2019年7月26日 星期五

資安事件新聞週報 2019/7/22 ~ 2019/7/26

資安事件新聞週報  2019/7/22  ~  2019/7/26
1.重大弱點漏洞/後門/Exploit/Zero Day
為何漏洞修補會成為企業的一項挑戰?談虛擬修補( Virtual Patching)
https://blog.trendmicro.com.tw/?p=61059
新版 Chrome 讓網站無法檢測到用戶是否在使用隱身模式
http://chinese.engadget.com/2019/07/19/chrome-76-to-stop-private-browsing-checks/
RDP Bug Takes New Approach to Host Compromise
https://www.darkreading.com/risk/rdp-bug-takes-new-approach-to-host-compromise/d/d-id/1335297
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-19-144
Fortinet 產品繞過保安限制漏洞
https://fortiguard.com/psirt/FG-IR-16-090
https://fortiguard.com/psirt/FG-IR-19-111
IBM QRadar SIEM 跨站請求偽造漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4212
Over 8,500 Google Chrome Bug Reports, Larger Rewards in Store
https://www.bleepingcomputer.com/news/security/over-8-500-google-chrome-bug-reports-larger-rewards-in-store/
Google 宣布提高 Chrome 安全漏洞回報 獎金,最高達 30,000 美元
https://www.kocpc.com.tw/archives/270497
研究人員找到AI端點防護平台BlackBerry Cylance的通用旁路
https://www.ithome.com.tw/news/131980
IBM DB2 多個漏洞
https://www-01.ibm.com/support/docview.wss?uid=ibm10959043
FastJSON 遠程執行漏洞,速速升級
https://blog.csdn.net/youanyyou/article/details/96666200
德國網絡安全機構發現 VLC 播放器存在重大缺陷
https://unwire.hk/2019/07/22/critical-flaw-in-vlc-media-player-discovered-by-german-cybersecurity-agency/tech-secure/
Chrome 76 修復漏洞   禁絕網站偵測用戶隱私模式
https://unwire.hk/2019/07/22/google-chrome-76-incognito-mode/software/pc-app/
NVIDIA靜默修復Selfblow漏洞 可在Tegra芯片之上執行任意惡意代碼
https://www.expreview.com/69567.html
Windows 10 1809 Cumulative Update KB4505658 Released With Fixes
https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4505658-released-with-fixes/
Microsoft accidentally releases, then pulls Windows 10 preview build
https://www.zdnet.com/article/microsoft-accidentally-releases-then-pulls-windows-10-preview-release/#ftag=RSSbaffb68
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation
https://www.exploit-db.com/exploits/47176
Windows zero-days don't usually work against the latest OS version
https://www.zdnet.com/article/windows-zero-days-dont-usually-work-against-the-latest-os-version/
美國公司出售武器化BlueKeep 漏洞利用
http://hackernews.cc/archives/26641
US company selling weaponized BlueKeep exploit
https://www.zdnet.com/article/us-company-selling-weaponized-bluekeep-exploit/#ftag=RSSbaffb68
ProFTPd修補遠端程式攻擊漏洞,上百萬臺未更新ProFTPd伺服器恐曝險
https://www.ithome.com.tw/news/132007
ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers
https://www.bleepingcomputer.com/news/security/proftpd-remote-code-execution-bug-exposes-over-1-million-servers/
Remote code execution vulnerability in VLC remains unpatched
https://www.zdnet.com/article/remote-code-execution-vulnerability-in-vlc-remains-unpatched/
Palo Alto Networks VPN漏洞曝光,允許黑客遠程執行任意代碼
https://zhuanlan.zhihu.com/p/74841727
臺灣研究人員攻陷Palo Alto、Fortinet與Pulse Secure等SSL VPN服務漏洞
https://www.ithome.com.tw/news/132019
Palo Alto PAN-OS 遠端執行程式碼漏洞
https://securityadvisories.paloaltonetworks.com/Home/Detail/158
Critical flaw in Palo Alto VPN solution impacts Uber, other enterprises may be at risk
https://www.zdnet.com/article/uber-hit-by-critical-vulnerability-in-palo-alto-vpn-solution/#ftag=RSSbaffb68
Critical RCE Flaw in Palo Alto Gateways Hits Uber
https://threatpost.com/critical-rce-flaw-palo-alto-gateways-uber/146606/
Symantec Ghost Solution Suite DLL Hijack
https://support.symantec.com/us/en/article.SYMSA1474.html
CentOS-WebPanel CVE-2019-13359 CVE-2019-13360
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13359
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13360
Rapid7 Insight Agent CVE-2019-5629
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-5629
13 vulnerabilities disclosed in U-Boot loader
https://www.scmagazine.com/home/security-news/vulnerabilities/13-vulnerabilities-disclosed-in-u-boot-loader/
Unpatched vulnerabilities lurk in Comodo Antivirus
https://www.zdnet.com/article/comodo-antivirus-subject-to-serious-unpatched-vulnerabilities/#ftag=RSSbaffb68
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
一鍵登入所有金融服務,開放銀行能幫你省荷包?FinTech業者現身說
https://www.bnext.com.tw/article/54062/taiwan-open-banking-tsp-moneybook
推動開放銀行 業者擬結盟新創
https://money.udn.com/money/story/5613/3940467
國銀API串接企業 將邁大步
https://money.udn.com/money/story/5613/3940464
陳錦稷專欄:純網銀要如何監管
https://www.storm.mg/article/1496709?srcid=73746f726d2e6d675f63373766396366313733396365313337_1563757464
銀行爛頭寸有10兆元?金管會:不精確也不正確
https://ec.ltn.com.tw/article/breakingnews/2859808
「金飯碗」年輕人hold不住?銀行離職率最高是這家
https://www.cmmedia.com.tw/home/articles/16616
國軍保險由旺中旗下保險公司承保 國防部:符合資格無資安疑慮
https://www.upmedia.mg/news_info.php?SerialNo=67856
台灣基進揭旺中掌握國軍個資近10年?國防部:沒有資安疑慮
http://bit.ly/2JL4kBc
旺旺友聯承保 未洩官兵個資
https://www.chinatimes.com/newspapers/20190724000553-260102?chdtv
雨炸高雄!水灌銀行慘淹鈔票、ATM
http://bit.ly/2XXHxes
郵局系統大異常 全台ATM、儲匯都無法作業
https://udn.com/news/story/7266/3947430
中華郵政全台大當機 緊急搶修中
https://money.udn.com/money/story/5648/3947437?ref=tab20190724
中華郵政全臺ATM大當機,連臨櫃、手機App、網路郵局都中斷服務
https://www.ithome.com.tw/news/132003
中華郵政維修主機造成全國網路郵局、行動APP、ATM提款機都不能用,這樣的系統能讓人安心嗎
http://bit.ly/2Oepoo8
全台中華郵政電腦大當機 搶修中恢復時間未定
https://www.ntdtv.com/b5/2019/07/24/a102629290.html
郵局ATM當機2小時 完成搶修
https://www.chinatimes.com/realtimenews/20190724001905-260410?chdtv
中華郵政全台大當機 10時25分完成修復
https://money.udn.com/money/story/5648/3947687
郵局ATM當機已修復 原因是主機系統修補程式異常
https://www.chinatimes.com/realtimenews/20190724001952-260410?chdtv
交易程式改版致大當機 中華郵政致歉:測試時沒問題
https://news.ltn.com.tw/news/life/breakingnews/2862247
中華郵政全台當機2小時 高手揭「系統維修SOP」:財產放那安心嗎
https://udn.com/news/story/7086/3949191
中華郵政再度大當機 2年4次故障頻率奇高
https://n.yam.com/Article/20190725332733
ATM當機頻傳 銀行業列3種常見狀況與因應方法
https://www.cna.com.tw/news/afe/201907250115.aspx
才隔一個月又出包,中華郵政儲匯、ATM當機
http://bit.ly/2Y40CLP
純網銀效應 金管會鬆綁數位存款帳戶規定
https://money.udn.com/money/story/5613/3943077
銀行查核理專 五大要點
https://money.udn.com/money/story/5613/3930791
虛銀衝擊傳統銀行 電子支付將掀浪潮
http://bit.ly/2Y1FFBh
銀聯國際獲頒尼泊爾支付系統運營商牌照
https://news.sina.com.tw/article/20190724/32081238.html
香港上水中信銀行櫃員機兩cctv鏡頭遭人噴黑油
http://bit.ly/2JMJPEn
「長輩圖」流傳銀行出事 香港金管局澄清:絕無此事
http://bit.ly/2OgZiRv
「純網銀」是什麼?ㄧ張圖,秒懂純網銀、數位銀行、傳統銀行差在哪
https://www.managertoday.com.tw/articles/view/57991
操盤手涉嫌用LINE炒股 金管會盯上壽險公司列金檢重點
https://money.udn.com/money/story/5613/3948914
定了!7月22日起,國家取消企業銀行帳戶許可!這樣轉帳將嚴查
https://kknews.cc/finance/y36lmzb.html
曾被批詐騙集團、遭銀行界封殺,麻布記帳App如何搭上開放銀行風潮重生
https://www.bnext.com.tw/article/54107/moneybook
金害!賣保單缺失多達26個 中華郵政遭重罰80萬元
https://ec.ltn.com.tw/article/breakingnews/2864170
純網銀下周公布 傳統銀行砸資源備戰
https://udn.com/news/story/7239/3951152
歐盟立法PSD2指令,許多歐盟銀行放棄不安全的SMS OTP驗證
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=895
New Audit Finds More Security Vulnerabilities at IRS
https://www.bankinfosecurity.com/new-audit-finds-more-security-vulnerabilities-at-irs-a-12803
Spray and Pray: Magecart Campaign Breaches Websites En Masse Via Misconfigured Amazon S3 Buckets
https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/
FIN8 Group Returns, Targeting POS Devices With New Tools
https://www.bankinfosecurity.com/fin8-group-returns-targeting-pos-devices-new-tools-a-12819
ABADBABE 8BADF00D: Discovering BADHATCH and a Detailed Look at FIN8’s Tooling
https://atr-blog.gigamon.com/2019/07/23/abadbabe-8badf00d-discovering-badhatch-and-a-detailed-look-at-fin8s-tooling/
3.電子支付/電子票證/行動支付/ pay/新聞及資安
電子錢包的私隱成本
http://bit.ly/2OhSmDA
日本7-11行動支付被盜刷 疑中國犯罪集團犯案
https://www.bannedbook.org/bnews/zh-tw/worldnews/20190712/1157342.html
數百名用戶遭駭客竊取5,000多萬日圓 日本7-11停用手機支付App
https://digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=80&cat3=45&id=0000564028_2M1LKTXU39OUN97MGWLOD
電子票證擁高市占 三大Pay稱霸
https://www.chinatimes.com/newspapers/20190722000398-260208?chdtv
亞太電信GtPay 搶智慧繳費商機
https://money.udn.com/money/story/12524/3939346
小米9T使用台哥大wali錢包nfc行動支付
https://www.ptt.cc/bbs/MobileComm/M.1563061109.A.67B.html
三分鐘就升級!串接行動支付、自動通知補貨,業安科技讓販賣機變得更智慧
http://bit.ly/2Y1pwM1
LINE Pay綁定個資 稅款即查即繳
http://bit.ly/2K5g0hs
網家Pi錢包支付 露天採用
https://money.udn.com/money/story/11074/3951321
土耳其領先的新一代支付平臺ininal攜手Visa為客戶提供更大的金融包容性
http://bit.ly/2OjXLdo
LG Pay launches in US on the G8 ThinQ with MST capability
https://www.zdnet.com/article/lg-pay-launches-in-us-on-the-g8-thinq-with-mst-capability/#ftag=RSSbaffb68
4.虛擬貨幣/區塊鍊   新聞及資安
關於TokenLinkedToken的一點記錄
https://0cch.com/2018/08/24/tokenlinkedtoken-tip/
最新比特幣漏洞:利用PDF漏洞的比特幣木馬
http://www.bitcoin86.com/teach/411.html
智能合約中的漏洞0x-區塊鍊趨勢
https://0xzx.com/201907211737180946.html
中國法院第一次將「比特幣認定為財產」
https://www.blocktempo.com/china-ruling-bitcoin-is-property-again-is-major-milestone-says-investor/
接受比特幣作為支付方式!外媒評選出10個對比特幣最友好的國家
https://news.sina.com.tw/article/20190722/32052052.html
證實台灣客戶受駭客事件影響,BITPoint Taiwan將導入自身系統 防範類似事件重演
http://bit.ly/2YfIWYN
交易所幣寶台灣(Bitpoint Taiwan)全面停止服務,調查是否受日本駭客事件波及
https://www.blocktempo.com/bitpoint-taiwan-fully-suspend/
不怕川普對加密貨幣開砲 幣安創辦人:越監管讓人越想要
https://ec.ltn.com.tw/article/breakingnews/2861306
Libra 受到各國政府阻擋而前景堪憂!英國:它只是個數據庫罷了
https://buzzorange.com/techorange/2019/07/15/libra-future-not-good/
BC科技推加密貨幣保險 最高受保限額39億
http://bit.ly/2LCO7Af
交易所巨頭 Coinbase 計畫成立「自己的保險公司」
https://www.blocktempo.com/coinbase-is-in-talks-to-launch-its-own-insurance-company/
調查局:虛擬通貨易淪為吸金詐騙工具
https://money.udn.com/money/story/5648/3950555
為深入調查是否遭駭客波及,幣寶台灣 (Bitpoint Taiwan) 宣布全面暫停服務
https://www.xfastest.com/thread-230973-1-1.html
Japan to create SWIFT replacement for global cryptocurrency trading
https://www.zdnet.com/article/japan-to-create-swift-replacement-for-global-cryptocurrency-trading/#ftag=RSSbaffb68
Judge allows suit against AT&T after $24 million cryptocurrency theft
https://arstechnica.com/tech-policy/2019/07/judge-allows-suit-against-att-after-24-million-cryptocurrency-theft/
Robinhood admits to storing some passwords in cleartext
https://www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/#ftag=RSSbaffb68
Robinhood reveals error that left user passwords exposed
https://www.reuters.com/article/us-robinhood-cyber/robinhood-reveals-error-that-left-user-passwords-exposed-idUSKCN1UJ318
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
資安公司發現瞄準Linux桌面使用者的後門程式EvilGnome
https://www.ithome.com.tw/news/131942
間諜程式Pegasus再進化!透過手機複製用戶身份驗證密鑰 竊取個資、雲端數據
https://www.ettoday.net/news/20190719/1494275.htm
Sodinokibi勒索病毒利用Flash漏洞強勢來襲
https://www.secpulse.com/archives/109835.html
電腦蠕蟲除不盡吹又生 病毒後門攻擊阻斷樣樣來 網頁伺服器安全不設防 小心挖礦惡意程式找上門
https://www.netadmin.com.tw/netadmin/zh-tw/technology/71FBC8AE6F9A4DF3891EE7F76D88ACAD
中惡意程式攻台 逾全球平均4倍量
https://ec.ltn.com.tw/article/paper/1305549
Lookout揭開由俄羅斯國防承包商STC所打造的高級間諜程式Monokle面紗
https://www.ithome.com.tw/news/132039
Avast detects and protects users from malware targeting banks, Netflix
https://blog.avast.com/avast-protects-users-from-malware-targeting-banks
New variants of Russian mobile Banking Trojan Riltok go international
http://destinationthailandnews.com/tourism/technology/new-variants-of-russian-mobile-banking-trojan-riltok-go-international.html
APT34 spread malware via LinkedIn invites
http://bit.ly/2YoxwWX
APT17 is run by the Jinan bureau of the Chinese Ministry of State Security
https://intrusiontruth.wordpress.com/2019/07/24/apt17-is-run-by-the-jinan-bureau-of-the-chinese-ministry-of-state-security/
APT-doxing group exposes APT17 as Jinan bureau of China's Security Ministry
https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/#ftag=RSSbaffb68
Dridex Trojan: A glimpse into the banking trojan’s malicious activities
https://cyware.com/news/dridex-trojan-a-glimpse-into-the-banking-trojans-malicious-activities-05a87590
Ransomware Attacks Grow Rampant, Paying Still Not a Good Option
https://www.bleepingcomputer.com/news/security/ransomware-attacks-grow-rampant-paying-still-not-a-good-option/
Google cleans out stalker, spyware apps from Play Store
https://www.zdnet.com/article/google-cleans-out-stalker-apps-from-play-store/
Ransomware Attacks Cloud Service Provider Insynq Impacted
https://www.msspalert.com/cybersecurity-breaches-and-attacks/ransomware/insynq-outage/
NSO Responds To Claim Its Spyware Hacks Apple, Facebook And Google Clouds (Updated)
https://www.forbes.com/sites/zakdoffman/2019/07/19/israeli-whatsapp-spyware-now-targets-icloud-google-and-facebook-via-phones-report/
Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections
https://threatpost.com/iran-apt34-linkedin-malware/146575/
THE AVAST ABUSER: METAMORFO BANKING MALWARE HIDES BY ABUSING AVAST EXECUTABLE
https://blog.ensilo.com/metamorfo-avast-abuser
BITPAYMER RANSOMWARE LEVERAGING NEW CUSTOM PACKER FRAMEWORK AGAINST TARGETS ACROSS THE U.S.
http://bit.ly/30Knz3x
Fake Office 365 Site Pushes Trickbot Trojan as Browser Update
https://www.bleepingcomputer.com/news/security/fake-office-365-site-pushes-trickbot-trojan-as-browser-update/
Mirai malware sets sights on enterprise IoT devices ripe for picking
http://bit.ly/30JfPik
Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’
https://blog.trendmicro.com/trendlabs-security-intelligence/multistage-attack-delivers-billgates-setag-backdoor-can-turn-elasticsearch-databases-into-ddos-botnet-zombies/
Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide
https://blog.trendmicro.com/trendlabs-security-intelligence/old-tools-for-new-money-url-spreading-shellbot-and-xmrig-using-17-year-old-xhide/
This Week in Security News: Spam Campaigns and Mobile Malware
https://blog.trendmicro.com/this-week-in-security-news-spam-campaigns-and-mobile-malware/
Targeted Ransomware: Proliferating Menace Threatens Organizations
https://www.symantec.com/blogs/threat-intelligence/targeted-ransomware-threat
Researchers Trick Cylance Into Giving Malware a Pass
https://www.bankinfosecurity.asia/researchers-trick-cylance-into-giving-malware-pass-a-12798
Cloud-based virtual desktop provider hit by ransomware
https://www.zdnet.com/article/cloud-based-virtual-desktop-provider-hit-by-ransomware/#ftag=RSSbaffb68
iNSYNQ Continues Recovery From MegaCortex Ransomware Attack
https://www.bankinfosecurity.com/insynq-continues-recovery-from-megacortex-ransomware-attack-a-12816
Ransomware: Most Popular Malware in Underground Forums
https://www.bleepingcomputer.com/news/security/ransomware-most-popular-malware-in-underground-forums/
Popular Malware Families Using 'Process Doppelgänging' to Evade Detection
https://thehackernews.com/2019/07/process-doppelganging-malware.html
Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List
https://thehackernews.com/2019/07/linux-malware-windows-bluekeep.html
Watching the WatchBog: New BlueKeep Scanner and Linux Exploits
https://www.intezer.com/blog-watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/
BlueKeep Scanner Discovered in Watchbog Cryptomining Malware
https://www.bleepingcomputer.com/news/security/bluekeep-scanner-discovered-in-watchbog-cryptomining-malware/
New Android Spyware Created by Russian Defense Contractor Found in the Wild
https://thehackernews.com/2019/07/russian-android-spying-apps.html
Sodinokibi Ransomware Distributed by Hackers Posing as German BSI
https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-distributed-by-hackers-posing-as-german-bsi/
Popular File-Sharing Service WeTransfer Used in Malicious Spam Campaigns
https://threatpost.com/popular-file-sharing-service-wetransfer-used-in-malicious-spam-campaigns/146671/
Dridex Banking Trojan, RMS RAT eliminado a través de mensajes de correo electrónico falso
https://www.todotech20.com/dridex-banking-trojan-rms-rat-eliminado-a-traves-de-mensajes-de-correo-electronico-falso/
Mobile malware attacks are booming in 2019: These are the most common threats
https://theusbreakingnews.com/mobile-malware-attacks-are-booming-in-2019-these-are-the-most-common-threats/
New malware attack turns Elasticsearch databases into DDoS botnet
https://www.hackread.com/malware-attack-turns-elasticsearch-databases-into-ddos-botnet/
Ransomware incident leaves some Johannesburg residents without electricity
https://www.zdnet.com/article/ransomware-incident-leaves-some-johannesburg-residents-without-electricity/#ftag=RSSbaffb68
B.行動安全 / iPhone / Android /穿戴裝置 /App
LINE熊大兔兔主題試用包 一招免費升級永久使用
https://udn.com/news/story/11017/3939480?from=udn-catebreaknews_ch2
別急著跟風「變老」修圖App傳個資爭議
https://news.cts.com.tw/cts/international/201907/201907191968116.html
FaceApp老臉濾鏡太夯 波蘭立陶宛憂用戶資安要查
https://www.cna.com.tw/news/aopl/201907190053.aspx
FaceApp資安疑慮 波蘭、立陶宛啟動調查
http://www.epochtimes.com/b5/19/7/19/n11395985.htm
俄製變老 Faceapp 大熱 卡巴斯基警告有安全風險
http://bit.ly/2Gy3whp
掀起全球流行的變臉軟體 FaceApp,資安疑慮引發各界關注
https://www.twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=894
近期用戶帳號憑證外洩牽扯到4年前的資安事件,促使Slack要求部分用戶重設密碼
https://www.ithome.com.tw/news/131936
「抖音」資安雪球越滾越大 印度政府不排除再度封殺
https://www.taiwannews.com.tw/ch/news/3747882
Google 發現能讓 iPhone 變磚的 iMessage 訊息炸彈
https://twcert.org.tw/subpages/securityInfo/securitypolicy_details.aspx?id=891
杜絕轟炸式廣告!200多款中國軟體被Google下架
https://newtalk.tw/news/view/2019-07-19/274880
網路霸凌刪留言也沒用 區塊鏈存證王APP讓兇手無所遁形
https://www.youtube.com/watch?v=DjbQbuuKVCc&
以區塊鏈提高數位證據有效性,區塊科技推出區塊鏈存證王 App
https://technews.tw/2019/07/18/blockchain-witness-app/
新工具聲稱可盜取目標手機及雲端資料
https://unwire.hk/2019/07/21/security-firm-tool-harvest-icloud-data/fun-tech/
以色列業者推出可竊取臉書、iCloud、Google等雲端服務資料的間諜工具
https://ithome.com.tw/news/131958
iOS URL Scheme有可能被惡意劫持
https://blog.trendmicro.com.tw/?p=61202
西媒稱5G網路安全且強大:風險其實來自超級互聯
https://news.sina.com.tw/article/20190722/32052954.html
藏有「跟蹤程式」 Google下架Play Store7款APP
http://bit.ly/32Qdsfp
iOS 12.4軟體更新 iPhone轉移資料更方便
http://bit.ly/2Gu1Hlw
專家警告:中國影像APP有洩漏個資疑慮
https://ec.ltn.com.tw/article/breakingnews/2863372
LINE訊息查證服務教學:教你分辨消息到底是真是假,防止謠言擴散
https://mrmad.com.tw/line-message-verification
美專家:陸App分享數據給中共
http://bit.ly/30UsMpB
使用家庭及公共 Wi-Fi 時需檢測的項目
https://blog.trendmicro.com.tw/?p=60970
Apple’s July patchfest fixes bugs in multiple products
https://nakedsecurity.sophos.com/2019/07/24/apple-fixes-bug-two-months-after-publication/
Amenaza móvil: Los atacantes pueden manipular archivos multimedia de WhatsApp y Telegram
https://www.symantec.com/blogs/america-latina/amenaza-movil-whatsapp-y-telegram
Sym Mobile Threat: Invasores podem manipular seus arquivos de mídia do WhatsApp e Telegram
https://www.symantec.com/blogs/portugues/mobile-threat-invasores-manipular-midia-whatsapp-telegram
AT&T fails to have $24 million SIM-swap attack lawsuit dismissed
https://www.zdnet.com/article/at-t-fails-to-have-24-million-sim-swap-attack-lawsuit-dismissed/#ftag=RSSbaffb68
Fake PornHub And Google Android Apps Are Actually ‘Russian Spy Tools’
http://bit.ly/32P0JcR
Your Android Phone Can Get Hacked Just By Playing This Video
https://thehackernews.com/2019/07/android-media-framework-hack.html
The Android Security Wiki
https://www.peerlyst.com/posts/the-android-security-wiki-chiheb-chebbi
Advanced mobile surveillanceware, made in Russia, found in the wild
https://arstechnica.com/information-technology/2019/07/advanced-mobile-surveillanceware-made-in-russia-found-in-the-wild/
C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
駭客攻擊趨增 企業加強防衞 網絡安全技術員極渴市
http://bit.ly/2JFYtxe
Check Point揭露遊戲平台重大安全漏洞
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000563546_F144GA5S5P5BIA5FDQKUM
Akamai威脅研究指出遊戲產業漸成熱門目標 攻擊次數已突破120億次
https://times.hinet.net/news/22479089
賣場工讀生利用網購系統漏洞 侵吞23萬餘貨品吃官司
https://news.ltn.com.tw/news/society/breakingnews/2861077
誤信破解程式 男大生入甕輸光學費
https://www.chinatimes.com/newspapers/20190721000607-260106?chdtv
西門子外包商在檔案植入邏輯炸彈詐取維護費用,遭求處10年刑期
https://www.ithome.com.tw/news/132011
驚!我家裝海康威視 民間監視器出現汰換潮
https://news.ltn.com.tw/news/politics/breakingnews/2857745
美國大學所使用的ERP系統遭駭客入侵,62所學校受害
https://www.ithome.com.tw/news/131955
美國強化.gov的DNS安全性
https://www.ithome.com.tw/news/131935
美國大舉抓間諜 難補國家漏洞太多
http://bit.ly/2Z1bQx7
華為第二?中國無人機大廠大疆也遭美「斷糧」
https://udn.com/news/story/12639/3939785
華為前員工透露、該公司在捷克秘密收集個資
https://fnc.ebc.net.tw/FncNews/headline/92986
阿聯續用華為5G 美國憂情資安全漏洞
https://m.ltn.com.tw/news/world/breakingnews/2862847
不甩美國禁令!華為全球奪下50個5G合約 28個在歐洲
https://cnews.com.tw/140190723a03/
中共網軍滲透破壞 無孔不入
https://www.ydn.com.tw/News/345095
阿里雲當選CNCERT國家級網路安全應急服務支撐單位
https://news.sina.com.tw/article/20190722/32049980.html
Cape 憂資安問題停止與 DJI 合作 真正終止服務在一年後
http://bit.ly/32MlBBP
傳統領域風險可控 新興領域挑戰加大——中國互聯網網路安全觀察
https://news.sina.com.tw/article/20190719/32030180.html
駭客攻入俄羅斯聯邦安全局承包商伺服器 竊取7.5TB的數據
http://big5.pconline.com.cn/b5/news.pconline.com.cn/1277/12777568.html
俄國科企 Sitek 被駭 揭露俄情報機關多項網絡攻擊專案
http://bit.ly/2Y6hBs7
俄安全局爆史上最大外洩事件 駭客留圖到此一遊
https://newtalk.tw/news/view/2019-07-22/275556
英國倫敦大都會警察局賬號被黑:連發十幾條消息罵警察
http://bit.ly/2LzpZOW
美國大學所使用的ERP系統遭駭客入侵,62所學校受害
https://www.ithome.com.tw/news/131955
專家傳真-從美國新版資安架構 看發展契機
http://bit.ly/2XWWBZu
美軍研發的資安工具 如何變成網路黑市的隱密服務
https://www.mirrormedia.mg/story/20190624intdarkwebcase
美國國安局NSA約聘人員外洩機密資料被判9年
https://www.ithome.com.tw/news/131979
美國FBI局長:中國是頭號諜報威脅
https://www.rti.org.tw/news/view/id/2028397
FBI:我們正在調查 1000 件智慧財產竊盜未遂案,「幾乎都跟中國人有關」
https://buzzorange.com/techorange/2019/07/24/fbi-say-chinese-steal-ip/
美國制裁不夠痛? FBI局長指俄羅斯仍密謀干擾大選
https://newtalk.tw/news/view/2019-07-24/276526
波灣對峙局勢再升級 伊朗官媒:破獲並逮捕17名美國CIA間諜
http://bit.ly/2JY0bsE
谷歌疑助中共為虐 搜索大紀元新聞被做手腳
http://bit.ly/2Y6ErzU
巴斯夫、西門子等多企業證實遭駭 德國公視︰受中國政府支持
https://ec.ltn.com.tw/article/breakingnews/2863028
中國指使 德大廠接連遇駭
https://ec.ltn.com.tw/article/paper/1305790
中國新國防白皮書聚焦「網路戰」 並列核武項目等級
http://bit.ly/2SDqE2L
【逃犯條例】內地網軍「帝吧」教人註冊Facebook 召網民翻牆洗版
http://bit.ly/32GF2vD
帝吧成員個資被起底 「出征香港」喊停
http://bit.ly/2YgeLRy
《英雄聯盟》玩家當心個資問題?!開發商Riot遭外媒指名協助中國打造監控系統
https://www.gamebase.com.tw/news/topic/99215264/
防駭客 美國洛杉磯港招商建網絡防衛中心
http://www.epochtimes.com/b5/19/7/25/n11408044.htm
巴西總統手機疑遭駭 犯嫌曾對調查貪汙人員下手
https://money.udn.com/money/story/5599/3952676
遭網路攻擊,美國路易斯安那州宣布進入緊急狀態
https://www.ithome.com.tw/news/132060
美國國安局將增設網路安全處
https://www.ithome.com.tw/news/132016
Out from the Shadows: The Dark Web
https://www.webroot.com/blog/2019/07/23/out-from-the-shadows-the-dark-web/
NSA to establish a defense-minded division named the Cybersecurity Directorate
https://www.zdnet.com/article/nsa-to-establish-a-defense-minded-division-named-the-cybersecurity-directorate/#ftag=RSSbaffb68
Oracle: China's internet is designed more like an intranet
https://www.zdnet.com/article/oracle-chinas-internet-is-designed-more-like-an-intranet/#ftag=RSSbaffb68
Hackers leak documents stolen from contractor for Russian intel agency
https://www.scmagazine.com/home/security-news/hackers-leak-documents-stolen-from-contractor-for-russian-intel-agency/
Hackers breach FSB contractor, expose Tor deanonymization project and more
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/#ftag=RSSbaffb68
Palo Alto gateway security alert, FSB hack, scourge of data-stealing web plugins, and more
https://www.theregister.co.uk/2019/07/21/security_roundup_190719/
Russia's Secret Intelligence Agency Hacked: 'Largest Data Breach In Its History'
https://www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-has-been-hacked-with-social-media-and-tor-projects-exposed/
Contractor who stole 50TB of NSA data gets nine years in prison
https://www.zdnet.com/article/contractor-who-stole-50tb-of-nsa-data-gets-nine-years-in-prison/
Russian intelligence 'targets Tor anonymous browser'
https://www.bbc.com/news/technology-49071225
Tricking attackers through the art of deception
https://www.helpnetsecurity.com/2019/07/23/art-of-deception/
Amended Law Paves Way for Cybercrime Crackdown
https://www.bankinfosecurity.asia/amended-law-paves-way-for-cybercrime-crackdown-a-12807
Recent DNS Hijacking Campaigns Trigger Government Action
https://www.bankinfosecurity.com/recent-dns-hijacking-campaigns-trigger-government-action-a-12814
Russian lawmakers want to restrict email access by telephone verification, and force providers to block banned information
http://bit.ly/2YdUL1Q
Mueller: Russian Interference 'Serious' Threat to Democracy
https://www.bankinfosecurity.com/mueller-russian-interference-serious-threat-to-democracy-a-12827
UK, EU police pilot scheme to give wayward teen hackers white hats
https://www.zdnet.com/article/uk-eu-police-pilot-scheme-to-give-wayward-teen-hackers-white-hats/#ftag=RSSbaffb68
Kazakhstan's HTTPS interception efforts target Facebook, Google, Twitter, others
https://www.zdnet.com/article/kazakhstans-https-interception-efforts-target-facebook-google-twitter-others/#ftag=RSSbaffb68
Hackers used password spraying to breach Citrix, investigation confirms
https://www.cyberscoop.com/hackers-used-password-spraying-breach-citrix-investigation-confirms/
Russia targeted election systems in all 50 states, Senate concludes
https://www.theverge.com/2019/7/25/8930985/russia-targeted-election-systems-in-all-50-states-senate-concludes
Bradford man arrested over Lancaster University hacking spree
https://www.zdnet.com/article/bradford-man-arrested-over-lancaster-university-hacking-spree/#ftag=RSSbaffb68
資安專案管理
http://bit.ly/2Y1XpYp
福利大勝上市企業!禾豐網路科技年假12天 薪上看12萬 RSS訂閱
https://www.1111.com.tw/news/jobns/125096/
與外商搶人 訊連祭百萬年薪留才
https://ec.ltn.com.tw/article/breakingnews/2859915
[約聘]駐點工程師(108/8~12月)
https://www.104.com.tw/job/6jpce
助理資安服務工程師
https://www.104.com.tw/job/6omb0
DEVCORE 徵求行政專員
https://devco.re/blog/2019/07/23/devcore-201907-recruit/
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
全球有2300萬筆信用卡號流向暗網
https://www.ithome.com.tw/news/132059
30美金買個資!2集團狂刷300萬 持卡人「否認交易」...店家慘賠
https://www.ettoday.net/news/20190726/1499173.htm
鑽網路刷卡無驗證漏洞 2盜刷集團得手200多萬
https://www.chinatimes.com/realtimenews/20190726002575-260402?chdtv
羅生門?!刷卡後15分鐘 他的卡被盜刷
https://fnc.ebc.net.tw/FncNews/life/92910
AT&AT因涉及SIM卡交換詐騙被告喊冤,法官拒絕撤銷訴訟
https://www.ithome.com.tw/news/132029
調查局籲請民眾慎防手機簡訊詐騙
https://www.chinatimes.com/realtimenews/20190718001617-260402?chdtv
疑上網購物的資料遭駭客入侵女子信用卡被人用來轉帳12次
https://c4news.site/archives/44103
台灣巴斯夫遭大陸1.7億挖角 5員工竊機密投奔550萬年薪
https://money.udn.com/money/story/5648/3947653
有8款瀏覽器擴充程式會竊取用戶機密資料
https://www.ithome.com.tw/news/131945
舉國無隱私!保加利亞遭遇史無前例黑客入侵 導致個資外洩
https://news.sina.com.tw/article/20190719/32022246.html
駭客攻擊保加利亞國稅局資料庫,七成民眾個資全外洩
https://www.inside.com.tw/article/16977-bulgaria-hack-tax
這個國家全員遭駭 個人稅務資料外流
https://www.chinatimes.com/realtimenews/20190721002153-260417?chdtv
資安部門在睡覺? 這個國家500萬人個資遭竊
https://news.ltn.com.tw/news/world/breakingnews/2859484
整個國家都被盜了!500萬人個資外洩
https://udn.com/news/story/6809/3942403
人力銀行遭駭洩個資 警偵辦
http://www.cdns.com.tw/news.php?n_id=3&nc_id=311423
疑舊資料庫遭駭個資外洩 1111人力銀行發聲明了
http://www.s8088.com/forum.php?mod=viewthread&tid=1241688&extra=page=1
20萬筆個資遭洩 1111人力銀行:已報案、會負責到底
http://bit.ly/2O537ZV
1111人力銀行20萬筆個資遭洩!公司:外洩範圍尚未能掌握,會負責賠償
https://www.storm.mg/article/1501207
1111人力銀行證實20萬筆個資外洩 8年前網站外包遭竊
https://udn.com/news/story/7239/3937736
駭客賣人力銀行20萬筆個資 囂張公開12人姓名電話住址
https://www.ettoday.net/news/20190719/1493824.htm
20萬筆求職個資外洩 中文名在美國論壇曝光
https://udn.com/news/story/7314/3940511
人力銀行遭駭客攻擊 個資全都露
https://news.cts.com.tw/cts/society/201907/201907191968140.html
人力銀行傳20萬個資遭竊
https://money.udn.com/money/story/5612/3940449
20萬筆個資全露 人力銀行:幫會員投2億責任險
https://fnc.ebc.net.tw/FncNews/video/92731
浸大教學系統被入侵 學生照片、電郵資料外洩
http://bit.ly/32DoDbe
研究發現大部分成人網站會向 Google 和 Facebook 提供個人資料
https://unwire.hk/2019/07/21/google-facebook-sex-websites/fun-tech/
全國學生資助中心預警:准大學生勿輕信網貸、誤入騙局
https://news.sina.com.tw/article/20190722/32053512.html
Equifax料支付55億 尋求數據外泄和解
http://bit.ly/2MbZ1wn
資安公司警告,Office 365 詐騙釣魚信越來越多
https://technews.tw/2019/07/23/cyber-security-company-warns-office-365-phishing-is-increasing/
數字支付調研:「盜刷」背後 新舊場景如何交融裂變
https://news.sina.com.tw/article/20190724/32069884.html
台積電1年管8千條機密,保密天條首曝光:列印用金屬紙、員工電郵全「掃描」
https://money.udn.com/money/story/5612/3939974
劍橋事件告一段落!臉書以50億美金與FTC達成和解
https://newtalk.tw/news/view/2019-07-24/276609
女大生上網買隔離霜 積蓄險被清空
https://wantweekly.turnnewsapp.com/broke/6768.html
Your business hit by a data breach? Expect a bill of $3.92 million
https://www.zdnet.com/article/your-business-hit-by-a-data-breach-expect-a-bill-of-3-92-million/#ftag=RSSbaffb68
BEC Scams Remain a Billion-Dollar Enterprise, Targeting 6K Businesses Monthly
https://www.symantec.com/blogs/threat-intelligence/bec-scams-trends-and-themes-2019
BEC Scams Cost U.S. Companies $300 Million Per Month: Study
https://www.bankinfosecurity.asia/bec-scams-cost-us-companies-300-million-per-month-study-a-12805
Equifax, regulators close to signing $700m deal to settle data breach lawsuits
https://www.zdnet.com/article/equifax-regulators-close-to-signing-700m-deal-to-settle-data-breach-case/#ftag=RSSbaffb68
Cyber News Rundown: Evite Data Breach
https://www.webroot.com/blog/2019/07/19/cyber-news-rundown-evite-data-breach/
Phishing Scheme Targets Amex Cardholders
https://www.bankinfosecurity.com/phishing-scheme-targets-amex-cardholders-a-12796
2.3 Billion Files Exposed Online: The Root Causes
https://www.bankinfosecurity.com/interviews/23-billion-files-exposed-online-root-causes-i-4391
Sky Customers Urged to Reset Passwords
https://www.infosecurity-magazine.com/news/sky-customers-urged-to-reset/
Data breaches can haunt firms for years
https://www.welivesecurity.com/2019/07/24/data-breach-cost-fallout/
FTC hits Facebook with record $5 billion fine for user privacy violations
https://www.zdnet.com/article/ftc-hits-facebook-with-record-5-billion-fine-for-user-privacy-violations/#ftag=RSSbaffb68
Data breach cost rises to $4 million per incident; U.S. victims hit even harder
https://www.scmagazine.com/home/security-news/data-breach/data-breach-cost-rises-to-4-million-per-incident-u-s-victims-hit-even-harder/
Credentials stuffing attack prompts password resets for Sky customers
https://www.zdnet.com/article/credentials-stuffing-attack-prompts-password-resets-for-sky-customers/#ftag=RSSbaffb68
Data breaches can haunt firms for years
https://www.welivesecurity.com/2019/07/24/data-breach-cost-fallout/
E.研究報告
可背景執行的 VBS 腳本,容易被駭客利用,建議開發者慎用
https://blog.trendmicro.com.tw/?p=61295
分析Cloudfare一條正則表達式,造成全球大事件的想法
http://bit.ly/2GpUm6k
全球高級持續性威脅(APT) 2019年上半年研究報告
https://s.tencent.com/research/report/762.html
使用USB隨身碟,三個注意事項
https://blog.trendmicro.com.tw/?p=60106
超80萬個系統仍受BlueKeep漏洞威脅
http://www.360.cn/n/10751.html
CVE-2019-0888:Windows ActiveX數據對象UAF漏洞分析
https://juejin.im/entry/5d3035786fb9a07ef81a351a
Nginx 解析漏洞復現
https://blog.51cto.com/14259144/2421848
honggfuzz 漏洞挖掘技術原理分析
https://www.anquanke.com/post/id/181936
某第三支付邊界機漏洞導致的內網滲透
http://bit.ly/2JREKJN
USBCreator D-Bus接口漏洞分析
https://xz.aliyun.com/t/5683
路由器漏洞分析系列(2):CVE-2018-20056 DIR-619L&605L棧溢出漏洞分析及復現
https://xz.aliyun.com/t/5699
CVE-2019-11815:Linux內核競爭條件漏洞導致遠程代碼執行
https://www.freebuf.com/vuls/208256.html
WebLogic任意文件上傳漏洞(CVE-2019-2618)復現
https://www.lizenghai.com/archives/25730.html
隱藏在Chakra引擎中的一個RCE漏洞
https://www.4hou.com/vulnerable/19328.html
微軟RDP服務高危UAF漏洞分析(CVE-2019-0708)
http://www.sohu.com/a/329427868_354899
CVE-2019-12747:TYPO3 9.5.7 RCE漏洞分析
https://www.anquanke.com/post/id/182448
nginx解析漏洞復現
https://www.lizenghai.com/archives/25864.html
CVE-2019-12384漏洞分析及复現
https://www.freebuf.com/vuls/209394.html
Buhtrap黑客組織最新0day漏洞分析
http://www.sohu.com/a/329165588_354899
資料儲存的未來! 在DNA上SQL查詢已成現實
https://bigdatafinance.tw/index.php/trend/939-dna-sql
路由器漏洞分析系列-CVE-2019-7297 7298 D-Link DIR-823G命令注入漏洞復現
https://xz.aliyun.com/t/5705
在 Chrome 的 FileSystem API 的漏洞被補上後,偵測私密瀏覽模式的方式
http://bit.ly/2OeW00R
淺談struts2的漏洞防護與繞過 - 中
http://bit.ly/32OICnn
7月25日每日安全熱點- Black Hat大會披露波音787安全漏洞
https://www.anquanke.com/post/id/182702
phpIPAM 繁體中文語系開啟與更新方式
https://blog.jason.tools/2019/07/phpipam-cpatch-install.html
jasoncheng7115/phpipam-cpatch
https://github.com/jasoncheng7115/phpipam-cpatch
Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS)
https://www.imperva.com/blog/imperva-blocks-our-largest-ddos-l7-brute-force-attack-ever-peaking-at-292000-rps/
Streaming service withstands 13‑day DDoS siege
https://www.welivesecurity.com/2019/07/25/streaming-service-ddos/
CYBER ATTACK TRENDS: 2019 MID-YEAR REPORT
https://research.checkpoint.com/cyber-attack-trends-2019-mid-year-report/
Why Hackers Abuse Active Directory
https://www.bankinfosecurity.com/hackers-abuse-active-directory-a-12825
Hard Pass: Declining APT34’s Invite to Join Their Professional Network
https://www.fireeye.com/blog/threat-research/2019/07/hard-pass-declining-apt34-invite-to-join-their-professional-network.html
Git Hound – Find Exposed Keys Across GitHub Using Code Search Keywords
https://kalilinuxtutorials.com/git-hound-exposed-keys-across-github/
Hvazard : Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists
https://kalilinuxtutorials.com/hvazard/
Jackson gadgets - Anatomy of a vulnerability
https://blog.doyensec.com/2019/07/22/jackson-gadgets.html
kirk-sayre-work/talks
https://github.com/kirk-sayre-work/talks
fireeye/flare-emu
https://github.com/fireeye/flare-emu
skype-project/skype
https://github.com/skype-project/skype
NYAN-x-CAT/Disable-Windows-Defender
https://github.com/NYAN-x-CAT/Disable-Windows-Defender/blob/master/Disable-Windows-Defender/Program.cs
Introducing the Office 365 Attack Toolkit
https://www.mdsec.co.uk/2019/07/introducing-the-office-365-attack-toolkit/
CyberGhost VPN review: More than just VPN, an all-in-one security kit
https://www.zdnet.com/article/cyberghost-vpn-review-more-than-just-vpn-an-all-in-one-security-kit/#ftag=RSSbaffb68
9 Ways to Avoid an Incident Response Disaster
https://www.symantec.com/blogs/feature-stories/9-ways-avoid-incident-response-disaster
COModo: From Sandbox to SYSTEM (CVE-2019–3969)
https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
How DNS firewalls can burn security teams
https://www.helpnetsecurity.com/2019/07/22/dns-firewalls/
A Rust-based TLS library outperformed OpenSSL in almost every category
https://www.zdnet.com/article/a-rust-based-tls-library-outperformed-openssl-in-almost-every-category/#ftag=RSSbaffb68
MALICIOUS DOCUMENTS FOR RED TEAMS
https://www.brucon.org/2019/brucon-2019-training/malicious-documents-for-red-teams/
12 dark secrets of cloud security
https://www.cio.com/article/3409062/12-dark-secrets-of-cloud-security.html
Blind SQL Bitshifting : A Blind SQL Injection Module That Uses Bitshfting To Calculate Characters
https://kalilinuxtutorials.com/blind-sql-bitshifting/
Tomcat CGIServlet enableCmdLineArguments遠程代碼執行_CVE-2019-0232漏洞復現
https://www.cnblogs.com/yuzly/p/11202398.html
Analysis of an Atlassian Crowd RCE - CVE-2019-11580
https://www.corben.io/atlassian-crowd-rce/
r35tart/Penetration_Testing_Case
https://github.com/r35tart/Penetration_Testing_Case
googleprojectzero/p0tools
https://github.com/googleprojectzero/p0tools
BackBox Linux 6.0 – Ubuntu-Based Linux Distribution Penetration Test & Security Assessment
https://kalilinuxtutorials.com/backbox-linux-penetration-security/
RedGhost : Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence,
Reconnaissance & Leaving No Trace
https://kalilinuxtutorials.com/redghost-linux-post-exploitation-framework/
Advanced Blind XSS Payloads
https://ardern.io/2019/06/20/payload-bxss/
MITM on all HTTPS traffic in Kazakhstan
https://bugzilla.mozilla.org/show_bug.cgi?id=1567114
Local Privilege Escalation on Dell machines running Windows
https://d4stiny.github.io/Local-Privilege-Escalation-on-most-Dell-computers/
googleprojectzero/p0tools
https://github.com/googleprojectzero/p0tools
Android Malware Analysis : Dissecting Hydra Dropper
https://pentest.blog/android-malware-analysis-dissecting-hydra-dropper/
Agent Smith: A New Species of Mobile Malware
https://research.checkpoint.com/agent-smith-a-new-species-of-mobile-malware/
Advanced Frida Witchcraft: Turning an Android Application into
http://bit.ly/2NFXIIk
StrongPity APT Returns with Retooled Spyware
https://threatpost.com/strongpity-apt-retooled-spyware/146503/
windows_memory_forensics_detecting_unintentionally_hidden_injected_code_by_examining_page_table_entries
http://bit.ly/30JTnFW
Return_of_FAIFA_and_HomePlugPWN-dudek.pdf
https://www.synacktiv.com/ressources/leHack2019-Return_of_FAIFA_and_HomePlugPWN-dudek.pdf
MINDSHARE: AUTOMATED BUG HUNTING BY MODELING VULNERABLE CODE
https://www.zerodayinitiative.com/blog/2019/7/16/mindshare-automated-bug-hunting-by-modeling-vulnerable-code
CVE-2018-6924: FreeBSD ELF Header Parsing Kernel Memory Disclosure
http://blog.quarkslab.com/cve-2018-6924-freebsd-elf-header-parsing-kernel-memory-disclosure.html
Ruby gem strong_password found to contain remote code execution code in a malicious version, further strengthening worries of growth
in supply-chain attacks
http://bit.ly/2xUSNss
cfltools: logfile analysis tool for cyberforensics investigators
https://securityonline.info/cftools-logfile-analysis-tool/
A logfile analysis tool for cyberforensics investigators
https://github.com/bradley-evans/cfltools
opencti: Open Cyber Threat Intelligence Platform
https://securityonline.info/opencti/
Deriving intelligence from LNK files
https://bitofhex.com/2019/07/15/deriving-intelligence-from-lnk-files
A Tale of Two (APT) Transports
https://cfl.re/2M05Qks
everdox/InfinityHook
https://github.com/everdox/InfinityHook
Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra
https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html
4 Practical Steps for ‘Shift Left’ Security
https://blog.paloaltonetworks.com/2019/07/4-practical-steps-shift-left-security/
BlueKeep - Technical Analysis (Potential Path For Exploitation)
https://www.exploit-db.com/docs/47156
Bypassing Web Application Firewalls with HTTP Parameter Pollution
https://www.exploit-db.com/docs/47082
F.商業
Check Point全新安全分析解決方案讓雲端威脅無所遁形
https://www.techbang.com/posts/71648-check-points-new-security-analytics-solution-leaves-cloud-threats-at-risk
Check Point CPX Taiwan:台灣是受網路攻擊重災區、Office 365 成常見目標
http://bit.ly/32Rhep5
挖礦勒索病毒肆虐 關貿網路分析駭客隱匿蹤跡新手法
https://money.udn.com/money/story/5635/3939962
迅速掌控及反制全球網路攻擊 Anomali首度在台發佈新世代全方位的威脅平台
http://www.taiwanhot.net/?p=730330
Anomali在台發表新世代全方位的威脅情資平台迅速掌控及反制網路攻擊
http://bit.ly/2Y5byUT
IntSights彙整暗網與內部動態,打造企業專屬威脅情報
https://www.ithome.com.tw/review/131827
關貿網路護資安 駭客現蹤
http://bit.ly/2MdzZwQ
【Chrome插件】3招防email帳號、密碼外洩 臨時資料註冊好方便
http://bit.ly/2Ye58Xn
MDR委外偵搜 阻敵於未遂
https://www.netadmin.com.tw/netadmin/zh-tw/feature/D39807B64D8B4D908392AEDA17054740
關貿網路打造SecureVan資安服務平台
http://bit.ly/2Z0AyxO
Windows 7終止支援倒數6個月 你準備好了嗎
http://bit.ly/2Z44Xv7
台灣部隊,靠「駭客學」挺進世界杯
https://technews.tw/2019/07/22/taiwan-hacker-information-security/
Check Point CPX Taiwan:台灣是受網路攻擊重災區、Office 365 成常見目標
https://assets.inside.com.tw/article/16995-check-point-cpx-taiwan
趨勢利用AWS Transit Gateway提供網路資安防護
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000564202_DL51QGC91PX6FK1N7VSE2
研華 參與華電網私募
https://udn.com/news/story/7253/3946800
開源資料庫MongoDB終於來臺設立據點,首要擴大金融和製造業的滲透率
https://www.ithome.com.tw/news/132009
研華參與華電聯網私募 實現IoT智慧城市共創戰略
https://money.udn.com/money/story/5710/3947417
X-FORT全面掌握指令軌跡記錄 完整守護研發智慧財產
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000564414_4FP3B8PG2M0OPI3RD2EC0
Openfind通過資訊安全能量登錄並列入資安產品服務地圖
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000563821_1pi9glqc1fm3932qo0f3s
建立弱點防禦機制 避免惡意程式輕易擊潰ICS
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000564820_7po9dlbo1zyw7s1vfyrhe
精誠助台商 跨境營運不中斷
http://bit.ly/2Yiywb0
資安防護金三角 勤業眾信:打造企業數位韌性
https://www.chinatimes.com/realtimenews/20190725002960-260410?chdtv
制止網路攻擊!Google 下手修改 Chrome 擴充外掛使用規範
https://3c.ltn.com.tw/news/37496
【延伸更多網路安全防護機制,提供較完善的售後服務】先睹為快!剖析防毒業者整合的VPN服務
https://ithome.com.tw/news/131968
Microsoft to Improve Office 365 Malicious Email Analysis
https://www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-malicious-email-analysis/
Mozilla Firefox Tor Mode Likely to Start as a Browser Addon
https://www.bleepingcomputer.com/news/security/mozilla-firefox-tor-mode-likely-to-start-as-a-browser-addon/
Windows 10 setup: Which user account type should you choose
https://www.zdnet.com/article/windows-10-which-user-account-type-should-you-choose/#ftag=RSSbaffb68
G.政府
貿易戰助攻台灣資安產業!工研院:明年產值上看 550 億台幣
https://buzzorange.com/techorange/2019/07/19/us-china-trade-war-security-deveiopment-taiwan/
韓國瑜Line群組疑遭色情駭入 點進是激情影院
https://udn.com/news/story/7327/3940095
韓國瑜LINE帳號連結激情影院 市府:網址連結導向有誤
https://udn.com/news/story/7327/3940647
進口快遞4千多萬筆 實名認證僅4萬多人
https://udn.com/news/story/7240/3939641
華為.中興.海康威視都是公務禁購黑名單 小小監視器早成台灣資安漏洞中國正在監視著
http://tw.ttvppsa.com/post/81654/
「中國天網」入侵台中 海康威視監視器拆了
https://news.ltn.com.tw/news/politics/breakingnews/2857774
市議員要求台中市政府展開資安總體檢,名列黑名單會危害台中市資訊安全的產品,一個都不能留
http://www.da-lei.com.tw/?p=14909
中國監控維族人利器 海康威視「天網」現蹤台中、高雄
https://www.upmedia.mg/news_info.php?SerialNo=67654
不只進駐台中,中國海康威視「天網」早已籠罩台灣
https://opinion.udn.com/opinion/story/120611/3943570
「海康威視」不只台中有 黃捷爆高雄議會也用
http://bit.ly/32HMGpN
高市議員服務處採大陸監視器 時力憂心
https://news.tvbs.com.tw/politics/1169183
政院資安演習 模擬駭客電郵攻擊
https://news.ltn.com.tw/news/politics/paper/1304821
陸軍:女兵營內違規自拍 依資安規定檢討議處
https://www.ydn.com.tw/News/345163
台盧(森堡)經濟合作會議聚焦數位金融與資訊安全,共同拓展金融科技合作契機
https://news.sina.com.tw/article/20190721/32042634.html
國安人員走私免稅菸蔡英文震怒 府:吳員調離現職
https://udn.com/news/story/6656/3944187
桃市與調查局跨機關 提升網路犯罪偵查鑑識力
http://www.epochtimes.com/b5/19/7/23/n11403334.htm
桃市資訊局、調查處合作 架起資安防護網
https://udn.com/news/story/11322/3947005
落實資安即國安防護水準 桃市府與桃市調處簽署資安合作備忘錄
http://bit.ly/2XYfFGQ
打擊資安威脅 資技局與市調處攜手
https://taiwan-reports.com/archives/403522
危害國家資安產品清單兩週內可望出爐 每半年檢討
https://money.udn.com/money/story/7307/3946316
行政院:資安產品黑名單最快兩周內完成審查
https://money.udn.com/money/story/7307/3946298
行政院:禁用資安產品清單兩週內出爐
https://www.ydn.com.tw/News/345409
資通禁購黑名單 每半年檢討一次
https://ec.ltn.com.tw/article/paper/1305548
行政院:資安產品黑名單最快兩周內完成審查
http://photo.udn.com/money/story/7307/3946298
拿大華產品貼牌 業者澄清:台灣組裝生產
https://news.ltn.com.tw/news/politics/breakingnews/2864990
被偷天換日裝了中國監視設備?合庫:違反合約將不驗收
https://m.ltn.com.tw/news/politics/breakingnews/2864554
金管會洗防RBA巡迴說明會 民眾最關心7大問題
https://www.chinatimes.com/realtimenews/20190723004185-260410?chdtv
高雄iBus公車APP資安再進化
http://www.5ch.com.tw/news.php?act=view&id=67971
李副總長主持中部網安講習 勉落實資安管控
https://news.pchome.com.tw/politics/mna/20190724/photo-56396150096930230001.html
點線面分層負責 落實資安防護
http://bit.ly/2GsUSjX
金管會STO發布正式規範 第一屆台灣區塊鏈週看趨勢
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=45&id=0000565014_JXULEG6E2Z6QUN3A7A0KI
台印科技合作會議新德里召開 談資安大數據等
https://www.cna.com.tw/news/ait/201907250343.aspx
國防大學召開資安長會議 提升警覺與作業紀律
http://bit.ly/2Zd0JkS
H.ICS/SCADA 工控系統
schneider-electric -- proclima
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-6823
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-6824
Siemens Contractor Pleads Guilty to Planting 'Logic Bomb' in Spreadsheets
https://thehackernews.com/2019/07/siemens-logic-bomb.html
強化工控安全 消弭智慧製造後顧之憂
https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=10&id=0000564265_KNA37GQ35TYQY261ZTSZ1
結合設備網通資安、管理系統支援服務 消弭五大OT威脅
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=10&id=0000564685_LA17VRP37PB7HC677ST3Z
I.教育訓練
推薦Python初學者的好用工具:Google Colab
https://www.bnext.com.tw/article/52618/recommand-to-programming-language-learner-python-google-colab
DevSecOps - CI/CD 如何加入資安
https://secview.io/posts/9-ci-cd/
Email Forensics
https://netseedblog.com/security/email-forensics/
Learn Ethical Hacking From Scratch — 2019 Training Bundle
https://thehackernews.com/2019/02/ethical-hacker-training.html
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
【公告】資安標章技術診斷及輔導專家團隊
https://www.taics.org.tw/AnnouncementArticle.aspx?AnnouncementID=16
汽車網路安全防護服務確保汽車安全
https://www.eettaiwan.com/news/article/20190723NP01
人工智慧監控軟體協助強化企業網路安全防禦機制
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000563552_TRD40R2A61UO5O1KVO4E3
Unexplainability and Incomprehensibility of Artificial Intelligence
https://medium.com/@romanyam/unexplainability-and-incomprehensibility-of-artificial-intelligence-6c2a4a609dfb
6.近期資安活動及研討會
 HITCON HackDoor 駭入辦公室 7/2 ~ 9/28
 https://www.accupass.com/event/1906050355291064968019
 新加坡資安市場解密講座: 台灣資安浴血東南亞叢林戰鬥之起點-獅城站​  7/26
 https://ievents.iii.org.tw/eventS.aspx?t=0&id=547
 2019扭轉資安營運研討會  7/26
 https://www.netfos.com.tw/event/2019event/20190726netfos/20190726-NETFOS-seminar-reg.html
 CDX2.0推廣活動 - 台南場次  7/26
 https://nchc-cdx.kktix.cc/events/cdxactivity-0726
 Agile Hsinchu 七月聚會: 當領域驅動上了雲 7/27
 https://agilecommtw.kktix.cc/events/dddcloud
 區塊客研究室|錢包與託管機制技術小聚 Technical Camp  7/31
 https://www.facebook.com/events/2335446643210009/
 【社群】8/1(四) RASPBERRY PI + ROS,實現無人自駕
 https://ctsphub.tw/20190801_robotnight/
 The Virus Bulletin Conference 2019 8/1
 https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/
 HackingThursday 固定聚會 8/1
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbcb/
 資安事件調查實務(上)  8/2
 https://tp2rc.tanet.edu.tw/node/306?fbclid=IwAR11YQmw-28fOA6LUrsNiFKd7ccaAiMa5cZsYf22iRfTUR5LPYXwjqZNo2I
 【CIT週末玩程式】- (8月)認識電腦與程式邏輯訓練(I) 8/3
 https://www.meetup.com/Women-Who-Code-Taipei/events/jtcjfryzlbfb/
 Python 基礎工作坊@TMU 8/6
 https://www.meetup.com/Women-Who-Code-Taipei/events/mfnfcryzlbjb/
 FileMaker Taipei  8/6
 https://www.meetup.com/Taipei-FileMaker-Meetup/events/wqfqwpyzlbjb/
 資安事故處理實務課程 8/7 ~ 8/8
 http://bit.ly/2VW0Lv9
 Android Code Club(Taipei) 8/7
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbkb/
 HackingThursday 固定聚會 8/8
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlblb/
 DEF CON 27  2019/8/8–8/11
 https://www.defcon.org/
 大數據軟體開發平台與AI(人工智慧)開發應用案例 8/9
 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3805&from_course_list_url=homepage
 Android Code Club(Taipei)  8/14
 https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bsctnqyzlbsb/
 數位鑑識處理實務 8/14 ~ 8/15
 http://bit.ly/2VW0Lv9
 HackingThursday 固定聚會 8/15
 https://www.meetup.com/hackingthursday/events/vkhnnqyzlbtb/
 108 年度臺灣學術網路危機處理中心資安巡迴研討會 -資安趨勢暨網路安全概要  8/19 ~ 8/27
 http://www.hssh.tp.edu.tw/ezfiles/1/1001/attach/42/pta_17520_7551835_06329.pdf
 台灣駭客年會 HITCON Summer Training 2019 - 學生報名  2019-08-19 ~ 2019-08-22
 https://www.accupass.com/event/1906050919271598677460
 ᅵYahoo奇摩電商專題講座ᅵ 我們與詐騙的距離_電商不可承受的資安之重  8/21
 https://www.accupass.com/event/1906120307261445013215
 WEB應用滲透測試 8/21 ~ 8/23
 https://www.accupass.com/event/1904080221358963463590
 Thinking Thursday 第三場 8/22
 https://www.meetup.com/Thinking-Thursday/events/lrqddryzlbdc/
 台灣駭客年會 HITCON Community 2019  2019-08-23(五) 09:00 ~ 2019-08-24(六) 17:00 (GMT+8)
 https://www.accupass.com/event/1906040921594609934250
 NISRA Enlightened 2019 2019/08/26 ~ 2019/08/29
 https://nisra.kktix.cc/events/2019enlightened
 數位政府高峰會 2019  8/28
 https://egov.ithome.com.tw/
 ModernWeb 19  8/28 ~ 8/29
 https://modernweb.tw/
 資安法規與制度研析課程-108年度「資安人才培訓及國際推展計畫-資安專業人才培育深化課程」  8/29 ~ 8/30
 http://www.cisanet.org.tw/News/activity_more?id=MTQzMw==
 108年資安職能訓練-行動裝置安全(8/29-8/30)
 https://cee.ksu.edu.tw/recruitinfo/1443.html
 2019 NGO 資安種子講師訓練 8/29
 https://ocftw.kktix.cc/events/cscs2019tot
 交通大學亥克書院-B022:基礎網頁安全與滲透測試<新竹場次> 9/7
 https://hackercollege.nctu.edu.tw/?p=1079
 資訊安全管理系統-基礎課程(免費!)9/8
 https://www.accupass.com/event/1907160853513957042270
 【AWS資安】Security Engineering on AWS​高級課程 9/9 ~ 9/11
 https://www.accupass.com/event/1905150854571147685105
 CDX2.0推廣活動 - 台北場次 9/10
 https://nchc-cdx.kktix.cc/events/cdxactivity-0910
 Kubernetes Summit 9/11
 https://summit.ithome.com.tw/kubernetes/
 資策會開辦「認證系統安全從業人員 SSCP 輔導班」2019/9/21
 https://ithome.com.tw/pr/131772
 交通大學亥克書院-A011:入侵行為發覺與應變指南 9/21
 https://hackercollege.nctu.edu.tw/?p=1082
 資訊安全管理系統-進階課程(免費!)9/21
 https://www.accupass.com/event/1907160908138705889800
 TANET 2019 - 臺灣網際網路研討會  9/25
 https://www.twcert.org.tw/subpages/securityInfo/securityactivity_details.aspx?id=310
 交通大學亥克書院-B022:基礎網頁安全與滲透測試 9/28
 https://hackercollege.nctu.edu.tw/?p=1084
 HITB+ CYBER WEEK 2019/10/12 ~17
 https://d2p.hitb.org/
 交通大學亥克書院-A006:數位足跡追蹤與分析 10/19
 https://hackercollege.nctu.edu.tw/?p=1088
 Splunk .conf 19  10/21 ~ 10/24
 https://conf.splunk.com/
  AIoT智能物聯網開發人才就業養成班[免費諮詢]  10/22
 https://ittraining.kktix.cc/events/aiot-training-2019
 Industrial Control Systems (ICS) Cyber Security Conference  USA   October 21 – 24, 2019
 https://www.icscybersecurityconference.com
 交通大學亥克書院-A015:進階網頁滲透測試 10/26
 https://hackercollege.nctu.edu.tw/?p=1090
 交通大學亥克書院-P006:高階網頁滲透測試 11/16
 https://hackercollege.nctu.edu.tw/?p=1092
 交通大學亥克書院-B015:惡意程式檢測 11/30
 https://hackercollege.nctu.edu.tw/?p=1098
 交通大學亥克書院-A018:企業網域控管-Active Directory攻擊與防禦  12/14
 https://hackercollege.nctu.edu.tw/?p=1094
 Japan Security Analyst Conference
 https://jsac.jpcert.or.jp/

沒有留言:

張貼留言