資安事件新聞週報 2024/4/22 ~ 2024/4/26

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/4/22 ~ 2024/4/26 1.重大弱點漏洞/後門/Exploit/Zero Day Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html Palo Alto Networks旗下的EDR系統存在漏洞，攻擊者有可能藉此隱密在受害電腦行動 https://www.safebreach.com/blog/dark-side-of-edr-offensive-tool/ Palo Alto Networks旗下的EDR系統存在漏洞，研究人員找到能對該資安系統進行竄改、控制受害電腦的方法 https://www.ithome.com.tw/news/162534 State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage https://thehackernews.com/2024/04/state-sponsored-hackers-exploit-two.html 國家級駭客利用思科防火牆零時差漏洞，在多國政府植入後門程式 https://www.ithome.com.tw/news/162516 Cisco 發布 Cisco Integrated Management Controller 安全更新 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-bLuPcb https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ https://www.cisa.gov/news-events/alerts/2024/04/19/cisco-releases-security-advisories-cisco-integrated-management-controller Ivanti零日漏洞延燒! MITRE遭駭客成功入侵 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11054 MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws https://thehackernews.com/2024/04/mitre-corporation-breached-by-nation.html FTP伺服器軟體CrushFTP存在零時差漏洞，攻擊者可逃脫虛擬檔案系統下載伺服器的系統檔案 https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/ Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html Windows的DOS到NT路徑轉換處理存在漏洞，研究人員將其充當rootkit利用 https://www.ithome.com.tw/news/162464 Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html WordPress表單建立外掛Forminator存在危急漏洞，攻擊者可用來對伺服器隨意上傳檔案 https://www.bleepingcomputer.com/news/security/critical-forminator-plugin-flaw-impacts-over-300k-wordpress-sites/ 程式碼儲存庫GitLab的CDN存在弱點，攻擊者可用來存放惡意軟體 https://www.bleepingcomputer.com/news/security/gitlab-affected-by-github-style-cdn-flaw-allowing-malware-hosting/ 網路效能監控工具Flowmon存在危急漏洞，恐被用於執行系統層級命令 http://rhinosecuritylabs.com/research/cve-2024-2389-in-progress-flowmon/ Brocade旗下SAN設備及交換器存在漏洞，有可能導致設備遭到接管 https://pierrekim.github.io/blog/2024-04-24-brocade-sannav-18-vulnerabilities.html Google針對Chrome 124發布更新，修補危急漏洞CVE-2024-4058 https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html 2.銀行/金融/保險/證券/金融監理新聞及資安安卓金融木馬SoumniBot利用作業系統應用程式安裝工具弱點迴避偵測 https://www.ithome.com.tw/news/162475 國際貨幣基金組織警告金融領域面臨黑客攻擊風險加大 https://reurl.cc/1v23gp 3.信用卡/電子支付/行動支付/pay/支付系統/資安玩電動想投機？遊戲作弊程式放大招誘你分享「一傳十十傳百」讓駭客盜刷信用卡 https://tech.udn.com/tech/story/123153/7917603?from=udn-indexnewnews_ch1024 智慧中捷多元支付最便捷即日起行動支付可搭中捷 https://www.taichung.gov.tw/2621644/post 台中捷運開通包括Visa感應支付、Apply Pay、Google Wallet、Samsung Pay等多元支付 https://www.cool3c.com/article/214682 全台逾 42 萬店家適用！台新 Pay 搶進「TWQR」享最高 20% 回饋 https://finance.technews.tw/2024/04/23/twqr-pay/ 不一定要掃碼才能購物！陸「行動支付綁定繁瑣」遊客卻步官方推動商家做好現金備付 https://reurl.cc/kO7rld 5月報稅季必看！行動支付掃碼繳稅賺回饋攻略　多重優惠曝光 https://www.nownews.com/news/6411581 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions https://thehackernews.com/2024/04/doj-arrests-founders-of-crypto-mixer.html 被詐騙了USDT（泰達幣）怎麼辦 https://reurl.cc/Vzj42b 概覽比特幣發展史：減半、週期與輪迴 https://www.panewslab.com/zh_hk/articledetails/uf3jefh0Ft.html Railgun總交易量逼近10億美元 https://news.cnyes.com/news/id/5531408 白話解讀Web3簽名釣魚底層邏輯：授權釣魚、Permit與Permit2的差別 https://www.panewslab.com/zh_hk/articledetails/5kpclq6xFt.html Bitcoin Asia 2024香港比特幣大會5月9日開幕 https://m.cnyes.com/news/id/5532394 專訪 EMC 生態 Bulider：從去中心化信仰中長出的創業理想 https://www.hk01.com/article/1012509?utm_source=01articlecopy&utm_medium=referral Sui Overflow駭客松資金池增至100萬美元 https://news.cnyes.com/news/id/5533174 Mt.Gox交易所還錢了！14萬枚BTC清償會造成比特幣暴跌嗎 https://www.blocktempo.com/mt-gox-trustee-updates-bitcoin-and-fiat-repayment-schedule/ Mt.Gox將支付90億美元給債權人，恐為BTC帶來壓力 https://news.knowing.asia/news/91ff74a0-6974-4c32-b7e6-a223c228fad7 某駭客組織發布薩爾瓦多Chivo錢包的部分源代碼 https://news.cnyes.com/news/id/5534026 Gitcoin Grants 20現已上線，提供超140萬美元匹配資金 https://news.cnyes.com/news/id/5533971 K33 Research：Mt. Gox或於近期釋放90億美元比特幣，或對比特幣價格構成壓力 https://news.cnyes.com/news/id/5534059 英國陸軍宣傳加密貨幣、NFT？社群遇駭資安危機 https://reurl.cc/XG4qWM SEC說謊誤導法院凍結Debt Box資產，兩名律師被迫辭職 https://www.blocktempo.com/sec-sanctioned-by-court-for-abuse-of-power-in-debt-box-lawsuit-two-lawyers-have-resigned/ 趙長鵬遭美檢方求刑 3 年，辯護律師爭取緩刑 https://blockcast.it/2024/04/24/doj-seeks-3-years-jail-for-binance-founder-cz/ CZ關三年？美國司法部建議震驚幣圈，辯護律師喊：應判緩刑不用入監！ https://www.blocktempo.com/the-us-department-of-justice-recommends-a-three-year-prison-sentence-for-cz/ XueDAO 傳捷報！參加 Solana 駭客松必勝營勇奪冠亞軍 https://none.land/xuedao-join-solana-hackathon-and-won-the-champion/ Jupiter：已向被駭客攻擊的社區成員錢包分配400萬枚JUP https://news.cnyes.com/news/id/5535405 博時基金8月底前將豁免博時HashKey比特幣ETF和以太幣ETF的管理費用 https://news.cnyes.com/news/id/5535390 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 【資安事件應變處理案例】勒索加密找上門，該如何應變 https://teamt5.org/tw/posts/ir-use-case-how-to-respond-to-ransomware-attack/ 小心 Github 上的開源 Bot！慢霧余弦：某免費開源機器人藏後門、竊取 Solana 私鑰 https://www.blocktempo.com/open-source-bot-steals-private-keys/ 多重勒索攻擊激增49%　資安方案朝無縫整合發展 https://www.eettaiwan.com/20240422nt11-it-security-ai/ 駭客特別開發免費作弊外掛，內藏勒索程式詐騙遊戲玩家 https://infosecu.technews.tw/2024/04/25/free-game-cheat-tool-cheat-lab-contains-trojan-virus/ 勒索軟體是一般製造業首要風險，釣魚網站、社交工程、BEC也不能掉以輕心 https://www.ithome.com.tw/article/162256 GitHub評論也能被濫用於散布惡意程式！駭客利用微軟的儲存庫URL推送作案工具 https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/ 俄羅斯駭客組織APT28運用惡意程式GooseEgg來觸發Windows的Print Spooler弱點 https://www.ithome.com.tw/news/162466 惡意軟體Androxgh0st入侵全球逾600臺伺服器，臺灣、美國、印度是主要目標 https://veriti.ai/blog/vulnerable-villain-when-hackers-get-hacked/ 後門程式MadMxShell透過惡意廣告散布，對方聲稱提供實用軟體引誘用戶上當 https://www.zscaler.com/blogs/security-research/malvertising-campaign-targeting-it-teams-madmxshell 勒索軟體Akira從逾250個受害組織得到4,200萬美元贖金 https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a 勒索軟體仍是高科技製造業首要威脅，但雲端服務與漏洞威脅不可掉以輕心 https://www.ithome.com.tw/article/162257 北韓駭客鎖定防毒軟體發動供應鏈攻擊，透過惡意程式GuptiMiner部署挖礦軟體 http://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/ 駭客組織ToddyCat濫用OpenSSH、SoftEther VPN建立隧道隱匿攻擊行動 https://securelist.com/toddycat-traffic-tunneling-data-extraction-tools/112443/ 惡意軟體SSLoad攻擊亞洲、歐洲、美洲組織，攻擊者利用Cobalt Strike、ScreenConnect控制受害電腦 https://www.ithome.com.tw/news/162518 北韓駭客Kimsuky鎖定防毒軟體發動供應鏈攻擊，透過惡意程式GuptiMiner部署後門程式、挖礦軟體 https://www.ithome.com.tw/news/162529 鎖定SAP應用系統的勒索軟體攻擊行動以倍數成長，3年爆增4倍 https://www.ithome.com.tw/news/162561 北韓駭客Lazarus假借職缺為誘餌，散布RAT木馬Kaolin RAT https://decoded.avast.io/luiginocamastra/from-byovd-to-a-0-day-unveiling-advanced-exploits-in-cyber-recruiting-scams/ 為強化勒索軟體回應與復原，Veeam併購索軟體回應服務業者Coveware https://www.ithome.com.tw/news/162510 發展中國家淪爲新型勒索軟體攻擊的試驗場 https://big5.ftchinese.com/interactive/151752?exclusive #StopRansomware: Akira Ransomware https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a Multi-level Dropbox commands and TutorialRAT behind APT43 https://www.genians.co.kr/blog/threat_intelligence/dropbox Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers https://thehackernews.com/2024/04/akira-ransomware-gang-extorts-42.html 中東政府遭到後門程式CR4T鎖定，駭客發起DuneQuixote攻擊行動 https://securelist.com/dunequixote/112425/ Hackers Target Middle East Governments with Evasive "CR4T" Backdoor https://thehackernews.com/2024/04/hackers-target-middle-east-governments.html OfflRouter Malware Evades Detection in Ukraine for Almost a Decade https://thehackernews.com/2024/04/offlrouter-malware-evades-detection-in.html Ransomware Double-Dip: Re-Victimization in Cyber Extortion https://thehackernews.com/2024/04/ransomware-double-dip-re-victimization.html Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers https://thehackernews.com/2024/04/researchers-uncover-windows-flaws.html 駭客利用ScrubCrypt部署VenomRAT並散布多種惡意外掛程式 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11051 勒索軟體駭客HelloKitty公布CD Projekt、思科外流資料，並更名企圖東山再起 https://www.bleepingcomputer.com/news/security/hellokitty-ransomware-rebrands-releases-cd-projekt-and-cisco-data/ HelloKitty變身HelloGookie！歡慶新暗網上線釋出解密金鑰 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11053 U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse https://thehackernews.com/2024/04/us-imposes-visa-restrictions-on-13.html Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware https://thehackernews.com/2024/04/russias-apt28-exploited-windows-print.html eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners https://thehackernews.com/2024/04/escan-antivirus-update-mechanism.html CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers https://thehackernews.com/2024/04/coralraider-malware-campaign-exploits.html New 'Brokewell' Android Malware Spread Through Fake Browser Updates https://thehackernews.com/2024/04/new-brokewell-android-malware-spread.html North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures https://thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users https://thehackernews.com/2024/04/major-security-flaws-expose-keystrokes.html 多款拼音鍵盤輸入法存在漏洞，有可能向攻擊者洩漏輸入內容 https://www.ithome.com.tw/news/162525 美眾院通過TikTok禁令要求1年內脫中易主 https://news.pts.org.tw/article/691417 網路犯罪份子利用 Apple Store Online 第三方取貨服務大賺黑心錢 https://infosecu.technews.tw/2024/04/22/credit-card-phinshing-apple-store-online-hird-party-pickup/ 資策會攜手遠傳電信參與3GPP國際資安標準 https://www.cna.com.tw/news/afe/202404230416.aspx C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力實測10美元「在暗網能買什麼」　網紅見1物嚇壞退出：要好好保護自己 https://www.ftvnews.com.tw/news/detail/2024423W0214 台廠成駭客攻擊熱區專家促強化資安 https://www.chinatimes.com/newspapers/20240421000345-260114?chdtv 開發Max搶票機器人程式違反文創法，竹科工程師被捕 https://www.cna.com.tw/news/asoc/202404230292.aspx 梅根「新事業」遭駭客針對！專家點出「危險信號」 https://www.setn.com/News.aspx?NewsID=1457701 電子零組件大廠遭駭 414萬檔案被鎖群光電子：未達重訊標準故而不發布 https://www.chinatimes.com/newspapers/20240421000343-260114?chdtv 駭客集團Hunters陸續駭進日本HOYA、台灣群光全球光學產業緊張 https://udn.com/news/story/7240/7913577 網路遭駭客攻擊！群光：已啟動防禦機制對營運無重大影響 https://reurl.cc/bVkla6 群光(2385)遭駭！傳1.2TB逾400萬檔案被鎖…公司啟動防禦與復原作業！這駭客來頭是 https://www.businesstoday.com.tw/article/category/183015/post/202404210016/ 群光電子遭駭客勒索，大江生醫也曾遭毒手！414萬筆檔案被綁架，群光重訊回應 https://www.bnext.com.tw/article/78907/chicony-hacker-attack 群光遭網路攻擊已啟動防禦機制 https://udn.com/news/story/7251/7913441 傳被勒索千萬美元香港仁安醫院被駭配血改人工操作 https://udn.com/news/story/7332/7912981 專家指仁安醫院遭黑客攻擊或涉多種原因衞生署要求四周內交報告 https://reurl.cc/70eME9 「匿名者」駭進中國機場、大學！要中國共產黨「血債血還」 https://today.line.me/tw/v2/article/3NRa2Do 抗議西藏鎮壓黑客組織匿名者攻入武漢大學 https://www.epochtimes.com/b5/24/4/22/n14231036.htm 中國政府假裝駭客直接參與下架筱君台灣PLUS http://www.1949ers.tw/chat/index.php?read+1713632651 網軍轉正，蔡奇要掌軍權？習近平突建新兵種《信息支援部隊》 https://www.soundofhope.org/post/808885?lang=b5 美參院通過延長《外國情報監視法》打擊恐怖攻擊與駭客間諜 https://n.yam.com/Article/20240421299396 伺機致命！聯調局長爆猛料：中共駭客已潛入美各大基建 https://tw.aboluowang.com/2024/0421/2046151.html 荷蘭軍情年度報告：中國以商、學、情報複合手法獲取西方知識技術 https://www.pourquoi.tw/intlnews-euaf-240415-240421-1/ 水電瓦斯防駭不足財損恐上億穆迪：投資人應注意風險 https://www.cherishnlove.com/news-detail/id/4338/index/6 駭客組織BlackTech鎖定科技、研究、政府部門而來，利用新的後門程式Deuterbear發動攻擊 https://www.ithome.com.tw/news/162440 HBO、日本動畫其實是北韓畫的？調查發現當地伺服器傳送文件 https://www.inside.com.tw/article/34822-north-korea-involved-in-animation-production 朝三大駭客組織為竊取韓軍工資料聯手實施網襲 https://cb.yna.co.kr/gate/big5/m-cn.yna.co.kr/view/ACK20240423001800881?section=politics/index 他們回國後都失蹤了？中國籍教授返國後下落不明 https://m.secretchina.com/news/b5/2024/04/23/1059985.html 韓國國防承包商傳出遭到北韓駭客組織攻擊，對方利用管理不善的系統進行滲透 https://www.ithome.com.tw/news/162508 南韓國防企業遭北韓駭客入侵竊取技術機密 https://www.cna.com.tw/news/aopl/202404230446.aspx 美國德州小鎮供水系統遭到攻擊而失控，疑俄羅斯駭客所為 https://www.ithome.com.tw/news/162507 俄羅斯駭客組織Sandworm破壞20個烏克蘭關鍵基礎設施運作 https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/ 駭客組織Androxgh0st入侵全球逾600臺伺服器，臺灣、美國、印度是主要目標 https://www.ithome.com.tw/news/162527 中國駭客鎖定網路邊際裝置、缺乏EDR系統防護的環境增加 https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2024 英國警方指控2名男子擔任中國間諜中方要求英國「停止自導自演鬧劇」 https://reurl.cc/ez6L57 涉為中國刺探情資德國極右翼政黨議員助理被捕 https://news.ltn.com.tw/news/world/breakingnews/4650744 間諜戰交鋒！　涉替大陸從事間諜活動　德逮3公民、英起訴2公民 https://today.line.me/tw/v2/article/yzBpwvQ 美國起訴四伊朗人駭客攻擊國防承包商 https://www.edigest.hk/1274990/?utm_campaign=ED_ContentCopy&utm_source=Web-inventory&utm_medium=Content-Copy_ED 美國驅逐艦Facebook帳號被黑駭客用其直播《帝國時代》 https://ek21.com/news/tech/266368/ 川普憂心中國偷渡客搖身變為共軍 https://www.hi-on.org/article-single.php?At=58&An=211030 痛批美韓軍演讓局勢惡化金與正嗆：北韓將儲備最強大軍事力量 https://reurl.cc/XG4qjD 俄羅斯政府支持的駭客利用 Microsoft Access 竊取公司電子郵件 https://www.enigmasoftware.com/zh-hant/russian-government-backed-hackers-used-microsoft-access-to-steal-company-emails/ 荷蘭許多太陽能板變流器易受駭客入侵 https://zh.twmt.tw/news/detail?id=23583&category_id=69 Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny https://thehackernews.com/2024/04/google-postpones-third-party-cookie.html Apache Cordova App Harness Targeted in Dependency Confusion Attack https://thehackernews.com/2024/04/apache-cordova-app-harness-targeted-in.html UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine https://cert.gov.ua/article/6278706 Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage https://thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies https://thehackernews.com/2024/04/german-authorities-issue-arrest.html U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks https://thehackernews.com/2024/04/us-treasury-sanctions-iranian-firms-and.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全【資安事件應變處理案例】個資外洩遭駭客利用，該如何處置與防範 https://teamt5.org/tw/posts/ir-use-case-how-to-respond-to-private-data-breach/ 思科示警VPN、SSH服務遭大規模暴力撞庫攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11047 柬埔寨拘逾680名中國涉詐犯分批押回國受審 https://reurl.cc/mMG0NY 台灣軍方稱駭客從中華電信取得敏感信息並在暗網上兜售 https://reurl.cc/WxkvgO 切勿尋求類似駭客或來路不明的單位以免陷入二次詐騙的困境 https://cpa.police.gov.taipei/News_Content.aspx?n=57B98A88F4AF61B1&sms=E0D2B829E1B43066&s=17A8B2ABEF33F0FC 『幫我的狗狗投票』是詐騙手法！看到通知千萬別點連結加映：如何開啟 Instagram 雙重認證 https://agirls.aotter.net/post/63232 防止駭客釣魚攻擊：這三個簽名授權原理你一定要了解 https://www.blocktempo.com/vernacular-interpretation-of-the-underlying-logic-of-web3-signature-phishing/ Medibank遭網路攻擊駭客威脅曝光澳洲名人個資 https://reurl.cc/0v2Zql Whoscall 新功能「個資外洩偵測」來了！快速查詢電話、郵件、帳號密碼是否外洩 https://whoscall.com/zh-hant/blog/articles/1225 喪心病狂！暗網AI手冊教偽造兒童不雅照宣稱已勒索多名女童 https://udn.com/news/story/6809/7917247 台灣大攜手91APP 布建D2C電商防詐網 https://reurl.cc/jWkvnM 2月駭客攻擊事件聯合健康集團：或有大量個資外洩 https://ec.ltn.com.tw/article/breakingnews/4650126 執法單位攻陷網釣服務平臺Labhost，逮捕37名嫌犯 https://www.ithome.com.tw/news/162413 駭客組織GhostR聲稱竊取個人聲譽資料庫World-Check的敏感資料 https://techcrunch.com/2024/04/18/world-check-database-leaked-sanctions-financial-crimes-watchlist/ 北韓雲端伺服器傳出組態不當導致檔案曝光，疑似間接承攬美國多家影音平臺外包動畫製作 https://www.ithome.com.tw/news/162505 北韓駭客再出手南韓國防公司資料遭竊 https://today.line.me/tw/v2/article/BERNzYQ CDN快取遭到濫用！駭客組織CoralRaider將其用來派送竊資軟體，意圖躲避資安偵測 https://www.ithome.com.tw/news/162509 咖啡製造商Nespresso的網域被濫用，攻擊者藉由開發重新導向來從事網釣攻擊，意圖竊取使用者的微軟帳號 https://perception-point.io/blog/phishing-attack-exploits-nespresso-open-redirect-vulnerability/ 長榮航空證實資料外洩，不明人士存取逾300名旅客個資 https://www.ithome.com.tw/news/162548 Autodesk檔案共享服務遭到濫用，攻擊者上傳PDF檔案發動網釣攻擊 https://www.netcraft.com/blog/autodesk-hosting-pdf-files-used-in-microsoft-phishing-attacks/ 亞馬遜旗下電競直播平臺Twitch遭駭客攻擊數據被泄露 https://ek21.com/news/tech/266349/ Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases https://thehackernews.com/2024/04/police-chiefs-call-for-solutions-to.html ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft https://thehackernews.com/2024/04/russian-hacker-group-toddycat-uses.html E.研究報告/工具原始情資（Raw Intel）在現今網路威脅情資中所扮演的角色為何 https://teamt5.org/tw/posts/raw-intel-s-role-in-modern-cyber-threat-intelligence/ GPT-4 當白帽駭客！成功利用實驗中 87% 資安漏洞，成本便宜人工近 3 倍 https://www.inside.com.tw/article/34808-gpt-4-exploits-87-percent-vulnerabilities 生成式AI可用來發展低成本紅隊演練？GPT-4能自動拆解漏洞資訊，並將其用於發動攻擊 https://www.ithome.com.tw/news/162462 研究人員聲稱 Windows Defender 可以被誘騙誤導刪除整個資料庫 https://www.techbang.com/posts/114811-windows-defender-tricked-deleting-databases 針對XZ Utils供應鏈攻擊事故，研究人員揭露更多社交工程攻擊的細節 https://securelist.com/xz-backdoor-story-part-2-social-engineering/112476/ BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool https://thehackernews.com/2024/04/blacktech-targets-tech-research-and-gov.html How Attackers Can Own a Business Without Touching the Endpoint https://thehackernews.com/2024/04/showcasing-networkless-identity-attacks.html Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation https://thehackernews.com/2024/04/penteras-2024-report-reveals-hundreds.html 竊資軟體RedLine藉由遊戲作弊軟體為誘餌，引誘玩家上當 https://www.ithome.com.tw/news/162438 New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth https://thehackernews.com/2024/04/new-redline-stealer-variant-disguised.html Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery https://thehackernews.com/2024/04/unmasking-true-cost-of-cyberattacks.html CISO Perspectives on Complying with Cybersecurity Regulations https://thehackernews.com/2024/04/ciso-perspectives-on-complying-with.html Network Threats: A Step-by-Step Attack Demonstration https://thehackernews.com/2024/04/network-threats-step-by-step-attack.html Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike https://thehackernews.com/2024/04/researchers-detail-multistage-attack.html 10 Critical Endpoint Security Tips You Should Know https://thehackernews.com/2024/04/10-critical-endpoint-security-tips-you.html F.商業 Check Point 推出具進階威脅防護能力的創新單一介面電子郵件管理解決方案 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11049 碩泰網通宣布取得Tenable台灣區代理權 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11048 零壹科技成立「聯壹數位」子公司強化雲策略布局 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11045 趨勢科技全新資安風險管理功能，10合1的工具整合率創紀錄 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11052 G.政府學者︰啟動跨國合作追查駭客 https://news.ltn.com.tw/news/politics/paper/1642099 認知作戰？網傳蕭美琴返台攜23瓶酒...外交部疑文件涉及變造、財長回「沒特權」！綠委轟政治操作 https://www.fountmedia.io/article/219606 風評：蕭美琴公函外洩，AI內閣剉咧等 https://reurl.cc/dnXmZM 法務部調查局與臺北醫學大學暨附屬醫院簽署國家資通安全聯防與情資分享合作備忘錄 https://www.mjib.gov.tw/news/Details/1/988 防範駭客攻擊醫院資料庫｜調查局與北醫簽署「國家資通安全聯防與情資分享合作」備忘錄 https://www.tcpttw.com/2024/04/105362/ 資安院：今年已接獲逾20件企業資安通報 https://www.chinatimes.com/realtimenews/20240424002501-260410?chdtv 資安院營運 TWCERT/CC　推動公私協作聯防強化企業資安 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/75CA8ABD32894410BF0F3FF7D85DFC21#google_vignette 「FDO台北研討會」全球首發準數位部長黃彥男給期許 https://www.rti.org.tw/news/view/id/2203719 臺中市首場資安長研習產官學攜手共建資訊安全治理新模式 https://www.cna.com.tw/postwrite/chi/368911 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安西門子針對旗下工業控制系統提出警告，恐曝露Palo Alto Networks防火牆危急漏洞風險 https://cert-portal.siemens.com/productcert/html/ssa-750274.html IoT設備身分識別標準FDO即將有4家廠商取得首波認證，其中一家是臺灣工業電腦業者東擎科技 https://www.ithome.com.tw/news/162513 美國五角大廈針對國防工業基礎產業祭出漏洞懸賞專案 https://content.govdelivery.com/accounts/USDODDC3/bulletins/39743d7 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 6.近期資安活動及研討會 iPAS-「初級」資訊安全工程師-能力研習衝刺班 2024/4/27、5/4 https://www.twcert.org.tw/tw/cp-105-7703-b5976-1.html ISA/IEC 62443工控系統資通安全解析及實務分析 2024/4/30 https://www.caa.org.tw/newsdetail-16334.html 【安碁學苑】資安職能培訓｜資訊安全工程師 2024/5/4 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-3 Just a chat - with no Expectations 2024/4/27 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcgbkc/ 「工業自動化控制系統-資安指引」說明會 2024/5/10 https://www.tairoa.org.tw/column/bnGenerator.aspx?Language=zh-TW&CategoryId=5&ColumnId=13731 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/5/22 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702425/ 【安碁學苑】資安職能培訓｜系統網路安全管理師 2024/5/24 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-4 2024離島盃資安競賽 2024/5/25 https://shieldx.kktix.cc/events/outlying 資通安全概論--中區--考前複習班 2024/6/4 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X22767 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/6/26 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702428/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/7/24 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702433/ AI應用系統開發與生成式AI應用人才培訓班第一梯次 2024/6/27 ~ 2024/8/9 https://www.accupass.com/event/2401100729511706489107 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/