跳到主要內容

資安事件新聞週報 2020/2/17 ~ 2020/2/21





資安事件新聞週報 2020/2/17 ~ 2020/2/21

1.重大弱點漏洞/後門/Exploit/Zero Day
全景公司ServiSign元件存在多個弱點,可導致任意程式碼執行或是任意檔案讀取及刪除
https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce

中華資安國際Red Team團隊發現,國內某證券選股系統具有多項弱點
https://gist.github.com/chtsecurity/d42564a3f92ebe697ae2c69266640529
https://gist.github.com/chtsecurity/5a74ef5445a8aea34904c5691a477534
https://gist.github.com/chtsecurity/d936e2381a0087dddc0cadf7c61a4a7b

Palo Alto PAN-OS 遠端執行程式碼漏洞
https://security.paloaltonetworks.com/CVE-2020-1975

SonicWall SMA設備被曝超危漏洞,易遭受遠程攻擊
https://www.freebuf.com/column/227639.html

Fortinet FortiOS 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6696

美國五州使用的投票程式Voatz被揪出含有可竄改的漏洞
https://www.ithome.com.tw/news/135839

IBM DB2 阻斷服務漏洞
https://www.hkcert.org/my_url/zh/alert/20021901

IBM Security Identity Manager跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4451

JVNVU#99571081 IBM ServeRAID Manager における任意のコード実行が可能な脆弱性
https://jvn.jp/vu/JVNVU99571081/

卡巴斯基:Windows 10升級漏洞並非由公司殺毒工具引起
https://www.cnbeta.com/articles/tech/945341.htm

快下載!一口氣修補99個漏洞 Windows 10 有始以來最大更新
https://newtalk.tw/news/view/2020-02-14/366627

想升級先等等!微軟 Windows 10 安全更新連續爆出 Bug 災情
https://3c.ltn.com.tw/news/39546

Second Windows 10 update is now causing problems by hiding user profiles
https://www.zdnet.com/article/second-windows-10-update-is-now-causing-problems-by-hiding-user-profiles/#ftag=RSSbaffb68

Nearly half of hospital Windows systems still vulnerable to RDP bugs
https://nakedsecurity.sophos.com/2020/02/20/nearly-half-of-hospital-windows-systems-still-vulnerable-to-rdp-bugs/

12,000個Jenkins服務器漏洞被用於放大DDoS攻擊
https://netsecurity.51cto.com/art/202002/610679.htm

OpenSSH adds support for FIDO/U2F security keys
https://www.zdnet.com/article/openssh-adds-support-for-fidou2f-security-keys/#ftag=RSSbaffb68

SweynTooth漏洞影響大量使用了BLE協議的設備
https://nosec.org/home/detail/4114.html

Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities
https://www.zdnet.com/article/unknown-number-of-bluetooth-le-devices-impacted-by-sweyntooth-vulnerabilities/#ftag=RSSbaffb68

Bluetooth bugs – researchers find 10 “Sweyntooth” security holes
https://nakedsecurity.sophos.com/2020/02/14/bluetooth-bugs-researchers-find-10-sweyntooth-security-holes/

Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent
https://www.zdnet.com/article/critical-vulnerability-patched-in-gdpr-cookie-consent-wordpress-plugin/#ftag=RSSbaffb68

Oracle Outside In Technology存在未明漏洞
https://www.oracle.com/security-alerts/cpujan2020.html

Oracle WebLogic Server存在未明漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2519

Oracle Identity Manager存在未明漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2729

CVE-2020-3937-3939
https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215

OpenSIPS 安全漏洞
http://github.com/OpenSIPS/opensips/commit/54e027adfa486cfcf993828512b2e273aeb163c2

Vulnerability Spotlight: Memory corruption, DoS vulnerabilities in CoTURN
https://blog.talosintelligence.com/2020/02/vuln-spotlight-coturn-DoS-memory-feb-2020.html

黑客正利用WordPress中ThemeREX插件的漏洞來接管網站
https://nosec.org/home/detail/4136.html

Apache Tomcat服務器存在文件包含漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938

谷歌翻譯服務(Google Translator)的跨站漏洞
https://cloud.tencent.com/developer/article/1587222

Cybermdx:許多醫院沒有針對設備已知重大漏洞進行修補
https://www.ithome.com.tw/news/135943

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
強化業績能力 臺企銀鎖定八大政策金融業務
https://readers.ctee.com.tw/cm/20200214/a12aa12/1040714/c2ba88e402a5fe0d0b0208c88a5d1d1f/share

資訊界「4師1員」職缺現最搶手!純網銀廣發徵才英雄帖
http://bit.ly/2Sz6HM1

國泰推首檔網路資安ETF 3月開募
https://money.udn.com/money/story/5618/4350214

亞洲首檔資安ETF要來了 反駭客概念成投資新趨勢
http://bit.ly/37Hy3Ul

資安指數漲勢更勝納斯達克 資安概念股看俏
https://news.cnyes.com/news/id/4444848

今年首場行庫會報,財部祭四指令
http://bit.ly/37yjRgw

美國國稅局呼籲線上報稅民眾啟用多因素認證
https://www.ithome.com.tw/news/135879

確保營運不中斷 金管會下令銀行採五大防疫措施
https://udn.com/news/story/7238/4353702

以色列耶路撒冷創投JVP在紐約設立資安中心
http://bit.ly/38HNg9w

嚴防疫情延燒 金控業啟動「異地備援」
https://news.cts.com.tw/cts/life/202002/202002191991109.html

Central Bank as the regions with the highest and lowest cybercrime
http://www.kxan36news.com/central-bank-as-the-regions-with-the-highest-and-lowest-cybercrime

Nedbank says 1.7 million customers impacted by breach at third-party provider
https://www.zdnet.com/article/nedbank-says-1-7-million-customers-impacted-by-breach-at-third-party-provider/#ftag=RSSbaffb68

3.電子支付/電子票證/行動支付/ pay/新聞及資安
亞太電 跨國行動支付Q2有望上線
https://money.udn.com/money/story/5612/4355277

你聽過 GtPay 嗎?亞太電信行動支付不只 NFC-SIM 感應支付與手機悠遊卡、信用卡服務,之後還能「跨國行動支付」
http://bit.ly/2SOf9au

行動支付成主流 分析師預測:Apple Pay 5年內將佔全球信用卡交易10%
https://cnews.com.tw/137200214a03/

恩智浦攜手 NTT DoCoMo 與 Sony 發表 UWB 技術行動支付
https://technews.tw/2020/02/11/nxp-ntt-docomo-sony-uwb-mobile-pay/

小確幸!民眾在街口等電子支付帳戶 可省手續費
https://money.udn.com/money/story/5613/4358826

金管會鬆綁電支機構合作帳戶 幫民眾省手續費
https://taronews.tw/2020/02/20/615912/

萊爾富開放icash支付 成為首家可使用4大票證的超商
https://udn.com/news/story/7193/4360092

4.虛擬貨幣/區塊鍊相關新聞及資安
數位時代打擊仿冒:瑞士鐘錶業如何用區塊鏈防偽
https://udn.com/news/story/6871/4342176

用戶報告台灣交易所比特之星出金不順,官方表示 : 系統升級中
http://bit.ly/38wvm9x

MIT:區塊鏈投票系統VOATZ存在一系列漏洞極易受到攻擊
http://bit.ly/37zkqqA

防止虛擬貨幣洗錢!美制定新法管控
https://newtalk.tw/news/view/2020-02-13/366270

bZx駭客事件分析
https://pttdigit.com/digicurrency/M.1582017234.A.D49.html

怎麼透過 Defi 組合做到的?詳細還原轟動全球社群的「bZx」駭客事件始末
https://www.blocktempo.com/analyze-bzx-hacking-process/

DeFi 借貸協議 bZx 再遭套利!產品漏洞損失 64.5 萬美元
https://blockcast.it/2020/02/19/defi-lending-protocol-bzx-has-just-been-exploited-again/

閃電貸款|駭客第二次對「各 DeFi 產品壓力測試」,從 bZx 再次獲利「2378 ETH」
https://www.blocktempo.com/defi-project-bzx-exploited-for-second-time-in-a-week-loses-630k-in-ether/

比特幣減半倒數:幣價上漲的傳統,誰是被淘汰的礦工
https://www.inside.com.tw/article/18950-bitcoin-price-next-halving

IOTA Trinity錢包漏洞報告,被盜160萬美元
https://0xzx.com/202002141220513402.html

IOTA 錢包爆發代幣遭竊事件!基金會關閉節點進行調查
https://news.cnyes.com/news/id/4442840

Mt.Gox事件受害者有望拿回88%的資金!那些被駭的交易所後來都怎麼了
https://news.knowing.asia/news/abddda59-d60d-4541-9a63-969b20c78177

【Block 週記】以太坊遊戲開發平台 Enjin 上線,遊戲內貨幣與加密貨幣將可通用
https://technews.tw/2020/02/21/block-weekly-20200220/

IOTA cryptocurrency shuts down entire network after wallet hack
https://www.zdnet.com/article/iota-cryptocurrency-shuts-down-entire-network-after-wallet-hack/

Inside J-CAT – Europol’s Joint Cybercrime Action Taskforce
https://portswigger.net/daily-swig/inside-j-cat-europols-joint-cybercrime-action-taskforce

Police bust alleged operator of Bitcoin mixing service Helix
https://nakedsecurity.sophos.com/2020/02/17/police-bust-alleged-operator-of-bitcoin-mixing-service-helix/

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
一年40個美國公部門遭駭客攻擊 遇上勒索病毒時,該付贖金嗎
https://www.cw.com.tw/article/article.action?id=5098988

RobbinHood:利用 Windows 驅動程序漏洞關閉殺軟的勒索軟件
https://www.chainnews.com/zh-hant/articles/899104922855.htm

點開立馬被綁架! 超強 Android 病毒 竟藏身電子收據
http://bit.ly/2SYBd11

宅經濟招駭客 手機惡意病毒隨網購商品簡訊四處流竄
https://newtalk.tw/news/view/2020-02-17/367847?

您的商品已到貨?手機病毒藏後頭
https://www.chinatimes.com/realtimenews/20200214001601-260412?chdtv

國內出現「訂購商品查詢」手機簡訊夾病毒,點選連結後就成病毒超級傳播者
https://www.techbang.com/posts/76178-your-goods-have-arrived-cell-phone-virus-hidden-behind

小心別亂點!「超強金融木馬病毒」 偽裝電子收據騙你
https://www.ettoday.net/news/20200215/1646250.htm

木馬程式一點就完蛋!攻擊安卓用戶 金融資料、自然人憑證都遭竊
https://cnews.com.tw/137200218a03/

新發現:惡意軟體 Emotet 可透過駭侵鄰近無線網路進行擴散
https://www.twcert.org.tw/tw/cp-104-3341-7a3b2-1.html

挖礦程式使用 Haiduc 駭客工具和 Xhide 應用程式隱藏工具,暴力登入電腦與伺服器
https://blog.trendmicro.com.tw/?p=63218

新電子郵件勒索手法,不付錢就讓你網站廣告被Google封鎖
https://www.ithome.com.tw/news/135892

比特幣勒贖最新手法:用機器人灌爆你的 Google AdSense
https://www.inside.com.tw/article/18946-email-scheme-google-adsense-bitcoin

想用約會 app 尋求新關係?當心找到了手機病毒
https://blog.trendmicro.com.tw/?p=63450

偽裝韓國公平貿易委員會的惡意垃圾郵件,夾帶勒索病毒與竊個資木馬
https://blog.trendmicro.com.tw/?p=63430

CISA:勒索軟體攻陷美國天然氣壓縮公司
https://ithome.com.tw/news/135917

Eclypsium:沒簽章的周邊裝置韌體成為惡意程式溫床
https://times.hinet.net/news/22793158

Malicious Spam Campaign Targets South Korean Users
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/malicious-spam-campaign-targets-south-korean-users

超過170萬次下載!Google 一口氣下架逾 500個Chrome 惡意擴充程式
https://3c.ltn.com.tw/news/39542

Google移除逾500個惡意的Chrome擴充程式
https://www.ithome.com.tw/news/135838

500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users
https://thehackernews.com/2020/02/chrome-extension-malware.html

There's finally a way to remove xHelper, the unremovable Android malware
https://www.zdnet.com/article/theres-finally-a-way-to-remove-xhelper-the-unremovable-android-malware/#ftag=RSSbaffb68

ViperSoftX - New JavaScript Threat
https://www.fortinet.com/blog/threat-research/vipersoftx-new-javascript-threat.html

CISA Issues Multiple Agency Malware Analysis Reports on Hidden Cobra
https://www.fortinet.com/blog/threat-research/cisa-issues-multiple-agency-malware-analysis-reports-on-hidden-cobra.html

US Cyber Command, DHS, and FBI expose new North Korean malware
https://www.zdnet.com/article/us-cyber-command-dhs-and-fbi-expose-new-north-korean-malware/#ftag=RSSbaffb68

North Korean Malicious Cyber Activity
https://www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity

AR20-045A : MAR-10265965-1.v1 – North Korean Trojan: BISTROMATH
https://www.us-cert.gov/ncas/analysis-reports/ar20-045a

AR20–045B : MAR-10265965-2.v1 – North Korean Trojan: SLICKSHOES
https://www.us-cert.gov/ncas/analysis-reports/ar20-045b

AR20-045C : MAR-10265965-3.v1 – North Korean Trojan: CROWDEDFLOUNDER
https://www.us-cert.gov/ncas/analysis-reports/ar20-045c

AR20-045D : MAR-10271944-1.v1 – North Korean Trojan: HOTCROISSANT
https://www.us-cert.gov/ncas/analysis-reports/ar20-045d

AR20-045E : MAR-10271944-2.v1 – North Korean Trojan: ARTFULPIE
https://www.us-cert.gov/ncas/analysis-reports/ar20-045e

AR20-045F : MAR-10271944-3.v1 – North Korean Trojan: BUFFETLINE
https://www.us-cert.gov/ncas/analysis-reports/ar20-045f

Rutter's store chain discloses security breach involving POS malware
https://www.zdnet.com/article/rutters-store-chain-discloses-security-breach-involving-pos-malware/#ftag=RSSbaffb68

Ginp mobile Trojan fakes incoming SMS messages
https://www.kaspersky.com/blog/ginp-mobile-banking-trojan/32478/

Coronavirus spam emails are spreading Emotet Malware
https://techau.com.au/coronavirus-spam-emails-are-spreading-emotet-malware/

Malware attack further proof that small health systems are vulnerable
https://searchhealthit.techtarget.com/news/252478672/Malware-attack-further-proof-that-small-health-systems-are-vulnerable

January 2020’s Most Wanted Malware: Coronavirus-themed Spam Spreads Emotet Malware
http://bit.ly/2SQynL8

Sophisticated Emotet malware loader thriving on unsophisticated passwords
https://techxplore.com/news/2020-02-sophisticated-emotet-malware-loader-unsophisticated.html

Beware of hackers planting Valentine’s Day malware
https://www.komando.com/security-privacy/hackers-plant-valentines-day-malware/706654/

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File
https://newsroom.trendmicro.com/blog/security-intelligence/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-fi-1

New paper: LokiBot: dissecting the C&C panel deployments
https://www.virusbulletin.com/blog/2020/02/new-paper-lokibot-dissecting-cc-panel-deployments/

Sextortion Scams Delivered by Emotet Net 10 Times More Than Necurs Sextortion — Here’s Why
https://securityintelligence.com/posts/sextortion-scams-delivered-by-emotet-net-10-times-more-than-necurs-sextortion-heres-why/

Tampa Bay Times hit with Ryuk ransomware attack
https://blog.malwarebytes.com/ransomware/2020/01/tampa-bay-times-hit-with-ryuk-ransomware-attack/

Hamas Android Malware On IDF Soldiers-This is How it Happened
https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened/

AZORult spreads as a fake ProtonVPN installer
https://securelist.com/azorult-spreads-as-a-fake-protonvpn-installer/96261/

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse
https://securityintelligence.com/posts/banking-trojans-and-ransomware-a-treacherous-matrimony-bound-to-get-worse/

Council returns to using pen and paper after cyberattack
https://nakedsecurity.sophos.com/2020/02/18/council-returns-to-using-pen-and-paper-after-cyberattack/

Malware and HTTPS – a growing love affair
https://nakedsecurity.sophos.com/2020/02/18/malware-and-https-a-growing-love-affair/

Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection
https://ibm.co/2P8ktDa

Ransomware attack forces 2-day shutdown of natural gas pipeline
https://nakedsecurity.sophos.com/2020/02/20/ransomware-attack-forces-2-day-shutdown-of-natural-gas-pipeline/

Ransomware Attack Hit US Natural Gas Facility
https://www.bankinfosecurity.com/ransomware-attack-hit-us-natural-gas-facility-a-13740

Cybersecurity Research During the Coronavirus Outbreak and After
https://securelist.com/cybersecurity-research-during-the-coronavirus-outbreak-and-after/96275/

ObliqueRAT: New RAT hits victims' endpoints via malicious documents
https://blog.talosintelligence.com/2020/02/obliquerat-hits-victims-via-maldocs.html


B.行動安全 / iPhone / Android /穿戴裝置 /App
Google Project Zero:三星保護手機的作法反而讓Android不安全
https://ithome.com.tw/news/135827

美國推智慧型手機投票 批評者憂駭客暗中動手腳
https://www.cna.com.tw/news/aopl/202002160115.aspx

亞馬遜Ring啟動強制雙重驗證 防止駭客入侵
https://www.ettoday.net/news/20200219/1648968.htm

Google 點名三星:不必要的改動恐讓 Android 手機不安全
https://3c.ltn.com.tw/news/39564

順豐香港版App疑有保安漏洞 最近使用寄件人資料通晒天
https://www.passiontimes.hk/article/02-19-2020/60178

Google去年阻止79萬款違規程式登上Play Store
https://www.ithome.com.tw/news/135821

Fraudsters using malicious apps to target Kochi’s smartphone users
https://www.nyoooz.com/news/kochi/1433891/fraudsters-using-malicious-apps-to-target-kochis-smartphone-users/

More than 7,700 attacks by threats disguised as dating apps in Africa
https://www.intelligentcio.com/africa/2020/02/12/more-than-7700-attacks-by-threats-disguised-as-dating-apps-in-africa/

Security News This Week: The 'Robo Revenge' App Makes It Easy to Sue Robocallers
https://www.wired.com/story/robo-revenge-apple-malware-security-news/

Signal Is Finally Bringing Its Secure Messaging to the Masses
https://www.wired.com/story/signal-encrypted-messaging-features-mainstream/

Ring to enable 2FA for all user accounts after recent hacks
https://www.zdnet.com/article/ring-to-enable-2fa-for-all-user-accounts-after-recent-hacks/#ftag=RSSbaffb68

Singapore gets three bids for 5G licences
https://www.zdnet.com/article/singapore-gets-three-bids-for-5g-licences/#ftag=RSSbaffb68

C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
WordPress外掛ThemeGrill Demo Importer可讓駭客清除資料庫,波及20萬網站
https://www.ithome.com.tw/news/135891

戰鬥民族瘋改造身體 竟植入台灣晶片
https://news.ltn.com.tw/news/world/breakingnews/3072243

網站流量暴增要小心?可能是駭客發動廣告勒索攻擊
https://cnews.com.tw/137200219a04/

報告:去年每1分鐘發生16次DDoS攻擊
https://www.ithome.com.tw/news/135912

武漢肺炎效應,IBM退出RSA大會,亞洲黑帽駭客大會延期
https://www.ithome.com.tw/news/135856

世衛也出聲了:小心有關武漢肺炎的網釣郵件
https://www.ithome.com.tw/news/135890

警示! 全球利用安全漏洞的網路攻擊激增
http://bit.ly/2V16Fy5

帳號遭駭客入侵「隱私全曝」 IU罕見動怒:越線是犯罪
https://www.setn.com/news.aspx?NewsID=691014

脫北官員太永浩手機疑遭北韓駭客入侵盜資訊
https://money.udn.com/money/story/5599/4350201

官方推特帳號被盜?以色列國防部貼出撩人正妹照
https://news.ltn.com.tw/news/world/breakingnews/3070024

奧運及奧委會社交網站遭黑客入侵 Twitter:已封鎖受影響帳戶
http://bit.ly/3bJTYgT

英警方呼籲家長一但發現小孩在用Kali Linux、Tor、Discord,應主動通報
https://www.ithome.com.tw/news/135886

網路安全成戰爭武器 休斯頓能源業需高度關注
https://scdaily.com/post/1486

美國兩起駭客攻擊指向同一家網路服務提供商
https://on.wsj.com/2HAdrmI

中國大陸網路資訊內容生態治理規定
http://www.cac.gov.cn/2019-12/20/c_1578375159509309.htm

共軍駭客窮凶惡極 國際社會杜微慎防
https://www.ydn.com.tw/News/373350

【中共的秘密在她電腦裡】讀到全身發抖!她向國際爆料「新疆 2 份關鍵文件」,卻收到死亡威脅、遭駭客攻擊
https://buzzorange.com/2020/02/20/the-whistleblower-of-xinjiang-cases/

美、德情報機關掌控瑞士加密通信公司 多年來竟竊聽多達120國情報機密
https://news.sina.com.tw/article/20200214/34233970.html

盟國若採用華為設備 川普揚言斷情報分享
https://times.hinet.net/topic/22789041

喬治亞上萬網站遇駭 英美盟邦矛頭指向俄國
https://www.cna.com.tw/news/aopl/202002210032.aspx

越南專家構建首個信息安全生態系統
http://n.yam.com/Article/20200220995715

伊朗國家黑客濫用VPN漏洞,入侵全球企業內網植入後門
https://www.secrss.com/articles/17172

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
https://www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/#ftag=RSSbaffb68

Unpatched VPN Servers Hit by Apparent Iranian APT Groups
https://www.bankinfosecurity.com/unpatched-vpn-servers-hit-by-apparent-iranian-apt-groups-a-13733

Israeli soldiers tricked into installing malware by Hamas agents posing as women
https://www.zdnet.com/article/israeli-military-tricked-into-installing-malware-by-hamas-agents-posing-as-women/#ftag=RSSbaffb68

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies
https://thehackernews.com/2020/02/united-states-china-huawei.html

UK police deny responsibility for poster urging parents to report kids for using Kali Linux
https://www.zdnet.com/article/uk-police-distance-themselves-from-poster-warning-parents-to-report-kids-for-using-kali-linux/#ftag=RSSbaffb68

Singapore to spend $719M beefing up government's cyber, data security systems
https://www.zdnet.com/article/singapore-to-spend-719m-beefing-up-governments-cyber-data-security-systems/#ftag=RSSbaffb68

16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps
https://www.zdnet.com/article/16-ddos-attacks-take-place-every-60-seconds-rates-reach-622-gbps/#ftag=RSSbaffb68

Five years after the Equation Group HDD hacks, firmware security still sucks
https://www.zdnet.com/article/five-years-after-the-equation-group-hdd-hacks-firmware-security-still-sucks/#ftag=RSSbaffb68

Hundreds of Millions of PC Components Still Have Hackable Firmware
https://www.wired.com/story/firmware-hacks-vulnerable-pc-components-peripherals/

Cybersecurity Plan for 2020 US Election Unveiled
https://www.bankinfosecurity.com/cybersecurity-plan-for-2020-us-election-unveiled-a-13732

US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility
https://thehackernews.com/2020/02/critical-infrastructure-ransomware-attack.html

Millions Of Windows And Linux Systems Are Vulnerable To This ‘Hidden’ Cyber Attack
https://www.forbes.com/sites/daveywinder/2020/02/18/millions-of-windows-and-linux-systems-are-vulnerable-to-this-hidden-cyber-attack/

Spoofing Banks is a Balancing Act
https://www.domaintools.com/resources/blog/spoofing-banks-is-a-balancing-act#

NEC 約6万人の社員が一斉にテレワーク実施
https://www3.nhk.or.jp/news/html/20200220/k10012293751000.html

Microsoft has a subdomain hijacking problem
https://www.zdnet.com/article/microsoft-has-a-subdomain-hijacking-problem/#ftag=RSSbaffb68

The US Blames Russia's GRU for Sweeping Cyberattacks in Georgia
https://www.wired.com/story/us-blames-russia-gru-sweeping-cyberattacks-georgia/

資安工程師/資深安全專家 (w0012)
http://bit.ly/38F4ODj

產險-資訊安全分析師(內湖)
https://www.104.com.tw/job/6vdbh?jobsource=googlejobs

資安工程師-F75E
https://mail.google.com/mail/u/0/?tab=wm&ogbl#inbox

高級系統維護師(資安專人)
https://m.1111.com.tw/job/91414896/

資安工程師 (i-Security Engineer)
https://www.104.com.tw/job/3q770

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
美台合作科技對抗「假新聞」!AIT:中國靠不實資訊削弱台灣自由民主
https://www.storm.mg/article/2308520

防疫散布假消息最重關4年半?陳其邁:明日會統一規定
https://news.ltn.com.tw/news/life/breakingnews/3072884

留言送口罩?小心有「駭」!
https://news.cnyes.com/news/id/4442938

詐騙手法不斷翻新!FBI公布報告 去年網路犯罪損失金額最多是這類
https://cnews.com.tw/137200215a03/

嘜來鬧!「LINE 2階段認證」是假的 小心帳號被盜
https://tw.appledaily.com/gadget/20200219/P2JQY3SVJBSVNCW6ICY2IBWFXE/

LINE 根本沒有「2 階段密碼認證」!小心釣魚訊息盜帳號
https://3c.ltn.com.tw/news/39579

1070萬酒店住宿資訊泄露:慘遭駭客散布
https://ek21.com/news/tech/179639/

拍下身分證!口罩販賣機免費領 憂個資問題?業者秀代碼「沒有存個資啦」
https://tw.news.appledaily.com/life/20200221/JIMWMIXCRAHUQXJS4TTOC2VBBE/

誰騙誰!男子稱為釣出詐騙集團 杜撰武漢偷渡返國貼文遭逮
https://reurl.cc/nVkGDl

世衛也出聲了:小心有關武漢肺炎的網釣郵件
https://www.ithome.com.tw/news/135890

【 武漢肺炎網路釣魚】 WHO呼籲:只有@who.int 才是來自世衛的信件,@who. com 、@who. org 都是山寨
https://blog.trendmicro.com.tw/?p=63475

Beware of criminals pretending to be WHO
https://www.who.int/about/communications/cyber-security

女po文自爆花15萬武漢偷渡返台 高市警揪出假帳號、追查IP
http://bit.ly/2HvchJ6

波多黎各政府遭釣魚攻擊,損失達 400 萬美元
https://www.twcert.org.tw/tw/cp-104-3363-8df05-1.html

PayPal remains the most‑spoofed brand in phishing scams
https://www.welivesecurity.com/2020/02/14/paypal-remains-most-spoofed-brand-phishing-scams/

How romance scammers break your heart – and your bank account
https://www.welivesecurity.com/2020/02/14/how-romance-scammers-break-your-heart-bank-account/

FBI: Cybercrime losses tripled over the last 5 years
https://www.welivesecurity.com/2020/02/13/fbi-cybercrime-losses-tripled-last-5-years/

Watchdog Agency: Improper Use of Medicare Data Rampant
https://www.bankinfosecurity.com/watchdog-agency-improper-use-medicare-data-rampant-a-13727

On data protection, the UK says it will go it alone. It probably won't.
https://www.zdnet.com/article/on-data-protection-the-uk-says-it-will-go-it-alone-it-probably-wont/

Cyber tips for safe online dating: How to avoid privacy gaffs, exploits, and scams
https://blog.malwarebytes.com/privacy-2/2020/02/cyber-tips-safe-online-dating/

Singapore instructs Facebook to block page access under online falsehoods law
https://www.zdnet.com/article/singapore-instructs-facebook-to-block-page-access-under-online-falsehoods-law/#ftag=RSSbaffb68

Exclusive: Details of 10.6 million MGM hotel guests posted on a hacking forum
https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/

Scam Alert: You've Been Selected for 'Like of the Year 2020' Cash Prizes
https://thehackernews.com/2020/02/like-of-the-year-scam.html

Премия «Лайк года 2020» награждает фишингом: новая волна масштабной схемы мошенничества
https://www.group-ib.ru/media/like-2020/

DOD DISA discloses data breach
https://www.zdnet.com/article/dod-disa-discloses-data-breach/#ftag=RSSbaffb68

Phishing Campaigns Tied to Coronavirus Persist
https://www.bankinfosecurity.com/phishing-campaigns-tied-to-coronavirus-persist-a-13741

Canadian Government Breaches Exposed Citizens' Data: Report
https://www.bankinfosecurity.com/canadian-government-breaches-exposed-citizens-data-report-a-13739

E.研究報告
【NIST CSF導入關鍵】7步驟打造整體安全防護網,從盤點現況與成熟度評估著手
https://www.ithome.com.tw/news/133172

ChkSender郵件存證與真偽驗證
https://reurl.cc/31GzrX

Pikachu 漏洞靶場系列之 XSS
https://www.chainnews.com/zh-hant/articles/186617425715.htm

使用Burpsuite快速掃描授權漏洞
https://zhuanlan.zhihu.com/p/106927394

Apache Shiro 反序列化漏洞利用工具使用
https://www.colabug.com/2020/0215/7000605/

CVE-2019-17564:Apache dubbo HTTP協議反序列化漏洞分析
https://www.colabug.com/2020/0215/6999555/

高危進攻!黑客可利用sudo獲得root權限
https://juejin.im/entry/5e47903e51882549331ce423

[紅日安全] Web安全第3天– CSRF實戰攻防
https://www.freebuf.com/column/227295.html

[紅日安全]Web安全Day4 – SSRF實戰攻防
https://www.freebuf.com/column/227309.html

[紅日安全]Web安全Day5 – 任意文件上傳實戰攻防
https://www.freebuf.com/column/227315.html

[紅日安全]Web安全Day6 – 業務邏輯漏洞實戰攻防
https://www.freebuf.com/column/227316.html

微軟SQL Server Reporting Services遠程代碼執行漏洞安全風險通告
http://vulsee.com/archives/vulsee_2020/0216_10577.html

文件上傳漏洞學習筆記——upload-labs
https://www.jianshu.com/p/50e2e0fa4f8b

xssi漏洞案例分析+漏洞挖掘
https://xz.aliyun.com/t/7204

CVE-2020-7471 漏洞詳細分析原理以及POC (原創)
https://xz.aliyun.com/t/7218

漏洞分析丨CVE-2020-7471
https://www.colabug.com/2020/0217/7006388/

漏洞復現篇——.htaccess文件解析漏洞
https://blog.csdn.net/weixin_45728976/article/details/104363400

漏洞分析學習之cve-2010-3333
https://xz.aliyun.com/t/7230

德國研究人員發現4GLTE協議新漏洞
https://www.freebuf.com/column/227816.html

Web安全學習之SRC邏輯漏洞挖掘思路和技巧詳解
http://www.sohu.com/a/374284486_472906

危險的外圍設備:利用外設固件漏洞攻擊Windows/Linux電腦
https://www.secrss.com/articles/17240

邏輯漏洞挖掘經驗
https://www.cnblogs.com/thespace/p/12336237.html

「ファイルレス型」攻撃、企業揺さぶる 三菱電機も被害
https://www.nikkei.com/article/DGXMZO55672360U0A210C2EA2000/

不正アクセスによる個人情報と企業機密の流出可能性について(第 3 報)
http://www.mitsubishielectric.co.jp/news/2020/0212-b.pdf

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
https://www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/

Fox Kitten Campaign Widespread Iranian Espionage-Offensive Campaign
https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign-v1.pdf

TugaRecon - Subdomain Enumeration Tool
https://pentestmag.com/tugarecon-subdomain-enumeration-tool/

RED HAWK- All In One Suite For Information Gathering And Vulnerability Scanning
https://hackersonlineclub.com/red-hawk-all-in-one-suite-for-information-gathering-and-vulnerability-scanning/

ViperSoftX - New JavaScript Threat
https://www.fortinet.com/blog/threat-research/vipersoftx-new-javascript-threat.html

What Is a DDoS Attack
https://securityintelligence.com/articles/what-is-a-ddos-attack/

Cookie-nabbing app could have served users side helping of XSS
https://nakedsecurity.sophos.com/2020/02/14/cookie-nabbing-app-could-have-served-users-side-helping-of-xss/

WordPress GDPR Cookie Consent plugin fixed vulnerability.
https://blog.nintechnet.com/wordpress-gdpr-cookie-consent-plugin-fixed-vulnerability/

Updates on WordPress security, Wordfence and what we're cooking in the lab today
https://www.wordfence.com/blog/2020/02/improper-access-controls-in-gdpr-cookie-consent-plugin/

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
https://blog.malwarebytes.com/threat-analysis/2020/01/woof-locker-stealthy-browser-locker-tech-support-scam/

JavaScript Injection Impact
https://hackersonlineclub.com/JavaScript-injection-impact/

Data Backup Strategy: Step By Step Guide for Business
https://hackonology.com/blogs/data-backup-strategy-step-by-step-guide-for-business/

Drone pentesting framework console
https://github.com/dhondta/dronesploit

Small and highly portable detection tests based on MITRE's ATT&CK.
https://github.com/timfrazier1/atomic-red-team

NETSCOUT THREAT INTELLIGENCE REPORT
https://www.netscout.com/threatreport?ls=PR-MKTG&lsd=pr-021820-5

PERILOUS PERIPHERALS: THE HIDDEN DANGERS INSIDE WINDOWS & LINUX COMPUTERS
https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/

Http-Asynchronous-Reverse-Shell
https://github.com/onSec-fr/Http-Asynchronous-Reverse-Shell

Automated Red Team Infrastructure deployement using Docker
https://github.com/khast3x/Redcloud

BlackPhish
https://github.com/iinc0gnit0/BlackPhish

2019 Cyberthreat Defense Report
https://www.imperva.com/resources/resource-library/lp/2019-cyberthreat-defense-report/

BlueKeep – Exploit Windows (RDP Vulnerability) Remotely
https://linuxsecurityblog.com/2019/10/10/bluekeep-exploit-windows-rdp-vulnerability-remotely/

Pypykatz - Mimikatz implementation in pure Python
https://hakin9.org/pypykatz-mimikatz-implementation-in-pure-python/

日本国内の組織を狙ったマルウエアLODEINFO
https://blogs.jpcert.or.jp/ja/2020/02/LODEINFO.html

From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
https://github.com/Varbaek/xsser

Network traffic analysis for IR: Analyzing IoT attacks
https://securityboulevard.com/2020/02/network-traffic-analysis-for-ir-analyzing-iot-attacks/

Chinese hackers have breached online betting and gambling sites
https://www.zdnet.com/article/chinese-hackers-have-breached-online-betting-and-gambling-sites/

Uncovering DRBControl Inside the Cyberespionage Campaign Targeting Gambling Operations
https://documents.trendmicro.com/assets/white_papers/wp-uncovering-DRBcontrol.pdf

CLAMBLING - A New Backdoor Base On Dropbox (EN)
http://www.talent-jump.com/article/2020/02/17/CLAMBLING-A-New-Backdoor-Base-On-Dropbox-en/

Wi-Ploit Exploit Tool
https://hackingpassion.com/wi-ploit-wi-fi-exploit-tool/

Cybersecurity Research During the Coronavirus Outbreak and After
https://securelist.com/cybersecurity-research-during-the-coronavirus-outbreak-and-after/96275/

F.商業
Palo Alto結合容器與無伺服器防護,跨入雲端原生安全應用
https://www.ithome.com.tw/review/135656

中華資安導入Nutanix 企業雲作業系統強化企業資訊安全
https://news.sina.com.tw/article/20200218/34263264.html

5G資安風險大 美方傳擴大封堵華為 衝擊台積電
http://bit.ly/2P5hrQ7

全球遠端工作需求升 台灣微軟佈署兩大高效遠距辦公方案
http://www.ctimes.com.tw/DispNews/tw/Microsoft/%E5%BE%AE%E8%BB%9F/2002181530SL.shtml

勤業眾信:遠距工作增加資安風險,四大關鍵教你如何安心 Work From Home
https://buzzorange.com/techorange/2020/02/17/deloitte-sop/

讓指紋辨識更安全!法國公司推多手指全螢幕FoD技術 盼今年成功量產
https://cnews.com.tw/134200218a03/

全球遠端工作需求升,台灣微軟解決方案為企業把關生產力
https://www.techbang.com/posts/76284-global-demand-for-remote-work-rises-taiwans-microsoft-solutions-for-enterprises-to-control-productivity

Dell 20 億美元出售 RSA
https://reurl.cc/W4jmdZ

強化資安防護 Google Chrome 不用點擊顯示密碼即可複製貼上
https://www.inside.com.tw/article/18960-google-chrome-copy-password

前檢察官轉行當律師 國內首設測謊及數位採證
https://udn.com/news/story/7323/4358425

用APP投票選總統?微軟開源投票程式上線測試 未來可用於大選活動
https://news.sina.com.tw/article/20200220/34289312.html

Microsoft set to bring its antivirus app to iOS and Android sometime this year
https://9to5mac.com/2020/02/20/microsoft-antivirus-software-ios/

G.政府
國防部後備指揮部109年聘雇進用國軍資安鑑測題庫
https://afrc.mnd.gov.tw/AFRCWeb/NewsContent.aspx?sn=12683

108年第4季更新之資通安全專業證照清單
https://nicst.ey.gov.tw/Page/D94EC6EDE9B10E15/7ba35454-3644-4199-828d-cff2f2d077fc

隱私疑慮未解恐成「資安阿基里斯腱」 數位身分證換發倒數,台灣準備好了嗎
https://www.wealth.com.tw/home/articles/24403

【倒數 8 個月換新證件,台灣真準備好了嗎】政府一年被網攻 3.6 億次!學者憂數位身分證成「資安破口」
https://buzzorange.com/2020/02/20/the-concern-about-new-eid/

行政院技術服務中心108 年資安服務廠商評鑑結果
http://bit.ly/2Pc6jkG

71%公務員個資外洩 監察院促請銓敘部檢討
https://news.ltn.com.tw/news/politics/breakingnews/3075158

每3名公務員有2人個資外洩 監院促銓敘部檢討
https://udn.com/news/story/7314/4360450

H.工控系統/SCADA/ICS
Profinet工業通信協議漏洞影響西門子,Moxa等工業設備
https://nosec.org/home/detail/4110.html

JVNVU#95424547 三菱電機製 MELSEC C言語コントローラユニットおよび MELIPC シリーズ MI5000 における複数の脆弱性
https://jvn.jp/vu/JVNVU95424547/

趨勢科技架設仿真模擬工業環境測試駭客攻擊
https://zeekmagazine.com/archives/115956

NEC Aterm WG2600HS 操作系統命令注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5534

JVN#25766797 Aterm WF1200CR 、WG1200CR および WG2600HS における複数の OS コマンドインジェクションの脆弱性
https://jvn.jp/jp/JVN25766797/

JVN#49410695 Aterm WG2600HS における複数の脆弱性
https://jvn.jp/jp/JVN49410695/

JVNVU#95424547 三菱電機製 MELSEC C言語コントローラユニットおよび MELIPC シリーズ MI5000 における複数の脆弱性
https://jvn.jp/vu/JVNVU95424547/

What the Explosive Growth in ICS-Infrastructure Targeting Means for Security Leaders
https://securityintelligence.com/posts/what-the-explosive-growth-in-ics-infrastructure-targeting-means-for-security-leaders/

I.教育訓練
#筆記分享-金管會防制洗錢與打擊資恐專業人員測驗
https://reurl.cc/W4jNED

零基礎了解CSRF漏洞
https://zhuanlan.zhihu.com/p/107719476

INE - OSCP Security Technology Course
https://reurl.cc/4gEEgv

Cisco Internal Routing Protocols
https://packetlife.net/media/library/40/IOS_Interior_Routing_Protocols.pdf

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識

物聯網資安聯合檢測中心成立,引進 UL IoT 安全評等
https://technews.tw/2020/02/14/hutoushan-innovation-hub-iot-cyber-security-center/

物聯網資安聯合檢測中心成立 引領台灣物聯網裝置接軌國際標準
https://life.taiwan368.com.tw/e_news.php?id=24784

台灣首座IoT資安檢測中心落成!從醫院、農場實測漏洞風險與潛在危害
https://www.bnext.com.tw/article/56597/tcc-iot-ul

為IoT注入資安思維:尚承科技從「晶片內部」做起,提供韌體加密與保護服務
https://meet.bnext.com.tw/articles/view/46093

特斯拉軟件被曝存漏洞,電子膠帶誘使其在限速區超速
https://www.36kr.com/p/5293553

歐盟發布 AI 白皮書!訓練數據、過程皆有規範,將如何衝擊科技產業
https://buzzorange.com/techorange/2020/02/20/european-commission-ai-white-paper/

6.近期資安活動及研討會
Certificate of Cloud Security Knowledge (CCSK) Plus 2/23 ~ 2/24
https://csacongress.org/event/csa-summit-at-rsa-conference-2020/

連網設備的資安風險與信任管理策略 2/25
https://www.caa.org.tw/coursedetail-3272.html

第19屆亞太資安論壇  2/25 ~ 2/26
https://www.informationsecurity.com.tw/Seminar/2020_Seminar/all/

Taipei 暗号通貨 (Cryptocurrency) Meetup 2/26
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcdbjc/

Android Code Club(Taipei) 2/26
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcdbjc/

區塊鏈電子郵件防詐及網路資安鑑識研討會  2/27
https://www.tca.org.tw/market_info1.php?n=2390

Thinking Thursday 第七場 2/27
https://www.meetup.com/Thinking-Thursday/events/266911452/

邊緣運算介紹與應用 & Let's AIY ( 人工智慧小聚 - Hsinchu#20200304 ) 3/4
https://www.meetup.com/AIA-Hsinchu/events/267713123/

Android Code Club(Taipei) 3/4
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbgb/

「智慧機械與資安解決方案」技術交流媒合會 3/5
https://forms.gle/ZRksvpLu1hDHUm538

Monad 細說從頭! FunTh#81 3/5
https://www.meetup.com/Functional-Thursday/events/267683150/

Android Code Club(Taipei) 3/11
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbpb/

Scala Taiwan #37 3/18
https://www.meetup.com/Scala-Taiwan-Meetup/events/267899692/

韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html

數據分析與機器學習案例實務(一)以PM2.5為例 3/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3888&from_course_list_url=course_index

Taipei 暗号通貨 (Cryptocurrency) Meetup 3/25
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcfbhc/

交通大學駭客書院 - 緩衝區溢位攻擊與預防 3/28
https://hackercollege.nctu.edu.tw/?p=1141

black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/

Kaspersky® Security Analyst Summit  4/6 ~ 4/9
https://thesascon.com/

邊緣計算系統之大數據與深度學習應用 4/10
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3883&from_course_list_url=course_index

第二屆ICANN APAC-TWNIC Engagement Forum 與第34屆TWNIC IP政策資源管理會議 4/16
https://forum.twnic.tw/2020/registration.htm

交通大學駭客書院 -入侵行為發覺與應變指南 4/18
https://hackercollege.nctu.edu.tw/?p=1144

VXCON 2020 - APAC  4/18 ~ 4/19
https://www.vxcon.hk/

2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore  4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/

Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/

亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html

交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147

2020 LINE Taiwan Developers Recruitment Day  4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/

交通大學駭客書院 -     基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151

交通大學駭客書院 -     電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156

Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/

交通大學駭客書院 -     進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159

邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index

交通大學駭客書院 -     高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161

交通大學駭客書院 -     企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164

CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/


留言

這個網誌中的熱門文章

資安事件新聞週報 2019/2/25 ~ 2019/3/1

資安事件新聞週報  2019/2/25  ~  2019/3/1

1.重大弱點漏洞

Avast:數位家庭最容易有漏洞的裝置是印表機、網路裝置及監視器
https://ithome.com.tw/news/128997

F5 BIG-IP Access Policy Manager 跨站腳本漏洞  CVE-2019-6595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6595

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT
https://www.exploit-db.com/exploits/46444

報告:前十大熱門Docker映像檔都有至少30個以上的漏洞
https://www.ithome.com.tw/news/129018

有攻擊者正利用Chrome的0day漏洞偷取他人信息
https://nosec.org/home/detail/2294.html

Chrome瀏覽器被曝存在漏洞攻擊者可通過PDF收集用戶信息
http://www.sohu.com/a/298175326_114774?sec=wd

Google Chrome zero-day used in the wild to collect user data via PDF files
https://www.zdnet.com/article/google-chrome-zero-day-used-in-the-wild-to-collect-user-data-via-pdf-files/#ftag=RSSbaffb68

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
https://bit.ly/2H4ZAWr

研究人員揭露大批Thunderclap安全漏洞,允許惡意周邊裝置竊取記憶體機密資訊
https://www.ithome.com.tw/news/129021

新發現的thunderclap 漏洞允許黑客使用Thunderbolt/USB-C 外設攻擊PC
http://hackernews.cc/archives/24…

資安新聞及事件週報 2018/12/3 ~ 2018/12/7

1.重大弱點漏洞

WebEx Meetings漏洞沒補好,思科再補一次
https://ithome.com.tw/news/127328

Cisco Prime License Manager 存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181128-plm-sql-inject

IBM QRadar SIEM 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1730

2019 PHP5網站技術支援到期,恐將成為資安孤兒
https://bit.ly/2Udfh1S

高階腳本語言Perl測出多種overflow觸發情境
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5059

CVE-2018-8550widows提權漏洞預警及復現
https://www.bilibili.com/video/av37405552/

Oracle WebLogic Server存在未明漏洞  CVE-2018-3249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3249

CyberArk 9.7 - Memory Disclosure
https://old.exploit-db.com/exploits/45926/?rss

Chrome 71出爐,加強封鎖不良廣告、修補43個安全漏洞
https://www.ithome.com.tw/news/127492

儘速更新Zoom!避免駭客亂入視訊會議
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5061

libsixel 緩衝區錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19762

容器技術 Kubernetes 被回報首度重大漏洞,使用者要盡快升級修補
https://technew…

資安事件新聞週報 2019/7/8 ~ 2019/7/12

資安事件新聞週報  2019/7/8  ~  2019/7/12

1.重大弱點漏洞/後門/Exploit/Zero Day
安全公告:LEN-27828 Intel PROSet/Wireless WiFi Software 漏洞
http://iknow.lenovo.com/detail/dc_183380.html

Juniper Junos OS 多個漏洞
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10938
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10940
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10942
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10946

Lodash 嚴重安全漏洞背後你不得不知道的JavaScript 知識
https://juejin.im/post/5d271332f265da1b934e2d48

Lodash庫爆出嚴重安全漏洞,波及400萬+項目
https://mp.weixin.qq.com/s/tfZq2PZylGfMjOp8h8eeTw

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
https://www.exploit-db.com/exploits/47111

知名飯店Kiosk系統漏洞讓後台資料庫憑證曝險,可致客戶資料被竊
https://ithome.com.tw/news/131809

Jira Server and Data Center Update Patches Critical Vulnerability
https://www.bleepingcomputer.com/news/security/jira-server-and-data-center-update-patches-critical-vulnerability/

JIRA Security Advisory 2019-07-1…