資安事件新聞週報 2020/4/13 ~ 2020/4/17
1.重大弱點漏洞/後門/Exploit/Zero Day
Webhooks URL洩漏可致Slack用戶受釣魚攻擊
https://www.ithome.com.tw/news/137038
多款Fortinet產品資源管理錯誤漏洞
https://fortiguard.com/psirt/FG-IR-19-013
駭客找出 Safari「零日漏洞」!蘋果反而祭出百萬獎金
https://3c.ltn.com.tw/news/40007
Oracle Hyperion Financial Reporting 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2769
Oracle JD Edwards EnterpriseOne Tools 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2733
VMware修補vCenter Server高風險漏洞
https://www.ithome.com.tw/news/136958
WebSphere 遠程代碼執行漏洞
https://nosec.org/home/detail/4438.html
下載超過1億的SuperVPN存在中間人攻擊漏洞尚未修補,遭Google下架
https://www.ithome.com.tw/news/136911
FreeRDP 發佈安全更新 連續修復 6 個由知道創宇 404 實驗室提交的 CVE 漏洞
https://www.chainnews.com/zh-hant/articles/281226761296.htm
uppy npm package服務器端請求偽造漏洞
https://www.npmjs.com/package/uppy
Tencent QQBrowser 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10551
Dell releases new tool to detect BIOS attacks
https://www.zdnet.com/article/dell-releases-new-tool-to-detect-bios-attacks/
微軟發表四月「Patch Tuesday」資安修補包,共修復 113 個資安漏洞
https://www.twcert.org.tw/tw/cp-104-3550-3fde3-1.html
微軟修補113個零時差漏洞,有3個已遭開採
https://www.ithome.com.tw/news/136999
Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
https://blog.talosintelligence.com/2020/04/vuln-spotlight-microsoft-media-foundation-april-2020.html
Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
https://blog.talosintelligence.com/2020/04/microsoft-patch-tuesday-april-2020.html
Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild
https://thehackernews.com/2020/04/windows-patch-update.html
Microsoft rolls out Windows 10 2004 release preview ahead of expected May release to mainstream users
https://www.zdnet.com/article/microsoft-rolls-out-windows-10-2004-release-preview-ahead-of-expected-may-release-to-mainstream-users/
April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities
https://newsroom.trendmicro.com/blog/security-intelligence/april-patch-tuesday-fixes-font-related-microsoft-sharepoint-windows-compo
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
去年底遭勒索軟體入侵的Travelex,傳出是付贖金才救回檔案
https://www.ithome.com.tw/news/136921
天價!全球最大外匯經紀商遭駭客勒索停擺,交付6900萬比特幣贖金擺平 (Travelex)
https://www.blocktempo.com/travelex-paid-ransom/
一文解析 Open Banking 發展概況:「資安」將是今年最大的挑戰
https://buzzorange.com/techorange/2020/04/10/taiwanese-open-banking-situation/
中國大陸「淨網2019」警惕微信綁定信用卡存在的漏洞
https://ek21.com/news/tech/191230/
警惕駭客通過註入iFrame分離器以竊取支付數據
https://ek21.com/news/tech/191151/
疫情居家隔離購物需求爆增,駭客組織鎖定小型購物商城網站下手,側錄交易資料
https://www.ithome.com.tw/news/136919
Switch玩家注意!任天堂指盜用信用卡情況嚴重 設定兩步驗證教學
https://bit.ly/2xeuFVb
抗疫這一仗…FinTech加速進化
https://money.udn.com/money/story/5613/4483501
3要件一旦啟動 券商操盤手、接單營業員可居家辦公
https://tw.appledaily.com/property/20200410/2TCEK2WAQPOBS7Z7IWXNLNLSTA/
衝數位金融 永豐金挖萬幼筠掌兵符
https://www.chinatimes.com/newspapers/20200414000230-260205?chdtv
開放銀行第二階段 TSP業需超前部署
https://www.chinatimes.com/realtimenews/20200414004786-260410?chdtv
開放銀行第二階段技術與安控規範方向曝光,政大也將推TSP法遵合規輔導服務
https://www.ithome.com.tw/news/137002
促台開放銀行發展 合規驗證標準待建立
https://www.chinatimes.com/realtimenews/20200414003494-260410?chdtv
2/3金融業 啟動在家上班
https://money.udn.com/money/story/5613/4492412
超前部署!金融三業已三分之二、212家異地或居家辦公
https://money.udn.com/money/story/5613/4491857
首家金控率先通報彈性上班 金管會:原則尊重
https://money.udn.com/money/story/5613/4497102
英國TSB銀行急推線上真人客服,讓250名居家上班員工仍能服務客戶
https://www.ithome.com.tw/news/137010
人力銀行:金融業受惠於電商金融 工作數大增一成
https://money.udn.com/money/story/5648/4493441
小心!交易所提示:這款交易軟件有漏洞,存在被破解風險
https://finance.ifeng.com/c/7vhPfLb46ls
現金撲滅!使用電子貨幣與信用卡的智慧生活
https://bit.ly/2K8o0yn
Central Bank of Brazil tests settlement infrastructure for instant payments
https://www.zdnet.com/article/central-bank-of-brazil-tests-settlement-infrastructure-for-instant-payments/#ftag=RSSbaffb68
3.電子支付/電子票證/行動支付/ pay/新聞及資安
2020展望未來十年:支付安全需要嶄新策略思維
https://www.bnext.com.tw/article/57267/mobile-payment-safe
4.虛擬貨幣/區塊鍊相關新聞及資安
北富銀區塊鏈錢包中止實驗 我金融監理出沙盒已達二件
https://money.udn.com/money/story/5613/4494165
全台首案區塊鏈沙盒富邦「Bagel Pay」提前畢業!不排除二度實驗跨境支付
https://blockcast.it/2020/04/16/fubon-bagel-pay-completed-sandbox-experiment/
STO交易也要課證交稅 財政部:稅率千分之1
https://money.udn.com/money/story/5613/4497147
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
突然爆發的勒索軟體WannaRen溯源分析 折騰一圈好像沒人付贖金
https://ek21.com/news/tech/191276/
中國出現新的勒索軟體WannaRen大規模攻擊,臺灣用戶要小心加以防範
https://www.ithome.com.tw/news/136943
比「WannaCry」更難搞的勒索病毒「WannaRen」在中國爆發
https://buzzorange.com/techorange/2020/04/14/antivirus-software-companies-find-decryption-keys-for-wannaren/
回顧WannaRen勒索病毒一生:從傳播到解密享年6天
https://www.huorong.cn/info/1586519906455.html
勒索病毒攻擊增五倍!微軟戮力強化遠距工作與學習之資安防護網
https://www.bnext.com.tw/article/57268/microsoft-teams-dcu
國際刑警組織:針對醫院進行的勒贖攻擊快速增加中
https://www.twcert.org.tw/tw/cp-104-3527-245e8-1.html
取貨簡訊有假! 網址藏病毒恐竊個資
https://bit.ly/2VbZLpA
Hoaxcalls 僵屍網絡針對 Grandstream 設備中關鍵漏洞
https://www.chainnews.com/zh-hant/articles/168793991568.htm
Grandstream and DrayTek Devices Exploited to Power New Hoaxcalls DDoS Botnet
https://unit42.paloaltonetworks.com/new-hoaxcalls-ddos-botnet/
DrayTek Vigor企業級路由器和交換機設備在野0天漏洞分析報告
https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices/
Raccoon浣熊病毒利用Google Cloud Services及多種派送技術竊取帳密 、信用卡等資訊
https://blog.trendmicro.com.tw/?p=63895
中國駭客HUAPI的惡意後門程式BiFrost分析
https://bit.ly/2XCvhym
設定不當的 Docker 服務API端口導致 Kinsing 惡意軟體攻擊
https://blog.trendmicro.com.tw/?p=63939
Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset
https://thehackernews.com/2020/04/how-to-remove-xhelper-malware.html
Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild
https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
Linux Malware: The Truth About This Growing Threat
https://linuxsecurity.com/features/features/linux-malware-the-truth-about-this-growing-threat?showall=1
Malware Theory - Network Worm Basics
https://www.youtube.com/watch?v=LxajkPFJsIo&feature=emb_title
BetterBackdoor - A backdoor with a multitude of features
https://hakin9.org/betterbackdoor-a-backdoor-with-a-multitude-of-features/
Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic
https://thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html
TA505 Continues to Infect Networks With SDBbot RAT
https://securityintelligence.com/posts/ta505-continues-to-infect-networks-with-sdbbot-rat/
Tekya Malware Threatens Millions of Android Users via Google Play
https://threatpost.com/tekya-malware-android-google-play/154064/
2020-04-13 - QUICK POST: QAKBOT (QBOT) SPX95 INFECTION
https://www.malware-traffic-analysis.net/2020/04/13/index.html
2020-04-13 - QUICK POST: PCAPS FOR TWO TRICKBOT INFECTIONS
https://www.malware-traffic-analysis.net/2020/04/13/index2.html
2020-04-14 - TWO INFECTIONS FOR GULOADER WITH NETWIRE RAT
https://www.malware-traffic-analysis.net/2020/04/14/index.html
2020-04-15 - HANCITOR MALSPAM AND INFECTION TRAFFIC
https://www.malware-traffic-analysis.net/2020/04/15/index.html
2020-04-16 - QAKBOT (QBOT) SPX98
https://www.malware-traffic-analysis.net/2020/04/16/index.html
Emotet, Ryuk, TrickBot: 'Loader-Ransomware-Banker Trifecta'
https://www.bankinfosecurity.com/emotet-ryuk-trickbot-loader-ransomware-banker-trifecta-a-14126
Understanding the relationship between Emotet, Ryuk and TrickBot
https://blog.intel471.com/2020/04/14/understanding-the-relationship-between-emotet-ryuk-and-trickbot/
Malware Risk Higher for Those Working at Home: Report
https://www.bankinfosecurity.com/malware-risk-higher-for-those-working-at-home-report-a-14128
PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html
Coronavirus Update App Leads to Project Spy Android and iOS Spyware
https://newsroom.trendmicro.com/node/4810
Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository
https://thehackernews.com/2020/04/rubygem-typosquatting-malware.html
SentinelOne researcher trolled in new MBRLocker ransomware campaign
https://www.zdnet.com/article/sentinelone-researcher-trolled-in-new-mbrlocker-ransomware-campaign/#ftag=RSSbaffb68
MBRLocker Wiper Malware | Destructive Pranks Are No Joke For Victims
https://www.sentinelone.com/blog/mbrlocker-wiper-malware-destructive-pranks-are-no-joke-for-victims/
B.行動安全 / iPhone / Android /穿戴裝置 /App
用 Google Hangouts Meet 取代 Zoom,付費服務即日起到 9 月底都免費
https://m.eprice.com.tw/smartos/talk/4504/5503268/1/
Zoom爆出資安漏洞!教育部緊急禁用為何引發教授師生論戰
https://bit.ly/3b0Wxe0
多國間諜用Zoom監視海外活動 中共最活躍
https://www.soundofhope.org/post/365212?lang=b5
聯調局警告Zoom有安全風險 美國軍方和政府僱員仍在使用
https://www.voacantonese.com/a/us-military-government-workers-still-use-zoom-despite-fbi-warning-20200410/5368244.html
每個Zoom帳戶都能被破解 用戶審核曾現嚴重漏洞 Zoom已馬上修補
https://unwire.hk/2020/04/10/zoombug/tech-secure/
資安漏洞屢遭爆 Zoom拉來臉書前安全長當救援投手
https://newtalk.tw/news/view/2020-04-10/389309
黑客入侵網上課堂性騷擾女學生 新加坡禁用Zoom教學
https://bit.ly/2RxYsyP
Zoom系統遭駭變「色情視訊」 新加坡宣佈教育課程停用
https://ec.ltn.com.tw/article/breakingnews/3129509
教育部封殺Zoom的恐怖
https://www.bnext.com.tw/article/57269/zoom-shut-out
Zoom與GDPR
https://talk.ltn.com.tw/article/paper/1365092
Zoom疫市爆升後急挫 網絡安全掀多處禁用 分析師下調評級:用戶免費轉付費挑戰大
https://bit.ly/3c3L2CC
通識導賞:Zoom安全漏洞拆解 刪除不一定保平安
https://bit.ly/34yNX3M
到底要不要用 Zoom 是假議題,真議題是台灣嚴重的數位落差一直存在
https://bit.ly/2y4FbOO
ZOOM詐騙手法被日本人挖出 「鬍渣叔變鄰家妹」被咖啡杯成功破解
https://www.ettoday.net/dalemon/post/49618
德國、美國與澳洲都部份封鎖Zoom的使用
https://www.ithome.com.tw/news/136910
Zoom再曝資安危機 數百用戶個資外洩轉賣到暗網
https://www.bldaily.com/news/p-454313.html
你還在用Zoom嗎?德媒:Zoom將中國伺服器納入白名單,你的資料可能被「送中」
https://www.storm.mg/article/2505956
首家大型銀行禁用!路透:渣打通知員工勿用Zoom
https://ec.ltn.com.tw/article/breakingnews/3134327
53 萬 Zoom 帳號出現在暗網上,花旗銀、摩根大通都有中
https://buzzorange.com/techorange/2020/04/15/zoom-passwords-on-darkweb/
Zoom security: Getting the settings right
https://www.welivesecurity.com/2020/04/10/zoom-security-getting-settings-right/
Zoom Disables File Sharing After Finding Potential Security Vulnerability
https://hotforsecurity.bitdefender.com/blog/zoom-disables-file-sharing-after-finding-potential-security-vulnerability-22952.html
Brazilian food and drug regulator bans Zoom
https://www.zdnet.com/article/brazilian-food-and-drug-regulator-bans-zoom/#ftag=RSSbaffb68
Compromised Zoom Credentials Swapped in Underground Forums
https://threatpost.com/compromised-zoom-credentials-underground-forums/154616/
Zoom又傳資料外洩,53萬筆帳密流入暗網
https://www.ithome.com.tw/news/136965
Stolen Zoom Credentials: Hackers Sell Cheap Access
https://www.bankinfosecurity.com/stolen-zoom-credentials-hackers-sell-cheap-access-a-14133
Securing your Zoom Meetings From All The Wrong Places
https://www.zerofox.com/blog/zoom-threats/
Over 500,000 Zoom accounts sold on hacker forums, the dark web
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
上百組免費送…ZOOM再爆駭客暗網賣帳號 超過50萬組還賣不到1元
https://udn.com/news/story/11017/4490100
Zoom再傳53萬組個資被賤賣!每組帳密只要0.06元
https://www.setn.com/News.aspx?NewsID=725786
ZOOM 再爆駭客暗網賣帳號,這次受害超過 50 萬組還賣不到一美分
https://www.inside.com.tw/article/19503-over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web
資安危機升級,超過 50 萬組 Zoom 帳密外流,獨家揭露駭客威脅信
https://technews.tw/2020/04/15/500000-zoom-accounts-sale-on-darkweb-hacker-mail-reveal/
慣用「同組帳密」恐遭殃!Zoom用戶遭勒索兩千美元…記者揭駭客黑函全文
https://www.businessweekly.com.tw/focus/blog/3002218
Zoom爆出50萬組帳號放暗網賤賣,到底駭客是怎麼破解密碼
https://www.bnext.com.tw/article/57298/zoom-cybersecurity-darkweb
當新冠病毒遇到駭客病毒:談Zoom的資安事件
https://bit.ly/34DDzI3
政府機關Zoom多年 突然發現資安危機
https://bit.ly/2RDw2DH
救用戶信心?Zoom歷經資安風暴出招改用戶會議ID 盼能減少惡意外流
https://cnews.com.tw/137200413a03/
資安疑慮不斷 Zoom宣布付費用戶可禁用大陸伺服器
https://www.chinatimes.com/realtimenews/20200414003697-260412?chdtv
Zoom security: Your meetings will be safe and secure if you do these 10 things
https://www.zdnet.com/article/make-sure-your-zoom-meetings-are-safe-by-doing-these-10-things/#ftag=RSSbaffb68
Zoom攻擊程式在黑市叫價50萬美元
https://www.ithome.com.tw/news/137044
高中用Zoom上網課被駭 遭植入種族仇恨語音圖像
https://bit.ly/2XDTEMl
遭盜6.4萬美元 婦女疑用Zoom視頻開會導致
https://www.epochtimes.com/b5/20/4/16/n12037525.htm
由中國發金鑰的 Zoom、 臉腫的教育部、 很政治的技術物
https://www.techbang.com/posts/77810-zoom-from-china-the-ministry-of-education-with-swelling-very-political-technical-material
Zoom-bombing disrupted a House Oversight Committee meeting
https://www.zdnet.com/article/zoom-bombing-disrupted-a-house-oversight-committee-meeting/#ftag=RSSbaffb68
擔心資安問題?唐鳳都在用的三款視訊軟體 Sandstorm、Rocket Chat、Jitsi Meet 是什麼
https://agirls.aotter.net/post/57147
不只Zoom 連這家科技巨擘的視訊軟體也有疑慮
https://money.udn.com/money/story/5599/4494231
安全公司發現數十個 iOS 應用程式,以免費試用之名行詐騙之實
https://www.kocpc.com.tw/archives/316720
果粉別當冤大頭!資安業者揭露32款App「試用期」過後會自動扣款
https://3c.ltn.com.tw/news/40078
Sophos發現逾30個iOS敲詐程式 合共騙取約港幣3.4億元
https://bit.ly/2RG0dKi
新研究發現,假指紋解鎖手機通過率高達80%
https://news.knowing.asia/news/d4587955-018c-40fb-af24-f20b4001bd2f
iPhone版 安裝教學與APK檔下載,還有山寨版動物之森App
https://applealmond.com/posts/70069
這招必學 LINE聊天紀錄自動備份iPhone用戶獨享
https://www.chinatimes.com/realtimenews/20200414004430-260412?chdtv
駭客偽冒中華郵政APP進行殭屍網路攻擊事件
https://www.twcert.org.tw/tw/cp-15-3548-f4420-1.html
Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices
https://thehackernews.com/2020/04/iphone-android-coronavirus-tracing.html
Kernel vulnerabilities in Android devices using Qualcomm chips explored
https://www.zdnet.com/article/technical-details-of-kernel-vulnerabilities-in-android-devices-using-qualcomm-chips-revealed/
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
2020年3月十大資安新聞
https://www.ithome.com.tw/news/136618
資安是一場永遠沒有終點的戰爭
https://bit.ly/3eoNGok
2童亡命!電腦鬼才助刑事局辦案 分析爸臉書嘆:心情很複雜
https://www.ettoday.net/news/20200415/1692355.htm
東京車站廣告牆被 Windows 7 藍畫面攻佔 大量日本網友惡搞,就像是被遺棄的城市
https://www.kocpc.com.tw/archives/317334
發布資安報告的 Citizen Lab 表示自由時報錯誤的解讀他們的報告
https://cofacts.g0v.tw/reply/4Q-Yd3EBrhVJn3LNJ64H
居易路由器與交換器漏洞遭鎖定,已出現兩起攻擊行動
https://www.ithome.com.tw/news/137006
Palo Alto Networks 警告:老舊作業系統,為醫療影像裝置帶來新威脅
http://www.netadmin.com.tw/netadmin/zh-tw/snapshot/A51DB66989C940249063EAF529F04AE8
拒絕付款後,SpaceX、特斯拉、波音的機密文件遭駭客洩露
https://news.knowing.asia/news/2398e12d-7bb3-44ab-807e-871ece8e2c9c
恫嚇4遊戲業者網路攻擊恐嚇取財 駭客遭起訴
https://gotv.ctitv.com.tw/2020/04/1259530.htm
WFH考驗的不僅是設備與數位能力 團隊情感與職場新信任關係 才是成功關鍵
https://csr.cw.com.tw/article/41404
國際資安組織SANS提供免費員工居家資安意識培訓包Work from Home Deployment Kit
https://www.ithome.com.tw/news/136893
疫情期間駭客攻擊大增50%!遠距工作夠便利 資安保護機制卻沒跟上
https://news.sina.com.tw/article/20200410/34822596.html
說自己牢不可破卻一下就被攻陷,智慧鎖業者Tapplock與FTC和解並承諾改善
https://www.ithome.com.tw/news/136922
殭屍網路盯上微軟,駭客用 MS-SQL 資料程式庫挖礦近兩年,每天攻擊近 3 千個資料庫
https://technews.tw/2020/04/13/the-vollgar-campaign-ms-sql-servers-under-attack/
攻擊朱鎮模河正宇手機的駭客被抓獲 共敲詐勒索6億韓元財物
http://n.yam.com/Article/20200410620487
「白帽者」辯護無效 「天才駭客」張啟元駭入高鐵系統判6月
https://m.ltn.com.tw/news/society/breakingnews/3130566
駭客天才張啟元入侵高鐵 花40元詐20萬遭判6月
https://www.chinatimes.com/realtimenews/20200411003350-260402?ctrack=mo_main_rtime_p01&chdtv
曾破解LINE漏洞獲60萬獎金!白帽駭客張啟元「入侵高鐵系統抓Bug」遭判6月
https://www.ettoday.net/news/20200412/1689449.htm
利用網絡漏洞入侵群聊聚眾賭博,一團伙落網
http://pc.nfapp.southcn.com/78/3391978.html
當中國駭客竊取健保資料—啟動藍色防禦
https://ladopost.com/newsDetail4.php?ntId=32&nId=3449
藍委萬美玲稱:被中國監控可了解台灣價值 學者:真的心累
https://www.setn.com/news.aspx?NewsID=723072
用被中國監控傳遞台灣價值 律師諷藍委:床戰被偷看也要覺得榮幸
https://tw.appledaily.com/politics/20200410/5JJVTW44MTX3KWQMOC75ZKTAIM/
強國疫情還很糟!中國刪帖員:比平常更忙
https://news.ltn.com.tw/news/world/breakingnews/3131347
中國被抓包違反國際法 習近平面臨「賠錢、開戰」二擇一難題
https://www.cmmedia.com.tw/home/articles/20784
美國有意撤回中國電信在美國的經營許可
https://www.ithome.com.tw/news/136928
美國防部大批員工在家上班成漏洞?傳中、俄駭客活動劇增
https://m.ltn.com.tw/news/world/breakingnews/3134189
美國紐約州官員調查駭客入侵州政府電腦網路事件
https://on.wsj.com/3baNyqD
德國資安公司從 eBay 買到裝有機密資料的軍用筆電
https://bit.ly/2JW1it9
「通行證」申請上線就當機 莫斯科:被駭了
https://news.ltn.com.tw/news/world/breakingnews/3132373
澳洲政府公布借COVID-19疫情為名進行駭侵攻擊的多種樣態
https://www.twcert.org.tw/tw/cp-104-3549-16948-1.html
疫苗研發正夯 美機構遭外國駭客鎖定
https://bit.ly/2XEsGnL
Threat Update: COVID-19 Malicious Cyber Activity
https://www.cyber.gov.au/threats/threat-update-covid-19-malicious-cyber-activity
UK Cyber Body Offers Practical Guidelines on Dealing with Coronavirus-Themed Cyber Threats
https://bit.ly/2yj68OU
7 Ways Hackers and Scammers Are Exploiting Coronavirus Panic
https://thehackernews.com/2020/04/cronavirus-hackers.html
Threat Actors Migrating to the Cloud
https://research.checkpoint.com/2020/threat-actors-migrating-to-the-cloud/
Researcher Devises PowerPoint Attack that Executes Binary Just with Mouse Hover
https://hotforsecurity.bitdefender.com/blog/researcher-devises-powerpoint-attack-that-executes-binary-just-with-mouse-hover-22949.html
Hover_with_Power
https://github.com/ethanhunnt/Hover_with_Power/blob/master/README.md
荷蘭、FBI、歐盟警察一周破獲15個DDoS殭屍網路
https://www.ithome.com.tw/news/136944
Dutch police take down 15 DDoS services in a week
https://www.zdnet.com/article/dutch-police-take-down-15-ddos-services-in-a-week/#ftag=RSSbaffb68
Politie houdt verdachte aan voor DDoS-aanval op MijnOverheid.nl
https://www.politie.nl/nieuws/2020/april/10/03-politie-houdt-verdachte-aan-voor-ddos-aanval-op-mijnoverheid.nl.html
Gambling company to set aside $30 million to deal with cyber-attack fallout
https://www.zdnet.com/article/gambling-company-to-set-aside-30-million-to-deal-with-cyber-attack-fallout/#ftag=RSSbaffb68
SEC settles with two suspects in EDGAR hacking case
https://www.zdnet.com/article/sec-settles-with-two-suspects-in-edgar-hacking-case/#ftag=RSSbaffb68
Dutch Police Shutter 15 DDoS 'Booter' Sites
https://www.bankinfosecurity.com/dutch-police-shutter-15-ddos-booter-sites-a-14108
Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys
https://www.zdnet.com/article/exclusive-google-removes-49-chrome-extensions-caught-stealing-crypto-wallet-keys/#ftag=RSSbaffb68
美國舊金山國際機場遭駭客入侵,用戶憑證被竊
https://www.ithome.com.tw/news/136946
舊金山國際機場網站被駭,可能是俄羅斯駭客所為
https://www.ithome.com.tw/news/137043
Russian state hackers behind San Francisco airport hack
https://www.zdnet.com/article/russian-state-hackers-behind-san-francisco-airport-hack/#ftag=RSSbaffb68
Hackers Breach San Francisco Airport Websites
https://www.bankinfosecurity.com/hackers-breach-san-francisco-airport-websites-a-14105
Apple blocks third-party cookies in Safari
https://www.zdnet.com/article/apple-blocks-third-party-cookies-in-safari/
'My bad': Minister apologises for MyGov hack claim
https://www.afr.com/politics/federal/my-bad-minister-apologises-for-mygov-hack-claim-20200324-p54dau
Wappalyzer discloses security breach after hacker starts emailing users
https://www.zdnet.com/article/wappalyzer-discloses-security-breach-after-hacker-starts-emailing-users/#ftag=RSSbaffb68
美政府公開北韓「加密犯罪清單」! 呼籲切斷發展武器資金流
https://blockcast.it/2020/04/16/us-published-list-of-crypto-crimes-related-to-north-korea/
美國政府懸賞500萬美元徵求北韓駭客資訊
https://www.ithome.com.tw/news/137024
US offers $5 million reward for information on North Korean hackers
https://www.zdnet.com/article/us-offers-5-million-reward-for-information-on-north-korean-hackers/#ftag=RSSbaffb68
New tool detects AWS intrusions where hackers abuse self-replicating tokens
https://www.zdnet.com/article/new-tool-detects-aws-intrusions-where-hackers-abuse-self-replicating-tokens/#ftag=RSSbaffb68
Researchers: Fake Fingerprints Can Bypass Biometric Sensors
https://www.bankinfosecurity.com/researchers-fake-fingerprints-bypass-biometric-sensors-a-14122
Hackers Made the Snoo Smart Bassinet Shake and Play Loud Sounds
https://www.wired.com/story/snoo-smart-bassinet-vulnerabilities-shaking-loud-noise/
Linksys asks users to reset passwords after hackers hijacked home routers last month
https://www.zdnet.com/article/linksys-asks-users-to-reset-passwords-after-hackers-hijacked-home-routers-last-month/#ftag=RSSbaffb68
Academics steal data from air-gapped systems using PC fan vibrations
https://www.zdnet.com/article/academics-steal-data-from-air-gapped-systems-using-pc-fan-vibrations/#ftag=RSSbaffb68
達友科技/資安工程師-技術中心(上班地點:臺北市)
https://www.104.com.tw/job/6x1g2
【本年度燙金職業出爐】全世界都想招聘「資安工程師」,履歷投起來吧
https://buzzorange.com/techorange/2020/04/13/security-engineer-is-getting-more-popular/
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
Cisco WebEx 視訊會議用戶,近來遭到詐騙更新訊息攻擊
https://www.twcert.org.tw/tw/cp-104-3526-63a65-1.html
陸網民假冒台人 調查局抓到了!追假消息 調查局大材小用
https://www.chinatimes.com/newspapers/20200411000468-260106?chdtv
共網軍裝台人「向譚德塞道歉」 網友募資反攻
http://www.ntdtv.com.tw/b5/20200410/video/268221.html
百篇道歉文都假的! 調查局:超前部署、揪假消息
https://bit.ly/3a02cja
前第一金控董座陳建隆被「洗美金」騙千萬 主犯判刑3年半
https://www.chinatimes.com/realtimenews/20200412002761-260402?chdtv
英相強森傳訊求「金援500」? 簡體字露餡網友笑翻
https://m.ltn.com.tw/news/life/breakingnews/3132452
利用網站漏洞賺大錢?一女子被“網絡朋友”騙走 11 萬
https://www.chainnews.com/zh-hant/articles/192394420215.htm
利用系統升級漏洞,27人盜刷“快手”672萬元獲刑
http://www.bjnews.com.cn/news/2020/04/15/717062.html
「預計送貨日期,請確認地址」口罩詐騙簡訊?點了會發生什事
https://mrmad.com.tw/estimated-delivery-scam
Deepfake模擬人聲太真實!一通電話騙走CEO近千萬
https://www.bnext.com.tw/article/57306/deepfake-internet-fraud
網絡釣魚詐騙案增 網絡保安公司籲企業做好準備
https://bit.ly/2RKJsO8
Phishing kit prices skyrocketed in 2019 by 149%
https://www.zdnet.com/article/phishing-kit-prices-skyrocketed-in-2019-by-149/#ftag=RSSbaffb68
Sextortion emails and porn scams are back – don’t let them scare you!
https://nakedsecurity.sophos.com/2020/04/10/sextortion-emails-and-porn-scams-are-back-dont-let-them-scare-you/
Maropost customer database exposes 95 million email records
https://hotforsecurity.bitdefender.com/blog/maropost-customer-database-exposes-95-million-email-records-22955.html
Beware of Shady Websites Pushing Pharmaceuticals for COVID-19
https://hotforsecurity.bitdefender.com/blog/beware-of-shady-websites-pushing-pharmaceuticals-for-covid-19-22946.html
Account details for 4 million Quidd users shared on hacking forum
https://www.zdnet.com/article/account-details-for-4-million-quidd-users-shared-on-hacking-forum/#ftag=RSSbaffb68
TikTok Vulnerability Enables Hackers to Show Users Fake Videos
https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/
E.研究報告
微軟偵測到大規模鎖定K8s的挖礦攻擊
https://www.ithome.com.tw/news/136912
挖洞經驗| 利用XML和ZIP格式解析漏洞實現RCE
https://www.freebuf.com/vuls/228592.html
Detect large-scale cryptocurrency mining attack against Kubernetes clusters
https://azure.microsoft.com/zh-tw/blog/detect-largescale-cryptocurrency-mining-attack-against-kubernetes-clusters/
CVE-2020-10882: TP-Link 命令注入漏洞通告
https://blog.csdn.net/weixin_45728976/article/details/105417995
【CVE-2018-20250】WinRAR漏洞淺談
https://juejin.im/post/5e8ed9046fb9a03c2f4e0e41
深藏在Excel 4.0巨集工作表的可疑公式
https://blog.trendmicro.com.tw/?p=63915
溢出型漏洞分析
https://www.cnblogs.com/nishoushun/p/12682777.html
漏洞掃描原理及程序
https://www.cnblogs.com/bonelee/p/12687070.html
D-Link DSL-2640B設備多個最新漏洞利用分析
https://www.4hou.com/posts/kOJ5
Hex-Rays is proud to announce the upcoming release of IDA Home
https://www.hex-rays.com/products/ida-home-is-coming/
Nexus Repository Manager 漏洞分析
https://juejin.im/entry/5e94260af265da47ae4ac656
Nexus Repository Manager 3 Several Expression Parsing Vulnerabilities
https://paper.seebug.org/1167/
Nexus Repository Manager 3數個表達式解析長度
https://paper.seebug.org/1166/
Windows SMB Ghost(CVE-2020-0796)漏洞分析
https://paper.seebug.org/1168/
構造 AI 防火牆!清華初創團隊推出 AI 安全平臺,強勢修復算法漏洞“新型病毒”
https://www.chainnews.com/zh-hant/articles/545204635471.htm
Extended ssrf search:一款功能強大的SSRF智能漏洞掃描工具
https://www.sohu.com/a/386898206_354899
uWSGI(CVE-2018-7490)路徑遍歷漏洞復現
https://www.cnblogs.com/bflw/p/12665449.html
淺談二進制漏洞研究與病毒研究
https://zhuanlan.zhihu.com/p/129233291
多款光纖路由器設備在野0-day漏洞簡報
https://www.freebuf.com/vuls/233868.html
Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy
https://bit.ly/2Rv8yR9
Android-IMSI-Catcher-Detector
https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector
Lollipopz - Data Exfiltration Utility For Testing Detection Capabilities
https://www.kitploit.com/2020/04/lollipopz-data-exfiltration-utility-for.html
The Ultimate Guide To Become A Hacker (Part 1)
https://tekno-space.com/how-to/the-ultimate-guide-to-become-a-hacker-part-1/
The Problem with HTTPS
https://www.webroot.com/blog/2020/04/14/the-problem-with-https/
国内高校の半数が利用するClassiの不正アクセスについてまとめてみた
https://piyolog.hatenadiary.jp/entry/2020/04/15/072934
Taiwan High-Tech Ecosystem Targeted by Foreign APT Group
https://medium.com/@cycraft_corp/taiwan-high-tech-ecosystem-targeted-by-foreign-apt-group-5473d2ad8730
Injectify - Perform advanced MiTM attacks on websites with ease
https://hakin9.org/injectify-perform-advanced-mitm-attacks-on-websites-with-ease/
Threat modeling explained: A process for anticipating cyber attacks
https://www.csoonline.com/article/3537370/threat-modeling-explained-a-process-for-anticipating-cyber-attacks.html
How to build a Threat Hunting platform using ELK Stack
https://www.peerlyst.com/posts/how-to-build-a-threat-hunting-platform-using-elk-stack-chiheb-chebbi
How to build a Threat Hunting platform using ELK Stack [Part 2]
https://www.peerlyst.com/posts/how-to-build-a-threat-hunting-platform-using-elk-stack-part-2-chiheb-chebbi
Malware Beaconing: How To Hunt [Part 1]
https://www.peerlyst.com/posts/malware-beaconing-how-to-hunt-part-1-ali-ahangari-1
Malware Beaconing: How To Hunt [Part 2]
https://www.peerlyst.com/posts/malware-beaconing-how-to-hunt-part-2-ali-ahangari-1
Enterprise Security Architecture - a short overview
https://www.peerlyst.com/posts/enterprise-security-architecture-a-short-overview-dragan-stevanovic
F.商業
因應防疫需求 訊連延長「U會議免費專案」至7月底
https://udn.com/news/story/7240/4482139?from=udn-ch1_breaknews-1-cate6-news
Check Point:疫情相關網路攻擊持續攀升,居家辦公恐暴露於高度風險之下,遠端存取檔案的安全性與需求急劇提升
http://www.pcdiy.com.tw/detail/15836
[專訪]Tenable公司技術顧問李元勛:弱點掃描 防範網路威脅於未然
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=13&aid=8767
ZOOM資安疑慮 台研發新視訊工具
https://news.cts.com.tw/cts/life/202004/202004141997147.html
team+免費方案挺台灣企業,遠距辦公與視訊協作資安一把罩
https://bit.ly/2Va1bRf
Wi-Fi、藍芽也可能是駭客入侵點!互聯安睿憑「iSecMaster」方案對抗惡意攻擊
https://meet.bnext.com.tw/articles/view/46249
研華 WISE-PaaS 以 K8s 升級EnSaaS 4.0雲平台
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000582895_4ca7jlicl379ft49ji7hz
Microsoft pushes back end of support date for Windows 10 1809
https://www.zdnet.com/article/microsoft-pushes-back-end-of-support-date-for-windows-10-1809/#ftag=RSSbaffb68
GitHub offers new free tier for private development
https://www.zdnet.com/article/github-offers-new-free-tier-for-private-development/#ftag=RSSbaffb68
.NET for Apache Spark brings enterprise coders and big data pros to the same table
https://www.zdnet.com/article/net-for-apache-spark-brings-enterprise-coders-and-big-data-pros-to-the-same-table/#ftag=RSSbaffb68
Rapid7 launches Rapid7 AttackerKB, a service for crowdsourcing vulnerability assessments
https://www.zdnet.com/article/rapid7-launches-attackerkb-a-service-for-crowdsourcing-vulnerability-assessments/#ftag=RSSbaffb68
Rapid7 AttackerKB
https://attackerkb.com/
Financial Cyberthreats in 2019
https://securelist.com/financial-cyberthreats-in-2019/96692/
G.政府
訊連:U系列產品無任何位於中國的伺服器
https://udn.com/news/story/7238/4482558
每年十數萬駭客攻擊來自對岸 國安局靠「網域安全處」迎戰假訊息
https://www.ettoday.net/news/20200411/1689043.htm
小英正式組建第四軍?調查局成立「資安站 」查辦假訊息
https://bit.ly/3eh3w4k
當調查局淪為網軍小弟
https://udn.com/news/story/7338/4485463?from=udn-catebreaknews_ch2
北市口罩販賣機 今天開賣
https://www.merit-times.com.tw/NewsPage.aspx?unid=581733
北市試辦口罩智販機 未來將技術交給中央
https://www.chinatimes.com/realtimenews/20200415004962-260405?chdtv
竹縣府下週一起異地分流辦公 今忙搬家
https://m.ltn.com.tw/news/politics/breakingnews/3129399
風景區國家警報簡訊將取消 政院改用「高速公路1968」APP示警
https://news.ltn.com.tw/news/life/breakingnews/3130489
行政院管不到駐美處? 口譯哥視訊華府智庫帶頭用Zoom
https://www.chinatimes.com/realtimenews/20200411003686-260407?ctrack=mo_main_rtime_p04&chdtv
只准州官洩密 不准百姓用Zoom
https://udn.com/news/story/11091/4486001?from=udn-catelistnews_ch2
51連假避群聚 政院擬研發"紀錄接觸史APP"
https://www.ttv.com.tw/news/view/10904120007200I/568
Zoom遭禁用 高檢署下令各地檢改採「U會議」
https://tw.appledaily.com/local/20200413/ESTHQMGMMFSBZ5IVRXK2ZVQYRY/
公文被爆用ZOOM開會?政院批國民黨團「以訛傳訛」
https://udn.com/news/story/6656/4494471?from=udn-catelistnews_ch2
政院澄清未使用Zoom召開視訊會議 籲藍委勿以訛傳訛
https://www.chinatimes.com/realtimenews/20200415004423-260407?ctrack=mo_main_rtime_p02&chdtv
防疫新招 行政院研發社交距離APP
https://www.ydn.com.tw/News/379663
新竹市居家辦公試辦近500人遠端演練公務
https://www.chinatimes.com/realtimenews/20200413003298-260405?chdtv
藍委促調查局查IP 堵藍批栽贓
https://money.udn.com/money/story/7307/4489790
中研院、大學合作開課照用Zoom! 教育部:會再提醒
https://www.ettoday.net/news/20200413/1690178.htm
中央才下禁令! 「口譯哥」視訊美智庫用Zoom
https://bit.ly/2RExp51
北市試辦實名制口罩自動販賣系統惹爭議,臺北市資訊局出面說清楚更多規畫
https://ithome.com.tw/news/136976
跨領域招募整合 國防部偕成大培育優質人才
http://n.yam.com/Article/20200415357274
成大與國防部合辦「國防學士班」 培育國防科技菁英
http://n.yam.com/Article/20200415946589
H.工控系統/SCADA/ICS
JVNVU#99126710 Rockwell Automation 製 RSLinx Classic における重要なリソースに対する不適切なパーミッションの割り当ての脆弱性
https://jvn.jp/vu/JVNVU99126710/
西門子多款工業設備受Linux內核漏洞SegmentSmack影響
https://www.venustech.com.cn/article/1/11583.html
I.教育訓練
Free Cyber Security Courses
https://www.oxfordhomestudy.com/courses/cyber-security-courses/free-cyber-security-courses
12 Must-Watch Cybersecurity TED Talks
https://www.springboard.com/blog/12-must-watch-cybersecurity-ted-talks/
Training for a Career in Cybersecurity
https://niccs.us-cert.gov/training
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
Qualcomm debuts new NB2 IoT chipset for low-power devices in the field
https://www.zdnet.com/article/qualcomm-debuts-new-nb2-iot-chipset-for-low-power-devices-in-the-field/#ftag=RSSbaffb68
福特、大眾被曝網絡安全漏洞黑客還能禁用車輛的剎車系統
https://tech.sina.com.cn/roll/2020-04-15/doc-iircuyvh7894718.shtml
TC5#22.2 WG1工作會議暨空氣品質微型感測器資安標準暨測試規範草案討論會議
https://www.taics.org.tw/TCMeetInfoForm.aspx?tcCat_id=5&tcMeetInfo_id=8206
6.近期資安活動及研討會
ISO/IEC 27001:2013 資訊安全稽核師(主導稽核員)訓練課程 4/11 ~ 4/26
https://www.accupass.com/event/2002140726181428485387
交通大學駭客書院 -入侵行為發覺與應變指南 4/18
https://hackercollege.nctu.edu.tw/?p=1144
2020全方位資訊安全人才培育計畫 4/21 ~ 6/16
http://service.tabf.org.tw/tw/user/409646/
網駭,鑑識工具操作與證據追蹤分析 4/17
https://bit.ly/2UVwP55
2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/
Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/
亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html
交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147
2020 LINE Taiwan Developers Recruitment Day 4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/
金融數據應用 統計+視覺化 4/26
https://tw.pyladies.com/events/event.html?id=179
交通大學駭客書院 - 基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151
資安社 - Forensic(一) 5/20
https://nsysuisc.kktix.cc/events/2020forensic1
交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156
Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/
交通大學駭客書院 - 進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159
109年智能物聯網與資訊安全碩士學分班 5/30 ~ 8/8
https://www.accupass.com/event/2003160837472127685300
邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index
交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161
交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164
CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/
沒有留言:
張貼留言