資安事件新聞週報 2020/12/21 ~ 2020/12/25

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/12/21 ~ 2020/12/25 1.重大弱點漏洞/後門/Exploit/Zero Day WSJ：思科、英特爾與Nvidia都安裝了含漏洞的SolarWinds Orion系統 https://www.ithome.com.tw/news/141803 Two Critical Flaws — CVSS Score 10 — Affect Dell Wyse Thin Client Devices https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug https://thehackernews.com/2020/12/google-discloses-poorly-patched-now.html JAVA漏洞再度挑戰蘋果安全神話 https://www.huaweicloud.com/articles/d0f446d519f3438a52d3ef4a47acf4d5.html apache struts CVE-2020-17530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-17530 arubanetworks arubaos CVE-2020-24633 CVE-2020-24634 CVE-2020-24637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24637 citrix gateway_plug-in CVE-2020-8257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-8257 citrix virtual_apps_and_desktops CVE-2020-8283 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-8283 docker adminer CVE-2020-35186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-35186 sophos cyberoamos CVE-2020-29574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-29574 2.銀行/金融/保險/證券/支付系統/ 新聞及資安大馬前駭客坦言部分銀行系統容易入侵 http://qiqi.world/read/14060 元大金增設資安長強化資訊安全防禦力與ESG https://udn.com/news/story/7239/5119981 Law Enforcement Seizes Joker's Stash — Stolen Credit Card Marketplace https://thehackernews.com/2020/12/law-enforcement-seizes-jokers-stash.html 3.電子支付/行動支付/pay/資安電子支付熱金管會盯資安 https://money.udn.com/money/story/5613/5095518 電子支付條例三讀可互轉帳買基金外幣 https://www.cna.com.tw/news/firstnews/202012250183.aspx 央行打通台灣支付的任督二脈新台幣現鈔未來也能數位 https://www.rti.org.tw/news/view/id/2087533 LINE Pay Money與農漁會合作領先開通行動支付儲值服務 https://www.chinatimes.com/realtimenews/20201224006153-260410?chdtv 利用行動支付漏洞盜刷200萬 https://udn.com/news/story/7320/5044276 街口支付、一卡通、拍付健保費行動支付專屬權三雄搶下 https://www.chinatimes.com/newspapers/20201216000146-260202?chdtv 台灣Pay交易熱今年增2倍 https://www.chinatimes.com/realtimenews/20201224000222-263401?chdtv 4.加密貨幣/挖礦/區塊鍊資安比特幣突破 24,000 再創歷史新高！數據顯示，超級機構還在購買 https://www.blocktempo.com/bitcoin-briefly-tops-24k-setting-new-all-time-high/ 數位人幣不與行動支付競爭 https://reurl.cc/Gr7V9D 阿肯：加密貨幣帶來「通膨救贖」的希望； Paxful 已用比特幣蓋了4間學校 https://www.blocktempo.com/africa-akon-crypto-city-and-paxful-philanthropy/ 186 萬枚比特幣 10 年沒動過！數據報告 :「遺失的BTC 」總價可能超過 870 億美元 https://www.blocktempo.com/10-btc-never-moved-for-10y/ 監管重彈！美國財政部「提案預告」強制個人錢包KYC，交易所提領也需交「雙方」資訊 https://www.blocktempo.com/fincen-proposes-kyc-rules-for-crypto-wallets/ 加密交易所Exmo出現重大安全漏洞，官方已凍結提款 https://news.sina.com.tw/article/20201221/37203668.html 美國FinCEN針對加密錢包提出新規，要求其適用《銀行保密法》 https://news.knowing.asia/news/b5cfeba3-bb9e-4564-81fb-251ba1c12951 硬體加密貨幣錢包製造商Ledger遭駭客入侵，逾27萬用戶資料在駭客論壇上曝光 https://www.ithome.com.tw/news/141809 加密貨幣交易所經營者欺騙23萬人，駭客賺了數十億歐元，真可怕 https://www.juduo.cc/finance/1162307.html macOS 用戶當心！北韓駭客 Lazarus 將目標瞄準虛擬貨幣交易用戶 https://reurl.cc/VXK69n 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 快刪！Chrome內藏28款惡意擴充洩用戶位址 https://reurl.cc/14dYKD 一封求職信藏病毒！鴻海、中油接連被駭，企業該怎麼防範？資安專家一次解答 https://reurl.cc/e8qxNL eCommerce JavaScript-sniffer from "UltraRank" group https://www.group-ib.com/blog/ultrarank IceRat evades antivirus by running PHP on Java VM https://www.gdatasoftware.com/blog/icerat-evades-antivirus-by-using-jphp Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware https://reurl.cc/14DxzX Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor https://news.sophos.com/en-us/2020/12/16/systembc/ Lazarus Targeting COVID-19 Related Research https://securelist.com/lazarus-covets-covid-19-related-intelligence/99906/ TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger https://www.trendmicro.com/en_us/research/20/l/teamtnt-now-deploying-ddos-capable-irc-bot-tntbotinger.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G 中共監控手機強化資安是要務 https://big5.zhengjian.org/node/264106 APP「龍騰出行」有問題？林楚茵警告：恐洩漏個資成資安破口 https://newtalk.tw/news/view/2020-12-20/511458 臉書小企業管理工具可能曝露IG用戶的電郵 https://www.ithome.com.tw/news/141822 臉書控告駭客公司NSO Group利用WhatsApp漏洞打造間諜程式Pegasus，微軟與Google等科技大廠出面聲援 https://www.ithome.com.tw/news/141807 37名記者因iMessage安全漏洞受到黑客間諜攻擊 https://www.vbnvbn.com/f/109062.html 蘋果曝出安全漏洞！利用間諜軟件PegASUS，無需用戶接觸即可竊聽所有信息，iOS 14 以上設備都可能中招 https://www.sohu.com/a/439660502_114877 利用 AirDrop 底層協議漏洞，駭客可以控制你的 iPhone https://www.techbang.com/posts/83184-hackers-can-take-control-of-your-iphone-with-the-airdrop Cellebrite 宣稱成功破解 Signal 服務對象包括香港特區政府 https://reurl.cc/odlLb5 Signal: Cellebrite claimed to have 'cracked' chat app's encryption https://www.bbc.com/news/technology-55412230 iPhones of 36 Journalists Hacked Using iMessage Zero-Click Exploit https://thehackernews.com/2020/12/iphones-of-36-journalists-hacked-using.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件台灣工業電腦大廠遭駭客攻擊、勒索三億新台幣？研華出面回應了 https://www.storm.mg/lifestyle/3280177 Techo Park聚焦前沿安全技術，騰訊安全攜手中科院、滴滴披露重磅安全成果 https://www.sohu.com/a/439601835_104421 台灣資安群英參與產業交流　集結閱兵秀實力 https://www.mem.com.tw/arti.php?sn=2012210004 瀏覽網頁更有隱私！Google預計兩年內慢慢淘汰Chrome第三方Cookie https://cnews.com.tw/134201220a01/ 縱橫天下：劉必榮》網路攻擊與嚇阻戰略 https://www.chinatimes.com/opinion/20201220003633-262104?chdtv 中國每月對台網攻逾3千萬次廖宏祥：台灣有權在網路戰行使自衛權 https://news.ltn.com.tw/news/politics/breakingnews/3388343 北京對台網攻強勁學者呼籲行使自衛權 https://www.secretchina.com/news/b5/2020/12/22/956626.html 美參議員爆料俄駭客入侵財部高官電郵米努勤否認 https://udn.com/news/story/6813/5111737?from=udn-catelistnews_ch2 中企數據服務有盜竊風險美國土安全部建議避開 https://ec.ltn.com.tw/article/breakingnews/3389449 有完沒完！印媒再炒作「中國駭客網路攻擊」，中國外交部霸氣怒懟 https://www.aqiusha.com/interweb/51f57008c2e8373046d6d670f27d3462.html solarwinds成駭客入口美國會調查單位「政府責任署」早有警告 https://news.ltn.com.tw/news/world/breakingnews/3388170 蓬佩奧將Solarwinds遭駭客攻擊事件歸咎於俄羅斯 https://reurl.cc/odlLMq 五角大廈提案國安局與網戰司令部分家凸顯陸、俄駭客攻勢凌厲 https://www.chinatimes.com/realtimenews/20201221005270-260417?chdtv 美遭大規模網攻清查至少200個單位受害 https://money.udn.com/money/story/5599/5109317 駭客入侵美政府　川普：黑手可能來自大陸 https://reurl.cc/q8ydWN 以牙還牙！不只制裁拜登還要對俄網路反攻 https://udn.com/news/story/121687/5109202?from=udn-catelistnews_ch2 川普要求中國為駭客入侵負責！中酸：美國沒資格指手畫腳 https://reurl.cc/Ezk7A1 實力再強也有軟肋，美國核武庫遭駭客攻擊，以色列機密也被竊取 https://www.aqiusha.com/arm/2ffa9704ab102ddfd81902b24f78215b.html 美國遭大規模網攻特朗普懷疑中國不提俄羅斯受批評 https://reurl.cc/Q30dqM DJI 被美國商務部列入貿易黑名單　原因包括這些指控 https://reurl.cc/k0mdWx 印媒：網路購物遭陸駭客入侵數百萬消費者資訊遭詐取 https://www.chinatimes.com/realtimenews/20201220003951-260409?chdtv 微軟：SolarWinds遭第2個駭客組織鎖定 https://udn.com/news/story/6813/5106726?from=udn-ch1_breaknews-1-cate5-news 微軟疑加拿大也是黑客攻擊目標之一 https://reurl.cc/7ogpDl 破壞紀念六四會議 Zoom陸籍員工遭起訴 https://reurl.cc/0O5jKA 美國核子安全管理局也遭駭客攻擊　核武暫時沒受到影響 https://reurl.cc/ygpERa 紐時披露中共嚴控媒體報導武漢肺炎細節 https://www.cna.com.tw/news/acn/202012200002.aspx 美政府機構大舉遭駭　川普把矛頭指向中國：媒體為了錢不敢質疑中共 https://tw.appledaily.com/international/20201220/BM5IMFKYSVDJTEH73ZPBPIAM5I/ 中國駭客再出狠招：假冒防毒軟體入侵 https://www.secretchina.com/news/b5/2020/12/19/956367.html 微軟宣布遭駭隔日網通大廠思科成最新「受駭者」 https://ec.ltn.com.tw/article/breakingnews/3386020 北韓駭客瞄準製藥廠 https://ctee.com.tw/bookstore/world-news/387830.html 美國政府機構遭黑客攻擊，背後是這家神秘的軟件企業 http://www.fortunechina.com/keji/c/2020-12/19/content_382851.htm 美國國安局報告能源部淪駭客攻擊對象 https://news.pts.org.tw/article/505116 傳媒先揭發網安局認「威脅嚴重」述細節黑客大攻華府核武能源部門遇襲 https://reurl.cc/pyzZvl 駭客入侵美國政府部門蓬佩奧稱俄羅斯主使 https://money.udn.com/money/story/5599/5105687 俄羅斯駭客大舉攻擊美利堅！國務院、財政部、能源部、國土安全部、商務部一一淪陷 https://www.storm.mg/article/3312754 曾稱「美大選史上最安全」獲熱捧駭客入侵曝光打臉CISA前局長 https://news.ltn.com.tw/news/world/breakingnews/3386260 川普淡化政府機構大舉遭駭衝擊矛頭指向中國 https://udn.com/news/story/6813/5106597?from=udn-ch1_breaknews-1-cate5-news 部長才說沒損失美議員爆料：財政部大規模遇駭 https://money.udn.com/money/story/10511/5112289?from=edn_breaknewstab_index 五角大廈突喊停簡報拜登團隊警告國安後果 https://www.cna.com.tw/news/aopl/202012190085.aspx 傳華府擬關閉美國在俄羅斯最後兩座領事館 https://www.cna.com.tw/news/aopl/202012190153.aspx 研究報告：中國在瑞士統戰綿密程度超乎想像 https://www.cna.com.tw/news/firstnews/202012180334.aspx 數千份內部文件公開紐時：中共嚴厲打壓疫情負面訊息 https://reurl.cc/9Xj1WO 駭客組織揭露中共內部文件打壓疫情一切負面消息 https://newtalk.tw/news/view/2020-12-20/511519 美國列60家中企入貿易黑名單包含無人機廠商大疆與中芯 https://reurl.cc/pyzMW4 美首度實現量子網路！資料傳輸快過光速駭客無法入侵 https://money.udn.com/money/story/5599/5114981 Software Supply-Chain Attack Hits Vietnam Government Certification Authority https://thehackernews.com/2020/12/software-supply-chain-attack-hits.html Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack https://thehackernews.com/2020/12/microsoft-says-its-systems-were-also.html A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says https://thehackernews.com/2020/12/a-second-hacker-group-may-have-also.html The SolarWinds cyberattack: The hack, the victims, and what we know https://reurl.cc/q8xNkE Cybercriminals' Favorite Bulletproof VPN Service Shuts Down In Global Action https://thehackernews.com/2020/12/cybercriminals-favorite-bulletproof-vpn.html Common Security Misconfigurations and Their Consequences https://thehackernews.com/2020/12/common-security-misconfigurations-and.html North Korean Hackers Trying to Steal COVID-19 Vaccine Research https://thehackernews.com/2020/12/north-korean-hackers-trying-to-steal.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞川普推特真的被盜！駭客隨便就猜到「maga2020」這組密碼 https://reurl.cc/pyzgab 她找「駭客」調查詐騙閨蜜兇手　結果兩人被騙更慘 https://www.ettoday.net/news/20201220/1880461.htm 閨密被騙73萬！她怒聘「駭客」調查　結果2人下場更慘 https://www.setn.com/News.aspx?NewsID=868538 註冊「疫苗預搶專員」月收3萬？千萬別亂點 https://news.ltn.com.tw/news/life/breakingnews/3386669 追「簡易報關」漏洞！個資遭冒用報關走私菸草 https://news.ebc.net.tw/news/living/241926 研華科技遭竊資料第三度遭Conti爆料這次有多達7萬筆的使用者帳號密碼 https://reurl.cc/9XMEKV US Healthcare Provider Proposes $4.2m Data Breach Settlement https://www.infosecurity-magazine.com/news/kalispell-proposes-data-breach/ E.研究報告 Edge 漏洞研究團隊對iOS Chromium 漏洞的研究 https://os.51cto.com/art/202012/635659.htm web漏洞之越權漏洞 https://blog.csdn.net/qq_41901122/article/details/111412380 封閉網路還是有風險　駭客透過記憶體電流也能入侵 https://reurl.cc/6l10Dk 記一次本地Windows-2008滲透測試 https://iter01.com/572174.html Nginx 解析漏洞 https://blog.csdn.net/zy15667076526/article/details/111414021 Nginx 配置錯誤導致漏洞 https://blog.csdn.net/zy15667076526/article/details/111414038 利用Windows 系統漏洞MS12-020 進行攻擊 https://zhuanlan.zhihu.com/p/151272018 XSS的介绍-安全漏洞 https://zhuanlan.zhihu.com/p/267281023 S2-016漏洞整理 https://www.mdeditor.tw/pl/gg1K/zh-hk shiro反序列化漏洞復現 https://blog.csdn.net/weixin_44912035/article/details/111500010 SystemdMiner、H2Miner挖礦木馬利用相同的PostgreSQL漏洞攻擊雲服務器 https://s.tencent.com/research/report/1206.html freki a free and open-source malware analysis platform. https://github.com/crhenr/freki SunBurst: the next level of stealth https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers https://reurl.cc/Q3yb4q Safty https://pypi.org/project/safety/ Cellebrite’s New Solution for Decrypting the Signal App https://reurl.cc/Oqd1aD F.商業 5G、物聯網離不開資安　這兩檔系統整合商最有潛力 https://reurl.cc/Oql0r7 Surface 電腦有望用上微軟自己開發的 ARM 架構晶片 https://reurl.cc/0O5j4A BSI培養網路安全與資訊韌性迎戰後疫時代資安威脅 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000600207_VDP38CEOLDYN278RRCOTD 2021年網路安全 FireEye發表預測報告 https://reurl.cc/7oOXxb 中華資安國際提供OT資安健診協助打造智慧工廠防護罩 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000600827_l1l93bzk123tzf8fpugnk 捷而思提供企業急需無懈可擊的防駭資安雷達網 https://reurl.cc/KjZk7j G.政府檢視網際網路視聽服務管理法草案的爭議和缺失 https://www.chinatimes.com/opinion/20201220000099-262113?chdtv 數位身分證唐鳳掛保證學者：需專法規範 https://udn.com/news/story/6656/5110261 台內政部找唐鳳背書數位身分證網友不買單 https://www.epochtimes.com/b5/20/12/21/n12635776.htm H.工控系統/ICS/SCADA 相關資安 Stuxnet and Beyond: The Origins of SCADA and Vulnerabilities to Critical Infrastructure https://reurl.cc/d5R062 CVE-2020-7554: Interactive Graphical SCADA System https://securityboulevard.com/2020/12/cve-2020-7554-interactive-graphical-scada-system/ Urgent Case for Cyber-Attack Prevention (v. Detect) in OT/ICS Networks https://securityboulevard.com/2020/12/urgent-case-for-cyber-attack-prevention-v-detect-in-ot-ics-networks/ I.教育訓練 How to train your Robot Arm https://medium.com/xrpractices/how-to-train-your-robot-arm-fbf5dcd807e1 BurpSuite Spider Feature Working https://hackersonlineclub.com/burpsuite-spider-feature-working/ New Critical Flaws in Treck TCP/IP Stack Affect Millions of IoT Devices https://thehackernews.com/2020/12/new-critical-flaws-in-treck-tcpip-stack.html How to Defend Against Malware, Phishing, and Scams During COVID-19 Crisis https://thehackernews.com/2020/12/how-to-defend-against-malware-phishing.html 6.近期資安活動及研討會 2020 Proxmox VE 中文使用者社團年會 12/26 https://tfc.kktix.cc/events/pve-tw-2020 資安月活動 - CTF Workshop 12/27 https://hackersir.kktix.cc/events/20201227-ctfworkshop 利用NAC系統進行資安聯防提升企業資安與競爭力【Power of X 科技講堂】 12/28 http://tw.systex.com/powerofx-webinar-1228/ 2020【 WEA x BSI 資安風險趨勢講座】 12/28 https://wea4risk.kktix.cc/events/2020weaxbsi 從Python到TensorFlow線上讀書會-首部曲(8) -函式 12/29 https://www.meetup.com/TensorFlow-User-Group-Taipei/events/274522900 WTM & GDG Workshop - D 搭 D 的浪漫與現實 #3 2021/1/9 https://www.meetup.com/GDGTaipei/events/275151173 交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16 https://hackercollege.nctu.edu.tw/?p=1228 比特幣小聚: 比特幣重要性 2021/1/13 https://www.meetup.com/Taiwan-Bitcoin-Only-Meetup/events/274363177 交通大學亥客書院企業網域控管－Active Directory攻擊與防禦 2021/1/23 https://hackercollege.nctu.edu.tw/?p=1230 2021 南新科技中心寒假營隊 [駭客攻防資安體驗營] 2021年1月21-22日 https://www.nsjh.tn.edu.tw/modules/tadnews/index.php?nsn=7790 預防駭客！優化您 Google Cloud 上的安全性｜Google Cloud Security Overview 2021/1/29 https://www.meetup.com/CloudAce-Taiwan-meetup/events/274376220 元智資工冬令營-由programming邁入AI大數據與資安世界 2021/2/1 ~ 2021/2/3 https://cse-yzu.kktix.cc/events/yzcsapcs4 吱吱盃黑客松 2021/04/02 18:30 ~ 2021/04/04 18:30 https://nsysuisc.kktix.cc/events/hackathon2020