資安事件新聞週報 2019/11/4 ~ 2019/11/8

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2019/11/4 ~ 2019/11/8 1.重大弱點漏洞/後門/Exploit/Zero Day BlueKeep漏洞發生第一波大規模攻擊，引發藍色死亡螢幕 https://www.ithome.com.tw/news/133987 First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild https://thehackernews.com/2019/11/bluekeep-rdp-vulnerability.html Snyk釋出最新JavaScript框架安全性報告，不少熱門框架模組存在XSS漏洞 https://www.ithome.com.tw/news/134029 JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects https://www.exploit-db.com/exploits/47590 ZTE 9000E 權限許可和訪問控制問題漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3425 多款D-Link產品遠程代碼執行漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16920 F5 BIG-IP AFM SQL注入漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6658 Google釋出11月安卓安全修補程式 Pixel手機率先更新 https://www.chinatimes.com/realtimenews/20191105001795-260412?chdtv Google Patches Critical Flaws in Android's System Component https://www.securityweek.com/google-patches-critical-flaws-androids-system-component Android Security Bulletin—November 2019 https://source.android.com/security/bulletin/2019-11-01.html Chrome 電腦版快更新！Google 發現 2個重大零日漏洞，緊急釋出修補 https://3c.ltn.com.tw/news/38502 Chrome 瀏覽器被發現兩個嚴重漏洞，其中一個已被利用 https://technews.tw/2019/11/05/chorme-use-after-free/ Microsoft Windows Hyper-V遠程代碼執行漏洞（CNVD-2019-38766） https://portal.msrc.microsoft.com/en-us/security-guidance Apache Solr 遠程代碼執行漏洞預警 https://www.secpulse.com/archives/117255.html 英大學生髮現亞馬遜漏洞用折扣碼狂購物捐流浪漢 https://www.backchina.com/news/2019/11/02/654041.html On Halloween night, Google discloses Chrome zero-day exploited in the wild https://www.zdnet.com/article/halloween-scare-google-discloses-chrome-zero-day-exploited-in-the-wild/#ftag=RSSbaffb68 CVE-2019-15588/Nexus Repository Manager Yum插件遠程命令執行 https://qiita.com/shimizukawasaki/items/41794616f1f2e602e4f5 CVE-2019-15588 https://nvd.nist.gov/vuln/detail/CVE-2019-15588 Upgrade Notice for Customers Using PAN-OS 9.0 and VM-Series on Azure https://blog.paloaltonetworks.com/2019/10/cloud-pan-os-9-0-and-vm-series-on-azure/ Linux maintainer: Patching side-channel flaws is killing performance https://nakedsecurity.sophos.com/2019/10/31/linux-maintainer-patching-side-channel-flaws-is-killing-performance/ VMware updates Workspace One with capabilities for new hires https://www.zdnet.com/article/vmware-updates-workspace-one-with-capabilities-for-new-hires/#ftag=RSSbaffb68 Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD https://www.zdnet.com/article/libarchive-vulnerability-can-lead-to-code-execution-on-linux-freebsd-netbsd/#ftag=RSSbaffb68 QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path https://www.exploit-db.com/exploits/47594 2.銀行/金融/保險/證券/支付系統/ 新聞及資安臺灣銀行成立資通安全事件應變小組(CSIRT) https://www.cdns.com.tw/articles/46429 利用惡意程式對銀行自動提款機進行「吐鈔攻擊」的事件頻傳 http://bit.ly/2pwo9oI 資產上兆銀行保險業金管會要求設資安獨立單位 https://money.udn.com/money/story/5613/4140251 保費幾近去年全年金額上半年資安險衝至243件 http://bit.ly/2NzNZQz 新光產：資安應加入保險防護 https://www.chinatimes.com/newspapers/20191104000425-260208?chdtv 保險業資安研討談轉型趨勢 https://money.udn.com/money/story/5636/4121989 未雨綢繆？俄羅斯擬聯手中印打造獨立清算系統 https://news.sina.com.cn/o/2019-11-04/doc-iicezzrr7063572.shtml 香港金融鬼故屢傳　余偉文：目標3小時內澄清網上謠言 http://bit.ly/2qiG6qP 第一銀行簡訊OTP服務終止公告 https://www.firstbank.com.tw/servlet/fbweb/zh_TW/1454093707296 不再被密碼綁架中信銀：逾7成APP用戶以指紋、刷臉登入 https://ec.ltn.com.tw/article/breakingnews/2964052 香港豐隆銀行有限公司的偽冒電郵 https://www.hkma.gov.hk/chi/news-and-media/press-releases/2019/10/20191030-3/ 俄國主導銀行總部搬到匈牙利掀國安疑慮 https://www.cna.com.tw/news/aopl/201910290271.aspx 萬一行情火熱券商遭駭勒索再現高峰 https://ctee.com.tw/news/stock/169270.html 證交所：券商建流量清洗機制因應 https://www.chinatimes.com/newspapers/20191105000229-260202?chdtv 臺“金管會”：6券商遭黑客攻擊無投資人受影響 https://dailynews.sina.com/bg/tw/chinanews/2019-11-05/doc-ifzqmtky6767156.shtml 28券商遭網攻證交所：充分掌握訊息及業者應變 https://udn.com/news/story/7251/4148914 券商遭駭證期局祭八大資安防護措施 https://www.chinatimes.com/realtimenews/20191105004781-260410?chdtv 券商網路下單遭駭勒索贖金證交所：建立流量清洗機制 https://fnc.ebc.net.tw/FncNews/business/104918 券商遭到DDoS攻擊證交所三提醒 https://udn.com/news/story/7255/4146235 近日證券期貨業者遭受網路攻擊事件說明 https://www.twse.com.tw/zh/news/newsDetail/ff8080816dddfd6d016e3b00bbd10247 證券期貨業者遭受網路攻擊　證交所：已掌握攻擊訊息並密切注意後續發展 https://www.ettoday.net/news/20191105/1573086.htm 股市大盤指數突破11,000點，有駭客趁機發動DDoS攻擊，癱瘓多家券商網站十多分鐘 https://www.ithome.com.tw/news/134030 6家券商遭駭客攻擊無投資人受影響 http://pchome.megatime.com.tw/news/cat3/20191105/15729572630349318003.html 28券商遭網攻證交所：充分掌握訊息及業者應變 https://udn.com/news/story/7251/4148914 中國銀行發布新版跨境電商綜合金融服務方案 http://www.bank-of-china.com/big5/aboutboc/bi1/201911/t20191101_16956137.html 土耳其政府凍結 330 萬個銀行賬戶 https://www.chainnews.com/zh-hant/news/151980760012.htm 防網銀故障釀災英國會議員籲加稅並監管雲端服務 https://udn.com/news/story/6811/4130756 這些銀行大到不能倒？顧立雄：讓銀行經營體質更健全是好事 http://bit.ly/33jlygv Open API讓Open Data更安全 http://bit.ly/36AjEdw 過百警察突查「51信用卡」杭州總部　在港上市公司為何人去樓空 http://bit.ly/2Ccb9qX 中信銀櫃員系統大當機搶修後已恢復服務 https://money.udn.com/money/story/5617/4147686 朱學恒臨櫃繳款碰到網路壅塞　中信銀：30分鐘內全面恢復正常 https://www.ettoday.net/news/20191106/1573525.htm 百年彰銀不只核心系統升級，更準備擁抱微服務架構與容器 https://www.ithome.com.tw/people/133991 三星手機螢幕指紋漏洞花旗銀行未解除停用 https://www.chinatimes.com/realtimenews/20191106004899-260410?chdtv 數碼監控！殺入金融系統無法刪紀錄防走資 https://hk.news.appledaily.com/china/realtime/article/20191107/60204493 手機門號跨行轉帳明年上路 https://money.udn.com/money/story/5648/4151940 騰訊虛擬銀行取得香港牌照現正籌備區塊鏈虛擬銀行 https://www.chinatimes.com/realtimenews/20191108001806-260409?chdtv 中央銀行成立數位貨幣研究小組楊金龍：現金仍不會消失 http://www.worldpeoplenews.com/content/news/319676 虛擬銀行WeLab明年初開業 https://orientaldaily.on.cc/cnt/finance/20191108/00202_012.html 臺美首度聯手舉辦大規模網路攻防演練，臺銀行組藍隊聯隊對抗紅隊攻擊 https://www.ithome.com.tw/news/134003 Cyber Criminals Stealing Customer Data By Tricking Bank Employees https://www.ehackingnews.com/2019/11/cyber-criminals-stealing-customer-data.html?utm_source=dlvr.it&utm_medium=twitter The Central Bank will strengthen control over IT-security of credit institutions https://www.ehackingnews.com/2019/10/the-central-bank-will-strengthen.html Secret Service: Brazilian’s bank data scheme hits Seacoast ATMs https://www.fosters.com/news/20191031/secret-service-brazilians-bank-data-scheme-hits-seacoast-atms Giridih police arrests 8 cyber criminals https://www.dailypioneer.com/2019/state-editions/giridih-police-arrests-8-cyber-criminals.html 3 Nigerians among 5 held for stealing cash from ATM using fake cards https://timesofindia.indiatimes.com/city/bengaluru/3-nigerians-among-5-held-for-stealing-cash-from-atm-using-fake-cards/articleshow/71912147.cms NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm https://krebsonsecurity.com/2019/11/ncr-barred-mint-quickbooks-from-banking-platform-during-account-takeover-storm/ Tips to Accelerating PCI Data Security Standard Projects with Deep Security as a Service https://blog.trendmicro.com/tips_accelerating-pci-data-security-standard-projects-with-deep-security-as-a-service/ Sustained DDoS Attack on South African Banks Accompanied by Ransom Notes https://www.cpomagazine.com/cyber-security/sustained-ddos-attack-on-south-african-banks-accompanied-by-ransom-notes/ Sabric says SA banks are under sustained DDoS attack https://www.moneyweb.co.za/news/south-africa/sabric-says-sa-banks-are-under-sustained-ddos-attack/ SOUTH AFRICAN BANKS RESILIENT IN THE FACE OF LATEST DDOS ATTACK https://www.sabric.co.za/media-and-news/press-releases/south-african-banks-resilient-in-the-face-of-latest-ddos-attacks/ Magecart Groups Attack Simultaneous Sites in Card-Theft Frenzy https://threatpost.com/magecart-groups-attack-simultaneous-sites-in-card-theft-frenzy/149872/ PerimeterX Research Team Uncovers New Trend in Magecart Attacks: Multiple Magecart Groups Attacking Simultaneously https://www.perimeterx.com/blog/multiple-magecart-groups-attacking-simultaneously/# Two Arrested In Dublin Over ATM Fraud Incidents https://www.nova.ie/two-arrested-in-dublin-over-atm-fraud-incidents-171187/ RBI Seeks 'Regulatory Sandbox' Applicants https://www.bankinfosecurity.asia/rbi-seeks-regulatory-sandbox-applicants-a-13362 Cyber Insurance: Benefits and Pitfalls https://www.bankinfosecurity.asia/cyber-insurance-benefits-pitfalls-a-13356 Romanian man convicted in Cedar Rapids ATM skimming scheme https://www.thegazette.com/subject/news/public-safety/romica-martuica-romania-convicted-in-atm-skimming-scheme-20191106 Atm spews out free cash out: gelukzakken can go up to 6 hours of taking advantage https://www.wirenewsfax.com/atm-spews-out-free-cash-out-gelukzakken-can-go-up-to-6-hours-of-taking-advantage The data of Alfa-Bank's clients is sold on the black market https://www.ehackingnews.com/2019/11/the-data-of-alfa-banks-clients-is-sold.html Chinese hackers involved in ATM heist in Nepal sent to jail https://english.khabarhub.com/2019/07/53526/ 3.電子支付/電子票證/行動支付/ pay/新聞及資安哈薩克斯坦支付系統前9月交易額近600萬億 https://www.inform.kz/cn/9-600_a3580793 Pay Taipei上線一年半!惡評如潮！評價僅兩顆星 https://times.hinet.net/news/22629544 中國、印度、俄羅斯三國間的支付系統有望對接，人民幣支付或進一步提升 http://www.sohu.com/a/350493799_100110525 扎克伯格出席聽證會承認"中國支付系統領先美國" http://news.stnn.cc/guoji/2019/1024/682476.shtml 中國支付大解禁！支付寶推「國際遊客版App」免綁中國門號 http://bit.ly/2NqOSfE 俄羅斯央行打擊支付服務提供商140家公司非法提供外匯交易服務 http://forex.eastmoney.com/a/201910211266996159.html 已與9家公司簽下MOU 台灣PAY攜手第三方支付 http://bit.ly/2WGwl1R 5分鐘完成一筆財政資金支付濰坊國庫集中支付電子化管理系統上線 http://www.wfnews.com.cn/index/2019-10/17/content_2173383.htm 多家信用卡合作推出一鍵支付系統 http://bit.ly/33c9OfG Line pay 一卡通被盜領 https://www.ptt.cc/bbs/Lifeismoney/M.1572844569.A.8ED.html LINE Pay一卡通繳卡費「爆出漏洞」！網友神製條碼器　每期爽賺500點高回饋 https://www.ettoday.net/news/20191027/1566267.htm 台灣行動支付更新傳災情預計2天排除 https://www.chinatimes.com/realtimenews/20191021004108-260410?chdtv 停止「t wallet 行動支付」APP 服務公告 http://bit.ly/33myPVE 支付寶拓展用戶　遊客赴陸可使用免綁中國手機版 https://www.setn.com/News.aspx?NewsID=630986 傳20間歐銀行聯手推新支付系統抗衡Visa PayPal http://paper.wenweipo.com/2019/11/07/GJ1911070005.htm 布達佩斯李斯特國際機場提供多種中國支付平台 http://www.sohu.com/a/352060812_162522 搶攻跨國交通支付市場台灣大車隊導入韓亞電子錢包 https://ec.ltn.com.tw/article/breakingnews/2970302 建立QR Code共同標準為國際趨勢　央行總裁楊金龍：沒有要與民爭利 https://www.ettoday.net/news/20191107/1574381.htm 歐盟：Apple Pay限制商家電子支付方式恐涉反競爭行為 https://news.cnyes.com/news/id/4407435 人行穆長春：數字貨幣CBDC可作為後備電子支付 https://news.rthk.hk/rthk/ch/component/k2/1490358-20191106.htm 街口、LINE Pay互相轉賬本會期恐難過關 http://www.epochtimes.com/gb/19/11/4/n11632209.htm 台灣金管會：電子支付用戶數達588萬年增近67％ http://www.dsb.cn/108910.html 周小川談第三方支付：金融基礎設施需要滿足監管要求 https://news.sina.com.tw/article/20191108/33247944.html DDoS 攻撃を示唆して、仮想通貨を要求する脅迫メールについて https://www.jpcert.or.jp/newsflash/2019103001.html Alipay open to foreign visitors for first time https://www.zdnet.com/article/alipay-open-to-foreign-visitors-for-first-time/#ftag=RSSbaffb68 Best Practices for PCI DSS v3.2.1 Network Security Compliance https://web.tufin.com/hubfs/resources/best-practices-PCI-DSS-v3.2.1-network-security-compliance.pdf 4.虛擬貨幣/區塊鍊相關新聞及資安創造一個「私人貨幣」並不是解決之道！這個男人比祖克柏更懂加密貨幣 http://news.knowing.asia/news/f209236f-3615-4f6c-a18a-23efb42ce18d 區塊鏈也有漏洞？成都一公司推出全球第一款安檢工具 https://static.cdsb.com/micropub/Articles/201911/55ecf5a151f6b1b0453e4d8c2659ced8.html 區塊鏈結合智慧電網提升能源使用效率 https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000571348_A0A2MYUL5N9XHM7METSPJ 中國擬推數位貨幣專家點破背後動機 https://ec.ltn.com.tw/article/breakingnews/2965998 日本公司將發布試行地區加密貨幣 http://www.shangbaoindonesia.com/read/2019/10/20/economy-1571586018 區塊鏈瀏覽器 Brave 漸受歡迎每月活躍用戶達 800 萬 https://news.cnyes.com/news/id/4398079?exp=b 「穩定幣」衝擊難擋 G7 建議各國探究發行「央行數位貨幣」 https://news.cnyes.com/news/id/4397847 習近平一聲令下，政治局集體學習「區塊鏈」 https://www.storm.mg/article/1890582 肖磊:政治局集體學習區塊鏈中美角逐科技創新制高點 https://news.sina.com.tw/article/20191026/33092386.html 「雙鏈共舞」銀行加速布局區塊鏈 6家銀行備案14項服務 https://kknews.cc/finance/xgqe5zq.html 採區塊鏈發貨幣中共想搶第一恐致金融大亂 http://www.epochtimes.com/b5/19/10/31/n11624715.htm 義大利人愛用比特幣網購，交易量超車VISA、Mastercard https://www.bnext.com.tw/article/55343/bitcoin-is-a-preferred-payment-option-in-italy-over-visa-mastercard-and-amex BitMEX 洩露大量用戶電郵當中有政府部門、教育機構 http://bit.ly/33jHRma 比特大陸在得克薩斯州開設了一個大型加密貨幣礦場 http://bit.ly/34vlURh 頭大!交易軟件Robinhood出現程序漏洞,惊現"無限槓桿 https://www.fx.cool/cn/newsdetail/8338 FB加密幣負責人：比特幣是數位黃金但不適合當貨幣 https://news.cnyes.com/news/id/4406356 大陸人行：大陸數位貨幣將進入戰國時代 https://www.chinatimes.com/realtimenews/20191106002892-260410?chdtv 【區塊鏈】年輕人，準備好進入證券型代幣市場了嗎 http://bit.ly/2NmkOBE Law debated allowing confiscation of Bitcoin by the police https://www.zdnet.com/article/law-debated-allowing-confiscation-of-bitcoin-by-the-police/#ftag=RSSbaffb68 Crypto Heist: Thieves Penetrate Bitcoin ATM Warehouse to Steal 85 Devices https://www.ccn.com/thieves-penetrate-bitcoin-atm-warehouse-wall/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式 Adwind木馬新變種曝光Google修復Chrome中3個高危漏洞 https://zhuanlan.zhihu.com/p/89524176 Gafgyt新變體威脅超3萬台路由器某國內大廠遭殃 https://www.cnbeta.com/articles/tech/906225.htm 北韓駭客組織HIDDEN COBRA利用之惡意程式HOPLIGHT變種 http://net.nthu.edu.tw/2009/mailing:announcement:20191104_02 變種勒索軟體不但加密檔案，還會變更Windows登入密碼 https://www.ithome.com.tw/news/134040 行動惡意軟體攻擊加劇！2020 網路資安預測 9大關鍵要點 https://3c.ltn.com.tw/news/38542 QNAP NAS遭QSnatch感染，QNAP已提出安全建議以清除惡意程式 https://www.twcert.org.tw/tw/cp-104-3043-0f363-1.html 後門程式利用盜版外掛散佈，感染力強成WordPress最大威脅 https://www.ithome.com.tw/news/134061 拍賣史上最毒筆電！拿「21世紀6大病毒」煉蠱..價格竟飆破XX萬? 網笑翻: HAO123、金山毒霸勒 http://bit.ly/34INlHz 首都大アドレス、最大１万８千件流出か…ＰＣウイルス感染 https://www.yomiuri.co.jp/national/20191102-OYT1T50271/ Emotet Trojan Brings a Malware Scare with Halloween Emails https://www.bleepingcomputer.com/news/security/emotet-trojan-brings-a-malware-scare-with-halloween-emails/ At least 13 managed service providers were used to push ransomware this year https://www.zdnet.com/article/at-least-13-managed-service-providers-were-used-to-push-ransomware-this-year/ 6 New MSPs and/or Cloud-Based Service Providers Compromised by Ransomware, A Total of 13 for 2019, Reports Armor https://www.armor.com/reports/new-msps-compromised-reports-armor/ QSnatch Malware Infects Thousands of NAS Devices, Steals Credentials https://www.bleepingcomputer.com/news/security/qsnatch-malware-infects-thousands-of-nas-devices-steals-credentials/ Ransomware School: The Rise of GandCrab Disciples https://www.bankinfosecurity.com/ransomware-school-rise-gandcrab-disciples-a-13335 Ransomware: Average Ransom Payout Increases to $41,000 https://www.bankinfosecurity.in/ransomware-average-ransom-payout-increases-to-41000-a-13333 Cybersicherheit in der Schweiz: Die Bedrohungslage ist akut https://www.it-markt.ch/news/2019-11-04/cybersicherheit-in-der-schweiz-die-bedrohungslage-ist-akut WhatsApp Pegasus Malware http://bit.ly/32bD3y6 Antimalware Day 2019: Building a culture of cybersecurity awareness https://www.welivesecurity.com/2019/11/03/antimalware-day-2019-building-culture-cybersecurity-awareness/ Emotet continues to bypass many email security products https://www.virusbulletin.com/blog/2019/11/emotet-continues-bypass-many-email-security-products/ Mobile Anti-Malware Market Is Thriving Worldwide | Symantec, Sophos, Mcafee https://istechnologytrend.com/mobile-anti-malware-market-is-thriving-worldwide-symantec-sophos-mcafee/ Ransomware hits Spanish companies sparking WannaCry panic https://www.zdnet.com/article/ransomware-hits-spanish-companies-sparking-wannacry-panic/#ftag=RSSbaffb68 BlueKeep attacks are happening, but it's not a worm https://www.zdnet.com/article/bluekeep-attacks-are-happening-but-its-not-a-worm/#ftag=RSSbaffb68 BlueKeep Attacks Arrive, Bearing Cryptomining Malware https://www.bankinfosecurity.com/bluekeep-attacks-arrive-bearing-cryptomining-malware-a-13341 Ransomware Gangs' Not-So-Secret Attack Vector: RDP Exploits https://www.bankinfosecurity.com/ransomware-gangs-not-so-secret-attack-vector-rdp-exploits-a-13342 Ransomware: Average Ransom Payout Increases to $41,000 https://www.bankinfosecurity.com/ransomware-average-ransom-payout-increases-to-41000-a-13333 Analiza techniczna trojana bankowego Cerberus https://www.cert.pl/news/single/analiza-techniczna-trojana-bankowego-cerberus/ C2 With It All: From Ransomware To Carding https://blog.talosintelligence.com/2019/11/c2-with-it-all.html Targeted Ransomware Attacks Hit Several Spanish Companies https://thehackernews.com/2019/11/everis-spain-ransomware-attack.html Nemty Ransomware Expands Its Reach, Also Delivered by Trik Botnet https://www.symantec.com/blogs/threat-intelligence/nemty-ransomware-trik-botnet Threat Spotlight: Neshta File Infector Endures https://threatvector.cylance.com/en_us/home/threat-spotlight-neshta-file-infector-endures.html Ciberataques Ransomware - 04 de noviembre 2019 https://www.dsn.gob.es/en/actualidad/sala-prensa/ciberataques-ransomware-04-noviembre-2019 Canadian Nunavut government systems crippled by ransomware https://www.zdnet.com/article/canadian-nunavut-government-systems-crippled-by-ransomware/#ftag=RSSbaffb68 Get ready for Trump fake ransomware: ‘trump.exe’ and ‘Trump Screen of Death’ https://www.cso.com.au/article/668307/get-ready-trump-fake-ransomware-trump-exe-trump-screen-death/ Experts: Don't reboot your computer after you've been infected with ransomware https://www.zdnet.com/article/experts-dont-reboot-your-computer-after-youve-been-infected-with-ransomware/ Wizard Spider Upgrades Ryuk Ransomware to Reach Deep into LANs https://threatpost.com/wizard-spider-upgrades-ryuk-ransomware/149853/ WIZARD SPIDER Adds New Features to Ryuk for Targeting Hosts on LAN https://www.crowdstrike.com/blog/wizard-spider-adds-new-feature-to-ryuk-ransomware/ Kaspersky: Indonesia Mencatat Deteksi Mobile Malware Paling Banyak di Asia Tenggara https://akurat.co/iptek/id-847381-read-kaspersky-indonesia-mencatat-deteksi-mobile-malware-paling-banyak-di-asia-tenggara Carbanak threat details and protection using Trend Micro products http://bit.ly/2JUm0tW Banking Trojan targets users of Australian government services https://australiancybersecuritymagazine.com.au/banking-trojan-targets-users-of-australian-government-services-2/ Emotet, Trickbot, Ryuk – ein explosiver Malware-Cocktail https://www.heise.de/security/artikel/Emotet-Trickbot-Ryuk-ein-explosiver-Malware-Cocktail-4573848.html Emotet resurgence packs in new binaries, Trickbot functions https://www.zdnet.com/article/emotet-resurgence-packs-in-new-binaries-malicious-functions/#ftag=RSSbaffb68 The Malicious Macros Problem May Be Solved Soon https://www.bankinfosecurity.asia/malicious-macros-problem-may-be-solved-soon-a-13361 Threat Actors Demonstrate Persistent Interest in ATM Malware https://www.flashpoint-intel.com/blog/threat-actors-demonstrate-persistent-interest-in-atm-malware/ Emotet - What's Changed https://www.netscout.com/blog/asert/emotet-whats-changed Specially Crafted ZIP Files Used to Bypass Secure Email Gateways https://www.bleepingcomputer.com/news/security/specially-crafted-zip-files-used-to-bypass-secure-email-gateways/ Double Loaded Zip File Delivers Nanocore https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/double-loaded-zip-file-delivers-nanocore/ Emotet resurgence packs in new binaries, Trickbot functions https://www.zdnet.com/article/emotet-resurgence-packs-in-new-binaries-malicious-functions/ TA542 Brings Back Emotet with Late September Spike https://www.darkreading.com/threat-intelligence/ta542-brings-back-emotet-with-late-september-spike/d/d-id/1336302 German Dridex spam campaign is unfashionably large https://www.virusbulletin.com/blog/2019/11/german-malspam-campaign-unfashionably-large/ B.行動安全 / iPhone / Android /穿戴裝置 /App 美國盟邦的政府官員都是WhatsApp惡意程式的攻擊目標 https://www.ithome.com.tw/news/133960 惡意的監控黑鏡：安全網破洞？WhatsApp駭客入侵風暴 https://global.udn.com/global_vision/story/8664/4138954 WhatsApp漏洞遭駭 20國高官手機被接管 https://www.cdns.com.tw/articles/46934 WhatsApp據報大洩用戶資料牽連20國政要 http://bit.ly/36tKvrx 中國駭客入侵電信商監看簡訊誰反中就被鎖定攔截 http://m.match.net.tw/pc/news/international/20191101/5075861 間諜軟體監控手機通訊印度團體籲訂隱私法 https://money.udn.com/money/story/5599/4140690 超7成金融App存漏洞監管加碼互金App告別野蠻生長 https://news.sina.com.tw/article/20191106/33216292.html iOS 用戶也中招？蘋果 App Store 有 17 款 App 藏木馬 https://3c.ltn.com.tw/news/38519 蘋果中鏢！ 17款惡意App藏木馬病毒 https://www.chinatimes.com/realtimenews/20191105001152-260405?chdtv 信通院評測了13萬個金融類App 70%存高危漏洞 https://www.cnbeta.com/articles/tech/906279.htm TikTok抖音資安存疑　傳美國政府發動調查 https://www.setn.com/News.aspx?NewsID=628537 Google提供Android資安小提醒，簡單幾步維護自身安全 https://www.techbang.com/posts/73938-google-offers-android-alerts-to-keep-yourself-safe-in-a-few-easy-steps 小心錢包莫名被坑一筆！下載破千萬的安卓鍵盤 App 遭爆當小偷 https://3c.ltn.com.tw/news/38510 Android 表情符號鍵盤暗藏惡意訂閱詐騙機制，四千萬用戶受害 https://www.twcert.org.tw/tw/cp-104-3034-25bdf-1.html Richart再出招用手機為手機投保 https://m.ctee.com.tw/livenews/aj/a02611002019102319231414?area= Android NFC漏洞可被黑客拿來傳播植入惡意軟件 https://www.cnbeta.com/articles/tech/906697.htm 駭客利用Android的NFC漏洞，就能在手機上植入惡意程式 https://www.ithome.com.tw/news/133995 Android NFC 功能出現漏洞 Google 建議暫時停用 http://bit.ly/2WOVlUy 用中國手機很危險！《衛報》專訪澳洲資安專家：中共盜取用戶個資、影響觀點、左右選舉 https://musou.watchout.tw/read/fkM0XYMar1Y96qfBE3I7 騰訊將電影情節變成真？指紋留玻璃杯也可解鎖手機 http://bit.ly/2JZgkz1 谷歌Android 移動操作系統中的零日漏洞被攻擊者利用 https://my.oschina.net/u/3585265/blog/3126825 被自己的手機監控？3種個資最容易外洩 https://www.secretchina.com/news/b5/2019/11/08/912894.html Google找三家安全廠商幫忙檢查Play Store惡意程式 https://www.ithome.com.tw/news/134075 Android bug lets hackers plant malware via NFC beaming https://www.zdnet.com/article/android-bug-lets-hackers-plant-malware-via-nfc-beaming/#ftag=RSSbaffb68 Govt. Officials in 20 Nations Targeted Via WhatsApp: Report https://www.bankinfosecurity.com/govt-officials-in-20-nations-targeted-via-whatsapp-report-a-13337 WhatsApp in Plain Sight: Where and How You Can Collect Forensic Artifacts https://www.group-ib.com/blog/whatsapp_forensic_artifacts C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件雷射光就能駭入語音裝置！Amazon Echo、Google Home、iPhone 都中鏢 https://www.inside.com.tw/article/18008-iphone-and-homepod-vulnerable-to-line-of-sight-attacks-using-lasers Akamai：Google Analytics遭網釣駭客用來改善攻擊成效，但同樣也可用來追蹤網釣活動 https://www.ithome.com.tw/news/134074 五福旅遊網站遭受駭客攻擊！網站暫時停止服務 https://m.ctee.com.tw/livenews/aj/a98623002019110713474526?area= 五福旅遊網站遭受駭客攻擊已於晚間恢復正常 https://m.ctee.com.tw/livenews/aj/a98623002019110719224418?area= 中山大學逾10位兩岸研究學者電郵疑遭駭3年 https://www.cna.com.tw/news/firstnews/201911070210.aspx 中山大學10餘學者電郵遭監看3年 https://m.ltn.com.tw/news/life/paper/1330428 中山大學學者電郵遭駭陸委會籲校方維護資安 https://living.taronews.tw/2019/11/07/521919/ 利用系統漏洞創假帳號　逾10大學教授電郵遭監視3年 https://hk.on.cc/hk/bkn/cnt/cnnews/20191107/bkn-20191107183948273-1107_00952_001.html 兩岸關係學者電郵遭駭中山大學交叉比對揪出可疑帳號 https://udn.com/news/story/7323/4151633 中山大學多名學者電郵遭駭陸委會質疑兇手就是中國 http://bit.ly/32oBgpj 中山大學教授電郵遭監控韓國政團召集人廖達琪也受害 https://www.chinatimes.com/realtimenews/20191107005060-260407?chdtv 防堵中共竊密！台學者籲政府補強大學資安 http://bit.ly/34EluIu 卡巴斯基發現 Chrome 0day 安全漏洞，由朝鮮黑客組織 Lazarus 發起 https://www.chainnews.com/zh-hant/news/223218820169.htm 不能再高了！台大生快查成績…教務處系統遭駭人人87分 https://www.setn.com/News.aspx?NewsID=630835 利用BlueKeep漏洞的攻擊被觀察到但它似乎沒那麼可怕 https://www.cnbeta.com/articles/tech/907427.htm 資安人員發現 BlueKeep 漏洞首宗大規模攻擊事件，用以安裝挖礦程式 https://www.twcert.org.tw/tw/cp-104-3042-fa811-1.html 如果網站還有 Flash 內容，未來 Google 搜尋將直接跳過 https://technews.tw/2019/11/04/the-slow-death-of-flash-continues-as-google-begins-to-remove-it-from-search/ Uber向駭客低頭，用加密貨幣支付10萬美元「封口費」...如今卻被罰了1.48億 http://news.knowing.asia/news/55c13d71-a089-4d00-825e-866fe865fd72 害怕客戶技術遭竊，GitLab 討論禁聘中國和俄羅斯員工 http://technews.tw/2019/11/05/gitlab-considers-ban-hire-in-china-and-russia/ 繼電子支付網站後· 馬大內部系統無法登入 https://www.sinchew.com.my/content/content_2134531.html 捷克資安公司 Avast 驚傳遭駭 https://www.twcert.org.tw/tw/cp-104-3041-49071-1.html 資安事件推陳出新咖啡機也會被駭客入侵 https://www.chinatimes.com/realtimenews/20191102003249-260410?chdtv 駭客入侵線上購物事件頻仍網購4招自保 http://www.epochtimes.com/b5/19/10/29/n11619844.htm 受思科防火牆漏洞影響，美國電廠遭網路攻擊 https://nosec.org/home/detail/3122.html 俄國駭客消除冬奧禁藥紀錄　魚叉式網路釣魚運用最廣 https://www.ettoday.net/news/20191029/1567791.htm 中國大陸京廣多地超2萬台電腦被挖礦，攻擊者利用永恒之藍漏洞橫向擴散 https://www.bishijie.com/shendu_63228 中國警方破跨國電腦罪案拘10人　對逾2000網站植木馬程式 https://hk.on.cc/hk/bkn/cnt/cnnews/20191102/bkn-20191102050532413-1102_00952_001.html 中國邯鄲警方破獲一起特大破壞計算機信息系統案件 http://www.he.xinhuanet.com/xinwen/2019-11/02/c_1125183537.htm 電玩比毒藥還可怕！中國新規定：年輕電玩迷每天只能玩90分、最晚到晚上10點 http://bit.ly/33EOM9C 打擊電玩成癮的絕招？中國嚴令：晚上10點18歲以下「強制下線」 https://global.udn.com/global_vision/story/8662/4149641 報告：中共駭客瞄準6國竊密 http://bit.ly/2pJZFZ6 印度核電公司證實遭北韓網軍入侵核電廠 http://bit.ly/2JV9vP1 印度某核電廠內網被駭客入侵，目前已有一座反應堆被關閉 https://ek21.com/news/tech/155671/ FireEye：駭客集團大量解析電信網路的簡訊流量 https://www.ithome.com.tw/news/133962 傳中國駭客入侵電信商監看簡訊鎖定反中內容 https://www.cna.com.tw/news/firstnews/201911010269.aspx 中國黑客組織瞄準六國政府機構竊機密信息 http://www.epochtimes.com/b5/19/11/4/n11633050.htm 開源軟體 Notepad ++ 新版本命名「解放維吾爾族」，遭中國網軍 DDoS攻擊 https://www.inside.com.tw/article/17981-text-editor-notepad-free-uyghur-edition-china-spam 中共推情緒識別系統專家：比人臉識別更可怕 http://www.epochtimes.com/b5/19/11/3/n11629742.htm 中共新網規恐危害美國知識產權 http://www.epochtimes.com/b5/19/11/1/n11626698.htm 中共操作輿論戰傷害民主自由 https://www.ydn.com.tw/News/358841 中共製造國產大客機的祕密 http://www.epochtimes.com/b5/19/10/19/n11598517.htm 中共國家資助的駭客組織截獲了全球短信 https://news.guo.media/zh/9032/ 自由之家：中國網路自由度連續四年墊底 https://www.rti.org.tw/news/view/id/2040470 歐盟電子身份識別系統有漏洞，可讓駭客冒充公民身份 https://times.hinet.net/news/22630551 德國外交部長：華為參與5G建設資安有疑慮 https://www.chinatimes.com/realtimenews/20191105001744-260408?chdtv 美大規模調查生物醫學竊密涉案多為華裔 https://www.ntdtv.com/b5/2019/11/05/a102700924.html 美內政部停飛陸製無人機 https://udn.com/news/story/12639/4139859 美內政部停用陸製無人機曾被國土安全部質疑竊密含中國零件也禁飛 https://tw.appledaily.com/international/20191102/AA2YEKCF4ZBJSISMUUMLHDFPQM/ 美參議員要求國防部拆除中國監控設備 https://www.voacantonese.com/a/rubio-ask-pentagon-to-remove-chinese-cameras-20191106/5156299.html 參議員致函國防部　促拆除現存華製監控設備 https://hk.on.cc/hk/bkn/cnt/amenews/20191107/bkn-20191107130348317-1107_00972_001.html 美企非法進口販售中國製監控設備給美軍！FBI突擊搜索總部　7人被起訴 https://www.ettoday.net/news/20191108/1575020.htm 美國公司訛稱中國製監控設備本地生產　七人被起訴 http://bit.ly/33rqW13 美國總統個人律師及網路安全顧問朱利安尼遭爆網安意識草率忘記手機密碼竟求助店家 http://bit.ly/2qfGy9h 美國聯邦調查局FBI示警美反擊中共人海諜戰及網絡諜戰 https://www.ntdtv.com/b5/2019/11/01/a102698392.html 美智庫分析中國散播假訊息難影響台灣大選 https://www.cna.com.tw/news/firstnews/201911080020.aspx 國安至上！FCC 嚴防華為設備安裝在美國軍事基地附近 https://news.cnyes.com/news/id/4405610 英移民執法部門前負責人:應建聯合防偷渡情報系統 https://3g.163.com/all/article/ET05CEU10001899N.html 分析百位資安專家思考模式！劍橋科學家的 AI 系統清楚抓出網攻所有細節 https://buzzorange.com/techorange/2019/11/05/cambridge-online-security-ai/ iTutorGroup 稱自己是中國公司網路熱議，平台業者恐成法律漏洞 https://technews.tw/2019/11/06/itutorgroup-claims-that-it-is-a-hot-topic-for-chinese-companies-and-that-platform-operators-are-afraid-of-legal-loopholes/ Chinese APT Group Targets Mobile Networks: FireEye Mandiant https://www.bankinfosecurity.com/chinese-apt-group-targets-mobile-networks-fireeye-mandiant-a-13345 Cyber-attack hits Utah wind and solar energy provider https://www.zdnet.com/article/cyber-attack-hits-utah-wind-and-solar-energy-provider/#ftag=RSSbaffb68 Facebook, Mozilla, and Cloudflare announce new TLS Delegated Credentials standard https://www.zdnet.com/article/facebook-mozilla-and-cloudflare-announce-new-tls-delegated-credentials-standard/#ftag=RSSbaffb68 Your WordPress site is at risk: These precautions and plugins can keep it secure https://www.zdnet.com/article/18-security-precautions-and-plugins-for-your-wordpress-site/#ftag=RSSbaffb68 An inside look at WP-VCD, today's largest WordPress hacking operation https://www.zdnet.com/article/an-inside-look-at-wp-vcd-todays-largest-wordpress-hacking-operation/ BlueKeep Attacks Arrive, Bearing Cryptomining Malware https://www.bankinfosecurity.com/bluekeep-attacks-arrive-bearing-cryptomining-malware-a-13341 BlueKeep exploitation activity seen in the wild https://doublepulsar.com/bluekeep-exploitation-activity-seen-in-the-wild-bd6ee6e599a6 Microsoft warns users to stay alert for more BlueKeep attacks https://www.zdnet.com/article/microsoft-warns-users-to-stay-alert-for-more-bluekeep-attacks/ Chinese police arrest operators of 200,000-strong DDoS botnet https://www.zdnet.com/article/chinese-police-arrest-operators-of-200000-strong-ddos-botnet/#ftag=RSSbaffb68 'Soviet Tactics': Russia Tries Prisoner Swap for Hacker https://www.bankinfosecurity.asia/blogs/soviet-tactics-russia-tries-prisoner-swap-for-hacker-p-2814 Was North Korea Behind Attack at Indian Nuclear Power Plant https://www.bankinfosecurity.asia/was-north-korea-behind-attack-at-indian-nuclear-power-plant-a-13363 資訊部-資安儲備人員 https://www.104.com.tw/job/6s7eh D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞雄獅個資遭竊團訟敗訴消基會要上訴 https://www.cna.com.tw/news/ahel/201911010345.aspx 詐騙駭客開採Firefox臭蟲，讓使用者誤以為系統被駭了 https://ithome.com.tw/news/134055 QR Code支付詐騙頻傳金管會明訂兩大規範 http://bit.ly/36ximQp 漏洞規則、威脅恐嚇，Airbnb 平臺騙局大揭祕 https://www.chainnews.com/zh-hant/articles/919467256352.htm 你的密碼是生日或123456嗎？BBC教你怎麼設計一組不易被破解的好記密碼 https://www.storm.mg/article/1903327 轉乘便利！捷運民權西路站警逮7詐騙車手 http://bit.ly/2JMXKKp 錢櫃疑個資大外洩近70消費者接詐騙電話 https://www.chinatimes.com/realtimenews/20191106001740-260402?chdtv 開心唱歌也有事？錢櫃遭駭洩個資　衰男被騙走60萬辛苦錢 https://www.setn.com/News.aspx?NewsID=630899 錢櫃KTV個資外洩！　詐騙電話「1周35件」遭列高風險平台 https://www.ettoday.net/news/20191106/1573579.htm 疑個資外洩錢櫃會員逾70人遇詐騙 http://www.ksnews.com.tw/index.php/news/contents_page/0001316795 錢櫃個資外洩 85人K歌被詐 http://bit.ly/2JZhCd4 小心被「盜臉」！個資威脅大魔王：臉部辨識 https://www.cw.com.tw/article/article.action?id=5097552 Booking.com 的網站有漏洞，今天被盜刷了 https://www.backpackers.com.tw/forum/showthread.php?t=10376490 FB再曝隱私漏洞：100位軟體開發者違規訪問用戶數據 https://news.sina.com.tw/article/20191106/33216934.html Facebook被發現疑用人面辨識要自拍核實帳號？官方澄清開發動機 http://bit.ly/2pJmaO6 陸「殺豬盤」網戀詐騙！誆單身男女投資騙錢 https://news.tvbs.com.tw/world/1229955 千騙萬騙不離ATM 老梗詐騙莫輕忽 https://times.hinet.net/news/22639852 又來了！Facebook 坦承 Groups API 漏洞讓百名開發人員可存取使用者資料 https://finance.technews.tw/2019/11/07/facebook-groups-api-flaw-exposed-data-to-100-developers/ 渣打fb交代「獨立調查」澄清冇泄客戶資料 http://bit.ly/2K2qNtv 日本經濟新聞遭企業郵件詐騙攻擊，損失超過 32 億日元 https://www.twcert.org.tw/tw/cp-104-3047-7165a-1.html Canada Credit Union Data Breach Bigger Than First Thought: Desjardins https://www.securityweek.com/canada-credit-union-data-breach-bigger-first-thought-desjardins McAfee: Malicious Voicemails Target Office365 Users https://www.bankinfosecurity.com/mcafee-malicious-voicemails-target-office365-users-a-13327 Scammers are now faking voicemail notifications to steal Office 365 login credentials https://thenextweb.com/security/2019/10/31/scammers-are-now-faking-voicemail-notifications-to-steal-office-365-login-credentials/ Trio of Web Registrars Disclose 22 Million Accounts Breached https://www.bankinfosecurity.in/trio-web-registrars-disclose-22-million-accounts-breached-a-13332 Italy's UniCredit: Breach Went Undetected for Four Years https://www.bankinfosecurity.com/italys-unicredit-breach-went-undetected-for-four-years-a-13347 NCSC Stopped One Million Criminal Frauds https://www.cybersecurityintelligence.com/blog/ncsc-stopped-one-million-criminal-frauds-4594.html SSL/TLS Decryption Can Help with GDPR Compliance https://blog.paloaltonetworks.com/2019/10/network-ssl-decryption-and-gdpr/ Russia’s sovereign internet law comes into force https://nakedsecurity.sophos.com/2019/11/04/russias-sovereign-internet-law-comes-into-force/ Half of Americans do not believe deepfake news could target them online https://www.zdnet.com/article/half-of-americans-do-not-believe-deepfake-news-could-target-them-online/#ftag=RSSbaffb68 Business Email Compromise: Battling Advanced Attackers https://www.bankinfosecurity.com/business-email-compromise-battling-advanced-attackers-a-13353 Phishing Campaign Uses Salary Increase Ploy: Report https://www.bankinfosecurity.com/phishing-campaign-uses-salary-increase-ploy-report-a-13352 New Credential Phish Targets Employees with Salary Increase Scam https://cofense.com/new-credential-phish-targets-employees-salary-increase-scam/ Latest BEC Victims: Nikkei, City of Ocala https://www.bankinfosecurity.com/latest-bec-victims-nikkei-city-ocala-a-13351 Matter concerning transfer of funds at Nikkei Inc.'s US subsidiary http://www.nikkei.co.jp/nikkeiinfo/en/news/press/597.html State of Stolen Credentials in the Dark Web from Fortune 500 Companies https://www.immuniweb.com/blog/stolen-credentials-dark-web-fortune-500.html Leading Web Domain Name Registrars Disclose Data Breach https://thehackernews.com/2019/10/domain-name-registrars-hacked.html 5 Places Where Hackers Are Stealthily Stealing Your Data In 2019 https://thehackernews.com/2019/10/hacking-data-breach-protection.html This is how Google Analytics is abused by phishing scammers https://www.zdnet.com/article/this-is-how-google-analytics-is-abused-by-phishing-scammers/#ftag=RSSbaffb68 Trend Micro reveals rogue employee sold data of up to 120,000 customers https://www.zdnet.com/article/trend-micro-reveals-insider-threat-exposing-customer-data/#ftag=RSSbaffb68 Facebook reveals another privacy breach, this time involving developers https://www.zdnet.com/article/facebook-reveals-another-data-breach-this-time-involving-developers/#ftag=RSSbaffb68 This is the impact of a data breach on enterprise share prices https://www.zdnet.com/article/this-is-how-a-data-breach-at-your-company-can-hit-share-prices/#ftag=RSSbaffb68 PHISHING DETECTION VIA ANALYTIC NETWORKS https://blogs.akamai.com/sitr/2019/11/phishing-detection-via-analytic-networks.html Defenders can discover phishing sites through web analytics IDs https://www.itworld.com/article/3451987/defenders-can-discover-phishing-sites-through-web-analytics-ids.html E.研究報告 WebLogic 反序列化漏洞(CVE-2019-2890)分析 https://paper.seebug.org/1069/ 防範針對性攻擊( Targeted Attack)入侵的三項建議 https://blog.trendmicro.com.tw/?p=62253 CVE-2019-15846：Exim遠程獲取root權限漏洞分析 https://kknews.cc/code/zy5583q.html Apache Solr 最新RCE漏洞分析 http://www.sohu.com/a/350953818_354899 Dlink路由器RCE漏洞復現 https://www.jishuwen.com/d/pgDD/zh-tw 分析多款D-Link路由器中未經授權的RCE漏洞 https://www.freebuf.com/vuls/216142.html uniFuzzer：一款基於Unicorn和LibFuzzer的閉源模糊測試工具 http://www.sohu.com/a/351201968_354899 Android應用邏輯漏洞半自動化挖掘思路 https://zhuanlan.zhihu.com/p/89762770 Web安全-SSRF漏洞利用從淺到深 https://www.cnblogs.com/-qing-/p/11785067.html Microsoft SharePoint BDC 服務反序列化代碼執行漏洞的分析（CVE-2019-1257） https://www.4hou.com/vulnerable/21259.html Penta：一款開源的多合一自動化滲透測試命令行工具 http://www.sohu.com/a/351354060_354899 使用Ghidra對WhatsApp VOIP Stack 溢出漏洞的補丁對比分析 https://www.4hou.com/vulnerable/21141.html 網路攻擊橫向移動說明 https://blog.trendmicro.com.tw/?p=61737 夠Python，一行指令輸出大心 https://cheng-min-i-taiwan.blogspot.com/2019/11/python.html 一行Python代碼畫心型 https://www.twblogs.net/a/5c6ecd89bd9eee7f92eab8e9 查殼好幫手 – Exeinfo PE https://www.uuu.com.tw/Public/content/article/19/20191028.htm 黑客利用最新的Firefox漏洞誘導用戶尋求“技術支持” https://www.freebuf.com/news/219216.html 網軍利用谷歌Chrome瀏覽器漏洞，針對朝鮮目標發起水坑攻擊 https://zhuanlan.zhihu.com/p/90018487 谷歌安全研究員發現Libarchive 漏洞影響Linux、FreeBSD和BSD http://hackernews.cc/archives/28133 增強組織雲端安全，防止資料暴露的六個方法 https://blog.trendmicro.com.tw/?p=62490 CVE-2019-7609 Kibana 遠程代碼執行漏洞攻擊方法和漏洞原理分析 https://www.chainnews.com/zh-hant/articles/866342610095.htm Chakra漏洞調試筆記5-CVE-2019-0861復現 https://www.anquanke.com/post/id/190533 Pwn2Own競賽第一天就發放195000美元漏洞獎勵 https://nosec.org/home/detail/3143.html PSIRT Services Framework https://www.jpcert.or.jp/research/psirtSF.html Lemon_Duck - IoCs & Attack Scripts https://github.com/guardicore/labs_campaigns/tree/d8f2cc9d86964bdbfdc035a285e854e7ceca00b3/Lemon_Duck Top 10 API Management Tools https://hakin9.org/top-10-api-management-tools/ Let's Learn: In-Depth Reversing of Qakbot "qbot" Banker Part 1 https://www.vkremez.com/2018/07/lets-learn-in-depth-reversing-of-qakbot.html wuseman/EMAGNET https://github.com/wuseman/EMAGNET gchq/CyberChef https://github.com/gchq/CyberChef nyxgeek/ntlmscan https://github.com/nyxgeek/ntlmscan Analysis of Two Newly Patched Kubernetes Vulnerabilities https://blog.paloaltonetworks.com/2019/10/cloud-kubernetes-vulnerabilities/ Introducing Cloud Managed Prisma Access https://blog.paloaltonetworks.com/2019/10/cloud-managed-prisma-access/ Kaspersky identifies mysterious APT mentioned in 2017 Shadow Brokers leak https://www.zdnet.com/article/kaspersky-identifies-mysterious-apt-mentioned-in-2017-shadow-brokers-leak/#ftag=RSSbaffb68 DarkUniverse – the mysterious APT framework #27 https://securelist.com/darkuniverse-the-mysterious-apt-framework-27/94897/ Kamerka OSINT tool shows your country's internet-connected critical infrastructure https://www.zdnet.com/article/kamerka-osint-tool-shows-your-countrys-internet-connected-critical-infrastructure/#ftag=RSSbaffb68 ꓘamerka 2.0 aka FIST (Flickr, Instagram, Shodan, Twitter) https://github.com/woj-ciech/kamerka Inside the Sophos 2020 Threat Report https://www.bankinfosecurity.com/interviews/inside-sophos-2020-threat-report-i-4499 BlueKeep exploitation activity seen in the wild https://doublepulsar.com/bluekeep-exploitation-activity-seen-in-the-wild-bd6ee6e599a6 DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition https://www.zdnet.com/article/dns-over-https-will-eventually-roll-out-in-all-major-browsers-despite-isp-opposition/#ftag=RSSbaffb68 Playbook Fridays: Component IOC All Data Pull https://threatconnect.com/blog/playbook-fridays-component-ioc-all-data-pull F.商業揮別電商雙11大當機夢魘，momo今年做了哪些準備拚業績、流量都翻倍 http://bit.ly/2PKQvWW 不跟 Chrome 硬拼，微軟發表新版 Edge、Bing 重新定為企業內部專用軟體 https://www.inside.com.tw/article/18000-new-Microsoft-Edge-and-Bing Team T5深入專研資安原創研究連美國資安公司都買單 https://www.ithome.com.tw/news/92825 中小企業網路安全設備研發新世代防火牆 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=&id=0000571967_4BR8U5G47QODYO6U3D07A Open WebMail 非 Openfind 產品，郵件資安防護不容忽視 https://www.openfind.com.tw/taiwan/news_detail.php?news_id=10204 Mozilla to stop supporting sideloaded extensions in Firefox https://www.zdnet.com/article/mozilla-to-stop-supporting-sideloaded-extensions-in-firefox/#ftag=RSSbaffb68 Check Point發布2020年網路安全趨勢預測 https://www.chinatimes.com/realtimenews/20191105002182-260410?chdtv Red Hat Enterprise Linux 8.1 adds live Linux kernel patching https://www.zdnet.com/article/red-hat-enterprise-linux-8-1-adds-live-linux-kernel-patching/#ftag=RSSbaffb68 Zoho hits 50 million business users, launches WorkDrive https://www.zdnet.com/article/zoho-hits-50-million-business-users-launches-workdrive/#ftag=RSSbaffb68 G.政府北市資安預算年年升資安事件年年增 https://www.chinatimes.com/realtimenews/20191101003681-260405?chdtv 北市資安預算增資安事件跟著增 https://udn.com/news/story/11322/4139782 資安漏洞！議員揭北市府高達27機關資安人力不足 https://news.ltn.com.tw/news/politics/breakingnews/2964850 台美首網路攻防演練政院資安處：台每月被攻擊3千萬次 https://money.udn.com/money/story/5648/4143093 台美首次舉辦聯合網攻演練！資安處：台灣每月遭攻擊 3000 萬次，比歐洲多上千倍 https://buzzorange.com/techorange/2019/11/05/cyber-security-war/ 美台首度網路攻防演練下週登場實戰測試資 https://living.taronews.tw/2019/10/31/514120/ 美台聯手！11/4網路攻防演練逾10國的資安專家參與 https://newtalk.tw/news/view/2019-11-01/320040 台美逾十國網攻實兵演練美方助台強化資安 https://m.ltn.com.tw/news/politics/breakingnews/2964997 台美網路攻防演練 10餘國參與 https://news.ltn.com.tw/news/politics/paper/1329813 美台創新合作 AIT：強化網路安全確保智財權 https://www.cna.com.tw/news/firstnews/201911020040.aspx 台美合作基礎 AIT：網路安全 http://www.epochtimes.com/b5/19/11/6/n11637417.htm 資安攻防玩真的！政院邀國內外攻擊好手「實兵演練」 https://udn.com/news/story/6656/4147330 美台網路攻防演練 10國測試資安 https://news.pchome.com.tw/politics/idn/20191031/index-57252380388729224001.html 臺美首度聯手舉辦大規模網路攻防演練，臺銀行組藍隊聯隊對抗紅隊攻擊 https://www.ithome.com.tw/news/134003 針對朝鮮？美國和台灣地區首次演練網絡攻防 http://www.hkcna.hk/content/2019/1105/792517.shtml 政院：台美合作辦理資安攻防演練開創國際資安合作新猷 https://www.ey.gov.tw/Page/9277F759E41CCD91/97b38e63-544c-46d5-a5d5-87350487c4b9 大突破！台美網路軍演將登場　王定宇：兩國首度官方合作 https://www.setn.com/News.aspx?NewsID=628721 美台聯手！11/4網路攻防演練逾10國的資安專家參與 https://zi.media/@newtalktw/post/W2MK2D 網路攻防演練模擬北韓駭客攻擊 AIT：保護民主選舉是主要目標 https://news.ltn.com.tw/news/politics/breakingnews/2966560 美台國際網路攻防演習 4日登場 http://www.worldpeoplenews.com/content/news/319574 台美首度資安實兵演練進行3天跨國網路攻防 https://www.cna.com.tw/news/firstnews/201911060078.aspx 資安攻防玩真的！政院邀國內外攻擊好手「實兵演練」 https://money.udn.com/money/story/7307/4147330 政府每月遭3000萬次網攻 99%成功攔截 https://m.ltn.com.tw/news/politics/paper/1329814 AIT數位對話論壇交流台灣資安議題（1） (圖) http://bit.ly/32t2jQm AIT數位對話論壇交流台灣資安議題（2） (圖) http://bit.ly/2rhEuhu 台美首度資安實兵演練進行3天跨國網路攻防 https://living.taronews.tw/2019/11/06/520295/ 總統：建立安全系統防選舉被網攻或假訊息攻破 https://www.rti.org.tw/news/view/id/2040400 中國對台網攻嚴重政院：我們面臨難纏對手 https://news.ltn.com.tw/news/politics/breakingnews/2965007 國軍耗資百餘億建置天眼型警監系統人臉辨識遭攔下 https://udn.com/news/story/10930/4141612 美軍買大陸DJI空拍機國軍落實資通紀律支持美製Gopro https://udn.com/news/story/10930/4141588 台美首度舉行網路攻防演練 AIT：保護選舉是主要挑戰 https://udn.com/news/story/6656/4142979 我與AIT首度演練金融網攻 http://bit.ly/32jRboS 台灣政府網站每月遭攻擊3千萬次各國來台演練網路攻防大戰一週 https://wp.taronews.tw/2019/11/04/517967/ 網攻頻率高居國際前段班台美合辦國際聯合網路演練 http://bit.ly/2WGXKk4 抵禦境外網攻美台首度聯合演習 http://bit.ly/33haArV 通訊設備引資安疑慮立委促把關 https://udn.com/news/story/6656/4144400 TWNIC、TWCERT╱CC年會主題善用資安聯防降低資安風險 http://bit.ly/2JQAbjJ 打造資安環境行政處為受稽單位培訓防護種子 https://www.kmdn.gov.tw/1117/1271/1272/312210/ 對台26條軍聞社IG也遭網軍滲透 http://bit.ly/36InHVg NCC選前召集全體新聞台「政令宣導」：別搶快、別灌票 https://www.chinatimes.com/realtimenews/20191104003874-260410?chdtv 向已開發國家看齊！科技部盼5年增200億預算充實基礎研究 http://bit.ly/2r68AEy 沈榮津出席資安人培成果發表暨頒獎典禮 http://bit.ly/2Nfjali 金管會修正保險業辦理電子商務應注意事項 http://bit.ly/2ran8D9 金管會公告修正本會排除電子簽章法適用之項目，並自即日生效 http://bit.ly/36CZnnK 台鐵花2千萬辦人臉監控侵隱私喊卡 http://bit.ly/36xAeL7 楊金龍：央行數位貨幣可能成零售支付最後一哩路 https://www.cna.com.tw/news/afe/201911070161.aspx 中央銀行貨幣與零售支付系統 ―兼論財金公司扮演之角色 https://www.cbc.gov.tw/public/Attachment/911711545071.pdf 資安合作唐鳳：台美捍衛共同理念 https://udn.com/news/story/6656/4151415 假訊息目的唐鳳：污染言論環境 http://www.epochtimes.com/b5/19/11/7/n11639900.htm 臺灣AI雲智慧資安升級提升網路使用環境安全 https://money.udn.com/money/story/10860/4152379 H.ICS/SCADA 工控系統 ZDI將舉辦鎖定工控系統的Pwn2Own駭客競賽 http://pneumatic.ai/?p=226208 保障工業物聯網 (IIoT) 安全：防範醫療界 IIoT 風險 https://blog.trendmicro.com.tw/?p=62218 施耐德電機成ISA全球網路安全聯盟創始成員 https://udn.com/news/story/7240/4146305 I.教育訓練 TOP 5 Latest Cyber Security Books (2017-2019) | Best & Latest Must-Reads For Any Aspiring or Seasoned Hacker https://pentestmag.com/top-5-latest-cyber-security-books-2017-2019-best-latest-must-reads-for-any-aspiring-or-seasoned-hacker/ J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 IoT 技術中心斥資上億德國萊因用物聯三箭打造連網用戶安全體驗 https://www.bnext.com.tw/article/55328/iot_informationsecurity_t%C3%9Cv-rheinland 台電首辦電力資通展開幕物聯網讓供電更智慧 http://n.yam.com/Article/20191102460070 6.近期資安活動及研討會 BSides Charleston 11/9 https://infosec-conferences.com/events-in-2019/bsides-charleston/ ISDA 白帽駭客入門〈3〉 11/9 https://www.accupass.com/event/1910240847068228620890 Kotlin/Everywhere GDG Taoyuan - 運用 Ktor 建置一個以 Kotlin 打造的後端服務 11/9 https://www.meetup.com/GDGTaoyuan/events/264776152/ 資安健診 11/12 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3871&from_course_list_url=course_index OpenInfra Day Taiwan 11/12 http://openinfra.digitimes.com.tw/ 108年政府組態基準(GCB)實作研習 11/12 ~ 11/22 https://register.nccst.nat.gov.tw/Active/registerDetail.do?activeId=1285&activeType=course CLEAR Cyber Leaders Conference 11/12 ~ 11/13 https://infosec-conferences.com/events-in-2019/clear-cyber-leaders-conference/ 108年資安法律案例分享說明會 11/13 https://register.nccst.nat.gov.tw/Active/registerDetail.do?activeId=1286&activeType=conf HITCON DEFENSE CONTEST 企業資安攻防大賽 & SUMMIT 企業安全會議 2019 11/13 https://hitcon.kktix.cc/events/hitcon-defense-2019?locale=ja Windows檔案系統及檔案還原 (6hr) 11/14 http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384541 Digital Internet Summit 11/14 https://infosec-conferences.com/events-in-2019/digital-internet-summit/ INTERFACE – Nebraska 11/14 https://infosec-conferences.com/events-in-2019/interface-nebraska/ 2019 資訊安全論壇 11/14 http://events.businesstoday.com.tw/2019/ACSI/#signup-sec Mozilla 開發者小聚-台灣站 11/15 https://www.accupass.com/event/1910230900235341736900 SecureWV – Hack3rCon 11/15 ~ 11/17 https://infosec-conferences.com/events-in-2019/securewv-hack3rcon/ 2019 Hack ‘n’Roll 駭客嘉年華 11/16 ~ 11/17 http://hacknroll.splashthat.com/IThomeBanners 交通大學亥客書院-P006:高階網頁滲透測試 11/16 https://hackercollege.nctu.edu.tw/?p=1092 FS-ISAC Fall Summit 11/17 ~ 11/20 https://infosec-conferences.com/events-in-2019/fs-isac-fall-summit/ Microsoft IoT in Action 11/20 https://www.iotinactionevents.com/event/taipei LINE將於11月舉辦LINE DEVELOPER DAY 2019 11/20 ~ 11/21 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000570636_HL57CPQM2H1ZHE71YVI2W Infosecurity ISACA North America Expo and Conference 11/20 ~ 11/21 https://infosec-conferences.com/events-in-2019/isaca-north-america-expo-conference/ 檔案特徵值比對與關鍵字搜尋 (2hr) Open Source數位鑑識工具實務操作 (5hr) 11/21 http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384542 2019 BSI 國際資安標準管理年會 11/22 https://www.accupass.com/event/1910070533451342891420 Trend Micro CTF 2019 // Raimund Genes Cup FINAL / NOVEMBER 23–24, 2019 https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html 資安檢核核心技術及進階技術研討會11月26日至11月28日 http://bit.ly/2TN2UtD 人資人員必修的職安法規定 11/26 https://www.accupass.com/event/1909121441141977826554 模擬案例鑑識分析實務 (6hr) 11/28 http://www.tabf.org.tw/Training/CourseDetail.aspx?PID=384543 Global Cybersecurity Coference 11/28~11/29 https://2019.group-ib.com/ Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/29 https://signupcybersec101.ithome.com.tw/ 交通大學亥客書院-B015:惡意程式檢測 11/30 https://hackercollege.nctu.edu.tw/?p=1098 亞洲‧矽谷學院108年免費認證考試 11/30 https://college.asvda.org.tw/ The Dungeons of Hackers Conference 2019 - 駭客的地下城 11/30 https://tdohackerparty.kktix.cc/events/tdoh-conf-2019 Digital Summit Dallas 12/4 https://infosec-conferences.com/events-in-2019/digital-summit-dallas/ Kansas City Cyber Security Conference 12/5 https://infosec-conferences.com/events-in-2019/kc-cyber-security-conference/ CyberMaryland Conference 12/5 ~ 12/6 https://infosec-conferences.com/events-in-2019/cybermaryland-conference/ FutureCon Nashville Cyber Security Conference 12/11 https://infosec-conferences.com/events-in-2019/futurecon-nashville/ Utility Cyber Security Forum December 12/11 https://infosec-conferences.com/events-in-2019/utility-cyber-security-forum-dec/ 交通大學亥客書院-A018:企業網域控管－Active Directory攻擊與防禦 12/14 https://hackercollege.nctu.edu.tw/?p=1094 Japan Security Analyst Conference https://jsac.jpcert.or.jp/ PWN2OWN MIAMI – BRINGING ICS INTO THE PWN2OWN WORLD 2020/1/21~23 https://www.zerodayinitiative.com/blog/2019/10/28/pwn2own-miami-bringing-ics-into-the-pwn2own-world