資安事件新聞週報 2019/8/26 ~ 2019/8/30

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2019/8/26 ~ 2019/8/30 1.重大弱點漏洞/後門/Exploit/Zero Day 2019年HITCON ZeroDay漏洞通報現況，注意弱密碼問題通報數量增，還有人才媒合新功能上線 https://www.ithome.com.tw/news/132620 企業弱密碼今年狂被駭！HITCON資安漏洞申報平台連台電、群暉都拜託「抓漏」 http://bit.ly/2PfQM5x Kubernetes嚴重漏洞致服務器DoS攻擊 https://www.4hou.com/vulnerable/19863.html IBM WebSphere Application Server 多個漏洞 https://www-01.ibm.com/support/docview.wss?uid=ibm10964780 台灣資安公司揭露多家企業級 VPN 服務漏洞後，駭客便用來攔截流量 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=919 Palo Alto PAN-OS 多個漏洞 https://securityadvisories.paloaltonetworks.com/Home/Detail/159 https://securityadvisories.paloaltonetworks.com/Home/Detail/160 https://securityadvisories.paloaltonetworks.com/Home/Detail/161 Palo Alto Networks PAN-OS 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1582 Cisco 多個產品發布新的安全更新 https://www.us-cert.gov/ncas/current-activity/2019/08/22/cisco-releases-security-updates 思科 NX-OS 多個漏洞 https://tools.cisco.com/security/center/publicationListing.x Google Nest Cam IQ漏洞讓黑客可以控制設備 https://0xzx.com/201908261223240683.html Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability https://blogs.cisco.com/security/cve-2019-12643 思科 Webex Meetings Mobile 資料洩露漏洞 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-webex-ssl-cert CVE-2019-12527：Squid緩衝區溢出導致遠程代碼執行漏洞預警 https://cert.360.cn/warning/detail?id=52b94287c9f7454c18ed7c9be3a17f01 在拒絕對本地端權限擴張類型的漏洞發抓漏獎金之後，Valve認錯了，開始接受LPE等級的漏洞回報 https://ithome.com.tw/news/132602 VALVE修復STEAM的零日漏洞發言人稱拒絕安全研究員是一個錯誤 http://bit.ly/2zkCOo6 聯想電腦預裝軟件被曝出提權漏洞 https://nosec.org/home/detail/2897.html 聯想電腦預裝管理軟體暗藏可被駭客接管系統的漏洞 https://www.ithome.com.tw/news/132632 老舊聯想筆電被發現另一嚴重資安漏洞 https://www.twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5104 Lenovo High-Severity Bug Found in Pre-Installed Software https://threatpost.com/bug-found-in-pre-installed-software/147657/ Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs https://www.bankinfosecurity.com/hackers-hit-unpatched-pulse-secure-fortinet-ssl-vpns-a-12958 Pulse Secure SSL VPN 漏洞預警 https://cert.360.cn/warning/detail?id=99872f06c2863d682a7faa88c65195e6 Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510 https://securityaffairs.co/wordpress/90356/hacking/pulse-secure-vpn-endpoints-cve-2019-11510.html Red Hat Enterprise Linux 6和CentOS 6安全漏洞更新，附內容介紹 https://www.linux110.com/hangye/80.html Windows 7 明年停止支援　免受安全威脅務必升級換機 http://bit.ly/2zmzTvo Microsoft is offering a Windows 7 extended security update to some users https://www.zdnet.com/article/microsoft-is-offering-some-enterprise-users-a-one-year-windows-7-extended-security-update-promo/#ftag=RSSbaffb68 VM escape flaw in QEMU allows for arbitrary code execution, denial of service https://www.techrepublic.com/article/vm-escape-flaw-in-qemu-allows-for-arbitrary-code-execution-denial-of-service/ Firms slow to upgrade SAP products in Brazil https://www.zdnet.com/article/firms-slow-to-upgrade-sap-products-in-brazil/#ftag=RSSbaffb68 Patch Management as a Risk Management Strategy https://www.bankinfosecurity.com/patch-management-as-risk-management-strategy-a-12981 npm bans terminal ads https://www.zdnet.com/article/npm-bans-terminal-ads/#ftag=RSSbaffb68 iOS 13 和趨勢科技企業版行動安全防護 (TMMS) 的本機通訊伺服器 (LCS) 的連線問題 https://success.trendmicro.com/solution/1123479 JVN#17127920 Smart TV Box におけるアクセス制限不備の脆弱性 https://jvn.jp/jp/JVN17127920/ JVNVU#90240762 Bluetooth BR/EDR での暗号鍵エントロピーのネゴシエーションにおける問題 https://jvn.jp/vu/JVNVU90240762/ 2.銀行/金融/保險/證券/支付系統/ 新聞及資安防制洗錢等犯罪澳洲現金交易擬限額一萬元 https://udn.com/news/story/6811/4007408?from=udn-relatednews_ch2 動作頻頻？俄羅斯駭客組織進攻全球30國銀行台灣竟是亞洲首個目標 https://cnews.com.tw/140190823a05/ LINE Bank揭露將導入總部五大資安資源，並強調資料會落地臺灣機房 https://ithome.com.tw/news/132621 五大ATM安全漏洞 https://www.freebuf.com/vuls/211155.html 他領20萬元ATM狂叫！5分鐘內「3輛警車」包圍…嚇傻：太誇張了 https://www.ettoday.net/news/20190826/1521106.htm 半夜攞錢ATM竟嗶嗶叫？　台男拎5萬港幣遭3架警車包圍　原因係 http://bit.ly/33TNtnU 人民銀行談「數字貨幣」　除可小額花費還能匿名 https://www.ettoday.net/news/20190822/1518482.htm 台灣FinTech爆發性成長今年投資額上看220億元年增87% https://news.cnyes.com/news/id/4371623 郵局ATM不吐錢狂吐收據民眾傻眼 https://news.ltn.com.tw/news/life/breakingnews/2897663 郵局ATM狂吐收據　民眾看傻眼若是鈔票該有多好 https://www.setn.com/News.aspx?NewsID=592876 勞資關係差南山：新系統穩定後可改善加班問題 https://money.udn.com/money/story/5613/4013100 數銀行賭場洗錢澳洲將懲處 https://orientaldaily.on.cc/cnt/china_world/20190828/00180_012.html 中國大陸央行：新版人民幣識別機具逐步升級中銀行已完成升級 https://www.finet.hk/newscenter/news_content/5d67943ebde0b3718d707d5e 南山人壽爆發新系統之亂金管會最快9月開鍘 https://udn.com/news/story/7239/4015514 Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics https://thehackernews.com/2019/08/silence-apt-russian-hackers.html 'Silence' Gang Ramps Up Bank Assaults https://www.databreachtoday.in/silence-gang-ramps-up-bank-assaults-a-12944 Visa Introduces Suite of Security Capabilities to Help Prevent and Disrupt Payment Fraud https://usa.visa.com/about-visa/newsroom/press-releases.releaseId.16536.html Belgian and German data protection authorities cooperate on Mastercard’s data breach https://www.dataprotectionauthority.be/news/belgian-and-german-data-protection-authorities-collaborate-mastercard-data-breach CYBERSECURITY IN THE FINANCIAL SECTOR AS A NATIONAL SECURITY ISSUE https://www.ourcommons.ca/Content/Committee/421/SECU/Reports/RP10589448/securp38/securp38-e.pdf 3.電子支付/電子票證/行動支付/ pay/新聞及資安委內瑞拉在49家零售店中，安裝了PundiX的加密支付設備「XPOS」 https://news.sina.com.tw/article/20190823/32420914.html 駭客不攻擊微信錢包的原因正式被確認，望大家相互轉告 https://ek21.com/news/tech/128448/ APP叫車服務又取消竟被平台收取車資業者解釋"預先授權費" 非真正帳戶扣款 https://www.ttv.com.tw/news/view/10808270011400N/579 寄望新支付系統馬雲批 P2P是有網頁的非法集資 https://newtalk.tw/news/view/2019-08-27/291248 10月底特律QLINE將加入統一支付系統 http://www.epochtimes.com/b5/19/8/27/n11480007.htm 4.虛擬貨幣/區塊鍊新聞及資安提供法幣出入金服務！交易所BTSE執行長Jonathan Leong：我們希望能夠吸引全球的交易者 https://news.sina.com.tw/article/20190823/32420908.html 去年遭駭的交易所 Zaif，前東家宣布「放棄持牌交易所業務」，成為日本首例 https://www.blocktempo.com/zaif-exchange-operator-shutting-down-after-refunding-hack-victims/ 加密交易所Beaxy或因兩週前漏洞事件損失57萬美元資金 http://qianba.com/9045.html 這個超猛！烏克蘭核電廠員工偷電挖比特幣 https://news.xfastest.com/others/68692/ukraine-virtual-currency/ 幣安（Binance）讓 KYC 駭客事件受害用戶，全部升級成 VIP 帳戶 https://www.blocktempo.com/third-party-vendor-kyc-matter/ 央行或在天秤幣Libra之前推出數字貨幣CBDC https://news.sina.com.tw/article/20190823/32419118.html 大銀行猶豫不決時，這些小銀行開始佈局加密貨幣 http://news.knowing.asia/news/5e5cd683-0ad1-47f4-9012-52d84c7235d7 「全台最大」桃園偵破以太礦機 17 億吸金案，受害高達 2000 人 https://www.inside.com.tw/article/17326-Taiwan-Ethereum-mining-machine-fraud 電子商務巨頭樂天發布加密貨幣交易所，目前支持BTC，ETH和BCH http://bit.ly/2ZkAXiw 電子支付新騙局，秒扣款尤其指紋和刷臉，值得警惕 https://ek21.com/news/tech/127731/ 虛擬貨幣也能募資 ICO到底是什麼 https://money.udn.com/money/story/5613/4006675 Lumi Wallet與Simplex達成合作允許客戶使用信用卡購買加密貨幣 https://www.fxeye.com/201908252444637445.html 臉書加密貨幣專案Libra至少有3家理事萌生退意 https://ithome.com.tw/news/132648 區塊鏈技術讓理賠更便利 https://udn.com/news/story/6854/4012642 Binance Confirms Hacker Obtained Its Users' KYC Data from 3rd-Party Vendor https://thehackernews.com/2019/08/binance-kyc-data-leak_26.html $1.1 Million in Cryptocurrency to Be Seized From Hacker https://www.bankinfosecurity.com/11-million-in-cryptocurrency-to-be-seized-from-hacker-a-12962 Police to sell hacker's $1.1 million Bitcoin stash to compensate victims https://www.zdnet.com/article/police-to-sell-hackers-1-1-million-bitcoin-stash-to-compensate-victims/#ftag=RSSbaffb68 Case Studies: Managing Identity With Blockchain https://www.bankinfosecurity.com/case-studies-managing-identity-blockchain-a-12957 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式 NordVPN克隆站出現漏洞，有銀行病毒 https://10beasts.net/nordvpn-clone-bank-virus-20190823/ Asruex後門變種通過Office和Adobe漏洞感染word和PDF文檔 https://www.4hou.com/vulnerable/19880.html 新款加密貨幣勒索軟體對準Fortnite 玩家 http://bit.ly/2Zgepj0 MDR 找到埋伏某公司系統2年的MyKings變種 https://blog.trendmicro.com.tw/?p=61824 美國政府警告，2020 總統大選恐遭勒贖攻擊 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=916 Election Security Program Aims to Mitigate Ransomware Risks https://www.bankinfosecurity.com/election-security-program-aims-to-mitigate-ransomware-risks-a-12983 Emotet Botnet Shows Signs of Revival https://www.bankinfosecurity.com/emotet-botnet-shows-signs-revival-a-12964 Fake VPN Website Delivers Banking Trojan https://www.databreachtoday.in/fake-vpn-website-delivers-banking-trojan-a-12940 Asruex Trojan exploits old Office, Adobe bugs to backdoor your system https://www.zdnet.com/article/asruex-trojan-exploits-old-office-adobe-bugs-to-backdoor-your-system/#ftag=RSSbaffb68 Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities https://blog.trendmicro.com/trendlabs-security-intelligence/asruex-backdoor-variant-infects-word-documents-and-pdfs-through-old-ms-office-and-adobe-vulnerabilities/ 2019-08-23 - DATA DUMP (URSNIF, RIG EK, NETWIRE RAT) https://www.malware-traffic-analysis.net/2019/08/23/index.html Ransomware continues assault against cities and businesses https://blog.malwarebytes.com/ransomware/2019/08/ransomware-continues-assault-against-cities-and-businesses/ IRS Warns Taxpayers of New Scam Campaign Distributing Malware https://www.bleepingcomputer.com/news/security/irs-warns-taxpayers-of-new-scam-campaign-distributing-malware/ VB2019 preview: Exploring Emotet, an elaborate everyday enigma https://www.virusbulletin.com/blog/2019/08/vb2019-preview-exploring-emotet-elaborate-everyday-enigma/ Mobile Menace Monday: Android Trojan raises xHelper https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/ TA505 At It Again: Variety is the Spice of ServHelper and FlawedAmmyy https://blog.trendmicro.com/trendlabs-security-intelligence/ta505-at-it-again-variety-is-the-spice-of-servhelper-and-flawedammyy/ 2019-08-27 - DATA DUMP: URSNIF INFECTION WITH TRICKBOT https://www.malware-traffic-analysis.net/2019/08/27/index.html 2019-08-26 - DATA DUMP: SOCGHOLISH CAMPAIGN PUSHES NETSUPPORT RAT https://www.malware-traffic-analysis.net/2019/08/26/index.html New RETADUP Variants Hit South America, Turn To Cryptocurrency Mining https://blog.trendmicro.com/trendlabs-security-intelligence/new-retadup-variants-hit-south-america-turn-cryptocurrency-mining/ Trojan Dropper Malware Found in Android App With 100M Downloads https://www.bleepingcomputer.com/news/security/trojan-dropper-malware-found-in-android-app-with-100m-downloads/ Attackers Target Company Recruitment Processes With Phoney Job Applications Loaded With Quasar RAT https://latesthackingnews.com/2019/08/27/attackers-target-company-recruitment-processes-with-phoney-job-applications-loaded-with-quasar-rat/ Police Trick Malware Gang Into Disinfecting 850,000 Systems https://www.bankinfosecurity.com/police-trick-malware-gang-into-disinfecting-850000-systems-a-12989 TrickBot, today's top trojan, adds feature to aid SIM swapping attacks https://www.zdnet.com/article/trickbot-todays-top-trojan-adds-feature-to-aid-sim-swapping-attacks/#ftag=RSSbaffb68 TrickBot Modifications Target U.S. Mobile Users https://www.secureworks.com/blog/trickbot-modifications-target-us-mobile-users A new IOT botnet is infecting Android-based set-top boxes https://www.zdnet.com/article/a-new-iot-botnet-is-infecting-android-based-set-top-boxes/#ftag=RSSbaffb68 Avast and French police take over malware botnet and disinfect 850,000 computers https://www.zdnet.com/article/avast-and-french-police-take-over-malware-botnet-and-disinfect-850000-computers/#ftag=RSSbaffb68 Attackers Target Company Recruitment Processes With Phoney Job Applications Loaded With Quasar RAT https://latesthackingnews.com/2019/08/27/attackers-target-company-recruitment-processes-with-phoney-job-applications-loaded-with-quasar-rat/ ‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information https://blog.trendmicro.com/trendlabs-security-intelligence/heatstroke-campaign-uses-multistage-phishing-attack-to-steal-paypal-and-credit-card-information/ Magecart Hackers Compromise 80 More eCommerce Sites to Steal Credit Cards https://thehackernews.com/2019/08/magecart-hacking-credit-card.html In Plain Sight II: On the Trail of Magecart https://www.arxan.com/resources/download/plain-sight-trail-magecart Attackers Target Govt and Financial Orgs With Orcus, Revenge RATs https://www.bleepingcomputer.com/news/security/attackers-target-govt-and-financial-orgs-with-orcus-revenge-rats/ TrickBot, today's top trojan, adds feature to aid SIM swapping attacks https://www.zdnet.com/article/trickbot-todays-top-trojan-adds-feature-to-aid-sim-swapping-attacks/ Ransomware hits hundreds of dentist offices in the US https://www.zdnet.com/article/ransomware-hits-hundreds-of-dentist-offices-in-the-us/#ftag=RSSbaffb68 TrickBot Variant Enables SIM Swapping Attacks: Report https://www.bankinfosecurity.com/trickbot-variant-enables-sim-swapping-attacks-report-a-12997 Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities https://malware.news/t/gootkit-banking-trojan-part-2-persistence-other-capabilities/32586 B.行動安全 / iPhone / Android /穿戴裝置 /App 以iPhone尋找功能綁架手機蘋果用戶遭詐騙案激增 http://bit.ly/2MAg1NQ Telegram藏洩露電話號碼「漏洞」　自保方法你要知 https://unwire.hk/2019/08/24/telegramnumber/tech-secure/ Telegram 安全教學．用戶身分無保障！號碼對話一秒被起底 http://bit.ly/2L66AT5 香港抗議民眾發現Telegram有「漏洞」，可能導致用戶身份被追蹤 https://www.ithome.com.tw/news/132645 盤古實驗室：蘋果FaceTime 逆向分析及漏洞案例分享 https://www.chainnews.com/articles/985997363241.htm 蘋果重大安全更新來了！果粉快下載升級 https://www.secretchina.com/news/b5/2019/08/28/905194.html Hong Kong protesters warn of Telegram feature that can disclose their identities https://www.zdnet.com/article/hong-kong-protesters-warn-of-telegram-feature-that-can-disclose-their-identities/#ftag=RSSbaffb68 Instagram phishing uses 2FA as a lure https://nakedsecurity.sophos.com/2019/08/23/instagram-phishing-uses-2fa-as-a-lure/ Apple patches iPhone jailbreaking bug https://www.zdnet.com/article/apple-patches-iphone-jailbreaking-bug/#ftag=RSSbaffb68 WARNING — Malware Found in CamScanner Android App With 100+ Million Users https://thehackernews.com/2019/08/android-camscanner-malware.html C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件資安人必看！SecBuzzer 暗網情資整理（2019 年 8 月號） https://secbuzzer.co/post/102 McAfee 指出：2019 年第一季，每分鐘就有 504 次駭侵攻擊 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=918 HITCON社群場邁向第15屆，電路板解謎活動及適合IT人員的藍隊競賽最吸睛 https://www.ithome.com.tw/news/132622 網站代管業者Hostinger遭到駭客入侵，危及1,400萬名客戶 https://www.ithome.com.tw/news/132634 網站代管業者Hostinger遭到駭客入侵，危及1400萬名客戶、為了以防萬一，已重設所有客戶的密碼 https://www.insoler.com/forum/topic/15668199011899.htm 首起太空犯罪案？美太空人疑在ISS冒名動用前配偶帳戶遭調查 https://www.ydn.com.tw/News/349738 利用國際太空站網路「侵犯私隱」案太空人涉嫌駭進伴侶銀行帳戶 http://bit.ly/30yI0Ro MAHB否認KLIA系統遭駭客攻擊 https://www.orientaldaily.com.my/news/nation/2019/08/24/303637 他是中國最頂級的駭客，曾讓6個國家束手無策，卻被證實是精神病 https://ek21.com/news/tech/127709/ [百度算法]百度泛解算法漏洞和黑產中的利用 https://www.soit.com.cn/seojj/2111.html 電擊、警棍、爆頭，被騙去柬埔寨的程序員有多慘 https://mp.weixin.qq.com/s/HML11GgMZemtf_3mqdyQbA 有人力求反監控有人巴不得被監控 https://talk.ltn.com.tw/article/paper/1312771 "竊聽風雲""通天悍賊" 駭客視角了解網路安全風險 https://ek21.com/news/tech/126278/ 量子突破！「隱形傳態」改寫歷史，不受駭客攻擊的互聯網即將出現 https://ek21.com/news/tech/126432/ 安徽破獲特大網路賭博案 https://news.sina.com.tw/article/20190825/32436592.html 越南恐成亞洲首位禁用華為5G設備國家電信商：考慮愛立信 https://news.cnyes.com/news/id/4372091 美國新成立網路安全機構CISA，視中國為最大戰略風險來源 https://news.sina.com.tw/article/20190823/32420000.html 美國白宮網站疑遭駭列中共為恐怖組織請願定格 http://www.epochtimes.com/b5/19/8/26/n11478189.htm 把中共定為恐怖組織白宮請願網站被黑？恐留戲劇化新證據 http://www.secretchina.com/news/b5/2019/08/27/905129.html?code=b5 中資背景公司可能在澳軍事禁區內「竊聽」 http://www.epochtimes.com/b5/19/8/26/n11478371.htm 中國駭客集團相準癌症研究中心，盜取新藥配方製程、中國得以比西方國家以更低的成本生產可治療癌症的藥物 https://www.insoler.com/forum/topic/15668354209072.htm FireEye：中國駭客集團相準癌症研究中心，盜取新藥配方製程 https://www.ithome.com.tw/news/132638 美國警告駭客正假冒國稅局發動攻擊 https://www.ithome.com.tw/news/132660 Fancy Bear Dons Plain Clothes to Try to Defeat Machine Learning https://www.darkreading.com/advanced-threats/fancy-bear-dons-plain-clothes-to-try-to-defeat-machine-learning/d/d-id/1335673 North Korean state hackers target retired diplomats and military officials https://www.zdnet.com/article/north-korean-state-hackers-target-retired-diplomats-and-military-officials/#ftag=RSSbaffb68 Sizing Up Impact of US Cyberattack Against Iran https://www.bankinfosecurity.com/sizing-up-impact-us-cyberattack-against-iran-a-12993 Middle East cyber-espionage is heating up with a new group joining the fold https://www.zdnet.com/article/middle-east-cyber-espionage-is-heating-up-with-a-new-group-joining-the-fold/#ftag=RSSbaffb68 Popular JavaScript library starts showing ads in its terminal https://www.zdnet.com/article/popular-javascript-library-starts-showing-ads-in-its-terminal/#ftag=RSSbaffb68 Clickjacking scripts found on 613 popular sites, academics say https://www.zdnet.com/article/clickjacking-scripts-found-on-613-popular-sites-academics-say/#ftag=RSSbaffb68 Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs https://www.zdnet.com/article/hackers-mount-attacks-on-webmin-servers-pulse-secure-and-fortinet-vpns/#ftag=RSSbaffb68 Chinese APT Groups Target Cancer Research Facilities: Report https://www.bankinfosecurity.com/chinese-apt-groups-target-cancer-research-facilities-report-a-12952 OPERATION SOFT CELL: A WORLDWIDE CAMPAIGN AGAINST TELECOMMUNICATIONS PROVIDERS https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers Capital One hacker denied release, will remain in jail https://www.zdnet.com/article/capital-one-hacker-denied-release-will-remain-in-jail/#ftag=RSSbaffb68 Down and Out in Hacktivist Land https://www.bankinfosecurity.com/down-out-in-hacktivist-land-a-12950 Attackers use large-scale bots to launch attacks on social media platforms https://www.helpnetsecurity.com/2019/08/27/attacks-on-social-media-platforms/ Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims https://thehackernews.com/2019/08/hacker-phishing-bitcoin.html Magecart criminals caught stealing with their poker face on https://blog.malwarebytes.com/threat-analysis/2019/08/magecart-criminals-caught-stealing-poker-face/ Recent HIPAA settlements highlight the weaknesses in healthcare security https://www.zdnet.com/article/recent-hipaa-settlements-highlight-the-weaknesses-in-healthcare-security/#ftag=RSSbaffb68 New DDoS Attack-Vector via WS-Discovery/SOAPoverUDP, Port 3702 https://zero.bs/new-ddos-attack-vector-via-ws-discoverysoapoverudp-port-3702.html Protocol used by 630,000 devices can be abused for devastating DDoS attacks https://www.zdnet.com/article/protocol-used-by-630000-devices-can-be-abused-for-devastating-ddos-attacks/#ftag=RSSbaffb68 資訊安全技術主管 https://www.104.com.tw/job/6pr7m 資安管理主任/副理 (ISP 產品技術服務 ) https://m.104.com.tw/job/6oti2 JPCERT/CC 募集要項 https://www.jpcert.or.jp/recruit/info.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞台灣抓漏小天使，個資外洩追蹤系統，幫助使用者確認個資是否外洩 https://iwebs.tw/breach-tw/ 美國連鎖超市Hy-Vee客戶的支付卡資料在黑市流竄 https://www.ithome.com.tw/news/132635 中國駭客入侵印度醫療網竊取68萬個資兜售 http://m.match.net.tw/pc/news/international/20190823/4999489 東華大學新設門禁學生憂個資外洩 http://www.ksnews.com.tw/index.php/news/contents_page/0001295359 自我保護免遭身份盜竊 http://bit.ly/2U1y4NZ 珍妮佛勞倫斯沙發上撈乳腿大開　60張裸照遭駭客外流 https://www.cmoney.tw/follow/channel/article-22142956 中國輿論操弄與言論自由 https://tw.appledaily.com/headline/daily/20190826/38428546/ 「台灣是中國一部分」是最大假消息近6成民眾認為有紅色媒體問題 https://living.taronews.tw/2019/08/25/444997/ 打擊詐騙變困難　LINE要求檢警查申登人需用搜索票 https://tw.news.appledaily.com/new/realtime/20190825/1620062/ 台灣抓漏小天使：個資外洩追蹤系統，比對姓名身分證字號是否在外洩清單 https://free.com.tw/breach-tw/ 電詐「新套路」轉自己銀行卡也不安全 https://news.sina.com.tw/article/20190825/32433770.html 設假互助會詐越南同鄉女老闆得手50餘萬判關兩年 https://news.ltn.com.tw/news/society/breakingnews/2896252 網路加友10天就要求匯錢解圍銀行員覺有鬼報警阻詐 https://udn.com/news/story/7315/4011059 收到卡費驚呆！　男控「簽名遭業務員偽造」 https://news.tvbs.com.tw/local/1189426 萬事達卡在德國與及比利時的部分用戶資料外洩 https://www.ithome.com.tw/news/132636 失載2.3萬贊助紀錄電腦私隱署跟進 http://bit.ly/2KVVfGu 信用卡被盜刷卻不知！科技RFID犯罪手法要注意 https://www.howtravel.com.tw/blog/2238 退休師網路投資險遭騙130萬原來是圈套 https://udn.com/news/story/7321/4012250 騙醫療福利萬三元婦人疑用偽造收據被捕 http://bit.ly/2HsWBpX 誇張！玉山銀主管要員工交健保卡供親戚詐領健保費 https://news.ltn.com.tw/news/life/breakingnews/2897080 原來是累犯玉山銀行主管親戚近20年前就曾詐健保費 https://udn.com/news/story/7266/4013405 玉山銀副總涉詐領健保費　金管會：檢視稽核報告後處置 https://www.nownews.com/news/20190827/3594878/ 美國老年人面臨醫療保險計畫紅藍卡詐騙 https://www.fcc.gov/mei-guo-lao-nian-ren-mian-lin-yi-liao-bao-xian-ji-hua-hong-lan-qia-zha-pian 女孩們，網路交友請當心！新世代詐騙集團已誕生 https://www.marieclaire.com.tw/community/opinion/44554 男性伴侶稱剛從國外返台男子提供帳戶險成詐欺被告 https://udn.com/news/story/7321/4012140 line的資料，該怎麼調 https://casebf.com/2019/08/27/line-2 Imperva Breach Exposes WAF Customers' Data, Including SSL Certs, API Keys https://thehackernews.com/2019/08/imperva-waf-breach.html Imperva Security Update https://www.imperva.com/blog/ceoblog/ Facial Recognition Use Triggers GDPR Fine https://www.bankinfosecurity.com/facial-recognition-use-triggers-gdpr-fine-a-12991 Google Proposes 'Privacy Sandbox' to Develop Privacy-Focused Ads https://thehackernews.com/2019/08/google-privacy-sandbox-ads.html Data stolen from Hy-Vee customers offered for sale on Joker’s Stash Dark Web forum https://www.zdnet.com/article/data-stolen-from-hy-vee-customers-offered-for-sale-on-jokers-stash-dark-web-trading-post/#ftag=RSSbaffb68 80 defendants in U.S. and Nigeria, including 11 in L.A. County, charged in cyberfraud conspiracy to steal millions https://abc7.com/fbi-serves-arrest-search-warrants-in-south-bay-connected-to-international-scams/5485625/ 80 suspects arrested in massive business email scam takedown https://www.zdnet.com/article/80-suspects-arrested-in-massive-business-email-scam-takedown/#ftag=RSSbaffb68 What the New NIST Privacy Framework Means to You https://www.symantec.com/blogs/feature-stories/what-new-nist-privacy-framework-means-you Some of Russia's surveillance tech leaked data for more than a year https://www.zdnet.com/article/some-of-russias-surveillance-tech-leaked-data-for-more-than-a-year/#ftag=RSSbaffb68 E.研究報告使用 Prometheus 和 Grafana 打造 Flask Web App 監控預警系統 https://blog.techbridge.cc/2019/08/26/how-to-use-prometheus-grafana-in-flask-app/ 利用Python腳本實現漏洞情報監控與通知的經驗分享 https://www.freebuf.com/articles/es/209417.html 手機電腦,拒絕被騷擾監視駭客恐怖情人滾蛋*2019/08/24 http://bit.ly/2HrVY01 淺談企業內部IT系統漏洞的挖掘（下） https://xz.aliyun.com/t/6060 深入分析QEMU虛擬機逃逸漏洞 https://xz.aliyun.com/t/6085 TP Link SR20 ACE漏洞分析 https://xz.aliyun.com/t/6073 一個任意文件上傳漏洞的復現，分析，利用與防禦建議 https://www.freebuf.com/vuls/210928.html 網站漏洞檢測之網站後台webshell漏洞 https://cloud.tencent.com/developer/article/1493068 Steam Windows客戶端本地提權漏洞分析 https://www.anquanke.com/post/id/184950 Microsoft office 公式编辑器 Matrix record 栈溢出漏洞分析 https://www.chainnews.com/articles/473375998581.htm 10個Q&A快速認識64核心CPU https://www.ithome.com.tw/news/132595 CVE-2019-12527: Squid 遠程命令執行漏洞 https://xz.aliyun.com/t/6090 kworker是什麼，又什麼用 https://blog.csdn.net/lyblyblyblin/article/details/79346459 挖洞經驗| Facebook的Gmail驗證機制存在的CSRF漏洞 https://www.freebuf.com/vuls/210837.html IOT設備漏洞挖掘從入門到入門（一） - DVRF系列題目分析 https://www.anquanke.com/post/id/184718 APP滲透測試驗證碼功能漏洞的檢測與分析匯總 https://cloud.tencent.com/developer/article/1493895 個案分析-X大學系所網站駭侵攻擊事件分析報告_10808 https://cert.tanet.edu.tw/prog/opendoc.php?id=2019083011082828195490327742851.pdf Finding Hidden API Keys & How to use them https://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-11b1e5d0f01d ASP.NET resource files (.RESX) and deserialisation issues https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/ Talos DEFCON badge build instructions and use https://blog.talosintelligence.com/2019/08/talos-defcon-badge-build-instructions.html How Microsoft lost its monopoly in web browsers https://www.zdnet.com/pictures/how-microsoft-lost-its-monopoly-in-web-browsers/#ftag=RSSbaffb68 Exploiting AWS ECR and ECS with the Cloud Container Attack Tool (CCAT) https://rhinosecuritylabs.com/aws/cloud-container-attack-tool/ F.商業台積電每年800億研發成果，九成得靠「它」來保護 http://bit.ly/2MzWQUy VMWARE投資近50億美元收購雲端資安平台PIVOTAL及CARBON BLACK http://bit.ly/2Hq5K2K Canon與McAfee合作的「McAfee Embedded Control」功能有效防護網路攻擊 https://zeekmagazine.com/archives/103149 研華加強與系統整合商合作智能夥伴團隊成形 http://www.ctimes.com.tw/DispNews/tw/%E7%A0%94%E8%8F%AF/1908231531NU.shtml 安碁資訊通過上櫃審議國內首家IPO資安服務商 https://udn.com/news/story/7240/4010236 關貿網路與中國附醫攜手打造醫療行動支付 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000566745_EER8LEGN3069ZY6QPO2AU 奧義揭露攻擊端點偵測與回應系統的手法，呼籲企業要採取多重機制搭配 https://www.ithome.com.tw/news/132647 您購買資安險了嗎？每月只要2萬，即刻啟動企業員工連網安全防護 https://www.zerone.com.tw/Content/Promotion/BE3A2D124C6E8F89 微軟將延長部份企業、政府用戶Windows 7免費支援一年 https://www.ithome.com.tw/news/132652 NetApp launches virtual desktop infrastructure (VDI) solution for VMware https://www.zdnet.com/article/netapp-launches-virtual-desktop-infrastructure-vdi-solution-for-vmware/#ftag=RSSbaffb68 Microsoft: Using multi-factor authentication blocks 99.9% of account hacks https://www.zdnet.com/article/microsoft-using-multi-factor-authentication-blocks-99-9-of-account-hacks/ Microsoft readies exFAT patents for Linux and open source https://www.zdnet.com/article/microsoft-readies-exfat-patents-for-linux-and-open-source/#ftag=RSSbaffb68 Three Common Email Security Mistakes That MSPs Make https://blog.trendmicro.com/three-common-email-security-mistakes-that-msps-make/ G.政府台政院拍板數位身分證強化資安管理 http://www.epochtimes.com/b5/19/8/23/n11471908.htm 108年資安職能訓練增開班次，開放報名 https://ctts.nccst.nat.gov.tw/NewsDetail/92 行政院國家資通安全會報於8月26日發布資通安權責任分級辦法部分條文修正 https://nicst.ey.gov.tw/Page/D94EC6EDE9B10E15/f30b5686-f712-45ba-9af1-0cbee24fa397 工研院智慧影像分析維安監控好幫手 https://www.chinatimes.com/realtimenews/20190828003176-260412?chdtv 工業局補助資安健檢團隊到你家 https://money.udn.com/money/story/10860/4017790 行政院技術服務中心108年第2季資通安全技術報告 http://bit.ly/2T9juDw H.ICS/SCADA 工控系統西門子工業4.0三管齊下台日開放式物聯網協會揭幕 https://m.ctee.com.tw/livenews/aj/20190823000061-260410 I.教育訓練全台唯一(ISC)2原廠授權認證，四大必備資安證照 https://ithome.com.tw/pr/132581 為何 65% 的 SOC 資安監控工程師,選擇轉換跑道 https://blog.trendmicro.com.tw/?p=61610 Getting started with IDA Pro https://www.peerlyst.com/posts/getting-started-with-ida-pro-chiheb-chebbi J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識國家AI隊發功擴增台灣杉二號AI運算力 http://bit.ly/30yNXOg 台灣力拚數位轉型蛻變智慧創新國度資服攜手醫療製造共擬三大領域建言 https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=12&id=0000566900_63klg3o3lbbp7j151za07&cf=a13 Xilinx三大戰術加速工業與醫療物聯網產業發展 https://www.chinatimes.com/realtimenews/20190827001157-260410?chdtv 物聯網改善營運效率需顧及保安 http://bit.ly/2NzCWZf 《IOT 》馬桶不停沖水!掃地機器人監視用戶!…..九種智慧家庭裝置可能面臨的威脅 https://blog.trendmicro.com.tw/?p=61624 資安研究人員再次發現 Tesla Model S 無線鑰匙漏洞，可直接複製並竊走車輛 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=917 How Machine Learning Can Mitigate Email-Based Attacks https://www.bankinfosecurity.com/machine-learning-mitigate-email-based-attacks-a-12966 Raspberry Pi 4 and Raspbian: Two months in, here's what I've learned so far https://www.zdnet.com/article/raspberry-pi-4-and-raspbian-two-months-in-heres-what-ive-learned-so-far/#ftag=RSSbaffb68 Hacker Claims He Can 'Turn Off 25,000 Cars' At The Push Of A Button https://www.forbes.com/sites/thomasbrewster/2019/08/25/hacker-claims-he-can-immobilize-25000-cars-at-the-push-of-a-button/ 6.近期資安活動及研討會 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28 https://www.accupass.com/event/1906050355291064968019 MLDM Monday｜用開放資料玩出政府創新應用 : 當雨神來臨時 9/2 https://www.meetup.com/Taiwan-R/events/262992081/ Taipei Rails Meetup 9/3 https://www.meetup.com/rails-taiwan/events/dlgzljyzmbfb/ 高雄 Rails Meetup 9/4 https://www.meetup.com/rails-taiwan/events/qxfvjkyzmbgb/ Android Code Club(Taipei) 9/4 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbgb/ SyntaxError 9/4 https://www.meetup.com/pythonhug/events/tnzzgpyzmbgb/ 工業控制系統資安研討會 9/5 http://bit.ly/2NsMvt5 HackingThursday 固定聚會 9/5 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbhb/ TWJUG 201909 聚會 9/5 https://www.meetup.com/taiwanjug/events/264123847/ GDG Hsinchu #02 - 動手實作，開發Google 助理和LINE Bot之Dialogflow威力加強版 9/5 https://www.meetup.com/GDG-Hsinchu/events/263740629/ Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 9/6 https://signupcybersec101.ithome.com.tw/ AI 投資理財技術實作，Python爬蟲+機器學習技術實務，打造個人投資理財工具 9/7 https://www.techbang.com/posts/72056-course-ai-investment-finance-technology 交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7 https://hackercollege.nctu.edu.tw/?p=1079 DigitalOcean Hsichu x Golang TW Meetup 9/7 https://www.meetup.com/DigitalOceanHsinchu/events/263910445/ Trend Micro CTF 2019 // Raimund Genes Cup SEPTEMBER 7–8, 2019 https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html 資訊安全管理系統-基礎課程 9/8 https://www.accupass.com/event/1907160853513957042270 Scala Taiwan #32 - Introduction to Minitime 9/9 https://www.meetup.com/Scala-Taiwan-Meetup/events/263961981/ MLDM Monday｜Domain Adaptation 的數學理論推導 9/9 https://www.meetup.com/Taiwan-R/events/263929941/ 【AWS資安】Security Engineering on AWS高級課程 2019-09-09(一) 09:30 ~ 2019-09-11(三) 17:30 (GMT+8) https://www.accupass.com/event/1905150854571147685105 微軟 2nd Cybersecurity Conference 2019/09/10 9:00-17:00 https://www.microsoftevents.com/profile/form/index.cfm?PKformID=0x7592629abcd SyntaxError 9/11 https://www.meetup.com/pythonhug/events/tnzzgpyzmbpb/ Android Code Club(Taipei) 9/11 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbpb/ 【AWS資安】Security Engineering on AWS高級課程 9/9 ~ 9/11 https://www.accupass.com/event/1905150854571147685105 CDX2.0推廣活動 - 台北場次 9/10 https://nchc-cdx.kktix.cc/events/cdxactivity-0910 Kubernetes Sumｍit 9/11 https://summit.ithome.com.tw/kubernetes/ 台灣賽門鐵克年度資安論壇 9/12 https://zh.surveymonkey.com/r/symantec_0912 HackingThursday 固定聚會 9/12 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbqb/ 資安檢核核心技術及進階技術研討會 9月16日至9月18日 http://bit.ly/2TN2UtD MLDM Monday｜TensorFlow All Around 9/16 https://www.meetup.com/Taiwan-R/events/264154315/ Kotlin/Everywhere GDG Hsinchu - Kotlin on Cloud and Web 9/17 https://www.meetup.com/GDG-Hsinchu/events/263741333/ Cosmos SDK Workshop - 打造自己的新手區塊鏈 9/17 https://www.meetup.com/Taipei-Blockchain/events/264188406/ Cyber Attack Taipei Series 2019 9/17 https://www.eventbrite.com/e/cyber-attack-taipei-series-2019-tickets-68951581035 稽核主管研習班(108年第二期) 9/17 ~ 9/18 https://edu.tii.org.tw/pt_training/mpage/index/info/1072673781 Android Code Club(Taipei) 9/18 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzmbxb/ SyntaxError 9/18 https://www.meetup.com/pythonhug/events/tnzzgpyzmbxb/ HackingThursday 固定聚會 9/19 https://www.meetup.com/hackingthursday/events/vkhnnqyzmbzb/ Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 9/20 https://signupcybersec101.ithome.com.tw/ 金融資安培訓課程 9/20 https://twap.deloitte.com.tw/DTLCRA/Works/CourseDetail.aspx?CourseID=T1906002 Android Code Club(Taipei) 9/21 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbcc/ SyntaxError 9/21 https://www.meetup.com/pythonhug/events/tnzzgpyzlbcc/ 資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21 https://ithome.com.tw/pr/131772 交通大學亥克書院-A011:入侵行為發覺與應變指南 9/21 https://hackercollege.nctu.edu.tw/?p=1082 資訊安全管理系統-進階課程 9/21 https://www.accupass.com/event/1907160908138705889800 Open UP Summit Fukuoka Outreach 9/21 https://www.meetup.com/TaipeiWomeninTech/events/263683783/ Build Your First Custom Blockchain - 親手打造你的第一個客制區塊鏈 9/24 https://www.meetup.com/Polkadot-Taipei/events/264188190/ TANET 2019 - 臺灣網際網路研討會 9/25 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310 Nextlink Technology 9/25 (三) https://www.accupass.com/event/1908020858535104977240 DEVCORE Conference 2019 9/25 https://devco.re/conf/2019/ Thinking Thursday 第四場 9/26 https://www.meetup.com/Thinking-Thursday/events/263826166/ 交通大學亥克書院-B022:基礎網頁安全與滲透測試 9/28 https://hackercollege.nctu.edu.tw/?p=1084 JavaScript Developer Conference-2019 2019-09-28(六) 09:30 ~ 2019-10-26(六) 17:30 (GMT+8) https://www.accupass.com/event/1907081509101081922774 GDG DevFest Taipei 2019 10/1 https://www.meetup.com/GDGTaipei/events/263142255/ 資安檢核核心技術及進階技術研討會 10月7日至10月9日 http://bit.ly/2TN2UtD HITB+ CYBER WEEK 2019/10/12 ~17 https://d2p.hitb.org/ 交通大學亥克書院-A006:數位足跡追蹤與分析 10/19 https://hackercollege.nctu.edu.tw/?p=1088 Splunk .conf 19 10/21 ~ 10/24 https://conf.splunk.com/ AIoT智能物聯網開發人才就業養成班[免費諮詢] 10/22 https://ittraining.kktix.cc/events/aiot-training-2019 Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019 https://www.icscybersecurityconference.com Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 10/25 https://signupcybersec101.ithome.com.tw/ 交通大學亥克書院-A015:進階網頁滲透測試 10/26 https://hackercollege.nctu.edu.tw/?p=1090 資安檢核核心技術及進階技術研討會 10月28日至10月30日 http://bit.ly/2TN2UtD Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/8 https://signupcybersec101.ithome.com.tw/ 交通大學亥克書院-P006:高階網頁滲透測試 11/16 https://hackercollege.nctu.edu.tw/?p=1092 Trend Micro CTF 2019 // Raimund Genes Cup FINAL / NOVEMBER 23–24, 2019 https://www.trendmicro.com/en_us/campaigns/capture-the-flag.html 資安檢核核心技術及進階技術研討會11月26日至11月28日 http://bit.ly/2TN2UtD Cybersecurity Framework 擴大資安視野 Seminar CYBERSEC 101 研討會 11/29 https://signupcybersec101.ithome.com.tw/ 交通大學亥克書院-B015:惡意程式檢測 11/30 https://hackercollege.nctu.edu.tw/?p=1098 交通大學亥克書院-A018:企業網域控管－Active Directory攻擊與防禦 12/14 https://hackercollege.nctu.edu.tw/?p=1094 Japan Security Analyst Conference https://jsac.jpcert.or.jp/