跳到主要內容

資安事件新聞週報 2020/4/20 ~ 2020/4/24


資安事件新聞週報 2020/4/20  ~  2020/4/24

1.重大弱點漏洞/後門/Exploit/Zero Day
Google Chrome 記憶體釋放後使用漏洞
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html

Google Chrome爆重大安全漏洞 20億用家或陷攻擊風險
https://bit.ly/3auiykn

蘋果電郵程式存漏洞 5億用戶陷資料被盜風險
http://www.takungpao.com.hk/international/text/2020/0423/440693.html

蘋果電郵應用程式有漏洞 5億iPhone用戶易受駭客攻擊
https://tw.appledaily.com/international/20200423/WQ2FFRDG6FUIRR4WV424H4E5XM/

郵件程式爆漏洞!空白郵件別亂點…五億用戶成駭客眼中大肥羊
https://cnews.com.tw/137200423a02/

iPhone郵件爆資安漏洞 蘋果研發修補程式
https://money.udn.com/money/story/5602/4515036

iPhone Mail應用程式爆資安漏洞!5億支iPhone易受攻擊
https://www.ettoday.net/news/20200423/1698054.htm

Apple investigating report of a new iOS exploit being used in the wild
https://www.zdnet.com/article/apple-investigating-report-of-a-new-ios-exploit-being-used-in-the-wild/#ftag=RSSbaffb68

iPhone與iPad有安全漏洞 收到空白電郵可能遭駭
https://www.cna.com.tw/news/firstnews/202004230046.aspx

研究:iOS Mail App爆存在8年的零時差漏洞,無需點擊就被駭
https://www.ithome.com.tw/news/137163

Liferay Portal –利用遠程執行代碼漏洞(CERT-EU安全通報2020-022)
https://digitpol.hk/zh-TW/liferay-portal-exploited-remote-code-execution-vulnerabilities-cert-eu-security-advisory-2020-022/

微軟遠端桌面用戶端漏洞可讓駭客執行遠端程式碼,但微軟不願修補
https://www.ithome.com.tw/news/137136

微軟緊急修補Office及小畫家3D的遠端程式攻擊漏洞
https://www.ithome.com.tw/news/137165

TVN/CVE漏洞資訊 - iCatch DVR
http://net.nthu.edu.tw/2009/mailing:announcement:20200420_02

TVN/CVE漏洞資訊 - HGiga C&Cmail
http://net.nthu.edu.tw/2009/mailing:announcement:20200420_01

That critical VMware vuln allowed anyone on your network to create new admin users, no creds needed
https://www.theregister.co.uk/AMP/2020/04/17/vmware_vcenter_critical_vuln_anyone_create_admin_users/

美國國土安全部督促使用者修補Pulse Secure VPN漏洞
https://www.ithome.com.tw/news/137095

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers
https://thehackernews.com/2020/04/pulse-secure-vpn-vulnerability.html

Intel 發表四月平台資安更新,修復多個嚴重資安漏洞
https://www.twcert.org.tw/tw/cp-104-3553-6a9f7-1.html

April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities
https://newsroom.trendmicro.com/blog/security-intelligence/april-patch-tuesday-fixes-font-related-microsoft-sharepoint-windows-com-0

Windows 10 KB4549951 update is causing BSOD, Bluetooth and WiFi issues, random system crashes
https://mspoweruser.com/windows-10-kb4549951-bsod-bluetooth-bug/

Windows 10 SMBGhost 漏洞 RCE PoC 公佈
https://www.chainnews.com/zh-hant/articles/366966166339.htm

Security researcher discloses four IBM zero-days after company refused to patch
https://www.zdnet.com/article/security-researcher-discloses-four-ibm-zero-days-after-company-refused-to-patch/#ftag=RSSbaffb68

多款NETGEAR產品跨站請求偽造漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18848

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
金融業超前部署!滙豐台灣隔離管理學:每通電話都錄音,提醒「不能做的事」
https://www.wealth.com.tw/home/articles/25361

澳門正研究設立人民幣計價證券交易所
https://bit.ly/3cARS2G

超前部署跑第一 金融業194家啟動異地、居家辦公
https://tw.appledaily.com/property/20200423/RLUY3IJ3WARE7RM6U2I7OCM5PY/

【防疫惹議】新光金居家辦公爭議 專家:應減少人群接觸
https://tw.appledaily.com/property/20200423/MUOFIJHBNHFSWXCMEU6Q6XLLTM/

Sustainability, data key to survival for new players eyeing Singapore's digital bank market
https://www.zdnet.com/article/sustainability-data-key-to-survival-for-new-players-eyeing-singapores-digital-bank-market/#ftag=RSSbaffb68

Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker
https://securityaffairs.co/wordpress/101637/mobile-2/portuguese-banking-android-trojan.html

Attackers are using a Brazilian hacking tool against Spanish banks
https://www.cyberscoop.com/attackers-using-brazilian-hacking-tool-spanish-banks/

Grandoreiro Malware Now Targeting Banks in Spain
https://securityintelligence.com/posts/grandoreiro-malware-now-targeting-banks-in-spain/

Payment distancing: Apple and Google, we need our cashless society even more in pandemic times
https://www.zdnet.com/article/payment-distancing-apple-and-google-we-need-our-cashless-society-even-more-now/

3.電子支付/電子票證/行動支付/ pay/新聞及資安
傳統實體代幣轉向行動支付,大魯閣改造IT要重塑顧客體驗
https://www.ithome.com.tw/people/137097

傳 Facebook 將聯合 Gojek 等印尼公司推跨平台行動支付服務
https://technews.tw/2020/04/22/facebook-three-indonesian-firms-in-early-talks-for-mobile-payment-approval/

無接觸商機、電子支付帶領台灣邁入新消費時代
https://health.udn.com/health/story/120952/4511233

北市公有停車場月票 柯文哲指示悠遊付跟上
https://www.cna.com.tw/news/aloc/202004240213.aspx

〈財經週報-電支電票二合一〉電支電票二合一 轉帳紅利共享共用
https://ec.ltn.com.tw/article/paper/1367149

4.虛擬貨幣/區塊鍊相關新聞及資安
財政部解釋令:3000萬元以下 STO 比照實體有價證券,課徵 1‰ 交易稅
https://www.blocktempo.com/sto-transfer-taxes-will-be-including-in-securities-transaction-tax-act/

中國央行數位貨幣 (DCEP) 已在內測階段,它最終會長什麼樣子
https://www.blocktempo.com/china-dcep-testing-phrase-payment-centralbank-commercialbanks/

支付寶證實參與中國「數位人民幣 DCEP 」開發,傳 5 月最先在蘇州落地
https://www.blocktempo.com/china-dcep-will-pilot-in-suzhou/

央行數字貨幣落地 蘇州用以發放交通補貼
https://www.ntdtv.com/b5/2020/04/18/a102826185.html

dForce楊民道發布「東山再起」宣言,駭客正試圖與他們聯繫
https://www.blocktempo.com/dforce-lendfme-hacked-investigation-comeback-defi/

區塊鏈金融平臺dForce的加密貨幣資產幾乎被盜領一空
https://www.ithome.com.tw/news/137106

香港證監會批准第一支比特幣基金!Arrano 放眼首年 1 億美元
https://www.blocktempo.com/hong-kong-s-first-approved-crypto-fund/

黑客已歸還Lendf.Me 幾乎所有被盜取資產
https://www.panewslab.com/zh_hk/articledetails/1587448754450049.html

Lendf.me 神轉折!駭客將「7.5億贓款」全數歸還,疑因經驗不足 IP 洩漏身份遭掌握
https://www.blocktempo.com/endf-me-attacker-screws-up-returns-all-the-stolen-funds/

信件真偽檢測 區塊鏈即時防詐
http://www.netadmin.com.tw/netadmin/zh-tw/market/E2FD1711883B493AAD45DFFBA47B0699

Hackers steal $25 million worth of cryptocurrency from Uniswap and Lendf.me
https://www.zdnet.com/article/hackers-steal-25-million-worth-of-cryptocurrency-from-uniswap-and-lendf-me/

This is what happens to cryptocurrency paid out in sextortion campaigns
https://www.zdnet.com/article/this-is-what-happens-to-the-cryptocurrency-paid-out-through-sextortion-campaigns/#ftag=RSSbaffb68

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
Google:Gmail每天擋下1,800萬封與武漢肺炎有關的惡意郵件
https://www.ithome.com.tw/news/137082

網路駭侵事件與資安提醒
https://announce.pu.edu.tw/p/404-1037-8141-1.php?Lang=zh-tw

Tomcat Server存在Ghostcat漏洞,有中國駭客在臺灣校園網站上傳BiFrost後門程式
https://www.ithome.com.tw/news/137074

TrickBot木馬將獲取交易身份驗證碼的應用推向德國銀行客戶
https://www.freebuf.com/articles/terminal/231903.html

假借武漢肺炎最新資訊名義為誘餌,間諜軟體鎖定兩大行動裝置平臺收集各式資料
https://www.ithome.com.tw/news/137061

美國多家大型航太製造業者遭勒贖攻擊,拒付贖款後機密內容遭曝光
https://www.twcert.org.tw/tw/cp-104-3555-3819e-1.html

大型IT服務業者Cognizant證實遭到Maze勒索軟體攻擊
https://www.ithome.com.tw/news/137112

快遞到貨通知,要求確認收據地址,打開ACE檔就中毒
https://blog.trendmicro.com.tw/?p=63942

駭客散布勒索恐嚇郵件詐騙使用者
https://www.twcert.org.tw/tw/cp-104-3568-0207d-1.html

PoetRAT Trojan targets energy sector using coronavirus lures
https://www.zdnet.com/article/poetrat-trojan-targets-energy-sector-using-coronavirus-lures/#ftag=RSSbaffb68

PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html

Deconstructing an Evasive Formbook Campaign Leveraging COVID-19 Themes
https://www.fortinet.com/blog/threat-research/deconstructing-an-evasive-formbook-campaign-leveraging-covid-19-themes.html

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware
https://thehackernews.com/2020/04/coronavirus-scada-malware.html

PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html

Coronavirus-themed attacks April 12 – April 18, 2020
https://securityaffairs.co/wordpress/101868/cyber-crime/coronavirus-themed-attacks-april-12-april-18-2020.html

Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository
https://thehackernews.com/2020/04/rubygem-typosquatting-malware.html

Clipboard hijacking malware found in 725 Ruby libraries
https://www.zdnet.com/article/clipboard-hijacking-malware-found-in-725-ruby-libraries/#ftag=RSSbaffb68

Ransomware Recovery in the 'New Normal'
https://www.bankinfosecurity.com/interviews/ransomware-recovery-in-new-normal-i-4658

Corporate users at most hacking risk from banking malware attacks: Report
https://www.thenewsminute.com/article/corporate-users-most-hacking-risk-banking-malware-attacks-report-122824

KPOT Analysis: Obtaining the Decrypted KPOT EXE
https://isc.sans.edu/diary/KPOT+Analysis%3A+Obtaining+the+Decrypted+KPOT+EXE/26014

Maldoc Falsely Represented as DOCX Invoice Redirecting to Fake Apple Store
https://isc.sans.edu/diary/rss/26036

Weaponized RTF Document Generator & Mailer in PowerShell
https://isc.sans.edu/diary/Weaponized+RTF+Document+Generator+%26+Mailer+in+PowerShell/26030

Discord users tempted by bots offering “free Nitro games”
https://blog.malwarebytes.com/cybercrime/2020/04/discord-users-tempted-by-bots-offering-free-nitro-games/

New AgentTesla variant steals WiFi credentials
https://blog.malwarebytes.com/threat-analysis/2020/04/new-agenttesla-variant-steals-wifi-credentials/

Emotet JavaScript downloader
https://maxkersten.nl/binary-analysis-course/malware-analysis/emotet-javascript-downloader/

OSINT Investigation: Cerberus and the INPS
https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html

Linux Malware: The Truth About This Growing Threat
https://linuxsecurity.com/features/features/linux-malware-the-truth-about-this-growing-threat?showall=1

Understanding the relationship between Emotet, Ryuk and TrickBot
https://blog.intel471.com/2020/04/14/understanding-the-relationship-between-emotet-ryuk-and-trickbot/

2019 IoT Advanced Malware Threat (AMT ) Research Notes
https://docs.google.com/spreadsheets/d/1UMBFtWxfc40TAF4AIXkPZYBD8uBE6xP2HVs9dRHlTF8/edit#gid=0

Cybercriminal group mails malicious USB dongles to targeted companies
https://www.csoonline.com/article/3534693/cybercriminal-group-mails-malicious-usb-dongles-to-targeted-companies.html#tk.rss_all

IT Services Giant Cognizant Hit by Maze Ransomware Cyber Attack
https://gbhackers.com/it-services-giant-cognizant-hit-by-maze-ransomware-cyber-attack/

PSA: If You Get a 'Best Buy Gift Card' on a USB Drive in the Mail, Don't Plug It Into Your PC
https://www.pcmag.com/news/psa-if-you-get-a-best-buy-gift-card-on-a-usb-drive-in-the-mail-dont-plug

Researchers Discover Coronavirus Malicious Applications: What you Should Know
https://medium.com/@janettompson/researchers-discover-coronavirus-malicious-applications-what-you-should-know-a6273ee361f

Trickbot malware is using these unique 'macro-laced' document attachments with a coronavirus theme
https://www.zdnet.com/article/trickbot-malware-is-using-these-unique-macro-laced-document-attachments-with-a-coronavirus-theme/

Mootbot Botnet Targets Fiber Routers with Dual Zero-Days
https://threatpost.com/mootbot-fiber-routers-zero-days/154962/

Multiple fiber routers are being compromised by botnets using 0-day
https://blog.netlab.360.com/multiple-fiber-routers-are-being-compromised-by-botnets-using-0-day-en/

New Coronavirus screenlocker malware is extremely annoying
https://www.bleepingcomputer.com/news/security/new-coronavirus-screenlocker-malware-is-extremely-annoying/#.Xp7pPyK0P1M.twitter

COVID-19 Phishing Emails Mainly Contain TrickBot: Microsoft
https://www.bankinfosecurity.com/covid-19-phishing-emails-mainly-contain-trickbot-microsoft-a-14149

Unkillable xHelper and a Trojan matryoshka
https://securelist.com/unkillable-xhelper-and-a-trojan-matryoshka/96487/#comment-3112205

Hackers have breached 60 ad servers to load their own malicious ads
https://www.zdnet.com/article/hackers-have-breached-60-ad-servers-to-load-their-own-malicious-ads/#ftag=RSSbaffb68

NSA shares list of vulnerabilities commonly exploited to plant web shells
https://www.zdnet.com/article/nsa-shares-list-of-vulnerabilities-commonly-exploited-to-plant-web-shells/#ftag=RSSbaffb68

Guidance for mitigation web shells. #nsacyber
https://github.com/nsacyber/Mitigating-Web-Shells

A look at the ATM/PoS malware landscape from 2017-2019
https://securelist.com/atm-pos-malware-landscape-2017-2019/96750/

Following ESET’s discovery, a Monero mining botnet is disrupted
https://www.welivesecurity.com/2020/04/23/eset-discovery-monero-mining-botnet-disrupted/

B.行動安全 / iPhone / Android /穿戴裝置 /App
【遠端有數,資安要顧】趨勢科技:手機釣魚軟體假冒防疫 App 偷定位、拍照
https://www.inside.com.tw/article/19555-spyware-and-phishing-notice

Zoom強調免費用戶資料不會傳回中國大陸,那台灣呢
https://www.bnext.com.tw/article/57350/zoom-privacy-policy

留著中國血液 ZOOM〈一〉:在牆內資安是黨的事情
https://bit.ly/3eyC7eA

中國基督徒用ZOOM復活節禮拜 公安上門抓人
https://newtalk.tw/news/view/2020-04-19/393981

近期Zoom的資安事件總覽
https://www.ithome.com.tw/news/137058

Zoom強化資安顯成效 新加坡教育部重新開放教師使用
https://newtalk.tw/news/view/2020-04-21/394754

Zoom達成90天資安計劃里程碑 發布Zoom 5.0
https://www.chinatimes.com/realtimenews/20200423001773-260412?chdtv

Zoom adds data center routing, security updates
https://www.zdnet.com/article/zoom-adds-data-center-routing-security-updates/#ftag=RSSbaffb68

Zoom isn’t actually end-to-end encrypted
https://www.theverge.com/2020/3/31/21201234/zoom-end-to-end-encryption-video-chats-meetings

Keep Zoombombing cybercriminals from dropping a load on your meetings
https://blog.malwarebytes.com/how-tos-2/2020/04/keep-zoombombing-cybercriminals-from-dropping-a-load-on-your-meetings/

22校長學習架設Jitsimeet伺服器
https://times.hinet.net/news/22865674

4G災防警告PWS系統介紹:細胞簡訊原理、手機警報訊息教學
https://www.cool3c.com/article/152131

Webhooks URL洩漏可致Slack用戶受釣魚攻擊
https://www.ithome.com.tw/news/137038

抖音驚傳流量傳輸未加密,恐造成中間人攻擊,並藉此傳送假訊息
https://www.ithome.com.tw/news/137083

疫情期間通訊安全-深度解析加密通訊軟體 Signal
https://www.techbang.com/posts/77913-communication-security-depth-resolution-encrypted-communication-software-signal-during-the-outbreak

Webex, Teams, Meet, Jitsi 8款視訊會議軟體需求測試比較表格
https://www.playpcesor.com/2020/04/webex-teams-meet-jitsi-8.html

不怕 GPS 定位洩漏隱私,最好用的疫情追蹤技術就是人人都有的「藍芽」
https://buzzorange.com/techorange/2020/04/23/bluetooth-virus/

WhatsApp Users To Get This Killer New Update: Just Perfect Timing
https://www.forbes.com/sites/zakdoffman/2020/04/19/whatsapp-users-to-get-this-killer-new-update-just-perfect-timing/

France asks Apple to relax iPhone security for coronavirus tracking app development
https://www.zdnet.com/article/france-asks-apple-to-relax-iphone-security-for-coronavirus-tracking-app-development/

C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
分流上班、分班在家工作,疫情帶來的資安挑戰, 您準備好了嗎
https://bit.ly/3cJhcnb

任天堂驚傳大量帳號遭駭 官方建議兩步驟驗證保護資料
https://game.udn.com/game/story/10453/4508274?form=udn_ch2_common3_cate

任天堂玩家帳號爆大量外洩!官方建議補救辦法
https://3c.ltn.com.tw/news/40173

Nintendo accounts are getting hacked and used to buy Fortnite currency
https://www.zdnet.com/article/nintendo-accounts-are-getting-hacked-and-used-to-buy-fortnite-currency/#ftag=RSSbaffb68

Switch現安全漏洞?大批玩家投訴帳戶被異常登陸
https://bit.ly/2VrbG2P

美商懸賞300萬破解自家遊戲…卻遭爆料遊戲「不單純」
https://www.setn.com/News.aspx?NewsID=729690

協助研究人員度過疫情難關,Google將發給獎金1,300美元
https://www.ithome.com.tw/news/137138

紐時:Dropbox曾私下找駭客調查Zoom的安全漏洞
https://www.ithome.com.tw/news/137116

伺服器設定錯誤,臉部辨識技術公司 Clearview 不小心公開原始碼
https://technews.tw/2020/04/21/clearview-ais-source-code-and-app-data-exposed-in-cybersecurity-lapse/

反守為攻的不對稱資訊戰
https://talk.ltn.com.tw/article/paper/1367097

趨勢科技:駭客利用「冠狀病毒」進行新一波網路攻擊
https://money.udn.com/money/story/5648/4504607

教授林盈達︰中國部分軟體 有資安危機
https://m.ltn.com.tw/news/life/paper/1366697

人權團體批默許「網路監控」 聯合國暫緩與騰訊合作
https://m.ltn.com.tw/news/world/breakingnews/3137402

俄羅斯封城實施「數位通行證」 一上線就當機惹民怨
https://www.ftvnews.com.tw/news/detail/2020418I10M1

捷克接連遭網攻 布拉格機場與地區醫院都遭鎖定
https://www.ydn.com.tw/News/380423

捷克官方示警恐有網攻 隔天醫院伺服器就受攻擊
https://news.ltn.com.tw/news/world/breakingnews/3137455

駭客趁疫情作亂 捷克2座醫院遭網攻引美關切
https://money.udn.com/money/story/5599/4501137

Google:至少有12個國家級駭客組織利用疫情展開攻擊
https://www.ithome.com.tw/news/137176

Findings on COVID-19 and online security threats
https://www.blog.google/technology/safety-security/threat-analysis-group/findings-covid-19-and-online-security-threats/

對抗中國網戰 國防部射五箭
https://news.ltn.com.tw/news/politics/paper/1367371

中國網軍年後拼復工,以武漢肺炎議題為餌,鎖定臺灣政府和醫療智庫學者發動攻擊
https://www.ithome.com.tw/news/137187

FBI示警 疫苗研發機構遭駭客鎖定
https://news.ltn.com.tw/news/world/paper/1366755

Chinese hackers targeted company behind 'Ragnarok Online' MMORPG
https://www.zdnet.com/article/chinese-hackers-targeted-company-behind-ragnarok-online-mmorpg

WINNTI GROUP: Insights From the Past
https://quointelligence.eu/2020/04/winnti-group-insights-from-the-past/

CrowdStrike: Ongoing Pirate Panda operations using current event themes
https://www.scribd.com/document/451284814/CrowdStrike-Ongoing-Pirate-Panda-operations-using-current-event-themes#download

China-linked ‘Electric Panda’ hackers seek U.S. targets, intel agency warns
https://www.politico.com/amp/news/2020/04/16/china-electric-panda-hackers-seek-us-targets-191220

Gamaredon APT Group Use Covid-19 Lure in Campaigns
https://blog.trendmicro.com/trendlabs-security-intelligence/gamaredon-apt-group-use-covid-19-lure-in-campaigns/

FBI: Hackers Targeting US COVID-19 Research Facilities
https://www.bankinfosecurity.com/fbi-hackers-targeting-us-covid-19-research-facilities-a-14138

FBI says cybercrime reports quadrupled during COVID-19 pandemic
https://www.zdnet.com/article/fbi-says-cybercrime-reports-quadrupled-during-covid-19-pandemic/#ftag=RSSbaffb68

Addressing Shadow IT Issues During COVID-19 Crisis
https://www.bankinfosecurity.com/addressing-shadow-issues-during-covid-19-crisis-a-14137

U.S. Offers Rewards up to $5 Million for Information on North Korean Hackers
https://thehackernews.com/2020/04/north-korea-hackers.html

FBI takes down hacker platform Deer.io
https://nakedsecurity.sophos.com/2020/03/27/fbi-takes-down-russia-based-hacker-platform-deer-io/

Why SaaS opens the door to so many cyber threats (and how to make it safer)
https://thehackernews.com/2020/04/saas-cybersecurity.html

Analysis: Insider Threats Posed by Remote Workforce
https://www.bankinfosecurity.com/interviews/analysis-insider-threats-posed-by-remote-workforce-i-4657

Beware of Coronavirus Dark Web Scams – Starting from Vaccine, Test Kits & Infected Blood For Sale
https://cybersecuritynews.com/coronavirus-dark-web-scams/

Spearphishing attacks hit the oil and gas industry sector
https://securityaffairs.co/wordpress/101967/cyber-crime/spearphishing-energy-oil-gas-industry.html

Cynet Issues Incident Response Challenge 2020 for IR Professionals With $5,000 Prize
https://gbhackers.com/cynet-issues-incident-response/

The Incident Response Challenge
https://incident-response-challenge.com/

美資安公司:越南駭客入侵中國政府系統 尋找武肺資訊
https://tw.appledaily.com/international/20200423/RSUVSVTI3H7KD22PGAMPJVEPCY/

Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
https://www.fireeye.com/blog/threat-research/2020/04/apt32-targeting-chinese-government-in-covid-19-related-espionage.html

Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak
https://www.zdnet.com/article/security-researcher-identifies-new-apt-group-mentioned-in-2017-shadow-brokers-leak/#ftag=RSSbaffb68

Nazar: A Lost Amulet
https://www.epicturla.com/blog/the-lost-nazar

Attackers Target Oil and Gas Industry With AgentTesla
https://www.bankinfosecurity.com/attackers-target-oil-gas-industry-agenttesla-a-14169

Oil & Gas Spearphishing Campaigns Drop Agent Tesla Spyware in Advance of Historic OPEC+ Deal
https://labs.bitdefender.com/2020/04/oil-&-gas-spearphishing-campaigns-drop-agent-tesla-spyware-in-advance-of-historic-opec+-deal/

《CS:GO》原始碼洩漏!Valve發聲明認了
https://newtalk.tw/news/view/2020-04-23/395954

Valve says it's safe to play CS:GO and TF2 after source code leaked online
https://www.zdnet.com/article/valve-says-its-safe-to-play-csgo-and-tf2-after-source-code-leaked-online/#ftag=RSSbaffb68

中央存保公司甄才公告 109年公開甄試正式職員7人
https://ptc.tabf.org.tw/tw/ptc_109cdic/BotDownload.asp

資安管理主管
https://www.104.com.tw/job/6x72f

資安威脅研究員(Cyber Security Analyst)
https://www.104.com.tw/job/5uley?jobsource=company_job

資安工程師 (Security Engineer)
https://www.104.com.tw/job/5zrgs?jobsource=company_job

財金資訊公司109年徵才
https://ptc.tabf.org.tw/tw/ptc_109fisc/BotDownload.asp

財金資訊公司109年系統操作人員甄試
https://ptc.tabf.org.tw/tw/ptc_10902fisc/

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
又有詐騙新花招!NeTflix 遭冒名 免費看成誘餌
https://newtalk.tw/news/view/2020-04-20/394135

< 資安報告>假的「404 Not Found」頁面等四個網路釣魚新手法
https://blog.trendmicro.com.tw/?p=63975

ubereats 被盜刷四千元
https://moptt.tw/p/Gossiping.M.1587198863.A.0F0

駭客正利用「冠狀病毒」進行新一波網路間諜與釣魚活動
https://www.techbang.com/posts/77917-trend-micro-hackers-are-using-the-coronavirus-for-a-new-wave-of-cyberespionage-and-phishing

武肺疫情成釣餌  駭客與網路間諜騙個資
https://tw.appledaily.com/property/20200418/DVDTYZB5VBU3X7F4CPTR7GLFLM/

用疫情恐慌 詐騙電子郵件大量增加
https://www.ydn.com.tw/News/380365

網路釣魚攻擊進化 最常仿冒蘋果品牌
https://www.cna.com.tw/news/ait/202004230245.aspx

商業電子郵件詐騙 台灣受攻擊次數北亞最多
https://money.udn.com/money/story/5617/4507339

針對電視串流廣告的詐騙攻擊,假冒超過200萬台裝置觀看廣告
https://www.twcert.org.tw/tw/cp-104-3566-cc502-1.html

網路水軍散播假訊息 真相查核防堵資安破口
http://www.netadmin.com.tw/netadmin/zh-tw/technology/7C0872F291FE4DDAB4243117ACDAAB82

【錯誤】重磅消息!中共絕密文件曝光,「透過自願者令香港警察英勇殉職,以吸引媒體的眼球集中在暴徒身上」
https://tfc-taiwan.org.tw/articles/930

超過一億巴基斯坦手機用戶,個資遭駭侵者於暗網出售
https://www.twcert.org.tw/tw/cp-104-3569-2ce3b-1.html

Palo Alto Networks 警告:商業電郵詐騙台灣受攻擊次數北亞最多
https://www.computerdiy.com.tw/20200420_palo-alto-networks/

「臺灣就業通」網頁有漏洞 業者討債竊個資
https://tw.appledaily.com/local/20200421/JGCFOEIY4CTHHBXO6MMSU6VF2E/

隨手一個小動作…路人竟知他老婆生日!背後真相超險惡
https://www.setn.com/News.aspx?NewsID=730405

駭客趁疫情下手? 世衛等組織傳2.5萬個電郵、密碼外洩
https://3c.ltn.com.tw/news/40183

中國網軍「出奧步」 淡化境內疫情
https://news.cts.com.tw/cts/international/202004/202004221998074.html

FBI:要在臉書上分享自己的高中照片?請三思而後行
https://www.ithome.com.tw/news/137127

PTT使用者反應帳號出現非本人嘗試登入行為,疑似對方利用自動化工具猜密碼
https://www.ithome.com.tw/news/137175

全球衛生機構捲入資安風暴 2.5萬電郵帳密遭外洩
https://newtalk.tw/news/view/2020-04-23/396068

Details of 20 million Aptoide app store users leaked on hacking forum
https://www.zdnet.com/article/details-of-20-million-aptoide-app-store-users-leaked-on-hacking-forum/#ftag=RSSbaffb68

Most consumers admit to sharing passwords with someone outside their home
https://www.zdnet.com/article/most-consumers-admit-to-sharing-passwords-with-someone-outside-their-home/#ftag=RSSbaffb68

Facebook will now warn you if you’ve interacted with fake, dangerous coronavirus posts
https://www.zdnet.com/article/facebook-will-now-warn-you-if-youve-interacted-with-fake-dangerous-coronavirus-posts/#ftag=RSSbaffb68

Demand for Phishing Kits Is Strong: Report
https://www.bankinfosecurity.com/demand-for-phishing-kits-strong-report-a-14140

Hacker leaks 23 million usernames and passwords from Webkinz children's game
https://www.zdnet.com/article/hacker-leaks-23-million-usernames-and-passwords-from-webkinz-childrens-game/#ftag=RSSbaffb68

German government might have lost tens of millions of euros in COVID-19 phishing attack
https://www.zdnet.com/article/german-government-might-have-lost-tens-of-millions-of-euros-in-covid-19-phishing-attack/#ftag=RSSbaffb68

Fraud Guides Top List of Most Frequently Sold Type of Data on Major Dark Web Marketplaces
https://terbiumlabs.com/2020/04/16/fraud-guides-top-list-of-most-frequently-sold-type-of-data-on-major-dark-web-marketplaces/

Coronavirus Dark Web Scams: From infected blood to ventilators
https://www.bleepingcomputer.com/news/security/coronavirus-dark-web-scams-from-infected-blood-to-ventilators/

Economic Stimulus Payments: A Fraud Target
https://www.bankinfosecurity.com/economic-stimulus-payments-fraud-target-a-14145

WHO, Gates Foundation Credentials Dumped Online: Report
https://www.bankinfosecurity.com/who-gates-foundation-credentials-dumped-online-report-a-14167

COVID-19 campaigns highlight the need for phishing protection
https://www.zdnet.com/article/covid-19-campaigns-highlight-the-need-for-phishing-protection/#ftag=RSSbaffb68

Prevent Fraud And Phishing Attacks With DMARC
https://www.forrester.com/report/Prevent+Fraud+And+Phishing+Attacks+With+DMARC/-/E-RES160344#

Cybercriminals Using Zoom, WebEx as Phishing Lures: Report
https://www.bankinfosecurity.com/cybercriminals-using-zoom-webex-as-phishing-lures-report-a-14162

Remote Video Conferencing Themes in Credential Theft and Malware Threats
https://www.proofpoint.com/us/threat-insight/post/remote-video-conferencing-themes-credential-theft-and-malware-threats

Scammers are now taking advantage of US small business relief fund in phishing emails
https://www.zdnet.com/article/scammers-are-now-taking-advantage-of-us-small-business-relief-fund-in-phishing-emails/#ftag=RSSbaffb68

Hackers Steal 25,000 Email Addresses and Passwords From NIH, WHO, Gates Foundation And Others Are Dumped Online
https://cybersecuritynews.com/email-addresses-and-passwords/

E.研究報告
瞭解 MITRE 2020 ATT&CK 端點防衛評估 — 麻瓜版 — Part 1
https://bit.ly/2VQ9aCb

瞭解 MITRE 2020 ATT&CK 端點防衛評估 — 麻瓜版 — Part 2 主偵測類別
https://bit.ly/34ZldBc

行政院技術服務中心109年第1季資通安全技術報告
https://bit.ly/2VzjCiu

SOC日誌可視化工具:SOC Sankey Generator
https://www.freebuf.com/sectool/231106.html

Web Application核心防禦機制記要
https://www.freebuf.com/articles/web/232186.html

域控管理員帳戶架構擴展
https://www.freebuf.com/articles/es/230271.html

TEA:一款基於TAS框架的SSH客戶端蠕蟲
https://www.freebuf.com/articles/network/231963.html

Unicode同形字符域漏洞
https://www.freebuf.com/vuls/229446.html

Github中間人攻擊原理分析
https://www.freebuf.com/articles/web/231802.html

Manul:一款基於覆蓋率引導的並行模糊測試工具
https://www.freebuf.com/articles/terminal/227865.html

網絡層繞過IDSIPS的一些探索
https://www.freebuf.com/articles/system/233678.html

挖洞經驗| 用HTTP請求重寫實現JSON CSRF
https://www.freebuf.com/vuls/230243.html

多款光纖路由器設備在野0天擴展簡報
https://blog.netlab.360.com/multiple-fiber-routers-are-being-compromised-by-botnets-using-0-day/

記錄過某常見WAF最新版
https://www.freebuf.com/articles/web/231905.html

Lazarus APT組織利用新冠疫情誘餌針對某國地區的定向攻擊分析
https://www.freebuf.com/articles/system/233528.html

UEBA實踐:CISO內部威脅管理指南
https://www.freebuf.com/articles/es/234017.html

Dirble:一款高性能目錄掃描與爬取工具
https://www.freebuf.com/articles/network/231596.html

SQL注入萬能Bypass技巧
https://mp.weixin.qq.com/s/RSXc0ACv5DS-GsajdO8IRw

你知道在 Azure 上有幾種 On Demand 啟動 Spark 的方法嗎
https://lab.howie.tw/2020/04/azure-on-demand-spark.html

記一次對PUBG吃雞外掛病毒的反製過程
https://mp.weixin.qq.com/s/u0Ah-bWUnxZBBV1qH3nzcw

從 SQL 到 RCE: 利用 SessionState 反序列化攻擊 ASP.NET 網站應用程式
https://devco.re/blog/2020/04/21/from-sql-to-rce-exploit-aspnet-app-with-sessionstate/

聽說不能用明文存密碼,那到底該怎麼存
https://medium.com/starbugs/how-to-store-password-in-database-sefely-6b20f48def92

乾貨| ATT&CK滲透測試手冊
https://mp.weixin.qq.com/s/bfkSCQonYDd6bpCLzppS_Q

Pentest Notes - Approaching a Target
https://pentestmag.com/pentest-notes-approaching-a-target/

TikTok Vulnerability Enables Hackers to Show Users Fake Videos
https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/

Hacking TikTok to Show Fraudulent Videos on WHO (DNS Attack)
https://www.youtube.com/watch?v=voTnYPfkqlY

Hacking TikTok to Show Fraudulent Videos (DNS Attack)
https://www.youtube.com/watch?v=pHt4jok7v5w

Boost UDP Transaction Performance
https://www.slideshare.net/lfevents/boost-udp-transaction-performance

Exposing Modular Adware: How DealPly, IsErIk, and ManageX Persist in Systems
https://newsroom.trendmicro.com/blog/security-intelligence/exposing-modular-adware-how-dealply-iserik-and-managex-persist-systems

Hackers Exploit Two-factor Authentication to Steal Millions and How to Fix It
https://medium.com/@sub_80999/hackers-exploit-two-factor-authentication-to-steal-millions-and-how-to-fix-it-655145722d45

Getting Started with Reverse Engineering using Ghidra
https://www.peerlyst.com/posts/getting-started-with-reverse-engineering-using-ghidra-chiheb-chebbi

A brute-force password cracker and video auto-downloader for Zoom's "Record to Cloud" functionality.
https://github.com/markbuffalo/zoombo

Manage A Remote SOC: Shift Management Tip
https://blog.paloaltonetworks.com/2020/04/cortex-shift-management/

Rise of the Sensors: Securing LoRaWAN Networks
https://research.nccgroup.com/2020/04/16/rise-of-the-sensors-securing-lorawan-networks/

Methodology for Static Reverse Engineering of Windows Kernel Drivers
https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83

MemLock: Memory Usage Guided Fuzzing
https://wcventure.github.io/MemLock

Red Team Tactics: Utilizing Syscalls in C# - Prerequisite Knowledge
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/

Replay USB messages from Wireshark (.cap) files
https://github.com/JohnDMcMaster/usbrply

Simple Remote Code Execution Vulnerability Examples for Beginners
https://medium.com/bugbountywriteup/simple-remote-code-execution-vulnerability-examples-for-beginners-985867878311

Fuzzing sockets, part 1: FTP servers
https://securitylab.github.com/research/fuzzing-sockets-FTP

Null Terminated Programming 101 - x64
https://0x00sec.org/t/null-terminated-programming-101-x64/20398

Book Review: Windows Kernel Programming and Creating Drivers of Select Exercises
https://truneski.github.io/post/2020/04/03/book-review-windows-kernel-programming-and-creating-drivers-of-select-exercises/

2019 Advent Calendar, vmware pwnables
https://github.com/nafod/advent-vmpwn//

The Kernel Concurrency Sanitizer (KCSAN)
https://github.com/google/ktsan/wiki/KCSAN#upstream-fixes-of-data-races-found-by-kcsan

wasm_runtimes_fuzzing
https://github.com/pventuzelo/wasm_runtimes_fuzzing

CodeQL U-Boot Challenge (C/C++)
https://lab.github.com/githubtraining/codeql-u-boot-challenge-(cc++)

Windows Server 2008R2-2019 NetMan DLL Hijacking
https://itm4n.github.io/windows-server-netman-dll-hijacking/

【ハニーポット簡易分析】Honeypot簡易分析(2020/4/18)
https://sec-chick.hatenablog.com/entry/2020/04/19/182419

Web Application Attacks – Types, Impact & Mitigation – Part-1
https://gbhackers.com/web-application-attacks-part1/

domain_hunter
https://github.com/bit4woo/domain_hunter

Jamfing for Joy: Attacking macOS in Enterprise
https://labs.f-secure.com/blog/jamfing-for-joy-attacking-macos-in-enterprise/

SLAE Exam Assignment 1 - Creating a Bind TCP shellcode
https://slaeryan.github.io/posts/slae-assignment1-blogpost.html

SLAE Exam Assignment 2 - Creating a Reverse TCP shellcode
https://slaeryan.github.io/posts/slae-assignment2-blogpost.html

SLAE Exam Assignment 3 - Creating an Egg-hunter shellcode
https://slaeryan.github.io/posts/slae-assignment3-blogpost.html

SLAE Exam Assignment 4 - Creating a custom shellcode encoder
https://slaeryan.github.io/posts/slae-assignment4-blogpost.html

SLAE Exam Assignment 5 - Analyzing MSFVenom payloads
https://slaeryan.github.io/posts/slae-assignment5-blogpost.html

SLAE Exam Assignment 6 - Creating polymorphic shellcode
https://slaeryan.github.io/posts/slae-assignment6-blogpost.html

SLAE Exam Assignment 7 - Creating a custom shellcode crypter
https://slaeryan.github.io/posts/slae-assignment7-blogpost.html

あやしいサイトの3分調査方法(初心者向け)
https://qiita.com/moneymog/items/2205388ff18b3f89f021

あなたもFakeNetの達人:FakeNet‐NGの裏技をマスターして動的マルウェア解析を改善しませんか
https://www.fireeye.jp/blog/jp-threat-research/2020/04/improving-dynamic-malware-analysis-with-cheat-codes-for-fakenet-ng.html

Introduction to Docker and Kubernets on GCP with Hands-on Configuration (Part 1 — Docker)
https://medium.com/google-cloud/introduction-to-docker-and-kubernets-on-gcp-with-hands-on-configuration-part-1-docker-3d9709ee9f6a

How to Setup Wazuh Open Source SIEM Virtual Machine
https://thelinuxos.com/how-to-setup-wazuh-open-source-siem/

HTBenum : A Linux Enumeration Script For Hack The Box
https://kalilinuxtutorials.com/htbenum/

Now Drag & Drop Files Between Galaxy Phones and Windows 10 PCs
https://techincidents.com/drag-and-drop-galaxy-phones-and-windows-10/

GDA- Android Reverse Engineering Suite
https://hackersonlineclub.com/gda-android-reverse-engineering-suite/

Messy BurpSuite plugin for SQL Truncation vulnerabilities.
https://github.com/InitRoot/BurpSQLTruncSanner

Sherloq- Forensic Image Analysis Suite
https://hackersonlineclub.com/sherloq-forensic-image-analysis-suite/

Open source security auditing tool to search and dump system configuration
https://github.com/trimstray/otseca

Multiple Vulnerabilities in IBM Data Risk Manager
https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md

DNSProbe : Tool That Allows You To Perform Multiple DNS Queries
https://kalilinuxtutorials.com/dnsprobe/

Nazar: A Lost Amulet
https://www.epicturla.com/blog/the-lost-nazar

Researchers Discovered a New Method that Let Hackers to Run Malicious Code Via RDP
https://cybersecuritynews.com/malicious-code-via-rdp/

Sample Results From Processing a Large Feed of Shady Covid-Type Domains
https://symantec-enterprise-blogs.security.com/blogs/expert-perspectives/sample-results-processing-large-feed-shady-covid-type-domains

Webcam Hacking for any devices in one link
https://github.com/SharqanAhamed/shasnap

SOC vs MITRE APT29 evaluation – Racing with Cozy Bear
https://www.mcafee.com/blogs/enterprise/security-operations/soc-vs-mitre-apt29-evaluation-racing-with-cozy-bear

RED HAWK- All In One Suite For Information Gathering And Vulnerability Scanning
https://hackersonlineclub.com/red-hawk-all-in-one-suite-for-information-gathering-and-vulnerability-scanning/

Cyber Security - Reducing the Biggest Threat - Emails
https://www.peerlyst.com/posts/cyber-security-reducing-the-biggest-threat-emails-mitch-christian-cissp

goBox : GO Sandbox To Run Untrusted Code
https://kalilinuxtutorials.com/gobox/

A toolkit for developing high-performance HTTP reverse proxy applications.
https://github.com/microsoft/reverse-proxy

Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials
https://blogvaronis2.wpengine.com/azure-skeleton-key/

F.商業
來毅瞄準資安商機 網路帳戶 加上防盜鎖
https://money.udn.com/money/story/8889/4502195

知名資安公司 Wordfence 推出免費的【Fast or Slow】檢測網站效能和速度工具
https://ithelp.ithome.com.tw/articles/10230962?sc=rss.qu

濎通提供加密架構組網 強化物聯網資安
https://www.2cm.com.tw/2cm/zh-tw/news/BD1DA69439B844199CF01BBDEAAD1B8D

佛心!宏碁雲架構 免費供中小企業檢測服務
https://money.udn.com/money/story/5613/4507434

奧義智慧 獲MITRE ATT&CK年度評測告警最高分
https://money.udn.com/money/story/5613/4511202

國際資安大賽,奧義智慧多項告警技冠群雄
https://ec.ltn.com.tw/article/breakingnews/3142543

免額外裝軟體就能登入!Google推BeyondCorp Remote Access免受VPN之苦
https://udn.com/news/story/7088/4510258

甲骨文整合管理軟體提供資料庫自動遷移工具,簡化混合雲管理
https://www.ithome.com.tw/review/137084

Microsoft 365全新更名 加速驅動數位轉型
https://money.udn.com/money/story/5640/4508936

廣告求轉換 內容攬新客! PIXNET發布2020年社群藍皮書
https://cnews.com.tw/178200422a01/

Delivering the Detections: MITRE ATT&CK Evaluation Demonstrates FireEye Endpoint Security and Mandiant Managed Defense Detection Leadership
https://bit.ly/3eMiik3

G.政府
反毒比賽用抖音遭疑資安漏洞 新北市教育局:已立即停用
https://www.chinatimes.com/realtimenews/20200417003469-260407?chdtv

交通部109年關鍵基礎設施資安資訊分享與分析中心平台擴充維運案
https://bit.ly/2KhwgfE

交通部資安推動計畫專業服務委外案
https://bit.ly/2ROik0T

呂文忠:調查局資安站 維護國家資安生力軍
https://udn.com/news/story/7314/4504715

調查局成立資安站護網域安全 調查官平均年齡僅31歲
https://web01.rti.org.tw/news/view/id/2060535

打擊網路犯罪、假訊息 確維資安
https://bit.ly/2VsYH0G

國防部:積極建立資安應處機制 防杜假訊息危害
https://bit.ly/2KgCZqh

「台北運動吧」粉專遭駭發A片 議員要求檢討資安
https://udn.com/news/story/7323/4505463

圖書館LED燈控制器的IP位址成攻擊跳板,法務部調查局與資安業者合力破獲
https://ithome.com.tw/news/137154

調查局聯手微軟破獲40萬裝置組成的殭屍網路,散毒源頭是一個LED燈控制器
https://www.ithome.com.tw/news/137110

微軟聯手 35 國摧毀 Necurs 殭屍網路,與調查局共享情資攻破非法 IP 位址
https://technews.tw/2020/04/22/microsoft-new-action-to-disrupt-the-largest-online-criminal-network/

國軍強化資安教育 綿密管控機制
https://www.ydn.com.tw/News/380565

由數位身分證New eID談起
https://www.peoplenews.tw/news/bcf95661-d0c4-4615-bd75-908457f20a84

澄清「數位身分證」資安疑慮 內政部:可選是否附憑證功能
https://www.chinatimes.com/realtimenews/20200423005656-260405?chdtv

禁用Zoom之後 教育部全新遠距教學影片上架
https://udn.com/news/story/6885/4510352

工研院虛擬化APP服務平台在疫情檢測獲驗證
https://www.chinatimes.com/realtimenews/20200422003519-260412?chdtv

美國RSA Conference 2020資安研討會 公務出國報告
https://report.nat.gov.tw/ReportFront/ReportDetail/detail?sysId=C10900391

經濟部能源及水資源領域工業控制系統資安防護基準
https://www.rootlaw.com.tw/LawContent.aspx?LawID=A040100021016500-1090420

H.工控系統/SCADA/ICS
Rockwell Automation RSLinx Classic
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10642

I.教育訓練
VMware VCP-NV(2V0–642)網路虛擬化 — 自修考試準備心得與抵免上課教學(Network Virtualization)
https://medium.com/blacksecurity/vmware-network-virtualization-e52b09b526c8

What does it take to become a good reverse engineer
https://securelist.com/become-a-good-reverse-engineer/96743/

How To Analyse And Capture The Packets In Wireshark
https://hackersonlineclub.com/how-to-analyse-and-capture-the-packets-in-wireshark/

J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
物聯網地理資訊整合開發,工業監控系統開發的第一步:取得圖資
https://bit.ly/3axrTrG

聯網車藏安全漏洞 恐致資料外洩及生命危險
https://bit.ly/2wTUEAY

福特、大眾暢銷車曝安全漏洞,黑客可竊取隱私、操控車輛
https://www.freebuf.com/news/233955.html

推物聯網資安標章 德國萊因獲網路攝影機資安檢測實驗室資格
https://n.yam.com/Article/20200422929040

多重破口、攻擊手法進化夾擊 弱點激增防護機制失靈頻傳  物聯網時代掀資安課題 導入新思維避免攻擊威脅
http://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/2BA306A3922C42AB87634330063C5558

Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment
https://www.zdnet.com/article/starbleed-bug-impacts-fpga-chips-used-in-data-centers-iot-devices-industrial-equipment/

Smart IoT home hubs vulnerable to remote code execution attacks
https://www.zdnet.com/article/smart-iot-home-hubs-vulnerable-to-remote-code-execution-attacks/#ftag=RSSbaffb68

6.近期資安活動及研討會
交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147

2020 LINE Taiwan Developers Recruitment Day  4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/

金融數據應用 統計+視覺化 4/26
https://tw.pyladies.com/events/event.html?id=179

交通大學駭客書院 -     基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151

資安社 - Forensic(一) 5/20
https://nsysuisc.kktix.cc/events/2020forensic1

交通大學駭客書院 -     電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156

Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/

交通大學駭客書院 -     進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159

109年智能物聯網與資訊安全碩士學分班 5/30 ~ 8/8
https://www.accupass.com/event/2003160837472127685300

邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index

交通大學駭客書院 -     高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161

交通大學駭客書院 -     企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164

CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/

留言

這個網誌中的熱門文章

資安事件新聞週報 2019/2/25 ~ 2019/3/1

資安事件新聞週報  2019/2/25  ~  2019/3/1

1.重大弱點漏洞

Avast:數位家庭最容易有漏洞的裝置是印表機、網路裝置及監視器
https://ithome.com.tw/news/128997

F5 BIG-IP Access Policy Manager 跨站腳本漏洞  CVE-2019-6595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6595

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT
https://www.exploit-db.com/exploits/46444

報告:前十大熱門Docker映像檔都有至少30個以上的漏洞
https://www.ithome.com.tw/news/129018

有攻擊者正利用Chrome的0day漏洞偷取他人信息
https://nosec.org/home/detail/2294.html

Chrome瀏覽器被曝存在漏洞攻擊者可通過PDF收集用戶信息
http://www.sohu.com/a/298175326_114774?sec=wd

Google Chrome zero-day used in the wild to collect user data via PDF files
https://www.zdnet.com/article/google-chrome-zero-day-used-in-the-wild-to-collect-user-data-via-pdf-files/#ftag=RSSbaffb68

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
https://bit.ly/2H4ZAWr

研究人員揭露大批Thunderclap安全漏洞,允許惡意周邊裝置竊取記憶體機密資訊
https://www.ithome.com.tw/news/129021

新發現的thunderclap 漏洞允許黑客使用Thunderbolt/USB-C 外設攻擊PC
http://hackernews.cc/archives/24…

資安新聞及事件週報 2018/12/3 ~ 2018/12/7

1.重大弱點漏洞

WebEx Meetings漏洞沒補好,思科再補一次
https://ithome.com.tw/news/127328

Cisco Prime License Manager 存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181128-plm-sql-inject

IBM QRadar SIEM 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1730

2019 PHP5網站技術支援到期,恐將成為資安孤兒
https://bit.ly/2Udfh1S

高階腳本語言Perl測出多種overflow觸發情境
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5059

CVE-2018-8550widows提權漏洞預警及復現
https://www.bilibili.com/video/av37405552/

Oracle WebLogic Server存在未明漏洞  CVE-2018-3249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3249

CyberArk 9.7 - Memory Disclosure
https://old.exploit-db.com/exploits/45926/?rss

Chrome 71出爐,加強封鎖不良廣告、修補43個安全漏洞
https://www.ithome.com.tw/news/127492

儘速更新Zoom!避免駭客亂入視訊會議
https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5061

libsixel 緩衝區錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19762

容器技術 Kubernetes 被回報首度重大漏洞,使用者要盡快升級修補
https://technew…

9月份資安社群及教育訓練活動分享

9月份資安社群及教育訓練活動分享


 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019

 MLDM Monday|用開放資料玩出政府創新應用 : 當雨神來臨時  9/2
 https://www.meetup.com/Taiwan-R/events/262992081/

 Taipei Rails Meetup  9/3
 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/

 高雄 Rails Meetup 9/4
 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/

 Android Code Club(Taipei) 9/4
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/

 SyntaxError 9/4
 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/

 工業控制系統資安研討會 9/5
 http://bit.ly/2NsMvt5

 HackingThursday 固定聚會 9/5
 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/

 TWJUG 201909 聚會 9/5
 https://www.meetup.com/taiwanjug/events/264123847/