資安事件新聞週報 2019/2/25 ~ 2019/3/1
1.重大弱點漏洞
Avast:數位家庭最容易有漏洞的裝置是印表機、網路裝置及監視器
https://ithome.com.tw/news/128997
F5 BIG-IP Access Policy Manager 跨站腳本漏洞 CVE-2019-6595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6595
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT
https://www.exploit-db.com/exploits/46444
報告:前十大熱門Docker映像檔都有至少30個以上的漏洞
https://www.ithome.com.tw/news/129018
有攻擊者正利用Chrome的0day漏洞偷取他人信息
https://nosec.org/home/detail/2294.html
Chrome瀏覽器被曝存在漏洞攻擊者可通過PDF收集用戶信息
http://www.sohu.com/a/298175326_114774?sec=wd
Google Chrome zero-day used in the wild to collect user data via PDF files
https://www.zdnet.com/article/google-chrome-zero-day-used-in-the-wild-to-collect-user-data-via-pdf-files/#ftag=RSSbaffb68
Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
https://bit.ly/2H4ZAWr
研究人員揭露大批Thunderclap安全漏洞,允許惡意周邊裝置竊取記憶體機密資訊
https://www.ithome.com.tw/news/129021
新發現的thunderclap 漏洞允許黑客使用Thunderbolt/USB-C 外設攻擊PC
http://hackernews.cc/archives/24946
Thunderbolt的漏洞給黑客大開方便之門
https://www.easyaq.com/news/1927126943.shtml
Supermicro伺服器元件漏洞可使IBM雲端伺服器被植入後門
https://www.ithome.com.tw/news/129001
Microsoft fixes web server DDoS bug
https://nakedsecurity.sophos.com/2019/02/22/microsoft-fixes-ddos-bug-in-its-web-server/
Microsoft's Windows Defender Advanced Threat Protection service now available for Windows 7, 8.1 clients
https://zd.net/2tDDlik
JVN#69181574 Windows 7 における DLL 読み込みに関する脆弱性
https://jvn.jp/jp/JVN69181574/
JVN#79543573 Microsoft Teams のインストーラにおける DLL 読み込みに関する脆弱性
https://jvn.jp/jp/JVN79543573/
海康威視網路資安公告-監控商品網路資訊安全說明
http://best-cctv.com.tw/showroom.php?mode=detail&item_id=I25880135
dlink dir-878_firmware,dir-600m_firmware
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8312
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8313
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-8319
News Website Script 2.0.5 SQL Injection
https://cxsecurity.com/issue/WLB-2019020253
ADV190005 | Guidance to adjust HTTP/2 SETTINGS frames
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190005
Adobe patches bug that could blow up MacBook Pro speakers
https://www.zdnet.com/article/adobe-patches-bug-that-could-blow-up-macbook-pro-speakers/#ftag=RSSbaffb68
Adobe patches the same critical Reader flaw twice in one week
https://nakedsecurity.sophos.com/2019/02/25/adobe-patches-the-same-critical-reader-flaw-twice-in-one-week/
Flash “security bypass” list hidden in Microsoft Edge browser
https://nakedsecurity.sophos.com/2019/02/22/flash-security-bypass-list-hidden-in-edge/
Adobe sends out second fix for critical Reader data leak vulnerability
https://www.zdnet.com/article/adobe-sends-out-second-fix-for-critical-reader-data-leak-vulnerability/#ftag=RSSbaffb68
Cisco Elastic Services Controller 存在安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc
思科修補多款防火牆路由器中的重大RCE漏洞
https://www.ithome.com.tw/news/129047
思科產品多個漏洞
https://www.us-cert.gov/ncas/current-activity/2019/02/20/Cisco-Releases-Security-Updates
CVE-2018-0296思科ASA拒絕服務漏洞分析
https://www.anquanke.com/post/id/171916
aveva indusoft_web_studio CVE-2019-6543
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-6543
aveva indusoft_web_studio CVE-2019-6545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-6545
webassembly binaryen CVE-2019-7662
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-7662
VR社交應用Bigscreen存在安全漏洞,黑客可執行MITR攻擊
https://www.sohu.com/a/296464883_114877?sec=wd
VertrigoServ 2.17 Cross Site Scripting CVE-2019-8938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8938
谷歌研究者:軟體技術無法解決「幽靈」晶元漏洞
https://news.sina.com.tw/article/20190225/30187160.html
4G/5G再曝新漏洞,攻擊者可攔截電話和追踪用戶位置
https://www.lieyunwang.com/news/89390
New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers
https://bit.ly/2Vlx32r
Hackers Actively Exploiting Latest Drupal RCE Flaw Published Last Week
https://bit.ly/2EdykSp
Spring Framework跨站跟踪漏洞
https://pivotal.io/security/cve-2018-11039
Plug in devices make laptops and desktops vulnerable to cyber attacks
https://www.cybersecurity-insiders.com/plug-in-devices-make-laptops-and-desktops-vulnerable-to-cyber-attacks/
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
國際駭客入侵金融機構頻傳 金管會要求強化11項資安
https://udn.com/news/story/7239/3662570
從開放銀行到銀行的開放
https://money.udn.com/money/story/5629/3662873
迎戰Bank 4.0,銀行IT資訊架構如何現代化,IBM首席架構師給5建議
https://www.ithome.com.tw/news/128937
玉山銀行刷臉 ATM 系統採 NEC 人臉識別系統,在全台 5 據點設立結合手機動態密碼的人臉識別提款機
https://www.cool3c.com/article/141242
西聯匯款攜手亞馬遜 台灣人可現金跨境購物
https://money.udn.com/money/story/5617/3663858
亞馬遜夥西聯滙款推跨境付款 香港有份
https://bit.ly/2GKvGY4
跨境購物用美元現金支付 西聯匯款新服務台灣列首發
https://ec.ltn.com.tw/article/breakingnews/2709345
【詐騙網站】東亞銀行呼籲勿登入以下偽冒網站
https://bit.ly/2EaHkI5
小米擬籌備虛擬銀行業務
https://www.chinatimes.com/realtimenews/20190225004196-260409
誠實ATM?領錢看到「鑰匙」 他陷天人交戰:該開嗎
https://news.tvbs.com.tw/fun/1089671
黑客騎劫網上表格竊信用卡資料 暗網兜售有價有市
https://bit.ly/2H0C393
撿到寫有密碼的銀行卡后將餘額取光,杭州一對22歲情侶被抓
https://news.sina.com.tw/article/20190226/30219100.html
黃國昌爆陸資入股陽信銀行 金管會查「持股2.86%」
https://www.ettoday.net/news/20190227/1387932.htm
批金管會、國安局睡著了 黃國昌爆中資入主陽信銀行
https://udn.com/news/story/7239/3667482
大主委棍子胡蘿蔔齊出 顧立雄抄底金控家族
https://bit.ly/2Ua1NDB
惹毛顧立雄的最後一根稻草 竟是新光伯姪鬥害的
https://www.mirrormedia.mg/story/20190225fin011
陸銀行系統未升級 居住證卡關
https://www.chinatimes.com/newspapers/20190227000062-260301
網曝最新網銀詐騙手法已經入侵網銀再打電話騙賬戶信息
http://www.hnbstx.com/yhll/lilvbiao/20190225/138602.html
全台143萬企業線上開戶 金管會3個月內研議完成
https://news.cnyes.com/news/id/4284602
凱基銀行創新科技金融處搭起資安橋梁 創造IT、法遵、開發商三贏
https://www.gvm.com.tw/article.html?id=56229
信用卡被盜刷?別擔心,有「虛擬信用卡」...卡號72變,每次刷卡卡號都不同
https://wealth.businessweekly.com.tw/m/GArticle.aspx?id=ARTL000130467
樂天銀行社長:有信心拿下台灣純網銀執照 拚3年獲利
https://ec.ltn.com.tw/article/breakingnews/2712861
丟15元零錢!客戶2硬幣「害ATM故障」狂抱怨 網笑噴:當販賣機投嗎
https://www.ettoday.net/news/20190228/1388888.htm
澳洲購物中心ATM慘被「連根拔起」 途人表示超震驚
https://bit.ly/2NtYF2S
有關新加坡銀行有限公司的可疑流動應用程式(流動應用程式)
https://www.hkma.gov.hk/chi/key-information/press-releases/2019/20190228-7.shtml
70000 Pakistani banks’ cards with PINs go on sale on the dark web.
https://bit.ly/2BKDrsX
Russian hacker accused of bank cyber-attacks pleads guilty in US court
https://uawire.org/russian-hacker-accused-of-bank-cyber-attacks-pleads-guilty-in-us-court
ATM robber WinPot: a slot machine instead of cutlets
https://bit.ly/2VgR22p
BOV payments to third parties remain unavailable after cyber attack
https://theworldnews.net/mt-news/bov-payments-to-third-parties-remain-unavailable-after-cyber-attack
NEC and E.Sun create ATM with facial recognition
https://www.zdnet.com/article/nec-and-e-sun-create-atm-with-facial-recognition/
Credit Card Chips Susceptible to Unwarranted NFC Communications
https://blog.hackster.io/credit-card-chips-susceptible-to-unwarranted-nfc-communications-b790402d20dc
集保結算所徵才 想捧金飯碗者上網報名
https://bit.ly/2UaecYg
五金控校園徵才 招2.1萬人
https://money.udn.com/money/story/5648/3664998
搶人才 新光金控開出4千個職缺
https://www.chinatimes.com/realtimenews/20190225002072-260410
金控徵2.5萬人 資訊、法遵搶手
https://www.chinatimes.com/newspapers/20190226000656-260110
富邦壽業務軍團 要徵6,000人
https://udn.com/news/story/7239/3667220
3.電子支付/電子票證/行動支付/ 新聞及資安
移動支付黑馬誕生:短短一年用戶破億,它正式向微信支付寶下戰書
https://kknews.cc/tech/j943elq.html
香港金管局:未接儲值支付工具因SMS轉駁引致失竊投訴
https://hk.on.cc/hk/bkn/cnt/finance/20190225/bkn-20190225223216887-0225_00842_001.html
黑客新招 SMS飛線偷驗證碼 電子錢包任提款
https://hk.news.appledaily.com/local/daily/article/20190226/20620996
黑客盗SMS驗證碼 AlipayHK:事件不尋常 再發生機會率低
https://hk.finance.appledaily.com/finance/realtime/article/20190226/59306323
歐央行決意推動即時支付TIPS
https://www2.hkej.com/instantnews/international/article/2067954
歐央行不排除以監管手段推廣自家即時支付系統
http://www.aastocks.com/tc/stocks/news/aafn-news/NOW.925616/2
限量2000名!228起用「台灣pay」買高鐵票享現金回饋
https://newtalk.tw/news/view/2019-02-26/212450
西班牙研發「一粒沙」大小的體內微晶片,用手感應就可以開鎖和付款
https://buzzorange.com/techorange/2019/02/27/chip-implant-into-skin/
港版「支付寶」走入內地
https://news.sina.com.tw/article/20190228/30260602.html
久等了!台灣行動支付╳JCB,2019第一季A好康攻略登場
https://savingmoneyforgood.blogspot.com/2019/02/TaiwanPay-JCB.2019Q1EVENT.html
Will pay-for-privacy be the new normal
https://blog.malwarebytes.com/security-world/privacy-security-world/2019/02/will-pay-privacy-new-normal/
4.虛擬貨幣/區塊鍊 新聞及資安
「日本亞馬遜」樂天傳將接受加密貨幣付款 新服務3月上線
https://bit.ly/2tBR1KQ
高管監守自盜!韓國Coinbin交易所申請破產
http://news.knowing.asia/news/7224e1b8-83d6-4ca2-a2c4-0155519ed10a
擴大金融創新 金管會擬訂STO規範以利業者遵循
https://money.udn.com/money/story/5613/3664548
中東第1國!巴林正式推行加密貨幣交易
https://ec.ltn.com.tw/article/breakingnews/2709692
美國政府幫助Bitfinex,追回10.6萬美元被盜竊的比特幣
http://news.knowing.asia/news/c1622671-bf0c-43ce-a753-166e391a9888
比特大陸螞蟻礦機固件現漏洞:改BUG與開源選擇兩難
https://wk588.com/12809-1-1.html
Coinomi錢包嚴重漏洞導致其價值6~7萬美元的加密貨幣被盜
https://bit.ly/2EdXjF2
Coinomi錢包漏洞詳解:用戶密碼易被“中間人”竊取
https://bcsec.org/index/detail/id/493/tag/2
伊朗怒了 想用加密貨幣擺脫美國的魔爪
https://news.sina.com.tw/article/20190228/30258916.html
哈佛名教授:我們可能不需要區塊鏈 別錯把驗證當信任
https://www.mirrormedia.mg/story/20190221mit004/
瑞士杜卡斯貝銀行推出自有加密數字貨幣
https://news.sina.com.tw/article/20190301/30276600.html
Coinhive cryptojacking service to shut down in March 2019
https://www.zdnet.com/article/coinhive-cryptojacking-service-to-shut-down-in-march-2019/#ftag=RSSbaffb68
Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu
https://www.zdnet.com/article/hacker-steals-7-7-million-in-eos-cryptocurrency-after-blacklist-snafu/#ftag=RSSbaffb68
Cryptocurrency Miners Exploit Latest Drupal Flaw
https://www.bankinfosecurity.com/cryptocurrency-miners-exploit-latest-drupal-flaw-a-12055
Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down
https://bit.ly/2Ttwbfe
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體
無檔案惡意程式(Fileless Malware)五種運作方式
https://blog.trendmicro.com.tw/?p=58512
鎖定WinRAR ACE漏洞的攻擊程式現身
https://www.ithome.com.tw/news/128995
瑞星成功截獲國內首個利用WinRAR漏洞的遠控木馬
http://www.ccidnet.com/2019/0226/10457618.shtml
黑客已經開始利用WinRAR漏洞傳播惡意軟件
https://www.linuxidc.com/Linux/2019-02/157138.htm
首個完整利用WinRAR漏洞傳播的惡意樣本分析
https://www.secrss.com/articles/8606
垃圾郵件利用WinRAR ACE漏洞安裝後門程序
http://www.mottoin.com/news/134594.html
LinkedIn 假招聘暗藏木馬程式
https://bit.ly/2tED1Qk
用編輯器漏洞植入SEO暗鏈,700個網站被植入惡意鏈接
https://pttnews.cc/2552b369d3
警方提醒:警惕手機簡訊鏈接植入病毒詐騙
https://news.sina.com.tw/article/20190227/30243840.html
盤一盤2018年那些難纏的頑固病毒木馬
https://www.freebuf.com/articles/paper/196613.html
木馬分析:分析針對意大利的Ursnif銀行木馬
https://www.freebuf.com/vuls/195909.html
ESET waarschuwt: fake bank-apps doelen op Android gebruikers
https://computertaal.info/2019/02/26/eset-waarschuwt-fake-bank-apps-doelen-op-android-gebruikers/
ESET warns of fake banking apps targeting Android users
http://www.bi-me.com/main.php?id=76766&t=1&c=61&cg=4&mset=1011
網釣郵件假冒Google的reCAPTCHA系統
https://www.ithome.com.tw/news/128974?fbclid=IwAR0FBanCQgCxFzK90o58Jy_Xrb_QpC4lIrUIe4SAMkYXsvJYfX2hmJQgWo8
Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware
https://blog.sucuri.net/2019/02/hackers-use-fake-google-recaptcha-to-cloak-banking-malware.html
Phishing Scam Cloaks Malware With Fake Google reCAPTCHA
https://threatpost.com/phishing-scam-malware-google-recaptcha/142142/
FAKE GOOGLE RECAPTCHA USED TO HIDE ANDROID BANKING MALWARE
https://7newscrunch.blogspot.com/2019/02/fake-google-recaptcha-used-to-hide.html
Hackers Deliver Banking Malware Through Fake Google reCAPTCHA
https://gbhackers.com/malware-fake-google-recaptcha/
Android banking malware distributed with fake Google reCAPTCHA
https://bit.ly/2H2uoH9
Russian nationwide, creator of NeverQuest banking trojan, pleads responsible
https://infofisher.com/russian-national-author-of-neverquest-banking-trojan-pleads-guilty
Russian national, author of NeverQuest banking trojan, pleads guilty
https://www.zdnet.com/article/russian-national-author-of-neverquest-banking-trojan-pleads-guilty/#ftag=RSSbaffb68
A Closer Look at Why the QakBot Malware Is So Dangerous
https://cofense.com/closer-look-qakbot-malware-dangerous/
Soon DNS to protect users from malware
http://www.ehackingnews.com/2019/02/soon-dns-to-protect-users-from-malware.html?utm_source=dlvr.it&utm_medium=twitter
Cyber Attack Specialists in East Lothian #Computer #Malware
https://networksecurityuk.wordpress.com/2019/02/23/cyber-attack-specialists-in-east-lothian-computer-malware-4/
Ransomware has been abandoned in favor of cryptojacking attacks against the enterprise
https://www.zdnet.com/article/ransomware-has-been-abandoned-in-favor-of-cryptojacking-attacks-against-the-enterprise/#ftag=RSSbaffb68
Targeted malware attacks against Elasticsearch servers surge
https://www.zdnet.com/article/targeted-malware-attacks-against-elasticsearch-clusters-surge/#ftag=RSSbaffb68
Farseer malware brings Windows exploits to attack group's Android arsenal
https://www.zdnet.com/article/new-farseer-malware-brings-windows-exploits-to-chinese-attacker-arsenal/#ftag=RSSbaffb68
ursnif-requestdoc-campaign-1
https://www.baco.sk/posts/ursnif-requestdoc-campaign-1/
The malspam security products miss: Emotet, Ursnif, and a spammer's blunder
https://www.virusbulletin.com/blog/2019/02/malspam-security-products-miss-emotet-ursnif-and-spammers-blunder/
YARA-rules/ATM.Malware.DispenserXFS.yar
https://github.com/fboldewin/YARA-rules/blob/master/ATM.Malware.DispenserXFS.yar
Vulnerability exposes location of thousands of malware C&C servers
https://www.zdnet.com/article/vulnerability-exposes-location-of-thousands-of-malware-c-c-servers/#ftag=RSSbaffb68
The Ransomware Threat isn’t Over. It’s Evolving
https://www.webroot.com/blog/2019/02/28/the-ransomware-threat-isnt-over-its-evolving/
B.行動安全 / iPhone / Android /穿戴裝置 /App
網路圖檔敲響行動裝置資安警鐘,Android及iOS皆受影響
http://www.qmo.tw/security20190222114/
手機正在出賣你!透視中國華為暗藏的威脅
https://bit.ly/2SX38kJ
被爆個資傳臉書 App自救封鎖
https://tw.appledaily.com/international/daily/20190226/38265876/
用臉書帳號登入App 恐曝3大風險
https://bit.ly/2GSA1IC
回應去年資安風暴 臉書今年將推出「清除歷史」功能
https://news.ltn.com.tw/news/world/breakingnews/2712914
How to Stop Facebook App From Tracking Your Location In the Background
https://bit.ly/2IB1oIQ
Opera Touch for iOS allows users to block annoying cookie dialogs
https://www.zdnet.com/article/opera-touch-for-ios-allows-users-to-block-annoying-cookie-dialogs/#ftag=RSSbaffb68
Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins
https://bit.ly/2IBGWI1
Severe Flaws in SHAREit Android App Let Hackers Steal Your Files
https://bit.ly/2UdxQCr
C.事件 / 駭客 / DDOS / APT / 徵才 / 國際資安事件
研究稱黑客可通過漏洞劫持裸金屬伺服器 IBM將修復
https://news.sina.com.tw/article/20190227/30234280.html
十週年驚喜!Redis實作Gopher協定讓使用者可以自建地洞
https://ithome.com.tw/news/128984
3GPP 5G標準會議 25日在台登場
https://bit.ly/2TjwGIv
攻擊國際民航網絡 駭客或是中共間諜組織
http://www.epochtimes.com/b5/19/2/27/n11077876.htm
攻擊ICAO網路 駭客或指向中共間諜組織
https://bit.ly/2ECrS8V
Switch破解再下一城,執行Android變身遊戲平板電腦
https://www.techbang.com/posts/68385-switch-cracking-again-next-city-performing-android-turn-game-tablet-pc
忘了密碼卻收到明文密碼,美國公用事業帳單軟體供應商SEDC的危險作法遭研究人員踢爆
https://ithome.com.tw/news/129005
不滿遭降職!日商福吉米資安委員協理 竟偷公司配方
https://news.ltn.com.tw/news/society/breakingnews/2709370
不滿降職 科技公司協理重製營業機密遭訴
https://bit.ly/2tG7E7O
FB、Google資安危機連環爆! 政大攜手博斯辦圓桌論壇
https://www.ettoday.net/news/20190226/1386861.htm
Duo Security調查:8成Chrome擴充程式缺乏隱私政策
https://www.ithome.com.tw/news/128965
ICANN警告 網路基礎建設面臨大規模攻擊
https://www.cna.com.tw/news/ait/201902230195.aspx
ICANN呼籲各網域都應全面部署DNSSEC,以避免使用者受中間人攻擊
https://www.ithome.com.tw/news/128964
駭客透過郵件勒索活動,獲得價值超過30萬美元的BTC
https://news.sina.com.tw/article/20190223/30179618.html
聯詠高級工程師盜3百筆「極機密」程式碼 辯:學習用
https://money.udn.com/money/story/5612/3670640
阿里雲洩漏原始碼 逾40企業受害
https://ec.ltn.com.tw/article/paper/1269467
Symantec 2019《網絡安全威脅報告》:網上表格攻擊牟取數百萬美元暴利
https://unwire.pro/2019/03/01/symantec-2019/security/
機密任你看!阿里雲洩漏原始碼 逾40企業受害
https://ec.ltn.com.tw/article/breakingnews/2707374
憂資安漏洞 菲國抵制華為監控項目
https://2016followme.blogspot.com/2019/02/blog-post_21.html
遍及歐洲十二國 微軟擴大政治資服務
http://hk.epochtimes.com/news/2019-02-27/13656682
愛沙尼亞成數位大國
https://www.chinatimes.com/newspapers/20190224000418-260209
華為中東突圍 部署阿聯5G網路
https://www.chinatimes.com/newspapers/20190228000292-260203
中國若成電信領域龍頭 英情報機構:恐威脅全球數十年
https://news.ltn.com.tw/news/world/breakingnews/2709701
委內瑞拉動亂 中共輸出黑科技推波助瀾
http://www.epochtimes.com/b5/19/2/25/n11070450.htm
保護用電與資訊安全,美 11 名參議員籲禁用華為太陽能逆變器
http://technews.tw/2019/02/26/ban-on-huawei-solar-inverters/
Vodafone CEO:禁用華為可能使歐洲 5G 網路進度延後兩年
https://technews.tw/2019/02/26/huawei-finds-an-ally-in-vodafone-the-worlds-second-largest-mobile-operator/
資安危機? 普廷發言人的美艷女兒遭爆在歐洲議會當助理
https://news.ltn.com.tw/news/world/breakingnews/2710727
美國多數上市公司遭網絡攻擊事件未向SEC披露
https://on.wsj.com/2GOtfUy
中共駭客手法多變 美官員強調先發制人
http://www.epochtimes.com/b5/19/2/28/n11078818.htm
中國智慧音箱 家庭資安新威脅
https://news.ltn.com.tw/news/focus/paper/1270619
資安隱私保護戰 在你家客廳
https://money.udn.com/money/story/12524/3669161
它正在蒐集、回傳、分析...中國智慧音箱家庭資安新威脅
https://bit.ly/2TnB618
智慧家電讓生活更方便 專家籲留意資安風險
https://news.wearn.com/c161038.html
專家:中共利用華為輸出監控模式 擴張權力
http://www.epochtimes.com/b5/19/2/27/n11077547.htm
籲防範間諜威脅 美官員:華為玩兩面手法搞欺騙
https://news.cnyes.com/news/id/4284748
德國傳讓華為參與5G建設 逼中國承諾不進行間諜行動
https://tw.appledaily.com/new/realtime/20190228/1525160/
傳德中擬簽「無間諜協議」 外媒細數中國無信用劣跡
https://ec.ltn.com.tw/article/breakingnews/2712481
另闢蹊徑打擊“黑廣播”: 360無線諦聽平台直擊非法廣告源
https://www.aqniu.com/hack-geek/44157.html
美資安大廠:中國駭客青銅聯盟 專竊先進軍武科技
https://news.ltn.com.tw/news/world/paper/1270913
一篇文章了解供應鏈安全:為什麼應該小心第三方供應商
https://www.aqniu.com/learn/44146.html
比“內鬼”更可怕伊朗入侵美軍指揮系統還有一種可能
https://www.aqniu.com/news-views/44081.html
俄羅斯網路安全官員及卡巴斯基實驗室資深研究員被以叛國罪名送進大牢
https://www.ithome.com.tw/news/129034
研究人員展示如何入侵Amazon Ring智慧門鈴,竊取並取代傳輸內容
https://www.ithome.com.tw/news/129035
Counter Cyber Attack 誰もが狙われる時代
https://www.keishicho.metro.tokyo.jp/about_mpd/joho/movie/cyber/cca/index.html
A Cybersecurity Checklist for Modern SMBs
https://www.webroot.com/blog/2019/02/28/a-cybersecurity-checklist-for-modern-smbs/
19-year-old makes millions from ethical hacking
https://www.zdnet.com/article/19-year-old-makes-millions-from-ethical-hacking/#ftag=RSSbaffb68
US wiped some hard drives of Russia's 'troll factory' in last year's hack
https://www.zdnet.com/article/us-wiped-some-hard-drives-of-russias-troll-factory-in-last-years-hack/#ftag=RSSbaffb68
U.S. Cyber Command operation disrupted Internet access of Russian troll factory on day of 2018 midterms
https://wapo.st/2GOS7LP
The hacker's paradise: Social networks net criminals $3bn a year in illicit profits
https://www.zdnet.com/article/social-media-becomes-hacker-paradise-3bn-earned-a-year-in-illicit-profits/#ftag=RSSbaffb68
Cyber Attack On Toyota Australia Updates - The Inner Sane
https://cnhan.org/toyota/cyber-attack-toyota-australia-updates-08062462
Robust regulatory framework key to prevent cyber-attacks, say experts
http://qatar-tribune.com/news-details/id/156307
Hackers Targeted Retailing Industry With Malware and Selling Stolen Data On Dark Web
https://brica.de/alerts/alert/public/1248625/hackers-targeted-retailing-industry-with-malware-and-selling-stolen-data-on-dark-web/
New browser attack lets hackers run bad code even after users leave a web page
https://zd.net/2IPwxZx
ICANN: There is an ongoing and significant risk to DNS infrastructure
https://www.zdnet.com/article/icann-there-is-an-ongoing-and-significant-risk-to-dns-infrastructure/#ftag=RSSbaffb68
The lazy person’s guide to cybersecurity: minimum effort for maximum protection
https://blog.malwarebytes.com/101/2019/02/the-lazy-persons-guide-to-cybersecurity-minimum-effort-for-maximum-protection/
Hacking Virtual Reality – Researchers Exploit Popular Bigscreen VR App
https://bit.ly/2U3vA0P
The Advanced Persistent Threat Files: APT1
https://blog.malwarebytes.com/threat-analysis/2019/02/the-advanced-persistent-threat-files-apt1/
It took hackers only three days to start exploiting latest Drupal bug
https://www.zdnet.com/article/it-took-hackers-only-three-days-to-start-exploiting-latest-drupal-bug/#ftag=RSSbaffb68
MWC 2019: Your bionic hand is now at risk from hackers
https://www.zdnet.com/article/your-bionic-hand-is-now-at-risk-from-hackers/#ftag=RSSbaffb68
Hackers can hijack bare-metal cloud servers by corrupting their BMC firmware
https://www.zdnet.com/article/hackers-can-hijack-bare-metal-cloud-servers-by-corrupting-their-bmc-firmware/#ftag=RSSbaffb68
FTC launches task force to monitor competition in the tech industry
https://www.zdnet.com/article/ftc-launches-task-force-to-monitor-competition-in-the-tech-industry/#ftag=RSSbaffb68
Is India Prepared for Retaliation by Pakistani Hackers
https://www.bankinfosecurity.asia/blogs/india-prepared-for-retaliation-by-pakistani-hackers-p-2726
New Flaws Re-Enable DMA Attacks On Wide Range of Modern Computers
https://bit.ly/2H7qI7d
Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
https://bit.ly/2XvKsaq
Retailers have become the top target for credential stuffing attacks
https://www.zdnet.com/article/retailers-have-become-the-top-target-for-credential-stuffing-attacks/#ftag=RSSbaffb68
Kremlin Says Cyber Attacks Against Russia Perpetually Initiated From US Territory
https://newsdaily.today/daily-news-kremlin-says-cyber-attacks-against-russia-perpetually-initiated-from-us-territory/
First disclosed details of a cyber attack on the US Russia
https://handofmoscow.com/2019/02/28/first-disclosed-details-of-a-cyber-attack-on-the-us-russia/
Ukraine's Security Service prevents cyber attack at Central Election Commission website
http://vectornews.eu/news/world/136541-ukraines-security-service-prevents-cyber-attack-at-central-election-commission-website.html
SBU announced the prevention of large-scale cyber attacks on the CEC website
http://www.tellerreport.com/news/--sbu-announced-the-prevention-of-large-scale-cyber-attacks-on-the-cec-website-.BJlP9RGNLE.html
Israeli trusted computing experts thwarted 2017 Iran cyber warfare attack on country’s missile warning
https://bit.ly/2Vud2qS
Israel preparing for cyber attack by Russia and China
https://endtimeheadlines.org/2019/02/israel-preparing-for-cyber-attack-by-russia-and-china/
Remove “DarkWeb Identity Theft Attack” pop-ups
https://unboxhow.com/cybersecurity/remove-darkweb-identity-theft-attack-pop-ups
Cyber Risks, Speed of Attacks Increasing
https://www.realcleardefense.com/2019/02/27/cyber_risks_speed_of_attacks_increasing_306801.html
5 Types of Cyber Attacks and How to Prepare for Them
https://www.cgsinc.com/blog/5-types-of-cyber-attacks-and-how-prepare-for-them
US pushed Russian troll factory offline during US midterm elections
https://nakedsecurity.sophos.com/2019/02/28/us-pushed-russian-troll-factory-offline-during-us-midterm-elections/
North Korea’s dangerous weapon is Cyber Attacks and not Nukes
https://www.cybersecurity-insiders.com/north-koreas-dangerous-weapon-is-cyber-attacks-and-not-nukes/
Shifting Strategies: Using Social Media, SEO in Tech Support Scams
https://blog.trendmicro.com/trendlabs-security-intelligence/shifting-strategies-using-social-media-seo-in-tech-support-scams/
徵才 - 資安人員
https://m.1111.com.tw/job/85851703/
徵才 - 國網中心/網路與資安組 AI前瞻專案計畫人員/1名(AI-20)
https://m.1111.com.tw/job/85848376/
徵才 - 助理應用程式資安工程師(新竹) 動力安全資訊股份有限公司
https://bit.ly/2U4RUqT
徵才 - 資安人員
https://www.104.com.tw/job/?jobno=6izfo
徵才 - Fw: [台北] 中研院資訊處/資安工程師
https://moptt.tw/p/sinica.M.1551150675.A.E18
徵才 - 資安工程師
https://job.vac.gov.tw/pages/job_detail.aspx?bb=he&cc=29639&js=1
徵才 - hadoop工程师 上海盛付通电子支付服务有限公司
https://www.liepin.com/job/1917718461.shtml
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
海南反電信網路詐騙中心:微信二次實名認證為騙局
https://news.sina.com.tw/article/20190228/30259532.html
這密碼像在說「歡迎光臨」 10大最爛密碼
https://news.tvbs.com.tw/life/1090778
無碼母帶災情延燒 達人點名AV傳奇女神是壓軸
https://ent.ltn.com.tw/news/breakingnews/2710955
雇主藉穿戴裝置管理員工健康 恐有隱私疑慮
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000554147_OG402ISZ56ADJP6HQXHPS
臉書擅自收集手機戶個資 紐約州長下令查
https://money.udn.com/money/story/5599/3660559
資安報告:掘礦騎劫攻擊落後 Formjacking.變臉詐騙電郵威脅更大
https://bit.ly/2ThsU2b
臉書又傳偷抓敏感數據 月經…被看光
https://bit.ly/2SpG5ts
研究:5款密碼管理軟體都有外洩密碼之虞
https://bit.ly/2Xl2dZY
掌控男友金流! 銀行網美遭爆「私查個資」
https://bit.ly/2Iye6Zb
偽造資料騙政府840萬撥款 華裔夫婦分判33個月和緩刑
https://bit.ly/2tzx7QB
資料外洩最嚴重的一年!面對全新資安環境,未來五年的 4 個關鍵趨勢
https://buzzorange.com/techorange/2019/02/23/security-2019/
「臉書」研究設獨立監督委員會 管理具爭議內容
https://news.sina.com.tw/article/20190223/30181228.html
美監管機構正與臉書對個資洩漏事件進行協商,臉書可能受罰數十億美元
https://bit.ly/2EykyLE
網購 Apple iPhone 收空盒變蘋果哀諷,購物詐騙手法曝光
https://www.vedfolnir.com/apple-iphone-online-shopping-fraud-cheat-on-facebook-32230.html
日本辦假證網站增多 1份收費6千以上
https://zh.cn.nikkei.com/politicsaeconomy/politicsasociety/34403-2019-02-25-05-00-20.html
全國首宗偽電子發票詐413萬 檢依詐欺等罪起訴4人
https://udn.com/news/story/7315/3660908
網上購物風險增 駭客恐竊取顧客PIN碼
http://hk.epochtimes.com/news/2019-02-27/78070763
手機突然沒信號小心是電信詐騙
https://news.sina.com.tw/article/20190227/30232396.html
抖音非法蒐兒童個資 美重罰1.7億
https://tw.appledaily.com/international/daily/20190301/38268381/
Password Managers: Under the Hood of Secrets Management
https://www.securityevaluators.com/casestudies/password-manager-hacking/
Cyber News Rundown: Phishing through Email Filter
https://www.webroot.com/blog/2019/02/22/cyber-news-rundown-phishing-through-email-filter/
UConn Health Among the Latest Apparent Phishing Victims
https://www.bankinfosecurity.com/uconn-health-among-latest-apparent-phishing-victims-a-12048
Data Breach Notification: California Targets 'Loopholes'
https://www.bankinfosecurity.com/data-breach-notification-california-targets-loopholes-a-12047
Congress considers a national standard for data privacy
https://www.zdnet.com/article/congress-considers-a-national-standard-for-data-privacy/#ftag=RSSbaffb68
E.研究報告
網站安全管理注意事項V1
https://cert.tanet.edu.tw/prog/opendoc.php?id=2019022704020707600991418127381.pdf
個案分析-校園網站伺服器淪為中繼站與惡意程式下載站攻擊事件分析報告_10802
https://cert.tanet.edu.tw/prog/opendoc.php?id=2019022510023636322981987112573.pdf
2019年最佳黑客書籍盤點
http://netsecurity.51cto.com/art/201903/592687.htm
利用google hack 查找有sql注入漏洞的站點
https://zhuanlan.zhihu.com/p/57751709
google hack之sql注入
https://bit.ly/2GLR4vV
google hack 之查詢語法
https://bit.ly/2IOI4b8
“玄魂工作室--安全圈” 知識星球內資源匯總
https://github.com/xuanhun/HackingResource
DuckDuckGo上Blind XXE漏洞防護繞過
https://nosec.org/home/detail/2284.html
谷歌發布最新研究成果:Spectre 漏洞無法通過編程語言級別手段解決
https://www.infoq.cn/article/Cz_y0ExDbWUKlgg1RYxC
PenTesterが知っている危ないAWS環境の共通点
https://bit.ly/2ty8Kma
cve-2019-6453 mIRC遠程代碼執行漏洞
http://www.4hou.com/vulnerable/16336.html
從兩道CTF實例看python格式化字符串漏洞
https://zhuanlan.zhihu.com/p/57309024
MIPS漏洞調試環境安裝及棧溢出
https://xz.aliyun.com/t/4130
csrf漏洞原理
https://www.itread01.com/content/1550948289.html
天融信關於drupal8 系列框架和漏洞動態調試深入分析
https://paper.seebug.org/823/
Jenkins遠程代碼執行漏洞(CVE-2019-1003000)測試復現
https://anquan.baidu.com/article/631
AOSP常見漏洞簡介
https://bbs.pediy.com/thread-249675.htm
DNS系統原理及漏洞利用分析
http://netsecurity.51cto.com/art/201902/592542.htm
響尾蛇(SideWinder)APT組織針對南亞國家的攻擊活動披露
https://www.freebuf.com/articles/network/196788.html
探討後滲透測試工具SILENTTRINITY的工作原理與檢測技巧
https://www.freebuf.com/articles/system/195913.html
HTTP的同源策略與跨域資源共享(CORS)機制
https://www.freebuf.com/articles/web/195925.html
注入型勒索病毒Ryuk,伸向x64系統的魔爪
https://www.freebuf.com/articles/terminal/196279.html
WatchDogsMiner挖礦蠕蟲大量感染Linux服務器
https://www.freebuf.com/articles/terminal/196504.html
Linux watchdogs感染性隱藏挖礦病毒入侵還原錄
https://www.freebuf.com/articles/system/196510.html
Watch Dogs挖礦病毒分析
https://www.freebuf.com/articles/system/196515.html
基於ONVIF協議的物聯網設備參與DDoS反射攻擊
https://www.freebuf.com/articles/system/196186.html
UEFI固件解析器:可解析BIOSIntel MEUEFI固件結構
https://www.freebuf.com/sectool/195873.html
測試Android應用程序的逆向方法和尋找攻擊面的技巧
https://www.freebuf.com/articles/terminal/195840.html
常見的幾種Windows後門持久化方式
https://www.freebuf.com/vuls/195906.html
對勒索病毒GandCrab5.1的一次成功應急響應(附解密工具+加密樣本)
https://www.freebuf.com/articles/es/196278.html
對惡意軟件Dridex的流量分析
https://www.freebuf.com/articles/es/195832.html
HEVD UAF漏洞分析
https://www.anquanke.com/post/id/171871
3大Web安全漏洞防御详解:XSS、CSRF、以及SQL注入解决方案
http://www.youxia.org/2019/02/44716.html
Video Downloader(Plus)Chrome插件漏洞分析:繞過CSP實現UXSS
https://www.anquanke.com/post/id/171711
攻防最前線:Drupal漏洞PoC公開三天后被濫用攻擊
https://www.secrss.com/articles/8627
WinRAR CVE-2018-20250 漏洞-手動打造惡意文件
https://bbs.pediy.com/thread-249720.htm
Nday漏洞從挖掘到利用
http://iosre.com/t/nday/14073
windows漏洞及其防禦方法簡單總結
https://bbs.pediy.com/thread-249709.htm
Python中的10個常見安全漏洞及修復方法
http://www.twoeggz.com/news/13611464.html
攻擊遠程訪問之協議漏洞攻擊
https://www.cnblogs.com/yuleitest/p/10447105.html
對惡意樹莓派設備的取證分析
https://www.freebuf.com/articles/terminal/196085.html
盲眼鷹(APT-C-36):持續針對哥倫比亞政企機構的攻擊活動揭露
https://www.freebuf.com/articles/system/196110.html
拒絕超長函數,從兩個curl遠程漏洞說起
https://www.freebuf.com/vuls/196088.html
探討後滲透測試工具SILENTTRINITY的工作原理與檢測技巧
https://www.freebuf.com/articles/system/195913.html
什麼是DNS劫持攻擊以及如何避免此類攻擊
http://netsecurity.51cto.com/art/201902/592617.htm
扒一扒DDoS攻擊發展史
http://netsecurity.51cto.com/art/201902/592481.htm
如何全面防禦SQL注入攻擊
http://netsecurity.51cto.com/art/201902/592270.htm
被黑客掛上木馬病毒的網站,有哪些特點?程序員教你輕鬆避開
http://netsecurity.51cto.com/art/201902/592236.htm
360企業安全集團發布政企終端安全態勢月度分析報告(2019.01)
https://www.aqniu.com/vendor/43866.html
Spring Boot中Actuators的漏洞分析
https://xz.aliyun.com/t/4259
Android Security Research: Crypto Wallet Local Storage Attack
https://www.exploit-db.com/docs/46466
PROTECTING WINDOWS PRIVILEGED ACCOUNTS
https://www.exploit-db.com/docs/46447
Geolocating SSH Hackers In Real-Time
https://bit.ly/2BUCmi2
Top 500 Most Important XSS Script Cheat Sheet for Web Application Penetration Testing
https://bit.ly/2tARHA7
PoC/SMBv3 Tree Connect/
https://bit.ly/2H0HjcG
setuid0-sec/Swiss_E-Voting_Publications
https://bit.ly/2SUI5z4
Researchers break digital signatures for most desktop PDF viewers
https://www.zdnet.com/article/researchers-break-digital-signatures-for-most-desktop-pdf-viewers/#ftag=RSSbaffb68
How to break PDF Signatures
https://www.pdf-insecurity.org/
How To Spoof PDF Signatures
https://web-in-security.blogspot.com/2019/02/how-to-spoof-pdf-signatures.html
An Inside Look at a Level 4 Threat Hunting Program
https://www.bankinfosecurity.com/inside-look-at-level-4-threat-hunting-program-a-12052
Testing Visibility to Develop an Innovative Threat Hunting Program
https://www.bankinfosecurity.asia/testing-visibility-to-develop-innovative-threat-hunting-program-a-12051
How a Hacking Group is Stealing Popular Instagram Profiles
https://blog.trendmicro.com/trendlabs-security-intelligence/how-a-hacking-group-is-stealing-popular-instagram-profiles/
Drupal Vulnerability (CVE-2019-6340) Can Be Exploited for Remote Code Execution
https://blog.trendmicro.com/trendlabs-security-intelligence/drupal-vulnerability-cve-2019-6340-can-be-exploited-for-remote-code-execution/
F.商業
Chrome無痕模式其實「不無痕」? Google打算進行升級
https://bit.ly/2BNZHlA
遠東二代徐國安扮推手 裕民攜手愛立信打造船隊安全系統 保庇船隊「防颱風、避海盜都行!
https://www.ettoday.net/news/20190223/1384886.htm
轉型求生,BlackBerry買下AI新創Cylance衝刺資安事業
https://meet.bnext.com.tw/articles/view/44535
微軟被批戰爭奸商,員工要求放棄陸軍合約
https://bit.ly/2SVPq1w
趨勢科技最新解決方案讓電信廠商為用戶的數位生活昇起防護罩
https://bit.ly/2U9muQ7
Purism將為旗下Librem筆電加入高安全性啟動程序PureBoot
https://www.ithome.com.tw/news/128987
整合DNS安全服務 Palo Alto Networks升級新世代防火牆
https://www.ettoday.net/news/20190228/1388624.htm
友通啟動首波併購 聯手其陽搶攻網通資安市場
https://shareba.com/module/news/310478285130279714.html
ESET全系列資安產品均配備「網路釣魚防護」功能
http://www.pcdiy.com.tw/detail/12195
Trend Micro發表新一代電信商防護平台 重點關注智慧家庭或行動裝置
https://bit.ly/2Vu6M2m
Microsoft推出Windows Server IoT 2019,強化邊緣運算應用
https://bit.ly/2tQzTkF
廣達旗下 雲達攻5G應用
https://money.udn.com/money/story/5710/3669012
2018 年Gartner 魔力像限SIEM 領域領導者的三大安全業務優勢
https://www.aqniu.com/vendor/44115.html
Radware:現代惡意軟件戰勝網絡防禦措施的5種方式及企業應對措施
https://www.aqniu.com/vendor/43986.html
加強企業資安,微軟發布2大服務借助AI減少雜訊和網路攻擊誤報率
https://www.ithome.com.tw/news/129036
滿足行業資安需求 Palo Alto升級防火牆
https://udn.com/news/story/7240/3671630
G.政府
Google 3D地圖洩漏軍事機密 國防部花8天「抹平」
https://bit.ly/2U4VnWj
葉國興 任國安會副秘書長
https://tw.appledaily.com/new/realtime/20190223/1522178/
總統聘請專家出任國安會諮詢委員 因應國際經貿變局
https://www.ydn.com.tw/News/325426
柯文哲晚間出訪以色列 取經資安產創
https://www.rti.org.tw/news/view/id/2012385
訪問以色列60小時閃電來回 柯文哲:自駕車、資安方面可以合作
https://www.storm.mg/article/1002834
飛往以色列前夕 柯文哲的LINE競選帳號kp2020悄悄啟動了
https://www.cmmedia.com.tw/home/articles/14398
公部門用陸3C規範 政院「菜煮好再端出」
https://money.udn.com/money/story/5648/3662072
「麒麟專案」外洩案國防部長震怒 下令中科院檢討機密文件管制
https://www.upmedia.mg/news_info.php?SerialNo=58325
調查局新任科長名單出爐 瞄準總統大選備戰
https://udn.com/news/story/7320/3668823
證券周邊四合一? 顧立雄:很多人會覬覦
https://www.chinatimes.com/newspapers/20190228000251-260202
H.SCADA/ICS/工控系統
多款Moxa產品跨站腳本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6565
Schneider Electric Evlink Charging Station權限提升漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7778
Schneider Electric Modicon M221遠程安全繞過漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7789
Schneider Electric Pelco Sarix Professional 1st generation cameras緩衝區溢出漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7780
Schneider Electric Pelco Sarix Professional 1st generation cameras經過身份驗證密碼洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7782
Schneider Electric InduSoft Web Studio和InTouch Edge HMI代碼執行漏洞洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17914
Schneider Electric SoMachine Basic XML外部實體注入漏洞的補丁
https://www.schneider-electric.com/en/download/document/SEVD-2018-142-01/
Power systems in data centers are vulnerable to Cyber Attacks
https://www.cybersecurity-insiders.com/power-systems-in-data-centers-are-vulnerable-to-cyber-attacks/
I.教育訓練
簡單的安卓漏洞挖掘學習(一)
https://xz.aliyun.com/t/4197
How to Make File and Directory Undeletable, Even By Root in Linux
https://bit.ly/2EsxKld
How to Send a Message to Logged Users in Linux Terminal
https://bit.ly/2GYJHAO
How to Show Asterisks While Typing Sudo Password in Linux
https://bit.ly/2GKWg3g
6 Online Tools for Generating and Testing Cron Jobs for Linux
https://bit.ly/2Terbuy
Learn Ethical Hacking with 180 Hours of Training — 2019 Course Bundle
https://bit.ly/2Vs79dz
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機
歐洲電信標準協會訂立全球物聯網安全標準
https://www.etsi.org/deliver/etsi_ts/103600_103699/103645/01.01.01_60/ts_103645v010101p.pdf
新型資安威脅要靠AI來解
https://www.ithome.com.tw/article/128805
當 5G 加上邊緣運算,「智慧工廠」概念將被重新顛覆一次
https://buzzorange.com/techorange/2019/02/23/5g-aiot/
智能酒店時代來臨:AI 負責Check-in搬行李丶手機取代房卡
https://bit.ly/2tzkzIH
陸工業互聯網規模 將達4,800億人民幣
https://www.chinatimes.com/newspapers/20190224000273-260203
曠視科技 人工智慧領跑者
https://www.chinatimes.com/newspapers/20190225000120-260301
Arm與各大測試實驗室針對物聯網裝置推出獨立安全認證
https://news.sina.com.tw/article/20190227/30238888.html
改善OT應用環境 健全資安產業發展
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=71&aid=8717
Singtel inks IoT partnership deals with China Mobile, Microsoft
https://www.zdnet.com/article/singtel-inks-iot-partnership-deals-with-china-mobile-microsoft/#ftag=RSSbaffb68
Open source AI chips making Green Waves: Bringing energy efficiency to IoT architecture
https://zd.net/2EbHU8v
Internet of Things: Lenovo's new edge server isn't much bigger than a notebook
https://zd.net/2EbqGbf
Arm partners with testing labs to provide IOT security certification
https://zd.net/2Vkuxtk
2.8M UK businesses vulnerable to IoT and OT cyber-attacks
https://digitalisationworld.com/news/56399/28m-uk-businesses-vulnerable-to-iot-and-ot-cyber-attacks
IBM rolls out asset performance management tools to better target industrial IoT
https://www.zdnet.com/article/ibm-rolls-out-asset-performance-management-tools-to-better-target-industrial-iot/#ftag=RSSbaffb68
K.CTF
NeverLAN CTF 2019
https://ctftime.org/event/706
STEM CTF: Cyber Challenge 2019
https://ctftime.org/event/661
DEF CON CTF 2019 Quals
https://www.oooverflow.io/dc-ctf-2019-quals/
CTF 2019 - The 16th China International Tire and Wheel (Qingdao) Fair
https://bit.ly/2CWltVm
Official Website of CTF 2019 - The 16th China International Tire and Wheel (Qingdao) Fair, Qingdao, China
https://bit.ly/2VnsC8p
NeverLAN CTF
https://neverlanctf.com/
6.近期資安活動及研討會
Elixir台灣 台北 Meetup # Monday, March 4, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzfbgb/
Greenhost 如何建立獨立且開放的雲端主機平台?主題二:網路資源及路由管理: IP, AS Number, DNS 3/4
https://ocftw.kktix.cc/events/greenhost2
如何推動關鍵基礎設施之醫療及工控系統的資安防護 3/6
http://www.cisanet.org.tw/Services/express_more?id=2814
網站弱點評估實務 3/7
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3825&from_course_list_url=homepage
HackingThursday 固定聚會 March 7, 2019
https://www.meetup.com/hackingthursday/events/vkhnnqyzfbkb/
Arduino四軸飛行器開發實作,無人機硬體、無線遙控器、飛控軟體整合、飛行教學,一天學會 3/9
https://bit.ly/2LdYJ5H
AI於資訊安全之應用 3/9
https://hackercollege.nctu.edu.tw/?p=1042
【補助專班】AI人工智慧應用系列- AIoT智能物聯網開發人才就業養成班[免費諮詢] 3/12
https://ittraining.kktix.cc/events/aiot-training-2019
Building and Training Convolutional Neural Networks, CNN Wednesday, March 13, 2019
https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257484158/
HackingThursday 固定聚會 March 14, 2019
https://www.meetup.com/hackingthursday/events/vkhnnqyzfbsb/
源碼檢測實作 3/14
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3829&from_course_list_url=homepage
資安攻防演練主題講座 2019/03/14
https://hackersir.kktix.cc/events/fcu190314
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, March 20, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzfbbc/
網路封包分析實務 3/20
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3833&from_course_list_url=homepage
HackingThursday 固定聚會 March 21, 2019
https://www.meetup.com/hackingthursday/events/vkhnnqyzfbcc/
網路封包分析實務 3/21
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3833&from_course_list_url=homepage
國立交通大學 亥客書院 - 網路流量分析與檢測 3/23
https://hackercollege.nctu.edu.tw/?p=1036
Black Hat Asia 2019 2019年3月26-29日
https://ubm.io/2zZu87q
kubernetes 入門實作 3/28
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3789&from_course_list_url=homepage
HackingThursday 固定聚會 March 28, 2019
https://www.meetup.com/hackingthursday/events/vkhnnqyzfblc/
Elixir台灣 台北 Meetup # Monday, April 1, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzgbcb/
Modeling Sequences with Recurrent Neural Networks, RNN Wednesday, April 3, 2019
https://www.meetup.com/Deep-Learning-for-Sciences-Engineering-and-Arts/events/257484461/
網路封包分析實務 4/11
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3826&from_course_list_url=homepage
2019 ICANN APAC-TWNIC Engagement forum 4/16~4/17
https://forum.twnic.tw/
Industrial Control Systems (ICS) Cyber Security Conference APAC April 16-18, 2019
https://www.icscybersecurityconference.com/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, April 17, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzgbwb/
網站弱點評估實務 4/18
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3830&from_course_list_url=homepage
國立交通大學 亥客書院 - 緩衝區溢位攻擊與預防 新竹 4/20
https://hackercollege.nctu.edu.tw/?p=1052
資安健診 4/25
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3834&from_course_list_url=homepage
國立交通大學 亥客書院 - 基礎網站安全建構實務 5/4
https://hackercollege.nctu.edu.tw/?p=1045
Elixir台灣 台北 Meetup # Monday, May 6, 2019
https://www.meetup.com/elixirtw-taipei/events/njjhvpyzhbjb/
資安健診 5/9
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3827&from_course_list_url=homepage
國立交通大學 亥客書院 -電子郵件之偽造攻擊與防護措施安全通訊協定 5/11
https://hackercollege.nctu.edu.tw/?p=1054
iTHome 台灣雲端大會 Cloud Summit 2019 2019年 5 月 15 日 (三) 09:00~17:00
https://cloudsummit.ithome.com.tw/
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, May 15, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzhbtb/
網路封包分析實務 5/16
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3831&from_course_list_url=homepage
源碼檢測實作 5/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3835&from_course_list_url=homepage
第二十九屆全國資訊安全會議 5/23 ~ 5/24
https://cisc2019.cs.pu.edu.tw/index.php
International Conference CONSTRUCTIVE THEORY OF FUNCTIONS - 2019 SOZOPOL, June 2 - 8, 2019
http://www.math.bas.bg/mathmod/CTF-2019/
國立交通大學 亥客書院 - 密碼系統之漏洞、修補與檢測 6/15
https://hackercollege.nctu.edu.tw/?p=1039
Casual Meetup - IoT Talk & Drinks (Monthly) Wednesday, June 19, 2019
https://www.meetup.com/Taipei-Sigfox-User-Group/events/ctqnkpyzjbzb/
Splunk .conf 19 10/21 ~ 10/24
https://conf.splunk.com/
Industrial Control Systems (ICS) Cyber Security Conference USA October 21 – 24, 2019
https://www.icscybersecurityconference.com
沒有留言:
張貼留言