攻擊趨勢觀察 – 歲末消費旺季駭客正覬覦,離線釣魚攻擊創高峰!

聖誕跨年、農曆新年接連來到,不但是消費採買的高峰期,也是駭客趁勢釣魚竊取個資、卡號、金融、郵件等各式服務帳密的大好時機!
中華數位與 ASRC 研究中心觀察發現,最近離線釣魚攻擊有大幅增加的趨勢,而且沒有產業針對性。請小心留意,駭客正在廣撒魚餌釣大魚!

【什麼是離線釣魚?】
駭客將釣魚網頁以 .html 或 .mht 附檔的型式,透過電子郵件遞送給使用者,將釣魚網頁直接呈現在受害者的本地端電腦。當使用者填入敏感資料時,便以 Post 方法將資料傳送出去。
因為傳送 Post 到外部的行為不會受到瀏覽器 URL 檢測的保護阻擋,可成功繞過瀏覽器及部份上網安全軟體的釣魚防護,增加駭客釣魚成功的機會。

【防範建議】
.使用合適的郵件防禦機制,例如 SPAM SQR ADM 已可偵測離線釣魚攻擊。
.加強人員安全意識,面對來信要求填寫機敏資料、要求登入認證的郵件時,應保持高度懷疑的心態。

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於中華數位科技 Softnext Technologies Corp.
創立於2000年8月。
秉持著【We Secure Your Content】的服務理念,以提供企業資訊應用管理服務及打造資訊內容安全防護為宗旨。專精於提供網路應用服務技術,根據市場需求推出多款資訊內容安全的解決方案及應用服務,能夠協助企業透過符合資安管理規範並遵循法規的方式進行資訊內容安全管理,以維護員工的生產力、提升企業經營績效。

Amid student protests, Winnti Group targets Hong Kong universities, ESET discovers

BRATISLAVA, MONTREAL – ESET researchers have recently discovered a new campaign by the Winnti group. This time, Hong Kong universities were the desired target. ESET’s machine-learning engine detected a unique, malicious sample on multiple computers belonging to two Hong Kong universities. In addition to the two confirmed compromised universities, ESET has indications that at least three additional universities may have been affected. The attackers were interested in stealing information from the victims’ machines. This campaign of the Winnti Group was taking place as widespread civic protests swept Hong Kong, including the territory’s universities.

The latest research into Winnti Group, previously responsible for high-profile supply-chain attacks against the video game and software development industry as well as attacks against healthcare and education sectors, confirms that the group is still using its flagship ShadowPad backdoors. However, in the campaign against Hong Kong universities, ShadowPad’s launcher was replaced with a new and simpler version detected by ESET products as Win32/Shadowpad.C.

“Both ShadowPad and Winnti, found at these universities in November 2019, contain campaign identifiers and command & control URLs matching the name of the universities, which indicates a targeted attack,” says Mathieu Tartare, leading ESET researcher into the Winnti Group.

“ShadowPad is a multi-modular backdoor and, by default, every keystroke is recorded using the Keylogger module. The use of this module by default indicates that the attackers are interested in stealing information from the victims’ machines. In contrast, the variants we described in our earlier whitepaper didn’t even have that module embedded,” elaborates Tartare on the discovery.

For more technical details about the latest discovery into the Winnti Group, read the blog post Winnti Group targeting universities in Hong Kong on WeLiveSecurity.com. ESET researchers recently published a whitepaper updating our understanding of the arsenal of the Winnti Group as well. Make sure to follow ESET research on Twitter for the latest news from ESET Research. 





About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

訊連科技將於CES 2020展出FaceMe® AI臉部辨識及智慧安控、智慧零售等多種IoT/AIoT應用

【2019年12月25日,台北訊】全球頂尖AI臉部辨識領導廠商訊連科技(5203.TW)將於CES 2020中,展出旗下FaceMe® AI臉部辨識引擎及最新應用,包含智慧安控、智慧零售、智慧居家、智慧辦公室等多種IoT/AIoT應用場景。CES為全球最大的消費性電子展,展出時間為2020年1月7日至10日。訊連科技攤位位於拉斯維加斯會展中心南二館(LVCC South Hall 2),攤位號碼25555。

FaceMe® 為全球頂尖之AI臉部辨識引擎,可提供硬體製造商及系統整合商在各式智慧應用中導入臉部辨識技術。FaceMe®具備高彈性、高辨識度和高效能,可應用在各種IoT/AIoT裝置及場景,如智慧安控、智慧門禁、智慧零售、智慧家庭等。FaceMe®自發表至今,已與全球數百家客戶合作,取得眾多成功案例。於CES 2020中,訊連科技將展出FaceMe®臉部辨識之最新功能,以及與研華科技、宏碁雲端等合作夥伴打造的AIoT解決方案。

「人臉辨識與邊緣運算已為當今AI之最主要應用之一,訊連科技開發的FaceMe® AI臉部辨識引擎,其高精準度與彈性效能,可協助客戶打造多樣化的臉部辨識解決方案。」訊連科技董事長暨執行長黃肇雄表示:「訊連科技將於CES 2020展會上,為來賓展示FaceMe®最頂尖的臉部辨識科技,並攜手合作夥伴,展出實際應用。」

FaceMe®可精準的偵測及辨識人臉,正確辨識率高達99.82%,於全球知名NIST臉部辨識技術基準測試中,準確度名列全球頂尖開發團隊之列。於智慧安控、門禁、智慧家庭等場景,可辨識出現於IP Cam攝影機、門禁系統及智慧門鈴之人臉,進行門禁管制或黑名單警示。此外,FaceMe®可分析年齡、性別、情緒等臉部特徵,於智慧零售場景,可協助開發商建置人流分析、VIP及黑名單管理、分眾化電子看板廣告、Kiosk智慧資訊站及智慧機器人等多種解決方案。

FaceMe®可支援Windows、Linux、Android與iOS等跨平台系統,並針對多種硬體系統優化,包含Intel® Movidius、OpenVINO™、nVidia Jetson等硬體及平台,可靈活整合至安控系統、零售商店攝影機、智慧門鈴、警用攝影機、及服務機器人等不同硬體裝置中,實現不同產業的AIoT應用需求。

訊連科技全球行銷資深副總經理Richard Carriere亦受邀於中華民國對外貿易發展協會 (TAITRA) 的CES 2020記者會進行演講,分享FaceMe®臉部辨識引擎與AI產業最新趨勢。記者會將於2020年1月6日下午三點於美國拉斯維加斯Mandalay Bay會議中心Oceanside F廳舉辦。

20120消費性電子展(CES 2020) 展會資訊 時間:2020年1月7日至10日(美西時間) 地點:拉斯維加斯會展中心南二館25555展位(#25555, Hall South 2)

敬邀媒體與合作夥伴於「2020美國消費性電子展」年度盛會中蒞臨訊連科技展位 ,親自體驗FaceMe® AI臉部辨識的相關應用與最新突破。

媒體訪問預約:請按此 更多關於FaceMe®,可至官方網站了解更多: http://tw.cyberlink.com/FaceMe



About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於CyberLink
訊連科技創立於1996年,擁有頂尖視訊與音訊技術的影音軟體公司,專精於數位影音軟體及多媒體串流應用解決方案產品研發,並以「抓準技術板塊,擴大全球行銷布局」的策略,深根台灣、佈局全球,展現亮麗的成績。訊連科技以先進的技術提供完美的高解析影音播放效果、以尖端的科技提供完整的高解析度擷取、編輯、製片及燒錄功能且完整支援各種高解析度影片及音訊格式。產品包括:「威力導演」、「PowerDVD」、「威力製片」、「威力酷燒」等。

ESET identifies Latin American banking trojan, Mispadu, targeting victims with malicious Facebook ads

BRATISLAVA – ESET, a global leader in cybersecurity, continues its research into Latin American banking trojans with the identification of another previously unknown malware family, Mispadu.

Similar to the Amavaldo and Casbaneiro malware families recently described by ESET, Mispadu is written in Delphi and targets victims through the use of fake pop-up windows trying to persuade potential victims to share their personal details and credentials. The Mispadu banking trojan, which primarily targets Brazil and Mexico, contains backdoor functionality, can take screenshots, simulates mouse and keyboard actions, and captures keystrokes.

The ESET research team has seen the Mispadu family using two different distribution methods – spam and malvertising. While the former is common among Latin American banking trojans, the latter is quite rare. The threat actor behind Mispadu places sponsored advertisements on Facebook that offer fake discount coupons for McDonald’s. Clicking on the advertisement leads the potential victim to a malicious webpage where a ZIP file containing an MSI installer, masquerading as a discount coupon, can be downloaded. If downloaded and executed, a chain of three scripts follows, resulting in the download and execution of the Mispadu banking trojan. The trojan uses four potentially unwanted applications, all modified copies of legitimate software, to extract the victim’s stored credentials from web browsers and email clients.

In Brazil, Mispadu has been seen also distributing an interesting, malicious Google Chrome extension. The extension claims to “Protect your Chrome,” but instead it attempts to steal credit card and online banking data, and can even compromise Boleto, a popular payment system in Brazil that uses a barcode-based ticketing system to transfer payments. The Boleto component of the Mispadu malware attack is its most advanced feature, as it replaces the legitimate barcode on a Boleto ticket with one connected to the attacker’s bank account, generated via the abuse of a legitimate website.

For more details, read the blog post, Mispadu: advertisement for a discounted Unhappy Meal, on WeLiveSecurity.

About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.



About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

訊連科技「FaceMe® AI臉部辨識引擎」促使產品智慧化功臣第28屆台灣精品獎AI應用百花齊放

訊連科技、宏碁和崇友實業AI應用產品皆獲得「精品獎」肯定

【2019年12月6日,台北訊】 世界級AI臉部辨識技術開發商訊連科技(5203.TW)宣佈,旗下FaceMe® AI臉部辨識引擎應用在宏碁(2353.TW)「aiSage」和崇友實業(4506.TW)「GF系列智慧電梯」上,產品皆入選今年第28屆「台灣精品獎」。訊連科技「FaceMe® AI臉部辨識引擎」更獲得今年精品獎「銀質獎」殊榮,代表AI臉部辨識應用產品,在今年精品獎成果卓越,備受評審與外界肯定。

訊連科技開發之FaceMe® AI臉部辨識引擎,提供高達99.58% 之臉部辨識率,提供跨平台、彈性配置之SDK服務。自去年底推出以來,已協助許多海內外硬體開發商與系統整合商,於產品服務中快速導入臉部辨識技術,不僅強化產品功能和獨特競爭力,也讓產品能快速導入在各種智慧產業情境。

宏碁aiSage為一款以邊緣運算(Edge Computing)為訴求之AIoT裝置,可透過FaceMe®臉部辨識引擎,辨識訪客之性別、年齡、情緒等特徵,並內建高效管理平台。方便電子看板、資訊服務站(KIOSK)等開發商,打造出具備智慧刷臉功能的智慧零售、智慧城市等應用。

崇友實業結合物聯網、AI智能、以及節能技術的應用,開發出「GF系列智慧電梯」。透過導入訊連科技FaceMe®臉部辨識引擎,電梯可根據「刷臉」結果比對住戶資料,自動送住戶抵達指定樓層,也提供叫車服務,使大樓安全性和隱私性全面提升。產品甫推出已獲得許多飯店業者和高級住宅積極洽詢合作。

「近年來,AI應用已經遍及各產業領域,其中人臉辨識得力於硬體設備和智慧商務發展,成為應用最廣且實用價值最高的AI商用技術。」訊連科技執行長黃肇雄表示:「訊連科技『FaceMe®臉部辨識引擎』的高精準度和高度整合彈性,能快速幫助硬體整合商導入臉部辨識應用。宏碁、崇友實業與訊連科技的合作,相互提升產品之附加價值,共同創造AI整合服務新體驗。」

透過訊連科技「FaceMe®臉部辨識引擎」技術,宏碁「aiSage」和崇友實業「GF系列智慧電梯」從單純監控和載客的設備,進化成提供客製化體驗的AI整合服務方案。今年訊連科技、宏碁與崇友實業共同獲得第28屆「精品獎」殊榮,展現科技產業合作開發的研發實力,帶領台灣企業進軍智慧零售、智慧建築與AIoT市場。


About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於CyberLink
訊連科技創立於1996年,擁有頂尖視訊與音訊技術的影音軟體公司,專精於數位影音軟體及多媒體串流應用解決方案產品研發,並以「抓準技術板塊,擴大全球行銷布局」的策略,深根台灣、佈局全球,展現亮麗的成績。訊連科技以先進的技術提供完美的高解析影音播放效果、以尖端的科技提供完整的高解析度擷取、編輯、製片及燒錄功能且完整支援各種高解析度影片及音訊格式。產品包括:「威力導演」、「PowerDVD」、「威力製片」、「威力酷燒」等。