資安事件新聞週報 2020/8/10 ~ 2020/8/14
1.重大弱點漏洞/後門/Exploit/Zero Day
高通、聯發科Wi-Fi晶片發現漏洞,訊號傳輸、數據封包恐被攔截
https://www.bnext.com.tw/article/58801/krook-serious-vulnerability-affected-encryption-billion-wifi-devices-qualcomm-mediatek
TeamViewer 曝漏洞 瀏覽特定網頁即可被無密碼入侵
https://www.chainnews.com/zh-hant/articles/996871847939.htm
安全研究人員:衛星網路含有可被竊聽的安全漏洞
https://www.ithome.com.tw/news/139281
路由器,交換機和 AnyConnect VPN 中的高度嚴重漏洞
https://www.chainnews.com/zh-hant/articles/384089921935.htm
Windows 10再爆Print Spooler組件漏洞曾修復一次但被繞過
https://www.sohu.com/a/412020059_99956743
Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks
https://thehackernews.com/2020/08/foreshadow-processor-vulnerability.html
FreeBSD 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7459
Kibana拒絕服務和跨站腳本漏洞預警
https://www.secrss.com/articles/24531
OpenSSL中的漏洞影響IBM Flex系統網絡交換機(CVE-2015-0286)
https://support.lenovo.com/hk/zh/solutions/ht116251/
0-Day Hacking RPA -1(UiPath) B(Remote Components)
https://www.youtube.com/watch?v=OiryDE4aH9A
Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days
https://www.zdnet.com/article/microsoft-august-2020-patch-tuesday-fixes-120-vulnerabilities-two-zero-days/#ftag=RSSbaffb68
Critical Adobe Acrobat and Reader Bugs Allow RCE
https://threatpost.com/critical-adobe-acrobat-reader-bugs-rce/158261/
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
會計師看時事/數位鑑識 防杜資訊危機最後防線
https://money.udn.com/money/story/8944/4761765
金融四資安威脅 金管會示警
https://www.chinatimes.com/newspapers/20200807000287-260205?chdtv
金管會推金融資安方案 31家2年內須設資安長
https://reurl.cc/Kky1zn
金管會強化資安防護 31家金融業須設資安長
https://ec.ltn.com.tw/article/paper/1391518
樂天網銀存戶 首年拚50萬
https://money.udn.com/money/story/5613/4764756
手機門號轉帳 年底拚跨行
https://udn.com/news/story/7239/4767115
第一資本遭駭上億個資外流 美財政部罰逾23億
https://money.udn.com/money/story/5599/4766211
資安、雙語人才受歡迎 行庫攬才 下半年擴大招募
https://ppt.cc/fMhYTx
新人7月陸續到位 不畏疫情 金控徵才一波波
https://ppt.cc/fH3olx
金管會首度揭露金融資安行動方案8大亮點,將分4年分階段推動採每半年滾動式檢討
https://www.ithome.com.tw/news/139299
用銀行APP繳卡費 她手滑多按一個數字匯了18萬快崩潰
https://udn.com/news/story/120912/4767845
Capital One agrees to $80M fine, cybersecurity consent order for 2019 data breach
https://reurl.cc/pdqeKr
Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon
https://thehackernews.com/2020/08/magecart-homograph-phishing.html
Inter skimming kit used in homoglyph attacks
https://blog.malwarebytes.com/threat-analysis/2020/08/inter-skimming-kit-used-in-homoglyph-attacks/
Hackers say ‘jackpotting’ flaws tricked popular ATMs into spitting out cash
https://techcrunch.com/2020/08/06/hackers-atm-spit-cash/
Travelex Forced into Administration After Ransomware Attack
https://www.infosecurity-magazine.com/news/travelex-forced-administration/
ACCC says bank screen scraping warnings are not anti-competitive
https://www.zdnet.com/article/accc-says-bank-screen-scraping-warnings-are-not-anti-competitive/
Magecart group uses homoglyph attacks to fool you into visiting malicious websites
https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/#ftag=RSSbaffb68
Diebold ATM Terminals Jackpotted Using Machine’s Own Software
https://threatpost.com/diebold-atm-terminals-jackpotted-using-machines-own-software/157575/
Crooks have acquired proprietary Diebold software to “jackpot” ATMs
https://news.hitb.org/content/crooks-have-acquired-proprietary-diebold-software-jackpot-atms
Thieves Are Emptying ATMs Using a New Form of Jackpotting
https://www.wired.com/story/thieves-are-emptying-atms-using-a-new-form-of-jackpotting/
University Investigates Skimming of Credit Card Data
https://www.bankinfosecurity.com/university-investigates-skimming-credit-card-data-a-14803
3.電子支付/行動支付/pay/資安
ios 台灣pay 主掃支付方式
https://pttcareers.com/MobilePay/1VBhHjxn
「醫指付行動支付」省時便利 43萬人註冊
https://reurl.cc/ygy4qa
公股銀傳要員工三倍券綁台灣Pay 財部:不可強制
https://money.udn.com/money/story/5613/4781321
電子支付新里程碑!國泰人壽首創用街口支付繳保費
https://money.udn.com/money/story/5613/4781427
政院通過電子支付管理草案 加速普及行動支付
https://reurl.cc/odD4kD
臉書建立新金融服務部門 電子支付參一腳
https://ctee.com.tw/news/global/316656.html
電子支付不流行了?金管會:年底難達成預期目標,將加強跨平台便利性
https://www.storm.mg/article/2897671
4.加密貨幣/挖礦/區塊鍊 資安
PeckShield:DeFi平台Opyn智能合約漏洞詳解,攻擊者空手套白狼
https://www.theblockbeats.com/news/18807
Ledger 冷錢包爆漏洞!無法識別比特幣及分叉鏈,恐致用戶在不知情下轉出 BTC
https://www.blocktempo.com/ledger-wallet-vulnerability/
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC
Mirai 殭屍網路可被用來透過漏洞 CVE-2020-5902攻擊物聯網裝置
https://blog.trendmicro.com.tw/?p=65401
TA551 (Shathak) Word docs push IcedID (Bokbot)
https://isc.sans.edu/forums/diary/TA551+Shathak+Word+docs+push+IcedID+Bokbot/26438/
Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
https://blog.trendmicro.com/trendlabs-security-intelligence/water-nue-campaign-targets-c-suites-office-365-accounts/
Unpatched bug in Windows print spooler lets malware run as admin
https://www.bleepingcomputer.com/news/security/unpatched-bug-in-windows-print-spooler-lets-malware-run-as-admin/
July 2020’s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence
https://reurl.cc/Y1MKVn
Canon confirms ransomware attack in internal memo
https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo/
McAfee Defender’s Blog: NetWalker
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-defenders-blog-netwalker/
5ヶ月で約26億円を盗み取ったランサムウェア
https://www.gizmodo.jp/2020/08/netwalker-ransomware.html
MAZEの目的は何か:MAZEランサムウェア・インシデントに関連したTTP(Tactics, Techniques, Procedures)の解説と脅威対策
https://www.fireeye.com/blog/jp-threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
A Fork of the FTCode Powershell Ransomware
https://isc.sans.edu/forums/diary/A+Fork+of+the+FTCode+Powershell+Ransomware/26434/
B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G
5G大喜事 EEE GLOBECOM會議移師來台
https://ctee.com.tw/news/tech/315735.html
資安防護還是政治操作?美參議院通過:未來政府設備禁用Tik Tok
http://n.yam.com/Article/20200807803871
憂臉書被他國封殺?札克伯格:美禁TikTok創非常糟糕先例
https://ec.ltn.com.tw/article/breakingnews/3252998
Google 刪除近 2600 中國 YouTube 頻道 打擊有組織輿論影響活動
https://unwire.hk/2020/08/08/youtube-channel/hottopic/spotlight/
Check Point:高通DSP晶片含嚴重安全漏洞,逾40%手機遭波及
https://www.ithome.com.tw/news/139276
Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs
https://reurl.cc/lVEKgY
外媒:美國有軍方背景公司在500多款應用中植入跟踪軟件
https://reurl.cc/R1nvnD
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
〈財經週報-駭客出沒〉駭客手法300多種 知己知彼即時應變
https://ec.ltn.com.tw/article/paper/1392108
火網評論:如何防止紅色供應鏈擴散進化
https://tw.appledaily.com/headline/20200809/Q62JKUT4EP72PHKVJ5EMKBOSFM/
駭客趁疫打劫 全球網路攻擊暴增
https://ctee.com.tw/news/tech/315582.html
我們不可輕易輕敵,有天它將取代人類
https://reurl.cc/yZ59lq
Twitter 黑客事件 Zoom 網上聽證會 被入侵播 Pornhub 影片被逼中止
https://reurl.cc/V6GbqQ
美情報官員:中共伊朗不願川普連任 俄國全力反拜登
https://reurl.cc/3D8qZX
[姆咪] Reddit 遭到駭客攻擊,大量板面變成川普
https://pttweb.tw/s/19FunF
蓬佩奧懸賞千萬美元防外國干預美國大選
https://reurl.cc/8GrRkb
批陸駭客攻擊美大選設備 白宮國安顧問撂狠話警告
https://www.chinatimes.com/realtimenews/20200810001746-260408?chdtv
白宮國安顧問:中國駭客鎖定美國選舉基礎設施
https://www.cna.com.tw/news/aopl/202008100009.aspx
中總譴責美國所謂制裁嚴重干涉中國內政
http://www.hkcd.com/content/2020-08/08/content_1206231.html
【踢走中國就是乾淨】美國宣布「乾淨網路」計畫!App 商店、電信商、雲端全面大掃除,連海底電纜都不放過
https://buzzorange.com/techorange/2020/08/07/us-clean-network-pompeo/
竹科遭中國駭客入侵?美媒驚爆「至少7間半導體」受害
https://www.setn.com/News.aspx?NewsID=794393
【立法會選舉】五眼聯盟反對DQ 中方批傲慢與偏見
https://ppt.cc/fRL9bx
#DEFCON: How the International Space Station Enables Cybersecurity
https://www.infosecurity-magazine.com/news/international-space-station/
Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
https://thehackernews.com/2020/08/http-request-smuggling.html
INTERPOL: Cybercrime Growing at an “Alarming Pace” Due to #COVID19
https://www.infosecurity-magazine.com/news/cybercrime-growing-alarming-pace/
China has stolen Taiwan’s semiconductor secrets: Wired
https://www.taiwannews.com.tw/en/news/3982792
Black Hat: Hackers are using skeleton keys to target chip vendors
https://reurl.cc/qd9WpD
How COVID-19 Has Changed Business Cybersecurity Priorities Forever
https://thehackernews.com/2020/08/covid-19-cybersecurity.html
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI
https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/
Hackers are defacing Reddit with pro-Trump messages
https://www.zdnet.com/article/hackers-are-defacing-reddit-with-pro-trump-messages/#ftag=RSSbaffb68
FBI: Iranian hackers trying to exploit critical F5 BIG-IP flaw
https://www.bleepingcomputer.com/news/security/fbi-iranian-hackers-trying-to-exploit-critical-f5-big-ip-flaw/
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI
https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/
National Cyber Security Centre launches tool to help keep data safe during pandemic
https://www.legalfutures.co.uk/associate-news/national-cyber-security-centre-launches-tool-to-keep-data-safe-during-pandemic
FBI says an Iranian hacking group is attacking F5 networking devices
https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/#ftag=RSSbaffb68
Chinese Hackers Charged in Decade-Long Crime and Spying Spree
https://www.wired.com/story/chinese-hackers-charged-decade-long-crime-spying-spree/
Network intruders selling access to high-value companies
https://www.bleepingcomputer.com/news/security/network-intruders-selling-access-to-high-value-companies/#.XzLxu4t-l8U.twitter
資安工程師(技術研發)_台達研究院(台北)
https://www.yourator.co/companies/deltaww/jobs/12728?locale=en
【日商樂天】資安主管 (Manager of Security Audit Team)(DEV)
https://www.104.com.tw/job/70o4o
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
交友網站誘騙日本男性用戶
https://blog.trendmicro.com.tw/?p=65436
花甲大媽收穫網路「愛情」,對象竟是「美國大兵」
https://reurl.cc/Nj5Kvp
【駭翻推特(上)】從拜登到貝佐斯 當駭客接管政要首富的官方帳號
https://www.mirrormedia.mg/story/20200805int004/
【駭翻推特(下)】「SIM掉包術」 凸顯「兩階段驗證」資安漏洞
https://www.mirrormedia.mg/story/20200805int005/
假點讚真詐騙 財損數百萬
https://reurl.cc/mnWKNj
2歲萌兒IG第6次遭駭客攻擊 Gary心累:想罵髒話忍住了
https://star.ettoday.net/news/1779737
LG、Xerox 內部資料遭竊並公開
https://www.twcert.org.tw/tw/cp-104-3843-00c52-1.html
再破紀錄!韓國清純直播主收「千萬韓元」斗內 網驚:遭到駭客
https://www.ttshow.tw/kol/71350/
網路遊戲地雷多…網路詐騙連年增 疫情期間資安攻擊頻率再升級
https://reurl.cc/0oVGrM
英特爾至少20GB機密資料外洩,涉及晶片開發工具、原始碼等
https://news.knowing.asia/news/e0533633-b2c7-4709-ba45-948a97d9e67d
英特爾傳被駭,外洩程式碼、工具等機密文件
https://www.ithome.com.tw/news/139258
Intel 高達 20GB 的 BIOS 和技術程式碼流出,好戲還在後頭
https://www.kocpc.com.tw/archives/337023
Intel leaks – Hacker posts 20GB of alleged Intel source code, files online
https://www.hackread.com/intel-leaks-hacker-posts-intel-source-code-files-online/
2.3 MILLION+ USA DOCTOR RECORDS ALLEGEDLY LEAKED ON DARKWEB FOR FREE
https://cybleinc.com/2020/08/08/2-3-million-usa-doctor-records-allegedly-leaked-on-darkweb-for-free/
Spam and phishing in Q2 2020
https://securelist.com/spam-and-phishing-in-q2-2020/97987/
Fake security advisory used in clever cPanel phishing attack
https://www.bleepingcomputer.com/news/security/fake-security-advisory-used-in-clever-cpanel-phishing-attack/
Report: N.J. ranks No. 15 among states for data breach victims
https://www.roi-nj.com/2020/07/21/tech/report-n-j-ranks-no-15-among-states-for-data-breach-victims/
Genealogy Software Maker Exposes Data on 60,000 Users
https://www.infosecurity-magazine.com/news/genealogy-software-maker-exposes/
Number of Reported Breaches Decrease In First Half of 2020
https://www.darkreading.com/attacks-breaches/number-of-reported-breaches-decrease-in-first-half-of-2020/d/d-id/1338392
DeepSource resets logins after employee falls for Sawfish phishing
https://www.bleepingcomputer.com/news/security/deepsource-resets-logins-after-employee-falls-for-sawfish-phishing/#.XxcHf9b6mcs.twitter
6,600 organizations bombarded with 100,000+ BEC attacks
https://www.helpnetsecurity.com/2020/08/10/6600-organizations-bombarded-with-100000-bec-attacks/
Barclays Faces Employee Spying Probe
https://www.bankinfosecurity.com/barclays-faces-employee-spying-probe-a-14796
Phishing Campaign Spoofs SBA Loan Offer
https://www.bankinfosecurity.com/phishing-campaign-spoofs-sba-loan-offer-a-14800
SBA phishing scams: from malware to advanced social engineering
https://blog.malwarebytes.com/scams/2020/08/sba-phishing-scams-from-malware-to-advanced-social-engineering/
Fake security advisory used in clever cPanel phishing attack
https://www.bleepingcomputer.com/news/security/fake-security-advisory-used-in-clever-cpanel-phishing-attack/
E.研究報告
Mirai 殭屍網絡利用CVE-2020-5902 漏洞攻擊物聯網設備
https://paper.seebug.org/1286/
Weblogic 遠程命令執行漏洞(CVE-2020-14645)分析
https://paper.seebug.org/1287/
Shiro RememberMe 漏洞檢測的探索之路
https://paper.seebug.org/1285/
Weblogic 遠程命令執行漏洞(CVE-2020-14644)分析
https://paper.seebug.org/1284/
Bulehero 蠕蟲病毒安全分析報告
https://paper.seebug.org/1283/
PHP環境XML外部實體注入漏洞(XXE)
http://www.secwk.com/2020/08/07/19440/
路由器漏洞利用工具RouterSploit
https://m.yisu.com/zixun/291114.html
通過白名單iptables限制ip規避漏洞
http://blog.itpub.net/69959246/viewspace-2710158/
ASP.NET Core JSON 中文編碼問題與序列化參數設定
https://blog.darkthread.net/blog/aspnet-core-json-setting/
Tenda AC15 AC1900多個漏洞分析
https://www.anquanke.com/post/id/213416
Updates from Threat Analysis Group (TAG) Bulletin: Q2 2020
https://blog.google/threat-analysis-group/tag-bulletin-q2-2020/
Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
https://thehackernews.com/2020/08/http-request-smuggling.html
CVE-2019-7609
https://github.com/kisec/CVE-2019-7609
SOC1 vs SOC2 – Cyber Threat Intelligence Guide
https://cybersecuritynews.com/soc1-vs-soc2/
DEF CON: New tool brings back 'domain fronting' as 'domain hiding'
https://www.zdnet.com/article/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding/#ftag=RSSbaffb68
Astra
https://github.com/flipkart-incubator/Astra
Pwn2Own Qualcomm cDSP
https://reurl.cc/9Ed2r8
Pwn2Own -> Xxe2Rce
http://muffsec.com/blog/?p=608
Limiting Location Data Exposure
https://media.defense.gov/2020/Aug/04/2002469874/-1/-1/0/CSI_LIMITING_LOCATION_DATA_EXPOSURE_FINAL.PDF
TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices
https://reurl.cc/z82xMe
Stealthily Access Your Android Phones:Bypass the Bluetooth Authentication
https://reurl.cc/Y1My94
Mimir Smart OSINT collection of common IOC types.
https://github.com/deadbits/mimir
Capacitor
https://github.com/ionic-team/capacitor
axiom
https://github.com/pry0cc/axiom
TOP 11 Deep Web Search Engine Alternative for Google and Bing 2020
https://gbhackers.com/top-10-deep-web-search-engines-which-gives-deep-information-that-you-cant-get-it-in-google-and-bing/
PivotSuite- Hack The Hidden Network
https://hackersonlineclub.com/pivotsuite-hack-the-hidden-network/
Evine - Interactive CLI Web Crawler
https://www.kitploit.com/2020/08/evine-interactive-cli-web-crawler.html
dnsteal - DNS Exfiltration tool for stealthily sending files over DNS requests
https://hakin9.org/dnsteal-dns-exfiltration-tool-for-stealthily-sending-files-over-dns-requests/
Tool-X is a Kali Linux hacking tools installer for Termux and linux system
https://hakin9.org/tool-x-is-a-kali-linux-hacking-tools-installer-for-termux-and-linux-system/
Black Hat: Entropy - the solution to malvertising and malspam
https://www.zdnet.com/article/black-hat-entropy-the-solution-to-malvertising/#ftag=RSSbaffb68
Black Hat: Hackers are using skeleton keys to target chip vendors
https://www.zdnet.com/article/black-hat-hackers-are-now-using-cobalt-strike-and-skeleton-keys-to-target-semiconductor-firms/#ftag=RSSbaffb68
r00kie-kr00kie: PoC exploit for the CVE-2019-15126 kr00k vulnerability
https://hakin9.org/r00kie-kr00kie-poc-exploit-for-the-cve-2019-15126-kr00k-vulnerability/
Analysts Detect New Banking Malware
https://www.infosecurity-magazine.com/news/analysts-detect-new-banking/
Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots
https://www.zdnet.com/article/black-hat-healthcare-senior-living-temi-robots-can-be-hijacked-remotely-by-hackers/#ftag=RSSbaffb68
Malwoverview
https://github.com/alexandreborges/malwoverview
Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs
https://threatpost.com/black-hat-linux-spyware-stack-chinese-apts/158092/
Researcher Finds New Office Macro Attacks for MacOS
https://www.darkreading.com/endpoint/researcher-finds-new-office-macro-attacks-for-macos/d/d-id/1338610?&web_view=true
MS OFFICE IN WONDERLAND
https://i.blackhat.com/asia-19/Thu-March-28/bh-asia-Hegt-MS-Office-in-Wonderland.pdf
Black Hat: How hackers gain root access to SAP enterprise servers through SolMan
https://www.zdnet.com/article/black-hat-solman-how-hackers-could-gain-root-access-to-sap-enterprise-servers/
Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach
https://www.fireeye.com/blog/threat-research/2020/08/bypassing-masslogger-anti-analysis-man-in-the-middle-approach.html
Agent Tesla | Old RAT Uses New Tricks to Stay on Top
https://labs.sentinelone.com/agent-tesla-old-rat-uses-new-tricks-to-stay-on-top/
Mouse Framework is an iOS and macOS post-exploitation framework
https://hakin9.org/mouse-framework-is-an-ios-and-macos-post-exploitation-framework/
mihari
https://github.com/ninoseki/mihari
spiderfoot
https://github.com/smicallef/spiderfoot
Defending Your Malware
https://blog.dylan.codes/defending-your-malware/
Breaking through Windows’ defenses: Analyzing mLNK Builder
https://research.checkpoint.com/2020/breaking-through-windows-defenses-analysing-mlnk-builder/
Gorgon APT targeting MSME sector in India
https://www.seqrite.com/blog/gorgon-apt-targeting-msme-sector-in-india/
TeamViewer Flaw Could Let Hackers Steal System Password Remotely
https://thehackernews.com/2020/08/teamviewer-password-hacking.html
Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28
https://thehackernews.com/2020/08/zoom-software-vulnerabilities.html
Capital One Fined $80 Million for 2019 Data Breach Affecting 106 Million Users
https://thehackernews.com/2020/08/capital-one-data-breach.html
Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers
https://thehackernews.com/2020/08/chrome-csp-bypass.html
A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly
https://thehackernews.com/2020/08/vBulletin-vulnerability-exploit.html
Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
https://thehackernews.com/2020/08/microsoft-software-patches.html
Flaws in Samsung Phones Exposed Android Users to Remote Attacks
https://thehackernews.com/2020/08/samsung-find-my-phone-hacking.html
Contrast Community Edition Empowers Developers to Write Secure Code Faster
https://thehackernews.com/2020/08/devops-appsec-cybersecurity.html
Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)
https://thehackernews.com/2020/08/citrix-endpoint-management.html
RedCurl cybercrime group has hacked companies for three years
https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/#ftag=RSSbaffb68
APT Group “RedCurl” Has Been Stealing Sensitive Data for Three Years
https://www.technadu.com/apt-group-redcurl-stealing-sensitive-data-three-years/174591/
RedCurl
https://www.group-ib.com/resources/threat-research/red-curl.html
Case Study: Catching a Human-Operated Maze Ransomware Attack In Action
https://labs.sentinelone.com/case-study-catching-a-human-operated-maze-ransomware-attack-in-action/
Hackers combine two unpatched Microsoft zero-days in attack on South Korean firm
https://www.itpro.co.uk/security/cyber-security/356761/hackers-chained-two-unpatched-microsoft-zero-days-to-attack-south
Contradicting Israel, cybersecurity firm says N. Korea breached defense industry
https://www.timesofisrael.com/cybersecurity-firm-n-korea-hack-successfully-breached-israel-defense-industry/
F.商業
以法遵思維出發的資安防禦平台,從閘道到端點的全面防護
https://www.ithome.com.tw/pr/139251
思科攜手工業局打造首座5G開放式架構「企業專網」實驗平台
https://www.chinatimes.com/realtimenews/20200807003092-260410?chdtv
趨勢科技推出「雲端偵測及回應 (XDR)」與託管式偵測及回應 (Managed XDR) 服務
https://reurl.cc/ZORLdl
三竹拚跨境電商 打國際盃
https://money.udn.com/money/story/5649/4768680
駭客每39秒攻擊一次 駭出台幣3兆元資安市場
https://ec.ltn.com.tw/article/paper/1392101
中華資安國際攜手奧義智慧 資安國家隊推「AI巡檢包」
https://money.udn.com/money/story/5612/4770011
Fortinet launches 4400F hyperscale data center, 5G firewall, reports strong Q2
https://www.zdnet.com/article/fortinet-launches-4400f-hyperscale-data-center-5g-firewall/#ftag=RSSbaffb68
G.政府
數位發展部,「發展」什麼
https://reurl.cc/MvYKov
台灣「乾淨網路」 鄭文燦:4年前就超前部署
https://ec.ltn.com.tw/article/paper/1391709
政府機關資安弱點通報機制(VANS)實作訓練
https://ppt.cc/fUierx
政府組態基準(GCB)實作研習活動Windows 10組態設定說明
https://ppt.cc/fxhmJx
H.工控系統/ICS/SCADA 相關資安
Delta Electronics TPEditor 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16225
Data Loss Protection (DLP) for ICS/SCADA
https://securityboulevard.com/2020/07/data-loss-protection-dlp-for-ics-scada/
SCADA & Security of Critical Infrastructures [Updated 2020]
https://securityboulevard.com/2020/07/scada-security-of-critical-infrastructures-updated-2020/
ICS/SCADA Wireless Attacks
https://securityboulevard.com/2020/07/ics-scada-wireless-attacks/
INDUSTRIAL CONTROL SYSTEMS SECURITY SOFTWARE MARKET ANALYSIS
https://www.express-journal.com/industrial-control-systems-security-software-market-169428/
I.教育訓練
Modbus Traffic Capture Analysis [FREE COURSE CONTENT]
https://pentestmag.com/modbus-traffic-capture-analysis-free-course-content/
Incident response: How to use OSINT
https://blog.eccouncil.org/incident-response-how-to-use-osint/
Have I Been Pwned to release code base to the open source community
https://www.zdnet.com/article/have-i-been-pwned-to-release-code-base-to-the-open-source-community/#ftag=RSSbaffb68
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
OpenAI 推出全新 NLP 模型 GPT-3,可能有與區塊鏈技術相提並論的潛力
https://technews.tw/2020/07/21/new-natural-language-processing-model-may-be-biggest-thing-since-bitcoin/
結合居家防護與智慧物聯網的電子鎖
https://www.inside.com.tw/article/20530-Electroniclocks
聯網安全「面面俱到」: 物聯網裝置、傳輸、雲端的全方位安全對策
http://www.netadmin.com.tw/netadmin/zh-tw/video/18063FF96B244AE7B766CC25B571C4BE
物聯網安全高峰論壇特別報導
https://www.netadmin.com.tw/files/event/20191127event/pagemain.html
6.近期資安活動及研討會
高雄場-資安趨勢暨物聯網(IoT)資安探討 8/17
https://tacert.mis.nsysu.edu.tw/p/404-1257-207359.php
「公司守個資,資安動起來!」-經濟部工業局109年企業個人資料保護暨資訊安全宣導說明會 8/18
https://stli.iii.org.tw/news-event.aspx?no=16&d=1040
DevDays Asia 2020 Online 亞太技術年會 8/19 8/20 8/21 8/25 8/26
https://seminar.ithome.com.tw/public/live/devdays/
ClassNK 2020台灣技術研討會 8/19、8/26北高登場
https://times.hinet.net/news/23003850
物聯網(IoT)資安防護設計與強化實作培訓班 8/19 ~ 8/21
https://www.moea.gov.tw/Mns/populace/news/NewsAction.aspx?kind=4&menu_id=43&news_id=90845
【資安初階課程】Google hacking & Shodan實務 上課時間: 2020/8/20 (四) 09:30 ~ 16:30
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3905&from_course_list_url=homepage
臺北場-資安趨勢暨網路攻防技術 8/20
https://tacert.mis.nsysu.edu.tw/p/404-1257-237050.php
醫療資訊安全技術實作培訓班 8/20 ~ 8/22
https://www.moeaidb.gov.tw/external/ctlr?PRO=indpark.BulletinView&id=21154&lang=0
「資安管理與 個資保護落實之新觀念與新趨勢」教育訓練 8/21
https://reurl.cc/pdlX3r
自然語言處理技術再進化,Google BERT讓聊天機器人更能理解人類意圖,進入全新境界 8/22
https://www.techbang.com/posts/78985-course-bert-technology-practice
資安事故處理實務課程-109年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」 8/22
https://www.cisanet.org.tw/News/activity_more?id=MTUyOA==
SDN x Cloud Native Meetup - Webinar 海外篇 #5 8/22
https://www.meetup.com/CloudNative-Taiwan/events/272097499/
NISRA Enlightened 2020 8/24
https://nisra.kktix.cc/events/2020enlightened
中華電信學院 109 年 暑期 CCNA 網通證照實戰營(高雄) 8/24
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=172
「物聯網世界新常態的資安挑戰和機會研討會」 8/25
https://www.acw.org.tw/News/Detail.aspx?id=1142
中華電信學院 無人機操控證照輔導班 基本級2KG以下(高雄平日全科班) 8/22 ~ 8/28
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=166
開源碼網管軟體實作(高雄上機實作)8/26
https://tacert.mis.nsysu.edu.tw/p/404-1257-207353.php
中華電信學院 資通安全專業課程訓練 勒索軟體與釣魚平台防護實務 8/27 ~ 8/28
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=63
智慧工控與智慧電網資安風險與防護研討會 8/28
https://www.beclass.com/rid=2443d1b5f23d8632b23a
交通大學亥客書院 新世代企業資安治理: 現今企業經營所面臨之挑戰 8/28
https://hackercollege.nctu.edu.tw/?p=1190
中華電信學院 資通安全專業課程訓練 網站弱點偵測與防護管理 9/4
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=58
交通大學亥客書院 電子郵件之偽造攻擊與防護措施 9/5
https://hackercollege.nctu.edu.tw/?p=1203
台灣駭客年會 HITCON Training 2020 9/5
https://hitcon.kktix.cc/events/hitcon-training-2020
台灣駭客年會 HITCON Training 2020 - 學生報名 9/5
https://hitcon.kktix.cc/events/hitcon-training-2020-student
認證系統安全從業人員 SSCP 輔導班 9/5 ~ 9/13
https://www.iiiedu.org.tw/courses/asq902t2001/
中華電信學院 資通安全專業課程訓練 物聯網資安威脅與實務 9/9 ~ 9/11
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=54
邊緣計算系統之大數據與深度學習應用 9/11
https://reurl.cc/62OD9k
HITCON 2020 台灣駭客年會 9/11
https://hitcon.kktix.cc/events/hitcon-2020
交通大學亥客書院 基礎網頁安全與滲透測試 9/12
https://hackercollege.nctu.edu.tw/?p=1205
數據分析與機器學習案例實務(二)應用實例 上課時間: 2020/9/14 (一) 09:30 ~ 16:30
https://reurl.cc/1xAoMp
【單元課程班-認列董監進修時數】開始報名, 「資安戰略對企業發展關鍵意義及資安治理與防護」109/10/15
https://reurl.cc/AqGdlQ
中華電信學院 資通安全專業課程訓練 Web應用滲透測試 9/16 ~ 9/17
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=167
邊緣計算系統之大數據與深度學習應用 上課時間: 2020/9/18 (五) 09:30 ~ 16:30
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3895&from_course_list_url=homepage
交通大學亥客書院 緩衝區溢位攻擊與預防 10/17
https://hackercollege.nctu.edu.tw/?p=1207
中華電信學院 自主式移動機器人ROS開發實戰班 10/20 ~ 10/23
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=188
交通大學亥客書院 入侵行為發覺與應變指南 10/24
https://hackercollege.nctu.edu.tw/?p=1214
交通大學亥客書院 進階網頁滲透測試 10/31
https://hackercollege.nctu.edu.tw/?p=1216
交通大學亥客書院 阻斷服務攻擊/分散式阻斷服務攻擊/Botnet 11/7
https://hackercollege.nctu.edu.tw/?p=1218
交通大學亥客書院 基礎網站安全建構實務 11/14
https://hackercollege.nctu.edu.tw/?p=1220
交通大學亥客書院 系統防護及內網威脅通報應變實戰班 11/17、11/24
http://service.tabf.org.tw/tw/user/409646/course1-4.htm
交通大學亥客書院 惡意程式檢測實務 11/21 11/28
https://hackercollege.nctu.edu.tw/?p=1222
交通大學亥客書院 高階網頁滲透測試 12/5 12/12
https://hackercollege.nctu.edu.tw/?p=1224
交通大學亥客書院 系統滲透測試與漏洞利用 12/19
https://hackercollege.nctu.edu.tw/?p=1226
交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16
https://hackercollege.nctu.edu.tw/?p=1228
交通大學亥客書院 企業網域控管-Active Directory攻擊與防禦 2021/1/23
https://hackercollege.nctu.edu.tw/?p=1230
1.重大弱點漏洞/後門/Exploit/Zero Day
高通、聯發科Wi-Fi晶片發現漏洞,訊號傳輸、數據封包恐被攔截
https://www.bnext.com.tw/article/58801/krook-serious-vulnerability-affected-encryption-billion-wifi-devices-qualcomm-mediatek
TeamViewer 曝漏洞 瀏覽特定網頁即可被無密碼入侵
https://www.chainnews.com/zh-hant/articles/996871847939.htm
安全研究人員:衛星網路含有可被竊聽的安全漏洞
https://www.ithome.com.tw/news/139281
路由器,交換機和 AnyConnect VPN 中的高度嚴重漏洞
https://www.chainnews.com/zh-hant/articles/384089921935.htm
Windows 10再爆Print Spooler組件漏洞曾修復一次但被繞過
https://www.sohu.com/a/412020059_99956743
Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks
https://thehackernews.com/2020/08/foreshadow-processor-vulnerability.html
FreeBSD 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7459
Kibana拒絕服務和跨站腳本漏洞預警
https://www.secrss.com/articles/24531
OpenSSL中的漏洞影響IBM Flex系統網絡交換機(CVE-2015-0286)
https://support.lenovo.com/hk/zh/solutions/ht116251/
0-Day Hacking RPA -1(UiPath) B(Remote Components)
https://www.youtube.com/watch?v=OiryDE4aH9A
Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days
https://www.zdnet.com/article/microsoft-august-2020-patch-tuesday-fixes-120-vulnerabilities-two-zero-days/#ftag=RSSbaffb68
Critical Adobe Acrobat and Reader Bugs Allow RCE
https://threatpost.com/critical-adobe-acrobat-reader-bugs-rce/158261/
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
會計師看時事/數位鑑識 防杜資訊危機最後防線
https://money.udn.com/money/story/8944/4761765
金融四資安威脅 金管會示警
https://www.chinatimes.com/newspapers/20200807000287-260205?chdtv
金管會推金融資安方案 31家2年內須設資安長
https://reurl.cc/Kky1zn
金管會強化資安防護 31家金融業須設資安長
https://ec.ltn.com.tw/article/paper/1391518
樂天網銀存戶 首年拚50萬
https://money.udn.com/money/story/5613/4764756
手機門號轉帳 年底拚跨行
https://udn.com/news/story/7239/4767115
第一資本遭駭上億個資外流 美財政部罰逾23億
https://money.udn.com/money/story/5599/4766211
資安、雙語人才受歡迎 行庫攬才 下半年擴大招募
https://ppt.cc/fMhYTx
新人7月陸續到位 不畏疫情 金控徵才一波波
https://ppt.cc/fH3olx
金管會首度揭露金融資安行動方案8大亮點,將分4年分階段推動採每半年滾動式檢討
https://www.ithome.com.tw/news/139299
用銀行APP繳卡費 她手滑多按一個數字匯了18萬快崩潰
https://udn.com/news/story/120912/4767845
Capital One agrees to $80M fine, cybersecurity consent order for 2019 data breach
https://reurl.cc/pdqeKr
Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon
https://thehackernews.com/2020/08/magecart-homograph-phishing.html
Inter skimming kit used in homoglyph attacks
https://blog.malwarebytes.com/threat-analysis/2020/08/inter-skimming-kit-used-in-homoglyph-attacks/
Hackers say ‘jackpotting’ flaws tricked popular ATMs into spitting out cash
https://techcrunch.com/2020/08/06/hackers-atm-spit-cash/
Travelex Forced into Administration After Ransomware Attack
https://www.infosecurity-magazine.com/news/travelex-forced-administration/
ACCC says bank screen scraping warnings are not anti-competitive
https://www.zdnet.com/article/accc-says-bank-screen-scraping-warnings-are-not-anti-competitive/
Magecart group uses homoglyph attacks to fool you into visiting malicious websites
https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/#ftag=RSSbaffb68
Diebold ATM Terminals Jackpotted Using Machine’s Own Software
https://threatpost.com/diebold-atm-terminals-jackpotted-using-machines-own-software/157575/
Crooks have acquired proprietary Diebold software to “jackpot” ATMs
https://news.hitb.org/content/crooks-have-acquired-proprietary-diebold-software-jackpot-atms
Thieves Are Emptying ATMs Using a New Form of Jackpotting
https://www.wired.com/story/thieves-are-emptying-atms-using-a-new-form-of-jackpotting/
University Investigates Skimming of Credit Card Data
https://www.bankinfosecurity.com/university-investigates-skimming-credit-card-data-a-14803
3.電子支付/行動支付/pay/資安
ios 台灣pay 主掃支付方式
https://pttcareers.com/MobilePay/1VBhHjxn
「醫指付行動支付」省時便利 43萬人註冊
https://reurl.cc/ygy4qa
公股銀傳要員工三倍券綁台灣Pay 財部:不可強制
https://money.udn.com/money/story/5613/4781321
電子支付新里程碑!國泰人壽首創用街口支付繳保費
https://money.udn.com/money/story/5613/4781427
政院通過電子支付管理草案 加速普及行動支付
https://reurl.cc/odD4kD
臉書建立新金融服務部門 電子支付參一腳
https://ctee.com.tw/news/global/316656.html
電子支付不流行了?金管會:年底難達成預期目標,將加強跨平台便利性
https://www.storm.mg/article/2897671
4.加密貨幣/挖礦/區塊鍊 資安
PeckShield:DeFi平台Opyn智能合約漏洞詳解,攻擊者空手套白狼
https://www.theblockbeats.com/news/18807
Ledger 冷錢包爆漏洞!無法識別比特幣及分叉鏈,恐致用戶在不知情下轉出 BTC
https://www.blocktempo.com/ledger-wallet-vulnerability/
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC
Mirai 殭屍網路可被用來透過漏洞 CVE-2020-5902攻擊物聯網裝置
https://blog.trendmicro.com.tw/?p=65401
TA551 (Shathak) Word docs push IcedID (Bokbot)
https://isc.sans.edu/forums/diary/TA551+Shathak+Word+docs+push+IcedID+Bokbot/26438/
Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
https://blog.trendmicro.com/trendlabs-security-intelligence/water-nue-campaign-targets-c-suites-office-365-accounts/
Unpatched bug in Windows print spooler lets malware run as admin
https://www.bleepingcomputer.com/news/security/unpatched-bug-in-windows-print-spooler-lets-malware-run-as-admin/
July 2020’s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence
https://reurl.cc/Y1MKVn
Canon confirms ransomware attack in internal memo
https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo/
McAfee Defender’s Blog: NetWalker
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-defenders-blog-netwalker/
5ヶ月で約26億円を盗み取ったランサムウェア
https://www.gizmodo.jp/2020/08/netwalker-ransomware.html
MAZEの目的は何か:MAZEランサムウェア・インシデントに関連したTTP(Tactics, Techniques, Procedures)の解説と脅威対策
https://www.fireeye.com/blog/jp-threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
A Fork of the FTCode Powershell Ransomware
https://isc.sans.edu/forums/diary/A+Fork+of+the+FTCode+Powershell+Ransomware/26434/
B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G
5G大喜事 EEE GLOBECOM會議移師來台
https://ctee.com.tw/news/tech/315735.html
資安防護還是政治操作?美參議院通過:未來政府設備禁用Tik Tok
http://n.yam.com/Article/20200807803871
憂臉書被他國封殺?札克伯格:美禁TikTok創非常糟糕先例
https://ec.ltn.com.tw/article/breakingnews/3252998
Google 刪除近 2600 中國 YouTube 頻道 打擊有組織輿論影響活動
https://unwire.hk/2020/08/08/youtube-channel/hottopic/spotlight/
Check Point:高通DSP晶片含嚴重安全漏洞,逾40%手機遭波及
https://www.ithome.com.tw/news/139276
Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs
https://reurl.cc/lVEKgY
外媒:美國有軍方背景公司在500多款應用中植入跟踪軟件
https://reurl.cc/R1nvnD
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
〈財經週報-駭客出沒〉駭客手法300多種 知己知彼即時應變
https://ec.ltn.com.tw/article/paper/1392108
火網評論:如何防止紅色供應鏈擴散進化
https://tw.appledaily.com/headline/20200809/Q62JKUT4EP72PHKVJ5EMKBOSFM/
駭客趁疫打劫 全球網路攻擊暴增
https://ctee.com.tw/news/tech/315582.html
我們不可輕易輕敵,有天它將取代人類
https://reurl.cc/yZ59lq
Twitter 黑客事件 Zoom 網上聽證會 被入侵播 Pornhub 影片被逼中止
https://reurl.cc/V6GbqQ
美情報官員:中共伊朗不願川普連任 俄國全力反拜登
https://reurl.cc/3D8qZX
[姆咪] Reddit 遭到駭客攻擊,大量板面變成川普
https://pttweb.tw/s/19FunF
蓬佩奧懸賞千萬美元防外國干預美國大選
https://reurl.cc/8GrRkb
批陸駭客攻擊美大選設備 白宮國安顧問撂狠話警告
https://www.chinatimes.com/realtimenews/20200810001746-260408?chdtv
白宮國安顧問:中國駭客鎖定美國選舉基礎設施
https://www.cna.com.tw/news/aopl/202008100009.aspx
中總譴責美國所謂制裁嚴重干涉中國內政
http://www.hkcd.com/content/2020-08/08/content_1206231.html
【踢走中國就是乾淨】美國宣布「乾淨網路」計畫!App 商店、電信商、雲端全面大掃除,連海底電纜都不放過
https://buzzorange.com/techorange/2020/08/07/us-clean-network-pompeo/
竹科遭中國駭客入侵?美媒驚爆「至少7間半導體」受害
https://www.setn.com/News.aspx?NewsID=794393
【立法會選舉】五眼聯盟反對DQ 中方批傲慢與偏見
https://ppt.cc/fRL9bx
#DEFCON: How the International Space Station Enables Cybersecurity
https://www.infosecurity-magazine.com/news/international-space-station/
Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
https://thehackernews.com/2020/08/http-request-smuggling.html
INTERPOL: Cybercrime Growing at an “Alarming Pace” Due to #COVID19
https://www.infosecurity-magazine.com/news/cybercrime-growing-alarming-pace/
China has stolen Taiwan’s semiconductor secrets: Wired
https://www.taiwannews.com.tw/en/news/3982792
Black Hat: Hackers are using skeleton keys to target chip vendors
https://reurl.cc/qd9WpD
How COVID-19 Has Changed Business Cybersecurity Priorities Forever
https://thehackernews.com/2020/08/covid-19-cybersecurity.html
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI
https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/
Hackers are defacing Reddit with pro-Trump messages
https://www.zdnet.com/article/hackers-are-defacing-reddit-with-pro-trump-messages/#ftag=RSSbaffb68
FBI: Iranian hackers trying to exploit critical F5 BIG-IP flaw
https://www.bleepingcomputer.com/news/security/fbi-iranian-hackers-trying-to-exploit-critical-f5-big-ip-flaw/
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI
https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/
National Cyber Security Centre launches tool to help keep data safe during pandemic
https://www.legalfutures.co.uk/associate-news/national-cyber-security-centre-launches-tool-to-keep-data-safe-during-pandemic
FBI says an Iranian hacking group is attacking F5 networking devices
https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/#ftag=RSSbaffb68
Chinese Hackers Charged in Decade-Long Crime and Spying Spree
https://www.wired.com/story/chinese-hackers-charged-decade-long-crime-spying-spree/
Network intruders selling access to high-value companies
https://www.bleepingcomputer.com/news/security/network-intruders-selling-access-to-high-value-companies/#.XzLxu4t-l8U.twitter
資安工程師(技術研發)_台達研究院(台北)
https://www.yourator.co/companies/deltaww/jobs/12728?locale=en
【日商樂天】資安主管 (Manager of Security Audit Team)(DEV)
https://www.104.com.tw/job/70o4o
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
交友網站誘騙日本男性用戶
https://blog.trendmicro.com.tw/?p=65436
花甲大媽收穫網路「愛情」,對象竟是「美國大兵」
https://reurl.cc/Nj5Kvp
【駭翻推特(上)】從拜登到貝佐斯 當駭客接管政要首富的官方帳號
https://www.mirrormedia.mg/story/20200805int004/
【駭翻推特(下)】「SIM掉包術」 凸顯「兩階段驗證」資安漏洞
https://www.mirrormedia.mg/story/20200805int005/
假點讚真詐騙 財損數百萬
https://reurl.cc/mnWKNj
2歲萌兒IG第6次遭駭客攻擊 Gary心累:想罵髒話忍住了
https://star.ettoday.net/news/1779737
LG、Xerox 內部資料遭竊並公開
https://www.twcert.org.tw/tw/cp-104-3843-00c52-1.html
再破紀錄!韓國清純直播主收「千萬韓元」斗內 網驚:遭到駭客
https://www.ttshow.tw/kol/71350/
網路遊戲地雷多…網路詐騙連年增 疫情期間資安攻擊頻率再升級
https://reurl.cc/0oVGrM
英特爾至少20GB機密資料外洩,涉及晶片開發工具、原始碼等
https://news.knowing.asia/news/e0533633-b2c7-4709-ba45-948a97d9e67d
英特爾傳被駭,外洩程式碼、工具等機密文件
https://www.ithome.com.tw/news/139258
Intel 高達 20GB 的 BIOS 和技術程式碼流出,好戲還在後頭
https://www.kocpc.com.tw/archives/337023
Intel leaks – Hacker posts 20GB of alleged Intel source code, files online
https://www.hackread.com/intel-leaks-hacker-posts-intel-source-code-files-online/
2.3 MILLION+ USA DOCTOR RECORDS ALLEGEDLY LEAKED ON DARKWEB FOR FREE
https://cybleinc.com/2020/08/08/2-3-million-usa-doctor-records-allegedly-leaked-on-darkweb-for-free/
Spam and phishing in Q2 2020
https://securelist.com/spam-and-phishing-in-q2-2020/97987/
Fake security advisory used in clever cPanel phishing attack
https://www.bleepingcomputer.com/news/security/fake-security-advisory-used-in-clever-cpanel-phishing-attack/
Report: N.J. ranks No. 15 among states for data breach victims
https://www.roi-nj.com/2020/07/21/tech/report-n-j-ranks-no-15-among-states-for-data-breach-victims/
Genealogy Software Maker Exposes Data on 60,000 Users
https://www.infosecurity-magazine.com/news/genealogy-software-maker-exposes/
Number of Reported Breaches Decrease In First Half of 2020
https://www.darkreading.com/attacks-breaches/number-of-reported-breaches-decrease-in-first-half-of-2020/d/d-id/1338392
DeepSource resets logins after employee falls for Sawfish phishing
https://www.bleepingcomputer.com/news/security/deepsource-resets-logins-after-employee-falls-for-sawfish-phishing/#.XxcHf9b6mcs.twitter
6,600 organizations bombarded with 100,000+ BEC attacks
https://www.helpnetsecurity.com/2020/08/10/6600-organizations-bombarded-with-100000-bec-attacks/
Barclays Faces Employee Spying Probe
https://www.bankinfosecurity.com/barclays-faces-employee-spying-probe-a-14796
Phishing Campaign Spoofs SBA Loan Offer
https://www.bankinfosecurity.com/phishing-campaign-spoofs-sba-loan-offer-a-14800
SBA phishing scams: from malware to advanced social engineering
https://blog.malwarebytes.com/scams/2020/08/sba-phishing-scams-from-malware-to-advanced-social-engineering/
Fake security advisory used in clever cPanel phishing attack
https://www.bleepingcomputer.com/news/security/fake-security-advisory-used-in-clever-cpanel-phishing-attack/
E.研究報告
Mirai 殭屍網絡利用CVE-2020-5902 漏洞攻擊物聯網設備
https://paper.seebug.org/1286/
Weblogic 遠程命令執行漏洞(CVE-2020-14645)分析
https://paper.seebug.org/1287/
Shiro RememberMe 漏洞檢測的探索之路
https://paper.seebug.org/1285/
Weblogic 遠程命令執行漏洞(CVE-2020-14644)分析
https://paper.seebug.org/1284/
Bulehero 蠕蟲病毒安全分析報告
https://paper.seebug.org/1283/
PHP環境XML外部實體注入漏洞(XXE)
http://www.secwk.com/2020/08/07/19440/
路由器漏洞利用工具RouterSploit
https://m.yisu.com/zixun/291114.html
通過白名單iptables限制ip規避漏洞
http://blog.itpub.net/69959246/viewspace-2710158/
ASP.NET Core JSON 中文編碼問題與序列化參數設定
https://blog.darkthread.net/blog/aspnet-core-json-setting/
Tenda AC15 AC1900多個漏洞分析
https://www.anquanke.com/post/id/213416
Updates from Threat Analysis Group (TAG) Bulletin: Q2 2020
https://blog.google/threat-analysis-group/tag-bulletin-q2-2020/
Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
https://thehackernews.com/2020/08/http-request-smuggling.html
CVE-2019-7609
https://github.com/kisec/CVE-2019-7609
SOC1 vs SOC2 – Cyber Threat Intelligence Guide
https://cybersecuritynews.com/soc1-vs-soc2/
DEF CON: New tool brings back 'domain fronting' as 'domain hiding'
https://www.zdnet.com/article/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding/#ftag=RSSbaffb68
Astra
https://github.com/flipkart-incubator/Astra
Pwn2Own Qualcomm cDSP
https://reurl.cc/9Ed2r8
Pwn2Own -> Xxe2Rce
http://muffsec.com/blog/?p=608
Limiting Location Data Exposure
https://media.defense.gov/2020/Aug/04/2002469874/-1/-1/0/CSI_LIMITING_LOCATION_DATA_EXPOSURE_FINAL.PDF
TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices
https://reurl.cc/z82xMe
Stealthily Access Your Android Phones:Bypass the Bluetooth Authentication
https://reurl.cc/Y1My94
Mimir Smart OSINT collection of common IOC types.
https://github.com/deadbits/mimir
Capacitor
https://github.com/ionic-team/capacitor
axiom
https://github.com/pry0cc/axiom
TOP 11 Deep Web Search Engine Alternative for Google and Bing 2020
https://gbhackers.com/top-10-deep-web-search-engines-which-gives-deep-information-that-you-cant-get-it-in-google-and-bing/
PivotSuite- Hack The Hidden Network
https://hackersonlineclub.com/pivotsuite-hack-the-hidden-network/
Evine - Interactive CLI Web Crawler
https://www.kitploit.com/2020/08/evine-interactive-cli-web-crawler.html
dnsteal - DNS Exfiltration tool for stealthily sending files over DNS requests
https://hakin9.org/dnsteal-dns-exfiltration-tool-for-stealthily-sending-files-over-dns-requests/
Tool-X is a Kali Linux hacking tools installer for Termux and linux system
https://hakin9.org/tool-x-is-a-kali-linux-hacking-tools-installer-for-termux-and-linux-system/
Black Hat: Entropy - the solution to malvertising and malspam
https://www.zdnet.com/article/black-hat-entropy-the-solution-to-malvertising/#ftag=RSSbaffb68
Black Hat: Hackers are using skeleton keys to target chip vendors
https://www.zdnet.com/article/black-hat-hackers-are-now-using-cobalt-strike-and-skeleton-keys-to-target-semiconductor-firms/#ftag=RSSbaffb68
r00kie-kr00kie: PoC exploit for the CVE-2019-15126 kr00k vulnerability
https://hakin9.org/r00kie-kr00kie-poc-exploit-for-the-cve-2019-15126-kr00k-vulnerability/
Analysts Detect New Banking Malware
https://www.infosecurity-magazine.com/news/analysts-detect-new-banking/
Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots
https://www.zdnet.com/article/black-hat-healthcare-senior-living-temi-robots-can-be-hijacked-remotely-by-hackers/#ftag=RSSbaffb68
Malwoverview
https://github.com/alexandreborges/malwoverview
Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs
https://threatpost.com/black-hat-linux-spyware-stack-chinese-apts/158092/
Researcher Finds New Office Macro Attacks for MacOS
https://www.darkreading.com/endpoint/researcher-finds-new-office-macro-attacks-for-macos/d/d-id/1338610?&web_view=true
MS OFFICE IN WONDERLAND
https://i.blackhat.com/asia-19/Thu-March-28/bh-asia-Hegt-MS-Office-in-Wonderland.pdf
Black Hat: How hackers gain root access to SAP enterprise servers through SolMan
https://www.zdnet.com/article/black-hat-solman-how-hackers-could-gain-root-access-to-sap-enterprise-servers/
Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach
https://www.fireeye.com/blog/threat-research/2020/08/bypassing-masslogger-anti-analysis-man-in-the-middle-approach.html
Agent Tesla | Old RAT Uses New Tricks to Stay on Top
https://labs.sentinelone.com/agent-tesla-old-rat-uses-new-tricks-to-stay-on-top/
Mouse Framework is an iOS and macOS post-exploitation framework
https://hakin9.org/mouse-framework-is-an-ios-and-macos-post-exploitation-framework/
mihari
https://github.com/ninoseki/mihari
spiderfoot
https://github.com/smicallef/spiderfoot
Defending Your Malware
https://blog.dylan.codes/defending-your-malware/
Breaking through Windows’ defenses: Analyzing mLNK Builder
https://research.checkpoint.com/2020/breaking-through-windows-defenses-analysing-mlnk-builder/
Gorgon APT targeting MSME sector in India
https://www.seqrite.com/blog/gorgon-apt-targeting-msme-sector-in-india/
TeamViewer Flaw Could Let Hackers Steal System Password Remotely
https://thehackernews.com/2020/08/teamviewer-password-hacking.html
Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28
https://thehackernews.com/2020/08/zoom-software-vulnerabilities.html
Capital One Fined $80 Million for 2019 Data Breach Affecting 106 Million Users
https://thehackernews.com/2020/08/capital-one-data-breach.html
Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers
https://thehackernews.com/2020/08/chrome-csp-bypass.html
A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly
https://thehackernews.com/2020/08/vBulletin-vulnerability-exploit.html
Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
https://thehackernews.com/2020/08/microsoft-software-patches.html
Flaws in Samsung Phones Exposed Android Users to Remote Attacks
https://thehackernews.com/2020/08/samsung-find-my-phone-hacking.html
Contrast Community Edition Empowers Developers to Write Secure Code Faster
https://thehackernews.com/2020/08/devops-appsec-cybersecurity.html
Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)
https://thehackernews.com/2020/08/citrix-endpoint-management.html
RedCurl cybercrime group has hacked companies for three years
https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/#ftag=RSSbaffb68
APT Group “RedCurl” Has Been Stealing Sensitive Data for Three Years
https://www.technadu.com/apt-group-redcurl-stealing-sensitive-data-three-years/174591/
RedCurl
https://www.group-ib.com/resources/threat-research/red-curl.html
Case Study: Catching a Human-Operated Maze Ransomware Attack In Action
https://labs.sentinelone.com/case-study-catching-a-human-operated-maze-ransomware-attack-in-action/
Hackers combine two unpatched Microsoft zero-days in attack on South Korean firm
https://www.itpro.co.uk/security/cyber-security/356761/hackers-chained-two-unpatched-microsoft-zero-days-to-attack-south
Contradicting Israel, cybersecurity firm says N. Korea breached defense industry
https://www.timesofisrael.com/cybersecurity-firm-n-korea-hack-successfully-breached-israel-defense-industry/
F.商業
以法遵思維出發的資安防禦平台,從閘道到端點的全面防護
https://www.ithome.com.tw/pr/139251
思科攜手工業局打造首座5G開放式架構「企業專網」實驗平台
https://www.chinatimes.com/realtimenews/20200807003092-260410?chdtv
趨勢科技推出「雲端偵測及回應 (XDR)」與託管式偵測及回應 (Managed XDR) 服務
https://reurl.cc/ZORLdl
三竹拚跨境電商 打國際盃
https://money.udn.com/money/story/5649/4768680
駭客每39秒攻擊一次 駭出台幣3兆元資安市場
https://ec.ltn.com.tw/article/paper/1392101
中華資安國際攜手奧義智慧 資安國家隊推「AI巡檢包」
https://money.udn.com/money/story/5612/4770011
Fortinet launches 4400F hyperscale data center, 5G firewall, reports strong Q2
https://www.zdnet.com/article/fortinet-launches-4400f-hyperscale-data-center-5g-firewall/#ftag=RSSbaffb68
G.政府
數位發展部,「發展」什麼
https://reurl.cc/MvYKov
台灣「乾淨網路」 鄭文燦:4年前就超前部署
https://ec.ltn.com.tw/article/paper/1391709
政府機關資安弱點通報機制(VANS)實作訓練
https://ppt.cc/fUierx
政府組態基準(GCB)實作研習活動Windows 10組態設定說明
https://ppt.cc/fxhmJx
H.工控系統/ICS/SCADA 相關資安
Delta Electronics TPEditor 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16225
Data Loss Protection (DLP) for ICS/SCADA
https://securityboulevard.com/2020/07/data-loss-protection-dlp-for-ics-scada/
SCADA & Security of Critical Infrastructures [Updated 2020]
https://securityboulevard.com/2020/07/scada-security-of-critical-infrastructures-updated-2020/
ICS/SCADA Wireless Attacks
https://securityboulevard.com/2020/07/ics-scada-wireless-attacks/
INDUSTRIAL CONTROL SYSTEMS SECURITY SOFTWARE MARKET ANALYSIS
https://www.express-journal.com/industrial-control-systems-security-software-market-169428/
I.教育訓練
Modbus Traffic Capture Analysis [FREE COURSE CONTENT]
https://pentestmag.com/modbus-traffic-capture-analysis-free-course-content/
Incident response: How to use OSINT
https://blog.eccouncil.org/incident-response-how-to-use-osint/
Have I Been Pwned to release code base to the open source community
https://www.zdnet.com/article/have-i-been-pwned-to-release-code-base-to-the-open-source-community/#ftag=RSSbaffb68
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
OpenAI 推出全新 NLP 模型 GPT-3,可能有與區塊鏈技術相提並論的潛力
https://technews.tw/2020/07/21/new-natural-language-processing-model-may-be-biggest-thing-since-bitcoin/
結合居家防護與智慧物聯網的電子鎖
https://www.inside.com.tw/article/20530-Electroniclocks
聯網安全「面面俱到」: 物聯網裝置、傳輸、雲端的全方位安全對策
http://www.netadmin.com.tw/netadmin/zh-tw/video/18063FF96B244AE7B766CC25B571C4BE
物聯網安全高峰論壇特別報導
https://www.netadmin.com.tw/files/event/20191127event/pagemain.html
6.近期資安活動及研討會
高雄場-資安趨勢暨物聯網(IoT)資安探討 8/17
https://tacert.mis.nsysu.edu.tw/p/404-1257-207359.php
「公司守個資,資安動起來!」-經濟部工業局109年企業個人資料保護暨資訊安全宣導說明會 8/18
https://stli.iii.org.tw/news-event.aspx?no=16&d=1040
DevDays Asia 2020 Online 亞太技術年會 8/19 8/20 8/21 8/25 8/26
https://seminar.ithome.com.tw/public/live/devdays/
ClassNK 2020台灣技術研討會 8/19、8/26北高登場
https://times.hinet.net/news/23003850
物聯網(IoT)資安防護設計與強化實作培訓班 8/19 ~ 8/21
https://www.moea.gov.tw/Mns/populace/news/NewsAction.aspx?kind=4&menu_id=43&news_id=90845
【資安初階課程】Google hacking & Shodan實務 上課時間: 2020/8/20 (四) 09:30 ~ 16:30
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3905&from_course_list_url=homepage
臺北場-資安趨勢暨網路攻防技術 8/20
https://tacert.mis.nsysu.edu.tw/p/404-1257-237050.php
醫療資訊安全技術實作培訓班 8/20 ~ 8/22
https://www.moeaidb.gov.tw/external/ctlr?PRO=indpark.BulletinView&id=21154&lang=0
「資安管理與 個資保護落實之新觀念與新趨勢」教育訓練 8/21
https://reurl.cc/pdlX3r
自然語言處理技術再進化,Google BERT讓聊天機器人更能理解人類意圖,進入全新境界 8/22
https://www.techbang.com/posts/78985-course-bert-technology-practice
資安事故處理實務課程-109年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」 8/22
https://www.cisanet.org.tw/News/activity_more?id=MTUyOA==
SDN x Cloud Native Meetup - Webinar 海外篇 #5 8/22
https://www.meetup.com/CloudNative-Taiwan/events/272097499/
NISRA Enlightened 2020 8/24
https://nisra.kktix.cc/events/2020enlightened
中華電信學院 109 年 暑期 CCNA 網通證照實戰營(高雄) 8/24
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=172
「物聯網世界新常態的資安挑戰和機會研討會」 8/25
https://www.acw.org.tw/News/Detail.aspx?id=1142
中華電信學院 無人機操控證照輔導班 基本級2KG以下(高雄平日全科班) 8/22 ~ 8/28
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=166
開源碼網管軟體實作(高雄上機實作)8/26
https://tacert.mis.nsysu.edu.tw/p/404-1257-207353.php
中華電信學院 資通安全專業課程訓練 勒索軟體與釣魚平台防護實務 8/27 ~ 8/28
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=63
智慧工控與智慧電網資安風險與防護研討會 8/28
https://www.beclass.com/rid=2443d1b5f23d8632b23a
交通大學亥客書院 新世代企業資安治理: 現今企業經營所面臨之挑戰 8/28
https://hackercollege.nctu.edu.tw/?p=1190
中華電信學院 資通安全專業課程訓練 網站弱點偵測與防護管理 9/4
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=58
交通大學亥客書院 電子郵件之偽造攻擊與防護措施 9/5
https://hackercollege.nctu.edu.tw/?p=1203
台灣駭客年會 HITCON Training 2020 9/5
https://hitcon.kktix.cc/events/hitcon-training-2020
台灣駭客年會 HITCON Training 2020 - 學生報名 9/5
https://hitcon.kktix.cc/events/hitcon-training-2020-student
認證系統安全從業人員 SSCP 輔導班 9/5 ~ 9/13
https://www.iiiedu.org.tw/courses/asq902t2001/
中華電信學院 資通安全專業課程訓練 物聯網資安威脅與實務 9/9 ~ 9/11
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=54
邊緣計算系統之大數據與深度學習應用 9/11
https://reurl.cc/62OD9k
HITCON 2020 台灣駭客年會 9/11
https://hitcon.kktix.cc/events/hitcon-2020
交通大學亥客書院 基礎網頁安全與滲透測試 9/12
https://hackercollege.nctu.edu.tw/?p=1205
數據分析與機器學習案例實務(二)應用實例 上課時間: 2020/9/14 (一) 09:30 ~ 16:30
https://reurl.cc/1xAoMp
【單元課程班-認列董監進修時數】開始報名, 「資安戰略對企業發展關鍵意義及資安治理與防護」109/10/15
https://reurl.cc/AqGdlQ
中華電信學院 資通安全專業課程訓練 Web應用滲透測試 9/16 ~ 9/17
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=167
邊緣計算系統之大數據與深度學習應用 上課時間: 2020/9/18 (五) 09:30 ~ 16:30
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3895&from_course_list_url=homepage
交通大學亥客書院 緩衝區溢位攻擊與預防 10/17
https://hackercollege.nctu.edu.tw/?p=1207
中華電信學院 自主式移動機器人ROS開發實戰班 10/20 ~ 10/23
https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=188
交通大學亥客書院 入侵行為發覺與應變指南 10/24
https://hackercollege.nctu.edu.tw/?p=1214
交通大學亥客書院 進階網頁滲透測試 10/31
https://hackercollege.nctu.edu.tw/?p=1216
交通大學亥客書院 阻斷服務攻擊/分散式阻斷服務攻擊/Botnet 11/7
https://hackercollege.nctu.edu.tw/?p=1218
交通大學亥客書院 基礎網站安全建構實務 11/14
https://hackercollege.nctu.edu.tw/?p=1220
交通大學亥客書院 系統防護及內網威脅通報應變實戰班 11/17、11/24
http://service.tabf.org.tw/tw/user/409646/course1-4.htm
交通大學亥客書院 惡意程式檢測實務 11/21 11/28
https://hackercollege.nctu.edu.tw/?p=1222
交通大學亥客書院 高階網頁滲透測試 12/5 12/12
https://hackercollege.nctu.edu.tw/?p=1224
交通大學亥客書院 系統滲透測試與漏洞利用 12/19
https://hackercollege.nctu.edu.tw/?p=1226
交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16
https://hackercollege.nctu.edu.tw/?p=1228
交通大學亥客書院 企業網域控管-Active Directory攻擊與防禦 2021/1/23
https://hackercollege.nctu.edu.tw/?p=1230
沒有留言:
張貼留言