資安事件新聞週報 2023/11/06 ~ 2023/11/10

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/11/06 ~ 2023/11/10 1.重大弱點漏洞/後門/Exploit/Zero Day PAN-OS 的預設裝置憑證和預設根憑證將於 2023 年 12 月 31 日到期 https://www.reddit.com/r/paloaltonetworks/comments/17ptnyg/panos_certificate_expiration_dec_31st/?rdt=55010 F5 BIG-IP 存在安全性弱點 https://my.f5.com/manage/s/article/K000137353 Cisco發佈 Cisco Firepower Management Center Software 安全更新 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN 趨勢科技示警微軟 Exchange的四個零日漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10788 勒索軟體TellYouThePass針對Apache ActiveMQ重大漏洞下手 https://arcticwolf.com/resources/blog/tellmethetruth-exploitation-of-cve-2023-46604-leading-to-ransomware/ Suspected Exploitation of Apache ActiveMQ CVE-2023-46604 https://www.rapid7.com/blog/post/2023/11/01/etr-suspected-exploitation-of-apache-activemq-cve-2023-46604/ 駭客組織Kising對雲端環境下手，利用的近期Linux漏洞發動攻擊 https://blog.aquasec.com/loony-tunables-vulnerability-exploited-by-kinsing 勒索軟體駭客Clop鎖定IT服務需求處理系統SysAid零時差漏洞下手 https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/ http://twitter.com/msftsecintel/status/1722444141081076219 https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification SysAid On-Prem Software CVE-2023-47246 Vulnerability https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification QRadar: Upgrade path information for the transition to Red Hat Enterprise 8 https://www.ibm.com/support/pages/node/7051316?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E Looney Tunables Vulnerability Exploited by Kinsing https://blog.aquasec.com/loony-tunables-vulnerability-exploited-by-kinsing Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now https://thehackernews.com/2023/11/critical-flaws-discovered-in-veeam-one.html CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html 時隔八年！漏洞嚴重等級評分標準 CVSS 4.0版本正式發佈 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10782 IT監控解決方案Veeam ONE存在重大漏洞，攻擊者可遠端執行任意程式碼 https://www.veeam.com/kb4508 研究人員揭露Exchange零時差漏洞，有可能被用於遠端執行任意程式碼、洩露敏感資訊 https://www.bleepingcomputer.com/news/microsoft/new-microsoft-exchange-zero-days-allow-rce-data-theft-attacks/ 2.銀行/金融/保險/證券/金融監理新聞及資安金融科技發展路徑圖2.0公佈　遭疑資安、個資與AI法規尚未到位？兩專家重點建議 https://www.upmedia.mg/news_info.php?Type=252&SerialNo=186583 俄羅斯銀行Sberbank傳出遭遇大規模DDoS攻擊 https://securityaffairs.com/153888/hacking/russian-bank-sberbank-massive-ddos-attack.html F-ISAC會員情資分享全國農業金庫獲特優 https://www.chinatimes.com/newspapers/20231110000396-260210?chdtv 中國工商銀行遭駭客攻擊，還導致美國公債市場交易中斷 https://infosecu.technews.tw/2023/11/10/lockbit-icbc/ 工銀美國子企成黑客勒索對象　擾亂美國國債市場交易 https://reurl.cc/Zyo7x6 第一銀行榮獲數位金融獎「數位資訊安全優質獎」 https://reurl.cc/r6V8mE 中壽資安治理獲SGS IT Awards殊榮 https://money.udn.com/money/story/5636/7555226 防盜刷發卡行簡訊三機制上路 https://reurl.cc/E1vzOn 新版金融上雲規定上路微軟助金融業安全合規迎接 AI 時代 https://news.microsoft.com/zh-tw/fsc-ms/ 金融上雲有資安風險！文曄 MCU 硬體加密、A10 下一代 DDoS 防護因應 https://infosecu.technews.tw/2023/11/07/financial-cloud/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安防行動支付盜綁盜刷　國際3大Pay限本人號碼 https://www.cardu.com.tw/news/detail.php?50080 法律觀點－第三方支付和電子支付的合縱連橫 https://wantrich.chinatimes.com/news/20231109900430-420101 如何在日本使用街口支付 https://www.techbang.com/posts/110844-how-to-use-jiekou-pay-in-japan 電子支付繳保費留意4限制 https://www.chinatimes.com/newspapers/20231108000380-260208?chdtv 成長目標獲認可，荷蘭支付商 Adyen 股價飆近四成 https://finance.technews.tw/2023/11/10/adyen-lowers-mid-term-sales-target/ 中國行動支付普遍台資銀行推預約開戶快速綁定 https://www.cna.com.tw/news/acn/202310260239.aspx 「TWQR」啟動一個QR Code完成所有行動支付 https://reurl.cc/A0l8xZ 信用卡遭綁百貨App支付盜刷，銀行局：研議強化綁卡機制 https://reurl.cc/8NVn1b 南韓無現金業務擬擴海外行動支付業者百家爭鳴 https://reurl.cc/l7Od3l 支付系統琳瑯滿目！整合「電子支付」里程碑 https://news.tvbs.com.tw/life/2300026 搶攻市占率歐付寶電子支付推出商戶新專案 https://money.udn.com/money/story/5613/7516234 電子支付業者未確認刷卡本人使用金管會開罰200萬元 https://reurl.cc/1GW4r9 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html 中國法院網發布盜竊數字藏品雙重屬性的規範評價，盜竊NFT以盜竊罪論處量刑 https://news.cnyes.com/news/id/5375560?exp=a 孫宇晨出事了！旗下Poloniex交易所傳遭駭2,500萬美元，熱錢包幾乎榨乾 https://www.blocktempo.com/poloniex-exchange-reportedly-suffered-a-25-million-hack/ Block比特幣營收/財測夯、行動支付勁揚盤後飆 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=431a03ec-dae9-4738-b8e0-aa1db84c4d9b 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 勒索軟體駭客透過第三方供應商，攻擊賭場伺服器 https://www.ic3.gov/Media/News/2023/231108.pdf 日本航空電子公司證實遇勒索軟體攻擊，BlackCat聲稱是他們所為 https://www.securityweek.com/japan-aviation-electronics-targeted-in-ransomware-attack/ 惡意軟體BlazeStealer透過PyPI套件散布，讓駭客對開發人員的電腦進行各式攻擊行動 https://checkmarx.com/blog/python-obfuscation-traps/ 北韓駭客BlueNorOff鎖定Mac電腦，散布惡意軟體ObjCShellz https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/ 惡意程式GootLoader出現變種，駭客透過WordPress網站下達攻擊命令 https://securityintelligence.com/x-force/gootbot-gootloaders-new-approach-to-post-exploitation/ 惡意程式載入器SecuriDropper繞過新版安卓防護機制部署惡意程式 https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions 勒索軟體Cerber利用Atlassian Confluence重大漏洞發動攻擊 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-bug-exploited-in-cerber-ransomware-attacks/ https://twitter.com/Andrew___Morris/status/1721164901052268590 https://www.rapid7.com/blog/post/2023/11/06/etr-rapid7-observed-exploitation-of-atlassian-confluence-cve-2023-22518/ 惡意程式載入器SecuriDropper繞過新版安卓防護機制部署惡意程式 https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions 惡意NuGet套件濫用MSBuild元件部署惡意程式 https://www.reversinglabs.com/blog/iamreboot-malicious-nuget-packages-exploit-msbuild-loophole 上萬臺電腦遭殭屍網路Socks5Systemz擺布，被用於提供駭客代理伺服器之用 https://www.bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey Malvertiser copies PC news site to deliver infostealer https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel https://www.deepinstinct.com/blog/muddyc2go-latest-c2-framework-used-by-iranian-apt-muddywater-spotted-in-israel MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html MuddyWater eN-Able spear-phishing with new TTPs https://www.deepinstinct.com/blog/muddywater-en-able-spear-phishing-with-new-ttps FastViewer Variant Merged with FastSpy and disguised as a Legitimate Mobile Application https://medium.com/s2wblog/fastviewer-variant-merged-with-fastspy-and-disguised-as-a-legitimate-mobile-application-f3004588f95c Popping Blisters for research: An overview of past payloads and exploring recent developments https://research.nccgroup.com/2023/11/01/popping-blisters-for-research-an-overview-of-past-payloads-and-exploring-recent-developments/ New DarkGate Variant Uses a New Loading Approach https://www.netskope.com/blog/new-darkgate-variant-uses-a-new-loading-approach Nitrogen Campaign 2.0: Reloads with Enhanced Capabilities https://www.esentire.com/blog/nitrogen-campaign-2-0-reloads-with-enhanced-capabilities-leading-to-alphv-blackcat-ransomware Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey https://www.bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey 竊資軟體Jupyter Infostealer使用帶有數位簽章的私鑰，企圖迴避資安系統的偵測 https://blogs.vmware.com/security/2023/11/jupyter-rising-an-update-on-jupyter-infostealer.html Jupyter Rising: An Update on Jupyter Infostealer https://blogs.vmware.com/security/2023/11/jupyter-rising-an-update-on-jupyter-infostealer.html New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics https://thehackernews.com/2023/11/new-jupyter-infostealer-version-emerges.html SideCopy’s Multi-platform Onslaught: Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT https://www.seqrite.com/blog/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat/?web_view=true Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices https://www.sentinelone.com/labs/arid-viper-apts-nest-of-spyc23-malware-continues-to-target-android-devices/ Predator AI | ChatGPT-Powered Infostealer Takes Aim at Cloud Platforms https://www.sentinelone.com/labs/predator-ai-chatgpt-powered-infostealer-takes-aim-at-cloud-platforms/ Mac Malware - North Korea per JAMF Report https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/ D0nut encrypt me, I have a wife and no backups https://research.nccgroup.com/2023/11/06/d0nut-encrypt-me-i-have-a-wife-and-no-backups/ Visual Examples of Code Injection https://isc.sans.edu/diary/rss/30388 StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices https://thehackernews.com/2023/11/stripedfly-malware-operated-unnoticed.html NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads https://thehackernews.com/2023/11/nodestealer-malware-hijacking-facebook.html Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws https://thehackernews.com/2023/11/experts-warn-of-ransomware-hackers.html BlueNoroff strikes again with new macOS malware https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/ N. Korea's BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware https://thehackernews.com/2023/11/n-korean-bluenoroff-blamed-for-hacking.html New GootLoader Malware Variant Evades Detection and Spreads Rapidly https://thehackernews.com/2023/11/new-gootloader-malware-variant-evades.html Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Google發布11月安卓更新，修補37個漏洞 https://source.android.com/docs/security/bulletin/2023-11-01 Bypassing Android 13 Restrictions with SecuriDropper https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions 間諜軟體CaneSpy透過竄改的即時通訊軟體WhatsApp散布 https://securelist.com/spyware-whatsapp-mod/110984/ 有人濫用滲透測試裝置Flipper Zero對iPhone展開攻擊 https://arstechnica.com/security/2023/11/flipper-zero-gadget-that-doses-iphones-takes-once-esoteric-attacks-mainstream/ 冒牌Ledger Live應用程式進駐Microsoft Store市集，竊得76.8萬美元 https://www.bleepingcomputer.com/news/security/fake-ledger-live-app-in-microsoft-store-steals-768-000-in-crypto/ https://twitter.com/zachxbt/status/1720961400313373127 https://www.reddit.com/r/cryptocurrencyhacks/comments/17n6hgu/just_lost_my_life_savings_26500_of_crypto_from_my/ Fake Ledger Live app in Microsoft Store steals $768,000 in crypto https://www.bleepingcomputer.com/news/security/fake-ledger-live-app-in-microsoft-store-steals-768-000-in-crypto/ Google Play Store Highlights 'Independent Security Review' Badge for VPN Apps https://thehackernews.com/2023/11/google-play-store-introduces.html CanesSpy Spyware Discovered in Modified WhatsApp Versions https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 2023台灣資安通報應變年會研討資安議題開放線上參與 https://reurl.cc/E1vz5K 勤業眾信：制定全方位策略與雲端安全防護嚴防資安事件 https://www.ctee.com.tw/news/20231109701360-430103 樂高市集BrickLink被迫關閉，傳出賣家收到勒索訊息 https://jaysbrickblog.com/news/bricklink-is-currently-down-due-to-a-suspected-hacking-cybersecurity-incident/ https://www.reddit.com/r/Bricklink/comments/17n24zi/has_bricklink_been_hacked/ https://twitter.com/BrickLink/status/1721279577262043605 https://www.reddit.com/r/Bricklink/comments/17n6mpq/public_service_announcement_regarding_bricklink/ 美國飛行員聯盟證實遭遇勒索軟體攻擊，部分系統已遭到加密 https://www.bleepingcomputer.com/news/security/american-airlines-pilot-union-hit-by-ransomware-attack/ 跨國聯鎖五金零售業者Ace Hardware系統遭遇網路攻擊，有駭客企圖騙取零售門市的帳號 https://www.bleepingcomputer.com/news/security/ace-hardware-says-1-202-devices-were-hit-during-cyberattack/ 大型語言模型ChatGPT服務中斷，起因是遭遇DDoS攻擊 https://www.bleepingcomputer.com/news/security/openai-confirms-ddos-attacks-behind-ongoing-chatgpt-outages/ https://status.openai.com/incidents/21vl32gvx3hb https://t.me/xAnonymousSudan/243 https://t.me/xAnonymousSudan/241 印度假反恐打壓言論自由媒體批政府反遭查稅或查封 https://news.pts.org.tw/article/666068 俄羅斯駭客組織「匿名蘇丹」稱其係ChatGPT攻擊的發動方 https://www.panews.io/zh_hk/sqarticledetails/z3e59uppFt.html 淪駭客攻擊火線台灣積極建構國家資安聯防體系 https://www.rti.org.tw/news/view/id/2186277 APEC「尹習會」有譜卻傳中國曾駭南韓政府竊情資 https://news.ebc.net.tw/news/world/390965 韓國外交部證實電子郵件系統遭攻擊，傳出是中國情報單位下手 https://www.cna.com.tw/news/aopl/202311090377.aspx 韓政府消息人士：中國去年1月黑客入侵韓國外交部郵件現總統棄用青瓦台疑與此有關 https://reurl.cc/Ryo1M9 南韓外交部電郵遭駭控攻擊來自中國安部 https://www.worldjournal.com/wj/story/121339/7565223 中共國安竊取韓國情資韓總統府搬遷有原因 https://www.ntdtv.com/b5/2023/11/10/a103821761.html 文在寅時期韓外交部4.5GB電郵外洩　韓媒：可能涉及中國 https://today.line.me/tw/v2/article/WBXJ0lv 文在寅遭「中國夢」騙了北京情報單位對韓下狠手 https://m.secretchina.com/news/b5/2023/11/10/1049179.html 中國駭客將基礎設施偽裝成雲端備份服務，鎖定柬埔寨政府而來 https://unit42.paloaltonetworks.com/chinese-apt-linked-to-cambodia-government-attacks/ U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown https://thehackernews.com/2023/11/us-treasury-targets-russian-money.html Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors https://thehackernews.com/2023/11/iranian-hackers-launches-destructive.html From Albania to the Middle East: The Scarred Manticore is Listening https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/ Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology 伊朗駭客Agrius鎖定以色列教育機構、科技產業而來，竊得資料後進行破壞 https://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors https://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors/ Chinese APT Targeting Cambodian Government https://unit42.paloaltonetworks.com/chinese-apt-linked-to-cambodia-government-attacks/ 印度政府機關遭到駭客組織SideCopy鎖定，利用WinRAR漏洞發動攻擊 https://thehackernews.com/2023/11/sidecopy-exploiting-winrar-flaw-in.html SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities https://thehackernews.com/2023/11/sidecopy-exploiting-winrar-flaw-in.html 證交所搶才董座林修銘喊出新人年薪近百萬 https://ec.ltn.com.tw/article/breakingnews/4485035 合庫擬招募108名金融人才起薪最高58k https://reurl.cc/3eQL0V 系統/網管/資安主管_順富集團(寶成合資) https://www.104.com.tw/job/85tqn?jobsource=googlejobs 技術工程類 - ESG(CSR)資安工程師【台北】 https://www.104.com.tw/job/85tiy?jobsource=googlejobs 資安工程師(技術研發)(Security Engineer, Product Security, OT Security)_台達研究院(台北) https://www.104.com.tw/job/85t4d?jobsource=googlejobs 資深系統資安工程師 https://www.104.com.tw/job/85tg1?jobsource=googlejobs 資安工程師 https://www.1111.com.tw/job/113001291/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全駭客透過企業臉書帳號發布惡意廣告，意圖散布惡意軟體NodeStealer https://www.bitdefender.com/blog/labs/nodestealer-attacks-on-facebook-take-a-provocative-turn-threat-actors-deploy-malvertising-campaigns-to-hijack-users-accounts/ 客戶資料外洩未重訊公告，丁丁連鎖藥妝通路遭罰15萬 https://ec.ltn.com.tw/article/breakingnews/4485327 俄羅斯大型保險業者Rosgosstrakh遭駭，駭客兜售400 GB內部資料 https://www.hackread.com/russia-insurer-rosgosstrakh-hacked-data-sold/ 以SIEM系統聞名的資安業者Sumo Logic傳出資料外洩，要求用戶重設API金鑰 https://www.sumologic.com/security-response-center/#eede153a-8f3f-4eff-858d-1b653eaff457 物流隱碼堵詐酷澎、蝦皮有意願加入 https://www.rti.org.tw/news/view/id/2186145 加拿大醫院IT系統管理服務業者TransForm遭遇勒索軟體攻擊，560萬筆病人資料流出 https://www.bleepingcomputer.com/news/security/transform-says-ransomware-data-breach-affects-267-000-patients/ 英國皇家郵政網站存在開放重新導向漏洞，有可能遭駭客用於網路釣魚攻擊 https://cybernews.com/security/royal-mail-open-redirect-flaw/ 電子大廠Kyocera美國分公司遭遇勒索軟體攻擊，近4萬人個資外洩 https://www.bleepingcomputer.com/news/security/kyocera-avx-says-ransomware-attack-impacted-39-000-individuals/ 微軟Microsoft Entra將部署MFA條件式存取政策，登入管理主控臺將強制啟用 https://www.ithome.com.tw/news/159698 新加坡濱海灣金沙旅館資料外洩，波及66.5萬名房客 https://www.bleepingcomputer.com/news/security/marina-bay-sands-discloses-data-breach-impacting-665-000-customers/ 印度發生史上規模最嚴重的資料外洩事件，醫療機構洩漏8.15億民眾個資 https://www.news18.com/india/indias-biggest-data-leak-so-far-covid-19-test-info-of-81-5cr-citizens-with-icmr-up-for-sale-exclusive-8637743.html Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/k/threat-actors-leverage-file-sharing-service-and-reverse-proxies-for-credential-harvesting/ioc-threat-actors-leverage-file-sharing-service-and-reverse-proxies-for-credential-harvesting.txt https://www.trendmicro.com/en_us/research/23/k/threat-actors-leverage-file-sharing-service-and-reverse-proxies.html Phishing PDF Files Downloading Malicious Packages https://asec.ahnlab.com/en/58660/ 10月下旬Okta客戶支援系統遭駭，該公司坦承有134個客戶資料外洩 https://www.bleepingcomputer.com/news/security/okta-breach-134-customers-exposed-in-october-support-system-hack/ Okta's Recent Customer Support Data Breach Impacted 134 Customers https://thehackernews.com/2023/11/oktas-recent-customer-support-data.html Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments https://thehackernews.com/2023/11/kinsing-actors-exploit-linux-flaw-to.html 今年9月QR Code釣魚攻擊爆增587% https://www.avanan.com/blog/the-rise-in-qr-code-attacks 身分驗證管理業者Okta對10月遭駭事件完成調查，134位客戶資料被洩漏 https://www.ithome.com.tw/news/159667 E.研究報告/工具加入「人」的因素，MITRE ATT&CK 資安框架最新版本V14發佈 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10784 研究人員揭露濫用Azure Automation服務的挖礦攻擊手法 https://www.safebreach.com/blog/cryptocurrency-miner-microsoft-azure 台灣專屬的「繁中」大型語言模型來了！Taiwan LLM 四大應用秀給你看 https://buzzorange.com/techorange/2023/11/10/taiwan-llm/ K8s安全合規工具Kubescape推出3.0大改版 https://www.helpnetsecurity.com/2023/11/07/kubescape-3-open-source-kubernetes-security/ Google行事曆被找出用作C2基礎架構的方法？有惡意程式開發者宣稱能辦到，引起駭客圈熱議 https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html Python obfuscation traps https://checkmarx.com/blog/python-obfuscation-traps/ Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally https://thehackernews.com/2023/11/predictive-ai-in-cybersecurity-outcomes.html Confidence in File Upload Security is Alarmingly Low. Why https://thehackernews.com/2023/11/confidence-in-file-upload-security-is.html Offensive and Defensive AI: Let's Chat(GPT) About It https://thehackernews.com/2023/11/offensive-and-defensive-ai-lets-chatgpt.html Guide: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html Experts Expose Farnetwork's Ransomware-as-a-Service Business Model https://thehackernews.com/2023/11/experts-expose-farnetworks-ransomware.html When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules https://thehackernews.com/2023/11/when-email-security-meets-saas-security.html The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html F.商業網際威信獲封2023數位沙盒競賽雙冠王 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10777 Gartner：攻擊面擴大，2027年45%的資安長職責範圍將擴展到網路安全之外 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10792 Check Point: 台灣為受攻擊次數最多的地區，明年八大網路安全趨勢預測 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10786 微軟推出「安全未來倡議」增強安全性 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10789 CyberArk推出雲端工作負載和服務存取保護新功能 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10779 為了讓企業能找出OPC UA組態不當及弱點，資安業者推出掃描工具OpalOPC https://www.securityweek.com/free-tool-helps-industrial-organizations-find-opc-ua-vulnerabilities/ Palo Alto Networks買下資料安全態勢管理新創Dig Security、企業安全瀏覽器新創Talon https://www.ithome.com.tw/news/159691 Palo Alto Networks 再度出手收購以色列資安公司 6.25 億美元買下 Talon Cyber Security https://netmag.tw/2023/11/10/palo-alto-62-5-million-acquisition-of-talon-cyber-security 微軟提出安全未來倡議，預告將翻修內部安全設計 https://www.ithome.com.tw/news/159624 https://blogs.microsoft.com/on-the-issues/2023/11/02/secure-future-initiative-sfi-cybersecurity-cyberattacks/ https://www.microsoft.com/en-us/security/blog/2023/11/02/announcing-microsoft-secure-future-initiative-to-advance-security-engineering/ 中保科躍中小企業資安服務首選攜手保華推「資安顧問服務」 https://reurl.cc/Y0o6Kx G.政府《資安法》實施五年首度大修法！主管機關啟動資安法修法程序 https://www.ithome.com.tw/news/159729 【盤點《資安法》修法草案重點1】將「禁用危害國家資通安全產品」規定法制化 https://www.ithome.com.tw/news/159731 【盤點《資安法》修法草案重點2】拉高特定非公務機關資安治理層級，依法設立資安長 https://www.ithome.com.tw/news/159734 【盤點《資安法》修法草案重點3】公務機關遇重大資安事件，資安署有權調度各機關資安人員支援 https://www.ithome.com.tw/news/159736 【盤點《資安法》修法草案重點4】將現行實務運作上的行政檢查，正式法制化 https://www.ithome.com.tw/news/159737 林佳龍：資安即國安政府重視資訊科技人才 https://news.pchome.com.tw/finance/cna/20231109/index-16995122012455518003.html 因應新型態犯罪　行政院修法增一調查局副局長　主責科技偵查 https://www.cmmedia.com.tw/home/articles/43390 助科技偵查、資安聯防及情資分享調查局增第三副局長 https://udn.com/news/story/7321/7562410 力保資安鄭文燦促落實政府資通訊機房公安管理 https://www.cna.com.tw/news/aipl/202311090404.aspx 打詐有成數位部：大型電商平台近月已未列為高風險 https://ec.ltn.com.tw/article/breakingnews/4484789 唐鳳「不用手滑手機」是為避免數位成癮　鄭麗文酸：用筆滑就不會 https://www.upmedia.mg/news_info.php?Type=24&SerialNo=186845 台北資訊月正式登場！數位產業署與資安院攜手 30 家業者，展示數位永續與資安韌性最新應用成果 https://buzzorange.com/techorange/2023/11/10/moda/ H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安威聯通揭露NAS作業系統的重大命令注入漏洞 https://www.bleepingcomputer.com/news/security/qnap-warns-of-critical-command-injection-flaws-in-qts-os-apps/ https://www.qnap.com/zh-tw/security-advisory/qsa-23-31 https://www.qnap.com/zh-tw/security-advisory/qsa-23-35 QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices https://thehackernews.com/2023/11/qnap-releases-patch-for-2-critical.html I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 MOPCON 2023 2023/11/11 ~ 2023/11/12 https://mopcon.kktix.cc/events/2023-students https://mopcon.kktix.cc/events/mopcon-2023 2023台灣資安通報應變年會 2023/11/14 https://twcert2023conference.kktix.cc/events/20031114 HITCON Carnival 2023 攻防演練論壇 & 賽況導覽 2023/11/14 https://hitcon.kktix.cc/events/hitcon-event-fcode-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512 HITCON Enteprise 2023/11/15 https://hitcon.org/2023/carnival/enterprise/ 訓練成效與轉移評量 2023/11/15 https://www.accupass.com/event/2309010250591550572730 Golang Taiwan Gathering #76 @交大資工 2023/11/16 https://www.meetup.com/golang-taipei-meetup/events/296578927/ 國泰天職學X職游｜How IT Works SMART 2023/11/18 https://www.accupass.com/event/2309190510226744374250?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 數位時代的民主：威脅與方案 2023/11/21 https://www.twsig.tw/20231121/ 2023 台灣智動化檢測驗證聯盟大會暨工業安全規範研討會 2023/11/22 https://www.accupass.com/event/2309200309193935682920?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 資安漏洞怎麼補？從認知、布局及端點防護談起(暫時) 2023/11/23 https://metashield.kktix.cc/events/5867ed48 【ACAD安碁學苑】上市上櫃公司資安策略及管控 2023/11/23 https://www.accupass.com/event/2310191642498549788800 High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 2023台北國際金融博覽會 2023/11/24 ~ 2023/11/26 https://www.accupass.com/event/2307200240122074808667 HITCON GIRLS 2023 Workshop 2023/11/25 ~ 2023/11/26 https://hitcon.kktix.cc/events/hitcongirlsworkshop2023 High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 資安防無懼一步到位 : Affordable SOC 有效強化企業核心資安防護力 2023/11/28 https://www.gss.com.tw/content-page/173-currcular/3599-2023-11-28 Flutter Meetup #8 2023/11/29 https://www.meetup.com/flutter-taipei/events/296465276/ Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 【Monosparta】②⓪②④ 第一梯次軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401