###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/10/16 ~ 2023/10/20 1.重大弱點漏洞/後門/Exploit/Zero Day HTTP/2的零日漏洞引發有史以來最大規模的 DDoS攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10743 MITRE：CVE-2023-44487 HTTP/2 快速重設攻擊 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 Find and fix HTTP/2 rapid reset zero-day vulnerability CVE-2023-44487 https://snyk.io/blog/find-fix-http-2-rapid-reset-zero-day-vulnerability-cve-2023-44487/ CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 Microsoft 串流服務 Proxy 權限提高弱點 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802 Microsoft流式处理代理权限提升漏洞 (CVE-2023-36802) 安全通告 https://www.secrss.com/articles/59589 Windows_MSKSSRV_LPE_CVE-2023-36802 https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802 Oracle Critical Patch Update Advisory - October 2023 https://www.oracle.com/security-alerts/cpuoct2023.html?source=:em:gbc:ie:cpo:::RC_WWMK210714P00017:SEV400312637 CVE-2023-4911 https://github.com/RickdeJager/CVE-2023-4911 NVD CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 Fortinet 近日發布多個產品的安全公告 https://fortiguard.fortinet.com/psirt/FG-IR-23-085 Juniper Networks修補網路設備作業系統逾30個漏洞 https://www.securityweek.com/juniper-networks-patches-over-30-vulnerabilities-in-junos-os/ 本月修補的Citrix NetScaler漏洞傳出8月就被用於攻擊行動 http://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966 Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html 俄羅斯駭客利用壓縮軟體WinRAR漏洞發動攻擊 https://blog.cluster25.duskrise.com/2023/10/12/cve-2023-38831-russian-attack Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-289a CVE-2023-20198漏洞已讓數千臺思科裝置淪陷 https://www.ithome.com.tw/news/159338 上萬臺思科網路設備遭遇IOS XE零時差漏洞攻擊 https://www.bleepingcomputer.com/news/security/over-10-000-cisco-devices-hacked-in-ios-xe-zero-day-attacks/ https://vulncheck.com/blog/cisco-implants https://twitter.com/SimoKohonen/status/1714213806371479849 https://twitter.com/CERTCyberdef/status/1714567941184749609 思科網路設備作業系統IOS XE的零時差漏洞已出現攻擊行動 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z Cisco 近日發布，Cisco IOS XE 軟體 Web UI 權限升級漏洞 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild https://thehackernews.com/2023/10/warning-unpatched-cisco-zero-day.html Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/ Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html 舊版有重大安全漏洞，你的 WinRAR 該手動更新了 https://technews.tw/2023/10/19/winrar-security/ 中俄國家駭客涉嫌濫用WinRAR零時差漏洞 https://www.ithome.com.tw/news/159368 Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html WordPress外掛程式Royal Elementor存在零時差漏洞，攻擊行動自10月初升溫 https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-flaw-in-wordpress-royal-elementor-plugin/ WordPress外掛程式User Submitted Posts存在任意檔案上傳漏洞 https://patchstack.com/articles/pre-auth-arbitrary-file-upload-in-user-submitted-posts-plugin/ WordPress外掛程式TagDiv出現漏洞，數千個網站受到影響 https://www.securityweek.com/recently-patched-tagdiv-plugin-flaw-exploited-to-hack-thousands-of-wordpress-sites/ Hackers exploit critical flaw in WordPress Royal Elementor plugin https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-flaw-in-wordpress-royal-elementor-plugin/ 代理伺服器軟體Squid存在數十個漏洞，通報逾2年仍未完全修補 https://joshua.hu/squid-security-audit-35-0days-45-exploits 勒索軟體駭客利用WS_FTP伺服器重大漏洞CVE-2023-40044入侵目標組織 https://infosec.exchange/@SophosXOps/111222943608438109 Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers https://thehackernews.com/2023/10/experts-warn-of-severe-flaws-affecting.html CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations https://blog.cluster25.duskrise.com/2023/10/12/cve-2023-38831-russian-attack Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html 開源雲端軟體CasaOS存在重大漏洞，攻擊者有可能用來執行任意程式碼並控制受害系統 https://www.sonarsource.com/blog/security-vulnerabilities-in-casaos/ New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager https://thehackernews.com/2023/10/new-admin-takeover-vulnerability.html Zyxel ZyWall USG 20/50 防火牆服務 https://teamt5.org/tw/posts/alerts-of-exploiting-zyxel-zywall-usg-20-50/?utm_source=EDM&utm_medium=EDM IBM's Pulse App for QRadar is vulnerable to CVE-2021-32822 https://www.ibm.com/support/pages/node/7054775?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E 2.銀行/金融/保險/證券/金融監理 新聞及資安 金融單位遭金管會稽核消息頻傳，Openfind 協助企業因應金檢重點項目 https://n.yam.com/Article/20231017423470 金融業運用AI守則出爐！金管會提6大核心原則：應公平、減少偏見 https://www.bnext.com.tw/article/77081/financial-supervisory-commission-ai-industry 新光金保代攜手昕力資訊將建置新一代核心系統 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/35B65BD2A40C4E0C88337241D4DBB087 為防堵金融詐騙橫行，32家銀行參與鷹眼識詐聯盟 https://www.fubon.com/financialholdings/news/news_1231016_455320.htm 銀行協助防詐 從臨櫃阻匯到事先預警 https://ec.ltn.com.tw/article/paper/1609986 金融網攻恐致全球損失113兆 勞合社：大多未保險 https://www.rti.org.tw/news/view/id/2183928 3.信用卡/電子支付/行動支付/pay/支付系統/資安 Magecart信用卡側錄出現新手法，攻擊者濫用404錯誤訊息網頁盜取相關資料 https://www.akamai.com/blog/security-research/magecart-new-technique-404-pages-skimmer 華為花瓣支付上線 業界：或打破支付寶微信「雙寡頭」格局 https://www.chinatimes.com/realtimenews/20231017005394-260409?chdtv 手機掃一掃 挑戰央行與金管會 https://wantrich.chinatimes.com/news/20231018900451-420201 電子支付「提領」免手續費掰了！　icash Pay定12／20每筆收15元 https://finance.ettoday.net/news/2602646 全盈支付拓微金融版圖 電支薪轉服務上線 https://news.cnyes.com/news/id/5348923 行動支付綁定後遭盜刷 學者：發卡銀行可再精進作為 https://ec.ltn.com.tw/article/paper/1608814 Google在美國更多州開放將數位證件存放錢包使用功能，還能直接存放各類會員卡、活動服務條碼 https://mashdigi.com/google-has-opened-the-function-of-storing-digital-documents-in-wallets-in-more-states-in-the-united-states-and-can-also-directly-store-various-membership-cards-and-event-service-barcodes/ 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign https://thehackernews.com/2023/10/binances-smart-chain-exploited-in-new.html 幣安智能鏈合約遭濫用，駭客用於埋藏惡意指令碼 https://labs.guard.io/etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16 駭客假借提供加密貨幣錢包應用程式，透過NuGet套件管理器散布木馬程式SeroXen https://www.bleepingcomputer.com/news/security/malicious-solana-kucoin-packages-infect-nuget-devs-with-seroxen-rat/ 駭客使用「EtherHiding」技術在區塊鏈中隱藏惡意代碼 https://news.cnyes.com/news/id/5347776?exp=a MetaMask 錢包一度遭到 AppStore 下架 https://blockcast.it/2023/10/16/mica-daily-1016/ DeFi借貸五巨頭的演變歷史 – MakerDAO, Yield, Aave, Compound & Euler https://www.blocktempo.com/borrowing-on-ethereum-comparing-architecture-evolution-of-makerdao-yield-aave-compound-euler/ 加州嚴管加密貨幣 2025年7月起需獲許可證 https://www.worldjournal.com/wj/story/121359/7507882 Tether已凍結8.35億美元資產，主要針對區塊鏈與交易平台駭客攻擊 https://news.cnyes.com/news/id/5348060 Platypus Finance 遭遇第二次駭客攻擊，AVAX 損失 2 萬美元 https://mpost.io/zh-TW/platypus-finance-suffer-second-hack-loses-2-million-in-avax/ 全球下一個資安挑戰！如何在鏈上與駭客攻防 https://web3plus.bnext.com.tw/article/1711? Fantom基金會遭零日駭客攻擊！員工損失700萬美元資產 https://abmedia.io/fantom-foundation-zero-day-hack 慢霧首席資訊安全官：Wizz Wallet故障據說是轉賬時產品Bug，導致特殊代幣被燒毀，非駭客行為 https://news.cnyes.com/news/id/5349651 持有 20 萬枚比特幣的「巨鯨」：美國政府下一步棋會如何影響市場走向 https://blockcast.it/2023/10/18/us-government-holds-5b-in-bitcoin-how-will-it-affect-the-market/ 25萬鎂保險沒了》幣安美國：用戶存款不再受FDIC保護、停止美元出金 https://www.blocktempo.com/binance-us-stops-usd-withdrawals/ 數碼港將於10-11月推出一系列 Web3 主題活動 http://www.aastocks.com/tc/stocks/news/infocast-news/IC4153938/1 HopeLend遭受駭客攻擊損失526ETH https://badgameshow.com/steven/uncategorized/pelend-hack/ 美國絲路駭客已入獄判刑一年，曾報警找五萬枚BTC贓款 https://www.blocktempo.com/skillroad-hacker-arrest-details-revealed-in-new-report/ 美國對哈馬斯金融網路實施制裁 https://big5.ftchinese.com/interactive/126426?exclusive 五人團伙因自學「駭客」技術盜竊3000枚USDT被判刑並處罰金 https://news.cnyes.com/news/id/5351270?exp=a Atomic Wallet遭駭客入侵後在交易平台凍結了200萬美元的「可疑存款」 https://news.cnyes.com/news/id/5351546 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 美國大型油管運輸系統Colonial Pipeline傳出遭到勒索軟體駭客RansomedVC攻擊，該公司表示是第三方組織資料外洩流出 https://www.hackread.com/ransomedvc-colonial-pipeline-cybersecurity-breach/ 駭客鎖定Telegram、AWS、阿里雲用戶發動供應鏈攻擊，散布惡意PyPI套件 https://checkmarx.com/blog/users-of-telegram-aws-and-alibaba-cloud-targeted-in-latest-supply-chain-attack/ 惡意廣告攻擊行動宣稱提供文字編輯器Notepad++，目的是散布惡意程式 https://www.malwarebytes.com/blog/threat-intelligence/2023/10/the-forgotten-malvertising-campaign Ransom.Win32.NOESCAPE.D 勒索病毒 https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/ransom.win32.noescape.d 美國整形外科診斷遭到勒索軟體駭客索討贖金 https://www.bleepingcomputer.com/news/security/fbi-warns-of-extortion-groups-targeting-plastic-surgery-offices/ 即時通訊軟體Discord成惡意軟體溫床，APT駭客也加入濫用行列 https://www.trellix.com/en-au/about/newsroom/stories/research/discord-i-want-to-play-a-game/ 攻擊行動Qubitstrike鎖定Jupyter Notebook伺服器部署惡意程式，竊取AWS、Google Cloud帳密 http://www.cadosecurity.com/qubitstrike-an-emerging-malware-campaign-targeting-jupyter-notebooks/ 國防專家遭北韓駭客Lazarus鎖定，假借採訪名義散布木馬化VNC應用程式 https://thehackernews.com/2023/10/lazarus-group-targeting-defense-experts.html LockBit 模仿犯使用外洩的程式碼發展新勒索軟體進行攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10753 Kimsuky Threat Group Uses RDP to Control Infected Systems https://asec.ahnlab.com/en/57873/ Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps https://thehackernews.com/2023/10/lazarus-group-targeting-defense-experts.html Analysis Report on Lazarus Threat Group’s Volgmer and Scout Malware https://asec.ahnlab.com/en/57685/ “EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts https://labs.guard.io/etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16 New wave of "Silver Fox" Trojan attacks https://cert.360.cn/warning/detail?id=6528fd63ea0822e915605dc6 Ransomware Roundup - Akira https://www.fortinet.com/blog/threat-research/ransomware-roundup-akira Typosquatting campaign delivers r77 rootkit via npm https://www.reversinglabs.com/blog/r77-rootkit-typosquatting-npm-threat-research Ransomware Attacks Double: Are Companies Prepared for 2024's Cyber Threats https://thehackernews.com/2023/10/ransomware-attacks-doubled-year-on-year.html 惡意軟體DarkGate利用帳密外洩的Skype登入身分，散布帶有VBA指令碼的檔案來發動攻擊 https://www.trendmicro.com/en_ph/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams.html DarkGate Malware Spreading via Messaging Services Posing as PDF Files https://thehackernews.com/2023/10/darkgate-malware-spreading-via.html 烏克蘭駭客對勒索軟體Trigona下手，破壞其基礎設施 https://www.bleepingcomputer.com/news/security/ukrainian-activists-hack-trigona-ransomware-gang-wipe-servers/ 美國針對勒索軟體AvosLocker攻擊關鍵基礎設施提出警告 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-284a FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure https://thehackernews.com/2023/10/fbi-cisa-warn-of-rising-avoslocker.html Malicious NuGet Package Targeting .NET Developers with SeroXen RAT https://thehackernews.com/2023/10/malicious-nuget-package-targeting-net.html Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign https://thehackernews.com/2023/10/qubitstrike-targets-jupyter-notebooks.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 駭客假借提供以色列空襲警報App，意圖散布安卓惡意程式 https://blog.cloudflare.com/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/ 安卓間諜軟體SpyNote透過釣魚簡訊散布 https://blog.f-secure.com/take-a-note-of-spynote/ SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls https://thehackernews.com/2023/10/spynote-beware-of-this-android-trojan.html https://blog.f-secure.com/take-a-note-of-spynote/ Google允許安卓用戶刪除15分鐘內Chrome上網紀錄、Gmail流到暗網時會通知用戶 https://www.ithome.com.tw/news/159251 Malicious “RedAlert - Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information https://blog.cloudflare.com/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/ 台灣大啟動「攔阻偽冒 +886 9 國際來話」，阻斷偽冒國際電話 https://technews.tw/2023/10/17/taiwan-mobile-scam/ Google Play Protect Introduces Real-Time Code-Level Scanning for Android Malware https://thehackernews.com/2023/10/google-play-protect-introduces-real.html 安卓手機防護新招！「AI即時掃瞄」揪惡意程式 https://newtalk.tw/news/view/2023-10-19/893123 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 斗南消防分隊「粉專遭駭」上傳9段色情片！遭踢出管理員「影片刪不掉」求檢舉：別看笑話 https://www.storm.mg/lifestyle/4884736 LiTV大當機原因曝！前IT主管扮駭客狂刪檔案　筆電復活下場慘了 https://www.ettoday.net/news/20231020/2606195.htm 資料：韓近五年私人遭受駭客攻擊案件增加三倍 https://cb.yna.co.kr/gate/big5/cn.yna.co.kr/view/ACK20231016000400881?section=society/index 新世代戰爭！外媒解析以色列、哈瑪斯「無人機大戰」策略 https://udn.com/news/story/123777/7516700 波蘭在網路安全支出方面落後 https://www.trade.gov.tw/Pages/Detail.aspx?nodeID=45&pid=772488 韓國政府將投資8.3億美元於資安產業，以擠身世界前五為目標 https://reurl.cc/My3Ey4 美韓警示IT企業勿雇用假冒國籍的北韓人避免間接協助發展核武 https://www.pourquoi.tw/intlnews-neasia-231013-231019-4/ 美國FBI 警告：數千名北韓「遠距工作者」假身份找美國工作，資助導彈計畫 https://www.inside.com.tw/article/33108-north-korea-it-workers-help-fund-weapons-program FBI：上千人遠距工作詐領美企薪水 數百萬美元流向北韓飛彈計畫 https://www.cna.com.tw/news/aopl/202310200156.aspx 美國CIA糗了！美國中情局招募線人頻道，竟因安全漏洞曝光 https://www.storm.mg/article/4885448 美前情報專家：中國狂推認知戰 從未交手如此強大力量 https://www.cna.com.tw/news/aipl/202310170247.aspx 美國證券交易委員會傳出著手調查MOVEit Transfer攻擊行動帶來的影響 https://www.sec.gov/Archives/edgar/data/876167/000087616723000190/prgs-20230831.htm 以巴衝突從飛彈到資訊戰！駭客用 DDoS 癱瘓兩國網站，還發送假空襲警告誤導民眾 https://reurl.cc/QZYQ7b 俄羅斯駭客Sandworm自5月就對烏克蘭電信業者下手，近半年已有11家業者受害 http://cert.gov.ua/article/6123309 中國駭客利用後門程式Bloodalchemy竊取東南亞國家的機密 https://www.elastic.co/security-labs/disclosing-the-bloodalchemy-backdoor 「五眼聯盟」首次聯合指控中國竊取IP 美FBI局長示警：北京威脅前所未見 https://reurl.cc/7MKxyl 五眼聯盟罕見發聯合聲明 指責中國竊取智慧財產權 https://udn.com/news/story/6809/7513515 俄羅斯駭客鎖定東亞、北美，利用武器化的TeamViewer發動攻擊 https://ti.qianxin.com/blog/articles/Operation-HideBear-Russian-Threat-Actors-Targeting-East-Asia-and-North-America-CN/ 伊朗駭客APT34入侵中東政府的電腦，將微軟Exchange伺服器當作C2基礎設施 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/crambus-middle-east-government Lazarus 和 Andariel 駭客利用 TeamCity 漏洞破壞網絡 https://reurl.cc/r6YWLy 北韓駭客組織利用CI/CD系統TeamCity漏洞發動供應鏈攻擊 https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/ 北韓駭客利用 TeamCity 的關鍵缺陷來攻擊網絡 https://zh-tw.techwar.gr/176854/voreiokoreates-chaker-ekmetallevontai-to-krisimo-elattoma-tou-teamcity-gia-na-paraviasoun-ta-diktya/ 即將舉行的女性政治領袖會議遭到鎖定，被當作散布惡意軟體RomCom的誘餌 https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/j/void-rabisu-targets-female-political-leaders/ioc-void-rabisu-targets-female-political-leaders-with-new-slimmed-down-ROMCOM-variant.txt New PEAPOD Cyberattack Campaign Targeting Women Political Leaders https://thehackernews.com/2023/10/new-peapod-cyberattack-campaign.html ClearFake: a newcomer to the “fake updates” threats landscape https://blog.sekoia.io/clearfake-a-newcomer-to-the-fake-updates-threats-landscape/ DarkGate Opens Organizations for Attack via Skype, Teams https://www.trendmicro.com/en_us/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams/IOCs-DarkGate-Opens-Organizations-for-Attack-via-Skype-Teams.txt Sticky Werewolf spies attack government organizations in Russia and Belarus https://bi.zone/expertise/blog/shpiony-sticky-werewolf-atakuyut-gosudarstvennye-organizatsii-rossii-i-belarusi/ CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks https://thehackernews.com/2023/10/cert-ua-reports-11-ukrainian-telecom.html Peculiarities of destructive cyber attacks against Ukrainian providers https://cert.gov.ua/article/6123309 TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments https://thehackernews.com/2023/10/tetrisphantom-cyber-espionage-via.html Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign https://thehackernews.com/2023/10/iran-linked-oilrig-targets-middle-east.html Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw https://thehackernews.com/2023/10/microsoft-warns-of-north-korean-attacks.html U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses https://thehackernews.com/2023/10/us-doj-cracks-down-on-north-korean-it_20.html 國立臺南藝術大學資訊處誠徵「網路資安工程師」 https://ic.tnnua.edu.tw/p/404-1021-41338.php?Lang=zh-tw 資訊部-資安治理工程師 https://www.104.com.tw/job/8521d?jobsource=googlejobs 駐點資安助理 https://job.taiwanjobs.gov.tw/internet/index/JobDetail.aspx?R2=11&EMPLOYER_ID=528812&HIRE_ID=12314581 資安產品管理暨研發工程師 https://www.104.com.tw/job/7jzz6?jobsource=m104 資深系統工程師Senior System Engineer https://www.yourator.co/companies/WebComm/jobs/31665 資訊安全工程師 https://job.taiwanjobs.gov.tw/internet/index/JobDetail.aspx?EMPLOYER_ID=151074&HIRE_ID=12326207&R2=5 資訊安全工程師 https://www.csu.edu.tw/wSite/ct?xItem=339917&ctNode=17306&mp=10001&idPath=17291_17301 硬體工程師 https://www.104.com.tw/job/84vwo 【專案】資安工程師(台南) https://www.104.com.tw/job/8575o?jobsource=googlejobs D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 駭客協會遭冒名刊臉書廣告 誆幫討詐欺損失成「二次詐騙」 https://www.chinatimes.com/realtimenews/20231017004044-260402?chdtv Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication https://thehackernews.com/2023/10/microsoft-to-phase-out-ntlm-in-favor-of.html 微軟宣布擴充Kerberos功能，逐步淘汰Windows 11中的NTLM https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-evolution-of-windows-authentication/ba-p/3926848 Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html 印尼查核組織Mafindo來台傳授防詐騙之道 https://tfc-taiwan.org.tw/articles/9757 手機會泄露個人信息，汽車也會嗎 https://reurl.cc/4WLQrv 基因檢測公司數據遭駭，祖克柏、馬斯克 DNA 資料疑被出售 https://technews.tw/2023/10/17/zuckerberg-musk-dna-data-suspected-to-be-sold/ 以巴大量假訊息嚴重挑戰社群監管，WSJ：X 證明新內容策略失敗 https://technews.tw/2023/10/16/x-is-loser/ 2024選舉查證筆記第一集：台灣首見選前AI造假音檔 教你判別偽造影音小撇步 https://tfc-taiwan.org.tw/articles/9781 APT samples found abusing Discord for exfiltration https://otx.alienvault.com/pulse/652ea3814043a2f5ee2088e5 Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure https://thehackernews.com/2023/10/discord-playground-for-nation-state.html 友訊1.2GB產品原始碼、客戶、員工資料在駭客論壇上兜售 https://www.ithome.com.tw/news/159336 友訊：伺服器、雲端未遭駭 https://money.udn.com/money/story/5710/7517006 針對10月初發生的資料外洩事故，友訊科技提出進一步說明 https://www.ithome.com.tw/news/159381 D-Link傳資料外洩，起因是員工遭網釣攻擊 https://www.bleepingcomputer.com/news/security/d-link-confirms-data-breach-after-employee-phishing-attack/ https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10359 D-Link Confirms Data Breach: Employee Falls Victim to Phishing Attack https://thehackernews.com/2023/10/d-link-confirms-data-breach-employee.html 新興旅遊詐騙話術大公開 警提點3大特徵要小心 https://www.chinatimes.com/realtimenews/20231018004048-260402?chdtv 逾4萬個管理員帳號使用admin當作密碼 https://outpost24.com/blog/it-admins-weak-password-use/ 華府選委會網站遇駭 4000選民個資外洩 https://www.worldjournal.com/wj/story/121277/7512447 駭客利用美國說唱歌手Nelly的X帳戶發布釣魚網站 https://news.cnyes.com/news/id/5350246 認知作戰早從七十年就開始！用你的魔法打敗你！中共宣傳部門發家史 https://vocus.cc/article/652f3dcffd897800019650f2 台馬之星訂位異常洩個資釀詐騙 監院要求連江縣、航港局改進 https://www.chinatimes.com/realtimenews/20231019004255-260407?chdtv 基因檢驗業者23andMe傳出資料外洩，410萬筆記錄流入駭客論壇 https://www.bleepingcomputer.com/news/security/hacker-leaks-millions-of-new-23andme-genetic-data-profiles/ https://www.bleepingcomputer.com/news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/ https://techcrunch.com/2023/10/18/hacker-leaks-millions-more-23andme-user-records-on-cybercrime-forum/ 駭客透過Google廣告聲稱提供密碼管理軟體KeePass，散布惡意程式 https://www.malwarebytes.com/blog/threat-intelligence/2023/10/clever-malvertising-attack-uses-punycode-to-look-like-legitimate-website 駭客刊登假冒為KeePass的Google搜尋廣告 https://www.ithome.com.tw/news/159403 學生個資嚴重外洩 議員：校園資安漏洞 https://udn.com/news/story/6885/7517338 網友謊稱花3百萬幫下架不雅照 藉機敲詐50萬結局逆轉反賠10萬元 https://www.chinatimes.com/realtimenews/20231020002277-260402?chdtv 詐團人頭戶幫助犯被訴 台南女說「我也是被騙」獲判無罪 https://udn.com/news/story/7320/7518142 卡西歐傳出資料外洩，恐波及149國客戶 https://world.casio.com/information/1018-incident/ 印度警方聯手微軟、Amazon，打擊假冒技術支援詐騙行動 https://www.ithome.com.tw/news/159409 https://twitter.com/CBIHeadquarters/status/1715013792697045503/photo/1 https://blogs.microsoft.com/on-the-issues/2023/10/19/microsoft-amazon-tech-support-fraud-india/ https://www.aboutamazon.com/news/policy-news-views/amazon-microsoft-protect-against-impersonation-scams E.研究報告/工具 開價5000美元兜售我國2357萬筆個資 調查局掌握境外駭客論壇 https://news.ltn.com.tw/news/society/breakingnews/4459677 曾售出我國2千萬多筆個資！國際駭客論壇又復活 調查局追查中 https://reurl.cc/nLm7Zv 為因應開源軟體供應鏈安全威脅，OpenSSF推出開源惡意套件儲存庫 https://openssf.org/blog/2023/10/12/introducing-openssfs-malicious-packages-repository/ 研究人員：微調大語言模型會削弱「安全性」，易被駭客進行後門攻擊 https://news.knowing.asia/news/a2e459b3-c16c-4e34-af01-c20aacb68b77 當門禁系統成為駭客的挖礦機 https://www-ws.pthg.gov.tw/Upload/2015pthg/55/relfile/11445/592136/af05a553-de56-4621-bbba-83e220dfcbcc.pdf 什麼是漏洞研究 https://teamt5.org/tw/posts/what-is-vulnerability-research/ 數位自動化：網路犯罪分子的天堂 https://blog.twnic.tw/2023/10/20/28680/ Understanding DNS Tunneling Traffic in the Wild https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild/ Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign https://unit42.paloaltonetworks.com/new-linux-xorddos-trojan-campaign-delivers-malware/ The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video) https://thehackernews.com/2023/10/the-fast-evolution-of-saas-security.html Unraveling Real-Life Attack Paths – Key Lessons Learned https://thehackernews.com/2023/10/unraveling-real-life-attack-paths-key.html Vulnerability Scanning: How Often Should I Scan? https://thehackernews.com/2023/10/vulnerability-scanning-how-often-should.html Analysis of the expansion of fraudulent backdoors claimed to have been implanted in 20 million devices https://otx.alienvault.com/pulse/6531315c5029eeeaab2f94c0 Various actors actively deploying Lumma Stealer in multiple campaigns https://www.intrinsec.com/wp-content/uploads/2023/10/TLP-CLEAR-Lumma-Stealer-EN-Information-report.pdf Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies https://thehackernews.com/2023/10/sophisticated-mata-framework-strikes.html ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges https://thehackernews.com/2023/10/exelastealer-new-low-cost-cybercrime.html F.商業 Gartner發佈將深入改變企業數位化未來的五項技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10750 羽昇國際舉辦資安主管講堂，聚焦資安長的挑戰及資安轉型做法 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10744 F5 透過投資開發與提升技術效能支援開源遙測項目 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10746 微軟邀請民間高手幫 Bing AI 找漏洞，最高獎金 15,000 美元 https://www.kocpc.com.tw/archives/515974 台灣西門子智慧基礎建設聯手 Fortinet，全面落實資安防護 https://www.asmag.com.tw/showpost/12721.aspx 精誠集團旗下資安服務廠商 搶攻東南亞市場 https://money.udn.com/money/story/11162/7516405 台灣大硬科技日揭露AI、資安等5大黑科技平台 林之晨：助企業營運效率翻倍 https://reurl.cc/m0Y0rj Amazon、WhatsApp加入支援Passkey的行列 https://www.ithome.com.tw/news/159335 消滅「詐機」! 趨勢科技呼籲民眾升級資安知識、採取防詐行動 https://www.techbang.com/posts/110494-eliminate-the-scam-trend-micro-calls-on-the-public-to-upgrade G.政府 交通部聯手中芯數據，打造資安防護網 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10608 金管會公布金融業運用人工智慧(AI)之核心原則及政策 https://www.fsc.gov.tw/ch/home.jsp?id=96&parentpath=0,2&mcustomize=news_view.jsp&dataserno=202310170002&aplistdn=ou=news,ou=multisite,ou=chinese,ou=ap_root,o=fsc,c=tw&dtable=News 桃園市與電信業者合作以網路切片打造急救5G專網，讓救護車到院前可先將患者生理數據、4K影像傳送至醫院作好急救準備 https://www.ithome.com.tw/news/159330 數位發展部資通安全署未及時因應組織改造完成國家資通安全發展方案之修訂及公告，審計部促請改善 https://www.audit.gov.tw/p/406-1000-9158,r12.php?Lang=zh-tw 通電資通報—委外廠商資訊安全管理應注意事項 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1622728 政大資安科技中心籌備中！左瑞麟教授期盼：量子安全遷移中心應整合台灣學術界專長 https://www.taiwannews.com.tw/ch/news/5021119 金融單位遭金管會稽核消息頻傳，Openfind 協助企業因應金檢重點項目 https://www.openfind.com.tw/taiwan/news_detail.php?news_id=10330 唐鳳率團參加聯合國網際網路治理論壇 暢談AI、資安 https://udn.com/news/story/7238/7508968 跨國網路攻防演練今登場 18國參與聚焦水資源設施 https://ec.ltn.com.tw/article/breakingnews/4462358 唐鳳：不公布危害國家資安產品名單 避免廠商洗產地 https://www.cna.com.tw/news/aipl/202310200103.aspx 菜單誤植中華人民共和國！18國大使搶拍　數位部：未來請飯店注意 https://www.nownews.com/news/6284218 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 報告：近六成工業網攻由國家附屬團體主導，能源業受攻擊最多 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10735 利用知名路由器漏洞傳播，Mirai DDoS 惡意軟體變種活躍中 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10740 Milesight工控路由器的漏洞傳出被用於攻擊行動 https://www.securityweek.com/milesight-industrial-router-vulnerability-possibly-exploited-in-attacks/ 第一屆Pwn2Own Automotive汽車資安漏洞競賽 Tesla＆ChargePoint參戰與VicOne一同發掘聯網汽車技術漏洞 https://www.carstuff.com.tw/car-news/item/38873-pwn2own-automotive-tesla-chargepoint-vicone.html Milesight工控路由器的漏洞被用於攻擊行動 https://www.securityweek.com/milesight-industrial-router-vulnerability-possibly-exploited-in-attacks/ https://vulncheck.com/blog/real-world-cve-2023-43261 https://medium.com/@win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf Weintek人機介面存在重大漏洞，攻擊者有可能藉此繞過身分驗證或執行任意命令 https://www.securityweek.com/critical-vulnerabilities-expose-weintek-hmis-to-attacks/ 群暉網路設備作業系統DiskStation Manager存在漏洞，管理員帳號有可能遭挾持 https://securityaffairs.com/152645/hacking/synology-diskstation-manager-admin-account-takeover.html https://claroty.com/team82/research/synology-nas-dsm-account-takeover-when-random-is-not-secure https://www.synology.com/zh-tw/security/advisory/Synology_SA_23_07 針對研究人員揭露的NAS管理員密碼重組漏洞，群暉提出進一步說明 https://www.ithome.com.tw/news/159379#synology 東歐工業組織遭到後門程式框架Meta攻擊 https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/ 東歐能源產業、國防工具遭到後門程式框架Meta攻擊，從工控環境進一步入侵總公司內部網路 https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/ Unleashing the Power of the Internet of Things and Cyber Security https://thehackernews.com/2023/10/unleashing-power-of-internet-of-things.html 日本經產省發布中小企業開發IoT機器之產品資安對策指引 https://stli.iii.org.tw/article-detail.aspx?no=65&tp=1&d=9063 美國國安局推出OT安全監控工具Elitewolf https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3554537/nsa-releases-a-repository-of-signatures-and-analytics-to-secure-operational-tec/ I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 OCF 培訓活動: 如何建立安全的網路架構 II 2023/10/21 https://ocftw.kktix.cc/events/ocftot2023 After WordCamp：你參加 WordCamp Taiwan 2023了嗎？ - 彰化小聚#34 2023/10/21 https://www.meetup.com/changhua-wordpress-meetup-group/events/296254308/ AI/Machine Learning Trivia Night! 2023/10/24 https://www.meetup.com/taipei_langchain/events/296326252/ Drupal 台北小聚 - 聊天、喝飲料、吃Pizza @聖誕老人國際股份有限公司 2023/10/25 https://www.meetup.com/drupal-mentoring-taipei/events/296351711/ ETC「智慧電網及智慧家庭之資安與互通性檢測技術研討會」訊息 2023/10/26 http://www.taiseia.org.tw/Industry/industry_more?id=1246 (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023 不知攻，何談防？健全企業資安防護機制 2023/10/27 https://www.beclass.com/rid=284b3636525ffc017c87 旅遊服務銜接 AIGC 的各種坑 2023/10/30 https://www.meetup.com/rladies-taipei/events/296239571/ OpenText 當AI遇見資安零信任浪潮下產業新競局 - MetaAge 邁達特 2023/11/2 https://www.metaage.com.tw/events/283 ISC2 Taipei Chapter 2023年度會員大會暨「信任始於安全」研討會 2023/11/4 https://isc2taipei.kktix.cc/events/nosecuritynotrust 2023金融資安論壇-金融上雲 迎風挑戰資安布局 2023/11/7 https://www.accupass.com/event/2309260331486394385550?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ Web應用滲透測試 2023/11/9 ~ 2023/11/10 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 MOPCON 2023 2023/11/11 ~ 2023/11/12 https://mopcon.kktix.cc/events/2023-students https://mopcon.kktix.cc/events/mopcon-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512 國泰天職學X職游｜How IT Works SMART 2023/11/18 https://www.accupass.com/event/2309190510226744374250?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 2023 台灣智動化檢測驗證聯盟大會暨工業安全規範研討會 2023/11/22 https://www.accupass.com/event/2309200309193935682920?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 【Monosparta】②⓪②④ 第一梯次 軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401