###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/2/6 ~ 2023/2/10 1.重大弱點漏洞/後門/Exploit/Zero Day F5 BIG-IP出現高風險漏洞，恐被用於阻斷服務或執行任意程式碼 https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html QNAP修復 NAS零日漏洞CVE-2022-27596 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10307 QNAP 產品 QTS 作業系統 QuTS 存在一個遠端程式碼執行弱點。 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27596 Cisco 近日發布更新以解決 Cisco IOx 的安全性弱點 https://www.cisa.gov/uscert/ncas/current-activity/2023/02/02/cisco-releases-security-advisories-multiple-products Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT https://thehackernews.com/2023/02/warning-hackers-actively-exploiting.html Atlassian's Jira Service Management Found Vulnerable to Critical Vulnerability https://thehackernews.com/2023/02/atlassians-jira-software-found.html OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework https://thehackernews.com/2023/02/hackers-exploit-vulnerabilities-in.html 開源加密程式庫OpenSSL出現類型混淆漏洞，恐招致阻斷服務攻擊 https://www.openssl.org/news/secadv/20230207.txt 開源加密通訊程式庫OpenSSH出現預先身分驗證漏洞 https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html OpenSSL Fixes Multiple New Security Flaws with Latest Update https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html Unpatched Security Flaws Disclosed in Multiple Document Management Systems https://thehackernews.com/2023/02/unpatched-security-flaws-disclosed-in.html Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices https://thehackernews.com/2023/02/critical-infrastructure-at-risk-from.html 財務管理應用程式Money Lover存在漏洞，恐曝露用戶的交易資料 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/money-lover-app-vulnerability-exposes-personal-info/ 檔案共享系統GoAnywhere零時差漏洞出現攻擊行動，廠商終於推出「緊急」修補程式 https://www.bleepingcomputer.com/news/security/actively-exploited-goanywhere-mft-zero-day-gets-emergency-patch/ 研究人員公布檔案共享系統GoAnywhere零時差漏洞的概念性驗證攻擊 https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html 檔案傳輸管理系統GoAnywhere存在零時差漏洞，恐被用於RCE攻擊 https://www.bleepingcomputer.com/news/security/goanywhere-mft-zero-day-vulnerability-lets-hackers-breach-servers/ 中國遠端桌面存取軟體漏洞遭到濫用，駭客用於自帶驅動程式攻擊 https://asec.ahnlab.com/en/47088/ VMware修補虛擬化軟體高風險漏洞 https://www.securityweek.com/high-severity-privilege-escalation-vulnerability-patched-in-vmware-workstation/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 陽信銀行網銀遭攻擊 疑離職員工惡搞警方追查 https://news.ltn.com.tw/news/society/breakingnews/4204015 金融與銀行業平均每週遭受 4,664 次網路攻擊，如何強化資安免疫系統 https://buzzorange.com/techorange/2023/02/08/cybersecurity-in-the-financial-services-industry/ 金融機構促進資安風險管控戰略和能力 https://reurl.cc/jlMo0D 合庫經理會議 揭櫫八大業務方向 https://ctee.com.tw/news/finance/805390.html 洩個資？銀行遭控索「Whoscall」資料核貸 https://reurl.cc/9Voa8d 金融業雲端服務 暗藏隱憂 https://ctee.com.tw/news/global/805346.html Tackling the New Cyber Insurance Requirements: Can Your Organization Comply https://thehackernews.com/2023/02/tackling-new-cyber-insurance.html 3.信用卡/電子支付/行動支付/pay/支付系統/資安 支付更便利！中華郵政：2/14起開辦Google Pay https://newtalk.tw/news/view/2023-02-09/856759 捐助土耳其 台銀網銀與行動支付、四大超商皆可 https://reurl.cc/n76AK6 查定課徵營業稅開徵 電子或行動支付可繳稅 https://wantrich.chinatimes.com/news/20230207900991-420501 歐付寶通過「APP無障礙開發指引」驗證　成為首家最友善支付APP https://www.cardu.com.tw/mpay/detail.php?40553 秀QR Code就有人付錢！日網紅成「最先進乞丐」 超狂鍊金術曝光 https://reurl.cc/LNjqEL 小稅猴「統一發票兌獎APP&行動支付 愛心頌」活動來囉！ https://www.etax.nat.gov.tw/etwmain/announcement/news/A25EP7l 電子支付和信用卡、第三方支付差在哪？哪個可買保險、基金？3大QA一次懂 https://reurl.cc/eXvARx 全支付背靠全聯、戰場卻在全聯外！林敏雄挖角街口大將，最難攻破的其實是 https://reurl.cc/V8plAR 一卡通Money玩轉交通、社群力！擴建數據中台精準行銷，串起「吸金密碼庫」 https://reurl.cc/n76AaD 公股銀拓展電支業務觸角 https://ctee.com.tw/news/finance/802089.html 全支付買基金出狠招！贖回、扣款一條龍　幕後推手曝「支援賺錢」祕方 https://finance.ettoday.net/news/2434698 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Trident Discord遭駭客攻擊後現已恢復 https://news.cnyes.com/news/id/5082023 控告比特幣、BCH 硬分叉侵權！法官裁定「澳本聰」敗訴 https://blockcast.it/2023/02/09/craig-wright-lost-a-claim-in-uk-to-protect-the-bitcoin-blockchain-by-copyright/ Fed、OCC 遭爆「追殺加密銀行」， Paxos否認：未被撤牌 https://www.blocktempo.com/massive-crypto-de-banking-operation-is-underway/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 勒索軟體ESXiArgs出現第二波攻擊，受害虛擬機器恐更難復原 https://www.bleepingcomputer.com/news/security/new-esxiargs-ransomware-version-prevents-vmware-esxi-recovery/ CISA提供勒索軟體ESXiArgs的自動化復原指令碼 https://www.bleepingcomputer.com/news/security/cisa-releases-recovery-script-for-esxiargs-ransomware-victims/ 利用2年前VMware ESXi漏洞的勒索軟體攻擊行動出現災情，數十家義大利組織受害、數百萬用戶無法上網 https://eandt.theiet.org/content/articles/2023/02/italy-warns-of-large-scale-global-ransomware-attack/ 巴基斯坦組織遭到鎖定，駭客利用大型海洋業務展會的名義發動攻擊 https://blogs.blackberry.com/en/2023/02/newspenguin-a-previously-unknown-threat-actor-targets-pakistan-with-advanced-espionage-tool 電力設備業者飛宏科技傳出遭勒索軟體LockBit攻擊，駭客開出銷毀資料的價碼 https://techmonitor.ai/technology/cybersecurity/phihong-ransomware-lockbit-royal-mail 駭客假借提供加密貨幣產業職缺的名義，散布竊密程式Enigma https://www.trendmicro.com/en_us/research/23/b/enigma-stealer-targets-cryptocurrency-industry-with-fake-jobs.html 安卓木馬程式Medusa利用網釣簡訊發動攻擊，鎖定北美和歐洲而來 https://www.threatfabric.com/blogs/partners-in-crime-medusa-cabassous.html 半導體設備製造商MKS Instruments證實遭到勒索軟體攻擊 https://www.csoonline.com/article/3687098/mks-instruments-falls-victim-to-ransomware-attack.html 烏克蘭組織遭到俄羅斯駭客的Graphiron竊密軟體攻擊 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/nodaria-ukraine-infostealer 木馬程式AveMaria透過VHD虛擬磁碟檔案散布 https://www.zscaler.com/blogs/security-research/dynamic-approaches-seen-avemarias-distribution-strategy 惡意軟體藉由Dota 2遊戲模組散布 https://decoded.avast.io/janvojtesek/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game/ 勒索軟體Clop首度出現Linux變種，針對在此作業系統執行的Oracle資料庫發動攻擊 https://www.sentinelone.com/labs/cl0p-ransomware-targets-linux-systems-with-flawed-encryption-decryptor-available/ 殭屍網路病毒Medusa出現加密檔案、偵察系統資訊的能力 https://blog.cyble.com/2023/02/03/new-medusa-botnet-emerging-via-mirai-botnet-targeting-linux-users/ 研究人員警告大規模濫用OneNote筆記檔案的攻擊行動，目的是散布惡意軟體QBot https://news.sophos.com/en-us/2023/02/06/qakbot-onenote-attacks/ 英國郵務機關Royal Mail遭到網路攻擊，勒索軟體LockBit公開喊話要求他們付款贖回 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-claims-royal-mail-cyberattack/ 半導體設備製造商MKS Instruments證實遭到勒索軟體攻擊 https://www.csoonline.com/article/3687098/mks-instruments-falls-victim-to-ransomware-attack.html 惡意軟體GuLoader濫用軟體打包工具NSIS，鎖定電子商務產業下手 https://www.trellix.com/en-us/about/newsroom/stories/research/guloader-the-nsis-vantage-point.html 中國駭客組織Mustang Panda假借歐洲議會名義散布惡意軟體PlugX https://blog.eclecticiq.com/mustang-panda-apt-group-uses-european-commission-themed-lure-to-deliver-plugx-malware 安卓惡意軟體TgToxic針對臺灣、印度、泰國等東南亞用戶而來 https://www.trendmicro.com/en_us/research/23/b/tgtoxic-malware-targets-southeast-asia-android-users.html 惡意程式打包工具TrickGate讓攻擊者規避防毒軟體長達6年 https://research.checkpoint.com/2023/following-the-scent-of-trickgate-6-year-old-packer-used-to-deploy-the-most-wanted-malware/ 惡意軟體QBot濫用OneNote筆記檔案散布 https://blog.cyble.com/2023/02/01/qakbots-evolution-continues-with-new-strategies/ 泰國、菲律賓、秘魯遭到安卓木馬Gigabud RAT假冒政府機關發動攻擊 https://blog.cyble.com/2023/01/19/gigabud-rat-new-android-rat-masquerading-as-government-agencies/ 惡意PyPI套件web3-essential進行零時差攻擊 https://www.fortinet.com/blog/threat-research/supply-chain-attack-by-new-malicious-python-package-web3-essential 巴西銀行用戶遭到安卓金融木馬PixPirate鎖定 https://www.cleafy.com/cleafy-labs/pixpirate-a-new-brazilian-banking-trojan Dynamic Approaches seen in AveMaria https://www.zscaler.com/blogs/security-research/dynamic-approaches-seen-avemarias-distribution-strategy PixPirate: a new Brazilian Banking Trojan https://www.cleafy.com/cleafy-labs/pixpirate-a-new-brazilian-banking-trojan Phishing Attacks Against Ecuador https://mp.weixin.qq.com/s/6TkOV11WvlCZX84-wszTJQ Technical Analysis: Black Basta Malware Overview https://quadrantsec.com/resource/technical-analysis/black-basta-malware-overview Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware https://blog.eclecticiq.com/mustang-panda-apt-group-uses-european-commission-themed-lure-to-deliver-plugx-malware NETWIRE Dynamic Configuration Extraction https://www.elastic.co/security-labs/netwire-dynamic-configuration-extraction?ultron=esl:_threat_research%2Besl_blog_post&blade=twitter&hulk=social&utm_content=8787629064&linkId=199502402 No Pineapple! –DPRK Targeting of Medical Research and Technology Sector https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf New APT34 Malware Targets The Middle East https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html Ransomware Roundup – Trigona Ransomware https://www.fortinet.com/blog/threat-research/ransomware-roundup-trigona-ransomware Technical Analysis: Black Basta Malware Overview https://quadrantsec.com/resource/technical-analysis/black-basta-malware-overview New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers https://thehackernews.com/2023/02/new-wave-of-ransomware-attacks.html Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware https://thehackernews.com/2023/02/post-macro-world-sees-rise-in-microsoft.html GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry https://thehackernews.com/2023/02/guloader-malware-using-malicious-nsis.html FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection https://thehackernews.com/2023/02/formbook-malware-spreads-via.html PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions https://thehackernews.com/2023/02/pixpirate-new-android-banking-trojan.html Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm https://thehackernews.com/2023/02/linux-variant-of-clop-ransomware.html VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree https://thehackernews.com/2023/02/vmware-finds-no-evidence-of-0-day-flaw.html Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations https://asec.ahnlab.com/en/47088/ #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities | CISA https://www.cisa.gov/uscert/ncas/alerts/aa23-040a Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs https://www.trendmicro.com/en_us/research/23/b/enigma-stealer-targets-cryptocurrency-industry-with-fake-jobs.html HTML Smuggling: The Hidden Threat in Your Inbox https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/html-smuggling-the-hidden-threat-in-your-inbox/ A Backdoor with Smart Screenshot Capability https://isc.sans.edu/diary/rss/29534 Malicious Google Ads Target AWS Logins https://www.sentinelone.com/blog/cloud-credentials-phishing-malicious-google-ads-target-aws-logins/ Cl0p Ransomware Targets Linux Systems with Flawed Encryption https://www.sentinelone.com/labs/cl0p-ransomware-targets-linux-systems-with-flawed-encryption-decryptor-available/ Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/nodaria-ukraine-infostealer Disclosure of APT-C-35's recent attack activities https://mp.weixin.qq.com/s/rslBGQgTL_jZD73AJqI05Q Screentime: Sometimes It Feels Like Somebody's Watching Me https://www.proofpoint.com/us/blog/threat-insight/screentime-sometimes-it-feels-like-somebodys-watching-me SteelClover Attacks Distributing Malware Via Google Ads Are Increasing https://insight--jp-nttsecurity-com.translate.goog/post/102i7af/steelclovergoogle?_x_tr_sl=en&_x_tr_tl=es&_x_tr_hl=en&_x_tr_pto=wapp Russian Hackers Using Graphiron Malware to Steal Data from Ukraine https://thehackernews.com/2023/02/russian-hackers-using-graphiron-malware.html Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware https://thehackernews.com/2023/02/russian-hacker-pleads-guilty-to-money.html Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms https://thehackernews.com/2023/02/gootkit-malware-adopts-new-tactics-to.html North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations https://thehackernews.com/2023/02/north-korean-hackers-targeting.html U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html Investigating Intrusions From Intriguing Exploits https://www.huntress.com/blog/investigating-intrusions-from-intriguing-exploits B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement https://thehackernews.com/2023/02/encrypted-messaging-app-exclu-used-by.html 微軟OTP驗證碼產生器Authenticator將停止支援Apple Watch https://www.ithome.com.tw/news/155416 外國3名學者研究發現，中共國販賣的Android手機內含許多預設應用程式，恐在未經同意下將個資遭傳送給第3方 https://www.mobile01.com/topicdetail.php?f=780&t=6738651 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 號稱能繞過ChatGPT反濫用限制的服務在駭客網站兜售 https://www.ithome.com.tw/news/155438 蘇黎世大學傳出遭到網路攻擊，隔離部分IT系統防止災情擴大 https://www.swissinfo.ch/eng/sci-tech/hackers-target-zurich-university-with--professional--cyberattack/48256306 美國佛羅里達州醫院遭到網路攻擊，系統被迫離線 https://securityaffairs.com/141792/hacking/tallahassee-memorial-healthcare-cyberattack.html 美國自殺求助的生命線電話988因電信業者遭網路攻擊而中斷服務 https://www.securityweek.com/feds-say-cyberattack-caused-suicide-helplines-outage/ 英國鋼鐵產業供應商Vesuvius證實遭到網路攻擊 https://therecord.media/vesuvius-plc-cyber-incident-steel-industry-supplier/ 美國伯克利縣學區遭到網路攻擊，近2萬學生無法上學 https://dailycaller.com/2023/02/06/hackers-19000-students-day-off-west-virginia/ 愛爾蘭大學MTU遭到網路攻擊而被迫全校停課 https://therecord.media/all-classes-canceled-at-irish-university-as-it-announces-significant-it-breach/ 美國藥品經銷商AmerisourceBergen證實遭到網路攻擊 https://www.bleepingcomputer.com/news/security/drug-distributor-amerisourcebergen-confirms-security-breach/ 美國最高級網絡安全外交官的 Twitter 被駭客入侵 https://www.newmobilelife.com/2023/02/10/nate-fick-twitter-hacked/ 駭客濫用AWS架設惡意網站，並透過廣告帶入Google搜尋結果 https://www.sentinelone.com/blog/cloud-credentials-phishing-malicious-google-ads-target-aws-logins/ 大型加拿大書店Indigo遭到網路攻擊，網站被迫關閉 https://www.bleepingcomputer.com/news/security/largest-canadian-bookstore-indigo-shuts-down-site-after-cyberattack/ 駭客繞過OpenAI規範，濫用AI語言模型ChatGPT產生惡意內容 https://blog.checkpoint.com/2023/02/07/cybercriminals-bypass-chatgpt-restrictions-to-generate-malicious-content/ ChatGPT會成為下一個重大資安威脅嗎 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10316 烏克蘭當局遭到駭客濫用Remcos遠端控制軟體發動攻擊 https://cert.gov.ua/article/3804703 俄上千人專責處理普丁網路負面貼文 準備進一步用AI追蹤 https://newtalk.tw/news/view/2023-02-09/856734 中國駭客APT41於農曆新年期間攻擊臺灣組織，目標疑為我國政府單位 https://www.corecloud.com.tw/corecloud/pages/news/news_23.html Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack https://thehackernews.com/2023/02/microsoft-iranian-nation-state-group.html CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities https://thehackernews.com/2023/02/newspenguin-threat-actor-emerges-with.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 個資危機又一樁! 超過10萬名iRent客戶資料可能早已外洩 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10310 救濟土耳其強震災民成行騙的幌子！駭客濫用推特與PayPal「募款」 https://www.bleepingcomputer.com/news/security/paypal-and-twitter-abused-in-turkey-relief-donation-scams/ 情人節將至，FBI警告鎖定新墨西哥州民眾的愛情詐騙 https://www.fbi.gov/contact-us/field-offices/albuquerque/news/fbi-media-alert-valentines-day-in-new-mexico-means-love---and-scams-? 電子佈告欄網站Reddit遭駭，原始碼與內部資料恐外流 https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/ 汽機車共享服務iRent受害規模擴大，擬對40萬用戶提出補償 https://www.irentcar.com.tw/UPLOAD/event/111event/2286/index.html 立委揭露格上租車資料庫配置不當的事故 https://www.cna.com.tw/news/aipl/202302060090.aspx https://news.ltn.com.tw/news/politics/breakingnews/4202430 https://news.pts.org.tw/article/621397 涉嫌將客戶資料帶到新公司，飛特立航空代理董事長遭訴 https://www.cna.com.tw/news/asoc/202302060251.aspx 北美大型連鎖雜貨店Weee資料外洩，波及110萬客戶 https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected/ 公路總局針對iRent資料外洩事故祭出罰鍰新臺幣20萬元，並要求限期改善 https://www.thb.gov.tw/News_Content_table.aspx?n=87&sms=13235&s=209467 iRent資料庫暴露於公開網路不設防，引發大眾關注，配置錯誤問題應受更多重視 https://www.ithome.com.tw/news/155392 iRent資料庫因不當配置導致資料外洩或曝險，並非資安新議題，國內企業需汲取教訓避免問題一再重演 https://www.ithome.com.tw/news/155393 揭露iRent資料庫不設防的研究人員，這兩年還揭露巴西、澳洲、中國的資料庫曝險 https://www.ithome.com.tw/news/155398 網站備份資料要小心存放！超過一成網站儲存於公開資料夾而曝險 https://sansec.io/research/sansec-analysis-12-of-online-stores-leak-private-backups 豐田汽車供應商管理平臺存在漏洞，攻擊者可隨意存取內部機密資料 https://eaton-works.com/2023/02/06/toyota-gspims-hack/ 美國加州醫療服務業者Sharp HealthCare遭到攻擊，近6.3萬人個資外洩 https://www.sandiegouniontribune.com/news/health/story/2023-02-06/sharp-notified-x-patients-of-data-breach 韓國電信業者LG Uplus傳出資料外洩影響範圍擴大，29萬用戶受到波及 https://en.yna.co.kr/view/AEN20230203008600325 加拿大房屋貸款業者8Twelve資料庫缺乏密碼保護，逾70萬民眾個資曝光 https://www.websiteplanet.com/news/8twelve-leak-report/ 印度卡車貨運公司FR8伺服器配置不當，曝露140 GB資料 https://www.hackread.com/india-truck-brokerage-company-data-leak/ 華航個資外洩延燒，傳出駭客預告將公布第三波資料 https://news.cts.com.tw/cts/society/202302/202302062138967.html 上萬使用者遭到假冒DocuSign的網釣攻擊 https://www.armorblox.com/blog/breaking-the-impersonation-armorblox-stops-docusign-attack/ 伊朗駭客Holy Souls因干預美國大選遭到制裁，憤而竊取法國刊物的用戶個資並外洩 https://blogs.microsoft.com/on-the-issues/2023/02/03/dtac-charlie-hebdo-hack-iran-neptunium/ 收到信嗎？華人愛用線上超市Weee!爆110萬用戶數據洩露 https://www.worldjournal.com/wj/story/121469/6962172 「我的愛心被駭客利用了！」個資外洩風暴下，公益團體的重建信任之路 https://www.twreporter.org/a/personal-data-leaked-npo-donators 當電商平台成為詐騙高風險賣場，政府與企業該如何聯防資安漏洞 https://www.twreporter.org/a/personal-data-leaked-e-commerce Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach https://thehackernews.com/2023/02/sydney-man-sentenced-for-blackmailing.html 3 Overlooked Cybersecurity Breaches https://thehackernews.com/2023/02/3-overlooked-cybersecurity-breaches.html Reddit Suffers Security Breach Exposing Internal Documents and Source Code https://thehackernews.com/2023/02/reddit-suffers-security-breach-exposing.html E.研究報告/工具 專門的軟體供應鏈「ATT&CK框架」：OSC&R https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10315 舉證盲點 Log未必等於不可否認 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6337 研究人員揭露Screentime攻擊行動，利用Office排版軟體Publisher檔案散布惡意程式 https://www.proofpoint.com/us/blog/threat-insight/screentime-sometimes-it-feels-like-somebodys-watching-me 研究人員揭露加密貨幣Dingo騙局，發行者在程式碼埋入後門，收取99%交易手續費 https://blog.checkpoint.com/2023/02/02/dingo-token-ranking-is-774-with-a-live-market-cap-of-10941525-usd-is-a-scam/ 資安威脅步步進逼 如何像駭客一樣思考 https://www.technice.com.tw/cloudtech/infosecurity/36779/ API Misconfiguration - No Swag of SwaggerUI https://shahjerry33.medium.com/api-misconfiguration-no-swag-of-swaggerui-9b43135346be IDOR - Inside the Session Storage https://shahjerry33.medium.com/idor-inside-the-session-storage-88af485fc899 The Pivot: How MSPs Can Turn a Challenge Into a Once-in-a-Decade Opportunity https://thehackernews.com/2023/02/the-pivot-how-msps-can-turn-challenge.html SaaS in the Real World: Who's Responsible to Secure this Data https://thehackernews.com/2023/02/saas-in-real-world-whos-responsible-to.html Tackling the New Cyber Insurance Requirements: Can Your Organization Comply https://thehackernews.com/2023/02/tackling-new-cyber-insurance.html How to Think Like a Hacker and Stay Ahead of Threats https://thehackernews.com/2023/02/how-to-think-like-hacker-and-stay-ahead.html A Hackers Pot of Gold: Your MSP's Data https://thehackernews.com/2023/02/a-hackers-pot-of-gold-your-msps-data.html Timestone: Netflix’s High-Throughput, Low-Latency Priority Queueing System with Built-in Support for Non-Parallelizable Workloads https://netflixtechblog.com/timestone-netflixs-high-throughput-low-latency-priority-queueing-system-with-built-in-support-1abf249ba95f IW Weekly #37: ChatGPT for Pentesting, Hacking Govt. Website, GraphQl Security Flaws, Bypassing WAF, SSO, MITRE ATT&CK, and much more… https://infosecwriteups.com/iw-weekly-37-chatgpt-for-pentesting-hacking-govt-a3d4952a407e Your Open-Source Incident Response Platform https://socfortress.medium.com/your-open-source-incident-response-platform-e9d839f02454 F.商業 Google Cloud 預測 2025 年前 90%安全措施將採自動化作業，以程式碼形式管理 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10313 Zyxel兆勤科技宣佈鉅立資訊成台灣代理商 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10312 微軟舉辦藍帽資安會議BlueHat 2023，聚焦人工智慧、硬體、基礎設施安全 https://msrc-blog.microsoft.com/2023/02/06/bluehat-2023-connecting-the-security-research-community-with-microsoft/ G.政府 第一個資安專責行政法人揭牌，資安院是國家級資安科研團隊 https://www.ithome.com.tw/news/155463 資安院正式揭牌 唐鳳交辦2大任務 https://reurl.cc/zAgEaa 蔡英文今出席資安院揭牌典禮　令鄭文燦主責個資外洩問題 https://www.storm.mg/article/4727318 部桃醫院、市調處合作資安國安級 院方曝3年前駭客真相 https://www.tygh.mohw.gov.tw/?aid=302&pid=0&page_name=detail&iid=2474 個資頻外洩 政院提監督機制 https://reurl.cc/Y87pNa iRent 被罰 20 萬太輕？鄭文燦允諾擬修個資法罰則 https://technews.tw/2023/02/10/moda-nics/ 華航、格上個資外洩. 朝野立委批權責不清補破網 https://enn.tw/?p=361155 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 電動車充電樁通訊協定遭發現存有漏洞，可導致遠端關機、資料與電力遭竊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10318 NIST宣布將採用Ascon演算法做為物聯網裝置加密的標準 https://www.ithome.com.tw/news/155447 Baicells無線通訊基地臺存在嚴重漏洞，有可能導致電信網路受到窺探 https://www.securityweek.com/critical-baicells-device-vulnerability-can-expose-telecoms-networks-to-snooping Econolite交通控制系統存在漏洞，恐被用於遠端癱瘓交通 https://www.securityweek.com/unpatched-econolite-traffic-controller-vulnerabilities-allow-remote-hacking/ 系統漏洞不可輕忽　資安軟體強化車輛防駭 https://reurl.cc/3Or9Ej Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered https://thehackernews.com/2023/02/is-your-ev-charging-station-safe-new.html NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices https://thehackernews.com/2023/02/nist-standardizes-ascon-cryptographic.html I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 Just a chat - with no Expectations 2023/2/11 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/291127956/ WordPress 彰化小聚#26 2023/2/12 https://www.meetup.com/changhua-wordpress-meetup-group/events/290974160/ 2023大南方製造業資安趨勢論壇- 產業轉型 資安升級 2023/2/16 https://www.informationsecurity.com.tw/seminar/2023_KHinfosecurity365/index.htm 資安免疫系統強化論壇 2023/2/21 https://buzzorange.com/techorange/forum/2023-cybersecurity-immune-system/ Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 加密大逃殺？善用 Web3 去中心化錢包 2023/2/22 https://www.accupass.com/event/2301301209062089881353 兩道資安關鍵防線 遠離遠距辦公資安風險 2023/2/23 https://www.accupass.com/event/2301170725591343770258 2023 資安365年會 數位供應鏈 資安不斷鏈 2023/2/23 https://www.informationsecurity.com.tw/seminar/2023_TPinfosecurity365/register.aspx 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/ 資安保險與資安鑑識創新服務論壇暨ACFD第二屆第四次會員大會 2023/3/3 https://acfd.kktix.cc/events/ci2023 DEVCORE Conference 2023 - 3/10 企業場 2023/3/10 https://devcore.kktix.cc/events/devcoreconf2023-0310 DEVCORE Conference 2023 - 3/11 駭客場 2023/3/11 https://devcore.kktix.cc/events/devcoreconf2023 掌握資安趨勢 讓大數據決策市場研討會 2023/3/16 https://www.accupass.com/event/2212200343421615169635 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013