資安事件新聞週報 2020/3/9 ~ 2020/3/13

資安事件新聞週報 2020/3/9 ~ 2020/3/13

1.重大弱點漏洞/後門/Exploit/Zero Day
中華資安國際金融安全評估團隊發現國內知名跨平台數位簽章軟體具有不安全的API
https://www.chtsecurity.com/news/136c325b-14de-42da-9050-843dfed42c94

中華資安國際鑑識實驗室發現國內知名數位監控設備弱點
https://www.chtsecurity.com/news/3639232a-0453-43c5-8651-dc593aa41fef

防毒軟體Avast又攤上麻煩158元一年的高級功能爆出安全漏洞
https://www.cnbeta.com/articles/tech/953767.htm

Avast出現設計漏洞可能讓駭客遠端執行惡意程式
https://tag.analysis.tw/news/ithome/21678/

Avast disables the JavaScript engine component due to a severe issue
https://securityaffairs.co/wordpress/99410/hacking/avast-javascript-engine-bug.html

Fortinet FortiManager 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16158

Google Chrome 2月才加入的密碼及cookie加密技術,已經被竊密軟體突破
https://ithome.com.tw/news/136282

Oracle Coherence&WebLogic反序列化遠程代碼執行漏洞風險通告(CVE-2020-2555)
https://s.tencent.com/research/bsafe/906.html

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers
https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html

Nitro Software Nitro Pro 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10222

研究人員發現2011年到2019年的AMD處理器皆存在旁路攻擊漏洞
https://www.ithome.com.tw/news/136231

AMD官方回應Take A Way漏洞:相信這些並非新型攻擊
http://bit.ly/2IJdZY0

9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks
https://thehackernews.com/2020/03/amd-processors-vulnerability.html

推土機、Zen架構被曝全都有安全漏洞!AMD官方回應
https://kknews.cc/digital/m98g852.html

近年出品之 Intel 處理器,內含難以修復的資安漏洞
https://www.twcert.org.tw/tw/cp-104-3424-92e17-1.html

Positive Technologies:Intel晶片組含有一個允許駭客竊取機密資訊且無法修補的安全漏洞
https://www.ithome.com.tw/news/136204

Flaw impacts most new Intel chipsets
https://www.scmagazine.com/home/security-news/vulnerabilities/intel-flaw-impacts-most-new-intel-chipsets/

CVE-2019-0090
https://nvd.nist.gov/vuln/detail/CVE-2019-0090

處理器漏洞爆不完!英特爾 SGX 平台再曝連安全區資料也可能外洩的新漏洞
http://technews.tw/2020/03/11/intel-sgx-is-vulnerable-to-an-unfixable-flaw-that-can-steal-crypto-keys-and-more/

K59145983: Intel CSME and SPS vulnerability CVE-2019-0090
https://support.f5.com/csp/article/K59145983

Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html

Intel CSME bug is worse than previously thought
https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought/#ftag=RSSbaffb68

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years
https://securityaffairs.co/wordpress/99120/hacking/intel-cve-2019-0090-flaw.html

This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years
https://thehackernews.com/2020/03/intel-csme-vulnerability.html

聯發科64位元晶片爆出「通用漏洞」上百萬台手機、平板都能被駭客輕易取得完整權限
https://www.insoler.com/forum/topic/15834510269063.htm

聯發科晶片爆漏洞 提供修補
http://bit.ly/32Xemax

D-Link DWL-2600AP 操作系統命令注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20499

TestLink 安全漏洞 CVE-2019-20107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20107

Red Software PDFescape Desktop 代碼問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9418

WPForms 聯絡表單跨站點腳本(XSS)漏洞的攻擊(2020 年 3 月 5 日)
https://ithelp.ithome.com.tw/articles/10230287

CVE-2020-5405:Spring-cloud-config-server路徑遍歷漏洞警報
https://pivotal.io/security/cve-2020-5405

CKFinder代碼問題漏洞
https://ckeditor.com/blog/CKFinder-3.5.1-and-CKFinder-2.6.3-released/

CloudBees Jenkins Script Security Plugin輸入驗證錯誤漏洞
http://products.enorth.com.cn/bfnrglxt/index.shtml

新的Linux漏洞使攻擊者可以劫持VPN連接
http://blog.itpub.net/31365439/viewspace-2678933/

SRC-2020-0011 : ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution
https://srcincite.io/advisories/src-2020-0011/

微軟發佈03月份安全性公告
https://support.microsoft.com/en-us/help/20200310/security-update-deployment-information-march-10-2020

微軟修補115個安全漏洞,有26個被列為重大風險
https://www.ithome.com.tw/news/136285

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws
https://thehackernews.com/2020/03/microsoft-patch-tuesday-march-2020.html

Microsoft Exchange Server 存在安全性弱點
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688

微軟Exchange伺服器存在安全漏洞(CVE-2020-0688),允許攻擊者遠端執行任意程式碼
http://net.nthu.edu.tw/2009/mailing:announcement:20200309_01

Windows 10 KB4535996 Update Issues: Crashes, Slowdowns, Audio, More
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4535996-update-issues-crashes-slowdowns-audio-more/

Windows 10 本次更新將解決預裝應用程式的安全漏洞
https://news.xfastest.com/windows/77598/windows-10-update-sloved-exploit/

Microsoft Leaks Info on Wormable Windows SMBv3 CVE-2020-0796 Flaw
https://www.bleepingcomputer.com/news/security/microsoft-leaks-info-on-wormable-windows-smbv3-cve-2020-0796-flaw/

Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
https://blog.talosintelligence.com/2020/03/microsoft-patch-tuesday-march-2020.html

Vulnerability Spotlight: Information disclosure in Windows 10 Kernel
https://blog.talosintelligence.com/2020/03/vuln-spotlight-windows-10-kernel-information-disclosure.html

CVE-2020-0796 Memory Corruption Vulnerability in Windows 10 SMB Server
https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html

March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes
https://newsroom.trendmicro.com/blog/security-intelligence/march-patch-tuesday-lnk-microsoft-word-vulnerabilities-get-fixes-0

Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed
https://thehackernews.com/2020/03/smbv3-wormable-vulnerability.html

MISP存在未明漏洞
https://github.com/MISP/MISP/commit/3d982d92fd26584115c01f8c560a688d1096b65c

Talos found tens of dangerous flaws in WAGO Controllers
https://securityaffairs.co/wordpress/99430/hacking/wago-products-vulnerabilities.html

Vulnerability Spotlight: WAGO products contain remote code execution, other vulnerabilities
https://blog.talosintelligence.com/2020/03/wago-vulnerability-spotlight-march-2020.html

Point-to-Point Protocol Daemon 存在安全性弱點(CVE-2020-8597)
https://www.kb.cert.org/vuls/id/782301/

Cisco 近日發布更新以解決多個產品的安全性弱點
https://www.us-cert.gov/ncas/current-activity/2020/03/05/cisco-releases-security-updates

Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)
https://newsroom.trendmicro.com/blog/security-intelligence/busting-ghostcat-analysis-apache-tomcat-vulnerability-cve-2020-1938-and-0

GitLab 多個漏洞
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/

RCE in popular ThemeREX WordPress Plugin has been actively exploited
https://securityaffairs.co/wordpress/99394/hacking/themerex-wordpress-plugin-rce.html

Spring Framework 反射型文件下載漏洞CVE-2020-5398
https://www.colabug.com/2020/0311/7107782/

安全預警- 華為某智能手機存在鑑權不充分漏洞
https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200311-01-smartphone-cn

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
客戶授信負面資料 證券與銀行3/31起可跨業查詢
https://money.udn.com/money/story/5613/4394911

金管會將持續要求金融業營運不中斷,多家金融機構已啟動異地辦公來防疫
https://ithome.com.tw/news/136196

金管會10招防內鬼 2大特徵保單解約要電訪備查
https://www.phew.tw/article/cont/phewpoint/current/topic/8718/202003068718

機器人理財也會算錯?金管會糾出四缺失
https://www.chinatimes.com/realtimenews/20200309002512-260410

金管會將催生台灣二大中心 必要時祭台股措施
https://www.chinatimes.com/realtimenews/20200309003718-260410?chdtv

臺灣Open Banking 近況發展
https://www.setn.com/News.aspx?NewsID=700218

Moneybook麻布記帳 獲TCIC環奧國際ISO27001驗證
https://money.udn.com/money/story/11799/4403731

金融業徵才 祭百萬年薪
https://udn.com/news/story/7239/4404734

LINE Bank資訊處長揭曉,由前籌備處專案管理辦公室負責人徐文玲擔任
https://www.ithome.com.tw/news/136301

荷蘭武漢肺炎疫情升溫,荷蘭銀行與艾司摩爾宣布員工分批上班
https://technews.tw/2020/03/12/abn-amro-and-asml-counterattack-coronavirus/

3.電子支付/電子票證/行動支付/ pay/新聞及資安
武漢肺炎疫情 可望帶動電子支付使用率
https://www.epochtimes.com/b5/20/3/6/n11920242.htm

疫情發燒 改變民眾消費習慣電子支付飆升
https://www.scooptw.com/popular/network_news/produce/37782/

電子支付 首破700萬戶 一卡通與街口 龍頭之爭進入肉搏戰
https://tw.appledaily.com/finance/20200307/J6PZOF6J3UVN64Z3MN7J722OMM/

假帳戶現蹤!電子支付機構有偽冒開戶 金管會緊盯
https://tw.appledaily.com/property/20200309/OI4Z53FLWKPFPGTUL3GMCCOMKU/

電支帳戶也能洗錢 金管會發現假交易退款恐涉洗錢
https://udn.com/news/story/7239/4400473

4.虛擬貨幣/區塊鍊相關新聞及資安
南韓通過全球第一部加密貨幣法
https://www.ithome.com.tw/news/136197

加密投資基金Trident遭駭客攻擊 26.6萬用戶數據泄露
https://ek21.com/news/tech/182694/

Defi穩定幣放貸是「高風險投資」
https://www.bnext.com.tw/article/56797/defi-decentralized-finance

清大育成中心旗下資富電子成功開發挖礦加速引擎,搶進區塊鏈與資安商機
http://bit.ly/2xkyQhz

魔法小卡藏玄機 螢幕電池按鍵全塞裡面
http://bit.ly/38M4DoP

存帳密非真錢包 掉卡不怕被盜用
http://bit.ly/2U5GBQc

美國司法部「起訴中國公民」OTC助北韓駭客洗錢事件: 哪些交易所被盜了
https://www.blocktempo.com/look-deep-into-case-about-chinese-nationals-accused-of-laundering-millions-in-stolen-crypto-for-north-korea/

研發網路資安技術 清大資工博士助產業升級
https://www.cna.com.tw/news/ahel/202003100344.aspx

疫情商機!資富電子超省電「挖礦機」問市
https://udn.com/news/story/7240/4403206

German Crypto Regulator BaFin Shuts Down Unauthorized Bitcoin ATMs
https://news.bitcoin.com/german-bitcoin-atms/

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
McAfee:有接近一半的Android惡意程式屬於隱藏程式
https://www.ithome.com.tw/news/136187

如何防止 Mac 中勒索病毒?四招防止蘋果電腦病毒、勒索軟體
https://applealmond.com/posts/68296

小心!駭客以假憑證過期通知散佈惡意程式
https://www.ithome.com.tw/news/136200

警惕跨平台挖礦木馬SysupdataMiner利用多個漏洞攻擊傳播
https://s.tencent.com/research/report/904.html

Android用戶注意!8款Haken惡意程式進駐Google Play
https://www.ettoday.net/news/20200309/1663560.htm

微軟:人為操縱的勒索軟體攻擊愈來愈危險
https://www.ithome.com.tw/news/136272

小心!約翰霍普金斯大學新冠病毒疫情地圖淪為駭客散播 AZORult 病毒新途徑
https://technews.tw/2020/03/13/checking-this-coronavirus-map-lets-hackers-attack-your-windows-pc/

電腦病毒也叫corona 偽裝成防疫郵件點進去秒騙錢
https://www.setn.com/News.aspx?NewsID=706299

微軟鏟除最大殭屍網路現突破
https://www1.hkej.com/dailynews/article/id/2400741/

Malicious Chrome extension caught stealing Ledger wallet recovery seeds
https://www.zdnet.com/article/malicious-chrome-extension-caught-stealing-ledger-wallet-recovery-seeds/#ftag=RSSbaffb68

TrickBot Malware Targets Italy in Fake WHO Coronavirus Emails
https://www.bleepingcomputer.com/news/security/trickbot-malware-targets-italy-in-fake-who-coronavirus-emails/

Trickbot campaign targets Coronavirus fears in Italy
https://news.sophos.com/en-us/2020/03/04/trickbot-campaign-targets-coronavirus-fears-in-italy/

Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks
https://newsroom.trendmicro.com/node/4561

More than one billion Android devices at risk of malware threats
https://www.which.co.uk/news/2020/03/more-than-one-billion-android-devices-at-risk-of-malware-threats/

One of Roman Abramovich's companies got hit by ransomware
https://www.zdnet.com/article/one-of-roman-abramovichs-companies-got-hit-by-ransomware/#ftag=RSSbaffb68

Backdoor malware is being spread through fake security certificate alerts
https://www.zdnet.com/article/backdoor-malware-is-being-spread-through-fake-security-certificate-alerts/#ftag=RSSbaffb68

Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns
https://www.zdnet.com/article/chinese-hackers-use-decade-old-bisonal-trojan-to-strike-russian-targets/#ftag=RSSbaffb68

Ryuk ransomware hits Fortune 500 company EMCOR
https://www.zdnet.com/article/ryuk-ransomware-hits-fortune-500-company-emcor/#ftag=RSSbaffb68

Ransomware Threatens to Reveal Company's 'Dirty' Secrets
https://www.bleepingcomputer.com/news/security/ransomware-threatens-to-reveal-companys-dirty-secrets/

Human-operated ransomware attacks: A preventable disaster
https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/

New Variant of TrickBot Being Spread by Word Document
https://www.fortinet.com/blog/threat-research/new-variant-of-trickbot-being-spread-by-word-document.html

Cookiethief: a cookie-stealing Trojan for Android
https://securelist.com/cookiethief/96332/?utm_source=rss&utm_medium=rss&utm_campaign=cookiethief

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
https://newsroom.trendmicro.com/blog/security-intelligence/operation-overtrap-targets-japanese-online-banking-users-bottle-exploit-k

B.行動安全 / iPhone / Android /穿戴裝置 /App
沒關AirDrop小心被騷擾!通勤收「防疫小知識」 點開驚見陌生男下體
https://cnews.com.tw/137200309a02/

新創公司 Corellium 成功駭進 iPhone,讓它能跑 Android
https://www.inside.com.tw/article/19109-Android-comes-to-the-iPhone-with-Project-Sandcastle

You Can Now Run Android on an iPhone With 'Project Sandcastle'
https://thehackernews.com/2020/03/install-android-on-iphone.html

iPhone / iPad 越獄已無須電腦,一部 Android 手機就做到
http://bit.ly/2uZRVov

Android 首款破解 2FA 惡意程式曝光 可竊取銀行帳號
https://hk.xfastest.com/47765/android-cerberus-break-2fa/

慎用社群軟體 嚴防資安威脅
https://www.ydn.com.tw/News/375737

LIFF v2 升級指南:趕在 v1 終止服務之前,快升級到 v2 吧!(別懷疑,真的會終止!)
https://chibupapa.com/2020/02/28/migrate-to-liff-v2/

Android 手機被「放生」怎麼辦?專家傳授 4 招教你自保
https://3c.ltn.com.tw/news/39755

舊版Android停安全更新支援 10億部裝置陷保安風險
http://bit.ly/2TzavgQ

同類型軟體太氾濫?蘋果新政策規範程式優化品質 用戶至上「不夠好就不上架」
https://cnews.com.tw/137200309a03/

疫情燒全球!社群軟體「這幾招」打假訊息…拉起線上防疫守護線
https://times.hinet.net/topic/22819050

Android登2019年「漏洞王」!全年被揭414個漏洞 開放系統是主因
https://www.ettoday.net/news/20200309/1663379.htm

Magisk的root隱藏功能要涼了新版SafetyNet用了硬體檢測
https://www.cnbeta.com/articles/tech/954567.htm

你是如何用指紋解鎖你的iPhone?從「光學掃描」到「生物識別技術」
https://mf.techbang.com/posts/10605-how-do-you-unlock-your-iphone-with-your-fingerprint-from-optical-scanning-to-biometrics

應用程式漏洞多?安卓8款程式被入侵 拍照軟體、小遊戲易藏毒
http://bit.ly/2IKL8SS

One billion Android devices at risk of hacking
https://www.bbc.com/news/technology-51751950

Warning! 1 billion Android phones susceptible to hacking – find out if yours is at risk
https://www.komando.com/security-privacy/androids-cant-update-at-risk-hacks/710048/

How you can have four or five SIM cards in your iPhone or Android smartphone
https://www.zdnet.com/article/how-you-can-have-four-or-five-sim-cards-in-your-iphone-or-android-smartphone/#ftag=RSSbaffb68

C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
「資產管理機構資訊安全實務研討」活動實錄
http://bit.ly/2IqC5Xl

Google Stadia在歐洲多國出現網路連結問題 官方:正在調查中
https://www.ettoday.net/news/20200312/1666242.htm

不爽前女友沉溺交友網站 醋男扮駭客刪帳密
https://www.chinatimes.com/realtimenews/20200310001725-260402?chdtv

南韓民間跟進「口罩地圖」!4大學生聯手36歲天才駭客 2天開發完成
https://www.ettoday.net/news/20200306/1660964.htm

電網也是駭客目標,歐洲 ENTSO-E 辦公網路遭攻擊
https://technews.tw/2020/03/13/entso-e-it-systems-cyber-intrusion/

出馬競選韓國議員的脫北者 遭駭客和電話威脅
https://www.bannedbook.org/bnews/zh-tw/worldnews/20200306/1289494.html

新天地教會官網被黑!駭客竟然是中學生,貼佛像嘲笑:你們被黑啦
https://www.koreastardaily.com/tc/news/124799

防駭靠這招 FBI建議別用複雜密碼要用15字密詞
https://www.chinatimes.com/realtimenews/20200307000007-260412?chdtv

防君子不防小人?美國中情局駭客工具的密碼是123ABCdef,而且公布在員工群組裡
https://www.ithome.com.tw/news/136217

美情報局駭陸11年 竊大量機密
https://turnnewsapp.com/global/military/169759.html

FBI逮捕經營非法憑證銷售網站的俄羅斯人
https://ithome.com.tw/news/136286

疫情中別鐵齒!放下「員工一定要進公司」的執念,3步驟做好分批辦公計畫
https://www.businessweekly.com.tw/management/blog/3001902

你還敢用嗎?美官員擬立法禁抖音 直言「可能成為中共資料庫」
https://cnews.com.tw/137200306a02/

美國國會議員有意翻修間諜法來保障媒體與安全研究人員
https://www.ithome.com.tw/news/136247

涉「CIA駭客」案 CIA前編碼員判2輕罪 逃過間諜等8重罪
https://udn.com/news/story/6813/4403129

涉「CIA駭客」案 前編碼員逃過間諜等8重罪
http://bit.ly/2Qb1b0i

CRS報告:美軍網絡空間作戰概況
https://mp.weixin.qq.com/s/eEiUn1Gc8HQrAIuk1X_ZRw

Beware of 'Coronavirus Maps' – It's a malware infecting PCs to steal passwords
https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html

陰影!DDR4仍將面臨Rowhammer風險
https://www.freebuf.com/news/230164.html

研究:現今的DDR4記憶體依然無法免疫於Rowhammer攻擊
https://www.ithome.com.tw/news/136322

Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks
https://thehackernews.com/2020/03/rowhammer-vulnerability-ddr4-dram.html

FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime
https://www.zdnet.com/article/fbi-arrests-russian-behind-deer-io-a-shopify-like-platform-for-cybercrime/#ftag=RSSbaffb68

A list of security conferences canceled or postponed due to coronavirus concerns
https://www.zdnet.com/article/a-list-of-security-conferences-canceled-or-postponed-due-to-coronavirus-concerns/

Multiple nation-state groups are hacking Microsoft Exchange servers
https://www.zdnet.com/article/multiple-nation-state-groups-are-hacking-microsoft-exchange-servers/

How an elaborate North Korean crypto hacking heist fell apart
https://www.wired.co.uk/article/north-korea-cryptocurrency-hacking-china

US government agencies have shadow IT infrastructure problem, cybersecurity risks, says GAO
https://www.zdnet.com/article/us-government-agencies-have-shadow-it-infrastructure-problem-cybersecurity-risks-says-gao/

Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month
https://www.zdnet.com/article/browsers-to-block-access-to-https-sites-using-tls-1-0-and-1-1-starting-this-month/

Brazil ranks third in email security threats
https://www.zdnet.com/article/brazil-ranks-third-in-email-security-threats/

Boots Advantage card hackers may be behind Tesco Clubcard cyber attack
https://www.mirror.co.uk/news/uk-news/boots-advantage-card-hackers-behind-21648152

Two People Who Attended Cyber Event Contract Coronavirus
https://finance.yahoo.com/news/engineer-attended-cybersecurity-event-contracts-180441855.html

地特三等(臺北)資訊職缺請益
https://pttcareer.com/publicservan/M.1583849619.A.D14.html

【信義房屋】資安維運系統工程師
https://www.cakeresume.com/companies/sinyi/jobs/4e6d55

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
中共「大外宣」手法曝光!調查局查獲臉書粉專遭收購,內容滿是假訊息
https://www.storm.mg/article/2371772

安全「遠低於應有水準」,國泰航空資料外洩案遭英政府罰50萬英鎊
https://ithome.com.tw/news/136184

桃機下半年試辦「人臉辨識登機」 人權團體憂侵犯隱私
https://tw.appledaily.com/life/20200306/NK2R46UC4VI3626Z7I22RZXLKM/

青蛙為什麼要去屏東體育館?假消息資訊戰的AI陰謀論
https://pourquoi.tw/2020/03/06/fighting-fake-news-ai-bots/

報復還是帳號被盜? 男怒控前妻冒名狂訂民宿1個月
https://news.ltn.com.tw/news/society/breakingnews/3092134

想網購口罩? 小心這是詐騙 駭客利用這波疫情趁火打劫
https://money.udn.com/money/story/5613/4406873

假藉冠狀病毒「corona」名義的網路攻擊騙很大
https://ec.ltn.com.tw/article/breakingnews/3096760

駭客利用疫情「釣魚」,以新冠病毒「corona」為名的網路攻擊事件升溫
https://www.techbang.com/posts/76846-hackers-use-outbreak-phishing-to-heat-up-cyber-attacks-in-the-name-of-the-new-corona-virus-corona

網路釣魚在去年高風險電子郵件中 占比達89%
https://money.udn.com/money/story/5613/4409545

【資訊瘟疫(上)】恐慌時刻的流言、網軍、駭客為何特別多
https://www.mirrormedia.mg/story/20200310intcoronavirusinfodemicone

【資訊瘟疫(下)】網軍利用恐慌操控人心 駭客散布虛擬病毒竊取個資
https://www.mirrormedia.mg/story/20200310intcoronavirusinfodemictwo

研究發現數以千計的指紋文件暴露在不安全的數據庫中
https://www.cnbeta.com/articles/tech/954233.htm

印度執法機構在最近的騷亂中使用人臉識別技術識別了1100多人
https://www.cnbeta.com/articles/tech/954401.htm

美FDA成立工作小組嚴打社交網絡上亂傳的COVID-19治療方案
https://www.cnbeta.com/articles/tech/954545.htm

歐盟與美科技巨頭合作打擊疫情網絡謠言防製造恐慌
https://www.cnbeta.com/articles/tech/954311.htm

Virgin Media Data Leak Exposes Details of 900,000 Customers
https://thehackernews.com/2020/03/virgin-media-data-breach.html

Hackers Compromise T-Mobile Employee' Email Accounts and Steal User' Data
https://thehackernews.com/2020/03/hackers-compromise-t-mobile-employees.html

A Massive U.S. Property and Demographic Database Exposes 200 Million Records
https://thehackernews.com/2020/03/us-property-records-database.html

Brazilian security firm leaks more than 25 GB of client and staff data
https://www.zdnet.com/article/brazilian-security-firm-exposes-more-than-25-gb-of-client-and-staff-data/

250,000+ Login/Passwords Leaked in The Trident Crypto Fund Data Breach
https://www.ehackingnews.com/2020/03/250000-loginpasswords-leaked-in-trident.html

Why the Wawa Data Breach Serves as a Warning That “Good Enough” is Never Enough
https://www.infosecurity-magazine.com/opinions/wawa-data-breach-warning/?utm_source=dlvr.it&utm_medium=twitter

Dutch government loses hard drives with data of 6.9 million registered donors
https://www.zdnet.com/article/dutch-government-loses-hard-drives-with-data-of-6-9-million-registered-donors/

E.研究報告
用 Shell Script 在 CentOS 7 上實現 ASP.NET Core 的藍綠部署
https://dotblogs.com.tw/supershowwei/2020/03/09/090027

加密流量檢測與態勢預警平台研究
https://mp.weixin.qq.com/s/4FGo3GgHtn6CDGeFatP3bw

黑客利用ssrf漏洞輕而易舉入侵內網!你的服務器危險了
https://zhuanlan.zhihu.com/p/111332264

Windows Service Tracing中的權限提升漏洞分析CVE-2020-0668
https://www.freebuf.com/vuls/227557.html

CVE-2020-2555:WebLogic遠程代碼執行漏洞
https://nosec.org/home/detail/4205.html

SonicWall SRA產品中的多個漏洞分析
https://www.sohu.com/a/378054669_354899

同形0 day漏洞被用於註冊惡意域名
https://www.4hou.com/posts/P534

Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains
https://www.soluble.ai/blog/public-disclosure-emoji-to-zero-day

黑客利用ssrf漏洞輕而易舉入侵內網!你的服務器危險了
https://zhuanlan.zhihu.com/p/111332264

Web安全Day9 - 檔案下載漏洞實戰攻防
https://copyfuture.com/blogs-details/202003072029025280hvd3fcu25iro37

使用威脅情報調查攻擊者
http://bit.ly/2PWbBRC

CVE-2020-0609&CVE-2020-0610:RDG中的兩個漏洞分析
https://4hou.win/wordpress/?p=40189

Windwos應急響應和系統加固(1)——Windwos操作系統版本介紹
https://www.cnblogs.com/catt1e/p/12376313.html

Windows應急響應和系統加固(2)——Windows應急響應的命令使用和安全檢查分析
https://www.cnblogs.com/catt1e/p/12377195.html

Windows應急響應和系統加固(3)——Windows操作系統的帳號角色權限
https://www.cnblogs.com/catt1e/p/12382077.html

Windows应急响应和系统加固(4)——Windows帐号角色权限的安全检查分析以及PowerShell的使用介绍
https://www.cnblogs.com/catt1e/p/12394503.html

Windows应急响应和系统加固(5)——WindowsPowerShell安全检查和分析
https://www.cnblogs.com/catt1e/p/12395297.html

Windows應急響應和系統加固(6)——Windows歷年高危漏洞介紹和分析
https://www.cnblogs.com/catt1e/p/12400575.html

Windows應急響應和系統加固(7)——Windows操作系統日誌分析
https://www.cnblogs.com/catt1e/p/12404731.html

Windows應急響應和系統加固(8)—— Windows IIS日誌提取和安全檢查分析
https://www.cnblogs.com/catt1e/p/12419529.html

Windows应急响应和系统加固(9)——Windows Apache日志提取和安全分析
https://www.cnblogs.com/catt1e/p/12419769.html

Windows应急响应和系统加固(10)——Nginx日志分析以及JBoss日志分析
https://www.cnblogs.com/catt1e/p/12422581.html

Windows應急響應和系統加固(11)——Weblogic各類漏洞的日誌分析和調查取證
https://www.cnblogs.com/catt1e/p/12437132.html

APT 分析及TTPs 提取
https://paper.seebug.org/1132/

IE遠程代碼執行漏洞(CVE-2020-0674) 分析
https://www.secrss.com/articles/17750

SweynTooth 低功耗藍牙漏洞分析
http://news.eeworld.com.cn/mp/BLE5CODER/a82923.jspx

Gopher協議在SSRF漏洞中的深入研究(附PY腳本)
https://zhuanlan.zhihu.com/p/112055947

自己動手DIY:路由器刷機改造
https://www.freebuf.com/geek/228825.html

攻擊者仍在利用SharePoint的漏洞展開大規模攻擊
https://4hou.win/wordpress/?p=40379

(Ab)using bash-fu to analyze recent Aggah sample
https://blog.malwarelab.pl/posts/basfu_aggah/?fbclid=IwAR0lXgSxzvRAy_RCG6RvCx1Par-p9SUjlYaiiTtDiWdpWGth8FK5tfhHGI4

15 BEST Digital Forensic Tools in 2020 [Free/Paid]
https://hackonology.com/blogs/15-best-digital-forensic-tools-in-2020-free-paid/

TAFOF-Unpacker
https://github.com/Tera0017/TAFOF-Unpacker/

MacRipper
https://github.com/Recruit-CSIRT/MacRipper

Emotet vs Trump – Deep Dive Analysis of a Killer Info-Stealer
https://www.cynet.com/blog/emotet-vs-trump-deep-dive-analysis-of-a-killer-info-stealer/

HTTP Asynchronous Reverse Shell - Asynchronous Reverse Shell Using The HTTP Protocol
https://www.kitploit.com/2020/03/http-asynchronous-reverse-shell.html

extended-xss-search
https://github.com/Damian89/extended-xss-search

Install Tor on Windows, (Kali) Linux and search The Dark Web
https://hackingpassion.com/install-tor-on-windows-kali-linux-and-search-the-dark-web/

Microsoft Exchange Control Panel (ECP) Vulnerability CVE-2020-0688 Exploited
https://www.volexity.com/blog/2020/03/06/microsoft-exchange-control-panel-ecp-vulnerability-cve-2020-0688-exploited/

Route Redistribution PPP Multilink mock configuration
https://ccie.internetworks.in/2019/12/route-redistribution-ppp-multilink-mock.html

Google Ads Self-XSS & Html Injection $5000
https://medium.com/@adonkidz7/google-ads-self-xss-html-injection-5000-52280da76c80

CVE-2020-0688: REMOTE CODE EXECUTION ON MICROSOFT EXCHANGE SERVER THROUGH FIXED CRYPTOGRAPHIC KEYS
https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys

Breaking TA505’s Crypter with an SMT Solver
https://labs.sentinelone.com/breaking-ta505s-crypter-with-an-smt-solver/

IoTGoat
https://github.com/scriptingxss/IoTGoat

PiDense
https://github.com/WiPi-Hunter/PiDense

NoXss
https://github.com/lwzSoviet/NoXss

HOW I HACKED A DOMAIN CONTROLLER IN AZURE DURING A PENETRATION TEST
https://www.secsignal.org/en/news/how-i-hacked-a-domain-controller-in-azure-during-a-penetration-test/

Excel Maldocs: Hidden Sheets
https://isc.sans.edu/diary/rss/25876

Introduction to EvtxEcmd (Evtx Explorer)
https://isc.sans.edu/diary/Introduction+to+EvtxEcmd+%28Evtx+Explorer%29/25858

AMIRA- To Analyse Automated Malware Incident Response
https://www.hackersonlineclub.com/amira-automated-malware-incident-response-and-analysis/

Multiple vulnerabilities found in Zyxel CNM SecuManager
https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html

2020 GLOBAL THREAT REPORT
https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 1 – Introduction & Configuration
https://www.mindpointgroup.com/blog/cyber-security/rest-assured-penetration-testing-rest-apis-using-burp-suite-part-1-introduction-configuration/

EmoCheck
https://github.com/JPCERTCC/EmoCheck/releases/tag/v0.0.2

Crescendo: Real Time Event Viewer for macOS
https://www.fireeye.com/blog/threat-research/2020/03/crescendo-real-time-event-viewer-for-macos.html

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
https://github.com/MiladMSFT/ThreatHunt

Years-long campaign targets hackers through trojanized hacking tools
https://www.zdnet.com/article/years-long-campaign-targets-hackers-through-trojanized-hacking-tools/#ftag=RSSbaffb68

WHO'S HACKING THE HACKERS: NO HONOR AMONG THIEVES
https://www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves

F.商業
奧義智慧 拿下亞洲最佳資安公司等多項大獎
https://money.udn.com/money/story/5613/4394703

team+介接Tableau數據分析軟體,線上防疫遠距工作不中斷
http://bit.ly/2xdf2N6

雲端商機刺激資安需求 安碁資訊周漲19%
https://news.cnyes.com/news/id/4449539

甲骨文預測十大雲端趨勢 九成IT任務將完全自動化
http://www.ctimes.com.tw/DispNews/tw/2003091812QW.shtml

WhiteSource研究報告:開源漏洞在2019年增長近50%
https://www.cnbeta.com/articles/tech/954837.htm

Silicon Labs新型Secure Vault技術 重新定義IoT裝置安全
http://www.ctimes.com.tw/DispProduct/tw/IoT/Silicon-Labs/2003091050Y5.shtml

Maxim發佈最高安全等級的IoT微控制器
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=13&id=0000580296_E4D1BJ58L1RRV253MPFLL

微軟發布五大資安要點,籲台廠應提前部署智慧資安
https://www.moneydj.com/KMDJ/News/NewsViewer.aspx?a=fe0348d1-2ebe-4dca-b806-6081e47c4945

Why Proxy-Based Firewalls Are Not Enough
https://blog.paloaltonetworks.com/2020/03/cloud-proxy-based-firewalls/

AT&T, Palo Alto Networks and Broadcom develop virtual firewall framework
https://www.zdnet.com/article/at-t-palo-alto-networks-and-broadcom-develop-virtual-firewall-framework/#ftag=RSSbaffb68

Microsoft's PowerShell 7 is generally available
https://www.zdnet.com/article/microsofts-powershell-7-is-generally-available/#ftag=RSSbaffb68

Panda Security Turns 30; Brand Set for Extinction After WatchGuard Buyout
https://www.cbronline.com/news/panda-security-watchguard

Mozilla is enabling encrypted DNS-over-HTTPS (DoH) by default for US Firefox users
https://betanews.com/2020/02/25/firefox-dns-over-https-default-doh/



G.政府
強化企業智慧財產經營管理計畫 2020年智財分級管理制度輔導申請須知
https://www.tips.org.tw/event_view.asp?sno=BDCHDK

警政民政多系統結合大數據 確診者足跡無所遁形
https://www.cna.com.tw/news/aipl/202003070179.aspx

超前部署 縣府規劃六處分區辦公地點
http://www.ksnews.com.tw/index.php/news/contents_page/0001351723

口罩2.0可網購民眾憂超商領貨「個資風險高」
https://news.ebc.net.tw/news/living/200427

台灣該如何吸取「eMask 口罩預購系統當機」經驗,把科技治國推得更遠更便利
https://buzzorange.com/techorange/2020/03/12/emask-system-crash/

台酒零缺失 通過ISO/IEC27001資安系統認證
http://bit.ly/33fgevn

公投、罷免電子連署 資安強化後隨時可上線
http://bit.ly/2xurnww

科技部練功有成!AI 戰略計畫培訓 2000 人才,讓台灣成為國際重鎮
https://buzzorange.com/techorange/2020/03/11/most-ai/

H.工控系統/SCADA/ICS
【工業互聯網安全專欄】工業互聯網智能設備安全的思考
https://mp.weixin.qq.com/s/r75tAFIUD7a5esWm3rDGNQ

研究:83%的醫學影像連網裝置執行老舊的作業系統
https://ithome.com.tw/news/136295

專家警告,全美眾多連網醫療裝置,因多種原因易遭駭侵
https://www.twcert.org.tw/tw/cp-104-3428-af07e-1.html

I.教育訓練
如何在蘋果電腦 macOS 安裝 Python 人工智慧套件
https://tw.openrobot.org/article/index?sn=11703

什麼是 Cookie?如何管理Cookie,防範網路隱私外洩?
https://blog.trendmicro.com.tw/?p=63387

結合漏洞、ssrf-lab學習SSRF漏洞
https://xz.aliyun.com/t/7333

Reverse Engineering: It was all a dream
https://medium.com/@amhoume/reverse-engineering-it-was-all-a-dream-c10db07e0979

Hack the Box - Bankrobber
https://padraignix.github.io/hack-the-box/2020/03/07/htb-machine-bankrobber/

Cyber forensics and incident response study plan
https://www.peerlyst.com/posts/cyber-forensics-and-incident-response-study-plan-karl-m-1

How to get started in Cyber security
https://www.peerlyst.com/posts/how-to-get-started-in-cyber-security-serkan-demirhan

Hacking Security Ebooks
https://hackingresources.com/hacking-security-ebooks/

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
Baby Camera嬰兒監視器或存保安漏洞 屋企24小時受黑客監視
http://bit.ly/2wEPOH3

歐洲研究:駭客利用 Keyless 漏洞偷車,Tesla 遭點名有失竊風險!
https://auto.ltn.com.tw/news/14849/7

車鑰匙加密技術漏洞,逾百萬日韓車輛有被偷危機
https://technews.tw/2020/03/09/dismantling-dst80-based-immobiliser-systems/

研究:汽車防盜系統含漏洞,豐田、現代及Kia全遭殃
https://www.ithome.com.tw/news/136244

These Chinese hackers tricked Tesla’s Autopilot into suddenly switching lanes
https://www.cnbc.com/2019/04/03/chinese-hackers-tricked-teslas-autopilot-into-switching-lanes.html

用LoRaWAN連結IoT裝置就保證安全
https://www.eettaiwan.com/news/article/20200310NT01-how-secure-is-your-lorawan-iot-device

清查具有Kr00k漏洞的連網設備,目前已有多家廠商發出公告
https://www.ithome.com.tw/news/136257

6.近期資安活動及研討會
人工智慧小聚 - 新竹 ◤從 RNN 到 Attention,自然語言處理的前世今生◢ ◤字型生成經驗分享◢ 3/18
https://www.meetup.com/AIA-Hsinchu/events/268649939/

Scala Taiwan #37 3/18
https://www.meetup.com/Scala-Taiwan-Meetup/events/267899692/

韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html

Taipei.py 2020 三月聚會 (March Monthly Meeting) 3/19
https://www.meetup.com/Taipei-py/events/268681120/

Study Group - Clean Coder 3/19
https://www.meetup.com/Women-Who-Code-Taipei/events/jlmfprybcfbzb/

數據分析與機器學習案例實務(一)以PM2.5為例 3/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3888&from_course_list_url=course_index

Taipei 暗号通貨 (Cryptocurrency) Meetup 3/25
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcfbhc/

Thinking Thursday 第七場 3/26
https://www.meetup.com/Thinking-Thursday/events/266911452/

Flutter Taipei 2020 暖開幕 | Warm Up Party 3/27
https://www.meetup.com/Flutter-Taipei/events/269033933/

交通大學駭客書院 - 緩衝區溢位攻擊與預防 3/28
https://hackercollege.nctu.edu.tw/?p=1141

black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/

Kaspersky® Security Analyst Summit  4/6 ~ 4/9
https://thesascon.com/

QGIS地理資訊研習班 4/8 ~ 4/9
https://www.accupass.com/event/2002120936323517290110

邊緣計算系統之大數據與深度學習應用 4/10
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3883&from_course_list_url=course_index

第二屆ICANN APAC-TWNIC Engagement Forum 與第34屆TWNIC IP政策資源管理會議 4/16
https://forum.twnic.tw/2020/registration.htm

交通大學駭客書院 -入侵行為發覺與應變指南 4/18
https://hackercollege.nctu.edu.tw/?p=1144

VXCON 2020 - APAC  4/18 ~ 4/19
https://www.vxcon.hk/

2020全方位資訊安全人才培育計畫 4/21 ~ 6/16
http://service.tabf.org.tw/tw/user/409646/

2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore  4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/

Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/

亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html

交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147

2020 LINE Taiwan Developers Recruitment Day  4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/

交通大學駭客書院 -     基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151

交通大學駭客書院 -     電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156

Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/

交通大學駭客書院 -     進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159

邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index

交通大學駭客書院 -     高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161

交通大學駭客書院 -     企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164

CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/


沒有留言:

張貼留言

資安事件新聞週報 2020/9/14 ~ 2020/9/18

    資安事件新聞週報 2020/9/14  ~  2020/9/18 1.重大弱點漏洞/後門/Exploit/Zero Day PAN-OS之Captive Portal或多因素驗證(Multi-Factor Authentication, MFA)介面存在安全漏洞(CVE-...