com.tw/article/18775-ftc-deepfakes-audio-cloning-joe-rogan-phone-scams

免費的最貴!防毒霸主淪落變惡意軟體 出售4.35億用戶數據
https://cnews.com.tw/137200130a03/

有衛生署認證就是品質保證?! 破解詐騙網購招數
https://blog.trendmicro.com.tw/?p=63220

美國連鎖超商 Wawa 三千萬顧客個資被竊
https://www.twcert.org.tw/tw/cp-104-3280-c0eb5-1.html

日本NEC遭駭 2.7萬份文件被盜
https://www.ydn.com.tw/News/370995

80代女性が被害 特殊詐欺で1.5億円
https://www.fnn.jp/posts/00431126CX/202001281926_THK_CX

Yahoo!メール、迷惑メール対策として、 米国などグローバルで活用が進む送信ドメイン認証技術「DMARC」を 3月より順次導入
https://about.yahoo.co.jp/pr/release/2020/01/29a/

社内パソコンがウイルス感染、メール送受信履歴に含まれるアドレスへなりすましメールを送付(ライフ)
https://scan.netsecurity.ne.jp/article/2020/01/29/43595.html

250 Million Microsoft Customer Support Records Exposed Online
https://thehackernews.com/2020/01/microsoft-customer-support.html

Avast Anti-Virus Spying Millions of Users Browsing Activities, Every Click, Every Buy and Selling to Its Clients – Google, Microsoft, Pepsi
https://gbhackers.com/avast-collecting-data/

Avast winds down Jumpshot, cites user data sale privacy concerns
https://www.zdnet.com/article/avast-winds-down-jumpshot-with-immediate-effect-cites-user-data-sales-and-privacy-concerns/#ftag=RSSbaffb68

New web service can notify companies when their employees get phished
https://www.zdnet.com/article/new-web-service-can-notify-companies-when-their-employees-get-phished/#ftag=RSSbaffb68

FBI Warns of Rise in Social Security Scams Spoofing Its Phone Number
https://www.bleepingcomputer.com/news/security/fbi-warns-of-rise-in-social-security-scams-spoofing-its-phone-number/

Data on 30,000 Cannabis Users Exposed in Cloud Leak
https://www.infosecurity-magazine.com/news/data-30000-cannabis-users-exposed/

Cyber News Rundown: Cannabis User Data Breach
https://www.webroot.com/blog/2020/01/23/cyber-news-rundown-cannabis-user-data-breach/

Are Companies Adhering to CCPA Requirements
https://www.bankinfosecurity.com/are-companies-adhering-to-ccpa-requirements-a-13653

E.研究報告
WordPress站點惡意JS注入漏洞分析
https://www.4hou.com/posts/0Xk3

研究人員發布針對Windows RDP網關漏洞的DOS利用腳本
https://nosec.org/home/detail/4047.html

ModSecurity 拒絕服務漏洞(CVE-2019-19886) 復現
https://www.colabug.com/2020/0124/6903083/

挖洞經驗| 知名在線教育平台的IDOR突破
https://www.freebuf.com/vuls/225134.html

CVE-2020-0609/0610漏洞分析
https://www.4hou.com/posts/mMpn

Malwarebytes:2019年網絡醫療犯罪報告
http://www.199it.com/archives/998913.html

metasploit、powershell之Windows錯誤系統配置漏洞實戰提權
https://zhuanlan.zhihu.com/p/104138308

CVE-2019-0708 漏洞分析及相关测试
http://www.sohu.com/a/369195264_354899

漏洞筆記|記一次與XXE漏洞的愛恨糾纏
https://wemp.app/posts/d95c3cfb-e458-4f10-8d6c-e5ab946b398d

挖洞經驗| 用BurpSuite實現越權漏洞(IDOR)的自動發現識別
https://www.freebuf.com/vuls/225701.html

用 BurpSuite 實現越權漏洞(IDOR)的自動發現識別
https://www.chainnews.com/zh-hant/articles/827500689978.htm

Zoom安全漏洞分析
https://www.4hou.com/posts/rMxW

百度SDK漏洞分析及防護
https://www.twoeggz.com/info/184271.html

Vulhub漏洞復現之Apache解析漏洞總結
https://blog.csdn.net/weixin_41598660/article/details/104118036

Weblogic IIOP反序列化漏洞(CVE-2020-2551) 漏洞分析
https://www.anquanke.com/post/id/197605

個案分析-啟動安全模式的勒索病毒Snatch攻擊事件分析報告_10901
https://cert.tanet.edu.tw/prog/opendoc.php?id=2020013110013838564220784134822.pdf

Lenovo ThinkPad P51s 固件 SMM 驅動逆向及漏洞分析
https://www.chainnews.com/zh-hant/articles/656737431333.htm

Security Analysis of Devices That Support SCPI and VISA Protocols
https://newsroom.trendmicro.com/blog/security-intelligence/security-analysis-devices-support-scpi-and-visa-protocols

(Ab)using Kerberos from Linux
https://www.onsecurity.co.uk/blog/abusing-kerberos-from-linux

Pentesting an IOT Based Biometric Attendance Device
https://pentestmag.com/pentesting-an-iot-based-biometric-attendance-device/

Red Team Diary, Entry #3: Custom Malware Development (Establishing A Shell Through the Target’s Browser)
https://blog.usejournal.com/red-team-diary-entry-3-custom-malware-development-establish-a-shell-through-the-browser-bed97c6398a5

misp-galaxy
https://github.com/MISP/misp-galaxy/blob/master/clusters/attck4fraud.json

Recon-ng Tutorial – Part 1 Install and Setup
http://securenetworkmanagement.com/recon-ng-tutorial-part-1/

BlueGate - PoC (DoS) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE
https://github.com/ollypwn/BlueGate

Grouper2 : To Find Vulnerabilities In AD Group Policy
https://kalilinuxtutorials.com/grouper2/

BMW Connected Apps Protocol
https://hufman.github.io/stories/bmwconnectedapps

Threat Research Nice Try: 501 (Ransomware) Not Implemented
https://www.fireeye.com/blog/threat-research/2020/01/nice-try-501-ransomware-not-implemented.html

dronesploit
https://github.com/AIOOSCP/dronesploit

ReflectiveDLLRefresher
https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher

COM Hijacking Techniques - Derbycon 2019
https://www.slideshare.net/DavidTulis1/com-hijacking-techniques-derbycon-2019

Scammers’ delivery service: exclusively dangerous
https://securelist.com/scammers-delivery-service-exclusively-dangerous/66515/#comment-2986748

Red Teaming with Covenant and Donut
https://blog.naijasecforce.com/red-teaming-with-covenant-and-donut/

jpcert/cc インターネット定点観測レポート(2019年 10~12月)
https://www.jpcert.or.jp/tsubame/report/report201910-12.html

How Deception Technologies Enable Proactive Cyberdefense
https://www.bankinfosecurity.com/blogs/how-deception-technologies-enable-proactive-cyberdefense-p-2855

F.商業
活用 NAS 私有雲+密碼管理軟件 跨平台密碼管理.一:平台大比拼
http://bit.ly/37vVotb

Google open-sources the firmware needed to build hardware security keys
https://www.zdnet.com/article/google-open-sources-the-firmware-needed-to-build-hardware-security-keys/#ftag=RSSbaffb68

G.政府
工業局推物聯網資安標章 選合格產品過好年
http://www.rdiscount.com/8433.html

行政院技術服務中心108年第4季資通安全技術報告
https://download.nccst.nat.gov.tw/attachfilenew/108_Q4_Cyber%20Security%20Technology%20Report.pdf

108年第4季更新之資通安全專業證照清單
https://nicst.ey.gov.tw/Page/D94EC6EDE9B10E15/7ba35454-3644-4199-828d-cff2f2d077fc

H.工控系統/SCADA/ICS
研究人員踢爆GE Medical醫療裝置含有重大安全漏洞,將允許駭客關閉監護裝置
https://times.hinet.net/news/22753919

Realistic Factory Honeypot Shows Threats Faced by Industrial Organizations
https://www.securityweek.com/realistic-factory-honeypot-shows-threats-faced-industrial-organizations

ABB PB610 Panel Builder 600 PB610 HMISimulator未授權訪問漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18997

I.教育訓練
暗網入門與分析議題介紹
https://secbuzzer.co/post/4

打造你的 AI 資安鑑識專家:惡意程式分析之特徵萃取研究篇
https://secbuzzer.co/post/93

淺談 PowerShell 中的密碼字串加密處理
https://blog.darkthread.net/blog/ps-secure-string/

XSS漏洞基礎入門
https://www.cnblogs.com/xhds/p/12239527.html

CutiePi shell - the mobile UI that turns Raspberry Pi and Raspbian OS into a functional tablet
https://www.youtube.com/watch?v=ivkR3tvci1Q

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
特斯拉Model 3再度成為Pwn2Own駭客競賽攻擊目標,最高獎金有50萬美元
https://times.hinet.net/news/22756936

5G時代家用物聯網蓬勃發展 小心「萬物皆可駭」
https://newtalk.tw/news/view/2020-01-29/357950

英國政府打算制定新法令來規範IoT的安全性
https://www.ithome.com.tw/news/135548

英國擬加強智能家居保安   至少需符合 3 大要點
https://unwire.hk/2020/01/29/uk-make-smart-home-devices-secure/tech-secure/

可作室內飛行 日本廠商推出工業用小型無人機
http://bit.ly/2REymeb

加州 IoT 裝置資安法生效,相容及範圍成未來法規設計關鍵
https://technews.tw/2020/01/30/california-iot-device-security-act-sb-327/

DJI 剉著等,美國政府宣布正式禁用中國製無人機
https://www.techbang.com/posts/75911-usa-banned-china-drones

推行物聯網保安最佳實踐
https://www.hkcert.org/my_url/zh/blog/20011401

Medical IoT for diabetes and cybercrime
https://www.virusbulletin.com/blog/2020/01/vb2019-paper-medical-iot-diabetes-and-cybercrime/

Fake Factory Experiment Illustrates Attackers' Tactics
https://www.bankinfosecurity.com/fake-factory-experiment-illustrates-attackers-tactics-a-13661

UK Government Proposes IoT Security Measures
https://www.bankinfosecurity.com/uk-government-proposes-iot-security-measures-a-13655

6.近期資安活動及研討會
台灣E化資安分析管理協會-「網路身分識別安全與防護:從密碼走向無密碼時代」研習課程 2/5
https://inc.ntub.edu.tw/p/404-1011-75476-1.php?Lang=zh-tw

制御システムセキュリティカンファレンス 2020 2020年2月14日
https://www.jpcert.or.jp/event/ics-conference2020.html

Certificate of Cloud Security Knowledge (CCSK) Plus 2/23 ~ 2/24
https://csacongress.org/event/csa-summit-at-rsa-conference-2020/

CYBERSEC 2020 臺灣資安大會 3/17 ~ 3/19
https://cyber.ithome.com.tw/

韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html

black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/

Kaspersky® Security Analyst Summit  4/6 ~ 4/9
https://thesascon.com/

VXCON 2020 - APAC  4/18 ~ 4/19
https://www.vxcon.hk/

2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore  4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/

亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html




沒有留言:

張貼留言

2024年 3月份資安、社群活動分享

  2024年 3月份資安、社群活動分享 線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演  2024/3/6 https://b...