###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/7/15 ~ 2024/7/19 1.重大弱點漏洞/後門/Exploit/Zero Day VMware揭露自動化處理平臺存在高風險漏洞，攻擊者可對其發動SQL注入攻擊 https://www.ithome.com.tw/news/163898 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html Patch or Peril: A Veeam vulnerability incident https://www.group-ib.com/blog/estate-ransomware/ Oracle發布2024第3季例行更新，公布240個資安漏洞 https://www.oracle.com/security-alerts/cpujul2024.html Oracle Critical Patch Update for July 2024 https://www.oracle.com/security-alerts/cpujul2024.html 微軟修補MSHTML零時差弱點漏洞 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112 https://www.ithome.com.tw/news/163889 Hackers Attacking Windows Users With Internet Explorer Zero-Day Vulnerability https://cybersecuritynews.com/hackers-exploit-ie-zero-day-vulnerability/ 半年前APT駭客組織Void Banshee利用MSHTML零時差漏洞散布竊資軟體Atlantida https://www.ithome.com.tw/news/163975 Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer https://thehackernews.com/2024/07/void-banshee-apt-exploits-microsoft.html Windows電腦出現大量當機的情況，起因為CrowdStrike的EDR系統更新出錯所致 https://www.ithome.com.tw/news/164030 Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it https://reurl.cc/YE2NOx Microsoft finally fixes Outlook alerts bug caused by December updates https://www.bleepingcomputer.com/news/microsoft/microsoft-finally-fixes-outlook-alerts-bug-caused-by-december-updates/ Windows 10 KB5040427 update released with Copilot changes, 12 other fixes https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5040427-update-released-with-copilot-changes-12-other-fixes/ Microsoft fixes bug causing Windows Update automation issues https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-windows-update-automation-issues/ Microsoft finally fixes Outlook alerts bug caused by December updates https://www.bleepingcomputer.com/news/microsoft/microsoft-finally-fixes-outlook-alerts-bug-caused-by-december-updates/ June Windows Server updates break Microsoft 365 Defender features https://www.bleepingcomputer.com/news/microsoft/june-windows-server-updates-break-microsoft-365-defender-features/ Microsoft shares temp fix for Windows 11 Photos not launching https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-windows-11-photos-not-launching/amp/ CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/ 郵件傳輸代理伺服器Exim存在重大漏洞，若不處理攻擊者可用來寄送惡意附件 https://www.ithome.com.tw/news/163925 Critical Exim bug bypasses security filters on 1.5 million mail servers https://www.bleepingcomputer.com/news/security/critical-exim-bug-bypasses-security-filters-on-15-million-mail-servers/ Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments https://thehackernews.com/2024/07/critical-exim-mail-server-vulnerability.html GitLab發布社群版及企業版更新，修補能讓任意用戶執行自動化工作Pipeline的重大漏洞 https://www.ithome.com.tw/news/163918 Palo Alto Networks修補移轉工具Expedition缺乏身分驗證的重大漏洞 https://www.ithome.com.tw/news/163919 Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool https://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html Apache 已發布 Apache HTTP Server 的安全更新 https://www.ithome.com.tw/news/163897 https://httpd.apache.org/security/vulnerabilities_24.html Apache圖像資料庫HugeGraph重大層級漏洞出現攻擊行動 https://www.ithome.com.tw/news/164017 Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP https://thehackernews.com/2024/07/critical-apache-hugegraph-vulnerability.html 美國證實Geoserver元件GeoTools重大漏洞已被用於攻擊行動 https://www.cisa.gov/news-events/alerts/2024/07/15/cisa-adds-one-known-exploited-vulnerability-catalog CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software https://thehackernews.com/2024/07/cisa-warns-of-actively-exploited-rce.html 思科緊急修補SSM On-Prem可被用來變更密碼的安全漏洞 https://www.ithome.com.tw/news/164005 Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html Cisco SSM On-Prem bug lets hackers change any user's password https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/cisco-ssm-on-prem-bug-lets-hackers-change-any-users-password/ Critical Cisco bug lets hackers add root users on SEG devices https://www.bleepingcomputer.com/news/security/critical-cisco-bug-lets-hackers-add-root-users-on-seg-devices/ Atlassian修補Bamboo、Confluence、Jira高風險漏洞 https://www.securityweek.com/atlassian-patches-high-severity-vulnerabilities-in-bamboo-confluence-jira/ Google發布126安全性更新，修補10個漏洞 https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html?m=1 SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software https://thehackernews.com/2024/07/solarwinds-patches-11-critical-flaws-in.html Adobe、CISA針對Commerce及Magento重大漏洞提出警告，並指出已被用於攻擊行動 https://www.securityweek.com/recent-adobe-commerce-vulnerability-exploited-in-wild/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 新加坡銀行將在3個月內汰除一次性文字密碼 https://www.ithome.com.tw/news/163923 Banks in Singapore to phase out one-time passwords in 3 months https://www.bleepingcomputer.com/news/security/banks-in-singapore-to-phase-out-one-time-passwords-in-3-months/ Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months https://thehackernews.com/2024/07/singapore-banks-to-phase-out-otps-for.html 1週「被消失」40家銀行 美金融大鱷巴斯：中國銀行系統崩潰中 https://ec.ltn.com.tw/article/breakingnews/4735181 金融業上雲鬆綁　資安迎利多 https://finance.ettoday.net/news/2770691 拉丁美洲遭金融木馬Coyote鎖定，駭客的主要標的是巴西金融機構用戶 https://blogs.blackberry.com/en/2024/07/coyote-banking-trojan-targets-latam-with-a-focus-on-brazilian-financial-institutions FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums https://thehackernews.com/2024/07/fin7-group-advertises-security.html 駭客組織FIN7傳出兜售能迴避EDR偵測的工具給其他網路罪犯，並採用新型態手法讓受害電腦的端點防護機制失效 https://www.ithome.com.tw/news/164003 Notorious FIN7 hackers sell EDR killer to other threat actors https://www.bleepingcomputer.com/news/security/notorious-fin7-hackers-sell-edr-killer-to-other-threat-actors/amp/ FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks https://www.sentinelone.com/labs/fin7-reboot-cybercrime-gang-enhances-ops-with-new-edr-bypasses-and-automated-attacks/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安 全支付進軍日本，2個步驟大賺30%回饋！PayPay哪裡可刷？一文看懂怎麼用 https://www.bnext.com.tw/article/78494/pxpayplus-paypay-cross-border-payment-cooperation 全支付滲透民生需求 繳停車費服務開通 https://reurl.cc/z1xD1Q 蘋果與歐盟達成協議 向競爭對手開放行動支付系統 https://news.cnyes.com/news/id/5635851 歐盟施壓蘋果將開放NFC支付技術 PayPal後市可期 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8aed79b9-1ce4-4c96-bcbe-c941694f567e 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 加密貨幣被盜翻倍 13.8億美元被洗劫一空 https://reurl.cc/70gLpd 放到身體裡的Web3錢包？售價349美元的皮下硬體錢包Apex問市 https://www.panewslab.com/zh_hk/articledetails/72u9t014Ft.html Immunefi：BNB Chain自成立以來因駭客攻擊和Rug Pull導致損失16億美元 https://www.panewslab.com/zh_hk/sqarticledetails/88rzplk1Ft.html 德國政府皮夾地址再次轉出5,000枚BTC，持股僅剩4925枚BTC https://www.panewslab.com/zh_hk/sqarticledetails/6f1qa4qgFt.html 上半年被盜加密貨幣比去年增加一倍多 https://technews.tw/2024/07/11/cryptocurrency-theft-more-than-doubles-from-last-year/ Mt. Gox還款有套利機會？分析師：做多BTC、做空BCH是最有效的中性策略 https://www.blocktempo.com/how-to-make-money-from-mt-gox-repayments/ Coingecko聯創：Google將網域遷移至Squarespace過程中移除了2FA，導致安全性降低 https://www.panewslab.com/zh_hk/sqarticledetails/j0g82oagFt.html 印度加密貨幣交易平臺WazirX遭北韓駭客攻擊，損失2.3億美元 https://www.ithome.com.tw/news/164020 WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 勒索軟體Akira、Estate利用Veeam去年修補的備份軟體漏洞從事攻擊行動 https://www.securityweek.com/year-old-veeam-vulnerability-exploited-in-fresh-ransomware-attacks/ 研究人員揭露惡意NuGet攻擊行動，駭客濫用同形文字、竄改中間語言愚弄開發人員 https://www.reversinglabs.com/blog/malicious-nuget-campaign-uses-homoglyphs-and-il-weaving-to-fool-devs 惡意軟體DarkGate透過Samba檔案共用資料夾散布 https://unit42.paloaltonetworks.com/darkgate-malware-uses-excel-files/ 駭客組織Scattered Spider利用勒索軟體Qilin從事攻擊行動 https://www.bleepingcomputer.com/news/security/microsoft-links-scattered-spider-hackers-to-qilin-ransomware-attacks/ 日本企業組織遭到攻擊行動MirrorFace鎖定，對方散布後門程式NoopDoor https://www.ithome.com.tw/news/164009 中國駭客組織GhostEmperor捲土重來，利用惡意程式Demodex從事攻擊行動 https://www.sygnia.co/blog/ghost-emperor-demodex-rootkit/ A Social Engineering Tactic to Deploy Malware https://www.mcafee.com/blogs/other-blogs/mcafee-labs/clickfix-deception-a-social-engineering-tactic-to-deploy-malware/ ViperSoftX malware covertly runs PowerShell using AutoIT scripting https://www.bleepingcomputer.com/news/security/vipersoftx-malware-covertly-runs-powershell-using-autoit-scripting/ 惡意軟體DarkGate透過Samba檔案共用資料夾散布 https://www.ithome.com.tw/news/163967 DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign https://thehackernews.com/2024/07/darkgate-malware-exploits-samba-file.html How to Remove WordPress Malware: Manual and Automatic Malware Removal https://www.hostinger.com/tutorials/wordpress-malware-removal New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection https://thehackernews.com/2024/07/new-hardbit-ransomware-40-uses.html Facebook ads for Windows desktop themes push info-stealing malware https://www.bleepingcomputer.com/news/security/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware/ SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks https://www.bleepingcomputer.com/news/security/sexi-ransomware-rebrands-to-apt-inc-continues-vmware-esxi-attacks/ Malicious npm Packages Found Using Image Files to Hide Backdoor Code https://thehackernews.com/2024/07/malicious-npm-packages-found-using.html Malicious npm Packages Found Using Image Files to Hide Backdoor Code https://thehackernews.com/2024/07/malicious-npm-packages-found-using.html Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks https://thehackernews.com/2024/07/iranian-hackers-deploy-new-bugsleep.html New Poco RAT Weaponizing 7zip Files Using Google Drive https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/poco-rat-7zip-google-drive/amp/ Microsoft links Scattered Spider hackers to Qilin ransomware attacks https://www.bleepingcomputer.com/news/security/microsoft-links-scattered-spider-hackers-to-qilin-ransomware-attacks/ New BugSleep malware implant deployed in MuddyWater attacks https://www.bleepingcomputer.com/news/security/new-bugsleep-malware-implant-deployed-in-muddywater-attacks/ 60 New Malicious Packages Uncovered in NuGet Supply Chain Attack https://thehackernews.com/2024/07/60-new-malicious-packages-uncovered-in.html Microsoft links Scattered Spider hackers to Qilin ransomware attacks https://www.bleepingcomputer.com/news/security/microsoft-links-scattered-spider-hackers-to-qilin-ransomware-attacks/ 義大利企業遭到中國駭客組織APT17鎖定，對方企圖散布惡意程式RAT 9002 https://www.ithome.com.tw/news/164006 China-linked APT17 Targets Italian Companies with 9002 RAT Malware https://thehackernews.com/2024/07/china-linked-apt17-targets-italian.html Scaling Up Malware Analysis with Gemini 1.5 Flash https://cloud.google.com/blog/topics/threat-intelligence/scaling-up-malware-analysis-with-gemini?linkId=10415141 北韓駭客利用竊資軟體BeaverTail鎖定macOS用戶 https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html North Korean Hackers Update BeaverTail Malware to Target MacOS Users https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver https://thehackernews.com/2024/07/alert-hotpage-adware-disguised-as-ad.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 iPhone用戶警惕：新型網絡攻擊瞄準Apple ID https://www.epochtimes.com/b5/24/7/10/n14287281.htm iphone爆間諜軟體攻擊！蘋果示警98國用戶：「2情況」恐遭入侵 https://fnc.ebc.net.tw/fncnews/headline/173460 iOS 18 公測版 Public Beta下載、更新與支援機型一次看 https://applealmond.com/posts/240018#google_vignette 24款iPhone現可升級iOS 18公測　蘋果AI尚未上線 https://3c.ltn.com.tw/news/58898 購買便宜的 Android 電視盒之前請三思 https://www.kocpc.com.tw/archives/556045 Google正式終止對Android 5.0 Lollipop提供後續技術支援，Android 6.0明年也跟進終止 https://reurl.cc/dn6M28 研究人員揭露廣告詐欺攻擊行動Konfety，駭客透過逾250個Google Play市集的App偷渡惡意程式 https://www.humansecurity.com/learn/blog/the-partys-over-humans-satori-threat-intelligence-and-research-team-cleans-up-konfety-mobile-ad-fraud-campaign 'Konfety' Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins https://thehackernews.com/2024/07/konfety-ad-fraud-uses-250-google-play.html Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 上市營造業者宏盛證實部分資訊系統遭遇網路攻擊，旗下子公司助群營造也發生資安事故 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=2&SPOKE_TIME=165240&SPOKE_DATE=20240717&COMPANY_ID=2534 美軍推「自帶設備註冊」 兼顧資安與操作彈性 https://reurl.cc/aqoyRD 生成式AI模型也會被駭！趨勢科技營運長：AI PC時代來臨，4大解方護資安 https://today.line.me/tw/v2/article/Vx3RoK1 不慎曝露的GitHub憑證恐波及Python、PyPI、Python軟體基金會的運作 https://thehackernews.com/2024/07/github-token-leak-exposes-pythons-core.html Squarespace代管的網域成為駭客攻擊目標 https://www.ithome.com.tw/news/163953 駭客組織CloudSorcerer鎖定俄羅斯企業組織而來 https://securelist.com/cloudsorcerer-new-apt-cloud-actor/113056/ 俄羅斯駭客傳出對法國網站進行「試驗性」DDoS攻擊，恐對於巴黎奧運造成威脅 https://cyble.com/blog/hacktivist-groups-peoples-cyber-army-and-hacknet-launch-trial-ddos-attacks-on-french-websites-prior-to-the-onslaught-during-paris-olympics/ 日本防衛省以機密資訊處理不當為由訓誡100多人 https://reurl.cc/dnElLV 日本航太研究機構JAXA伺服器、Microsoft 365環境被駭，疑導致上萬份資料外洩 https://www.ithome.com.tw/news/163941 JAXA 調查其 Active Directly 遭入侵事件發現涉及零日漏洞 https://unwire.pro/2024/07/11/jaxa/security/ 中國國安部：境外間諜以校園貸逼使學生竊密 https://www.ettoday.net/news/20240712/2776245.htm 防範中國間諜滲透是全球民主國家的挑戰 https://www.upmedia.mg/news_info.php?Type=2&SerialNo=205858 大陸駭客入侵 馬文君驚這兩類機構被襲次數是全球兩倍 https://udn.com/news/story/6656/8086171 澳門政府多個保安部門網絡被駭 服務受阻三小時 https://reurl.cc/RqpEve 太歲頭上動土！澳門警政系統官網及App遭網攻 https://news.ltn.com.tw/news/world/breakingnews/4734226 港口中國起重機掀國安疑慮 美將耗資汰換 https://reurl.cc/MOamNv 與中共打交道 荷蘭新相的「當心」之道 https://talk.ltn.com.tw/article/paper/1655892 加拿大購買北極飛機機庫 擔憂外國間諜活動 https://www.epochtimes.com/b5/24/7/9/n14287155.htm 美國安局前網絡司令中曾根入職Open AI　官媒質疑動機目的 https://www.hk01.com/article/1036688?utm_source=01articlecopy&utm_medium=referral 中國駭客組織 APT41 升級武器庫，DodgeBox 和 MoonWalk 成新威脅 https://www.techbang.com/posts/116801-the-apt41-team-in-china-has-added-a-stealthy-malware-loader 揭中指揮駭攻 澳號召7國反制 https://news.ltn.com.tw/news/world/paper/1655821 澳洲曝光黑客組織APT40 中共被指幕後操手 https://www.epochtimes.com/b5/24/7/9/n14286591.htm 美國盟友對中國駭客組織發出罕見警告 https://reurl.cc/QRyGbp 「八國聯軍」一起罵北京！　德日韓首加入「五眼聯盟」批中資助駭客 https://news.tvbs.com.tw/world/2546113 情資顯示俄羅斯動用社媒網路帶風向 助攻川普勝選 https://www.worldjournal.com/wj/story/121469/8089972 日本針對北韓駭客Kimsuky的攻擊行動提出警告 https://www.ithome.com.tw/news/163930 日與北約共享情報 深化安全合作 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1692343&type=universal 滲透澳洲國防軍竊軍事機密! 俄間諜夫妻被捕 最高25年牢飯等他們 https://www.bannedbook.org/bnews/zh-tw/worldnews/20240712/2061310.html 卡巴斯基傳出將關閉美國分公司營運，並進行裁員 https://www.ithome.com.tw/news/163940 準備撤出美國市場的卡巴斯基，將提供當地用戶半年份免費防毒 https://www.ithome.com.tw/news/163968 Kaspersky Exits U.S. Market Following Commerce Department Ban https://thehackernews.com/2024/07/kaspersky-exits-us-market-following.html 中國駭客組織APT41滲透全球航運、物流、媒體及娛樂產業 https://www.ithome.com.tw/news/164027 APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K. https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html DNS hijacks target crypto platforms registered with Squarespace https://www.bleepingcomputer.com/news/security/dns-hijacks-target-crypto-platforms-registered-with-squarespace/ Australian Defence Force Private and Husband Charged with Espionage for Russia https://thehackernews.com/2024/07/australian-defence-force-private-and.html CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool https://thehackernews.com/2024/07/crystalray-hackers-infect-over-1500.html Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email https://www.darkreading.com/cyberattacks-data-breaches/threat-actors-ramp-up-use-of-encoded-urls-to-bypass-secure-email 駭客組織TAG-100使用開源工具發動攻擊，鎖定包含臺灣在內的十多個國家政府機關及企業組織 https://www.recordedfuture.com/research/tag-100-uses-open-source-tools-in-suspected-global-espionage-campaign TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks https://thehackernews.com/2024/07/tag-100-new-threat-actor-uses-open.html 【資安技術經理】 | FG12010321 https://www.104.com.tw/job/8bn3r?jobsource=cmw_redirect 資安駐點工程師 https://www.104.com.tw/job/72di0?jobsource=cmw_redirect 【資訊板塊】資訊安全工程師_I00000598 https://www.104.com.tw/job/8714y?jobsource=cmw_redirect 資安事件調查員 https://www.104.com.tw/job/8a3en?jobsource=cmw_redirect 資訊部-資訊安全專業人員 https://www.104.com.tw/job/887hz?jobsource=cmw_redirect 資訊安全處-銀行資安專家 https://www.104.com.tw/job/87tuf?jobsource=cmw_redirect 資安攻防工程師 https://www.104.com.tw/job/8a3ex?jobsource=cmw_redirect 【國泰集團】資訊安全工程師 https://www.104.com.tw/job/816yo?jobsource=cmw_redirect 5L新光人壽-資訊安全管理師(有相關經驗、證照者從優核敘) https://www.104.com.tw/job/6l5op?jobsource=cmw_redirect 資訊部-資安維運人員 https://www.104.com.tw/job/7ku5t?jobsource=cmw_redirect 【期貨】資安人員 https://www.104.com.tw/job/8ahct?jobsource=cmw_redirect 資安鑑識工程師 https://www.104.com.tw/job/85nv4?jobsource=cmw_redirect 【專業支援】資安科技專業人員_I00000640 https://www.104.com.tw/job/86qn2?jobsource=cmw_redirect 【資訊板塊】雲端資安工程師 https://www.104.com.tw/job/7hkcv?jobsource=cmw_redirect 資安人員 https://www.104.com.tw/job/5f21g?jobsource=cmw_redirect 資安稽核專案經理/專案主任 https://www.104.com.tw/job/78a3u?jobsource=cmw_redirect 【數位增長部】資安人員 https://www.104.com.tw/job/8br15?jobsource=cmw_redirect D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 蘋果用戶別上當 官方公布6大常見詐騙手法 https://www.worldjournal.com/wj/story/121617/8091013?from=wj_catelistnews 崴寶精密科技與其客戶遭遇BEC詐騙，駭客冒名發送電子郵件騙走3千萬，所幸及時凍結接收匯款的人頭帳戶 https://www.ithome.com.tw/news/163841 Google普及「暗網報告」功能！7月底全面開放　查找個資是否外洩 https://www.ettoday.net/news/20240711/2775005.htm 微軟郵件警告俄羅斯駭客攻擊 客戶批評看起來像垃圾郵件和釣魚攻擊 https://pmlife.day/Opinion/read/microsoft-email-warning-russian-hackers-attack-customers-criticize-look-like-spam-phishing-attack 「改變健保」因網攻洩個資 紐約總檢察長促使用身分防竊服務 https://www.epochtimes.com/b5/24/7/11/n14288282.htm 日本史上最大個資危機？造成老字號影音平台NicoNico停擺的「角川駭客事件」災情整理 https://reurl.cc/KemL3M 前詐團成員血淚自白！待寮國特區「1天工作18小時」　揭孤單老女人最好騙 https://www.ftvnews.com.tw/news/detail/2024711W0088 史上最大個資外洩案！近100億組密碼遭駭客公開，什麼是撞庫攻擊？簡單4招護個資 https://www.bnext.com.tw/article/79744/rockyou2024-hacker 國稅局提醒汽車經銷商 防範網路詐騙攻擊 https://www.epochtimes.com/b5/24/7/12/n14289046.htm 線上水房洗錢 調查局逮2名首腦 https://cn.epochtimes.com/b5/24/7/12/n14289495.htm 中國駭客組織Smishing Triad鎖定印度發動大規模網釣簡訊攻擊 https://www.ithome.com.tw/news/163942 AT&T資料外洩傳出是土耳其駭客所為，該公司低頭支付37萬美元贖金 https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/ 幾乎所有AT&T無線用戶的通話及簡訊記錄都遭到外洩 https://www.ithome.com.tw/news/163926 AT&T披露新的用戶通話和簡訊記錄遭駭客竊取事件 https://reurl.cc/Wx5Mx9 AT&T：黑客竊取幾乎所有手機用戶數據 https://cn.epochtimes.com/b5/24/7/12/n14289559.htm 駭客事件忙7周 AT&T又大規模資料外洩 加劇Snowflake資安問題 http://www.aastocks.com/tc/stocks/news/anue-news/AN5637596/1 AT&T Confirms Data Breach Affecting Nearly All Wireless Customers https://thehackernews.com/2024/07/at-confirms-data-breach-affecting.html 使用Squarespace服務的加密貨幣業者遭遇DNS挾持攻擊，駭客將使用者重新導向釣魚網站 https://www.bleepingcomputer.com/news/security/dns-hijacks-target-crypto-platforms-registered-with-squarespace/ 迪士尼驚傳資料外洩，駭客組織NullBulge聲稱竊得逾1 TB內部資料 https://hackread.com/disneys-internal-slack-breached-nullbulge-leak-data/ 電池正極材料業者泓辰驚傳LMFP電池機密外洩，有員工在離職前擅自攜出價值近20億元的產品營業秘密 https://www.ithome.com.tw/news/163977 駭客公開1,500萬名Trello用戶個資 https://www.ithome.com.tw/news/163971 多家公司涉嫌不當蒐集使用104人力銀行的求職者個資，檢調接獲該業者通報而進行偵辦 https://www.ithome.com.tw/news/164036 研究人員揭露人工智慧平臺SAP AI Core漏洞SAPwned，有可能被攻擊者存取帳密及客戶資料 https://www.wiz.io/blog/sapwned-sap-ai-vulnerabilities-ai-security Total Fitness Exposes 500k Images of Members & Staff https://www.linkedin.com/pulse/total-fitness-exposes-500k-images-members-staff-cisos-insights-gsbqf/ 10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit https://thehackernews.com/2024/07/10000-victims-day-infostealer-garden-of.html GitHub Token Leak Exposes Python's Core Repositories to Potential Attacks https://thehackernews.com/2024/07/github-token-leak-exposes-pythons-core.html Email addresses of 15 million Trello users leaked on hacking forum https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/ Over 400,000 Life360 user phone numbers leaked via unsecured API https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/ Meta Halts AI Use in Brazil Following Data Protection Authority's Ban https://thehackernews.com/2024/07/meta-halts-ai-use-in-brazil-following.html E.研究報告/工具 走進駭客的玩具箱：18款駭客硬體工具大揭秘 https://hackercat.org/cybertalk/best-18-hacking-tools AD Identity Snowball Attack：攻擊手法解析與 Edge Blocking 演算法作為緩解方法 https://www.cycarrier.com/post/adidentity20240702 Beginners introduction to pwntools for exploit development and CTFs Part 1: https://archcloudlabs.com/projects/pwntools-bof/ Part 2: https://archcloudlabs.com/projects/pwntools-shellcraft/ Part 3: https://archcloudlabs.com/projects/pwntools-automating-interactions/ Awesome Mobile PenTest https://github.com/vaib25vicky/awesome-mobile-security Android Pentesting 101: A Novice’s Handbook to Getting Started https://medium.com/@srkasthuri/android-pentesting-101-a-novices-handbook-to-getting-started-8f56f877f418 eLearnSecurity Mobile Application Penetration Testing (eMAPT) ANDROID Notes https://drive.google.com/file/d/1K_xnDKMhlV1aJqXsq4lXiCcliiGvs877/view Recommendations & Review of eMAPT https://brcyrr.medium.com/recommendations-review-of-emapt-819e72a27f06 A step-by-step Android penetration testing guide for beginners https://www.hackthebox.com/blog/intro-to-mobile-pentesting Certified Mobile Pentester (CMPen) – Android https://secops.group/product/certified-mobile-pentester-cmpen-android/ Mobile Application Penetration Testing https://academy.tcm-sec.com/p/mobile-application-penetration-testing iOS Frida Configuration https://book.hacktricks.xyz/v/portugues-ht/mobile-pentesting/ios-pentesting/frida-configuration-in-ios Frida Tutorial https://book.hacktricks.xyz/v/portugues-ht/mobile-pentesting/android-app-pentesting/frida-tutorial MOBILE HACKING COURSES https://www.mobilehackinglab.com/courses Android Penetration Testing: APK Reversing https://www.hackingarticles.in/android-penetration-testing-apk-reversing-part-2/ AndroidMobilePentest101 https://github.com/tsug0d/AndroidMobilePentest101 iOS/macOS penetration testing cheatsheet https://github.com/ansjdnakjdnajkd/iOS Mobile Application Penetration Testing Cheat Sheet https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet 8kSec Blog Mobile Hacking https://8ksec.io/blog/ The exploit prediction scoring system: What it is and how to use it https://graylog.org/post/the-exploit-prediction-scoring-system-what-it-is-and-how-to-use-it/ This new hacking method is mind-blowing – Akami DNS data exfiltration https://reurl.cc/kORxDn Detecting Living Off The Land attacks with Wazuh https://www.bleepingcomputer.com/news/security/detecting-living-off-the-land-attacks-with-wazuh/ Demystifying Hollow Process Injection https://www.darkrelay.com/post/demystifying-hollow-process-injection U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation https://thehackernews.com/2024/07/us-seizes-domains-used-by-ai-powered.html Threat Prevention & Detection in SaaS Environments - 101 https://thehackernews.com/2024/07/threat-prevention-detection-in-saas.html Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 1 https://www.splunk.com/en_us/blog/security/deploy-test-monitor-mastering-microsoft-applocker-part-1.html Navigating Insider Risks: Are your Employees Enabling External Threats https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html Threat Prevention & Detection in SaaS Environments - 101 https://thehackernews.com/2024/07/threat-prevention-detection-in-saas.html Navigating Insider Risks: Are your Employees Enabling External Threats https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html Automated Threats Pose Increasing Risk to the Travel Industry https://thehackernews.com/2024/07/automated-threats-pose-increasing-risk.html 7 Resources to Inform Your Next Hunt for Malicious Infrastructure https://thehackernews.com/expert-insights/2024/07/7-resources-to-inform-your-next-hunt.html F.商業 智冠科技宣布旗下 MyCard 服務取得線上身分快速識別 FIDO 驗證 https://gnn.gamer.com.tw/detail.php?sn=270624 防禦攻擊資安堆疊越趨複雜　過勞資安團隊疲於奔命救火 網路資安以簡馭繁　整合資源主動掌握狀況 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/6421B762E34F4621BE1A2C6E3BBB7671#google_vignette 涵蓋內部系統、外部網站、AI服務，趨勢打造單一遠端安全存取 https://www.ithome.com.tw/review/163188 平衡法遵、資安、創新三大面向 IBM與中菲電腦助金融業擁抱AI https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000696625_K3F72W2U15WRXI6AAM07H Google 擬以 230 億美元收購 Wiz 強化雲端安全布局 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11135 Alphabet傳出將以230億美元買下雲端資安業者Wiz，創下歷來最大併購案 https://www.ithome.com.tw/news/163922 TXOne Networks宣布任命Stephen Driggers擔任營收長 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11134 Exchange Online adds Inbound DANE with DNSSEC for security boost https:/www.bleepingcomputer.com/news/microsoft/exchange-online-adds-inbound-dane-with-dnssec-for-security-boost/ Safeguard Personal and Corporate Identities with Identity Intelligence https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html G.政府 讓台灣成資安之島 蕭美琴：臺灣資安還未符合全球期待 https://www.chinatimes.com/realtimenews/20240710002966-260407?ctrack=pc_main_rtime_p02&chdtv 組臺灣資安大聯盟，串連百餘家資安業者拼資安外交 https://www.ithome.com.tw/news/163933 台灣資安大聯盟正式成立 致力打造台灣成為全球數位安全領導者 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11132 國科會預告我國AI基本法草案，揭露隱私保護、資料安全、透明可解釋及問責等7大原則 https://www.ithome.com.tw/news/163935 標準檢驗局制定智慧型手機系統內建軟體資通安全要求事項及測試方法國家標準，強化智慧型手機資通安全 https://www.bsmi.gov.tw/bsmiGIP/wSite/fp?xItem=102477&ctNode=9141&mp=1 中華電信成功完成3GPP NTN衛星物聯網應用測試，開創物聯網新應用 https://reurl.cc/6v1YRy 嘉縣政府連續 2 年獲頒行政院網路攻防演練績優機關 https://news.owlting.com/articles/750096 金管會主委彭金隆正式發表金融科技發展規劃，共五大策略近20項措施 https://www.ithome.com.tw/news/163966 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Netgear warns users to patch auth bypass, XSS router flaws https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-authentication-bypass-xss-router-flaws/ 新型態的工控攻擊逐漸成為主流：以 PLC 作為惡意中繼站 https://www.twcert.org.tw/tw/cp-104-7922-a1a47-1.html ARM64 Updates Submitted For The Linux 6.11 Kernel https://www.phoronix.com/news/Linux-6.11-ARM64-Changes#google_vignette Netgear修補路由器身分驗證繞過漏洞、XSS漏洞 https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-authentication-bypass-xss-router-flaws/ I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 Taoyuan WordPress Café 桃園咖啡小聚 #38 2024/7/20 https://www.meetup.com/taoyuan-wordpress-meetup/events/301729248/ 微軟MVP - 關於生成式AI的兩三事 2024/7/22 https://www.meetup.com/rladies-taipei/events/301812934/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/23 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygckbfc/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/7/24 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702433/ 國家高速網路與計算中心 教育訓練 NVIDIA GPU 計算 2024/7/24 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4094&from_course_list_url=homepage 國際自動化協會臺灣分會：資安驗證與場域評估專業聚會 2024/7/25 https://isatw.kktix.cc/events/isa-2024q3-isasecure-1 HITCON Cyber Range 2024 企業藍隊競賽 2024/7/26 ~ 2024/10/30 https://hitcon.kktix.cc/events/hitcon-cyberrange-2024 【安碁學苑】資安職能培訓｜系統網路安全管理師 2024/7/27 ~ 2024/8/24 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-4 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/30 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygckbnc/ FinTech Summer CAMP 2024/8/5 ~ 2024/8/9 https://isipevent.kktix.cc/events/f2ce8bcc-copy-6 「資安技術人才培育計畫」免費線上講座 2024/8/6 https://www.acsiacad.com/subdetail/1066 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/ 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024