###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/08/26 ~ 2024/08/30 1.重大弱點漏洞/後門/Exploit/Zero Day SonicWall修補防火牆作業系統不當存取控制漏洞 https://www.ithome.com.tw/news/164704 SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access https://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html Forcepoint Web Security https://nvd.nist.gov/vuln/detail/CVE-2023-6452 VMware ESXi https://nvd.nist.gov/vuln/detail/CVE-2024-37085 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 思科發布NX-OS更新，修補DHCPv6高風險漏洞 https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75417 Cisco Unified Communications Manager（Unified CM）和 Cisco Unified Communications Manager Session Management Edition（Unified CM SME） https://nvd.nist.gov/vuln/detail/CVE-2024-20375 SASE供應商Versa修補零時差漏洞，傳出已遭到中國駭客Volt Typhoon利用 https://www.securityweek.com/chinese-apt-volt-typhoon-caught-exploiting-versa-networks-sd-wan-zero-day/ Apache 已發布安全性更新來解決 SeaTunnel 的弱點 https://nvd.nist.gov/vuln/detail/CVE-2023-49198 https://lists.apache.org/thread/48j9f1nsn037mgzc4j9o51nwglb1s08h https://www.cve.org/CVERecord?id=CVE-2023-49198 微軟的八月安全更新 導致Windows Server系統當機與開機問題 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11204 Microsoft Entra https://nvd.nist.gov/vuln/detail/CVE-2024-43477 Microsoft Edge (Chromium-based) 的遠端程式碼執行弱點 https://nvd.nist.gov/vuln/detail/CVE-2024-38209 https://nvd.nist.gov/vuln/detail/CVE-2024-38210 macOS版微軟M365應用程式存在共通漏洞，攻擊者有機會藉此繞過系統權限 https://www.ithome.com.tw/news/164716 百萬網域曝露Sitting Ducks網域挾持弱點 https://thehackernews.com/2024/08/over-1-million-domains-at-risk-of.html M365 Copilot存在ASCII走私漏洞，攻擊者恐藉此竊取資料 https://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/ Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot https://thehackernews.com/2024/08/microsoft-fixes-ascii-smuggling-flaw.html CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September https://thehackernews.com/2024/08/cisa-urges-federal-agencies-to-patch.html QNAP QTS 5.2 正式版登場，即刻升級獲得 Security Center 主動監控檔案活動，並提升系統安全與資料保護 https://www.ithome.com.tw/pr/164650 WordPress網站加速外掛LiteSpeed Cache存在重大漏洞，已出現實際攻擊行動 https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-bug-in-litespeed-cache-plugin/ WordPress網站加速外掛LiteSpeed Cache存在重大漏洞，500萬網站伺服器曝險 https://www.ithome.com.tw/news/164712 WordPress網站遭到感染，駭客對用戶佯稱必須執行PowerShell指令「修復」才能正常瀏覽網站 https://blog.sucuri.net/2024/08/wordpress-websites-used-to-distribute-clearfake-trojan-malware.html WordPress多語系外掛WPML存在重大漏洞，攻擊者可用來遠端執行程式碼 https://sec.stealthcopter.com/wpml-rce-via-twig-ssti/ Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution https://thehackernews.com/2024/08/critical-wpml-plugin-flaw-exposes.html Google 近日發布更新以解決 Chrome 瀏覽器的零時差弱點 https://www.ithome.com.tw/news/164616 Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild https://thehackernews.com/2024/08/google-fixes-high-severity-chrome-flaw.html Chromium: CVE-2024-7971 Type confusion in V8 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7971 Google修補Chrome今年第10個零時差漏洞 https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation https://thehackernews.com/2024/08/google-warns-of-cve-2024-7965-chrome.html IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7166628 Apache DolphinScheduler https://nvd.nist.gov/vuln/detail/CVE-2024-43202 CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports https://thehackernews.com/2024/08/cisa-flags-critical-apache-ofbiz-flaw.html Fortra公布檔案傳輸工具FileCatalyst寫死密碼漏洞 https://www.fortra.com/security/advisories/product-security/fi-2024-011 Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability https://thehackernews.com/2024/08/fortra-issues-patch-for-high-risk.html Atlassian Confluence重大漏洞遭到利用，攻擊者意圖挾持伺服器挖礦 https://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html 2.銀行/金融/保險/證券/金融監理 新聞及資安 中國信託網路功能大當機　ATM、網銀功能停擺約1小時後恢復 https://today.line.me/tw/v2/article/JPmXaG7 土銀總經理張志堅上任 提強化數位轉型等3經營策略 https://www.cna.com.tw/news/afe/202408230368.aspx 全球駭客和惡意程式都對準台灣！國防、金融、製造業都成目標 https://reurl.cc/4dozq2 伊朗國家級駭客與勒索軟體駭客狼狽為奸，向美國國防、教育、金融、醫療機構進行勒索 https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a OPSWAT幫助保險經紀公司 保護檔案上傳安全 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11207 資訊安全高規格防護　宏泰人壽保護客戶個資不受威脅 https://cna.com.tw/postwrite/chi/377773 3.信用卡/電子支付/行動支付/pay/支付系統/資安 安卓惡意程式NGate重導引NFC流量，意圖竊取用戶付款資訊 https://www.ithome.com.tw/news/164685 New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards https://thehackernews.com/2024/08/new-android-malware-ngate-steals-nfc.html 竊資軟體Cthulhu Stealer鎖定macOS用戶電子錢包、帳號密碼而來 https://www.ithome.com.tw/news/164689 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 竊取5540萬枚DAI的駭客向eXch轉移300枚ETH，向Kucoin轉移約38枚ETH https://m.cnyes.com/news/print/5694108 盤點跨鏈橋史上10大駭客案！涉及超19億鎂，15.5億鎂被追回 https://www.cryptocity.tw/news/news-1051 WazirX攻擊事件更新：加密貨幣餘額將透過重組制定分配計劃，印度盧比提款即將分階段開放 https://www.panewslab.com/zh_hk/sqarticledetails/fnscsgsoFt.html 數據：香港比特幣ETF總資產管理規模達21億港元 https://www.panewslab.com/zh_hk/sqarticledetails/t18f8xapFt.html GoPlus安全警報：並行EVM公鏈Artela官方discord於8月24日遭遇駭客攻擊 https://news.cnyes.com/news/id/5695457 QCP Capital：比特幣將在6.1萬至7萬美元區間內波動到第四季度 https://www.panewslab.com/zh_hk/sqarticledetails/duoeyj6sFt.html Youtube加密貨幣教學「用ChatGPT寫智能合約」，詐騙受害者10ETH https://www.blocktempo.com/a-victim-was-scammed-three-times-in-half-a-month-by-youtube-tutorials/ 專訪幣安CEO Richard Teng：我們不需要IPO上市，暫時放棄美國市場 https://www.blocktempo.com/exclusive-interview-with-binance-ceo-richard-teng-we-dont-need-an-ipo/ 以太坊：如果價格突破 2800 美元門檻，預計可能會出現反彈 https://cryptodnes.bg/zh-TW/%E4%BB%A5%E5%A4%AA%E5%9D%8A-ochakva-potencialno-rali-ako-cenata-premine-praga-2800/ VASP登記制將上路 區塊鏈業備戰 https://www.ctee.com.tw/news/20240824700100-439901 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 惡意程式 ValleyRAT 多階段攻擊手法鎖定中文用戶 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11198 駭客透過AppDomain注入手法散布Cobalt Strike https://jp.security.ntt/tech_blog/appdomainmanager-injection 即時通訊軟體Pidgin外掛程式市集被用於散布惡意程式DarkGate https://www.ithome.com.tw/news/164725 勒索軟體Razr濫用雲端服務PythonAnywhere從事攻擊行動 https://www.ithome.com.tw/news/164731 PowerShell惡意軟體下載工具PeakLight埋藏在記憶體內運作，散布多種惡意程式 https://www.ithome.com.tw/news/164698 使用中國即時通訊軟體的macOS用戶遭到鎖定，駭客企圖散布後門程式HZ RAT https://securelist.com/hz-rat-attacks-wechat-and-dingtalk/113513/ HZ Rat backdoor for macOS harvests data from WeChat and DingTalk https://securelist.com/hz-rat-attacks-wechat-and-dingtalk/113513/ 臺廠陞泰網路攝影機韌體漏洞被用於散布Mirai變種病毒 https://www.ithome.com.tw/news/164771 俄羅斯駭客利用惡意程式MegaMedusa發動DDoS攻擊 https://www.radware.com/blog/uncategorized/2024/08/megamedusa-rippersec-public-web-ddos-attack-tool/ PowerShell惡意軟體下載工具PeakLight埋藏在記憶體內運作，散布多種惡意程式 https://www.ithome.com.tw/news/164698 Exchange Online傳出誤報，部分電子郵件被標記含有惡意軟體遭到隔離 https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-mistakenly-tags-emails-as-malware/ 惡意驅動程式PoorTry被用於抹除EDR系統主要元件 https://www.ithome.com.tw/news/164744 惡意軟體Sedexp潛入Linux裝置管理器，意圖透過遭潛入的網頁伺服器竊取信用卡資料 https://www.ithome.com.tw/news/164696 Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules https://www.aon.com/en/insights/cyber-labs/unveiling-sedexp New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules https://thehackernews.com/2024/08/new-linux-malware-sedexp-hides-credit.html Report on Ukraine government attack campaign https://otx.alienvault.com/pulse/66c84eca6298cd5a4bb0ec77 Decoding the Stealthy Memory-Only Malware https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware How Managed Detection and Response Pressed Pause on a Play Ransomware Attack https://www.trendmicro.com/en_us/research/24/h/pressing-pause-on-play-ransomware.html Threat Tracking: Analysis of Lilith RAT ported to AutoIt Script https://medium.com/s2wblog/threat-tracking-analysis-of-punk-003s-lilith-rat-ported-to-autoit-script-30dd59e68213 From the Depths: Analyzing the Cthulhu Stealer Malware for macOS https://www.cadosecurity.com/blog/from-the-depths-analyzing-the-cthulhu-stealer-malware-for-macos PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads https://thehackernews.com/2024/08/new-peaklight-dropper-deployed-in.html New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data https://thehackernews.com/2024/08/new-qilin-ransomware-attack-uses-vpn.html Threat Tracking: Analysis of Lilith RAT ported to AutoIt Script https://medium.com/s2wblog/threat-tracking-analysis-of-punk-003s-lilith-rat-ported-to-autoit-script-30dd59e68213 BlackMoon https://otx.alienvault.com/pulse/66cb4fd11effca3ed4466ded 勒索軟體BlackByte利用VMware虛擬化平臺漏洞發動攻擊 https://www.ithome.com.tw/news/164762 BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave https://thehackernews.com/2024/08/blackbyte-ransomware-exploits-vmware.html macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users https://thehackernews.com/2024/08/macos-version-of-hz-rat-backdoor.html 韓國駭客利用WPS Office零時差漏洞，企圖於東亞組織植入後門SpyGlace https://www.ithome.com.tw/news/164760 APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor https://thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html 俄羅斯駭客APT29開始利用Intellexa與NSO Group所開發的攻擊程式 https://www.ithome.com.tw/news/164777 Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-use-ios-chrome-exploits-created-by-spyware-vendors/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 伊朗駭客用WhatsApp攻擊 Meta封鎖並警告美競選團隊 https://www.rti.org.tw/news/view/id/2217707 駭客試圖入侵拜登、川普政府官員帳號干預大選 Meta：與「這國」有關 https://udn.com/news/story/121777/8183657 Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp https://thehackernews.com/2024/08/meta-exposes-iranian-hacker-group.html iOS用戶遭遇「更改圖像」鬼打牆困擾？LINE回應了 https://tw.nextapple.com/finance/20240829/25BF18B5A9B14173386D0A3390533569 臉書「敏感內容」又出包！這食物變「色色謎之料理」 網笑：肉色也中槍 https://tech.udn.com/tech/story/123154/8173629?from=redpush 中App資安疑慮 學者：勿給太多權限 https://ec.ltn.com.tw/article/paper/1663509 中國鎖定「台灣首來族」　國安單位警告：赴中連WiFi手機恐被駭 https://tw.nextapple.com/politics/20240829/A163C33D0E05B1FBC0DDD0BB2EA0C047 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 生成式AI崛起，大小企業都要做的關鍵決定：你要把資安交給誰保護 https://www.businessweekly.com.tw/management/blog/3016469 Telegram執行長Pavel Durov在法國被逮捕 https://www.ithome.com.tw/news/164687 Telegram創辦人被控散布兒童性剝削內容及多項犯罪，以500萬歐元交保 https://www.ithome.com.tw/news/164740 Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures https://thehackernews.com/2024/08/telegram-founder-pavel-durov-arrested.html French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform https://thehackernews.com/2024/08/french-authorities-charge-telegram-ceo.html 8月20日美國半導體製造商Microchip證實遭遇網路攻擊，部分工廠產能降低 https://www.ithome.com.tw/news/164779 中國3A大作黑悟空當紅，電玩平臺Steam遭遇大規模DDoS攻擊 https://blog.xlab.qianxin.com/more_ddos_details_on_steam_cn/ 防民眾誤用中資AI 公開危害清單陷兩難 https://ec.ltn.com.tw/article/paper/1663508 美國 NIST 發布後量子加密標準 抵擋量子運算攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11191 美國ISP遭到中國駭客Volt Typhoon入侵，利用Versa Director零時差漏洞而得逞 https://www.ithome.com.tw/news/164722 Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors https://thehackernews.com/2024/08/chinese-volt-typhoon-exploits-versa.html 美國西雅圖機場Seattle Tacoma傳出遭遇網路攻擊，IT服務中斷超過48小時 https://www.ithome.com.tw/news/164703 臺灣資安很強 公開情報蒐集像個體戶 https://reurl.cc/93V3kx 臺灣駭客年會邁入20年，不只點燃駭客精神，半導體封裝測試大廠日月光也加入資安社群行列 https://www.ithome.com.tw/news/164681 就靠 MacBook 機後 Apple 標誌 資安專家示範遠程竊聽攻擊最新技術 https://unwire.hk/2024/08/24/def-con-32/tech-secure/ 駭客入侵印度廣場電子看板！大播「肉體交疊」性愛片　路人看傻　 https://www.ettoday.net/news/20240825/2804043.htm Artela Network：Discord社群遭駭客攻擊，暫未有用戶受害 https://news.cnyes.com/news/id/5695462 逃避贍養費｜男子入侵政府系統「整死」自己 偷大量登入資料暗網放售 https://reurl.cc/QE4EVq 批踢踢說明(關於駭客入侵) https://www.ptt.cc/bbs/SYSOP/M.1724346881.A.3B9.html 纏上台灣青年「中國羊皮狼」私下真面目曝！資安守門人黃彥男示警3大隱患 https://www.ftvnews.com.tw/news/detail/2024819W0225 冤！ 男控中華電信WiFi機遭入侵 IP遭盜反變駭客 https://www.youtube.com/watch?v=uMU7qiORFiU 哈里伯頓證實遭到駭客攻擊特定系統 https://news.cnyes.com/news/id/5695040 俄國要求邊境軍警少用交友軟體、直播　憂被烏克蘭竊機密 https://today.line.me/tw/v2/article/PGP90g7 越南人權組織成駭客組織APT32的攻擊目標 https://www.huntress.com/blog/advanced-persistent-threat-targeting-vietnamese-human-rights-defenders 保護關鍵基礎設施 日本擬成立網絡安全部門 https://www.epochtimes.com/b5/24/8/24/n14317012.htm 伊朗駭客組織APT33鎖定美國與阿拉伯聯合大公國散布後門程式 https://www.microsoft.com/en-us/security/blog/2024/08/28/peach-sandstorm-deploys-new-custom-tickler-malware-in-long-running-intelligence-gathering-operations/ 美司法部：一名佛羅里達州電信和資訊科技工作者對串謀充當中國代理人的指控認罪 https://www.voacantonese.com/a/florida-telecommunications-and-information-technology-worker-pleads-guilty-to-conspiring-to-act-as-agent-of-prc-government-20240823/7755291.html 中國政府要求白帽駭客參與網路攻擊 https://asia.nikkei.com/Spotlight/Cybersecurity/China-seen-using-white-hat-hackers-to-boost-cyberattack-capability 中共利用留學生竊取美管制晶片 https://news.ltn.com.tw/news/politics/paper/1663444 Hundreds of online stores hacked in new campaign https://www.malwarebytes.com/blog/news/2024/08/hundreds-of-online-stores-hacked-in-new-campaign D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 台灣男子涉嫌購買數千筆駭客竊取資料 檢調偵辦進行中 https://reurl.cc/yvkvY6 台美合作收押到暗網購買個資要角 又追出律師洩密 https://reurl.cc/OrVrMA 女律師涉洩漏偵查秘密 北檢兵分2路搜索約談 https://www.cna.com.tw/news/asoc/202408230253.aspx 中共對我認知作戰升級！境外勢力狂竊社群帳號煽動輿論 https://talk.ltn.com.tw/article/breakingnews/4777428 被大戶金通詐騙？如何挽回損失及防範詐騙指南 https://reurl.cc/qvkvog 《黑神話：悟空》太夯！「網見實體光碟販售」 業者：應是詐騙 https://news.tvbs.com.tw/local/2595714 背景是中資! 吐槽大師爆紅 沈伯洋憂"個資送中" https://reurl.cc/eyXM9M Uber把司機資料送至美國，遭荷蘭判罰2.9億歐元 https://www.ithome.com.tw/news/164706 冒牌Palo Alto Networks的VPN工具鎖定企業而來 https://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html 伊朗駭客組織APT42利用WhatsApp鎖定政治人物從事網釣攻擊 https://www.ithome.com.tw/news/164700 Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S. https://thehackernews.com/2024/08/dutch-regulators-fines-uber-290-million.html Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration https://thehackernews.com/2024/08/unpacking-slack-hacks-6-ways-to-protect.html QR Code網釣駭客濫用微軟Sway設置冒牌網站 https://www.netskope.com/blog/phishing-in-style-microsoft-sway-abused-to-deliver-quishing-attacks New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back https://thehackernews.com/2024/08/how-to-stop-aitm-phishing-attack.html How to Modernize Your Microsoft 365 Data Protection Strategy to Ensure Business Continuity https://thehackernews.com/expert-insights/2024/08/how-to-modernize-your-microsoft-365.html E.研究報告/工具 土炮打造- 透過 Firebase 作為 Embedding Vector DB 透過 Gemini 來幫你的 Github Page Blog 做 RAG 服務 https://evanlin.com/blog-rag-firebase-embedding/ 常見的 API 安全問題：從機密曝光到未授權存取 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11193 Day 1 資訊安全跟網路安全的不同 https://ithelp.ithome.com.tw/articles/10343441 Day 2 資訊安全介紹 https://ithelp.ithome.com.tw/articles/10344025 Day 3 網路安全(Network Security) 簡述 https://ithelp.ithome.com.tw/articles/10344119 Day 4 資安鐵三角CIA https://ithelp.ithome.com.tw/articles/10344272 Day 5 網路安全的故事 https://ithelp.ithome.com.tw/articles/10344346 Day 6 密碼學-雜湊函數(Hash Function)簡介 https://ithelp.ithome.com.tw/articles/10344528 Day 7 網路攻擊-阻斷服務攻擊(DOS) https://ithelp.ithome.com.tw/articles/10344689 Day 8 密碼學的歷史 https://ithelp.ithome.com.tw/articles/10344764 Day 9 虛擬私人網路(VPN) https://ithelp.ithome.com.tw/articles/10344953 Day 10 淺談網路攻擊(CyberAttack) https://ithelp.ithome.com.tw/articles/10345037 Day 11 淺談網路攻擊(CyberAttack)(續) https://ithelp.ithome.com.tw/articles/10345040 Day 12 密碼學-古典密碼學 https://ithelp.ithome.com.tw/articles/10345328 Day 13 密碼學-現代密碼學 https://ithelp.ithome.com.tw/articles/10345495 Day14 談談駭客 https://ithelp.ithome.com.tw/articles/10345501 Day 15 威脅-勒索病毒 https://ithelp.ithome.com.tw/articles/10345507 Day 16 威脅-勒索病毒(續) https://ithelp.ithome.com.tw/articles/10345784 Day17 -威脅 木馬程式 https://ithelp.ithome.com.tw/articles/10345786 Day18 威脅-木馬病毒(續) https://ithelp.ithome.com.tw/articles/10345788 Day 19 - 網路倫理 https://ithelp.ithome.com.tw/articles/10345992 Day 20 暗網 https://ithelp.ithome.com.tw/articles/10346364 Day 21 IP位置 https://ithelp.ithome.com.tw/articles/10346519 Coach、Mentor、Partner..... , 然而別忘了 https://ithelp.ithome.com.tw/articles/10346075?sc=rss.qu HITCON CMT 2024 「Prompt 之助的秘密寶箱」 Writeup https://kazma.tw/2024/08/24/HITCON-CMT-2024-%E3%80%8CPrompt-%E4%B9%8B%E5%8A%A9%E7%9A%84%E7%A7%98%E5%AF%86%E5%AF%B6%E7%AE%B1%E3%80%8D-Writeup/ Focus on What Matters Most: Exposure Management and Your Attack Surface https://thehackernews.com/2024/08/focus-on-what-matters-most-exposure.html How to Modernize Your Microsoft 365 Data Protection Strategy to Ensure Business Continuity https://thehackernews.com/expert-insights/2024/08/how-to-modernize-your-microsoft-365.html Weak Wi-Fi password cracking (CVE-2023-6951) + unauthenticated HTTP video exfiltration (CVE-2023-6949) on DJI's drones https://www.nozominetworks.com/blog/dji-mavic-3-drone-research-part-1-firmware-analysis https://www.nozominetworks.com/blog/dji-mavic-3-drone-research-part-2-vulnerability-analysis ThreatHunting-Keywords https://github.com/mthcht/ThreatHunting-Keywords IDA_PHNT_TYPES https://github.com/Dump-GUY/IDA_PHNT_TYPES Forensic analysis of the Windows UserAssist artifact https://www.magnetforensics.com/blog/artifact-profile-userassist/ Corscan - Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts. https://github.com/Angix-Black/Corscan Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms https://thehackernews.com/2024/08/researchers-identify-over-20-supply.html CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures https://thehackernews.com/2024/08/ctem-in-spotlight-how-gartners-new.html How TrafficPeak Helped Provide a Superior Football Viewing Experience https://www.akamai.com/blog/cloud/trafficpeak-helped-provide-superior-football-viewing-experience API Security Product Brief https://www.akamai.com/resources/product-brief/api-security Analyzing Malicious CrowdStrike Domains: Who Is Affected and What Could Come Next https://www.akamai.com/blog/security-research/2024-july-crowdstrike-bsod-domains-what-could-come-next F.商業 Google Essentials將使Windows作業系統用戶更快取用Google常見服務 https://tech.udn.com/tech/story/123154/8181401?form=udn_ch2_common3_cate 擔心Gmail密碼外流？利用Google One暗網掃描功能為帳號健檢 https://www.sogi.com.tw/articles/google_one/6262652 Microsoft says it's killing Windows Control Panel - here's why I'm not holding my breath https://www.zdnet.com/article/microsoft-says-its-killing-windows-control-panel-heres-why-im-not-holding-my-breath/ 趨勢科技指出開學季4大網路陷阱提醒詐騙上門 https://zeekmagazine.com/archives/231724 識別「假帳號」做到上市，19 國政府都信任的資安新創 Cyabra 什麼來頭 https://technews.tw/2024/08/25/cyabra-a-startup-helping-companies-and-governments-detect-disinformation/ Veeam 推出擁有Microsoft 365 Backup Storage功能的全新Veeam Data Cloud https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11196 IBM結束中國研發工作，波及上千名員工 https://www.ithome.com.tw/news/164707 Akamai加倍投資API安全性 完成收購 Noname Security https://reurl.cc/VM4ZvQ G.政府 數發部率團交流 開拓日本高齡科技市場 https://www.cna.com.tw/news/afe/202408230213.aspx 到底誰爆料李孟諺？　PTT達人：有可能資訊人員暗中操盤 https://www.watchmedia01.com/ccomment-20240824204105.html 數位部開始測試打詐通報查詢網，從通報、確認到下架用自動化加快詐騙訊息處理流程 https://www.ithome.com.tw/news/164718 數位部長黃彥男揭露AI為下階段政府轉型發展關鍵 https://www.ithome.com.tw/news/164732 勞發署驚傳駐點工程師誤刪檔案，影響484臺電腦硬碟資料，勞發署表示已陸續恢復 https://www.ithome.com.tw/news/164774 勞發署出大包！資安檢查輸入錯誤代碼 484部電腦硬碟資料刪光救不回 https://news.ltn.com.tw/news/life/breakingnews/4782686 勞動部發展署電腦硬碟檔案遭刪光? 發展署澄清：僅個人電腦備份資料 https://ec.ltn.com.tw/article/breakingnews/4783139 勞動部勞發署高分署個人電腦備份資料誤刪不影響服務 且無資安疑慮 https://money.udn.com/money/story/11799/8191643 廠商誤刪電腦資料 勞動部高分署：服務不受影響 https://www.cna.com.tw/news/ahel/202408280184.aspx H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 中國製起重機大量輸入台灣，遠超其他國別數量 https://pourquoi.tw/taiwan-news-20240823-2/ 綠委籲排除補助中國製起重機勞動部允修相關要點 https://www.fountmedia.io/article/240490 示警中國製資訊產品已成情蒐媒介林楚茵：關鍵基礎設施應檢核國安 https://reurl.cc/WNDN27 中國起重機暗藏監控裝置！台灣如何防止中國起重機成為另類間諜 https://watchout.tw/reports/pzR4X56YaJwiPCzTYcB3 OT網路安全防護關鍵五步驟 因應IT與OT系統差異 實現安全與效率平衡 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11201 Fortinet強化OT安全營運平台 保護組織抵抗網路威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11200 Critical Flaws in Traccar GPS System Expose Users to Remote Attacks https://thehackernews.com/2024/08/critical-flaws-in-traccar-gps-system.html 日立修補SCADA電力系統重大漏洞 https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 資安職能培訓｜安全程式開發管理師 2024/8/31 ~ 2024/10/5 https://acsiacad.kktix.cc/events/308914 Just a chat - with no Expectations 2024/8/31 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbpc/ 資安講座】雲端安全講座 2024/9/2 https://hackersir.kktix.cc/events/20240902-cloud-computing-security 第九屆《WHATs NEXT》未來科技產業高峰會 2024/9/3 https://www.accupass.com/event/2406060317121880421709 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/3 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcmbfb/ SyntaxError 2024/9/4 https://www.meetup.com/pythonhug/events/pqnsctygcmbgb/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/9/5 https://www.meetup.com/hackingthursday/events/302864447/ 2024 公共電視國際研討會｜AI時代的全球公共廣電機會與挑戰（下半場） 2024/9/6 https://www.accupass.com/event/2408051442261714115016 Tech "Apero" / Free to join / Ask to be a presenter (15min max each) 2024/9/6 https://www.meetup.com/hsinchu-city-tech-meetup/events/302898585/ Rust 1.81 Release Party 2024/9/7 https://www.meetup.com/taipei-rust-users-group/events/302943196/ Flutter Formosa 2024 2024/9/7 https://www.meetup.com/flutter-taipei/events/302644342/ Just a chat - with no Expectations 2024/9/7 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302900060/ 金融創新與安全的平衡：雲端時代的資安策略 2024/9/10 https://www.accupass.com/event/2408230149491982960319 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/10 https://www.meetup.com/taiwan-code-camp/events/302956346/ Feature Planning @ SaaS workshop (programming, design, product) 2024/9/10 https://www.meetup.com/saas-workshop/events/303091472/ SyntaxError 2024/9/11 https://www.meetup.com/pythonhug/events/302977662/ 【新生茶會】黑客社 2024 新生茶會 2024/9/12 https://hackersir.kktix.cc/events/2024new HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/9/12 https://www.meetup.com/hackingthursday/events/302996951/ 從營養師到開發者，用Next.js 扭轉職場命運 2024/9/12 https://www.accupass.com/event/2408190315161445844218 乘著AI贏戰關鍵 資安戰略新趨勢 2024/9/13 https://www.accupass.com/event/2408130410311060558818 神機妙算料事準 洞悉威脅守安全：資安超前部署論壇 2024/9/13 https://www.accupass.com/event/2407220255211891189808 Taipei DevOps User Group 12th Event, supported by Wankuma Alliance 2024/9/13 https://www.meetup.com/taipei-devops-user-group/events/302826974/ Just a chat - with no Expectations 2024/9/14 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/303033211/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/17 https://www.meetup.com/taiwan-code-camp/events/303093426/ SyntaxError 2024/9/18 https://www.meetup.com/pythonhug/events/303113974/ 資安長零信任的第一堂課（九月場） 2024/9/19 https://jamf.kktix.cc/events/applexjamf-sep HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/9/19 https://www.meetup.com/hackingthursday/events/303134460/ 線上職能講座｜安碁學苑「資安專門職能：資訊安全工程師」 2024/9/19 https://acsiacad.kktix.cc/events/webinar919 【2024/09】WordPress 彩虹小聚 @言文字 2024/9/19 https://www.meetup.com/taipei-wordpress/events/303071742/ 法律科技新視野 — 高效營運與資安合規雙贏策略 2024/9/19 https://www.accupass.com/event/2408270143151973484167 【實體活動】結合智能與自動化，創造 IT 維運管理新篇章！Red Hat 與 Atlassian 的強強整合運用 2024/9/20 https://www.meetup.com/taipei-atlassian-community-events/events/302995998/ HITCON 社群活動 - HITCON CTF 揭秘 2024/9/21 https://hitcon.kktix.cc/events/discoverctf240921 Just a chat - with no Expectations 2024/9/21 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcmbcc/ Taoyuan WordPress Café 桃園咖啡小聚 #40 2024/9/21 https://www.meetup.com/taoyuan-wordpress-meetup/events/303111843/ Cloud Collaboration Era: Atlassian Cloud Platform Best Practices Sharing Session 2024/9/21 https://www.meetup.com/hang-zhou-atlassian-community-events/events/302573284/ 【安碁學苑】資安技術人才培育計畫｜資安新手實戰培訓第二梯次開跑 2024/9/23 https://acsiacad.kktix.cc/events/a2f3d0ef Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/24 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcmbgc/ IT x CT x OT Cybersecurity全方位資安聯防生態系論壇 2024/9/25 https://www.accupass.com/event/2408120640402164854890 SyntaxError 2024/9/25 https://www.meetup.com/pythonhug/events/pqnsctygcmbhc/ Taiwan Digital Night #202409 2024/9/25 https://www.meetup.com/taiwan-digital-nomads-hub-%E5%8F%B0%E7%81%A3%E6%95%B8%E4%BD%8D%E9%81%8A%E7%89%A7%E8%80%85%E7%A4%BE%E7%BE%A4/events/302696281/ SECURITY SUMMIT 2024 多層次企業資安防護 2024/9/25 ~ 2024/9/26 https://www.digitimes.com.tw/seminar/securitySummit/index.html HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/9/26 https://www.meetup.com/hackingthursday/events/psspctygcmbjc/ AI 世代下的雲端資安攻防戰：遷移與防禦新航道 2024/9/26 https://www.accupass.com/event/2408270307021284798836 Just a chat - with no Expectations 2024/9/28 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcmblc/ 資訊安全系列課程 2024/9/30 https://www.accupass.com/event/2407011640161317038989 資訊安全系列課程 2024/10/12 https://www.accupass.com/event/2407011633417884074930 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024 Threat Analyst Summit 2024 威脅分析師高峰會 2024/12/11 ~ 2024/12/12 https://teamt5tw.kktix.cc/events/tas2024