資安事件新聞週報 2021/5/24 ~ 2021/5/28

 

 

 

資安事件新聞週報 2021/5/24  ~  2021/5/28

1.重大弱點漏洞/後門/Exploit/Zero Day
New High-Severity Vulnerability Reported in Pulse Connect Secure VPN
https://thehackernews.com/2021/05/new-high-severity-vulnerability.html

Updates to Alert on Pulse Connect Secure
https://us-cert.cisa.gov/ncas/current-activity/2021/05/27/updates-alert-pulse-connect-secure

Synology 14 項套件的生命週期終止公告
https://www.synology.com/zh-tw/products/status/EOL_announcement_for_synology_package_202105

CVE-2021-21985: VMware vCenter Server遠程代碼執行漏洞通告
https://cert.360.cn/warning/detail?id=21bda4287b2b47416e93cc7817bf4a1a

VMware虛擬化解決方案發現遠程代碼執行漏洞
https://finance.sina.com.cn/tech/2021-05-26/doc-ikmyaawc7657251.shtml

Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!
https://thehackernews.com/2021/05/critical-rce-vulnerability-found-in.html

研究人員揭露PDF規格的兩個安全漏洞,將允許駭客偷偷竄改已認證文件內容
https://www.ithome.com.tw/news/144669

macOS 連爆多個 0-Day 漏洞 !! 黑客可取得 Mac 設備的麥克風、鏡頭、屏幕錄影等權限
https://hk.xfastest.com/116752/apple-macos-0-day-loopholes/

macOS 曝重大零日漏洞!蘋果釋出修復版本,用戶盡快更新以免遭駭
https://3c.ltn.com.tw/news/44487

Mac重大漏洞更新 防駭客偷錄螢幕隱私
https://tw.appledaily.com/gadget/20210526/X3BFYPLDFJHYXOHO7P7N47EGUI/

Apple‌ Issues Patches to Combat Ongoing 0-Day Attacks on macOS, tvOS
https://thehackernews.com/2021/05/apple-issues-patches-to-combat-ongoing.html

Apple Security Update for Safari - Exploitation in the Wild Reported
https://support.apple.com/en-us/HT212340

設計違反ARM架構規範!蘋果M1曝出無法修復漏洞
https://www.eet-china.com/mp/a53737.html

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model
https://www.theregister.com/2021/05/27/apple_m1_chip_bug/

廣告商可能竊取資訊 外媒:蘋果M1具有安全漏洞
https://finance.ettoday.net/amp/amp_news.php7?news_id=1992330

CVE-2021-30747
https://m1racles.com/

4漏洞可讓駭客接管Android裝置 Google緊急修補
https://reurl.cc/MA7N64

Google Project Zero警告4個已被外部利用的Android系統的0day缺陷
https://finance.sina.com.cn/tech/2021-05-23/doc-ikmxzfmm4135798.shtml

Android Issues Patches for 4 New Zero-Day Bugs Exploited in the Wild
https://thehackernews.com/2021/05/android-issues-patches-for-4-new-zero.html

D-LINK DIR-842 3.13B05 HNAP REQUEST 未知漏洞
https://vuldb.com/zh/?id.158961

Google Chrome與Microsoft Edge瀏覽器存在安全漏洞(CVE-2021-21194~21199)
https://libcc.ocu.edu.tw/files/16-1009-40737.php?Lang=zh-tw

Google Chrome < 27.0.1453.93 多種漏洞
https://zh-cn.tenable.com/plugins/nessus/66556

Google Chrome 多個漏洞
https://www.hkcert.org/tc/security-bulletin/google-chrome-multiple-vulnerabilities_20210526

Chrome 91來了:可以凍結分頁群組,封鎖TLS 1.0/1.1與10080傳輸埠
https://www.ithome.com.tw/news/144634

Mozilla Security Advisories - May 5 2021
https://www.mozilla.org/en-US/security/advisories/mfsa2021-18/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-19/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/

Windows中的主要HTTP漏洞可能導致可利用的漏洞
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166

Exchange漏洞公布5分鐘就被駭客掃描
https://www.ithome.com.tw/news/144605

Cisco 近日發布更新以解決多個產品的安全性弱點
https://us-cert.cisa.gov/ncas/current-activity/2021/05/20/cisco-releases-security-updates-multiple-products

趨勢科技 Zero Day Initiative 漏洞懸賞計畫揭露全球 60.5% 的漏洞
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9249

NVIDIA GRAPHICS DRIVERS 295.49 REGISTRY 內存損壞
https://vuldb.com/zh/?id.10060

Nginx 新暴高危漏洞CVE-2021-23017
https://www.163.com/dy/article/GAUULFB605351QOR.html

Sonatype
https://vuldb.com/zh/?vendor.sonatype

谷歌公佈iOS漏洞可通過iMessage對設備發動攻擊
http://www.cmen.cc/rgzn/202105/109250.html

紅帽微服務監控管理平台發現授權繞過漏洞
https://finance.sina.com.cn/tech/2021-05-24/doc-ikmyaawc7219844.shtml

ORACLE INSURANCE RULES PALETTE 10.2.0 直到11.3.0 ARCHITECTURE 未知漏洞
https://vuldb.com/zh/?id.168346

ORACLE IDENTITY MANAGER 11.1.2.0.0/11.1.2.1.0 END USER SELF SERVICE 未知漏洞
https://vuldb.com/zh/?id.10709

Eufy攝像頭漏洞可導致用戶隱私被其他用戶看到
https://www.4hou.com/index.php/posts/NXoD

Django debug page XSS漏洞(CVE-2017-12794)
https://blog.csdn.net/EC_Carrot/article/details/117256562

WebKitGTK+ 緩衝區錯誤漏洞
https://vul.wangan.com/a/CNNVD-202105-1574

修補太慢:WebKit中的AudioWorklet漏洞仍影響iOS與macOS設備
https://finance.sina.com.cn/tech/2021-05-27/doc-ikmyaawc7823684.shtml

AMD揭示了EPYC處理器的漏洞“安全加密虛擬化”
https://www.ximeiapp.com/article/3249755

Ubuntu配套LZ4解壓縮軟件發現執行任意代碼漏洞
https://finance.sina.com.cn/tech/2021-05-27/doc-ikmxzfmm5001065.shtml

HAXX libcurl 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks
https://thehackernews.com/2021/05/newly-discovered-bugs-in-vscode.html

Code Execution Flaw in Checkbox Survey Exploited in the Wild
https://www.securityweek.com/code-execution-flaw-checkbox-survey-exploited-wild

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
國泰產險導入OpenID多元身分驗證,逾400萬國泰世華存戶可用網銀帳號驗證登入產險網站
https://www.ithome.com.tw/news/144558

捍衛營業秘密 富邦產險提供客製化資安險
https://www.chinatimes.com/realtimenews/20210524003157-260410?chdtv

企業防機密外洩 富邦產險首推營業秘密訴訟費用附加條款
https://ec.ltn.com.tw/article/breakingnews/3544633

富邦產險推出企業營運風險管理方案,為企業建立營業秘密防護網
https://reurl.cc/lRVLYE

萬事達卡收購身分驗證公司,身分驗證在數位化時代蔚為主流
https://findit.org.tw/researchPageV2.aspx?pageId=1733

公股動作最快 兆豐銀即起全面啟動AB組居家辦公
https://money.udn.com/money/story/5613/5480310

華南銀行北北基分行 下周啟動分組居家辦公
https://money.udn.com/money/story/5613/5480320

中國微眾銀行對香港虛擬銀行的3點啟示
https://reurl.cc/j8dyem

芝法院起訴華裔在內22名嫌犯 並公開信用卡盜刷細節
https://www.worldjournal.com/wj/story/121473/5488028

金管會:銀行應加薪 停業須指揮中心下令
https://ctee.com.tw/news/finance/465829.html

防疫第一!不能居家辦公的產業,怎麼辦?日本製造業和金融業的做法
https://www.managertoday.com.tw/articles/view/63044

65家金融機構要設資安長 緩衝期六個月
https://www.chinatimes.com/realtimenews/20210527006046-260410?chdtv

銀行員PCR陽性無人告知 防疫漏洞百出嚇壞同事
https://udn.com/news/story/7239/5487842

政大金融科技研究中心與勤業眾信聯手發表第一份臺灣金融科技趨勢展望報告,提出10項Fintech發展建議
https://www.ithome.com.tw/news/144679

MobileInter: Magecart Skimmer for your phone
https://www.riskiq.com/blog/external-threat-management/mobile-inter/

3.電子支付/行動支付/pay/資安
忘帶手機用身份證條碼「嗶」感應一秒通關!悠遊付App化身實聯制神器
https://3c.ltn.com.tw/news/44460

中國幹部將個人支付寶二維碼頁面改名為社保中心貪污60多萬
https://finance.sina.com.cn/money/insurance/bxdt/2021-05-27/doc-ikmyaawc7767946.shtml

香港行動支付PayMe轉賬交易密碼要定期改|5招精明用法+2式防「截糊」取錢
https://reurl.cc/VE65oN



4.加密貨幣/挖礦/區塊鍊/智能合約 資安
EP01 比特幣大崩跌 幣安智能鍊DEFI遭受駭客攻擊
https://reurl.cc/dGrnQk

克魯曼:比特幣是龐氏騙局 或像黃金歷久不衰
https://www.worldjournal.com/wj/story/121477/5476240

諾獎得主克魯曼分析比特幣:雖然本質上是龐氏騙局,但不一定會破滅
https://www.techbang.com/posts/86931-nobel-prize-winner-kruman-analyzes-bitcoin-ponzi

最大機槍池被駭客攻擊,BSC 接連被暴擊後將走向何方
https://www.chaindaily.cc/posts/5441329c8e2d0d62e9127325d429add9

庫幣科技趁熱推新款「冷錢包」!管理資產破200億美元後,還能如何擴大加密貨幣商機
https://www.bnext.com.tw/article/63000/coolwallet-s-coolbitx

12個挖礦風險,賺加密貨幣時不只需要考慮電費與設備成本
https://www.kocpc.com.tw/archives/385345

交易所誆稱駭客入侵 詐比特幣獲利950萬
https://reurl.cc/bX62L3

DeFi 默默養大了去中心化交易所,Uniswap 市值高達 366 億美元
https://technews.tw/2021/05/26/uniswap-volume-36b-usd-with-defi-growth/

鑫棧虛擬貨幣工作室盜領泰達幣 8年級首腦涉洗錢遭訴
https://udn.com/news/story/7321/5486640

利用程式漏洞 虛擬幣玩家9人詐取30萬顆泰達幣被逮
https://www.chinatimes.com/realtimenews/20210526003247-260402?chdtv

虛擬貨幣「泰達幣」詐騙洗錢案 蔡宗霖等9人被起訴
https://news.ltn.com.tw/news/society/breakingnews/3546859

火幣OTC關於修復tradeRifle安全漏洞的公告
https://www.huobi.com/support/zh-cn/detail/360000116781/

Bogged Finance 團隊確認因閃電貸攻擊損失 300 萬美元,目前漏洞已被「封鎖」
https://www.chainnews.com/zh-hant/news/867810787704.htm

以太坊客戶端Parity 更新RPC 漏洞修復,該漏洞可惡意關閉部分節點
https://www.fxchacha.com/20210520032052.html

Ledger 回應簽名安全漏洞:已更新比特幣App 來改善漏洞,漏洞不會洩露私​​鑰和助記詞等敏感數據
https://www.fxchacha.com/20210520005833.html

熱門DeFi 項目Yam 彈性供應合約存在漏洞,緊急呼籲代幣持有人委託投票修復漏洞
https://www.fxchacha.com/20210520005435.html

比特幣崩潰 或將為投資者帶來稅收漏洞
https://www.chinahot.org/science/85459.html

因為偶然一夜致富 9神偷鑽「泰達幣」平台漏洞撈2500萬
https://www.ettoday.net/news/20210526/1991458.htm

中國監管重拳!擬將比特幣礦工納入「社會信用黑名單」、內蒙古祭 8 項懲戒措施
https://www.blocktempo.com/china-inner-mongolia-social-credit-blacklisting-bitcoin-miners/

打臉現場!分叉項目 Merlin 重演 PancakeBunny 遭遇,駭客 240 枚 ETH 入袋
https://www.blocktempo.com/another-flash-loan-incident-merlin-lost-240-eth/

外媒:拜登政府正在審查加密監管的「漏洞」
https://www.chinahot.org/science/85759.html

比特幣崩潰,或將為投資者帶來稅收漏洞
https://i.ifeng.com/c/86YNtaI06Cn

新官上任三把火!SEC新任主席將加強監管加密貨幣、SPAC
https://news.cnyes.com/news/id/4652395

Alleged North Korean hackers scouted crypto exchange employees before stealing currency, researchers say
https://www.cyberscoop.com/north-korea-lazarus-group-cryptocurrency-exchanges/

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC
木馬程式開採MacOS零時差漏洞暗中錄製螢幕
https://www.ithome.com.tw/news/144624

勒索軟體的危險新技巧:對資料進行「雙重加密」
https://www.inside.com.tw/article/23607-ransomware-dangerous-new-trick-is-double-encrypting-your-data

FBI警告:美國占Conti勒索軟體攻擊全球受害單位一半以上,公布感染指標
https://www.ithome.com.tw/news/144625

資安業者公布 2021 資安報告,勒索軟體竟然變得簡單易上手
https://technews.tw/2021/05/25/2021-security/

macOS 零時差漏洞連續技!新 XCSSET 惡意軟體變種會偷抓使用者螢幕畫面
https://technews.tw/2021/05/26/malware-macos-zero-day-screenshots/

46%的惡意程式亦會採用TLS 協定
https://blog.twnic.tw/2021/05/26/18579/

微軟呼籲別點擊來路不明 PDF 文件,小心 STRRAT 惡意軟體入侵
https://technews.tw/2021/05/26/strrat-pdf/

威剛針對部分資通系統遭病毒攻擊事件說明
https://reurl.cc/noVvWX

威剛遭駭客病毒攻擊!公司拒絕勒索 出貨些微延誤
https://finance.ettoday.net/news/1991943

COVID-19+勒索軟體 雙重威脅在正崛起中
http://www.tpcc.org.tw/topic_detail.php?id=feb0dbc31a5642fd

勒索軟體攻擊將大行其道 正成數智時代「死對頭」
https://news.sina.com.tw/article/20210527/38699682.html

MSBuild Used by Threat Actors to Deliver RATs Filelessly
https://www.anomali.com/blog/threat-actors-use-msbuild-to-deliver-rats-filelessly

8220 Gangs Recent use of Custom PwnRig Crypto Miner and Botnet
https://www.lacework.com/8220-gangs-recent-use-of-custom-miner-and-botnet/
https://github.com/lacework/lacework-labs/blob/master/blog/8220_pwnrig_tsunami.csv

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware
https://thehackernews.com/2021/05/microsoft-warns-of-data-stealing.html

Ransomware’s New Swindle: Triple Extortion
https://threatpost.com/ransomwares-swindle-triple-extortion/166149/

OSX/Bundlore Loader MapperState
https://twitter.com/ConfiantIntel/status/1393215825931288580

FBI Warns Conti Ransomware Hit 16 U.S. Health and Emergency Services
https://thehackernews.com/2021/05/fbi-warns-conti-ransomware-hit-16-us.html

Tracking BokBot (IcedID) Infrastructure
https://team-cymru.com/blog/2021/05/19/tracking-bokbot-infrastructure/
https://github.com/team-cymru/iocs/tree/master/bokbot

Google Researchers Discover A New Variant of Rowhammer Attack
https://thehackernews.com/2021/05/google-researchers-discover-new-variant.html

Bose Admits Ransomware Hit: Employee Data Accessed
https://threatpost.com/bose-ransomware-employee-data/166443/

Trickbot Brief: Creds and Beacons
https://thedfirreport.com/2021/05/02/trickbot-brief-creds-and-beacons/

Attacks Embedding XMRig on Compromised Servers
https://blogs.jpcert.or.jp/en/2021/05/xmrig.html

Financial spear-phishing campaigns pushing RATs
https://www.cyjax.com/2021/05/27/financial-spear-phishing-campaigns-pushing-rats/

Data Wiper Malware Disguised As Ransomware Targets Israeli Entities
https://thehackernews.com/2021/05/data-wiper-malware-disguised-as.html

Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer
https://thehackernews.com/2021/05/malvertising-campaign-on-google.html

B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊
藍牙的核心與Mesh規格含有7個安全漏洞,允許駭客冒充合法裝置
https://times.hinet.net/topic/23344006

New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices
https://thehackernews.com/2021/05/new-bluetooth-flaws-let-attackers.html

「疾管家」遭山寨版冒名 錯刷店家QR code損失大
https://reurl.cc/GmkEev

APK 拆解顯示 Google 語音助理將可幫你「關機」
https://www.kocpc.com.tw/archives/385377

布局5G物聯網有成 台灣之星瞄準XR商機
https://udn.com/news/story/7086/5483844

啟動高效能居家辦公,通訊協作軟體功能大盤點
http://n.yam.com/Article/20210527716320

WhatsApp Sues Indian Government Over New Internet Regulations
https://thehackernews.com/2021/05/whatsapp-sues-indian-government-over.html

C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
數位轉型 來自資訊長及IT部門的抗拒
https://ctee.com.tw/bookstore/selection/465135.html

7 個你一定要知道 VPN 可以做到的事情!讓你在網路上暢行無阻
https://www.kocpc.com.tw/archives/385620

Wi-Fi 網絡暗藏危機? 所有 Wi-Fi 流動設備難以倖免
https://reurl.cc/1YxQKQ

目標式攻擊瞄準供應鏈脆弱環節,該如何因應?
https://www.ithome.com.tw/article/144112

面對網絡攻擊須提高防禦意識
https://reurl.cc/eE53jx

資安防護成佈署遠端工作的新挑戰?企業可以用這 5 招提升戰略思維
https://buzzorange.com/techorange/2021/05/26/ceo-pay-attention-to-information-security/

居家上班如何避免成為詐團和駭客目標 專家提醒注意4類資安風險
https://vip.udn.com/vip/story/121938/5483232

遠距上班、網購藏危機 資安專家警告:恐掀駭客黑潮
https://reurl.cc/kZ5E79

上網追劇、看謎片增資安風險 遠距上班3大重點防惡意病毒
https://reurl.cc/2r4m84

駭客靠一台「示波器」,成功還原 20 多年前的磁片資料
https://buzzorange.com/techorange/2021/05/25/oscilloscope-decode-floppy-disk/

資安攻擊防不勝防,白名單是打造零信任資安環境的利器
https://www.ithome.com.tw/news/144553

看懂零信任架構,先釐清對於ZTA常見的3大迷思
https://www.ithome.com.tw/news/144551

「依照駭客情蒐」評比50大企業台灣「這行業」資安落後
https://reurl.cc/OX2Re3

跨國跨產業資安職涯動力曲線大分享,先輩給資安新血的2大職涯發展心法
https://www.ithome.com.tw/news/144617

國家、網路衝突與暗網
https://blog.twnic.tw/2021/05/23/18252/

WFH資安重點在身份核實 2招確保電子郵件往來安全性
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000611371_NVD4C7KB6N6C6R2ZQX3IV

遠距上班、教學現亂象!疫情加速數位轉型,台灣準備好了嗎
https://city.gvm.com.tw/article/79675

疫情警戒攀升,企業異地辦公與資安部署準備好了嗎
https://www.techbang.com/posts/86735-epidemic-alert-climbs-enterprise-off-site-office-and-security

居家辦公,除了筆電,還要幫員工準備甚麼
https://news.sina.com.tw/article/20210521/38638282.html

特權Docker容器/K8s Pod須妥善保護 API暴露恐遭接管主機 駭客鎖定微服務DevOps 雲端容器漏洞成攻擊對象
https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/A460D57EC6F749C8A12F3C0E4BD1726B

1年1.6億次攻擊如何擋?三總從實戰練出7措施11方法打造更強防禦
https://www.ithome.com.tw/news/144606

曾破壞伊朗核設施 懲罰勒贖駭客的美國網軍
https://vip.udn.com/vip/story/121937/5487890

微軟稱遭中國黑客攻擊 拜登政府避而不談
https://www.secretchina.com/news/b5/2021/05/24/972684.html

癱瘓新聞網站 電話恐嚇報社 駭客落網
https://reurl.cc/OX2RDR

日本前將領:中國對台「混合戰」早已展開 有8套劇本
https://www.cna.com.tw/news/aopl/202105220002.aspx

慎防受駭 各國拉高電力服務資安防護
https://reurl.cc/xgYW91

防油管再遇「駭」 美國國安部將頒新網安法規
https://www.worldjournal.com/wj/story/121173/5486667

美國國務院規劃部署系統漏洞定期掃描工具
https://www.secrss.com/articles/31429

美參議員提議案防堵中共設備進入市場
https://www.epochtimes.com/gb/21/5/25/n12975534.htm

美國商務部被指監控亞裔員工 前調查員:深夜秘搜辦公室
https://udn.com/news/story/6809/5486348?from=udn-catebreaknews_ch2

拜登、普亭開峰會 美俄著手安排下月瑞士登場
https://udn.com/news/story/6809/5483607?from=udn-catelistnews_ch2

克里姆林宮宣布 美俄6月中舉行總統峰會
https://news.ltn.com.tw/news/world/breakingnews/3546134

親綠寫手害王定打PTT「認知戰」遭反殺 高虹安:他老師是范雲
https://reurl.cc/YOlv2l

親綠寫手反串被抓包 郭正亮:「蟑螂窩」連總統都敢騙
https://gotv.ctitv.com.tw/2021/05/1780328.htm

親綠寫手假訊息 高虹安批:白天掃毒、晚上散佈駭客病毒
https://reurl.cc/j8d1bn

親綠寫手PTT反串中共惹議 許智傑:給年輕人一個機會
https://reurl.cc/xGDQ05

反串之亂|高虹安諷政府的認知作戰敵我都是同胞 民眾黨要蔡英文道歉
https://tw.appledaily.com/politics/20210525/SXLFIZQJRBF3RHIZVSNV32QXFU/

林瑋豐遭網友起底被質疑自導自演認知作戰 調查局證實已接獲檢舉信
https://news.pts.org.tw/article/527732

林瑋豐「反串」串事件 藍綠互槓
https://news.ltn.com.tw/news/politics/paper/1450975

核四公投領銜人黃士修檢舉林瑋豐 法務部:積極偵辦中
https://udn.com/news/story/122186/5483222?from=udn-catelistnews_ch2

林瑋豐「抹PTT認知作戰」下場慘了! 調查局也要辦他
https://www.ettoday.net/news/20210525/1990341.htm

林瑋豐自導自演 調查局一晚接獲70多名網友檢舉
https://www.chinatimes.com/realtimenews/20210525002326-260402?chdtv

林瑋豐自導自演認知作戰 調查局請黃士修作查證筆錄
https://udn.com/news/story/122186/5487261?from=udn-catebreaknews_ch2

網路反串之亂 重傷政府信用與防疫團結
https://udn.com/news/story/121823/5489101?from=udn-catelistnews_ch2

中共認知戰下的產物--不普篩就會有黑數
https://newtalk.tw/news/view/2021-05-25/578740

親綠寫手反串「對台認知作戰」 陸批沒良知、沒底線
https://udn.com/news/story/7333/5485900?from=udn-ch1_breaknews-1-cate4-news

關站是謠言! PTT站方澄清:無任何關閉的傾向或計畫
https://news.ltn.com.tw/amp/news/life/breakingnews/2412377

中共滲透台灣八劇本 專家:培養親共政權為首
https://www.epochtimes.com/b5/21/5/25/n12974154.htm

特斯拉在中國建立數據中心 緩解資安疑慮
https://www.cmoney.tw/notes/note-detail.aspx?nid=267278

Graphika調查:反共富豪郭文貴與網路世界的「螞蟻幫」
https://tfc-taiwan.org.tw/articles/5582

中國監控設備深入地方?超過 100 個美國鄉鎮採購海康威視、浙江大華產品
https://www.inside.com.tw/article/23625-united-states-towns-hikvision-dahua-surveillance

外資配合中共審查 專家籲企業聯手反制
https://www.epochtimes.com/b5/21/5/23/n12969834.htm

比利時內政部網路也因Exchange Server漏洞遭駭
https://www.ithome.com.tw/news/144665

香港特首歡迎完善選舉制度法案通過
https://www.news.gov.hk/chi/2021/05/20210527/20210527_162639_092.html

香港立法會三讀通過完善選舉制度條例草案 自由黨議員支持中央堵塞選舉漏洞
https://reurl.cc/W3d4lL

香港選舉條例修訂案通過 落實「愛國者治港」
https://money.udn.com/money/story/5603/5489026

FSB NKTsKI: Foreign ‘cyber mercenaries’ breached Russian federal agencies
https://therecord.media/fsb-nktski-foreign-cyber-mercenaries-breached-russian-federal-agencies/

Watering Hole Attack Was Used to Target Florida Water Utilities
https://thehackernews.com/2021/05/watering-hole-attack-was-used-to-target.html

Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea
https://thehackernews.com/2021/05/researchers-link-cryptocore-attacks-on.html

Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software
https://thehackernews.com/2021/05/details-disclosed-on-critical-flaws.html

FBI Analyst Charged With Stealing Counterterrorism and Cyber Threat Info
https://thehackernews.com/2021/05/fbi-analyst-charged-with-stealing.html

Russian Hydra DarkNet Market Made Over $1.3 Billion in 2020
https://thehackernews.com/2021/05/russian-hydra-darknet-market-made-over.html

The new group policies coming to Windows 10 21H2
https://www.bleepingcomputer.com/news/microsoft/the-new-group-policies-coming-to-windows-10-21h2/

Hackers Using Fake Foundations to Target Uyghur Minority in China
https://thehackernews.com/2021/05/hackers-using-fake-foundations-to.html

FBI issues warning about Fortinet vulnerabilities after APT group hacks local gov’t office
https://www.zdnet.com/article/fbi-issues-warning-about-fortinet-vulnerabilities-after-apt-group-hacks-local-govt-office/

FBI警告APT參與者正在針對Fortinet設備中的漏洞
https://0xzx.com/zh-tw/2021052810361473102.html

North Korean hackers behind CryptoCore multi-million dollar heists
https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-cryptocore-multi-million-dollar-heists/

Security in Nextcloud: how to block 99.9% of user account attacks
https://nextcloud.com/blog/security-in-nextcloud-how-to-block-99-9-of-attacks/

Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys them instead
https://www.zdnet.com/article/iranian-hacking-group-agrius-pretends-to-encrypt-files-for-a-ransom-destroys-it-instead/

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT
https://securityaffairs.co/wordpress/118306/digital-id/kubernetes-clusters-teamtnt.html

稽核專員(資安)
https://www.104.com.tw/job/79z8m

DevOps/SRE 工程師
https://www.104.com.tw/job/7adm8

資安工程師
https://www.104.com.tw/job/79oax

IT Security Manager 資訊安全經理
https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?R2=11&EMPLOYER_ID=2244421&HIRE_ID=10377593

資安管理專責人員
https://www.104.com.tw/job/7a6u1

【專案】資安專責人員
https://www.104.com.tw/job/7aniv

網路資安工程師
http://www.104.com.tw/jb/104i/job/view?j=6nkhr

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
你的 Gmail、臉書帳號值多少錢?研究公開「暗網最新價目表」
https://3c.ltn.com.tw/news/44533

Gmail 帳號一個價值 2,228 元,最新暗網價目表公開
https://ccc.technews.tw/2021/05/28/dark-web-price-2021/

快看你有沒有上榜!日資安公司曝「最爛密碼排行」
https://news.ltn.com.tw/news/novelty/breakingnews/3547864

疫情搞詐騙? 假疫調騙取個資 接獲「130多件」檢舉案
https://reurl.cc/3aD16O

收到疫苗採購民調連結?建議多方查證資訊來源,避免點擊不明表單
https://www.mygopen.com/p/blog-page_27.html

駭客入侵富士通客戶用軟體!日本政府、成田機場資料遭外洩
https://technews.tw/2021/05/27/japanese-government-offices-hacked/

Canada Post 95萬客戶信息遭洩漏
https://riseweekly.com/2021-05-canada-post/

華盛頓特區警方的數據洩露揭示對社交媒體上小丑相關賬戶的監視
https://www.cnbeta.com/articles/tech/1133081.htm

駭客盯上印度航空 450萬筆個資全洩漏
https://ec.ltn.com.tw/article/breakingnews/3542586

23 款 Android App 配置不當,多達 1 億筆使用者個資網上看光光
https://technews.tw/2021/05/24/23-android-apps-expose-personal-data/

安永隱私保護調查 搜尋引擎、社交媒體最不被信任
https://ctee.com.tw/uncategorized/463598.html

在家自拍也可被黑客盜取個人資料!別亂用#WorkFromHome標籤
https://reurl.cc/WEe8O5

日本熱門約會軟體遇駭 逾170萬用戶個資受影響
https://www.cna.com.tw/news/aopl/202105240329.aspx

居家上班 小心資安風險 駭客藉連結詐騙個資 攻擊家中路由器 防毒軟體要更新到位
https://eteacher.edu.tw/ReadNews_m.aspx?id=4533

簡訊實聯制恐造成個資外洩 鄭宏輝籲資安須兼顧
https://reurl.cc/gWv29N

防疫宅在家網購 金門2人遭騙11萬餘元
https://www.chinatimes.com/realtimenews/20210525002303-260402?chdtv

遠距教學4步驟保護孩童隱私 網購平台見2圖示安心買
https://reurl.cc/dGrW7z

「防疫實聯衝衝衝」使用人數破百萬 疑個資外洩急下架
https://reurl.cc/YOlXeX

百萬人加好友!防疫實聯衝衝衝疑外洩個資 LINE急下架
https://www.setn.com/News.aspx?NewsID=944529

比唐鳳還要早!百萬人使用的實聯制疑洩外資 上線10天就下架銷毀
https://tw.appledaily.com/local/20210526/CTYMCHSEORGPHFAXWST3ULPTIU/

運動手錶隨身裝置資料直通雲端 資安及法規遵循不容輕忽 穿戴科技實現智慧健身 連網隱私供應鏈皆須安全
https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/566EFC7BB1384CDB913F5B2D90FC8E0D

主播張雅琴臉書遭詐騙集團盜用 怒報警「好膽嘜走」
https://stars.udn.com/star/story/10089/5485732

抖音等百款APP非法收集用戶個資 捉賊的也挨轟
https://www.soundofhope.org/post/508508?lang=b5

破億 Android 手機用戶個資遭曝於設定不當的雲端服務
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9253

網傳「教育部網站公告,全國各級學校自110年5月19日起至6月18日止,因應疫情停課居家線上學習」
https://tfc-taiwan.org.tw/articles/5576

偽教育部網站散布「停課至6月18日」假訊息 刑事局成立專案小組追查
https://newtalk.tw/news/view/2021-05-25/578674

假公告稱疫情補助每人1萬元?教育部停課到七月?三招拆穿惡搞假公告
https://tfc-taiwan.org.tw/articles/5561

EP48 - 釣魚~釣魚~釣到什麼魚
https://infosecdecompress.com/posts/ep48_phishing_as_a_service

「簡體字+大陸生活用語」 CDC籲:辨明假資訊.勿轉傳
https://reurl.cc/5rg1Yv

最爛密碼Top10曝光 「asdfghjk」看似亂碼卻暗藏玄機
https://www.chinatimes.com/hottopic/20210526005461-260809?chdtv

上海警方搗毀直播詐騙窩點:詐騙分子蘿莉禦姐音秒切換
https://www.cnbeta.com/articles/tech/1133391.htm

繼某地產公司、音頻設備公司“隱瞞”攻擊後,達美樂披露1.8億用戶數據洩露
https://www.freebuf.com/articles/neopoints/275159.html

23 Android Apps Expose Over 100,000,000 Users' Personal Data
https://thehackernews.com/2021/05/these-23-android-apps-expose-over.html

Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers
https://thehackernews.com/2021/05/indias-flag-carrier-airline-air-india.html

E.研究報告
不可不知的街頭監控技術:基地台模擬器 / 國際移動使用者辨識碼擷取器
https://lab.ocf.tw/2021/05/24/street-level-surveillance/

你一定用過 htop,但你有看懂每個欄位嗎
https://medium.com/starbugs/do-you-understand-htop-ffb72b3d5629

Vue 組件通信的8 種方式
https://xie.infoq.cn/article/d3333bb4321a8319a5141eb4f

Blogger 群體被駭事件始末﹍淺談「社交工程」如何入侵網站
https://www.wfublog.com/2021/05/blogger-hacked-posts-deleted-social-engineering.html

「資安做得多就會有被害妄想症。」「攻擊型」資安顧問的工作日常(ft. 翁浩正)
https://podcast.starrocket.io/109

EP35 茶水閒聊:全台疫情第三級、疫情資安個資、在家工作遠端上班、BTC來至三萬、純推韓劇
https://open.firstory.me/story/ckp1jhbv1fjij08002we9j5ea

對PWN2OWN上TP-LINK AC1750路由器突破的利用分析
https://www.163.com/dy/article/GAP3HNH10511CJ6O.html?f=post2020_dy_recommends

PWN2OWN TOKYO 2020: DEFEATING THE TP-LINK AC1750
https://www.synacktiv.com/en/publications/pwn2own-tokyo-2020-defeating-the-tp-link-ac1750.html

ProxyLogon漏洞被用於門羅幣挖礦
https://mp.weixin.qq.com/s/p9pzBzbbHgjT7nPxF4TWIw#at

Java反序列化漏洞從入門到關門
https://www.gushiciku.cn/dl/0a32I/zh-hk

隱藏源IP,提高溯源難度的幾種方案
https://www.freebuf.com/sectool/270669.html

國家工信安全中心:《全球跨境數據流動相關問題研究》
https://mp.weixin.qq.com/s/AQhjkositPhLNz3HtdBdnw

安全設備的漏洞挖掘
https://bbs.pediy.com/thread-267854.htm

0x0C. Defeat Indirect Call - Anti-Analysis Technique in Darkside Ransomware
https://hackmd.io/Pu7rwaRgSdedTY0eRaC4dg

AMSI Bypass Methods
https://pentestlaboratories.com/2021/05/17/amsi-bypass-methods/amp/?__twitter_impression=true

Amsi-Bypass-Powershell
https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell

Hunting and Detecting IcedID Infections
https://www.telekom.com/en/blog/group/article/let-s-set-ice-on-fire-hunting-and-detecting-icedid-infections-627240
https://github.com/telekom-security/icedid_analysis

Is Single Sign-On Enough to Secure Your SaaS Applications
https://thehackernews.com/2021/05/is-single-sign-on-enough-to-secure-your.html

Top Cyber Threats to Latin America and the Caribbean
https://www.fireeye.com/blog/executive-perspective/2021/05/top-cyber-threats-to-latin-america-and-the-caribbean.html

Monero Cryptominer Exploits Docker Containers
https://labs.sentinelone.com/caught-in-the-cloud-how-a-monero-cryptominer-exploits-docker-containers/

I/O Rings – When One I/O Operation is Not Enough
https://windows-internals.com/i-o-rings-when-one-i-o-operation-is-not-enough/

Routersploit Check the security of your router
https://en.iguru.gr/2020/05/14/routersploit-elegkse-tin-asfaleia-tou-router-sou/

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises
https://www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html

DNS-Black-Cat(DBC) - Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration
https://www.kitploit.com/2021/05/dns-black-catdbc-multi-platform-toolkit.html

IPED:-- Digital Forensic Tool.
https://github.com/sepinf-inc/IPED

Using Podman and Docker Compose
https://www.redhat.com/sysadmin/podman-docker-compose

podman-compose
https://github.com/containers/podman-compose

Php_Code_Analysis - San your PHP code for vulnerabilities
https://www.kitploit.com/2021/05/phpcodeanalysis-san-your-php-code-for.html

Kubecost + Rancher = $$$ saved
https://itnext.io/kubecost-rancher-saved-df30fe77135b

Text to UML and other “diagrams as code” tools – Fastest way to create your models
https://modeling-languages.com/text-uml-tools-complete-list/

How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/

PCI Express 6.0 Status Update: Draft 0.71 Coming Soon, Final Release by End of Year
https://www.anandtech.com/show/16704/pci-express-60-status-update-draft-071-coming-soon-final-release-by-end-of-year

Mobile Device Digital Forensics
https://barwisian.medium.com/mobile-device-digital-forensics-b43b88f8267

My RCE PoC walkthrough for (CVE-2021–21974) VMware ESXi OpenSLP heap-overflow vulnerability
https://straightblast.medium.com/my-poc-walkthrough-for-cve-2021-21974-a266bcad14b9

Chinese APT Actors Compromising PulseSecure VPN Devices
https://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html
https://github.com/fireeye/pulsesecure_exploitation_countermeasures

Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns
https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/

Unified Threat Detection With Endpoint Security 5.1 and Helix
https://www.fireeye.com/blog/products-and-services/2021/05/unified-threat-detection-endpoint-security-helix.html

Analysis report of the Facefish rootkit
https://blog.netlab.360.com/ssh_stealer_facefish_en/

F.商業
全台停課 Fortinet提6方法保護學童網路安全
https://turnnewsapp.com/livenews/tech/A06659002021052015414940

泓洋電子科技人臉辨識系統 體溫及門禁管理最佳幫手
https://money.udn.com/money/story/5635/5476079

Intel 產業論壇 詮隼科技發表「ORANge 5G 測試解決方案」
https://ctee.com.tw/industrynews/technology/463572.html

【殲滅開源軟體漏洞】資安公司 Snyk 收購瑞典新創 FossID,企業資安風險有保障
https://buzzorange.com/techorange/2021/05/21/snyk-bolsters-open-source-software-security-with-fossid-acquisition/

個股:網路安全問題層出不窮,群聯攜手Cigent推自我防衛SSD方案搶商機
https://fnc.ebc.net.tw/fncnews/stock/134798

協助MITRE ATT&CK for Containers架構 共創雲端資安未來
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&cat=60&id=0000610164_6V9241RK5PBA075AZBH7G

黃金治療時間不延誤!醫院備份數位資料、防勒索軟體,就靠這一款「不復古」的藍光歸檔光碟櫃
https://buzzorange.com/techorange/2021/05/25/panasonic-health-data-archive/

【Microsoft Build 2021】口說文本變程式碼有譜,Windows 也將更大力擁抱 ARM
https://www.inside.com.tw/article/23637-microsoft-build-2021

居家工作一週 微軟揭密「數位工具部署關鍵」
https://finance.ettoday.net/news/1987623

點點簽免費開放電子簽名服務,協助企業在家辦公兼顧生產力
https://www.inside.com.tw/article/23611-dotted-sign

宏碁施振榮呼籲:善用科技防疫、讓病毒在台碰壁!當起自家sMeet視訊系統代言人
https://www.bnext.com.tw/article/63001/stan-shi-use-video-conference

打造全面運算方案,Arm 全新 Armv9 架構 CPU、GPU 亮相
https://technews.tw/2021/05/26/arm-armv9-2/

Gigamon助製造業實現全網可視化 即時遏阻入侵攻擊
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000611050_LVD1EE5W42WFRI1VVP6J1

Palo Alto Networks發佈2021年勒索軟體威脅報告
https://turnnewsapp.com/livenews/tech/A07657002021052715115973

遠傳攜手數聯資安,拓中小企業遠距應用商機
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=d896408b-bb48-44a9-b123-d581e3ae8727

三竹宣布 免費提供企業專用即時通訊軟體「CoLine」
https://money.udn.com/money/story/5612/5489955

防疫期間因應金管會規定,ArkEase Pro 提供產壽險業視訊錄影存證備查方案
https://news.sina.com.tw/article/20210527/38705200.html

1Password 瀏覽器插件也支援用生物辨識來認證,再一個地方免入密碼了
https://reurl.cc/eEx5nm

趨勢科技獲選為2021年Gartner端點防護平台神奇象限領導者
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000610518_5O443VCM25AI7F7I26YUC

「USB-IF」公佈新標準!筆電將可全面採用 USB Type-C 充電
https://3c.ltn.com.tw/news/44507

Google發布Analytics Hub供用戶大規模交換資料集
https://www.ithome.com.tw/news/144663

G.政府
六大戰略產業是什麼?520 六大戰略產業滿周年回顧
https://reurl.cc/E2qbvR

首次實測視訊會議 游錫堃:立院歷史性一刻
https://www.epochtimes.com/b5/21/5/21/n12965733.htm

校正回歸熱議 調查局情蒐社群言論
https://udn.com/news/story/6656/5478491?from=udn-catebreaknews_ch2

全國2596公部門 使用中國資通產品
https://news.ltn.com.tw/news/politics/paper/1450420

空軍通航資聯隊 傳遞戰情 守護飛安
https://reurl.cc/O0bvdX

能執行政院網戰專案任務 國防部資安鑑識實驗室曝光
https://udn.com/news/story/10930/5480736?from=udn-catelistnews_ch2

台灣與Skype發源國愛沙尼亞 共論數位轉型與資安商機
https://ec.ltn.com.tw/article/breakingnews/3547392

行政院資通安全會報-資通安全網路月報(110年4月)
https://nicst.ey.gov.tw/Page/8770AD7511CB8DC9/9d52771f-a6e1-4407-a16e-4e63abfd2cf2

調查局赴歐洲跨境打詐 「全副武裝」遣返人犯
https://udn.com/news/story/7315/5491186?from=udn-catelistnews_ch2

ISAC將從中央推至地方 建構全國資安聯防網
https://reurl.cc/R04dQD

H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車 相關資安
資訊安全在醫療領域的重要性 feat.毛敬豪、王仁甫
https://player.soundon.fm/p/8fdc3e51-8bfb-4bfa-9c65-8ea2ce5a6eb7/episodes/45ce16f4-7e91-4230-9089-106e3bebdc33

物聯網裝置要如何做到端點的威脅偵測?研究人員打算透過韌體虛擬化來檢測
https://www.ithome.com.tw/news/144538

Secure Thingz攜手NXP強化連網裝置保護 推進IoT安全建置方案
https://reurl.cc/gWvDjR

區塊鏈去中心化技術有利提升資安等級 物聯網領域躍躍欲試
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000611308_QR12IX601BR9G67UCFSJP

賓士聯手資安業者,強化車用系統資安防護
https://blog.twnic.tw/2021/05/27/18776/

如何抵擋駭客攻擊,提升工控系統主動防禦力
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9256

趨勢科技:5G新興威脅讓智慧製造面臨資安難題
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=13ffe38c-c030-477f-87e2-86a875e1bdd5

I.教育訓練
14年玩成全球頂尖駭客,戴夫寇爾首席資安研究員親身分享5階段心路轉折
https://www.ithome.com.tw/news/144565

何謂資訊安全(資安)
https://ithelp.ithome.com.tw/articles/10256773

改個 DNS 是要改多久?- Domain 管理的常見問題
https://reurl.cc/6agy3y

What To Do When Your Business Is Hacked
https://thehackernews.com/2021/05/what-to-do-when-your-business-is-hacked.html

How to Lower the Risk That Digital Transformation Leads to a Financially Costly Breach
https://www.fireeye.com/blog/products-and-services/2021/05/lower-risk-digital-transformation-leads-to-costly-breach.html

How to Manage VMware Snapshots: A Guide
https://www.virtualizationhowto.com/2021/05/how-to-manage-vmware-snapshots-a-guide/

J.人工智慧/AI/ML/人臉辨識
整合新世代 CPU 與 GPU 架構 超效能為智慧應用奠基 高速運算實踐 AI 賦能 打造數位創新最夠力
https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/08B64D236BEC4AF3AAB1327FCBB3CE8C





6.近期資安活動及研討會
TensorFlow Everywhere | From 0 to 1 6/10
https://www.meetup.com/TensorFlow-User-Group-Taipei/events/277170902/

2021製造業資安論壇 6/10
https://docs.google.com/forms/d/e/1FAIpQLSeJEpc_ePmJGx2RO6hlSJQnmsFTzBT-2zkzjcnPHbdYS2UAhQ/viewform

行動應用APP安全檢測與實務(可抵內稽)  6/11
https://www.caa.org.tw/coursedetail-3515.html

Maximize the Output, or Optimize the Outcome 6/24
https://www.meetup.com/the-liberators-network-taiwan-user-group-taipei-taiwan/events/276003947/

【白帽駭客工坊】2021資安實務培訓課程 6/25
https://pttcareer.com/tech_job/M.1620115144.A.C05.html

國家高速網路與計算中心 教育訓練  【資安進階課程】實體滲透與手法研究 6/29
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3950&from_course_list_url=homepage

Cyber Security Global Summit 21  6/29 ~ 6/30
https://cs.geekle.us/?utm_content=INFO_SEC_TIER2

元智資工夏令營-由programming邁入AI大數據與資安世界 7/15 ~ 7/17
https://cse-yzu.kktix.cc/events/yzcsapcs5

學生計算機年會 SITCON 2021  9/4
https://sitcon.org/2021/

Cyber Defense Summit 2021 Oct. 4-7, 2021
https://summit.fireeye.com/

沒有留言:

張貼留言

資安事件新聞週報 2021/9/6 ~ 2021/9/10

  資安事件新聞週報 2021/9/6  ~  2021/9/10 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 發布Enterprise NFV Infrastructure Software(NFVIS)軟體安全更新 https://us-cert.c...