資安事件新聞週報 2020/2/17 ~ 2020/2/21
1.重大弱點漏洞/後門/Exploit/Zero Day
全景公司ServiSign元件存在多個弱點,可導致任意程式碼執行或是任意檔案讀取及刪除
https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce
中華資安國際Red Team團隊發現,國內某證券選股系統具有多項弱點
https://gist.github.com/chtsecurity/d42564a3f92ebe697ae2c69266640529
https://gist.github.com/chtsecurity/5a74ef5445a8aea34904c5691a477534
https://gist.github.com/chtsecurity/d936e2381a0087dddc0cadf7c61a4a7b
Palo Alto PAN-OS 遠端執行程式碼漏洞
https://security.paloaltonetworks.com/CVE-2020-1975
SonicWall SMA設備被曝超危漏洞,易遭受遠程攻擊
https://www.freebuf.com/column/227639.html
Fortinet FortiOS 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6696
美國五州使用的投票程式Voatz被揪出含有可竄改的漏洞
https://www.ithome.com.tw/news/135839
IBM DB2 阻斷服務漏洞
https://www.hkcert.org/my_url/zh/alert/20021901
IBM Security Identity Manager跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4451
JVNVU#99571081 IBM ServeRAID Manager における任意のコード実行が可能な脆弱性
https://jvn.jp/vu/JVNVU99571081/
卡巴斯基:Windows 10升級漏洞並非由公司殺毒工具引起
https://www.cnbeta.com/articles/tech/945341.htm
快下載!一口氣修補99個漏洞 Windows 10 有始以來最大更新
https://newtalk.tw/news/view/2020-02-14/366627
想升級先等等!微軟 Windows 10 安全更新連續爆出 Bug 災情
https://3c.ltn.com.tw/news/39546
Second Windows 10 update is now causing problems by hiding user profiles
https://www.zdnet.com/article/second-windows-10-update-is-now-causing-problems-by-hiding-user-profiles/#ftag=RSSbaffb68
Nearly half of hospital Windows systems still vulnerable to RDP bugs
https://nakedsecurity.sophos.com/2020/02/20/nearly-half-of-hospital-windows-systems-still-vulnerable-to-rdp-bugs/
12,000個Jenkins服務器漏洞被用於放大DDoS攻擊
https://netsecurity.51cto.com/art/202002/610679.htm
OpenSSH adds support for FIDO/U2F security keys
https://www.zdnet.com/article/openssh-adds-support-for-fidou2f-security-keys/#ftag=RSSbaffb68
SweynTooth漏洞影響大量使用了BLE協議的設備
https://nosec.org/home/detail/4114.html
Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities
https://www.zdnet.com/article/unknown-number-of-bluetooth-le-devices-impacted-by-sweyntooth-vulnerabilities/#ftag=RSSbaffb68
Bluetooth bugs – researchers find 10 “Sweyntooth” security holes
https://nakedsecurity.sophos.com/2020/02/14/bluetooth-bugs-researchers-find-10-sweyntooth-security-holes/
Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent
https://www.zdnet.com/article/critical-vulnerability-patched-in-gdpr-cookie-consent-wordpress-plugin/#ftag=RSSbaffb68
Oracle Outside In Technology存在未明漏洞
https://www.oracle.com/security-alerts/cpujan2020.html
Oracle WebLogic Server存在未明漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2519
Oracle Identity Manager存在未明漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2729
CVE-2020-3937-3939
https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215
OpenSIPS 安全漏洞
http://github.com/OpenSIPS/opensips/commit/54e027adfa486cfcf993828512b2e273aeb163c2
Vulnerability Spotlight: Memory corruption, DoS vulnerabilities in CoTURN
https://blog.talosintelligence.com/2020/02/vuln-spotlight-coturn-DoS-memory-feb-2020.html
黑客正利用WordPress中ThemeREX插件的漏洞來接管網站
https://nosec.org/home/detail/4136.html
Apache Tomcat服務器存在文件包含漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
谷歌翻譯服務(Google Translator)的跨站漏洞
https://cloud.tencent.com/developer/article/1587222
Cybermdx:許多醫院沒有針對設備已知重大漏洞進行修補
https://www.ithome.com.tw/news/135943
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
強化業績能力 臺企銀鎖定八大政策金融業務
https://readers.ctee.com.tw/cm/20200214/a12aa12/1040714/c2ba88e402a5fe0d0b0208c88a5d1d1f/share
資訊界「4師1員」職缺現最搶手!純網銀廣發徵才英雄帖
http://bit.ly/2Sz6HM1
國泰推首檔網路資安ETF 3月開募
https://money.udn.com/money/story/5618/4350214
亞洲首檔資安ETF要來了 反駭客概念成投資新趨勢
http://bit.ly/37Hy3Ul
資安指數漲勢更勝納斯達克 資安概念股看俏
https://news.cnyes.com/news/id/4444848
今年首場行庫會報,財部祭四指令
http://bit.ly/37yjRgw
美國國稅局呼籲線上報稅民眾啟用多因素認證
https://www.ithome.com.tw/news/135879
確保營運不中斷 金管會下令銀行採五大防疫措施
https://udn.com/news/story/7238/4353702
以色列耶路撒冷創投JVP在紐約設立資安中心
http://bit.ly/38HNg9w
嚴防疫情延燒 金控業啟動「異地備援」
https://news.cts.com.tw/cts/life/202002/202002191991109.html
Central Bank as the regions with the highest and lowest cybercrime
http://www.kxan36news.com/central-bank-as-the-regions-with-the-highest-and-lowest-cybercrime
Nedbank says 1.7 million customers impacted by breach at third-party provider
https://www.zdnet.com/article/nedbank-says-1-7-million-customers-impacted-by-breach-at-third-party-provider/#ftag=RSSbaffb68
3.電子支付/電子票證/行動支付/ pay/新聞及資安
亞太電 跨國行動支付Q2有望上線
https://money.udn.com/money/story/5612/4355277
你聽過 GtPay 嗎?亞太電信行動支付不只 NFC-SIM 感應支付與手機悠遊卡、信用卡服務,之後還能「跨國行動支付」
http://bit.ly/2SOf9au
行動支付成主流 分析師預測:Apple Pay 5年內將佔全球信用卡交易10%
https://cnews.com.tw/137200214a03/
恩智浦攜手 NTT DoCoMo 與 Sony 發表 UWB 技術行動支付
https://technews.tw/2020/02/11/nxp-ntt-docomo-sony-uwb-mobile-pay/
小確幸!民眾在街口等電子支付帳戶 可省手續費
https://money.udn.com/money/story/5613/4358826
金管會鬆綁電支機構合作帳戶 幫民眾省手續費
https://taronews.tw/2020/02/20/615912/
萊爾富開放icash支付 成為首家可使用4大票證的超商
https://udn.com/news/story/7193/4360092
4.虛擬貨幣/區塊鍊相關新聞及資安
數位時代打擊仿冒:瑞士鐘錶業如何用區塊鏈防偽
https://udn.com/news/story/6871/4342176
用戶報告台灣交易所比特之星出金不順,官方表示 : 系統升級中
http://bit.ly/38wvm9x
MIT:區塊鏈投票系統VOATZ存在一系列漏洞極易受到攻擊
http://bit.ly/37zkqqA
防止虛擬貨幣洗錢!美制定新法管控
https://newtalk.tw/news/view/2020-02-13/366270
bZx駭客事件分析
https://pttdigit.com/digicurrency/M.1582017234.A.D49.html
怎麼透過 Defi 組合做到的?詳細還原轟動全球社群的「bZx」駭客事件始末
https://www.blocktempo.com/analyze-bzx-hacking-process/
DeFi 借貸協議 bZx 再遭套利!產品漏洞損失 64.5 萬美元
https://blockcast.it/2020/02/19/defi-lending-protocol-bzx-has-just-been-exploited-again/
閃電貸款|駭客第二次對「各 DeFi 產品壓力測試」,從 bZx 再次獲利「2378 ETH」
https://www.blocktempo.com/defi-project-bzx-exploited-for-second-time-in-a-week-loses-630k-in-ether/
比特幣減半倒數:幣價上漲的傳統,誰是被淘汰的礦工
https://www.inside.com.tw/article/18950-bitcoin-price-next-halving
IOTA Trinity錢包漏洞報告,被盜160萬美元
https://0xzx.com/202002141220513402.html
IOTA 錢包爆發代幣遭竊事件!基金會關閉節點進行調查
https://news.cnyes.com/news/id/4442840
Mt.Gox事件受害者有望拿回88%的資金!那些被駭的交易所後來都怎麼了
https://news.knowing.asia/news/abddda59-d60d-4541-9a63-969b20c78177
【Block 週記】以太坊遊戲開發平台 Enjin 上線,遊戲內貨幣與加密貨幣將可通用
https://technews.tw/2020/02/21/block-weekly-20200220/
IOTA cryptocurrency shuts down entire network after wallet hack
https://www.zdnet.com/article/iota-cryptocurrency-shuts-down-entire-network-after-wallet-hack/
Inside J-CAT – Europol’s Joint Cybercrime Action Taskforce
https://portswigger.net/daily-swig/inside-j-cat-europols-joint-cybercrime-action-taskforce
Police bust alleged operator of Bitcoin mixing service Helix
https://nakedsecurity.sophos.com/2020/02/17/police-bust-alleged-operator-of-bitcoin-mixing-service-helix/
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
一年40個美國公部門遭駭客攻擊 遇上勒索病毒時,該付贖金嗎
https://www.cw.com.tw/article/article.action?id=5098988
RobbinHood:利用 Windows 驅動程序漏洞關閉殺軟的勒索軟件
https://www.chainnews.com/zh-hant/articles/899104922855.htm
點開立馬被綁架! 超強 Android 病毒 竟藏身電子收據
http://bit.ly/2SYBd11
宅經濟招駭客 手機惡意病毒隨網購商品簡訊四處流竄
https://newtalk.tw/news/view/2020-02-17/367847?
您的商品已到貨?手機病毒藏後頭
https://www.chinatimes.com/realtimenews/20200214001601-260412?chdtv
國內出現「訂購商品查詢」手機簡訊夾病毒,點選連結後就成病毒超級傳播者
https://www.techbang.com/posts/76178-your-goods-have-arrived-cell-phone-virus-hidden-behind
小心別亂點!「超強金融木馬病毒」 偽裝電子收據騙你
https://www.ettoday.net/news/20200215/1646250.htm
木馬程式一點就完蛋!攻擊安卓用戶 金融資料、自然人憑證都遭竊
https://cnews.com.tw/137200218a03/
新發現:惡意軟體 Emotet 可透過駭侵鄰近無線網路進行擴散
https://www.twcert.org.tw/tw/cp-104-3341-7a3b2-1.html
挖礦程式使用 Haiduc 駭客工具和 Xhide 應用程式隱藏工具,暴力登入電腦與伺服器
https://blog.trendmicro.com.tw/?p=63218
新電子郵件勒索手法,不付錢就讓你網站廣告被Google封鎖
https://www.ithome.com.tw/news/135892
比特幣勒贖最新手法:用機器人灌爆你的 Google AdSense
https://www.inside.com.tw/article/18946-email-scheme-google-adsense-bitcoin
想用約會 app 尋求新關係?當心找到了手機病毒
https://blog.trendmicro.com.tw/?p=63450
偽裝韓國公平貿易委員會的惡意垃圾郵件,夾帶勒索病毒與竊個資木馬
https://blog.trendmicro.com.tw/?p=63430
CISA:勒索軟體攻陷美國天然氣壓縮公司
https://ithome.com.tw/news/135917
Eclypsium:沒簽章的周邊裝置韌體成為惡意程式溫床
https://times.hinet.net/news/22793158
Malicious Spam Campaign Targets South Korean Users
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/malicious-spam-campaign-targets-south-korean-users
超過170萬次下載!Google 一口氣下架逾 500個Chrome 惡意擴充程式
https://3c.ltn.com.tw/news/39542
Google移除逾500個惡意的Chrome擴充程式
https://www.ithome.com.tw/news/135838
500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users
https://thehackernews.com/2020/02/chrome-extension-malware.html
There's finally a way to remove xHelper, the unremovable Android malware
https://www.zdnet.com/article/theres-finally-a-way-to-remove-xhelper-the-unremovable-android-malware/#ftag=RSSbaffb68
ViperSoftX - New JavaScript Threat
https://www.fortinet.com/blog/threat-research/vipersoftx-new-javascript-threat.html
CISA Issues Multiple Agency Malware Analysis Reports on Hidden Cobra
https://www.fortinet.com/blog/threat-research/cisa-issues-multiple-agency-malware-analysis-reports-on-hidden-cobra.html
US Cyber Command, DHS, and FBI expose new North Korean malware
https://www.zdnet.com/article/us-cyber-command-dhs-and-fbi-expose-new-north-korean-malware/#ftag=RSSbaffb68
North Korean Malicious Cyber Activity
https://www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity
AR20-045A : MAR-10265965-1.v1 – North Korean Trojan: BISTROMATH
https://www.us-cert.gov/ncas/analysis-reports/ar20-045a
AR20–045B : MAR-10265965-2.v1 – North Korean Trojan: SLICKSHOES
https://www.us-cert.gov/ncas/analysis-reports/ar20-045b
AR20-045C : MAR-10265965-3.v1 – North Korean Trojan: CROWDEDFLOUNDER
https://www.us-cert.gov/ncas/analysis-reports/ar20-045c
AR20-045D : MAR-10271944-1.v1 – North Korean Trojan: HOTCROISSANT
https://www.us-cert.gov/ncas/analysis-reports/ar20-045d
AR20-045E : MAR-10271944-2.v1 – North Korean Trojan: ARTFULPIE
https://www.us-cert.gov/ncas/analysis-reports/ar20-045e
AR20-045F : MAR-10271944-3.v1 – North Korean Trojan: BUFFETLINE
https://www.us-cert.gov/ncas/analysis-reports/ar20-045f
Rutter's store chain discloses security breach involving POS malware
https://www.zdnet.com/article/rutters-store-chain-discloses-security-breach-involving-pos-malware/#ftag=RSSbaffb68
Ginp mobile Trojan fakes incoming SMS messages
https://www.kaspersky.com/blog/ginp-mobile-banking-trojan/32478/
Coronavirus spam emails are spreading Emotet Malware
https://techau.com.au/coronavirus-spam-emails-are-spreading-emotet-malware/
Malware attack further proof that small health systems are vulnerable
https://searchhealthit.techtarget.com/news/252478672/Malware-attack-further-proof-that-small-health-systems-are-vulnerable
January 2020’s Most Wanted Malware: Coronavirus-themed Spam Spreads Emotet Malware
http://bit.ly/2SQynL8
Sophisticated Emotet malware loader thriving on unsophisticated passwords
https://techxplore.com/news/2020-02-sophisticated-emotet-malware-loader-unsophisticated.html
Beware of hackers planting Valentine’s Day malware
https://www.komando.com/security-privacy/hackers-plant-valentines-day-malware/706654/
LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File
https://newsroom.trendmicro.com/blog/security-intelligence/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-fi-1
New paper: LokiBot: dissecting the C&C panel deployments
https://www.virusbulletin.com/blog/2020/02/new-paper-lokibot-dissecting-cc-panel-deployments/
Sextortion Scams Delivered by Emotet Net 10 Times More Than Necurs Sextortion — Here’s Why
https://securityintelligence.com/posts/sextortion-scams-delivered-by-emotet-net-10-times-more-than-necurs-sextortion-heres-why/
Tampa Bay Times hit with Ryuk ransomware attack
https://blog.malwarebytes.com/ransomware/2020/01/tampa-bay-times-hit-with-ryuk-ransomware-attack/
Hamas Android Malware On IDF Soldiers-This is How it Happened
https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened/
AZORult spreads as a fake ProtonVPN installer
https://securelist.com/azorult-spreads-as-a-fake-protonvpn-installer/96261/
Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse
https://securityintelligence.com/posts/banking-trojans-and-ransomware-a-treacherous-matrimony-bound-to-get-worse/
Council returns to using pen and paper after cyberattack
https://nakedsecurity.sophos.com/2020/02/18/council-returns-to-using-pen-and-paper-after-cyberattack/
Malware and HTTPS – a growing love affair
https://nakedsecurity.sophos.com/2020/02/18/malware-and-https-a-growing-love-affair/
Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection
https://ibm.co/2P8ktDa
Ransomware attack forces 2-day shutdown of natural gas pipeline
https://nakedsecurity.sophos.com/2020/02/20/ransomware-attack-forces-2-day-shutdown-of-natural-gas-pipeline/
Ransomware Attack Hit US Natural Gas Facility
https://www.bankinfosecurity.com/ransomware-attack-hit-us-natural-gas-facility-a-13740
Cybersecurity Research During the Coronavirus Outbreak and After
https://securelist.com/cybersecurity-research-during-the-coronavirus-outbreak-and-after/96275/
ObliqueRAT: New RAT hits victims' endpoints via malicious documents
https://blog.talosintelligence.com/2020/02/obliquerat-hits-victims-via-maldocs.html
B.行動安全 / iPhone / Android /穿戴裝置 /App
Google Project Zero:三星保護手機的作法反而讓Android不安全
https://ithome.com.tw/news/135827
美國推智慧型手機投票 批評者憂駭客暗中動手腳
https://www.cna.com.tw/news/aopl/202002160115.aspx
亞馬遜Ring啟動強制雙重驗證 防止駭客入侵
https://www.ettoday.net/news/20200219/1648968.htm
Google 點名三星:不必要的改動恐讓 Android 手機不安全
https://3c.ltn.com.tw/news/39564
順豐香港版App疑有保安漏洞 最近使用寄件人資料通晒天
https://www.passiontimes.hk/article/02-19-2020/60178
Google去年阻止79萬款違規程式登上Play Store
https://www.ithome.com.tw/news/135821
Fraudsters using malicious apps to target Kochi’s smartphone users
https://www.nyoooz.com/news/kochi/1433891/fraudsters-using-malicious-apps-to-target-kochis-smartphone-users/
More than 7,700 attacks by threats disguised as dating apps in Africa
https://www.intelligentcio.com/africa/2020/02/12/more-than-7700-attacks-by-threats-disguised-as-dating-apps-in-africa/
Security News This Week: The 'Robo Revenge' App Makes It Easy to Sue Robocallers
https://www.wired.com/story/robo-revenge-apple-malware-security-news/
Signal Is Finally Bringing Its Secure Messaging to the Masses
https://www.wired.com/story/signal-encrypted-messaging-features-mainstream/
Ring to enable 2FA for all user accounts after recent hacks
https://www.zdnet.com/article/ring-to-enable-2fa-for-all-user-accounts-after-recent-hacks/#ftag=RSSbaffb68
Singapore gets three bids for 5G licences
https://www.zdnet.com/article/singapore-gets-three-bids-for-5g-licences/#ftag=RSSbaffb68
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
WordPress外掛ThemeGrill Demo Importer可讓駭客清除資料庫,波及20萬網站
https://www.ithome.com.tw/news/135891
戰鬥民族瘋改造身體 竟植入台灣晶片
https://news.ltn.com.tw/news/world/breakingnews/3072243
網站流量暴增要小心?可能是駭客發動廣告勒索攻擊
https://cnews.com.tw/137200219a04/
報告:去年每1分鐘發生16次DDoS攻擊
https://www.ithome.com.tw/news/135912
武漢肺炎效應,IBM退出RSA大會,亞洲黑帽駭客大會延期
https://www.ithome.com.tw/news/135856
世衛也出聲了:小心有關武漢肺炎的網釣郵件
https://www.ithome.com.tw/news/135890
警示! 全球利用安全漏洞的網路攻擊激增
http://bit.ly/2V16Fy5
帳號遭駭客入侵「隱私全曝」 IU罕見動怒:越線是犯罪
https://www.setn.com/news.aspx?NewsID=691014
脫北官員太永浩手機疑遭北韓駭客入侵盜資訊
https://money.udn.com/money/story/5599/4350201
官方推特帳號被盜?以色列國防部貼出撩人正妹照
https://news.ltn.com.tw/news/world/breakingnews/3070024
奧運及奧委會社交網站遭黑客入侵 Twitter:已封鎖受影響帳戶
http://bit.ly/3bJTYgT
英警方呼籲家長一但發現小孩在用Kali Linux、Tor、Discord,應主動通報
https://www.ithome.com.tw/news/135886
網路安全成戰爭武器 休斯頓能源業需高度關注
https://scdaily.com/post/1486
美國兩起駭客攻擊指向同一家網路服務提供商
https://on.wsj.com/2HAdrmI
中國大陸網路資訊內容生態治理規定
http://www.cac.gov.cn/2019-12/20/c_1578375159509309.htm
共軍駭客窮凶惡極 國際社會杜微慎防
https://www.ydn.com.tw/News/373350
【中共的秘密在她電腦裡】讀到全身發抖!她向國際爆料「新疆 2 份關鍵文件」,卻收到死亡威脅、遭駭客攻擊
https://buzzorange.com/2020/02/20/the-whistleblower-of-xinjiang-cases/
美、德情報機關掌控瑞士加密通信公司 多年來竟竊聽多達120國情報機密
https://news.sina.com.tw/article/20200214/34233970.html
盟國若採用華為設備 川普揚言斷情報分享
https://times.hinet.net/topic/22789041
喬治亞上萬網站遇駭 英美盟邦矛頭指向俄國
https://www.cna.com.tw/news/aopl/202002210032.aspx
越南專家構建首個信息安全生態系統
http://n.yam.com/Article/20200220995715
伊朗國家黑客濫用VPN漏洞,入侵全球企業內網植入後門
https://www.secrss.com/articles/17172
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
https://www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/#ftag=RSSbaffb68
Unpatched VPN Servers Hit by Apparent Iranian APT Groups
https://www.bankinfosecurity.com/unpatched-vpn-servers-hit-by-apparent-iranian-apt-groups-a-13733
Israeli soldiers tricked into installing malware by Hamas agents posing as women
https://www.zdnet.com/article/israeli-military-tricked-into-installing-malware-by-hamas-agents-posing-as-women/#ftag=RSSbaffb68
U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies
https://thehackernews.com/2020/02/united-states-china-huawei.html
UK police deny responsibility for poster urging parents to report kids for using Kali Linux
https://www.zdnet.com/article/uk-police-distance-themselves-from-poster-warning-parents-to-report-kids-for-using-kali-linux/#ftag=RSSbaffb68
Singapore to spend $719M beefing up government's cyber, data security systems
https://www.zdnet.com/article/singapore-to-spend-719m-beefing-up-governments-cyber-data-security-systems/#ftag=RSSbaffb68
16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps
https://www.zdnet.com/article/16-ddos-attacks-take-place-every-60-seconds-rates-reach-622-gbps/#ftag=RSSbaffb68
Five years after the Equation Group HDD hacks, firmware security still sucks
https://www.zdnet.com/article/five-years-after-the-equation-group-hdd-hacks-firmware-security-still-sucks/#ftag=RSSbaffb68
Hundreds of Millions of PC Components Still Have Hackable Firmware
https://www.wired.com/story/firmware-hacks-vulnerable-pc-components-peripherals/
Cybersecurity Plan for 2020 US Election Unveiled
https://www.bankinfosecurity.com/cybersecurity-plan-for-2020-us-election-unveiled-a-13732
US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility
https://thehackernews.com/2020/02/critical-infrastructure-ransomware-attack.html
Millions Of Windows And Linux Systems Are Vulnerable To This ‘Hidden’ Cyber Attack
https://www.forbes.com/sites/daveywinder/2020/02/18/millions-of-windows-and-linux-systems-are-vulnerable-to-this-hidden-cyber-attack/
Spoofing Banks is a Balancing Act
https://www.domaintools.com/resources/blog/spoofing-banks-is-a-balancing-act#
NEC 約6万人の社員が一斉にテレワーク実施
https://www3.nhk.or.jp/news/html/20200220/k10012293751000.html
Microsoft has a subdomain hijacking problem
https://www.zdnet.com/article/microsoft-has-a-subdomain-hijacking-problem/#ftag=RSSbaffb68
The US Blames Russia's GRU for Sweeping Cyberattacks in Georgia
https://www.wired.com/story/us-blames-russia-gru-sweeping-cyberattacks-georgia/
資安工程師/資深安全專家 (w0012)
http://bit.ly/38F4ODj
產險-資訊安全分析師(內湖)
https://www.104.com.tw/job/6vdbh?jobsource=googlejobs
資安工程師-F75E
https://mail.google.com/mail/u/0/?tab=wm&ogbl#inbox
高級系統維護師(資安專人)
https://m.1111.com.tw/job/91414896/
資安工程師 (i-Security Engineer)
https://www.104.com.tw/job/3q770
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
美台合作科技對抗「假新聞」!AIT:中國靠不實資訊削弱台灣自由民主
https://www.storm.mg/article/2308520
防疫散布假消息最重關4年半?陳其邁:明日會統一規定
https://news.ltn.com.tw/news/life/breakingnews/3072884
留言送口罩?小心有「駭」!
https://news.cnyes.com/news/id/4442938
詐騙手法不斷翻新!FBI公布報告 去年網路犯罪損失金額最多是這類
https://cnews.com.tw/137200215a03/
嘜來鬧!「LINE 2階段認證」是假的 小心帳號被盜
https://tw.appledaily.com/gadget/20200219/P2JQY3SVJBSVNCW6ICY2IBWFXE/
LINE 根本沒有「2 階段密碼認證」!小心釣魚訊息盜帳號
https://3c.ltn.com.tw/news/39579
1070萬酒店住宿資訊泄露:慘遭駭客散布
https://ek21.com/news/tech/179639/
拍下身分證!口罩販賣機免費領 憂個資問題?業者秀代碼「沒有存個資啦」
https://tw.news.appledaily.com/life/20200221/JIMWMIXCRAHUQXJS4TTOC2VBBE/
誰騙誰!男子稱為釣出詐騙集團 杜撰武漢偷渡返國貼文遭逮
https://reurl.cc/nVkGDl
世衛也出聲了:小心有關武漢肺炎的網釣郵件
https://www.ithome.com.tw/news/135890
【 武漢肺炎網路釣魚】 WHO呼籲:只有@who.int 才是來自世衛的信件,@who. com 、@who. org 都是山寨
https://blog.trendmicro.com.tw/?p=63475
Beware of criminals pretending to be WHO
https://www.who.int/about/communications/cyber-security
女po文自爆花15萬武漢偷渡返台 高市警揪出假帳號、追查IP
http://bit.ly/2HvchJ6
波多黎各政府遭釣魚攻擊,損失達 400 萬美元
https://www.twcert.org.tw/tw/cp-104-3363-8df05-1.html
PayPal remains the most‑spoofed brand in phishing scams
https://www.welivesecurity.com/2020/02/14/paypal-remains-most-spoofed-brand-phishing-scams/
How romance scammers break your heart – and your bank account
https://www.welivesecurity.com/2020/02/14/how-romance-scammers-break-your-heart-bank-account/
FBI: Cybercrime losses tripled over the last 5 years
https://www.welivesecurity.com/2020/02/13/fbi-cybercrime-losses-tripled-last-5-years/
Watchdog Agency: Improper Use of Medicare Data Rampant
https://www.bankinfosecurity.com/watchdog-agency-improper-use-medicare-data-rampant-a-13727
On data protection, the UK says it will go it alone. It probably won't.
https://www.zdnet.com/article/on-data-protection-the-uk-says-it-will-go-it-alone-it-probably-wont/
Cyber tips for safe online dating: How to avoid privacy gaffs, exploits, and scams
https://blog.malwarebytes.com/privacy-2/2020/02/cyber-tips-safe-online-dating/
Singapore instructs Facebook to block page access under online falsehoods law
https://www.zdnet.com/article/singapore-instructs-facebook-to-block-page-access-under-online-falsehoods-law/#ftag=RSSbaffb68
Exclusive: Details of 10.6 million MGM hotel guests posted on a hacking forum
https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/
Scam Alert: You've Been Selected for 'Like of the Year 2020' Cash Prizes
https://thehackernews.com/2020/02/like-of-the-year-scam.html
Премия «Лайк года 2020» награждает фишингом: новая волна масштабной схемы мошенничества
https://www.group-ib.ru/media/like-2020/
DOD DISA discloses data breach
https://www.zdnet.com/article/dod-disa-discloses-data-breach/#ftag=RSSbaffb68
Phishing Campaigns Tied to Coronavirus Persist
https://www.bankinfosecurity.com/phishing-campaigns-tied-to-coronavirus-persist-a-13741
Canadian Government Breaches Exposed Citizens' Data: Report
https://www.bankinfosecurity.com/canadian-government-breaches-exposed-citizens-data-report-a-13739
E.研究報告
【NIST CSF導入關鍵】7步驟打造整體安全防護網,從盤點現況與成熟度評估著手
https://www.ithome.com.tw/news/133172
ChkSender郵件存證與真偽驗證
https://reurl.cc/31GzrX
Pikachu 漏洞靶場系列之 XSS
https://www.chainnews.com/zh-hant/articles/186617425715.htm
使用Burpsuite快速掃描授權漏洞
https://zhuanlan.zhihu.com/p/106927394
Apache Shiro 反序列化漏洞利用工具使用
https://www.colabug.com/2020/0215/7000605/
CVE-2019-17564:Apache dubbo HTTP協議反序列化漏洞分析
https://www.colabug.com/2020/0215/6999555/
高危進攻!黑客可利用sudo獲得root權限
https://juejin.im/entry/5e47903e51882549331ce423
[紅日安全] Web安全第3天– CSRF實戰攻防
https://www.freebuf.com/column/227295.html
[紅日安全]Web安全Day4 – SSRF實戰攻防
https://www.freebuf.com/column/227309.html
[紅日安全]Web安全Day5 – 任意文件上傳實戰攻防
https://www.freebuf.com/column/227315.html
[紅日安全]Web安全Day6 – 業務邏輯漏洞實戰攻防
https://www.freebuf.com/column/227316.html
微軟SQL Server Reporting Services遠程代碼執行漏洞安全風險通告
http://vulsee.com/archives/vulsee_2020/0216_10577.html
文件上傳漏洞學習筆記——upload-labs
https://www.jianshu.com/p/50e2e0fa4f8b
xssi漏洞案例分析+漏洞挖掘
https://xz.aliyun.com/t/7204
CVE-2020-7471 漏洞詳細分析原理以及POC (原創)
https://xz.aliyun.com/t/7218
漏洞分析丨CVE-2020-7471
https://www.colabug.com/2020/0217/7006388/
漏洞復現篇——.htaccess文件解析漏洞
https://blog.csdn.net/weixin_45728976/article/details/104363400
漏洞分析學習之cve-2010-3333
https://xz.aliyun.com/t/7230
德國研究人員發現4GLTE協議新漏洞
https://www.freebuf.com/column/227816.html
Web安全學習之SRC邏輯漏洞挖掘思路和技巧詳解
http://www.sohu.com/a/374284486_472906
危險的外圍設備:利用外設固件漏洞攻擊Windows/Linux電腦
https://www.secrss.com/articles/17240
邏輯漏洞挖掘經驗
https://www.cnblogs.com/thespace/p/12336237.html
「ファイルレス型」攻撃、企業揺さぶる 三菱電機も被害
https://www.nikkei.com/article/DGXMZO55672360U0A210C2EA2000/
不正アクセスによる個人情報と企業機密の流出可能性について(第 3 報)
http://www.mitsubishielectric.co.jp/news/2020/0212-b.pdf
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
https://www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/
Fox Kitten Campaign Widespread Iranian Espionage-Offensive Campaign
https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign-v1.pdf
TugaRecon - Subdomain Enumeration Tool
https://pentestmag.com/tugarecon-subdomain-enumeration-tool/
RED HAWK- All In One Suite For Information Gathering And Vulnerability Scanning
https://hackersonlineclub.com/red-hawk-all-in-one-suite-for-information-gathering-and-vulnerability-scanning/
ViperSoftX - New JavaScript Threat
https://www.fortinet.com/blog/threat-research/vipersoftx-new-javascript-threat.html
What Is a DDoS Attack
https://securityintelligence.com/articles/what-is-a-ddos-attack/
Cookie-nabbing app could have served users side helping of XSS
https://nakedsecurity.sophos.com/2020/02/14/cookie-nabbing-app-could-have-served-users-side-helping-of-xss/
WordPress GDPR Cookie Consent plugin fixed vulnerability.
https://blog.nintechnet.com/wordpress-gdpr-cookie-consent-plugin-fixed-vulnerability/
Updates on WordPress security, Wordfence and what we're cooking in the lab today
https://www.wordfence.com/blog/2020/02/improper-access-controls-in-gdpr-cookie-consent-plugin/
WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
https://blog.malwarebytes.com/threat-analysis/2020/01/woof-locker-stealthy-browser-locker-tech-support-scam/
JavaScript Injection Impact
https://hackersonlineclub.com/JavaScript-injection-impact/
Data Backup Strategy: Step By Step Guide for Business
https://hackonology.com/blogs/data-backup-strategy-step-by-step-guide-for-business/
Drone pentesting framework console
https://github.com/dhondta/dronesploit
Small and highly portable detection tests based on MITRE's ATT&CK.
https://github.com/timfrazier1/atomic-red-team
NETSCOUT THREAT INTELLIGENCE REPORT
https://www.netscout.com/threatreport?ls=PR-MKTG&lsd=pr-021820-5
PERILOUS PERIPHERALS: THE HIDDEN DANGERS INSIDE WINDOWS & LINUX COMPUTERS
https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/
Http-Asynchronous-Reverse-Shell
https://github.com/onSec-fr/Http-Asynchronous-Reverse-Shell
Automated Red Team Infrastructure deployement using Docker
https://github.com/khast3x/Redcloud
BlackPhish
https://github.com/iinc0gnit0/BlackPhish
2019 Cyberthreat Defense Report
https://www.imperva.com/resources/resource-library/lp/2019-cyberthreat-defense-report/
BlueKeep – Exploit Windows (RDP Vulnerability) Remotely
https://linuxsecurityblog.com/2019/10/10/bluekeep-exploit-windows-rdp-vulnerability-remotely/
Pypykatz - Mimikatz implementation in pure Python
https://hakin9.org/pypykatz-mimikatz-implementation-in-pure-python/
日本国内の組織を狙ったマルウエアLODEINFO
https://blogs.jpcert.or.jp/ja/2020/02/LODEINFO.html
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
https://github.com/Varbaek/xsser
Network traffic analysis for IR: Analyzing IoT attacks
https://securityboulevard.com/2020/02/network-traffic-analysis-for-ir-analyzing-iot-attacks/
Chinese hackers have breached online betting and gambling sites
https://www.zdnet.com/article/chinese-hackers-have-breached-online-betting-and-gambling-sites/
Uncovering DRBControl Inside the Cyberespionage Campaign Targeting Gambling Operations
https://documents.trendmicro.com/assets/white_papers/wp-uncovering-DRBcontrol.pdf
CLAMBLING - A New Backdoor Base On Dropbox (EN)
http://www.talent-jump.com/article/2020/02/17/CLAMBLING-A-New-Backdoor-Base-On-Dropbox-en/
Wi-Ploit Exploit Tool
https://hackingpassion.com/wi-ploit-wi-fi-exploit-tool/
Cybersecurity Research During the Coronavirus Outbreak and After
https://securelist.com/cybersecurity-research-during-the-coronavirus-outbreak-and-after/96275/
F.商業
Palo Alto結合容器與無伺服器防護,跨入雲端原生安全應用
https://www.ithome.com.tw/review/135656
中華資安導入Nutanix 企業雲作業系統強化企業資訊安全
https://news.sina.com.tw/article/20200218/34263264.html
5G資安風險大 美方傳擴大封堵華為 衝擊台積電
http://bit.ly/2P5hrQ7
全球遠端工作需求升 台灣微軟佈署兩大高效遠距辦公方案
http://www.ctimes.com.tw/DispNews/tw/Microsoft/%E5%BE%AE%E8%BB%9F/2002181530SL.shtml
勤業眾信:遠距工作增加資安風險,四大關鍵教你如何安心 Work From Home
https://buzzorange.com/techorange/2020/02/17/deloitte-sop/
讓指紋辨識更安全!法國公司推多手指全螢幕FoD技術 盼今年成功量產
https://cnews.com.tw/134200218a03/
全球遠端工作需求升,台灣微軟解決方案為企業把關生產力
https://www.techbang.com/posts/76284-global-demand-for-remote-work-rises-taiwans-microsoft-solutions-for-enterprises-to-control-productivity
Dell 20 億美元出售 RSA
https://reurl.cc/W4jmdZ
強化資安防護 Google Chrome 不用點擊顯示密碼即可複製貼上
https://www.inside.com.tw/article/18960-google-chrome-copy-password
前檢察官轉行當律師 國內首設測謊及數位採證
https://udn.com/news/story/7323/4358425
用APP投票選總統?微軟開源投票程式上線測試 未來可用於大選活動
https://news.sina.com.tw/article/20200220/34289312.html
Microsoft set to bring its antivirus app to iOS and Android sometime this year
https://9to5mac.com/2020/02/20/microsoft-antivirus-software-ios/
G.政府
國防部後備指揮部109年聘雇進用國軍資安鑑測題庫
https://afrc.mnd.gov.tw/AFRCWeb/NewsContent.aspx?sn=12683
108年第4季更新之資通安全專業證照清單
https://nicst.ey.gov.tw/Page/D94EC6EDE9B10E15/7ba35454-3644-4199-828d-cff2f2d077fc
隱私疑慮未解恐成「資安阿基里斯腱」 數位身分證換發倒數,台灣準備好了嗎
https://www.wealth.com.tw/home/articles/24403
【倒數 8 個月換新證件,台灣真準備好了嗎】政府一年被網攻 3.6 億次!學者憂數位身分證成「資安破口」
https://buzzorange.com/2020/02/20/the-concern-about-new-eid/
行政院技術服務中心108 年資安服務廠商評鑑結果
http://bit.ly/2Pc6jkG
71%公務員個資外洩 監察院促請銓敘部檢討
https://news.ltn.com.tw/news/politics/breakingnews/3075158
每3名公務員有2人個資外洩 監院促銓敘部檢討
https://udn.com/news/story/7314/4360450
H.工控系統/SCADA/ICS
Profinet工業通信協議漏洞影響西門子,Moxa等工業設備
https://nosec.org/home/detail/4110.html
JVNVU#95424547 三菱電機製 MELSEC C言語コントローラユニットおよび MELIPC シリーズ MI5000 における複数の脆弱性
https://jvn.jp/vu/JVNVU95424547/
趨勢科技架設仿真模擬工業環境測試駭客攻擊
https://zeekmagazine.com/archives/115956
NEC Aterm WG2600HS 操作系統命令注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5534
JVN#25766797 Aterm WF1200CR 、WG1200CR および WG2600HS における複数の OS コマンドインジェクションの脆弱性
https://jvn.jp/jp/JVN25766797/
JVN#49410695 Aterm WG2600HS における複数の脆弱性
https://jvn.jp/jp/JVN49410695/
JVNVU#95424547 三菱電機製 MELSEC C言語コントローラユニットおよび MELIPC シリーズ MI5000 における複数の脆弱性
https://jvn.jp/vu/JVNVU95424547/
What the Explosive Growth in ICS-Infrastructure Targeting Means for Security Leaders
https://securityintelligence.com/posts/what-the-explosive-growth-in-ics-infrastructure-targeting-means-for-security-leaders/
I.教育訓練
#筆記分享-金管會防制洗錢與打擊資恐專業人員測驗
https://reurl.cc/W4jNED
零基礎了解CSRF漏洞
https://zhuanlan.zhihu.com/p/107719476
INE - OSCP Security Technology Course
https://reurl.cc/4gEEgv
Cisco Internal Routing Protocols
https://packetlife.net/media/library/40/IOS_Interior_Routing_Protocols.pdf
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
物聯網資安聯合檢測中心成立,引進 UL IoT 安全評等
https://technews.tw/2020/02/14/hutoushan-innovation-hub-iot-cyber-security-center/
物聯網資安聯合檢測中心成立 引領台灣物聯網裝置接軌國際標準
https://life.taiwan368.com.tw/e_news.php?id=24784
台灣首座IoT資安檢測中心落成!從醫院、農場實測漏洞風險與潛在危害
https://www.bnext.com.tw/article/56597/tcc-iot-ul
為IoT注入資安思維:尚承科技從「晶片內部」做起,提供韌體加密與保護服務
https://meet.bnext.com.tw/articles/view/46093
特斯拉軟件被曝存漏洞,電子膠帶誘使其在限速區超速
https://www.36kr.com/p/5293553
歐盟發布 AI 白皮書!訓練數據、過程皆有規範,將如何衝擊科技產業
https://buzzorange.com/techorange/2020/02/20/european-commission-ai-white-paper/
6.近期資安活動及研討會
Certificate of Cloud Security Knowledge (CCSK) Plus 2/23 ~ 2/24
https://csacongress.org/event/csa-summit-at-rsa-conference-2020/
連網設備的資安風險與信任管理策略 2/25
https://www.caa.org.tw/coursedetail-3272.html
第19屆亞太資安論壇 2/25 ~ 2/26
https://www.informationsecurity.com.tw/Seminar/2020_Seminar/all/
Taipei 暗号通貨 (Cryptocurrency) Meetup 2/26
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcdbjc/
Android Code Club(Taipei) 2/26
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcdbjc/
區塊鏈電子郵件防詐及網路資安鑑識研討會 2/27
https://www.tca.org.tw/market_info1.php?n=2390
Thinking Thursday 第七場 2/27
https://www.meetup.com/Thinking-Thursday/events/266911452/
邊緣運算介紹與應用 & Let's AIY ( 人工智慧小聚 - Hsinchu#20200304 ) 3/4
https://www.meetup.com/AIA-Hsinchu/events/267713123/
Android Code Club(Taipei) 3/4
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbgb/
「智慧機械與資安解決方案」技術交流媒合會 3/5
https://forms.gle/ZRksvpLu1hDHUm538
Monad 細說從頭! FunTh#81 3/5
https://www.meetup.com/Functional-Thursday/events/267683150/
Android Code Club(Taipei) 3/11
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbpb/
Scala Taiwan #37 3/18
https://www.meetup.com/Scala-Taiwan-Meetup/events/267899692/
韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html
數據分析與機器學習案例實務(一)以PM2.5為例 3/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3888&from_course_list_url=course_index
Taipei 暗号通貨 (Cryptocurrency) Meetup 3/25
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcfbhc/
交通大學駭客書院 - 緩衝區溢位攻擊與預防 3/28
https://hackercollege.nctu.edu.tw/?p=1141
black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/
Kaspersky® Security Analyst Summit 4/6 ~ 4/9
https://thesascon.com/
邊緣計算系統之大數據與深度學習應用 4/10
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3883&from_course_list_url=course_index
第二屆ICANN APAC-TWNIC Engagement Forum 與第34屆TWNIC IP政策資源管理會議 4/16
https://forum.twnic.tw/2020/registration.htm
交通大學駭客書院 -入侵行為發覺與應變指南 4/18
https://hackercollege.nctu.edu.tw/?p=1144
VXCON 2020 - APAC 4/18 ~ 4/19
https://www.vxcon.hk/
2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/
Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/
亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html
交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147
2020 LINE Taiwan Developers Recruitment Day 4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/
交通大學駭客書院 - 基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151
交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156
Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/
交通大學駭客書院 - 進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159
邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index
交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161
交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164
CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/
沒有留言:
張貼留言