###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/2/10 ~ 2020/2/14 1.重大弱點漏洞/後門/Exploit/Zero Day OSSEC-HIDS服務器組件緩衝區溢出漏洞 https://github.com/ossec/ossec-hids/issues/1816 Gemalto Ezio Server訪問控制錯誤漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9158 安全人員發現以色列政府DNS服務器存在Open SSH安全漏洞 https://www.cnbeta.com/articles/soft/939923.htm 中興保全Dr.ID 門禁考勤系統存在安全漏洞 http://net.nthu.edu.tw/2009/mailing:announcement:20200212_01 全景Windows版ServiSign 安控元件存在安全漏洞 http://net.nthu.edu.tw/2009/mailing:announcement:20200212_02 Dell電腦內建管理軟體SupportAssist 爆權限升級漏洞 https://www.ithome.com.tw/news/135782 Oracle Financial Services Applications Banking Payments存在未明漏洞 https://www.oracle.com/security-alerts/cpujan2020.html Oracle Financial Services Applications FLEXCUBE Investor Servicing存在未明漏洞 https://www.oracle.com/security-alerts/cpujan2020.html IBM Security Directory Server漏洞 https://www.ibm.com/support/pages/node/1288660 IBM Security Secret Server漏洞 https://www.ibm.com/support/pages/node/1283212 IBM WebSphere Application Server 多個漏洞 https://www.ibm.com/support/pages/node/1488921 Google fixes no-user-interaction bug in Android's Bluetooth component https://zd.net/3732W5y Chrome to block intrusive video ads starting August 5, 2020 https://zd.net/39p1P1L Mozilla 產品多個漏洞 https://www.us-cert.gov/ncas/current-activity/2020/02/11/mozilla-releases-security-updates-multiple-products Firefox 73出爐了，改善網頁閱讀經驗，修補6個安全漏洞 https://www.ithome.com.tw/news/135797 抓包！俄調查：華為海思晶片有「後門」 錄影設備恐遭入侵 https://3c.ltn.com.tw/news/39447 Adobe Acrobat和Reader存在JavaScript權限繞過漏洞 https://helpx.adobe.com/security/products/acrobat/apsb19-18.html Vulnerability Spotlight: Information leak vulnerability in Adobe Acrobat Reader’s JavaScript function https://blog.talosintelligence.com/2020/02/vuln-spotlight-adobe-readerr-feb-2020-info-leak.html Vulnerability Spotlight: Remote code execution vulnerability in Apple Safari https://blog.talosintelligence.com/2020/02/vuln-spotlight-apple-safari-code-execution-feb-2020.html 關於思科CDP設備多個安全漏洞情況的通報 https://www.secrss.com/articles/17010 思科產品多個漏洞 https://tools.cisco.com/security/center/publicationListing.x Cisco 發布多種產品的安全更新，建議請管理者儘速評估更新 https://www.us-cert.gov/ncas/current-activity/2020/02/06/cisco-releases-security-updates-multiple-products GoPro GPMF-parser堆緩衝區溢出漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20088 微軟修補把Windows 7桌布變黑的臭蟲 https://www.ithome.com.tw/news/135741 Windows 7 無法正常關機，令使用者們摸不著頭腦 http://bit.ly/37gvd8A Windows 7 bug prevents users from shutting down or rebooting computers https://www.zdnet.com/article/windows-7-bug-prevents-users-from-shutting-down-or-rebooting-computers/#ftag=RSSbaffb68 Microsoft's February 2020 Patch Tuesday fixes 99 security bugs https://www.zdnet.com/article/microsofts-february-2020-patch-tuesday-fixes-99-security-bugs/#ftag=RSSbaffb68 Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel https://blog.talosintelligence.com/2020/02/vuln-spotlight-Excel-code-execution-feb-2020.html Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage https://blog.talosintelligence.com/2020/02/microsoft-patch-tuesday-feb-2020.html Vulnerability Spotlight: Use-after-free vulnerability in Windows 10 win32kbase https://blog.talosintelligence.com/2020/02/vuln-spotlight-Windows-10-use-after-free-feb-2020.html Vulnerability Spotlight: Code execution vulnerability in Microsoft Media Foundation https://blog.talosintelligence.com/2020/02/vuln-spotlight-code-media-foundation-feb-2020.html Vulnerability Spotlight: Accusoft ImageGear library code execution vulnerabilities https://blog.talosintelligence.com/2020/02/accusoft-imagegear-code-execution-feb-2020.html CVE-2020-3933-3935 https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac Jenkins servers can be abused for DDoS attacks https://www.zdnet.com/article/jenkins-servers-can-be-abused-for-ddos-attacks/#ftag=RSSbaffb68 CVE-2019-18634：Sudo Linux 提權漏洞 https://www.chainnews.com/zh-hant/articles/169903634253.htm Ruby: Source code disclosed via S3 Bucket https://vulners.com/hackerone/H1:778931?utm_source=rss&utm_medium=rss&utm_campaign=rss February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities https://newsroom.trendmicro.com/blog/security-intelligence/february-patch-tuesday-fixes-critical-lnk-rdp-trident-vulnerabilities-0 Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent https://www.zdnet.com/article/critical-vulnerability-patched-in-gdpr-cookie-consent-wordpress-plugin/#ftag=RSSbaffb68 2.銀行/金融/保險/證券/支付系統/ 新聞及資安 跟熊大當同事！LINE、LINE Bank與LINE Pay 研發工程團隊首度聯合徵才 https://www.computerdiy.com.tw/20200211_line/ 衝刺開業！LINE Bank釋出近20種職缺 與LINE、LINE Pay聯合徵才 https://ec.ltn.com.tw/article/breakingnews/3064777 建立證券商資通安全檢查機制 http://www.selaw.com.tw/LawArticle.aspx?LawID=G0100479 Biggest single card database ever on sale on dark net marketplace https://www.group-ib.com/media/biggest-card-database-ever/ Joker Got Taste for India: Group-IB Detects Half a Million Indian Banks’ Cards on Darknet Cardshop https://www.group-ib.com/media/india-banks-cards/ Magecart Gang Attacks Olympic Ticket Reseller and Survival Food Sites https://threatpost.com/olympic-ticket-survival-sites-hit-by-cyberattack/152648/ 우리은행의 고객정보 무단사용, 고객 대상 '범죄 행위' http://www.cctvnews.co.kr/news/articleView.html?idxno=160196 South Korean Woori Bank is accused of unauthorized use of customer data https://securityaffairs.co/wordpress/97633/cyber-crime/woori-bank-unauthorized-use-customer-data.html Three Ukrainian Citizens stole 2.7 Million BAM from ATMs in only 53 Hours in Bosnia-Herzegovina https://www.sarajevotimes.com/three-ukrainian-citizens-stole-2-7-million-bam-from-atms-in-only-53-hours/ More victims come forward saying money went missing after using Wells Fargo ATM in Alexandria https://www.fox5dc.com/news/more-victims-come-forward-saying-money-went-missing-after-using-wells-fargo-atm-in-alexandria New research report offers detailed research on developments in ATM (Automated Teller Machine) Market http://bit.ly/38nYRKH Magecart Group 12’s Latest: Actors Behind Attacks on Olympics Ticket Re-sellers Deftly Swapped Domains to Continue Campaign https://www.riskiq.com/blog/labs/magecart-group-12-olympics/ 3.電子支付/電子票證/行動支付/ pay/新聞及資安 都是手機付錢？行動支付、電子支付、第三方支付其實不一樣 https://dailyview.tw/popular/detail/7474 電子支付人口近700萬　三大業務街口皆稱王 https://www.cardu.com.tw/news/detail.php?40024 4.虛擬貨幣/區塊鍊相關新聞及資安 加密貨幣產業進駐德國！40家銀行已申請加密貨幣託管服務牌照 https://news.knowing.asia/news/4a8ecead-40f8-4e42-b247-ad1d482c7e24 Altsbit plans exit after hack leaves cryptocurrency exchange out of pocket https://zd.net/38gYPEe Ohio man arrested for running Bitcoin mixing service that laundered $300 million https://www.zdnet.com/article/ohio-man-arrested-for-running-bitcoin-mixing-service-that-laundered-300-million/#ftag=RSSbaffb68 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式 太歲頭上動土！美國防部伺服器被植入挖礦殭屍網路 https://www.ithome.com.tw/news/135701 最新的網路釣魚詐騙正在傳播Emotet惡意程式 https://zd.net/2SnhlUO 黑客利用Windows驅動程序漏洞關閉防病毒軟件 https://www.cnbeta.com/articles/tech/940859.htm 勒索軟體利用有漏洞的技嘉驅動程式關閉電腦防毒軟體 https://www.ithome.com.tw/news/135761 具備勒索軟體及鍵盤側錄的金融木馬Anubis，鎖定逾250款Android程式展開攻擊 https://www.ithome.com.tw/news/135723 APT 駭侵組織假冒知名媒體記者名義，對重要人士發動釣魚攻擊 https://www.twcert.org.tw/tw/cp-104-3312-92003-1.html 勒索病毒去年逾20萬件 贖金月均19萬元 http://bit.ly/2UIZwlK 五年前的外遇網站資料外洩受害者,竟成最新勒索行動目標 https://blog.trendmicro.com.tw/?p=63360 Android 用戶注意！Google Play 悄藏惡意 App、可偷加載 3,000 種病毒 https://3c.ltn.com.tw/news/39490 小心別隨意點開！「超強 Android 木馬病毒」藏身銀行、網拍電子收據 https://3c.ltn.com.tw/news/39489 趨勢科技提出示警 新型病毒「Xloader.A」將讓手機暴露於更多惡意威脅風險之中 https://gnn.gamer.com.tw/detail.php?sn=192687 到貨簡訊暗藏手機病毒 誤點小心收到爆量簡訊費帳單 https://www.chinatimes.com/realtimenews/20200213003839-260412?chdtv 手機網購查詢簡訊別亂點！小心成為病毒訊息超級傳播者 https://cnews.com.tw/124200213a06/ 報告：Mac網路威脅首度超過Windows平台 https://ithome.com.tw/news/135804 駭侵者利用武漢肺炎病毒為主題，針對和運輸有關的各行業發動攻擊 https://www.twcert.org.tw/tw/cp-104-3320-a6ca6-1.html 金融木馬Emotet新增利用Wi-Fi 散布的能力 https://ithome.com.tw/news/135769 Emotet Evolves With New Wi-Fi Spreader https://www.binarydefense.com/emotet-evolves-with-new-wi-fi-spreader/ China Alleges India for Cyber-attacks Amid the Coronavirus Outbreak. Demands International Cooperation https://www.ehackingnews.com/2020/02/china-alleges-india-for-cyber-attacks.html Bug hunter finds cryptocurrency-mining botnet on DOD network https://zd.net/37cMboJ Banks being targeted with major malware campaign https://www.techradar.com/news/banks-being-targeted-with-major-malware-campaign Emotet attacks— a spike to start the year... https://www.menlosecurity.com/blog/emotet-attacks-a-spike-to-start-the-year Loda RAT Grows Up https://blog.talosintelligence.com/2020/02/loda-rat-grows-up.html Linux Kernel Module Rootkit — Syscall Table Hijacking https://medium.com/bugbountywriteup/linux-kernel-module-rootkit-syscall-table-hijacking-8f1bc0bd099c This crafty malware makes you retype your passwords so it can steal them https://zd.net/39gzgmU Another Metamorfo Variant Targeting Customers of Financial Institutions in More Countries http://bit.ly/2ScdJWR THE HOLE IN THE BUCKET: ATTACKERS ABUSE BITBUCKET TO DELIVER AN ARSENAL OF MALWARE http://bit.ly/2H40ZLp Emotet Hacks Nearby Wi-Fi Networks to Spread to New Victims http://bit.ly/2UDge66 Emotet Evolves With New Wi-Fi Spreader https://www.binarydefense.com/emotet-evolves-with-new-wi-fi-spreader/ Emotet trojan evolves to spread via WiFi connections https://www.zdnet.com/article/emotet-trojan-evolves-to-spread-via-a-wifi-connection/ UK government rolls out red carpet for infamous spyware vendor https://www.zdnet.com/article/uk-government-rolls-out-the-red-carpet-for-infamous-spyware-vendor/#ftag=RSSbaffb68 Financial Firms Targeted With New Type of Backdoor: Report https://www.bankinfosecurity.com/financial-firms-targeted-new-type-backdoor-report-a-13699 Australian Delivery Firm Confirms Ransomware Attack https://www.bankinfosecurity.com/australian-delivery-firm-confirms-ransomware-attack-a-13688 New Ransomware Targets Industrial Controls: Report https://www.bankinfosecurity.com/new-ransomware-targets-industrial-controls-report-a-13687 Big Game Hunting with Ryuk: Another Lucrative Targeted Ransomware https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/ KBOT: sometimes they come back https://securelist.com/kbot-sometimes-they-come-back/96157/ KBOT virus takes out system files with no hope of recovery https://www.zdnet.com/article/kbot-virus-takes-out-system-files-with-no-hope-of-recovery/#ftag=RSSbaffb68 Outlaw hacking group kills existing cryptocurrency miners in enterprise server attacks https://www.zdnet.com/article/outlaw-now-kills-off-existing-cryptocurrency-miners-in-enterprise-server-attacks/#ftag=RSSbaffb68 Florida county election office hit by ransomware before 2016 presidential election https://www.zdnet.com/article/florida-county-election-office-hit-by-ransomware-before-2016-presidential-election/#ftag=RSSbaffb68 CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil https://securityintelligence.com/posts/camubot-resurfaces-with-cross-channel-targeted-attacks-in-brazil/ Google removes 500+ malicious Chrome extensions from the Web Store https://www.zdnet.com/article/google-removes-500-malicious-chrome-extensions-from-the-web-store/#ftag=RSSbaffb68 Loda Trojan revitalized with stealthy upgrade, new exploits https://www.zdnet.com/article/loda-trojan-leaves-infancy-with-revamped-obfuscation-exploits/#ftag=RSSbaffb68 Rutter's store chain discloses security breach involving POS malware https://www.zdnet.com/article/rutters-store-chain-discloses-security-breach-involving-pos-malware/#ftag=RSSbaffb68 Ransomware Hit a Florida Voting System in 2016 https://www.bankinfosecurity.com/ransomware-hit-florida-voting-system-in-2016-a-13721 US Has Evidence of Huawei Backdoor: Report https://www.bankinfosecurity.com/us-has-evidence-huawei-backdoor-report-a-13718 B.行動安全 / iPhone / Android /穿戴裝置 /App Android 裝置驚爆 BlueFrag 安全漏洞，駭客可在藍牙上執行任意程式碼 https://technews.tw/2020/02/10/bluefrag-security-vulnerability-allows-code-execution-over-bluetooth-on-some-android-devices/ 趕緊升Android10 黑客攻克舊版安卓的藍牙系統 https://kknews.cc/tech/okbx5go.html 印度政府嚴控社群媒體！下令業者提供用戶身份、追蹤貼文　遭WhatsApp拒絕　 https://www.ettoday.net/news/20200213/1644622.htm 法國不排除華為 但歐洲廠商優先、將保護主權相關設施 https://ec.ltn.com.tw/article/breakingnews/3067301 Critical Bluetooth bug leaves Android users open to attack https://www.welivesecurity.com/2020/02/07/google-critical-android-bluetooth-flaw-attack/ Google fixes no-user-interaction bug in Android's Bluetooth component https://www.zdnet.com/article/google-fixes-no-user-interaction-bug-in-androids-bluetooth-component/#ftag=RSSbaffb68 How much electricity do all your smartphone chargers waste when not in use https://www.zdnet.com/article/how-much-electricity-do-all-your-smartphone-chargers-waste-when-not-in-use/#ftag=RSSbaffb68 ANDROID SECURITY BULLETIN DECEMBER 2019: CRITICAL FLAWS WITHIN ANDROID OS LEADS TO PERMANENT DENIAL OF SERVICE https://blog.eccouncil.org/android-security-bulletin-december-2019-critical-flaws-within-android-os-leads-to-permanent-denial-of-service/ Play Protect blocked 1.9B malware installs from non-Google sources last year https://www.zdnet.com/article/play-protect-blocked-1-9b-malware-installs-from-non-google-sources-last-year/#ftag=RSSbaffb68 MIT researchers disclose vulnerabilities in Voatz mobile voting election app https://www.zdnet.com/article/mit-researchers-disclose-vulnerabilities-in-voatz-mobile-voting-election-app/#ftag=RSSbaffb68 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 暗網潛航——黑客術概覽（五）──詭言浮說 http://bit.ly/2OPez9X 你下載的瀏覽器擴充功能安全嗎 https://blog.trendmicro.com.tw/?p=63314 門羅幣駭客組織《Outlaw》回歸，將以歐美企業為攻擊目標 http://bit.ly/39tJ0dH CNCERT：境外黑客組織聲稱將對我國發起網路攻擊 https://news.sina.com.tw/article/20200212/34206992.html 國家網際網路應急中心：近期境外黑客組織擬攻擊我國視頻監控系統 https://kknews.cc/tech/y59ggrg.html Facebook Messenger 及 IG 的 Twitter 頁面遭 OurMine 劫持 https://technews.tw/2020/02/10/social-networking-websites-twitter-page-was-compromised/ 以色列資安研究：駭客能使用光通道，從螢幕的亮度變化竊取使用者資料 https://buzzorange.com/techorange/2020/02/10/hacker-get-data-from-screen/ 企業上雲漏洞連連　驚現近20萬個不安全雲端範本 http://bit.ly/38hhBvd 科技防疫》駭客、工程師鍵盤救國！ 實名系統72小時上線幕後 https://money.udn.com/money/story/5658/4342245 鍵盤救國是真的！看這群工程師，如何3天讓大家用健保卡記名買口罩 https://www.businessweekly.com.tw/focus/blog/3001698 糗！駭客入侵臉書的推特帳號 稱推特比較好駭 https://money.udn.com/money/story/10511/4330154 Wacom繪圖板會跟踪你打開的每一個應用程序 https://www.zdnet.com/article/wacom-drawing-tablets-track-every-app-you-open/ 強化網路威脅情資共享 美DNI擬擴大民間參與 https://www.ydn.com.tw/News/372136 歐洲名校遭駭客勒索付了30個比特幣贖金 https://finance.sina.com.cn/stock/usstock/c/2020-02-06/doc-iimxyqvz0632688.shtml 不再躊躇，日本政府決定大力擁抱雲端，今年秋天開始將政府重要共用系統搬上雲 https://www.ithome.com.tw/news/135794 美國國安部買手機個資「抓」無證移民…鎖定數百萬人位置 http://bit.ly/2OLmeGb 美德間諜秘密曝光：多國通訊加密裝置疑一直被設「後門」 https://www.bbc.com/zhongwen/trad/world-51471429 科技先進增隱憂 美首將獨立駭客列間諜威脅 https://tw.appledaily.com/international/20200212/Y2SHNAKHJNCUY5CWYOHZM2CAD4/ 美國路易斯安那州州長敦促官員做好網路攻擊的準備 https://www.securityweek.com/louisiana-governor-urges-officials-ready-cyberattacks 美司法部起訴4名解放軍駭客 眾議員：中國須以國家層級負責 https://news.ltn.com.tw/news/world/breakingnews/3066386 從 Windows 10 搬到 Linux！韓國政府正測試作業系統轉移 https://www.inside.com.tw/article/18877-south-koreas-government-explores-move-from-windows-to-linux-desktop 中共經濟間諜多樣化 FBI籲全面防堵 http://bit.ly/2S8qpOk 美國國防部推出網路安全新規範 CMMC，請廠商務必遵守 http://bit.ly/2HfLCjn 美司法部長籲取得諾基亞、愛立信控制股權 防中獨霸5G https://money.udn.com/money/story/12926/4328181 罪證確鑿？美國安顧問稱：華為「走後門」長達10年 https://cnews.com.tw/137200212a05/ 美國司法部起訴四名解放軍駭客 近1.5億美公民個資遭竊 http://bit.ly/2vqWSGH 4解放軍駭客遭美起訴 起底神秘「第54研究所」 https://newtalk.tw/news/view/2020-02-13/366178 共軍駭客竊美個資 掌握把柄藉機滲透 https://news.pchome.com.tw/internation/cna/20200211/index-15814066222997918011.html Equifax個資外洩案　美起訴4解放軍「駭客」 https://tw.news.appledaily.com/international/20200211/WT4WO5ZS33GTK6OPR5IH2WXMFQ/ 駭入信評公司資料庫 美國起訴中國4軍人 https://www.cna.com.tw/news/aopl/202002110004.aspx 網攻來襲！美國FBI警告：中國駭客密謀奪取EV技術 https://times.hinet.net/news/22777794 白宮國安顧問：中共惡意行動未因疫情而減緩 http://bit.ly/2SkXF56 印度黑客事件曝光後紅客聯盟發布5個字視頻，網友：紅客要出手了 https://kknews.cc/tech/nanqyjg.html 趁火打劫？這個時候，印度APT組織竟然對我國醫療機構發起定向攻擊 https://kknews.cc/tech/azko85j.html Was Internet in Iran Hit by DDoS Attack https://www.bankinfosecurity.com/was-internet-in-iran-hit-by-ddos-attack-a-13706 FBI is investigating more than 1,000 cases of Chinese theft of US technology https://www.zdnet.com/article/fbi-is-investigating-more-than-1000-cases-of-chinese-theft-of-us-technology/#ftag=RSSbaffb68 FBI warns about ongoing attacks against software supply chain companies https://www.zdnet.com/article/fbi-warns-about-ongoing-attacks-against-software-supply-chain-companies/#ftag=RSSbaffb68 Charming Kitten Uses Fake Interview Requests to Target Public Figures https://threatpost.com/charming-kitten-uses-fake-interview-requests-to-target-public-figures/152628/ Malaysia warns of Chinese hacking campaign targeting government projects https://www.zdnet.com/article/malaysia-warns-of-chinese-hacking-campaign-targeting-government-projects/#ftag=RSSbaffb68 MA-770.022020: MyCERT Advisory - Espionage campaign targeting Malaysia government officials https://www.mycert.org.my/portal/advisory?id=MA-770.022020 Misconfigured Docker Registries Expose Orgs to Critical Risks http://bit.ly/2SuARik DoD to Require Cybersecurity Certification From Defense Contractors http://bit.ly/2UzVzQl Powerful Cyber Attack Takes Down 25% Of Iranian Internet https://www.forbes.com/sites/daveywinder/2020/02/09/powerful-iran-cyber-attack-takes-down-25-of-national-internet/#1331a94b20dc FBI Reportedly Says DDoS Attack Targeted Voter Registration https://www.bankinfosecurity.com/fbi-reportedly-says-ddos-attack-targeted-voter-registration-a-13691 US Federal Court judge grants AWS request to temporarily block JEDI contract work https://www.zdnet.com/article/u-s-federal-court-judge-grants-aws-request-to-temporarily-block-jedi-contract-work/#ftag=RSSbaffb68 NECにサイバー攻撃　防衛装備品の情報流出か https://www.nikkei.com/article/DGXMZO55070860Q0A130C2CC1000/ ばらまき型攻撃メール（表題が顔文字）に関する注意喚起 https://www.cc.uec.ac.jp/blogs/news/2020/02/20200208malwarekaomoji.html NEC、三菱電機も被害、中国ハッカー集団の全容 https://business.nikkei.com/atcl/gen/19/00002/020701079/?P=1 China's Hacking Spree Will Have a Decades-Long Fallout https://www.wired.com/story/china-equifax-anthem-marriott-opm-hacks-data/ South Korea's government explores move from Windows to Linux desktop https://www.zdnet.com/article/south-koreas-government-explores-move-from-windows-to-linux-desktop/#ftag=RSSbaffb68 Labor roasted over inconsistent stand on Australia's encryption laws https://www.zdnet.com/article/labor-roasted-over-inconsistent-stand-on-australias-encryption-laws/#ftag=RSSbaffb68 US District Court rejects lawsuit trying to block T-Mobile-Sprint merger https://www.zdnet.com/article/us-district-court-rejects-lawsuit-trying-to-block-t-mobile-sprint-merger/#ftag=RSSbaffb68 Enterprise companies struggle to control security certificates, cryptographic keys https://www.zdnet.com/article/enterprise-companies-struggle-to-control-digital-certificates-public-key-infrastructure/#ftag=RSSbaffb68 Brazil launches cybersecurity strategy https://www.zdnet.com/article/brazil-launches-cybersecurity-strategy/#ftag=RSSbaffb68 As support ends, Windows 7 users head for the exits https://www.zdnet.com/article/as-support-ends-windows-7-users-head-for-the-exits/#ftag=RSSbaffb68 CIA Secretly Owned Swiss Encryption Firm for Years: Reports https://www.bankinfosecurity.com/cia-secretly-owned-swiss-encryption-firm-for-years-reports-a-13713 States Press for Federal Resources to Fight Cyberthreats https://www.bankinfosecurity.com/states-press-for-federal-resources-to-fight-cyberthreats-a-13714 US Counterintelligence Outlines 5 Key Priorities https://www.bankinfosecurity.com/us-counterintelligence-outlines-5-key-priorities-a-13711 Crypto AG Unmasked: CIA Spied on Governments For Decades https://www.infosecurity-magazine.com/news/crypto-ag-unmasked-cia-spied/ Gaza group strikes targets in Palestinian territories in new cyberattack wave https://www.zdnet.com/article/gaza-group-strikes-targets-in-palestinian-territories-in-new-cyberattack-wave/#ftag=RSSbaffb68 10代のサイバー犯罪者を逮捕し続けた鬼の捜査官 https://business.nikkei.com/atcl/gen/19/00087/021000023/ Gaza group strikes targets in Palestinian territories in new cyberattack wave https://www.ithome.com.tw/news/135797 臺北捷運109年新進人員甄試簡章 https://ssl.metro.taipei/workerdataV2/ [台北] 台大資安中心計畫專任助理 https://pttcareer.com/job/M.1581474818.A.9C4.html 【資訊工程類】網路管理/電腦系統工程師 (楊梅新區) https://www.104.com.tw/job/6v74z 【資安所】技術合作組-策略行銷專案經理 https://www.104.com.tw/job/6vc2h D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞 熱戀情人經常為自己挖的四個資安漏洞 https://blog.trendmicro.com.tw/?p=63401 當你個資外洩時會發生什麼事？(上) https://blog.trendmicro.com.tw/?p=63237 防止資料外洩的 5 大基本對策(下) https://blog.trendmicro.com.tw/?p=63243 武漢肺炎疫情期間，要警惕這些電信網路詐騙新手法 https://mp.weixin.qq.com/s/9SBgeAw1TqOqi1x5vd0MnA 資安漏洞導致用戶個資外洩　Twitter拒透露受害人數 https://newtalk.tw/news/view/2020-02-07/363565 荷蘭法院裁定福利監督系統侵犯了人們的隱私權利 https://zd.net/3bdgcrs 一家巴西公司公開了成千上萬名球迷的個人資料 https://www.zdnet.com/article/brazilian-firm-exposes-personal-details-of-thousands-of-soccer-fans/ 以色列選舉應用程式現漏洞　洩漏逾600萬選民數據 http://bit.ly/37kiMZr 留言、分享送1盒口罩 警方：詐騙集團騙取個資千萬別信 https://money.udn.com/money/story/12524/4333431 2000箱口罩當幌子　假贈送真騙個資 https://www.chinatimes.com/realtimenews/20200210004565-260402?chdtv 駭客偽裝成 WHO 以電郵騙取個資 https://technews.tw/2020/02/13/hacker-pretend-who-send-email/ WHO防疫信是假的？駭客冒名發釣魚郵件騙個資 專家：連結別亂點 https://cnews.com.tw/137200213a03/ 丹麥報稅網站軟體出錯，外洩1/5全國納稅人個資 https://www.ithome.com.tw/news/135758 9歲男童被冒名開卡 醫療保險機構個資遭駭 http://bit.ly/2UScpKq Happy New Fear! Gift-wrapped spam and phishing https://securelist.com/new-year-phishing-spam/96124/ Cops are getting full URLs under Australia's data retention scheme https://www.zdnet.com/article/cops-are-getting-full-urls-under-australias-data-retention-scheme/#ftag=RSSbaffb68 Netanyahu's party exposes data on over 6.4 million Israelis https://www.zdnet.com/article/netanyahus-party-exposes-data-on-over-6-4-million-israelis/#ftag=RSSbaffb68 Fraudsters Pose as Journalist in Phishing Campaign: Report https://www.bankinfosecurity.com/fraudsters-pose-as-journalist-in-phishing-campaign-report-a-13694 Ireland's Privacy Watchdog Probing Google's Data Use https://www.bankinfosecurity.com/irelands-privacy-watchdog-probing-googles-data-use-a-13689 LifeLabs data breach may impact almost everyone in B.C. https://www.castanet.net/news/BC/276055/LifeLabs-data-breach-may-impact-almost-everyone-in-B-C Software error exposes the ID numbers for 1.26 million Danish citizens https://www.zdnet.com/article/software-error-exposes-the-id-numbers-for-1-26-million-danish-citizens/#ftag=RSSbaffb68 Is Digital Transformation Leaving your Company Exposed https://info.keyfactor.com/the-impact-of-unsecured-digital-identities-2020-report-critical-trust-index FBI: BEC scams accounted for half of the cyber-crime losses in 2019 https://www.zdnet.com/article/fbi-bec-scams-accounted-for-half-of-the-cyber-crime-losses-in-2019/#ftag=RSSbaffb68 More Phishing Campaigns Tied to Coronavirus Fears https://www.bankinfosecurity.com/more-phishing-campaigns-tied-to-coronavirus-fears-a-13709 Coronavirus “safety measures” email is a phishing scam https://nakedsecurity.sophos.com/2020/02/05/coronavirus-safety-measures-email-is-a-phishing-scam/ Amex, Chase Fraud Protection Emails Used as Clever Phishing Lure https://www.bleepingcomputer.com/news/security/amex-chase-fraud-protection-emails-used-as-clever-phishing-lure/ How to Manage Your Privacy On and Off Facebook https://blog.trendmicro.com/how-to-manage-your-privacy-on-and-off-facebook/ E.研究報告 一站式機器學習平台建設實踐 https://mp.weixin.qq.com/s/ZDRD0vAxkSqe4UeXi9avKQ 用 Jasmine 撰寫一個 JavaScript 的單元測試 https://dotblogs.com.tw/supershowwei/2020/02/10/143236 某攝像頭產品漏洞分析及解決方案 https://paper.seebug.org/1118/ CVE-2020-0609/0610 漏洞分析 https://www.chainnews.com/zh-hant/articles/622906871598.htm 深入了解Microsoft RTF格式和OLE漏洞 https://www.4hou.com/posts/kOvv 如何將XSS漏洞從中危提升到嚴重 https://cloud.tencent.com/developer/article/1580721 CVE-2020-0646：SharePoint 遠程代碼執行漏洞分析 https://www.chainnews.com/zh-hant/articles/947386377018.htm 海思0 day漏洞分析 https://www.4hou.com/posts/pXAy 跨站攻擊與文件上傳漏洞 https://www.colabug.com/2020/0212/6983033/ SonicWall SRA及SMA多個漏洞分析 https://www.anquanke.com/post/id/198663 Gaining Root From a Buffer Overflow Vulnerability https://linuxsecurityblog.com/2019/12/09/gaining-root-from-a-buffer-overflow-vulnerability/ CVE-2019-12415: XML processing vulnerability in Apache POI https://pentestmag.com/cve-2019-12415-xml-processing-vulnerability-in-apache-poi/ Getting Started with Chrome Ext Security (Extra)-Zoomeye Tools http://bit.ly/2OBDnC4 Privilege Escalation Enumeration Script for Windows https://github.com/itm4n/PrivescCheck Forging SWIFT MT Payment Messages for fun and pr... research! https://labs.f-secure.com/blog/forging-swift-mt-payment-messages Raven - Linkedin Information Gathering Tool for Pentesters https://hakin9.org/raven-linkedin-information-gathering-tool-for-pentesters/ Subdomain enumeration and information gathering tool https://github.com/jonluca/Anubis Awesome Penetration Testing https://github.com/wtsxDev/Penetration-Testing LFI and RFI —- The Website Security Vulnerabilities https://hackersonlineclub.com/lfi-rfi/ A backdoor with a multitude of features. https://github.com/AIOOSCP/BetterBackdoor Subrake - A powerful Subdomain Scanner & Validator for Reconnaissance https://hakin9.org/subrake-a-powerful-subdomain-scanner-validator-for-reconnaissance/ Create a Backdoor Shell Script in Python https://linuxsecurityblog.com/2019/09/28/create-a-backdoor-shell-script-in-python/ Break into Router Gateways with Patator https://null-byte.wonderhowto.com/how-to/break-into-router-gateways-with-patator-0194600/ GDA- Android Reverse Engineering Suite https://hackersonlineclub.com/gda-android-reverse-engineering-suite/ Massdns : A High-Performance DNS Stub Resolver For Bulk Lookups & Reconnaissance http://bit.ly/39mBUYy Getting Started with Chrome Ext Security (Extra)-Zoomeye Tools http://bit.ly/2OBDnC4 Blockchain — hacking smart contract with Ethernaut CTF (Part 1) http://bit.ly/2ujbnwl Artificial Intelligence Comes to Cyber Warfare https://medium.com/swlh/spy-vs-spy-cyber-warfare-gets-automated-aba60ece738c Useful OSCP Links https://gist.github.com/natesubra/5117959c660296e12d3ac5df491da395 Android: How to Bypass Root Check and Certificate Pinning http://bit.ly/39eTCwI Intrusion alert: System uses machine learning, curiosity-driven ‘honeypots’ to stop cyber attackers http://bit.ly/2vjivJi Simple Remote Code Execution Vulnerability Examples for Beginners https://medium.com/@ozguralp/simple-remote-code-execution-vulnerability-examples-for-beginners-985867878311 Find Vulnerable Devices On The Internet With Shodan https://linuxsecurityblog.com/2019/09/09/find-vulnerable-devices-on-the-internet-with-shodan/ TheFatRat https://github.com/Screetsec/TheFatRat BlueTeamLabs/sentinel-attack https://github.com/BlueTeamLabs/sentinel-attack Carving file control blocks from memory dumps https://dfir.ru/2020/02/09/carving-file-control-blocks-from-memory-dumps/ Legion - open source network penetration testing tool https://hakin9.org/legion-open-source-network-penetration-testing-tool/ The Internals of AppLocker - Part 1 - Overview and Setup https://www.tiraniddo.dev/2019/11/the-internals-of-applocker-part-1.html The Internals of AppLocker - Part 2 - Blocking Process Creation https://www.tiraniddo.dev/2019/11/the-internals-of-applocker-part-2.html?m=1 The Internals of AppLocker - Part 3 - Access Tokens and Access Checking https://www.tiraniddo.dev/2019/11/the-internals-of-applocker-part-3.html?m=1 The Internals of AppLocker - Part 4 - Blocking DLL Loading https://www.tiraniddo.dev/2019/11/the-internals-of-applocker-part-4.html?m=1 31-days-of-API-Security-Tips https://github.com/smodnix/31-days-of-API-Security-Tips Zero to OSCP Hero - PWK Course - Week 1 https://www.pathtoroot.net/l/zero-to-oscp-hero-pwk-course-week-1/ The Top 137 Osint Open Source Projects https://awesomeopensource.com/projects/osint OSINT Framework https://osintframework.com/ awesome-osint https://github.com/jivoi/awesome-osint awesome-osint https://github.com/jaikishantulswani/awesome-osint awesome-osint https://devhub.io/repos/jivoi-awesome-osint TII Online Research Cheat Sheets https://www.toddington.com/resources/cheat-sheets/ OSINT Quick Guide: Running a Domain Scan in Lampyre https://medium.com/@raebaker/osint-quick-guide-running-a-domain-scan-in-lampyre-7dfacc4404fe TOP 20 Open-Source Intelligence (OSINT) tools you should know in 2020 https://www.peerlyst.com/posts/top-20-open-source-intelligence-osint-tools-you-should-know-in-2020-chiheb-chebbi NICTER 観測レポート 2019 https://www.nict.go.jp/cyber/report/NICTER_report_2019.pdf Malware-Analysis https://github.com/ashubits/Malware-Analysis Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript https://isc.sans.edu/diary/Sandbox+Detection+Tricks+%26+Nice+Obfuscation+in+a+Single+VBScript+/25780 2019 Internet Crime Report https://pdf.ic3.gov/2019_IC3Report.pdf DDoS attacks in Q4 2019 https://securelist.com/ddos-report-q4-2019/96154/ Needle- IOS Application Security Testing Framework https://hackersonlineclub.com/needle-ios-application-security-testing-framework/ An In-Depth Technical Analysis of CurveBall (CVE-2020-0601) https://blog.trendmicro.com/trendlabs-security-intelligence/an-in-depth-technical-analysis-of-curveball-cve-2020-0601/ F.商業 臉書Google傳放棄香港 海底電纜計畫改連台灣菲律賓 https://www.cna.com.tw/news/firstnews/202002080184.aspx 調查：去年36％原Oracle JDK開發者改用OpenJDK https://ithome.com.tw/news/135732 無關地點 Citrix幫助企業建置辦公連續性 https://www.chinatimes.com/realtimenews/20200210002043-260410?chdtv SEMI鎖定六大領域，要用半導體關鍵技術實現AI和5G應用 https://www.ithome.com.tw/news/135790 雲端、IoT受疫 資通訊營收添動能 https://www.chinatimes.com/newspapers/20200214000235-260202?chdtv Microsoft backtracks on 'Bing-jacking' Chrome with its Microsoft Search extension https://www.zdnet.com/article/microsoft-backtracks-on-bing-jacking-chrome-with-its-microsoft-search-extension/#ftag=RSSbaffb68 G.政府 國防部將招募240名後備戰士 http://bit.ly/2SaAhHs 數位身分證即將上路，我們準備好改變了嗎 https://www.bnext.com.tw/article/56498/eid-taiwan 北市體育局狂PO歐美謎片？臉書粉專畫面流出嚇壞民眾：扯 https://www.nownews.com/news/20200208/3924230/ 「台北運動吧」被盜！A片連發讓體育局怒了　正式反擊 https://www.ettoday.net/news/20200208/1640778.htm?redirect=1 大量色情影片引發網友圍觀！北市體育局臉書疑遭駭 https://udn.com/news/story/7323/4329994 臉書帳號遭盜，狂噴色情連結影片病毒災情再起！自保3招這樣做 https://3c.ltn.com.tw/news/39457 出席國際智慧城市論壇 小英：將投入資安基礎建設 http://bit.ly/2voul4A H.工控系統/SCADA/ICS IEC62443為自動化及控制系統重要安全指標 https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000577900_4jllv8kjl147451dwyaer Siemens產品曝多個拒絕服務漏洞，均已修復 https://www.freebuf.com/column/227142.html Open source takes on managing and securing the electrical grid https://www.zdnet.com/article/open-source-takes-on-managing-and-securing-the-electrical-grid/#ftag=RSSbaffb68 Automaton takes center stage in enterprise cyberattacks https://www.zdnet.com/article/automaton-takes-center-stage-in-enterprise-cyberattacks/#ftag=RSSbaffb68 I.教育訓練 Node.js常見突破學習與總結 https://xz.aliyun.com/t/7184 全球駭客事件頻傳 組織落實標準管理法為資安最佳防護策略 https://ithome.com.tw/pr/135751 Windows Red Team Cheat Sheet https://morph3sec.com/ JavaScript: What are Stack and Queue https://medium.com/javascript-in-plain-english/javascript-what-are-stack-and-queue-79df7af5a566 Knocking the door to Server-side Template Injection. Part 1 https://pentestmag.com/knocking-the-door-to-server-side-template-injection-part-1/ CARDING TUTORIAL https://hackonology.com/blogs/carding-tutorial/ DOM clobbering https://portswigger.net/web-security/dom-based/dom-clobbering DOM Clobbering strikes back https://portswigger.net/research/dom-clobbering-strikes-back 10 Cybersecurity Books Every Business Owner Should Read http://bit.ly/31EJV8d SSRF (Server Side Request Forgery) http://bit.ly/2Scfjbf Remote Exploitation 101-Root The Box https://medium.com/@jawadsaqib6/remote-exploitation-101-root-the-box-d63bc659b385 Hack The Boxを楽しむためのKali Linuxチューニング https://qiita.com/v_avenger/items/c85d946ed2b6bf340a84 How to Perform Static Malware Analysis with Radare2 https://www.peerlyst.com/posts/how-to-perform-static-malware-analysis-with-radare2-chiheb-chebbi CSRF-BASICS https://princetechhavenz.wordpress.com/2019/12/11/csrf-basics/ CSRF – PRACTICE https://princetechhavenz.wordpress.com/2020/02/07/csrf-practice/ CSRF- 101 https://princetechhavenz.wordpress.com/2019/12/26/csrf-101/ J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 智慧燈泡成駭客入侵目標！資安業者揭露攻擊手法慧燈泡用戶注意！智慧家居資安出包 駭客「這兩招」入侵家中 https://cnews.com.tw/137200210a05/ 智慧燈泡成駭客入侵目標！資安業者揭露攻擊手法 https://3c.ltn.com.tw/news/39493 What's in your network? Shadow IT and shadow IoT challenge technology sensibilities https://www.zdnet.com/article/shadow-it-and-now-shadow-iot-challenge-technology-leaders/#ftag=RSSbaffb68 IoT security is bad. It's time to take a different approach. https://www.zdnet.com/article/iot-security-is-bad-its-time-to-take-a-different-approach/#ftag=RSSbaffb68 Disinfecting robots to fight coronavirus run into travel bans https://www.zdnet.com/article/disinfecting-robots-to-fight-coronavirus-run-into-travel-bans/#ftag=RSSbaffb68 6.近期資安活動及研討會 【板橋/2020二月】WordPress #歡迎你來聚 2/15 https://www.meetup.com/Taipei-WordPress/events/268347650/ 【課程】金融大數據分析平台實作，使用Python實作網路爬蟲，快速有效獲取必要資訊，打造自動化分析工具 2/15 https://www.techbang.com/tags/19419 Taipei Rails Meetup 2/18 https://www.meetup.com/rails-taiwan/events/dlgzljybcdbxb/ 高雄 Rails Meetup 2/19 https://www.meetup.com/rails-taiwan/events/qxfvjkybcdbzb/ 人工智慧小聚 - 新竹 2/19 https://www.meetup.com/AIA-Hsinchu/events/267801851/ Android Code Club(Taipei) 2/19 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcdbzb/ Certificate of Cloud Security Knowledge (CCSK) Plus 2/23 ~ 2/24 https://csacongress.org/event/csa-summit-at-rsa-conference-2020/ 連網設備的資安風險與信任管理策略 2/25 https://www.caa.org.tw/coursedetail-3272.html 第19屆亞太資安論壇 2/25 ~ 2/26 https://www.informationsecurity.com.tw/Seminar/2020_Seminar/all/ Taipei 暗号通貨 (Cryptocurrency) Meetup 2/26 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcdbjc/ Android Code Club(Taipei) 2/26 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcdbjc/ 區塊鏈電子郵件防詐及網路資安鑑識研討會 2/27 https://www.tca.org.tw/market_info1.php?n=2390 Thinking Thursday 第七場 2/27 https://www.meetup.com/Thinking-Thursday/events/266911452/ 邊緣運算介紹與應用 & Let's AIY ( 人工智慧小聚 - Hsinchu#20200304 ) 3/4 https://www.meetup.com/AIA-Hsinchu/events/267713123/ Android Code Club(Taipei) 3/4 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbgb/ Monad 細說從頭！ FunTh#81 3/5 https://www.meetup.com/Functional-Thursday/events/267683150/ Android Code Club(Taipei) 3/11 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbpb/ CYBERSEC 2020 臺灣資安大會 3/17 ~ 3/19 https://cyber.ithome.com.tw/ Scala Taiwan #37 3/18 https://www.meetup.com/Scala-Taiwan-Meetup/events/267899692/ 韓國國際安全博覽會 3/18 https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html 數據分析與機器學習案例實務(一)以PM2.5為例 3/23 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3888&from_course_list_url=course_index Taipei 暗号通貨 (Cryptocurrency) Meetup 3/25 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcfbhc/ 交通大學駭客書院 - 緩衝區溢位攻擊與預防 3/28 https://hackercollege.nctu.edu.tw/?p=1141 black ASIA 2020 Singapore 3/31 ~ 4/3 https://www.blackhat.com/asia-20/briefings/schedule/ Kaspersky® Security Analyst Summit 4/6 ~ 4/9 https://thesascon.com/ 邊緣計算系統之大數據與深度學習應用 4/10 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3883&from_course_list_url=course_index 交通大學駭客書院 -入侵行為發覺與應變指南 4/18 https://hackercollege.nctu.edu.tw/?p=1144 VXCON 2020 - APAC 4/18 ~ 4/19 https://www.vxcon.hk/ 2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23 https://www.icscybersecurityconference.com/singapore/ Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/ 亞太資訊安全論壇暨展覽會 4/22 https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html 交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25 https://hackercollege.nctu.edu.tw/?p=1147 交通大學駭客書院 - 基礎網站安全建構實務 5/16 https://hackercollege.nctu.edu.tw/?p=1151 交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23 https://hackercollege.nctu.edu.tw/?p=1156 Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27 https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/ 交通大學駭客書院 - 進階網頁滲透測試 5/30 https://hackercollege.nctu.edu.tw/?p=1159 邊緣計算系統之大數據與深度學習應用 6/5 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index 交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20 https://hackercollege.nctu.edu.tw/?p=1161 交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27 https://hackercollege.nctu.edu.tw/?p=1164