資安事件新聞週報 2021/6/28 ~ 2021/7/2


 

資安事件新聞週報 2021/6/28  ~  2021/7/2

1.重大弱點漏洞/後門/Exploit/Zero Day
Hackers target Cisco ASA devices after a PoC exploit code was published online
https://securityaffairs.co/wordpress/119442/hacking/cisco-asa-under-attack.html

Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online
https://thehackernews.com/2021/06/cisco-asa-flaw-under-active-attack.html

Citrix發布針對Hypervisor的安全更新
https://us-cert.cisa.gov/ncas/current-activity/2021/06/25/citrix-releases-security-updates-hypervisor

Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine
https://thehackernews.com/2021/06/unpatched-virtual-machine-takeover-bug.html

WD 網絡硬碟有嚴重安全漏洞 官方建議立即中斷網絡連線
https://unwire.hk/2021/06/26/wd-my-book-nas-devices-are-being-remotely-wiped/parts/

Netgear路由器漏洞可引發資訊洩露、系統劫持
https://www.ithome.com.tw/news/145414

Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
https://thehackernews.com/2021/06/watch-out-zyxel-firewalls-and-vpns.html

VMware Releases Security Updates
https://us-cert.cisa.gov/ncas/current-activity/2021/06/23/vmware-releases-security-updates



Zero day for every supported Windows OS version in the wild — PrintNightmare
https://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c

Microsoft Discloses Critical Bugs Allowing Takeover of NETGEAR Routers
https://thehackernews.com/2021/06/microsoft-discloses-critical-bugs.html

RARLAB fixed a MITM (CVE-2021-35052) in WinRAR found by our researcher Igor Sak-Sakovskiy
https://twitter.com/ptswarm/status/1410590267326009345

Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability
https://thehackernews.com/2021/06/researchers-leak-poc-exploit-for.html

Microsoft Edge Bug Could've Let Hackers Steal Your Secrets for Any Site
https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html

2020 年提報 CVE 漏洞數量最多的十大企業、産品與漏洞類型
https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=9300

Apache Nuttx 10.1.0 之前的版本
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-26461

Jenkins Generic Webhook Trigger Plugin 1.72 及更早版本
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-21669

White Shark System (WSS) 1.3.2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20471

Palo Alto Networks之Cortex XSOAR產品存在安全漏洞(CVE-2021-3044)
http://net.nthu.edu.tw/2009/mailing:announcement:20210629_03

2.銀行/金融/保險/證券/支付系統/ 新聞及資安
駭客撞庫攻擊電商網站 盜刷會員信用卡
https://reurl.cc/qgn5lq

開發金率先導入微軟雲端方案 搶占數位轉型商機
https://money.udn.com/money/story/5613/5565854

開發金控和台灣微軟異業合作 搶數位轉型商機
https://turnnewsapp.com/livenews/finance/A78817002021062916503128

缺糧缺錢 金正恩找駭客攻擊銀行 得手數十億美元
https://ec.ltn.com.tw/article/breakingnews/3583329

富邦建立金控層級CSIRT,定義4大類情資,建置多種偵測與應變資安分析防禦系統來應對
https://www.ithome.com.tw/news/145306

疫情影響國銀徵才 合庫銀延後筆試、面試期間
https://finance.ettoday.net/news/2019033

防疫應變 合庫銀甄試延期舉行、報名延長至7/15
https://money.udn.com/money/story/5613/5567558

金管會7大新制上路 重點一次看
https://finance.ettoday.net/news/2019885

資安專家發現 ATM 漏洞,用手機就可以盜領現金
https://buzzorange.com/techorange/2021/07/01/phone-nfc-hack-atm/

安全專家發現ATM機NFC功能漏洞,僅用一台手機就可改變金額,甚至強制提現!
https://mp.weixin.qq.com/s/wfD1YXgBftgcblr2gN1guQ

FIN7 Supervisor Gets 7-Year Jail Term for Stealing Millions of Credit Cards
https://thehackernews.com/2021/06/fin7-supervisor-gets-7-year-jail-term.html

FIN7 hacking gang’s “pen tester” jailed for seven years by US court
https://hotforsecurity.bitdefender.com/blog/fin7-hacking-gangs-pen-tester-jailed-for-seven-years-by-us-court-26031.html

3.電子支付/行動支付/pay/資安
「街口支付」及「樂購蝦皮」 交通罰鍰新增行動支付
https://reurl.cc/1YKLvQ

防疫再提升 桃市各戶所開辦信用卡及行動支付服務
https://reurl.cc/W30Yxx

7月電子支付條例上路 實價登錄揭露至門牌
https://reurl.cc/9rDAvx

全聯、全家搶攻電子支付 買賣基金換匯「變身微型銀行」
https://reurl.cc/vqQbaN

電子支付一堆霧煞煞?簡單告訴你:未來零售業可變身「微銀行」
https://news.cnyes.com/news/id/4665953

香港、大灣區邊款電子支付最多人用?最常用網購平台兩地大不同
https://reurl.cc/W30YN7

全聯投資「全支付」 獲金管會專營電子支付機構業務許可
https://reurl.cc/mLxbyV

全家、玉山、拍付獲專營電子支付許可 盼第4季上線服務
https://www.chinatimes.com/realtimenews/20210624005228-260410?chdtv

4.加密貨幣/挖礦/區塊鍊/智能合約 資安
慶祝中共100年黨慶|雲南比特幣礦場「今一律斷電停產」!煤炭、鋼鐵業已停一週
https://www.blocktempo.com/china-yunnan-major-bitcoin-miners-shut-down-for-ccp-100-anniversary/

監管機構盯上!英國禁止幣安展開交易
https://www.inside.com.tw/article/24020-uk-bans-binance-cryptocurrency-exchange

中國將金融未來押注在區塊鏈上
https://www.inside.com.tw/article/24033-china-bets-on-the-blockchain

以比特幣為官方貨幣,美國籲薩爾瓦多妥善監管
https://finance.technews.tw/2021/07/02/republica-de-el-salvador-bitcoin/

5.資安事件新聞

A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC
以驅動程式型態存在的惡意蠕蟲Netfilter,驚傳內含微軟簽署的憑證,微軟公布初步調查結果
https://www.ithome.com.tw/news/145303

Microsoft signed a malicious Netfilter rootkit
https://www.gdatasoftware.com/blog/microsoft-signed-a-malicious-netfilter-rootkit

荷蘭資安業者Tesorion釋出Lorenz勒索軟體的免費解密工具
https://www.ithome.com.tw/news/145339

勒索軟體REvil盯上Linux平臺
https://www.ithome.com.tw/news/145324

亞太資安新情勢 微軟:台灣成勒索軟體攻擊五大熱區
https://money.udn.com/money/story/5612/5570952

COVID-19疫情期間釣魚、勒索軟體及網頁程式攻擊激增
https://blog.twnic.tw/2021/07/01/18964/

資安教戰守則:因應雙重勒索之道 目標式攻擊瞄準供應鏈脆弱環節,該如何因應
https://www.issdu.com.tw/perspective_detail.php?id=29

5 Critical Steps to Recover From a Ransomware Attack
https://thehackernews.com/2021/06/5-critical-steps-to-recovering-from.html

Crackonosh virus mined $2 million of Monero from 222,000 hacked computers
https://thehackernews.com/2021/06/crackonosh-virus-mined-2-million-of.html

Ransomware: Growing Number of Attackers Using Virtual Machines
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ransomware-virtual-machines

REvil ransomware Linux version
https://twitter.com/malwrhunterteam/status/1409577829289934851?s=20
https://twitter.com/VK_Intel/status/1409601311092490248

Hackers Trick Microsoft Into Signing Netfilter Driver Loaded With Rootkit Malware
https://thehackernews.com/2021/06/hackers-trick-microsoft-into-signing.html

DMARC: The First Line of Defense Against Ransomware
https://thehackernews.com/2021/06/dmarc-first-line-of-defense-against.html

Malware author made $2 million after infecting 222,000 Windows systems
https://therecord.media/malware-author-made-2-million-after-infecting-222000-windows-systems/

Yet Another Archive Format Smuggling Malware
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/another-archive-format-smuggling-malware/

Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions
https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html

#APT #Lazarus #Andariel Suspected samples of Andariel, a sub-organization of Lazarus
https://twitter.com/360CoreSec/status/1405790277034418177

Hive Ransomware Group
https://id-ransomware.blogspot.com/2021/
https://securityaffairs.co/wordpress/119418/cyber-crime/new-ransomware-group-hive-leaks-altus-group-sample-files.html

Agent Tesla Infostealer
https://blogs.blackberry.com/en/2021/06/threat-thursday-agent-tesla-infostealer-malware

SMB Worm “Indexsinas” Uses Lateral Movement to Infect Whole Networks
https://www.guardicore.com/labs/smb-worm-indexsinas/
https://github.com/guardicore/labs_campaigns/blob/master/Indexsinas/files.md

Mirai_ptea Botnet
https://blog.netlab.360.com/mirai_ptea-botnet-is-exploiting-undisclosed-kguard-dvr-vulnerability/

IndigoZebra APT continues to attack Central Asia with evolving tools
https://research.checkpoint.com/2021/indigozebra-apt-continues-to-attack-central-asia-with-evolving-tools/

3 Steps to Strengthen Your Ransomware Defenses
https://thehackernews.com/2021/07/3-steps-to-strengthen-your-ransomware.html

Mysterious Node.js malware puzzles security researchers
https://therecord.media/mysterious-node-js-malware-puzzles-security-researchers/

B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊
New API Lets App Developers Authenticate Users via SIM Cards
https://thehackernews.com/2021/06/new-api-lets-app-developers.html

Google now requires app developers to verify their address and use 2FA
https://thehackernews.com/2021/06/google-now-requires-app-developers-to.html

Google Fi 向 iPhone 的使用者推出 VPN 服務,用以確保網路安全
https://applealmond.com/posts/105458

全球5G企業專網上路 資安漏洞偵測成電信業大挑戰
https://money.udn.com/money/story/5613/5565797

年輕人愛用抖音、小紅書 綠委:中國以「融媒體」策略進行文化統戰
https://www.storm.mg/article/3782576

簡訊實聯制遭疑「不只用來防疫」 NCC曝:已依規刪除上億則
https://reurl.cc/nomqGD

半數以上 5G 企業專網電信業者缺乏發掘及修正資安漏洞的知識或工具
https://blog.trendmicro.com.tw/?p=68723

Google Meet免費版不再用到飽!線上開會還有哪些選擇?6 個視訊會議平台推薦
https://www.managertoday.com.tw/articles/view/63262

Google擬在安卓手機推「數位疫苗卡」,接種紀錄直接存!隱私問題怎解
https://www.bnext.com.tw/article/63702/google-android-vaccine

The future of Android App Bundles is here
https://android-developers.googleblog.com/2021/06/the-future-of-android-app-bundles-is.html

C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
關於「VASP 防制洗錢及打擊資恐辦法」,你所需知道的一切
https://www.inside.com.tw/article/24046-vasp

如何運用間接證據追訴“駭客”網路盜竊
https://aijianggu.com/quyi/220382.html

一覺醒來家中2T硬碟資料被刪光,My Book Live被駭事件背後可能是兩名駭客在互搞
https://www.techbang.com/posts/88120-wd-data-hack

個人、企業到國家,一場打不完的資安戰爭
https://opinion.udn.com/opinion/story/11664/5563371

預防資訊安全危險,請先試著學習如何自我查證
https://www.potatomedia.co/post/a9989819-680d-469b-b117-ce29c3361473

美商藝電(EA)都被駭客詐騙!認識駭客攻擊,防禦駭客詐騙看這篇
https://reurl.cc/j899zp

11款盜版遊戲藏挖礦軟體 每天上千台電腦受害
https://www.ctwant.com/article/125937

喜歡下載免費遊戲?當心電腦遭駭被偷挖礦
https://newtalk.tw/news/view/2021-06-28/595678

微軟警告又遭受SolarWinds攻擊者Nobelium 駭侵
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9313

全球 WD My Book NAS 裝置遭攻擊,所有儲存資料均被遠端刪除
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=9312

公平是認知戰攻防的戰略高地
https://talk.ltn.com.tw/article/paper/1457584

南韓航太兩度遭駭 機敏資訊恐外洩
https://reurl.cc/XWAak7

駭客入侵!韓媒:戰機研發商遭駭 多款國產機資料遭盜
https://www.ptt.cc/bbs/Military/M.1625128674.A.A7A.html

金正恩:要新武器!北韓駭客駭入南韓國防產業盜技術
https://www.pourquoi.tw/2021/07/02/intlnews-neasia-210625-210701-03/

美報告:中國已成世界網路頂級威脅
https://tw.appledaily.com/international/20210628/Y7L5HGZMYREE3LHW6FYJNAAMQ4/

【中國網路攻擊能力真的那麼強?】最新網路戰略研究指出:中國最強大的地方,就是它的弱點
https://buzzorange.com/2021/06/29/china-cyberpower/

美國AIT副處長谷立言離任前夕 籲台團結勿受外力分化
https://www.cna.com.tw/news/aipl/202107010371.aspx

美國五角大廈資訊長:資安防護 確保科技優勢
https://reurl.cc/7rKVGd

「網路旗」對抗演訓 加拿大海軍團隊奪魁
https://reurl.cc/MA3zq4

IISS評估:美網戰能力全球之首
https://reurl.cc/j89rXD

美英警告:俄羅斯正利用K8s叢集進行暴力破解以滲透全球組織
https://www.ithome.com.tw/news/145415

控維吾爾人 陸涉疆駭客惹議
http://210.65.138.64/News/422497

EU Proposes Joint Cyber Unit Amid Rising Attacks
https://www.infosecurity-magazine.com/news/eu-proposes-joint-cyber-unit/

Google Extends Support for Tracking Party Cookies Until 2023
https://thehackernews.com/2021/06/google-extends-support-for-tracking.html

微軟警告又遭受SolarWinds攻擊者Nobelium 駭侵
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9313

IndigoZebra APT Hacking Campaign Targets the Afghan Government
https://thehackernews.com/2021/07/indigozebra-apt-hacking-campaign.html

NSA: Russian GRU hackers use Kubernetes to run brute force attacks
https://www.bleepingcomputer.com/news/security/nsa-russian-gru-hackers-use-kubernetes-to-run-brute-force-attacks/

Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise
https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/1/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF

SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
https://thehackernews.com/2021/06/solarwinds-hackers-breach-microsoft.html

New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites
https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html

Authorities Seize DoubleVPN Service Used by Cybercriminals
https://thehackernews.com/2021/06/authorities-seize-doublevpn-service.html

技術服務部_資深MIS技術工程師 (Windows/Linux)
https://www.104.com.tw/job/7alsy?jobsource=cs_2018indexpoc

LINE TV 數據工程師 (Data Engineer)
https://www.104.com.tw/job/77hl0

資安專案管理人員
https://www.104.com.tw/job/7bear

資安檢測工程師
https://www.104.com.tw/job/7bebb

資安行政助理(北區-資訊)
https://www.104.com.tw/job/7bfl0

N2515 網路資安副理
https://www.104.com.tw/job/7bg27

D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌
有不肖份子收購外洩帳密,嘗試非法登入國內多家電商網購平臺,東森5會員遭盜刷,近日刑事局逮捕嫌犯
https://www.ithome.com.tw/news/145360

LinkedIn 7億用戶資料被放在網路黑市兜售
https://www.ithome.com.tw/news/145338

賓士外部廠商雲端防護不足,160萬車主個資曝險,近千人受害
https://www.ithome.com.tw/news/145309

提高警覺!歡樂送個資外流 麥當勞呼籲民眾切勿提供財務資訊給不明第三方
https://agirls.aotter.net/post/59201

鴛鴦盜侵入雲端偷個資改密碼 盜刷信用卡購物撈百萬
https://www.ettoday.net/news/20210629/2018530.htm

國中畢業駭客網攻電商 盜刷23萬
https://www.chinatimes.com/newspapers/20210630000431-260106?chdtv

高中肄業自學變駭客 「撞庫攻擊」知名電商竊個資
https://news.ltn.com.tw/news/society/breakingnews/3586007

知名超任模擬器「Bsnes / Higan」設計者 Near 驚傳因網路霸凌而輕生
https://news.gamebase.com.tw/news/detail/99389391

假廣告「買威而鋼送輝瑞疫苗」!刑事局:詐騙網頁勿下單
https://newtalk.tw/news/view/2021-06-19/591420

小米發佈2份用戶隱私白皮書 強調高標準要求資安/隱私
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=309a60a2-b234-4dca-9685-f452abc30bc5

Law Talk|亂傳疫情假訊息下場曝! 調查官教你辯真偽
https://tw.appledaily.com/local/20210629/OLAHV7PHGNHNRBG3IXPLTITXF4/

Video Talk|轉傳「確診者趴趴走」竟被法辦! 調查官教你破解假訊息
https://tw.appledaily.com/local/20210628/SD5335GXMNGETKI4MJE7PUBKKE/

研究人員發現WIM映像檔格式被用於釣魚郵件攻擊
https://www.ithome.com.tw/news/145336

詐騙新手法!稱身分被盜成「擄車勒索嫌疑犯」…他嚇壞急領150萬
https://www.ettoday.net/news/20210630/2018854.htm

名師遭詐150萬險飛了!親曝驚悚過程:網中魚就是會笨掉
https://www.setn.com/News.aspx?NewsID=960731

小心!謊稱身分遭盜用戶口被凍結 名師險被詐150萬
https://reurl.cc/5rKbkv

買房遇詐騙 佛州婦女6萬3000元頭期款被攔截
https://www.worldjournal.com/wj/story/121469/5566991

【詐騙】7-11的100週年慶典問卷訊息?還有大潤發20週年版本?詐騙網站
https://www.mygopen.com/2021/06/fake-7-11.html

YouTube發送連結訊息?查核中心:詐騙!有資安危險
https://news.ltn.com.tw/news/life/breakingnews/3587833

中國假訊息攻台!稱日本把不要的疫苗贈台 學者呼籲民眾提高警覺
https://www.ftvnews.com.tw/news/detail/2021701P02M1

網傳「請檢查組員中有沒有下列五個假好友...它們其實都是假藉要幫你分辨真的假的訊息,設計好埋伏在你的網路中,監控羣組每個人的對話」
https://reurl.cc/rgEblZ

盜版影音網站連結激增21倍 當心個資遭竊
https://www.cna.com.tw/news/ait/202107020138.aspx

Facebook Sues 4 Vietnamese for Hacking Accounts and $36 Million Ad Fraud
https://thehackernews.com/2021/07/facebook-sues-4-vietnamese-for-hacking.html

E.研究報告/工具
那些網路攻擊背後官方沒說的事
https://www.ithome.com.tw/article/145406

不只是要零接觸,更要做到零摩擦
https://www.ithome.com.tw/voice/145419

資訊安全的四個約定 Four Agreements
https://reurl.cc/7rK4DD

從字節跳動到火山引擎(二):私有云PaaS 場景下的Kubernetes 集群部署實踐
https://xie.infoq.cn/article/fbcb4e15472a517b858a76819

落實管理工具及權限驗證 堅守政策流程並持續監控分析 企業API帶來創新效率 妥善防護避免成資安破口
https://www.netadmin.com.tw/netadmin/zh-tw/trend/ACD1D920CF144A5D8E3B7A38025EF28E

Windows 11無法支援Mac 電腦安裝?用這招輕鬆繞過TPM限制
https://mrmad.com.tw/fix-mac-cannot-install-windows-11

【Azure】Bastion
https://minmin0625.medium.com/azure-bastion-7dea4919488c

Netgear Authentication Bypass Allows Router Takeover
https://threatpost.com/netgear-authentication-bypass-router-takeover/167469/

Scalable and Reliable Kubernetes Logging
https://towardsdatascience.com/scalable-and-reliable-kubernetes-logging-d47a27b8b04d

Mythic - A Collaborative, Multi-Platform, Red Teaming Framework
https://www.kitploit.com/2021/06/mythic-collaborative-multi-platform-red.html

PPLdump : Dump The Memory Of A PPL With A Userland Exploit
https://kalilinuxtutorials.com/ppldump/

HTML <script> defer Attribute
https://www.w3schools.com/tags/att_script_defer.asp

caronte
https://github.com/eciavatta/caronte

Rustcat : Netcat Alternative
https://kalilinuxtutorials.com/rustcat/

FalconEye : Real-time detection software for Windows process injections
https://kalilinuxtutorials.com/falconeye/

Sherlock - Web Inspector
https://github.com/gbiagomba/Sherlock

GitHub Launches 'Copilot' — AI-Powered Code Completion Tool
https://thehackernews.com/2021/06/github-launches-copilot-ai-powered-code.html

Rethinking Application Security in the API-First Era
https://thehackernews.com/2021/07/rethinking-application-security-in-api.html

Google releases new open-source security software program: Scorecards
https://www.zdnet.com/article/google-releases-new-open-source-security-software-program-scorecards/

F.商業
三分鐘搞定身分驗證 Authme讓數位身分難以假冒
https://money.udn.com/money/story/5635/5566603

HTC旗下DeepQ與彰基醫院合作 蘭醫師升級零接觸視訊診療門診
https://www.ctwant.com/article/125947

Check Point Software推出自動化雲端工作負載防護
https://www.techbang.com/posts/87924-checkpoint-software-launches-automated-unified-cloud-workload

中華電信完成國內首次光纖到家開放網路系統驗證
https://times.hinet.net/news/23393563

「TiEA」歡迎新成員加入協會
https://reurl.cc/dGQaEM

WFH 大增企業挑戰,Palo Alto 分析:台三分之二企業因疫情更重視資安
https://technews.tw/2021/06/30/wfh-palo-alto/

瞄準遠端工作一條龍商機!聯強宣布代理 Dropbox 台灣商用服務
https://www.inside.com.tw/article/24047-dropbox-business-taiwan-synnex

華電聯網攜手奧義智慧推「MDR 資安威脅偵測應變服務」 提供企業快速偵測、分析、調查資安事件和提供應變措施
https://n.yam.com/Article/20210701137368

史上最大資安 IPO!新創商 SentinelOne 掛牌首日飆 21%
https://technews.tw/2021/07/01/sentinelone-first-day-of-listing/

超恩與Hailo攜手推出新世代Edge AI邊緣運算解決方案
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000614170_JGP2FE496BHVD815VHT1L

亞太個資治理規範CBPR也有臺灣在地認證機構了!資策會建議瞄準跨國市場的企業,可建立個資法遵並自願認證
https://www.ithome.com.tw/news/145331

G.政府
公投推不在籍投票?綠營:中國認知作戰恐干擾電子投票
https://udn.com/news/story/6656/5567672

在野黨喊推不在籍投票 綠委點出「3個爭點」:應考量資安駭客問題
https://www.ftvnews.com.tw/news/detail/2021630W0145

調查局52名組長新人事 祕書室首見組長職務
https://www.chinatimes.com/realtimenews/20210701002942-260402?chdtv

110年資安職能訓練(7/7 10:00開放報名,報名不需會員資格)
https://ctts.nccst.nat.gov.tw/NewsDetail/133

總統盃黑客松 唐鳳廣邀海內外高手
https://news.cts.com.tw/cts/life/202107/202107012048061.html

防護關鍵基礎設施 不容閃失
https://udn.com/news/story/7338/5560445?from=udn-catelistnews_ch2

H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識 相關資安
Industrial Automation And Control Systems Under Cyberattack
https://cybersecurityventures.com/industrial-automation-and-control-systems-under-cyberattack/

盛達電業工業級無線寬頻路由器通過TAICS資安標準認驗證,取得物聯網資安標章
https://www.winnews.com.tw/20210628d008/

宇瞻與研華超前部署智慧工廠產線儲存應用 無懼勒索病毒感染
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000613741_MO6817AD3PPLAL29ENDH9

Palo Alto Networks台灣資安現況報告 供應鏈IT、OT配置需要修正
https://ec.ltn.com.tw/article/breakingnews/3586366

蔡明順:不只企業靠自動化技術加速AI開發,AI學校也用MLOPs三年了
https://www.ithome.com.tw/news/145335

勒索攻擊等同恐怖主義,工業控制系統正面臨嚴重資安問題
https://technews.tw/2021/07/01/ics-ot/

從物聯智慧的資安疑慮事件看到的隱形助力
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=50&id=0000613869_QIJ9GVFY5PR3AZLCED35Q

台積電4個超大晶圓廠皆取得國際資安認證 客戶省時間成本
https://ec.ltn.com.tw/article/breakingnews/3587631

趨勢科技警告:勒索病毒瞄準工業控制系統
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9318

趨勢科技:勒索病毒瞄準工廠內工業控制系統
https://udn.com/news/story/7086/5573230?from=udn-catebreaknews_ch2

I.教育訓練
【什麼?網管人員也要寫程式?】 淺談網路程式化部署與Cisco DNA Center
https://ucomedu.blogspot.com/2020/11/blog-post_26.html

S3EP24 資安產品跨國研究⛑|鄭婕 Sabrina Cheng|UX 四神湯、趨勢科技、資安系統體檢、B2B跨國遠距研究
https://www.audible.com/pd/S3EP24-Sabrina-ChengUX-B2B-Podcast/B08Z8CGBFC

ISDA 資安實作能力認證
https://www.isda.org.tw/certificated/

資安稽核員的基本知識— MS SQL Server (資料庫)的備份、安全性、維運與稽核軌跡入門
https://medium.com/blacksecurity/mssqlserveraudit-1eb142f5bd2d

王正宏駭客軟實力錄取台科大
https://today.line.me/tw/v2/article/0aDNXD

6.近期資安活動及研討會
Brooklyn Javascripters Meetup  7/6
https://www.meetup.com/brooklyn-javascripters/events/277409602

Taipei Creative Coders Meetup #10 7/7
https://www.meetup.com/tpecreativecoders/events/278994915

Intro to Coding (HTML, CSS, JavaScript & React) 7/8
https://www.meetup.com/paperspace/events/278167616

TensorFlow Everywhere | From 0 to 1  7/10
https://www.meetup.com/TensorFlow-User-Group-Taipei/events/277170902

元智資工夏令營-由programming邁入AI大數據與資安世界 7/15 ~ 7/17
https://cse-yzu.kktix.cc/events/yzcsapcs5

國立臺灣科技大學執行教育部「先進資通安全實務人才培育計畫」,將於110年7月26日至8月1日舉辦「110年新型態資安暑期課程(AIS3 2021)
http://cc.ncku.edu.tw/p/406-1002-220949,r804.php?Lang=zh-tw

學生計算機年會 SITCON 2021  9/4
https://sitcon.org/2021/

Golang Taipei Gathering #58 9/28
https://www.meetup.com/golang-taipei-meetup/events/277604159/

Cyber Defense Summit 2021 Oct. 4-7, 2021
https://summit.fireeye.com/

HITCON 2021 台灣駭客年會 11/26 ~ 11/27
https://kktix.com/events/hitcon-2021/

沒有留言:

張貼留言

資安事件新聞週報 2021/7/19 ~ 2021/7/23

  資安事件新聞週報 2021/7/19  ~  2021/7/23 1.重大弱點漏洞/後門/Exploit/Zero Day Juniper 近日發布更新以解決多個產品的安全性弱點 https://us-cert.cisa.gov/ncas/current-activity/2...