資安事件新聞週報 2020/8/10 ~ 2020/8/14

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/8/10 ~ 2020/8/14 1.重大弱點漏洞/後門/Exploit/Zero Day 高通、聯發科Wi-Fi晶片發現漏洞，訊號傳輸、數據封包恐被攔截 https://www.bnext.com.tw/article/58801/krook-serious-vulnerability-affected-encryption-billion-wifi-devices-qualcomm-mediatek TeamViewer 曝漏洞瀏覽特定網頁即可被無密碼入侵 https://www.chainnews.com/zh-hant/articles/996871847939.htm 安全研究人員：衛星網路含有可被竊聽的安全漏洞 https://www.ithome.com.tw/news/139281 路由器，交換機和 AnyConnect VPN 中的高度嚴重漏洞 https://www.chainnews.com/zh-hant/articles/384089921935.htm Windows 10再爆Print Spooler組件漏洞曾修復一次但被繞過 https://www.sohu.com/a/412020059_99956743 Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks https://thehackernews.com/2020/08/foreshadow-processor-vulnerability.html FreeBSD 安全漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7459 Kibana拒絕服務和跨站腳本漏洞預警 https://www.secrss.com/articles/24531 OpenSSL中的漏洞影響IBM Flex系統網絡交換機（CVE-2015-0286） https://support.lenovo.com/hk/zh/solutions/ht116251/ 0-Day Hacking RPA -1(UiPath) B(Remote Components) https://www.youtube.com/watch?v=OiryDE4aH9A Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days https://www.zdnet.com/article/microsoft-august-2020-patch-tuesday-fixes-120-vulnerabilities-two-zero-days/#ftag=RSSbaffb68 Critical Adobe Acrobat and Reader Bugs Allow RCE https://threatpost.com/critical-adobe-acrobat-reader-bugs-rce/158261/ 2.銀行/金融/保險/證券/支付系統/ 新聞及資安會計師看時事／數位鑑識防杜資訊危機最後防線 https://money.udn.com/money/story/8944/4761765 金融四資安威脅金管會示警 https://www.chinatimes.com/newspapers/20200807000287-260205?chdtv 金管會推金融資安方案 31家2年內須設資安長 https://reurl.cc/Kky1zn 金管會強化資安防護 31家金融業須設資安長 https://ec.ltn.com.tw/article/paper/1391518 樂天網銀存戶首年拚50萬 https://money.udn.com/money/story/5613/4764756 手機門號轉帳年底拚跨行 https://udn.com/news/story/7239/4767115 第一資本遭駭上億個資外流美財政部罰逾23億 https://money.udn.com/money/story/5599/4766211 資安、雙語人才受歡迎行庫攬才下半年擴大招募 https://ppt.cc/fMhYTx 新人7月陸續到位不畏疫情金控徵才一波波 https://ppt.cc/fH3olx 金管會首度揭露金融資安行動方案8大亮點，將分4年分階段推動採每半年滾動式檢討 https://www.ithome.com.tw/news/139299 用銀行APP繳卡費她手滑多按一個數字匯了18萬快崩潰 https://udn.com/news/story/120912/4767845 Capital One agrees to $80M fine, cybersecurity consent order for 2019 data breach https://reurl.cc/pdqeKr Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon https://thehackernews.com/2020/08/magecart-homograph-phishing.html Inter skimming kit used in homoglyph attacks https://blog.malwarebytes.com/threat-analysis/2020/08/inter-skimming-kit-used-in-homoglyph-attacks/ Hackers say ‘jackpotting’ flaws tricked popular ATMs into spitting out cash https://techcrunch.com/2020/08/06/hackers-atm-spit-cash/ Travelex Forced into Administration After Ransomware Attack https://www.infosecurity-magazine.com/news/travelex-forced-administration/ ACCC says bank screen scraping warnings are not anti-competitive https://www.zdnet.com/article/accc-says-bank-screen-scraping-warnings-are-not-anti-competitive/ Magecart group uses homoglyph attacks to fool you into visiting malicious websites https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/#ftag=RSSbaffb68 Diebold ATM Terminals Jackpotted Using Machine’s Own Software https://threatpost.com/diebold-atm-terminals-jackpotted-using-machines-own-software/157575/ Crooks have acquired proprietary Diebold software to “jackpot” ATMs https://news.hitb.org/content/crooks-have-acquired-proprietary-diebold-software-jackpot-atms Thieves Are Emptying ATMs Using a New Form of Jackpotting https://www.wired.com/story/thieves-are-emptying-atms-using-a-new-form-of-jackpotting/ University Investigates Skimming of Credit Card Data https://www.bankinfosecurity.com/university-investigates-skimming-credit-card-data-a-14803 3.電子支付/行動支付/pay/資安 ios 台灣pay 主掃支付方式 https://pttcareers.com/MobilePay/1VBhHjxn 「醫指付行動支付」省時便利 43萬人註冊 https://reurl.cc/ygy4qa 公股銀傳要員工三倍券綁台灣Pay 財部：不可強制 https://money.udn.com/money/story/5613/4781321 電子支付新里程碑！國泰人壽首創用街口支付繳保費 https://money.udn.com/money/story/5613/4781427 政院通過電子支付管理草案加速普及行動支付 https://reurl.cc/odD4kD 臉書建立新金融服務部門電子支付參一腳 https://ctee.com.tw/news/global/316656.html 電子支付不流行了？金管會：年底難達成預期目標，將加強跨平台便利性 https://www.storm.mg/article/2897671 4.加密貨幣/挖礦/區塊鍊資安 PeckShield：DeFi平台Opyn智能合約漏洞詳解，攻擊者空手套白狼 https://www.theblockbeats.com/news/18807 Ledger 冷錢包爆漏洞！無法識別比特幣及分叉鏈，恐致用戶在不知情下轉出 BTC https://www.blocktempo.com/ledger-wallet-vulnerability/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Mirai 殭屍網路可被用來透過漏洞 CVE-2020-5902攻擊物聯網裝置 https://blog.trendmicro.com.tw/?p=65401 TA551 (Shathak) Word docs push IcedID (Bokbot) https://isc.sans.edu/forums/diary/TA551+Shathak+Word+docs+push+IcedID+Bokbot/26438/ Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts https://blog.trendmicro.com/trendlabs-security-intelligence/water-nue-campaign-targets-c-suites-office-365-accounts/ Unpatched bug in Windows print spooler lets malware run as admin https://www.bleepingcomputer.com/news/security/unpatched-bug-in-windows-print-spooler-lets-malware-run-as-admin/ July 2020’s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence https://reurl.cc/Y1MKVn Canon confirms ransomware attack in internal memo https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo/ McAfee Defender’s Blog: NetWalker https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-defenders-blog-netwalker/ 5ヶ月で約26億円を盗み取ったランサムウェア https://www.gizmodo.jp/2020/08/netwalker-ransomware.html MAZEの目的は何か：MAZEランサムウェア・インシデントに関連したTTP（Tactics, Techniques, Procedures）の解説と脅威対策 https://www.fireeye.com/blog/jp-threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html A Fork of the FTCode Powershell Ransomware https://isc.sans.edu/forums/diary/A+Fork+of+the+FTCode+Powershell+Ransomware/26434/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G 5G大喜事 EEE GLOBECOM會議移師來台 https://ctee.com.tw/news/tech/315735.html 資安防護還是政治操作？美參議院通過：未來政府設備禁用Tik Tok http://n.yam.com/Article/20200807803871 憂臉書被他國封殺？札克伯格：美禁TikTok創非常糟糕先例 https://ec.ltn.com.tw/article/breakingnews/3252998 Google 刪除近 2600 中國 YouTube 頻道打擊有組織輿論影響活動 https://unwire.hk/2020/08/08/youtube-channel/hottopic/spotlight/ Check Point：高通DSP晶片含嚴重安全漏洞，逾40%手機遭波及 https://www.ithome.com.tw/news/139276 Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs https://reurl.cc/lVEKgY 外媒：美國有軍方背景公司在500多款應用中植入跟踪軟件 https://reurl.cc/R1nvnD C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件〈財經週報-駭客出沒〉駭客手法300多種知己知彼即時應變 https://ec.ltn.com.tw/article/paper/1392108 火網評論：如何防止紅色供應鏈擴散進化 https://tw.appledaily.com/headline/20200809/Q62JKUT4EP72PHKVJ5EMKBOSFM/ 駭客趁疫打劫全球網路攻擊暴增 https://ctee.com.tw/news/tech/315582.html 我們不可輕易輕敵，有天它將取代人類 https://reurl.cc/yZ59lq Twitter 黑客事件 Zoom 網上聽證會　被入侵播 Pornhub 影片被逼中止 https://reurl.cc/V6GbqQ 美情報官員：中共伊朗不願川普連任俄國全力反拜登 https://reurl.cc/3D8qZX [姆咪] Reddit 遭到駭客攻擊，大量板面變成川普 https://pttweb.tw/s/19FunF 蓬佩奧懸賞千萬美元防外國干預美國大選 https://reurl.cc/8GrRkb 批陸駭客攻擊美大選設備白宮國安顧問撂狠話警告 https://www.chinatimes.com/realtimenews/20200810001746-260408?chdtv 白宮國安顧問：中國駭客鎖定美國選舉基礎設施 https://www.cna.com.tw/news/aopl/202008100009.aspx 中總譴責美國所謂制裁嚴重干涉中國內政 http://www.hkcd.com/content/2020-08/08/content_1206231.html 【踢走中國就是乾淨】美國宣布「乾淨網路」計畫！App 商店、電信商、雲端全面大掃除，連海底電纜都不放過 https://buzzorange.com/techorange/2020/08/07/us-clean-network-pompeo/ 竹科遭中國駭客入侵？美媒驚爆「至少7間半導體」受害 https://www.setn.com/News.aspx?NewsID=794393 【立法會選舉】五眼聯盟反對DQ 中方批傲慢與偏見 https://ppt.cc/fRL9bx #DEFCON: How the International Space Station Enables Cybersecurity https://www.infosecurity-magazine.com/news/international-space-station/ Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack https://thehackernews.com/2020/08/http-request-smuggling.html INTERPOL: Cybercrime Growing at an “Alarming Pace” Due to #COVID19 https://www.infosecurity-magazine.com/news/cybercrime-growing-alarming-pace/ China has stolen Taiwan’s semiconductor secrets: Wired https://www.taiwannews.com.tw/en/news/3982792 Black Hat: Hackers are using skeleton keys to target chip vendors https://reurl.cc/qd9WpD How COVID-19 Has Changed Business Cybersecurity Priorities Forever https://thehackernews.com/2020/08/covid-19-cybersecurity.html China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/ Hackers are defacing Reddit with pro-Trump messages https://www.zdnet.com/article/hackers-are-defacing-reddit-with-pro-trump-messages/#ftag=RSSbaffb68 FBI: Iranian hackers trying to exploit critical F5 BIG-IP flaw https://www.bleepingcomputer.com/news/security/fbi-iranian-hackers-trying-to-exploit-critical-f5-big-ip-flaw/ China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/ National Cyber Security Centre launches tool to help keep data safe during pandemic https://www.legalfutures.co.uk/associate-news/national-cyber-security-centre-launches-tool-to-keep-data-safe-during-pandemic FBI says an Iranian hacking group is attacking F5 networking devices https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/#ftag=RSSbaffb68 Chinese Hackers Charged in Decade-Long Crime and Spying Spree https://www.wired.com/story/chinese-hackers-charged-decade-long-crime-spying-spree/ Network intruders selling access to high-value companies https://www.bleepingcomputer.com/news/security/network-intruders-selling-access-to-high-value-companies/#.XzLxu4t-l8U.twitter 資安工程師(技術研發)_台達研究院(台北) https://www.yourator.co/companies/deltaww/jobs/12728?locale=en 【日商樂天】資安主管 (Manager of Security Audit Team)(DEV) https://www.104.com.tw/job/70o4o D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞交友網站誘騙日本男性用戶 https://blog.trendmicro.com.tw/?p=65436 花甲大媽收穫網路「愛情」，對象竟是「美國大兵」 https://reurl.cc/Nj5Kvp 【駭翻推特（上）】從拜登到貝佐斯　當駭客接管政要首富的官方帳號 https://www.mirrormedia.mg/story/20200805int004/ 【駭翻推特（下）】「SIM掉包術」凸顯「兩階段驗證」資安漏洞 https://www.mirrormedia.mg/story/20200805int005/ 假點讚真詐騙財損數百萬 https://reurl.cc/mnWKNj 2歲萌兒IG第6次遭駭客攻擊　Gary心累：想罵髒話忍住了 https://star.ettoday.net/news/1779737 LG、Xerox 內部資料遭竊並公開 https://www.twcert.org.tw/tw/cp-104-3843-00c52-1.html 再破紀錄！韓國清純直播主收「千萬韓元」斗內　網驚：遭到駭客 https://www.ttshow.tw/kol/71350/ 網路遊戲地雷多…網路詐騙連年增疫情期間資安攻擊頻率再升級 https://reurl.cc/0oVGrM 英特爾至少20GB機密資料外洩，涉及晶片開發工具、原始碼等 https://news.knowing.asia/news/e0533633-b2c7-4709-ba45-948a97d9e67d 英特爾傳被駭，外洩程式碼、工具等機密文件 https://www.ithome.com.tw/news/139258 Intel 高達 20GB 的 BIOS 和技術程式碼流出，好戲還在後頭 https://www.kocpc.com.tw/archives/337023 Intel leaks – Hacker posts 20GB of alleged Intel source code, files online https://www.hackread.com/intel-leaks-hacker-posts-intel-source-code-files-online/ 2.3 MILLION+ USA DOCTOR RECORDS ALLEGEDLY LEAKED ON DARKWEB FOR FREE https://cybleinc.com/2020/08/08/2-3-million-usa-doctor-records-allegedly-leaked-on-darkweb-for-free/ Spam and phishing in Q2 2020 https://securelist.com/spam-and-phishing-in-q2-2020/97987/ Fake security advisory used in clever cPanel phishing attack https://www.bleepingcomputer.com/news/security/fake-security-advisory-used-in-clever-cpanel-phishing-attack/ Report: N.J. ranks No. 15 among states for data breach victims https://www.roi-nj.com/2020/07/21/tech/report-n-j-ranks-no-15-among-states-for-data-breach-victims/ Genealogy Software Maker Exposes Data on 60,000 Users https://www.infosecurity-magazine.com/news/genealogy-software-maker-exposes/ Number of Reported Breaches Decrease In First Half of 2020 https://www.darkreading.com/attacks-breaches/number-of-reported-breaches-decrease-in-first-half-of-2020/d/d-id/1338392 DeepSource resets logins after employee falls for Sawfish phishing https://www.bleepingcomputer.com/news/security/deepsource-resets-logins-after-employee-falls-for-sawfish-phishing/#.XxcHf9b6mcs.twitter 6,600 organizations bombarded with 100,000+ BEC attacks https://www.helpnetsecurity.com/2020/08/10/6600-organizations-bombarded-with-100000-bec-attacks/ Barclays Faces Employee Spying Probe https://www.bankinfosecurity.com/barclays-faces-employee-spying-probe-a-14796 Phishing Campaign Spoofs SBA Loan Offer https://www.bankinfosecurity.com/phishing-campaign-spoofs-sba-loan-offer-a-14800 SBA phishing scams: from malware to advanced social engineering https://blog.malwarebytes.com/scams/2020/08/sba-phishing-scams-from-malware-to-advanced-social-engineering/ Fake security advisory used in clever cPanel phishing attack https://www.bleepingcomputer.com/news/security/fake-security-advisory-used-in-clever-cpanel-phishing-attack/ E.研究報告 Mirai 殭屍網絡利用CVE-2020-5902 漏洞攻擊物聯網設備 https://paper.seebug.org/1286/ Weblogic 遠程命令執行漏洞（CVE-2020-14645）分析 https://paper.seebug.org/1287/ Shiro RememberMe 漏洞檢測的探索之路 https://paper.seebug.org/1285/ Weblogic 遠程命令執行漏洞（CVE-2020-14644）分析 https://paper.seebug.org/1284/ Bulehero 蠕蟲病毒安全分析報告 https://paper.seebug.org/1283/ PHP環境XML外部實體注入漏洞（XXE） http://www.secwk.com/2020/08/07/19440/ 路由器漏洞利用工具RouterSploit https://m.yisu.com/zixun/291114.html 通過白名單iptables限制ip規避漏洞 http://blog.itpub.net/69959246/viewspace-2710158/ ASP.NET Core JSON 中文編碼問題與序列化參數設定 https://blog.darkthread.net/blog/aspnet-core-json-setting/ Tenda AC15 AC1900多個漏洞分析 https://www.anquanke.com/post/id/213416 Updates from Threat Analysis Group (TAG) Bulletin: Q2 2020 https://blog.google/threat-analysis-group/tag-bulletin-q2-2020/ Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack https://thehackernews.com/2020/08/http-request-smuggling.html CVE-2019-7609 https://github.com/kisec/CVE-2019-7609 SOC1 vs SOC2 – Cyber Threat Intelligence Guide https://cybersecuritynews.com/soc1-vs-soc2/ DEF CON: New tool brings back 'domain fronting' as 'domain hiding' https://www.zdnet.com/article/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding/#ftag=RSSbaffb68 Astra https://github.com/flipkart-incubator/Astra Pwn2Own Qualcomm cDSP https://reurl.cc/9Ed2r8 Pwn2Own -> Xxe2Rce http://muffsec.com/blog/?p=608 Limiting Location Data Exposure https://media.defense.gov/2020/Aug/04/2002469874/-1/-1/0/CSI_LIMITING_LOCATION_DATA_EXPOSURE_FINAL.PDF TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices https://reurl.cc/z82xMe Stealthily Access Your Android Phones:Bypass the Bluetooth Authentication https://reurl.cc/Y1My94 Mimir Smart OSINT collection of common IOC types. https://github.com/deadbits/mimir Capacitor https://github.com/ionic-team/capacitor axiom https://github.com/pry0cc/axiom TOP 11 Deep Web Search Engine Alternative for Google and Bing 2020 https://gbhackers.com/top-10-deep-web-search-engines-which-gives-deep-information-that-you-cant-get-it-in-google-and-bing/ PivotSuite- Hack The Hidden Network https://hackersonlineclub.com/pivotsuite-hack-the-hidden-network/ Evine - Interactive CLI Web Crawler https://www.kitploit.com/2020/08/evine-interactive-cli-web-crawler.html dnsteal - DNS Exfiltration tool for stealthily sending files over DNS requests https://hakin9.org/dnsteal-dns-exfiltration-tool-for-stealthily-sending-files-over-dns-requests/ Tool-X is a Kali Linux hacking tools installer for Termux and linux system https://hakin9.org/tool-x-is-a-kali-linux-hacking-tools-installer-for-termux-and-linux-system/ Black Hat: Entropy - the solution to malvertising and malspam https://www.zdnet.com/article/black-hat-entropy-the-solution-to-malvertising/#ftag=RSSbaffb68 Black Hat: Hackers are using skeleton keys to target chip vendors https://www.zdnet.com/article/black-hat-hackers-are-now-using-cobalt-strike-and-skeleton-keys-to-target-semiconductor-firms/#ftag=RSSbaffb68 r00kie-kr00kie: PoC exploit for the CVE-2019-15126 kr00k vulnerability https://hakin9.org/r00kie-kr00kie-poc-exploit-for-the-cve-2019-15126-kr00k-vulnerability/ Analysts Detect New Banking Malware https://www.infosecurity-magazine.com/news/analysts-detect-new-banking/ Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots https://www.zdnet.com/article/black-hat-healthcare-senior-living-temi-robots-can-be-hijacked-remotely-by-hackers/#ftag=RSSbaffb68 Malwoverview https://github.com/alexandreborges/malwoverview Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs https://threatpost.com/black-hat-linux-spyware-stack-chinese-apts/158092/ Researcher Finds New Office Macro Attacks for MacOS https://www.darkreading.com/endpoint/researcher-finds-new-office-macro-attacks-for-macos/d/d-id/1338610?&web_view=true MS OFFICE IN WONDERLAND https://i.blackhat.com/asia-19/Thu-March-28/bh-asia-Hegt-MS-Office-in-Wonderland.pdf Black Hat: How hackers gain root access to SAP enterprise servers through SolMan https://www.zdnet.com/article/black-hat-solman-how-hackers-could-gain-root-access-to-sap-enterprise-servers/ Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach https://www.fireeye.com/blog/threat-research/2020/08/bypassing-masslogger-anti-analysis-man-in-the-middle-approach.html Agent Tesla | Old RAT Uses New Tricks to Stay on Top https://labs.sentinelone.com/agent-tesla-old-rat-uses-new-tricks-to-stay-on-top/ Mouse Framework is an iOS and macOS post-exploitation framework https://hakin9.org/mouse-framework-is-an-ios-and-macos-post-exploitation-framework/ mihari https://github.com/ninoseki/mihari spiderfoot https://github.com/smicallef/spiderfoot Defending Your Malware https://blog.dylan.codes/defending-your-malware/ Breaking through Windows’ defenses: Analyzing mLNK Builder https://research.checkpoint.com/2020/breaking-through-windows-defenses-analysing-mlnk-builder/ Gorgon APT targeting MSME sector in India https://www.seqrite.com/blog/gorgon-apt-targeting-msme-sector-in-india/ TeamViewer Flaw Could Let Hackers Steal System Password Remotely https://thehackernews.com/2020/08/teamviewer-password-hacking.html Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28 https://thehackernews.com/2020/08/zoom-software-vulnerabilities.html Capital One Fined $80 Million for 2019 Data Breach Affecting 106 Million Users https://thehackernews.com/2020/08/capital-one-data-breach.html Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers https://thehackernews.com/2020/08/chrome-csp-bypass.html A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly https://thehackernews.com/2020/08/vBulletin-vulnerability-exploit.html Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked https://thehackernews.com/2020/08/microsoft-software-patches.html Flaws in Samsung Phones Exposed Android Users to Remote Attacks https://thehackernews.com/2020/08/samsung-find-my-phone-hacking.html Contrast Community Edition Empowers Developers to Write Secure Code Faster https://thehackernews.com/2020/08/devops-appsec-cybersecurity.html Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers) https://thehackernews.com/2020/08/citrix-endpoint-management.html RedCurl cybercrime group has hacked companies for three years https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/#ftag=RSSbaffb68 APT Group “RedCurl” Has Been Stealing Sensitive Data for Three Years https://www.technadu.com/apt-group-redcurl-stealing-sensitive-data-three-years/174591/ RedCurl https://www.group-ib.com/resources/threat-research/red-curl.html Case Study: Catching a Human-Operated Maze Ransomware Attack In Action https://labs.sentinelone.com/case-study-catching-a-human-operated-maze-ransomware-attack-in-action/ Hackers combine two unpatched Microsoft zero-days in attack on South Korean firm https://www.itpro.co.uk/security/cyber-security/356761/hackers-chained-two-unpatched-microsoft-zero-days-to-attack-south Contradicting Israel, cybersecurity firm says N. Korea breached defense industry https://www.timesofisrael.com/cybersecurity-firm-n-korea-hack-successfully-breached-israel-defense-industry/ F.商業以法遵思維出發的資安防禦平台，從閘道到端點的全面防護 https://www.ithome.com.tw/pr/139251 思科攜手工業局打造首座5G開放式架構「企業專網」實驗平台 https://www.chinatimes.com/realtimenews/20200807003092-260410?chdtv 趨勢科技推出「雲端偵測及回應 (XDR)」與託管式偵測及回應 (Managed XDR) 服務 https://reurl.cc/ZORLdl 三竹拚跨境電商打國際盃 https://money.udn.com/money/story/5649/4768680 駭客每39秒攻擊一次駭出台幣3兆元資安市場 https://ec.ltn.com.tw/article/paper/1392101 中華資安國際攜手奧義智慧資安國家隊推「AI巡檢包」 https://money.udn.com/money/story/5612/4770011 Fortinet launches 4400F hyperscale data center, 5G firewall, reports strong Q2 https://www.zdnet.com/article/fortinet-launches-4400f-hyperscale-data-center-5g-firewall/#ftag=RSSbaffb68 G.政府數位發展部，「發展」什麼 https://reurl.cc/MvYKov 台灣「乾淨網路」鄭文燦：4年前就超前部署 https://ec.ltn.com.tw/article/paper/1391709 政府機關資安弱點通報機制(VANS)實作訓練 https://ppt.cc/fUierx 政府組態基準(GCB)實作研習活動Windows 10組態設定說明 https://ppt.cc/fxhmJx H.工控系統/ICS/SCADA 相關資安 Delta Electronics TPEditor 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16225 Data Loss Protection (DLP) for ICS/SCADA https://securityboulevard.com/2020/07/data-loss-protection-dlp-for-ics-scada/ SCADA & Security of Critical Infrastructures [Updated 2020] https://securityboulevard.com/2020/07/scada-security-of-critical-infrastructures-updated-2020/ ICS/SCADA Wireless Attacks https://securityboulevard.com/2020/07/ics-scada-wireless-attacks/ INDUSTRIAL CONTROL SYSTEMS SECURITY SOFTWARE MARKET ANALYSIS https://www.express-journal.com/industrial-control-systems-security-software-market-169428/ I.教育訓練 Modbus Traffic Capture Analysis [FREE COURSE CONTENT] https://pentestmag.com/modbus-traffic-capture-analysis-free-course-content/ Incident response: How to use OSINT https://blog.eccouncil.org/incident-response-how-to-use-osint/ Have I Been Pwned to release code base to the open source community https://www.zdnet.com/article/have-i-been-pwned-to-release-code-base-to-the-open-source-community/#ftag=RSSbaffb68 J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 OpenAI 推出全新 NLP 模型 GPT-3，可能有與區塊鏈技術相提並論的潛力 https://technews.tw/2020/07/21/new-natural-language-processing-model-may-be-biggest-thing-since-bitcoin/ 結合居家防護與智慧物聯網的電子鎖 https://www.inside.com.tw/article/20530-Electroniclocks 聯網安全「面面俱到」：物聯網裝置、傳輸、雲端的全方位安全對策 http://www.netadmin.com.tw/netadmin/zh-tw/video/18063FF96B244AE7B766CC25B571C4BE 物聯網安全高峰論壇特別報導 https://www.netadmin.com.tw/files/event/20191127event/pagemain.html 6.近期資安活動及研討會高雄場-資安趨勢暨物聯網(IoT)資安探討 8/17 https://tacert.mis.nsysu.edu.tw/p/404-1257-207359.php 「公司守個資，資安動起來!」－經濟部工業局109年企業個人資料保護暨資訊安全宣導說明會 8/18 https://stli.iii.org.tw/news-event.aspx?no=16&d=1040 DevDays Asia 2020 Online 亞太技術年會 8/19 8/20 8/21 8/25 8/26 https://seminar.ithome.com.tw/public/live/devdays/ ClassNK 2020台灣技術研討會 8/19、8/26北高登場 https://times.hinet.net/news/23003850 物聯網(IoT)資安防護設計與強化實作培訓班 8/19 ~ 8/21 https://www.moea.gov.tw/Mns/populace/news/NewsAction.aspx?kind=4&menu_id=43&news_id=90845 【資安初階課程】Google hacking & Shodan實務上課時間： 2020/8/20 (四) 09:30 ～ 16:30 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3905&from_course_list_url=homepage 臺北場-資安趨勢暨網路攻防技術 8/20 https://tacert.mis.nsysu.edu.tw/p/404-1257-237050.php 醫療資訊安全技術實作培訓班 8/20 ~ 8/22 https://www.moeaidb.gov.tw/external/ctlr?PRO=indpark.BulletinView&id=21154&lang=0 「資安管理與個資保護落實之新觀念與新趨勢」教育訓練 8/21 https://reurl.cc/pdlX3r 自然語言處理技術再進化，Google BERT讓聊天機器人更能理解人類意圖，進入全新境界 8/22 https://www.techbang.com/posts/78985-course-bert-technology-practice 資安事故處理實務課程－109年度「資安人才培訓及國際推展計畫－資安專業人才培育深化課程」 8/22 https://www.cisanet.org.tw/News/activity_more?id=MTUyOA== SDN x Cloud Native Meetup - Webinar 海外篇 #5 8/22 https://www.meetup.com/CloudNative-Taiwan/events/272097499/ NISRA Enlightened 2020 8/24 https://nisra.kktix.cc/events/2020enlightened 中華電信學院 109 年暑期 CCNA 網通證照實戰營(高雄) 8/24 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=172 「物聯網世界新常態的資安挑戰和機會研討會」 8/25 https://www.acw.org.tw/News/Detail.aspx?id=1142 中華電信學院無人機操控證照輔導班基本級2KG以下(高雄平日全科班) 8/22 ~ 8/28 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=166 開源碼網管軟體實作(高雄上機實作)8/26 https://tacert.mis.nsysu.edu.tw/p/404-1257-207353.php 中華電信學院資通安全專業課程訓練勒索軟體與釣魚平台防護實務 8/27 ~ 8/28 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=63 智慧工控與智慧電網資安風險與防護研討會 8/28 https://www.beclass.com/rid=2443d1b5f23d8632b23a 交通大學亥客書院新世代企業資安治理: 現今企業經營所面臨之挑戰 8/28 https://hackercollege.nctu.edu.tw/?p=1190 中華電信學院資通安全專業課程訓練網站弱點偵測與防護管理 9/4 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=58 交通大學亥客書院電子郵件之偽造攻擊與防護措施 9/5 https://hackercollege.nctu.edu.tw/?p=1203 台灣駭客年會 HITCON Training 2020 9/5 https://hitcon.kktix.cc/events/hitcon-training-2020 台灣駭客年會 HITCON Training 2020 - 學生報名 9/5 https://hitcon.kktix.cc/events/hitcon-training-2020-student 認證系統安全從業人員 SSCP 輔導班 9/5 ~ 9/13 https://www.iiiedu.org.tw/courses/asq902t2001/ 中華電信學院資通安全專業課程訓練物聯網資安威脅與實務 9/9 ~ 9/11 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=54 邊緣計算系統之大數據與深度學習應用 9/11 https://reurl.cc/62OD9k HITCON 2020 台灣駭客年會 9/11 https://hitcon.kktix.cc/events/hitcon-2020 交通大學亥客書院基礎網頁安全與滲透測試 9/12 https://hackercollege.nctu.edu.tw/?p=1205 數據分析與機器學習案例實務(二)應用實例上課時間： 2020/9/14 (一) 09:30 ～ 16:30 https://reurl.cc/1xAoMp 【單元課程班-認列董監進修時數】開始報名，「資安戰略對企業發展關鍵意義及資安治理與防護」109/10/15 https://reurl.cc/AqGdlQ 中華電信學院資通安全專業課程訓練 Web應用滲透測試 9/16 ~ 9/17 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=167 邊緣計算系統之大數據與深度學習應用上課時間： 2020/9/18 (五) 09:30 ～ 16:30 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3895&from_course_list_url=homepage 交通大學亥客書院緩衝區溢位攻擊與預防 10/17 https://hackercollege.nctu.edu.tw/?p=1207 中華電信學院自主式移動機器人ROS開發實戰班 10/20 ~ 10/23 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=188 交通大學亥客書院入侵行為發覺與應變指南 10/24 https://hackercollege.nctu.edu.tw/?p=1214 交通大學亥客書院進階網頁滲透測試 10/31 https://hackercollege.nctu.edu.tw/?p=1216 交通大學亥客書院阻斷服務攻擊/分散式阻斷服務攻擊/Botnet 11/7 https://hackercollege.nctu.edu.tw/?p=1218 交通大學亥客書院基礎網站安全建構實務 11/14 https://hackercollege.nctu.edu.tw/?p=1220 交通大學亥客書院系統防護及內網威脅通報應變實戰班 11/17、11/24 http://service.tabf.org.tw/tw/user/409646/course1-4.htm 交通大學亥客書院惡意程式檢測實務 11/21 11/28 https://hackercollege.nctu.edu.tw/?p=1222 交通大學亥客書院高階網頁滲透測試 12/5 12/12 https://hackercollege.nctu.edu.tw/?p=1224 交通大學亥客書院系統滲透測試與漏洞利用 12/19 https://hackercollege.nctu.edu.tw/?p=1226 交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16 https://hackercollege.nctu.edu.tw/?p=1228 交通大學亥客書院企業網域控管－Active Directory攻擊與防禦 2021/1/23 https://hackercollege.nctu.edu.tw/?p=1230