資安事件新聞週報 2023/4/17 ~ 2023/4/21

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/4/17 ~ 2023/4/21 1.重大弱點漏洞/後門/Exploit/Zero Day Oracle Critical Patch Update for April 2023 https://reurl.cc/mljnOj Fortinet 發布多個產品的安全公告 https://www.cisa.gov/news-events/alerts/2023/04/11/fortinet-releases-april-2023-vulnerability-advisories Juniper 近日發布 JSA 系列的管理器具遠端程式碼執行 (RCE) 安全性弱點 https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-JSA-Series-Apache-Commons-Text-prior-to-1-10-0-allows-RCE-when-applied-to-untrusted-input-due-to-insecure-interpolation-defaults-CVE-2022-42889?language=en_US 資安專家示警：Windows 系統管理者應立即修補嚴重的 MSMQ QueueJumper 漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10421 VMware vRealize漏洞恐讓攻擊者使用root權限執行程式碼 https://kb.vmware.com/s/article/91831 Chrome 曝今年首個「高風險」零日漏洞遭駭開採！Google 釋安全更新版 https://3c.ltn.com.tw/news/52827 不到一週Google再度更新Chrome 112，原因是又傳出零時差漏洞攻擊 https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability https://thehackernews.com/2023/04/google-releases-urgent-chrome-update-to.html Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management https://thehackernews.com/2023/04/google-launches-new-cybersecurity.html Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution https://thehackernews.com/2023/04/critical-flaws-in-vm2-javascript.html 思科路由器漏洞遭俄羅斯駭客APT29用於攻擊行動 https://www.ncsc.gov.uk/news/apt28-exploits-known-vulnerability-to-carry-out-reconnaissance-and-deploy-malware-on-cisco-routers 研究人員思科網路管理系統ISE漏洞細節 https://yoroi.company/research/cve-advisory-full-disclosure-cisco-ise-broken-access-control/ Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products https://thehackernews.com/2023/04/cisco-and-vmware-release-security.html Two Critical Flaws Found in Alibaba Cloud's PostgreSQL Databases https://thehackernews.com/2023/04/two-critical-flaws-found-in-alibaba.html ChatGPT存在漏洞，恐讓駭客接管帳號 https://gbhackers.com/chatgpt-account-takeover-bug/ 列印管理軟體系統PaperCut出現RCE漏洞，已被用於攻擊 https://www.papercut.com/kb/Main/PO-1216-and-PO-1219 JavaScript程式庫VM2再度出現沙箱逃逸漏洞 https://www.bleepingcomputer.com/news/security/new-sandbox-escape-poc-exploit-available-for-vm2-library-patch-now/ Windows更新出現臭蟲，恐影響密碼管理工具運作 https://www.ithome.com.tw/news/156450 研究人員揭露Linux核心6.2版的Spectre v2漏洞 https://www.theregister.com/2023/04/14/linux_kernel_spectre_flaw_fixed/ 快更新！微軟宣布停止支援Office 2013 https://www.ettoday.net/news/20230420/2483023.htm#ixzz7zWv6gINn 微軟正式終止 Office 2013 官方安全支援！10月再淘汰這3款Office舊版 https://3c.ltn.com.tw/news/52897 2.銀行/金融/保險/證券/金融監理新聞及資安 Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor https://otx.alienvault.com/pulse/643ee60678f5ae475adf3081 FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks https://thehackernews.com/2023/04/fin7-and-ex-conti-cybercrime-gangs-join.html 前Conti成員與FIN7聯手，散布惡意軟體Domino https://securityintelligence.com/posts/ex-conti-fin7-actors-collaborate-new-domino-backdoor/ New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware https://thehackernews.com/2023/04/new-qbot-banking-trojan-campaign.html QBot banker delivered through business correspondence https://securelist.com/qbot-banker-business-correspondence/109535/ AI風潮吹向金融業公股銀3面向強化資安防護 https://money.udn.com/money/story/5613/7106334?from=edn_subcatelist_cate 金融機構運用聊天機器人恐影響個資及資安金管會將納管 https://money.udn.com/money/story/5613/7106619?from=edn_newest_index ChatGPT 時代掀個資外洩隱憂，金管會金檢緊盯個資保護 https://technews.tw/2023/04/19/chatgpt-personal-information-leakage-concerns/ 金融業導入AI技術金管會緊盯個資保護將納入金檢 https://news.cnyes.com/news/id/5148494 公股銀取得184件人工智慧專利 3方向強化金融科技與資安 https://www.chinatimes.com/realtimenews/20230418004291-260410?chdtv AI仿聲銀行也可能受騙黃天牧：辨識得加強 https://www.rti.org.tw/news/view/id/2165261 法務部調查局與新光金控簽署國家資通安全聯防與情資分享合作備忘錄 https://taiwanpost.net/economics/2023/04/20/19535/ 集保結算所「股東e服務」再升級！股利通知改採電子化　6月底正式上線 https://www.winnews.com.tw/128664/ 公股銀防駭祭「紅隊演練」 https://money.udn.com/money/story/5613/7107102?from=edn_subcatelist_cate 外僑網路報稅四種登入方式 https://www.chinatimes.com/realtimenews/20230419002638-260410?chdtv 3.信用卡/電子支付/行動支付/pay/支付系統/資安電子支付也能儲蓄！台新、街口聯推「街利存」，背後圖什麼 https://www.managertoday.com.tw/articles/view/66693?utm_source=copyshare Square擴展行動收款服務，增加讓Android機種變收款工具的新功能 https://reurl.cc/WDZE9L 行動支付走遍中國大江南北海外旅客寸步難行 https://www.cna.com.tw/news/acn/202304160040.aspx 全支付與 PX Pay 哪裡不同？全聯做電子支付，看上的 2 大優勢與機會 https://www.managertoday.com.tw/articles/view/65698?utm_source=copyshare 行動支付服務大躍進　手機當刷卡機結帳快 https://www.cardu.com.tw/news/detail.php?48651 行動支付攜手銀行 APP一站式完成存款領息 https://reurl.cc/a1j5yZ 攤販免帶刷卡機！iPhone「卡緊收」台灣登場　收錢嗶一下就搞定 https://www.mirrormedia.mg/story/20230420edi039/ 阿公路邊買3顆包子「付了88萬」！真相曝光驚呆：快改密碼 https://news.tvbs.com.tw/life/2102615 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安塊轉Web3_11. 一覺醒來NFT全消失！區塊鏈詐騙怎麼防？專訪趨勢科技協理劉彥伯 https://www.bnext.com.tw/podcast/313/bn-sound-20230419113726-dg8mk333 西門子元宇宙系統環境設置檔暴露在公開網路，虛實環境配置恐全部曝光，引發數位雙生資安危機 https://cybernews.com/security/siemens-metaverse-data-leak/ 「駭客出沒」盜走 5 千枚 ETH！專挑幣圈老手、攻擊手法仍不明 https://blockcast.it/2023/04/19/a-hacker-has-stolen-5000-eth-and-no-one-knows-how/ 5萬枚比特幣藏鐵罐》美國沒收絲路駭客「15億鎂BTC」下波拋壓恐在5/26 https://www.blocktempo.com/4-crucial-dates-may-be-selling-presuure-on-slikroad-btc/ ETHGlobal Tokyo駭客松落幕，11個決賽入圍項目名單公布 https://news.cnyes.com/news/id/5146693 SafeMoon駭客已同意返還80%的被盜資金 https://news.cnyes.com/news/id/5149014 XEN挖礦PoP機制「供應通縮神話」成真，30天內價格暴漲 1500% https://www.blocktempo.com/xen-prices-explode-1500-in-one-month/ Talesof Elleria項目被攻擊，駭客增發約27萬美元代幣 https://news.cnyes.com/news/id/5150867 推特換名「改賣迷因幣」！SBF曾力捧的Solana交易所Serum，分叉下場淒涼 https://www.blocktempo.com/serum-twitter-account-recently-deleted-all-tweets-and-began-shilling-shitcoins/ 主網敲定 5 月 3 日上線！SUI 代幣搶先認購白名單今出爐 https://blockcast.it/2023/04/20/sui-network-will-launch-mainnet-on-may-3rd/ Tornado Cash開發者Alexey Pertsev將於4月26日獲釋待審 https://news.cnyes.com/news/id/5151684 投資 FTX 近億美元全歸零！加拿大養老基金：不敢再碰加密貨幣 https://blockcast.it/2023/04/21/ontario-teachers-pension-plan-steers-clear-of-crypto-after-95mn-ftx-loss/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 不要以爲用蘋果很安全！駭客集團開發「針對Mac惡意病毒」曝光 https://www.setn.com/News.aspx?NewsID=1282585 已不再更新的外掛程式遭到濫用，駭客對WordPress網站植入後門程式 https://blog.sucuri.net/2023/04/massive-abuse-of-abandoned-evalphp-wordpress-plugin.html 駭客濫用Google Drive及使用密碼保護的ZIP檔案，散布惡意程式Ursnif、Diceloader https://services.google.com/fh/files/blogs/gcat_threathorizons_full_apr2023.pdf 非洲電信業者遭中國駭客鎖定，部署惡意程式MgBot https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/apt-attacks-telecoms-africa-mgbot 勒索軟體Rorschach透過隨機字串的副檔名加密檔案 https://www.trendmicro.com/en_us/research/23/d/an-analysis-of-the-bablock-ransomware.html 後門程式Devopt竊取受害電腦檔案 https://www.zscaler.com/blogs/security-research/introducing-devopt-multifunctional-backdoor-arsenal 微軟SQL Server用戶當心！出現專攻此種資料庫系統的勒索軟體Trigona https://asec.ahnlab.com/en/51343/ 微軟Windows磁碟陰影複製工具遭駭客改裝，勒索軟體Play以此竊取備份檔的資料 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/play-ransomware-volume-shadow-copy 勒索軟體Medusa聲稱竊得Bing、Cortana原始碼 https://www.theregister.com/2023/04/19/medusa_microsoft_data_dump/ 惡意軟體AuKill被用於停用端點防毒軟體及EDR程式，發動自帶驅動程式攻擊 https://news.sophos.com/en-us/2023/04/19/aukill-edr-killer-malware-abuses-process-explorer-driver/ 駭客組織APT-C-36散布木馬程式NjRAT https://threatmon.io/apt-blind-eagles-malware-arsenal-technical-analysis/ APT-C-36 (Blind Eagle) Group Deploys LimeRAT Components Against Colombia Region https://reurl.cc/MRxdbm 惡意軟體Poseidon鎖定印度政府機關而來 https://www.uptycs.com/blog/cyber_espionage_in_india_decoding_apt_36_new_linux_malware 駭客透過YouTube影片散布惡意程式載入程式的下載網址，目的是後續可植入竊資軟體Aurora https://blog.morphisec.com/in2al5d-p3in4er 網路設備大廠CommScope傳出遭勒索軟體Vice Society攻擊 https://techcrunch.com/2023/04/17/hackers-publish-sensitive-employee-data-stolen-during-commscope-ransomware-attack/ 近40款網頁瀏覽器遭到竊資軟體Zaraza Bot鎖定，目標是當中存放的使用者密碼 https://www.uptycs.com/blog/zaraza-bot-credential-password-stealer 惡意軟體QBot透過PDF檔案與Windows指令碼來偷渡攻擊指令，進而植入電腦當中 https://www.bleepingcomputer.com/news/security/new-qbot-email-attacks-use-pdf-and-wsf-combo-to-install-malware/ 遠端管理工具Action1遭勒索軟體駭客濫用 https://www.bleepingcomputer.com/news/security/hackers-start-abusing-action1-rmm-in-ransomware-attacks/ POS設備供應商NCR傳出遭到勒索軟體BlackCat攻擊 https://www.securityweek.com/payments-giant-ncr-hit-by-ransomware/ 勒索軟體Vice Society在攻擊行動裡利用新的PowerShell資料竊取工具 https://unit42.paloaltonetworks.com/vice-society-ransomware-powershell/ 勒索軟體LockBit攻擊範圍目前已涵蓋Mac電腦 https://www.engadget.com/security-researchers-find-lockbit-ransomware-can-target-macos-devices-164446912.html 勒索軟體LockBit聲稱入侵資安業者Darktrace，遭到該公司否認 https://www.bleepingcomputer.com/news/security/darktrace-investigation-found-no-evidence-of-lockbit-breach/ 勒索軟件贖金有價講　Palo Alto Networks 研究統計減幅 46% https://www.pcmarket.com.hk/palo-alto-networks-ransomware-report-2023-ransom-can-negotiated-down-to-46-percent/ 惡意軟體 Vare 潛伏 Discord，新興網路犯罪組織現蹤 https://technews.tw/2023/04/20/vare-on-discord/ ChatGPT 可快速「量產」超危險惡意軟體，任何人都能發動國家級駭客攻擊 https://technews.tw/2023/04/18/ai-created-malware-sends-shockwaves-through-cybersecurity-world/ 製造業供應鏈淪駭客目標台灣勒索攻擊量居亞太第3 https://ec.ltn.com.tw/article/breakingnews/4277404 An Analysis of the BabLock (aka Rorschach) Ransomware https://www.trendmicro.com/en_us/research/23/d/an-analysis-of-the-bablock-ransomware.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/d/an-analysis-of-the-bablock-ransomware-/iocs-an-analysis-of-the-babLock-ransomware.txt What Makes Invalid Printer Loader so Stealthy https://blog.morphisec.com/in2al5d-p3in4er LockBit for Mac | How Real is the Risk of macOS Ransomware https://www.sentinelone.com/blog/lockbit-for-mac-how-real-is-the-risk-of-macos-ransomware/ Tracking MuddyWater’s infrastructure https://otx.alienvault.com/pulse/643ef4cbb321f0007f108229 CrossLock Ransomware Emerges: New GoLang-Based Malware On the Horizon https://blog.cyble.com/2023/04/18/crosslock-ransomware-emerges-new-golang-based-malware-on-the-horizon/ Play Ransomware Group Using New Custom Data-Gathering Tools https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/play-ransomware-volume-shadow-copy Ukraine remains Russia’s biggest cyber focus in 2023 https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023/ Threat Actors Rapidly Adopt Web3 IPFS Technology https://unit42.paloaltonetworks.com/ipfs-used-maliciously/ ChatGPT-Themed Scam Attacks Are on the Rise https://unit42.paloaltonetworks.com/chatgpt-scam-attacks-increasing/ Daggerfly: APT Actor Targets Telecoms Company in Africa https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/apt-attacks-telecoms-africa-mgbot New OCX#HARVESTER Attack Campaign Leverages Modernized More_eggs Suite to Target Victims - Securonix https://www.securonix.com/blog/threat-labs-security-advisory-new-ocxharvester-attack-campaign-leverages-modernized-more_eggs-suite/ MAR-10435108-1.v1 ICONICSTEALER https://www.cisa.gov/news-events/analysis-reports/ar23-110a 勒索軟體RTM Locker嚴格規範用戶不能攻擊特定目標，以免引發防禦者的注意 https://www.trellix.com/en-us/about/newsroom/stories/research/read-the-manual-locker-a-private-raas-provider.html RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware https://thehackernews.com/2023/04/rtm-locker-emerging-cybercrime-group.html Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies https://thehackernews.com/2023/04/pakistani-hackers-use-linux-malware.html YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader https://thehackernews.com/2023/04/youtube-videos-distributing-aurora.html Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads https://thehackernews.com/2023/04/goldoson-android-malware-infects-over.html Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job https://thehackernews.com/2023/04/lazarus-group-adds-linux-malware-to.html Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration https://thehackernews.com/2023/04/vice-society-ransomware-using-stealthy.html New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers https://thehackernews.com/2023/04/new-zaraza-bot-credential-stealer-sold.html LockBit Ransomware Now Targeting Apple macOS Devices https://thehackernews.com/2023/04/lockbit-ransomware-now-targeting-apple.html Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Severe Android and Novi Survey Vulnerabilities Under Active Exploitation https://thehackernews.com/2023/04/severe-android-and-novi-survey.html 網路攻擊公司NSO Group利用零點擊漏洞對iOS裝置發動攻擊 https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/ NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders https://thehackernews.com/2023/04/nso-group-used-3-zero-click-iphone.html 個資可能遭竊！63款惡意軟件現身 Google Play 商店用戶快更新或刪除 https://www.soundofhope.org/post/713834?lang=b5 Google Play、One Store市集上逾60款合法程式遭Andorid惡意程式Goldoson滲透 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/goldoson-privacy-invasive-and-clicker-android-adware-found-in-popular-apps-in-south-korea/ 駭客濫用iPhone回復金鑰，奪取手機用戶的iCloud帳號，並且斷除原機遺失尋回機制 https://www.macrumors.com/2023/04/19/apple-responds-to-iphone-theft-recovery-key-report/ 安卓惡意軟體Chameleon偽裝銀行、政府機關、加密貨幣App https://blog.cyble.com/2023/04/13/chameleon-a-new-android-malware-spotted-in-the-wild/ 為防範帳號挾持攻擊，WhatsApp將新增帳號驗證功能 https://blog.whatsapp.com/new-security-features-account-protect-device-verification-automatic-security-codes 中國購物App拼多多傳出用於監控用戶的安卓漏洞，美國要求聯邦機構限期修補 https://www.bleepingcomputer.com/news/security/cisa-warns-of-android-bug-exploited-by-chinese-app-to-spy-on-users/ 歐洲五電信商發表新版O-RAN技術更新目標加速歐洲市場普及率 https://news.cnyes.com/news/id/5148708 有批牛肉好便宜中國的水貨手機可以買嗎 https://m.eprice.com.tw/mobile/talk/102/5780216/1 iPhone用戶傻眼！狂跳「Apple ID要你輸入密碼」快用這6招改善 https://www.setn.com/News.aspx?NewsID=1282297 16個iPhone安全模式設定技巧，何時要開和怎麼用一次看 https://mrmad.com.tw/iphone-safe-mode-settings C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 CISA推動軟體開發安全，將公布從設計落實安全的原則 https://www.cybersecuritydive.com/news/cisa-secure-by-design-software-security/647472/ MFT系統GoAnywhere開發商公布零時差漏洞事故的調查結果 https://www.fortra.com/blog/summary-investigation-related-cve-2023-0669 Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks https://thehackernews.com/2023/04/fortra-sheds-light-on-goanywhere-mft.html 驚！男駭進39國772台視訊攝影機　多人運動做愛、女生換衣吃飯全被他看光 https://www.mirrormedia.mg/story/20230418edi035/ 遭企業廢棄不用的路由器，恐成危害網路安全因子，因為有可能殘留網路組態設定的敏感資訊，有徹底銷毀的必要 https://www.welivesecurity.com/2023/04/18/discarded-not-destroyed-old-routers-reveal-corporate-secrets/ 公共充電站威脅個人資安，資安人員：應提高偽公共 Wi-Fi 認知 https://technews.tw/2023/04/20/fake-public-wifi/ 遠端支援軟體SimpleHelp遭到伊朗駭客MuddyWater濫用，目的是持續存取受害電腦 https://www.group-ib.com/blog/muddywater-infrastructure/ 駭客向NPM 投放大量偽造軟體套件，引發DoS 攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10412 數位時代人才講求「跨」，資安廠又如何看跨領域人才 https://technews.tw/2023/04/17/security-cross-field-talents/ 資安業者ESET摧毀駭客的GitHub儲存庫，中斷竊資軟體RedLine運作 https://www.securityweek.com/takedown-of-github-repositories-disrupts-redline-malware-operations/ 防堵中共國安威脅德國擬對安世半導體出招 https://reurl.cc/pLjyqx 德國內政部逐一檢查境內5G網絡中的中國零件 https://reurl.cc/lvj099 南韓8家媒體公司200多台電腦遭駭確認是北韓駭客所為 https://news.ltn.com.tw/news/world/breakingnews/4274178 北韓駭客又發動一波「軟體供應鏈攻擊」！企業如何築起資安防護網 https://buzzorange.com/techorange/2023/04/18/preventing-supply-chain-attacks/ 北韓駭客Lazarus假借提供工作機會的名義，鎖定Linux用戶發動攻擊 https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/ 澳大型機構資安系統屢遭入侵俄黑客嘲諷澳洲人世上最蠢 https://reurl.cc/NqmXXQ 中共積極推動AI 立委：恐成資訊戰利器 https://anntw.com/articles/20230419-lY2v 駭客組織的命名缺乏統一識別原則，微軟倡議新作法，中國駭客組織將取名為某某颱風，俄羅斯駭客將取名為某某暴風雪 https://www.ithome.com.tw/news/156487 駭客組織的新舊名稱對照表 https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/microsoft-threat-actor-naming 烏克蘭遭俄羅斯駭客APT28鎖定，目的疑為掌控與戰爭有關的話語權 https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023/ 美國關鍵基礎設施遭到伊朗駭客Phosphorus報復性攻擊 https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/ 德國戰車武器配件製造商Rheinmetall遭到網路攻擊 https://cyberwarzone.com/german-arms-manufacturer-rheinmetall-targeted-in-cyberattack/ 2022年俄羅斯聲稱遭美國及北約國家網路攻擊達5千起 https://www.bleepingcomputer.com/news/security/russia-accuses-nato-of-launching-5-000-cyberattacks-since-2022/ 俄羅斯駭客劫持烏克蘭境內攝影機，收集軍隊動向情報 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10423 英網安負責人警告中國科技崛起　西方不能掉以輕心 https://www.rfa.org/cantonese/news/uk-tech-04192023060534.html 美國防外洩情報：俄操縱者宣稱假帳號僅1%被抓專家認為誇大但很嚴重 https://newtalk.tw/news/view/2023-04-17/866869 FBI逮捕兩名華裔男子揭露「中共海外祕密警察局」 https://dq.yam.com/post/15350 澳洲商人涉嫌出賣情報檢方：警惕中共間諜 https://reurl.cc/qkjm6n 陸外交部批美國監聽全球應向國際社會交代 https://www.chinatimes.com/realtimenews/20230419004373-260409?chdtv 網路攻擊進逼！英情報單位稱親俄駭客「瞄準」西方國家重要設施 https://news.ltn.com.tw/news/world/breakingnews/4275473 俄網路版「瓦格納集團」意識形態驅動網攻英國 https://globalnewstv.com.tw/202304/203849/ 日本網路安全問題，就是全球的問題！《彭博》揭開「製造供應鏈最關鍵角色」日本獨有的資安文化 https://buzzorange.com/techorange/2023/04/20/japan-cybersecurity-global-supply-chain/ 荷蘭軍情局：中國投資軍事偵蒐科技超越西方 https://reurl.cc/2Wkbkr 歐洲空中交通管制機構受到親俄駭客的攻擊 https://reurl.cc/0E8D0K 中共原形漸露？美歐情報機構紛紛示警其威脅所有人 https://www.soundofhope.org/post/714950?lang=b5 北韓如何養出駭客大軍？匿名研究者揭「39號室」新生財之道 https://rthfo.speedsinfo.com/show/765864.html Google Cloud：中國駭客組織攻擊台灣媒體 https://www.technice.com.tw/cloudtech/infosecurity/48789/ U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage https://thehackernews.com/2023/04/us-and-uk-warn-of-russian-hackers.html Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems https://thehackernews.com/2023/04/iranian-government-backed-hackers.html Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities https://thehackernews.com/2023/04/russia-linked-hackers-launches.html Daggerfly Cyberattack Campaign Hits African Telecom Services Providers https://thehackernews.com/2023/04/daggerfly-cyberattack-campaign-hits.html Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine https://thehackernews.com/2023/04/google-tag-warns-of-russian-hackers.html 針對3CX VoIP系統軟體供應鏈的攻擊事故有新發現！駭客先透過另一個軟體供應鏈入侵員工電腦 https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX https://thehackernews.com/2023/04/nk-hackers-employ-matryoshka-doll-style.html Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites https://thehackernews.com/2023/04/google-uncovers-apt41s-use-of-open.html Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access https://thehackernews.com/2023/04/iranian-hackers-using-simplehelp-remote.html 資安技術工程師 https://www.104.com.tw/job/7yjt9?jobsource=googlejobs 資安工程師 https://www.104.com.tw/job/7wa77?jobsource=m_job_same_b 資安軟體工程師 https://www.104.com.tw/job/7sy23?jobsource=googlejobs 【研發替代役投遞專區】資安威脅研究員(Cyber Security Analyst) https://www.104.com.tw/job/74hmd?jobsource=googlejobs 國立成功大學教育部關鍵基礎設施資安人才及技術培育基地計畫約聘助理教授 https://cc.ncku.edu.tw/p/404-1213-252511.php?Lang=zh-tw 資安工程師 https://www.104.com.tw/job/7ytjy 端點資安防護分析師 https://www.104.com.tw/job/7qdy3?jobsource=googlejobs 資安防護管理人員(網路安全) https://www.104.com.tw/job/6wvip?jobsource=googlejobs 資訊安全顧問-ACSI https://www.linkedin.com/jobs/view/%E8%B3%87%E8%A8%8A%E5%AE%89%E5%85%A8%E9%A1%A7%E5%95%8F-acsi-at-acer-3572377212/?originalSubdomain=tw 中央廣播電臺/資安專案管理人員 https://www.ptt.cc/bbs/job/M.1681981371.A.AFC.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen https://thehackernews.com/2023/04/kodi-confirms-data-breach-400k-user.html 網軍攻擊？　資安專家：近百假帳號轉貼有關曾格爾的文 https://www.upmedia.mg/news_info.php?Type=24&SerialNo=170519 曾格爾控遭網軍攻擊！資安專家卻抓到97個假帳號　網酸：做賊喊捉賊 https://www.ftvnews.com.tw/news/detail/2023418W0180 歐洲檢警逮捕 5 名涉及 9,800 萬美元的投資詐騙攻擊者，受害者達 33,000 人 https://www.twcert.org.tw/tw/cp-104-7051-75d53-1.html 歐盟隱私機構對美國可能達成的資料傳輸協議表示擔憂 https://blog.twnic.tw/2023/04/19/26200/ 生成式AI詐騙來襲走著瞧加入GASA全球反詐聯盟 https://ec.ltn.com.tw/article/breakingnews/4273176 個資外洩遭詐84萬「上法院也討不回」！為何買了什麼詐騙集團都知 https://www.ettoday.net/news/20230417/2480224.htm 英國IT業者Capita證實網路攻擊出現資料外洩 https://www.capita.com/news/update-cyber-incident 菲律賓執法單位資料外洩，120萬人個資恐曝光 https://www.vpnmentor.com/news/report-philippine-police-breach/ 勒索軟體駭客Black Basta傳出兜售英國IT業者Capita遭竊資料 https://www.theregister.com/2023/04/18/capita_breach_gets_worse/ 駭客假借查看薪資單的名義發動網釣攻擊，目的是挾持使用者的微軟帳號 https://cyberwarzone.com/new-captcha-protected-phishing-attack-targets-access-to-payroll-files/ Volvo巴西經銷商傳出資料外洩，曝露應用程式框架金鑰，恐導致用戶帳號遭挾持 https://cybernews.com/security/volvo-retailer-leaks-sensitive-files/ 美國五角大廈傳出洩密案，疑為21歲網紅所為 https://www.theguardian.com/us-news/2023/apr/13/pentagon-leaked-documents-suspect-arrested 大量ChatGPT付費服務的帳密資料流入暗網 https://blog.checkpoint.com/security/new-chatgpt4-0-concerns-a-market-for-stolen-premium-accounts/ 資安意識低落　為何民眾多不在意資料外洩 https://www.technice.com.tw/outbound/49107/ 金管會通報詐騙廣告 Meta下架4成.谷歌掛零 https://news.ustv.com.tw/newsdetail/20230419A111 《個資法》修正草案通過，洩漏個資最高罰 1000 萬，企業該如何補強與預防 https://blog.cloudmax.com.tw/personal-data-protection-act-2023/ 登機證別拍照打卡　當心「條碼」遭盜刷個資外洩 https://www.mnews.tw/story/20230420sot18007 驚爆被駭客「綁架勒索」！林韋君不打算付贖金做好最壞的心理準備 https://reurl.cc/3OlNZ0 Discord服務器已被入侵，駭客發布了網路釣魚鏈接 https://news.cnyes.com/news/id/5147884 梁云菲私密片外流！崩潰喊「真的很害怕」　金剛爆氣回應：好好過生活不行嗎 https://www.ttshow.tw/article/101158 E.研究報告/工具 Kubernetes的十大安全風險與防護建議 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10413 小學自架伺服器、高中解出LINE漏洞，他一畢業就有百萬年薪捧著來找 https://www.cheers.com.tw/article/article.action?id=5101813&eturec=1 全面採用雙因素驗證、快速套用修補程式是防範網路攻擊的有效手段 https://www.businesswire.com/news/home/20230406005089/en/Groundbreaking-Research-from-Marsh-McLennan-Reveals-Direct-Link-between-Key-Cybersecurity-Controls-and-Reduced-Cyber-Risk 簡介通用漏洞揭露 https://blog.twnic.tw/2023/04/19/26210/ 動盪時代的新營運思維：投資資安管控企業營運風險 https://www.watchmedia01.com/bthematic-20230422013914.html Uncovering (and Understanding) the Hidden Risks of SaaS Apps https://thehackernews.com/2023/04/uncovering-and-understanding-hidden.html ChatGPT's Data Protection Blind Spots and How Security Teams Can Solve Them https://thehackernews.com/2023/04/chatgpts-data-protection-blind-spots.html 14 Kubernetes and Cloud Security Challenges and How to Solve Them https://thehackernews.com/2023/04/14-kubernetes-and-cloud-security.html Tour of the Underground: Master the Art of Dark Web Intelligence Gathering https://thehackernews.com/2023/04/tour-of-underground-master-art-of-dark.html DFIR via XDR: How to expedite your investigations with a DFIRent approach https://thehackernews.com/2023/04/dfir-via-xdr-how-to-expedite-your.html What's the Difference Between CSPM & SSPM https://thehackernews.com/2023/04/whats-difference-between-cspm-sspm.html 企業資安不能不打的「三支預防針」，你都打了嗎 https://www.storm.mg/article/4777828 F.商業全球92%的企業組織認為身分安全對於建立強大的零信任架構至關重要 https://www.cio.com.tw/92-of-global-organizations-believe-identity-security-is-critical-to-building-a-strong-zero-trust-architecture/ Fortinet多項產品升級，推出最新 FortiOS 7.4，助企業強化資安與自動化 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10419 Zyxel發表專為小型企業及遠端辦公需求的資安路由器 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10418 F5 全新 AI 驅動應用和 API 安全功能保護數位服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10410 因應全球資安趨勢十銓科技推動加密產品矩陣 https://today.line.me/tw/v2/article/aGWKlqP 獲政府認可！偉康科技「無密碼身分驗證」如何助金融業滿足用戶資安需求 https://netmag.tw/2023/04/18/webcomm-digital-transformation-for-authentication-in-financial-industry AI、資安話題續燒宏碁集團資服股智聯服務、安碁資訊攻勢再起 https://reurl.cc/DmQvgj 落實「金融資安行動方案2.0」中華軟協攜手數聯資安強化金融業營運韌性 https://n.yam.com/Article/20230418177600 震旦雲AI面試系統通過國際資安認證 https://money.udn.com/money/story/5613/7109313 Palo Alto Networks 威脅情報小組Unit 42發布最新勒索軟體威脅報告：2022年所有勒索軟體攻擊中，騷擾脅迫案件激增20倍 https://www.winnews.com.tw/128923/ IBM發表全新大型主機z16與LinuxONE 4單機櫃產品 https://www.techbang.com/posts/105500-ibm-releases-new-z16-and-linuxone-4-single-cabinet-versions G.政府台高考納資安類科最快明年實施 https://www.epochtimes.com/b5/23/4/17/n13975044.htm 唐鳳會見法國友台小組盼深化數位領域合作 https://www.rti.org.tw/news/view/id/2165082 數位部四面向因應 AI 浪潮，推動電子簽章法修法 https://finance.technews.tw/2023/04/18/moda-responds-to-the-ai-wave-in-four-directions/ 臺美國防產業合作論壇5月3日登場　就國防產業合作與發展為題進行演講 https://www.upmedia.mg/news_info.php?Type=1&SerialNo=170622 公投電子連署進度李進勇：資安署確認後6個月可上線 https://news.ltn.com.tw/news/politics/breakingnews/4275015 防詐　林楚茵要求數發部研議實名制 https://www.idn.com.tw/news/news_content.aspx?catid=1&catsid=2&catdid=0&artid=20230419freeman011 政府組織改造後，新機關之資安責任等級是否需調整 https://www.dgpa.gov.tw/information?uid=304&pid=9866 把ChatGPT拿來用市政？議員踢爆「恐暴露個資」怒轟：蔣萬安只顧跟風 https://www.setn.com/News.aspx?NewsID=1283351 議員揭北市府今年發生10件資安事件工務局上月爆發「非法入侵」 https://today.line.me/tw/v2/article/5yr1YmV 資安投資抵稅快速通關商總說明會授訣 https://ctee.com.tw/industrynews/technology/847770.html 中科院重無人機產業、資安整合沈榮津、李忠憲出任新董事 https://www.businesstoday.com.tw/article/category/183027/post/202304200043/ 5.4億數位韌性案未限制中資立委籲唐鳳撤回補漏 https://www.rti.org.tw/news/view/id/2165437 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 Beyond Traditional Security: NDR's Pivotal Role in Safeguarding OT Networks https://thehackernews.com/2023/04/beyond-traditional-security-ndrs.html 中製攝影機竟「自動擺動」！？　資安專家：提高密碼強度 https://news.cts.com.tw/cts/life/202304/202304182167455.html 車輛中心結合工業電腦大廠、資安公司強強合作車用資安超前防線 https://reurl.cc/o0o9x5 Armis 確定了臨床環境中風險最大的醫療設備和物聯網設備 http://www.etnet.com.hk/www/tc/news/interfax_news_detail.php?newsid=53493 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會「Meta 台灣 AR 黑客松」 2023/4/22 ~ 2023/4/23 https://www.arhackathon.tw/ 2023 RSA Conference 2023/4/24 ~ 2023/4/27 https://www.rsaconference.com/usa 資通系統資安防護基準控制措施 2023/4/25 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X21464 EDB 15 資安新功能 TDE & SSL 保衛資料庫安全 2023/4/26 https://www.accupass.com/event/2303310808018123738370 RSA Conference 2023 2023/4/24 ~ 2023/4/27 https://www.rsaconference.com/usa 如何做好工業控制網路安全 2023/4/27 https://www.accupass.com/event/2303300158119715085090 網站應用程式安全（資安專業課程訓練） 2023/4/28 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X21031 SEMI STANDARDS 半導體設備資安研討會議 2023/5/5 https://www.semi.org/en/connect/events/semi-standards-bandaotishebeizianyantaohuiyi Hack The Capitol 6.0 2023/5/10 ~ 2023/5/11 https://www.icsvillage.com/hack-the-capitol-2023 TWCC-CLI 進階操作- AI/ML 自動流程 2023/5/12 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4035&from_course_list_url=course_index 【實作體驗營】一日駭客x網路弱點滲透 2023/5/13 https://www.accupass.com/event/2303030820005796452650 5月台北例會_美國聯邦政府的供應鏈資安管理－以CMMC為例 (採線上舉辦) 2023/5/30 https://www.caa.org.tw/newsdetail-16263.html iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013 DEF CON 32 2023/8/10 ~ 2023/8/13 https://defcon.org/index.html Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023