資安事件新聞週報 2020/2/24 ~ 2020/2/28
1.重大弱點漏洞/後門/Exploit/Zero Day
研究:7家BLE系統單晶片的SDK含有眾多安全漏洞
https://www.ithome.com.tw/news/135969
IBM QRadar Advisor With Watson 加密問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4557
Zyxel修復了NAS設備中的嚴重漏洞
https://nosec.org/home/detail/4159.html
JVNVU#97748968 複数の ZyXEL 製品に含まれる weblogin.cgi にコマンドインジェクションの脆弱性
https://jvn.jp/vu/JVNVU97748968/
多項合勤防火牆、NAS產品爆指令注入漏洞可執行任意程式碼
https://www.ithome.com.tw/news/136038
Flaw in billions of Wi-Fi devices left communications open to eavesdropping
https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/
JVNVU#94679920 Apache Tomcat の複数の脆弱性に対するアップデート
https://jvn.jp/vu/JVNVU94679920/
思科產品多個漏洞
https://tools.cisco.com/security/center/publicationListing.x
Cisco drops security fixes for Smart Software Manager, security appliances
https://www.helpnetsecurity.com/2020/02/21/cisco-security-fixes/
Cisco多款產品存在高危漏洞,均已修復
https://www.freebuf.com/column/228574.html
關於APACHE TOMCAT存在文件包含漏洞的安全公告
http://bit.ly/2TabRgv
Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation (CVE-2020-4204)
https://www.ibm.com/support/pages/node/2875875
Cisco軟件管理平台曝出默認密碼漏洞
https://nosec.org/home/detail/4143.html
因嚴重IE漏洞微軟再為已停止支持的WINDOWS 7發布安全更新
http://bit.ly/2SWEAVS
因嚴重 IE 漏洞 微軟再爲已停止支持的 Win7 發佈安全更新
https://www.chainnews.com/zh-hant/articles/602014569888.htm
建議各單位勿開啟遠端桌面協定(RDP),以避免系統遭到入侵
http://net.nthu.edu.tw/2009/mailing:announcement:20200221_01
IE記憶體毁損漏洞傳有攻擊發生,迫使微軟對Windows 7發出例外修補
https://www.ithome.com.tw/news/135970
微軟更新Azure Security Center現可偵測Linux上的無檔案攻擊
https://www.ithome.com.tw/news/135991
駭客正在掃描微軟Exchange伺服器漏洞,還沒修補的請儘快
https://www.ithome.com.tw/news/136043
D-Link DGS-1250 Header Injection
https://packetstormsecurity.com/files/156473/dlinkdgs1250-inject.txt
AVIRA Generic Malformed Container Bypass
https://packetstormsecurity.com/files/156472/TZO-19-2020.txt
Open-Xchange App Suite / Documents Server-Side Request Forgery
https://packetstormsecurity.com/files/156474/oxappsuite-ssrf.txt
通航DVR存在安全漏洞,煩請儘速確認並進行更新
http://net.nthu.edu.tw/2009/mailing:announcement:20200224_01
通航DVR - 未經授權存取維護管理介面
https://tvn.twcert.org.tw/taiwanvn/TVN-201910003
VULNERABILITIES IN VMWARE
http://bit.ly/2uoCoOK
Google系統出包緊急修復漏洞 旗下智慧家居卻當機17小時
https://cnews.com.tw/137200227a05/
Google patches Chrome zero-day under active attacks
https://www.zdnet.com/article/google-patches-chrome-zero-day-under-active-attacks/#ftag=RSSbaffb68
Google Chrome瀏覽器存在安全漏洞(CVE-2020-6407與CVE-2020-6418)
https://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1115
Google Chrome 多個漏洞
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks
https://thehackernews.com/2020/02/google-chrome-zero-day.html
Firefox enables DNS-over-HTTPS by default (with Cloudflare) for all U.S. users
https://thehackernews.com/2020/02/firefox-dns-over-https.html
New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices
https://thehackernews.com/2020/02/kr00k-wifi-encryption-flaw.html
Kr00k A serious vulnerability deep inside Wi-Fi encryption
https://www.eset.com/int/kr00k/
Kr00k漏洞讓駭客可解密Wi-Fi封包 至少10億台連網產品曝險
http://bit.ly/2T73d3H
Kr00k:允許黑客“破壞” Wi-Fi網絡的錯誤
https://zh-tw.secnews.gr/213451/kr00k%E8%87%B3sfalma-pou-epitrepei-stous-chakers-na-spasoun-diktya-wi-fi/
OpenSMTPD 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8794
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
https://www.exploit-db.com/exploits/48135
JVN#11708203 複数のリコー製プリンタおよび複合機における複数のバッファオーバーフローの脆弱性
https://jvn.jp/jp/JVN11708203/
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
資安威脅無所不在 2019年資安險投保件數明顯增
https://m.ctee.com.tw/livenews/aj/a78817002020022122395599?area=
資安險投保夯,去年增3.5倍
http://bit.ly/2PmalHc
臺德加強雙邊銀行業及保險業之跨境監理合作
http://bit.ly/2va10v6
顛覆傳統金融 金管會核准十件創新試辦業務
https://money.udn.com/money/story/5613/4364466
綁Google Pay的Paypal帳戶遭盜刷,美、德及俄國用戶遭殃
https://www.ithome.com.tw/news/135997
中華民國保險代理人商業同業公會提醒業者應注意駭客利用近期嚴重特殊傳染性肺炎疫情,透過惡意郵件、惡意程式等方式進行社交工程攻擊
http://www.ciaa.org.tw/pages/HotNewsDetail_04.aspx?PKID=20200224000007
二二八連假 金管會要求保險公司保戶服務不中斷
https://money.udn.com/money/story/5613/4371937
澳洲多家銀行與金融單位接獲 DDoS 攻擊威脅
https://www.twcert.org.tw/tw/cp-104-3401-3023a-1.html
Indian income tax agency patched a security flaw that would’ve allowed hackers to take over its site
http://bit.ly/2T0pb76
Credit Card Skimmer Found on Nine Sites, Researchers Ignored
https://www.bleepingcomputer.com/news/security/credit-card-skimmer-found-on-nine-sites-researchers-ignored/
Public warned of new banking scam targeting social media users
https://www.corkbeo.ie/news/local-news/public-warned-new-banking-scam-17798023
住信SBIネット銀行などのシステム障害 ほぼ解消
https://www3.nhk.or.jp/news/html/20200223/k10012297941000.html
黑客在PayPal的Google Pay集成中發現漏洞進行未經授權的付款
https://www.cnbeta.com/articles/tech/948363.htm
PayPal accounts are getting abused en-masse for unauthorized payments
https://www.zdnet.com/article/paypal-accounts-are-getting-abused-en-masse-for-unauthorized-payments/#ftag=RSSbaffb68
Grab raises $850M from Japanese investors to fuel financial services push
https://www.zdnet.com/article/grab-raises-850m-from-japanese-investors-to-fuel-financial-services-expansion/#ftag=RSSbaffb68
Australian banks targeted by DDoS extortionists
https://www.zdnet.com/article/australian-banks-targeted-by-ddos-extortionists/
ACSC Aware of DDoS Threats being made against Australian Organisations
https://www.cyber.gov.au/threats/acsc-aware-ddos-threats-being-made-against-australian-organisations
18 Sniffers Steal Payment Card Data from Print Store Customers
https://www.bleepingcomputer.com/news/security/18-sniffers-steal-payment-card-data-from-print-store-customers/#.XlZOfygtEVc.twitter
3.電子支付/電子票證/行動支付/ pay/新聞及資安
金管會鬆綁電支機構合作帳戶 幫民眾省手續費
http://pchome.megatime.com.tw/news/cat1/20200220/15822043937677522003.html
電支帳戶限制再鬆綁 開放信合社農業金庫
http://bit.ly/37Q9HYU
Brazil unveils instant payments platform
https://www.zdnet.com/article/brazil-unveils-instant-payments-platform/#ftag=RSSbaffb68
4.虛擬貨幣/區塊鍊相關新聞及資安
資安專欄:圖文拆解「交易挖礦始祖 FCoin」資產流向,鼎盛時期便埋下禍根
https://www.blocktempo.com/fcoin-asset-flow-history/
國家級數位貨幣實驗,瑞典央行先行計畫測試數位克朗
https://finance.technews.tw/2020/02/25/sweden-starts-testing-new-official-digital-currency/
瑞典中央銀行開始測試數位貨幣電子克朗
https://www.ithome.com.tw/news/135962
高調炫富到發文求助!一比特幣富豪 SIM 卡被駭,「13.7億」的 BTC BCH 遭竊引市場恐慌
https://m.xuite.net/blog/jodenh/jOrz/588928720
MASEx為TTChain提供擴張資金,將徹底改變數位資產交易所生態系統
http://www.businesswirechina.com/hk/news/42862.html
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
首例!「羅賓漢」勒索軟體借Gigabyte舊驅動程式「謀殺」安全軟體
http://bit.ly/39Txp7T
LokiBot 偽裝成熱門遊戲啟動器並植入可編譯的C#程式碼檔案
https://blog.trendmicro.com.tw/?p=63489
偽裝韓國公平貿易委員會的惡意垃圾郵件,夾帶勒索病毒與竊個資木馬
https://blog.trendmicro.com.tw/?p=63430
駭客發送暗藏木馬程式的疫情資訊,讓你的電腦也感染「新冠病毒」
https://buzzorange.com/techorange/2020/02/24/coronavirus-computer-version/
疫症當前混水摸魚 報告指駭客利用疫情偽裝攻擊
http://bit.ly/2w1QZ38
Check Point:Haken惡意程式成功進駐Google Play上的8款Android程式
https://www.ithome.com.tw/news/135983
小心!惡意軟體Emotet假新冠肺炎之名發動郵件攻擊
https://www.ctwant.com/article/38515
銀行木馬Emotet 再進化, 新增 Wi-Fi 散播能力
https://blog.trendmicro.com.tw/?p=63467
惡意軟體Emotet偽裝成新型冠狀病毒資訊,這些疫情連結千萬不要亂點
https://www.techbang.com/posts/76407-the-virus-is-rampant-too-malware-spread-under-the-theme-of-new-coronavirus
勢科技年度資安總評出爐 去年攔截超過6100萬次勒索病毒攻擊
https://cnews.com.tw/124200226a01/
小心你的電腦也染上「新冠病毒」!這類郵件、檔案千萬別點開
https://cnews.com.tw/137200225a05/
駭客集團勾結獲利!醫療業成勒索病毒苦主,看準受害者怕曝光心態
https://www.bnext.com.tw/article/56719/trendmicro-bec-ransomware
勒索病毒成資安主要威脅 去年逾700家醫院受害
https://newtalk.tw/news/view/2020-02-27/373151
簡單又便宜的資料竊取軟體服務大為流行,可竊取六十多種應用軟體的資料
https://www.twcert.org.tw/tw/cp-104-3398-2208a-1.html
Cybersecurity Research During the Coronavirus Outbreak and After
https://securelist.com/cybersecurity-research-during-the-coronavirus-outbreak-and-after/96275/
Microsoft Brings Defender Antivirus for Linux, Coming Soon for Android and iOS
https://thehackernews.com/2020/02/windows-defender-atp-linux-android.html
2020-02-11 - PCAP AND MALWARE FOR AN ISC DIARY (URSNIF)
https://www.malware-traffic-analysis.net/2020/02/11/index.html
2020-02-19 - TRICKBOT GTAG WECAN23 INFECTION
https://www.malware-traffic-analysis.net/2020/02/19/index.html
SMS Phishing Campaign Used to Spread Emotet: Report
https://www.bankinfosecurity.com/sms-phishing-campaign-used-to-spread-emotet-report-a-13749
Facilities Maintenance Firm Recovering From Malware Attack
https://www.bankinfosecurity.com/facilities-maintenance-firm-recovering-from-malware-attack-a-13747
ObliqueRAT linked to threat group launching attacks against government targets
https://zd.net/2up7UMB
Coronavirus now attacks the cyber world
https://www.nationalheraldindia.com/flick-past/coronavirus-now-attacks-the-cyber-world
Palestinians Targeted By ‘Gazan’ Hackers As Researchers Unearth Mysterious New Backdoor
http://bit.ly/2wIT2cT
January 2020’s Most Wanted Malware: Coronavirus-themed spam spreads malicious Emotet malware
http://bit.ly/3a2LbVZ
Palestinians Targeted By ‘Gazan’ Hackers As Researchers Unearth Mysterious New Backdoor
http://bit.ly/2wIT2cT
NEW CYBER ESPIONAGE CAMPAIGNS TARGETING PALESTINIANS - PART 1: THE SPARK CAMPAIGN
http://bit.ly/2HRxlcY
NEW CYBER ESPIONAGE CAMPAIGNS TARGETING PALESTINIANS - PART 2: THE DISCOVERY OF THE NEW, MYSTERIOUS PIEROGI BACKDOOR
http://bit.ly/3c27Za6
ATM Malware WinPotv3 showme.exe
http://bit.ly/2Vg5Od5
ATM Malware WinPotv3 555.exe
http://bit.ly/39WzfVB
DoppelPaymer Ransomware Launches Site to Post Victim's Data
https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-launches-site-to-post-victims-data/
New Mozart Malware Gets Commands, Hides Traffic Using DNS
https://www.bleepingcomputer.com/news/security/new-mozart-malware-gets-commands-hides-traffic-using-dns/
Mobile malware evolution 2019
https://securelist.com/mobile-malware-evolution-2019/96280/
Coronavirus-themed Attacks Target Global Shipping Concerns
https://www.proofpoint.com/us/corporate-blog/post/coronavirus-themed-attacks-target-global-shipping-concerns
Coronavirus-Themed Emails Deliver Malware, Phishing, Scams
https://www.securityweek.com/coronavirus-themed-emails-deliver-malware-phishing-scams
Coronavirus Fears Exploited in Phishing Attacks
https://appriver.com/resources/blog/january-2020/coronavirus-fears-exploited-phishing-attacks
Scam Of The Week: Coronavirus Phishing Attacks In The Wild
https://blog.knowbe4.com/heads-up-scam-of-the-week-coronavirus-phishing-attacks-in-the-wild
Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT
https://www.fireeye.com/blog/threat-research/2020/02/ransomware-against-machine-learning-to-disrupt-industrial-production.html
North Korea Is Recycling Mac Malware. That's Not the Worst Part
https://www.wired.com/story/malware-reuse-north-korea-lazarus-group/
Hackers Expand Their Repertoire as Trend Micro Blocks 52 Billion Threats in 2019
https://blog.trendmicro.com/hackers-expand-their-repertoire-as-trend-micro-blocks-52-billion-threats-in-2019/
Sodinokibi Ransomware May Tip NASDAQ on Attacks to Hurt Stock Prices
https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-may-tip-nasdaq-on-attacks-to-hurt-stock-prices/#.XlcgBmPbbSk.twitter
B.行動安全 / iPhone / Android /穿戴裝置 /App
「尋找我的手機」亂跳通知?台灣三星曝原因原來是
https://cnews.com.tw/137200221a03/
新冠肺炎疫情助攻宅經濟 大陸APP下載量2月大爆發
http://bit.ly/2T3u5jN
5G商用台灣7月後啟動5G商用!三大供應商各有特色
https://newtalk.tw/news/view/2020-02-23/370511
Google Play「大屠殺」下架600款軟體!大動作懲處 獵豹移動旗下程式全遭刪
https://cnews.com.tw/137200224a04/
TikTok又碰壁 美運輸局宣布禁用
http://bit.ly/2STuw1b
谷歌警告:華為新款手機用戶若加載Gmail和Youtube會有資安漏洞
https://www.cmmedia.com.tw/home/articles/20062
三星在查找手機應用程式出現烏龍推送後主動調查資料洩露
https://news.xfastest.com/samsung/76978/samsung-blasts-galaxy-phones-worldwide-with-weird-1-notification/
烏龍推播後又出包!三星證實洩漏150用戶個資 稱兩項技術錯誤無關連
https://cnews.com.tw/137200226a05/
三星官方證實,發生手機用戶個人資料洩露問題
https://news.knowing.asia/news/a92f1dac-81ca-4b89-ac71-5ec9bced415f
德媒:很多剛出廠的安卓手機就裝有後門 可監視主人
https://www.soundofhope.org/post/347938?lang=b5
Google 開始限制 Android App 於背景追蹤用戶所在地資訊
https://www.twcert.org.tw/tw/cp-104-3396-3a4dc-1.html
Google Play Store 中多個 Android 平台 VPN App 可能帶來嚴重資安風險
https://www.twcert.org.tw/tw/cp-104-3395-dfd64-1.html
提防手機公共充電站的「Juice Jacking」陷阱
https://www.hkcert.org/my_url/zh/blog/20022801
Google Bans 600 Android Apps from Play Store for Serving Disruptive Ads
https://thehackernews.com/2020/02/android-adware-apps-banned.html
Automation: Take the fast lane on the path to 5G
https://www.blueplanet.com/blog/automation-take-the-fast-lane-on-the-path-to-5G.html
Is your phone listening to you
https://www.welivesecurity.com/2020/02/24/is-your-phone-listening-to-you/
New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users
https://thehackernews.com/2020/02/lte-network-4g-vulnerability.html
Google Advises Android Developers to Encrypt App Data On Device
https://thehackernews.com/2020/02/android-app-data-encryption.html
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
資安人必看!SecBuzzer 暗網情資整理(2020 年 1、2 月號)
https://secbuzzer.co/post/173
全新駭侵攻擊手法,可繞過 AWS 伺服器上防火牆並自由進出
https://www.twcert.org.tw/tw/cp-104-3397-0e893-1.html
雲端資安,讓 IT 人員輾轉難眠的四個原因
https://blog.trendmicro.com.tw/?p=63447
另類白武士 2019 年有 7 位道德駭客賞金收入超 100 萬美元
https://hk.xfastest.com/47110/hackerone-white-hat/
資安問題當道,電商經營不可忽略的三大安全關卡
http://bit.ly/2Px97ZH
Google開發者大會聚焦AI、資安議題 不畏疫情照辦但官方表示「受理退票」
https://cnews.com.tw/137200224a02/
肺炎疫情也在網路延燒,Check Point 提醒相關資安風險
https://technews.tw/2020/02/24/check-point-warnning-covid-19-risk-at-internet/
從防疫反思網路安全策略
https://ithome.com.tw/voice/136058
PTT洩露總統秘密行程 中華電信員工遭開除
https://www.chinatimes.com/realtimenews/20200228001712-260402?ctrack=mo_main_rtime_p15&chdtv
新型數位化投票機 可靠度遭質疑
http://bit.ly/2VfchVE
上GIT 我只想知道為什麼一直斷線 駭客攻擊 一直瘋狂斷線我怎麼傳 駭客攻擊
https://memes.tw/wtf/164561
刑事局警官逮學生駭客 愛心輔導後變身資安公司CEO
https://www.ettoday.net/news/20200225/1653281.htm
NCT官推被駭客攻入!混韓圈久了,什麼世面都能見到
https://www.koreastardaily.com/tc/news/124520
連駭客都生氣!國外企業不理會網站漏洞提醒 駭客獲悉乾脆寄信警告消費者
https://www.ettoday.net/news/20200224/1653023.htm
60萬人粉專遭駭「狂發A片」! 9年心血被毀…施菲亞搶不回崩潰:世上還有公理嗎
https://star.ettoday.net/news/1651778
辣模臉書遭駭「狂發A片」 慘淪色情頁面崩潰了
https://ent.ltn.com.tw/news/breakingnews/3077356
駭客入侵太多次!智慧門鈴災情頻傳 宣布強制用戶啟動雙重認證機制
https://cnews.com.tw/137200222a02/
企業防疫應變新思維 遠距工作資安監控零死角
http://www.ctimes.com.tw/DispNews/tw/2002210759RM.shtml
中國政府的「另類防疫」:組織網軍,刪除網路上的負面疫情消息
https://buzzorange.com/techorange/2020/02/26/coronavirus-cyber-army/
美國關切:台灣敏感技術遭中國買走或盜走 中資滲透還有很多法制漏洞
https://www.cmmedia.com.tw/home/articles/20055
美國防部要求承包商須具備網路安全認證
https://www.isda.org.tw/2020/02/7496776930d1f7fc03aaf5e8f69764d5/
美英指責俄羅斯駭客大舉攻擊喬治亞
https://ithome.com.tw/news/135956
美國白宮對華為限制措施仍未定案 有官員形容華為像「黑手黨」
https://news.cnyes.com/news/id/4446233
澳情報官:外國間諜威脅前所未有 程度超冷戰
https://www.epochtimes.com/b5/20/2/24/n11892672.htm
澳情報機構示警:新納粹崛起、間諜活動超越冷戰
https://news.ltn.com.tw/news/world/breakingnews/3079026
澳洲破獲重要間諜網 潛伏特工祕密活動多年
https://www.epochtimes.com/b5/20/2/25/n11893839.htm
從美國起訴中國網軍看戰略支援部隊
http://bit.ly/2VuBUBL
Home Affairs pushes back against encryption law proposals
https://www.zdnet.com/article/home-affairs-pushes-back-against-encryption-law-proposals/#ftag=RSSbaffb68
FBI recommends passphrases over password complexity
https://www.zdnet.com/article/fbi-recommends-passphrases-over-password-complexity/#ftag=RSSbaffb68
Municipal Cyberattacks Put Us All at Risk: What Can We Learn From Previous Attacks
https://securityintelligence.com/articles/municipal-cyberattacks-put-us-all-at-risk-what-can-we-learn-from-previous-attacks/
US, UK Blame Russia for Cyberattack in Country of Georgia
https://www.bankinfosecurity.com/us-uk-blame-russia-for-cyberattack-in-country-georgia-a-13748
Symantec Security Summary
https://www.symantec.com/blogs/feature-stories/symantec-security-summary
Cyber attack on PM’s office, state bodies attributed to foreign spies
http://bit.ly/32sZ7WK
FBI Makes Arrest in DDoS Attack on Candidate's Website
https://www.bankinfosecurity.com/fbi-makes-arrest-in-ddos-attack-on-candidates-website-a-13754
FBI
https://www.documentcloud.org/documents/6782920-USA-v-Dam.html
Gamaredon APT Improves Toolset to Target Ukraine Government, Military
https://threatpost.com/gamaredon-apt-toolset-ukraine/152568/
R0000275:【2020 趨勢科技全年實習】軟體核心研發 (資安威脅研究/機器學習/雲端架構/系統設計與開發類)
https://m.104.com.tw/job/6vpgy
網路資安工程師
https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?EMPLOYER_ID=867460&HIRE_ID=9562643
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
美國國防部所屬單位遭駭,相關人員之個人資訊被竊
https://www.twcert.org.tw/tw/cp-104-3402-5b79e-1.html
駭客如何通過電匯詐騙在三天內盜走了45萬美元
https://on.wsj.com/32qd1cc
擁有190萬追蹤的電玩直播頻道遭駭,進行比特幣詐騙斬獲24,000 美元
https://www.blocktempo.com/youtube-channel-neebs-got-hacked/
知名 YouTube 電玩直播頻道被盜,用以進行加密貨幣詐騙
https://www.twcert.org.tw/tw/cp-104-3382-e0dd6-1.html
MGM飯店超過千萬名住客資料被洩露到駭客論壇
https://www.ithome.com.tw/news/135944
小賈斯丁也遭殃!美國 MGM 飯店爆大規模資料外洩
https://www.inside.com.tw/article/19001-us-mgm-resorts-intl-cyber-leak
米高梅酒店千萬賓客個資遇駭 受害者包括政商名流
https://udn.com/news/story/6813/4360915
美國防部通訊IT單位去年員工個資疑遭外洩
https://www.ithome.com.tw/news/135945
負責總統通訊安全機構也被駭 20萬人受影響
https://udn.com/news/story/6813/4360916
少女為衝高點閱率 竟散布疫情假訊息
https://tw.news.appledaily.com/local/20200221/DLU2LS3VEZ4S2A7PXTKPNKC3MU/
控粉絲外流「肉包包」性愛片 直播主判賠15萬
https://tw.news.appledaily.com/local/20200221/WRSNBV2WJDS2XESRYJ7PVETZFQ/
打擊不實資訊要全社會參與!AIT辦科技挑戰賽 台灣「防詐達人」抱回逾520萬獎金
https://www.storm.mg/article/2315286
對抗假訊息 酈英傑:須社會共同參與
https://news.ltn.com.tw/news/politics/paper/1353530
詐團駭客耍疫招,騙錢騙個資
http://bit.ly/2HJL8lN
帳號密碼太簡單容易破解,太難又記不住怎麼辦?五個方法幫助你保管所有密碼
https://www.storm.mg/lifestyle/2322495
FBI:以長密詞取代密碼、不應設定密碼變更期間或次數上限
https://ithome.com.tw/news/135993
企業郵件詐騙連刑事局也頭痛!區塊鏈新創推防詐工具,一鍵讓駭客現形
https://www.bnext.com.tw/article/56731/blockchainsecurity-bec-cybersecurity
維護用戶資安優先!蘋果宣布限制網站安全憑證效期縮至398天
https://news.sina.com.tw/article/20200227/34359678.html
美臉部辨識新創「Clearview AI」遇駭 全部客戶名單遭竊
https://news.ltn.com.tw/news/world/breakingnews/3082551
LINE官方3招防詐騙 教用戶辨識「釣魚網站」
https://www.ettoday.net/news/20200227/1655321.htm
全面資訊一手掌握:網路防護、網路陷阱,做個數位公民
http://bit.ly/3abppiM
推特疫情謠言滿天飛 查核中心揭殭屍帳號6特點
https://news.ltn.com.tw/news/life/breakingnews/3082528
數據分析公司不當取得用戶個資 臉書提聯邦訴訟
https://www.cna.com.tw/news/aopl/202002280106.aspx
以色列選舉系統漏洞導致選民資料外洩
https://www.nccst.nat.gov.tw/NewsRSSDetail?lang=zh&RSSType=news&seq=16356
設定不當的 AWS S3 儲存貯體,外洩 36,000 筆受刑人紀錄
https://blog.trendmicro.com.tw/?p=63464
Financial and Customer Info being Exposed in Slickwraps Data Breach
https://www.ehackingnews.com/2020/02/financial-and-customer-info-being.html
New Mexico Sues Google for Mining Children's Data
https://www.bleepingcomputer.com/news/legal/new-mexico-sues-google-for-mining-childrens-data/
Defense Department Agency Reports Data Breach
https://www.bankinfosecurity.com/defense-department-agency-reports-data-breach-a-13750
Hackers Gain Access to Sensitive Data; Release Veterans’ Stolen Data Related To PTSD Claims
https://www.ehackingnews.com/2020/02/hackers-gain-access-to-sensitive-data.html
BEC Group Favors G-Suite, Physical Checks: Report
https://www.bankinfosecurity.com/bec-group-favors-g-suite-physical-checks-report-a-13755
Exaggerated Lion
https://www.agari.com/cyber-intelligence-research/whitepapers/acid-agari-exaggerated-lion.pdf
Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing
https://thehackernews.com/2020/02/spear-phishing-cybersecurity.html
WhatsApp and Telegram Group Links Leaked Online
https://www.ehackingnews.com/2020/02/whatsapp-and-telegram-group-links.html?utm_source=dlvr.it&utm_medium=twitter
E.研究報告
每次登入 Windows Server 2019 都出現關機事件追蹤器(Shutdown Event Tracker)
https://dotblogs.com.tw/supershowwei/2020/02/17/110128
(MINILSM)忍!project-scott MiniLSM被暴露出現0day突破,你還敢用嗎
https://github.com/ICEYSELF/project-scott/issues/24
個案分析-勒索病毒Mailto分析報告_10902
https://cert.tanet.edu.tw/prog/opendoc.php?id=2020022610024747648378775106244.pdf
Tomcat AJP協議漏洞分析與利用
https://zhuanlan.zhihu.com/p/108410246
GPAC空指針解引用漏洞
https://github.com/gpac/gpac/commit/c7e46e948ebe2d4a532539c7e714cdf655b84521
GhostCat-從源代碼比對到漏洞利用
https://www.colabug.com/2020/0223/7031283/
如何實時查看MISP實例的威脅情報信息
https://www.freebuf.com/articles/network/226685.html
個人技術站一把罩!部落格建置大全(二)- 將 Github Page 串上自己的域名
http://bit.ly/2HR8GFa
手動標註標籤即將成為過去式
http://bit.ly/2w47efY
Firefox漏洞利用研究(一)
https://www.freebuf.com/vuls/226853.html
淺談XSS漏洞
https://blog.csdn.net/weixin_45589086/article/details/104495548
CVE-2020-0618復現及分析
https://bbs.pediy.com/thread-257827.htm
Weblogic漏洞搭建與復現:CVE-2017-10271
https://cloud.tencent.com/developer/article/1590638
Day5 - 做一個與 LINE Notify 連動的服務
http://bit.ly/39ZsqCF
LINE Notify + Flask 的範例專案
https://github.com/louis70109/flask-line-notify
從零開始在 Windows 使用 Node.js 打造專屬於你的 LINE Bot 聊天機器人
http://bit.ly/2w4Of4Y
PENTESTER’S WINDOWS NTFS TRICKS COLLECTION
https://sec-consult.com/en/blog/2018/06/pentesters-windows-ntfs-tricks-collection/
Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019
https://github.com/redcanaryco/wwhf
Exploiting Routers With Routersploit
https://linuxsecurityblog.com/2019/09/26/exploiting-routers-with-routersploit/
An Overview of Cryptography
https://www.garykessler.net/library/crypto.html
hammerhead-lineageos
https://sourceforge.net/projects/hammerhead-lineageos/
How Microsoft 365’s new solution uses machine learning to stop data leaks and insider attacks
https://blogs.microsoft.com/ai/insider-risk-management-microsoft-365/
Sharepoint RCE
https://www.inputzero.io/2020/02/sharepoint-rce.html
Hacking AWS Cognito Misconfigurations
https://www.notsosecure.com/hacking-aws-cognito-misconfigurations/
NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell
https://github.com/tegal1337/NekoBotV1
All in one subdomain and vulnerability scanner
https://github.com/theamanrawat/voobar
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
https://github.com/swisskyrepo/PayloadsAllTheThings
Diamorphine Rootkit Signal Privilege Escalation
https://packetstormsecurity.com/files/156462/diamorphine_rootkit_signal_priv_esc.rb.txt
DECRYPTTEAMVIEWER : DECRYPT TEAMVIEWER CREDENTIALS FROM WINDOWS REGISTRY
https://www.easyhack.in/2020/02/23/decryptteamviewer-decrypt-teamviewer-credentials-from-windows-registry/
Escalate Yourself on Windows Platform
https://medium.com/@liau.weijie/escalate-yourself-on-windows-platform-885acd2a51ce
YET ANOTHER SOAR DESIGN
https://www.peerlyst.com/posts/yet-another-soar-design-can-topay
How to Brute Force FTP Servers in Python
https://www.thepythoncode.com/article/brute-force-attack-ftp-servers-using-ftplib-in-python
A Network Enumeration and Attack Toolset
https://github.com/m8r0wn/ActiveReign
SQLi Without Quotes
https://web.archive.org/web/20180920195115/https://eternalnoobs.com/sqli-without-quotes/
AngularJS Client Side Template Injection (XSS)
http://ghostlulz.com/angularjs-client-side-template-injection-xss/
Introduction To Modern Routing For Red Team Infrastructure - using Traefik, Metasploit, Covenant and Docker
https://khast3x.club/posts/2020-02-14-Intro-Modern-Routing-Traefik-Metasploit-Docker/
Blue Eye a python Recon Tookit script
https://hackingpassion.com/blue-eye-a-python-recon-toolkit/
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage
https://github.com/lanjelot/patator
xerosploit
https://github.com/PleXone2019/
Cacti v1.2.8 authenticated Remote Code Execution (CVE-2020-8813)
https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/
Chirp of the PoisonFrog
https://ironnet.com/blog/chirp-of-the-poisonfrog/
Automated pentest framework for offensive security experts
https://github.com/1N3/Sn1per
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process
https://github.com/superhedgy/AttackSurfaceMapper
SQL Injection Cheat Sheet
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Exploiting Jira for Host Discovery
https://medium.com/tenable-techblog/exploiting-jira-for-host-discovery-43be3cddf023
Create a Persistent Back Door with Kali, Netcat and Weevely
https://linuxsecurityblog.com/2018/09/13/create-a-persistent-back-door-with-kali-netcat-and-weevely/
Legion - open source network penetration testing tool
https://hakin9.org/legion-open-source-network-penetration-testing-tool/
Windows 10 Privacy Guide: Settings Everyone Should Use
https://www.bleepingcomputer.com/news/microsoft/windows-10-privacy-guide-settings-everyone-should-use/
Nexus - Just another stealer
https://fr3d.hk/blog/nexus-just-another-stealer
PyFuscation
https://github.com/CBHue/PyFuscation
A ransomware developed in python, with bypass technics, for educational purposes
https://github.com/ReddyyZ/DeathRansom
Bramble is a hacking Open source suite
https://github.com/marcrowProject/Bramble
Router Analysis Part 1: UART Discovery and SPI Flash Extraction
https://wrongbaud.github.io/router-teardown/
Jaeles - The Swiss Army knife for automated Web Application Testing
https://hakin9.org/jaeles-the-swiss-army-knife-for-automated-web-application-testing/
Cutting Google out of your life (2019)
https://github.com/tycrek/degoogle
AMSI_Handler
https://github.com/two06/AMSI_Handler
7 Tools For Malicious Document Creation
https://bestestredteam.com/2019/03/19/7-tools-for-malicious-document-creation/
Handling Errors in ASP .NET Core 3.1
https://wakeupandcode.com/handling-errors-in-asp-net-core-3-1/
Python django postgresql An new vulnerability has been found in django’s postgresql module
https://blog.firosolutions.com/exploits/python-django-vulnerability-2020/
7 Tips To Keep Windows 7 Secure After End Of Life
https://hackersonlineclub.com/7-tips-to-keep-windows-7-secure-after-end-of-life/
5 Practical Scenarios for XSS Attacks
https://pentest-tools.com/blog/xss-attacks-practical-scenarios/
How to Make Flash Drive That Copy's Users Files Silently and Automatically
https://www.instructables.com/id/How-to-make-flash-drive-that-copys-users-files-si/
SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps
http://bit.ly/3c5ymMa
Web Application Exploits and Defenses
https://google-gruyere.appspot.com/
Awesome Shodan Search Queries
https://github.com/jakejarvis/awesome-shodan-queries
PivotSuite: Hack The Hidden Network – A Network Pivoting Toolkit
https://hackersonlineclub.com/pivotsuite-hack-the-hidden-network/
Insecure Direct Object Reference (IDOR) — Web-based Application Security, Part 6
https://securityboulevard.com/2020/02/insecure-direct-object-reference-idor-web-based-application-security-part-6/
Use CVE-2020-0668 to perform an arbitrary privileged file move operation
https://github.com/RedCursorSecurityConsulting/CVE-2020-0668
OpenDXL Ontology project
https://github.com/opencybersecurityalliance/opendxl-ontology
Trying to unmask the fake Microsoft support scammers
https://securelist.com/trying-to-unmask-the-fake-microsoft-support-scammers-17/33734/#comment-3020138
Keyloggers: How they work and how to detect them (Part 1)
https://securelist.com/keyloggers-how-they-work-and-how-to-detect-them-part-1/36138/#comment-3019332
Keyloggers: Implementing keyloggers in Windows. Part Two
https://securelist.com/keyloggers-implementing-keyloggers-in-windows-part-two/36358/
Smartphone shopaholic
https://securelist.com/smartphone-shopaholic/95544/#comment-2990139
Congratulations, you’ve won! The reality behind online lotteries
https://securelist.com/congratulations-youve-won-the-reality-behind-online-lotteries/36450/#comment-2988693
Scammers’ delivery service: exclusively dangerous
https://securelist.com/scammers-delivery-service-exclusively-dangerous/66515/#comment-2987776
How I hacked my smart bracelet
https://securelist.com/how-i-hacked-my-smart-bracelet/69369/#comment-2999297
Dumping Firmware With the CH341a Programmer | by Rick Wisser
https://hakin9.org/dumping-firmware-with-the-ch341a-programmer-by-rick-wisser/
(Ab)using bash-fu to analyze recent Aggah sample
https://blog.malwarelab.pl/posts/basfu_aggah/
A post-exploitation powershell tool for extracting juicy info from memory
https://github.com/putterpanda/mimikittenz
F.商業
紅帽OS整合雲端分析與自動管理,強化企業工作負載支援
https://www.ithome.com.tw/review/134119
施宣輝專訪(一)/安碁資訊進化 打資安國際盃
https://money.udn.com/money/story/5649/4365672
施宣輝專訪(二)/CEO賽車手 眼光放遠
https://money.udn.com/money/story/5649/4365675
疫情延燒,研調:資安電信等 5 大領域增溫
http://technews.tw/2020/02/25/covid-19-rise-5-industries-up/
思科發佈全新雲端平台SecureX ,簡化資安防護並降低複雜性
http://www.compotechasia.com/a/press/2020/0225/44058.html
Google Cloud釋出Chronicle威脅偵測、企業版reCAPTCHA
https://ithome.com.tw/news/135992
RSA大會2020創新沙盒冠軍出爐,SECURITI.ai新創聚焦隱私合規
https://www.ithome.com.tw/news/136002
IBM、McAfee發起的開放網路安全聯盟OCA,釋出資安產品共通語言框架
https://ithome.com.tw/news/136014
醫療資訊應用升級窒礙 資安策略或成解方
https://www.digitimes.com.tw/iot/article.asp?cat=158&id=0000579412_PCO3EOHD29MDOF1Y5FFO0
BEC防詐 從事前防禦到事後調查完整解決方案
https://money.udn.com/money/story/5640/4375576
電子郵件詐騙頻傳 台灣區塊鏈新創研發獨步全球解決方案
https://www.rti.org.tw/news/view/id/2053259
區塊科技推出可做電子郵件檢查、加密與存證以防範釣魚詐騙的ChkSender
http://bit.ly/2I5Ghvq
McAfee買下瀏覽器隔離技術開發商Light Point Security
https://ithome.com.tw/news/136028
Symantec Participates in Latest MITRE ATT&CK® Evaluation
https://www.symantec.com/blogs/expert-perspectives/symantec-participates-latest-mitre-attckr-evaluation
F5 brings WAF app protection to the NGINX platform
https://www.zdnet.com/article/f5-brings-waf-app-protection-to-the-nginx-platform/#ftag=RSSbaffb68
Cisco unveils SecureX cloud platform for improved security visibility
https://www.zdnet.com/article/cisco-unveils-securex-cloud-platform-for-improved-security-visibility/#ftag=RSSbaffb68
Redefining Security Orchestration and Automation with Cortex XSOAR
https://blog.paloaltonetworks.com/2020/02/cortex-xsoar/
The Cortex XSOAR Ecosystem is Exploding with Partner-Owned Integrations
https://blog.paloaltonetworks.com/2020/02/cortex-xsoar-ecosystem/
How to Use a Firewall for Network Traffic Analysis and Behavioral Detection
https://blog.paloaltonetworks.com/2020/02/cortex-network-traffic-analysis/
Gmail Is Catching More Malicious Attachments With Deep Learning
https://www.wired.com/story/gmail-catching-more-malicious-attachments-deep-learning/
Using the FortiGuard Labs Threat Landscape Report to Defend Against Evolving Cybercrime
https://www.fortinet.com/blog/threat-research/using-the-fortiguard-labs-threat-landscape-report-to-defend-against-evolving-cybercrime.html
Exploitation Framework for Embedded Devices
https://github.com/threat9/routersploit
攻撃グループBlackTech が使用するLinux用マルウエア (ELF_TSCookie)
https://blogs.jpcert.or.jp/ja/2020/02/elf_tscookie.html
G.政府
謹言慎行保密 嚴守資安防駭
https://www.ydn.com.tw/News/373869
Linker Networks臺南辦公室正式揭牌
https://www.chinatimes.com/realtimenews/20200224003230-260410?chdtv
台灣全新「數位身分證」真的要啟動了?超便民5大亮點整理,綁定手機、加密個資還有一堆小細節
https://www.elle.com/tw/life/tech/a31126570/digital-identity-card/
全球第21大超級電腦助攻,國網中心要當產學界AI推手
https://www.ithome.com.tw/people/135989
H.工控系統/SCADA/ICS
Vulnerability Spotlight: Multiple vulnerabilities in Moxa AWK-3131A
https://blog.talosintelligence.com/2020/02/vuln-spotlight-moxa-awk-feb-2020.html
Moxa MGate 5105-MB-EIP firmware Vulnerability
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-8858
Moxa PT-7528和PT-7828 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6983
思科發現Moxa工業設備中的十二個高危漏洞
https://nosec.org/home/detail/4152.html
JVN#25766797 Aterm WF1200CR 、WG1200CR および WG2600HS における複数の OS コマンドインジェクションの脆弱性
https://jvn.jp/jp/JVN25766797/
I.教育訓練
SQL Murder Mystery
https://mystery.knightlab.com/walkthrough.html
Network Address Translation
https://packetlife.net/media/library/32/NAT.pdf
Physical Treminations
https://packetlife.net/media/library/22/physical_terminations.pdf
Wireshark Commands Cheatsheet
https://hackersonlineclub.com/wireshark-commands-cheatsheet/
Hack The Box: Zetta
https://gr4n173.github.io/2020/02/22/htb-zetta.html
HackTheBox Writeup — Zetta
https://medium.com/@hussaini.faisal/hackthebox-writeup-zetta-d236212776fc
Peerlyst Community eBook: 32 Influential Malware Research Professionals
https://www.peerlyst.com/posts/peerlyst-community-ebook-32-influential-malware-research-professionals-peerlyst
How to become a Cloud Security Expert
https://www.peerlyst.com/posts/how-to-become-a-cloud-security-expert-guy-bertrand-kamga
Nebula – fake your echo (level01) – walkthrough
https://www.peerlyst.com/posts/nebula-fake-your-echo-level01-walkthrough-prasanna-v-balaji
Beginner’s Guide to Pentesting IoT Architecture/Network and Setting Up IoT Pentesting Lab
http://bit.ly/2VfWfL6
Introduction to Ethical Hacking and Penetration Testing
https://www.peerlyst.com/posts/introduction-to-ethical-hacking-and-penetration-testing-1-chiheb-chebbi
Cybersecurity Research Topic Guidelines
https://www.theweborion.com/blog/cybersecurity-research-topic-guidelines/
Open Source Data Protection/Privacy Regulatory Mapping Project
https://github.com/microsoft/data-protection-mapping-project
IT to Red Team: How to Make the Jump
https://www.peerlyst.com/posts/it-to-red-team-how-to-make-the-jump-matt-george
HOW TO PREPARE FOR THE ECSA EXAM
https://blog.eccouncil.org/how-to-prepare-for-the-ecsa-exam/
29 Practical Examples of Nmap Commands for Linux System/Network Administrators
https://www.tecmint.com/nmap-command-examples/
How to bypass Machine Learning Malware Detectors with Generative adversarial Networks
http://bit.ly/38XmYAd
Computer Forensics: A Method to Recover Data from MySQL Database by Utilizing Binlog
http://bit.ly/2uskPNP
Hacking Tools with Python: Part 1
https://resources.infosecinstitute.com/writing-hacking-tools-with-python-part-1/
Hacking Tools with Python: Part 2
https://resources.infosecinstitute.com/hacking-tools-with-python-part-2/#article
ABD - Course Materials For Advanced Binary Deobfuscation
https://www.kitploit.com/2020/02/abd-course-materials-for-advanced.html
Antivirus fundamentals: Viruses, signatures, disinfection
https://www.kaspersky.co.uk/blog/signature-virus-disinfection/7799/
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
IoT and connected devices: The best thing to happen to home automation, or a frustrating mess
https://zd.net/37WYHZv
Gold-nuggeting: Machine learning tool simplifies target discovery for pen testers
https://portswigger.net/daily-swig/gold-nuggeting-machine-learning-tool-simplifies-target-discovery-for-pen-testers
Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/model-hacking-adas-to-pave-safer-roads-for-autonomous-vehicles/
意法STM32L5首款 兼具低功耗與資安的IoT微控制器
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=13&cat=10&id=0000579079_ZFUL96FB8L2B7I8X33GI8
Nation's youngest engineers further Army drone ambitions
https://www.zdnet.com/article/nations-youngest-engineers-to-further-army-drone-ambitions/#ftag=RSSbaffb68
6.近期資安活動及研討會
Coffee & Code 3/1
https://www.meetup.com/Innovate-Taiwan/events/268999350/
WizardAmigos CodeCamp [Taipei,JavaScript,English] 3/2
https://www.meetup.com/WizardAmigos/events/vdttmrybcfbdb/
邊緣運算介紹與應用 & Let's AIY ( 人工智慧小聚 - Hsinchu#20200304 ) 3/4
https://www.meetup.com/AIA-Hsinchu/events/267713123/
Android Code Club(Taipei) 3/4
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbgb/
#28 Azure Machine Learning - 圖形化介面的免費 Studio 與付費的 Designer 之差異 3/4
https://www.meetup.com/Azure-Taiwan/events/268794485/
台北以太坊社群月聚 Monthly Taipei Ethereum Meetup 3/5
https://www.meetup.com/Taipei-Ethereum-Meetup/events/269000957/
「智慧機械與資安解決方案」技術交流媒合會 3/5
https://forms.gle/ZRksvpLu1hDHUm538
Monad 細說從頭! FunTh#81 3/5
https://www.meetup.com/Functional-Thursday/events/267683150/
Multi-threaded programming in Python 3/11
https://www.meetup.com/pythonhug/events/268925062/
Android Code Club(Taipei) 3/11
https://www.meetup.com/Taiwan-Android-Developer-Study-Group/events/bkzcmrybcfbpb/
GDG Hsinchu #05 - 如何應用ok Google結合物聯網打造智慧生活 3/12
https://www.meetup.com/GDG-Hsinchu/events/268976601/
人工智慧小聚 - 新竹 ◤從 RNN 到 Attention,自然語言處理的前世今生◢ ◤字型生成經驗分享◢ 3/18
https://www.meetup.com/AIA-Hsinchu/events/268649939/
Scala Taiwan #37 3/18
https://www.meetup.com/Scala-Taiwan-Meetup/events/267899692/
韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html
Taipei.py 2020 三月聚會 (March Monthly Meeting) 3/19
https://www.meetup.com/Taipei-py/events/268681120/
Study Group - Clean Coder 3/19
https://www.meetup.com/Women-Who-Code-Taipei/events/jlmfprybcfbzb/
數據分析與機器學習案例實務(一)以PM2.5為例 3/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3888&from_course_list_url=course_index
Taipei 暗号通貨 (Cryptocurrency) Meetup 3/25
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcfbhc/
Thinking Thursday 第七場 3/26
https://www.meetup.com/Thinking-Thursday/events/266911452/
Flutter Taipei 2020 暖開幕 | Warm Up Party 3/27
https://www.meetup.com/Flutter-Taipei/events/269033933/
交通大學駭客書院 - 緩衝區溢位攻擊與預防 3/28
https://hackercollege.nctu.edu.tw/?p=1141
black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/
Kaspersky® Security Analyst Summit 4/6 ~ 4/9
https://thesascon.com/
QGIS地理資訊研習班 4/8 ~ 4/9
https://www.accupass.com/event/2002120936323517290110
邊緣計算系統之大數據與深度學習應用 4/10
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3883&from_course_list_url=course_index
第二屆ICANN APAC-TWNIC Engagement Forum 與第34屆TWNIC IP政策資源管理會議 4/16
https://forum.twnic.tw/2020/registration.htm
交通大學駭客書院 -入侵行為發覺與應變指南 4/18
https://hackercollege.nctu.edu.tw/?p=1144
VXCON 2020 - APAC 4/18 ~ 4/19
https://www.vxcon.hk/
2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/
Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/
亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html
交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147
2020 LINE Taiwan Developers Recruitment Day 4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/
交通大學駭客書院 - 基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151
交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156
Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/
交通大學駭客書院 - 進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159
邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index
交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161
交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164
CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/
沒有留言:
張貼留言