###### tags: `資安事件新聞週報` # 資安事件新聞週報 2019/7/8 ~ 2019/7/12 1.重大弱點漏洞/後門/Exploit/Zero Day 安全公告：LEN-27828 Intel PROSet/Wireless WiFi Software 漏洞 http://iknow.lenovo.com/detail/dc_183380.html Juniper Junos OS 多個漏洞 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10938 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10940 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10942 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10946 Lodash 嚴重安全漏洞背後你不得不知道的JavaScript 知識 https://juejin.im/post/5d271332f265da1b934e2d48 Lodash庫爆出嚴重安全漏洞，波及400萬+項目 https://mp.weixin.qq.com/s/tfZq2PZylGfMjOp8h8eeTw Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting https://www.exploit-db.com/exploits/47111 知名飯店Kiosk系統漏洞讓後台資料庫憑證曝險，可致客戶資料被竊 https://ithome.com.tw/news/131809 Jira Server and Data Center Update Patches Critical Vulnerability https://www.bleepingcomputer.com/news/security/jira-server-and-data-center-update-patches-critical-vulnerability/ JIRA Security Advisory 2019-07-10 https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html Bad McAfee Exploit Prevention Update Blocked Windows Logins https://www.bleepingcomputer.com/news/security/bad-mcafee-exploit-prevention-update-blocked-windows-logins/ Unable to log on to Windows systems with Endpoint Security 10.2 (or earlier) after you apply Exploit Prevention content version 9418 http://bit.ly/2JvWk7a 物理黑客上線，羅技被曝出四個硬件漏洞 https://www.tuicool.com/articles/mqQFjiR Logitech wireless USB dongles vulnerable to new hijacking flaws https://www.zdnet.com/article/logitech-wireless-usb-dongles-vulnerable-to-new-hijacking-flaws/#ftag=RSSbaffb68 傳 PSN 現安全漏洞　黑客盜用玩家信用卡 https://unwire.hk/2019/07/04/psn-security/tech-secure/ 小心被盜刷！PlayStation Network 爆發信用卡漏洞 https://www.inside.com.tw/article/16833-Security-Flaw-Allows-Hackers-To-Access-PSN-Accounts-Credit-Card-Info 火狐瀏覽器被發現某個存在17年的漏洞可竊取用戶本地存儲的文件 https://www.landiannews.com/archives/60168.html 中國大陸國家工業信息安全漏洞庫上線 https://news.sina.com.tw/article/20190708/31885498.html Zoom Mac版安全漏洞曝光：可以讓網站劫持Mac攝像頭 https://news.sina.com.tw/article/20190709/31904184.html Apple macOS Sierra IOFireWireFamily組件信息洩露漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7608 Apple發出更新，主動移除Mac中的Zoom本地主機網頁伺服器 https://www.ithome.com.tw/news/131792 Apple Issues Silent Update to Remove Old Zoom Software https://www.bankinfosecurity.com/apple-issues-silent-update-to-remove-old-zoom-software-a-12767 VMware 多個產品發布新的安全更新 https://www.us-cert.gov/ncas/current-activity/2019/07/02/vmware-releases-security-advisory-multiple-products VMWare vSphere ESXi 阻斷服務漏洞 https://www.vmware.com/security/advisories/VMSA-2019-0011.html 思科產品阻斷服務漏洞 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos Cisco 多個產品存在安全性弱點 https://www.us-cert.gov/ncas/current-activity/2019/07/03/cisco-releases-security-updates-multiple-products Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes https://www.theregister.co.uk/2019/07/05/cisco_patch_fix/ Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution https://www.exploit-db.com/exploits/47112 Symantec Endpoint Encryption Privilege Escalation https://support.symantec.com/us/en/article.SYMSA1485.html Symantec DLP 15.5 MP1 - Cross-Site Scripting https://www.exploit-db.com/exploits/47071 更新前先等等！微軟承認 Windows 10 五月更新有 VPN 網路瑕疵 https://3c.ltn.com.tw/news/37319 Microsoft Exchange 2003 base64-MIME Remote Code Execution https://packetstormsecurity.com/files/153533/msexchange2003-exec.txt The Windows 10 misinformation machine fires up again https://www.zdnet.com/article/the-windows-10-misinformation-machine-fires-up-again/#ftag=RSSbaffb68 Microsoft July 2019 Patch Tuesday fixes zero-day exploited by Russian hackers https://www.zdnet.com/article/microsoft-july-2019-patch-tuesday-fixes-zero-day-exploited-by-russian-hackers/#ftag=RSSbaffb68 Windows 10 KB4507453 Cumulative Update Causes Restart Alert Loop https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4507453-cumulative-update-causes-restart-alert-loop/ 在Microsoft Visual Studio 2010 Service Pack 1 信息洩露漏洞的安全更新的說明： 2019 7 月9日 https://support.microsoft.com/zh-cn/help/4506161/security-update-for-information-disclosure-vulnerability-in-vs-2010 微軟發佈07月份安全性公告 https://support.microsoft.com/en-us/help/20190709/security-update-deployment-information-july-9-2019 July’s Patch Tuesday Fixes Critical Flaws in Microsoft Edge and Internet Explorer, Including Windows DHCP Server https://blog.trendmicro.com/trendlabs-security-intelligence/julys-patch-tuesday-fixes-critical-flaws-in-microsoft-edge-and-internet-explorer-including-windows-dhcp-server/ Windows Zero-Day Used by Buhtrap Group For Cyber-Espionage https://www.bleepingcomputer.com/news/security/windows-zero-day-used-by-buhtrap-group-for-cyber-espionage/ Debian 10 'Buster' Linux arrives https://www.zdnet.com/article/debian-10-buster-linux-arrives/#ftag=RSSbaffb68 最新Redis未授權訪問漏洞，該如何守護Redis安全 http://news.51cto.com/art/201907/599444.htm ibm -- db2 CVE-2019-4057 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-4057 ibm -- db2 CVE-2019-4154 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-4154 ibm -- db2 CVE-2019-4322 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-4322 netapp -- clustered_data_ontap CVE-2019-5497 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-5497 nginx -- njs CVE-2019-13067 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13067 synology -- calendar CVE-2019-11829 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-11829 synology -- photo_station CVE-2019-11821 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-11821 CVE-2019-13142:雷蛇影音軟件（Razer Surround）的權限提升漏洞 https://nosec.org/home/detail/2758.html Adobe tackles vulnerabilities in Dreamweaver, Experience Manager, Bridge https://www.zdnet.com/article/adobe-tackles-vulnerabilities-in-dreamweaver-experience-manager-bridge-cc/#ftag=RSSbaffb68 Intel Patches High-Severity Flaw in Processor Diagnostic Tool https://threatpost.com/intel-patches-high-severity-flaw-in-processor-diagnostic-tool/146352/ Intel 發布新的安全更新 https://www.us-cert.gov/ncas/current-activity/2019/07/09/intel-releases-security-updates Mozilla 已發布安全更新 https://www.us-cert.gov/ncas/current-activity/2019/07/09/mozilla-releases-security-updates-firefox-and-firefox-esr Juniper updates its multi-cloud container platform Juke https://www.zdnet.com/article/juniper-updates-its-multi-cloud-container-platform-juke/#ftag=RSSbaffb68 Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit) https://www.exploit-db.com/exploits/47073 2.銀行/金融/保險/證券/支付系統/ 新聞及資安 香港銀行公會：環聯須提交獨立報告　恢復服務前要作詳解 https://hk.on.cc/hk/bkn/cnt/finance/20190705/bkn-20190705201332275-0705_00842_001.html 「Visa QR Code掃碼支付平台」服務上線，手機就能繳費 https://www.chinatimes.com/realtimenews/20190705001599-260410?chdtv 元大銀 進軍外幣ATM提匯業務 http://bit.ly/2S6pbln 銀聯卡全球發行逾75億張可在174個國家地區使用 https://money.udn.com/money/story/5605/3910855 日本電通成立資訊銀行 鼓勵消費者分享數據 https://money.udn.com/money/story/5602/3910763 盧希鵬：純網銀有3件傳統銀行做不到的優勢，數據、利他、弱連結生態系 https://www.ithome.com.tw/news/131709 東歐假卡集團ATM撳錢作案　骨幹成員被捕 https://hk.on.cc/hk/bkn/cnt/news/20190708/bkn-20190708114803488-0708_00822_001.html 陸客不來不怕，東協旅客來台消費 EMV 通用條碼支付漸漸增加 https://technews.tw/2019/07/09/luke-not-here-is-not-a-problem-south-east-asia-tourists-shop-in-taiwan-by-using-emv-qr-code-is-increasing/ Visa在台推EMV掃碼支付 串聯10大電子錢包 https://www.chinatimes.com/realtimenews/20190709003140-260410?chdtv 開放銀行大勢所趨　完善安全措施降低風險 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/9F6D22BB76F54B70A83E612B7306259A 林坤正：傳統銀行數位轉型的大難題 https://www.wealth.com.tw/home/articles/21402 臺灣開放銀行大進展！首版Open API標準出爐，2大準則5項安控13家銀行先支援 https://www.ithome.com.tw/news/131648 銀行戰純網銀 央行下指導棋 https://money.udn.com/money/story/5613/3922001 英國張手迎接「數位銀行」 http://bit.ly/2XAK7Xw 中國大陸央行公佈第七批支付牌照續展結果：17家順利通過 https://news.sina.com.tw/article/20190710/31919242.html 客戶資料不再獨享…3階段「開放銀行」 下月啟動 https://udn.com/news/story/11316/3888637 英推開放銀行規範 來台探路 http://bit.ly/2XRGE6l 香港金管局要求管理信用卡業務風險 http://bit.ly/2XA83p2 網貸機構備案沒有時間表 個別地方明確不發展P2P https://news.sina.com.tw/article/20190709/31896416.html P2P頻爆雷 受害者聲明退出中共 http://bit.ly/2XWkQGu 國銀分行連5年減少 ATM台數資安人才需求增加 https://money.udn.com/money/story/5613/3923704 證券超業小心囉！客戶下單5分鐘內嚴禁跟單 https://ec.ltn.com.tw/article/breakingnews/2850373 German banks are moving away from SMS one-time passcodes https://www.zdnet.com/article/german-banks-are-moving-away-from-sms-one-time-passcodes/#ftag=RSSbaffb68 Cyber Attacks Biggest Threat to Financial Sector https://www.infosecurity-magazine.com/news/cyber-attacks-biggest-threat/ Only three global banks given top website security score by ImmuniWeb https://www.zdnet.com/article/only-three-global-banks-given-top-website-security-score-by-immuniweb/ State of Application Security at S&P Global World's 100 Largest Banks https://www.immuniweb.com/blog/SP-100-banks-application-security.html Synthetic identity theft is the fastest-growing financial crime in the U.S. https://www.cyberscoop.com/synthetic-identity-theft-stolen-fake-data/ Synthetic Identity Fraud in the U.S. Payment System https://fedpaymentsimprovement.org/wp-content/uploads/frs-synthetic-identity-payments-fraud-white-paper-july-2019.pdf 3.電子支付/電子票證/行動支付/ pay/新聞及資安 日本7-Eleven手機支付新app被駭，近900名用戶損失5500萬日幣 https://times.hinet.net/news/22448660 日本「7Pay」出師不利　上線即遭嚴重盜刷 https://news.tvbs.com.tw/focus/1161283 日本7-11的資安風暴：超商電子支付「7pay」盜用風波 https://global.udn.com/global_vision/story/8662/3911089 日7-11手機支付軟體疑遭犯罪盜用 日逮捕2名陸嫌 https://www.chinatimes.com/realtimenews/20190705001440-260408?chdtv 密碼重設功能不嚴謹，缺乏驗證，日本7Pay用戶遭竄改密碼並盜刷 https://www.ithome.com.tw/news/131715 密碼重設功能不嚴謹，缺乏驗證，日本7Pay App用戶遭竄改密碼並盜刷 https://www.ithome.com.tw/news/131715 從日本7pay遭駭，看行動支付的資安風險 https://news.tvbs.com.tw/politics/1162387 日本7-11手機支付盜刷背後有中國團夥影子 https://zh.cn.nikkei.com/politicsaeconomy/politicsasociety/36386-2019-07-11-05-00-30.html 日本7-11推行動支付APP「7pay」 駭客竊取900人個資花光1600萬 https://news.sina.com.tw/article/20190708/31891034.html 日超商推手機支付，全家比 7-11 強在兩步驟驗證 https://technews.tw/2019/07/08/famipay-stronger-than-7pay/ 日本7-11手機支付遭盜刷 日本政府要求做到這件事 https://ec.ltn.com.tw/article/breakingnews/2848446 7Pay 剛上線就被盜刷 1581 萬台幣，為什麼全家 FamiPay 沒事 https://buzzorange.com/techorange/2019/07/08/711-familymart-7pay-famipay-tokoyo-japan/ 數百名用戶遭駭客竊取5,000多萬日圓　日本7-11停用手機支付App https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&id=0000564028_2m1lktxu39oun97mgwlod 印度法院稱PayPal在當地涉嫌非法運營 或被叫停 https://news.sina.com.tw/article/20190705/31870396.html 日本7-11推行動支付APP「7pay」 駭客竊取900人個資花光1600萬 https://cnews.com.tw/140190708a02/ 「7-11APP」有漏洞 屏蔽外部帳號登錄 https://zh.cn.nikkei.com/industry/tradingretail/36433-2019-07-12-10-37-06.html 陸Q1網路支付達58兆人幣 支付寶位居寶座 https://www.chinatimes.com/realtimenews/20190704003692-260410?chdtv 第三方支付平台須加強對第四方支付平台監管 https://news.sina.com.tw/article/20190705/31859902.html 台水、台電合作 推動行動支付服務 http://bit.ly/30acFUo 看好掃碼支付 Visa QR Code首波合作10家銀行今上線 https://news.cnyes.com/news/id/4354008 VISA支付安全路綫藍圖　代碼取代信用卡帳號 http://bit.ly/2N91hXf 新加坡「支付寶」時代要來臨了！媽媽再也不用擔心我忘帶錢包了 http://www.orgs.one/show/739002 【電子支付】法國央行建議　建立泛歐支付系統 http://bit.ly/2xIyO04 使用電子支付更方便了 金管會開放五大措施 https://udn.com/news/story/7239/3902836 提升電子支付便利性 金管會祭3大修正重點 https://money.udn.com/money/story/5613/3903223 與星巴克、微軟合作，Bakkt被爆將推加密支付APP http://news.knowing.asia/news/a17fd6a8-f13f-40a3-90b7-244ebad0c3e8 4.虛擬貨幣/區塊鍊 新聞及資安 在真正重構傳統金融體系之前，Libra得先解決監管難題 http://news.knowing.asia/news/de731887-8998-4837-8d2c-3db35bc50abb Libra回應國會:接受反洗錢監督和政府監管(全文） https://news.sina.com.tw/article/20190710/31919732.html 區塊鏈、資安 下一代數位科技 http://bit.ly/2xJXjKl 從 Libra 的誕生看網路支付工具的演進與區塊鏈代幣的未來 https://www.inside.com.tw/article/16706-Libra-and-the-future-of-blockchain 證券型代幣（STO）規範的開端！上路前的STO規範總體檢報名開跑 http://bit.ly/2XqQWGj STO為台灣帶來新活力 https://www.gvm.com.tw/article.html?id=66948 全球首創訂 STO 專門規範，金管會法規 10 月出爐 https://finance.technews.tw/2019/06/28/sto-specification-taiwan-october/ Monero（XMR）：披露了九個安全漏洞，一個暴露的加密貨幣交易所到盜竊 https://0xzx.com/201907052153155348.html 關於 Edgeware 鎖倉合約的拒絕服務漏洞 https://www.tuoluocaijing.com.tw/article/detail-50076.html 歐洲央行執行董事：金融監管機構需對Libra迅速採取行動 http://news.knowing.asia/news/39aac84f-5cbc-4ad3-a774-1e1e115a437d 資誠：虛擬貨幣平台，須符法遵 https://reurl.cc/G0Z1y MUB美人幣將在區塊鏈資產交易平臺MBAEX交易所開放交易 http://n.yam.com/Article/20190708275028 區塊鏈技術在智慧城市之應用 http://sa.ylib.com/MagArticle.aspx?Unit=webonly&id=4422 門羅幣XMR被發現數個安全漏洞，目前多數已被修復 http://bit.ly/30n9etE 區塊鏈產業趨勢下一波～不得不被重視的加密貨幣資產託管潮 https://cnews.com.tw/152190709a01/ 加密幣經紀業 SEC擬鬆綁 https://money.udn.com/money/story/5599/3919682 Electroneum重大升級使ETN成為全球最安全的去中心化和環境友善型加密貨幣，並將區塊獎勵降低75% http://www.businesswirechina.com/hk/news/41074.html 中國是否會開始著手開發微信加密貨幣呢 http://news.knowing.asia/news/66a138ac-d6bc-4b50-b649-5fe78f53d3b8 Libra圖謀全球化貨幣 周小川談人民幣應對挑戰 https://news.sina.com.tw/article/20190711/31925080.html 謝平：如果10億人使用Libra 將會是區塊鏈的大普及 https://news.sina.com.tw/article/20190710/31915700.html 羅玫:區塊鏈應用需要技術和產業的復合型人才 https://news.sina.com.tw/article/20190701/31813486.html 臉書幣若涉儲值、跨境匯兌 須金管會核准 https://udn.com/news/story/11316/3885935 Huffpost深度分析臉書Libra：一個發行偽貨幣的笑話 https://news.sina.com.tw/article/20190622/31716626.html 與FATF新規定有關？韓國銀行加強對加密貨幣匿名交易的監控 http://news.knowing.asia/news/cd59a16b-ae79-413b-86b0-dd48ec150696 POSCMS交易所繫統存在多個高危漏洞平台資金存在被竊風險 http://www.lingchenliang.com/post/57638.html 日本交易所BITPoint證實因駭客攻擊損失35億日元！BITPoint Taiwan客戶不受此事件影響 http://bit.ly/2LjiBr0 比特幣 ATM 或暴露了歐盟洗錢條例的漏洞 http://bit.ly/30tjWyX Bitcoin ATMs Show Gap in EU’s Money Laundering Rules, Police Say https://www.bloomberg.com/news/articles/2019-07-11/bitcoin-atms-show-gap-in-eu-s-money-laundering-rules-police-say Facebook’s Libra cryptocurrency project branded of ‘serious concern’ by Federal Reserve https://www.zdnet.com/article/facebooks-libra-cryptocurrency-project-branded-a-serious-concern-by-federal-reserve/#ftag=RSSbaffb68 Bitcoin eats as much energy as Switzerland https://nakedsecurity.sophos.com/2019/07/05/bitcoin-eats-as-much-energy-as-switzerland/ Bitcoin Scammers Go Public With Tesco Twitter Hacking https://www.pandasecurity.com/mediacenter/social-media/tesco-twitter-hacking/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式 惡意垃圾郵件利用 ISO 映像檔散佈夾帶兩隻木馬的假發票 https://blog.trendmicro.com.tw/?p=61108 駭客利用偽造的eFax文件遞送惡意程式 https://ithome.com.tw/news/131757 微軟警告竊密程式Astaroth來襲，攻擊過程完全使用合法工具 https://www.ithome.com.tw/news/131742 殭屍病毒GoBotKR鎖定韓劇迷 https://ithome.com.tw/news/131756 維加斯若遭駭 市長將不會付駭客贖金 https://www.lvcnn.com/news.php?id=27176 資安業者揭露有勒索軟體鎖定威聯通的NAS裝置展開攻擊 https://www.ithome.com.tw/news/131800 QNAP NAS遭勒索軟體盯上，Arm、x86處理器產品皆中鏢 https://www.techbang.com/posts/71485-qnap-nas-targeted-by-ransomware-virus-arm-x86-processor-products-are-all-dart 2,500萬支Android手機感染Agent Smith惡意程式 https://www.ithome.com.tw/news/131794 僵屍網路（Botnet）攻擊布署，由 Windows 轉向 Linux 與 IoT 設備 https://blog.twnic.net.tw/2019/07/11/4222/ Pale Moon檔案伺服器遭駭客下毒 https://www.ithome.com.tw/news/131797 ATM 意軟體在地下市場出售 https://blog.trendmicro.com.tw/ Data breach post-mortem https://forum.palemoon.org/viewtopic.php?f=17&t=22526 A New Ransomware Is Targeting Network Attached Storage (NAS) Devices https://thehackernews.com/2019/07/ransomware-nas-devices.html New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices https://thehackernews.com/2019/07/whatsapp-android-malware.html Pale Moon says hackers added malware to older browser versions https://www.zdnet.com/article/pale-moon-says-hackers-added-malware-to-older-browser-versions/#ftag=RSSbaffb68 Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info https://www.bleepingcomputer.com/news/security/trickbot-trojan-gets-icedid-proxy-module-to-steal-banking-info/ New Android malware replaces legitimate apps with ad-infested doppelgangers https://www.zdnet.com/article/new-android-malware-replaces-legitimate-apps-with-ad-infested-doppelgangers/#ftag=RSSbaffb68 Iran-Linked Malware Shared by USCYBERCOM First Seen in December 2016: Kaspersky https://www.securityweek.com/iran-linked-malware-shared-uscybercom-first-seen-december-2016-kaspersky A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants http://bit.ly/2XmJtrC US Coast Guard warns about malware designed to disrupt ships' computer systems https://www.zdnet.com/article/us-coast-guard-warns-about-malware-designed-to-disrupt-ships-computer-systems/#ftag=RSSbaffb68 Two US cities opt to pay $1m to ransomware operators https://www.welivesecurity.com/2019/06/26/cities-pay-ransom-ransomware-operators/ Crimeware for Sale:The Commoditization of ATM Malware in the Cybercriminal Underground http://bit.ly/323csnQ Golang-based Spreader Used in a Cryptocurrency-Mining Malware Campaign http://bit.ly/2Xr9G8o ShadowGate Returns to Worldwide Operations With Evolved Greenflash Sundown Exploit Kit http://bit.ly/2JhMLZD RATs and stealers rush through “Heaven’s Gate” with new loader https://blog.talosintelligence.com/2019/07/rats-and-stealers-rush-through-heavens.html Malicious Script With Multiple Payloads https://isc.sans.edu/diary/Malicious+Script+With+Multiple+Payloads/25090 Maldoc: Payloads in User Forms https://isc.sans.edu/diary/Maldoc%3A+Payloads+in+User+Forms/25084 Steer clear of Bitcoin Cash generators https://blog.malwarebytes.com/crypto/2019/07/steer-clear-of-bitcoin-cash-generators/ Helping survivors of domestic abuse: What to do when you find stalkerware https://blog.malwarebytes.com/stalkerware/2019/07/helping-survivors-of-domestic-abuse-what-to-do-when-you-find-stalkerware/ Crimeware for Sale:The Commoditization of ATM Malware in the Cybercriminal Underground https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/crimeware-for-sale-the-commoditization-of-atm-malware-in-the-cybercriminal-underground UK's largest police forensics lab paid ransom demand to recover locked data https://www.zdnet.com/article/uks-largest-police-forensics-lab-paid-ransom-demand-to-recover-locked-data/#ftag=RSSbaffb68 Inter: Skimmer For All https://www.fortinet.com/blog/threat-research/inter-skimmer-for-all.html 2019-07-05 - QUICK POST: URSNIF INFECTION WITH TRICKBOT https://www.malware-traffic-analysis.net/2019/07/05/index.html BianLian Android Banking Malware is Back with Screen Recording and SSH Server Capabilities https://gbhackers.com/bianlian-android-banking-malware/ Ransomware found exploiting former Windows flaw https://www.ehackingnews.com/2019/07/ransomware-found-exploiting-former.html More AgentTesla keylogger info-stealer campaigns hitting UK https://myonlinesecurity.co.uk/more-agenttesla-keylogger-info-stealer-campaigns-hitting-uk/ The world's most famous and dangerous APT (state-developed) malware https://www.zdnet.com/pictures/the-worlds-most-famous-and-dangerous-apt-state-developed-malware/#ftag=RSSbaffb68 Microsoft warns about Astaroth malware campaign https://www.zdnet.com/article/microsoft-warns-about-astaroth-malware-campaign/#ftag=RSSbaffb68 Watch Out! Microsoft Spotted Spike in Astaroth Fileless Malware Attacks https://thehackernews.com/2019/07/astaroth-fileless-malware.html Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack/ Backdoor found in Ruby library for checking for strong passwords https://www.zdnet.com/article/backdoor-found-in-ruby-library-for-checking-for-strong-passwords/#ftag=RSSbaffb68 Malicious campaign targets South Korean users with backdoor-laced torrents https://www.welivesecurity.com/2019/07/08/south-korean-users-backdoor-torrents/ Anubis Android Malware Returns with Over 17,000 Samples https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/ Fake eFax emails are now spreading Dridex Trojan, RMS RAT https://www.zdnet.com/article/fake-efax-emails-are-now-spreading-dridex-trojan-rms-rat/#ftag=RSSbaffb68 Double Duty: Dridex Banking Malware Delivered with RMS RAT https://cofense.com/double-duty-dridex-banking-malware-delivered-rms-rat/ 2019-07-08 - QUICK POST: URSNIF INFECTION WITH DRIDEX AND POWERSHELL EMPIRE https://www.malware-traffic-analysis.net/2019/07/08/index.html 2019-07-08 - QUICK POST: RIG EK SENDS AMADEY https://www.malware-traffic-analysis.net/2019/07/08/index2.html Anubis Android banking malware returns with extensive financial app hit list https://www.zdnet.com/article/anubis-android-banking-malware-returns-with-a-bang/#ftag=RSSbaffb68 Anubis Android Malware Returns with Over 17,000 Samples https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/ Where Will Ransomware Go In The Second Half Of 2019 https://blog.trendmicro.com/where-will-ransomware-go-in-the-second-half-of-2019/ New versions of FinFisher mobile spyware discovered in Myanmar https://www.zdnet.com/article/new-versions-of-finfisher-mobile-spyware-discovered-in-myanmar/#ftag=RSSbaffb68 New FinSpy iOS and Android implants revealed ITW https://securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/ eCh0raix — New Ransomware Targets QNAP NAS Devices https://thehackernews.com/2019/07/ransomware-nas-devices.html New Miori Variant Uses Unique Protocol to Communicate with C&C https://blog.trendmicro.com/trendlabs-security-intelligence/new-miori-variant-uses-unique-protocol-to-communicate-with-cc/ Remote access — for a scammer https://www.kaspersky.com/blog/remote-access-scams/27552/ Sodin ransomware enters through MSPs https://www.kaspersky.com/blog/sodin-msp-ransomware/27530/ New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices https://thehackernews.com/2019/07/whatsapp-android-malware.html Cybersecurity: Malware lingers in SMBs for an average of 800 days before discovery https://www.techrepublic.com/article/cybersecurity-malware-lingers-in-smbs-for-an-average-of-800-days-before-discovery/ Wannacry ransomware attack: Industry experts offer their tips for prevention https://www.techrepublic.com/article/wannacry-ransomware-attack-industry-experts-offer-their-tips-for-prevention/ Agent Smith Android Malware Downloaded 25m+ Times https://www.infosecurity-magazine.com/news/agent-smith-android-malware/ New eCh0raix Ransomware Brute-Forces QNAP NAS Devices https://www.bleepingcomputer.com/news/security/new-ech0raix-ransomware-brute-forces-qnap-nas-devices/ US mayors group adopts resolution not to pay any more ransoms to hackers https://www.zdnet.com/article/us-mayors-group-adopts-resolution-not-to-pay-any-more-ransoms-to-hackers/#ftag=RSSbaffb68 This new ransomware is targeting network attached storage devices https://www.zdnet.com/google-amp/article/this-new-ransomware-is-targeting-network-attached-storage-devices/ Trickbot Trojan Gets 'BokBot' Proxy Module to Steal Banking Info. https://www.ehackingnews.com/2019/07/trickbot-trojan-gets-bokbot-proxy.html Trickbot gets custom proxy module from IcedID banking trojan| Cyware Hacker News https://cybersecurityboard.com/trickbot-gets-custom-proxy-module-from-icedid-banking-trojan-cyware-hacker-news B.行動安全 / iPhone / Android /穿戴裝置 /App 警告！「三星更新」是詐騙 APP，千萬別從 Google Play 下載 https://m.eprice.com.tw/mobile/talk/4523/5366299/1/ 公共Wi-Fi暗藏危機 出國旅遊連網務必注意 http://bit.ly/2NIYZOW 駭客利用三星免費固件程式騙錢，安裝量超1000萬 http://bit.ly/2NQWqdY Google Play 出現冒充 Samsung 更新軟件！逾千萬用戶中招 http://bit.ly/32dC2a1 趨勢科技預警182個免費App夾帶惱人廣告 百萬用戶中箭 https://www.chinatimes.com/realtimenews/20190705003637-260412?chdtv 安卓粉注意！上百款免費應用程式暗藏「進化版」惡意廣告，個資恐遭竊取 https://3c.ltn.com.tw/news/37301 用戶拒授權無用！逾千Android程式 繞後門存取用戶資料 http://www.limedia.tw/tech/7084/ 谷歌挖出iMessage新漏洞運行舊系統的iPhone只能重置修復 http://bit.ly/32ak885 華為作業系統易被駭「鴻蒙」遭檢出多項漏洞 https://news.cnyes.com/news/id/4353528 華為作業系統「鴻蒙」　遭義大利網路資安公司點出多項漏洞 https://www.ettoday.net/news/20190709/1485715.htm 鴻蒙作業系統還未推出，資訊安全公司就發現 3 個危險漏洞 https://technews.tw/2019/07/09/huawei-os-information-security/ 如何辨識手機內假應用程式?安裝應用程式前後須留意的事項 https://blog.trendmicro.com.tw/?p=61015 Swascan scopre criticità anche su Huawei https://www.swascan.com/it/huawei-2/ 新青年社交APP伴伴存在源代碼洩露漏洞[T00ls-2019-00073] https://www.t00ls.net/Vuls-T00ls-2019-00073.html 市議員批台中購物節APP漏洞百出 市府：將儘速調整 https://www.chinatimes.com/realtimenews/20190710003631-260405?chdtv 台中購物節開跑 議員：APP漏洞百出 恐洩個資 https://udn.com/news/story/7325/3921759?from=udn-catebreaknews_ch2 港人「空投」傳訊息 突破中共防火牆 http://bit.ly/2xDLViT 信用卡智能還款App暗藏風險專家：套現本身違法違規 http://www.sohu.com/a/326074773_362042?scm=0.0.0.0 中國公司暗黑行動潛入手機 App 清單，掉包 App 賺取廣告費 https://technews.tw/2019/07/11/china-company-seek-into-app-list-on-phone-and-switching-app-for-ad-profit/ 有竊聽疑慮，蘋果暫停 Apple Watch 對講機 App 服務 https://www.eprice.com.tw/mobile/talk/4503/5369977/1/ 下載逾五萬次的Android遊戲,暗中竊取 Facebook 和 Google 登入憑證 https://blog.trendmicro.com.tw/?p=61146 如何辨識手機內假應用程式?安裝 APP 前後須留意的事項 https://blog.trendmicro.com.tw/?p=61015 These are the sneaky new ways that Android apps are tracking you https://www.fastcompany.com/90372033/these-are-the-sneaky-new-ways-that-android-apps-are-tracking-you 50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System https://www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_serge_egelman.pdf Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party Stores Like 9Apps http://bit.ly/30ii24i Symantec Mobile Threat Defense: A Snapshot of Mobile Security Incidents in Q2 2019 https://www.symantec.com/blogs/product-insights/symantec-mobile-threat-defense-snapshot-mobile-security-incidents-q2-2019 Over 150 Fake Jio Android Apps Offer Free Data but Deliver Only Ads https://www.symantec.com/blogs/threat-intelligence/malicious-android-apps-india-jio How to update apps on your smartphone https://www.kaspersky.com/blog/how-to-update-ios-android-apps/27541/ Samsung Galaxy S10 update is causing huge problems for some users https://www.zdnet.com/article/samsung-galaxy-s10-update-is-causing-huge-problems-for-some-users/#ftag=RSSbaffb68 C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件 領略 WCTF 2019 | 各國駭客豪情碰撞，「網路安全世界大戰」一觸即發 http://bit.ly/2Xp6Y3r 【HITCON CMT 2019 售票】票價變更通知 https://blog.hitcon.org/2019/07/hitcon-2019-cmt-regedit.html?m=1 2019年7月8日午，某駭客攻克小付钱包信息管理平台-内蒙古 http://www.fangongheike.com/2019/07/201978.html 谷歌、臉書乖乖把錢匯入「他的」帳戶 >>東歐駭客「代收」廣達38億驚奇 http://bit.ly/2LgXzcw 糗！美國四名高中生因自動 Wifi 登入，惡意噴漆被抓包 https://www.inside.com.tw/article/16874-police-get-mischief-students-via-free-wifi 東歐駭客「代收」廣達38億驚奇 https://magazine.chinatimes.com/wealth/20190711002883-300205 藉電訊取用電腦罪 IT業憂變「萬能Key」 http://bit.ly/2LdmVI9 2018年網攻猖獗 全球損失逾1.4兆 https://summit.rti.org.tw/news/view/id/2026884 全球3成VPN業者被中資掌控 網民翻牆恐被監控 https://www.cna.com.tw/news/acn/201907090332.aspx 調查指出：世界百大 VPN 中，29 項為六家中國公司所持有 https://www.inside.com.tw/article/16840-Top-VPNs-secretly-owned-by-Chinese-firms 別挑錯！翻牆未必安全 全球主要VPN公司近3成在中國 https://news.ltn.com.tw/news/world/breakingnews/2846658 Ubuntu Linux發行商Canonical的官方GitHub帳號被駭 https://www.ithome.com.tw/news/131721 Firefox拒絕信任安全廠商DarkMatter發的憑證，理由是該公司協助政府監控民眾 https://www.ithome.com.tw/news/131770 駭死妳！ 宅男竊女網友性愛照恐嚇50萬元 https://www.chinatimes.com/realtimenews/20190708001664-260402?chdtv 駭客追女網友被打槍 竟駭入雲端竊取性愛影片勒索50萬元 https://news.ltn.com.tw/news/society/breakingnews/2846066 中駭客連你電話都聽？他呼叫電信公司 https://reurl.cc/4VZ4K 大家都還好嗎？林昶佐憂中國駭客入侵電信公司情資 https://newtalk.tw/news/view/2019-07-08/269761 闇黑部隊入侵 無聲的國安危機 https://www.wealth.com.tw/home/articles/21383 台灣部隊 靠「駭客學」挺進世界杯 https://www.wealth.com.tw/home/articles/21385 防範藏在細節的闇黑部隊 員工是最重要的防火牆 https://www.wealth.com.tw/home/articles/21386 不甩美國警告 阿根廷接受中國公司安裝監控設備 https://news.ltn.com.tw/news/world/breakingnews/2845602 中製無人機 美國會要軍方禁購 https://ec.ltn.com.tw/article/paper/1301626 最高219年徒刑！台裔教授涉嫌盜取美國晶片轉賣中國 https://n.yam.com/Article/20190708418453 英國智庫起底!百名華為員工有軍方背景 https://www.ustv.com.tw/UstvMedia/news/109/20190708A128 華為「紅色」員工 證實與攻擊西方企業駭客和間諜掛勾 https://news.ltn.com.tw/news/world/breakingnews/2846864 美網安公司再揭華為：漏洞遍及整個產品線 https://www.ntdtv.com/b5/2019/07/08/a102617683.html 川普只是口頭放過華為？美司法部要求法院駁回華為控告美政府訴訟案 https://www.cmmedia.com.tw/home/articles/16390 美反間諜官員﹕華為5G反映中共野心 http://bit.ly/2RZYONI 華為駐外代表前妻 揭華為與中共政府關係 http://www.epochtimes.com/b5/19/6/24/n11343615.htm 因應華為間諜風險 歐盟年底前將採取集體措施 https://ec.ltn.com.tw/article/breakingnews/2849859 加拿大國會議員被警告：不要使用微信 http://www.secretchina.com/news/b5/2019/07/09/899703.html?code=b5 美國會瞄準中國製無人機 擬禁軍方購買 https://ec.ltn.com.tw/article/breakingnews/2845216 巴西成為國際駭客攻擊的目標 http://bit.ly/2XtaFoN 還以顏色？伊朗疑似升高對美網攻 https://www.ydn.com.tw/News/343122 德國工業區網速慢 經濟被「拖後腿」 http://bit.ly/2YCuxHm 防洩密 印度陸軍禁加入社群平台大型群組 https://www.cna.com.tw/news/aopl/201907090129.aspx 「敵國」圖分裂友邦 英外相令徹查密電洩露案 https://udn.com/news/story/6809/3918505 美國網路犯罪手段猖獗 各地政府損失逾1.4兆 http://bit.ly/2YM3Dg2 大疆無人機 罕見通過美審核 https://www.chinatimes.com/newspapers/20190711000100-260309?chdtv 葡國駭客揚言為公義　要搞死C朗 https://hk.on.cc/hk/bkn/cnt/sport/20190707/bkn-20190707110255519-0707_00882_001.html 美軍「網路旗」演習 強化網戰攻防 https://www.ydn.com.tw/News/343688 JPL探測火星資料遭駭 一年後才發現 https://udn.com/news/story/6812/3889560 網攻猖獗 全球2018年損失逾1.4兆 http://www.ksnews.com.tw/index.php/news/contents_page/0001282780 上萬億美元！這就是網路攻擊惹的禍 https://news.sina.com.tw/article/20190701/31815902.html 想癱瘓飛彈系統 美網攻伊朗失敗 https://udn.com/news/story/11314/3890732 美國網戰司令部發布警告，指有網軍透過 Outlook 老舊漏洞進行駭侵 https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=888 伊朗暗示若美國解除制裁 願意協商新的讓步措施 https://udn.com/news/story/6811/3890416 避免台灣人被中國信用評分 先從禁用中國監控系統開始 https://talk.ltn.com.tw/article/breakingnews/2850480 Magento Killer https://blog.sucuri.net/2019/07/magento-killer.html Hackers breach Canonical GitHub account, create repositories, leave source code untouched http://bit.ly/2G9FJnI Wipe Away the Threat of Wiper Attacks https://www.bankinfosecurity.com/wipe-away-threat-wiper-attacks-a-12727 NHS warned to act now to keep hackers at bay https://www.welivesecurity.com/2019/07/03/nhs-warning-avoid-wannacryptor/ Pentagon losing recruiting battle for cybersecurity expertise https://www.stripes.com/news/us/pentagon-losing-recruiting-battle-for-cybersecurity-expertise-1.589708 OpenPGP experts targeted by long-feared ‘poisoning’ attack https://nakedsecurity.sophos.com/2019/07/05/openpgp-experts-targeted-by-long-feared-poisoning-attack/ Canonical GitHub account hacked, Ubuntu source code safe https://www.zdnet.com/article/canonical-github-account-hacked-ubuntu-source-code-safe/#ftag=RSSbaffb68 Croatian government targeted by mysterious hackers https://www.zdnet.com/article/croatian-government-targeted-by-mysterious-hackers/#ftag=RSSbaffb68 Ubuntu-Maker Canonical’s GitHub Account Gets Hacked https://thehackernews.com/2019/07/canonical-ubuntu-github-hacked.html Brazilians report lack of cybersecurity skills https://www.zdnet.com/article/brazilians-report-lack-of-cybersecurity-skills/#ftag=RSSbaffb68 Dropbox: Fedora installation instructions fetch repo and validation key from insecure source, allowing mitm attack https://vulners.com/hackerone/H1:638250?utm_source=rss&utm_medium=rss&utm_campaign=rss Inside the NIST team working to make cybersecurity more user-friendly https://www.helpnetsecurity.com/2019/07/11/nist-cybersecurity/ A Simple Configuration Mistake Caused GE Aviation Server To Leak Passwords and Sensitive Files http://bit.ly/2XI4xcr Magecart駭客集團新手法，專找配置錯誤的Amazon S3儲存貯體植入惡意程式 https://www.ithome.com.tw/news/131816 Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets https://thehackernews.com/2019/07/magecart-amazon-s3-hacking.html Spray and Pray: Magecart Campaign Breaches Websites En Masse Via Misconfigured Amazon S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/ Magecart group compromises 17,000 domains by overwriting Amazon S3 buckets https://www.scmagazine.com/home/security-news/magecart-group-compromises-17000-domains-by-overwriting-amazon-s3-buckets/ 資深系統工程師-資安產品 https://www.104.com.tw/job/6o0q9 前端設計師 https://www.104.com.tw/job/6o02g 資安經理 https://www.104.com.tw/job/6nbzr 資安工程師 https://www.104.com.tw/job/3fanf 兆豐銀招大數據人員暨資訊人員 薪含午膳費上看48K https://www.1111.com.tw/news/jobns/124519/ 供應鏈業務管理師 https://www.104.com.tw/job/6o6qi 數據分析師 https://www.liepin.com/job/1920264507.shtml D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞 Virgil Abloh 本人 Instagram 帳號遭駭客入侵 https://hypebeast.com/zh/2019/7/virgil-abloh-instagram-hacked 約會應用程式 Jack’d 因隱私問題遭罰 24 萬;《財星 100 大》企業資料外洩,皆因安全措施不當的 AWS S3 伺服器導致 https://blog.trendmicro.com.tw/?p=61125 5大網路業者發布防制不實訊息自律準則 http://bit.ly/2YKCJW9 https://www.tahr.org.tw/sites/default/files/u87/190621_disinformation_code_of_practice_taiwan.pdf 資安研究單位指出，Email 仍是最主要的駭侵攻擊目標 https://blog.twnic.net.tw/2019/07/11/4219/ Google證實　雇用專人聽取裝置錄下的內容 https://www.cw.com.tw/article/article.action?id=5095970 詐騙新手法！簽支票才能借錢 一毛未得就欠債 https://news.ltn.com.tw/news/society/breakingnews/2837018 冒充聯邦法警「你未出席陪審團，繳錢消災」 詐財電話出新招 http://bit.ly/2XETLsh 卑詩商譽局提醒公眾留意冒稱銀行調查員的行騙手法 http://bit.ly/2XCt6ra 假鈔詐騙猖獗 苑裡人當心 http://bit.ly/2XBOOjG 「鑽線上服務漏洞」每次只騙1.99元 信用卡盜刷新手法 http://bit.ly/2JoFoyh 四川警方打掉一特大網路詐騙團伙 https://news.sina.com.tw/article/20190705/31859834.html 樂山打掉兩個網路賭博團伙 涉案賭資流水過億元 https://news.sina.com.tw/article/20190630/31799480.html 廣州工行協助警方堵截198萬涉案資金 https://news.sina.com.tw/article/20190705/31859244.html 電信詐騙「降魔之困」：高科技作案 老手段破案 https://news.sina.com.tw/article/20190704/31845990.html 提供人頭帳戶給詐騙集團使用 兩女吃官司 https://udn.com/news/story/7321/3915833 特大網路賭博平台滲透國內：年賭額為彩票收入兩倍 https://news.sina.com.tw/article/20190708/31885070.html 「最大罌粟花」侵入 特大國際網路賭博平台滲透國內 https://news.sina.com.tw/article/20190708/31883588.html 身分竊盜招數多 須常查看帳戶明細防詐 https://udn.com/news/story/6813/3920753 兩岸網路地下匯兌13億 警扣嫌資產 http://bit.ly/2Lfyi2u 台網站換匯人民幣 6年13億台幣流中國大陸 https://udn.com/news/story/7315/3918436 刑事局南打破獲網路地下匯兌 逮3嫌扣押3千多萬資產 https://news.ltn.com.tw/news/society/breakingnews/2846899 河南衛輝警方打掉一倒賣個人信息犯罪團伙 https://news.sina.com.tw/article/20190629/31796588.html 曾雅蘭、藍心湄遭盜圖賣商品 刑事局揭典型詐騙廣告 http://bit.ly/2xFvrqN 趁亂偷包！2男買點數　半小時盜刷1萬5千 https://news.tvbs.com.tw/local/1157033 我們常見信用卡詐騙主要是類型 https://read01.com/mzQyyDP.html#.XSat3ugzbIU 身分竊盜招數多 須常查看帳戶明細防詐 https://udn.com/news/story/6813/3920753 黑客侵香港私營醫療中心 7000病人資料恐外泄 http://bit.ly/2NOlh1N 社群網路一頁式廣告有詐 警公布6大破解訣竅防詐 https://news.ltn.com.tw/news/society/breakingnews/2844166 陸人力銀行員工盜賣16萬用戶個資 每份23元 https://money.udn.com/money/story/5603/3917960 英航38萬客戶個資被駭 遭判罰近3億美元 https://www.rti.org.tw/news/view/id/2026639 五十萬旅客個資遭駭客竊取 英航遭重罰2.3億美元 http://bit.ly/2xN2h9j 英國GDPR重罰再出手，萬豪國際因資料外洩遭罰9900萬英鎊 https://www.ithome.com.tw/news/131759 想靠網戀結束單身？你可能落入了「殺豬盤」陷阱 https://news.sina.com.tw/article/20190706/31877242.html 收到了微信支付關於XXE漏洞的郵件 https://developers.weixin.qq.com/community/develop/doc/0006e428458a38452cd84d40856000 EA遊戲平台漏洞恐洩用戶資料　股價挫逾 https://hk.on.cc/hk/bkn/cnt/finance/20190705/bkn-20190705231921625-0705_00842_001.html 峇厘島超商ATM盜領氾濫！專家傳授2點避免被詐 https://news.ebc.net.tw/News/business/169217 165反詐騙專線與Whoscall整合詐騙來電大數據 警民合作當反詐門神 https://times.hinet.net/news/22447130 美英5眼聯盟示警 8大情治系統個資遭中國掌控 http://bit.ly/2L5cXZl 59萬公務人員個資外洩 監委申請調查 https://udn.com/news/story/6656/3920942 59萬筆公務員個資外洩 台專家：問題嚴重 http://www.epochtimes.com/b5/19/7/5/n11365860.htm 59萬筆公務個資外洩 政院：媒體相關臆測非事實 https://udn.com/news/story/6656/3910761 銓敘部公務員個資外洩 政院資安處：立案偵辦中 https://cn.rti.tw/news/view/id/2026269 文官個資外洩因境外攻擊 手法近似中國特定網軍 https://www.cna.com.tw/news/firstnews/201907030101.aspx 政院：文官個資外洩已立案偵辦 外界臆測非事實 https://taronews.tw/2019/07/05/392231/ 點開網頁瞬間被竊取隱私！訪客手機號碼被賣1元1條 https://reurl.cc/vRy2j 英國航空洩露個資，遭ICO開罰2.3億美元 https://reurl.cc/yVy06 奇異航空的Jenkins伺服器沒鎖，原始碼及密碼都曝光 https://www.ithome.com.tw/news/131740 男子被同事冒名辦信用卡欠款11萬筆跡鑑定還原真相 http://m.ce.cn/sh/sgg/201907/08/t20190708_32554857.shtml 萬豪酒店3億客戶個資外洩 衰吞9920萬英鎊重罰 https://newtalk.tw/news/view/2019-07-10/270640 中國大陸教育部發佈預警：警惕電信和「校園貸」詐騙 https://news.sina.com.tw/article/20190711/31926686.html 抽iPhone誘導填個資 警：趕快到銀行換卡 https://udn.com/news/story/7321/3908054?from=udn-ch1_breaknews-1-cate2-news 個資被駭被重罰！英國開鍘英航71億元、萬豪39億元 http://www.limedia.tw/tech/7360/ MongoDB Database Exposed 188 Million Records: Researchers https://www.bankinfosecurity.com/mongodb-database-exposed-188-million-records-researchers-a-12769 Report: Detailed personal records of 188 million people found exposed on the web https://www.comparitech.com/blog/vpn-privacy/188-million-data-breach/ Data leak costs £183 million https://www.kaspersky.com/blog/british-airways-fined/27580/ Facebook transfer of data from EU to US shores argued in European high court https://www.zdnet.com/article/legal-battle-challenging-facebook-transfer-of-eu-data-to-us-shores-reaches-european-high-court/#ftag=RSSbaffb68 GE Aviation exposed internal configs via open Jenkins instance https://securitydiscovery.com/ge-aviation-exposed/ Vulnerabilities Found in Yet Another Government Website https://www.bankinfosecurity.asia/vulnerabilities-found-in-yet-another-government-website-a-12724 Summer Scam Alerts: Don’t Let Crooks Wreck Your Family Travel Plans https://securingtomorrow.mcafee.com/consumer/family-safety/summer-scam-alerts-dont-let-crooks-wreck-your-family-travel-plans/ British Airways Faces Record-Setting $230 Million GDPR Fine https://www.bankinfosecurity.com/british-airways-faces-record-setting-230-million-gdpr-fine-a-12743 Over 90 Million Records Leaked by Chinese Public Security Department https://www.bleepingcomputer.com/news/security/over-90-million-records-leaked-by-chinese-public-security-department/ Report: Fieldwork Software Leaks Sensitive Customer Data https://www.vpnmentor.com/blog/report-fieldwork-leak/ Fieldwork Software database leak exposed sensitive SMB records, customer credit card details https://www.zdnet.com/article/fieldwork-software-database-exposed-full-credit-card-details-of-business-customers/#ftag=RSSbaffb68 FBI, ICE plunder DMV driver database ‘gold mine’ for facial recognition scans https://www.zdnet.com/article/fbi-and-ice-are-using-dmv-gold-mine-for-facial-recognition-scans/#ftag=RSSbaffb68 British Airways Fined £183 Million Under GDPR Over 2018 Data Breach https://thehackernews.com/2019/07/british-airways-breach-gdpr-fine.html Estonia's new e-residency security focus: 'You can't launder money with a digital ID' https://www.zdnet.com/article/estonias-new-e-residency-security-focus-you-cant-launder-money-with-a-digital-id/#ftag=RSSbaffb68 Hackers breached Greece's top-level domain registrar https://www.zdnet.com/article/hackers-breached-greeces-top-level-domain-registrar/#ftag=RSSbaffb68 UK’s data watchdog hands out two mega-fines for breaches https://www.welivesecurity.com/2019/07/09/ico-fines-breaches-british-marriott/ Gone phishing: Why summer brings increased security threats to the enterprise https://www.techrepublic.com/article/gone-phishing-why-summer-brings-increased-security-threats-to-the-enterprise/ Premera Signs $10 Million Breach Settlement With 30 States https://www.bankinfosecurity.com/premera-signs-10-million-breach-settlement-30-states-a-12772 E.研究報告 善用Apache MPM工作模式　徹底發揮主機硬體效能 開源httperf壓力測試　調出伺服器最佳服務效能 https://www.netadmin.com.tw/netadmin/zh-tw/technology/79EE785099FF4659A813C710D92834D8 提升 WordPress 安全性，防止駭客入侵網站的 12 個方法（2019） https://networker.tw/wordpress-security/ 手動挖掘漏洞(一)輸入框未加過濾引發漏洞利用 https://www.cnblogs.com/Tempt/p/11147499.html Mozilla火狐瀏覽器中的一個Use-After-Free漏洞分析 https://xz.aliyun.com/t/5569 CVE-2019-0863漏洞分析 https://xz.aliyun.com/t/5571 分析：HackerOne的安全漏洞報告導致門羅幣價格大跌 https://xcong.com/lives/1547167 阿里“內核漏洞檢測方法”入選國際學術頂會，尚不開源 http://tech.ifeng.com/a/20190705/45609730_0.shtml CVE-2019-9041: 從CSRF到Getshell漏洞分析 http://www.sohu.com/a/325432735_354899 使用Adidnsdump轉儲Active Directory DNS https://www.freebuf.com/articles/network/206897.html WebLogic XMLDecoder 漏洞分析 https://www.freebuf.com/column/207849.html Jenkins任意文件讀取（CVE-2018-1999002）漏洞分析 https://www.freebuf.com/column/207844.html CVE-2017-12615漏洞復現 https://xz.aliyun.com/t/5610 淺談: 建立安全成熟度模型 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=8737 一款輕量級Web漏洞教學演示系統（DSVW） http://www.wu45.com/post/4382.html Bypassing Web Application Firewalls with HTTP Parameter Pollution https://www.exploit-db.com/docs/47082 Coding a remote screenshot sending malware https://medium.com/@gnsrikanth/coding-a-remote-screenshot-sending-malware-feea50b8bf8 Whonix : Privacy Protection, Anonymity Online, Anonymous Operating System https://kalilinuxtutorials.com/whonix-privacy-protection/ Remote tech support, yet another risk factor for business https://www.kaspersky.com/blog/dangerous-remote-access/27538/ Windows zero‑day CVE‑2019‑1132 exploited in targeted attacks https://www.welivesecurity.com/2019/07/10/windows-zero-day-cve-2019-1132-exploit/ Meet the ‘Gift Cardsharks’ Behind the Massive Campaign Targeting Victims with Commercially Available Tools https://www.riskiq.com/blog/external-threat-management/giftcard-sharks/ Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic http://bit.ly/2xtl3lQ See the Unseen in AWS Mirrored Traffic With the VM-Series https://blog.paloaltonetworks.com/cloud-see-unseen-aws-mirrored-traffic-vm-series/ Getting Started with Cloud Governance https://securingtomorrow.mcafee.com/business/cloud-security/getting-started-with-cloud-governance/ Fake jquery campaign leads to malvertising and ad fraud schemes https://blog.malwarebytes.com/threat-analysis/2019/06/fake-jquery-campaign-leads-to-malvertising-and-ad-fraud-schemes/ GreenFlash Sundown exploit kit expands via large malvertising campaign https://blog.malwarebytes.com/threat-analysis/2019/06/greenflash-sundown-exploit-kit-expands-via-large-malvertising-campaign/ Recipe for success: tech support scammers zero in via paid search https://blog.malwarebytes.com/tech-support-scams/2019/06/recipe-for-success-tech-support-scammers-zero-in-via-paid-search/ HACKER LEXICON: WHAT IS CREDENTIAL DUMPING https://www.wired.com/story/hacker-lexicon-credential-dumping/ How to enable DNS-over-HTTPS (DoH) in Firefox https://www.zdnet.com/article/how-to-enable-dns-over-https-doh-in-firefox/#ftag=RSSbaffb68 Mozilla: No plans to enable DNS-over-HTTPS by default in the UK https://www.zdnet.com/article/mozilla-no-plans-to-enable-dns-over-https-by-default-in-the-uk/#ftag=RSSbaffb68 Coding a remote screenshot sending malware https://medium.com/@gnsrikanth/coding-a-remote-screenshot-sending-malware-feea50b8bf8 F.商業 亞利安攜手原廠夥伴，助用戶落實資安法、提升威脅防禦能量 https://ithome.com.tw/pr/131679 數位媒體偷渡機密資訊　資安鑑識把守最後關卡 破解資訊隱藏伎倆　力阻數位影像藏密外流 https://www.netadmin.com.tw/netadmin/zh-tw/technology/C97145B13825464CB1F293223D009A7B 奧義智慧研發資安人工智慧引擎，從端點到全球網路快速防護 https://technews.tw/2019/07/08/cycarrier-developed-an-ai-engine-with-forensic-platform-to-provide-security-from-endpoints-to-global-networks/ 微軟：如果你兩年內沒有登入微軟帳號，帳號將會自動刪除並且不會發送提醒郵件 https://www.techbang.com/posts/71371-microsoft-says-that-if-you-dont-log-in-to-your-microsoft-account-in-two-years-the-account-will-be-automatically-deleted-and-no-reminder-emails-will-be-sent 解析惡意郵件威脅指標　提升資安防護 眾至自建團隊　累積在地化情資 https://www.netadmin.com.tw/netadmin/zh-tw/market/9C3E2EA5EA2944F69FFD7494B09B3F4A 穆迪公司和Team8成立合資公司以制定全球網路風險標準 https://times.hinet.net/topic/22438194 趨勢科技率先利用 AWS Transit Gateway，提供高效能在線式網路資安防護，協助簡化並有效率解決企業在應用程式移轉至雲端時的網路資安需求 http://www.pcdiy.com.tw/detail/13470 McAfee準備重新上市 https://www.ithome.com.tw/news/131791 McAfee plots return to public markets with IPO https://www.zdnet.com/article/mcafee-plots-return-to-public-markets-with-ipo/ Dashboards to Use on Palo Alto Networks for Effective Management https://thehackernews.com/2019/07/log-management-analysis.html Cynet Launches Free Offering For Incident Response Service Providers https://thehackernews.com/2019/07/cynet-incident-response.html Microsoft enhances OneDrive to secure your sensitive files https://www.welivesecurity.com/2019/06/27/microsoft-onedrive-personal-vault-files/ Review: XM Cyber HaXM makes automated penetration testing more accessible, reliable https://www.csoonline.com/article/3406464/review-xm-cyber-haxm-makes-automated-penetration-testing-more-accessible-reliable.html Hackers' Operating System Kali Linux Released for Raspberry Pi 4 https://thehackernews.com/2019/07/kali-linux-raspberry-pi-4.html Microsoft adds new 'passwordless' sign-in option with latest Windows 10 20H1 test build https://www.zdnet.com/article/microsoft-adds-new-passwordless-sign-in-option-with-latest-windows-10-20h1-test-build/#ftag=RSSbaffb68 Microsoft is closing its Remix3D.com site early next year https://www.zdnet.com/article/microsoft-is-closing-its-remix3d-com-site-early-next-year/#ftag=RSSbaffb68 Microsoft is reorging its field sales team, laying off some 'Modern Desktop' salespeople https://www.zdnet.com/article/microsoft-is-reorging-its-field-sales-team-laying-off-some-modern-desktop-salespeople/#ftag=RSSbaffb68 Microsoft stirs suspicions by adding telemetry files to security-only update https://www.zdnet.com/article/microsoft-stirs-suspicions-by-adding-telemetry-files-to-security-only-update/#ftag=RSSbaffb68 G.政府 不信任公部門？打假…為何越打越反感 https://udn.com/news/story/11311/3912764 傳鎖定網站清查假訊息影響大選 調查局澄清 https://udn.com/news/story/7321/3912934 內政部：數位身分證將結合自然人憑證，明年10月換發 https://www.ithome.com.tw/news/131711 晶片身分證明年十月將發行，上路倒數前3大疑慮待解 https://www.techbang.com/posts/71385-chip-id-will-be-released-in-october-top-3-doubts-to-be-resolved 「國安五法」完成 蔡英文:續拚「中共代理人」修法 http://bit.ly/32cwxZ4 台月底公布危害資安產品清單　華為中興料被禁 https://hk.on.cc/hk/bkn/cnt/cnnews/20190707/bkn-20190707154016375-0707_00952_001.html 誤送開山里登革熱警示傳損千萬 疾管署：免費發送 https://www.cna.com.tw/news/firstnews/201907095006.aspx 危害國家資安產品清單 擬7月底公布 https://www.cna.com.tw/news/aipl/201907070033.aspx 發布核定具證券性質之虛擬通貨為證券交易法所稱之有價證券之令。(金管證發字第1080321164號) https://reurl.cc/j0M3p 金管會公布系統性銀行名單，上榜銀行面臨增資壓力 https://finance.technews.tw/2019/07/08/the-fsc-announces-a-list-of-systemic-banks-and-the-listed-banks-are-facing-pressure-to-increase-capital/ 銀行資料上雲端哪些新規定？實地查核怎麼做？金管會雲端委外8大重點一次看 https://www.ithome.com.tw/news/131678 開發App，請依「行政院及所屬各機關行動化服務發展作業原則」進行 https://inc.ntub.edu.tw/p/405-1011-69591,c4009.php?Lang=zh-tw 5G頻譜戰／清除路障 NCC有方案 https://reurl.cc/XnXgM 中共代理人修法為選舉？綠委反擊藍：中共滲透讓民眾產生亡國感 http://bit.ly/2Jln0HI 電子支付機構業務管理規則 http://www.rootlaw.com.tw/LawArticle.aspx?LawID=A040390040026700-1080702&ShowType=Ref&FLNO=20000 科技賄選？ 警方布線偵查行動支付、虛擬貨幣買票 https://news.ltn.com.tw/news/politics/breakingnews/2848979 大選查賄起跑 嚴查假消息、境外資金 https://news.ltn.com.tw/news/politics/paper/1302139 智慧巴士資通訊系統資安標準上路，產業防護再升級 http://www.ttia-tw.org/news.php?wshop=ttia&Opt=detailed&tp=News&lang=zh-tw&news_id=22654 亞矽執行中心參訪美NIST 強化雙邊連結 https://money.udn.com/money/story/5612/3923038 韓才稱不考量！高雄亞洲好玩卡爆中資 http://bit.ly/2LhkuVc 修正「南投縣政府資通安全處理小組設置及作業要點」第二點、第四點、第五點及第七點，並自即日生效 http://link.nantou.gov.tw/glrsout/NewsContent.aspx?id=967 前陸軍副司令劉湘濱：做好資訊戰 攻台戰爭就打不起來 https://news.ltn.com.tw/news/politics/breakingnews/2850206 H.ICS/SCADA 工控系統 研究人員發現醫療軟件漏洞將導致診斷結果有誤 http://bit.ly/2Jo9naI 美國醫院麻醉機、呼吸機現安全漏洞：極易遭遠程篡改 https://news.sina.com.tw/article/20190710/31919198.html Researchers Disclose Vulnerability in Siemens' ICS Software https://www.bankinfosecurity.in/researchers-disclose-vulnerability-in-siemens-ics-software-a-12765 Vulnerabilities found in GE anesthesia machines https://www.zdnet.com/article/vulnerabilities-found-in-ge-anesthesia-machines/#ftag=RSSbaffb68 advantech -- webaccess CVE-2019-10989 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10989 advantech -- webaccess CVE-2019-10991 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10991 advantech -- webaccess CVE-2019-10993 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-10993 I.教育訓練 駭客的 Linux 基礎入門必修課 (Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali) https://www.tenlong.com.tw/products/9789865021993?list_name=c-linux 教你 使用 Windows 10 Sandbox 沙箱 功能，降低電腦中毒的機率 http://bit.ly/2XAN1vy XXE漏洞學習 https://www.cnblogs.com/liqik/p/11167019.html J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識 物聯網中自由、便利與安全的恐怖三角關係，您選擇了誰 https://www.allion.com.tw/article-cybersecurity-2/ 機器學習：現代網路安全英雄 https://www.symantec.com/blogs/chinese-traditional/tw-machine-learning-modern-day-cyber-security-hero 2019台灣資安產業與IoT發展現況大公開 http://m.ccs-cbm.org.cn/kexue/7914.html 航拍機投射假路牌資訊 黑客爆自動駕駛系統漏洞 https://unwire.hk/2019/07/08/flickering-car-ghosts/life-tech/auto/ 強化資安及深度學習，安控網路攝影機 AI 應用更上層樓 https://technews.tw/2019/07/08/strengthen-ai-application-of-ip-camera-by-cyber-security-and-deep-learning/ 知名動畫，IOT資安恐攻議題 http://www.digorlon.com/home/post/928 暗網潛航——物聯網、勿聯網（中） http://bit.ly/2LfOxg2 又是弱密碼惹的禍!Silex 一天就癱瘓數千台物聯網設備 https://blog.trendmicro.com.tw/?p=61131 Smart waste management system highlights potential for narrowband IoT deployments https://www.zdnet.com/article/smart-waste-management-system-highlights-potential-for-narrowband-iot-deployments/#ftag=RSSbaffb68 Automated Peril: Researchers Hack 'Smart Home' Hubs https://www.bankinfosecurity.com/automated-peril-researchers-hack-smart-home-hubs-a-12723 Two billion user logs leaked by smart home vendor https://www.welivesecurity.com/2019/07/02/two-billion-logs-leaked-smart-home/ Israel warns of AI cyber-attacks by voice impersonating of senior executives http://www.xinhuanet.com/english/2019-07/10/c_138212768.htm Forescout Positioned For Growth In Burgeoning IoT/OT Security Market https://www.forbes.com/sites/robertdefrancesco/2019/07/11/forescout-positioned-for-growth-in-burgeoning-iotot-security-market/ Hacked surveillance firm pitches NYC with invasive camera tech to track driver journeys https://www.zdnet.com/article/hacked-surveillance-firm-pitches-nyc-with-ml-cameras-to-track-driver-journeys/ 6.近期資安活動及研討會 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28 https://www.accupass.com/event/1906050355291064968019 智慧金屬與物聯網資安座談會 7/15 https://seminars.tca.org.tw/D15e02242.aspx 【資安講座】企業電子郵件資安，釣魚郵件與郵件詐騙解析、最新防護技術發展，更新大家的資安知識 7/16 https://www.techbang.com/posts/70854-lecture-corporate-email-security HackingThursday 固定聚會 7/18 https://www.meetup.com/hackingthursday/events/vkhnnqyzkbxb/ 資安產學高峰論壇 7/18 https://www.accupass.com/event/1906140709596176666390 資安趨勢研討會 7/18 https://www.accupass.com/event/1906110041444881410360 第12屆台盧(森堡)經濟合作會議 7/19 http://registration.cieca.org.tw/visit/?d=74 5G+IoT美麗新世界的資安挑戰與機會研討會 7/18 http://iekweb2.iek.org.tw/IEKConf/Client/confinfo.aspx?mode=confinfo&conf_no=384953433 HackingThursday 固定聚會 7/25 https://www.meetup.com/hackingthursday/events/vkhnnqyzkbhc/ 新加坡資安市場解密講座: 台灣資安浴血東南亞叢林戰鬥之起點-獅城站​ 7/26 https://ievents.iii.org.tw/eventS.aspx?t=0&id=547 2019扭轉資安營運研討會 7/26 https://www.netfos.com.tw/event/2019event/20190726netfos/20190726-NETFOS-seminar-reg.html CDX2.0推廣活動 - 台南場次 7/26 https://nchc-cdx.kktix.cc/events/cdxactivity-0726 Agile Hsinchu 七月聚會: 當領域驅動上了雲 7/27 https://agilecommtw.kktix.cc/events/dddcloud The Virus Bulletin Conference 2019 8/1 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/ 資安事故處理實務課程 8/7 ~ 8/8 http://bit.ly/2VW0Lv9 DEF CON 27 2019/8/8–8/11 https://www.defcon.org/ 大數據軟體開發平台與AI(人工智慧)開發應用案例 8/9 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3805&from_course_list_url=homepage 數位鑑識處理實務 8/14 ~ 8/15 http://bit.ly/2VW0Lv9 108 年度臺灣學術網路危機處理中心資安巡迴研討會 -資安趨勢暨網路安全概要 8/19 ~ 8/27 http://www.hssh.tp.edu.tw/ezfiles/1/1001/attach/42/pta_17520_7551835_06329.pdf 台灣駭客年會 HITCON Summer Training 2019 - 學生報名 2019-08-19 ~ 2019-08-22 https://www.accupass.com/event/1906050919271598677460 ￜYahoo奇摩電商專題講座ￜ 我們與詐騙的距離_電商不可承受的資安之重 8/21 https://www.accupass.com/event/1906120307261445013215 WEB應用滲透測試 8/21 ~ 8/23 https://www.accupass.com/event/1904080221358963463590 台灣駭客年會 HITCON Community 2019 2019-08-23(五) 09:00 ~ 2019-08-24(六) 17:00 (GMT+8) https://www.accupass.com/event/1906040921594609934250 數位政府高峰會 2019 8/28 https://egov.ithome.com.tw/ ModernWeb 19 8/28 ~ 8/29 https://modernweb.tw/ 資安法規與制度研析課程－108年度「資安人才培訓及國際推展計畫－資安專業人才培育深化課程」 8/29 ~ 8/30 http://www.cisanet.org.tw/News/activity_more?id=MTQzMw== 108年資安職能訓練-行動裝置安全(8/29-8/30) https://cee.ksu.edu.tw/recruitinfo/1443.html 2019 NGO 資安種子講師訓練 8/29 https://ocftw.kktix.cc/events/cscs2019tot 交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7 https://hackercollege.nctu.edu.tw/?p=1079 【AWS資安】Security Engineering on AWS​高級課程 9/9 ~ 9/11 https://www.accupass.com/event/1905150854571147685105 CDX2.0推廣活動 - 台北場次 9/10 https://nchc-cdx.kktix.cc/events/cdxactivity-0910 Kubernetes Sumｍit 9/11 https://summit.ithome.com.tw/kubernetes/ 交通大學亥克書院-A011:入侵行為發覺與應變指南 9/21 https://hackercollege.nctu.edu.tw/?p=1082 TANET 2019 - 臺灣網際網路研討會 9/25 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310 交通大學亥克書院-B022:基礎網頁安全與滲透測試 9/28 https://hackercollege.nctu.edu.tw/?p=1084 HITB+ CYBER WEEK 2019/10/12 ~17 https://d2p.hitb.org/ 交通大學亥克書院-A006:數位足跡追蹤與分析 10/19 https://hackercollege.nctu.edu.tw/?p=1088 Splunk .conf 19 10/21 ~ 10/24 https://conf.splunk.com/ AIoT智能物聯網開發人才就業養成班[免費諮詢] 10/22 https://ittraining.kktix.cc/events/aiot-training-2019 Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019 https://www.icscybersecurityconference.com 交通大學亥克書院-A015:進階網頁滲透測試 10/26 https://hackercollege.nctu.edu.tw/?p=1090 交通大學亥克書院-P006:高階網頁滲透測試 11/16 https://hackercollege.nctu.edu.tw/?p=1092 交通大學亥克書院-B015:惡意程式檢測 11/30 https://hackercollege.nctu.edu.tw/?p=1098 交通大學亥克書院-A018:企業網域控管－Active Directory攻擊與防禦 12/14 https://hackercollege.nctu.edu.tw/?p=1094 Japan Security Analyst Conference https://jsac.jpcert.or.jp/