資安事件新聞週報 2020/4/13 ~ 2020/4/17

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/4/13 ~ 2020/4/17 1.重大弱點漏洞/後門/Exploit/Zero Day Webhooks URL洩漏可致Slack用戶受釣魚攻擊 https://www.ithome.com.tw/news/137038 多款Fortinet產品資源管理錯誤漏洞 https://fortiguard.com/psirt/FG-IR-19-013 駭客找出 Safari「零日漏洞」！蘋果反而祭出百萬獎金 https://3c.ltn.com.tw/news/40007 Oracle Hyperion Financial Reporting 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2769 Oracle JD Edwards EnterpriseOne Tools 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2733 VMware修補vCenter Server高風險漏洞 https://www.ithome.com.tw/news/136958 WebSphere 遠程代碼執行漏洞 https://nosec.org/home/detail/4438.html 下載超過1億的SuperVPN存在中間人攻擊漏洞尚未修補，遭Google下架 https://www.ithome.com.tw/news/136911 FreeRDP 發佈安全更新連續修復 6 個由知道創宇 404 實驗室提交的 CVE 漏洞 https://www.chainnews.com/zh-hant/articles/281226761296.htm uppy npm package服務器端請求偽造漏洞 https://www.npmjs.com/package/uppy Tencent QQBrowser 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10551 Dell releases new tool to detect BIOS attacks https://www.zdnet.com/article/dell-releases-new-tool-to-detect-bios-attacks/ 微軟發表四月「Patch Tuesday」資安修補包，共修復 113 個資安漏洞 https://www.twcert.org.tw/tw/cp-104-3550-3fde3-1.html 微軟修補113個零時差漏洞，有3個已遭開採 https://www.ithome.com.tw/news/136999 Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation https://blog.talosintelligence.com/2020/04/vuln-spotlight-microsoft-media-foundation-april-2020.html Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage https://blog.talosintelligence.com/2020/04/microsoft-patch-tuesday-april-2020.html Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild https://thehackernews.com/2020/04/windows-patch-update.html Microsoft rolls out Windows 10 2004 release preview ahead of expected May release to mainstream users https://www.zdnet.com/article/microsoft-rolls-out-windows-10-2004-release-preview-ahead-of-expected-may-release-to-mainstream-users/ April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities https://newsroom.trendmicro.com/blog/security-intelligence/april-patch-tuesday-fixes-font-related-microsoft-sharepoint-windows-compo 2.銀行/金融/保險/證券/支付系統/ 新聞及資安去年底遭勒索軟體入侵的Travelex，傳出是付贖金才救回檔案 https://www.ithome.com.tw/news/136921 天價！全球最大外匯經紀商遭駭客勒索停擺，交付6900萬比特幣贖金擺平 (Travelex) https://www.blocktempo.com/travelex-paid-ransom/ 一文解析 Open Banking 發展概況：「資安」將是今年最大的挑戰 https://buzzorange.com/techorange/2020/04/10/taiwanese-open-banking-situation/ 中國大陸「淨網2019」警惕微信綁定信用卡存在的漏洞 https://ek21.com/news/tech/191230/ 警惕駭客通過註入iFrame分離器以竊取支付數據 https://ek21.com/news/tech/191151/ 疫情居家隔離購物需求爆增，駭客組織鎖定小型購物商城網站下手，側錄交易資料 https://www.ithome.com.tw/news/136919 Switch玩家注意！任天堂指盜用信用卡情況嚴重　設定兩步驗證教學 https://bit.ly/2xeuFVb 抗疫這一仗…FinTech加速進化 https://money.udn.com/money/story/5613/4483501 3要件一旦啟動　券商操盤手、接單營業員可居家辦公 https://tw.appledaily.com/property/20200410/2TCEK2WAQPOBS7Z7IWXNLNLSTA/ 衝數位金融永豐金挖萬幼筠掌兵符 https://www.chinatimes.com/newspapers/20200414000230-260205?chdtv 開放銀行第二階段 TSP業需超前部署 https://www.chinatimes.com/realtimenews/20200414004786-260410?chdtv 開放銀行第二階段技術與安控規範方向曝光，政大也將推TSP法遵合規輔導服務 https://www.ithome.com.tw/news/137002 促台開放銀行發展合規驗證標準待建立 https://www.chinatimes.com/realtimenews/20200414003494-260410?chdtv 2/3金融業啟動在家上班 https://money.udn.com/money/story/5613/4492412 超前部署！金融三業已三分之二、212家異地或居家辦公 https://money.udn.com/money/story/5613/4491857 首家金控率先通報彈性上班金管會：原則尊重 https://money.udn.com/money/story/5613/4497102 英國TSB銀行急推線上真人客服，讓250名居家上班員工仍能服務客戶 https://www.ithome.com.tw/news/137010 人力銀行：金融業受惠於電商金融工作數大增一成 https://money.udn.com/money/story/5648/4493441 小心！交易所提示：這款交易軟件有漏洞，存在被破解風險 https://finance.ifeng.com/c/7vhPfLb46ls 現金撲滅！使用電子貨幣與信用卡的智慧生活 https://bit.ly/2K8o0yn Central Bank of Brazil tests settlement infrastructure for instant payments https://www.zdnet.com/article/central-bank-of-brazil-tests-settlement-infrastructure-for-instant-payments/#ftag=RSSbaffb68 3.電子支付/電子票證/行動支付/ pay/新聞及資安 2020展望未來十年：支付安全需要嶄新策略思維 https://www.bnext.com.tw/article/57267/mobile-payment-safe 4.虛擬貨幣/區塊鍊相關新聞及資安北富銀區塊鏈錢包中止實驗我金融監理出沙盒已達二件 https://money.udn.com/money/story/5613/4494165 全台首案區塊鏈沙盒富邦「Bagel Pay」提前畢業！不排除二度實驗跨境支付 https://blockcast.it/2020/04/16/fubon-bagel-pay-completed-sandbox-experiment/ STO交易也要課證交稅財政部：稅率千分之1 https://money.udn.com/money/story/5613/4497147 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式突然爆發的勒索軟體WannaRen溯源分析折騰一圈好像沒人付贖金 https://ek21.com/news/tech/191276/ 中國出現新的勒索軟體WannaRen大規模攻擊，臺灣用戶要小心加以防範 https://www.ithome.com.tw/news/136943 比「WannaCry」更難搞的勒索病毒「WannaRen」在中國爆發 https://buzzorange.com/techorange/2020/04/14/antivirus-software-companies-find-decryption-keys-for-wannaren/ 回顧WannaRen勒索病毒一生：從傳播到解密享年6天 https://www.huorong.cn/info/1586519906455.html 勒索病毒攻擊增五倍！微軟戮力強化遠距工作與學習之資安防護網 https://www.bnext.com.tw/article/57268/microsoft-teams-dcu 國際刑警組織：針對醫院進行的勒贖攻擊快速增加中 https://www.twcert.org.tw/tw/cp-104-3527-245e8-1.html 取貨簡訊有假! 網址藏病毒恐竊個資 https://bit.ly/2VbZLpA Hoaxcalls 僵屍網絡針對 Grandstream 設備中關鍵漏洞 https://www.chainnews.com/zh-hant/articles/168793991568.htm Grandstream and DrayTek Devices Exploited to Power New Hoaxcalls DDoS Botnet https://unit42.paloaltonetworks.com/new-hoaxcalls-ddos-botnet/ DrayTek Vigor企業級路由器和交換機設備在野0天漏洞分析報告 https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices/ Raccoon浣熊病毒利用Google Cloud Services及多種派送技術竊取帳密、信用卡等資訊 https://blog.trendmicro.com.tw/?p=63895 中國駭客HUAPI的惡意後門程式BiFrost分析 https://bit.ly/2XCvhym 設定不當的 Docker 服務API端口導致 Kinsing 惡意軟體攻擊 https://blog.trendmicro.com.tw/?p=63939 Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset https://thehackernews.com/2020/04/how-to-remove-xhelper-malware.html Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html Linux Malware: The Truth About This Growing Threat https://linuxsecurity.com/features/features/linux-malware-the-truth-about-this-growing-threat?showall=1 Malware Theory - Network Worm Basics https://www.youtube.com/watch?v=LxajkPFJsIo&feature=emb_title BetterBackdoor - A backdoor with a multitude of features https://hakin9.org/betterbackdoor-a-backdoor-with-a-multitude-of-features/ Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic https://thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html TA505 Continues to Infect Networks With SDBbot RAT https://securityintelligence.com/posts/ta505-continues-to-infect-networks-with-sdbbot-rat/ Tekya Malware Threatens Millions of Android Users via Google Play https://threatpost.com/tekya-malware-android-google-play/154064/ 2020-04-13 - QUICK POST: QAKBOT (QBOT) SPX95 INFECTION https://www.malware-traffic-analysis.net/2020/04/13/index.html 2020-04-13 - QUICK POST: PCAPS FOR TWO TRICKBOT INFECTIONS https://www.malware-traffic-analysis.net/2020/04/13/index2.html 2020-04-14 - TWO INFECTIONS FOR GULOADER WITH NETWIRE RAT https://www.malware-traffic-analysis.net/2020/04/14/index.html 2020-04-15 - HANCITOR MALSPAM AND INFECTION TRAFFIC https://www.malware-traffic-analysis.net/2020/04/15/index.html 2020-04-16 - QAKBOT (QBOT) SPX98 https://www.malware-traffic-analysis.net/2020/04/16/index.html Emotet, Ryuk, TrickBot: 'Loader-Ransomware-Banker Trifecta' https://www.bankinfosecurity.com/emotet-ryuk-trickbot-loader-ransomware-banker-trifecta-a-14126 Understanding the relationship between Emotet, Ryuk and TrickBot https://blog.intel471.com/2020/04/14/understanding-the-relationship-between-emotet-ryuk-and-trickbot/ Malware Risk Higher for Those Working at Home: Report https://www.bankinfosecurity.com/malware-risk-higher-for-those-working-at-home-report-a-14128 PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html Coronavirus Update App Leads to Project Spy Android and iOS Spyware https://newsroom.trendmicro.com/node/4810 Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository https://thehackernews.com/2020/04/rubygem-typosquatting-malware.html SentinelOne researcher trolled in new MBRLocker ransomware campaign https://www.zdnet.com/article/sentinelone-researcher-trolled-in-new-mbrlocker-ransomware-campaign/#ftag=RSSbaffb68 MBRLocker Wiper Malware | Destructive Pranks Are No Joke For Victims https://www.sentinelone.com/blog/mbrlocker-wiper-malware-destructive-pranks-are-no-joke-for-victims/ B.行動安全 / iPhone / Android /穿戴裝置 /App 用 Google Hangouts Meet 取代 Zoom，付費服務即日起到 9 月底都免費 https://m.eprice.com.tw/smartos/talk/4504/5503268/1/ Zoom爆出資安漏洞！教育部緊急禁用為何引發教授師生論戰 https://bit.ly/3b0Wxe0 多國間諜用Zoom監視海外活動中共最活躍 https://www.soundofhope.org/post/365212?lang=b5 聯調局警告Zoom有安全風險美國軍方和政府僱員仍在使用 https://www.voacantonese.com/a/us-military-government-workers-still-use-zoom-despite-fbi-warning-20200410/5368244.html 每個Zoom帳戶都能被破解用戶審核曾現嚴重漏洞 Zoom已馬上修補 https://unwire.hk/2020/04/10/zoombug/tech-secure/ 資安漏洞屢遭爆　Zoom拉來臉書前安全長當救援投手 https://newtalk.tw/news/view/2020-04-10/389309 黑客入侵網上課堂性騷擾女學生新加坡禁用Zoom教學 https://bit.ly/2RxYsyP Zoom系統遭駭變「色情視訊」新加坡宣佈教育課程停用 https://ec.ltn.com.tw/article/breakingnews/3129509 教育部封殺Zoom的恐怖 https://www.bnext.com.tw/article/57269/zoom-shut-out Zoom與GDPR https://talk.ltn.com.tw/article/paper/1365092 Zoom疫市爆升後急挫網絡安全掀多處禁用分析師下調評級：用戶免費轉付費挑戰大 https://bit.ly/3c3L2CC 通識導賞：Zoom安全漏洞拆解刪除不一定保平安 https://bit.ly/34yNX3M 到底要不要用 Zoom 是假議題，真議題是台灣嚴重的數位落差一直存在 https://bit.ly/2y4FbOO ZOOM詐騙手法被日本人挖出　「鬍渣叔變鄰家妹」被咖啡杯成功破解 https://www.ettoday.net/dalemon/post/49618 德國、美國與澳洲都部份封鎖Zoom的使用 https://www.ithome.com.tw/news/136910 Zoom再曝資安危機數百用戶個資外洩轉賣到暗網 https://www.bldaily.com/news/p-454313.html 你還在用Zoom嗎？德媒：Zoom將中國伺服器納入白名單，你的資料可能被「送中」 https://www.storm.mg/article/2505956 首家大型銀行禁用！路透：渣打通知員工勿用Zoom https://ec.ltn.com.tw/article/breakingnews/3134327 53 萬 Zoom 帳號出現在暗網上，花旗銀、摩根大通都有中 https://buzzorange.com/techorange/2020/04/15/zoom-passwords-on-darkweb/ Zoom security: Getting the settings right https://www.welivesecurity.com/2020/04/10/zoom-security-getting-settings-right/ Zoom Disables File Sharing After Finding Potential Security Vulnerability https://hotforsecurity.bitdefender.com/blog/zoom-disables-file-sharing-after-finding-potential-security-vulnerability-22952.html Brazilian food and drug regulator bans Zoom https://www.zdnet.com/article/brazilian-food-and-drug-regulator-bans-zoom/#ftag=RSSbaffb68 Compromised Zoom Credentials Swapped in Underground Forums https://threatpost.com/compromised-zoom-credentials-underground-forums/154616/ Zoom又傳資料外洩，53萬筆帳密流入暗網 https://www.ithome.com.tw/news/136965 Stolen Zoom Credentials: Hackers Sell Cheap Access https://www.bankinfosecurity.com/stolen-zoom-credentials-hackers-sell-cheap-access-a-14133 Securing your Zoom Meetings From All The Wrong Places https://www.zerofox.com/blog/zoom-threats/ Over 500,000 Zoom accounts sold on hacker forums, the dark web https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/ 上百組免費送…ZOOM再爆駭客暗網賣帳號超過50萬組還賣不到1元 https://udn.com/news/story/11017/4490100 Zoom再傳53萬組個資被賤賣！每組帳密只要0.06元 https://www.setn.com/News.aspx?NewsID=725786 ZOOM 再爆駭客暗網賣帳號，這次受害超過 50 萬組還賣不到一美分 https://www.inside.com.tw/article/19503-over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web 資安危機升級，超過 50 萬組 Zoom 帳密外流，獨家揭露駭客威脅信 https://technews.tw/2020/04/15/500000-zoom-accounts-sale-on-darkweb-hacker-mail-reveal/ 慣用「同組帳密」恐遭殃！Zoom用戶遭勒索兩千美元…記者揭駭客黑函全文 https://www.businessweekly.com.tw/focus/blog/3002218 Zoom爆出50萬組帳號放暗網賤賣，到底駭客是怎麼破解密碼 https://www.bnext.com.tw/article/57298/zoom-cybersecurity-darkweb 當新冠病毒遇到駭客病毒：談Zoom的資安事件 https://bit.ly/34DDzI3 政府機關Zoom多年突然發現資安危機 https://bit.ly/2RDw2DH 救用戶信心？Zoom歷經資安風暴出招改用戶會議ID 盼能減少惡意外流 https://cnews.com.tw/137200413a03/ 資安疑慮不斷 Zoom宣布付費用戶可禁用大陸伺服器 https://www.chinatimes.com/realtimenews/20200414003697-260412?chdtv Zoom security: Your meetings will be safe and secure if you do these 10 things https://www.zdnet.com/article/make-sure-your-zoom-meetings-are-safe-by-doing-these-10-things/#ftag=RSSbaffb68 Zoom攻擊程式在黑市叫價50萬美元 https://www.ithome.com.tw/news/137044 高中用Zoom上網課被駭遭植入種族仇恨語音圖像 https://bit.ly/2XDTEMl 遭盜6.4萬美元婦女疑用Zoom視頻開會導致 https://www.epochtimes.com/b5/20/4/16/n12037525.htm 由中國發金鑰的 Zoom、臉腫的教育部、很政治的技術物 https://www.techbang.com/posts/77810-zoom-from-china-the-ministry-of-education-with-swelling-very-political-technical-material Zoom-bombing disrupted a House Oversight Committee meeting https://www.zdnet.com/article/zoom-bombing-disrupted-a-house-oversight-committee-meeting/#ftag=RSSbaffb68 擔心資安問題？唐鳳都在用的三款視訊軟體 Sandstorm、Rocket Chat、Jitsi Meet 是什麼 https://agirls.aotter.net/post/57147 不只Zoom 連這家科技巨擘的視訊軟體也有疑慮 https://money.udn.com/money/story/5599/4494231 安全公司發現數十個 iOS 應用程式，以免費試用之名行詐騙之實 https://www.kocpc.com.tw/archives/316720 果粉別當冤大頭！資安業者揭露32款App「試用期」過後會自動扣款 https://3c.ltn.com.tw/news/40078 Sophos發現逾30個iOS敲詐程式　合共騙取約港幣3.4億元 https://bit.ly/2RG0dKi 新研究發現，假指紋解鎖手機通過率高達80% https://news.knowing.asia/news/d4587955-018c-40fb-af24-f20b4001bd2f iPhone版安裝教學與APK檔下載，還有山寨版動物之森App https://applealmond.com/posts/70069 這招必學 LINE聊天紀錄自動備份iPhone用戶獨享 https://www.chinatimes.com/realtimenews/20200414004430-260412?chdtv 駭客偽冒中華郵政APP進行殭屍網路攻擊事件 https://www.twcert.org.tw/tw/cp-15-3548-f4420-1.html Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices https://thehackernews.com/2020/04/iphone-android-coronavirus-tracing.html Kernel vulnerabilities in Android devices using Qualcomm chips explored https://www.zdnet.com/article/technical-details-of-kernel-vulnerabilities-in-android-devices-using-qualcomm-chips-revealed/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 2020年3月十大資安新聞 https://www.ithome.com.tw/news/136618 資安是一場永遠沒有終點的戰爭 https://bit.ly/3eoNGok 2童亡命！電腦鬼才助刑事局辦案　分析爸臉書嘆：心情很複雜 https://www.ettoday.net/news/20200415/1692355.htm 東京車站廣告牆被 Windows 7 藍畫面攻佔大量日本網友惡搞，就像是被遺棄的城市 https://www.kocpc.com.tw/archives/317334 發布資安報告的 Citizen Lab 表示自由時報錯誤的解讀他們的報告 https://cofacts.g0v.tw/reply/4Q-Yd3EBrhVJn3LNJ64H 居易路由器與交換器漏洞遭鎖定，已出現兩起攻擊行動 https://www.ithome.com.tw/news/137006 Palo Alto Networks 警告：老舊作業系統，為醫療影像裝置帶來新威脅 http://www.netadmin.com.tw/netadmin/zh-tw/snapshot/A51DB66989C940249063EAF529F04AE8 拒絕付款後，SpaceX、特斯拉、波音的機密文件遭駭客洩露 https://news.knowing.asia/news/2398e12d-7bb3-44ab-807e-871ece8e2c9c 恫嚇4遊戲業者網路攻擊恐嚇取財駭客遭起訴 https://gotv.ctitv.com.tw/2020/04/1259530.htm WFH考驗的不僅是設備與數位能力　團隊情感與職場新信任關係才是成功關鍵 https://csr.cw.com.tw/article/41404 國際資安組織SANS提供免費員工居家資安意識培訓包Work from Home Deployment Kit https://www.ithome.com.tw/news/136893 疫情期間駭客攻擊大增50%！遠距工作夠便利資安保護機制卻沒跟上 https://news.sina.com.tw/article/20200410/34822596.html 說自己牢不可破卻一下就被攻陷，智慧鎖業者Tapplock與FTC和解並承諾改善 https://www.ithome.com.tw/news/136922 殭屍網路盯上微軟，駭客用 MS-SQL 資料程式庫挖礦近兩年，每天攻擊近 3 千個資料庫 https://technews.tw/2020/04/13/the-vollgar-campaign-ms-sql-servers-under-attack/ 攻擊朱鎮模河正宇手機的駭客被抓獲共敲詐勒索6億韓元財物 http://n.yam.com/Article/20200410620487 「白帽者」辯護無效「天才駭客」張啟元駭入高鐵系統判6月 https://m.ltn.com.tw/news/society/breakingnews/3130566 駭客天才張啟元入侵高鐵花40元詐20萬遭判6月 https://www.chinatimes.com/realtimenews/20200411003350-260402?ctrack=mo_main_rtime_p01&chdtv 曾破解LINE漏洞獲60萬獎金！白帽駭客張啟元「入侵高鐵系統抓Bug」遭判6月 https://www.ettoday.net/news/20200412/1689449.htm 利用網絡漏洞入侵群聊聚眾賭博，一團伙落網 http://pc.nfapp.southcn.com/78/3391978.html 當中國駭客竊取健保資料—啟動藍色防禦 https://ladopost.com/newsDetail4.php?ntId=32&nId=3449 藍委萬美玲稱：被中國監控可了解台灣價值　學者：真的心累 https://www.setn.com/news.aspx?NewsID=723072 用被中國監控傳遞台灣價值　律師諷藍委：床戰被偷看也要覺得榮幸 https://tw.appledaily.com/politics/20200410/5JJVTW44MTX3KWQMOC75ZKTAIM/ 強國疫情還很糟！中國刪帖員：比平常更忙 https://news.ltn.com.tw/news/world/breakingnews/3131347 中國被抓包違反國際法習近平面臨「賠錢、開戰」二擇一難題 https://www.cmmedia.com.tw/home/articles/20784 美國有意撤回中國電信在美國的經營許可 https://www.ithome.com.tw/news/136928 美國防部大批員工在家上班成漏洞？傳中、俄駭客活動劇增 https://m.ltn.com.tw/news/world/breakingnews/3134189 美國紐約州官員調查駭客入侵州政府電腦網路事件 https://on.wsj.com/3baNyqD 德國資安公司從 eBay 買到裝有機密資料的軍用筆電 https://bit.ly/2JW1it9 「通行證」申請上線就當機莫斯科：被駭了 https://news.ltn.com.tw/news/world/breakingnews/3132373 澳洲政府公布借COVID-19疫情為名進行駭侵攻擊的多種樣態 https://www.twcert.org.tw/tw/cp-104-3549-16948-1.html 疫苗研發正夯美機構遭外國駭客鎖定 https://bit.ly/2XEsGnL Threat Update: COVID-19 Malicious Cyber Activity https://www.cyber.gov.au/threats/threat-update-covid-19-malicious-cyber-activity UK Cyber Body Offers Practical Guidelines on Dealing with Coronavirus-Themed Cyber Threats https://bit.ly/2yj68OU 7 Ways Hackers and Scammers Are Exploiting Coronavirus Panic https://thehackernews.com/2020/04/cronavirus-hackers.html Threat Actors Migrating to the Cloud https://research.checkpoint.com/2020/threat-actors-migrating-to-the-cloud/ Researcher Devises PowerPoint Attack that Executes Binary Just with Mouse Hover https://hotforsecurity.bitdefender.com/blog/researcher-devises-powerpoint-attack-that-executes-binary-just-with-mouse-hover-22949.html Hover_with_Power https://github.com/ethanhunnt/Hover_with_Power/blob/master/README.md 荷蘭、FBI、歐盟警察一周破獲15個DDoS殭屍網路 https://www.ithome.com.tw/news/136944 Dutch police take down 15 DDoS services in a week https://www.zdnet.com/article/dutch-police-take-down-15-ddos-services-in-a-week/#ftag=RSSbaffb68 Politie houdt verdachte aan voor DDoS-aanval op MijnOverheid.nl https://www.politie.nl/nieuws/2020/april/10/03-politie-houdt-verdachte-aan-voor-ddos-aanval-op-mijnoverheid.nl.html Gambling company to set aside $30 million to deal with cyber-attack fallout https://www.zdnet.com/article/gambling-company-to-set-aside-30-million-to-deal-with-cyber-attack-fallout/#ftag=RSSbaffb68 SEC settles with two suspects in EDGAR hacking case https://www.zdnet.com/article/sec-settles-with-two-suspects-in-edgar-hacking-case/#ftag=RSSbaffb68 Dutch Police Shutter 15 DDoS 'Booter' Sites https://www.bankinfosecurity.com/dutch-police-shutter-15-ddos-booter-sites-a-14108 Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys https://www.zdnet.com/article/exclusive-google-removes-49-chrome-extensions-caught-stealing-crypto-wallet-keys/#ftag=RSSbaffb68 美國舊金山國際機場遭駭客入侵，用戶憑證被竊 https://www.ithome.com.tw/news/136946 舊金山國際機場網站被駭，可能是俄羅斯駭客所為 https://www.ithome.com.tw/news/137043 Russian state hackers behind San Francisco airport hack https://www.zdnet.com/article/russian-state-hackers-behind-san-francisco-airport-hack/#ftag=RSSbaffb68 Hackers Breach San Francisco Airport Websites https://www.bankinfosecurity.com/hackers-breach-san-francisco-airport-websites-a-14105 Apple blocks third-party cookies in Safari https://www.zdnet.com/article/apple-blocks-third-party-cookies-in-safari/ 'My bad': Minister apologises for MyGov hack claim https://www.afr.com/politics/federal/my-bad-minister-apologises-for-mygov-hack-claim-20200324-p54dau Wappalyzer discloses security breach after hacker starts emailing users https://www.zdnet.com/article/wappalyzer-discloses-security-breach-after-hacker-starts-emailing-users/#ftag=RSSbaffb68 美政府公開北韓「加密犯罪清單」！呼籲切斷發展武器資金流 https://blockcast.it/2020/04/16/us-published-list-of-crypto-crimes-related-to-north-korea/ 美國政府懸賞500萬美元徵求北韓駭客資訊 https://www.ithome.com.tw/news/137024 US offers $5 million reward for information on North Korean hackers https://www.zdnet.com/article/us-offers-5-million-reward-for-information-on-north-korean-hackers/#ftag=RSSbaffb68 New tool detects AWS intrusions where hackers abuse self-replicating tokens https://www.zdnet.com/article/new-tool-detects-aws-intrusions-where-hackers-abuse-self-replicating-tokens/#ftag=RSSbaffb68 Researchers: Fake Fingerprints Can Bypass Biometric Sensors https://www.bankinfosecurity.com/researchers-fake-fingerprints-bypass-biometric-sensors-a-14122 Hackers Made the Snoo Smart Bassinet Shake and Play Loud Sounds https://www.wired.com/story/snoo-smart-bassinet-vulnerabilities-shaking-loud-noise/ Linksys asks users to reset passwords after hackers hijacked home routers last month https://www.zdnet.com/article/linksys-asks-users-to-reset-passwords-after-hackers-hijacked-home-routers-last-month/#ftag=RSSbaffb68 Academics steal data from air-gapped systems using PC fan vibrations https://www.zdnet.com/article/academics-steal-data-from-air-gapped-systems-using-pc-fan-vibrations/#ftag=RSSbaffb68 達友科技/資安工程師-技術中心(上班地點：臺北市) https://www.104.com.tw/job/6x1g2 【本年度燙金職業出爐】全世界都想招聘「資安工程師」，履歷投起來吧 https://buzzorange.com/techorange/2020/04/13/security-engineer-is-getting-more-popular/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞 Cisco WebEx 視訊會議用戶，近來遭到詐騙更新訊息攻擊 https://www.twcert.org.tw/tw/cp-104-3526-63a65-1.html 陸網民假冒台人調查局抓到了！追假消息調查局大材小用 https://www.chinatimes.com/newspapers/20200411000468-260106?chdtv 共網軍裝台人「向譚德塞道歉」網友募資反攻 http://www.ntdtv.com.tw/b5/20200410/video/268221.html 百篇道歉文都假的！調查局：超前部署、揪假消息 https://bit.ly/3a02cja 前第一金控董座陳建隆被「洗美金」騙千萬主犯判刑3年半 https://www.chinatimes.com/realtimenews/20200412002761-260402?chdtv 英相強森傳訊求「金援500」？簡體字露餡網友笑翻 https://m.ltn.com.tw/news/life/breakingnews/3132452 利用網站漏洞賺大錢？一女子被“網絡朋友”騙走 11 萬 https://www.chainnews.com/zh-hant/articles/192394420215.htm 利用系統升級漏洞，27人盜刷“快手”672萬元獲刑 http://www.bjnews.com.cn/news/2020/04/15/717062.html 「預計送貨日期,請確認地址」口罩詐騙簡訊？點了會發生什事 https://mrmad.com.tw/estimated-delivery-scam Deepfake模擬人聲太真實！一通電話騙走CEO近千萬 https://www.bnext.com.tw/article/57306/deepfake-internet-fraud 網絡釣魚詐騙案增　網絡保安公司籲企業做好準備 https://bit.ly/2RKJsO8 Phishing kit prices skyrocketed in 2019 by 149% https://www.zdnet.com/article/phishing-kit-prices-skyrocketed-in-2019-by-149/#ftag=RSSbaffb68 Sextortion emails and porn scams are back – don’t let them scare you! https://nakedsecurity.sophos.com/2020/04/10/sextortion-emails-and-porn-scams-are-back-dont-let-them-scare-you/ Maropost customer database exposes 95 million email records https://hotforsecurity.bitdefender.com/blog/maropost-customer-database-exposes-95-million-email-records-22955.html Beware of Shady Websites Pushing Pharmaceuticals for COVID-19 https://hotforsecurity.bitdefender.com/blog/beware-of-shady-websites-pushing-pharmaceuticals-for-covid-19-22946.html Account details for 4 million Quidd users shared on hacking forum https://www.zdnet.com/article/account-details-for-4-million-quidd-users-shared-on-hacking-forum/#ftag=RSSbaffb68 TikTok Vulnerability Enables Hackers to Show Users Fake Videos https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/ E.研究報告微軟偵測到大規模鎖定K8s的挖礦攻擊 https://www.ithome.com.tw/news/136912 挖洞經驗| 利用XML和ZIP格式解析漏洞實現RCE https://www.freebuf.com/vuls/228592.html Detect large-scale cryptocurrency mining attack against Kubernetes clusters https://azure.microsoft.com/zh-tw/blog/detect-largescale-cryptocurrency-mining-attack-against-kubernetes-clusters/ CVE-2020-10882: TP-Link 命令注入漏洞通告 https://blog.csdn.net/weixin_45728976/article/details/105417995 【CVE-2018-20250】WinRAR漏洞淺談 https://juejin.im/post/5e8ed9046fb9a03c2f4e0e41 深藏在Excel 4.0巨集工作表的可疑公式 https://blog.trendmicro.com.tw/?p=63915 溢出型漏洞分析 https://www.cnblogs.com/nishoushun/p/12682777.html 漏洞掃描原理及程序 https://www.cnblogs.com/bonelee/p/12687070.html D-Link DSL-2640B設備多個最新漏洞利用分析 https://www.4hou.com/posts/kOJ5 Hex-Rays is proud to announce the upcoming release of IDA Home https://www.hex-rays.com/products/ida-home-is-coming/ Nexus Repository Manager 漏洞分析 https://juejin.im/entry/5e94260af265da47ae4ac656 Nexus Repository Manager 3 Several Expression Parsing Vulnerabilities https://paper.seebug.org/1167/ Nexus Repository Manager 3數個表達式解析長度 https://paper.seebug.org/1166/ Windows SMB Ghost（CVE-2020-0796）漏洞分析 https://paper.seebug.org/1168/ 構造 AI 防火牆！清華初創團隊推出 AI 安全平臺，強勢修復算法漏洞“新型病毒” https://www.chainnews.com/zh-hant/articles/545204635471.htm Extended ssrf search：一款功能強大的SSRF智能漏洞掃描工具 https://www.sohu.com/a/386898206_354899 uWSGI（CVE-2018-7490）路徑遍歷漏洞復現 https://www.cnblogs.com/bflw/p/12665449.html 淺談二進制漏洞研究與病毒研究 https://zhuanlan.zhihu.com/p/129233291 多款光纖路由器設備在野0-day漏洞簡報 https://www.freebuf.com/vuls/233868.html Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy https://bit.ly/2Rv8yR9 Android-IMSI-Catcher-Detector https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector Lollipopz - Data Exfiltration Utility For Testing Detection Capabilities https://www.kitploit.com/2020/04/lollipopz-data-exfiltration-utility-for.html The Ultimate Guide To Become A Hacker (Part 1) https://tekno-space.com/how-to/the-ultimate-guide-to-become-a-hacker-part-1/ The Problem with HTTPS https://www.webroot.com/blog/2020/04/14/the-problem-with-https/ 国内高校の半数が利用するClassiの不正アクセスについてまとめてみた https://piyolog.hatenadiary.jp/entry/2020/04/15/072934 Taiwan High-Tech Ecosystem Targeted by Foreign APT Group https://medium.com/@cycraft_corp/taiwan-high-tech-ecosystem-targeted-by-foreign-apt-group-5473d2ad8730 Injectify - Perform advanced MiTM attacks on websites with ease https://hakin9.org/injectify-perform-advanced-mitm-attacks-on-websites-with-ease/ Threat modeling explained: A process for anticipating cyber attacks https://www.csoonline.com/article/3537370/threat-modeling-explained-a-process-for-anticipating-cyber-attacks.html How to build a Threat Hunting platform using ELK Stack https://www.peerlyst.com/posts/how-to-build-a-threat-hunting-platform-using-elk-stack-chiheb-chebbi How to build a Threat Hunting platform using ELK Stack [Part 2] https://www.peerlyst.com/posts/how-to-build-a-threat-hunting-platform-using-elk-stack-part-2-chiheb-chebbi Malware Beaconing: How To Hunt [Part 1] https://www.peerlyst.com/posts/malware-beaconing-how-to-hunt-part-1-ali-ahangari-1 Malware Beaconing: How To Hunt [Part 2] https://www.peerlyst.com/posts/malware-beaconing-how-to-hunt-part-2-ali-ahangari-1 Enterprise Security Architecture - a short overview https://www.peerlyst.com/posts/enterprise-security-architecture-a-short-overview-dragan-stevanovic F.商業因應防疫需求訊連延長「U會議免費專案」至7月底 https://udn.com/news/story/7240/4482139?from=udn-ch1_breaknews-1-cate6-news Check Point：疫情相關網路攻擊持續攀升，居家辦公恐暴露於高度風險之下，遠端存取檔案的安全性與需求急劇提升 http://www.pcdiy.com.tw/detail/15836 [專訪]Tenable公司技術顧問李元勛:弱點掃描防範網路威脅於未然 https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=13&aid=8767 ZOOM資安疑慮台研發新視訊工具 https://news.cts.com.tw/cts/life/202004/202004141997147.html team+免費方案挺台灣企業，遠距辦公與視訊協作資安一把罩 https://bit.ly/2Va1bRf Wi-Fi、藍芽也可能是駭客入侵點！互聯安睿憑「iSecMaster」方案對抗惡意攻擊 https://meet.bnext.com.tw/articles/view/46249 研華 WISE-PaaS 以 K8s 升級EnSaaS 4.0雲平台 https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000582895_4ca7jlicl379ft49ji7hz Microsoft pushes back end of support date for Windows 10 1809 https://www.zdnet.com/article/microsoft-pushes-back-end-of-support-date-for-windows-10-1809/#ftag=RSSbaffb68 GitHub offers new free tier for private development https://www.zdnet.com/article/github-offers-new-free-tier-for-private-development/#ftag=RSSbaffb68 .NET for Apache Spark brings enterprise coders and big data pros to the same table https://www.zdnet.com/article/net-for-apache-spark-brings-enterprise-coders-and-big-data-pros-to-the-same-table/#ftag=RSSbaffb68 Rapid7 launches Rapid7 AttackerKB, a service for crowdsourcing vulnerability assessments https://www.zdnet.com/article/rapid7-launches-attackerkb-a-service-for-crowdsourcing-vulnerability-assessments/#ftag=RSSbaffb68 Rapid7 AttackerKB https://attackerkb.com/ Financial Cyberthreats in 2019 https://securelist.com/financial-cyberthreats-in-2019/96692/ G.政府訊連：U系列產品無任何位於中國的伺服器 https://udn.com/news/story/7238/4482558 每年十數萬駭客攻擊來自對岸　國安局靠「網域安全處」迎戰假訊息 https://www.ettoday.net/news/20200411/1689043.htm 小英正式組建第四軍？調查局成立「資安站」查辦假訊息 https://bit.ly/3eh3w4k 當調查局淪為網軍小弟 https://udn.com/news/story/7338/4485463?from=udn-catebreaknews_ch2 北市口罩販賣機今天開賣 https://www.merit-times.com.tw/NewsPage.aspx?unid=581733 北市試辦口罩智販機未來將技術交給中央 https://www.chinatimes.com/realtimenews/20200415004962-260405?chdtv 竹縣府下週一起異地分流辦公今忙搬家 https://m.ltn.com.tw/news/politics/breakingnews/3129399 風景區國家警報簡訊將取消政院改用「高速公路1968」APP示警 https://news.ltn.com.tw/news/life/breakingnews/3130489 行政院管不到駐美處？口譯哥視訊華府智庫帶頭用Zoom https://www.chinatimes.com/realtimenews/20200411003686-260407?ctrack=mo_main_rtime_p04&chdtv 只准州官洩密不准百姓用Zoom https://udn.com/news/story/11091/4486001?from=udn-catelistnews_ch2 51連假避群聚政院擬研發"紀錄接觸史APP" https://www.ttv.com.tw/news/view/10904120007200I/568 Zoom遭禁用　高檢署下令各地檢改採「U會議」 https://tw.appledaily.com/local/20200413/ESTHQMGMMFSBZ5IVRXK2ZVQYRY/ 公文被爆用ZOOM開會？政院批國民黨團「以訛傳訛」 https://udn.com/news/story/6656/4494471?from=udn-catelistnews_ch2 政院澄清未使用Zoom召開視訊會議籲藍委勿以訛傳訛 https://www.chinatimes.com/realtimenews/20200415004423-260407?ctrack=mo_main_rtime_p02&chdtv 防疫新招行政院研發社交距離APP https://www.ydn.com.tw/News/379663 新竹市居家辦公試辦近500人遠端演練公務 https://www.chinatimes.com/realtimenews/20200413003298-260405?chdtv 藍委促調查局查IP 堵藍批栽贓 https://money.udn.com/money/story/7307/4489790 中研院、大學合作開課照用Zoom！　教育部：會再提醒 https://www.ettoday.net/news/20200413/1690178.htm 中央才下禁令！「口譯哥」視訊美智庫用Zoom https://bit.ly/2RExp51 北市試辦實名制口罩自動販賣系統惹爭議，臺北市資訊局出面說清楚更多規畫 https://ithome.com.tw/news/136976 跨領域招募整合　國防部偕成大培育優質人才 http://n.yam.com/Article/20200415357274 成大與國防部合辦「國防學士班」培育國防科技菁英 http://n.yam.com/Article/20200415946589 H.工控系統/SCADA/ICS JVNVU#99126710 Rockwell Automation 製 RSLinx Classic における重要なリソースに対する不適切なパーミッションの割り当ての脆弱性 https://jvn.jp/vu/JVNVU99126710/ 西門子多款工業設備受Linux內核漏洞SegmentSmack影響 https://www.venustech.com.cn/article/1/11583.html I.教育訓練 Free Cyber Security Courses https://www.oxfordhomestudy.com/courses/cyber-security-courses/free-cyber-security-courses 12 Must-Watch Cybersecurity TED Talks https://www.springboard.com/blog/12-must-watch-cybersecurity-ted-talks/ Training for a Career in Cybersecurity https://niccs.us-cert.gov/training J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 Qualcomm debuts new NB2 IoT chipset for low-power devices in the field https://www.zdnet.com/article/qualcomm-debuts-new-nb2-iot-chipset-for-low-power-devices-in-the-field/#ftag=RSSbaffb68 福特、大眾被曝網絡安全漏洞黑客還能禁用車輛的剎車系統 https://tech.sina.com.cn/roll/2020-04-15/doc-iircuyvh7894718.shtml TC5#22.2 WG1工作會議暨空氣品質微型感測器資安標準暨測試規範草案討論會議 https://www.taics.org.tw/TCMeetInfoForm.aspx?tcCat_id=5&tcMeetInfo_id=8206 6.近期資安活動及研討會 ISO/IEC 27001:2013 資訊安全稽核師(主導稽核員)訓練課程 4/11 ~ 4/26 https://www.accupass.com/event/2002140726181428485387 交通大學駭客書院 -入侵行為發覺與應變指南 4/18 https://hackercollege.nctu.edu.tw/?p=1144 2020全方位資訊安全人才培育計畫 4/21 ~ 6/16 http://service.tabf.org.tw/tw/user/409646/ 網駭,鑑識工具操作與證據追蹤分析 4/17 https://bit.ly/2UVwP55 2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23 https://www.icscybersecurityconference.com/singapore/ Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/ 亞太資訊安全論壇暨展覽會 4/22 https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html 交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25 https://hackercollege.nctu.edu.tw/?p=1147 2020 LINE Taiwan Developers Recruitment Day 4/25 https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/ 金融數據應用統計+視覺化 4/26 https://tw.pyladies.com/events/event.html?id=179 交通大學駭客書院 - 基礎網站安全建構實務 5/16 https://hackercollege.nctu.edu.tw/?p=1151 資安社 - Forensic(一) 5/20 https://nsysuisc.kktix.cc/events/2020forensic1 交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23 https://hackercollege.nctu.edu.tw/?p=1156 Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/ 交通大學駭客書院 - 進階網頁滲透測試 5/30 https://hackercollege.nctu.edu.tw/?p=1159 109年智能物聯網與資訊安全碩士學分班 5/30 ~ 8/8 https://www.accupass.com/event/2003160837472127685300 邊緣計算系統之大數據與深度學習應用 6/5 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index 交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20 https://hackercollege.nctu.edu.tw/?p=1161 交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27 https://hackercollege.nctu.edu.tw/?p=1164 CYBERSEC 2020 臺灣資安大會 8/12 https://cyber.ithome.com.tw/