###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/8/28 ~ 2023/9/1 1.重大弱點漏洞/後門/Exploit/Zero Day Splunk Enterprise、IT Service Intelligence存在高風險漏洞，若不修補可被用於RCE、XSS攻擊 https://www.securityweek.com/splunk-patches-high-severity-flaws-in-enterprise-it-service-intelligence/ 思科網路設備作業系統NX-OS存在高風險漏洞，恐導致服務受到阻斷 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m 美國CISA發布漏洞揭露政策平臺2022年執行成果 https://www.cisa.gov/news-events/news/vdp-platform-2022-annual-report-showcases-platforms-success VMware 發布 Aria Operations for Networks 安全更新 https://www.cisa.gov/news-events/alerts/2023/08/30/vmware-releases-security-updates-aria-operations-networks VMware修補網路監控系統的SSH身分驗證繞過漏洞 https://www.vmware.com/security/advisories/VMSA-2023-0018.html Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks https://thehackernews.com/2023/08/critical-vulnerability-alert-vmware.html VMware修補虛擬化環境網路維運系統的身分驗證繞過漏洞 https://www.vmware.com/security/advisories/VMSA-2023-0018.html 鎖定Citrix NetScaler的重大漏洞攻擊行動，攻擊者身分很可能與勒索軟體有關 http://twitter.com/SophosXOps/status/1695143572272738790 Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability https://thehackernews.com/2023/08/citrix-netscaler-alert-ransomware.html Juniper防火牆重大漏洞已出現攻擊行動 https://twitter.com/Shadowserver/status/1696512418036486246 Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits https://thehackernews.com/2023/08/alert-juniper-firewalls-openfire-and.html Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security https://thehackernews.com/2023/08/hackers-can-exploit-windows-container.html Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches https://thehackernews.com/2023/08/urgent-fbi-warning-barracuda-email.html WordPress網站遷移外掛程式出現漏洞，攻擊者可趁機存取網站敏感資料 http://patchstack.com/articles/pre-auth-access-token-manipulation-in-all-in-one-wp-migration-extensions/ WordPress外掛程式Jupiter X Core存在漏洞，攻擊者可用來挾持網站 https://www.bleepingcomputer.com/news/security/jupiter-x-core-wordpress-plugin-could-let-hackers-hijack-sites/ Mozilla、Google發布瀏覽器更新，修補高風險記憶體中斷漏洞 https://www.securityweek.com/high-severity-memory-corruption-vulnerabilities-patched-in-firefox-chrome/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/ https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html 微軟將於今年秋季預設啟用Exchange Server的延伸防護機制 https://techcommunity.microsoft.com/t5/exchange-team-blog/coming-soon-enabling-extended-protection-on-exchange-server-by/ba-p/3911849 Exchange Server 2016、2019正式支援HSTS協定 https://www.bleepingcomputer.com/news/security/microsoft-adds-hsts-support-to-exchange-server-2016-and-2019/ GitLab遠端呼叫元件Gitaly全面支援SHA-256 https://www.ithome.com.tw/news/158475 GitHub為企業版本提供新的安全功能 https://github.blog/2023-08-29-github-enterprise-server-3-10-is-now-generally-available/ CVE-2023-38831 WinRAR 漏洞通報 https://teamt5.org/tw/posts/cve-2023-38831-winrar-vulnerability/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 FIN8-LINKED ACTOR TARGETS CITRIX NETSCALER SYSTEMS https://github.com/sophoslabs/IoCs/blob/master/2023-08-25%20Citrix%20CVE-2023-3519%20attacks.csv https://securityaffairs.com/150028/hacking/fin8-citrix-netscaler.html 企業風險意識提高，2022年資安險保費破4億元 https://www.cna.com.tw/news/afe/202308240374.aspx 防釣魚詐騙! 法務部調查局與壽險公會簽聯防合作備忘錄 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10653 英國官員：駭客可藉AI達成未經授權的銀行交易 https://reurl.cc/2LxyDa 德拉瓦M&T銀行遭駭 客戶個資外洩 https://reurl.cc/VLGQRN 戴燈山掌輸銀拚擴大增資效益 當台商打國際盃後盾 https://www.fountmedia.io/article/171854 元大銀行QR Code升級 行動支付綁定與額度隨時掌握 https://udn.com/news/story/7239/7408153 3.信用卡/電子支付/行動支付/pay/支付系統/資安 直播平臺17Live指控綠界科技金流系統出現漏洞，導致他們面臨大量欠款，因而要求綠界還錢，目前雙方各執一詞 https://www.cna.com.tw/news/afe/202308290402.aspx 17LIVE控綠界科技賴帳千萬不屢約 將向法院提訴訟 https://wantrich.chinatimes.com/news/20230830900151-420101 交易系統異常，綠界科技遭17LIVE提告要求負責任履約返還逾千萬欠款 https://fnc.ebc.net.tw/fncnews/stock/163623 問題金額皆為2萬9900 緊逼警戒值遭質疑「內鬼或駭客」 https://reurl.cc/dDdlx2 詐騙假冒蘋果客服信驗證Apple Pay 資安專家教戰「停看聽」 https://www.cna.com.tw/news/ahel/202308300342.aspx OMNY支付爆資安風險 MTA緊急修復 https://www.worldjournal.com/wj/story/121382/7409308 第三方支付登錄5家過關　LINE Pay還不會申設電支 https://www.cardu.com.tw/news/detail.php?49648 藍新金流通過「第三方支付機構能量登錄」 https://wantrich.chinatimes.com/news/20230831900965-420101 它讓你在日本能用街口、全支付血拚，電支龍頭PayPay揭密 https://www.businessweekly.com.tw/Archive/Article?StrId=7008696 單一 QR Code 就支援多種電子支付的「購物」功能第三季上線 但 LINE Pay 未加入 https://www.cool3c.com/article/197999 什麼PAY攏A通！ 電子支付共用QR-Code Q3上線 https://www.rti.org.tw/news/view/id/2177747 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 臺灣大型加密貨幣交易業者麒點科技因工程師報復，部分程式交易出現鉅額虧損，法院判決出爐 https://tw.nextapple.com/local/20230825/93A44888325E141E344987CC1A090A49 PeckShield：第五大比特幣錢包持有94,643枚BTC，或被美國政府控制 https://news.cnyes.com/news/id/5306312?exp=a 派盾：美國政府持有94,643枚比特幣，為當前第5大持幣地址 https://news.cnyes.com/news/id/5306397?exp=a USDT追跡，東南亞流竄的千億加密貨幣「黃賭毒資產」 https://www.blocktempo.com/cryptocurrency-scams-in-southeast-asia/ MistTrack：比特瀏覽器駭客已轉移17枚ETH https://news.cnyes.com/news/id/5309057 Tornado Cash創辦人遭重罪起訴，專家：美國司法部不把罪行放在「智能合約」 https://www.blocktempo.com/tornado-cash-indictments-may-be-just-a-localized-storm/ CertiK：8月因漏洞利用事件、駭客攻擊和詐騙造成的總損失約4,580萬美元 https://news.cnyes.com/news/id/5309390 美國法院對Uniswap的「友好判決」，如何影響DeFi世界監管 https://www.blocktempo.com/how-the-court-judgment-on-uniswap-affects-defi-regulation/ ZetaChain：兼容比特幣的智能合約平台，跨鏈賽道黑馬 https://news.cnyes.com/news/id/5305747 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 四分之一惡意軟體攻擊濫用合法網路服務，駭客偏好Pastebin、Telegram https://www.recordedfuture.com/threat-actors-leverage-internet-services-to-enhance-data-theft-and-weaken-security-defenses 分散式資訊流平臺RocketMQ遭鎖定，被植入殭屍網路病毒DreamBus http://blogs.juniper.net/en-us/threat-research/dreambus-botnet-resurfaces-targets-rocketmq-vulnerability 安卓惡意軟體MMRat利用Protobuf通訊協定竊取資料 https://www.trendmicro.com/en_us/research/23/h/mmrat-carries-out-bank-fraud-via-fake-app-stores.html QBot、SocGholish、Raspberry Robin是駭客偏好用來投放惡意程式的作案工具 https://www.reliaquest.com/blog/the-3-malware-loaders-behind-80-of-incidents/ 美國帶頭進行Duck Hunt執法行動，清除70萬臺電腦的惡意程式QBot，扣押860萬美元不法獲利 https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown 惡意工具組Spacecolon被用於散布勒索軟體Scarab https://www.welivesecurity.com/en/eset-research/scarabs-colon-izing-vulnerable-servers/ 勒索軟體Play鎖定安全服務代管業者下手，利用已知漏洞發動攻擊 https://adlumin.com/post/playcrypt-ransomware/ Analysis of Andariel’s New Attack Activities https://asec.ahnlab.com/en/56405/ DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates https://thehackernews.com/2023/08/darkgate-malware-activity-spikes-as.html Hackers Launch Brute-Force Attack Cisco ASA SSL VPNs https://cybersecuritynews.com/hackers-attacking-cisco-vpn-appliances/ SapphireStealer: Open-source information stealer enables credential and data theft https://blog.talosintelligence.com/sapphirestealer-goes-open-source/ https://github.com/Cisco-Talos/IOCs/blob/main/2023/08/sapphirestealer-goes-open-source.txt An Ongoing Open Source Attack Reveals Roots Dating Back To 2021 https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/ BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/ Shining some light on the DarkGate loader https://github.security.telekom.com/2023/08/darkgate-loader.html Threat Actor Interplay | Good Day’s Victim Portals and Their Ties to Cloak https://www.sentinelone.com/blog/threat-actor-interplay-good-days-victim-portals-and-their-ties-to-cloak/ Kinsing Malware Exploits Novel Openfire Vulnerability https://blog.aquasec.com/kinsing-malware-exploits-novel-openfire-vulnerability?hs_amp=true Peeling Back the Layers of RemcosRat Malware https://www.mcafee.com/blogs/other-blogs/mcafee-labs/peeling-back-the-layers-of-remcosrat-malware/ IOC's from my personal devices for the week starting 08/28/23 - leveraging Yara, overwhelmed https://otx.alienvault.com/pulse/64ee2668cad3bfce7a474d79 UAC-0173: judicial authorities and notaries "under the gun" https://cert.gov.ua/article/5628441 為了繞過資安系統制式的檔案格式偵測，駭客在PDF檔案埋藏惡意Word文件，有可能造成嚴重威脅 https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file https://otx.alienvault.com/pulse/64ee05533831ae24210ee53d Adversary On The Defense: ANTIBOT.PW https://inquest.net/blog/adversary-on-the-defense-antibot-pw/ Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) https://www.mandiant.com/resources/blog/unc4841-post-barracuda-zero-day-remediation Smoke Loader Drops Whiffy Recon Wi-Fi Scanning and Geolocation Malware https://www.secureworks.com/blog/smoke-loader-drops-whiffy-recon-wi-fi-scanning-and-geolocation-malware HTML Smuggling Leads to Domain Wide Ransomware https://thedfirreport.com/2023/08/28/html-smuggling-leads-to-domain-wide-ransomware/ Sereptitious "Windows Defender Application Guard" delivers corrupted and malicious Windows 11 build https://tria.ge/230105-xbxhjacg76/behavioral2 Rust開發者當心！出現惡意套件，若不慎誤用，可能會將電腦OS資訊外洩至Telegram頻道 https://blog.phylum.io/rust-malware-staged-on-crates-io/ Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel https://thehackernews.com/2023/08/developers-beware-malicious-rust.html 鎖定物聯網裝置的殭屍網路KmsdBot擴大攻擊範圍，掃描Telnet連線 https://www.akamai.com/blog/security-research/updated-kmsdbot-binary-targeting-iot KmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced Capabilities https://thehackernews.com/2023/08/kmsdbot-malware-gets-upgrade-now.html Malicious npm Packages Aim to Target Developers for Source Code Theft https://thehackernews.com/2023/08/malicious-npm-packages-aim-to-target.html FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million https://thehackernews.com/2023/08/fbi-dismantles-qakbot-malware-frees.html MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature https://thehackernews.com/2023/08/mmrat-android-trojan-executes-remote.html 駭客利用LockBit 3.0產生器打造近4百個勒索軟體變種 https://securelist.com/lockbit-ransomware-builder-analysis/110370/ LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants https://thehackernews.com/2023/08/lockbit-30-ransomware-builder-leak.html Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military https://thehackernews.com/2023/09/russian-state-backed-infamous-chisel.html SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations https://thehackernews.com/2023/08/sapphirestealer-malware-gateway-to.html North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository https://thehackernews.com/2023/08/north-korean-hackers-deploy-new.html Infamous Chisel Malware Analysis Report https://www.cisa.gov/news-events/analysis-reports/ar23-243a A Deep Dive into Brute Ratel C4 payloads https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Meta掃蕩近8千個散播垃圾訊息發送帳號，當中包含趁機刻意吹捧中國、仇視西方國家的駭客 https://scontent.fomr1-1.fna.fbcdn.net/v/t39.8562-6/10000000_180063885098584_6098733693167598956_n.pdf?_nc_cat=110&ccb=1-7&_nc_sid=ae5e01&_nc_ohc=xfoti16XMyMAX-pqO0p&_nc_ht=scontent.fomr1-1.fna&oh=00_AfD06WIDvlYSGGZl5Qr59HvXtg3cvVeaMfm9Ehzu7PbL4g&oe=64F1F5AE Meta對抗中國駭客的Spamouflage攻擊行動 https://www.securityweek.com/meta-fights-sprawling-chinese-spamouflage-operation/ 蘋果開放2024年iPhone資安研究設備專案申請 https://security.apple.com/blog/security-research-device-program-2024/ 攻擊者對於行動裝置版Skype發送URL，有機會得到用戶裝置的IP位址 https://www.404media.co/hackers-find-your-skype-ip-address-microsoft-wont-fix/ 2022年智慧型手機資安抽測結果出爐，數位部表示今年將增加測試項目 https://www.cna.com.tw/news/afe/202308270019.aspx Apple ID輸入正確還被停用！ 網一片哀號：被盜 https://news.ebc.net.tw/news/living/380287 資安專家用成本不到三千元的廉價藍牙發射器，成功在他人iPhone上顯示假的iOS詐騙通知 https://cofacts.tw/article/26htpoerfd1el C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 公司董事會請注意：冷落資安長，安全後果自負 https://reurl.cc/K0yLe9 Toyota 日本境內 28 條線因零件訂購系統發生異常停工，預計明日起陸續恢復生產 https://www.nownews.com/news/6243974 豐田汽車系統故障 日本境內14廠全線停工 https://reurl.cc/4okvg2 美國NIST發布後量子加密標準草案 https://www.darkreading.com/dr-tech/nist-publishes-first-draft-standards-for-post-quantum-cryptography 雲端服務業者Leaseweb疑似遭到入侵，部分客戶停機 https://www.bleepingcomputer.com/news/security/leaseweb-is-restoring-critical-systems-after-security-breach/ 駭客組織KittenSec聲稱對多個北約國家下手 https://cyberscoop.com/kittensec-hacktivism-corruption/ 波蘭傳出著手調查鐵路系統遭到駭客攻擊的事件 https://www.pap.pl/en/news/abw-probe-recent-railway-incidents-poland-says-security-official https://twitter.com/PKP_PLK_SA/status/1695244539819090343 https://www.wired.com/story/poland-train-radio-stop-attack/ https://www.bbc.com/news/world-europe-66630260 中共砸重金網攻目的｜民眾恐慌？股市崩盤？｜唐鳳揭兩岸資安大戰內幕 https://www.youtube.com/watch?v=BcPPrktG2R0 駭客猛攻台灣…上半年偵測到約4400萬筆惡意連結 高居全球第3 https://udn.com/news/story/7238/7408085?from=udn-catelistnews_ch2 台灣企業上半年平均「遭網攻3245次」　居全球之冠 https://www.ettoday.net/news/20230831/2572820.htm 紅色網戰：中國駭客組織發起網路攻擊鏈，台灣百處基礎設施如何防備 https://www.twreporter.org/a/prochina-hackers-cyberattack-taiwan-critical-infrastructure 中國間諜利用LinkedIn收集英國機密資料 https://www.thetimes.co.uk/article/chinese-spy-linkedin-investigation-dxtq8mz7w 美商務部長訪中當面提電郵遭駭 批破壞雙邊信任 https://news.ltn.com.tw/news/world/breakingnews/4412835 美國密西根大學遭遇網路攻擊，部分服務被迫中斷 https://www.bleepingcomputer.com/news/security/university-of-michigan-shuts-down-network-after-cyberattack/ VMConnect供應鏈攻擊背後可能是北韓駭客Lazarus主使 https://www.reversinglabs.com/blog/vmconnect-supply-chain-campaign-continues 網路安全監控服務LogicMonitor證實部分用戶遭到攻擊 https://www.bleepingcomputer.com/news/security/logicmonitor-customers-hacked-in-reported-ransomware-attacks/ Two LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm Hacks https://thehackernews.com/2023/08/two-lapsus-hackers-convicted-in-london.html 中國駭客利用德國企業和私人網絡攻擊政府機構 https://reurl.cc/GAzLed 注意！中國國家駭客「亞麻颱風」寄生合法工具長期隱匿於台灣各行業組織 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10654 臺灣企業組織遭到中國駭客Flax Typhoon寄生攻擊 https://www.ithome.com.tw/news/158467 China-Linked Flax Typhoon Cyber Espionage Targets Taiwan's Key Sectors https://thehackernews.com/2023/08/china-linked-flax-typhoon-cyber.html 中國駭客利用木馬化的Signal、Telegram應用程式散布間諜軟體BadBazaar https://www.ithome.com.tw/news/158537 美國FBI 警告: Barracuda ESG漏洞修補無效應盡速更換設備 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10656 中國駭客組織鎖定Barracuda郵件閘道漏洞攻擊政府機關、電信業者 https://www.ithome.com.tw/news/158538 Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom https://thehackernews.com/2023/08/chinese-hacking-group-exploits.html 駭客組織Earth Estries鎖定臺灣在內的多國政府機關、科技業者，從事網路間諜活動 https://www.ithome.com.tw/news/158536 Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents https://thehackernews.com/2023/08/earth-estries-espionage-campaign.html Classiscam Scam-as-a-Service Raked $64.5 Million During the COVID-19 Pandemic https://thehackernews.com/2023/09/classiscam-scam-as-service-raked-645.html 金磚5國變11國成「抗美集團」！謝金河：除了印度，每個國家都有一本難唸的經 https://www.wealth.com.tw/articles/004ef813-16ce-4b23-9f19-402562aeed1a 通資電管理組招募資安管理員1名 https://reurl.cc/VLGQzA 資安專案主管(外派) https://tw.indeed.com/viewjob?jk=f0ec5b18020f0808 元大銀行-資訊安全管理部-資訊安全管理人員 https://www.104.com.tw/job/8345g?jobsource=cs_n104bank2 元大證券-資訊安全管理部-資安防護人員 https://www.104.com.tw/job/7i41k?jobsource=cs_n104bank2 元大銀行-資訊安全管理部-資安管理師 https://www.104.com.tw/job/4dhv7?jobsource=cs_n104bank2 元大銀行-資訊安全部資安工程師 https://www.104.com.tw/job/6tst6?jobsource=cs_n104bank2 金色三麥餐飲集團-網路管理工程師(資管處_營運銷售系統部) https://www.104.com.tw/job/830z6?jobsource=jolist_c_relevance Product security analyst 資安工程師_台達智能電網事業部(台北) https://www.104.com.tw/job/7wti2?jobsource=jolist_c_relevance 網路工程師(應用資安管理顧問) https://www.104.com.tw/job/7sb0a?jobsource=jolist_c_relevance 網路資安工程師(F5資安技術顧問) https://www.104.com.tw/job/6vrc0?jobsource=jolist_c_relevance 網路資安工程師(Cloudflare資安技術顧問) https://www.104.com.tw/job/82cb9?jobsource=jolist_c_relevance 滲透測試/紅隊工程師 https://www.104.com.tw/job/80jy2?jobsource=jolist_c_relevance 第六業務事業處【網路/資訊安全工程師】 https://www.104.com.tw/job/5wizg?jobsource=jolist_c_relevance 第七業務事業處【網路/資訊安全工程師】 https://www.104.com.tw/job/81dt3?jobsource=jolist_c_relevance 網路管理資深工程師_資訊處(台北) https://www.104.com.tw/job/81m97?jobsource=jolist_c_relevance 資安工程師(資安評測實驗室)_台達研究院(台北) https://www.104.com.tw/job/80gck?jobsource=jolist_c_relevance 電腦稽核人員 https://www.104.com.tw/job/72bdx?jobsource=jolist_c_relevance 【資訊安全分析師】 https://www.104.com.tw/job/7hedq?jobsource=jolist_c_relevance 資深網路資安解決方案工程師 https://www.104.com.tw/job/6hyog?jobsource=jolist_c_relevance D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 有關票務系統民眾受詐事件　交旅局說明 https://www.matsu-news.gov.tw/news/article/214076 民眾訂船票個資外洩遭詐80萬 連江縣協請NCC釐清 https://news.cts.com.tw/cna/society/202308/202308312222345.html 聯合國：東南亞數萬人被迫進行網詐 https://scdaily.com/post/55155 生成式AI遭濫用 網攻網詐更猖獗 https://ec.ltn.com.tw/article/paper/1602505 Discord 通知用戶資料因駭侵攻擊而外洩 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10662 NCC媒體群組遭投資詐騙混入 NCC急澄清：與電信KYC無關 https://news.ltn.com.tw/news/life/breakingnews/4411924 AI程式碼編譯網站Sourcegraph管理者Token外洩，網站遭到破壞 https://about.sourcegraph.com/blog/security-update-august-2023 電影製片廠Paramount遭遇網路攻擊，近百人個資外洩 https://www.bleepingcomputer.com/news/security/paramount-discloses-data-breach-following-security-incident/ 美國歷史保護機構Ohio History Connection傳出資料外洩 https://www.ohiohistory.org/breach/ 英國倫敦警局因IT承包商資料外洩而受害，波及近5萬警員 https://www.hackread.com/it-contractor-data-breach-met-police-personnel/ 西班牙建築公司傳出遭到勒索軟體駭客LockBit網釣攻擊 https://www.policia.es/_es/comunicacion_prensa_detalle.php?ID=15872 醫療送餐服務Mom's Meals傳出資料外洩，120萬人受到影響 https://www.purfoods.com/notice-of-data-event/ 瀏覽器外掛程式風險高達51%，可能引發機敏資料被竊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10652 警告！新的資料竊取惡意程式已能完全掌控 Facebook 商業帳號 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10645 馬州喬郡公校被駭 個資恐被公布上網 https://www.worldjournal.com/wj/story/121277/7400986 法國政府失業救濟機構資料外洩，曝露千萬人個資 https://www.leparisien.fr/economie/six-millions-de-personnes-pourraient-etre-concernees-par-un-vol-de-donnees-a-pole-emploi-23-08-2023-VWPYOMBSWZDPVDW7LWHJA2KIGU.php 針對Prospect Medical Holdings遭到攻擊面臨服務中斷，勒索軟體Rhysida聲稱是他們所為，竊走1 TB檔案及1.3 TB的SQL資料庫 https://www.bleepingcomputer.com/news/security/rhysida-claims-ransomware-attack-on-prospect-medical-threatens-to-sell-data/ Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks https://thehackernews.com/2023/08/phishing-as-service-gets-smarter.html Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege https://thehackernews.com/2023/08/experts-uncover-how-cybercriminals.html 風險控管業者Kroll員工遭遇SIM卡挾持攻擊，破產申請人資料恐外洩 https://www.bleepingcomputer.com/news/security/kroll-data-breach-exposes-info-of-ftx-blockfi-genesis-creditors/ Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack https://thehackernews.com/2023/08/kroll-suffers-data-breach-employee.html https://twitter.com/FTX_Official/status/1694899217326608611 https://twitter.com/BlockFi/status/1694844414294704547 https://www.kroll.com/en/about-us/news/security-incident New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists https://thehackernews.com/2023/09/new-superbear-trojan-emerges-in.html E.研究報告/工具 Windows的容器隔離框架有可能讓攻擊者繞過安全防護機制 https://www.deepinstinct.com/blog/contain-yourself-staying-undetected-using-the-windows-container-isolation-framework 研究人員揭露利用Microsoft Entra ID提升權限的手法 https://www.secureworks.com/research/power-platform-privilege-escalation 實現攻擊自動化！專家警告網路犯罪利用AI提高效率 https://reurl.cc/WGeMqk 應用零信任與FIDO技術於內網安全之身份驗證機制 https://ndltd.ncl.edu.tw/cgi-bin/gs32/gsweb.cgi/login?o=dnclcdr&s=id=%22111YUNT0392043%22.&searchmode=basic 简析防火墙即服务（FWaaS）的应用价值与挑战 https://www.aqniu.com/vendor/99352.html 黑客可以滥用Microsoft Office可执行文件下载恶意软件 https://www.4hou.com/posts/3rrR “游蛇”黑产团伙利用微信传播恶意代码的活动分析 https://www.4hou.com/posts/9A7Z CVE-2023-29357 – Microsoft SharePoint ValidateTokenIssuer 身份验证绕过漏洞分析 https://paper.seebug.org/3021/ 威胁狩猎行动失败的三大原因及建议 https://www.aqniu.com/vendor/99390.html Cyberattacks Targeting E-commerce Applications https://thehackernews.com/2023/08/cyberattacks-targeting-e-commerce.html How to Prevent ChatGPT From Stealing Your Content & Traffic https://thehackernews.com/2023/08/how-to-prevent-chatgpt-from-stealing.html Numbers Don't Lie: Exposing the Harsh Truths of Cyberattacks in New Report https://thehackernews.com/2023/08/numbers-dont-lie-exposing-harsh-truths.html How to Scale Cybersecurity for Your Business https://www.cisecurity.org/insights/blog/how-to-scale-cybersecurity-for-your-business Learn How Your Business Data Can Amplify Your AI/ML Threat Detection Capabilities https://thehackernews.com/2023/08/learn-how-your-business-data-can.html Navigating Legacy Infrastructure: A CISO's Actionable Strategy for Success https://thehackernews.com/2023/08/navigating-legacy-infrastructure-cisos.html It's a Zero-day? It's Malware? No! It's Username and Password https://thehackernews.com/2023/09/its-zero-day-its-malware-no-its.html F.商業 VMware與Intel合作快速管理漏洞並於VMware Cloud加快勒索軟體攻擊恢復 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10646 Check Point Software 攜手臺科大，導入國際級資源培育資安專才 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10647 資安威脅升溫！HITCON、Yourator資安論壇共尋人才解方 https://ctee.com.tw/industrynews/technology/931113.html F5 推出行動應用安全套件　結合行動應用防護與機器人防禦 https://netmag.tw/2023/08/31/f5-launch-mobile-application-security-kit-join-mobile-application-shield-and-robotics 戴夫寇爾擴充資安人才庫 近三年發出百萬獎學金 https://reurl.cc/kX43lK CyberArk調查：AI、經濟環境不佳加劇身分攻擊面 導致資安債擴大 https://tw.stock.yahoo.com/news/cyberark-ai-070038534.html 訊連 FaceMe Day 登場！人臉辨識應用金融、安控、門禁遍地開花 https://finance.technews.tw/2023/08/31/faceme-day/ G.政府 行政院通過所屬機關使用生成式AI參考指引 https://www.ithome.com.tw/news/158533 資安院定義19類資安人才類別，首波培訓課程針對資安長而來 https://www.ithome.com.tw/news/158498 衛福部盤點智慧醫療進展，要統一部內4署資料標準、預計10月發布通訊診察治療辦法修正案 https://www.ithome.com.tw/news/158550 就醫可能病歷個資遭駭？ 北慈與調查局共築資安防護網 https://udn.com/news/story/7323/7404791 法務部調查局與臺北翡翠水庫管理局簽署國家資通安全聯防與情資分享合作備忘錄 https://www.mjib.gov.tw/news/Details/1/904 調查局與花慈簽署資通安全聯防與情資分享MOU https://www.tcnews.com.tw/medicine/item/19814.html 以數位信任引領數位發展，打造從產業到國家的未來競爭力 https://www.bnext.com.tw/article/76357/iii2023.08? 數位部明年預算73億元 十大計畫曝光 https://ctee.com.tw/news/policy/932652.html H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Netgear修補路由器及網路管理軟體漏洞 https://therecord.media/netgear-releases-patches-for-two-bugs https://www.zerodayinitiative.com/advisories/ZDI-23-1283/ https://www.zerodayinitiative.com/advisories/ZDI-23-1284/ https://kb.netgear.com/000065734/Security-Advisory-for-Authentication-Bypass-on-the-RBR760-PSV-2023-0052 https://kb.netgear.com/000065705/Security-Advisory-for-Post-authentication-Command-Injection-on-the-Prosafe-Network-Management-System-PSV-2023-0037 TP-Link 智慧燈泡內含多個漏洞，駭侵者可藉以竊得 Wi-Fi 密碼 https://www.twcert.org.tw/tw/cp-104-7338-f8608-1.html 當「車聯網」之後，該如何避免方向盤被駭客操控？專訪國立臺灣科技大學資訊管理系查士朝教授 https://buzzorange.com/techorange/2023/09/01/vehicle-to-everything-is/ I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 Product Manager Happy Hour & Networking Event 2023/9/2 https://www.meetup.com/international-product-management-meetup-group/events/295580305/ Just a chat - with no Expectations 2023/9/2 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/295419679/ PyCon TW 2023 2023/9/2 ~ 2023/9/3 https://tw.pycon.org/2023/zh-hant/registration/tickets Coffee & Code 2023/9/3 https://www.meetup.com/innovate-taiwan/events/295754118/ SHALLOW - 2023 Summer Workshop 2023/9/4 https://project4by55.kktix.cc/events/shallow-2023summer Hugging Face : Feature Extraction 2023/9/5 https://www.meetup.com/tensorflow-user-group-taipei/events/295006101/ IR系列課程：惡意程式獵捕與網路封包探索｜ACW SOUTH數位產業署沙崙資安服務基地 2023/9/6 https://ievents.iii.org.tw/EventS.aspx?t=0&id=2191 Machine Learning Tech Talks 2023/9/6 https://www.meetup.com/machine-learning-tech-talks/events/295500237/ 【台北場 講座】資料驅動的數位新時代：搭上資安與永續的順風車 2023/9/6 https://www.accupass.com/event/2308100548162116664780 HackingThursday 固定聚會@2023 -- 台北 Taipei 2023/9/7 https://www.meetup.com/hackingthursday/events/295527370/ Airflow Taiwan User Meetup #8 2023/9/7 https://www.meetup.com/taipei-py/events/295475667/ Web應用滲透測試 2023/9/7 ~ 2023/9/8 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 華宇企管｜免費說明會｜ISO 27001:2022改版有什麼不同 2023/9/12 https://www.accupass.com/event/2308150832588669740710 Elixir Taiwan monthly meetup 2023/9/12 https://www.meetup.com/elixirtw-taipei/events/295381891/ 「資安無邊界 安全零信任 」資安講座 2023/9/13 https://ievents.iii.org.tw/EventS.aspx?t=0&id=2215 Elastic AI Assistant 介紹： 解析日誌和資安告警的神器，再也不用問 ChatGPT！ 2023/9/13 https://www.accupass.com/event/2308250311342124307577 Secure Our Streets 2023 2023/9/14 https://www.meetup.com/automotive-security-research-group-taipei/events/292175225/ KNIME Data Connect: Taiwan (Onsite/Hybrid) 2023/9/14 https://www.meetup.com/knime-users-taiwan/events/295003668/ 台歐EU ENISA雙向合作交流會(EU Cybersecurity Workshop) 2023/9/14 https://www.accupass.com/event/2308300304049987423000 Secure Our Streets 2023 2023/9/14 https://www.meetup.com/automotive-security-research-group-taipei/events/292175225/ ISO 27001改版 - 企業資安轉版重點解析 2023/9/15 https://www.accupass.com/event/2307260551372077718865 WordPress - 桃園午茶小聚 Linner Meetup #28 2023/9/16 https://www.meetup.com/taoyuan-wordpress-meetup/events/295803043/ [GDG] Artificial Intelligence Information Security Day 2023/9/16 https://gdg-taipei.kktix.cc/events/artificial-intelligence-information-security-day SyntaxError 2023/9/20 https://www.meetup.com/pythonhug/events/295730605/ 2023金融資安發展論壇 2023/9/22 https://www.informationsecurity.com.tw/seminar/2023_finance/ 從 MLOps 到 LLMOps 的混合雲實踐 2023/9/25 https://www.meetup.com/rladies-taipei/events/295452194/ 四個月考過CCNA，成為網路工程師 2023/9/27 https://www.accupass.com/event/2308280820492735100520 【ACSI安碁資訊】上雲後的下一步——如何逐步建構雲端防護 2023/9/28 https://www.accupass.com/event/2307270328312367680900 Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary Taipei DevOps User Group Launch Event 2023/10/13 https://www.meetup.com/taipei-devops-user-group/events/295716641/ 國家高速網路與計算中心 平行計算程式設計基礎課程 2023/10/17 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4033&from_course_list_url=homepage OCF 培訓活動: 如何建立安全的網路架構 II 2023/10/21 https://ocftw.kktix.cc/events/ocftot2023 (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023 Web應用滲透測試 2023/11/9 ~ 2023/11/10 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512 【Monosparta】②⓪②④ 第一梯次 軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401