資安事件新聞週報 2020/5/18 ~ 2020/5/22

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/5/18 ~ 2020/5/22 1.重大弱點漏洞/後門/Exploit/Zero Day Fortinet 產品阻斷服務漏洞 https://fortiguard.com/psirt/FG-IR-16-039 QNAP軟體有RCE漏洞，波及數十萬臺NAS硬體 https://www.ithome.com.tw/news/137748 藍牙沒用記得關！藍牙爆資安漏洞駭客偽裝信任設備悄悄入侵 https://bit.ly/3gn2KnE 藍牙協定含有配對漏洞將讓駭客假冒裝置身分 https://ithome.com.tw/news/137740 Adobe緊急修補遠端程式攻擊漏洞 https://www.ithome.com.tw/news/137751 iOS 13.5 正式推出　修電郵軟件漏洞但暴露通知香港有得用 https://bit.ly/2yo2C62 研究人員發現DNS查詢遞迴漏洞，影響多數DNS伺服器，企業應儘速採取修補作業 https://www.ithome.com.tw/news/137777 FBI warns about attacks on Magento online stores via old plugin vulnerability https://www.zdnet.com/article/fbi-warns-about-attacks-on-magento-online-stores-via-old-plugin-vulnerability/#ftag=RSSbaffb68 Vulnerability Spotlight: Multiple vulnerabilities in Nitro Pro PDF reader https://blog.talosintelligence.com/2020/05/vuln-spotlight-Nitro-pro-pdf-may-2020.html Smartphones, laptops, IoT devices vulnerable to new BIAS Bluetooth attack https://www.zdnet.com/article/smartphones-laptops-iot-devices-vulnerable-to-new-bias-bluetooth-attack/#ftag=RSSbaffb68 New Bluetooth Vulnerability Exposes Billions of Devices to Hackers https://thehackernews.com/2020/05/hacking-bluetooth-vulnerability.html Bluetoothの仕様に不正な操作やデータ侵害など複数の脆弱性（JVN） https://scan.netsecurity.ne.jp/article/2020/05/20/44122.html FreeBSD CVE-2020-7454 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-7454 FreeBSD CVE-2019-15880 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-15880 Palo Alto Networks PAN-OS CVE-2020-2018 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2018 Palo Alto Networks PAN-OS CVE-2020-2001 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2001 Palo Alto Networks PAN-OS CVE-2020-2010 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2010 Palo Alto Networks PAN-OS CVE-2020-2009 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2009 Palo Alto Networks PAN-OS CVE-2020-2011 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2011 Palo Alto Networks PAN-OS CVE-2020-2014 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2014 Palo Alto Networks PAN-OS CVE-2020-2006 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2006 Palo Alto Networks PAN-OS CVE-2020-2007 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2007 Palo Alto Networks PAN-OS CVE-2020-2008 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2008 Palo Alto Networks PAN-OS CVE-2020-2016 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2016 Palo Alto Networks PAN-OS CVE-2020-2003 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2003 Palo Alto Networks PAN-OS CVE-2020-2015 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-2015 Edison Mail爆重大漏洞！可未經授權存取他人電子郵件帳號並「完全可以使用」 https://www.ettoday.net/news/20200518/1716653.htm Edison Mail爆資安漏洞！開啟「帳號同步」竟可登入他人帳號 https://newtalk.tw/news/view/2020-05-18/408424 Newly Updated Network Ports diagrams for Horizon Cloud Service https://techzone.vmware.com/blog/newly-updated-network-ports-diagrams-horizon-cloud-service CVE-2020-2014 PAN-OS: OS injection vulnerability in PAN-OS management server https://security.paloaltonetworks.com/CVE-2020-2014 May Patch Tuesday: More Fixes for SharePoint, TLS, Runtime, and Graphic Components Released https://newsroom.trendmicro.com/blog/security-intelligence/may-patch-tuesday-more-fixes-sharepoint-tls-runtime-and-graphic-compone-1 Ghostscript 阻斷服務漏洞 https://www.auscert.org.au/bulletins/ESB-2020.1739.2/ 微軟本周二修復了一個「震網」級別的資深漏洞 https://kknews.cc/tech/3ymbrj3.html 微軟用以解決反向 RDP 攻擊的修補程式，可用第三方 RDP 連線程式輕易繞過 https://www.twcert.org.tw/tw/cp-104-3628-438af-1.html Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable https://thehackernews.com/2020/05/reverse-rdp-attack-patch.html Microsoft fixes vulnerability affecting all Windows versions since 1996 https://www.welivesecurity.com/2020/05/15/microsoft-fixes-flaw-all-windows-versions-1996/ Chrome 83 released with enhanced privacy controls, tab groups feature https://www.zdnet.com/article/chrome-83-released-with-enhanced-privacy-controls-tab-groups-feature/#ftag=RSSbaffb68 Vulnerability Spotlight: Authentication bypass vulnerability in some Epson projectors https://blog.talosintelligence.com/2020/05/vuln-spotlight-epson-project-authentication-may-2020.html Vulnerability Spotlight: Memory corruption vulnerability in GNU Glibc leaves smart vehicles open to attack https://blog.talosintelligence.com/2020/05/cve-2020-6096.html Dolibarr ERP/CRM 跨站脚本漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13094 OpenTrace 安全漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12856 LibreOffice 安全漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12801 FIRST更新多方漏洞披露指南 https://www.aqniu.com/news-views/67526.html Symantec Endpoint Protection Manager (SEPM) 14.2 RU2 MP1 Elevation of Privileges (CVE-2020-5835) https://labs.redyops.com/index.php/2020/05/19/sepm-cve-2020-5835/ 2.銀行/金融/保險/證券/支付系統/ 新聞及資安 Open API第二階段推動在即便利與隱私如何兩全 https://news.cnyes.com/news/id/4478968 鑽監管漏洞…消費券「假交易真套現」　中國紓困政策打折扣 https://www.setn.com/News.aspx?NewsID=743053 金融機構作好準備　　應付網絡安全威脅 https://unwire.pro/2020/05/16/bt/columnist/ 3家純網銀到齊！樂天國際銀行正式成立公司，系統建置如期拼今年第三季上線 https://www.ithome.com.tw/news/137714 壽險海外曝險率高高嘉瑜促漸回流 https://anntw.com/articles/20200521-Pv7g 黃天牧：低利率與資安威脅是金融監理最大挑戰 https://money.udn.com/money/story/7307/4579579 COVID-19 blamed for 238% surge in cyberattacks against banks https://www.zdnet.com/article/covid-19-blamed-for-238-surge-in-cyberattacks-against-banks/#ftag=RSSbaffb68 Modern Bank Heists 3.0 https://cdn.www.carbonblack.com/wp-content/uploads/2020/05/VMWCB-Report-Modern-Bank-Heists-2020.pdf 3.電子支付/電子票證/行動支付/ pay/新聞及資安電子錢包現保安漏洞 PayMe過數　第三者可「截糊」擸錢 https://hk.news.appledaily.com/local/20200515/C3HDWPASYXCA7O2O6KPB4HQNCQ/ PayMe過數疑現漏動　第三方可按連結取錢 https://bit.ly/2ZceTWm 4.虛擬貨幣/區塊鍊/數位貨幣/相關新聞及資安備戰下一代支付？Visa 申請數位法幣專利，傳欲接手「央行數位貨幣 CBDC 」發行流程 https://www.blocktempo.com/visa-submits-patent-application-for-digital-dollar-using-blockchain/ 楊金龍向立委高嘉瑜澄清：央行沒有要「CBDC 雙軌測試」，下半年只是技術可行性試驗 https://www.blocktempo.com/central-bank-of-taiwan-is-not-going-to-test-cbdc/ 3月黑天鵝事件後，中心化交易所已流失 30 萬枚比特幣；反觀以太幣持有量仍穩定成長 https://www.blocktempo.com/centralized-exchanges-continue-to-shed-bitcoin/ 中國第二起「10 億美元龐氏騙局 Wotoken 」開庭審理，PlusToken 成員也牽連其中 https://www.blocktempo.com/wotoken-plustoken-ponzi-scam-china/ 比特幣網路阻塞！手續費短短一個月成長幅度最高 1,250 %，仍有56 MB未確認交易 https://www.blocktempo.com/bitcoin-transaction-fees-are-up-800-in-one-month/ 金融業霸主的野心｜J.P. Morgan 發布80頁區塊鏈展望報告，大規模運用還離我們多遠 https://www.blocktempo.com/analyze-jp-morgan-perspectives-blockchain/ 加密幣借貸平台 BlockFi 遭駭個資外洩！保證客戶資金未受影響 https://blockcast.it/2020/05/20/crypto-lender-blockfi-experienced-data-breach-last-week-but-no-customer-funds-were-lost/ Defi｜BlockFi 遭遇SIM卡駭客，「用戶信箱, 通訊地址, 出生日期洩漏」但資金皆安全 https://www.blocktempo.com/blockfi-hacker-sim-swapped-employees-phone-no-funds-were-lost/ Steem 沒收社群代幣反遭駭客「盜走」！孫宇晨始料未及怒嗆：我報警了 https://blockcast.it/2020/05/21/justin-sun-is-working-with-law-enforcement-over-the-steem-debacle/ What will the Bitcoin halving event do for blockchain and digital commerce https://www.zdnet.com/article/what-will-the-bitcoin-halving-event-do-for-blockchain-and-digital-commerce/#ftag=RSSbaffb68 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 近日加密勒索軟體猖獗，請各位同仁依相關說明做好資安防護措施 http://www.ymjhs.tyc.edu.tw/xoops2/modules/tadnews/index.php?nsn=12385 點開 Google Docs連結,無檔案病毒偽裝Word、Excel或PDF 藏匿其中 https://blog.trendmicro.com.tw/?p=64207 殭屍網路開採已停產的Symantec安全網頁閘道漏洞 https://www.ithome.com.tw/news/137690 部分國家的軍隊內部網路，可能遭駭侵團體以 USB 惡意軟體攻擊並竊取資料 https://www.twcert.org.tw/tw/cp-104-3624-3e85e-1.html 總統府被駭客入侵的前一天嘉市府遭勒索病毒攻擊 https://udn.com/news/story/7315/4576453?from=udn-catelistnews_ch2 FBI警告駭客給的勒索軟體ProLock解密工具有臭蟲，付贖金不一定能救回檔案 https://www.ithome.com.tw/news/137710 泰國 Android 用戶遭 WolfRAT 鎖定，攻擊熱門聊天 App 以竊取資訊 https://www.twcert.org.tw/tw/cp-104-3630-471e9-1.html WolfRAT間諜程式專門竊取WhatsApp、Messenger及Line的通訊內容 https://www.ithome.com.tw/news/137739 國內重要企業遭勒索軟體攻擊事件調查說明 https://www.mjib.gov.tw/news/Details/1/607 FBI: ProLock ransomware gains access to victim networks via Qakbot infections https://www.zdnet.com/article/fbi-prolock-ransomware-gains-access-to-victim-networks-via-qakbot-infections/#ftag=RSSbaffb68 Open-sourcing new COVID-19 threat intelligence https://www.microsoft.com/security/blog/2020/05/14/open-sourcing-covid-threat-intelligence/ Microsoft.Covid19.Indicators https://github.com/Azure/Azure-Sentinel/blob/master/Sample%20Data/Feeds/Microsoft.Covid19.Indicators.csv RATicate: an attacker’s waves of information-stealing malware https://news.sophos.com/en-us/2020/05/14/raticate/ Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia https://www.welivesecurity.com/2020/05/14/mikroceen-spying-backdoor-high-profile-networks-central-asia/ APT Group Planted Backdoors Targeting High Profile Networks in Central Asia https://decoded.avast.io/luigicamastra/apt-group-planted-backdoors-targeting-high-profile-networks-in-central-asia/ APT group targets high profile networks in Central Asia https://securityaffairs.co/wordpress/103321/apt/apt-group-central-asia.html 多台歐洲超級電腦連環爆出被駭客入侵，偷挖門羅幣 https://www.inside.com.tw/article/19815-Supercomputers-Infected-with-Cryptocurrency-Mining-Malware-across-Europe RECENT ATTACKS AGAINST SUPERCOMPUTERS https://www.cadosecurity.com/2020/05/16/1318/ Supercomputer Intrusions Trace to Cryptocurrency Miners https://www.bankinfosecurity.com/supercomputer-intrusions-trace-to-cryptocurrency-miners-a-14296 Supercomputers hacked across Europe to mine cryptocurrency https://www.zdnet.com/article/supercomputers-hacked-across-europe-to-mine-cryptocurrency/ Academic data centers abused for crypto currency mining https://csirt.egi.eu/academic-data-centers-abused-for-crypto-currency-mining/ Vendetta-new threat actor from Europe https://blog.360totalsecurity.com/en/vendetta-new-threat-actor-from-europe/ New Ramsay malware allows exfiltrating files from air-gapped computers https://securityaffairs.co/wordpress/103202/malware/ramsay-malware-air-gapped-computers.html Authorities bust hacker group planning to hit hospitals with ransomware https://www.hackread.com/hacker-group-busted-hospitals-ransomware-hit/ This powerful Android malware stayed hidden for years, infecting tens of thousands of smartphones https://www.zdnet.com/article/this-powerful-android-malware-stayed-hidden-years-infected-tens-of-thousands-of-smartphones/ Trojan Lampion is back after 3 months https://securityaffairs.co/wordpress/103128/malware/trojan-lampion-3-months-later.html Trojan Lampion is back after 3 months https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/#.XsEpY2gzbIX Zeus Sphinx Back in Business: Some Core Modifications Arise https://securityintelligence.com/posts/zeus-sphinx-back-in-business-some-core-modifications-arise/ Ransomware Hit ATM Giant Diebold Nixdorf https://krebsonsecurity.com/2020/05/ransomware-hit-atm-giant-diebold-nixdorf/ The basics of a ransomware infection as Snake, Maze expands https://blog.talosintelligence.com/2020/05/the-basics-of-ransomware-infection-as.html QNodeService: Node.js Trojan Spread via Covid-19 Lure https://newsroom.trendmicro.com/blog/security-intelligence/qnodeservice-nodejs-trojan-spread-covid-19-lure-1 New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability https://newsroom.trendmicro.com/node/4895 CERT-In Says Mobile Banking Android Malware 'EventBot' Horsing Around in Cyberspace https://gadgets.ndtv.com/mobiles/news/cert-in-eventbot-advisory-mobile-banking-android-malware-2228842 Hackers preparing to launch ransomware attacks against hospitals arrested in Romania https://www.zdnet.com/article/hackers-preparing-to-launch-ransomware-attacks-against-hospitals-arrested-in-romania/#ftag=RSSbaffb68 Android Spyware Hidden in Apps for 4 Years: Report https://www.bankinfosecurity.com/android-spyware-hidden-in-apps-for-4-years-report-a-14289 Crypto-Lock and Tell: Ransomware Gangs Double Down on Leaks https://www.bankinfosecurity.com/crypto-lock-tell-ransomware-gangs-double-down-on-leaks-a-14286 Analysis: Securing RDP to Prevent Ransomware Attacks https://www.bankinfosecurity.com/interviews/analysis-securing-rdp-to-prevent-ransomware-attacks-i-4680 Cyber-Espionage Malware Targets Air-Gapped Networks: Report https://www.bankinfosecurity.com/cyber-espionage-malware-targets-air-gapped-networks-report-a-14281 Group Behind WannaCry Now Using New Malware https://www.bankinfosecurity.com/group-behind-wannacry-now-using-new-malware-a-14279 Ransomware Reminder: Paying Ransoms Doesn't Pay https://www.bankinfosecurity.com/blogs/ransomware-reminder-paying-ransoms-doesnt-pay-p-2901 Ransomware Attackers Exfiltrate Data From Magellan Health https://www.bankinfosecurity.com/ransomware-attackers-exfiltrate-data-from-magellan-health-a-14277 Toll Group Says Ransomware Attackers Stole Data https://www.bankinfosecurity.com/toll-group-says-ransomware-attackers-stole-data-a-14271 ATM Manufacturer Diebold Nixdorf Hit With Ransomware https://www.bankinfosecurity.com/atm-manufacturer-diebold-nixdorf-hit-ransomware-a-14268 Enhanced Zeus Sphinx Trojan Used in COVID-19 Schemes https://www.bankinfosecurity.com/enhanced-zeus-sphinx-trojan-used-in-covid-19-schemes-a-14267 Pitney Bowes Battles Second Ransomware Attack https://www.bankinfosecurity.com/pitney-bowes-battles-second-ransomware-attack-a-14261 Botnet Watch: Anubis Mobile Malware Gets New Features https://www.bankinfosecurity.com/botnet-watch-anubis-mobile-malware-gets-new-features-a-14256 HTTP Status Codes Command This Malware How to Control Hacked Systems https://thehackernews.com/2020/05/malware-http-codes.html Researcher Spots New Malware Claimed to be 'Tailored for Air‑Gapped Networks' https://thehackernews.com/2020/05/airgap-network-malware.html U.S Defense Warns of 3 New Malware Used by North Korean Hackers https://thehackernews.com/2020/05/fbi-north-korean-malware.html WolfRAT targets WhatsApp, Facebook Messenger app users on Android devices https://www.zdnet.com/article/wolfrat-targets-users-of-whatsapp-facebook-messenger-apps-on-android-devices/#ftag=RSSbaffb68 The wolf is back https://blog.talosintelligence.com/2020/05/the-wolf-is-back.html?m=1 Ransomware Gang Demands $42 Million From Celebrity Law Firm https://www.bankinfosecurity.com/ransomware-gang-demands-42-million-from-celebrity-law-firm-a-14292 Paying Ransomware Crooks Doubles Clean-up Costs, Report https://threatpost.com/paying-ransomware-crooks-doubles-clean-up-costs-report/155767/ Ransomware has gone nuclear: To avoid any fallout yourself, tune in online this month to hear from KnowBe4 https://www.theregister.co.uk/2020/05/20/ransomware_has_gone_nuclear/ No “Game over” for the Winnti Group https://www.welivesecurity.com/2020/05/21/no-game-over-winnti-group/ The “Silent Night” Zloader/Zbot https://resources.malwarebytes.com/files/2020/05/The-Silent-Night-Zloader-Zbot_Final.pdf Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia https://www.bitdefender.com/files/News/CaseStudies/study/332/Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive.pdf Iranian APT Group Targets Governments in Kuwait and Saudi Arabia https://thehackernews.com/2020/05/iran-hackers-kuwait.html Hackers Use Fake Zoom Installers to Install Backdoor and Devil Shadow Botnet on Windows Computers https://gbhackers.com/fake-zoom-installers-2/ B.行動安全 / iPhone / Android /穿戴裝置 /App “網絡軍火商”Zerodium：iOS漏洞太多了，我們收不過來了 https://www.freebuf.com/news/237142.html iPhone真的安全嗎？美執法機關用「這軟體」破解用戶密碼 https://fnc.ebc.net.tw/FncNews/world/119634 Military Security Could Be Compromised By Surprising App https://www.forbes.com/sites/hisutton/2020/05/20/military-personnel-exposed-by-unlikely-social-media-app/#1280ae181256 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 2020年4月網絡安全態勢綜述 https://www.sohu.com/a/396267496_476857 【Yahoo論壇／張善政】從總統府被駭談企業機關的網路自保之道 https://bit.ly/2WTErWI 無伺服器運算平台對資安的意義為何 https://blog.trendmicro.com.tw/?p=64111 駭客幫寫加密程式　CIA也破解不了 https://www.chinatimes.com/realtimenews/20200520001194-260402?chdtv 網路犯罪報告：網攻激增動機多為財不為刺探 https://www.cna.com.tw/news/firstnews/202005190209.aspx 如果資安即國安，就別再用香蕉般的待遇找人 https://reurl.cc/arMlZ9 設備整合不全易成資安破口 https://www.chinatimes.com/newspapers/20200517000352-260102?chdtv 籌組資安國家隊刻不容緩 https://money.udn.com/money/story/5628/4569208 吳念真80萬人粉專消失！疑遭駭求救「弄不回就算了」 https://tw.appledaily.com/entertainment/20200517/FY2GBDB2VPPQGMQVZW3EE6EOBI/ 台企業每週遭上千次駭客攻擊　專家籲：資安意識最重要 https://tw.appledaily.com/life/20200515/JFVBXY22UHVHOAG6XC35UKTIR4/ 貧弱的企業資安應變公告 https://www.ithome.com.tw/voice/137634 微軟釋出疫情詐騙攻擊情資 https://ithome.com.tw/news/137645 來自中國的駭客攻擊占9成以上！新政府如何應對？資安專家提3藥方 https://bit.ly/2LQEps0 名嘴爆台電也遭駭：台電：每月數以萬計攻擊是常態 https://ec.ltn.com.tw/article/breakingnews/3170081 中油遭駭兇手恐再攻10企業《蘋果》獨家取得勒索信囂張嗆CEO 5天內談判 https://tw.appledaily.com/headline/20200516/H2OCCSNCKYBDP6TLAC7GNXNAH4/ 駭客入侵滲透10家企業數月調查局籲：即刻進行資安檢查 https://news.sina.com.tw/article/20200516/35185736.html 中油台塑化遭駭調查局研判同一集團境外攻擊 https://www.cna.com.tw/news/firstnews/202005155006.aspx 中油、台塑化遭駭！調查局研判「境外同一集團攻擊」　下午3點召開記者會 https://www.ettoday.net/news/20200515/1715000.htm 「沒被駭過」政院說要檢討資安 https://udn.com/news/story/6656/4569861 總統府遭駭國防部：不排除是中國駭客 https://www.epochtimes.com/b5/20/5/18/n12118336.htm 總統府電腦遭駭　資安專家：系統一定要更新 https://tw.appledaily.com/life/20200516/PF3DGSUKAUU6W5CEJ4AROAAB6Q/ 總統府遭駭幕僚文件流出遭變造　國安系統嚴密應變 https://www.businesstoday.com.tw/article/category/80392/post/202005160002 總統府被駭　吳怡農驚曝資安破口：層級越高管理越不嚴謹 https://news.tvbs.com.tw/politics/1325280 520前總統府遭駭吳怡農：政府資安應整體檢討 https://reurl.cc/D9OzQO 早知國家機密外洩吳怡農：核心政府單位都曾被滲透 https://news.ebc.net.tw/news/politics/210350 總統府遭駭…個人電腦成漏洞！吳怡農揭關鍵：因不信任公家 https://www.setn.com/News.aspx?NewsID=744525 疑遭駭客入侵府去年才砸千萬建資安監控中心 https://news.ltn.com.tw/news/politics/paper/1373447 政府成立資安中心就傳被駭　蔣萬安質疑「綠營政治鬥爭」 https://www.mirrormedia.mg/story/20200518edi014/ 府才成立資安監控中心卻被駭藍委：就是個笑話 https://newtalk.tw/news/view/2020-05-18/408135 【駭客風暴】刑事局取得總統府電磁資料分析　追誰聯外網釀禍 https://tw.appledaily.com/local/20200518/KXW3NJJMGK5U3LKOITBWR277QA/ 總統府遭駭密件外流藍黨團：人事鬥爭令人驚駭 https://udn.com/news/story/6656/4571731 籲報導總統府遭駭應落實事實查證 NCC：違者最高可處200萬 https://m.ltn.com.tw/news/politics/breakingnews/3168200 府遭駭許毓仁推測「內鬼陰謀」藍委籲總統府說明：哪些真哪些假 https://www.chinatimes.com/realtimenews/20200516002688-260407?chdtv 府向刑事局報案調局納悶 https://money.udn.com/money/story/7307/4569331 鎖定核心幕僚「遭駭電腦不止一部」 https://tw.appledaily.com/headline/20200518/XEMEUKFK6ZRLXE4QJDAITRVN4M/ 小英核心幕僚私人電腦遭駭　國家機密外洩機率小「衝擊在綠營」 https://tw.appledaily.com/politics/20200518/LFSVGO25K6ZAOAL6M5QES77ARE/ 政府資安分級看業務國防外交屬A級 https://tw.news.appledaily.com/headline/20200517/AMDOFT7QBKTEDMMMOQIJN7M5GI/ A級單位竟遭入侵立委促檢討資安 https://news.ltn.com.tw/news/politics/paper/1373257 政府資安依業務內容分級　外交、國防Ａ級最高 https://tw.appledaily.com/politics/20200516/IGGRFJ3WYJQYESDD5YADCI4OXE/ 多項機密恐遭外洩吳怡農分析資安3大結構性缺失 https://news.ltn.com.tw/news/politics/breakingnews/3168087 總統府遭駭疑是境內外共謀！　卓榮泰：爛招出盡只為「圍魏救韓」 https://fountmedia.io/article/58197 挑520前駭進總統府　國安人士：典型的認知空間作戰 https://news.tvbs.com.tw/politics/1325114 駭客入侵總統府變造資料　高虹安：APT持續滲透最難防 https://www.ettoday.net/news/20200516/1715747.htm 總統府疑遭駭 Google對Gmail用戶發出「危險郵件」警訊 https://money.udn.com/money/story/7307/4568227 第三級資安事件刑事局追查不排除中國網攻 https://bit.ly/364ERMG 總統府「不只一部電腦遭駭」　不排除國內了解政情人員涉案 https://tw.appledaily.com/politics/20200517/YBEXRXCHXQTZXDZMQ5QGE6XXMA/ 資安工作站才成軍…府向刑事局報案調查局納悶 https://udn.com/news/story/6656/4569331 府遭駭外流文件人事精準命中 https://www.chinatimes.com/newspapers/20200517000333-260102?chdtv 府被駭是政治版陳冠希事件？賴清德守穩尊蔡低調應對 https://udn.com/news/story/120884/4569957 總統府遭駭　調查局不排除為府全面清毒 https://www.chinatimes.com/realtimenews/20200516001942-260402?ctrack=mo_main_rtime_p01&chdtv 府黑函事件！　經查疑府高層電腦被駭 https://news.tvbs.com.tw/politics/1325343 總統府遭駭客入侵高嘉瑜是先知 https://bit.ly/3bIzXGq 神秘電郵曝蔡密室分贓！府稱遭駭藍委疑被駭真實性 https://udn.com/news/story/6656/4568369?from=udn-ch1_breaknews-1-cate1-news 總統府被駭報刑事局查內鬼 http://www.ksnews.com.tw/index.php/news/contents_page/0001374570 總統府遭駭前藍委憂系統性風險前兆 https://news.ltn.com.tw/news/politics/breakingnews/3168220 黑函郵件爆宮鬥喬人事府斥內容變造涉及國安！總統府遭駭上演台版維基解密 https://bit.ly/2ya0grt 【駭客風暴】卓榮泰質疑駭客「圍魏救韓」　國民黨：無法掩飾綠營宮廷內鬥 https://tw.appledaily.com/politics/20200517/4Z2I2MCZO4XJJ6WVO3DLA3CN4U/ 假借駭客？藍懷疑有內鬼 https://money.udn.com/money/story/7307/4569328 國安級威脅藍委籲測謊揪內賊 https://bit.ly/2WXQNMc 是被駭還是有綠營內鬼作亂　藍營籲總統府速查明真相 https://www.ctwant.com/article/51657 評總統府遭駭很諷刺連勝文：民進黨養網軍卻忽略資安 https://udn.com/news/story/6656/4570406 總統府傳遭駭客入侵　林雨蒼揭背後可能有「中國的政治動機」 https://newtalk.tw/news/view/2020-05-16/407662 曾任職國安會吳怡農：很多機密已遭洩露只是尚未公開 https://udn.com/news/story/6656/4569592?from=udn-catelistnews_ch2 總統府遭駭不向調查局報案法務部：該案由刑事局主辦 https://m.ltn.com.tw/news/politics/breakingnews/3168832 府疑遭駭警調分頭偵辦今調資料 https://udn.com/news/story/6656/4571162 總統府洩密案真相大白　劉姓副秘書長：筆電已遺失 https://www.ctwant.com/article/52679 駭客入侵總統府資安疑雲多　高思博：外洩訊息屬實證明派系運作發威 https://www.ettoday.net/news/20200521/1719811.htm 虎頭蛇尾的駭客事件 https://udn.com/news/story/7338/4578998 「地理空間情報」助決策、減誤判 https://www.ydn.com.tw/News/379593 日本三菱電機資安事件恐外洩飛彈資訊 https://www.ithome.com.tw/news/137745 日版「東風-17」資料外洩？朝日獨家：中國駭客入侵三菱電機，偷走日本最新型武器機密 https://www.storm.mg/article/2661216 英國各行業受網絡駭客入侵持續增加 https://reurl.cc/V6W90y 加拿大兩大情報機構警告外國駭客盜取本國新冠研究信息威脅增加 https://bit.ly/2yV8JPI 美空軍將辦比賽讓民間黑客來“找茬” https://reurl.cc/ZOlyma 不給錢大家難看！駭客組織在攻擊紐約律師事務所後，威脅公開川普醜聞 https://media.ace.io/ransomware-gang-demands-42m-or-it-releases-trumps-dirty-laundry/ 羅馬尼亞警方逮捕準備攻擊醫院的駭客組織 https://www.ithome.com.tw/news/137689 「川普性醜聞」贖金127億！暗網駭客「偷法律文件」放話：公開沒人會想選他 https://www.ettoday.net/news/20200518/1717114.htm Hackers Publish First 169 Trump ‘Dirty Laundry’ Emails After Being Branded Cyber-Terrorists https://www.forbes.com/sites/daveywinder/2020/05/17/hackers-publish-first-169-trump-dirty-laundry-emails-after-being-branded-cyber-terrorists/ Criminal hacker group claims to have Trump documents, asks for $42M in ransom https://thehill.com/policy/cybersecurity/498101-criminal-hacker-group-claims-to-have-trump-documents-asks-for-42-million Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump https://www.zdnet.com/article/ransomware-gang-asks-42m-from-ny-law-firm-threatens-to-leak-dirt-on-trump/#ftag=RSSbaffb68 A cybercrime store is selling access to more than 43,000 hacked servers https://www.zdnet.com/article/a-cybercrime-store-is-selling-access-to-more-than-43000-hacked-servers/#ftag=RSSbaffb68 Access-as-a-Service – Remote Access Markets in the Cybercrime Underground https://ke-la.com/access-as-a-service-remote-access-markets-in-the-cybercrime-underground/ US accuses China of hacking COVID-19 researchers https://www.itweb.co.za/content/KA3WwMdDoWXMrydZ/BO2rQGMANbqd1eaK Dutch spies helped Britain's GCHQ break Argentine crypto during Falklands War https://www.theregister.co.uk/2020/05/18/maximator_euro_spy_alliance_falklands_war/ SMBs see cyberattacks that rhyme with large enterprises due to cloud shift https://www.zdnet.com/article/smbs-see-cyberattacks-that-rhyme-with-large-enterprises-due-to-cloud-shift/#ftag=RSSbaffb68 Mercedes-Benz onboard logic unit (OLU) source code leaks online https://www.zdnet.com/article/mercedes-benz-onboard-logic-unit-olu-source-code-leaks-online/#ftag=RSSbaffb68 Israeli Websites Hit in Massive Hack Attack by Mysterious ‘Hackers of Savior’ Group https://sputniknews.com/middleeast/202005211079377380-israeli-websites-hit-in-massive-hack-attack-by-mysterious-hackers-of-savior-group---video/ Iranian Propaganda – Destruction of Israel through Website Defacements https://cybershafarat.com/2020/05/21/hackers_of_savior/?fbclid=IwAR1hDm49-rp_6V8Mf5Bp_KTab9HxDaQM4pNwZgvPbuA-qKR73fe4II0AAAU 國網中心/資訊安全科技組/專案計畫人員/1人(109_24_2) https://www.104.com.tw/job/6xx5r 科技廠資安管理員 https://www.518.com.tw/job-NJVDz4.html ISO 27001資訊安全稽核專員(台北) https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?EMPLOYER_ID=57109&HIRE_ID=9712473 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞「劉錦添」成釣魚信標的　他是小英姊夫專攻實證經濟研究 https://tw.appledaily.com/politics/20200517/42Z6PVI2RUTQUXF5RIXJODKIRA/ 又有駭客釣魚信！這次鎖定立委府方呼籲各界注意 https://udn.com/news/story/6656/4578654 小心Azure AD登入頁釣魚版本，隨Office 365 郵件來襲 https://www.ithome.com.tw/news/137640 被傳名列總統府駭客事件顏擇雅透露有大量機器人帳號加好友 https://m.ltn.com.tw/news/politics/breakingnews/3172758 總統府遭駭、冒名釣魚信　立院內政委員會今聚焦資安危機 https://tw.appledaily.com/politics/20200521/YTQB5A77BMRKCFBFTO4VFJB4CQ/ 近日我國立法委員遭駭客鎖定，在520收到假冒總統府發送的網釣郵件，刑事警察局公布調查結果 https://www.ithome.com.tw/news/137789 駭客偽冒總統府電子郵件寄發夾藏惡意程式釣魚網站 https://www.cib.gov.tw/News/BulletinDetail/8294 又有駭客釣魚信！這次鎖定立委府方呼籲各界注意 https://money.udn.com/money/story/5648/4578654 駭客冒用總統府寄釣魚信刑事局：惡意程式來自烏克蘭 https://newtalk.tw/news/view/2020-05-21/410055 假冒總統府寄釣魚信！刑事局：網站主機在烏克蘭 https://news.cts.com.tw/cts/politics/202005/202005212001228.html 政府防疫蒐集個資大數據恐違法在野黨立委提案補漏洞 https://bit.ly/3dJ8gie 中國大學資料外洩疑64萬確診遍布230城市 https://news.ltn.com.tw/news/world/breakingnews/3167168 膠帶封死車門24小時派人守...他仍偷走機密！科技公司傻眼：損失上百億 https://www.ettoday.net/news/20190710/1486327.htm 臉書買iPhone遭詐1萬3　苗博雅受騙原因曝光 https://tw.appledaily.com/local/20200518/NSEHTUDC4RZTC66FFIISSX7XF4/ MongoDB 的欺騙性廣告 https://bit.ly/2Zdq01k 駭客出售逾1.29億名俄車主數據卻僅要價0.3個比特幣 https://ec.ltn.com.tw/article/breakingnews/3168388 Mercedez-Benz的GitLab伺服器配置不良，遭研究人員下載逾580個Git儲存庫 https://www.ithome.com.tw/news/137695 航空公司個資外洩！質疑陸駭客下毒手 https://bit.ly/2ynWZVs 易捷航空公司或遭到“自中共”駭客襲擊 900萬客戶信息外泄 https://m.soundofhope.org/post/380641?lang=b5 總統府遭駭！調查局揭4種資料外洩可能途徑 https://bit.ly/2TuJlY2 奈及利亞詐騙集團把腦筋動到疫情救助金，向美國詐領失業補助 https://www.ithome.com.tw/news/137769 防疫無治安假期，警方偵破「假交友真詐財」詐欺機房 https://www.cib.gov.tw/News/Detail/42729 Illinois blames ‘glitch’ for exposure of PUA applicant Social Security numbers, private data https://www.zdnet.com/article/illinois-blames-glitch-for-exposure-of-applicant-social-security-numbers-private-data/#ftag=RSSbaffb68 Mercedes-Benz onboard logic unit (OLU) source code leaks online https://www.zdnet.com/article/mercedes-benz-onboard-logic-unit-olu-source-code-leaks-online/#ftag=RSSbaffb68 The database of Russian car owners is sold for bitcoins https://www.ehackingnews.com/2020/05/the-database-of-russian-car-owners-is.html Coronavirus-themed phishing templates used to capture personal information https://www.techrepublic.com/article/coronavirus-themed-phishing-templates-used-to-capture-personal-information/ Ready-made COVID-19 Themed Phishing Templates Copy Government Websites Worldwide https://www.proofpoint.com/us/blog/threat-insight/ready-made-covid-19-themed-phishing-templates-copy-government-websites-worldwide Phishing campaign exploits Symantec URL Protection to cover its tracks https://www.techrepublic.com/article/phishing-campaign-exploits-symantec-url-protection-to-cover-its-tracks/ Scammers steal $10 million from Norway's state investment fund https://www.bleepingcomputer.com/news/security/scammers-steal-10-million-from-norways-state-investment-fund/ NORFUND HAS BEEN EXPOSED TO A SERIOUS CASE OF FRAUD https://www.norfund.no/norfund-has-been-exposed-to-a-serious-case-of-fraud/ Hacking Group Offers Another 27 Million Records for Sale: Report https://www.bankinfosecurity.com/hacking-group-offers-another-27-million-records-for-sale-report-a-14259 Verizon's data breach report highlights how unsecured cloud storage opens door to attacks https://www.zdnet.com/article/verizons-data-breach-report-highlights-how-unsecured-cloud-storage-opens-door-to-attacks/#ftag=RSSbaffb68 英國廉航公司 EasyJet 遭駭，九百萬顧客個資被竊 https://www.twcert.org.tw/tw/cp-104-3627-600bd-1.html British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data https://thehackernews.com/2020/05/easyjet-data-breach-hacking.html Home Chef Hacked – Hackers Selling 8M User Records on a Dark Web Marketplace https://gbhackers.com/home-chef-hacked/ Xbox and Windows NT 3.5 source code leaks online https://www.theverge.com/2020/5/21/21265995/xbox-source-code-leak-original-console-windows-3-5 Russian banks revealed new types of fraud https://www.ehackingnews.com/2020/05/russian-banks-revealed-new-types-of.html?utm_source=dlvr.it&utm_medium=twitter E.研究報告淺談DevOps Security https://www.techbang.com/posts/78510-talking-about-devops-security 聯發科被在野利用的RootKit 漏洞分析（CVE-2020-0069） https://www.4hou.com/posts/n8Ql 沒有絕對的安全——STM32也有漏洞？CVE-2020-8004漏洞原理分析 https://zhuanlan.zhihu.com/p/141457763 越權漏洞（IDOR）筆記 https://www.cnblogs.com/AirCrk/p/12915798.html 物聯網滲透測試（十二）：MIPS 架構下的漏洞利用 https://www.infoq.cn/article/PjaoL1UytUuoTDT3T3cH Introducing Shuffle — an Open Source SOAR platform part 1 https://medium.com/security-operation-capybara/introducing-shuffle-an-open-source-soar-platform-part-1-58a529de7d12 Saycheese : Grab Target’s Webcam Shots By Link https://kalilinuxtutorials.com/saycheese/ Linux shell script to reduce PDF file size https://bash.cyberciti.biz/file-management/linux-shell-script-to-reduce-pdf-file-size/ Persistence – COM Hijacking https://pentestlab.blog/2020/05/20/persistence-com-hijacking/ Integrating a SIEM solution in a large enterprise with disparate global centers https://www.helpnetsecurity.com/2020/05/22/siem-solution/ GhostDNS Source Code Leaked https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/ Windows Registry Analysis – Tracking Every Activity That You Do on the Windows System https://gbhackers.com/windows-registry-analysis-tracking-everything-you-do-on-the-system/ Modern Javascript keylogger with web panel https://github.com/bmh1cker/Flash-Keylogger Cyber_Intelligence_Report_2020_Q1 http://www.informationwarfarecenter.com/cir/Cyber_Intelligence_Report_2020_Q1.pdf Internet Exploiter: Understanding vulnerabilities in Internet Explorer https://labs.f-secure.com/blog/internet-exploiter-understanding-vulnerabilities-in-internet-explorer Getdroid - FUD Android Payload And Listener https://www.kitploit.com/2020/05/getdroid-fud-android-payload-and.html Use Layer 7 Application Identity in Your Segmentation Policies https://blogs.vmware.com/networkvirtualization/2020/05/layer-7-application-identity-segmentation-policies.html/ VMware vSAN 7.0 New Features and Capabilities https://www.virtualizationhowto.com/2020/03/vmware-vsan-7-0-new-features-and-capabilities/ Kubernetes: Up and Running, Second Edition https://azure.microsoft.com/en-us/resources/kubernetes-up-and-running/ Putting the Model to Work: Enabling Defenders With Vulnerability Intelligence — Intelligence for Vulnerability Management, Part Four https://www.fireeye.fr/blog/threat-research/2020/04/enabling-defenders-with-vulnerability-intelligence.html Top 5 Best Hacking Simulator for Every Aspiring Hackers to Practice Their Hacking Skills https://gbhackers.com/hacking-simulator/ mayankmetha / Rucky https://github.com/mayankmetha/Rucky HTTP file upload scanner for Burp Proxy https://github.com/modzero/mod0BurpUploadScanner Converting an EXE to a DLL https://osandamalith.com/2019/08/26/converting-an-exe-to-a-dll/ Google WordPress Site Kit plugin grants attacker Search Console Access https://securityaffairs.co/wordpress/103219/hacking/google-wordpress-site-kit-flaw.html Reverse shell using Windows Registry files (.reg) https://github.com/thelinuxchoice/evilreg Relaying NTLM authentication over RPC https://blog.compass-security.com/2020/05/relaying-ntlm-authentication-over-rpc/ skcom-container/Dockerfile https://github.com/tacosync/skcom-container/blob/master/Dockerfile Getdroid - FUD Android Payload And Listener https://www.kitploit.com/2020/05/getdroid-fud-android-payload-and.html RMS-Runtime-Mobile-Security https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security/blob/master/README.md yet another vulnerability scanner https://github.com/BitTheByte/Eagle Using Lampyre for Basic Email and Phone Number OSINT https://medium.com/@raebaker/using-lampyre-for-basic-email-and-phone-number-osint-e0e36c710880 rescope https://github.com/root4loot/rescope Blazing Fast Web Fuzzer in Rust https://github.com/iinc0gnit0/RBust v7.0.1 Release of PowerShell https://github.com/PowerShell/PowerShell/releases INCIDENT RESPONSE GUIDEBOOK: A GAME PLAN TO COMBAT SQL INJECTION ATTACKS https://blog.eccouncil.org/incident-response-guidebook-a-game-plan-to-combat-sql-injection-attacks/ SUDO_KILLER - A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo https://hakin9.org/sudo_killer-a-tool-to-identify-and-exploit-sudo-rules-misconfigurations-and-vulnerabilities-within-sudo/ Scanners-Box https://github.com/We5ter/Scanners-Box/blob/master/README.md Hashlol https://github.com/almsrati/Hashlol BREAKING TYPICAL WINDOWS HARDENING IMPLEMENTATIONS https://www.trustedsec.com/blog/breaking-typical-windows-hardening-implementations/ QNAP Pre-Auth Root RCE Affecting ~450K Devices on the Internet https://medium.com/bugbountywriteup/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05 The Use – and Abuse – of DotNet Files, and the Value of FortiResponder Automation in the Threat Analysis Process https://www.fortinet.com/blog/threat-research/the-use-and-abuse-of-dotnet-files-and-the-value-of-fortresponder-automation-in-threat-analysis.html Azure Red Team tool for graphing Azure and Azure Active Directory objects https://github.com/Azure/Stormspotter XploitSPY is an Android Monitoring / Spying Too https://hakin9.org/xploitspy-is-an-android-monitoring-spying-tool/ Windows 10 Defender's hidden features revealed by this free tool https://www.bleepingcomputer.com/news/microsoft/windows-10-defenders-hidden-features-revealed-by-this-free-tool/ Network Analysis Tool BruteShark https://github.com/odedshimon/BruteShark IT threat evolution Q1 2020 https://securelist.com/it-threat-evolution-q1-2020/96886/ IT threat evolution Q1 2020. Statistics https://securelist.com/it-threat-evolution-q1-2020-statistics/96959/ Offense and Defense – A Tale of Two Sides: (Windows) OS Credential Dumping https://www.fortinet.com/blog/threat-research/offense-and-defense-a-tale-of-two-sides-windows-os-credential-dumping.html TugaRecon - Subdomain Enumeration Tool https://pentestmag.com/tugarecon-subdomain-enumeration-tool/ F.商業【2020 Beta14新版發布】iThome臺灣資安市場地圖 https://www.ithome.com.tw/news/123912 Docker與Snyk合作提供映像檔漏洞掃描服務 https://www.ithome.com.tw/news/137762 防疫宅經濟持續發燒如何抵擋駭客攻擊、保護網路交易安全 https://www.onwardsecurity.com/laboratory/item/20 Chrome will soon block resource-draining ads. Here’s how to turn it on now https://arstechnica.com/information-technology/2020/05/chrome-will-soon-block-resource-draining-ads-heres-how-to-turn-it-on-now/ G.政府法務部調查局揭露企業常見受駭類型，從臺灣遇害實例驗證攻擊趨勢 https://www.ithome.com.tw/news/134170 數位身份證恐成中共監控管道民團籲暫緩發行 https://www.ntdtv.com/b5/2020/05/14/a102847022.html 黑馬！中華經濟研究院院長將由金管會副主委張傳章接任 https://bit.ly/36gvt97 黃天牧掌金管會面臨五挑戰 https://money.udn.com/money/story/8888/4568989 台灣eID 得標者「國巨管理顧問公司」幸大智，是上海「君悅律師事務所」合夥人 https://bearpost.org/?p=12262 資安漏洞？許毓仁爆資安處沒預算做資安訓練 https://www.chinatimes.com/realtimenews/20200517002302-260407?chdtv 資安預算不足藍酸養隻沒牙的老虎 https://www.chinatimes.com/newspapers/20200518000436-260118?chdtv 總統府遭駭引資安疑慮陳柏惟︰修法賦予情報機關情蒐權力 https://news.ltn.com.tw/news/politics/breakingnews/3168365 將掌國安會秘書長顧立雄提二大重點工作 https://money.udn.com/money/story/7307/4571471 國防部：國軍健檢指管系統資安　目前狀況正常 https://news.tvbs.com.tw/politics/1325744 【520就職】蔡英文提六大核心戰略產業　打造資安產業鏈 https://tw.appledaily.com/politics/20200520/GIPU2QVQIBEZ3FARQI4GZPT7JU/ 李廷盛視導資通電軍勉網路科技與時俱進 https://www.ydn.com.tw/News/383644 戰略學者：顧立雄接掌國安會有助美台合作 https://www.cna.com.tw/news/aipl/202005190250.aspx 沒情治背景就接國安會秘書長顧立雄「非傳統背景」剛好對付新型態戰爭 https://reurl.cc/vDEkAA 蔡總統推數位發展部駭客攻立院 https://udn.com/news/story/121092/4579106 台灣後疫情時代焦點為何？　經濟部長沈榮津：推動「資安產業」 https://www.fountmedia.io/article/58641 稱「總統府無人備詢」遭側翼圖文作家洗版高虹安提數據反譏：藍綠都找過總統府備詢 https://times.hinet.net/news/22910600 總統府遭駭》蘇嘉全等高官都缺席高虹安怒：就任第一天就不來 https://newtalk.tw/news/view/2020-05-21/409862 「第四軍」成立2年就爆弊案　資通電軍副分隊長涉貪遭聲押 https://tw.appledaily.com/local/20200521/HIWW4HLMWU635CO65NG46GYNTI/ 所屬單位遭廉政署搜索、官兵遭帶回　資通電軍：全力配合釐清案情 https://www.storm.mg/article/2663720 【總統點名六大核心戰略產業】以數位資訊、半導體為首，提前部署「科研人才」 https://buzzorange.com/techorange/2020/05/21/taiwan-semiconductor-2/ 總統府遭駭國安局坦言隔天才知道 https://www.chinatimes.com/realtimenews/20200520005816-260407?ctrack=mo_main_rtime_p01&chdtv 總統府資安事件國安局承認未能掌握 https://m.ltn.com.tw/news/politics/paper/1374437 政府資安陷無聲洩密危機 https://udn.com/news/story/7339/4581739 駭府案涉國安大官全沒來備詢 https://www.chinatimes.com/newspapers/20200522000495-260102?chdtv H.工控系統/SCADA/ICS 'Smart' Factories Could Face Unique Attacks: Report https://www.bankinfosecurity.com/smart-factories-could-face-unique-attacks-report-a-14280 Advantech WebAccess Node CVE-2020-10638 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10638 Advantech WebAccess Node CVE-2020-12022 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-12022 Advantech WebAccess Node CVE-2020-12006 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-12006 Advantech WebAccess Node CVE-2020-12002 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-12002 I.教育訓練 How to perform SSD Forensics | Part - I https://www.peerlyst.com/posts/how-to-perform-ssd-forensics-or-part-i-sudhendu CISSP Qualification Given Cert Status Equivalent to Master’s Degree Level https://www.infosecurity-magazine.com/news/cissp-equal-masters-degree/ Hacker101 - JavaScript for Hackers (Created by @STÖK) https://www.youtube.com/watch?v=FTeE3OrTNoA Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization Today https://bit.ly/36obJQY J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 IoT Security: How to Search for Vulnerable Connected Devices https://pentestmag.com/iot-security-how-to-search-for-vulnerable-connected-devices/ 6.近期資安活動及研討會【零壹解決方案日】IT無疆界企業營運不中斷 / 三大應用八場直播玩體驗 5/14 ~ 6/30 https://www.accupass.com/event/2004200112131299616148 ISO/IEC 27001:2013 資訊安全稽核師(主導稽核員)訓練課程 5/16 ~ 6/5 https://www.accupass.com/event/2002140726181428485387 RASP 應用程式的最後一道防護 5/22 http://reg.gss.com.tw/register/register.aspx?actid=707 交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23 https://hackercollege.nctu.edu.tw/?p=1156 大智雲集- 雲端安全管理機制(SmartCloud)與AI驅動威脅防護引擎 5/26 https://bit.ly/2VzDodV CompTIA Security+ 資訊安全認證課程 2020-05-26(二) 09:00 ~ 2020-06-27(六) 18:00 (GMT+8) https://www.accupass.com/event/2005080845006584660780 Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/ 交通大學駭客書院 - 進階網頁滲透測試 5/30 https://hackercollege.nctu.edu.tw/?p=1159 榮耀資戰 – 重裝上陣 5/30 https://zyxel-foundation.kktix.cc/events/cyberthrones2020 109年智能物聯網與資訊安全碩士學分班 5/30 ~ 8/8 https://www.accupass.com/event/2003160837472127685300 Java Spring安全程式開發實務班 6/2 ~ 6/3 https://www.iiiedu.org.tw/courses/msa466t2001/ 邊緣計算系統之大數據與深度學習應用 6/5 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index 物聯網資安認證制度推廣說明會（工業局主辦）6/5 https://www.accupass.com/event/2005051416518928110270 中山資安社-資安讀書會 6/6 https://nsysuisc.kktix.cc/events/readinggroup20200606 Excel對人資假勤及薪資管理分析報表實務班 6/9 https://www.accupass.com/event/2003310137088658330050 透過零信任防護策略因應數位轉型對企業雲應用與IoT安全挑戰 6/9 https://bit.ly/2VzDodV 交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20 https://hackercollege.nctu.edu.tw/?p=1161 CREST CPSA BootCamp 資安分析專家認證課程 6/15 ~ 6/19 https://www.ainetwork-training.com/product/crest-cpsa-bootcamp/ 惡意程式偵測、分析、防護實戰班(第3期) 6/16 http://service.tabf.org.tw/tw/user/409646/ ISACA® 國際資訊安全管理師 CISM 認證課程 6/16 ~ 6/19 https://www.accupass.com/event/2004140928122685616880 雲端資安防護研討會 6/18 https://www.accupass.com/event/2003230957111782855813 設計新興雲端安全防護架構: Container & Serverless Security安全藍圖 6/23 https://bit.ly/2VzDodV 交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27 https://hackercollege.nctu.edu.tw/?p=1164 CompTIA Security+ 國際網路資安認證班 7/4 ~ 7/12 https://www.iiiedu.org.tw/courses/msa293t2002/ 數據分析與機器學習案例實務(三)影像分類技術 7/20 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3897&from_course_list_url=course_index CYBERSEC 2020 臺灣資安大會 8/12 https://cyber.ithome.com.tw/ 認證系統安全從業人員 SSCP 輔導班 9/5 ~ 9/13 https://www.iiiedu.org.tw/courses/asq902t2001/ 邊緣計算系統之大數據與深度學習應用 9/11 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3895&from_course_list_url=course_index 數據分析與機器學習案例實務(四)應用實例 9/14 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3898&from_course_list_url=course_index