資安事件新聞週報 2019/7/22 ~ 2019/7/26

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2019/7/22 ~ 2019/7/26 1.重大弱點漏洞/後門/Exploit/Zero Day 為何漏洞修補會成為企業的一項挑戰？談虛擬修補( Virtual Patching) https://blog.trendmicro.com.tw/?p=61059 新版 Chrome 讓網站無法檢測到用戶是否在使用隱身模式 http://chinese.engadget.com/2019/07/19/chrome-76-to-stop-private-browsing-checks/ RDP Bug Takes New Approach to Host Compromise https://www.darkreading.com/risk/rdp-bug-takes-new-approach-to-host-compromise/d/d-id/1335297 Fortinet 產品繞過保安限制漏洞 https://fortiguard.com/psirt/FG-IR-19-144 Fortinet 產品繞過保安限制漏洞 https://fortiguard.com/psirt/FG-IR-16-090 https://fortiguard.com/psirt/FG-IR-19-111 IBM QRadar SIEM 跨站請求偽造漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4212 Over 8,500 Google Chrome Bug Reports, Larger Rewards in Store https://www.bleepingcomputer.com/news/security/over-8-500-google-chrome-bug-reports-larger-rewards-in-store/ Google 宣布提高 Chrome 安全漏洞回報獎金，最高達 30,000 美元 https://www.kocpc.com.tw/archives/270497 研究人員找到AI端點防護平台BlackBerry Cylance的通用旁路 https://www.ithome.com.tw/news/131980 IBM DB2 多個漏洞 https://www-01.ibm.com/support/docview.wss?uid=ibm10959043 FastJSON 遠程執行漏洞，速速升級 https://blog.csdn.net/youanyyou/article/details/96666200 德國網絡安全機構發現 VLC 播放器存在重大缺陷 https://unwire.hk/2019/07/22/critical-flaw-in-vlc-media-player-discovered-by-german-cybersecurity-agency/tech-secure/ Chrome 76 修復漏洞禁絕網站偵測用戶隱私模式 https://unwire.hk/2019/07/22/google-chrome-76-incognito-mode/software/pc-app/ NVIDIA靜默修復Selfblow漏洞可在Tegra芯片之上執行任意惡意代碼 https://www.expreview.com/69567.html Windows 10 1809 Cumulative Update KB4505658 Released With Fixes https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4505658-released-with-fixes/ Microsoft accidentally releases, then pulls Windows 10 preview build https://www.zdnet.com/article/microsoft-accidentally-releases-then-pulls-windows-10-preview-release/#ftag=RSSbaffb68 Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation https://www.exploit-db.com/exploits/47176 Windows zero-days don't usually work against the latest OS version https://www.zdnet.com/article/windows-zero-days-dont-usually-work-against-the-latest-os-version/ 美國公司出售武器化BlueKeep 漏洞利用 http://hackernews.cc/archives/26641 US company selling weaponized BlueKeep exploit https://www.zdnet.com/article/us-company-selling-weaponized-bluekeep-exploit/#ftag=RSSbaffb68 ProFTPd修補遠端程式攻擊漏洞，上百萬臺未更新ProFTPd伺服器恐曝險 https://www.ithome.com.tw/news/132007 ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers https://www.bleepingcomputer.com/news/security/proftpd-remote-code-execution-bug-exposes-over-1-million-servers/ Remote code execution vulnerability in VLC remains unpatched https://www.zdnet.com/article/remote-code-execution-vulnerability-in-vlc-remains-unpatched/ Palo Alto Networks VPN漏洞曝光，允許黑客遠程執行任意代碼 https://zhuanlan.zhihu.com/p/74841727 臺灣研究人員攻陷Palo Alto、Fortinet與Pulse Secure等SSL VPN服務漏洞 https://www.ithome.com.tw/news/132019 Palo Alto PAN-OS 遠端執行程式碼漏洞 https://securityadvisories.paloaltonetworks.com/Home/Detail/158 Critical flaw in Palo Alto VPN solution impacts Uber, other enterprises may be at risk https://www.zdnet.com/article/uber-hit-by-critical-vulnerability-in-palo-alto-vpn-solution/#ftag=RSSbaffb68 Critical RCE Flaw in Palo Alto Gateways Hits Uber https://threatpost.com/critical-rce-flaw-palo-alto-gateways-uber/146606/ Symantec Ghost Solution Suite DLL Hijack https://support.symantec.com/us/en/article.SYMSA1474.html CentOS-WebPanel CVE-2019-13359 CVE-2019-13360 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13359 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13360 Rapid7 Insight Agent CVE-2019-5629 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-5629 13 vulnerabilities disclosed in U-Boot loader https://www.scmagazine.com/home/security-news/vulnerabilities/13-vulnerabilities-disclosed-in-u-boot-loader/ Unpatched vulnerabilities lurk in Comodo Antivirus https://www.zdnet.com/article/comodo-antivirus-subject-to-serious-unpatched-vulnerabilities/#ftag=RSSbaffb68 2.銀行/金融/保險/證券/支付系統/ 新聞及資安一鍵登入所有金融服務，開放銀行能幫你省荷包？FinTech業者現身說 https://www.bnext.com.tw/article/54062/taiwan-open-banking-tsp-moneybook 推動開放銀行業者擬結盟新創 https://money.udn.com/money/story/5613/3940467 國銀API串接企業將邁大步 https://money.udn.com/money/story/5613/3940464 陳錦稷專欄：純網銀要如何監管 https://www.storm.mg/article/1496709?srcid=73746f726d2e6d675f63373766396366313733396365313337_1563757464 銀行爛頭寸有10兆元？金管會：不精確也不正確 https://ec.ltn.com.tw/article/breakingnews/2859808 「金飯碗」年輕人hold不住？銀行離職率最高是這家 https://www.cmmedia.com.tw/home/articles/16616 國軍保險由旺中旗下保險公司承保　國防部：符合資格無資安疑慮 https://www.upmedia.mg/news_info.php?SerialNo=67856 台灣基進揭旺中掌握國軍個資近10年？國防部：沒有資安疑慮 http://bit.ly/2JL4kBc 旺旺友聯承保未洩官兵個資 https://www.chinatimes.com/newspapers/20190724000553-260102?chdtv 雨炸高雄！水灌銀行慘淹鈔票、ATM http://bit.ly/2XXHxes 郵局系統大異常全台ATM、儲匯都無法作業 https://udn.com/news/story/7266/3947430 中華郵政全台大當機緊急搶修中 https://money.udn.com/money/story/5648/3947437?ref=tab20190724 中華郵政全臺ATM大當機，連臨櫃、手機App、網路郵局都中斷服務 https://www.ithome.com.tw/news/132003 中華郵政維修主機造成全國網路郵局、行動APP、ATM提款機都不能用，這樣的系統能讓人安心嗎 http://bit.ly/2Oepoo8 全台中華郵政電腦大當機搶修中恢復時間未定 https://www.ntdtv.com/b5/2019/07/24/a102629290.html 郵局ATM當機2小時完成搶修 https://www.chinatimes.com/realtimenews/20190724001905-260410?chdtv 中華郵政全台大當機 10時25分完成修復 https://money.udn.com/money/story/5648/3947687 郵局ATM當機已修復原因是主機系統修補程式異常 https://www.chinatimes.com/realtimenews/20190724001952-260410?chdtv 交易程式改版致大當機中華郵政致歉：測試時沒問題 https://news.ltn.com.tw/news/life/breakingnews/2862247 中華郵政全台當機2小時高手揭「系統維修SOP」：財產放那安心嗎 https://udn.com/news/story/7086/3949191 中華郵政再度大當機　2年4次故障頻率奇高 https://n.yam.com/Article/20190725332733 ATM當機頻傳銀行業列3種常見狀況與因應方法 https://www.cna.com.tw/news/afe/201907250115.aspx 才隔一個月又出包，中華郵政儲匯、ATM當機 http://bit.ly/2Y40CLP 純網銀效應金管會鬆綁數位存款帳戶規定 https://money.udn.com/money/story/5613/3943077 銀行查核理專五大要點 https://money.udn.com/money/story/5613/3930791 虛銀衝擊傳統銀行電子支付將掀浪潮 http://bit.ly/2Y1FFBh 銀聯國際獲頒尼泊爾支付系統運營商牌照 https://news.sina.com.tw/article/20190724/32081238.html 香港上水中信銀行櫃員機兩cctv鏡頭遭人噴黑油 http://bit.ly/2JMJPEn 「長輩圖」流傳銀行出事香港金管局澄清：絕無此事 http://bit.ly/2OgZiRv 「純網銀」是什麼？ㄧ張圖，秒懂純網銀、數位銀行、傳統銀行差在哪 https://www.managertoday.com.tw/articles/view/57991 操盤手涉嫌用LINE炒股金管會盯上壽險公司列金檢重點 https://money.udn.com/money/story/5613/3948914 定了！7月22日起，國家取消企業銀行帳戶許可！這樣轉帳將嚴查 https://kknews.cc/finance/y36lmzb.html 曾被批詐騙集團、遭銀行界封殺，麻布記帳App如何搭上開放銀行風潮重生 https://www.bnext.com.tw/article/54107/moneybook 金害！賣保單缺失多達26個中華郵政遭重罰80萬元 https://ec.ltn.com.tw/article/breakingnews/2864170 純網銀下周公布傳統銀行砸資源備戰 https://udn.com/news/story/7239/3951152 歐盟立法PSD2指令，許多歐盟銀行放棄不安全的SMS OTP驗證 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=895 New Audit Finds More Security Vulnerabilities at IRS https://www.bankinfosecurity.com/new-audit-finds-more-security-vulnerabilities-at-irs-a-12803 Spray and Pray: Magecart Campaign Breaches Websites En Masse Via Misconfigured Amazon S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/ FIN8 Group Returns, Targeting POS Devices With New Tools https://www.bankinfosecurity.com/fin8-group-returns-targeting-pos-devices-new-tools-a-12819 ABADBABE 8BADF00D: Discovering BADHATCH and a Detailed Look at FIN8’s Tooling https://atr-blog.gigamon.com/2019/07/23/abadbabe-8badf00d-discovering-badhatch-and-a-detailed-look-at-fin8s-tooling/ 3.電子支付/電子票證/行動支付/ pay/新聞及資安電子錢包的私隱成本 http://bit.ly/2OhSmDA 日本7-11行動支付被盜刷疑中國犯罪集團犯案 https://www.bannedbook.org/bnews/zh-tw/worldnews/20190712/1157342.html 數百名用戶遭駭客竊取5,000多萬日圓　日本7-11停用手機支付App https://digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&cat3=45&id=0000564028_2M1LKTXU39OUN97MGWLOD 電子票證擁高市占三大Pay稱霸 https://www.chinatimes.com/newspapers/20190722000398-260208?chdtv 亞太電信GtPay 搶智慧繳費商機 https://money.udn.com/money/story/12524/3939346 小米9T使用台哥大wali錢包nfc行動支付 https://www.ptt.cc/bbs/MobileComm/M.1563061109.A.67B.html 三分鐘就升級！串接行動支付、自動通知補貨，業安科技讓販賣機變得更智慧 http://bit.ly/2Y1pwM1 LINE Pay綁定個資稅款即查即繳 http://bit.ly/2K5g0hs 網家Pi錢包支付露天採用 https://money.udn.com/money/story/11074/3951321 土耳其領先的新一代支付平臺ininal攜手Visa為客戶提供更大的金融包容性 http://bit.ly/2OjXLdo LG Pay launches in US on the G8 ThinQ with MST capability https://www.zdnet.com/article/lg-pay-launches-in-us-on-the-g8-thinq-with-mst-capability/#ftag=RSSbaffb68 4.虛擬貨幣/區塊鍊新聞及資安關於TokenLinkedToken的一點記錄 https://0cch.com/2018/08/24/tokenlinkedtoken-tip/ 最新比特幣漏洞：利用PDF漏洞的比特幣木馬 http://www.bitcoin86.com/teach/411.html 智能合約中的漏洞0x-區塊鍊趨勢 https://0xzx.com/201907211737180946.html 中國法院第一次將「比特幣認定為財產」 https://www.blocktempo.com/china-ruling-bitcoin-is-property-again-is-major-milestone-says-investor/ 接受比特幣作為支付方式！外媒評選出10個對比特幣最友好的國家 https://news.sina.com.tw/article/20190722/32052052.html 證實台灣客戶受駭客事件影響，BITPoint Taiwan將導入自身系統防範類似事件重演 http://bit.ly/2YfIWYN 交易所幣寶台灣（Bitpoint Taiwan）全面停止服務，調查是否受日本駭客事件波及 https://www.blocktempo.com/bitpoint-taiwan-fully-suspend/ 不怕川普對加密貨幣開砲幣安創辦人：越監管讓人越想要 https://ec.ltn.com.tw/article/breakingnews/2861306 Libra 受到各國政府阻擋而前景堪憂！英國：它只是個數據庫罷了 https://buzzorange.com/techorange/2019/07/15/libra-future-not-good/ BC科技推加密貨幣保險最高受保限額39億 http://bit.ly/2LCO7Af 交易所巨頭 Coinbase 計畫成立「自己的保險公司」 https://www.blocktempo.com/coinbase-is-in-talks-to-launch-its-own-insurance-company/ 調查局：虛擬通貨易淪為吸金詐騙工具 https://money.udn.com/money/story/5648/3950555 為深入調查是否遭駭客波及，幣寶台灣 (Bitpoint Taiwan) 宣布全面暫停服務 https://www.xfastest.com/thread-230973-1-1.html Japan to create SWIFT replacement for global cryptocurrency trading https://www.zdnet.com/article/japan-to-create-swift-replacement-for-global-cryptocurrency-trading/#ftag=RSSbaffb68 Judge allows suit against AT&T after $24 million cryptocurrency theft https://arstechnica.com/tech-policy/2019/07/judge-allows-suit-against-att-after-24-million-cryptocurrency-theft/ Robinhood admits to storing some passwords in cleartext https://www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/#ftag=RSSbaffb68 Robinhood reveals error that left user passwords exposed https://www.reuters.com/article/us-robinhood-cyber/robinhood-reveals-error-that-left-user-passwords-exposed-idUSKCN1UJ318 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式資安公司發現瞄準Linux桌面使用者的後門程式EvilGnome https://www.ithome.com.tw/news/131942 間諜程式Pegasus再進化！透過手機複製用戶身份驗證密鑰　竊取個資、雲端數據 https://www.ettoday.net/news/20190719/1494275.htm Sodinokibi勒索病毒利用Flash漏洞強勢來襲 https://www.secpulse.com/archives/109835.html 電腦蠕蟲除不盡吹又生　病毒後門攻擊阻斷樣樣來網頁伺服器安全不設防　小心挖礦惡意程式找上門 https://www.netadmin.com.tw/netadmin/zh-tw/technology/71FBC8AE6F9A4DF3891EE7F76D88ACAD 中惡意程式攻台逾全球平均4倍量 https://ec.ltn.com.tw/article/paper/1305549 Lookout揭開由俄羅斯國防承包商STC所打造的高級間諜程式Monokle面紗 https://www.ithome.com.tw/news/132039 Avast detects and protects users from malware targeting banks, Netflix https://blog.avast.com/avast-protects-users-from-malware-targeting-banks New variants of Russian mobile Banking Trojan Riltok go international http://destinationthailandnews.com/tourism/technology/new-variants-of-russian-mobile-banking-trojan-riltok-go-international.html APT34 spread malware via LinkedIn invites http://bit.ly/2YoxwWX APT17 is run by the Jinan bureau of the Chinese Ministry of State Security https://intrusiontruth.wordpress.com/2019/07/24/apt17-is-run-by-the-jinan-bureau-of-the-chinese-ministry-of-state-security/ APT-doxing group exposes APT17 as Jinan bureau of China's Security Ministry https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/#ftag=RSSbaffb68 Dridex Trojan: A glimpse into the banking trojan’s malicious activities https://cyware.com/news/dridex-trojan-a-glimpse-into-the-banking-trojans-malicious-activities-05a87590 Ransomware Attacks Grow Rampant, Paying Still Not a Good Option https://www.bleepingcomputer.com/news/security/ransomware-attacks-grow-rampant-paying-still-not-a-good-option/ Google cleans out stalker, spyware apps from Play Store https://www.zdnet.com/article/google-cleans-out-stalker-apps-from-play-store/ Ransomware Attacks Cloud Service Provider Insynq Impacted https://www.msspalert.com/cybersecurity-breaches-and-attacks/ransomware/insynq-outage/ NSO Responds To Claim Its Spyware Hacks Apple, Facebook And Google Clouds (Updated) https://www.forbes.com/sites/zakdoffman/2019/07/19/israeli-whatsapp-spyware-now-targets-icloud-google-and-facebook-via-phones-report/ Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections https://threatpost.com/iran-apt34-linkedin-malware/146575/ THE AVAST ABUSER: METAMORFO BANKING MALWARE HIDES BY ABUSING AVAST EXECUTABLE https://blog.ensilo.com/metamorfo-avast-abuser BITPAYMER RANSOMWARE LEVERAGING NEW CUSTOM PACKER FRAMEWORK AGAINST TARGETS ACROSS THE U.S. http://bit.ly/30Knz3x Fake Office 365 Site Pushes Trickbot Trojan as Browser Update https://www.bleepingcomputer.com/news/security/fake-office-365-site-pushes-trickbot-trojan-as-browser-update/ Mirai malware sets sights on enterprise IoT devices ripe for picking http://bit.ly/30JfPik Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’ https://blog.trendmicro.com/trendlabs-security-intelligence/multistage-attack-delivers-billgates-setag-backdoor-can-turn-elasticsearch-databases-into-ddos-botnet-zombies/ Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide https://blog.trendmicro.com/trendlabs-security-intelligence/old-tools-for-new-money-url-spreading-shellbot-and-xmrig-using-17-year-old-xhide/ This Week in Security News: Spam Campaigns and Mobile Malware https://blog.trendmicro.com/this-week-in-security-news-spam-campaigns-and-mobile-malware/ Targeted Ransomware: Proliferating Menace Threatens Organizations https://www.symantec.com/blogs/threat-intelligence/targeted-ransomware-threat Researchers Trick Cylance Into Giving Malware a Pass https://www.bankinfosecurity.asia/researchers-trick-cylance-into-giving-malware-pass-a-12798 Cloud-based virtual desktop provider hit by ransomware https://www.zdnet.com/article/cloud-based-virtual-desktop-provider-hit-by-ransomware/#ftag=RSSbaffb68 iNSYNQ Continues Recovery From MegaCortex Ransomware Attack https://www.bankinfosecurity.com/insynq-continues-recovery-from-megacortex-ransomware-attack-a-12816 Ransomware: Most Popular Malware in Underground Forums https://www.bleepingcomputer.com/news/security/ransomware-most-popular-malware-in-underground-forums/ Popular Malware Families Using 'Process Doppelgänging' to Evade Detection https://thehackernews.com/2019/07/process-doppelganging-malware.html Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List https://thehackernews.com/2019/07/linux-malware-windows-bluekeep.html Watching the WatchBog: New BlueKeep Scanner and Linux Exploits https://www.intezer.com/blog-watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/ BlueKeep Scanner Discovered in Watchbog Cryptomining Malware https://www.bleepingcomputer.com/news/security/bluekeep-scanner-discovered-in-watchbog-cryptomining-malware/ New Android Spyware Created by Russian Defense Contractor Found in the Wild https://thehackernews.com/2019/07/russian-android-spying-apps.html Sodinokibi Ransomware Distributed by Hackers Posing as German BSI https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-distributed-by-hackers-posing-as-german-bsi/ Popular File-Sharing Service WeTransfer Used in Malicious Spam Campaigns https://threatpost.com/popular-file-sharing-service-wetransfer-used-in-malicious-spam-campaigns/146671/ Dridex Banking Trojan, RMS RAT eliminado a través de mensajes de correo electrónico falso https://www.todotech20.com/dridex-banking-trojan-rms-rat-eliminado-a-traves-de-mensajes-de-correo-electronico-falso/ Mobile malware attacks are booming in 2019: These are the most common threats https://theusbreakingnews.com/mobile-malware-attacks-are-booming-in-2019-these-are-the-most-common-threats/ New malware attack turns Elasticsearch databases into DDoS botnet https://www.hackread.com/malware-attack-turns-elasticsearch-databases-into-ddos-botnet/ Ransomware incident leaves some Johannesburg residents without electricity https://www.zdnet.com/article/ransomware-incident-leaves-some-johannesburg-residents-without-electricity/#ftag=RSSbaffb68 B.行動安全 / iPhone / Android /穿戴裝置 /App LINE熊大兔兔主題試用包一招免費升級永久使用 https://udn.com/news/story/11017/3939480?from=udn-catebreaknews_ch2 別急著跟風「變老」修圖App傳個資爭議 https://news.cts.com.tw/cts/international/201907/201907191968116.html FaceApp老臉濾鏡太夯波蘭立陶宛憂用戶資安要查 https://www.cna.com.tw/news/aopl/201907190053.aspx FaceApp資安疑慮波蘭、立陶宛啟動調查 http://www.epochtimes.com/b5/19/7/19/n11395985.htm 俄製變老 Faceapp 大熱卡巴斯基警告有安全風險 http://bit.ly/2Gy3whp 掀起全球流行的變臉軟體 FaceApp，資安疑慮引發各界關注 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=894 近期用戶帳號憑證外洩牽扯到4年前的資安事件，促使Slack要求部分用戶重設密碼 https://www.ithome.com.tw/news/131936 「抖音」資安雪球越滾越大印度政府不排除再度封殺 https://www.taiwannews.com.tw/ch/news/3747882 Google 發現能讓 iPhone 變磚的 iMessage 訊息炸彈 https://twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=891 杜絕轟炸式廣告！200多款中國軟體被Google下架 https://newtalk.tw/news/view/2019-07-19/274880 網路霸凌刪留言也沒用區塊鏈存證王APP讓兇手無所遁形 https://www.youtube.com/watch?v=DjbQbuuKVCc& 以區塊鏈提高數位證據有效性，區塊科技推出區塊鏈存證王 App https://technews.tw/2019/07/18/blockchain-witness-app/ 新工具聲稱可盜取目標手機及雲端資料 https://unwire.hk/2019/07/21/security-firm-tool-harvest-icloud-data/fun-tech/ 以色列業者推出可竊取臉書、iCloud、Google等雲端服務資料的間諜工具 https://ithome.com.tw/news/131958 iOS URL Scheme有可能被惡意劫持 https://blog.trendmicro.com.tw/?p=61202 西媒稱5G網路安全且強大：風險其實來自超級互聯 https://news.sina.com.tw/article/20190722/32052954.html 藏有「跟蹤程式」 Google下架Play Store7款APP http://bit.ly/32Qdsfp iOS 12.4軟體更新 iPhone轉移資料更方便 http://bit.ly/2Gu1Hlw 專家警告：中國影像APP有洩漏個資疑慮 https://ec.ltn.com.tw/article/breakingnews/2863372 LINE訊息查證服務教學：教你分辨消息到底是真是假，防止謠言擴散 https://mrmad.com.tw/line-message-verification 美專家：陸App分享數據給中共 http://bit.ly/30UsMpB 使用家庭及公共 Wi-Fi 時需檢測的項目 https://blog.trendmicro.com.tw/?p=60970 Apple’s July patchfest fixes bugs in multiple products https://nakedsecurity.sophos.com/2019/07/24/apple-fixes-bug-two-months-after-publication/ Amenaza móvil: Los atacantes pueden manipular archivos multimedia de WhatsApp y Telegram https://www.symantec.com/blogs/america-latina/amenaza-movil-whatsapp-y-telegram Sym Mobile Threat: Invasores podem manipular seus arquivos de mídia do WhatsApp e Telegram https://www.symantec.com/blogs/portugues/mobile-threat-invasores-manipular-midia-whatsapp-telegram AT&T fails to have $24 million SIM-swap attack lawsuit dismissed https://www.zdnet.com/article/at-t-fails-to-have-24-million-sim-swap-attack-lawsuit-dismissed/#ftag=RSSbaffb68 Fake PornHub And Google Android Apps Are Actually ‘Russian Spy Tools’ http://bit.ly/32P0JcR Your Android Phone Can Get Hacked Just By Playing This Video https://thehackernews.com/2019/07/android-media-framework-hack.html The Android Security Wiki https://www.peerlyst.com/posts/the-android-security-wiki-chiheb-chebbi Advanced mobile surveillanceware, made in Russia, found in the wild https://arstechnica.com/information-technology/2019/07/advanced-mobile-surveillanceware-made-in-russia-found-in-the-wild/ C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件駭客攻擊趨增企業加強防衞網絡安全技術員極渴市 http://bit.ly/2JFYtxe Check Point揭露遊戲平台重大安全漏洞 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000563546_F144GA5S5P5BIA5FDQKUM Akamai威脅研究指出遊戲產業漸成熱門目標攻擊次數已突破120億次 https://times.hinet.net/news/22479089 賣場工讀生利用網購系統漏洞侵吞23萬餘貨品吃官司 https://news.ltn.com.tw/news/society/breakingnews/2861077 誤信破解程式男大生入甕輸光學費 https://www.chinatimes.com/newspapers/20190721000607-260106?chdtv 西門子外包商在檔案植入邏輯炸彈詐取維護費用，遭求處10年刑期 https://www.ithome.com.tw/news/132011 驚！我家裝海康威視民間監視器出現汰換潮 https://news.ltn.com.tw/news/politics/breakingnews/2857745 美國大學所使用的ERP系統遭駭客入侵，62所學校受害 https://www.ithome.com.tw/news/131955 美國強化.gov的DNS安全性 https://www.ithome.com.tw/news/131935 美國大舉抓間諜難補國家漏洞太多 http://bit.ly/2Z1bQx7 華為第二？中國無人機大廠大疆也遭美「斷糧」 https://udn.com/news/story/12639/3939785 華為前員工透露、該公司在捷克秘密收集個資 https://fnc.ebc.net.tw/FncNews/headline/92986 阿聯續用華為5G 美國憂情資安全漏洞 https://m.ltn.com.tw/news/world/breakingnews/2862847 不甩美國禁令！華為全球奪下50個5G合約 28個在歐洲 https://cnews.com.tw/140190723a03/ 中共網軍滲透破壞無孔不入 https://www.ydn.com.tw/News/345095 阿里雲當選CNCERT國家級網路安全應急服務支撐單位 https://news.sina.com.tw/article/20190722/32049980.html Cape 憂資安問題停止與 DJI 合作　真正終止服務在一年後 http://bit.ly/32MlBBP 傳統領域風險可控新興領域挑戰加大——中國互聯網網路安全觀察 https://news.sina.com.tw/article/20190719/32030180.html 駭客攻入俄羅斯聯邦安全局承包商伺服器竊取7.5TB的數據 http://big5.pconline.com.cn/b5/news.pconline.com.cn/1277/12777568.html 俄國科企 Sitek 被駭　揭露俄情報機關多項網絡攻擊專案 http://bit.ly/2Y6hBs7 俄安全局爆史上最大外洩事件駭客留圖到此一遊 https://newtalk.tw/news/view/2019-07-22/275556 英國倫敦大都會警察局賬號被黑:連發十幾條消息罵警察 http://bit.ly/2LzpZOW 美國大學所使用的ERP系統遭駭客入侵，62所學校受害 https://www.ithome.com.tw/news/131955 專家傳真－從美國新版資安架構看發展契機 http://bit.ly/2XWWBZu 美軍研發的資安工具如何變成網路黑市的隱密服務 https://www.mirrormedia.mg/story/20190624intdarkwebcase 美國國安局NSA約聘人員外洩機密資料被判9年 https://www.ithome.com.tw/news/131979 美國FBI局長：中國是頭號諜報威脅 https://www.rti.org.tw/news/view/id/2028397 FBI：我們正在調查 1000 件智慧財產竊盜未遂案，「幾乎都跟中國人有關」 https://buzzorange.com/techorange/2019/07/24/fbi-say-chinese-steal-ip/ 美國制裁不夠痛？ FBI局長指俄羅斯仍密謀干擾大選 https://newtalk.tw/news/view/2019-07-24/276526 波灣對峙局勢再升級伊朗官媒：破獲並逮捕17名美國CIA間諜 http://bit.ly/2JY0bsE 谷歌疑助中共為虐搜索大紀元新聞被做手腳 http://bit.ly/2Y6ErzU 巴斯夫、西門子等多企業證實遭駭德國公視︰受中國政府支持 https://ec.ltn.com.tw/article/breakingnews/2863028 中國指使德大廠接連遇駭 https://ec.ltn.com.tw/article/paper/1305790 中國新國防白皮書聚焦「網路戰」並列核武項目等級 http://bit.ly/2SDqE2L 【逃犯條例】內地網軍「帝吧」教人註冊Facebook　召網民翻牆洗版 http://bit.ly/32GF2vD 帝吧成員個資被起底「出征香港」喊停 http://bit.ly/2YgeLRy 《英雄聯盟》玩家當心個資問題？！開發商Riot遭外媒指名協助中國打造監控系統 https://www.gamebase.com.tw/news/topic/99215264/ 防駭客美國洛杉磯港招商建網絡防衛中心 http://www.epochtimes.com/b5/19/7/25/n11408044.htm 巴西總統手機疑遭駭犯嫌曾對調查貪汙人員下手 https://money.udn.com/money/story/5599/3952676 遭網路攻擊，美國路易斯安那州宣布進入緊急狀態 https://www.ithome.com.tw/news/132060 美國國安局將增設網路安全處 https://www.ithome.com.tw/news/132016 Out from the Shadows: The Dark Web https://www.webroot.com/blog/2019/07/23/out-from-the-shadows-the-dark-web/ NSA to establish a defense-minded division named the Cybersecurity Directorate https://www.zdnet.com/article/nsa-to-establish-a-defense-minded-division-named-the-cybersecurity-directorate/#ftag=RSSbaffb68 Oracle: China's internet is designed more like an intranet https://www.zdnet.com/article/oracle-chinas-internet-is-designed-more-like-an-intranet/#ftag=RSSbaffb68 Hackers leak documents stolen from contractor for Russian intel agency https://www.scmagazine.com/home/security-news/hackers-leak-documents-stolen-from-contractor-for-russian-intel-agency/ Hackers breach FSB contractor, expose Tor deanonymization project and more https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/#ftag=RSSbaffb68 Palo Alto gateway security alert, FSB hack, scourge of data-stealing web plugins, and more https://www.theregister.co.uk/2019/07/21/security_roundup_190719/ Russia's Secret Intelligence Agency Hacked: 'Largest Data Breach In Its History' https://www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-has-been-hacked-with-social-media-and-tor-projects-exposed/ Contractor who stole 50TB of NSA data gets nine years in prison https://www.zdnet.com/article/contractor-who-stole-50tb-of-nsa-data-gets-nine-years-in-prison/ Russian intelligence 'targets Tor anonymous browser' https://www.bbc.com/news/technology-49071225 Tricking attackers through the art of deception https://www.helpnetsecurity.com/2019/07/23/art-of-deception/ Amended Law Paves Way for Cybercrime Crackdown https://www.bankinfosecurity.asia/amended-law-paves-way-for-cybercrime-crackdown-a-12807 Recent DNS Hijacking Campaigns Trigger Government Action https://www.bankinfosecurity.com/recent-dns-hijacking-campaigns-trigger-government-action-a-12814 Russian lawmakers want to restrict email access by telephone verification, and force providers to block banned information http://bit.ly/2YdUL1Q Mueller: Russian Interference 'Serious' Threat to Democracy https://www.bankinfosecurity.com/mueller-russian-interference-serious-threat-to-democracy-a-12827 UK, EU police pilot scheme to give wayward teen hackers white hats https://www.zdnet.com/article/uk-eu-police-pilot-scheme-to-give-wayward-teen-hackers-white-hats/#ftag=RSSbaffb68 Kazakhstan's HTTPS interception efforts target Facebook, Google, Twitter, others https://www.zdnet.com/article/kazakhstans-https-interception-efforts-target-facebook-google-twitter-others/#ftag=RSSbaffb68 Hackers used password spraying to breach Citrix, investigation confirms https://www.cyberscoop.com/hackers-used-password-spraying-breach-citrix-investigation-confirms/ Russia targeted election systems in all 50 states, Senate concludes https://www.theverge.com/2019/7/25/8930985/russia-targeted-election-systems-in-all-50-states-senate-concludes Bradford man arrested over Lancaster University hacking spree https://www.zdnet.com/article/bradford-man-arrested-over-lancaster-university-hacking-spree/#ftag=RSSbaffb68 資安專案管理 http://bit.ly/2Y1XpYp 福利大勝上市企業！禾豐網路科技年假12天薪上看12萬 RSS訂閱 https://www.1111.com.tw/news/jobns/125096/ 與外商搶人訊連祭百萬年薪留才 https://ec.ltn.com.tw/article/breakingnews/2859915 [約聘]駐點工程師(108/8~12月) https://www.104.com.tw/job/6jpce 助理資安服務工程師 https://www.104.com.tw/job/6omb0 DEVCORE 徵求行政專員 https://devco.re/blog/2019/07/23/devcore-201907-recruit/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞全球有2300萬筆信用卡號流向暗網 https://www.ithome.com.tw/news/132059 30美金買個資！2集團狂刷300萬　持卡人「否認交易」...店家慘賠 https://www.ettoday.net/news/20190726/1499173.htm 鑽網路刷卡無驗證漏洞 2盜刷集團得手200多萬 https://www.chinatimes.com/realtimenews/20190726002575-260402?chdtv 羅生門？！刷卡後15分鐘他的卡被盜刷 https://fnc.ebc.net.tw/FncNews/life/92910 AT&AT因涉及SIM卡交換詐騙被告喊冤，法官拒絕撤銷訴訟 https://www.ithome.com.tw/news/132029 調查局籲請民眾慎防手機簡訊詐騙 https://www.chinatimes.com/realtimenews/20190718001617-260402?chdtv 疑上網購物的資料遭駭客入侵女子信用卡被人用來轉帳12次 https://c4news.site/archives/44103 台灣巴斯夫遭大陸1.7億挖角 5員工竊機密投奔550萬年薪 https://money.udn.com/money/story/5648/3947653 有8款瀏覽器擴充程式會竊取用戶機密資料 https://www.ithome.com.tw/news/131945 舉國無隱私！保加利亞遭遇史無前例黑客入侵導致個資外洩 https://news.sina.com.tw/article/20190719/32022246.html 駭客攻擊保加利亞國稅局資料庫，七成民眾個資全外洩 https://www.inside.com.tw/article/16977-bulgaria-hack-tax 這個國家全員遭駭個人稅務資料外流 https://www.chinatimes.com/realtimenews/20190721002153-260417?chdtv 資安部門在睡覺？這個國家500萬人個資遭竊 https://news.ltn.com.tw/news/world/breakingnews/2859484 整個國家都被盜了！500萬人個資外洩 https://udn.com/news/story/6809/3942403 人力銀行遭駭洩個資警偵辦 http://www.cdns.com.tw/news.php?n_id=3&nc_id=311423 疑舊資料庫遭駭個資外洩 1111人力銀行發聲明了 http://www.s8088.com/forum.php?mod=viewthread&tid=1241688&extra=page=1 20萬筆個資遭洩 1111人力銀行：已報案、會負責到底 http://bit.ly/2O537ZV 1111人力銀行20萬筆個資遭洩！公司：外洩範圍尚未能掌握，會負責賠償 https://www.storm.mg/article/1501207 1111人力銀行證實20萬筆個資外洩 8年前網站外包遭竊 https://udn.com/news/story/7239/3937736 駭客賣人力銀行20萬筆個資　囂張公開12人姓名電話住址 https://www.ettoday.net/news/20190719/1493824.htm 20萬筆求職個資外洩中文名在美國論壇曝光 https://udn.com/news/story/7314/3940511 人力銀行遭駭客攻擊個資全都露 https://news.cts.com.tw/cts/society/201907/201907191968140.html 人力銀行傳20萬個資遭竊 https://money.udn.com/money/story/5612/3940449 20萬筆個資全露人力銀行：幫會員投2億責任險 https://fnc.ebc.net.tw/FncNews/video/92731 浸大教學系統被入侵　學生照片、電郵資料外洩 http://bit.ly/32DoDbe 研究發現大部分成人網站會向 Google 和 Facebook 提供個人資料 https://unwire.hk/2019/07/21/google-facebook-sex-websites/fun-tech/ 全國學生資助中心預警：准大學生勿輕信網貸、誤入騙局 https://news.sina.com.tw/article/20190722/32053512.html Equifax料支付55億尋求數據外泄和解 http://bit.ly/2MbZ1wn 資安公司警告，Office 365 詐騙釣魚信越來越多 https://technews.tw/2019/07/23/cyber-security-company-warns-office-365-phishing-is-increasing/ 數字支付調研：「盜刷」背後新舊場景如何交融裂變 https://news.sina.com.tw/article/20190724/32069884.html 台積電1年管8千條機密，保密天條首曝光：列印用金屬紙、員工電郵全「掃描」 https://money.udn.com/money/story/5612/3939974 劍橋事件告一段落！臉書以50億美金與FTC達成和解 https://newtalk.tw/news/view/2019-07-24/276609 女大生上網買隔離霜　積蓄險被清空 https://wantweekly.turnnewsapp.com/broke/6768.html Your business hit by a data breach? Expect a bill of $3.92 million https://www.zdnet.com/article/your-business-hit-by-a-data-breach-expect-a-bill-of-3-92-million/#ftag=RSSbaffb68 BEC Scams Remain a Billion-Dollar Enterprise, Targeting 6K Businesses Monthly https://www.symantec.com/blogs/threat-intelligence/bec-scams-trends-and-themes-2019 BEC Scams Cost U.S. Companies $300 Million Per Month: Study https://www.bankinfosecurity.asia/bec-scams-cost-us-companies-300-million-per-month-study-a-12805 Equifax, regulators close to signing $700m deal to settle data breach lawsuits https://www.zdnet.com/article/equifax-regulators-close-to-signing-700m-deal-to-settle-data-breach-case/#ftag=RSSbaffb68 Cyber News Rundown: Evite Data Breach https://www.webroot.com/blog/2019/07/19/cyber-news-rundown-evite-data-breach/ Phishing Scheme Targets Amex Cardholders https://www.bankinfosecurity.com/phishing-scheme-targets-amex-cardholders-a-12796 2.3 Billion Files Exposed Online: The Root Causes https://www.bankinfosecurity.com/interviews/23-billion-files-exposed-online-root-causes-i-4391 Sky Customers Urged to Reset Passwords https://www.infosecurity-magazine.com/news/sky-customers-urged-to-reset/ Data breaches can haunt firms for years https://www.welivesecurity.com/2019/07/24/data-breach-cost-fallout/ FTC hits Facebook with record $5 billion fine for user privacy violations https://www.zdnet.com/article/ftc-hits-facebook-with-record-5-billion-fine-for-user-privacy-violations/#ftag=RSSbaffb68 Data breach cost rises to $4 million per incident; U.S. victims hit even harder https://www.scmagazine.com/home/security-news/data-breach/data-breach-cost-rises-to-4-million-per-incident-u-s-victims-hit-even-harder/ Credentials stuffing attack prompts password resets for Sky customers https://www.zdnet.com/article/credentials-stuffing-attack-prompts-password-resets-for-sky-customers/#ftag=RSSbaffb68 Data breaches can haunt firms for years https://www.welivesecurity.com/2019/07/24/data-breach-cost-fallout/ E.研究報告可背景執行的 VBS 腳本,容易被駭客利用,建議開發者慎用 https://blog.trendmicro.com.tw/?p=61295 分析Cloudfare一條正則表達式，造成全球大事件的想法 http://bit.ly/2GpUm6k 全球高級持續性威脅（APT） 2019年上半年研究報告 https://s.tencent.com/research/report/762.html 使用USB隨身碟,三個注意事項 https://blog.trendmicro.com.tw/?p=60106 超80萬個系統仍受BlueKeep漏洞威脅 http://www.360.cn/n/10751.html CVE-2019-0888：Windows ActiveX數據對象UAF漏洞分析 https://juejin.im/entry/5d3035786fb9a07ef81a351a Nginx 解析漏洞復現 https://blog.51cto.com/14259144/2421848 honggfuzz 漏洞挖掘技術原理分析 https://www.anquanke.com/post/id/181936 某第三支付邊界機漏洞導致的內網滲透 http://bit.ly/2JREKJN USBCreator D-Bus接口漏洞分析 https://xz.aliyun.com/t/5683 路由器漏洞分析系列（2）：CVE-2018-20056 DIR-619L＆605L棧溢出漏洞分析及復現 https://xz.aliyun.com/t/5699 CVE-2019-11815：Linux內核競爭條件漏洞導致遠程代碼執行 https://www.freebuf.com/vuls/208256.html WebLogic任意文件上傳漏洞(CVE-2019-2618)復現 https://www.lizenghai.com/archives/25730.html 隱藏在Chakra引擎中的一個RCE漏洞 https://www.4hou.com/vulnerable/19328.html 微軟RDP服務高危UAF漏洞分析（CVE-2019-0708） http://www.sohu.com/a/329427868_354899 CVE-2019-12747：TYPO3 9.5.7 RCE漏洞分析 https://www.anquanke.com/post/id/182448 nginx解析漏洞復現 https://www.lizenghai.com/archives/25864.html CVE-2019-12384漏洞分析及复現 https://www.freebuf.com/vuls/209394.html Buhtrap黑客組織最新0day漏洞分析 http://www.sohu.com/a/329165588_354899 資料儲存的未來! 在DNA上SQL查詢已成現實 https://bigdatafinance.tw/index.php/trend/939-dna-sql 路由器漏洞分析系列-CVE-2019-7297 7298 D-Link DIR-823G命令注入漏洞復現 https://xz.aliyun.com/t/5705 在 Chrome 的 FileSystem API 的漏洞被補上後，偵測私密瀏覽模式的方式 http://bit.ly/2OeW00R 淺談struts2的漏洞防護與繞過 - 中 http://bit.ly/32OICnn 7月25日每日安全熱點- Black Hat大會披露波音787安全漏洞 https://www.anquanke.com/post/id/182702 phpIPAM 繁體中文語系開啟與更新方式 https://blog.jason.tools/2019/07/phpipam-cpatch-install.html jasoncheng7115/phpipam-cpatch https://github.com/jasoncheng7115/phpipam-cpatch Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS) https://www.imperva.com/blog/imperva-blocks-our-largest-ddos-l7-brute-force-attack-ever-peaking-at-292000-rps/ Streaming service withstands 13‑day DDoS siege https://www.welivesecurity.com/2019/07/25/streaming-service-ddos/ CYBER ATTACK TRENDS: 2019 MID-YEAR REPORT https://research.checkpoint.com/cyber-attack-trends-2019-mid-year-report/ Why Hackers Abuse Active Directory https://www.bankinfosecurity.com/hackers-abuse-active-directory-a-12825 Hard Pass: Declining APT34’s Invite to Join Their Professional Network https://www.fireeye.com/blog/threat-research/2019/07/hard-pass-declining-apt34-invite-to-join-their-professional-network.html Git Hound – Find Exposed Keys Across GitHub Using Code Search Keywords https://kalilinuxtutorials.com/git-hound-exposed-keys-across-github/ Hvazard : Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists https://kalilinuxtutorials.com/hvazard/ Jackson gadgets - Anatomy of a vulnerability https://blog.doyensec.com/2019/07/22/jackson-gadgets.html kirk-sayre-work/talks https://github.com/kirk-sayre-work/talks fireeye/flare-emu https://github.com/fireeye/flare-emu skype-project/skype https://github.com/skype-project/skype NYAN-x-CAT/Disable-Windows-Defender https://github.com/NYAN-x-CAT/Disable-Windows-Defender/blob/master/Disable-Windows-Defender/Program.cs Introducing the Office 365 Attack Toolkit https://www.mdsec.co.uk/2019/07/introducing-the-office-365-attack-toolkit/ CyberGhost VPN review: More than just VPN, an all-in-one security kit https://www.zdnet.com/article/cyberghost-vpn-review-more-than-just-vpn-an-all-in-one-security-kit/#ftag=RSSbaffb68 9 Ways to Avoid an Incident Response Disaster https://www.symantec.com/blogs/feature-stories/9-ways-avoid-incident-response-disaster COModo: From Sandbox to SYSTEM (CVE-2019–3969) https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67 How DNS firewalls can burn security teams https://www.helpnetsecurity.com/2019/07/22/dns-firewalls/ A Rust-based TLS library outperformed OpenSSL in almost every category https://www.zdnet.com/article/a-rust-based-tls-library-outperformed-openssl-in-almost-every-category/#ftag=RSSbaffb68 MALICIOUS DOCUMENTS FOR RED TEAMS https://www.brucon.org/2019/brucon-2019-training/malicious-documents-for-red-teams/ 12 dark secrets of cloud security https://www.cio.com/article/3409062/12-dark-secrets-of-cloud-security.html Blind SQL Bitshifting : A Blind SQL Injection Module That Uses Bitshfting To Calculate Characters https://kalilinuxtutorials.com/blind-sql-bitshifting/ Tomcat CGIServlet enableCmdLineArguments遠程代碼執行_CVE-2019-0232漏洞復現 https://www.cnblogs.com/yuzly/p/11202398.html Analysis of an Atlassian Crowd RCE - CVE-2019-11580 https://www.corben.io/atlassian-crowd-rce/ r35tart/Penetration_Testing_Case https://github.com/r35tart/Penetration_Testing_Case googleprojectzero/p0tools https://github.com/googleprojectzero/p0tools BackBox Linux 6.0 – Ubuntu-Based Linux Distribution Penetration Test & Security Assessment https://kalilinuxtutorials.com/backbox-linux-penetration-security/ RedGhost : Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence, Reconnaissance & Leaving No Trace https://kalilinuxtutorials.com/redghost-linux-post-exploitation-framework/ Advanced Blind XSS Payloads https://ardern.io/2019/06/20/payload-bxss/ MITM on all HTTPS traffic in Kazakhstan https://bugzilla.mozilla.org/show_bug.cgi?id=1567114 Local Privilege Escalation on Dell machines running Windows https://d4stiny.github.io/Local-Privilege-Escalation-on-most-Dell-computers/ googleprojectzero/p0tools https://github.com/googleprojectzero/p0tools Android Malware Analysis : Dissecting Hydra Dropper https://pentest.blog/android-malware-analysis-dissecting-hydra-dropper/ Agent Smith: A New Species of Mobile Malware https://research.checkpoint.com/agent-smith-a-new-species-of-mobile-malware/ Advanced Frida Witchcraft: Turning an Android Application into http://bit.ly/2NFXIIk StrongPity APT Returns with Retooled Spyware https://threatpost.com/strongpity-apt-retooled-spyware/146503/ windows_memory_forensics_detecting_unintentionally_hidden_injected_code_by_examining_page_table_entries http://bit.ly/30JTnFW Return_of_FAIFA_and_HomePlugPWN-dudek.pdf https://www.synacktiv.com/ressources/leHack2019-Return_of_FAIFA_and_HomePlugPWN-dudek.pdf MINDSHARE: AUTOMATED BUG HUNTING BY MODELING VULNERABLE CODE https://www.zerodayinitiative.com/blog/2019/7/16/mindshare-automated-bug-hunting-by-modeling-vulnerable-code CVE-2018-6924: FreeBSD ELF Header Parsing Kernel Memory Disclosure http://blog.quarkslab.com/cve-2018-6924-freebsd-elf-header-parsing-kernel-memory-disclosure.html Ruby gem strong_password found to contain remote code execution code in a malicious version, further strengthening worries of growth in supply-chain attacks http://bit.ly/2xUSNss cfltools: logfile analysis tool for cyberforensics investigators https://securityonline.info/cftools-logfile-analysis-tool/ A logfile analysis tool for cyberforensics investigators https://github.com/bradley-evans/cfltools opencti: Open Cyber Threat Intelligence Platform https://securityonline.info/opencti/ Deriving intelligence from LNK files https://bitofhex.com/2019/07/15/deriving-intelligence-from-lnk-files A Tale of Two (APT) Transports https://cfl.re/2M05Qks everdox/InfinityHook https://github.com/everdox/InfinityHook Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html 4 Practical Steps for ‘Shift Left’ Security https://blog.paloaltonetworks.com/2019/07/4-practical-steps-shift-left-security/ BlueKeep - Technical Analysis (Potential Path For Exploitation) https://www.exploit-db.com/docs/47156 Bypassing Web Application Firewalls with HTTP Parameter Pollution https://www.exploit-db.com/docs/47082 F.商業 Check Point全新安全分析解決方案讓雲端威脅無所遁形 https://www.techbang.com/posts/71648-check-points-new-security-analytics-solution-leaves-cloud-threats-at-risk Check Point CPX Taiwan：台灣是受網路攻擊重災區、Office 365 成常見目標 http://bit.ly/32Rhep5 挖礦勒索病毒肆虐關貿網路分析駭客隱匿蹤跡新手法 https://money.udn.com/money/story/5635/3939962 迅速掌控及反制全球網路攻擊　Anomali首度在台發佈新世代全方位的威脅平台 http://www.taiwanhot.net/?p=730330 Anomali在台發表新世代全方位的威脅情資平台迅速掌控及反制網路攻擊 http://bit.ly/2Y5byUT IntSights彙整暗網與內部動態，打造企業專屬威脅情報 https://www.ithome.com.tw/review/131827 關貿網路護資安駭客現蹤 http://bit.ly/2MdzZwQ 【Chrome插件】3招防email帳號、密碼外洩　臨時資料註冊好方便 http://bit.ly/2Ye58Xn MDR委外偵搜　阻敵於未遂 https://www.netadmin.com.tw/netadmin/zh-tw/feature/D39807B64D8B4D908392AEDA17054740 關貿網路打造SecureVan資安服務平台 http://bit.ly/2Z0AyxO Windows 7終止支援倒數6個月你準備好了嗎 http://bit.ly/2Z44Xv7 台灣部隊，靠「駭客學」挺進世界杯 https://technews.tw/2019/07/22/taiwan-hacker-information-security/ Check Point CPX Taiwan：台灣是受網路攻擊重災區、Office 365 成常見目標 https://assets.inside.com.tw/article/16995-check-point-cpx-taiwan 趨勢利用AWS Transit Gateway提供網路資安防護 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000564202_DL51QGC91PX6FK1N7VSE2 研華參與華電網私募 https://udn.com/news/story/7253/3946800 開源資料庫MongoDB終於來臺設立據點，首要擴大金融和製造業的滲透率 https://www.ithome.com.tw/news/132009 研華參與華電聯網私募實現IoT智慧城市共創戰略 https://money.udn.com/money/story/5710/3947417 X-FORT全面掌握指令軌跡記錄完整守護研發智慧財產 https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000564414_4FP3B8PG2M0OPI3RD2EC0 Openfind通過資訊安全能量登錄並列入資安產品服務地圖 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000563821_1pi9glqc1fm3932qo0f3s 建立弱點防禦機制避免惡意程式輕易擊潰ICS https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000564820_7po9dlbo1zyw7s1vfyrhe 精誠助台商跨境營運不中斷 http://bit.ly/2Yiywb0 資安防護金三角勤業眾信：打造企業數位韌性 https://www.chinatimes.com/realtimenews/20190725002960-260410?chdtv 制止網路攻擊！Google 下手修改 Chrome 擴充外掛使用規範 https://3c.ltn.com.tw/news/37496 【延伸更多網路安全防護機制，提供較完善的售後服務】先睹為快！剖析防毒業者整合的VPN服務 https://ithome.com.tw/news/131968 Microsoft to Improve Office 365 Malicious Email Analysis https://www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-malicious-email-analysis/ Mozilla Firefox Tor Mode Likely to Start as a Browser Addon https://www.bleepingcomputer.com/news/security/mozilla-firefox-tor-mode-likely-to-start-as-a-browser-addon/ Windows 10 setup: Which user account type should you choose https://www.zdnet.com/article/windows-10-which-user-account-type-should-you-choose/#ftag=RSSbaffb68 G.政府貿易戰助攻台灣資安產業！工研院：明年產值上看 550 億台幣 https://buzzorange.com/techorange/2019/07/19/us-china-trade-war-security-deveiopment-taiwan/ 韓國瑜Line群組疑遭色情駭入點進是激情影院 https://udn.com/news/story/7327/3940095 韓國瑜LINE帳號連結激情影院市府：網址連結導向有誤 https://udn.com/news/story/7327/3940647 進口快遞4千多萬筆實名認證僅4萬多人 https://udn.com/news/story/7240/3939641 華為.中興.海康威視都是公務禁購黑名單小小監視器早成台灣資安漏洞中國正在監視著 http://tw.ttvppsa.com/post/81654/ 「中國天網」入侵台中海康威視監視器拆了 https://news.ltn.com.tw/news/politics/breakingnews/2857774 市議員要求台中市政府展開資安總體檢，名列黑名單會危害台中市資訊安全的產品，一個都不能留 http://www.da-lei.com.tw/?p=14909 中國監控維族人利器　海康威視「天網」現蹤台中、高雄 https://www.upmedia.mg/news_info.php?SerialNo=67654 不只進駐台中，中國海康威視「天網」早已籠罩台灣 https://opinion.udn.com/opinion/story/120611/3943570 「海康威視」不只台中有黃捷爆高雄議會也用 http://bit.ly/32HMGpN 高市議員服務處採大陸監視器　時力憂心 https://news.tvbs.com.tw/politics/1169183 政院資安演習模擬駭客電郵攻擊 https://news.ltn.com.tw/news/politics/paper/1304821 陸軍：女兵營內違規自拍依資安規定檢討議處 https://www.ydn.com.tw/News/345163 台盧(森堡)經濟合作會議聚焦數位金融與資訊安全，共同拓展金融科技合作契機 https://news.sina.com.tw/article/20190721/32042634.html 國安人員走私免稅菸蔡英文震怒府：吳員調離現職 https://udn.com/news/story/6656/3944187 桃市與調查局跨機關提升網路犯罪偵查鑑識力 http://www.epochtimes.com/b5/19/7/23/n11403334.htm 桃市資訊局、調查處合作架起資安防護網 https://udn.com/news/story/11322/3947005 落實資安即國安防護水準桃市府與桃市調處簽署資安合作備忘錄 http://bit.ly/2XYfFGQ 打擊資安威脅資技局與市調處攜手 https://taiwan-reports.com/archives/403522 危害國家資安產品清單兩週內可望出爐每半年檢討 https://money.udn.com/money/story/7307/3946316 行政院：資安產品黑名單最快兩周內完成審查 https://money.udn.com/money/story/7307/3946298 行政院：禁用資安產品清單兩週內出爐 https://www.ydn.com.tw/News/345409 資通禁購黑名單每半年檢討一次 https://ec.ltn.com.tw/article/paper/1305548 行政院：資安產品黑名單最快兩周內完成審查 http://photo.udn.com/money/story/7307/3946298 拿大華產品貼牌業者澄清：台灣組裝生產 https://news.ltn.com.tw/news/politics/breakingnews/2864990 被偷天換日裝了中國監視設備？合庫：違反合約將不驗收 https://m.ltn.com.tw/news/politics/breakingnews/2864554 金管會洗防RBA巡迴說明會民眾最關心7大問題 https://www.chinatimes.com/realtimenews/20190723004185-260410?chdtv 高雄iBus公車APP資安再進化 http://www.5ch.com.tw/news.php?act=view&id=67971 李副總長主持中部網安講習勉落實資安管控 https://news.pchome.com.tw/politics/mna/20190724/photo-56396150096930230001.html 點線面分層負責落實資安防護 http://bit.ly/2GsUSjX 金管會STO發布正式規範第一屆台灣區塊鏈週看趨勢 https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=45&id=0000565014_JXULEG6E2Z6QUN3A7A0KI 台印科技合作會議新德里召開談資安大數據等 https://www.cna.com.tw/news/ait/201907250343.aspx 國防大學召開資安長會議提升警覺與作業紀律 http://bit.ly/2Zd0JkS H.ICS/SCADA 工控系統 schneider-electric -- proclima https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-6823 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-6824 Siemens Contractor Pleads Guilty to Planting 'Logic Bomb' in Spreadsheets https://thehackernews.com/2019/07/siemens-logic-bomb.html 強化工控安全消弭智慧製造後顧之憂 https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000564265_KNA37GQ35TYQY261ZTSZ1 結合設備網通資安、管理系統支援服務消弭五大OT威脅 https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000564685_LA17VRP37PB7HC677ST3Z I.教育訓練推薦Python初學者的好用工具：Google Colab https://www.bnext.com.tw/article/52618/recommand-to-programming-language-learner-python-google-colab DevSecOps － CI/CD 如何加入資安 https://secview.io/posts/9-ci-cd/ Email Forensics https://netseedblog.com/security/email-forensics/ Learn Ethical Hacking From Scratch — 2019 Training Bundle https://thehackernews.com/2019/02/ethical-hacker-training.html J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識【公告】資安標章技術診斷及輔導專家團隊 https://www.taics.org.tw/AnnouncementArticle.aspx?AnnouncementID=16 汽車網路安全防護服務確保汽車安全 https://www.eettaiwan.com/news/article/20190723NP01 人工智慧監控軟體協助強化企業網路安全防禦機制 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000563552_TRD40R2A61UO5O1KVO4E3 Unexplainability and Incomprehensibility of Artificial Intelligence https://medium.com/@romanyam/unexplainability-and-incomprehensibility-of-artificial-intelligence-6c2a4a609dfb 6.近期資安活動及研討會 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28 https://www.accupass.com/event/1906050355291064968019 新加坡資安市場解密講座: 台灣資安浴血東南亞叢林戰鬥之起點-獅城站 7/26 https://ievents.iii.org.tw/eventS.aspx?t=0&id=547 2019扭轉資安營運研討會 7/26 https://www.netfos.com.tw/event/2019event/20190726netfos/20190726-NETFOS-seminar-reg.html CDX2.0推廣活動 - 台南場次 7/26 https://nchc-cdx.kktix.cc/events/cdxactivity-0726 Agile Hsinchu 七月聚會: 當領域驅動上了雲 7/27 https://agilecommtw.kktix.cc/events/dddcloud 區塊客研究室｜錢包與託管機制技術小聚 Technical Camp 7/31 https://www.facebook.com/events/2335446643210009/ 【社群】8/1(四) RASPBERRY PI + ROS，實現無人自駕 https://ctsphub.tw/20190801_robotnight/ The Virus Bulletin Conference 2019 8/1 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/ HackingThursday 固定聚會 8/1 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/ 資安事件調查實務(上) 8/2 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/ Python 基礎工作坊@TMU 8/6 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/ FileMaker Taipei 8/6 https://www.meetup.com/Taipei-FileMaker-Meetup/events/wqfqwpyzlbjb/ 資安事故處理實務課程 8/7 ~ 8/8 http://bit.ly/2VW0Lv9 Android Code Club(Taipei) 8/7 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbkb/ HackingThursday 固定聚會 8/8 https://www.meetup.com/hackingthursday/events/vkhnnqyzlblb/ DEF CON 27 2019/8/8–8/11 https://www.defcon.org/ 大數據軟體開發平台與AI(人工智慧)開發應用案例 8/9 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3805&from_course_list_url=homepage Android Code Club(Taipei) 8/14 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbsb/ 數位鑑識處理實務 8/14 ~ 8/15 http://bit.ly/2VW0Lv9 HackingThursday 固定聚會 8/15 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbtb/ 108 年度臺灣學術網路危機處理中心資安巡迴研討會 -資安趨勢暨網路安全概要 8/19 ~ 8/27 http://www.hssh.tp.edu.tw/ezfiles/1/1001/attach/42/pta_17520_7551835_06329.pdf 台灣駭客年會 HITCON Summer Training 2019 - 學生報名 2019-08-19 ~ 2019-08-22 https://www.accupass.com/event/1906050919271598677460 ￜYahoo奇摩電商專題講座ￜ我們與詐騙的距離_電商不可承受的資安之重 8/21 https://www.accupass.com/event/1906120307261445013215 WEB應用滲透測試 8/21 ~ 8/23 https://www.accupass.com/event/1904080221358963463590 Thinking Thursday 第三場 8/22 https://www.meetup.com/Thinking-Thursday/events/lrqddryzlbdc/ 台灣駭客年會 HITCON Community 2019 2019-08-23(五) 09:00 ~ 2019-08-24(六) 17:00 (GMT+8) https://www.accupass.com/event/1906040921594609934250 NISRA Enlightened 2019 2019/08/26 ~ 2019/08/29 https://nisra.kktix.cc/events/2019enlightened 數位政府高峰會 2019 8/28 https://egov.ithome.com.tw/ ModernWeb 19 8/28 ~ 8/29 https://modernweb.tw/ 資安法規與制度研析課程－108年度「資安人才培訓及國際推展計畫－資安專業人才培育深化課程」 8/29 ~ 8/30 http://www.cisanet.org.tw/News/activity_more?id=MTQzMw== 108年資安職能訓練-行動裝置安全(8/29-8/30) https://cee.ksu.edu.tw/recruitinfo/1443.html 2019 NGO 資安種子講師訓練 8/29 https://ocftw.kktix.cc/events/cscs2019tot 交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7 https://hackercollege.nctu.edu.tw/?p=1079 資訊安全管理系統-基礎課程（免費！）9/8 https://www.accupass.com/event/1907160853513957042270 【AWS資安】Security Engineering on AWS高級課程 9/9 ~ 9/11 https://www.accupass.com/event/1905150854571147685105 CDX2.0推廣活動 - 台北場次 9/10 https://nchc-cdx.kktix.cc/events/cdxactivity-0910 Kubernetes Sumｍit 9/11 https://summit.ithome.com.tw/kubernetes/ 資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21 https://ithome.com.tw/pr/131772 交通大學亥克書院-A011:入侵行為發覺與應變指南 9/21 https://hackercollege.nctu.edu.tw/?p=1082 資訊安全管理系統-進階課程（免費！）9/21 https://www.accupass.com/event/1907160908138705889800 TANET 2019 - 臺灣網際網路研討會 9/25 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310 交通大學亥克書院-B022:基礎網頁安全與滲透測試 9/28 https://hackercollege.nctu.edu.tw/?p=1084 HITB+ CYBER WEEK 2019/10/12 ~17 https://d2p.hitb.org/ 交通大學亥克書院-A006:數位足跡追蹤與分析 10/19 https://hackercollege.nctu.edu.tw/?p=1088 Splunk .conf 19 10/21 ~ 10/24 https://conf.splunk.com/ AIoT智能物聯網開發人才就業養成班[免費諮詢] 10/22 https://ittraining.kktix.cc/events/aiot-training-2019 Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019 https://www.icscybersecurityconference.com 交通大學亥克書院-A015:進階網頁滲透測試 10/26 https://hackercollege.nctu.edu.tw/?p=1090 交通大學亥克書院-P006:高階網頁滲透測試 11/16 https://hackercollege.nctu.edu.tw/?p=1092 交通大學亥克書院-B015:惡意程式檢測 11/30 https://hackercollege.nctu.edu.tw/?p=1098 交通大學亥克書院-A018:企業網域控管－Active Directory攻擊與防禦 12/14 https://hackercollege.nctu.edu.tw/?p=1094 Japan Security Analyst Conference https://jsac.jpcert.or.jp/