資安事件新聞週報 2020/1/20 ~ 2020/1/24
1.重大弱點漏洞/後門/Exploit/Zero Day
Google Chrome新版本可防止Windows CryptoAPI驗證漏洞攻擊
https://www.ithome.com.tw/news/135418
Google Chrome Adds Protection for NSA's Windows CryptoAPI Flaw
https://www.bleepingcomputer.com/news/security/google-chrome-adds-protection-for-nsas-windows-cryptoapi-flaw/
Google Chrome 多個漏洞
https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html
瀏覽網頁更有隱私!Google預計兩年內慢慢淘汰Chrome第三方Cookie
https://n.yam.com/Article/20200117690204
盤點並分析 2019 年發現的 Chromium IPC 漏洞
https://www.chainnews.com/zh-hant/articles/918550449231.htm
Oracle Virtualization VM VirtualBox 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2698
甲骨文修補334個安全漏洞,Oracle MySQL亦有19個漏洞
https://www.insoler.com/forum/topic/15792446180636.htm
關於Oracle WebLogic多個安全漏洞的預警通知
http://zuits.zju.edu.cn/2020/0117/c7943a1957336/pagem.htm
WebLogic遠程代碼執行漏洞預警(CVE-2020-2551、CVE-2020-2546)
https://www.huaweicloud.com/notice/2018/20200116115654037.html
HPE enhanced Internet Usage Manager 跨站脚本漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11997
HPE Superdome Flex Server 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11998
Adobe Releases First 2020 Patch Tuesday Software Updates
https://thehackernews.com/2020/01/adobe-software-updates.html
微軟Windows作業系統存在安全漏洞(CVE-2020-0601、CVE-2020-0609、CVE-2020-0610及CVE-2020-0611)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1114
弱點通告:微軟發佈01月份安全性公告,建議請儘速更新
https://support.microsoft.com/en-us/help/20200114/security-update-deployment-information-december-10-2019
支付寶安全實驗室發現Office高危漏洞獲微軟致謝
http://www.kaixian.tv/gd/2020/0121/244930.html
快升級避免資安風險!微軟預告 Office 2010 將終止支援
https://newtalk.tw/news/view/2020-01-17/355884
美國安局首公布企業漏洞!Windows出現系統瑕疵 微軟發布重大更新防駭
https://cnews.com.tw/137200120a04/
微軟準備修復IE9/10/11漏洞 可導致黑客獲取用戶許可權
https://news.sina.com.tw/article/20200119/34027796.html
鎖定微軟CVE-2020-0601漏洞的PoC攻擊程式在24小時內就出爐了
https://www.ithome.com.tw/news/135430
修補CVE-2020-0601 漏洞了嗎?別讓 Vulnera-Bullies 得逞,快用免費工具檢測
https://blog.trendmicro.com.tw/?p=63228
Win10高危漏洞遭黑產攻擊!騰訊安全緊急響應全面攔截
https://cloud.tencent.com/developer/article/1576280
Microsoft patches severe Windows flaw after tip‑off from NSA
https://www.welivesecurity.com/2020/01/15/microsoft-patches-severe-windows-vulnerability-tipoff-nsa/
Windows Vulnerability: Researchers Demonstrate Exploits
https://www.bankinfosecurity.com/windows-vulnerability-researchers-demonstrate-exploits-a-13614
Windows CryptoAPI exploit
https://twitter.com/saleemrash1d/status/1217495681230954506
Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA
https://thehackernews.com/2020/01/warning-quickly-patch-new-critical.html
Actively Exploited IE 11 Zero-Day Bug Gets Temporary Patch
https://www.bleepingcomputer.com/news/security/actively-exploited-ie-11-zero-day-bug-gets-temporary-patch/
Micropatching a Workaround for CVE-2020-0674
https://blog.0patch.com/2020/01/micropatching-workaround-for-cve-2020.html
This Week in Security News: The First Patch Tuesday Update of 2020 and Pwn2Own Vancouver Announced
https://newsroom.trendmicro.com/blog/simply-security/week-security-news-first-patch-tuesday-update-2020-and-pwn2own-vancouver-announ
Don’t Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601
https://newsroom.trendmicro.com/blog/simply-security/dont-let-vulnera-bullies-win-use-our-free-tool-see-if-you-are-patched-against-v
Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks
https://thehackernews.com/2020/01/internet-explorer-zero-day-attack.html
Microsoft warns about Internet Explorer zero-day, but no patch yet
https://www.zdnet.com/article/microsoft-warns-about-internet-explorer-zero-day-but-no-patch-yet/#ftag=RSSbaffb68
Microsoft fixes critical bugs in CryptoAPI, RD Gateway and .NET
https://nakedsecurity.sophos.com/2020/01/15/microsoft-fixes-critical-bugs-in-cryptoapi-rd-gateway-and-net/
Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks
https://thehackernews.com/2020/01/internet-explorer-zero-day-attack.html
Microsoft Zero-Day Actively Exploited, Patch Forthcoming
https://threatpost.com/microsoft-zero-day-actively-exploited-patch/152018/
Windows 7 Begins to Show Full Screen Windows 10 Upgrade Alerts
https://www.bleepingcomputer.com/news/microsoft/windows-7-begins-to-show-full-screen-windows-10-upgrade-alerts/
美國國家安全局發佈公告,建議Windows相關用戶立即更新突破,以修復重大突破
https://www.twcert.org.tw/tw/cp-104-3243-ef588-1.html
Internet Explorer 又被發現漏洞讓駭客可直接遠端執行惡意程式,但這次微軟不打算立刻修復
https://www.techbang.com/posts/75801-internet-explorer-security-flaw
Citrix釋出官方的CVE-2019-19781漏洞掃描工具
https://www.ithome.com.tw/news/135512
Critical Vulnerabilities in Microsoft Windows Operating System
https://www.csa.gov.sg/singcert/advisories/advisory-on-critical-vulnerabilities-in-microsoft-windows-operating-system
Citrix閘道系統重大漏洞已出現攻擊程式,修補程式還在路上
https://www.ithome.com.tw/news/135461
Citrix rolls out patches for critical ADC vulnerability exploited in the wild
https://www.zdnet.com/article/citrix-rolls-out-patches-for-critical-adc-vulnerabilities-being-exploited-in-the-wild/#ftag=RSSbaffb68
Citrix交付控制器和網關存在嚴重漏洞 影響全球超過80000家企業
https://blog.cocook.cn/archives/125284/
Citrix Application Delivery Controller 嚴重漏洞(CVE-2019-19781)警報
https://www.hkcert.org/my_url/zh/blog/20011702
Citrix rolls out patches for critical ADC vulnerability exploited in the wild
https://www.zdnet.com/article/citrix-rolls-out-patches-for-critical-adc-vulnerabilities-being-exploited-in-the-wild/#ftag=RSSbaffb68
Citrix Releases First Patches to Fix Severe Vulnerability
https://www.bankinfosecurity.com/citrix-releases-first-patches-to-fix-severe-vulnerability-a-13627
Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack
https://thehackernews.com/2020/01/citrix-adc-patch-update.html
Citrix Accelerates Patch Rollout For Critical RCE Flaw
https://threatpost.com/citrix-patch-rollout-critical-rce-flaw/152041/
Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack
https://thehackernews.com/2020/01/citrix-adc-patch-update.html
A hacker is patching Citrix servers to maintain exclusive access
https://www.zdnet.com/article/a-hacker-is-patching-citrix-servers-to-maintain-exclusive-access/#ftag=RSSbaffb68
席捲全球158國的Citrix高危漏洞正被利用,有黑客組織安置“獨家”後門
https://www.anquanke.com/post/id/197487
Dutch Govt Suggests Turning Off Citrix ADC Devices, Mitigations May Fail
https://www.bleepingcomputer.com/news/security/dutch-govt-suggests-turning-off-citrix-adc-devices-mitigations-may-fail/
UPDATE: Schakel Citrix-systemen uit waar dat kan of tref aanvullende maatregelen
https://www.ncsc.nl/actueel/nieuws/2020/januari/16/door-citrix-geadviseerde-mitigerende-maatregelen-niet-altijd-effectief
美國陸軍漏洞懸賞項目共發放27.5萬美元的賞金
https://nosec.org/home/detail/4006.html
WordPress plugin vulnerability can be exploited for total website takeover
https://www.zdnet.com/article/wordpress-plugin-vulnerability-can-be-exploited-for-full-website-hijacking/#ftag=RSSbaffb68
Cisco NX-OS Software輸入驗證錯誤漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1968
Sophos XG firewall Admin Portal SQL注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16116
D-Link DIR-823G命令注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15528
Vulnerability Spotlight: Bitdefender BOX 2 bootstrap remote code execution vulnerabilities
https://blog.talosintelligence.com/2020/01/vuln-spotlight-bitdefender-box-rce-jan-2020.html
SMC Networks SMC D3G0804W 跨站脚本漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7249
NetApp Clustered Data ONTAP 9.2 漏洞
http://iknow.lenovo.com/detail/dc_186943.html
Vulnerability Spotlight: Multiple vulnerabilities in some AMD graphics cards
https://blog.talosintelligence.com/2020/01/vuln-spotlight-AMD-VM-jan-2020.html
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
6家銀行迅速回應App隱私政策違規金融科技專家提6條措施補“漏洞”
https://tech.sina.com.cn/roll/2020-01-18/doc-iihnzhha3187132.shtml
Open API & Open Banking成話題 英、澳、日、星經驗分享
https://money.udn.com/money/story/5613/4294503
黑天鵝難測16金控海外風險管理列金檢
https://gb.udn.com/gb/udn.com/news/story/7239/4297316
春節期間金融服務不打烊 金管會下令銀行採取五措施
https://udn.com/news/story/7239/4302023
春節連假倒數,金管會:金融、保戶服務不打烊
https://www.chinatimes.com/realtimenews/20200122002796-260410?chdtv
春節使用ATM,財金公司5提醒
http://bit.ly/2vcDRrE
Windows 7 自動櫃員機再現 網友笑指 Windows XP ATM 仍然存在
http://bit.ly/2G9fuxj
學者:應考慮將金融穩定發展委員會變更為監管機構
https://news.sina.com.tw/article/20200123/34064564.html
Travelex遭駭客攻擊
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16343
Heightened Cybersecurity Risk Considerations
https://www.fdic.gov/news/news/financial/2020/fil20003.html
https://www.fdic.gov/news/news/financial/2020/fil20003a.pdf
Visa's plan against Magecart attacks: Devalue and disrupt
https://www.zdnet.com/article/visas-plan-against-magecart-attacks-devalue-and-disrupt/#ftag=RSSbaffb68
Cyberattack on a Major Bank Would Have Ripple Effect: Study
https://www.bankinfosecurity.com/cyberattack-on-major-bank-would-have-ripple-effect-study-a-13620
Aussie Bank Says Server Upgrade Led to Data Breach
https://www.bankinfosecurity.com/aussie-bank-says-server-upgrade-led-to-data-breach-a-13617
Money laundering: This startup thinks its tech can prevent another banking scandal
https://www.zdnet.com/article/money-laundering-this-startup-thinks-its-tech-can-prevent-another-banking-scandal/#ftag=RSSbaffb68
Swedish Open Banking Startup Tink Closes €90M Funding Deal
https://www.pymnts.com/news/fintech-investments/2020/swedish-open-banking-startup-tink-closes-e90m-funding-deal/
MAS alerts financial institutions to vulnerability in Microsoft Windows Operating System
https://www.mas.gov.sg/news/media-releases/2020/mas-alerts-financial-institutions-to-vulnerability-in-microsoft-windows-operating-system
Zen Cart “PayPal” Skimmer
https://blog.sucuri.net/2020/01/zen-cart-paypal-skimmer.html
Travelex Ransom Demand Is Doubled
https://www.cybersecurityintelligence.com/blog/travelex-ransom-demand-is-doubled-4743.html
Bank of Ireland warn customers to be wary of scam text doing the rounds
https://www.rsvplive.ie/news/irish-news/bank-ireland-warn-customers-wary-21329153
3.電子支付/電子票證/行動支付/ pay/新聞及資安
全聯、中油、101 都推 Pay!行動支付品牌暴增,分析師點出致勝 3 關鍵
https://www.managertoday.com.tw/articles/view/59120
港版支付寶可在廣州搭車 自動兌換港幣結算
http://bit.ly/2TDSAWK
4.虛擬貨幣/區塊鍊相關新聞及資安
曾經有一個漏洞,造出了1800多億個比特幣
https://kknews.cc/tech/8gjpzjq.html
虛擬貨幣規範上路 KPMG:法治化領先國際
https://udn.com/news/story/7239/4292296
STO納入證券監管規範上路 會計師提醒投資人留意三大面向
https://news.cnyes.com/news/id/4435067
金管會與櫃買中心納管證券型代幣交易!一分鐘看懂STO新制五個重點
https://news.knowing.asia/news/cb0e6fc1-c40b-4543-a831-45dc8d09f4fd
金管會 2020 首個「虛擬通貨」發行規範函令:3,000 萬以下STO 需付公開說明書 編制年報
https://www.blocktempo.com/fsc-2020-first-orders-3000/
幣安現在允許直接在其平台上添加Visa信用卡以購買包括XRP在內的加密貨幣
http://bit.ly/36e28dK
Facebook再流失創始成員 Vodafone退出Libra加密貨幣組織
http://bit.ly/2RidclQ
櫃買發布STO管理法規 PwC提醒應留意洗防、資安及風險揭露等事項
https://www.pwc.tw/zh/news/press-release/press-20200122.html
UK's HMRC tax authority seeks tools to track down cryptocurrency criminals
https://www.zdnet.com/article/uk-hmrc-tax-authority-seeks-tools-to-track-down-cryptocurrency-criminals/#ftag=RSSbaffb68
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
億萬用戶仍可遭病毒攻擊 Windows7"退休"後該怎麼辦
http://bit.ly/2RBinMD
14日起終止支緣…死守Windows 7 遇病毒沒防護
http://bit.ly/2NHrtpX
360曝Win7漏洞威脅 可被植入勒索病毒甚至被監聽
https://news.sina.com.tw/article/20200118/34024546.html
Sodinokibi 勒索病毒在年終活動加劇,攻擊了機場及其他企業
https://blog.trendmicro.com.tw/?p=63152
勒索病毒攻擊漸趨白熱化
http://bit.ly/2G2E9DF
Android 惡意木馬 App 能切斷 Google Play 保護措施,並偽造用戶評價
https://www.twcert.org.tw/tw/cp-104-3257-35dde-1.html
盜賊無信用 電腦中勒索病毒 付贖金恐兩頭空
https://www.cna.com.tw/news/ait/202001230162.aspx
Windows EFS可被用來實作勒索軟體,防毒軟體偵測不到
https://www.ithome.com.tw/news/135488
WTF, EFS? Experts warn Windows encryption could spawn nasty new ransomware
https://www.theregister.co.uk/2020/01/21/efs_ransomware_poc/
EFS Ransomware
https://safebreach.com/Post/EFS-Ransomware
TrickBot Now Uses a Windows 10 UAC Bypass to Evade Detection
https://www.bleepingcomputer.com/news/security/trickbot-now-uses-a-windows-10-uac-bypass-to-evade-detection/
Emotet Returns After Holiday Break with Major Campaigns
https://www.proofpoint.com/us/corporate-blog/post/emotet-returns-after-holiday-break-major-campaigns
Increased Emotet Malware Activity
https://www.us-cert.gov/ncas/current-activity/2020/01/22/increased-emotet-malware-activity
Alert (TA18-201A) Emotet Malware
https://www.us-cert.gov/ncas/alerts/TA18-201A
JhoneRAT exploits cloud services to attack Middle Eastern countries
https://www.zdnet.com/article/jhonerat-exploits-microsoft-office-cloud-services-to-attack-middle-eastern-countries/#ftag=RSSbaffb68
Beware of Microsoft Windows Malware, Warns Singapore Regulators
https://upnewsinfo.com/2020/01/20/beware-of-microsoft-windows-malware-warns-singapore-regulators/
Increase in Emotet Spam Observed, Blocked by Symantec
https://www.symantec.com/blogs/threat-intelligence/increase-emotet-spam-observed-blocked-symantec
Breaking: Mobile Banking Trojan Draining Users’ Accts – Expert Commentary
https://www.informationsecuritybuzz.com/expert-comments/breaking-mobile-banking-trojan-draining-users-accts-expert-commentary/
Defend Yourself Now and in the Future Against Mobile Malware
https://newsroom.trendmicro.com/blog/simply-security/defend-yourself-now-and-future-against-mobile-malware
New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users
https://securityintelligence.com/posts/new-netwire-rat-campaigns-use-img-attachments-to-deliver-malware-targeting-enterprise-users/
New paper: Behind the scenes of GandCrab's operation
https://www.virusbulletin.com/blog/2020/01/new-paper-behind-scenes-gandcrabs-operation/
Antivirus vendors push fixes for EFS ransomware attack method
https://www.zdnet.com/article/antivirus-vendors-scramble-to-fix-new-efs-ransomware-attack/#ftag=RSSbaffb68
BitPyLock Ransomware Now Threatens to Publish Stolen Data
https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
新版FTCode勒索軟體添增憑證竊取功能
https://www.ithome.com.tw/news/135475
FTCode Ransomware Now Steals Saved Login Credentials
https://www.bleepingcomputer.com/news/security/ftcode-ransomware-now-steals-saved-login-credentials/
FTCODE Ransomware — New Version Includes Stealing Capabilities
https://www.zscaler.com/blogs/research/ftcode-ransomware--new-version-includes-stealing-capabilities
FTCODE ransomware is now armed with browser, email password stealing features
https://www.zdnet.com/article/ftcode-ransomware-is-now-armed-with-browser-email-password-stealing-features/#ftag=RSSbaffb68
Fileless ransomware FTCODE now steals credentials
http://blog.ptsecurity.com/2020/01/fileless-ransomware-ftcode-now-steals.html
FTCODE Ransomware — New Version Includes Stealing Capabilities
https://www.zscaler.com/blogs/research/ftcode-ransomware--new-version-includes-stealing-capabilities
Updated FTCODE Ransomware Now Steals Credentials, Passwords
https://www.bankinfosecurity.com/updated-ftcode-ransomware-now-steals-credentials-passwords-a-13638
Malicious JavaScript Used in WP Site/Home URL Redirects
https://blog.sucuri.net/2020/01/malicious-javascript-used-in-wp-site-home-url-redirects.html
Breaking down a two-year run of Vivin’s cryptominers
https://blog.talosintelligence.com/2020/01/vivin-cryptomining-campaigns.html
Maryland Considers Criminalizing Ransomware Possession
https://www.bankinfosecurity.com/maryland-considers-criminalizing-ransomware-possession-a-13632
sLoad launches version 2.0, Starslord
https://www.microsoft.com/security/blog/2020/01/21/sload-launches-version-2-0-starslord/
Ransomware attacks matured in 2019, report says
https://statescoop.com/ransomware-attacks-matured-2019-2020-crowdstrike-report/
Android Banking Trojans: History, Types, Modus Operandi
https://www.tripwire.com/state-of-security/security-data-protection/android-banking-trojans-history-types-modus-operandi/
【2020/1/21】ばらまき型攻撃メール(Emotet)に関する注意喚起
https://www.cc.uec.ac.jp/blogs/news/2020/01/20200121malwareemotet.html
sLoad Malware Revamped as Powerful ‘StarsLord’ Loader
https://threatpost.com/sload-malware-revamped-starslord-l-features/152084/
Emotet – Virus bancar – Prezent pe domenii din Romania
https://www.prodefence.ro/emotet-virus-bancar-prezent-pe-domenii-din-romania/
Shlayer Trojan attacks one in ten macOS users
https://securelist.com/shlayer-for-macos/95724/
B.行動安全 / iPhone / Android /穿戴裝置 /App
別當冤大頭!軟體試用期一過自動扣款 惡意程式利用漏洞詐取高額訂閱金
https://times.hinet.net/news/22743748
歐洲擬要求統一充電插頭 蘋果公司或棄用Lightning接口
http://bit.ly/368nxFc
韓媒爆另有一線男星手機遭入侵洩密 李秉憲中槍
http://bit.ly/30JARyI
注意!三星Galaxy系列手機隱私堪憂 最好啟用2步驟驗證
https://news.ltn.com.tw/news/world/breakingnews/3045049
出浴畫面瘋傳 正妹復出示範手機放胸口
https://times.hinet.net/news/22744484
企業5G裝置普及需時 專家:WiFi將與5G共存
http://bit.ly/2RyWTQn
Google 公布 iOS 12.4 漏洞詳情,駭客可遠端控制 iPhone
https://lihkg.com/thread/1828648/page/1
WhatsApp香港在內多個地區「死機」 未能發送圖像視頻
http://bit.ly/2Rz9eUB
Google纏鬥詐騙「小丑」三年!刪1700萬次檔不住 想自保先做這些步驟
https://times.hinet.net/news/22747640
研究:美國電信業者放任SIM卡交換攻擊
https://www.ithome.com.tw/news/135459
蘋果受FBI壓力影響?曾考慮採用iCloud點對點加密手機備份計畫
https://mrmad.com.tw/apple-encrypting-backups-after-fbi-complained
專家:短時間大量資料被上傳 肯定被入侵
http://bit.ly/2Ge41fO
Google揭露蘋果Safari追蹤防護工具的多個安全及隱私漏洞
https://times.hinet.net/news/22752959
美國司法部文件聲稱 FBI 近期已成功破解 iPhone 11
http://bit.ly/3aE3YI7
一則病毒影片 讓全球首富難保資安… 手機隱私現隱憂
http://bit.ly/2uwnSEd
WhatsApp傳資安疑慮 聯合國官員不使用
https://taronews.tw/2020/01/24/594469/
Use iPhone as Physical Security Key to Protect Your Google Accounts
https://thehackernews.com/2020/01/google-iphone-security-key.html
You can now turn your iPhone into a Google security key
https://www.welivesecurity.com/2020/01/16/you-can-now-turn-iphone-security-key/
Tips Hindari Modus SIM Swap yang Bisa Bobol Rekening Bank dan Medsos
https://www.senayanpost.com/tips-hindari-modus-sim-swap-yang-bisa-bobol-rekening-bank-dan-medsos/
14% of Android app privacy policies contain contradictions about data collection
https://www.zdnet.com/article/14-of-android-app-privacy-policies-contain-contradictions-about-data-collection/
C.事件 / 駭客 / DDOS / APT / 雲端/暗網/徵才 / 國際資安事件
十年資安教訓
https://www.ithome.com.tw/voice/135438
2020年全球網路資安管理趨勢
https://www.taiwanservices.com.tw/internet/zh/procurementInfoDetail.aspx?item=17376&cat=4&U=1
我們還需要另一個資安標準嗎? -從NIST CSF思考數位韌性
https://www.chinatimes.com/newspapers/20200121000279-260210?chdtv
2020年資安趨勢:居家門上鎖、盜錄勒索、偷窺軟體變主流
https://ec.ltn.com.tw/article/breakingnews/3046781
長亭出席阿里白帽大會, 探討漏洞挖掘進化論
https://www.chainnews.com/zh-hant/articles/085715782217.htm
暗網潛航——黑客術概覽(一):庖丁解牛
http://bit.ly/3azjlS9
暗網潛航——黑客術概覽(二):批亢搗虛
http://bit.ly/2TOTD69
惡意篡改後台數據6名“黑客”竊取話費被公訴
http://www.hxnews.com/news/fj/fz/202001/22/1854521.shtml
綽號「蜘蛛人」的駭客,一個人搞癱了賴比瑞亞整個國家的網路
https://www.techbang.com/posts/75572-nicknamed-spider-man-hacker-a-man-who-paralysed-a-national-network-above
因擁有《華盛頓郵報》,亞馬遜貝佐斯手機遭到沙國王儲沙爾曼發動的網路攻擊
https://technews.tw/2020/01/22/jeff-bezos-phone-was-reportedly-hacked-by-saudi-crown-prince-mohammed-bin-salman-in-2018/
裸照事件傳「沙國王儲也有份」! 貝佐斯揭駭客入侵手段:一則惡意影片
https://www.ettoday.net/news/20200122/1630940.htm
貝佐斯手機資訊外洩!英媒爆駭客是沙國王儲
https://ec.ltn.com.tw/article/breakingnews/3047580
Google纏鬥詐騙「小丑」三年!刪1700萬次檔不住 想自保先做這些步驟
https://cnews.com.tw/137200120a03/
日本三菱電機疑遭陸駭客入侵 重要機密未外洩
https://www.cna.com.tw/news/firstnews/202001200048.aspx
日本三菱電機疑遭中國黑客入侵 國防信息或外泄
http://bit.ly/2ujpjpO
日本三菱電機遭多個駭侵團體同時大規模駭侵
https://www.twcert.org.tw/tw/cp-104-3276-f6a98-1.html
三菱電機遭網攻 傳中國駭客幹的
https://news.ltn.com.tw/news/world/paper/1347586
【独自】サイバー攻撃4集団 標的の分野・時期は様々
https://www.asahi.com/articles/photo/AS20200121004397.html
【独自】三菱電機、複数ハッカーが攻撃か ウイルスバスター欠陥悪用
https://headlines.yahoo.co.jp/hl?a=20200122-00000002-asahi-soci
Mitsubishi Electric Blames Anti-Virus Bug for Data Breach
https://www.bankinfosecurity.com/mitsubishi-electric-blames-anti-virus-bug-for-data-breach-a-13628
國土安全部長:中共「舉國」明暗嚴重威脅美國
http://bit.ly/2RA0ayS
解放軍網軍竊取以色列「鐵穹」參數 箭式3型飛彈也遭殃
https://www.ettoday.net/news/20200119/1628698.htm
荷蘭司法部網絡安全中心通知:重要機構關閉電腦家庭工作系統
http://bit.ly/30A7U86
伊朗駭客入侵美國電網、油氣公司
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16344
國家黑客利用 VPN 服務器漏洞入侵美國政府網絡
https://www.chainnews.com/zh-hant/articles/828893097149.htm
美國愛沙尼亞合作護網安 建立情報分享系統
https://www.ydn.com.tw/news/369134
德籍前外交官疑為中國間諜 震撼歐盟外交圈
https://www.cna.com.tw/news/firstnews/202001200289.aspx
美國國會議員提議設立網路安全協調員
https://www.ithome.com.tw/news/135460
烏克蘭政府招聘官網曝出網絡安全事件:求職人員的諸多詳細信息被洩漏
https://www.cnbeta.com/articles/tech/934879.htm
史諾登案美籍記者 遭巴西指控駭客
http://bit.ly/30OGvQc
中國發布網路信息內容生態治理規定
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16341
Ubisoft sues operators of four DDoS-for-hire services
https://www.zdnet.com/article/ubisoft-sues-operators-of-four-ddos-for-hire-services/#ftag=RSSbaffb68
Singapore public sector called out for recurring IT lapses
https://www.zdnet.com/article/singapore-public-sector-called-out-for-recurring-it-lapses/#ftag=RSSbaffb68
FBI Promises 'Timely' Election Breach Reports for Officials
https://www.bankinfosecurity.com/fbi-promises-timely-election-breach-reports-for-officials-a-13619
Congress Hears Warnings of Iranian Cyberthreats
https://www.bankinfosecurity.com/congress-hears-warnings-iranian-cyberthreats-a-13613
How Cybercriminals Are Converting Cryptocurrency to Cash
https://www.bankinfosecurity.com/how-cybercriminals-are-converting-cryptocurrency-to-cash-a-13625
How Hackers Are Spying on US & Canadian Special Forces
https://pentestmag.com/how-hackers-are-spying-on-us-canadian-special-forces/
Did you really 'like' that? How Chameleon attacks spring in Facebook, Twitter, LinkedIn
https://www.zdnet.com/article/did-you-really-like-that-how-chameleon-attacks-spring-in-facebook-twitter-linkedin/#ftag=RSSbaffb68
Rules on deepfakes take hold in the US
https://blog.malwarebytes.com/artificial-intelligence/2020/01/deepfake-rules-take-hold-in-the-us/
US Cyber Command was not prepared to handle the amount of data it hacked from ISIS
https://www.zdnet.com/article/us-cyber-command-was-not-prepared-to-handle-the-amount-data-it-hacked-from-isis/
LastPass stores passwords so securely, not even its users can access them
https://www.theregister.co.uk/2020/01/20/lastpass_outage/
ProtonVPN Apps Open Sourced for Added Transparency and Security
https://www.bleepingcomputer.com/news/security/protonvpn-apps-open-sourced-for-added-transparency-and-security/
Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp
https://thehackernews.com/2020/01/saudi-prince-allegedly-hacked-worlds.html
資安技術顧問助理_台中
https://www.104.com.tw/job/6ujzy
學生實習-資安工程師
https://www.104.com.tw/job/6ulc6
資訊安全維護工程師
https://m.104.com.tw/job/6u0pz?jobsource=pc_redirect
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
百億帳密遭販賣 跨國警方逮兩嫌
https://udn.com/news/story/6809/4297099
侵害隱私?歐盟擬發布5年禁令 限制公共場合中臉部辨識應用
https://times.hinet.net/news/22747637
FBI 查封了一個專門販售被盜個資的網站
https://chinese.engadget.com/chinese-2020-01-20-fbi-seizes-site-dedicated-to-selling-data-breach-information.html
FBI搗破專門出售個人資料網站 涉120億條用戶資料
http://bit.ly/2un7Axo
行政文書が大量流出 納税記録などのHDD転売
https://www.asahi.com/articles/ASMD57WSXMD5UTIL065.html
30 億張圖庫,一張照片就能查個資!臉部辨識再爆隱私爭議
http://technews.tw/2020/01/22/face-recognition-has-privacy-controversy-again/
春節網購要小心 內政部提醒注意臉書「假網拍」
https://www.chinatimes.com/realtimenews/20200122001460-260407?chdtv
微軟意外曝露 2.5 億筆的客服記錄
http://bit.ly/30MEt2H
美國加州消費者隱私法案正式施行
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16342
有衛生署認證就是品質保證?! 破解詐騙網購招數
https://blog.trendmicro.com.tw/?p=63220
澳洲森林大火成詐騙誘餌:別讓愛心 成為駭客提款機
https://blog.trendmicro.com.tw/?p=4843
BEC Fraudsters Targeting Financial Documents: Report
https://www.bankinfosecurity.com/bec-fraudsters-targeting-financial-documents-report-a-13616
Spear Phishing Gets Us Nearly Every Time: Lessons From Europol’s Report
https://securityintelligence.com/articles/spear-phishing-gets-us-nearly-every-time-lessons-from-europols-report/
This Citibank Phishing Scam Could Trick Many People
https://www.bleepingcomputer.com/news/security/this-citibank-phishing-scam-could-trick-many-people/
More than half of Russian companies are concerned about the protection of personal data of employees and customers
https://www.ehackingnews.com/2020/01/more-than-half-of-russian-companies-are.html
Accused scammer Burkov to plead guilty to 'some' charges after extradition dispute
https://www.cyberscoop.com/aleksei-burkov-russian-scammer-plead-guilty/
Dating apps share personal data with advertisers, study says
https://www.welivesecurity.com/2020/01/22/dating-apps-share-intimate-data-advertisers-study/
E.研究報告
滲透測試工程師視角下的滲透測試流程
http://www.sohu.com/a/367827843_354899
內網滲透實驗:基於Cobaltstrike的多種實驗
https://www.freebuf.com/vuls/224507.html
針對Cisco DCNM高危漏洞的PoC公開
https://nosec.org/home/detail/3980.html
Azure Cloud Shell 跨用戶命令執行與提權漏洞分析
https://www.chainnews.com/zh-hant/articles/460921811690.htm
安全研究員演示利用新披露的Windows 高危漏洞
https://www.solidot.org/story?sid=63293
黑產進攻Win10高危漏洞,騰訊安全緊急首發專殺工具
https://pttnews.cc/710d047ad0
Maccms8的命令執行漏洞分析及初探
https://forum.90sec.com/t/topic/724
對公司中控考勤機的進一步研究
https://iven.wang/index.php/archives/55.html
Microsoft IE jscript遠程命令執行0day漏洞(CVE-2020-0674)通告
https://www.freebuf.com/column/225923.html
CVE-2020-0601漏洞详细分析
https://www.freebuf.com/vuls/225879.html
ProtonVPN開源所有平台的程式原始碼
https://www.ithome.com.tw/news/135493
Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363)
https://www.pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/
The Most Important Role of Penetration Testing in Data Privacy and Protection
https://gbhackers.com/the-role-of-penetration-testing/
YARASAFE - Automatic Binary Function Similarity Checks with Yara
https://www.kitploit.com/2020/01/yarasafe-automatic-binary-function.html
How to prevent a rootkit attack
https://blog.malwarebytes.com/how-tos-2/2020/01/how-to-prevent-a-rootkit-attack/
Cyberawareness in Australia: The good and the bad
https://www.welivesecurity.com/2020/01/16/cyberawareness-australia-good-bad/
The ESET Cyberawareness Index Australia 2019
https://cdn1.esetstatic.com/ESET/AU/whitepapers/ESS1003_ConsumerSurvey_Whitepaper_A4_Final.pdf
Rough Patch: I Promise It'll Be 200 OK (Citrix ADC CVE-2019-19781)
https://www.fireeye.com/blog/products-and-services/2020/01/rough-patch-promise-it-will-be-200-ok.html
404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor
https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html
Millions of modems at risk of remote hijacking
https://www.welivesecurity.com/2020/01/14/millions-modems-vulnerable-remote-hijacking/
Broadening the Scope: A Comprehensive View of Pen Testing
https://thehackernews.com/2020/01/broadening-scope-comprehensive-view-of11.html
Zero-Cost Threat Hunting with Elastic Stack
https://www.cloudcybersafe.com/zero-cost-threat-hunting-with-elastic-stack
FBI shuts down website selling billions of stolen records
https://www.welivesecurity.com/2020/01/17/fbi-seizes-website-selling-stolen-personal-data/
BankSecurity/Red_Team
https://github.com/BankSecurity/Red_Team
Nginx-Lua-Anti-DDoS
https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS
insightglacier/Shiro_exploit
https://github.com/insightglacier/Shiro_exploit
7 SDLC METHODOLOGIES THAT EVERY APPLICATION SECURITY ENGINEER SHOULD KNOW – PART 1
https://blog.eccouncil.org/7-sdlc-methodologies-that-every-application-security-engineer-should-know-part-1/
SQL Injection to RCE
https://pentestmag.com/sql-injection-to-rce/
THE GOOD, THE BAD AND THE UGLY IN CYBERSECURITY – WEEK 1
https://www.aurigasec.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-1
THE GOOD, THE BAD AND THE UGLY IN CYBERSECURITY – WEEK 2
https://www.aurigasec.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-2
Grouper2 - Find Vulnerabilities In AD Group Policy
https://www.kitploit.com/2020/01/grouper2-find-vulnerabilities-in-ad.html
How To Fully Anonymize Your IP
https://linuxsecurityblog.com/2019/11/20/how-to-fully-anonymize-your-ip/
Update: Curveball Exploit (CVE-2020-0601) Starts Making the Rounds
https://www.fortinet.com/blog/threat-research/curveball-exploit-making-rounds.html
「Wine 5.0」が正式リリース ~マルチモニター環境と「Vulkan 1.1」をサポート
https://forest.watch.impress.co.jp/docs/news/1230571.html
3gstudent / List-RDP-Connections-History
https://github.com/3gstudent/List-RDP-Connections-History
【ハニーポット簡易分析】Honeypot簡易分析(2020/1/20)
https://sec-chick.hatenablog.com/entry/2020/01/21/232804
AIOOSCP/Hijacker
https://github.com/AIOOSCP/Hijacker
Add internet access to a vintage computer using Raspberry Pi
https://magpi.raspberrypi.org/articles/add-internet-access-to-a-vintage-computer-using-raspberry-pi
A New Decade Of Javascript Threats
https://www.riskiq.com/blog/external-threat-management/decade-of-javascript-threats/
Thousands of WordPress Sites Hacked to Fuel Scam Campaign
https://www.bleepingcomputer.com/news/security/thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign/
Free website security check & malware scanner
https://sitecheck.sucuri.net/
F.商業
Palo Alto Networks 公佈最新2020年資安趨勢預測
https://news.sina.com.tw/article/20200119/34032744.html
Check Point:台灣企業去年受網路攻擊次數為全球平均4倍
https://ec.ltn.com.tw/article/breakingnews/3045753
果核鎖定 OWASP 十大 API 風險,完整佈局檢測、監控與顧問服務
https://www.digicentre.com.tw/news_detail.php?id=65&
新創區塊科技推出Email上鏈工具 防堵商業電郵詐騙
https://reurl.cc/Gk3LQy
資安世界級 G Suite掛保證 神通資科導入架構客製化安保機制事半功倍
https://www.mitac.com.tw/article.cfm?id=325
訊舟硬體加密SecuBox抗駭客,本季全面導入市場
http://bit.ly/2tGvGDl
FireEye Buys Cloudvisory, in Seventh Security Acquisition
https://www.cbronline.com/cybersecurity/solutions/cloudvisory-fireeye/
Morphisec Protects Customers Against Internet Explorer Scripting Zero Day
https://securityboulevard.com/2020/01/morphisec-protects-customers-against-internet-explorer-scripting-zero-day/
G.政府
高市戶政連線當機改採人工收件 初步排除被駭
http://www.ksnews.com.tw/index.php/news/contents_page/0001337154
唐鳳稱 資安及網路訊息討論更密切
http://bit.ly/3asPRoU
中正紀念堂轉型、禁購清單 行政院繼續衝
https://udn.com/news/story/6656/4296611
成立數位發展部會 科技部統整國外經驗提供建議
https://www.cna.com.tw/news/ait/202001200105.aspx
政院國土安全會報 鎖定混合式威脅加強演習
https://www.rti.org.tw/news/view/id/2048816
國土安全整備,陳其邁:精進應變機制
http://bit.ly/37jb4Qq
關鍵基礎設施演習 鳳信有線電視拿特優
https://www.chinatimes.com/realtimenews/20200121002459-260405?chdtv
禁購危害資安產品 專家:應先盤點設備
http://bit.ly/2TEm0Ed
各機關資通訊應用管理要點
https://theme.ndc.gov.tw/lawout/LawContent.aspx?id=GL000031
經濟部工業局推動物聯網產品資安標章 讓您選購資安合格產品,安心過好年
https://www.moea.gov.tw/MNS/populace/news/News.aspx?kind=1&menu_id=40&news_id=88543
台灣將推「數位身分證」,專家憂個資濫用 資安與便利該如何取捨
https://www.cw.com.tw/article/article.action?id=5098704
H.工控系統/SCADA/ICS
Fake Company, Real Threats
https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/fake-company-real-threats-logs-from-a-smart-factory-honeypot
RELIABLY FINDING AND EXPLOITING ICS/SCADA BUGS
https://www.zerodayinitiative.com/blog/2020/1/15/reliably-finding-and-exploiting-icsscada-bugs
I.教育訓練
A Beginner’s Guide to OSINT Investigation with Maltego
https://medium.com/@raebaker/a-beginners-guide-to-osint-investigation-with-maltego-6b195f7245cc
What is MPLS Label distributing protocol (LDP) ? How LDP works
https://mpls.internetworks.in/2020/01/what-is-mpls-label-distributing.html
60 Cybersecurity Interview Questions [2019 Update]
https://danielmiessler.com/study/infosec_interview_questions/
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
51萬臺物聯網裝置的Telnet帳密被公布,史上最多
https://www.ithome.com.tw/news/135436
駭客入侵「監視器」網路 全台逾10萬戶受害
http://bit.ly/2TCzUGG
國內網路監視器DVR設備存有資安漏洞,建議用戶立即更新至最新版本
https://www.twcert.org.tw/tw/cp-104-3259-932ae-1.html
IoT技術中心斥資上億 德國萊因用物聯三箭打造連網用戶安全體驗
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000576736_dfp83unb2kom8g79i2uur
IoT時代萬物可駭 資安投資可望成顯學
https://money.udn.com/money/story/5612/4303059
IP CAM資安檢測方法一致性修正公告-更新檔案(20200109版)
https://www.taics.org.tw/LatestASSForm.aspx?Ass_id=5065&Type=2
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
https://www.zdnet.com/article/hacker-leaks-passwords-for-more-than-500000-servers-routers-and-iot-devices/#ftag=RSSbaffb68
6.近期資安活動及研討會
Security Hell Conference (SH3LLCON) 1/24 ~ 1/25
https://www.sh3llcon.es/?ref=infosec-conferences.com
NextGen SCADA 1/27 ~ 1/31
https://www.smartgrid-forums.com/forums/nextgen-scada-global/
Cranfield University Cyber Symposium 1/28 ~ 1/29
https://www.cranfield.ac.uk/events/symposia/cyber
International Cyber Security Forum (FIC) 1/28 ~ 1/30
https://www.forum-fic.com/en/home.htm
Free and Safe in Cyberspace 1/29
https://www.free-and-safe.org/
Hacking Thursday 1/30
http://www.hackingthursday.org/invite
台灣E化資安分析管理協會-「網路身分識別安全與防護:從密碼走向無密碼時代」研習課程 2/5
https://inc.ntub.edu.tw/p/404-1011-75476-1.php?Lang=zh-tw
制御システムセキュリティカンファレンス 2020 2020年2月14日
https://www.jpcert.or.jp/event/ics-conference2020.html
Certificate of Cloud Security Knowledge (CCSK) Plus 2/23 ~ 2/24
https://csacongress.org/event/csa-summit-at-rsa-conference-2020/
CYBERSEC 2020 臺灣資安大會 3/17 ~ 3/19
https://cyber.ithome.com.tw/
韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html
black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/
Kaspersky® Security Analyst Summit 4/6 ~ 4/9
https://thesascon.com/
2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/
亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html
沒有留言:
張貼留言