###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/8/24 ~ 2020/8/28 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 修補完成多個影響交換器、光纖儲存設備的嚴重資安漏洞 https://www.twcert.org.tw/tw/cp-104-3908-5b5bd-1.html Google 修復可造成遠端執行任意程式碼的嚴重 Chrome 漏洞 https://www.twcert.org.tw/tw/cp-104-3905-b33da-1.html Google Researcher Reported 3 Flaws in Apache Web Server Software https://thehackernews.com/2020/08/apache-webserver-security.html IBM Content Navigator 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4687 微軟緊急推出資安修補更新，修復兩個可提升執行權限的嚴重資安漏洞 https://www.twcert.org.tw/tw/cp-104-3891-5dc4f-1.html New Jenkins Vulnerability Let Hackers Steal Sensitive Information By Obtain HTTP Response Headers https://gbhackers.com/jenkins-vulnerability/ Alert!! Critical Bugs in Cisco Products Let Hackers Execute Arbitrary Code to Gain Admin Access https://gbhackers.com/crtical-cisco-vulnerabilities/ Experts Reported Security Bug in IBM's Db2 Data Management Software https://thehackernews.com/2020/08/ibm-data-management.html Experts Reported Security Bug in IBM’s Db2 Data Management Software https://anith.com/experts-reported-security-bug-in-ibms-db2-data-management-software/ Memory leak in IBM DB2 gives access to sensitive data, causes DoS https://www.bleepingcomputer.com/news/security/memory-leak-in-ibm-db2-gives-access-to-sensitive-data-causes-dos/ IBM AI-Powered Data Management Software Subject to Simple Exploit https://threatpost.com/ibm-ai-powered-data-management-software-subject-exploit/158497/ Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2 https://thehackernews.com/2020/08/windows-update-download.html Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2 https://thehackernews.com/2020/08/windows-update-download.html Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome WebGL could lead to code execution https://blog.talosintelligence.com/2020/08/vuln-spotlight-chrome-use-free-aug-2020.html Vulnerability Spotlight: Remote code execution, privilege escalation bugs in Microsoft Azure Sphere https://blog.talosintelligence.com/2020/08/vuln-spotlight-microsoft-azure-aug-2020.html Stable Channel Update for Desktop https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html 2.銀行/金融/保險/證券/支付系統/ 新聞及資安 【國金89樓】警察早已滲透金融業（程總裁） https://hk.appledaily.com/finance/20200822/RAOLLHLDHJFXHJMBNH5QPV4SOU/ 我國108年金融業投入金融科技發展費用165億、年成長40% https://iknow.stpi.narl.org.tw/Post/Read.aspx?PostID=16935 提升銀行App黏著度 業者各出奇招 https://money.udn.com/money/story/12040/4800567 【臺灣資安大會直擊】金融犯罪持續演進，應對行為風險成臺灣銀行業者的當務之急 https://www.ithome.com.tw/news/139602 紐西蘭證券交易系統連兩天受駭 股市被迫暫時中斷 https://udn.com/news/story/6811/4810553 紐西蘭證交所連續三天遭境外 DDoS 大規模攻擊，導致股市交易暫停 https://www.twcert.org.tw/tw/cp-104-3910-2aacc-1.html 開放銀行第2階段 年底上路 https://www.merit-times.com.tw/NewsPage.aspx?unid=595774 強化資安實兵演練 純網銀找駭客當「門神」 https://udn.com/news/story/7239/4813498 金融科技企業開始逆轉大銀行 http://zh.cn.nikkei.com/politicsaeconomy/efinance/41794-2020-08-27-04-33-00.html Netcetera及萬事達卡攜手推出3DS測試平台供零售商使用 https://times.hinet.net/news/23027378 金融業ID有譜！跨業做線上身分認證開戶　金管會研擬一年內上路 https://tw.appledaily.com/property/20200827/A4LP4YOSOFECVH5AJMGJLOHFQ4/ Stock exchange operator NZX says it halted trading after an offshore cyber attack https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12359520 New Zealand stock exchange hit by cyber attack for second day https://www.theguardian.com/technology/2020/aug/26/new-zealand-stock-exchange-hit-by-cyber-attack-for-second-day Bank of America Customer Opens Mobile App and Finds an Extra $2.45 Billion https://www.bloomberg.com/news/articles/2020-08-21/bofa-customer-opens-mobile-app-and-finds-an-extra-2-45-billion ATM makers Diebold and NCR deploy fixes for 'deposit forgery' attacks https://www.zdnet.com/article/atm-makers-diebold-and-ncr-deploy-fixes-for-deposit-forgery-attacks/ Система хитрых платежей Мошенники нашли способ выводить деньги через СБП https://www.kommersant.ru/doc/4465889 The Central Bank has fixed a vulnerability in the Fast Payment System, which hackers used to steal funds https://www.en24news.com/2020/08/the-central-bank-has-fixed-a-vulnerability-in-the-fast-payment-system-which-hackers-used-to-steal-funds.html Federal authorities warn North Korean hackers are targeting banks https://thehill.com/policy/cybersecurity/513798-federal-authorities-warn-north-korean-hackers-are-targeting-banks?&web_view=true Ex-Bank of America employees allege ‘extreme pressure' to sell credit cards https://www.americanbanker.com/news/ex-bank-of-america-employees-allege-extreme-pressure-to-sell-credit-cards DDoS extortionists target NZX, Moneygram, Braintree, and other financial services https://www.zdnet.com/article/ddos-extortionists-target-nzx-moneygram-braintree-and-other-financial-services/#ftag=RSSbaffb68 3.電子支付/行動支付/pay/資安 台南市民卡朝電子支付 明年推「數位市民卡」 https://udn.com/news/story/7323/4816424?from=udn-catelistnews_ch2 北市推機車月票方案 每月400停到飽電子支付再折100 https://reurl.cc/2grN1a 擴大搶行動支付商機 麥當勞攜手LINE Pay全台優惠大放送 https://www.chinatimes.com/realtimenews/20200826002481-260410?chdtv 悠遊付環球首站送12%　LINE Pay熊大駐點麥當勞 https://www.cardu.com.tw/news/detail.php?41418 LINE Pay嗶進超商 回饋衝20% https://money.udn.com/money/story/12040/4782677 「行動支付」釀爆炸！中國加油站頻出意外　官方終於禁用 https://www.setn.com/News.aspx?NewsID=801569 小攤商加入行動支付 南台灣推動卻卡卡的 https://udn.com/news/story/7327/4817732 結帳快速又安全! 餐飲業試辦行動支付成效佳 https://reurl.cc/2grN2a 手機科技／不用帶錢包 行動支付輕鬆搞定 https://udn.com/news/story/7098/4788968 打造高質感旅遊島嶼 小琉球鼓勵「行動支付」 https://reurl.cc/MdA9an 4.加密貨幣/挖礦/區塊鍊 資安 資本外逃？過去一年逾 500 億美元虛擬貨幣從中國移往海外 https://finance.technews.tw/2020/08/21/virtual-currency-tether-china/ Uber前資安長「隱匿重大犯罪」遭起訴，美國司法部：駭客封口費付了 10 萬美元比特幣 https://blocktempo.com/ubers-former-cso-charged-with-paying-bitcoin-to-conceal-hack/ 【外國人也能拿】南韓發行「區塊鏈駕照」領照數突破百萬！一步驟教你怎麼拿 https://buzzorange.com/techorange/2020/08/21/blockchain-driver-license/ 千蕎團隊「美女業務」虛擬貨幣詐騙案，獲法院不起訴？案情似乎不單純 https://www.blocktempo.com/taiwans-cyrptocurrency-selling-team-was-confirmed-not-to-prosecuted-for-fraud/ 掃蕩遺毒｜Bitfinex 8.5億資金挪用案：再凍結「影子銀行」合夥人 56 個頂尖銀行帳戶 https://blocktempo.com/accounts-of-suspect-in-bitfinex-case-in-several-top-banks-were-held/ 數位人民幣與數位貨幣、電子支付有何區別？專家說給你聽 https://news.knowing.asia/news/541948fe-3c5d-4c6b-9ed9-8c6cf202239c 中國推進數字貨幣大規模測試，世界多國角逐激烈 https://www.bbc.com/zhongwen/trad/business-53722841 亞太電信攜手TBCASoft 領先同業成功建置區塊鏈跨境支付完整系統 https://www.storm.mg/article/2985591 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 臺灣電子製造業遭勒索軟體再添一樁，金橋科技公告自家公司與旗下兩公司都遭勒索病毒感染 https://www.ithome.com.tw/news/139677 北韓駭客組織HIDDEN COBRA所利用之惡意程式BLINDINGCAN，請注意防範 https://oits.pu.edu.tw/p/406-1002-13973,r11.php?Lang=zh-tw 研究：新一代殭屍網路FritzFrog感染500臺伺服器以幫駭客挖礦 http://www.securtec.com.tw/news/More?id=573#.X0JwNsgzbIU 中國平價手機遭預裝惡意程式，20多萬台設備受影響 https://www.twcert.org.tw/tw/cp-104-3904-ff8d6-1.html 美國猶他大學遭勒贖攻擊，被迫支付 457,000 美元贖款 https://www.twcert.org.tw/tw/cp-104-3896-1d756-1.html 美國示警後 德安全機構也提醒：小心中國惡意軟體「黃金間諜」 https://m.ltn.com.tw/news/world/breakingnews/3268954 資安研究人員發現新版挖礦僵屍網路，會竊取 AWS 登入資訊 https://www.twcert.org.tw/tw/cp-104-3874-e6509-1.html 美國財政部、聯邦調查局、國土安全部、網戰司令部發出聯合警訊，警示北韓政府針對多國金融機關從事駭侵活動 https://www.twcert.org.tw/tw/cp-104-3902-450ac-1.html 挖礦惡意程式藉由假防毒防駭軟體大肆散布 https://www.twcert.org.tw/tw/cp-104-3900-ab831-1.html 他來了！WannaRen勒索病毒作者主動向火絨提供解密密鑰 http://bbs.huorong.cn/forum.php?mod=viewthread&tid=68350 WannaRen Decryption Tool https://labs.bitdefender.com/2020/08/wannaren-decryption-tool/ WannaRen ransomware author contacts security firm to share decryption key https://www.zdnet.com/article/wannaren-ransomware-author-contacts-security-firm-to-share-decryption-key/ Joint Technical Alert - “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks” https://www.fortinet.com/blog/threat-research/joint-technical-alert-fastcash-2-0-north-koreas-beagleboyz-robbing-banks U.S. GOV Exposed North Korean Remote Access Trojan BLINDINGCAN That Can Hack The GOV Networks https://cybersecuritynews.com/u-s-gov-exposed-north-korean-remote-access-trojan/ Hackers Target Defense Contractors' Employees By Posing as Recruiters https://thehackernews.com/2020/08/job-offer-hackers.html Grandoreiro banking trojan impersonates Spain’s tax agency https://www.welivesecurity.com/2020/08/21/grandoreiro-banking-trojan-impersonates-spain-tax-agency/ QAKBOT (QBOT) MALDOC CAMPAIGN INTRODUCES TWO NEW TECHNIQUES INTO ITS ARSENAL https://blog.morphisec.com/qakbot-qbot-maldoc-two-new-techniques Linux users no longer safe from this up-and-coming DDoS botnet https://www.techradar.com/news/linux-users-no-longer-safe-from-this-up-and-coming-ddos-botnet Operation BookCode 홈페이지를 통한 내부망 장악 https://www.krcert.or.kr/data/reportView.do?bulletin_writing_sequence=35330 Outdated. Archive it instead of delete it https://github.com/nyan-x-cat/lime-rat Beware!! New Peer-to-Peer Fileless Botnet Malware Attack SSH Servers Around the World https://cybersecuritynews.com/peer-to-peer-fileless-botnet-fritzfrog-attack-ssh-servers/ Hundreds of URLs Inside Microsoft Excel Spreads New Dridex Trojan Variant https://www.fortinet.com/blog/threat-research/hundreds-of-urls-inside-microsoft-excel-spreads-new-dridex-trojan-variant Lucifer’s Spawn https://www.netscout.com/blog/asert/lucifers-spawn Community-provided Amazon Machine Images come with malware risk https://www.bleepingcomputer.com/news/security/community-provided-amazon-machine-images-come-with-malware-risk/ Turla hacker group steals antivirus logs to see if its malware was detected https://www.zdnet.com/article/turla-hacker-group-steals-antivirus-logs-to-see-if-its-malware-was-detected/ 10 Different Types of Dangerous Malware Attack and How to Avoid them https://cybersecuritynews.com/types-of-malware/ Lucifer botnet now infecting Linux-based systems https://www.computing.co.uk/news/4019307/lucifer-botnet-infecting-linux-systems Google Drive security issue could disguise malicious files into legitimate documents https://www.gadgetbridge.com/news/google-drive-security-issue-could-disguise-malicious-files-into-legitimate-documents/ Lifting the veil on DeathStalker, a mercenary triumvirate https://securelist.com/deathstalker-mercenary-triumvirate/98177/ RTF Royal Road drops a new backdoor MFC and links with Goblin Panda https://medium.com/@Sebdraven/rtf-royal-road-drops-a-new-backdoor-mfc-and-links-with-goblin-panda-90db06f80611 A Google Drive 'Feature' Could Let Attackers Trick You Into Installing Malware https://thehackernews.com/2020/08/google-drive-file-versions.html Hackers Target Defense Contractors' Employees By Posing as Recruiters https://thehackernews.com/2020/08/job-offer-hackers.html FBI/CISA Warn US Firms of State-Mandated Tax Malware https://www.infosecurity-magazine.com/news/fbicisa-warn-us-firms/ Transparent Tribe: Evolution analysis,part 2 https://securelist.com/transparent-tribe-part-2/98233/ LinkedIn Job Seeker Phishing Campaign Spreads Agent Tesla https://www.zscaler.com/blogs/research/linkedin-job-seeker-phishing-campaign-spreads-agent-tesla New AI algorithm to detect cryptocurrency miners as they steal power https://www.helpnetsecurity.com/2020/08/26/ai-algorithm-detect-cryptocurrency-miners/ Thousands of Cheap Android Phones in Africa Were Pre-Installed With Malware https://www.pcmag.com/news/thousands-of-cheap-android-phones-in-africa-were-pre-installed-with-malware WELL-KNOWN MALWARE COMMITTING CLICK AD FRAUD ON LOW-END DEVICES IN EMERGING MARKETS UNCOVERED BY SECURE-D https://www.upstreamsystems.com/well-known-malware-committing-click-ad-fraud-low-end-devices-emerging-markets-uncovered-secure-d/ Sophisticated cryptojacking malware targets banking and education https://coingeek.com/sophisticated-cryptojacking-malware-targets-banking-and-education/ North Korean hacking group using LinkedIn to attack crypto firms https://telanganatoday.com/north-korean-hacking-group-using-linkedin-to-attack-crypto-firms Threat Intelligence Report: Lazarus Group Campaign Targeting the Cryptocurrency Vertical https://labs.f-secure.com/publications/ti-report-lazarus-group-cryptocurrency-vertical Campagna di Attacco “Previdenza Sociale” https://yoroi.company/warning/campagna-di-attacco-previdenza-sociale/ Transparent Tribe: Evolution analysis, part 2 https://securelist.com/transparent-tribe-part-2/98233/ Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages https://www.proofpoint.com/us/blog/threat-insight/threat-actor-profile-ta2719-uses-colorful-lures-deliver-rats-local-languages BitRAT – The Latest in Copy-pasted Malware by Incompetent Developers https://krabsonsecurity.com/2020/08/22/bitrat-the-latest-in-copy-pasted-malware-by-incompetent-developers/ Cetus: Cryptojacking Worm Targeting Docker Daemons https://unit42.paloaltonetworks.com/cetus-cryptojacking-worm/ Emotet botnet returns after a five-month absence https://www.zdnet.com/article/emotet-botnet-returns-after-a-five-month-absence/ US sues to recover cryptocurrency funds stolen by North Korean hackers https://www.zdnet.com/article/us-sues-to-recover-cryptocurrency-funds-stolen-by-north-korean-hackers/#ftag=RSSbaffb68 Mercenary hacker group targets companies with 3Ds Max malware https://www.zdnet.com/article/mercenary-hacker-group-targets-companies-with-3ds-max-malware/#ftag=RSSbaffb68 B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G 1200 個 iOS App 使用含有廣告詐騙惡意程式碼，且會竊取資料的 SDK https://www.twcert.org.tw/tw/cp-104-3892-f4d1b-1.html Hackers can now clone your keys just by listening to them with a smartphone https://reurl.cc/v11zoA New Bait Used in Instagram Profile Hacking Scheme https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/new-bait-used-in-instagram-profile-hacking-scheme C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 跨境電商監管漏洞致泰國年稅收損失170億 https://thaizhonghua.com/2020/08/23/88293.html 中國間諜刺探達賴喇嘛情資被捕！ 印度加強維安 https://www.rti.org.tw/news/view/id/2076841 【出包誰扛】從中國駭客及美國假駕照談數位身分證 https://tw.appledaily.com/forum/20200821/33FDL5TT2FAVVMGBAW3CG3VJHA/ 中資疑慮難解 「淘寶台灣」恐禁用 https://reurl.cc/3LLzMV 全球淨網結盟 反制中共固資安 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1252107&type=forum G Suite又發生全球大規模故障事件，Gmail和雲端硬碟出狀況已持續超過3小時 https://www.ithome.com.tw/news/139515 美大學強迫學生安裝COVID-19檢測及定位App https://www.ithome.com.tw/news/139548 美選舉安全官員：大選計票慢 外國恐伺機干預 https://money.udn.com/money/story/5599/4799958 五國軍事機密遭駭客公布暗網 https://www.league-funny.com/funny/article-157327 [新聞] 調查局首揭國內資安破口現況 至少十公家單位與4家資訊服務供應商遇害 https://pttgopolitics.com/gossiping/M.1597938963.A.ECF.html 台近九成網攻來自大陸 中共黑客威脅多國資安 https://tw.aboluowang.com/2020/0822/1492426.html 合法掩護非法　中國駭客 雙模式襲台 https://www.ocac.gov.tw/OCAC/Pages/Detail.aspx?nodeid=3214&pid=18700341 中國兩駭客組織專攻我政府標案商，調查局揭 11 個惡意網域 https://reurl.cc/D660ld 中共放毒不打自招 https://talk.ltn.com.tw/article/breakingnews/3268319 憂中國設備裝後門 印度要電信商提資安報告 https://www.ocacnews.net/overseascommunity/article/article_story.jsp?id=261763 中國成功發射3衛星 稱可提供一帶一路訊息保障 https://www.cna.com.tw/news/acn/202008230143.aspx 中國北京互聯網法院：抖音、微信讀書侵犯個人信息權 https://reurl.cc/5qqmRR 中共竊密無所不包 國際共同防範 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1252991&type=forum 中共黑客入侵台政府機關 台灣封殺愛奇藝騰訊 https://hk.epochtimes.com/news/2020-08-23/85164577 中涉隱匿疫情！澳專家再爆實驗室竄改數據 https://reurl.cc/OqqOGr 駭進武漢實驗室！專家驚爆：發現疫情爆發後 中國刪除數據庫 https://news.ltn.com.tw/news/world/breakingnews/3267798 北京竟然這樣做 駭入武漢實驗室驚人發現 https://www.secretchina.com/news/b5/2020/08/22/943785.html 【寰宇韜略】中共灰色地帶及混合戰 衝擊美戰略（上） https://www.ydn.com.tw/news/newsInsidePage?chapterID=1251290&type=forum 【寰宇韜略】中共灰色地帶及混合戰 衝擊美戰略（下） https://www.ydn.com.tw/news/newsInsidePage?chapterID=1252071&type=forum Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government https://threatpost.com/transparent-tribe-ongoing-spy-campaign-military-government/158515/ Transparent Tribe group targets Government and Military by infecting USB Devices https://www.offensive-hackers.com/2020/08/Transparent-Tribe-group-targets-Government-and-Military-by-infecting-USB-Devices.html Cyber attacks: Several Canadian government services disrupted https://www.welivesecurity.com/2020/08/24/cyber-attacks-canada-revenue-agency-government/ Iranian hackers impersonate journalists to set up WhatsApp calls and gain victims' trust https://www.zdnet.com/article/iranian-hackers-impersonate-journalists-to-set-up-whatsapp-calls-and-gain-victims-trust/#ftag=RSSbaffb68 TLS and VPN Flaws Offer Most Pen Tester Access https://www.infosecurity-magazine.com/news/tls-vpn-flaws-tester/ 61140-資安工程師 https://www.104.com.tw/job/7144y D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞 FBI親授密碼這樣設最安全…全球最爛密碼一併大公開 https://cnews.com.tw/137200823a01/ 假選舉文宣電郵藏陷阱 按「取消訂閱」反而遭駭 https://reurl.cc/6ll8dV 十年心血一夕轉空 台主播陳雅琳急發聲明 https://tw.aboluowang.com/2020/0823/1492565.html 手指輕點按鍵大賺佣金？ 蝦皮集單APP都是詐騙 https://udn.com/news/story/7321/4803983?from=udn-catebreaknews_ch2 【黨員個資曝光】北戴河會後傳出什麼異音 https://tw.appledaily.com/forum/20200821/OTGBB53UNFHFLFR5OJH7DG4KTI/ 免費圖像網站Freepik披露數據洩露事件影響830萬用戶 https://www.cnbeta.com/articles/tech/1019337.htm 超過 50,000 個詐騙登入頁面，假冒超過 200 個全球大型品牌 https://www.twcert.org.tw/tw/cp-104-3899-87c31-1.html IKEA員工價代購　詐30人 https://tw.appledaily.com/headline/20200821/MADJ2SYRAJDJ5DBDXZ53QRSA6A/ Taiwan: Around 6000 government email accounts hacked by China sponsored hackers. https://stormbreaker.in/2020/08/21/taiwan-around-6000-government-email-accounts-hacked-by-china-sponsored-hackers/ Former Uber Security Chief Charged Over Covering Up 2016 Data Breach https://thehackernews.com/2020/08/uber-data-breach-cover-ups.html Experian South Africa Suffers Data Breach Affecting Millions; Attacker Identified https://thehackernews.com/2020/08/experian-data-breach-attack.html EXPERIAN DATA BREACH https://www.sabric.co.za/media-and-news/press-releases/experian-data-breach/ Hackers Leak Alleged Internal Files of Chinese Social Media Monitoring Firms https://www.vice.com/en_us/article/dyzewz/hackers-leak-alleged-internal-files-of-chinese-social-media-monitoring-firms Experian South Africa Suffers Data Breach Affecting Millions; Attacker Identified https://thehackernews.com/2020/08/experian-data-breach-attack.html Former Uber Security Chief Charged Over Covering Up 2016 Data Breach https://thehackernews.com/2020/08/uber-data-breach-cover-ups.html Dually Deceptive: Two New Phishing Scams Swimming by Your SEG https://www.inky.com/blog/dually-deceptive-two-new-phishing-scams-swimming-by-your-seg E.研究報告 通達OA 2015-2017版本多個0-Day漏洞可致遠程代碼執行 https://www.secpulse.com/archives/139046.html 近期公開0day及漏洞匯總 https://www.freebuf.com/articles/web/247465.html 下載量超1600萬的熱門開源JavaScript 序列化包中被曝RCE 漏洞 https://www.secrss.com/articles/24894 CVE-2020-15778 OpenSSH命令注入漏洞復現 https://codingnote.cc/zh-tw/p/181385 PowerFall惡意活動：IE和Windows的兩個0-day漏洞分析 https://www.anquanke.com/post/id/214347 Potato家族本地提權報告 https://xz.aliyun.com/t/7776 JBass 弱口令及任意文件下載漏洞分析 https://www.chainnews.com/zh-hant/articles/836064062553.htm Struts2 S2-059 漏洞分析 https://www.anquanke.com/post/id/214843shiro 漏洞管理那些事兒（四）| 暗箭而已，百戰不惑 https://www.freebuf.com/articles/network/247515.html WordPress 根目錄檢查 wp-config.??? 不明檔案 https://www.vedfolnir.com/wordpress-wp-config-root-directory-security-breach-41164.html MITRE公布這兩年全球最危險的25種軟體安全缺陷 https://us-cert.cisa.gov/ncas/current-activity/2020/08/20/cisco-releases-security-updates 2020 CWE Top 25 Most Dangerous Software Weaknesses https://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.html Bashtop - Linux/OSX/FreeBSD Resource Monitor https://www.kitploit.com/2020/08/bashtop-linuxosxfreebsd-resource-monitor.html Online Piracy Ring Dismantled https://www.infosecurity-magazine.com/news/online-piracy-ring-dismantled/ DEF CON Media Server https://media.defcon.org/ Devploit . version 2.3 https://github.com/joker25000/Devploit- Man-in-the-Middle Attack: What it is and how to protect yourself https://en.iguru.gr/2020/05/14/epithesi-man-in-the-middle-einai-kai-pos-prostatefteite/ Scan-For-Webcams - Scan For Webcams In The Internet https://www.kitploit.com/2020/08/scan-for-webcams-scan-for-webcams-in.html ReconSpider - Most Advanced Open Source Intelligence (OSINT) Framework For Scanning IP Address, Emails, Websites, Organizations https://www.kitploit.com/2020/08/reconspider-most-advanced-open-source.html hidden-tear https://github.com/goliate/hidden-tear Azure AD Pass The Certificate https://medium.com/@mor2464/azure-ad-pass-the-certificate-d0c5de624597 PHP7 Internals - Become a Wizard https://github.com/0xbigshaq/php7-internals Mobile Sentinel: detect vulnerabilities in deployed LTE and 5G networks https://securityonline.info/mobile-sentinel/ CVE-2019-0230 https://github.com/ramoncjs3/CVE-2019-0230 Finding the real IP address of a website behind Cloud Flare: Gathering Information https://medium.com/hengky-sanjaya-blog/finding-the-real-ip-address-of-a-website-behind-cloud-flare-gathering-information-ee74c548c821 Awesome-Bugbounty-Writeups https://github.com/devanshbatham/Awesome-Bugbounty-Writeups Threat and Anomaly Detection Rules https://loginsoftsecurity.gitbook.io/threat-detection/ Kali Linux 2020.3 Released with New Bluetooth Arsenal, Shells and Updated Tools Icons https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/kali-linux-2020-3/amp/ SignThief https://github.com/aaaddress1/SignThief IoT-PT OSv1 https://github.com/IoT-PTv/IoT-PT Tsunami https://github.com/google/tsunami-security-scanner Top 5 Tips To Protect Your Cloud from Cyber Attacks https://www.cloudcodes.com/article/top-5-tips-to-protect-your-cloud-from-attacks.html WebMap https://github.com/SabyasachiRana/WebMap Python-Backdoor https://github.com/xp4xbox/Python-Backdoor Increasing Enterprise Visibility: Integrated Defense with Mitre ATT&CK https://pentestmag.com/increasing-enterprise-visibility-integrated-defense-with-mitre-attck/ A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods https://gbhackers.com/external-penetration-testing/ Abusing Gmail to get previously unlisted e-mail addresses https://blog.0day.rocks/abusing-gmail-to-get-previously-unlisted-e-mail-addresses-41544b62b2 webkiller https://github.com/ultrasecurity/webkiller INFINITY-HACKS https://github.com/ExtremeHacking/INFINITY-HACKS The Top 10 Wifi Hacking Tools in Kali Linux https://medium.com/@henslejoseph/the-top-10-wifi-hacking-tools-in-kali-linux-fd707537ffe3 CTP-Course-memo https://github.com/takabaya-shi/CTP-Course-memo Emulation of Malicious Shellcode With Speakeasy https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html F.商業 F5發布會：駭客模擬《全網公敵》新預告 8月開啟搶先體驗 https://kirokiro.cc/games-news/13473 內賊如何閃避IT監控偷資料？精品科技揭露常見隱寫術與混淆手法 https://www.ithome.com.tw/news/139550 中華電信聲明數位身分證(eID)無資安疑慮 https://reurl.cc/r88eE1 數位身分證標案資安疑慮？中華電澄清皆由正職同仁執行 https://www.chinatimes.com/realtimenews/20200821001654-260410?chdtv 【關鍵資安議題】新世代資安指揮中心來了！提供更強大洞察力與執行力 https://www.ithome.com.tw/article/139571 G.政府 不怕「IE不能動」！行政院：抽查未發現單一使用IE https://udn.com/news/story/7086/4799413 針對有資安疑慮軟體，如抖音(TikTok)、微信(WeChat)，請勿安裝於和公務系統界接資訊設備 https://doit.gov.taipei/News_Content.aspx?n=9B8993131395DA3F&sms=93D47212F58C7A57&s=2F4A0D8D922875A0 因應資安法施行 通報應變網站調整說明 【公務機關】 https://ppt.cc/f8qQex H.工控系統/ICS/SCADA 相關資安 萬物聯網時代 工業網路資安拉警報 https://ctee.com.tw/industrynews/technology/322237.html PNPSCADA 2.200816204020 - 'interf' SQL Injection (Authenticated) https://www.exploit-db.com/exploits/48757 Seowon SlC 130 Router - Remote Code Execution https://www.exploit-db.com/exploits/48759 Siemens Desigo CC https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06 SSA-786743: Code Injection Vulnerability in Advanced Reporting for Desigo CC and Desigo CC Compact https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf I.教育訓練 Offensive Software Exploitation: Part 1 (Free Course) https://www.youtube.com/watch?v=juGR4iHub4c&list=PLpq88Q9avhRJo6qcyR3Y2_xPjtiEW-s1Q&index=2&t=0s Offensive Software Exploitation: Part 2 (Free Course) https://www.youtube.com/watch?v=TcJM1ph_Kdw&list=PLpq88Q9avhRJo6qcyR3Y2_xPjtiEW-s1Q&index=3&t=0s Harvard Online Courses https://online-learning.harvard.edu/ CyberEDUbeta Cybersecurity gym for the INFOSEC Community https://cyberedu.ro/ How to become a pentester https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/ J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 特斯拉現大漏洞！國內車主App找不到自家車卻能遠程控制5輛歐洲的車 https://tech.sina.com.cn/roll/2020-08-21/doc-iivhuipn9922818.shtml 駭客入侵太多次！智慧門鈴災情頻傳 宣布強制用戶啟動雙重認證機制 https://times.hinet.net/topic/23021272 新的物聯網基礎模塊漏洞可能使全球天量設備面臨安全風險 https://kknews.cc/tech/b3p8zg9.html 物聯網裝置五花八門　資安規範如何兼顧 https://www.onwardsecurity.com/laboratory/item/18 6.近期資安活動及研討會 中華電信學院 資通安全專業課程訓練 網站弱點偵測與防護管理 9/4 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=58 交通大學亥客書院 電子郵件之偽造攻擊與防護措施 9/5 https://hackercollege.nctu.edu.tw/?p=1203 台灣駭客年會 HITCON Training 2020 9/5 https://hitcon.kktix.cc/events/hitcon-training-2020 台灣駭客年會 HITCON Training 2020 - 學生報名 9/5 https://hitcon.kktix.cc/events/hitcon-training-2020-student 認證系統安全從業人員 SSCP 輔導班 9/5 ~ 9/13 https://www.iiiedu.org.tw/courses/asq902t2001/ 中華電信學院 資通安全專業課程訓練 物聯網資安威脅與實務 9/9 ~ 9/11 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=54 邊緣計算系統之大數據與深度學習應用 9/11 https://reurl.cc/62OD9k HITCON 2020 台灣駭客年會 9/11 https://hitcon.kktix.cc/events/hitcon-2020 交通大學亥客書院 基礎網頁安全與滲透測試 9/12 https://hackercollege.nctu.edu.tw/?p=1205 數據分析與機器學習案例實務(二)應用實例 上課時間： 2020/9/14 (一) 09:30 ～ 16:30 https://reurl.cc/1xAoMp 【單元課程班-認列董監進修時數】開始報名， 「資安戰略對企業發展關鍵意義及資安治理與防護」109/10/15 https://reurl.cc/AqGdlQ 中華電信學院 資通安全專業課程訓練 Web應用滲透測試 9/16 ~ 9/17 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=167 邊緣計算系統之大數據與深度學習應用 上課時間： 2020/9/18 (五) 09:30 ～ 16:30 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3895&from_course_list_url=homepage 交通大學亥客書院 緩衝區溢位攻擊與預防 10/17 https://hackercollege.nctu.edu.tw/?p=1207 中華電信學院 自主式移動機器人ROS開發實戰班 10/20 ~ 10/23 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=188 交通大學亥客書院 入侵行為發覺與應變指南 10/24 https://hackercollege.nctu.edu.tw/?p=1214 交通大學亥客書院 進階網頁滲透測試 10/31 https://hackercollege.nctu.edu.tw/?p=1216 交通大學亥客書院 阻斷服務攻擊/分散式阻斷服務攻擊/Botnet 11/7 https://hackercollege.nctu.edu.tw/?p=1218 交通大學亥客書院 基礎網站安全建構實務 11/14 https://hackercollege.nctu.edu.tw/?p=1220 交通大學亥客書院 系統防護及內網威脅通報應變實戰班 11/17、11/24 http://service.tabf.org.tw/tw/user/409646/course1-4.htm 交通大學亥客書院 惡意程式檢測實務 11/21 11/28 https://hackercollege.nctu.edu.tw/?p=1222 交通大學亥客書院 高階網頁滲透測試 12/5 12/12 https://hackercollege.nctu.edu.tw/?p=1224 交通大學亥客書院 系統滲透測試與漏洞利用 12/19 https://hackercollege.nctu.edu.tw/?p=1226 交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16 https://hackercollege.nctu.edu.tw/?p=1228 交通大學亥客書院 企業網域控管－Active Directory攻擊與防禦 2021/1/23 https://hackercollege.nctu.edu.tw/?p=1230