資安事件新聞週報 2020/1/27 ~ 2020/1/31

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/1/27 ~ 2020/1/31 1.重大弱點漏洞/後門/Exploit/Zero Day AMD官方驅動疑似包含礦機漏洞，遭Cisco安全檢測系統監控 https://kknews.cc/tech/pvzraxz.html ASUS SmartHome Gateway HG100拒絕服務漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11060 D-Link DIR-601認證繞過漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16327 IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781 https://www.helpnetsecurity.com/2020/01/23/cve-2019-19781-ioc-scanner/ Citrix Application Delivery Controller 嚴重漏洞（CVE-2019-19781）警報 https://www.hkcert.org/my_url/zh/blog/20011702 修補CVE-2020-0601 漏洞了嗎?別讓 Vulnera-Bullies 得逞，快用免費工具檢測 https://blog.trendmicro.com.tw/?p=63228 JIRA plugin ScriptRunner安全漏洞SRPLAT-876 https://blog.51cto.com/13851865/2468436 Patching the Citrix ADC Bug Doesn't Mean You Weren't Hacked https://www.bleepingcomputer.com/news/security/patching-the-citrix-adc-bug-doesnt-mean-you-werent-hacked/ Fortinet removes SSH and database backdoors from its SIEM product https://www.zdnet.com/article/fortinet-removes-ssh-and-database-backdoors-from-its-siem-product/ Fortinet FortiSIEM Hardcoded SSH Key https://seclists.org/fulldisclosure/2020/Jan/10 Re: Fortinet FortiSIEM Hardcoded SSH Key https://seclists.org/fulldisclosure/2020/Jan/25 FortiSIEM Database hard-coded Credentials https://fortiguard.com/psirt/FG-IR-19-195 FortiSIEM default SSH key for the "tunneluser" account is the same across all appliances https://fortiguard.com/psirt/FG-IR-19-296 Zoom Bug Could Have Let Uninvited People Join Private Meetings https://thehackernews.com/2020/01/zoom-meeting-password.html New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave https://thehackernews.com/2020/01/new-cacheout-attack-leaks-data-from.html Intel 第三次針對 Zombieload 漏洞推出補丁程序 https://chinese.engadget.com/chinese-2020-01-28-intel-third-mds-patch.html 搞不定的 Zombieload 處理器漏洞！英特爾發布第三次更新修補程式 http://technews.tw/2020/01/28/intel-is-patching-its-zombieload-cpu-security-flaw-for-the-third-time/ 微軟確認IE零日漏洞破壞了Windows列印功能 https://read01.com/BJj20Je.html#.XjEMHGgzbIU 美國國土安全部(DHS)建議不要使用IE瀏覽器防止零日漏洞引發攻擊 https://kknews.cc/tech/q98853y.html Windows 10 Optional Cumulative Update KB4532695 Released https://www.bleepingcomputer.com/news/microsoft/windows-10-optional-cumulative-update-kb4532695-released/ 思科Webex Meetings的安全漏洞將允許任何人加入私人會議 https://times.hinet.net/news/22757033 思科交換器多個漏洞 https://tools.cisco.com/security/center/publicationListing.x 電子商務軟件Magento修復了代碼執行漏洞 https://nosec.org/home/detail/4055.html 黑客從Google安全漏洞中發了財，Google向安全研究人員支付了650萬美元的獎金 https://www.linuxidc.com/Linux/2020-01/162164.htm RCE in OpenSMTPD library impacts BSD and Linux distros https://www.zdnet.com/article/rce-in-opensmtpd-library-impacts-bsd-and-linux-distros/#ftag=RSSbaffb68 Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers https://thehackernews.com/2020/01/microsoft-azure-vulnerabilities.html Remote Cloud Execution – Critical Vulnerabilities in Azure Cloud Infrastructure (Part I) https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/ Remote Cloud Execution – Critical Vulnerabilities in Azure Cloud Infrastructure (Part II) https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-ii/ Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges https://threatpost.com/dell-hp-memory-access-bugskernel-privileges/152369/ DIRECT MEMORY ACCESS ATTACKS – A WALK DOWN MEMORY LANE https://eclypsium.com/2020/01/30/direct-memory-access-attacks/ Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers https://thehackernews.com/2020/01/openbsd-opensmtpd-hacking.html 2.銀行/金融/保險/證券/支付系統/ 新聞及資安春節金融機構ATM運作不休息金管會全台實地抽測 https://money.udn.com/money/story/5613/4305614 金管會抽測9縣市ATM 全部運作正常 https://ec.ltn.com.tw/article/breakingnews/3049311 〈年後換工作〉金控徵才、MA招募提前開打首選「二跨」人才 https://news.cnyes.com/news/id/4435533 開放銀行第2階段開放消費者資料專家提建言 https://udn.com/news/story/7239/4307124 公股銀換新血召喚資訊高手 https://udn.com/news/story/7239/4309215 加國保險公司被駭遭勒索付高額贖金 https://www.epochtimes.com/b5/20/1/31/n11833408.htm Cyber Risk and the U.S. Financial System: A Pre-Mortem Analysis https://www.newyorkfed.org/medialibrary/media/research/staff_reports/sr909.pdf Travelex says some in-store systems are back up and running after ransomware attack https://www.zdnet.com/article/travelex-says-some-in-store-systems-are-back-up-and-running-18-days-after-ransomware-attack/ Russian National Pleads Guilty to Running Online Criminal Marketplace https://www.justice.gov/opa/pr/russian-national-pleads-guilty-running-online-criminal-marketplace Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards https://thehackernews.com/2020/01/russian-credit-card-hacker.html Magecart gang arrested in Indonesia https://www.zdnet.com/article/magecart-gang-arrested-in-indonesia/ Malware stealing payment card details identified with support of private partner https://www.interpol.int/en/News-and-Events/News/2020/INTERPOL-supports-arrest-of-cybercriminals-targeting-online-shopping-websites Wawa's massive card breach: 30 million customers' details for sale online https://www.zdnet.com/article/wawa-card-breach-may-rank-as-one-of-the-biggest-of-all-times/ Breached Wawa Payment Card Records Reach Dark Web https://geminiadvisory.io/breached-wawa-payment-card-records-reach-dark-web/ A Christian-friendly payments processor spilled 6 million transaction records online https://techcrunch.com/2020/01/28/cornerstone-payments-credit-cards/ Travelex says UK money transfer and wire services back online after hack https://www.reuters.com/article/us-britain-travelex/travelex-says-uk-money-transfer-and-wire-services-back-online-after-hack-idUSKBN1ZR1S5 Making Sure You're PCI DSS 3.2 Compliant? MFA to the Rescue https://www.bankinfosecurity.com/blogs/making-sure-youre-pci-dss-32-compliant-mfa-to-rescue-p-2849 3.電子支付/電子票證/行動支付/ pay/新聞及資安恩智浦、NTT DOCOMO、Sony合作共推UWB行動支付 https://www.chinatimes.com/realtimenews/20200115004060-260410?chdtv 近5成沒用過行動支付　在意個資付款安全性 https://www.cardu.com.tw/news/detail.php?39330 4.虛擬貨幣/區塊鍊相關新聞及資安市場震盪｜伊拉克飛彈襲擊美國大使館，比特幣突破 9,000 美元、黃金等避險資產大漲 https://www.blocktempo.com/us-iran-war-makes-bitcoin-surged-9000-again/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式紐約州參議員提議立法禁止當地城鎮支付勒索軟體贖金 https://times.hinet.net/news/22757934 警惕駭客借「武漢新型冠狀病毒名單」發財 https://ek21.com/news/health/37736/ 英國法院凍結勒索軟體比特幣帳戶以追回贖款 https://www.ithome.com.tw/news/135563 Mac惡意程式排行榜由Shlayer木馬居首 https://cert.tanet.edu.tw/prog/shownews.php?sel=1&id=30871 Sodinokibi 勒索病毒在年終活動加劇，攻擊了機場及其他企業 https://blog.trendmicro.com.tw/?p=63152 Clop 勒索病毒終止Windows 10 應用程式 https://blog.trendmicro.com.tw/?p=63085 Emotet Uses Coronavirus Scare to Infect Japanese Targets https://www.bleepingcomputer.com/news/security/emotet-uses-coronavirus-scare-to-infect-japanese-targets/ Iran-Linked PupyRAT backdoor used in recent attacks on European energy sector https://securityaffairs.co/wordpress/96733/malware/pupyrat-backdoor-european-energy-sector.html European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019 https://www.recordedfuture.com/pupyrat-malware-analysis/ Fake AmeriCommerce Shopping Cart https://blog.sucuri.net/2020/01/fake-americommerce-shopping-cart.html Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says https://www.darkreading.com/threat-intelligence/ryuk-ransomware-hit-multiple-oil-and-gas-facilities-ics-security-expert-says-/d/d-id/1336865 Ryuk and Sodinokibi Surge as Ransom Payments Double https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654 New Ryuk Info Stealer Targets Government and Military Secrets https://www.bleepingcomputer.com/news/security/new-ryuk-info-stealer-targets-government-and-military-secrets/ Breaking down a two-year run of Vivin’s cryptominers https://blog.talosintelligence.com/2020/01/vivin-cryptomining-campaigns.html DOD contractor suffers ransomware infection https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/#ftag=RSSbaffb68 제목 : 금융보안원, 국내 금융권 피싱 공격 배후 분석 결과 발표 https://www.fsec.or.kr/user/bbs/fsec/41/18/bbsDataView/1373.do B.行動安全 / iPhone / Android /穿戴裝置 /App 鑑識報告曝光：貝佐斯開啟可疑影片後，iPhone X流量暴增300倍 https://www.ithome.com.tw/news/135508 WhatsApp傳資安疑慮聯合國官員不使用 https://news.wearn.com/c434362.html 隱私權回歸用戶！蘋果軟體更新取消背景定位追蹤傳SE後繼機春季發表 https://cnews.com.tw/137200126a02/ 能限制網路使用時間跟掌握行蹤！避免孩子手機成癮的App：Family Link https://www.niusnews.com/=P1y9byn6 具慧善絕美曬自拍拜年　下一秒卻警告…小心手機遭駭客入侵 https://www.setn.com/News.aspx?NewsID=678441 專家親授避免中毒的秘訣！保護手機該這樣選防毒軟體 https://newtalk.tw/news/view/2020-01-28/357739 力挽狂瀾！臉書推新工具讓用戶可控制第三方蒐集資訊　盼減少資安問題 https://cnews.com.tw/134200130a01/ 臉書推出隱私工具 Off-Facebook activity，讓你知道自己的個資被誰蒐集 https://buzzorange.com/techorange/2020/01/30/off-facebook-activity/ 手機監控武漢肺炎隔離者指揮中心借鏡南韓經驗 http://bit.ly/2uR2PNa Apple wants to standardize the format of SMS OTPs (one-time passcodes) https://www.zdnet.com/article/apple-wants-to-standardize-the-format-of-sms-otps-one-time-passcodes/ 18 Year old Teenager Charged for Stealing Over $50 Million in Cryptocurrency using SIM-Swapping Technique https://cybersecuritynews.com/sim-swapping/ Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp https://thehackernews.com/2020/01/saudi-prince-allegedly-hacked-worlds.html LINEが16億円の損失計上、システム開発中止で https://tech.nikkeibp.co.jp/atcl/nxt/news/18/06961/ The Million Dollar Dissident NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/ C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件 2020 要留意的五大資安威脅 https://blog.trendmicro.com.tw/?p=63093 暗網潛航——黑客術概覽（三）——伏而深謀 http://bit.ly/2ObDnsq 澳門衛生局強烈譴責駭客惡意攻擊電腦系統將確保口罩質量供應如有問題可更換 https://www.gov.mo/zh-hant/news/315399/ 閃擊希臘　威脅中國：土耳其藉駭客掀起網絡世界大戰 http://bit.ly/2S2Wi9O 特區政府積極抗疫籲不法人士停止惡意攻擊網絡 http://bit.ly/2RYjvtJ 館長新網站被駭客擊潰　怒告求償「絕對數百萬起跳」 https://tw.appledaily.com/life/20200125/O5OPJBVN3TZ4X34H45ZRB2253M/ 別再用「123456」當密碼啦！BBC教你自創好記又不易攻破的安全密碼 https://www.ettoday.net/news/20200125/1607310.htm 3大密碼流言破解！混合字符、頻繁更換無助於密碼的安全性 https://www.ettoday.net/news/20200126/1611849.htm 網絡攻擊增長專家建議渥京加強打擊駭客 https://www.epochtimes.com/b5/20/1/26/n11823471.htm 【武漢肺炎】企業准員工在家工作　需注意潛在保安風險 http://bit.ly/2O8vzYq 日本三菱電機遭多個駭侵團體同時大規模駭侵 https://www.twcert.org.tw/tw/cp-104-3276-f6a98-1.html 頂住美國壓力！英國允許華為參與網路建設歐盟不建議會員國排除任何供應商 https://cnews.com.tw/137200130a01/ 暗助中共「千人計畫」哈佛教授被捕 https://www.ydn.com.tw/News/370728 聯合國被踢爆去年曾遭駭客入侵卻噤聲不語 https://www.ithome.com.tw/news/135570 聯合國被爆隱瞞大型被入侵事件　大量個人資料外洩 https://unwire.pro/2020/01/30/united-nations-cyber-attack/security/ 聯合國驚傳遭大規模駭侵攻擊 https://www.twcert.org.tw/tw/cp-104-3284-59ccc-1.html 德媒爆：德國政府已掌握華為和中國情報部門合作證據 https://ec.ltn.com.tw/article/breakingnews/3051832 You can get a lifetime of VPN Unlimited for only $40 https://www.engadget.com/2019/07/25/lifetime-vpn-unlimited/ Get creative: The average US user recycles online passwords at least four times https://www.zdnet.com/article/get-creative-the-average-us-user-recycles-online-passwords-at-least-four-times/ 情報セキュリティ10大脅威 2020 https://www.ipa.go.jp/security/vuln/10threats2020.html インターネット定点観測レポート（2019年 10～12月） https://www.jpcert.or.jp/tsubame/report/report201910-12.html 日本政府、クラウド採用に基準導入　サイバーセキュリティ戦略本部 https://www.sankeibiz.jp/macro/news/200130/mca2001301014006-n1.htm 政府情報システムにおけるクラウドサービスのセキュリティ評価制度の基本的枠組みについて https://www.nisc.go.jp/active/general/pdf/wakugumi2020.pdf Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs https://thehackernews.com/2020/01/managed-cybersecurity-services.html Iranian hackers target US government workers in new campaign https://www.zdnet.com/article/iranian-hackers-target-us-government-workers-in-new-campaign/#ftag=RSSbaffb68 New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset https://intezer.com/blog-new-iranian-campaign-tailored-to-us-companies-uses-updated-toolset/ UN Kept Hacker Attacks Under Wraps https://www.bankinfosecurity.com/un-kept-hacker-attacks-under-wraps-a-13664 NY Times Reporter Targeted by Spyware: Report https://www.bankinfosecurity.com/ny-times-reporter-targeted-by-spyware-report-a-13662 Russian Cops Crash Pill Pusher Party https://krebsonsecurity.com/2011/02/russian-cops-crash-pill-pusher-party/ 大型主機系統開發人員 https://www.104.com.tw/job/6ephq?jobsource=hotjob_chr IT's Time Ver.3.0_資安防護策略工程師 https://www.104.com.tw/job/6ugrk?jobsource=hotjob_chr IT's Time Ver.3.0_資訊安全制度管理工程師 https://www.104.com.tw/job/6ugrl?jobsource=hotjob_chr 資訊安全分析師-高雄(HN) https://www.104.com.tw/job/6pt09?jobsource=n104bank2 資訊安全管理顧問師（台中） https://www.104.com.tw/job/5ixbl?jobsource=n104bank2 【資訊安全管理】顧問副理/經理 https://www.104.com.tw/job/6otv4?jobsource=n104bank2 資訊安全管理稽核員 https://www.104.com.tw/job/kyb5?jobsource=n104bank2 【資訊】資訊安全管理人員-ISO27001 https://www.104.com.tw/job/69jq5?jobsource=n104bank2 V 資訊安全架構師 https://www.104.com.tw/job/6fmw0?jobsource=n104bank2 資訊安全技術顧問 https://www.104.com.tw/job/48aak?jobsource=n104bank2 資訊安全管理師 / 資安工程師 https://www.104.com.tw/job/56qde?jobsource=n104bank2 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞防毒軟件公司Avast被揭　出售用戶瀏覽數據 http://bit.ly/2tQfcZI 小心！手機掃碼網購　恐被連結到詐騙帳戶 https://tw.appledaily.com/property/20200126/YHGTRWQFIIIJ4LAZ5F2LN5QLJU/ 春節詐騙高峰期　金管會公開網路詐騙態樣 https://money.udn.com/money/story/5613/4306698 接到 Deepfake 詐騙電話？一招破解：先掛斷，再重撥 https://www.inside.com.tw/article/18775-ftc-deepfakes-audio-cloning-joe-rogan-phone-scams 免費的最貴！防毒霸主淪落變惡意軟體出售4.35億用戶數據 https://cnews.com.tw/137200130a03/ 有衛生署認證就是品質保證?!　破解詐騙網購招數 https://blog.trendmicro.com.tw/?p=63220 美國連鎖超商 Wawa 三千萬顧客個資被竊 https://www.twcert.org.tw/tw/cp-104-3280-c0eb5-1.html 日本NEC遭駭 2.7萬份文件被盜 https://www.ydn.com.tw/News/370995 80代女性が被害　特殊詐欺で1.5億円 https://www.fnn.jp/posts/00431126CX/202001281926_THK_CX Yahoo!メール、迷惑メール対策として、米国などグローバルで活用が進む送信ドメイン認証技術「DMARC」を 3月より順次導入 https://about.yahoo.co.jp/pr/release/2020/01/29a/ 社内パソコンがウイルス感染、メール送受信履歴に含まれるアドレスへなりすましメールを送付（ライフ） https://scan.netsecurity.ne.jp/article/2020/01/29/43595.html 250 Million Microsoft Customer Support Records Exposed Online https://thehackernews.com/2020/01/microsoft-customer-support.html Avast Anti-Virus Spying Millions of Users Browsing Activities, Every Click, Every Buy and Selling to Its Clients – Google, Microsoft, Pepsi https://gbhackers.com/avast-collecting-data/ Avast winds down Jumpshot, cites user data sale privacy concerns https://www.zdnet.com/article/avast-winds-down-jumpshot-with-immediate-effect-cites-user-data-sales-and-privacy-concerns/#ftag=RSSbaffb68 New web service can notify companies when their employees get phished https://www.zdnet.com/article/new-web-service-can-notify-companies-when-their-employees-get-phished/#ftag=RSSbaffb68 FBI Warns of Rise in Social Security Scams Spoofing Its Phone Number https://www.bleepingcomputer.com/news/security/fbi-warns-of-rise-in-social-security-scams-spoofing-its-phone-number/ Data on 30,000 Cannabis Users Exposed in Cloud Leak https://www.infosecurity-magazine.com/news/data-30000-cannabis-users-exposed/ Cyber News Rundown: Cannabis User Data Breach https://www.webroot.com/blog/2020/01/23/cyber-news-rundown-cannabis-user-data-breach/ Are Companies Adhering to CCPA Requirements https://www.bankinfosecurity.com/are-companies-adhering-to-ccpa-requirements-a-13653 E.研究報告 WordPress站點惡意JS注入漏洞分析 https://www.4hou.com/posts/0Xk3 研究人員發布針對Windows RDP網關漏洞的DOS利用腳本 https://nosec.org/home/detail/4047.html ModSecurity 拒絕服務漏洞(CVE-2019-19886) 復現 https://www.colabug.com/2020/0124/6903083/ 挖洞經驗| 知名在線教育平台的IDOR突破 https://www.freebuf.com/vuls/225134.html CVE-2020-0609/0610漏洞分析 https://www.4hou.com/posts/mMpn Malwarebytes：2019年網絡醫療犯罪報告 http://www.199it.com/archives/998913.html metasploit、powershell之Windows錯誤系統配置漏洞實戰提權 https://zhuanlan.zhihu.com/p/104138308 CVE-2019-0708 漏洞分析及相关测试 http://www.sohu.com/a/369195264_354899 漏洞筆記|記一次與XXE漏洞的愛恨糾纏 https://wemp.app/posts/d95c3cfb-e458-4f10-8d6c-e5ab946b398d 挖洞經驗| 用BurpSuite實現越權漏洞（IDOR）的自動發現識別 https://www.freebuf.com/vuls/225701.html 用 BurpSuite 實現越權漏洞（IDOR）的自動發現識別 https://www.chainnews.com/zh-hant/articles/827500689978.htm Zoom安全漏洞分析 https://www.4hou.com/posts/rMxW 百度SDK漏洞分析及防護 https://www.twoeggz.com/info/184271.html Vulhub漏洞復現之Apache解析漏洞總結 https://blog.csdn.net/weixin_41598660/article/details/104118036 Weblogic IIOP反序列化漏洞（CVE-2020-2551）漏洞分析 https://www.anquanke.com/post/id/197605 個案分析-啟動安全模式的勒索病毒Snatch攻擊事件分析報告_10901 https://cert.tanet.edu.tw/prog/opendoc.php?id=2020013110013838564220784134822.pdf Lenovo ThinkPad P51s 固件 SMM 驅動逆向及漏洞分析 https://www.chainnews.com/zh-hant/articles/656737431333.htm Security Analysis of Devices That Support SCPI and VISA Protocols https://newsroom.trendmicro.com/blog/security-intelligence/security-analysis-devices-support-scpi-and-visa-protocols (Ab)using Kerberos from Linux https://www.onsecurity.co.uk/blog/abusing-kerberos-from-linux Pentesting an IOT Based Biometric Attendance Device https://pentestmag.com/pentesting-an-iot-based-biometric-attendance-device/ Red Team Diary, Entry #3: Custom Malware Development (Establishing A Shell Through the Target’s Browser) https://blog.usejournal.com/red-team-diary-entry-3-custom-malware-development-establish-a-shell-through-the-browser-bed97c6398a5 misp-galaxy https://github.com/MISP/misp-galaxy/blob/master/clusters/attck4fraud.json Recon-ng Tutorial – Part 1 Install and Setup http://securenetworkmanagement.com/recon-ng-tutorial-part-1/ BlueGate - PoC (DoS) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE https://github.com/ollypwn/BlueGate Grouper2 : To Find Vulnerabilities In AD Group Policy https://kalilinuxtutorials.com/grouper2/ BMW Connected Apps Protocol https://hufman.github.io/stories/bmwconnectedapps Threat Research Nice Try: 501 (Ransomware) Not Implemented https://www.fireeye.com/blog/threat-research/2020/01/nice-try-501-ransomware-not-implemented.html dronesploit https://github.com/AIOOSCP/dronesploit ReflectiveDLLRefresher https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher COM Hijacking Techniques - Derbycon 2019 https://www.slideshare.net/DavidTulis1/com-hijacking-techniques-derbycon-2019 Scammers’ delivery service: exclusively dangerous https://securelist.com/scammers-delivery-service-exclusively-dangerous/66515/#comment-2986748 Red Teaming with Covenant and Donut https://blog.naijasecforce.com/red-teaming-with-covenant-and-donut/ jpcert/cc インターネット定点観測レポート（2019年 10～12月） https://www.jpcert.or.jp/tsubame/report/report201910-12.html How Deception Technologies Enable Proactive Cyberdefense https://www.bankinfosecurity.com/blogs/how-deception-technologies-enable-proactive-cyberdefense-p-2855 F.商業活用 NAS 私有雲+密碼管理軟件　跨平台密碼管理．一：平台大比拼 http://bit.ly/37vVotb Google open-sources the firmware needed to build hardware security keys https://www.zdnet.com/article/google-open-sources-the-firmware-needed-to-build-hardware-security-keys/#ftag=RSSbaffb68 G.政府工業局推物聯網資安標章選合格產品過好年 http://www.rdiscount.com/8433.html 行政院技術服務中心108年第4季資通安全技術報告 https://download.nccst.nat.gov.tw/attachfilenew/108_Q4_Cyber%20Security%20Technology%20Report.pdf 108年第4季更新之資通安全專業證照清單 https://nicst.ey.gov.tw/Page/D94EC6EDE9B10E15/7ba35454-3644-4199-828d-cff2f2d077fc H.工控系統/SCADA/ICS 研究人員踢爆GE Medical醫療裝置含有重大安全漏洞，將允許駭客關閉監護裝置 https://times.hinet.net/news/22753919 Realistic Factory Honeypot Shows Threats Faced by Industrial Organizations https://www.securityweek.com/realistic-factory-honeypot-shows-threats-faced-industrial-organizations ABB PB610 Panel Builder 600 PB610 HMISimulator未授權訪問漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18997 I.教育訓練暗網入門與分析議題介紹 https://secbuzzer.co/post/4 打造你的 AI 資安鑑識專家：惡意程式分析之特徵萃取研究篇 https://secbuzzer.co/post/93 淺談 PowerShell 中的密碼字串加密處理 https://blog.darkthread.net/blog/ps-secure-string/ XSS漏洞基礎入門 https://www.cnblogs.com/xhds/p/12239527.html CutiePi shell - the mobile UI that turns Raspberry Pi and Raspbian OS into a functional tablet https://www.youtube.com/watch?v=ivkR3tvci1Q J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識特斯拉Model 3再度成為Pwn2Own駭客競賽攻擊目標，最高獎金有50萬美元 https://times.hinet.net/news/22756936 5G時代家用物聯網蓬勃發展　小心「萬物皆可駭」 https://newtalk.tw/news/view/2020-01-29/357950 英國政府打算制定新法令來規範IoT的安全性 https://www.ithome.com.tw/news/135548 英國擬加強智能家居保安至少需符合 3 大要點 https://unwire.hk/2020/01/29/uk-make-smart-home-devices-secure/tech-secure/ 可作室內飛行　日本廠商推出工業用小型無人機 http://bit.ly/2REymeb 加州 IoT 裝置資安法生效，相容及範圍成未來法規設計關鍵 https://technews.tw/2020/01/30/california-iot-device-security-act-sb-327/ DJI 剉著等，美國政府宣布正式禁用中國製無人機 https://www.techbang.com/posts/75911-usa-banned-china-drones 推行物聯網保安最佳實踐 https://www.hkcert.org/my_url/zh/blog/20011401 Medical IoT for diabetes and cybercrime https://www.virusbulletin.com/blog/2020/01/vb2019-paper-medical-iot-diabetes-and-cybercrime/ Fake Factory Experiment Illustrates Attackers' Tactics https://www.bankinfosecurity.com/fake-factory-experiment-illustrates-attackers-tactics-a-13661 UK Government Proposes IoT Security Measures https://www.bankinfosecurity.com/uk-government-proposes-iot-security-measures-a-13655 6.近期資安活動及研討會台灣E化資安分析管理協會-「網路身分識別安全與防護：從密碼走向無密碼時代」研習課程 2/5 https://inc.ntub.edu.tw/p/404-1011-75476-1.php?Lang=zh-tw 制御システムセキュリティカンファレンス 2020 2020年2月14日 https://www.jpcert.or.jp/event/ics-conference2020.html Certificate of Cloud Security Knowledge (CCSK) Plus 2/23 ~ 2/24 https://csacongress.org/event/csa-summit-at-rsa-conference-2020/ CYBERSEC 2020 臺灣資安大會 3/17 ~ 3/19 https://cyber.ithome.com.tw/ 韓國國際安全博覽會 3/18 https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html black ASIA 2020 Singapore 3/31 ~ 4/3 https://www.blackhat.com/asia-20/briefings/schedule/ Kaspersky® Security Analyst Summit 4/6 ~ 4/9 https://thesascon.com/ VXCON 2020 - APAC 4/18 ~ 4/19 https://www.vxcon.hk/ 2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23 https://www.icscybersecurityconference.com/singapore/ 亞太資訊安全論壇暨展覽會 4/22 https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html