資安事件新聞週報 2021/3/22 ~ 2021/3/26

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2021/3/22 ~ 2021/3/26 1.重大弱點漏洞/後門/Exploit/Zero Day WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack https://thehackernews.com/2021/03/warning-new-android-zero-day.html 修補「Exchange」重大漏洞！Windows 10 將強制安全更新 https://3c.ltn.com.tw/news/43687 微軟發布修補程式以來，「每天」仍有數不清的 Exchange Server 漏洞攻擊 https://technews.tw/2021/03/24/microsoft-exchange-server-attacks/ 思科修補Jabber Windows用戶端軟體App重大漏洞 https://www.ithome.com.tw/news/143502 Cisco 發布 RV132W 和 RV134W 軟體安全更新 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-132w134w-overflow-Pptt4H2p Cisco Security Advisories March 24 2021 https://tools.cisco.com/security/center/Search.x?publicationTypeIDs=1&firstPublishedStartDate=2021%2F03%2F24&firstPublishedEndDate=2021%2F03%2F24&limit=50 PsExec Privilege Escalation in Windows Fixed https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-psexec-privilege-elevation-vulnerability/ https://techcommunity.microsoft.com/t5/sysinternals-blog/tcpview-v4-0-psexec-v2-33-winobj-v3-02-and-sysmon-v13-02/ba-p/2230549 Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online https://thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html SonicWall SMA100 10.2.0.5 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-20017 IBM Security Guardium performs http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-4184 IBM Security family PAM Content Update 4103.23203 https://exchange.xforce.ibmcloud.com/xpu/XPU%204103.23203 IBM Security family PAM Content Update 4103.18182 https://exchange.xforce.ibmcloud.com/xpu/XPU%204103.18182 McAfee Endpoint Product Removal http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-23879 Synology DiskStation Manager http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27647 Popular Netop Remote Learning Software Found Vulnerable to Hacking https://thehackernews.com/2021/03/popular-netops-remote-learning-software.html Mozilla Security Advisories - March 23 2021 https://www.mozilla.org/en-US/security/advisories/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/ Firefox 87 is out today, adds Smart Block for improved private browsing https://arstechnica.com/gadgets/2021/03/firefox-87-is-out-today-adds-smart-block-for-improved-private-browsing/ Another Critical RCE Flaw Discovered in SolarWinds Orion Platform https://thehackernews.com/2021/03/solarwinds-orion-vulnerability.html Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems https://thehackernews.com/2021/03/critical-cisco-jabber-bug-could-let.html Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now https://thehackernews.com/2021/03/critical-rce-vulnerability-found-in.html Adobe 近日發布針對 ColdFusion 的安全公告 https://us-cert.cisa.gov/ncas/current-activity/2021/03/23/adobe-releases-security-updates-coldfusion 2.銀行/金融/保險/證券/支付系統/ 新聞及資安被爆資安漏洞卡住執照將來銀行澄清：已超前部署 https://reurl.cc/e9n4ej 總座閃辭傳言多將來銀行發聲明：資安超前部署 https://udn.com/news/story/7239/5346640?from=udn-ch1_breaknews-1-cate6-news 中壽刷臉投保獲財資肯定台灣唯一上榜壽險　 https://money.udn.com/money/story/5636/5346118 將來銀行資訊系統嚴重卡關　中華電信拚數位轉型　「大象該如何跳舞？」 https://www.storm.mg/new7/article/3562057 東吳與專家探索監理科技在地化 https://turnnewsapp.com/livenews/finance/A83205002021032314231081 數位金融當道資策會科法所：落實個資保護為贏得消費者信任之關鍵 https://times.hinet.net/topic/23267693 金融資安防微杜漸削減風險　強化監控也要保護個資隱私 SOC委外整合成挑戰　自建與否皆須符法令規範 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/BDED26CDFDBC4392B98704826919BC94 Singapore bank turns on face verification at ATMs https://www.zdnet.com/article/singapore-bank-turns-on-face-verification-at-atms/ Magecart Skimmer Attacks Sites Whilst Hiding Stolen Data In JPG Files https://reurl.cc/zbOxy0 美大型保險公司CNA傳出遭勒索軟體Phoenix CryptoLocker攻擊 https://www.ithome.com.tw/news/143474 美國大型保險公司CNA部分系統中斷，驚傳疑似遭到勒索軟體攻擊 https://www.ithome.com.tw/news/143459 CNA insurance firm hit by a cyberattack, operations impacted https://www.bleepingcomputer.com/news/security/cna-insurance-firm-hit-by-a-cyberattack-operations-impacted/ Fatface駭客：員工得知銀行詳細信息可能已被盜 https://reurl.cc/XepY10 Russia's Central Bank has warned of hackers targeting banks' mobile apps https://www.ehackingnews.com/2021/03/russias-central-bank-has-warned-of.html 3.電子支付/行動支付/pay/資安台北捷運黑色售票機用信用卡、電子支付等13種支付購買4種旅遊票 https://www.cool3c.com/article/160613 繳牌照稅LINE送10%　台灣Pay進駐台鐵免現金 https://www.cardu.com.tw/news/detail.php?42919 電子支付正夯還是有人"駭"怕 https://reurl.cc/NXndpm 以第三方支付為幌子！「易支付」地下匯兌21.6億元遭起訴 https://udn.com/news/story/7321/5345859 到底落後還先進？台灣生活太方便　竟造成行動支付難以推行 https://www.setn.com/News.aspx?NewsID=913901 移動支付又來巨頭：華為拿下支付牌照要搶支付「生意」 https://news.sina.com.tw/article/20210326/38018188.html 幫商家建立收款QR Code 永豐銀Scan & Pay做得到 https://money.udn.com/money/story/5617/5343600?from=edn_catehotlist_story 螞蟻救估值傳提高支付寶抽成 https://ctee.com.tw/news/china/435885.html 迎接支付新戰局悠遊卡公司總經理職務邱昱凱升任 https://www.chinatimes.com/realtimenews/20210325004294-260410?chdtv 4.加密貨幣/挖礦/區塊鍊/智能合約資安《虛擬貨幣》Bee Token遭遇網路釣魚詐騙，造成投資者損失100萬美元 https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=9120 比特幣恐完蛋？達里歐：很可能被各國宣布非法 https://ec.ltn.com.tw/article/breakingnews/3478664 Twitter 執行長線上聽證，身後的區塊鐘意外成焦點 https://technews.tw/2021/03/26/twitter-ceo-house-hearing-reveal-blockclock/ 幣圈知多少？ 10種你不可不知的加密貨幣 https://money.udn.com/money/story/5599/5346326 需求強美比特幣ATM大增 https://ctee.com.tw/news/global/435880.html 國際清算銀行總裁警告：加密貨幣是「投機工具」應受監管 https://ec.ltn.com.tw/article/breakingnews/3477802 難以取代美元地位鮑爾：加密貨幣更像黃金替代品 https://ec.ltn.com.tw/article/breakingnews/3475748 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Black Kingdom 勒索軟體開始鎖定 Exchange 伺服器 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9132 鎖定Exchange伺服器漏洞的勒索軟體攻擊再起 https://www.ithome.com.tw/news/143413 勒索軟體大轉型，防禦難度提升：黒產供應鏈經營成本高，鎖定有能力付贖金的知名企業 https://www.ithome.com.tw/news/143458 惡意軟體紫狐增加蠕蟲擴散能力，可大規模感染Windows電腦 https://www.ithome.com.tw/news/143463 XcodeSpy 開發環境惡意軟體，意圖針對 iOS 開發者發動供應鏈攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9128 IoT解決方案供應商Sierra Wireless因遭到勒索軟體攻擊而暫時停產 https://www.ithome.com.tw/news/143427 Windows Safe Mode Unsafe From REvil https://www.bleepingcomputer.com/news/security/revil-ransomware-has-a-new-windows-safe-mode-encryption-mode/ Royal Road v7 Document Drops .NET RAT Targeting Mongolia https://sebdraven.medium.com/a-net-rat-target-mongolia-9c1439c39bc2 Facebook Takes Action Against Hackers in China https://about.fb.com/news/2021/03/taking-action-against-hackers-in-china/ Lazarus Attack Activities Targeting Japan with VSingle and ValeforBeta Malware https://blogs.jpcert.or.jp/en/2021/03/Lazarus_malware3.html Android Trojan Posing as Clubhouse App https://www.welivesecurity.com/2021/03/18/beware-android-trojan-posing-clubhouse-app/ https://twitter.com/ESETresearch/status/1371829367068852226 Satori: Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE Vulnerability (CVE-2020-9020) https://unit42.paloaltonetworks.com/satori-mirai-botnet-variant-targeting-vantage-velocity-field-unit-rce-vulnerability/ Black Kingdom Ransomware Hunting Unpatched Microsoft Exchange Servers https://thehackernews.com/2021/03/black-kingdom-ransomware-hunting.html Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers https://thehackernews.com/2021/03/purple-fox-rootkit-can-now-spread.html Tesla Ransomware Hacker Pleads Guilty; Swiss Hacktivist Charged for Fraud https://thehackernews.com/2021/03/tesla-ransomware-hacker-pledges-guilty.html Black KingDom Ransomware Using ProxyLogon Exploit https://news.sophos.com/en-us/2021/03/23/black-kingdom/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊簡訊驗證並不安全！駭客輕易獲得所有簡訊與密碼 https://hk.epochtimes.com/news/2021-03-23/60257443 日本 LINE 不慎讓其中國關係企業人員存取用戶個資與對話内容 https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=9124 Google Play與App Store上有204款訂閱詐騙程式 https://www.ithome.com.tw/news/143446 別當冤大頭！204個「偷扣款」惡意App名單被資安揭露 https://3c.ltn.com.tw/news/43732 Android 12提升隱私防護 LINE爆發資安疑慮急補救 https://www.chinatimes.com/album/technewsweekly31/20210326003832-262210?chdtv LINE 預告終止「電話號碼」登入！帳號未轉移小心貼圖、好友全消失 https://3c.ltn.com.tw/news/43735 LINE 撇資安隱憂！4 大新措施強調「終止中國團隊權限」 https://3c.ltn.com.tw/news/43704 LINE 提高資安層級，強化用戶資料管理 https://linecorp.com/zh-hant/pr/news/zh-hant/2021/3683 LINE宣布提高資安層級強化用戶資料管理　將加速推動資料轉移至日本 https://www.computerdiy.com.tw/20210324_line/ 外包團隊偷看個資疑雲 LINE：終止中國團隊存取權限、數據轉回日本國內 https://udn.com/news/story/7086/5340130?from=udn-catebreaknews_ch2 日本 LINE AI 相關功能委外開發爆資安疑慮，中國承包商可存取用戶資訊( 補充 LINE 台灣官方聲明、強調資料未提供給中國政府) https://www.cool3c.com/article/160455 購買 iPhone 後要先確認的5件事 https://blog.trendmicro.com.tw/?p=67213 假冒 Android 版 Clubhouse app，大量竊取用戶手機儲存的登入資訊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9127 New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks https://thehackernews.com/2021/03/new-5g-flaw-exposes-priority-networks.html Hackers Infecting Apple App Developers With Trojanized Xcode Projects https://thehackernews.com/2021/03/hackers-infecting-apple-app-developers.html New Zoom Screen-Sharing Bug Lets Other Users Access Restricted Apps https://thehackernews.com/2021/03/new-zoom-screen-sharing-bug-lets-other.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件數位轉型不能再拖！2021 將進入「數位轉型普拉斯」的新世紀 https://www.inside.com.tw/article/22959-2021-INSIDE-transformation-plus 為理念而戰？「匿名者2.0」激進駭客重出江湖 https://www.taiwannews.com.tw/ch/news/4160906 大數據黑市調查：內鬼、駭客、買家等寄生的千億“產業鏈” https://reurl.cc/OXz3XX 駭客積極掌握加密軟體演算法安全性，視AD為入侵灘頭堡 https://www.ithome.com.tw/news/143460 「依照駭客情蒐」評比50大企業台灣「這行業」資安落後 https://today.line.me/tw/v2/article/KnmJ1m 宏碁遭駭客攻擊，勒索 5,000 萬美元 https://today.line.me/tw/v2/article/PBpvko 網路平台壟斷臺灣受害大立委開公聽會籲納管 https://reurl.cc/dV9kx6 電力網路遭中國駭客攻擊印度考慮提交全球論壇 http://www.ksnews.com.tw/index.php/news/contents_page/0001469695 電網等頻遭中共網攻印度考慮提交全球論壇 https://www.epochtimes.com/b5/21/3/23/n12829804.htm 英政府資安首長：警惕中國科技野心威脅更甚俄羅斯 https://news.ltn.com.tw/news/world/breakingnews/3480540 金小胖讓北韓變有錢的新招：偷數位貨幣；五年偷了13億美元 https://www.storm.mg/article/3495043 臉書：已阻止中國駭客藉其平台鎖定海外維吾爾人 https://today.line.me/tw/v2/article/wxMOea 臉書封鎖對維吾爾族展開社交攻擊的中國駭客 https://www.ithome.com.tw/news/143455 臉書:中國駭客利用假冒手法侵入維吾爾人電腦手機 https://www.bannedbook.org/bnews/zh-tw/baitai/20210325/1512354.html Facebook打擊與中共有關的針對維吾爾族的駭客攻擊活動 https://gnews.org/zh-hant/1019261/ 社媒淪中共大外宣共犯攻擊維族 https://news.ltn.com.tw/news/world/paper/1439384 中國大陸駭客用臉書監控在台維吾爾人專家示警︰台灣民眾恐遭殃 https://reurl.cc/pmojla 中國駭客扮成記者、維權人士接近維吾爾人　誘使點擊FB木馬連結 https://m.match.net.tw/pc/news/international/20210325/5785454 海外維族人也不放過　臉書爆：中國駭客用假帳號鎖定監控 https://m.match.net.tw/pc/news/international/20210325/5785146 中國網路戰開打！駭客用臉書監控海外維吾爾人　業界人士：台灣民眾也可能受害 https://www.storm.mg/article/3563774 【社群平台政治化的資安戰！】無所不在的中國駭客，一個維族都不放過 https://buzzorange.com/2021/03/25/data-leakage/ 臉書揭中國駭客鎖定海外維吾爾人利用平台傳木馬連結已掃蕩近百個假帳號 https://www.wantgoo.com/news/content/index?ID=1057503 Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad https://thehackernews.com/2021/03/chinese-hackers-used-facebook-to-hack.html 中華電今年召募1800人首波校園徵才開跑 https://www.cna.com.tw/news/ahel/202103260071.aspx 泰山區-日班資安檢查員 https://www.518.com.tw/job-N6ZJ1K.html 65260-資安軟體研發工程師/Cybersecurity Software Engineer https://www.104.com.tw/job/78fgw D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞銀行釣魚簡訊最新手法！解析台新簡訊詐騙案：一般民眾應如何自保 https://www.managertoday.com.tw/articles/view/62632 民眾遭詐騙，自稱駭客組織幫你把錢追討回來？當心「二次詐騙」 https://www.mygopen.com/2021/03/Fraud-Hacker.html 「你涉刑案」！鎖定大陸地產公司台馬詐團騙上億 https://reurl.cc/YWGrya 釣魚郵件以合法網域掩護發動攻擊，40萬Office 365、OWA郵件帳密被竊 https://www.ithome.com.tw/news/143441 1台4萬「小白機」全國個資通通有！專家：這下危險了 https://www.setn.com/News.aspx?NewsID=914755 公司登「私人臉書」秘密被看光？內行授資安關鍵自保 https://reurl.cc/xgoME4 比特幣爆紅...LINE群組誘買數位貨幣　民眾被詐騙超過3千萬 https://www.ettoday.net/news/20210324/1945564.htm Data Breach: Billions of Records Exposed in Online Trading Broker Data Leak https://www.wizcase.com/blog/fbs-leak-research/ E.研究報告資安基礎觀念：虛擬修補(Virtual Patching) https://blog.trendmicro.com.tw/?p=67460 台灣「海外資安義勇軍」是否可行 https://blog.schee.info/2021/03/25/internet-minutemen/ 勒索病毒Thanos分析報告 https://portal.cert.tanet.edu.tw/docs/pdf/2021032411031111792380858348429.pdf 利用nRF Sniffer對藍芽BLE通訊資料進行嗅探和分析 https://www.mdeditor.tw/pl/2484/zh-tw FireEye揭露Accellion事故調查結果，攻擊者極為熟悉目標軟體的運作機制，並串連漏洞進行RCE攻擊 https://www.ithome.com.tw/news/143178 TWNIC 2020年報發布 https://blog.twnic.tw/2021/03/26/17822/ 十幾年前在圖片中藏入其他檔案的網路小把戲，現在可以塞入一首mp3 https://www.techbang.com/posts/85350-more-than-a-decade-ago-the-internets-old-tricks-were-on-fire Cookie消亡，企業「讀心術」失靈！Verizon推出新解法，能解決廣告主的焦慮嗎 https://www.bnext.com.tw/article/61928/cookieless-verizon-media-connect-id AutoHotKey Leveraged by Metamorfo/Mekotio Banking Trojan https://cofense.com/blog/autohotkey-banking-trojan/ Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities https://content.fireeye.com/nl-gc-mar-21/website-detection-response-to-exploitation-of-microsoft-exchange-zero-day-vulnerabilities How To Avoid the Costly Risks of Cloud Misconfigurations https://www.fireeye.com/blog/executive-perspective/2021/03/how-to-avoid-the-costly-risks-of-cloud-misconfigurations.html The “Big Four”: Spotlight on China https://www.fireeye.com/blog/executive-perspective/2021/03/the-big-four-spotlight-on-china.html Forcing Self-Service Password Reset (SSPR) Registration to Increase ROI https://thehackernews.com/2021/03/forcing-self-service-password-reset.html Analyzing Attacks Taking Advantage of the Microsoft Exchange Server Vulnerabilities https://www.microsoft.com/security/blog/2021/03/25/analyzing-attacks-taking-advantage-of-the-exchange-server-vulnerabilities/ 5 Super Handy Linux Commands that Everyone Should be Aware of https://levelup.gitconnected.com/5-super-handy-linux-commands-that-everyone-should-be-aware-of-a70b08d2c635 F.商業 Protecting Against HAFNIUM With FireEye Endpoint Security Process Guard Module https://content.fireeye.com/nl-gc-mar-21/website-protecting-against-hafnium-with-fireeye-endpoint-security-process-guard-module 臺灣資安專業人才缺額達3,800人，思科DevNet資安人才培育中心進駐林口新創園 https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=12&aid=9113 台灣約有950個Exchange Server零時差漏洞威脅，Palo Alto Networks提四招防範 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9109 微軟零時差漏洞最新報告，Check Point發現全球企業受攻擊次數倍增 https://www.techbang.com/posts/85393-microsoft-exchange-server-check-point-finds-attacks-on Cloudflare發表可預防線上側錄的Page Shield服務 https://www.ithome.com.tw/news/143504 借鑑公共衛生防疫概念，顛覆資安防護既有作法：臺資安公司推勒索軟體數位疫苗 https://www.ithome.com.tw/news/143457 Fortinet: 勒索軟體Dearcry不需與攻擊行動的命令暨控制伺服器連線即可加密文件 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9131 NEITHNET 進軍資安市場　發表 NEITHInsight、NEITHSeeker https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/8C14810D332C4AEF8DDE31DA3CD3DB77 SonicWall :藉由雲端存儲和工具，勒索軟體攻擊次數和效率創新高 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9126 奪冠再進擊！政大與趨勢科技合作鎖定AI、資安 https://money.udn.com/money/story/5723/5337950 G.政府對數位發展部的期待 https://talk.ltn.com.tw/article/paper/1439369 【數位轉型行不行？】政府趕緊轉起來，政委：希望 1 年內掛牌 https://buzzorange.com/2021/03/26/digital-transformation/ 行政院通過組改法案! 設數位發展部、科技部改制為國家科學及技術委員會 https://www.ithome.com.tw/news/143456 政院部會再改造增「數位發展部」、「後備動員署」科技部改「國科會」 https://reurl.cc/KxqnyM 一張圖表看政院組織改造重點　數位發展部最快明年初掛牌 https://tw.appledaily.com/politics/20210326/JQOECUL27VC4PKZNECNHD4S3HA/ 數位部包山包海新設資通安全署 https://reurl.cc/AgpmnK 行政院通過成立數位發展部李貴敏：科技偵查法借屍還魂 https://reurl.cc/1gMAjm 科技部走入歷史！增設的「數位發展部」一年內上路，掌管電信、資安等5大領域 https://www.bnext.com.tw/article/61954/ey-gov-0325 政院推組改新設數位發展部，最快 2022 年掛牌 https://technews.tw/2021/03/25/ey-department-of-digital-development/ 新設數位發展部政委：公私協力串成資安國家隊 https://www.inside.com.tw/article/22976-dig-ey-gov 數位發展部擬接收5大單位業務未來新設資通安全署 https://www.cna.com.tw/news/firstnews/202103250377.aspx 郭耀煌：數位發展部最快明年Q1掛牌定位三大功能 https://udn.com/news/story/7238/5343184?from=udn-ch1_breaknews-1-cate6-news 數位身分證喊卡　監察院4點建議曝光 https://www.ettoday.net/news/20210325/1946506.htm 監院New eID報告要求強化法治、資安內政部：制定專法後辦理 https://today.line.me/tw/v2/article/KnML8n 教育部召開「公立高級中等以下學校教職員公務使用大陸廠牌手機相關事宜討論會議」會議紀錄 https://lses.tc.edu.tw/p/404-1164-62993.php?Lang=zh-tw 蔡清祥視察科技設備監控中心 https://reurl.cc/5oVWqz 目標新南向國家　蔡英文期待把資安強化智慧城市方案賣出國 https://www.storm.mg/article/3557444 【2021智慧城市展】總統：公私跨領域協作強化資安防護 https://reurl.cc/GdQydZ 司法單位的資安問題 https://talk.ltn.com.tw/article/paper/1439160 國軍漢光37號演習暖身中國防部下令全軍保密切結 https://udn.com/news/story/10930/5337647 蔡總統：跨部會協作發展智慧城市　資安就是國安 https://www.setn.com/News.aspx?NewsID=914695 交通部啟動無人機應用、競賽與U-Team籌組 https://ctee.com.tw/industrynews/technology/434858.html 自動人臉辨識松山機場首創「3e通關」 https://www.worldjournal.com/wj/story/121222/5339981 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車相關資安特斯拉資安疑慮？車內鏡頭恐侵犯隱私 https://reurl.cc/AgpeQY 特斯拉車內監控為發展自駕技術？消費者調查：有侵害隱私疑慮 https://news.cnyes.com/news/id/4617525 2020年全球IoT惡意軟體攻擊以66％增長創新高，一年高達5,690萬次 https://www.ithome.com.tw/news/143466 看中汽車資安大餅 Panasonic攜手McAfee提供監控服務 https://news.cnyes.com/news/id/4616733 自駕車被駭風險增，松下聯手 McAfee 提供資安監控服務 https://technews.tw/2021/03/24/mcafee-panasonic/ 追蹤硬體效能消耗狀態　辨識工業OS是否已遭病毒感染勒索病毒威脅工控資安　輕量AI即時檢測動態預警 https://www.netadmin.com.tw/netadmin/zh-tw/technology/DB2930579C194F55B385E7DB416DDA1A How to Protect Our Critical Infrastructure From Attack https://www.darkreading.com/physical-security/how-to-protect-our-critical-infrastructure-from-attack/d/d-id/1340506 Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities https://thehackernews.com/2021/03/critical-flaws-affecting-ges-universal.html ICS-CERT Advisories March 23 2021 https://us-cert.cisa.gov/ics/advisories/icsa-21-054-04 https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03 https://us-cert.cisa.gov/ics/advisories/icsa-21-082-02 https://us-cert.cisa.gov/ics/advisories/icsa-20-082-01 I.教育訓練行動裝置資通安全注意事項 https://lis.just.edu.tw/p/405-1017-22083,c3621.php?Lang=zh-tw 輔仁大學人工智慧與資訊安全學士學位學程 https://collego.ceec.edu.tw/Highschool/DepartmentIntro?dept_id=020062 防電腦被監聽和偷窺，教你一鍵關閉Win10麥克風、視訊鏡頭方法 https://mrmad.com.tw/improve-win10-privacy Chief Information Security Officer (CISO) Workshop Training https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop Microsoft Security Best Practices module: Governance, risk, and compliance https://docs.microsoft.com/en-us/security/compass/governance-risk-compliance-videos-and-decks J.人工智慧/AI/ML/人臉辨識失智婦捷運站迷途　警靠人臉辨識器助返家 https://tw.appledaily.com/local/20210326/6AST4SKVBBETNGUSATK4NLJ5EM/ 從行為著手，日本便利商店整合 AI 及臉部辨識預防小偷 https://technews.tw/2021/03/26/japanese-convenience-store-ai/ 中國多家知名商店安裝人臉辨識違法存取個資 https://www.rti.org.tw/news/view/id/2094504 6.近期資安活動及研討會【解構企業資安威脅超前建構防禦策略】研討會 3/31 https://www.kx.com.tw/kx_fortinet_event_20210331/ Coffee & Code 4/4 https://www.meetup.com/Innovate-Taiwan/events/277064650 吱吱盃黑客松 2021/04/02 18:30 ~ 2021/04/04 18:30 https://nsysuisc.kktix.cc/events/hackathon2020 #39 Azure Spatial Anchors 空間定位服務簡介 4/7 https://www.meetup.com/Azure-Taiwan/events/276415654 金融科技與資安威脅 4/8 https://www.twcert.org.tw/tw/cp-105-4463-f984a-1.html 定期小聚暨GDG Taoyuan - GCP 4/11 https://www.meetup.com/GDGTaoyuan/events/277144104 網駭,鑑識工具操作與證據追蹤分析 4/17 http://li.csu.edu.tw/UIPWeb/wSite/ct?xItem=269927&ctNode=9903&mp=1&idPath=17070_9902 CHECK POINT EXPERIENCE APAC 2021 4/20 ~ 4/21 https://virtual-cpx-apac.checkpoint.com/ Ubuntu Core 20 台北研討會 4/21 https://docs.google.com/forms/d/e/1FAIpQLScUZVv4yiSOBG87vOsRbhKRG50KXWIMw5ESIWzKDLBUV6VIqQ/viewform 國家高速網路與計算中心教育訓練【資安中階課程】你被已毒了嗎? - 初探行動應用APP安全風險檢驗 4/27 https://reurl.cc/6y74ly 國家高速網路與計算中心教育訓練「大數據程式開發平台(VM版本)」建置與開發實務課程 5/21 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3945&from_course_list_url=course_index 2021製造業資安論壇 6/10 https://docs.google.com/forms/d/e/1FAIpQLSeJEpc_ePmJGx2RO6hlSJQnmsFTzBT-2zkzjcnPHbdYS2UAhQ/viewform 行動應用APP安全檢測與實務(可抵內稽) 6/11 https://www.caa.org.tw/coursedetail-3515.html