資安事件新聞週報 2020/10/12 ~ 2020/10/16

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/10/12 ~ 2020/10/16 1.重大弱點漏洞/後門/Exploit/Zero Day Radeon 驅動發現漏洞可致 BSOD 死機 https://reurl.cc/k0oj7q VMware vCenter Server 任意文件讀取漏洞通告 https://cert.360.cn/warning/detail?id=d50172ef4c867ec7b4735cb1cc366bc1 駭客發現蘋果網路 55 個安全漏洞，其中 11 項標記為「高危險」等級 https://technews.tw/2020/10/15/researchers-found-55-flaws-in-apples-corporate-network/ 55 New Security Flaws Reported in Apple Software and Services https://thehackernews.com/2020/10/apple-security.html 微軟推出十月 Patch Tuesday 資安更新修補包，共修復 87 個資安漏洞 https://www.twcert.org.tw/tw/cp-104-4061-59594-1.html 微軟加強驅動程式驗證可能引發Windows 10錯誤訊息 https://www.ithome.com.tw/news/140550 Microsoft Azure 遭發現漏洞，駭侵者可能接管用戶伺服器 https://www.twcert.org.tw/tw/cp-104-4047-28bc3-1.html Researchers Find Vulnerabilities in Microsoft Azure Cloud Service https://thehackernews.com/2020/10/microsoft-azure-vulnerability.html 美國網戰司令部要求立即修補 Windows TCP/IP 漏洞 https://www.twcert.org.tw/tw/cp-104-4063-8722a-1.html Ping of Death：速修復TCP/IP RCE 漏洞CVE-2020-16898 https://blog.csdn.net/smellycat000/article/details/109108608 微軟WINDOWS TCP/IP堆疊存在安全漏洞(CVE-2020-16898)，允許攻擊者遠端執行任意程式碼，請儘速確認並進行更新 https://www.isda.org.tw/2020/10/16/86aaf73a18de9162ed9ef1a4b540cda1/ US Cyber Command: Patch Windows 'Bad Neighbor' TCP/IP bug now https://www.bleepingcomputer.com/news/security/us-cyber-command-patch-windows-bad-neighbor-tcp-ip-bug-now/ Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs https://thehackernews.com/2020/10/windows-tcp-ip-patch-tuesday.html Vulnerability Spotlight: Denial-of-service vulnerabilities in Allen-Bradley Flex I/O https://blog.talosintelligence.com/2020/10/vuln-spotlight-allen-bradley-dos-flex-io.html CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898 Security Bulletin: Unzip as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2019-13232) https://www.ibm.com/support/pages/node/6347610 Security Bulletin: Apache Derby as used by IBM QRadar SIEM is vulnerable to Improper Input Validation (CVE-2018-1313) https://www.ibm.com/support/pages/node/6347642 Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities https://www.ibm.com/support/pages/node/6347588 Security Bulletin: IBM Security Guardium is affected by a jackson-databind vulnerability https://www.ibm.com/support/pages/node/6347600 Security updates available for Adobe Flash Player | APSB20-58 https://helpx.adobe.com/security/products/flash-player/apsb20-58.html IBM Security Guardium Security Bulletins - October 7th, 2020 https://exchange.xforce.ibmcloud.com/collection/489dd48d93112953fb164c8d4e453428 Cisco Security Advisories - October 07 https://exchange.xforce.ibmcloud.com/collection/0fb12cb8245a2d0c6a27f78a3cb1b92d Linux 內核曝嚴重藍牙漏洞，影響多個版本 https://www.chainnews.com/zh-hant/articles/733257907701.htm 谷歌和英特爾警告Linux中存在高嚴重的藍牙安全漏洞 https://kknews.cc/tech/g4pzxj8.html CVE-2020-12351/12352/24490：linux內核BlueZ遠程代碼執行漏洞 https://cert.360.cn/warning/detail?id=dcc4472b567e3ded25c1385fe3bbe247 盤點近期網絡安全漏洞 https://kknews.cc/tech/44bp84q.html IProom MMC+ Server - URL Redirection to Untrusted Site ('Open Redirect') https://www.twcert.org.tw/tw/cp-132-4053-6e9a2-1.html 2020-10 補丁日: SAP多個產品高危漏洞安全風險通告 https://blog.csdn.net/weixin_45728976/article/details/109097206 2.銀行/金融/保險/證券/支付系統/ 新聞及資安手機綁定信用卡支付藏「資安隱憂」！專家建議「這樣做」 http://www.nexttv.com.tw/NextTV/News/Home/Society/2020-10-15/273989.html 紐約州金融服務部敦促設立專門機構監督大型社交媒體平台 https://reurl.cc/q8YjN0 韓國多家銀行近日遭受DDoS勒索攻擊 https://www.twcert.org.tw/tw/cp-104-4055-692d5-1.html 金融監理規範若不夠開放，創新很難實踐！3 大關鍵揭銀行服務未來式 https://meet.bnext.com.tw/articles/view/46975 【企業RPA實例：國泰金控】業務人員變身素人開發者，大力擁抱RPA加快數位轉型 https://www.ithome.com.tw/news/140422 Credit card skimmer targets virtual conference platform https://www.redpacketsecurity.com/credit-card-skimmer-targets-virtual-conference-platform/ 3.電子支付/行動支付/pay/資安陳德霖開數碼錢包支付公司中資眾安雲鋒入股將與各國商合作 https://reurl.cc/GrNRKp 行動支付/電子支付哪裡不一樣？2020 四大行動支付比一比 https://reurl.cc/Oqm8M3 每2.8人就有1人用LINE Pay、街口用戶破350萬，兩大支付龍頭下個考驗是什麼 https://www.bnext.com.tw/article/59597/mobile-payment-trend-2020 街市資助租戶用電子支付 https://hk.appledaily.com/local/20201016/QCALPWBVGJA4DH77QIHBG3SP3M/ LINE Pay獲2020財訊金融獎「最佳行動支付」 https://www.chinatimes.com/realtimenews/20201016004282-260410?chdtv 疫情間電子支付遽增歐洲央行評估發行虛擬歐元 https://www.rti.org.tw/news/view/id/2081985 網家衝刺行動支付業務 https://udn.com/news/story/7254/4935575?from=udn-catelistnews_ch2 中國央行：2020年及未來一段時期，電子支付普及率有望繼續提升，移動支付 https://news.sina.com.tw/article/20201015/36591270.html 菲律賓促進電子支付推動國民新身分識別系統 https://money.udn.com/money/story/5602/4933305 連結行動支付扣款失敗北富銀：僅街口暫無法使用 https://reurl.cc/ygAjvD 全聯PX Pay婆媽部隊更勝網軍！3成台灣人都愛用的關鍵曝光 https://money.udn.com/money/story/5648/4937975 4.加密貨幣/挖礦/區塊鍊資安央行數位貨幣向左，區塊鏈向右 http://big5.ftchinese.com/story/001089745?full=y Robinhood 驚傳資安危機！Netflix股票遭賣、帳戶盜領「29萬全飛」 https://www.ettoday.net/news/20201015/1832187.htm XREX 上線七週，CipherTrace 偵測到第一件可疑比特幣洗錢案 https://www.inside.com.tw/article/21236-XREX-has-been-online-for-seven-weeks-and-detected-the-first-suspicious-Bitcoin-transfer 虛假更新致ELECTRUM錢包APP用戶兩年被竊取超2400萬美元的資產 https://reurl.cc/e8k4m7 習近平「南巡」之際　數字人民幣在深圳首測有何看點 https://www.bbc.com/zhongwen/trad/business-54536796 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 美國網戰司令部與微軟公司，同時開始對抗意圖駭侵美國大選的 TrickBot 僵屍網路 https://www.twcert.org.tw/tw/cp-104-4058-11e8e-1.html IAmTheKing and the SlothfulMedia malware family https://securelist.com/iamtheking-and-the-slothfulmedia-malware-family/99000/ Deep Analysis – The EKING Variant of Phobos Ransomware https://www.fortinet.com/blog/threat-research/deep-analysis-the-eking-variant-of-phobos-ransomware Lemon Duck brings cryptocurrency miners back into the spotlight https://blog.talosintelligence.com/2020/10/lemon-duck-brings-cryptocurrency-miners.html Alert (AA20-283A) APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations https://us-cert.cisa.gov/ncas/alerts/aa20-283a APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations https://us-cert.cisa.gov/sites/default/files/publications/AA20-283A-APT_Actors_Chaining_Vulnerabilities.pdf There’s a New a Golang-written RAT in Town https://labs.bitdefender.com/2020/10/theres-a-new-a-golang-written-rat-in-town/ Watch Out — Microsoft Warns Android Users About A New Ransomware https://thehackernews.com/2020/10/android-ransomware-lock.html ALERT! Hackers targeting IoT devices with a new P2P botnet malware https://thehackernews.com/2020/10/p2p-iot-botnet.html New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild https://thehackernews.com/2020/10/uefi-bootkit-malware.html Microsoft and Other Tech Companies Take Down TrickBot Botnet https://thehackernews.com/2020/10/trickbot-computer-virus.html FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks https://thehackernews.com/2020/10/fin11-hackers-spotted-using-new.html Police Raided German Spyware Company FinFisher Offices https://thehackernews.com/2020/10/finfisher-spyware-raid.html "Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon https://www.advanced-intel.com/post/front-door-into-bazarbackdoor-stealthy-cybercrime-weapon Software AG IT giant hit with $23 million ransom by Clop ransomware https://www.bleepingcomputer.com/news/security/software-ag-it-giant-hit-with-23-million-ransom-by-clop-ransomware/ Somewhere over the RAINBOW(MIX) https://www.whiteops.com/blog/somewhere-over-the-rainbowmix New pastebin-like service used in multiple malware campaigns https://blogs.juniper.net/en-us/threat-research/new-pastebin-like-service-used-in-multiple-malware-campaigns HEH, a new IoT P2P Botnet going after weak telnet services https://blog.netlab.360.com/heh-an-iot-p2p-botnet/ There’s a New a Golang-written RAT in Town https://labs.bitdefender.com/2020/10/theres-a-new-a-golang-written-rat-in-town/ The FONIX RaaS | New Low-Key Threat with Unnecessary Complexities https://labs.sentinelone.com/the-fonix-raas-new-low-key-threat-with-unnecessary-complexities/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G 完成網路安全協定！印度與日本將在 5G、物聯網、AI合作 https://www.inside.com.tw/article/21183-india-and-japan-cooperation 支付寶團隊回應手機黑產：人臉識別未被突破，受害人沒被套到錢和信息 https://www.freebuf.com/news/251550.html 一部手機失竊而揭露的竊取個人信息實現資金盜取的黑色產業鏈 https://www.freebuf.com/articles/network/249294.html 國外開發商如何解決 APP 開發中最耗時花人力的「錯誤修正溝通」，甚至神預測使用者的操作模式 https://buzzorange.com/techorange/2020/10/16/app_development_seetest_platform/ Twitter將更改受駭客攻擊材料政策，此前過濾《紐約郵報》文章引軒然大波 https://reurl.cc/3LMlLO 推特清晨大當機官方：沒有證據顯示為駭客入侵 https://m.ltn.com.tw/news/world/breakingnews/3322926 Zoom點對點加密 4階段堵保安漏洞 http://startupbeat.hkej.com/?p=93928 中國聯通：未發佈過「斷卡」行動公告 https://news.sina.com.tw/article/20201016/36597934.html Android 11 測試版新增與 iOS 類似的暫時釋放 app 佔用記憶體功能以降低電力損耗 https://www.cool3c.com/article/157450 Apple T2 晶片遭發現存有無法修復的資安漏洞，可能導致駭侵者取得 root 權限 https://www.twcert.org.tw/tw/cp-104-4044-ff2a5-1.html 研究人員展示以客製化USB-C纜線破解MacBook Pro上的T2晶片 https://www.ithome.com.tw/news/140516 【5G手機】三星Galaxy S20 FE推出不足一個月　用家投訴不斷 https://reurl.cc/XkQYEE Fitbit gallery can be used to distribute malicious apps https://www.bleepingcomputer.com/news/security/fitbit-gallery-can-be-used-to-distribute-malicious-apps/ Research:Can you build spyware for a Fitbit https://www.immersivelabs.com/resources/blog/fitbit-spyware/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件【暗網奇談Ep.3】甚麼都能賺？暗網「萬能黑市」逛到心膽寒..殺手駭客任你挑 https://ck101.com/thread-5280036-1-1.html?ref=channel_newest_index 9分鐘5千票完售？搶看《DD52》演唱會「系統當機」 https://star.ettoday.net/news/1831157?redirect=1 出道1個月票9分鐘賣光「G.O.F」演唱會遭黃牛入侵 https://reurl.cc/Mdzx4K FBI 警告美國大眾，提防經由旅館 Wi-Fi 網路連線遠距工作的資安風險 https://www.twcert.org.tw/tw/cp-104-4046-6b751-1.html 微軟ELASTICSEARCH伺服器遭駭客攻擊刪除6.5TB用戶資料 https://www.isda.org.tw/2020/10/15/76a05f9113d9306fb3b4bd9e4a0ee524/ 5萬多支亞洲室內監控遭駭！不雅影片遭上傳成人網站 https://reurl.cc/4mN71V 駭客入侵大量住家網路攝影機　出浴哺乳更衣房事全上網賣 https://tw.appledaily.com/international/20201013/4BXIBPEECRFKNHFOUAIGOYDKBE/ 若中天被撤照=總統府洩密案是真的？NCC全體同意2委員不需迴避 https://cnews.com.tw/134201016a02/ Switch改機破解晶片遭破解任天堂「最強法務」又頭痛了 https://udn.com/news/story/7086/4939585 阻駭客操控美國大選！微軟攔截大規模網攻行動 https://reurl.cc/2gQkm9 拜登之子電腦檔案外洩登小報　臉書推特禁分享川普開罵「糟透了」 https://tw.appledaily.com/international/20201015/3TUHJEAXKBHFFJLBWKUFN5QNCU/ 中國防火牆世界最嚴格！連6年被認證「全球最差」國家 https://www.storm.mg/article/3111402 挪威政府聲稱8月國會遭駭是俄羅斯駭客所為 https://www.ithome.com.tw/news/140530 英情報頭子：陸是英最大長期威脅危險程度比俄更高 https://www.chinatimes.com/realtimenews/20201015004787-260409?chdtv 大選在即！推特再祭規範禁自行宣布當選、轉發錯誤推文拒操弄選情 https://reurl.cc/Z7N5GQ 推特禁拜登電郵門報導執行長認有瑕疵、將被國會傳喚 https://money.udn.com/money/story/10511/4940043 緊咬對手兒子「電郵門」與中企交易川普轟背叛美國：拜登贏中國贏 https://newtalk.tw/news/view/2020-10-16/480047 美國最大連鎖書店Barnes and Noble遭駭客入侵，從企業網路、實體書店到Nook服務全面停擺 https://www.ithome.com.tw/news/140562 台灣、美國、日本舉辦智財權研討會　印太地區18國參與 https://www.taiwannews.com.tw/ch/news/4030768 民主國家必定抵制！看個抖音都有資安疑慮了聯合國竟在中國建數據中心 https://www.rti.org.tw/news/view/id/2082335 Silent Librarian APT right on schedule for 20/21 academic year https://blog.malwarebytes.com/malwarebytes-news/2020/10/silent-librarian-apt-phishing-attack/ India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why https://thehackernews.com/2020/10/covid-19-india-cyberattacks.html Sam's Club customer accounts hacked in credential stuffing attacks https://www.bleepingcomputer.com/news/security/sams-club-customer-accounts-hacked-in-credential-stuffing-attacks/ Data watchdog issues biggest ever fine over airline cyberattack https://www.zdnet.com/article/data-watchdog-issues-biggest-ever-fine-over-airline-cyberattack/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞詐騙全聯1500萬點數 2嫌遭法辦 https://www.epochtimes.com/b5/20/10/15/n12478154.htm 鑽APP漏洞詐全聯！推薦會員200點 https://pttcareer.com/soft_job/M.1602787116.A.4C4.html 點數詐現金!全聯PX Pay遭破解 8折轉賣撈120萬 https://reurl.cc/d5ajXq 伊朗APT駭客組織鎖定全球12所大學發動網路釣魚攻擊 https://www.ithome.com.tw/news/140565 Barnes & Noble 系統遭入侵　顧客個人資料被盜 https://unwire.pro/2020/10/16/barnes-noble-cybersecurity-attack/security/ 內部人士透露，遭駭客入侵的 Robinhood 帳戶數量恐接近 2,000 個 https://www.abmedia.io/robinhood-hack-larger-previously-thought-reports/ 沒有想像中安全？FBI警告：智慧電視隱私保護有隱憂 https://news.sina.com.tw/article/20201015/36592196.html 情報單位上月研判：俄羅斯以真假電郵製造「十月驚奇」 https://www.worldjournal.com/wj/story/121468/4939285 美大選十月驚奇頻發或持續到明年1月 https://www.epochtimes.com/b5/20/10/16/n12479903.htm 中正大學資安大出包！5年學生個資寄給200人 https://reurl.cc/x03j7b 前員工疑竊營業祕密安永發三點聲明 https://udn.com/news/story/7240/4934963?from=udn-ch1_breaknews-1-cate6-news 安永會計爆內鬼前主管涉竊機密遭約談 https://reurl.cc/x03jLz Agile Threat Actors Pivot from COVID-19 to Voter Registration Themes in Phishing Lures https://www.proofpoint.com/us/blog/threat-insight/agile-threat-actors-pivot-covid-19-voter-registration-themes-phishing-lures A Self-Service Password Reset Project Can Be A Quick Win For IT https://thehackernews.com/2020/10/password-reset-software.html Chowbus delivery service breached, hacker emails data to users https://www.bleepingcomputer.com/news/security/chowbus-delivery-service-breached-hacker-emails-data-to-users/ E.研究報告誰溫暖了資安部系列 https://ithelp.ithome.com.tw/users/20006132/ironman/3564 資安這條路─以自建漏洞環境學習資訊安全系列 https://ithelp.ithome.com.tw/users/20108446/ironman/3463 Envoy as a gRPC Load Balancer in Kubernetes https://telegra.ph/Envoy-as-a-gRPC-Load-Balancer-in-Kubernetes-09-30 IoT Security: How to Search for Vulnerable Connected Devices https://pentestmag.com/iot-security-how-to-search-for-vulnerable-connected-devices/ Most Important Computer Forensics Tools for Hackers and Security Professionals https://gbhackers.com/computer-forensics-tools/ Hacking Android phone remotely using Metasploit https://medium.com/@irfaanshakeel/hacking-android-phone-remotely-using-metasploit-43ccf0fbe9b8 Operation Quicksand https://www.clearskysec.com/operation-quicksand/ Operation Quicksand MuddyWater’s Offensive Attack Against Israeli Organizations https://www.clearskysec.com/wp-content/uploads/2020/10/Operation-Quicksand.pdf Two New IoT Vulnerabilities Identified with Mirai Payloads https://unit42.paloaltonetworks.com/iot-vulnerabilities-mirai-payloads/ Operation “Space Race”:Reaching the stars through professional Social Networks https://www.telsy.com/wp-content/uploads/Operation_Space_Race.pdf Metasploit Shellcodes Attack Exposed Docker APIs https://www.trendmicro.com/en_us/research/20/j/metasploit-shellcodes-attack-exposed-docker-apis.html TeamT5 Information Operation White Paper(Part 1 of 3): Observations on 2020 Taiwanese General Elections https://teamt5.org/en/posts/teamt5-information-operation-white-paper-observations-on-2020-taiwanese-general-elections/ TeamT5 Information Operation White Paper (Part 2 of 3): China’s Digital Propaganda Formula inside the Great Firewall https://teamt5.org/en/posts/teamt5-information-operation-white-paper-china-s-digital-propaganda-formula-inside-the-great-firewall/ TeamT5 Information Operation White Paper (Part 3 of 3): China’s Social Manipulation outside the Great Firewall https://teamt5.org/en/posts/info-op-white-paper-iii-china-s-social-manipulation-outside-the-great-firewall/ MontysThree: Industrial espionage with steganography and a Russian accent on both sides https://securelist.com/montysthree-industrial-espionage/98972/ CVE-2020-16898 https://github.com/advanced-threat-research/CVE-2020-16898 OSINT experiment: Trying to scrape completed contact forms https://medium.com/daniels-tech-world/osint-experiment-trying-to-scrape-completed-contact-forms-2688637328af Millhouse-Project https://github.com/thrsrossi/Millhouse-Project thrsrossi Millhouse-Project 1.414 Cross Site Scripting https://packetstormsecurity.com/files/155103/thrsrossi-Millhouse-Project-1.414-Cross-Site-Scripting.html c41n - an automated Rogue Access Point setup tool https://hakin9.org/c41n-an-automated-rogue-access-point-setup-tool/ F.商業立德國際資訊安全認證服務助攻5G與工業物聯網 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000595954_ngol3qlb495p4p5irnz6k 拚綠能供應鏈進軍國際總統接見風電產業領袖 https://reurl.cc/r8Yjxy 取得零信任存取專利技術　完善SASE框架核心要件軟體定義資安鐵三角　搭建整合式雲端安全 http://www.netadmin.com.tw/netadmin/zh-tw/trend/C13AD10D8D1343ADBDA02216AB95F860 台灣微軟首場資安高峰會 10/19 登場，5 大資安議題線上開講 https://technews.tw/2020/10/13/microsoft-security/ 微軟首辦資安高峰會　揭微軟智慧資安最新技術與趨勢 https://tw.appledaily.com/property/20201014/TRX2KZ4TOFBXVMLUAHAEOKX2GE/ 【RPA主要廠牌：Blue Prism】20年經驗建立RPA方法論，主打物件導向開發瞄準大企業 https://www.ithome.com.tw/news/140464 網擎數位存證信函 3步驟寄發省成本 https://money.udn.com/money/story/5640/4933885 G.政府立院每年遭駭550萬次資安受關注 https://udn.com/news/story/6656/4939395 立院每年遭550萬次駭客攻擊！資訊處：都沒讓駭客成功 https://udn.com/news/story/6656/4937026?from=udn_mobile_indexrecommend 淘寶台灣遭認定中資將停運王美花：目前沒其他案 https://money.udn.com/money/story/5613/4937910 與孩子一起認識「美國資安意識月」 https://isafe.moe.edu.tw/article/2425?user_type=3&topic=9 NCC委員「任務」在身？難躲質疑 https://udn.com/news/story/121744/4936320 科偵法彙整意見中蔡清祥：修正後再進行立法 https://www.chinatimes.com/realtimenews/20201014004355-260402?chdtv 指中資假借外資港資來台大漏洞經民連批金管會毫無作為 https://m.ltn.com.tw/news/politics/breakingnews/3322074 中共告台灣書又來了這回給情治部門 https://www.cna.com.tw/news/firstnews/202010150102.aspx 資安專家幫企業找問題！工研院在9/23~9/25限時推出「資安問診室」，現場直擊 https://www.techbang.com/posts/81547-security-experts-help-you-fill-in-the-leak-directly-hit-the 漏氣？大陸吹噓台諜總統府洩密案卻找不到駭客 https://www.worldjournal.com/wj/story/121222/4931541 央視再爆台2學者是間諜陸委會轟又栽贓 https://reurl.cc/Oqm8G3 H.工控系統/ICS/SCADA 相關資安 ICS-CERT Security Advisories - October 13th, 2020 https://exchange.xforce.ibmcloud.com/collection/3df8f524e351700efc5ba2ea36af2a00 ICS-CERT Security Advisories - October 8th, 2020 https://exchange.xforce.ibmcloud.com/collection/35566cee355c17fb5cc1764f7f0a275a 完善 STM32 產品線，意法半導體加速工業自動化應用腳步 https://technews.tw/2020/10/14/stmicroelectronics-stm32-series/ I.教育訓練 TLS and ISO OSI Reference Model https://wentzwu.com/2020/10/09/tls-and-iso-osi-reference-model/ Creating DICOM Associations in Ensemble https://reurl.cc/odVbZD OSCP Training VM’s hosted on Vulnhub.com https://medium.com/@andr3w_hilton/oscp-training-vms-hosted-on-vulnhub-com-22fa061bf6a1 網路安全駭客攻防實錄恆盛杰資訊碁峰資訊 190701B https://www.ruten.com.tw/item/show?22042668586076 J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 ETC舉辦【智慧電網資安與互通性檢測技術研討會_智慧電網資安、OpenADR需量反應與CNS16014智慧家電】 http://www.taiseia.org.tw/Industry/industry_more?id=1180 鴻海研究院資安所目標車用ECU安全保護 https://video.udn.com/news/1189128 智慧安防公會成立扮演產業及政府溝通重要橋樑 https://money.udn.com/money/story/5612/4940700 反轉全球安控產業市場智慧安防公會服務處正式啟用 https://www.chinatimes.com/realtimenews/20201016004474-260410?chdtv 製程安全快速一把罩「5G ×資安×智慧製造」 http://n.yam.com/Article/20201016628982 連網智慧門鈴應用　隱私與執法如何平衡 https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&id=0000592977_N2OLSB19604HJK8IHBVSD 6.近期資安活動及研討會交通大學亥客書院緩衝區溢位攻擊與預防 10/17 https://hackercollege.nctu.edu.tw/?p=1207 【Azure】Microsoft Azure Security Technologies 微軟雲端安全技術認證課程 10/17 https://www.accupass.com/event/2005280846381043060110 Raspberry Pi 4+Google AIY Voice Kit，打造智慧語音助理 10/17 https://www.techbang.com/posts/81150-raspberry-pi-4google-aiy-voice-kit 無痛上手 RPA (Robotic Process Automation)流程機器人 10/20 https://www.meetup.com/Taipei-Agile-AI/events/273431914/ 中華電信學院自主式移動機器人ROS開發實戰班 10/20 ~ 10/23 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=188 硬體與晶片資安工作坊，歡迎踴躍報名參加 10/23 https://www.tca.org.tw/exhibit_info1.php?n=1272 交通大學亥客書院入侵行為發覺與應變指南 10/24 https://hackercollege.nctu.edu.tw/?p=1214 國家高速網路與計算中心【資安進階課程】資安情資分析手法與實務 10/27 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3924&from_course_list_url=course_index 交通大學亥客書院進階網頁滲透測試 10/31 https://hackercollege.nctu.edu.tw/?p=1216 [廣宣學堂] 架構即程式碼深入實戰班 - Infrastructure as Code (IaC Day2) 10/31 https://broadmission.kktix.cc/events/iac-day2 國家高速網路與計算中心邊緣計算系統之大數據與深度學習應用 11/6 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3895&from_course_list_url=course_index 交通大學亥客書院阻斷服務攻擊/分散式阻斷服務攻擊/Botnet 11/7 https://hackercollege.nctu.edu.tw/?p=1218 資安防護實務與情境演練 2020-11-11 至 2020-11-13 https://cybersecurity.tisnet.com.tw/Home/SignUp/1082 交通大學亥客書院基礎網站安全建構實務 11/14 https://hackercollege.nctu.edu.tw/?p=1220 Gopher Conference Taiwan 2020 11/14 https://www.meetup.com/golang-taipei-meetup/events/272815117/ 交通大學亥客書院系統防護及內網威脅通報應變實戰班 11/17、11/24 http://service.tabf.org.tw/tw/user/409646/course1-4.htm 資安社 - VR 大學之道 11/18 https://nsysuisc.kktix.cc/events/vr2020 Google Cloud 資安攻略，打造更安全的雲端環境｜Google Cloud Security Overview 11/20 https://www.accupass.com/event/2008100235425139714960 【遠端監控在家上班】企業機密資訊安全及提升效率實作 10/23 https://www.accupass.com/event/2008260330053701468420 深耕計畫演講-基於了解駭客攻擊手法及思路的網路安全防禦方式 10/23 https://reurl.cc/A83e6Y InfoSec Taiwan 2020 - Workshop 實作課程 11/2 https://event.twcsa.org/site/course/7y4p3J0m_oL6h-WZ9XNXcQ.. InfoSec Taiwan 2020 - Briefing 年會 11/3 https://event.twcsa.org/site/course/5t2kIENz-rXMDMsfG5FgQA.. [台灣網路講堂]域名之扣押與沒收以司法實務操作為中心 11/20 https://www.ihub.tw/Calendar/ihub20201120 Google Cloud 資安攻略，打造更安全的雲端環境｜Google Cloud Security Overview 11/20 https://www.accupass.com/event/2008100235425139714960 Cyberspace 2020聯合研討會 11/20 https://cyber2020.cc-isac.org/announce.php 交通大學亥客書院惡意程式檢測實務 11/21 11/28 https://hackercollege.nctu.edu.tw/?p=1222 吱吱盃黑客松 2020/12/11 https://nsysuisc.kktix.cc/events/hackathon2020 交通大學亥客書院高階網頁滲透測試 12/5 12/12 https://hackercollege.nctu.edu.tw/?p=1224 交通大學亥客書院系統滲透測試與漏洞利用 12/19 https://hackercollege.nctu.edu.tw/?p=1226 交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16 https://hackercollege.nctu.edu.tw/?p=1228 交通大學亥客書院企業網域控管－Active Directory攻擊與防禦 2021/1/23 https://hackercollege.nctu.edu.tw/?p=1230