資安事件新聞週報 2023/11/13 ~ 2023/11/17

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/11/13 ~ 2023/11/17 1.重大弱點漏洞/後門/Exploit/Zero Day Fortinet 近日發布多個產品的安全公告 https://www.fortiguard.com/psirt/FG-IR-23-385 丹麥22家公用事業公司受到前所未有的網路攻擊 https://www.ttv.com.tw/finance/view/?i=1120231711175B30C57ABB7B42AFB5ADD11A50F474D5D44E&from=587#google_vignette 丹麥關鍵基礎設施遭遇俄羅斯駭客大規模攻擊，入侵管道是Zyxel防火牆重大漏洞CVE-2023-28771 https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/sektorcert-the-attack-against-danish-critical-infrastructure-tlp-clear.pdf CISA警告Juniper預先身分驗證漏洞已出現攻擊行動 https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-juniper-pre-auth-rce-exploit-chain/ CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17 https://thehackernews.com/2023/11/cisa-sets-deadline-patch-juniper-junos.html 4組駭客利用電子郵件系統Zimbra零時差漏洞發動攻擊 https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/ Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups https://thehackernews.com/2023/11/zero-day-flaw-in-zimbra-email-software.html 國家中山科學研究院智慧型手機自動管控(MDM) - Path Traversal https://www.twcert.org.tw/tw/cp-132-7507-55b28-1.html 微軟發布11月例行更新，修補5個零時差漏洞 https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov https://www.bleepingcomputer.com/news/microsoft/microsoft-november-2023-patch-tuesday-fixes-5-zero-days-58-flaws/ https://www.rapid7.com/blog/post/2023/11/14/patch-tuesday-november-2023/ 微軟發佈11月份安全性公告 https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov Microsoft Exchange 新發現 4 個可導致 RCE 與資料竊取的 0-day 漏洞 https://www.twcert.org.tw/tw/cp-104-7534-ba1a6-1.html Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities https://thehackernews.com/2023/11/alert-microsoft-releases-patch-updates.html Citrix Hypervisor受到Intel處理器漏洞Reptar波及 http://support.citrix.com/article/CTX583037/citrix-hypervisor-security-bulletin-for-cve202323583-and-cve202346835 研究人員揭露利用訊息導向中介軟體ActiveMQ漏洞的攻擊手法，有機會繞過EDR系統偵測 https://vulncheck.com/blog/cve-2023-44604-activemq-in-memory Apache ActiveMQ 中存在允許任意程式碼執行的弱點 https://www.twncert.org.tw/Security_Alerts_Detail?lang=en&seq=1256 New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar https://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html VMware揭露雲端服務交付平臺Cloud Director身分驗證繞過漏洞 https://www.vmware.com/security/advisories/VMSA-2023-0026.html VMware 發布 Cloud Director 設備安全性更新 https://www.vmware.com/security/advisories/VMSA-2023-0026.html Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability https://thehackernews.com/2023/11/urgent-vmware-warns-of-unpatched.html SysAid Vulnerability actively exploited in-the-wild https://otx.alienvault.com/pulse/654ea9fc68d94f7736031bf3 Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584 https://unit42.paloaltonetworks.com/new-cve-2023-36584-discovered-in-attack-chain-used-by-russian-apt/ Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/ C3RB3R Ransomware | Ongoing Exploitation of CVE-2023-22518 Targets Unpatched Confluence Servers https://www.sentinelone.com/blog/c3rb3r-ransomware-ongoing-exploitation-of-cve-2023-22518-targets-unpatched-confluence-servers/ 處理器漏洞Reptar影響Intel工作站與伺服器系統 https://www.bleepingcomputer.com/news/security/new-reptar-cpu-flaw-impacts-intel-desktop-and-server-systems/ https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability https://lock.cmpxchg8b.com/reptar.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments https://thehackernews.com/2023/11/reptar-new-intel-cpu-vulnerability.html 處理器漏洞CacheWarp影響AMD電腦，攻擊者有可能在Linux虛擬機器取得root權限 https://www.bleepingcomputer.com/news/security/new-cachewarp-amd-cpu-attack-lets-hackers-gain-root-in-linux-vms/ https://cachewarpattack.com/ https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs https://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html SAP修補ERP系統Business One的重大漏洞 https://onapsis.com/blog/sap-security-patch-day-november-2023 Adobe發布11月例行更新，修補Acrobat、ClodFusion漏洞 https://www.securityweek.com/adobe-patch-tuesday-critical-bugs-in-acrobat-reader-coldfusion/ WordPress外掛程式WP Fastest Cache存在SQL注入漏洞，6萬網站曝險 https://wpscan.com/blog/unauthenticated-sql-injection-vulnerability-addressed-in-wp-fastest-cache-1-2-2/ 叡揚資訊 Vitals ESP - Arbitrary File Upload https://www.twcert.org.tw/tw/cp-132-7508-6d1ef-1.html CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog https://thehackernews.com/2023/11/cisa-adds-three-security-flaws-with.html Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html 2.銀行/金融/保險/證券/金融監理新聞及資安中國工商銀行美國分公司傳出遭勒索軟體攻擊，疑為Citrix Bleed漏洞釀禍 https://www.bleepingcomputer.com/news/security/industrial-and-commercial-bank-of-china-hit-by-ransomware-attack/ https://www.ft.com/content/8dd2446b-c8da-4854-9edc-bf841069ccb8 https://twitter.com/vxunderground/status/1722686306709393720 https://cyberplace.social/@GossiTheDog/111382220085861321 美國國債結算延遲問題繼續存在此前中國工商銀行遭駭客攻擊 https://reurl.cc/x6M03V 工行遭駭客攻擊導致美債回購交易失敗數量激增 https://reurl.cc/q0AdMy 三公股金控資安長遭點名不合規金管會回應了 https://www.ctee.com.tw/news/20231113700907-430301 3資安長無資訊背景 ?金管會 : 規定副總以上 https://reurl.cc/Oj3qLX 立委批台銀等3家公股資安長無相關背景金管會：瞭解中 https://ec.ltn.com.tw/article/breakingnews/4488402 台美聯防「金融金鐘罩」：具備防災思維是必要的，尤其是對當今的金融業而言 https://www.thenewslens.com/article/192896#google_vignette 新版金融上雲規定上路，微軟助金融業安全合規迎接 AI 時代 https://www.techbang.com/posts/110943-the-new-version-of-the-financial-cloud-regulations-is-on-the 北富銀再度蟬聯台灣企業永續獎「資安領袖獎」、「社會共融領袖獎」 https://money.udn.com/money/story/6722/7579828 響應綠色金融台新金控摘5大桂冠 https://wantrich.chinatimes.com/news/20231116900105-420101 LockBit勒索攻击大杀四方，超千家企业被攻击，金融、能源等成重灾区 https://www.aqniu.com/vendor/101074.html 未然公告 | LockBit勒索攻击金融企业事件分析 https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247502385&idx=1&sn=677f757c3aae5524983190b29b9b155d 3.信用卡/電子支付/行動支付/pay/支付系統/資安 Credit card skimming on the rise for the holiday shopping season https://www.malwarebytes.com/blog/threat-intelligence/2023/11/credit-card-skimming-on-the-rise-for-the-holiday-shopping-season 搶觀光客！韓國最大新韓卡今起可在台用LINE Pay交易 https://ec.ltn.com.tw/article/breakingnews/4491905 南韓無現金業務擬擴海外行動支付業者百家爭鳴 https://news.pts.org.tw/article/664954 防行動支付盜綁盜刷　國際3大Pay限本人號碼 https://www.cardu.com.tw/news/detail.php?50080 明年起 3大PAY綁卡限持卡人門號 https://udn.com/news/story/7239/7558433 電子支付業者未確認刷卡本人使用金管會開罰200萬元 https://today.line.me/tw/v2/article/9m5gj1r 中國行動支付普遍台資銀行推預約開戶快速綁定 https://www.cna.com.tw/news/acn/202310260239.aspx 我國行動支付重大里程碑財金公司宣布「TWQR」啟動 https://udn.com/news/story/7239/7526715 電子支付共用QR Code上線》第一階段「正掃規格」適用小商店　關鍵在於店家是否願意開通 https://www.cmmedia.com.tw/home/articles/43057 搶攻無現金支付商機！交流資服 ACPay 首度前進市集挹注營運成長 https://finance.technews.tw/2023/11/17/acpay-no-money/ 南門市場攤商怨網路訊號差電子支付刷不過 https://reurl.cc/r6G8ly WeChat Pay HK正式接入廣州「羊城通」自動轉港幣結算零手續費全面提升電子支付體驗 https://reurl.cc/4WemRX 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安北韓駭客組織BlueNoroff透過職場社群網站LinkedIn找尋目標，竊取加密貨幣 https://twitter.com/MsftSecIntel/status/1722316019920728437 Poloniex遭駭總整理》疑北韓駭客出手、損失1.8億鎂、孫宇晨承諾全額賠償 https://www.blocktempo.com/poloniex-hacking-incident-summary/ Poloniex黑客因我在 2017 年披露的已知 ERC-20 安全漏洞損失了 2,500,000 美元 https://followin.io/zh-Hant/feed/6612451 PeckShield：Raft的駭客攻擊導致了約670萬美元的無抵押穩定幣R被鑄造 https://news.cnyes.com/news/id/5378193?exp=a 區塊鏈顛覆支付產業法規落地成關鍵 https://reurl.cc/6QOl2V LastPass 遭竊資訊導致 440 萬美元加密貨幣被盜 https://www.twcert.org.tw/tw/cp-104-7528-61add-1.html DeFi平台Raft遭受330萬美元的攻擊，駭客獲利為負值 https://news.cnyes.com/news/id/5378225 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 全球 40 國將共同簽署協定，共同拒付勒贖贖金 https://www.twcert.org.tw/tw/cp-104-7530-45f11-1.html 雲端服務業者Rackspace因2022年勒索軟體攻擊事故損失5百萬美元 https://www.sec.gov/Archives/edgar/data/1810019/000181001923000164/rxt-20230930.htm 勒索軟體LockBit鎖定Citrix Bleed漏洞發動攻擊 https://doublepulsar.com/lockbit-ransomware-group-assemble-strike-team-to-breach-banks-law-firms-and-governments-4220580bfcee 勒索軟體BlackCat聲稱透過第三方供應商入侵資安業者Dragos，遭到該業者否認 https://www.securityweek.com/dragos-says-no-evidence-of-breach-after-ransomware-gang-claims-hack-via-third-party/ 駭客透過Google廣告散布惡意CPU-Z處理器資訊軟體，目的是於受害電腦植入竊資軟體RedLine https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem https://thehackernews.com/2023/11/us-cybersecurity-agencies-warn-of.html Mozi 僵屍網路因不明原因全面停擺 https://www.twcert.org.tw/tw/cp-104-7532-0db47-1.html 勒索軟體Hive疑似重起爐灶，改名Hunters International從事網路攻擊 https://www.bitdefender.com/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/ 多倫多公立圖書館證實10月勒索軟體攻擊造成資料外洩 https://www.bleepingcomputer.com/news/security/toronto-public-library-confirms-data-stolen-in-ransomware-attack/ 美國、西班牙聯手，拆毀殭屍網路IPStorm https://www.justice.gov/usao-pr/pr/russian-and-moldovan-national-pleads-guilty-operating-illegal-botnet-proxy-service U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty https://thehackernews.com/2023/11/us-takes-down-ipstorm-botnet-russian.html New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.htm 惡意軟體Ducktail鎖定時尚產業而來 https://securelist.com/ducktail-fashion-week/111017/ Ducktail malware spreading through fake clothing job ads https://securelist.com/ducktail-fashion-week/111017/ 後門程式Effluence鎖定DevOps協作平臺Atlassian Confluence而來 https://www.aon.com/cyber-solutions/aon_cyber_labs/detecting-effluence-an-unauthenticated-confluence-web-shell/ Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack IMPERIAL KITTEN Deploys Novel Malware Families https://www.crowdstrike.com/blog/imperial-kitten-deploys-novel-malware-families/ Ransomware Roundup - Knight https://www.fortinet.com/blog/threat-research/ransomware-roundup-knight Ransomware Roundup – NoEscape https://www.fortinet.com/blog/threat-research/ransomware-roundup-noescape 勒索軟體Rhysida鎖定缺乏雙因素驗證的企業下手 https://www.bleepingcomputer.com/news/security/fbi-and-cisa-warn-of-opportunistic-rhysida-ransomware-attacks/ #StopRansomware: Rhysida Ransomware https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-319a GootBot – Gootloader’s new approach to post-exploitation https://securityintelligence.com/x-force/gootbot-gootloaders-new-approach-to-post-exploitation/ Unpacking the Use of Steganography in Recent Malware Attacks https://any.run/cybersecurity-blog/steganography-in-malware-attacks/ GhostLocker - A “Work In Progress” RaaS https://www.rapid7.com/blog/post/2023/11/08/ghostlocker-a-work-in-progress-raas/ Casting Light on BATLOADER: An Insight into its Role in Malware Delivery https://www.seqrite.com/blog/casting-light-on-batloader-an-insight-into-its-role-in-malware-delivery/ DDoS殭屍網路OracleIV鎖定Docker容器環境而來 https://www.cadosecurity.com/oracleiv-a-dockerised-ddos-botnet/ Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers https://thehackernews.com/2023/11/alert-oracleiv-ddos-botnet-targets.html New Ransomware Group Emerges with Hive's Source Code and Infrastructure https://thehackernews.com/2023/11/new-ransomware-group-emerges-with-hives.html Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks https://thehackernews.com/2023/11/hackers-could-exploit-google-workspace.html 27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts https://thehackernews.com/2023/11/27-malicious-pypi-packages-with.html CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks https://thehackernews.com/2023/11/cisa-and-fbi-issue-warning-about.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊日本入境通關線上表單Visit Japan Web出現冒牌App https://www.digital.go.jp/news/6ca8eac4-c6e9-4daf-abec-76cef9fb638b Discord 檔案連結將改為暫時有效，以遏止駭侵者置放惡意軟體 https://www.twcert.org.tw/tw/cp-104-7538-e7102-1.html Google Play 開始為 Android VPN App 標示資安稽核標章 https://www.twcert.org.tw/tw/cp-104-7536-78f29-1.html Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan https://www.welivesecurity.com/en/eset-research/unlucky-kamran-android-malware-spying-urdu-speaking-residents-gilgit-baltistan/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力擴大資安人才培養基礎，明年大學特殊選才招生管道將提供1,526個名額，資安專長名額增三成 https://www.cna.com.tw/news/ahel/202311150137.aspx 泰山企業臉書遭入侵！駭客勒索「給我錢」　警方證實接獲報案 https://www.ettoday.net/news/20231117/2625050.htm OpenAI承認ChatGPT遭DDoS攻擊，Cloudflare網站也遭中斷 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10796 俄羅斯駭客Anonymous Sudan聲稱對Cloudflare發動DDoS攻擊 https://www.bleepingcomputer.com/news/technology/cloudflare-website-downed-by-ddos-attack-claimed-by-anonymous-sudan/ 美提新證據加控維基解密創辦人與駭客共謀 https://www.rti.org.tw/news/player/id/2069596 美國藥品管理系統供應商使用的遠端桌面連線工具ScreenConnect遭到鎖定，駭客入侵製藥廠、醫療機構 https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack 中華化學部分資訊系統遭遇網路攻擊 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=211853&SPOKE_DATE=20231112&COMPANY_ID=1727 MySQL伺服器遭到鎖定，駭客用於發動DDoS攻擊 http://asec.ahnlab.com/en/58878/ 物流業者杜拜環球港務遭遇網路攻擊，澳洲多個港口運作受到衝擊 https://www.bleepingcomputer.com/news/security/dp-world-cyberattack-blocks-thousands-of-containers-in-ports/ 美國上市公司MeridianLink疑遭到網路攻擊未依規定披露，駭客竟向美國證券交易委員會告狀 https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/ 中國駭客鎖定澳洲，澳英美三方安全合作協議恐成目標 https://www.asd.gov.au/news-events-speeches/news/2023-11-15-australian-signals-directorate-releases-2023-asd-cyber-threat-report 抗議軟體以NPM套件散布，訴求是以巴衝突停戰 https://www.reversinglabs.com/blog/protestware-taps-npm-to-call-out-wars-in-ukraine-gaza 美國房貸業者Mr. Cooper證實遭遇網路攻擊，多項IT系統被迫中斷服務 https://www.bleepingcomputer.com/news/security/mortgage-giant-mr-cooper-says-customer-data-exposed-in-breach/ 俄羅斯駭客Sandworm透過寄生攻擊手法，破壞烏克蘭關鍵基礎設施 https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology 伊朗駭客設置新的C2框架MuddyC2Go，用於攻擊以色列組織 https://www.deepinstinct.com/blog/muddyc2go-latest-c2-framework-used-by-iranian-apt-muddywater-spotted-in-israel 巴勒斯坦駭客組織Molerats利用惡意程式IronWind發動攻擊 https://www.proofpoint.com/uk/blog/threat-insight/ta402-uses-complex-ironwind-infection-chains-target-middle-east-based-government 中國大陸中央网信办部署开展“清朗·网络戾气整治”专项行动 https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664197659&idx=3&sn=43287401b41b3cde45304077be1a666b 哈瑪斯駭客使用資料破壞軟體BiBi，占用大量處理器資源抹除Windows電腦資料 https://www.bleepingcomputer.com/news/security/israel-warns-of-bibi-wiper-attacks-targeting-linux-and-windows/ https://www.securityjoes.com/post/bibi-linux-a-new-wiper-dropped-by-pro-hamas-hacktivist-group https://twitter.com/ESETresearch/status/1719437301900595444 http://blogs.blackberry.com/en/2023/11/bibi-wiper-used-in-the-israel-hamas-war-now-runs-on-windows https://www.gov.il/he/departments/publications/reports/alert_1660 New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations https://thehackernews.com/2023/11/chinese-hackers-launch-covert-espionage.html Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure https://thehackernews.com/2023/11/russian-hackers-launch-largest-ever.html Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes https://thehackernews.com/2023/11/russian-hackers-sandworm-cause-power.html New Campaign Targets Middle East Governments with IronWind Malware https://thehackernews.com/2023/11/new-campaign-targets-middle-east.html Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html 越南駭客疑假借提供Google Bard散布惡意程式，遭到Google提告 https://www.ithome.com.tw/news/159820 Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers https://thehackernews.com/2023/11/vietnamese-hackers-using-new-delphi.html TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities | Proofpoint US https://www.proofpoint.com/us/blog/threat-insight/ta402-uses-complex-ironwind-infection-chains-target-middle-east-based-government N2515 網路資訊安全工程師Ｖ https://www.1111.com.tw/job/113043810/ 資安防護管理人員(程式安全) https://www.104.com.tw/job/85wwl?jobsource=googlejobs 資訊安全分析師 https://www.104.com.tw/job/85ugj?jobsource=googlejobs 資安資訊專員 https://www.104.com.tw/job/85wwd?jobsource=googlejobs 資安鑑識工程師 https://www.104.com.tw/job/68ud0?jobsource=googlejobs D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全伊朗駭客組織TA456假借求才的名義，寄送帶有惡意Excel檔案的釣魚信 https://www.crowdstrike.com/blog/imperial-kitten-deploys-novel-malware-families/ 開發人員在PyPI專案曝露近4千組帳密資料，已有部分確認為實際資料 https://blog.gitguardian.com/uncovering-thousands-of-unique-secrets-in-pypi-packages/ 三星電子傳出資料外洩，英國門市客戶受到影響 https://www.bleepingcomputer.com/news/security/samsung-hit-by-new-data-breach-impacting-uk-store-customers/ 西洋棋網站Chess.com傳出資料外洩，駭客濫用API搜括使用者資料 https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology 馬來西亞政府破壞網路釣魚犯罪圈BulletProofLink https://www.rmp.gov.my/news-detail/2023/11/08/video-pilihan-op-khas-bulletproftlink-hasil-rampasan 美國緬因州遭遇MOVEit Transfer零時差漏洞攻擊，130萬民眾個資外洩 http://www.maine.gov/moveit-global-data-security-incident/ 中國大陸浙江宣傳：網絡輿情不能「一刪了之」　冀黨員幹部有不刪帖的胸懷 https://www.hk01.com/article/960673?utm_source=01articlecopy&utm_medium=referral 千萬別點！Booking訂房後「跳1恐怖訊息」　旅遊達人示警：近期最強詐騙 https://www.setn.com/News.aspx?NewsID=1381917 別點開這款「郵件」！健保署：2招教你揪出病毒信件 https://today.line.me/tw/v2/article/YaOkM7W 彰化頻傳羽球詐騙案球友憂個資外洩成待宰肥羊 https://www.chinatimes.com/amp/realtimenews/20231112002100-260402 台灣人最愛「15組密碼」　快改掉！駭客1秒就能破解 https://www.setn.com/news.aspx?newsid=1384601 我公司收款帳號遭到駭客竄改,客戶也付款,該如何處理 https://law.sme.gov.tw/ailt/modules/forum/details/?topic_id=26860 勒索軟體Medusa聲稱竊得豐田汽車融資公司資料，該公司證實歐洲、非洲辦事處受到影響 https://www.bleepingcomputer.com/news/security/toyota-confirms-breach-after-medusa-ransomware-threatens-to-leak-data/ TOYOTA遭「梅杜莎」竊取個資、勒索百萬美元！全球企業都怕，梅杜莎是誰 https://www.bnext.com.tw/article/77475/toyota-hack-medusa-ransomware Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html E.研究報告/工具高科技產業資安治理實務經驗分享：因為挑戰在人，所以要練 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10799 Gartner：攻擊面擴大，2027年45%的資安長職責範圍將擴展到網路安全之外 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10792 研究人員揭露利用Google Workspace發動攻擊的手法 https://www.bitdefender.com/blog/businessinsights/the-chain-reaction-new-methods-for-extending-local-breaches-in-google-workspace/ 一款自动化扫描工具NucleiFuzzer https://mp.weixin.qq.com/s?__biz=MzU5MTc1NTE0Ng==&mid=2247485189&idx=2&sn=64dd4cc1b3ac3400bc3cc50fa375441a AI產業發達，卻也造成網路攻擊強度升級：資安防禦模式大攻防 https://reurl.cc/3eELRl Top 5 Marketing Tech SaaS Security Challenges https://thehackernews.com/2023/11/top-5-marketing-tech-saas-security.html The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy https://thehackernews.com/2023/11/the-importance-of-continuous-security.html CI/CD Risks: Protecting Your Software Development Pipelines https://thehackernews.com/2023/11/cicd-risks-protecting-your-software.html Three Ways Varonis Helps You Fight Insider Threats https://thehackernews.com/2023/11/three-ways-varonis-helps-you-fight.html How to Automate the Hardest Parts of Employee Offboarding https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html F.商業 SailPoint: 即使是成熟的公司，組織身分管理的涵蓋程度仍低於70% https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10798 VMware推出Hub Health、macOS 更新儀錶板、與Intel的擴展整合 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10791 商用電腦內建EDR！華碩攜手IBM以AI助企業抵禦資安威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10795 Mandiant執行長呼籲企業以「預想被駭」的思維出發，強化資安偵測應變能力 https://www.ithome.com.tw/news/159828 資安攻防戰超前部署！中華電信HiNet WAF助企業扭轉局勢 https://finance.ettoday.net/news/2604951 趨勢科技最新容器防護為SOC團隊節省高達2週的資安事件處理時間 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000677974_UHK8U2428BTJUZ32BE5IH G.政府健保署聯手美國醫療資訊管理協會HIMSS，強化健保數位轉型和資安韌性 https://www.ithome.com.tw/news/159804 國內醫院成駭客攻擊第三位　護資安！健保署將對全國醫院資安大健檢 https://www.setn.com/news.aspx?newsid=1382379 司法院傳出遭到入侵，內網密碼、判決書流入駭客論壇 https://www.peoplenews.tw/articles/f8da8c0cef 司法院似遭駭客入侵？司法院澄清無資安疑慮 https://www.peoplenews.tw/articles/f5ab32d36c 資安防線破大洞？賴士葆爆料「上市櫃公司竟半數無資安長」 https://reurl.cc/WvQdp9 證期局：已有115家上市櫃公司完成資安長設置 https://udn.com/news/story/7239/7570203 國安機關推動資安治理現存問題與落差因素分析之研究 https://www.airitilibrary.com/Article/Detail/2073090X-201407-201408070021-201408070021-12-25 資策會資安所推動供應鏈資安聯防攜手漢翔航空導入CMMC合規作業 http://www.compotechasia.com/a/press/2023/1113/56049.html H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 QNAP示警 QTS 作業系統和NAS應用程式存在嚴重漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10794 為提升產業資安防禦力，SEMI推出半導體製造環境資訊網路安全參考架構 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10803 中國大陸四部委开展智能网联汽车准入和上路通行试点工作 https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664197659&idx=1&sn=f9865f9ef3d8527a27f736490cd895d2 ASUS RT-AX55 - command injection https://www.twcert.org.tw/tw/cp-132-7496-96e2c-1.html https://www.twcert.org.tw/tw/cp-132-7497-f92ac-1.html https://www.twcert.org.tw/tw/cp-132-7498-18012-1.html https://www.twcert.org.tw/tw/cp-132-7499-63907-1.html ASUS RT-AX88U - externally-controlled format string https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html 中華電信 NOKIA G-040W-Q Excessive Authentication Attempts https://www.twcert.org.tw/tw/cp-132-7500-0c544-1.html 中華電信 NOKIA G-040W-Q - Broken Access Control https://www.twcert.org.tw/tw/cp-132-7501-6155a-1.html 中華電信 NOKIA G-040W-Q - Command Injection https://www.twcert.org.tw/tw/cp-132-7502-287ec-1.html 中華電信 NOKIA G-040W-Q - Weak Password Requirements https://www.twcert.org.tw/tw/cp-132-7503-a27ed-1.html 中華電信 NOKIA G-040W-Q - Exposure of Sensitive Information https://www.twcert.org.tw/tw/cp-132-7504-c6a5e-1.html 中華電信 NOKIA G-040W-Q-Improper Input Validation https://www.twcert.org.tw/tw/cp-132-7505-a0c94-1.html I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會國泰天職學X職游｜How IT Works SMART 2023/11/18 https://www.accupass.com/event/2309190510226744374250?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 數位時代的民主：威脅與方案 2023/11/21 https://www.twsig.tw/20231121/ 2023 台灣智動化檢測驗證聯盟大會暨工業安全規範研討會 2023/11/22 https://www.accupass.com/event/2309200309193935682920?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 資安漏洞怎麼補？從認知、布局及端點防護談起(暫時) 2023/11/23 https://metashield.kktix.cc/events/5867ed48 【ACAD安碁學苑】上市上櫃公司資安策略及管控 2023/11/23 https://www.accupass.com/event/2310191642498549788800 High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 2023台北國際金融博覽會 2023/11/24 ~ 2023/11/26 https://www.accupass.com/event/2307200240122074808667 HITCON GIRLS 2023 Workshop 2023/11/25 ~ 2023/11/26 https://hitcon.kktix.cc/events/hitcongirlsworkshop2023 High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 資安防無懼一步到位 : Affordable SOC 有效強化企業核心資安防護力 2023/11/28 https://www.gss.com.tw/content-page/173-currcular/3599-2023-11-28 Flutter Meetup #8 2023/11/29 https://www.meetup.com/flutter-taipei/events/296465276/ Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 【Monosparta】②⓪②④ 第一梯次軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401