資安事件新聞週報 2021/5/24 ~ 2021/5/28

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2021/5/24 ~ 2021/5/28 1.重大弱點漏洞/後門/Exploit/Zero Day New High-Severity Vulnerability Reported in Pulse Connect Secure VPN https://thehackernews.com/2021/05/new-high-severity-vulnerability.html Updates to Alert on Pulse Connect Secure https://us-cert.cisa.gov/ncas/current-activity/2021/05/27/updates-alert-pulse-connect-secure Synology 14 項套件的生命週期終止公告 https://www.synology.com/zh-tw/products/status/EOL_announcement_for_synology_package_202105 CVE-2021-21985: VMware vCenter Server遠程代碼執行漏洞通告 https://cert.360.cn/warning/detail?id=21bda4287b2b47416e93cc7817bf4a1a VMware虛擬化解決方案發現遠程代碼執行漏洞 https://finance.sina.com.cn/tech/2021-05-26/doc-ikmyaawc7657251.shtml Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now! https://thehackernews.com/2021/05/critical-rce-vulnerability-found-in.html 研究人員揭露PDF規格的兩個安全漏洞，將允許駭客偷偷竄改已認證文件內容 https://www.ithome.com.tw/news/144669 macOS 連爆多個 0-Day 漏洞 !! 黑客可取得 Mac 設備的麥克風、鏡頭、屏幕錄影等權限 https://hk.xfastest.com/116752/apple-macos-0-day-loopholes/ macOS 曝重大零日漏洞！蘋果釋出修復版本，用戶盡快更新以免遭駭 https://3c.ltn.com.tw/news/44487 Ｍac重大漏洞更新　防駭客偷錄螢幕隱私 https://tw.appledaily.com/gadget/20210526/X3BFYPLDFJHYXOHO7P7N47EGUI/ Apple‌ Issues Patches to Combat Ongoing 0-Day Attacks on macOS, tvOS https://thehackernews.com/2021/05/apple-issues-patches-to-combat-ongoing.html Apple Security Update for Safari - Exploitation in the Wild Reported https://support.apple.com/en-us/HT212340 設計違反ARM架構規範！蘋果M1曝出無法修復漏洞 https://www.eet-china.com/mp/a53737.html Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model https://www.theregister.com/2021/05/27/apple_m1_chip_bug/ 廣告商可能竊取資訊　外媒：蘋果M1具有安全漏洞 https://finance.ettoday.net/amp/amp_news.php7?news_id=1992330 CVE-2021-30747 https://m1racles.com/ 4漏洞可讓駭客接管Android裝置　Google緊急修補 https://reurl.cc/MA7N64 Google Project Zero警告4個已被外部利用的Android系統的0day缺陷 https://finance.sina.com.cn/tech/2021-05-23/doc-ikmxzfmm4135798.shtml Android Issues Patches for 4 New Zero-Day Bugs Exploited in the Wild https://thehackernews.com/2021/05/android-issues-patches-for-4-new-zero.html D-LINK DIR-842 3.13B05 HNAP REQUEST 未知漏洞 https://vuldb.com/zh/?id.158961 Google Chrome與Microsoft Edge瀏覽器存在安全漏洞(CVE-2021-21194~21199) https://libcc.ocu.edu.tw/files/16-1009-40737.php?Lang=zh-tw Google Chrome < 27.0.1453.93 多種漏洞 https://zh-cn.tenable.com/plugins/nessus/66556 Google Chrome 多個漏洞 https://www.hkcert.org/tc/security-bulletin/google-chrome-multiple-vulnerabilities_20210526 Chrome 91來了：可以凍結分頁群組，封鎖TLS 1.0/1.1與10080傳輸埠 https://www.ithome.com.tw/news/144634 Mozilla Security Advisories - May 5 2021 https://www.mozilla.org/en-US/security/advisories/mfsa2021-18/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-19/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/ Windows中的主要HTTP漏洞可能導致可利用的漏洞 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166 Exchange漏洞公布5分鐘就被駭客掃描 https://www.ithome.com.tw/news/144605 Cisco 近日發布更新以解決多個產品的安全性弱點 https://us-cert.cisa.gov/ncas/current-activity/2021/05/20/cisco-releases-security-updates-multiple-products 趨勢科技 Zero Day Initiative 漏洞懸賞計畫揭露全球 60.5% 的漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9249 NVIDIA GRAPHICS DRIVERS 295.49 REGISTRY 內存損壞 https://vuldb.com/zh/?id.10060 Nginx 新暴高危漏洞CVE-2021-23017 https://www.163.com/dy/article/GAUULFB605351QOR.html Sonatype https://vuldb.com/zh/?vendor.sonatype 谷歌公佈iOS漏洞可通過iMessage對設備發動攻擊 http://www.cmen.cc/rgzn/202105/109250.html 紅帽微服務監控管理平台發現授權繞過漏洞 https://finance.sina.com.cn/tech/2021-05-24/doc-ikmyaawc7219844.shtml ORACLE INSURANCE RULES PALETTE 10.2.0 直到11.3.0 ARCHITECTURE 未知漏洞 https://vuldb.com/zh/?id.168346 ORACLE IDENTITY MANAGER 11.1.2.0.0/11.1.2.1.0 END USER SELF SERVICE 未知漏洞 https://vuldb.com/zh/?id.10709 Eufy攝像頭漏洞可導致用戶隱私被其他用戶看到 https://www.4hou.com/index.php/posts/NXoD Django debug page XSS漏洞（CVE-2017-12794） https://blog.csdn.net/EC_Carrot/article/details/117256562 WebKitGTK+ 緩衝區錯誤漏洞 https://vul.wangan.com/a/CNNVD-202105-1574 修補太慢：WebKit中的AudioWorklet漏洞仍影響iOS與macOS設備 https://finance.sina.com.cn/tech/2021-05-27/doc-ikmyaawc7823684.shtml AMD揭示了EPYC處理器的漏洞“安全加密虛擬化” https://www.ximeiapp.com/article/3249755 Ubuntu配套LZ4解壓縮軟件發現執行任意代碼漏洞 https://finance.sina.com.cn/tech/2021-05-27/doc-ikmxzfmm5001065.shtml HAXX libcurl 安全漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898 Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks https://thehackernews.com/2021/05/newly-discovered-bugs-in-vscode.html Code Execution Flaw in Checkbox Survey Exploited in the Wild https://www.securityweek.com/code-execution-flaw-checkbox-survey-exploited-wild 2.銀行/金融/保險/證券/支付系統/ 新聞及資安國泰產險導入OpenID多元身分驗證，逾400萬國泰世華存戶可用網銀帳號驗證登入產險網站 https://www.ithome.com.tw/news/144558 捍衛營業秘密富邦產險提供客製化資安險 https://www.chinatimes.com/realtimenews/20210524003157-260410?chdtv 企業防機密外洩富邦產險首推營業秘密訴訟費用附加條款 https://ec.ltn.com.tw/article/breakingnews/3544633 富邦產險推出企業營運風險管理方案，為企業建立營業秘密防護網 https://reurl.cc/lRVLYE 萬事達卡收購身分驗證公司，身分驗證在數位化時代蔚為主流 https://findit.org.tw/researchPageV2.aspx?pageId=1733 公股動作最快兆豐銀即起全面啟動AB組居家辦公 https://money.udn.com/money/story/5613/5480310 華南銀行北北基分行下周啟動分組居家辦公 https://money.udn.com/money/story/5613/5480320 中國微眾銀行對香港虛擬銀行的3點啟示 https://reurl.cc/j8dyem 芝法院起訴華裔在內22名嫌犯並公開信用卡盜刷細節 https://www.worldjournal.com/wj/story/121473/5488028 金管會：銀行應加薪停業須指揮中心下令 https://ctee.com.tw/news/finance/465829.html 防疫第一！不能居家辦公的產業，怎麼辦？日本製造業和金融業的做法 https://www.managertoday.com.tw/articles/view/63044 65家金融機構要設資安長緩衝期六個月 https://www.chinatimes.com/realtimenews/20210527006046-260410?chdtv 銀行員PCR陽性無人告知防疫漏洞百出嚇壞同事 https://udn.com/news/story/7239/5487842 政大金融科技研究中心與勤業眾信聯手發表第一份臺灣金融科技趨勢展望報告，提出10項Fintech發展建議 https://www.ithome.com.tw/news/144679 MobileInter: Magecart Skimmer for your phone https://www.riskiq.com/blog/external-threat-management/mobile-inter/ 3.電子支付/行動支付/pay/資安忘帶手機用身份證條碼「嗶」感應一秒通關！悠遊付App化身實聯制神器 https://3c.ltn.com.tw/news/44460 中國幹部將個人支付寶二維碼頁面改名為社保中心貪污60多萬 https://finance.sina.com.cn/money/insurance/bxdt/2021-05-27/doc-ikmyaawc7767946.shtml 香港行動支付PayMe轉賬交易密碼要定期改｜5招精明用法+2式防「截糊」取錢 https://reurl.cc/VE65oN 4.加密貨幣/挖礦/區塊鍊/智能合約資安 EP01 比特幣大崩跌幣安智能鍊DEFI遭受駭客攻擊 https://reurl.cc/dGrnQk 克魯曼：比特幣是龐氏騙局或像黃金歷久不衰 https://www.worldjournal.com/wj/story/121477/5476240 諾獎得主克魯曼分析比特幣：雖然本質上是龐氏騙局，但不一定會破滅 https://www.techbang.com/posts/86931-nobel-prize-winner-kruman-analyzes-bitcoin-ponzi 最大機槍池被駭客攻擊，BSC 接連被暴擊後將走向何方 https://www.chaindaily.cc/posts/5441329c8e2d0d62e9127325d429add9 庫幣科技趁熱推新款「冷錢包」！管理資產破200億美元後，還能如何擴大加密貨幣商機 https://www.bnext.com.tw/article/63000/coolwallet-s-coolbitx 12個挖礦風險，賺加密貨幣時不只需要考慮電費與設備成本 https://www.kocpc.com.tw/archives/385345 交易所誆稱駭客入侵詐比特幣獲利950萬 https://reurl.cc/bX62L3 DeFi 默默養大了去中心化交易所，Uniswap 市值高達 366 億美元 https://technews.tw/2021/05/26/uniswap-volume-36b-usd-with-defi-growth/ 鑫棧虛擬貨幣工作室盜領泰達幣 8年級首腦涉洗錢遭訴 https://udn.com/news/story/7321/5486640 利用程式漏洞虛擬幣玩家9人詐取30萬顆泰達幣被逮 https://www.chinatimes.com/realtimenews/20210526003247-260402?chdtv 虛擬貨幣「泰達幣」詐騙洗錢案蔡宗霖等9人被起訴 https://news.ltn.com.tw/news/society/breakingnews/3546859 火幣OTC關於修復tradeRifle安全漏洞的公告 https://www.huobi.com/support/zh-cn/detail/360000116781/ Bogged Finance 團隊確認因閃電貸攻擊損失 300 萬美元，目前漏洞已被「封鎖」 https://www.chainnews.com/zh-hant/news/867810787704.htm 以太坊客戶端Parity 更新RPC 漏洞修復，該漏洞可惡意關閉部分節點 https://www.fxchacha.com/20210520032052.html Ledger 回應簽名安全漏洞：已更新比特幣App 來改善漏洞，漏洞不會洩露私鑰和助記詞等敏感數據 https://www.fxchacha.com/20210520005833.html 熱門DeFi 項目Yam 彈性供應合約存在漏洞，緊急呼籲代幣持有人委託投票修復漏洞 https://www.fxchacha.com/20210520005435.html 比特幣崩潰或將為投資者帶來稅收漏洞 https://www.chinahot.org/science/85459.html 因為偶然一夜致富　9神偷鑽「泰達幣」平台漏洞撈2500萬 https://www.ettoday.net/news/20210526/1991458.htm 中國監管重拳！擬將比特幣礦工納入「社會信用黑名單」、內蒙古祭 8 項懲戒措施 https://www.blocktempo.com/china-inner-mongolia-social-credit-blacklisting-bitcoin-miners/ 打臉現場！分叉項目 Merlin 重演 PancakeBunny 遭遇，駭客 240 枚 ETH 入袋 https://www.blocktempo.com/another-flash-loan-incident-merlin-lost-240-eth/ 外媒：拜登政府正在審查加密監管的「漏洞」 https://www.chinahot.org/science/85759.html 比特幣崩潰，或將為投資者帶來稅收漏洞 https://i.ifeng.com/c/86YNtaI06Cn 新官上任三把火！SEC新任主席將加強監管加密貨幣、SPAC https://news.cnyes.com/news/id/4652395 Alleged North Korean hackers scouted crypto exchange employees before stealing currency, researchers say https://www.cyberscoop.com/north-korea-lazarus-group-cryptocurrency-exchanges/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 木馬程式開採MacOS零時差漏洞暗中錄製螢幕 https://www.ithome.com.tw/news/144624 勒索軟體的危險新技巧：對資料進行「雙重加密」 https://www.inside.com.tw/article/23607-ransomware-dangerous-new-trick-is-double-encrypting-your-data FBI警告：美國占Conti勒索軟體攻擊全球受害單位一半以上，公布感染指標 https://www.ithome.com.tw/news/144625 資安業者公布 2021 資安報告，勒索軟體竟然變得簡單易上手 https://technews.tw/2021/05/25/2021-security/ macOS 零時差漏洞連續技！新 XCSSET 惡意軟體變種會偷抓使用者螢幕畫面 https://technews.tw/2021/05/26/malware-macos-zero-day-screenshots/ 46%的惡意程式亦會採用TLS 協定 https://blog.twnic.tw/2021/05/26/18579/ 微軟呼籲別點擊來路不明 PDF 文件，小心 STRRAT 惡意軟體入侵 https://technews.tw/2021/05/26/strrat-pdf/ 威剛針對部分資通系統遭病毒攻擊事件說明 https://reurl.cc/noVvWX 威剛遭駭客病毒攻擊！公司拒絕勒索　出貨些微延誤 https://finance.ettoday.net/news/1991943 COVID-19+勒索軟體雙重威脅在正崛起中 http://www.tpcc.org.tw/topic_detail.php?id=feb0dbc31a5642fd 勒索軟體攻擊將大行其道正成數智時代「死對頭」 https://news.sina.com.tw/article/20210527/38699682.html MSBuild Used by Threat Actors to Deliver RATs Filelessly https://www.anomali.com/blog/threat-actors-use-msbuild-to-deliver-rats-filelessly 8220 Gangs Recent use of Custom PwnRig Crypto Miner and Botnet https://www.lacework.com/8220-gangs-recent-use-of-custom-miner-and-botnet/ https://github.com/lacework/lacework-labs/blob/master/blog/8220_pwnrig_tsunami.csv Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware https://thehackernews.com/2021/05/microsoft-warns-of-data-stealing.html Ransomware’s New Swindle: Triple Extortion https://threatpost.com/ransomwares-swindle-triple-extortion/166149/ OSX/Bundlore Loader MapperState https://twitter.com/ConfiantIntel/status/1393215825931288580 FBI Warns Conti Ransomware Hit 16 U.S. Health and Emergency Services https://thehackernews.com/2021/05/fbi-warns-conti-ransomware-hit-16-us.html Tracking BokBot (IcedID) Infrastructure https://team-cymru.com/blog/2021/05/19/tracking-bokbot-infrastructure/ https://github.com/team-cymru/iocs/tree/master/bokbot Google Researchers Discover A New Variant of Rowhammer Attack https://thehackernews.com/2021/05/google-researchers-discover-new-variant.html Bose Admits Ransomware Hit: Employee Data Accessed https://threatpost.com/bose-ransomware-employee-data/166443/ Trickbot Brief: Creds and Beacons https://thedfirreport.com/2021/05/02/trickbot-brief-creds-and-beacons/ Attacks Embedding XMRig on Compromised Servers https://blogs.jpcert.or.jp/en/2021/05/xmrig.html Financial spear-phishing campaigns pushing RATs https://www.cyjax.com/2021/05/27/financial-spear-phishing-campaigns-pushing-rats/ Data Wiper Malware Disguised As Ransomware Targets Israeli Entities https://thehackernews.com/2021/05/data-wiper-malware-disguised-as.html Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer https://thehackernews.com/2021/05/malvertising-campaign-on-google.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊藍牙的核心與Mesh規格含有7個安全漏洞，允許駭客冒充合法裝置 https://times.hinet.net/topic/23344006 New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices https://thehackernews.com/2021/05/new-bluetooth-flaws-let-attackers.html 「疾管家」遭山寨版冒名錯刷店家QR code損失大 https://reurl.cc/GmkEev APK 拆解顯示 Google 語音助理將可幫你「關機」 https://www.kocpc.com.tw/archives/385377 布局5G物聯網有成台灣之星瞄準XR商機 https://udn.com/news/story/7086/5483844 啟動高效能居家辦公，通訊協作軟體功能大盤點 http://n.yam.com/Article/20210527716320 WhatsApp Sues Indian Government Over New Internet Regulations https://thehackernews.com/2021/05/whatsapp-sues-indian-government-over.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件數位轉型來自資訊長及IT部門的抗拒 https://ctee.com.tw/bookstore/selection/465135.html 7 個你一定要知道 VPN 可以做到的事情！讓你在網路上暢行無阻 https://www.kocpc.com.tw/archives/385620 Wi-Fi 網絡暗藏危機？所有 Wi-Fi 流動設備難以倖免 https://reurl.cc/1YxQKQ 目標式攻擊瞄準供應鏈脆弱環節，該如何因應？ https://www.ithome.com.tw/article/144112 面對網絡攻擊須提高防禦意識 https://reurl.cc/eE53jx 資安防護成佈署遠端工作的新挑戰？企業可以用這 5 招提升戰略思維 https://buzzorange.com/techorange/2021/05/26/ceo-pay-attention-to-information-security/ 居家上班如何避免成為詐團和駭客目標專家提醒注意4類資安風險 https://vip.udn.com/vip/story/121938/5483232 遠距上班、網購藏危機資安專家警告：恐掀駭客黑潮 https://reurl.cc/kZ5E79 上網追劇、看謎片增資安風險遠距上班3大重點防惡意病毒 https://reurl.cc/2r4m84 駭客靠一台「示波器」，成功還原 20 多年前的磁片資料 https://buzzorange.com/techorange/2021/05/25/oscilloscope-decode-floppy-disk/ 資安攻擊防不勝防，白名單是打造零信任資安環境的利器 https://www.ithome.com.tw/news/144553 看懂零信任架構，先釐清對於ZTA常見的3大迷思 https://www.ithome.com.tw/news/144551 「依照駭客情蒐」評比50大企業台灣「這行業」資安落後 https://reurl.cc/OX2Re3 跨國跨產業資安職涯動力曲線大分享，先輩給資安新血的2大職涯發展心法 https://www.ithome.com.tw/news/144617 國家、網路衝突與暗網 https://blog.twnic.tw/2021/05/23/18252/ WFH資安重點在身份核實　2招確保電子郵件往來安全性 https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000611371_NVD4C7KB6N6C6R2ZQX3IV 遠距上班、教學現亂象！疫情加速數位轉型，台灣準備好了嗎 https://city.gvm.com.tw/article/79675 疫情警戒攀升，企業異地辦公與資安部署準備好了嗎 https://www.techbang.com/posts/86735-epidemic-alert-climbs-enterprise-off-site-office-and-security 居家辦公，除了筆電，還要幫員工準備甚麼 https://news.sina.com.tw/article/20210521/38638282.html 特權Docker容器/K8s Pod須妥善保護　API暴露恐遭接管主機駭客鎖定微服務DevOps　雲端容器漏洞成攻擊對象 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/A460D57EC6F749C8A12F3C0E4BD1726B 1年1.6億次攻擊如何擋？三總從實戰練出7措施11方法打造更強防禦 https://www.ithome.com.tw/news/144606 曾破壞伊朗核設施懲罰勒贖駭客的美國網軍 https://vip.udn.com/vip/story/121937/5487890 微軟稱遭中國黑客攻擊拜登政府避而不談 https://www.secretchina.com/news/b5/2021/05/24/972684.html 癱瘓新聞網站電話恐嚇報社駭客落網 https://reurl.cc/OX2RDR 日本前將領：中國對台「混合戰」早已展開有8套劇本 https://www.cna.com.tw/news/aopl/202105220002.aspx 慎防受駭各國拉高電力服務資安防護 https://reurl.cc/xgYW91 防油管再遇「駭」美國國安部將頒新網安法規 https://www.worldjournal.com/wj/story/121173/5486667 美國國務院規劃部署系統漏洞定期掃描工具 https://www.secrss.com/articles/31429 美參議員提議案防堵中共設備進入市場 https://www.epochtimes.com/gb/21/5/25/n12975534.htm 美國商務部被指監控亞裔員工前調查員：深夜秘搜辦公室 https://udn.com/news/story/6809/5486348?from=udn-catebreaknews_ch2 拜登、普亭開峰會美俄著手安排下月瑞士登場 https://udn.com/news/story/6809/5483607?from=udn-catelistnews_ch2 克里姆林宮宣布美俄6月中舉行總統峰會 https://news.ltn.com.tw/news/world/breakingnews/3546134 親綠寫手害王定打PTT「認知戰」遭反殺高虹安：他老師是范雲 https://reurl.cc/YOlv2l 親綠寫手反串被抓包　郭正亮：「蟑螂窩」連總統都敢騙 https://gotv.ctitv.com.tw/2021/05/1780328.htm 親綠寫手假訊息高虹安批：白天掃毒、晚上散佈駭客病毒 https://reurl.cc/j8d1bn 親綠寫手PTT反串中共惹議許智傑：給年輕人一個機會 https://reurl.cc/xGDQ05 反串之亂｜高虹安諷政府的認知作戰敵我都是同胞　民眾黨要蔡英文道歉 https://tw.appledaily.com/politics/20210525/SXLFIZQJRBF3RHIZVSNV32QXFU/ 林瑋豐遭網友起底被質疑自導自演認知作戰調查局證實已接獲檢舉信 https://news.pts.org.tw/article/527732 林瑋豐「反串」串事件藍綠互槓 https://news.ltn.com.tw/news/politics/paper/1450975 核四公投領銜人黃士修檢舉林瑋豐法務部：積極偵辦中 https://udn.com/news/story/122186/5483222?from=udn-catelistnews_ch2 林瑋豐「抹PTT認知作戰」下場慘了！　調查局也要辦他 https://www.ettoday.net/news/20210525/1990341.htm 林瑋豐自導自演調查局一晚接獲70多名網友檢舉 https://www.chinatimes.com/realtimenews/20210525002326-260402?chdtv 林瑋豐自導自演認知作戰調查局請黃士修作查證筆錄 https://udn.com/news/story/122186/5487261?from=udn-catebreaknews_ch2 網路反串之亂重傷政府信用與防疫團結 https://udn.com/news/story/121823/5489101?from=udn-catelistnews_ch2 中共認知戰下的產物--不普篩就會有黑數 https://newtalk.tw/news/view/2021-05-25/578740 親綠寫手反串「對台認知作戰」陸批沒良知、沒底線 https://udn.com/news/story/7333/5485900?from=udn-ch1_breaknews-1-cate4-news 關站是謠言！ PTT站方澄清：無任何關閉的傾向或計畫 https://news.ltn.com.tw/amp/news/life/breakingnews/2412377 中共滲透台灣八劇本專家：培養親共政權為首 https://www.epochtimes.com/b5/21/5/25/n12974154.htm 特斯拉在中國建立數據中心緩解資安疑慮 https://www.cmoney.tw/notes/note-detail.aspx?nid=267278 Graphika調查：反共富豪郭文貴與網路世界的「螞蟻幫」 https://tfc-taiwan.org.tw/articles/5582 中國監控設備深入地方？超過 100 個美國鄉鎮採購海康威視、浙江大華產品 https://www.inside.com.tw/article/23625-united-states-towns-hikvision-dahua-surveillance 外資配合中共審查專家籲企業聯手反制 https://www.epochtimes.com/b5/21/5/23/n12969834.htm 比利時內政部網路也因Exchange Server漏洞遭駭 https://www.ithome.com.tw/news/144665 香港特首歡迎完善選舉制度法案通過 https://www.news.gov.hk/chi/2021/05/20210527/20210527_162639_092.html 香港立法會三讀通過完善選舉制度條例草案自由黨議員支持中央堵塞選舉漏洞 https://reurl.cc/W3d4lL 香港選舉條例修訂案通過落實「愛國者治港」 https://money.udn.com/money/story/5603/5489026 FSB NKTsKI: Foreign ‘cyber mercenaries’ breached Russian federal agencies https://therecord.media/fsb-nktski-foreign-cyber-mercenaries-breached-russian-federal-agencies/ Watering Hole Attack Was Used to Target Florida Water Utilities https://thehackernews.com/2021/05/watering-hole-attack-was-used-to-target.html Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea https://thehackernews.com/2021/05/researchers-link-cryptocore-attacks-on.html Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software https://thehackernews.com/2021/05/details-disclosed-on-critical-flaws.html FBI Analyst Charged With Stealing Counterterrorism and Cyber Threat Info https://thehackernews.com/2021/05/fbi-analyst-charged-with-stealing.html Russian Hydra DarkNet Market Made Over $1.3 Billion in 2020 https://thehackernews.com/2021/05/russian-hydra-darknet-market-made-over.html The new group policies coming to Windows 10 21H2 https://www.bleepingcomputer.com/news/microsoft/the-new-group-policies-coming-to-windows-10-21h2/ Hackers Using Fake Foundations to Target Uyghur Minority in China https://thehackernews.com/2021/05/hackers-using-fake-foundations-to.html FBI issues warning about Fortinet vulnerabilities after APT group hacks local gov’t office https://www.zdnet.com/article/fbi-issues-warning-about-fortinet-vulnerabilities-after-apt-group-hacks-local-govt-office/ FBI警告APT參與者正在針對Fortinet設備中的漏洞 https://0xzx.com/zh-tw/2021052810361473102.html North Korean hackers behind CryptoCore multi-million dollar heists https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-cryptocore-multi-million-dollar-heists/ Security in Nextcloud: how to block 99.9% of user account attacks https://nextcloud.com/blog/security-in-nextcloud-how-to-block-99-9-of-attacks/ Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys them instead https://www.zdnet.com/article/iranian-hacking-group-agrius-pretends-to-encrypt-files-for-a-ransom-destroys-it-instead/ Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT https://securityaffairs.co/wordpress/118306/digital-id/kubernetes-clusters-teamtnt.html 稽核專員(資安) https://www.104.com.tw/job/79z8m DevOps/SRE 工程師 https://www.104.com.tw/job/7adm8 資安工程師 https://www.104.com.tw/job/79oax IT Security Manager 資訊安全經理 https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?R2=11&EMPLOYER_ID=2244421&HIRE_ID=10377593 資安管理專責人員 https://www.104.com.tw/job/7a6u1 【專案】資安專責人員 https://www.104.com.tw/job/7aniv 網路資安工程師 http://www.104.com.tw/jb/104i/job/view?j=6nkhr D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞你的 Gmail、臉書帳號值多少錢？研究公開「暗網最新價目表」 https://3c.ltn.com.tw/news/44533 Gmail 帳號一個價值 2,228 元，最新暗網價目表公開 https://ccc.technews.tw/2021/05/28/dark-web-price-2021/ 快看你有沒有上榜！日資安公司曝「最爛密碼排行」 https://news.ltn.com.tw/news/novelty/breakingnews/3547864 疫情搞詐騙？假疫調騙取個資接獲「130多件」檢舉案 https://reurl.cc/3aD16O 收到疫苗採購民調連結？建議多方查證資訊來源，避免點擊不明表單 https://www.mygopen.com/p/blog-page_27.html 駭客入侵富士通客戶用軟體！日本政府、成田機場資料遭外洩 https://technews.tw/2021/05/27/japanese-government-offices-hacked/ Canada Post 95萬客戶信息遭洩漏 https://riseweekly.com/2021-05-canada-post/ 華盛頓特區警方的數據洩露揭示對社交媒體上小丑相關賬戶的監視 https://www.cnbeta.com/articles/tech/1133081.htm 駭客盯上印度航空 450萬筆個資全洩漏 https://ec.ltn.com.tw/article/breakingnews/3542586 23 款 Android App 配置不當，多達 1 億筆使用者個資網上看光光 https://technews.tw/2021/05/24/23-android-apps-expose-personal-data/ 安永隱私保護調查搜尋引擎、社交媒體最不被信任 https://ctee.com.tw/uncategorized/463598.html 在家自拍也可被黑客盜取個人資料！別亂用#WorkFromHome標籤 https://reurl.cc/WEe8O5 日本熱門約會軟體遇駭逾170萬用戶個資受影響 https://www.cna.com.tw/news/aopl/202105240329.aspx 居家上班小心資安風險駭客藉連結詐騙個資攻擊家中路由器防毒軟體要更新到位 https://eteacher.edu.tw/ReadNews_m.aspx?id=4533 簡訊實聯制恐造成個資外洩　鄭宏輝籲資安須兼顧 https://reurl.cc/gWv29N 防疫宅在家網購金門2人遭騙11萬餘元 https://www.chinatimes.com/realtimenews/20210525002303-260402?chdtv 遠距教學4步驟保護孩童隱私網購平台見2圖示安心買 https://reurl.cc/dGrW7z 「防疫實聯衝衝衝」使用人數破百萬疑個資外洩急下架 https://reurl.cc/YOlXeX 百萬人加好友！防疫實聯衝衝衝疑外洩個資　LINE急下架 https://www.setn.com/News.aspx?NewsID=944529 比唐鳳還要早！百萬人使用的實聯制疑洩外資　上線10天就下架銷毀 https://tw.appledaily.com/local/20210526/CTYMCHSEORGPHFAXWST3ULPTIU/ 運動手錶隨身裝置資料直通雲端　資安及法規遵循不容輕忽穿戴科技實現智慧健身　連網隱私供應鏈皆須安全 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/566EFC7BB1384CDB913F5B2D90FC8E0D 主播張雅琴臉書遭詐騙集團盜用　怒報警「好膽嘜走」 https://stars.udn.com/star/story/10089/5485732 抖音等百款APP非法收集用戶個資捉賊的也挨轟 https://www.soundofhope.org/post/508508?lang=b5 破億 Android 手機用戶個資遭曝於設定不當的雲端服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9253 網傳「教育部網站公告，全國各級學校自110年5月19日起至6月18日止，因應疫情停課居家線上學習」 https://tfc-taiwan.org.tw/articles/5576 偽教育部網站散布｢停課至6月18日｣假訊息刑事局成立專案小組追查 https://newtalk.tw/news/view/2021-05-25/578674 假公告稱疫情補助每人1萬元？教育部停課到七月？三招拆穿惡搞假公告 https://tfc-taiwan.org.tw/articles/5561 EP48 - 釣魚~釣魚~釣到什麼魚 https://infosecdecompress.com/posts/ep48_phishing_as_a_service 「簡體字+大陸生活用語」 CDC籲：辨明假資訊.勿轉傳 https://reurl.cc/5rg1Yv 最爛密碼Top10曝光「asdfghjk」看似亂碼卻暗藏玄機 https://www.chinatimes.com/hottopic/20210526005461-260809?chdtv 上海警方搗毀直播詐騙窩點：詐騙分子蘿莉禦姐音秒切換 https://www.cnbeta.com/articles/tech/1133391.htm 繼某地產公司、音頻設備公司“隱瞞”攻擊後，達美樂披露1.8億用戶數據洩露 https://www.freebuf.com/articles/neopoints/275159.html 23 Android Apps Expose Over 100,000,000 Users' Personal Data https://thehackernews.com/2021/05/these-23-android-apps-expose-over.html Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers https://thehackernews.com/2021/05/indias-flag-carrier-airline-air-india.html E.研究報告不可不知的街頭監控技術：基地台模擬器 / 國際移動使用者辨識碼擷取器 https://lab.ocf.tw/2021/05/24/street-level-surveillance/ 你一定用過 htop，但你有看懂每個欄位嗎 https://medium.com/starbugs/do-you-understand-htop-ffb72b3d5629 Vue 組件通信的8 種方式 https://xie.infoq.cn/article/d3333bb4321a8319a5141eb4f Blogger 群體被駭事件始末﹍淺談「社交工程」如何入侵網站 https://www.wfublog.com/2021/05/blogger-hacked-posts-deleted-social-engineering.html 「資安做得多就會有被害妄想症。」「攻擊型」資安顧問的工作日常（ft. 翁浩正） https://podcast.starrocket.io/109 EP35 茶水閒聊：全台疫情第三級、疫情資安個資、在家工作遠端上班、BTC來至三萬、純推韓劇 https://open.firstory.me/story/ckp1jhbv1fjij08002we9j5ea 對PWN2OWN上TP-LINK AC1750路由器突破的利用分析 https://www.163.com/dy/article/GAP3HNH10511CJ6O.html?f=post2020_dy_recommends PWN2OWN TOKYO 2020: DEFEATING THE TP-LINK AC1750 https://www.synacktiv.com/en/publications/pwn2own-tokyo-2020-defeating-the-tp-link-ac1750.html ProxyLogon漏洞被用於門羅幣挖礦 https://mp.weixin.qq.com/s/p9pzBzbbHgjT7nPxF4TWIw#at Java反序列化漏洞從入門到關門 https://www.gushiciku.cn/dl/0a32I/zh-hk 隱藏源IP，提高溯源難度的幾種方案 https://www.freebuf.com/sectool/270669.html 國家工信安全中心：《全球跨境數據流動相關問題研究》 https://mp.weixin.qq.com/s/AQhjkositPhLNz3HtdBdnw 安全設備的漏洞挖掘 https://bbs.pediy.com/thread-267854.htm 0x0C. Defeat Indirect Call - Anti-Analysis Technique in Darkside Ransomware https://hackmd.io/Pu7rwaRgSdedTY0eRaC4dg AMSI Bypass Methods https://pentestlaboratories.com/2021/05/17/amsi-bypass-methods/amp/?__twitter_impression=true Amsi-Bypass-Powershell https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell Hunting and Detecting IcedID Infections https://www.telekom.com/en/blog/group/article/let-s-set-ice-on-fire-hunting-and-detecting-icedid-infections-627240 https://github.com/telekom-security/icedid_analysis Is Single Sign-On Enough to Secure Your SaaS Applications https://thehackernews.com/2021/05/is-single-sign-on-enough-to-secure-your.html Top Cyber Threats to Latin America and the Caribbean https://www.fireeye.com/blog/executive-perspective/2021/05/top-cyber-threats-to-latin-america-and-the-caribbean.html Monero Cryptominer Exploits Docker Containers https://labs.sentinelone.com/caught-in-the-cloud-how-a-monero-cryptominer-exploits-docker-containers/ I/O Rings – When One I/O Operation is Not Enough https://windows-internals.com/i-o-rings-when-one-i-o-operation-is-not-enough/ Routersploit Check the security of your router https://en.iguru.gr/2020/05/14/routersploit-elegkse-tin-asfaleia-tou-router-sou/ Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises https://www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html DNS-Black-Cat(DBC) - Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration https://www.kitploit.com/2021/05/dns-black-catdbc-multi-platform-toolkit.html IPED:-- Digital Forensic Tool. https://github.com/sepinf-inc/IPED Using Podman and Docker Compose https://www.redhat.com/sysadmin/podman-docker-compose podman-compose https://github.com/containers/podman-compose Php_Code_Analysis - San your PHP code for vulnerabilities https://www.kitploit.com/2021/05/phpcodeanalysis-san-your-php-code-for.html Kubecost + Rancher = $$$ saved https://itnext.io/kubecost-rancher-saved-df30fe77135b Text to UML and other “diagrams as code” tools – Fastest way to create your models https://modeling-languages.com/text-uml-tools-complete-list/ How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/ PCI Express 6.0 Status Update: Draft 0.71 Coming Soon, Final Release by End of Year https://www.anandtech.com/show/16704/pci-express-60-status-update-draft-071-coming-soon-final-release-by-end-of-year Mobile Device Digital Forensics https://barwisian.medium.com/mobile-device-digital-forensics-b43b88f8267 My RCE PoC walkthrough for (CVE-2021–21974) VMware ESXi OpenSLP heap-overflow vulnerability https://straightblast.medium.com/my-poc-walkthrough-for-cve-2021-21974-a266bcad14b9 Chinese APT Actors Compromising PulseSecure VPN Devices https://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html https://github.com/fireeye/pulsesecure_exploitation_countermeasures Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/ Unified Threat Detection With Endpoint Security 5.1 and Helix https://www.fireeye.com/blog/products-and-services/2021/05/unified-threat-detection-endpoint-security-helix.html Analysis report of the Facefish rootkit https://blog.netlab.360.com/ssh_stealer_facefish_en/ F.商業全台停課 Fortinet提6方法保護學童網路安全 https://turnnewsapp.com/livenews/tech/A06659002021052015414940 泓洋電子科技人臉辨識系統體溫及門禁管理最佳幫手 https://money.udn.com/money/story/5635/5476079 Intel 產業論壇詮隼科技發表「ORANge 5G 測試解決方案」 https://ctee.com.tw/industrynews/technology/463572.html 【殲滅開源軟體漏洞】資安公司 Snyk 收購瑞典新創 FossID，企業資安風險有保障 https://buzzorange.com/techorange/2021/05/21/snyk-bolsters-open-source-software-security-with-fossid-acquisition/ 個股：網路安全問題層出不窮，群聯攜手Cigent推自我防衛SSD方案搶商機 https://fnc.ebc.net.tw/fncnews/stock/134798 協助MITRE ATT&CK for Containers架構共創雲端資安未來 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&cat=60&id=0000610164_6V9241RK5PBA075AZBH7G 黃金治療時間不延誤！醫院備份數位資料、防勒索軟體，就靠這一款「不復古」的藍光歸檔光碟櫃 https://buzzorange.com/techorange/2021/05/25/panasonic-health-data-archive/ 【Microsoft Build 2021】口說文本變程式碼有譜，Windows 也將更大力擁抱 ARM https://www.inside.com.tw/article/23637-microsoft-build-2021 居家工作一週　微軟揭密「數位工具部署關鍵」 https://finance.ettoday.net/news/1987623 點點簽免費開放電子簽名服務，協助企業在家辦公兼顧生產力 https://www.inside.com.tw/article/23611-dotted-sign 宏碁施振榮呼籲：善用科技防疫、讓病毒在台碰壁！當起自家sMeet視訊系統代言人 https://www.bnext.com.tw/article/63001/stan-shi-use-video-conference 打造全面運算方案，Arm 全新 Armv9 架構 CPU、GPU 亮相 https://technews.tw/2021/05/26/arm-armv9-2/ Gigamon助製造業實現全網可視化即時遏阻入侵攻擊 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000611050_LVD1EE5W42WFRI1VVP6J1 Palo Alto Networks發佈2021年勒索軟體威脅報告 https://turnnewsapp.com/livenews/tech/A07657002021052715115973 遠傳攜手數聯資安，拓中小企業遠距應用商機 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=d896408b-bb48-44a9-b123-d581e3ae8727 三竹宣布免費提供企業專用即時通訊軟體「CoLine」 https://money.udn.com/money/story/5612/5489955 防疫期間因應金管會規定，ArkEase Pro 提供產壽險業視訊錄影存證備查方案 https://news.sina.com.tw/article/20210527/38705200.html 1Password 瀏覽器插件也支援用生物辨識來認證，再一個地方免入密碼了 https://reurl.cc/eEx5nm 趨勢科技獲選為2021年Gartner端點防護平台神奇象限領導者 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000610518_5O443VCM25AI7F7I26YUC 「USB-IF」公佈新標準！筆電將可全面採用 USB Type-C 充電 https://3c.ltn.com.tw/news/44507 Google發布Analytics Hub供用戶大規模交換資料集 https://www.ithome.com.tw/news/144663 G.政府六大戰略產業是什麼？520 六大戰略產業滿周年回顧 https://reurl.cc/E2qbvR 首次實測視訊會議游錫堃：立院歷史性一刻 https://www.epochtimes.com/b5/21/5/21/n12965733.htm 校正回歸熱議調查局情蒐社群言論 https://udn.com/news/story/6656/5478491?from=udn-catebreaknews_ch2 全國2596公部門使用中國資通產品 https://news.ltn.com.tw/news/politics/paper/1450420 空軍通航資聯隊傳遞戰情守護飛安 https://reurl.cc/O0bvdX 能執行政院網戰專案任務國防部資安鑑識實驗室曝光 https://udn.com/news/story/10930/5480736?from=udn-catelistnews_ch2 台灣與Skype發源國愛沙尼亞共論數位轉型與資安商機 https://ec.ltn.com.tw/article/breakingnews/3547392 行政院資通安全會報-資通安全網路月報(110年4月) https://nicst.ey.gov.tw/Page/8770AD7511CB8DC9/9d52771f-a6e1-4407-a16e-4e63abfd2cf2 調查局赴歐洲跨境打詐「全副武裝」遣返人犯 https://udn.com/news/story/7315/5491186?from=udn-catelistnews_ch2 ISAC將從中央推至地方建構全國資安聯防網 https://reurl.cc/R04dQD H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車相關資安資訊安全在醫療領域的重要性 feat.毛敬豪、王仁甫 https://player.soundon.fm/p/8fdc3e51-8bfb-4bfa-9c65-8ea2ce5a6eb7/episodes/45ce16f4-7e91-4230-9089-106e3bebdc33 物聯網裝置要如何做到端點的威脅偵測？研究人員打算透過韌體虛擬化來檢測 https://www.ithome.com.tw/news/144538 Secure Thingz攜手NXP強化連網裝置保護推進IoT安全建置方案 https://reurl.cc/gWvDjR 區塊鏈去中心化技術有利提升資安等級　物聯網領域躍躍欲試 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000611308_QR12IX601BR9G67UCFSJP 賓士聯手資安業者，強化車用系統資安防護 https://blog.twnic.tw/2021/05/27/18776/ 如何抵擋駭客攻擊，提升工控系統主動防禦力 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9256 趨勢科技：5G新興威脅讓智慧製造面臨資安難題 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=13ffe38c-c030-477f-87e2-86a875e1bdd5 I.教育訓練 14年玩成全球頂尖駭客，戴夫寇爾首席資安研究員親身分享5階段心路轉折 https://www.ithome.com.tw/news/144565 何謂資訊安全(資安) https://ithelp.ithome.com.tw/articles/10256773 改個 DNS 是要改多久？- Domain 管理的常見問題 https://reurl.cc/6agy3y What To Do When Your Business Is Hacked https://thehackernews.com/2021/05/what-to-do-when-your-business-is-hacked.html How to Lower the Risk That Digital Transformation Leads to a Financially Costly Breach https://www.fireeye.com/blog/products-and-services/2021/05/lower-risk-digital-transformation-leads-to-costly-breach.html How to Manage VMware Snapshots: A Guide https://www.virtualizationhowto.com/2021/05/how-to-manage-vmware-snapshots-a-guide/ J.人工智慧/AI/ML/人臉辨識整合新世代 CPU 與 GPU 架構　超效能為智慧應用奠基高速運算實踐 AI 賦能　打造數位創新最夠力 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/08B64D236BEC4AF3AAB1327FCBB3CE8C 6.近期資安活動及研討會 TensorFlow Everywhere | From 0 to 1 6/10 https://www.meetup.com/TensorFlow-User-Group-Taipei/events/277170902/ 2021製造業資安論壇 6/10 https://docs.google.com/forms/d/e/1FAIpQLSeJEpc_ePmJGx2RO6hlSJQnmsFTzBT-2zkzjcnPHbdYS2UAhQ/viewform 行動應用APP安全檢測與實務(可抵內稽) 6/11 https://www.caa.org.tw/coursedetail-3515.html Maximize the Output, or Optimize the Outcome 6/24 https://www.meetup.com/the-liberators-network-taiwan-user-group-taipei-taiwan/events/276003947/ 【白帽駭客工坊】2021資安實務培訓課程 6/25 https://pttcareer.com/tech_job/M.1620115144.A.C05.html 國家高速網路與計算中心教育訓練【資安進階課程】實體滲透與手法研究 6/29 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3950&from_course_list_url=homepage Cyber Security Global Summit 21 6/29 ~ 6/30 https://cs.geekle.us/?utm_content=INFO_SEC_TIER2 元智資工夏令營-由programming邁入AI大數據與資安世界 7/15 ~ 7/17 https://cse-yzu.kktix.cc/events/yzcsapcs5 學生計算機年會 SITCON 2021 9/4 https://sitcon.org/2021/ Cyber Defense Summit 2021 Oct. 4-7, 2021 https://summit.fireeye.com/