資安事件新聞週報 2024/2/26 ~ 2024/3/1

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/2/26 ~ 2024/3/1 1.重大弱點漏洞/後門/Exploit/Zero Day 開源軟體存在Wi-Fi身分驗證繞過漏洞，安卓、ChromeOS、Linux用戶恐曝險 https://www.top10vpn.com/research/wifi-vulnerabilities/ 美國針對Ivanti Connect Secure漏洞攻擊提出警告，即使重置原廠設定也無法完全清除威脅 https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b 更多駭客團體濫用ScreenConnect重大漏洞，Black Basta、Bl00dy被查出正在利用這個管道發動攻擊 https://www.trendmicro.com/en_us/research/24/b/threat-actor-groups-including-black-basta-are-exploiting-recent-.html Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html Zyxel 近日發布防火牆與無線基地臺的安全性更新 https://www.zyxel.com/tw/zh/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-21-2024 https://www.ithome.com.tw/news/161538 兆勤公告與修補防火牆與無線基地臺存在漏洞，用戶若不處理，可能無法因應RCE、命令注入等攻擊 https://www.ithome.com.tw/news/161538 兆勤針對防火牆與AP可被用於發動DoS攻擊、命令注入的漏洞發出公告 https://www.zyxel.com/tw/zh/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-21-2024 Anycubic客戶的3D印表機遭駭，對方聲稱該系統的MQTT伺服器存在漏洞 https://www.bleepingcomputer.com/news/security/anycubic-3d-printers-hacked-worldwide-to-expose-security-flaw/ https://techcrunch.com/2024/02/28/anycubic-users-3d-printers-hacked-warning/ https://klipper.discourse.group/t/printer-cfg-for-anycubic-kobra-2-plus-pro-max/11658/201 Windows AppLocker漏洞在修補之前就遭到北韓駭客Lazarus利用 https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html Canon修補小型辦公室印表機重大漏洞 https://www.securityweek.com/canon-patches-7-critical-vulnerabilities-in-small-office-printers/ https://psirt.canon/advisory-information/cp2024-001/ https://canon.jp/support/support-info/240205vulnerability-response https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers https://www.canon-europe.com/support/product-security-latest-news/ https://tw.canon/zh_TW/support/regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunction-printers/notice?range=4&category=9 思科修補整合通訊閘道系統Expressway的CSRF漏洞 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-KnnZDMj3 人工智慧加速軟體開發但存在安全隱憂！逾三分之一由GitHub Copilot產生的程式碼存在漏洞 https://www.veracode.com/resources/state-software-security-2024-addressing-threat-security-debt Ubuntu圖像程式庫元件FreeImage存在漏洞，有可能導致阻斷服務攻擊、執行任意程式碼 https://tuxcare.com/blog/multiple-freeimage-vulnerabilities-fixed-in-ubuntu/ CNN：駭客藉軟體漏洞發動網攻影響美聯邦機構 https://www.lvcnn.com/vegaschinese/news.php?id=44244 2.銀行/金融/保險/證券/金融監理新聞及資安反資本駭客組織稱攻擊了摩根大通官網，摩根大通官網暫時無法訪問 https://news.cnyes.com/news/id/5470420 TimbreStealer campaign targets Mexican users with financial lures https://blog.talosintelligence.com/timbrestealer-campaign-targets-mexican-users/ Banking Trojans Target Latin America and Europe Through Google Cloud Run https://thehackernews.com/2024/02/banking-trojans-target-latin-america.html 政府、金融資安需求強，安碁資訊2023營運創高 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=1826bd5b-c0a8-4152-aec1-b208e298d523 將來銀行部署微軟 Surface 鞏固企業資安落實永續經營策略 https://news.microsoft.com/zh-tw/features/surface-nextbank-cyberserurity-sustainability/ 國民基金平台基富通App超人氣資安認證護身下載量破10萬 https://reurl.cc/YVbba0 3.信用卡/電子支付/行動支付/pay/支付系統/資安醫療保健支付平臺Change Healthcare傳出遭勒索軟體BlackCat攻擊，6 TB資料流出 https://www.bleepingcomputer.com/news/security/ransomware-gang-claims-they-stole-6tb-of-change-healthcare-data/ 1300萬元消失了？17Live指控綠界科技金流系統出包，到底誰的錯 https://www.techbang.com/posts/113463-17live-the-green-world-controversy-lazy-bagthe-gold-flow 傳LINE Pay迎娶一卡通　雙方皆否認成親傳聞 https://www.cardu.com.tw/news/detail.php?50852 傳併購一卡通 LINE Pay：常交換意見、無收購議題 https://reurl.cc/rr22jx TWQR掃碼購物攏ㄟ通全支付3/11上線街口最快6月試營運 https://news.cnyes.com/news/id/5456016 街口、全支付「嗶」進日本打通數百萬據點 https://ec.ltn.com.tw/article/breakingnews/4593595 國泰貨運站引進B2B電子支付解決方案 http://www.aastocks.com/tc/stocks/news/aafn-news/NOW.1330282/2 跨境支付戰　全支付嗶進日本 https://news.housefun.com.tw/news/article/206900413702.html 拜託回來結帳！電子支付沒完成店家嘸確認 https://reurl.cc/N4ggm9 街口支付即日起可利用「出示付款碼」於日本店家透過PayPay消費，超商、百貨、餐廳、市集付款更便利 https://www.cool3c.com/article/210784 行動支付讓外國客卻步陸優化綁卡並將年交易限額提至5萬美元 https://udn.com/news/story/7333/7802715 日本旅遊付現金虧了！「全新付款神招」2/29悄登場：爽賺30％回饋 https://www.nownews.com/news/6372282 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安盜用45億美元的Bitfinex駭客成為Bitcoin Fog洗錢案中美國政府的關鍵證人 - PANews https://www.panewslab.com/zh_hk/sqarticledetails/dv0sgt27Ft.html 幣圈「多金王子」名不虛傳！孫宇晨曬 HTX 餘額：持有 16 億美元 BTC https://blockcast.it/2024/02/28/justin-sun-posted-screenshot-of-his-htx-wallet-which-contains-about-28614-bitcoin/ 盜取45億美元比特幣駭客成為美國政府洗錢案關鍵證人 https://m.cnyes.com/news/id/5466305 Beosin：SenecaUSD因安全漏洞被駭客利用了超1900枚ETH，價值約650萬美元 https://www.panewslab.com/zh_hk/sqarticledetails/sjqc5v9zFt.html Arkham：美國政府錢包轉移從Bitfinex駭客手中繳獲的近10億美元比特幣 https://news.cnyes.com/news/id/5467269 SenecaUSD駭客已將1,537枚ETH返還到Seneca部署者地址 https://news.cnyes.com/news/id/5468108 價值近 10 億美元！鏈上數據：美國政府轉移 1.5 萬枚比特幣 https://blockcast.it/2024/02/29/u-s-government-transferred-nearly-1b-of-bitcoin/ 美國政府高點拋售1.5萬枚BTC？沒收比特幣價值狂飆至120億美元 https://www.blocktempo.com/u-s-government-transfers-large-amount-of-btc/ 美國司法部：轉移從Bitfinex駭客手中繳獲的近10億美元比特幣是出於合法執法目的 https://www.panewslab.com/zh_hk/sqarticledetails/9xx1uxobFt.html 比特幣突破6萬美元！顯卡廠多頭大受激勵 https://wealth.businessweekly.com.tw/GArticle.aspx?id=ARTL010404774 PeckShield：2月份21起駭客攻擊事件總計盜取3.6億美元 https://news.cnyes.com/news/id/5470374 某地址訪問Blast虛假空投網站損失約71.78萬美元 https://www.panewslab.com/zh_hk/sqarticledetails/46vc4r84Ft.html 發展中的比特幣反映了那些問題 https://www.ctee.com.tw/news/20240302700028-439901 安全公司：Shido Netwrok安全事件損失已升至320萬美元 https://www.panewslab.com/zh_hk/sqarticledetails/5p5t7ixpFt.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Mandiant、Sophos示警ConnectWise ScreenConnect漏洞遭部署勒索軟體 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10957 建準公布2月19日遭遇加密攻擊事故後續處理狀況，坦承技術人員電腦檔案遭加密，恐有資料外洩風險 https://www.ithome.com.tw/news/161561 開源RAT木馬程式Xeno上架GitHub，恐成為駭客利用的作案工具 https://www.cyfirma.com/outofband/xeno-rat-a-new-remote-access-trojan-with-advance-capabilities/ 機器學習模型共享平臺Hugging Face出現100個惡意模型，若下載使用電腦恐被植入後門 https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/ Ubiquiti路由器遭俄羅斯駭客組織APT28濫用，而得以建置殭屍網路，目的是隱匿攻擊行動 https://www.ic3.gov/Media/News/2024/240227.pdf 電玩業者Epic Games傳出遭勒索軟體駭客組織Mogilevich入侵，遭到該公司否認 https://www.cyberdaily.au/culture/10241-fortnite-game-dev-epic-games-allegedly-hacked https://www.bleepingcomputer.com/news/security/epic-games-zero-evidence-we-were-hacked-by-mogilevich-gang/ https://twitter.com/EpicNewsroom/status/1762864647445901578 https://twitter.com/LawrenceAbrams/status/1762576389373325757 研究人員證實勒索軟體駭客組織LockBit重出江湖，使用新的作案工具犯案 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-returns-to-attacks-with-new-encryptors-servers/ 執法單位聲稱掌握了勒索軟體駭客組織LockBit的管理員，幾天後傳出該組織捲土重來，宣稱攻擊目標鎖定政府機關 https://twitter.com/vxunderground/status/1761031957104750864 https://twitter.com/vxunderground/status/1761491834436476937 https://securityaffairs.com/159584/cyber-crime/lockbit-gang-resumed-raas.html 北韓駭客Lazarus上傳惡意PyPI套件，意圖散布惡意軟體Comebacker https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html 德國消費者保護團體傳出遭勒索軟體攻擊，電話與電子郵件通訊受到影響 https://www.verbraucherzentrale-hessen.de/pressemeldungen/verbraucherzentrale/hackerangriff-auf-verbraucherzentrale-hessen-92732 伊朗駭客組織Charming Kitten鎖定中東人士散布後門Basicstar https://www.volexity.com/blog/2024/02/13/charmingcypress-innovating-persistence/ 已終止維護的CMS編輯器FCKeditor遭到濫用，對政府機關與教育單位網站進行SEO中毒攻擊 https://www.bleepingcomputer.com/news/security/hackers-exploit-14-year-old-cms-editor-on-govt-edu-sites-for-seo-poisoning/ 惡意程式載入工具Idat被用於散布RAT木馬Remcos https://blog.morphisec.com/unveiling-uac-0184-the-remcos-rat-steganography-saga 殭屍網路Lucifer鎖定Apache Hadoop伺服器、Druid資料庫而來 https://www.aquasec.com/blog/lucifer-ddos-botnet-malware-is-targeting-apache-big-data-stack/ 殭屍網路病毒Glupteba透過UEFI Bootkit迴避偵測 https://unit42.paloaltonetworks.com/glupteba-malware-uefi-bootkit/#post-132484-_9pnlcgdp770l 惡意程式TicTacToe Dropper竊取Windows電腦資料，並植入其他作案工具 https://www.fortinet.com/blog/threat-research/tictactoe-dropper StopRansomware: Blackcat https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders https://thehackernews.com/2024/02/us-offers-15-million-bounty-to-hunt.html Dormant PyPI Package Compromised to Spread Nova Sentinel Malware https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html LockBit Ransomware Group Resurfaces After Law Enforcement Takedown https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html Authorities Claim LockBit Admin "LockBitSupp" Has Engaged with Law Enforcement https://thehackernews.com/2024/02/authorities-claim-lockbit-admin.html New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub https://thehackernews.com/2024/02/open-source-xeno-rat-trojan-emerges-as.html 惡意程式Gtpdoor鎖定電信業者而來，透過GPRS網路進行控制 https://doubleagent.net/telecommunications/backdoor/gtp/2024/02/27/GTPDOOR-COVERT-TELCO-BACKDOOR GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html New Backdoor Targeting European Officials Linked to Indian Diplomatic Events https://thehackernews.com/2024/02/new-backdoor-targeting-european.html 北韓駭客Lazarus釋出惡意PyPI套件，意圖散布惡意軟體Comebacker https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion https://thehackernews.com/2024/03/new-bifrose-linux-malware-variant-using.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊研究人員揭露蘋果自動化流程應用程式Shortcuts高風險漏洞細節 https://www.bitdefender.com/blog/labs/details-on-apples-shortcuts-vulnerability-a-deep-dive-into-cve-2024-23204/ Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage https://thehackernews.com/2024/02/apple-unveils-pq3-protocol-post-quantum.html 安卓木馬VajraSpy透過Google Play市集散布 https://www.welivesecurity.com/en/eset-research/vajraspy-patchwork-espionage-apps/ 以色列商業間諜公司NSO Group利用WhatsApp漏洞，利用多媒體簡訊指紋追蹤用戶 https://www.hackread.com/israeli-nso-group-mms-fingerprint-attack-whatsapp/ https://files.lbr.cloud/316009/whatsapp-fb-v-NSO-group.pdf https://www.enea.com/insights/dusting-off-old-fingerprints-nso-groups-unknown-mms-hack/ 高中「不務正業」解出LINE漏洞，駭客少年如何闖蕩大學 https://www.cheers.com.tw/article/article.action?id=5102904 指紋辨識末日？只需滑螢幕聲，就能推斷指紋型樣 https://infosecu.technews.tw/2024/02/29/phone-swipe-sounds-can-capture-fingerprints-us-china-research-shows/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力翁浩正：資安人才如何自「證」實力 https://www.wealth.com.tw/articles/7668c4d8-67e4-4068-9a7d-dd62b456c59e 點完手搖茶一抬頭…螢幕驚見「情色片」超尷尬　業者：疑遭駭已報警 https://ctinews.com/news/items/rbW45KljaL 黑客入侵？「奈雪的茶」店內螢幕竟播色情AV片　男顧客立即這樣做 https://www.hk01.com/article/995948 LOL／LCK頻遭駭客攻擊！Faker暖心向粉絲致意 ShowMaker原地開睡 https://tech.udn.com/tech/story/123158/7800157?from=udn-indexnewnews_ch1024 「黑貓」駭客攻擊 UnitedHealth，美國醫療系統受連鎖影響 https://statementdog.com/news/4709 紐時告侵權 OpenAI反控聘駭客生成誤導性證據 https://reurl.cc/M4gg2W OpenAI主張紐時「駭進」ChatGPT 製造訴訟證據應予駁回 https://www.wantgoo.com/news/1180314 微軟表示多國駭客正利用ChatGPT增進網路攻擊功力，解決之道 https://www.ptt.cc/bbs/Tech_Job/M.1709058167.A.734.html 數位防禦報告揭全球駭客攻擊熱區！台灣位居亞太第二 https://web.bc3ts.net/post/6089470 鎖定全球選舉的惡意網路活動升溫 https://www.resecurity.com/blog/article/global-malicious-activity-targeting-elections-is-skyrocketing 僅要價2美元的Deepfake欺騙性內容恐對選舉帶來影響 https://blog.checkpoint.com/security/digital-deception-at-the-ballot-box-the-shadow-machinery-of-election-manipulation-how-deepfake-technology-threatens-the-2024-u-s-elections/ 美國政府呼籲開發人員改用記憶體安全的程式語言 https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf PCB廢液處理業者昶昕部分資訊系統遭到網路攻擊，初步評估對公司運作無重大影響 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=170427&SPOKE_DATE=20240226&COMPANY_ID=8438 加拿大皇家騎警遭遇網路攻擊，強調並未影響業務及民眾安全 https://www.cbc.ca/news/politics/cybersecurity-breach-rcmp-1.7123787 歐洲政府機關遭到鎖定，駭客利用印度外交活動為誘餌，散布後門程式WineLoader https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader 中國駭客組織利用Ivanti Connect Secure漏洞從事攻擊行動，恐針對美國、日本、亞太地區國防工業及電信機構而來 https://www.mandiant.com/resources/blog/investigating-ivanti-exploitation-persistence 中東航空、航太、國防業者遭到伊朗駭客組織UNC1549鎖定 https://www.mandiant.com/resources/blog/suspected-iranian-unc1549-targets-israel-middle-east 德國、韓國提出警告，北韓駭客針對全球國防單位從事網路間諜行動 https://www.verfassungsschutz.de/SharedDocs/publikationen/DE/cyberabwehr/2024-02-19-joint-cyber-security-advisory-englisch.pdf?__blob=publicationFile&v=2 鋼鐵供應商ThyssenKrupp傳出遭到網路攻擊，汽車部門關閉IT系統因應 https://www.bleepingcomputer.com/news/security/steel-giant-thyssenkrupp-confirms-cyberattack-on-automotive-division/ 中國公安部拖欠薪水遭成員揭露！東窗事發都要繼續向全世界發動攻擊 https://www.youtube.com/watch?v=uI1J_iVBj4Q 特勤局：中國駭客竊取疫情紓困金達2000萬美元 https://www.lvcnn.com/vegaschinese/news.php?id=42461 匈牙利駭客從流行的外國連鎖店竊取了數十億美元 https://reurl.cc/E4yyx1 澳大利亞情報局長指控政客向外國間諜出賣國家劍指誰 https://reurl.cc/09GGGA 為古巴從事間諜活動逾40年前美國大使羅查將認罪 https://www.cna.com.tw/news/aopl/202403010212.aspx 歐再踩中共紅線美反擊數位冷戰 https://www.epochtimes.com/b5/24/3/1/n14192666.htm 中共網絡間諜活動猖獗美時政專家籲刪掉中國軟件 https://www.soundofhope.org/post/796474?lang=b5 New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories https://thehackernews.com/2024/03/github-rolls-out-default-secret.html President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations https://thehackernews.com/2024/02/president-biden-blocks-mass-transfer-of.html Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks https://thehackernews.com/2024/02/cybercriminals-weaponizing-open-source.html CERT-EU發布2023年威脅態勢報告！這些網路攻擊正瞄準歐盟機構 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10955 Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS https://thehackernews.com/2024/02/mustang-panda-targets-asia-with.html Russian Government Software Backdoored to Deploy Konni RAT Malware https://thehackernews.com/2024/02/russian-government-software-backdoored.html Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors https://www.mandiant.com/resources/blog/suspected-iranian-unc1549-targets-israel-middle-east Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html North Korean Hackers Targeting Developers with Malicious npm Packages https://thehackernews.com/2024/02/north-korean-hackers-targeting.html Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全中華電信傳出資料外洩，我國國安單位內部資料流入暗網 https://www.ithome.com.tw/news/161562 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=124334&SPOKE_DATE=20240229&COMPANY_ID=2412 https://news.tvbs.com.tw/politics/2409149 暗網兜售又一樁！中華電信機敏資料遭外洩電路圖竟是總統官邸對面 https://reurl.cc/M4ggVv 機敏資料遭駭中華電：啟動資安防禦並調查 https://www.rti.org.tw/news/view/id/2197354 海軍海巡外交部等相關機敏資料疑遭駭中華電：調查釐清外洩原因 https://www.cna.com.tw/news/afe/202402290157.aspx 說明中華電疑似資訊外流事件 https://reurl.cc/WRgg2x 竊資軟體Atomic Stealer鎖定Safari的cookie、加密貨幣錢包而來 https://www.bitdefender.com/blog/labs/when-stealers-converge-new-variant-of-atomic-stealer-in-the-wild/ AI影片編輯平臺Cutout.Pro驚傳資料外洩，2千萬會員個資流入駭客論壇 https://www.bleepingcomputer.com/news/security/20-million-cutoutpro-user-records-leaked-on-data-breach-forum/ 知名品牌及組織8千個棄置網域、1.3萬個子網域遭到挾持，被用於發送垃圾郵件及從事網釣攻擊 https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 利用外流的合法帳密是駭客偏好入侵目標組織的管道 https://newsroom.ibm.com/2024-02-21-IBM-Report-Identity-Comes-Under-Attack,-Straining-Enterprises-Recovery-Time-from-Breaches 中國資安業者安洵信息內部資料公開，透露該公司對臺灣在內逾20個國家從事網路間諜行動 https://www.ithome.com.tw/news/161454 https://www.washingtonpost.com/world/2024/02/21/china-hacking-leak-documents-isoon/ https://cyberscoop.com/isoon-chinese-apt-contractor-leak/ 中國資安公司安洵文件外洩揭北京網攻台灣、監控海外社群 https://www.cna.com.tw/news/aopl/202402270376.aspx 「滲透台.港大學」中國資安公司文件外洩揭網攻台灣 https://reurl.cc/VNggnA 安洵文件外洩專家：顯示中國市級公安也僱駭客 https://reurl.cc/D477Mj 不只竊密中共僱駭客施壓異己 https://www.epochtimes.com/b5/24/2/29/n14191898.htm 觀點投書：安洵信息公司文件洩密案是中國版的史諾登事件 https://www.storm.mg/article/5034365 安洵洩漏文件掀出中國招攬駭客內幕 https://www.pourquoi.tw/intlnews-neasia-240301-1/ 台灣遭駭客攻擊：敏感數據被竊未點名中國 https://reurl.cc/E4yMeK 惡劣！《六人行》馬修派瑞 X (推特)遭駭，偷埋加密貨幣釣魚詐騙連結 https://www.blocktempo.com/crypto-scammers-hack-matthew-perry-x-account/ 中諜共犯法商恐洩拉法葉艦資料 https://taiwandaily.net/%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E/6352/ 拜登擬簽署行政命令防止美國公民個資流向中俄 https://www.cna.com.tw/news/aopl/202402280282.aspx 最容易上鉤的Web3詐騙》Google加密貨幣釣魚廣告猖獗，如何自保 https://www.blocktempo.com/how-phishing-scams-work-on-google-search/ Beosin：2月Web3生態因駭客攻擊、釣魚詐騙和Rug Pull造成的總損失達4.22億美元 https://www.panewslab.com/zh_hk/sqarticledetails/hw22q58qFt.html 5萬現金親手奉上理財作家被「中情局特工」詐騙 https://www.worldjournal.com/wj/story/122985/7801276 駭客聲稱成功攻擊Epic Games取得近200GB資料，專家建議Epic Games會員盡快更新密碼 https://www.techbang.com/posts/113475-epic-games-200gb Facebook 帳號被駭一週後取回的心得感想 https://tigercosmos.xyz/post/2024/03/security/facebook-hack/ FTC Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data https://thehackernews.com/2024/02/ftc-slams-avast-with-165-million-fine.html 8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users https://thehackernews.com/2024/02/timbrestealer-malware-spreading-via-tax.html E.研究報告/工具就怕不知不覺！企業組織如何防禦「寄生攻擊」 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10956 NIST網路安全框架2.0正式推出 https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework 研究人員揭露蘋果自動化流程應用程式Shortcuts高風險漏洞細節 https://www.bitdefender.com/blog/labs/details-on-apples-shortcuts-vulnerability-a-deep-dive-into-cve-2024-23204/ 專攻資安的白帽駭客帶你看懂：暗網是什麼 https://glarity.app/youtube-summary/science-technology/A-white-hat-hacker-who-specializes-13865604_109768 Ponagochi：Wi-Fi破解道德駭客 | Ashcat工具密碼破解實驗 https://glarity.app/zh-TW/youtube-summary/science-technology/hacking-wifi-networks-in-seconds-with-11355254_1210265 備份上雲享防護優勢　結合防毒確保備份可乾淨還原強化資料安全可用性　第一時間防堵勒索 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/9E7E18E02AE84043A66F00FFD32962B8 陳子榕分析師:AI時代凸顯資安重要性 https://www.estock.com.tw/author/article?id=232 為何全球網路安全日在今日的重要性超過以往 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000685817_XHK9JPS00FMII18M8H0E5 A New Age of Hacktivism https://thehackernews.com/2024/02/a-new-age-of-hacktivism.html The Slingshot https://s3-eu-west-1.amazonaws.com/khub-media/wp-content/uploads/sites/43/2018/03/09133534/The-Slingshot-APT_report_ENG_final.pdf 6 Ways to Simplify SaaS Identity Governance https://thehackernews.com/2024/02/6-ways-to-simplify-saas-identity.html How to Use Tines's SOC Automation Capability Matrix https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html Three Tips to Protect Your Secrets from AI Accidents https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html From Alert to Action: How to Speed Up Your SOC Investigations https://thehackernews.com/2024/02/from-alert-to-action-how-to-speed-up.html Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html How to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROI https://thehackernews.com/2024/02/why-risk-based-approach-to.html 4 Instructive Postmortems on Data Downtime and Loss https://thehackernews.com/2024/03/4-instructive-postmortems-on-data.html F.商業微軟推新工具PyRIT主動識別生成式AI風險 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10949 Microsoft Releases PyRIT - A Red Teaming Tool for Generative AI https://thehackernews.com/2024/02/microsoft-releases-pyrit-red-teaming.html 微軟針對生成式AI推出自動化紅隊演練工具PyRIT https://www.microsoft.com/en-us/security/blog/2024/02/22/announcing-microsofts-open-automation-framework-to-red-team-generative-ai-systems/ Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies https://thehackernews.com/2024/02/microsoft-expands-free-logging.html Check Point 揭全面安全平台搭配首代資安助理 Infinity AI Copilot https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10946 報告：專用的混合網狀防火牆解決方案需求升溫！ https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10947 Akamai Connected Cloud打造分散式雲　開創連結新境界 https://n.yam.com/Article/20240301695383 能「自我銷毀」的Ovrdrive隨身碟，可將快閃記憶體晶片加熱到100度 https://www.techbang.com/posts/113123-ovrdrive-uuu-with-its-data-hiding-and-overheating-self G.政府金管會九大計畫防詐列重點 https://money.udn.com/money/amp/story/5613/7803393 數位發展部推動反詐不力 https://www.kocpc.com.tw/archives/536419 政院通過修正草案數位簽章同親簽 https://udn.com/news/story/7238/7801153 逾20年未修！政院通過「電子簽章法」修正草案 https://news.ttv.com.tw/news/11302290035000L 電子簽章法擬修法！網路廣告需驗證數位簽章 https://reurl.cc/RWggge 藍委提電子簽章法版本緩衝期一年 https://www.epochtimes.com/b5/24/3/1/n14192661.htm 行政院通過電子簽章法修正草案，未來數位簽章等同本人親簽，若條件符合可與國外相互承認數位簽章 https://www.ithome.com.tw/news/161552 數位部擬推平台上架投資廣告驗數位簽章盼減少詐騙與人頭帳號 https://www.cna.com.tw/news/afe/202402290256.aspx 推網路廣告驗證數位簽章唐鳳：等同印鑑證明從源頭防詐 https://www.rti.org.tw/news/view/id/2197367 調查局資通處大火查無人員疏失北檢簽結 https://reurl.cc/37WEvV H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安供應鏈及OT資安威脅影響美國港口運輸基礎設施安全 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10953 貼牌的中國製智慧門鈴內含安全漏洞 https://www.ithome.com.tw/news/161567 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://buzzorange.com/techorange/forum/2024h1-cybersecurity-combat-exercise/ 資安事件調查與實務分析 2024/3/6（三） https://docs.google.com/forms/d/1bO_IhZ9gxZ-nFNGVva7ZfRWyX5B3n-sKEdW6nkPtj50/edit .NET / Java 安全程式開發達人集訓班（高雄場） 2024/3/6 ~ 2024/3/8 https://www.accupass.com/event/2401100307112987621850 【免費活動】資安技術實作坊：系統網路安全 2024/3/8 https://acsiacad.kktix.cc/events/wsmar 線上資安人力需求對談-智慧製造產業 2024/3/9 https://isipevent.kktix.cc/events/ff6f2146-copy-1 【安碁學苑】資安技術人才培育｜實戰培訓首發班 2024/3/11 ~ 2024/3/29 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-2 2024 Jamf 年度合作夥伴招募大會 The Journey to Trusted Access 2024/3/14 https://jamf.kktix.cc/events/partner2024 《線上研討會》【數位｜低碳｜人才永續】讓訓練成效看得見・引領企業迎戰大未來 2024/3/14 https://www.accupass.com/event/2402270324454567085500 網路通信產業跨域資安人力高峰論壇 2024/3/15 https://isipevent.kktix.cc/events/f2ce8bcc-copy-5 DEVCORE CONFERENCE 2024 2024/3/16 https://devcore.kktix.cc/events/devcoreconf2024 【企業資安講堂】資安教育免費線上課程 2024/3/19 ~ 2024/11/19 https://acercsi.kktix.cc/events/2024csr 黑客視角：網站漏洞挖掘與防禦 2024/3/20 https://docs.google.com/forms/d/1OGcXzbo2vG9_DU5oQ9DCAF2zWJtewqrd4OM28zdatw4/edit 全方位資安防護與案例分享研討會 2024/3/20 https://www.tcsp.org.tw/active_detail.php?id=231 Comodo 打造無駭企業！阻擋未知攻擊 2024/3/21 https://www.accupass.com/event/2402191141192078649686 社團法人台灣駭客協會 113 年度會員春酒 2024/3/27 https://hitcon.kktix.cc/events/hit-banquet-113 Jamf 與 Microsoft 的最佳實踐：從 Apple 到多平台的裝置管理與安全 2024/3/29 https://jamf.kktix.cc/events/jamfxmicrosoft 中區(實體)--校園資安作業與外部審查實務 2024/4/8 https://tp2rc.tanet.edu.tw/node/790 資安稽核實務 2024/4/11-2024/4/12 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X22536 資通安全概論--中區--考前複習班 2024/6/4 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X22767 AI應用系統開發與生成式AI應用人才培訓班第一梯次 2024/6/27 ~ 2024/8/9 https://www.accupass.com/event/2401100729511706489107