資安事件新聞週報 2020/3/9 ~ 2020/3/13
1.重大弱點漏洞/後門/Exploit/Zero Day
中華資安國際金融安全評估團隊發現國內知名跨平台數位簽章軟體具有不安全的API
https://www.chtsecurity.com/news/136c325b-14de-42da-9050-843dfed42c94
中華資安國際鑑識實驗室發現國內知名數位監控設備弱點
https://www.chtsecurity.com/news/3639232a-0453-43c5-8651-dc593aa41fef
防毒軟體Avast又攤上麻煩158元一年的高級功能爆出安全漏洞
https://www.cnbeta.com/articles/tech/953767.htm
Avast出現設計漏洞可能讓駭客遠端執行惡意程式
https://tag.analysis.tw/news/ithome/21678/
Avast disables the JavaScript engine component due to a severe issue
https://securityaffairs.co/wordpress/99410/hacking/avast-javascript-engine-bug.html
Fortinet FortiManager 安全漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16158
Google Chrome 2月才加入的密碼及cookie加密技術,已經被竊密軟體突破
https://ithome.com.tw/news/136282
Oracle Coherence&WebLogic反序列化遠程代碼執行漏洞風險通告(CVE-2020-2555)
https://s.tencent.com/research/bsafe/906.html
Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers
https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html
Nitro Software Nitro Pro 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10222
研究人員發現2011年到2019年的AMD處理器皆存在旁路攻擊漏洞
https://www.ithome.com.tw/news/136231
AMD官方回應Take A Way漏洞:相信這些並非新型攻擊
http://bit.ly/2IJdZY0
9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks
https://thehackernews.com/2020/03/amd-processors-vulnerability.html
推土機、Zen架構被曝全都有安全漏洞!AMD官方回應
https://kknews.cc/digital/m98g852.html
近年出品之 Intel 處理器,內含難以修復的資安漏洞
https://www.twcert.org.tw/tw/cp-104-3424-92e17-1.html
Positive Technologies:Intel晶片組含有一個允許駭客竊取機密資訊且無法修補的安全漏洞
https://www.ithome.com.tw/news/136204
Flaw impacts most new Intel chipsets
https://www.scmagazine.com/home/security-news/vulnerabilities/intel-flaw-impacts-most-new-intel-chipsets/
CVE-2019-0090
https://nvd.nist.gov/vuln/detail/CVE-2019-0090
處理器漏洞爆不完!英特爾 SGX 平台再曝連安全區資料也可能外洩的新漏洞
http://technews.tw/2020/03/11/intel-sgx-is-vulnerable-to-an-unfixable-flaw-that-can-steal-crypto-keys-and-more/
K59145983: Intel CSME and SPS vulnerability CVE-2019-0090
https://support.f5.com/csp/article/K59145983
Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html
Intel CSME bug is worse than previously thought
https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought/#ftag=RSSbaffb68
CVE-2019-0090 flaw affects Intel Chips released in the last 5 years
https://securityaffairs.co/wordpress/99120/hacking/intel-cve-2019-0090-flaw.html
This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years
https://thehackernews.com/2020/03/intel-csme-vulnerability.html
聯發科64位元晶片爆出「通用漏洞」上百萬台手機、平板都能被駭客輕易取得完整權限
https://www.insoler.com/forum/topic/15834510269063.htm
聯發科晶片爆漏洞 提供修補
http://bit.ly/32Xemax
D-Link DWL-2600AP 操作系統命令注入漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20499
TestLink 安全漏洞 CVE-2019-20107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20107
Red Software PDFescape Desktop 代碼問題漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9418
WPForms 聯絡表單跨站點腳本(XSS)漏洞的攻擊(2020 年 3 月 5 日)
https://ithelp.ithome.com.tw/articles/10230287
CVE-2020-5405:Spring-cloud-config-server路徑遍歷漏洞警報
https://pivotal.io/security/cve-2020-5405
CKFinder代碼問題漏洞
https://ckeditor.com/blog/CKFinder-3.5.1-and-CKFinder-2.6.3-released/
CloudBees Jenkins Script Security Plugin輸入驗證錯誤漏洞
http://products.enorth.com.cn/bfnrglxt/index.shtml
新的Linux漏洞使攻擊者可以劫持VPN連接
http://blog.itpub.net/31365439/viewspace-2678933/
SRC-2020-0011 : ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution
https://srcincite.io/advisories/src-2020-0011/
微軟發佈03月份安全性公告
https://support.microsoft.com/en-us/help/20200310/security-update-deployment-information-march-10-2020
微軟修補115個安全漏洞,有26個被列為重大風險
https://www.ithome.com.tw/news/136285
Microsoft Issues March 2020 Updates to Patch 115 Security Flaws
https://thehackernews.com/2020/03/microsoft-patch-tuesday-march-2020.html
Microsoft Exchange Server 存在安全性弱點
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688
微軟Exchange伺服器存在安全漏洞(CVE-2020-0688),允許攻擊者遠端執行任意程式碼
http://net.nthu.edu.tw/2009/mailing:announcement:20200309_01
Windows 10 KB4535996 Update Issues: Crashes, Slowdowns, Audio, More
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4535996-update-issues-crashes-slowdowns-audio-more/
Windows 10 本次更新將解決預裝應用程式的安全漏洞
https://news.xfastest.com/windows/77598/windows-10-update-sloved-exploit/
Microsoft Leaks Info on Wormable Windows SMBv3 CVE-2020-0796 Flaw
https://www.bleepingcomputer.com/news/security/microsoft-leaks-info-on-wormable-windows-smbv3-cve-2020-0796-flaw/
Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
https://blog.talosintelligence.com/2020/03/microsoft-patch-tuesday-march-2020.html
Vulnerability Spotlight: Information disclosure in Windows 10 Kernel
https://blog.talosintelligence.com/2020/03/vuln-spotlight-windows-10-kernel-information-disclosure.html
CVE-2020-0796 Memory Corruption Vulnerability in Windows 10 SMB Server
https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html
March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes
https://newsroom.trendmicro.com/blog/security-intelligence/march-patch-tuesday-lnk-microsoft-word-vulnerabilities-get-fixes-0
Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed
https://thehackernews.com/2020/03/smbv3-wormable-vulnerability.html
MISP存在未明漏洞
https://github.com/MISP/MISP/commit/3d982d92fd26584115c01f8c560a688d1096b65c
Talos found tens of dangerous flaws in WAGO Controllers
https://securityaffairs.co/wordpress/99430/hacking/wago-products-vulnerabilities.html
Vulnerability Spotlight: WAGO products contain remote code execution, other vulnerabilities
https://blog.talosintelligence.com/2020/03/wago-vulnerability-spotlight-march-2020.html
Point-to-Point Protocol Daemon 存在安全性弱點(CVE-2020-8597)
https://www.kb.cert.org/vuls/id/782301/
Cisco 近日發布更新以解決多個產品的安全性弱點
https://www.us-cert.gov/ncas/current-activity/2020/03/05/cisco-releases-security-updates
Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)
https://newsroom.trendmicro.com/blog/security-intelligence/busting-ghostcat-analysis-apache-tomcat-vulnerability-cve-2020-1938-and-0
GitLab 多個漏洞
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
RCE in popular ThemeREX WordPress Plugin has been actively exploited
https://securityaffairs.co/wordpress/99394/hacking/themerex-wordpress-plugin-rce.html
Spring Framework 反射型文件下載漏洞CVE-2020-5398
https://www.colabug.com/2020/0311/7107782/
安全預警- 華為某智能手機存在鑑權不充分漏洞
https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200311-01-smartphone-cn
2.銀行/金融/保險/證券/支付系統/ 新聞及資安
客戶授信負面資料 證券與銀行3/31起可跨業查詢
https://money.udn.com/money/story/5613/4394911
金管會將持續要求金融業營運不中斷,多家金融機構已啟動異地辦公來防疫
https://ithome.com.tw/news/136196
金管會10招防內鬼 2大特徵保單解約要電訪備查
https://www.phew.tw/article/cont/phewpoint/current/topic/8718/202003068718
機器人理財也會算錯?金管會糾出四缺失
https://www.chinatimes.com/realtimenews/20200309002512-260410
金管會將催生台灣二大中心 必要時祭台股措施
https://www.chinatimes.com/realtimenews/20200309003718-260410?chdtv
臺灣Open Banking 近況發展
https://www.setn.com/News.aspx?NewsID=700218
Moneybook麻布記帳 獲TCIC環奧國際ISO27001驗證
https://money.udn.com/money/story/11799/4403731
金融業徵才 祭百萬年薪
https://udn.com/news/story/7239/4404734
LINE Bank資訊處長揭曉,由前籌備處專案管理辦公室負責人徐文玲擔任
https://www.ithome.com.tw/news/136301
荷蘭武漢肺炎疫情升溫,荷蘭銀行與艾司摩爾宣布員工分批上班
https://technews.tw/2020/03/12/abn-amro-and-asml-counterattack-coronavirus/
3.電子支付/電子票證/行動支付/ pay/新聞及資安
武漢肺炎疫情 可望帶動電子支付使用率
https://www.epochtimes.com/b5/20/3/6/n11920242.htm
疫情發燒 改變民眾消費習慣電子支付飆升
https://www.scooptw.com/popular/network_news/produce/37782/
電子支付 首破700萬戶 一卡通與街口 龍頭之爭進入肉搏戰
https://tw.appledaily.com/finance/20200307/J6PZOF6J3UVN64Z3MN7J722OMM/
假帳戶現蹤!電子支付機構有偽冒開戶 金管會緊盯
https://tw.appledaily.com/property/20200309/OI4Z53FLWKPFPGTUL3GMCCOMKU/
電支帳戶也能洗錢 金管會發現假交易退款恐涉洗錢
https://udn.com/news/story/7239/4400473
4.虛擬貨幣/區塊鍊相關新聞及資安
南韓通過全球第一部加密貨幣法
https://www.ithome.com.tw/news/136197
加密投資基金Trident遭駭客攻擊 26.6萬用戶數據泄露
https://ek21.com/news/tech/182694/
Defi穩定幣放貸是「高風險投資」
https://www.bnext.com.tw/article/56797/defi-decentralized-finance
清大育成中心旗下資富電子成功開發挖礦加速引擎,搶進區塊鏈與資安商機
http://bit.ly/2xkyQhz
魔法小卡藏玄機 螢幕電池按鍵全塞裡面
http://bit.ly/38M4DoP
存帳密非真錢包 掉卡不怕被盜用
http://bit.ly/2U5GBQc
美國司法部「起訴中國公民」OTC助北韓駭客洗錢事件: 哪些交易所被盜了
https://www.blocktempo.com/look-deep-into-case-about-chinese-nationals-accused-of-laundering-millions-in-stolen-crypto-for-north-korea/
研發網路資安技術 清大資工博士助產業升級
https://www.cna.com.tw/news/ahel/202003100344.aspx
疫情商機!資富電子超省電「挖礦機」問市
https://udn.com/news/story/7240/4403206
German Crypto Regulator BaFin Shuts Down Unauthorized Bitcoin ATMs
https://news.bitcoin.com/german-bitcoin-atms/
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式
McAfee:有接近一半的Android惡意程式屬於隱藏程式
https://www.ithome.com.tw/news/136187
如何防止 Mac 中勒索病毒?四招防止蘋果電腦病毒、勒索軟體
https://applealmond.com/posts/68296
小心!駭客以假憑證過期通知散佈惡意程式
https://www.ithome.com.tw/news/136200
警惕跨平台挖礦木馬SysupdataMiner利用多個漏洞攻擊傳播
https://s.tencent.com/research/report/904.html
Android用戶注意!8款Haken惡意程式進駐Google Play
https://www.ettoday.net/news/20200309/1663560.htm
微軟:人為操縱的勒索軟體攻擊愈來愈危險
https://www.ithome.com.tw/news/136272
小心!約翰霍普金斯大學新冠病毒疫情地圖淪為駭客散播 AZORult 病毒新途徑
https://technews.tw/2020/03/13/checking-this-coronavirus-map-lets-hackers-attack-your-windows-pc/
電腦病毒也叫corona 偽裝成防疫郵件點進去秒騙錢
https://www.setn.com/News.aspx?NewsID=706299
微軟鏟除最大殭屍網路現突破
https://www1.hkej.com/dailynews/article/id/2400741/
Malicious Chrome extension caught stealing Ledger wallet recovery seeds
https://www.zdnet.com/article/malicious-chrome-extension-caught-stealing-ledger-wallet-recovery-seeds/#ftag=RSSbaffb68
TrickBot Malware Targets Italy in Fake WHO Coronavirus Emails
https://www.bleepingcomputer.com/news/security/trickbot-malware-targets-italy-in-fake-who-coronavirus-emails/
Trickbot campaign targets Coronavirus fears in Italy
https://news.sophos.com/en-us/2020/03/04/trickbot-campaign-targets-coronavirus-fears-in-italy/
Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks
https://newsroom.trendmicro.com/node/4561
More than one billion Android devices at risk of malware threats
https://www.which.co.uk/news/2020/03/more-than-one-billion-android-devices-at-risk-of-malware-threats/
One of Roman Abramovich's companies got hit by ransomware
https://www.zdnet.com/article/one-of-roman-abramovichs-companies-got-hit-by-ransomware/#ftag=RSSbaffb68
Backdoor malware is being spread through fake security certificate alerts
https://www.zdnet.com/article/backdoor-malware-is-being-spread-through-fake-security-certificate-alerts/#ftag=RSSbaffb68
Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns
https://www.zdnet.com/article/chinese-hackers-use-decade-old-bisonal-trojan-to-strike-russian-targets/#ftag=RSSbaffb68
Ryuk ransomware hits Fortune 500 company EMCOR
https://www.zdnet.com/article/ryuk-ransomware-hits-fortune-500-company-emcor/#ftag=RSSbaffb68
Ransomware Threatens to Reveal Company's 'Dirty' Secrets
https://www.bleepingcomputer.com/news/security/ransomware-threatens-to-reveal-companys-dirty-secrets/
Human-operated ransomware attacks: A preventable disaster
https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/
New Variant of TrickBot Being Spread by Word Document
https://www.fortinet.com/blog/threat-research/new-variant-of-trickbot-being-spread-by-word-document.html
Cookiethief: a cookie-stealing Trojan for Android
https://securelist.com/cookiethief/96332/?utm_source=rss&utm_medium=rss&utm_campaign=cookiethief
Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
https://newsroom.trendmicro.com/blog/security-intelligence/operation-overtrap-targets-japanese-online-banking-users-bottle-exploit-k
B.行動安全 / iPhone / Android /穿戴裝置 /App
沒關AirDrop小心被騷擾!通勤收「防疫小知識」 點開驚見陌生男下體
https://cnews.com.tw/137200309a02/
新創公司 Corellium 成功駭進 iPhone,讓它能跑 Android
https://www.inside.com.tw/article/19109-Android-comes-to-the-iPhone-with-Project-Sandcastle
You Can Now Run Android on an iPhone With 'Project Sandcastle'
https://thehackernews.com/2020/03/install-android-on-iphone.html
iPhone / iPad 越獄已無須電腦,一部 Android 手機就做到
http://bit.ly/2uZRVov
Android 首款破解 2FA 惡意程式曝光 可竊取銀行帳號
https://hk.xfastest.com/47765/android-cerberus-break-2fa/
慎用社群軟體 嚴防資安威脅
https://www.ydn.com.tw/News/375737
LIFF v2 升級指南:趕在 v1 終止服務之前,快升級到 v2 吧!(別懷疑,真的會終止!)
https://chibupapa.com/2020/02/28/migrate-to-liff-v2/
Android 手機被「放生」怎麼辦?專家傳授 4 招教你自保
https://3c.ltn.com.tw/news/39755
舊版Android停安全更新支援 10億部裝置陷保安風險
http://bit.ly/2TzavgQ
同類型軟體太氾濫?蘋果新政策規範程式優化品質 用戶至上「不夠好就不上架」
https://cnews.com.tw/137200309a03/
疫情燒全球!社群軟體「這幾招」打假訊息…拉起線上防疫守護線
https://times.hinet.net/topic/22819050
Android登2019年「漏洞王」!全年被揭414個漏洞 開放系統是主因
https://www.ettoday.net/news/20200309/1663379.htm
Magisk的root隱藏功能要涼了新版SafetyNet用了硬體檢測
https://www.cnbeta.com/articles/tech/954567.htm
你是如何用指紋解鎖你的iPhone?從「光學掃描」到「生物識別技術」
https://mf.techbang.com/posts/10605-how-do-you-unlock-your-iphone-with-your-fingerprint-from-optical-scanning-to-biometrics
應用程式漏洞多?安卓8款程式被入侵 拍照軟體、小遊戲易藏毒
http://bit.ly/2IKL8SS
One billion Android devices at risk of hacking
https://www.bbc.com/news/technology-51751950
Warning! 1 billion Android phones susceptible to hacking – find out if yours is at risk
https://www.komando.com/security-privacy/androids-cant-update-at-risk-hacks/710048/
How you can have four or five SIM cards in your iPhone or Android smartphone
https://www.zdnet.com/article/how-you-can-have-four-or-five-sim-cards-in-your-iphone-or-android-smartphone/#ftag=RSSbaffb68
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件
「資產管理機構資訊安全實務研討」活動實錄
http://bit.ly/2IqC5Xl
Google Stadia在歐洲多國出現網路連結問題 官方:正在調查中
https://www.ettoday.net/news/20200312/1666242.htm
不爽前女友沉溺交友網站 醋男扮駭客刪帳密
https://www.chinatimes.com/realtimenews/20200310001725-260402?chdtv
南韓民間跟進「口罩地圖」!4大學生聯手36歲天才駭客 2天開發完成
https://www.ettoday.net/news/20200306/1660964.htm
電網也是駭客目標,歐洲 ENTSO-E 辦公網路遭攻擊
https://technews.tw/2020/03/13/entso-e-it-systems-cyber-intrusion/
出馬競選韓國議員的脫北者 遭駭客和電話威脅
https://www.bannedbook.org/bnews/zh-tw/worldnews/20200306/1289494.html
新天地教會官網被黑!駭客竟然是中學生,貼佛像嘲笑:你們被黑啦
https://www.koreastardaily.com/tc/news/124799
防駭靠這招 FBI建議別用複雜密碼要用15字密詞
https://www.chinatimes.com/realtimenews/20200307000007-260412?chdtv
防君子不防小人?美國中情局駭客工具的密碼是123ABCdef,而且公布在員工群組裡
https://www.ithome.com.tw/news/136217
美情報局駭陸11年 竊大量機密
https://turnnewsapp.com/global/military/169759.html
FBI逮捕經營非法憑證銷售網站的俄羅斯人
https://ithome.com.tw/news/136286
疫情中別鐵齒!放下「員工一定要進公司」的執念,3步驟做好分批辦公計畫
https://www.businessweekly.com.tw/management/blog/3001902
你還敢用嗎?美官員擬立法禁抖音 直言「可能成為中共資料庫」
https://cnews.com.tw/137200306a02/
美國國會議員有意翻修間諜法來保障媒體與安全研究人員
https://www.ithome.com.tw/news/136247
涉「CIA駭客」案 CIA前編碼員判2輕罪 逃過間諜等8重罪
https://udn.com/news/story/6813/4403129
涉「CIA駭客」案 前編碼員逃過間諜等8重罪
http://bit.ly/2Qb1b0i
CRS報告:美軍網絡空間作戰概況
https://mp.weixin.qq.com/s/eEiUn1Gc8HQrAIuk1X_ZRw
Beware of 'Coronavirus Maps' – It's a malware infecting PCs to steal passwords
https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html
陰影!DDR4仍將面臨Rowhammer風險
https://www.freebuf.com/news/230164.html
研究:現今的DDR4記憶體依然無法免疫於Rowhammer攻擊
https://www.ithome.com.tw/news/136322
Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks
https://thehackernews.com/2020/03/rowhammer-vulnerability-ddr4-dram.html
FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime
https://www.zdnet.com/article/fbi-arrests-russian-behind-deer-io-a-shopify-like-platform-for-cybercrime/#ftag=RSSbaffb68
A list of security conferences canceled or postponed due to coronavirus concerns
https://www.zdnet.com/article/a-list-of-security-conferences-canceled-or-postponed-due-to-coronavirus-concerns/
Multiple nation-state groups are hacking Microsoft Exchange servers
https://www.zdnet.com/article/multiple-nation-state-groups-are-hacking-microsoft-exchange-servers/
How an elaborate North Korean crypto hacking heist fell apart
https://www.wired.co.uk/article/north-korea-cryptocurrency-hacking-china
US government agencies have shadow IT infrastructure problem, cybersecurity risks, says GAO
https://www.zdnet.com/article/us-government-agencies-have-shadow-it-infrastructure-problem-cybersecurity-risks-says-gao/
Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month
https://www.zdnet.com/article/browsers-to-block-access-to-https-sites-using-tls-1-0-and-1-1-starting-this-month/
Brazil ranks third in email security threats
https://www.zdnet.com/article/brazil-ranks-third-in-email-security-threats/
Boots Advantage card hackers may be behind Tesco Clubcard cyber attack
https://www.mirror.co.uk/news/uk-news/boots-advantage-card-hackers-behind-21648152
Two People Who Attended Cyber Event Contract Coronavirus
https://finance.yahoo.com/news/engineer-attended-cybersecurity-event-contracts-180441855.html
地特三等(臺北)資訊職缺請益
https://pttcareer.com/publicservan/M.1583849619.A.D14.html
【信義房屋】資安維運系統工程師
https://www.cakeresume.com/companies/sinyi/jobs/4e6d55
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞
中共「大外宣」手法曝光!調查局查獲臉書粉專遭收購,內容滿是假訊息
https://www.storm.mg/article/2371772
安全「遠低於應有水準」,國泰航空資料外洩案遭英政府罰50萬英鎊
https://ithome.com.tw/news/136184
桃機下半年試辦「人臉辨識登機」 人權團體憂侵犯隱私
https://tw.appledaily.com/life/20200306/NK2R46UC4VI3626Z7I22RZXLKM/
青蛙為什麼要去屏東體育館?假消息資訊戰的AI陰謀論
https://pourquoi.tw/2020/03/06/fighting-fake-news-ai-bots/
報復還是帳號被盜? 男怒控前妻冒名狂訂民宿1個月
https://news.ltn.com.tw/news/society/breakingnews/3092134
想網購口罩? 小心這是詐騙 駭客利用這波疫情趁火打劫
https://money.udn.com/money/story/5613/4406873
假藉冠狀病毒「corona」名義的網路攻擊騙很大
https://ec.ltn.com.tw/article/breakingnews/3096760
駭客利用疫情「釣魚」,以新冠病毒「corona」為名的網路攻擊事件升溫
https://www.techbang.com/posts/76846-hackers-use-outbreak-phishing-to-heat-up-cyber-attacks-in-the-name-of-the-new-corona-virus-corona
網路釣魚在去年高風險電子郵件中 占比達89%
https://money.udn.com/money/story/5613/4409545
【資訊瘟疫(上)】恐慌時刻的流言、網軍、駭客為何特別多
https://www.mirrormedia.mg/story/20200310intcoronavirusinfodemicone
【資訊瘟疫(下)】網軍利用恐慌操控人心 駭客散布虛擬病毒竊取個資
https://www.mirrormedia.mg/story/20200310intcoronavirusinfodemictwo
研究發現數以千計的指紋文件暴露在不安全的數據庫中
https://www.cnbeta.com/articles/tech/954233.htm
印度執法機構在最近的騷亂中使用人臉識別技術識別了1100多人
https://www.cnbeta.com/articles/tech/954401.htm
美FDA成立工作小組嚴打社交網絡上亂傳的COVID-19治療方案
https://www.cnbeta.com/articles/tech/954545.htm
歐盟與美科技巨頭合作打擊疫情網絡謠言防製造恐慌
https://www.cnbeta.com/articles/tech/954311.htm
Virgin Media Data Leak Exposes Details of 900,000 Customers
https://thehackernews.com/2020/03/virgin-media-data-breach.html
Hackers Compromise T-Mobile Employee' Email Accounts and Steal User' Data
https://thehackernews.com/2020/03/hackers-compromise-t-mobile-employees.html
A Massive U.S. Property and Demographic Database Exposes 200 Million Records
https://thehackernews.com/2020/03/us-property-records-database.html
Brazilian security firm leaks more than 25 GB of client and staff data
https://www.zdnet.com/article/brazilian-security-firm-exposes-more-than-25-gb-of-client-and-staff-data/
250,000+ Login/Passwords Leaked in The Trident Crypto Fund Data Breach
https://www.ehackingnews.com/2020/03/250000-loginpasswords-leaked-in-trident.html
Why the Wawa Data Breach Serves as a Warning That “Good Enough” is Never Enough
https://www.infosecurity-magazine.com/opinions/wawa-data-breach-warning/?utm_source=dlvr.it&utm_medium=twitter
Dutch government loses hard drives with data of 6.9 million registered donors
https://www.zdnet.com/article/dutch-government-loses-hard-drives-with-data-of-6-9-million-registered-donors/
E.研究報告
用 Shell Script 在 CentOS 7 上實現 ASP.NET Core 的藍綠部署
https://dotblogs.com.tw/supershowwei/2020/03/09/090027
加密流量檢測與態勢預警平台研究
https://mp.weixin.qq.com/s/4FGo3GgHtn6CDGeFatP3bw
黑客利用ssrf漏洞輕而易舉入侵內網!你的服務器危險了
https://zhuanlan.zhihu.com/p/111332264
Windows Service Tracing中的權限提升漏洞分析CVE-2020-0668
https://www.freebuf.com/vuls/227557.html
CVE-2020-2555:WebLogic遠程代碼執行漏洞
https://nosec.org/home/detail/4205.html
SonicWall SRA產品中的多個漏洞分析
https://www.sohu.com/a/378054669_354899
同形0 day漏洞被用於註冊惡意域名
https://www.4hou.com/posts/P534
Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains
https://www.soluble.ai/blog/public-disclosure-emoji-to-zero-day
黑客利用ssrf漏洞輕而易舉入侵內網!你的服務器危險了
https://zhuanlan.zhihu.com/p/111332264
Web安全Day9 - 檔案下載漏洞實戰攻防
https://copyfuture.com/blogs-details/202003072029025280hvd3fcu25iro37
使用威脅情報調查攻擊者
http://bit.ly/2PWbBRC
CVE-2020-0609&CVE-2020-0610:RDG中的兩個漏洞分析
https://4hou.win/wordpress/?p=40189
Windwos應急響應和系統加固(1)——Windwos操作系統版本介紹
https://www.cnblogs.com/catt1e/p/12376313.html
Windows應急響應和系統加固(2)——Windows應急響應的命令使用和安全檢查分析
https://www.cnblogs.com/catt1e/p/12377195.html
Windows應急響應和系統加固(3)——Windows操作系統的帳號角色權限
https://www.cnblogs.com/catt1e/p/12382077.html
Windows应急响应和系统加固(4)——Windows帐号角色权限的安全检查分析以及PowerShell的使用介绍
https://www.cnblogs.com/catt1e/p/12394503.html
Windows应急响应和系统加固(5)——WindowsPowerShell安全检查和分析
https://www.cnblogs.com/catt1e/p/12395297.html
Windows應急響應和系統加固(6)——Windows歷年高危漏洞介紹和分析
https://www.cnblogs.com/catt1e/p/12400575.html
Windows應急響應和系統加固(7)——Windows操作系統日誌分析
https://www.cnblogs.com/catt1e/p/12404731.html
Windows應急響應和系統加固(8)—— Windows IIS日誌提取和安全檢查分析
https://www.cnblogs.com/catt1e/p/12419529.html
Windows应急响应和系统加固(9)——Windows Apache日志提取和安全分析
https://www.cnblogs.com/catt1e/p/12419769.html
Windows应急响应和系统加固(10)——Nginx日志分析以及JBoss日志分析
https://www.cnblogs.com/catt1e/p/12422581.html
Windows應急響應和系統加固(11)——Weblogic各類漏洞的日誌分析和調查取證
https://www.cnblogs.com/catt1e/p/12437132.html
APT 分析及TTPs 提取
https://paper.seebug.org/1132/
IE遠程代碼執行漏洞(CVE-2020-0674) 分析
https://www.secrss.com/articles/17750
SweynTooth 低功耗藍牙漏洞分析
http://news.eeworld.com.cn/mp/BLE5CODER/a82923.jspx
Gopher協議在SSRF漏洞中的深入研究(附PY腳本)
https://zhuanlan.zhihu.com/p/112055947
自己動手DIY:路由器刷機改造
https://www.freebuf.com/geek/228825.html
攻擊者仍在利用SharePoint的漏洞展開大規模攻擊
https://4hou.win/wordpress/?p=40379
(Ab)using bash-fu to analyze recent Aggah sample
https://blog.malwarelab.pl/posts/basfu_aggah/?fbclid=IwAR0lXgSxzvRAy_RCG6RvCx1Par-p9SUjlYaiiTtDiWdpWGth8FK5tfhHGI4
15 BEST Digital Forensic Tools in 2020 [Free/Paid]
https://hackonology.com/blogs/15-best-digital-forensic-tools-in-2020-free-paid/
TAFOF-Unpacker
https://github.com/Tera0017/TAFOF-Unpacker/
MacRipper
https://github.com/Recruit-CSIRT/MacRipper
Emotet vs Trump – Deep Dive Analysis of a Killer Info-Stealer
https://www.cynet.com/blog/emotet-vs-trump-deep-dive-analysis-of-a-killer-info-stealer/
HTTP Asynchronous Reverse Shell - Asynchronous Reverse Shell Using The HTTP Protocol
https://www.kitploit.com/2020/03/http-asynchronous-reverse-shell.html
extended-xss-search
https://github.com/Damian89/extended-xss-search
Install Tor on Windows, (Kali) Linux and search The Dark Web
https://hackingpassion.com/install-tor-on-windows-kali-linux-and-search-the-dark-web/
Microsoft Exchange Control Panel (ECP) Vulnerability CVE-2020-0688 Exploited
https://www.volexity.com/blog/2020/03/06/microsoft-exchange-control-panel-ecp-vulnerability-cve-2020-0688-exploited/
Route Redistribution PPP Multilink mock configuration
https://ccie.internetworks.in/2019/12/route-redistribution-ppp-multilink-mock.html
Google Ads Self-XSS & Html Injection $5000
https://medium.com/@adonkidz7/google-ads-self-xss-html-injection-5000-52280da76c80
CVE-2020-0688: REMOTE CODE EXECUTION ON MICROSOFT EXCHANGE SERVER THROUGH FIXED CRYPTOGRAPHIC KEYS
https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys
Breaking TA505’s Crypter with an SMT Solver
https://labs.sentinelone.com/breaking-ta505s-crypter-with-an-smt-solver/
IoTGoat
https://github.com/scriptingxss/IoTGoat
PiDense
https://github.com/WiPi-Hunter/PiDense
NoXss
https://github.com/lwzSoviet/NoXss
HOW I HACKED A DOMAIN CONTROLLER IN AZURE DURING A PENETRATION TEST
https://www.secsignal.org/en/news/how-i-hacked-a-domain-controller-in-azure-during-a-penetration-test/
Excel Maldocs: Hidden Sheets
https://isc.sans.edu/diary/rss/25876
Introduction to EvtxEcmd (Evtx Explorer)
https://isc.sans.edu/diary/Introduction+to+EvtxEcmd+%28Evtx+Explorer%29/25858
AMIRA- To Analyse Automated Malware Incident Response
https://www.hackersonlineclub.com/amira-automated-malware-incident-response-and-analysis/
Multiple vulnerabilities found in Zyxel CNM SecuManager
https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html
2020 GLOBAL THREAT REPORT
https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf
REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 1 – Introduction & Configuration
https://www.mindpointgroup.com/blog/cyber-security/rest-assured-penetration-testing-rest-apis-using-burp-suite-part-1-introduction-configuration/
EmoCheck
https://github.com/JPCERTCC/EmoCheck/releases/tag/v0.0.2
Crescendo: Real Time Event Viewer for macOS
https://www.fireeye.com/blog/threat-research/2020/03/crescendo-real-time-event-viewer-for-macos.html
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
https://github.com/MiladMSFT/ThreatHunt
Years-long campaign targets hackers through trojanized hacking tools
https://www.zdnet.com/article/years-long-campaign-targets-hackers-through-trojanized-hacking-tools/#ftag=RSSbaffb68
WHO'S HACKING THE HACKERS: NO HONOR AMONG THIEVES
https://www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves
F.商業
奧義智慧 拿下亞洲最佳資安公司等多項大獎
https://money.udn.com/money/story/5613/4394703
team+介接Tableau數據分析軟體,線上防疫遠距工作不中斷
http://bit.ly/2xdf2N6
雲端商機刺激資安需求 安碁資訊周漲19%
https://news.cnyes.com/news/id/4449539
甲骨文預測十大雲端趨勢 九成IT任務將完全自動化
http://www.ctimes.com.tw/DispNews/tw/2003091812QW.shtml
WhiteSource研究報告:開源漏洞在2019年增長近50%
https://www.cnbeta.com/articles/tech/954837.htm
Silicon Labs新型Secure Vault技術 重新定義IoT裝置安全
http://www.ctimes.com.tw/DispProduct/tw/IoT/Silicon-Labs/2003091050Y5.shtml
Maxim發佈最高安全等級的IoT微控制器
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=13&id=0000580296_E4D1BJ58L1RRV253MPFLL
微軟發布五大資安要點,籲台廠應提前部署智慧資安
https://www.moneydj.com/KMDJ/News/NewsViewer.aspx?a=fe0348d1-2ebe-4dca-b806-6081e47c4945
Why Proxy-Based Firewalls Are Not Enough
https://blog.paloaltonetworks.com/2020/03/cloud-proxy-based-firewalls/
AT&T, Palo Alto Networks and Broadcom develop virtual firewall framework
https://www.zdnet.com/article/at-t-palo-alto-networks-and-broadcom-develop-virtual-firewall-framework/#ftag=RSSbaffb68
Microsoft's PowerShell 7 is generally available
https://www.zdnet.com/article/microsofts-powershell-7-is-generally-available/#ftag=RSSbaffb68
Panda Security Turns 30; Brand Set for Extinction After WatchGuard Buyout
https://www.cbronline.com/news/panda-security-watchguard
Mozilla is enabling encrypted DNS-over-HTTPS (DoH) by default for US Firefox users
https://betanews.com/2020/02/25/firefox-dns-over-https-default-doh/
G.政府
強化企業智慧財產經營管理計畫 2020年智財分級管理制度輔導申請須知
https://www.tips.org.tw/event_view.asp?sno=BDCHDK
警政民政多系統結合大數據 確診者足跡無所遁形
https://www.cna.com.tw/news/aipl/202003070179.aspx
超前部署 縣府規劃六處分區辦公地點
http://www.ksnews.com.tw/index.php/news/contents_page/0001351723
口罩2.0可網購民眾憂超商領貨「個資風險高」
https://news.ebc.net.tw/news/living/200427
台灣該如何吸取「eMask 口罩預購系統當機」經驗,把科技治國推得更遠更便利
https://buzzorange.com/techorange/2020/03/12/emask-system-crash/
台酒零缺失 通過ISO/IEC27001資安系統認證
http://bit.ly/33fgevn
公投、罷免電子連署 資安強化後隨時可上線
http://bit.ly/2xurnww
科技部練功有成!AI 戰略計畫培訓 2000 人才,讓台灣成為國際重鎮
https://buzzorange.com/techorange/2020/03/11/most-ai/
H.工控系統/SCADA/ICS
【工業互聯網安全專欄】工業互聯網智能設備安全的思考
https://mp.weixin.qq.com/s/r75tAFIUD7a5esWm3rDGNQ
研究:83%的醫學影像連網裝置執行老舊的作業系統
https://ithome.com.tw/news/136295
專家警告,全美眾多連網醫療裝置,因多種原因易遭駭侵
https://www.twcert.org.tw/tw/cp-104-3428-af07e-1.html
I.教育訓練
如何在蘋果電腦 macOS 安裝 Python 人工智慧套件
https://tw.openrobot.org/article/index?sn=11703
什麼是 Cookie?如何管理Cookie,防範網路隱私外洩?
https://blog.trendmicro.com.tw/?p=63387
結合漏洞、ssrf-lab學習SSRF漏洞
https://xz.aliyun.com/t/7333
Reverse Engineering: It was all a dream
https://medium.com/@amhoume/reverse-engineering-it-was-all-a-dream-c10db07e0979
Hack the Box - Bankrobber
https://padraignix.github.io/hack-the-box/2020/03/07/htb-machine-bankrobber/
Cyber forensics and incident response study plan
https://www.peerlyst.com/posts/cyber-forensics-and-incident-response-study-plan-karl-m-1
How to get started in Cyber security
https://www.peerlyst.com/posts/how-to-get-started-in-cyber-security-serkan-demirhan
Hacking Security Ebooks
https://hackingresources.com/hacking-security-ebooks/
J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識
Baby Camera嬰兒監視器或存保安漏洞 屋企24小時受黑客監視
http://bit.ly/2wEPOH3
歐洲研究:駭客利用 Keyless 漏洞偷車,Tesla 遭點名有失竊風險!
https://auto.ltn.com.tw/news/14849/7
車鑰匙加密技術漏洞,逾百萬日韓車輛有被偷危機
https://technews.tw/2020/03/09/dismantling-dst80-based-immobiliser-systems/
研究:汽車防盜系統含漏洞,豐田、現代及Kia全遭殃
https://www.ithome.com.tw/news/136244
These Chinese hackers tricked Tesla’s Autopilot into suddenly switching lanes
https://www.cnbc.com/2019/04/03/chinese-hackers-tricked-teslas-autopilot-into-switching-lanes.html
用LoRaWAN連結IoT裝置就保證安全
https://www.eettaiwan.com/news/article/20200310NT01-how-secure-is-your-lorawan-iot-device
清查具有Kr00k漏洞的連網設備,目前已有多家廠商發出公告
https://www.ithome.com.tw/news/136257
6.近期資安活動及研討會
人工智慧小聚 - 新竹 ◤從 RNN 到 Attention,自然語言處理的前世今生◢ ◤字型生成經驗分享◢ 3/18
https://www.meetup.com/AIA-Hsinchu/events/268649939/
Scala Taiwan #37 3/18
https://www.meetup.com/Scala-Taiwan-Meetup/events/267899692/
韓國國際安全博覽會 3/18
https://www.twcert.org.tw/tw/cp-105-3230-a3bd4-1.html
Taipei.py 2020 三月聚會 (March Monthly Meeting) 3/19
https://www.meetup.com/Taipei-py/events/268681120/
Study Group - Clean Coder 3/19
https://www.meetup.com/Women-Who-Code-Taipei/events/jlmfprybcfbzb/
數據分析與機器學習案例實務(一)以PM2.5為例 3/23
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3888&from_course_list_url=course_index
Taipei 暗号通貨 (Cryptocurrency) Meetup 3/25
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcfbhc/
Thinking Thursday 第七場 3/26
https://www.meetup.com/Thinking-Thursday/events/266911452/
Flutter Taipei 2020 暖開幕 | Warm Up Party 3/27
https://www.meetup.com/Flutter-Taipei/events/269033933/
交通大學駭客書院 - 緩衝區溢位攻擊與預防 3/28
https://hackercollege.nctu.edu.tw/?p=1141
black ASIA 2020 Singapore 3/31 ~ 4/3
https://www.blackhat.com/asia-20/briefings/schedule/
Kaspersky® Security Analyst Summit 4/6 ~ 4/9
https://thesascon.com/
QGIS地理資訊研習班 4/8 ~ 4/9
https://www.accupass.com/event/2002120936323517290110
邊緣計算系統之大數據與深度學習應用 4/10
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3883&from_course_list_url=course_index
第二屆ICANN APAC-TWNIC Engagement Forum 與第34屆TWNIC IP政策資源管理會議 4/16
https://forum.twnic.tw/2020/registration.htm
交通大學駭客書院 -入侵行為發覺與應變指南 4/18
https://hackercollege.nctu.edu.tw/?p=1144
VXCON 2020 - APAC 4/18 ~ 4/19
https://www.vxcon.hk/
2020全方位資訊安全人才培育計畫 4/21 ~ 6/16
http://service.tabf.org.tw/tw/user/409646/
2020 Industrial Control Systems (ICS) Cyber Security Conference | Singapore 4/21 ~ 4/23
https://www.icscybersecurityconference.com/singapore/
Taipei 暗号通貨 (Cryptocurrency) Meetup 4/22
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybcgbdc/
亞太資訊安全論壇暨展覽會 4/22
https://www.twcert.org.tw/tw/cp-105-3149-70ad7-1.html
交通大學駭客書院 - 基礎網頁安全與滲透測試 4/25
https://hackercollege.nctu.edu.tw/?p=1147
2020 LINE Taiwan Developers Recruitment Day 4/25
https://engineering.linecorp.com/zh-hant/blog/2020-line-taiwan-technical-recruitment-day/
交通大學駭客書院 - 基礎網站安全建構實務 5/16
https://hackercollege.nctu.edu.tw/?p=1151
交通大學駭客書院 - 電子郵件之偽造攻擊與防護措施 5/23
https://hackercollege.nctu.edu.tw/?p=1156
Taipei 暗号通貨 (Cryptocurrency) Meetup 5/27
https://www.meetup.com/Taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-Cryptocurrency-Meetup/events/nrxgwqybchbkc/
交通大學駭客書院 - 進階網頁滲透測試 5/30
https://hackercollege.nctu.edu.tw/?p=1159
邊緣計算系統之大數據與深度學習應用 6/5
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3884&from_course_list_url=course_index
交通大學駭客書院 - 高階網頁滲透測試 6/13 6/20
https://hackercollege.nctu.edu.tw/?p=1161
交通大學駭客書院 - 企業網域控管-Active Directory攻擊與防禦 6/27
https://hackercollege.nctu.edu.tw/?p=1164
CYBERSEC 2020 臺灣資安大會 8/12
https://cyber.ithome.com.tw/
沒有留言:
張貼留言