資安事件新聞週報 2023/12/11 ~ 2023/12/15

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/12/11 ~ 2023/12/15 1.重大弱點漏洞/後門/Exploit/Zero Day New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now https://thehackernews.com/2023/12/new-security-vulnerabilities-uncovered.html 開源防火牆系統pfSense存在XSS、命令注入漏洞，逾1,400臺未修補弱點的伺服器曝險 https://www.bleepingcomputer.com/news/security/over-1-450-pfsense-servers-exposed-to-rce-attacks-via-bug-chain/ https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/ https://www.bleepingcomputer.com/news/security/over-1-450-pfsense-servers-exposed-to-rce-attacks-via-bug-chain/ Sophos終止產品支援的防火牆系統遭遇網路攻擊，破例提供RCE漏洞修補程式 https://www.bleepingcomputer.com/news/security/sophos-backports-rce-fix-after-attacks-on-unsupported-firewalls/ Cloudflare年度報告揭露全球網路流量成長25％，Log4j仍是最受駭客青睞的漏洞 https://www.ithome.com.tw/news/160310 Log4Shell公布2年，企業組織仍有近4成Log4j元件曝險 https://www.veracode.com/blog/research/state-log4j-vulnerabilities-how-much-did-log4shell-change 微軟發布多個產品的安全性更新公告 https://msrc.microsoft.com/update-guide/releaseNote/2023-Dec Microsoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical https://thehackernews.com/2023/12/microsofts-final-2023-patch-tuesday-33.html Apache 已發布安全性更新來解決 Struts 2的弱點 https://www.cisa.gov/news-events/alerts/2023/12/12/apache-software-foundation-updates-struts-2 New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now https://thehackernews.com/2023/12/new-critical-rce-vulnerability.html Java應用框架Struts路徑穿越漏洞已被用於攻擊行動 https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-apache-struts-flaw-using-public-poc/ https://twitter.com/Shadowserver/status/1734919288257974380 https://xz.aliyun.com/t/13172 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-struts-C2kCMkmT Adobe 已發布安全更新，以解決多個 Adobe 產品中的弱點 https://helpx.adobe.com/security/products/after_effects/apsb23-75.html 微軟修補與AMD處理器有關的零時差漏洞 https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2023-patch-tuesday-fixes-34-flaws-1-zero-day/ https://msrc.microsoft.com/update-guide/releaseNote/2023-Dec https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-20588 https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs https://thehackernews.com/2023/12/slam-attack-new-spectre-based.html WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability https://thehackernews.com/2023/12/wordpress-releases-update-642-to.html Google針對Chrome 120修補高風險漏洞 https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html CISA警告CI/CD軟體平臺TeamCity重大漏洞遭到俄羅斯駭客APT29利用 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a SAP公布12月例行更新，修補商業技術平臺重大漏洞 https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10 2.銀行/金融/保險/證券/金融監理新聞及資安金融業模擬中國駭客入侵「被痛宰」　彭博：台灣尋求美國協助加強網安 https://www.taisounds.com/news/content/84/97041 台灣尋求美國援助防衛外來對金融系統網路攻擊 https://www.cna.com.tw/news/aopl/202312133003.aspx 台灣金融業遭受中國網路威脅但系統防禦能力「接近零」 https://ec.ltn.com.tw/article/breakingnews/4518106 中國網攻不斷升級　我金融機構與美財政部合作防堵 https://www.upmedia.mg/news_info.php?Type=3&SerialNo=189621 中獎人留意！財部平台更新　這48小時暫停兌領發票獎金 https://news.housefun.com.tw/news/article/768930403871.html 全球有1,800個銀行程式遭銀行木馬鎖定 https://www.ithome.com.tw/news/160352 拜登政府稱人工智能對金融系統構成風險 https://reurl.cc/WRaaVL 護資安　金管會要檢視「銀行使用中國廠牌資訊產品」情形 https://www.setn.com/News.aspx?NewsID=1396216 金管會啟動銀行「問責地圖」明確內控疏失責任範圍…最快明年底上路 https://udn.com/news/story/7239/7639445 金管會引入「問責制度」強化監理參考歐美制度 https://udn.com/news/story/7239/7639443?from=udn-catelistnews_ch2 開放銀行第三階段爭議解決機制兩個月制定 https://udn.com/news/story/7239/7634262?from=udn-relatednews_ch2 開放銀行水土不服黃天牧：先建制度 https://www.ctee.com.tw/news/20231212700081-439901 金融上雲法規大鬆綁資安是關鍵 https://www.businesstoday.com.tw/article/category/183017/post/202312120029/ 日本汽車大廠Toyota證實金融子公司資料外洩 https://www.bleepingcomputer.com/news/security/toyota-warns-customers-of-data-breach-exposing-personal-financial-info/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安憂歐盟反壟斷制裁傳蘋果同意讓競爭對手使用行動支付系統 https://news.cnyes.com/news/id/5408236 電子支付百萬通路整合新變革 https://www.ithome.com.tw/article/160329 香港九巴及龍運12·14起新增微信支付內地用戶可用人民幣結算 https://www.hkcd.com/hkcdweb/content/2023/12/15/content_8614693.html 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 MICA Daily｜Tether 公告將遵循 OFAC 政策與其制裁清單 https://coinmarketcap.com/community/zh-tw/articles/65767424aa9eea1f46c5e39c/ 韓國金融監管機構發布制定《虛擬資產用戶保護法》等執行條例與監管條例的立法通知 https://news.cnyes.com/news/id/5406197 KyberSwap 與「健談」的攻擊者之間的戰鬥：4,800 萬美元的恩怨情仇 https://www.bitget.com/zh-TW/academy/kyberswap-faces-48-million-crypto-hack-and-talkative-hacker 積金易平台公司：平台設計加入很多保安元素　料推出前做另一場保安審計 https://reurl.cc/krNNyr 駭客今年從加密項目中竊取了約17億美元 https://www.panews.io/zh_hk/sqarticledetails/5fi1745bFt.html TRM Labs：今年至今加密駭客攻擊損失金額估計達17億美元 https://news.cnyes.com/news/id/5408805 OKX DEX疑似被駭客攻擊，代理地址已移除 https://news.cnyes.com/news/id/5408857 OKX DEX用戶資產遭駭「37萬鎂」，官方保證全賠：廢棄合約權限被盜用 https://www.blocktempo.com/okx-dex-contract-hacked-a-total-of-370000-in-user-funds-stolen/ 駭客回歸後 Conic Finance 的 CNC 代幣飆漲 50% https://portalcripto.com.br/zh-TW/%E9%A7%AD%E5%AE%A2%E5%9B%9E%E6%AD%B8%E5%BE%8C%EF%BC%8Cconic-Finance-%E7%9A%84-CNC-%E4%BB%A3%E5%B9%A3%E9%A3%86%E5%8D%87-50%25/ 2023年加密貨幣駭客攻擊損失預計較去年下降約50% https://panews.io/zh_hk/sqarticledetails/2wqdi05rFt.html 幣託BitoPro冷錢包正式啟售不到千元可入手 https://money.udn.com/money/story/5612/7640795 盤點2023下半年十大事件：比特幣現貨ETF、SBF指控全成立、CZ認罪.. https://www.blocktempo.com/crypto-market-summary-in-2023/ 暫時勿與任何Dapp互動！DeFi爆發大規模安全漏洞、Ledger錢包遭駭釀禍 https://www.blocktempo.com/massive-security-breach-breaks-out-in-defi/ 駭客利用本次Ledger代碼庫事件竊取價值約48.4萬美元的加密資產 https://news.cnyes.com/news/id/5410888 Tether 和 Ledger 迅速採取行動應對程式碼庫攻擊 https://portalcripto.com.br/zh-TW/Tether-%E5%92%8C-Ledger-%E5%BF%AB%E9%80%9F%E5%9B%9E%E6%87%89%E7%A8%8B%E5%BC%8F%E7%A2%BC%E5%BA%AB%E6%94%BB%E6%93%8A/ Coinbase 將在全球擴展其加密貨幣交易服務 https://portalcripto.com.br/zh-TW/coinbase-%E5%B0%87%E5%9C%A8%E5%85%A8%E7%90%83%E6%93%B4%E5%B1%95%E5%85%B6%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E4%BA%A4%E6%98%93%E6%9C%8D%E5%8B%99/ 區塊鏈中的元宇宙是什麼？初學者指南 https://portalcripto.com.br/zh-TW/%E5%8D%80%E5%A1%8A%E9%8F%88%E4%B8%AD%E7%9A%84%E5%85%83%E5%AE%87%E5%AE%99%E6%98%AF%E4%BB%80%E9%BA%BC%EF%BC%9F%E5%88%9D%E5%AD%B8%E8%80%85%E6%8C%87%E5%8D%97/ 美國金融穩定監督委員會再次呼籲，應立法解決加密貨幣風險 https://news.knowing.asia/news/d957b2f1-98c4-4e4e-943d-c0bf94694b43 Atomicals Market宣布將賠償用戶此前因駭客事件損失的2.8萬枚ATOM https://news.cnyes.com/news/id/5412192 美國稅局追徵 240 億美元稅款！FTX 怒斥：覬覦用戶賠償金 https://blockcast.it/2023/12/12/ftx-says-irs-demand-for-24-billion-in-unpaid-taxes-is-delaying-distributions-to-users/ 樂見港、台加密幣監管發展！幣安執行長 Richard Teng：「合規」會是產業大趨勢 https://blockcast.it/2023/12/12/binance-richard-teng-ama/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 生成式AI引爆資安危機　蠕蟲自動化、資料下毒風險疑慮漸升 https://m.match.net.tw/pc/news/finance/20231211/7726261 AI帶來更多資安風險！LLM遭下毒、蠕蟲自動化攻擊，2024五大威脅預測一次看 https://web3plus.bnext.com.tw/article/1990? Sophos 發現勒索軟體集團利用媒體美化形象 https://www.digitalwall.com/scripts/displaypr.asp?UID=90002 食品業者Kraft Heinz傳出遭駭，勒索軟體Snatch聲稱他們所為 https://www.bleepingcomputer.com/news/security/kraft-heinz-investigates-hack-claims-says-systems-operating-normally/ 溫控倉儲暨物流業者Americold遭勒索軟體攻擊，13萬人受到影響 https://therecord.media/ransomware-attack-on-americold-cold-storage 惡意軟體GuLoader採用多種反分析機制來防堵研究人員調查 https://www.elastic.co/security-labs/getting-gooey-with-guloader-downloader 中小企業多付贖金助勒索病毒大增！TeamT5 威脅分析師高峰會示警 https://infosecu.technews.tw/2023/12/14/ransom-virus-ransom/ UTG-Q-003: Supply Chain Poisoning of 7ZIP on the Microsoft App Store https://ti.qianxin.com/blog/articles/UTG-Q-003-Supply-Chain-Poisoning-of-7ZIP-on-the-Microsoft-App-Store-EN/ https://github.com/RedDrip7/APT_Digital_Weapon/blob/master/UTG-Q-003/UTG-Q-003_hash.md Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey) https://asec.ahnlab.com/en/59590/ N. Korea's Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks https://thehackernews.com/2023/12/n-korean-kimsuky-targeting-south-korean.html Unmasking the Enigma: A Historical Dive into the World of PlugX Malware https://www.splunk.com/en_us/blog/security/unmasking-the-enigma-a-historical-dive-into-the-world-of-plugx-malware.html 俄羅斯駭客APT28利用以巴衝突作為誘餌，散布後門程式HeadLace https://securityintelligence.com/x-force/itg05-ops-leverage-israel-hamas-conflict-lures-to-deliver-headlace-malware/ ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware https://securityintelligence.com/x-force/itg05-ops-leverage-israel-hamas-conflict-lures-to-deliver-headlace-malware/ Researchers Unveil GuLoader Malware's Latest Anti-Analysis Techniques https://thehackernews.com/2023/12/researchers-unveal-guloader-malwares.html Ransomware-as-a-Service: The Growing Threat You Can't Ignore https://thehackernews.com/2023/12/ransomware-as-service-growing-threat.html Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software https://thehackernews.com/2023/12/mac-users-beware-new-trojan-proxy.html 駭客組織Sandman可能與中國駭客互通有無，共用基礎設施及資源 https://www.sentinelone.com/labs/sandman-apt-china-based-adversaries-embrace-lua/ Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor https://thehackernews.com/2023/12/researchers-unmask-sandman-apts-hidden.html Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans https://thehackernews.com/2023/12/lazarus-group-using-log4j-exploits-to.html 惡意軟體NKAbuse濫用區塊鏈隱匿攻擊行動 https://securelist.com/unveiling-nkabuse/111512/ New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks https://thehackernews.com/2023/12/new-nkabuse-malware-exploits-nkn.html 116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems https://thehackernews.com/2023/12/116-malware-packages-found-on-pypi.html 哈馬斯駭客組織Gaza Cyber Gang使用後門程式Pierogi++攻擊巴勒斯坦反對人士 https://www.sentinelone.com/labs/gaza-cybergang-unified-front-targeting-hamas-opposition/ Gaza Cybergang | Unified Front Targeting Hamas Opposition https://www.sentinelone.com/labs/gaza-cybergang-unified-front-targeting-hamas-opposition/ New Pierogi++ Malware by Gaza Cyber Gang Targeting Palestinian Entities https://thehackernews.com/2023/12/new-pierogi-malware-by-gaza-cyber-gang.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Android 開始測試內建防止釣魚 App 偵測機制，跟著步驟啟用它吧 https://today.line.me/tw/v2/article/vXo68pE 中駭客竊取手機資料外國政要受害 https://reurl.cc/orzzyM 推特X平台爆漏洞「用戶點連結、帳號就被盜」，官方緊急修復 https://www.blocktempo.com/vulnerability-emerged-on-x-allowing-hackers-to-manipulate-user-accounts-through-links/ 防 iPhone 被竊，蘋果擬推出新安全設定 https://infosecu.technews.tw/2023/12/13/iphone-stolen-device-protection/ 蘋果發布iOS 16.7.3、iPadOS 16.7.3、watchOS 10.2，修補舊裝置WebKit零時差漏洞 https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-recent-zero-days-on-older-iphones/ 美國 FTC 警告虛假 QR Code 湧現市民需留心個人資料因掃碼被盜 https://reurl.cc/OG77DX 中國AI手機賣到缺貨！掃描文件就幫你生成簡報，非蘋陣營機會來了 https://www.cw.com.tw/article/5128552 美國聯邦通訊委員會呼籲電信業者採取更多措施來防範SIM卡挾持攻擊 https://www.fcc.gov/document/fcc-reminds-carriers-prevent-sim-fraud-schemes 研究人員揭露針對安卓裝置的攻擊手法AutoSpill，從密碼管理工具竊取帳密資料 https://www.blackhat.com/eu-23/briefings/schedule/index.html#autospill-zero-effort-credential-stealing-from-mobile-password-managers-34420 研究人員揭露繞過安卓手機鎖定螢幕的弱點，最新版作業系統也無法倖免 https://securityaffairs.com/155588/hacking/android-14-13-lock-screen-bypass.html 蘋果裝置、多家Linux作業系統存在藍牙鍵盤注入漏洞 https://github.com/skysafe/reblog/tree/main/cve-2023-45866 高通、聯發科5G晶片存在5Ghoul漏洞，700款蘋果、安卓手機曝險 https://www.bleepingcomputer.com/news/security/new-5ghoul-attack-impacts-5g-phones-with-qualcomm-mediatek-chips/ New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands https://thehackernews.com/2023/12/new-5g-modems-flaws-affect-ios-devices.html SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users https://thehackernews.com/2023/12/spyloan-scandal-18-malicious-loan-apps.html Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws https://thehackernews.com/2023/12/apple-releases-security-updates-to.html Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities https://thehackernews.com/2023/12/google-using-clang-sanitizers-to.html Google's New Tracking Protection in Chrome Blocks Third-Party Cookies https://thehackernews.com/2023/12/googles-new-tracking-protection-in.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力董事會該從ROI評估資安防護投資效益嗎 https://www.gvm.com.tw/article/108330 針對關鍵基礎設施的嵌入式裝置安全，MITRE揭露威脅模型EMB3D https://www.securityweek.com/mitre-unveils-emb3d-threat-model-for-embedded-devices-used-in-critical-infrastructure/ 開發商Insomniac Games遭受攻擊，駭客組織勒索50枚BTC https://news.cnyes.com/news/id/5408925 Insomniac Games 遭駭客攻擊！《漫威金鋼狼》遊戲資訊被提前洩漏 https://today.line.me/tw/v2/article/JP9WVrk 台灣資安公司 TeamT5：總統大選逼近，讓媒體也變資安嚴重受災戶 https://www.inside.com.tw/article/33618-teamt5-threat-analyst-summit 台灣應建立語言模型可抓到網軍操作 https://anntw.com/articles/20231213-YVcB 有美國聯邦政府伺服器因使用過時軟件被入侵 https://unwire.pro/2023/12/12/cisa-4/security/ 攻台前哨戰！華郵：中國網軍過去1年潛入美20多個關鍵基礎設施 https://news.ltn.com.tw/news/world/breakingnews/4518685 擾亂美軍援台，中國網軍滲透美國基礎建設系統 https://infosecu.technews.tw/2023/12/12/us-official-said-pla-is-hacking-us-infrastructures/ 解放軍駭客「伏特颱風」攻擊美國數十處民生基建系統 https://udn.com/news/story/6813/7634900?from=udn-catebreaknews_ch2 中國駭客組織Volt Typhoon使用殭屍網路KV-botnet攻擊小型路由器 https://blog.lumen.com/routers-roasting-on-an-open-firewall-the-kv-botnet-investigation/ Routers Roasting on an Open Firewall: the KV-botnet Investigation https://blog.lumen.com/routers-roasting-on-an-open-firewall-the-kv-botnet-investigation/ https://github.com/blacklotuslabs/IOCs/blob/main/KVbotnet_IOCs.txt 中國國安部稱境外組織藉地理資訊竊密已展開調查 https://www.rti.org.tw/news/view/id/2189454 愛爾蘭自來水公司傳出遭到攻擊，被迫中斷供水2天 https://westernpeople.ie/news/hackers-hit-erris-water-in-stance-over-israel_arid-4982.html 北朝鮮駭客盜加密貨幣研發飛彈　5年超過30億美元 https://www.ftvnews.com.tw/news/detail/2023C12I19M1 烏克蘭情報單位聲稱對俄羅斯稅捐機關發動網路攻擊，破壞逾2千臺伺服器 https://gur.gov.ua/en/content/zlam-federalnoi-podatkovoi-sluzhby-rf-detali-cherhovoi-kiberspetsoperatsii-hur.html 烏克蘭最大電信商遭網攻俄烏戰爭以來最嚴重 https://wantrich.chinatimes.com/news/20231213900782-420201 烏克蘭最大電信公司遭網攻數百萬人網路服務癱瘓 https://def.ltn.com.tw/article/breakingnews/4519233 美國任命Harry Coker為第2任國家資安總監 https://www.whitehouse.gov/oncd/briefing-room/2023/12/12/oncd-welcomes-mr-harry-coker-jr-as-next-national-cyber-director/ Major Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom Operator https://thehackernews.com/2023/12/major-cyber-attack-paralyzes-kyivstar.html Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign https://thehackernews.com/2023/12/russian-apt28-hackers-targeting-13.html Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally | CISA https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html 亞太地區企業遭到駭客組織GambleForce鎖定，發動SQL注入攻擊 https://www.group-ib.com/blog/gambleforce-gang New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection Attacks https://thehackernews.com/2023/12/new-hacker-group-gambleforce-tageting.html Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network https://thehackernews.com/2023/12/microsoft-takes-legal-action-to-crack.html 伊朗駭客OilRig透過惡意程式下載工具持續在以色列組織從事攻擊行動 https://www.welivesecurity.com/en/eset-research/oilrig-persistent-attacks-cloud-service-powered-downloaders/ Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders https://thehackernews.com/2023/12/iranian-state-sponsored-oilrig-group.html OilRig’s persistent attacks using cloud service-powered downloaders https://www.welivesecurity.com/en/eset-research/oilrig-persistent-attacks-cloud-service-powered-downloaders/ Product security (Sr.) engineer 產品資安管理工程師 https://www.linkedin.com/jobs/view/product-security-sr-engineer-%E7%94%A2%E5%93%81%E8%B3%87%E5%AE%89%E7%AE%A1%E7%90%86%E5%B7%A5%E7%A8%8B%E5%B8%AB-at-moxa-3783635430/?originalSubdomain=tw 產品資安測試(高級)工程師 _Product Cybersecurity Testing (Senior) Engineer https://www.linkedin.com/jobs/view/%E7%94%A2%E5%93%81%E8%B3%87%E5%AE%89%E6%B8%AC%E8%A9%A6-%E9%AB%98%E7%B4%9A-%E5%B7%A5%E7%A8%8B%E5%B8%AB-product-cybersecurity-testing-senior-engineer-at-moxa-3783635434/?originalSubdomain=tw [電子五哥]資安工程師_Security Engineer__駐點工程師_科學園區(華亞科) https://www.cakeresume.com/companies/conbiz-consulting-firm/jobs/f7f52d 網路資安工程師 (台北) https://www.1111.com.tw/job/113070653/ 【資安所】產業研究人員 https://www.104.com.tw/job/86s54?jobsource=n104bank2 資安檢測實習生 https://www.104.com.tw/job/86sv1?jobsource=googlejobs 『竹南廠』資安工程師 https://www.104.com.tw/job/6wntn?jobsource=googlejobs (台北) 網路資安工程師 https://www.1111.com.tw/job/113070788/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全金門連鎖租車行驚傳駭客入侵駭客竊取金豐租車客戶個資 https://reurl.cc/A4nn4j 客戶個資外洩？中華電信：並無受駭或個資洩漏情形 https://udn.com/news/story/7266/7636417 中華電信傳出資料外洩，駭客聲稱竊得帳務系統30萬筆資料 https://www.mirrormedia.mg/story/20231212fin007 https://www.tcpttw.com/local/2023/12/12/80942/%E3%80%90%E7%8D%A8%E5%AE%B6%E5%BF%AB%E8%A8%8A%E3%80%91%E4%B8%AD%E8%8F%AF%E9%9B%BB%E4%BF%A1%E7%B9%B3%E8%B2%BB%E8%B3%87%E6%96%99%E7%96%91%E4%BC%BC%E5%A4%96%E6%B4%A9%EF%BD%9C%E9%A9%9A%E5%82%B3%E5%9C%B0/ https://www.mirrormedia.mg/story/20231212fin007 【查核開箱文】網傳「暗網流出監聽文件」查核中心追查報告 https://tfc-taiwan.org.tw/articles/9991 美國海軍逮捕CDC官員？意圖影響大選？虛構內容！文章來自陰謀論網站 https://www.mygopen.com/2023/12/CDC.html 詐騙自救8招》怎麼確認網址能不能點？網購綁信用卡安全嗎 https://today.line.me/tw/v2/article/j7JL0Qz 疑AI深偽仿聲詐騙專家：講話5秒即可擬真7成 https://news.pts.org.tw/article/670992 老舊密碼政策　網站守舊思維提供駭客攻擊溫床 https://www.technice.com.tw/techmanage/infosecurity/85532/ 俄羅斯透過AI針對烏克蘭、美國、德國散布假訊息 https://thehackernews.com/2023/12/russias-ai-powered-disinformation.html 俄羅斯駭客組織Star Blizzard使用新型態的帳密竊盜手法 https://www.microsoft.com/en-us/security/blog/2023/12/07/star-blizzard-increases-sophistication-and-evasion-in-ongoing-attacks/ 駭客假借提供訂房資訊寄送釣魚郵件，散布竊資軟體MrAnon Stealer https://www.fortinet.com/blog/threat-research/mranon-stealer-spreads-via-email-with-fake-hotel-booking-pdf New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam https://thehackernews.com/2023/12/new-mranon-stealer-targeting-german-it.html 中共介選是常態 Y’s Day｢週三青年日｣看習近平對台灣民主遠端操控 https://newtalk.tw/news/view/2023-12-13/900523 國戰會論壇／民進黨選舉策略–抗中牌與認知作戰的雙重變奏 https://reurl.cc/dLzzvg 企業外洩個資就必受罰嗎 https://talk.ltn.com.tw/article/paper/1620773 密碼規則怎麼訂比較好 https://vocus.cc/article/65703499fd89780001ec774a 你設的密碼都會被破解！量子技術1年後將變成資安天敵 https://www.gvm.com.tw/article/108483 政府發布《政策宣言》　簡化個人資料從大灣區出境至香港 https://www.wepro180.com/231212_gov/ 語音網釣攻擊BazarCall濫用Google表單突破資安系統攔截 https://abnormalsecurity.com/blog/bazarcall-attack-leverages-google-forms 資料外洩事件暴增，起因是勒索軟體與供應鏈攻擊升溫 https://www.apple.com/newsroom/pdfs/The-Continued-Threat-to-Personal-Data-Key-Factors-Behind-the-2023-Increase.pdf 駭客組織TA4557鎖定求職者從事網釣攻擊，散布後門程式More_Eggs https://www.proofpoint.com/uk/blog/threat-insight/security-brief-ta4557-targets-recruiters-directly-email Security Brief: TA4557 Targets Recruiters Directly via Email https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta4557-targets-recruiters-directly-email 駭客假借社交工程的手段引誘開發人員上當，安裝惡意PyPI套件而使得電腦被植入竊資軟體 https://www.welivesecurity.com/en/eset-research/pernicious-potpourri-python-packages-pypi/ Analysis of North Korean Hackers’ Targeted Phishing Scams on Telegram https://slowmist.medium.com/analysis-of-north-korean-hackers-targeted-phishing-scams-on-telegram-872db3f7392b 微軟打擊網路詐騙：阻止知名駭客團夥販售假帳號 https://pmlife.day/Opinion/Read/microsoft-combats-online-scams-preventing-notorious-hacker-group-selling-fake-accounts 微軟破獲建立7.5億個詐騙Outlook帳戶的駭客組織Storm-1152 https://www.ithome.com.tw/news/160353 駭客正濫用OAuth應用以自動化攻擊行動 https://www.ithome.com.tw/news/160308 Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html BazaCall Phishing Scammers Now Leveraging Google Forms for Deception https://thehackernews.com/2023/12/bazacall-phishing-scammers-now.html E.研究報告/工具 Akamai 示警 Active Directory DNS 欺騙缺陷 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10852 駭客最常利用 9 種認知偏誤，進行資安攻擊 https://marketing.ares.com.tw/newsletter/2023-12-knowbe4/hackers-cyberattack 檢視 Turla APT 集團的活動 https://www.trendmicro.com/zh_tw/research/23/i/examining-the-activities-of-the-turla-group.html 微軟DHCP動態更新機制有可能被濫用，駭客可偽造DNS資料發動進一步攻擊 https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp 研究人員揭露利用DNS重新綁定攻擊手法，取得AWS帳密資料 https://www.intruder.io/research/we-hacked-ourselves-with-dns-rebinding RAT木馬Krasue透過嵌入rootkit在Linux伺服器上隱匿行蹤 https://www.group-ib.com/blog/krasue-rat/ Kaspersky crimeware report: FakeSG, Akira and AMOS https://securelist.com/crimeware-report-fakesg-akira-amos/111483/ A pernicious potpourri of Python packages in PyPI https://www.welivesecurity.com/en/eset-research/pernicious-potpourri-python-packages-pypi/ Incident Response in Cybersecurity https://www.threatlocker.com/why-threatlocker/incident-response Playbook: Your First 100 Days as a vCISO - 5 Steps to Success https://thehackernews.com/2023/12/playbook-your-first-100-days-as-vciso-5.html 處理程序注入攻擊手法Pool Party有機會繞過EDR端點防護措施 https://www.blackhat.com/eu-23/briefings/schedule/index.html#the-pool-party-you-will-never-forget-new-process-injection-techniques-using-windows-thread-pools-35446 New PoolParty Process Injection Techniques Outsmart Top EDR Solutions https://thehackernews.com/2023/12/new-poolparty-process-injection.html Non-Human Access is the Path of Least Resistance: A 2023 Recap https://thehackernews.com/2023/12/non-human-access-is-path-of-least.html How to Analyze Malware's Network Traffic in A Sandbox https://thehackernews.com/2023/12/how-to-analyze-malwares-network-traffic.html Unveiling the Cyber Threats to Healthcare: Beyond the Myths https://thehackernews.com/2023/12/unveiling-cyber-threats-to-healthcare.html Bug or Feature? Hidden Web Application Vulnerabilities Uncovered https://thehackernews.com/2023/12/bug-or-feature-hidden-web-application.html F.商業 2024預測：雲端原生蠕蟲、資料下毒將成新資安威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10849 Gogolook 與電通集團策略合作，共推 Watchmen 商譽保護服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10851 思科推出人工智慧產品組合重新定義網路安全防禦 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10847 3 分鐘即可復原所有被加密的系統資料！NetApp 助企業鞏固資料寶庫、抵禦勒索病毒 https://buzzorange.com/techorange/2023/12/12/netapp-ontap/ 面對 AI 駭客精準快速攻擊，Palo Alto Networks 以三大資安防禦重點有效提升企業防護量能！ https://buzzorange.com/techorange/2023/12/13/cybersecurity-innovation-summit-palo-alto-networks/ 企業被駭焦慮？微智安聯提供情資威脅輕鬆解 https://www.ctee.com.tw/news/20231214700564-431202 人工智慧資安助理上工！Fortinet Advisor 加速資安威脅調查和回應緩解措施 http://www.compotechasia.com/a/press/2023/1212/56369.html 數位通助企業及政府落實資安合規 https://money.udn.com/money/story/5640/7637234 TeamT5主辦首屆TAS威脅分析師高峰會 https://www.chinatimes.com/realtimenews/20231214003197-260410?chdtv G.政府資安列國家核心關鍵技術清單，數位部盤點三大技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10843 台灣資安主管聯盟簽署偵防互助MOU 攜手打造資安堅實聯防機制 https://www.tca.org.tw/tca_news1.php?n=2078 駭客盜訊息不涉內線交易？賴英照：比照歐盟修法定罪 https://udn.com/news/story/7238/7644421?from=udn-ch1_breaknews-1-cate6-news 為解決中小企業、非政府組織資安疑難雜症，資安院設立服務團隊、診療所等咨詢管道 https://www.ithome.com.tw/news/160280 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安報告: 針對工業領域的攻擊占所有勒索軟體事件的三分之一 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10853 IEC62443標準制定者ISA國際自動化協會成立臺灣分會 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10846 三菱電機攜手TXOne Networks，共拓OT資安業務 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=f0c78d09-e16a-4e2d-9e54-238195a5b94c UNECE R155、R156 強制執行在即，汽車產業資安完善勢在必行 https://fc.bnext.com.tw/articles/view/3254? 一家竹科小公司，稱霸印度工業物聯網市場成為隱形冠軍昇頻靠什麼本事 https://www.wealth.com.tw/articles/0710483a-0385-497b-8b98-d128adb68d2a 從裝置到雲端　層層把關車聯網資安 https://www.edntaiwan.com/20231206ta31-secure-iov-from-edge-to-the-cloud/ 無人機管理規則修正拚明年7月上路 https://news.ltn.com.tw/news/life/paper/1620301 西門子、施耐德電機推出12月例行更新，修補多項重大缺陷 https://www.securityweek.com/ics-patch-tuesday-electromagnetic-fault-injection-critical-redis-vulnerability/ Google修補Chromecast的高風險漏洞 https://www.securityweek.com/google-patches-chromecast-vulnerabilities-exploited-at-hacking-contest/ 醫療影像DICOM系統元件曝露重大漏洞，攻擊者恐用來發動RCE攻擊 https://claroty.com/team82/research/dicom-demystified-exploring-the-underbelly-of-medical-imaging I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 Python爬蟲實戰工作坊 2023/12/16 https://www.meetup.com/pyladiestw/events/297519292/ 線上資安專題講座-管窺資訊安全產品研發與人力需求 2023/12/16 https://isipevent.kktix.cc/events/098efec3-copy-1 跟著 AI 叮叮噹！ 2023/12/18 https://www.meetup.com/rladies-taipei/events/297305466/ User Research Taipei: AI and UR 2023/12/19 https://www.meetup.com/taipei-user-research-meetup-group/events/297555022/ Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 Taipei dbt Meetup #18 (in-person 👫 & online 👨‍💻)2023/12/20 https://www.meetup.com/taipei-dbt-meetup/events/297459596/ 政府 VS 數位平台 VS 公民：誰才是平台個資保護的真心人 2023/12/21 https://ocftw.kktix.cc/events/internetfreedom-december2023 國家高速網路與計算中心教育訓練結合AI機器學習及CAE模擬之不確定性分析– SmartUQ實作案例分享 2023/12/22 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4079&from_course_list_url=course_index 駭客奪旗攻防演練-金融資安人才養成專班 2023/12/22、27、28、29 https://web.tabf.org.tw/page/ctf/ 2023 ISA Taiwan Section 國際自動化協會台灣分會成立大會2023/12/23 https://isatw.kktix.cc/events/d469c85a 【Monosparta ②⓪②④ 第一梯次軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401 第七屆《Hit AI & Blockchain》人工智慧暨區塊鏈產業高峰會 2024/2/6 https://www.accupass.com/event/2311160625102022535520