資安事件新聞週報 2024/07/29 ~ 2024/08/02

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/07/29 ~ 2024/08/02 1.重大弱點漏洞/後門/Exploit/Zero Day 逾2萬臺VMware ESXi伺服器曝露在已被利用的CVE-2024-37085危險當中 https://securityaffairs.com/166432/hacking/vmware-esxi-cve-2024-37085-vulnerable-instances.html Oracle Database Server CVE-2024-21184 https://nvd.nist.gov/vuln/detail/CVE-2024-21184 Cisco 發布 Secure Email Gateway 安全性更新 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH Cisco Secure Email CVE-2024-20401 https://nvd.nist.gov/vuln/detail/CVE-2024-20401 Cisco Secure Web Appliance CVE-2024-20435 https://nvd.nist.gov/vuln/detail/CVE-2024-20435 Cisco Smart Software Manager On-Prem CVE-2024-20419 https://nvd.nist.gov/vuln/detail/CVE-2024-20419 Cisco 發布 SSM On-Prem 安全性更新 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy https://www.ithome.com.tw/news/164005 Cisco Intelligent Node Manager CVE-2024-20323 https://nvd.nist.gov/vuln/detail/CVE-2024-20323 Palo Alto Networks修補Expedition弱點 https://security.paloaltonetworks.com/CVE-2024-5910 https://www.ithome.com.tw/news/163919 網路捷徑檔案安全機制繞過漏洞遭到利用超過一年，攻擊者用於散布數種竊資軟體 https://www.ithome.com.tw/news/164159 Windows 11 KB5040527 update fixes Windows Backup failures https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5040527-update-fixes-windows-backup-failures/ Microsoft's July update may put your Windows PC in BitLocker recovery - here's how to fix this https://www.zdnet.com/article/microsofts-july-update-may-put-your-pc-in-bitlocker-recovery-heres-how-to-fix-this/ July Windows Server updates break Remote Desktop connections https://www.bleepingcomputer.com/news/microsoft/july-windows-server-updates-break-remote-desktop-connections/ Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks https://thecybersecurity.news/general-cyber-security-news/prompt-injection-flaw-in-vanna-ai-exposes-databases-to-rce-attacks-30037/ Google著手處理Chrome密碼管理工具的臭蟲 https://www.ithome.com.tw/news/164165 Google fixes Chrome Password Manager bug that hides credentials https://www.bleepingcomputer.com/news/google/google-fixes-chrome-password-manager-bug-that-hides-credentials/ 網擎資訊 Mail2000 - HttpOnly flag bypass https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html 網擎資訊 Mail2000 - Stored XSS https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html 網擎資訊 MailGates與MailAudit - Sensitive Cookie Without 'HttpOnly' Flag https://www.twcert.org.tw/tw/cp-132-7927-03837-1.html BIND UPDATES FIX FOUR HIGH-SEVERITY DOS BUGS IN THE DNS SOFTWARE SUITE https://securityaffairs.com/166190/security/bind-updates-high-severity-dos-bugs.html Red Hat Enterprise Linux 6 https://nvd.nist.gov/vuln/detail/CVE-2024-6655 https://nvd.nist.gov/vuln/detail/CVE-2024-6716 IBM QRadar SIEM contains multiple vulnerabilities https://www.ibm.com/support/pages/node/7162077 Acronis Cyber Infrastructure去年修補重大漏洞，傳出已出現濫用此弱點的攻擊行動 https://www.ithome.com.tw/news/164186 Nvidia修補Jetson單板電腦作業系統的高風險漏洞 https://www.ithome.com.tw/news/164198 CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software https://thehackernews.com/2024/07/cisa-warns-of-exploitable.html Critical ServiceNow RCE flaws actively exploited to steal credentials https://www.bleepingcomputer.com/news/security/critical-servicenow-rce-flaws-actively-exploited-to-steal-credentials/amp/ Progress warns of critical RCE bug in Telerik Report Server https://www.bleepingcomputer.com/news/security/progress-warns-of-critical-rce-bug-in-telerik-report-server/ 2.銀行/金融/保險/證券/金融監理新聞及資安金總邀集金融業公會發布金融建言白皮書五大主題、30項建言曝光 https://www.ctee.com.tw/news/20240726702028-430301 網友散播APP資安疑慮國壽與玉山銀：不實謠言 https://www.ptt.cc/bbs/Bank_Service/M.1722104759.A.97F.html 疑小草工程師嗆「綠粉別用兩APP」國泰人壽、玉山銀行怒駁：已掌握身分 https://www.chinatimes.com/realtimenews/20240728000948-260407?chdtv 金融小草被肉搜 https://hackmd.io/@kpsupkeepgoing2024/ryZbuBftA 這下慘了!小草工程師囂張喊「綠粉別用」　國泰人壽起底自家員工怒斥「依公司規定議處」 https://www.ftnn.com.tw/news/274724 中國投行實習生拍抖音炫富客戶IPO資料也入鏡…下場慘了 https://www.worldjournal.com/wj/story/121344/8122745 國泰人壽公開系統上雲歷程，一年完成17套系統遷雲 https://www.ithome.com.tw/news/164185 安卓惡意軟體BingoMod洗劫受害者的銀行帳戶，得逞後還會抹除裝置檔案 https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data 可惡安卓惡意軟體BingoMod，盜完銀行帳戶還順手抹除裝置 https://www.ithome.com.tw/news/164260 New Android Banking Trojan BingoMod Steals Money, Wipes Devices https://thehackernews.com/2024/08/new-android-banking-trojan-bingomod.html 3.信用卡/電子支付/行動支付/pay/支付系統/資安外國人也愛用！陸上半年逾500萬入境人員使用行動支付年增4倍 https://www.chinatimes.com/realtimenews/20240727001759-260409?chdtv 登晴空塔不需人擠人購票! 行動支付就能買 https://news.ustv.com.tw/newsdetail/20240724A024 搶吃電子支付新大餅，「跨境支付」香在哪？悠遊付、街口各自有何策略 https://www.bnext.com.tw/article/79888/2024-future-commerce-electronic-payment 沒電子支付就爛？粉紅批新加坡「現金付款落後」　他指3點譏：你們多先進 https://www.ftvnews.com.tw/news/detail/2024731W0213 從沒有QRCode到電子支付普及馬來西亞正搭上數位經濟快車 https://news.cnyes.com/news/id/5636249 跨 App 金流不再痛！TWQR 如何解決跨業者支付的痛點 https://www.inside.com.tw/article/35753-twqr 日本最大電支找上台企！台人使用率翻倍飆未來販賣機也能嗶 https://reurl.cc/yvgEMy 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Web3 安全入門避坑指南：錢包被惡意多簽風險 https://www.panewslab.com/zh_hk/articledetails/sfygsi5iFt.html 囤幣囤成「殭屍粉」，Coinbase註銷用戶帳戶並充公其資產惹爭議 https://m.cnyes.com/news/id/5652458 Hack WazirX：平台暫停交易並展開追蹤行動 https://pcoin.one/hack-wazirx%EF%BC%9A%E5%B9%B3%E5%8F%B0%E6%9A%AB%E5%81%9C%E4%BA%A4%E6%98%93%E4%B8%A6%E5%B1%95%E9%96%8B%E8%BF%BD%E8%B9%A4%E8%A1%8C%E5%8B%95/ VanEck：比特幣2050年上看290萬美元，全球10%國際貿易以BTC結算 https://www.blocktempo.com/vaneck-calls-for-bitcoin-to-reach-2-9-million-by-2050/ 印度加密交易所WazirX將實施所有用戶公平分擔的社會化損失策略 https://www.panewslab.com/zh_hk/sqarticledetails/zsn8rc46Ft.html 從「暗網毒梟」到加密貨幣企業家，絲路2.0創辦人Blake Benthall的10年贖罪 https://www.blocktempo.com/who-build-silkroad-2-blake-benthall/ Crypto exchange Gemini discloses third-party data breach https://www.bleepingcomputer.com/news/security/crypto-exchange-gemini-discloses-third-party-data-breach/ Raydium區塊鏈用戶遭到鎖定，駭客透過網路問答平臺Stack Exchange散布惡意PyPI套件 https://www.ithome.com.tw/news/164267 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 基於 Golang 的勒索軟體 Eldorado，可跨平台攻擊 https://www.twcert.org.tw/tw/cp-104-7950-61e43-1.html 針對 AI 語音生成工具的新型惡意程式 Gipy https://www.twcert.org.tw/tw/cp-104-7846-e9178-1.html 微軟 Windows 漏洞警報！小心惡意軟體偽裝成連結躲避 SmartScreen 防護 https://www.techbang.com/posts/117084-windows-smartscreen FBI查獲與朝鮮勒索軟體相關的加密貨幣 https://news.cnyes.com/news/id/5652866 北韓駭客Andariel以經濟利益為目標，發動勒索軟體攻擊 https://www.ithome.com.tw/news/164158 逾3千個GitHub帳號遭駭客組織Stargazer Goblin濫用，作為散布惡意軟體的管道 https://www.ithome.com.tw/news/164161 駭客冒用Google名義上架身分認證App廣告，企圖散布竊資軟體DeerStealer https://www.ithome.com.tw/news/164254 勒索軟體集團Dark Angels今年初曾收到一筆高達7,500萬美元的贖金 https://www.ithome.com.tw/news/164216 虛擬化平臺VMware ESXi身分驗證繞過漏洞遭駭客濫用散布勒索軟體 https://www.ithome.com.tw/news/164182 德國CrowdStrike用戶遭到鎖定，駭客聲稱提供當機報告程式，但其實是為了將惡意軟體植入 https://www.ithome.com.tw/news/164184 英國國民健康服務NHS遭遇勒索軟體攻擊7週後，已造成當地近1萬件急診與手術被迫延後 https://www.ithome.com.tw/news/164171 勒索軟體駭客組織Black Basta打造自製惡意程式迴避偵測 https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight/ 中國駭客組織Cuckoo Spear鎖定日本企業組織，散布惡意程式LodeInfo、NoopDoor長達2至3年 https://www.cybereason.com/blog/cuckoo-spear Cloudflare試用服務遭濫用，駭客藉此散布惡意程式 https://www.proofpoint.com/us/blog/threat-insight/threat-actor-abuses-cloudflare-tunnels-deliver-rats PKfail Secure Boot bypass lets attackers install UEFI malware https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/ APT45: North Korea’s Digital Military Machine https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machine Russian ransomware gangs account for 69% of all ransom proceeds https://www.bleepingcomputer.com/news/security/russian-ransomware-gangs-account-for-69-percent-of-all-ransom-proceeds French Authorities Launch Operation to Remove PlugX Malware from Infected Systems https://thehackernews.com/2024/07/french-authorities-launch-operation-to.html Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials https://thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html Google ads push fake Google Authenticator site installing malware https://www.bleepingcomputer.com/news/security/google-ads-push-fake-google-authenticator-site-installing-malware/ Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft https://www.trendmicro.com/en_us/research/24/h/malvertising-campaign-fake-ai-editor-website-credential-theft.html 'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site https://thehackernews.com/2024/07/gh0st-rat-trojan-targets-chinese.html French Authorities Launch Operation to Remove PlugX Malware from Infected Systems https://thehackernews.com/2024/07/french-authorities-launch-operation-to.html Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials https://thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware https://thehackernews.com/2024/07/cybercriminals-target-polish-businesses.html VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html 中國駭客組織APT10鎖定日本關鍵基礎設施、學術機構，利用後門程式LodeInfo、NoopDoor從事網路間諜攻擊 https://www.ithome.com.tw/news/164274 Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware https://thehackernews.com/2024/07/chinese-hackers-target-japanese-firms.html North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS https://thehackernews.com/2024/07/north-korea-linked-malware-targets.html Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication https://thehackernews.com/2024/08/new-windows-backdoor-bitsloth-exploits.html Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware https://thehackernews.com/2024/08/cybercriminals-abusing-cloudflare.html Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html CrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball https://www.darkreading.com/threat-intelligence/crowdstrike-updates-malware-attacks-snowball B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html 保護Android手機大作戰如何偵測並移除惡意軟體 https://www.technice.com.tw/techmanage/infosecurity/125560/ 研究人員揭露專門竊取安卓手機簡訊的攻擊行動，範圍橫跨113個國家 https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/ New Mandrake Android spyware version discovered on Google Play https://securelist.com/mandrake-apps-return-to-google-play/113147/ 研究人員揭露以人工智慧開發的網路犯罪服務，將網釣工具包結合惡意安卓應用程式 https://www.group-ib.com/blog/gxc-team-unmasked/ 在WhatsApp接收Python、PHP檔案不設防，有專家警告此管道可能被用於攻擊開發者、研究人員或網站管理者 https://www.ithome.com.tw/news/164201 研究人員揭露以人工智慧開發的網路犯罪服務，將網釣工具包結合惡意安卓應用程式 https://www.group-ib.com/blog/gxc-team-unmasked/ 研究人員揭露專門竊取安卓手機簡訊的大規模攻擊行動，範圍橫跨113個國家 https://www.ithome.com.tw/news/164276 This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes https://thehackernews.com/2024/07/cybercriminals-deploy-100k-malware.html New Mandrake Spyware Found in Google Play Store Apps After Two Years https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware https://thehackernews.com/2024/08/google-chrome-adds-app-bound-encryption.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力華經資訊傳出遭遇網路攻擊事故，強調未有機密檔案及個資外洩情事 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=2&SPOKE_TIME=170548&SPOKE_DATE=20240730&COMPANY_ID=2468 微軟又發生全球大當機！由 DDoS 攻擊引起，防禦措施出錯再擴大影響 https://www.inside.com.tw/article/35784-microsoft-ddos-outage 微軟Azure服務不穩出於DDoS攻擊防護功能異常 https://www.ithome.com.tw/news/164247 Microsoft 365再發生部分服務不穩、無法存取問題 https://www.ithome.com.tw/news/164214 解析0719全球電腦大當機原因，資安專家推測CrowdStrike病毒特徵碼設計不良，造成藍色當機畫面 https://www.ithome.com.tw/news/164259 CrowdStrike：逾97%安全軟體感應器恢復上線 https://udn.com/news/story/6811/8120415 CrowdStrike 更新錯誤估計造成全球數十億美元損失，但保險僅理賠部分 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11145 超狂駭客「中國境內取贓款」人頭值3億「這原因」FBI也沒轍 https://reurl.cc/RenGkg 巴黎奧運網路團隊皮繃緊緊　迎戰駭客攻擊 https://www.knews.com.tw/news/6BB5F2EFBF675CEF12DB0E30ECAE33AC 奧運選手收威脅訊息以色列示警伊朗幕後策劃 https://money.udn.com/money/story/5599/8120133 以色列選手個資遭駭客外洩法國警方緊急回應 https://www.rti.org.tw/news/view/id/2214535 以哈戰爭網攻怎麼讓人失去對政府信任？醫院、恐攻死者家庭群組都能駭 https://www.cw.com.tw/article/5131302 誰關注美英跨國資安通報 https://n.yam.com/Article/20240728963894#google_vignette 2021年英國選舉委員會遭駭，破口出在Exchange伺服器漏洞修補不夠即時，至少受到3組攻擊者肆虐 https://www.ithome.com.tw/news/164221 APT45成員遭美國司法部通緝，意外揭露臺灣也有國防承包商遭北韓駭客攻擊 https://www.ithome.com.tw/news/164170 中國電商平台強勢進軍韓國潛藏資安風險 https://www.cna.com.tw/news/aopl/202407260451.aspx 英美韓示警：北韓駭客圖竊全球國防企業機密美軍基地、NASA都遭殃 https://money.udn.com/money/story/5599/8119991 美英韓示警平壤駭客竊核武等機密 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1695466 南韓軍情人員資料外洩海外諜報工作急喊停 https://money.udn.com/money/story/5599/8123225 韓國數千情報人員資料外洩軍方展開調查 https://www.ntdtv.com/b5/2024/07/28/a103900968.html 南韓國安危機！國防情報司令部傳大洩密機密資料恐落入北韓手中 https://news.ltn.com.tw/news/world/breakingnews/4750858 美國務院懸賞1000萬美元，懸賞朝鮮駭客Rim身份位置資訊 https://m.cnyes.com/news/id/5653043 北韓駭客發動Dev#Popper攻擊行動，鎖定Windows、macOS、Linux開發人員而來 https://www.ithome.com.tw/news/164253 駭客組織Patchwork濫用滲透測試工具Brute Ratel C4攻擊不丹 https://medium.com/@knownsec404team/the-patchwork-group-has-updated-its-arsenal-launching-attacks-for-the-first-time-using-brute-ratel-175741987d87 印度洋、地中海港口及海洋事務設施遭到駭客組織SideWinder鎖定 https://blogs.blackberry.com/en/2024/07/sidewinder-targets-ports-and-maritime-facilities-in-the-mediterranean-sea Acronis warns of Cyber Infrastructure default password abused in attacks https://www.bleepingcomputer.com/news/security/acronis-warns-of-cyber-infrastructure-default-password-abused-in-attacks/ Las Vegas transit system is nation’s first to plan full deployment of AI surveillance system for weapons https://blog.deurainfosec.com/las-vegas-transit-system-is-nations-first-to-plan-full-deployment-of-ai-surveillance-system-for-weapons/ Security Firm Discovers Remote Worker Is Really a North Korean Hacker https://www.pcmag.com/news/security-firm-discovers-remote-worker-is-really-a-north-korean-hacker U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals https://thehackernews.com/2024/07/us-doj-indicts-north-korean-hacker-for.html Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining https://thehackernews.com/2024/07/ongoing-cyberattack-targets-exposed.html Microsoft calls for Windows changes and resilience after CrowdStrike outage https://www.theverge.com/2024/7/26/24206719/microsoft-windows-changes-crowdstrike-kernel-driver New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova https://thehackernews.com/2024/07/cyber-espionage-group-xdspy-targets.html U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange https://thehackernews.com/2024/08/us-releases-high-profile-russian.html North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks https://thehackernews.com/2024/07/north-korean-hackers-shift-from-cyber.html 郵局招4大類資訊人才薪上看55K https://www.1111.com.tw/news/jobns/157025 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全營業秘密定罪難專家點出重大盲點忽略潛在經濟價值，誠信原則保密義務，合理保密措施為法庭攻防重點 https://www.ctee.com.tw/news/20240726701206-431202 介入謝國樑罷免的中國內容農場 https://reurl.cc/qvz35N 內容農場盜用舊報導基市府澄清：利用謝國樑家人之文章導流小心資安破口 https://www.chinatimes.com/realtimenews/20240727001138-260407?chdtv 巴黎奧運爆加密貨幣詐騙！以官方名義ICO，竟掛Solana合作 https://www.blocktempo.com/paris-olympics-cryptocurrency-ico-scam/ 大數據推動健康產業隱私、發展難兼顧 https://anntw.com/articles/20240728-Xr9V Microsoft 365 用戶成為濫用 Microsoft Forms 的釣魚攻擊目標 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11148 網路釣魚攻擊鎖定OneDrive用戶，引誘執行惡意PowerShell指令碼 https://www.ithome.com.tw/news/164255 OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script https://thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html Proofpoint郵件安全服務出現漏洞，攻擊者藉此發送數百萬封釣魚郵件 https://www.ithome.com.tw/news/164246 惡意PyPI套件鎖定macOS用戶，為了竊取Google Cloud帳密資料，意外扯出AI搜尋引擎遭誤導的社交工程新危機 https://www.ithome.com.tw/news/164240 日本夏普網路商店、食品配送服務網站遭入侵，逾10萬人個資恐外流，臺灣夏普不受影響 https://www.ithome.com.tw/news/164218 波蘭企業遭遇網釣攻擊，駭客意圖散布Agent Tesla、Formbook、Remcos RAT等惡意軟體 https://www.welivesecurity.com/en/eset-research/phishing-targeting-polish-smbs-continues-modiloader/ 研究人員揭露臉書詐騙攻擊行動Eriakos，利用數百個網站竊取用戶財務資料 https://www.recordedfuture.com/research/eriakos-scam-campaign-detected 奈及利亞駭客濫用逾6萬個Instagram帳號，鎖定美國進行性勒索 https://about.fb.com/news/2024/07/combating-financial-sextortion-scams-from-nigeria/ CrowdStrike Warns of New Phishing Scam Targeting German Customers https://thehackernews.com/2024/07/crowdstrike-warns-of-new-phishing-scam.html Fraud ring pushes 600+ fake web shops via Facebook ads https://www.bleepingcomputer.com/news/security/fraud-ring-pushes-600-plus-fake-web-shops-via-facebook-ads/ Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection https://thehackernews.com/2024/07/meta-settles-for-14-billion-with-texas.html Facebook Ads Lead to Fake Websites Stealing Credit Card Information https://thehackernews.com/2024/08/facebook-ads-lead-to-fake-websites.html DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight https://thehackernews.com/2024/07/digicert-to-revoke-83000-ssl.html E.研究報告/工具一場軟體更新的數位浩劫！我們可以從850萬台Windows當機學會什麼 https://www.youtube.com/watch?v=CfPpjsXcMrE 可微調 Personal Access Token 讓 Github 存取更安全 https://blog.darkthread.net/blog/github-fine-grained-pat/ Let's Go! 認識 Go 語言 https://blog.darkthread.net/blog/whats-golang/ 紅隊滲透新工具Specula利用舊漏洞，在Outlook實現遠端程式碼執行 https://www.ithome.com.tw/news/164199 https://github.com/trustedsec/specula https://www.youtube.com/playlist?list=PLk-dPXV5k8SE_g2507i2Qsu-dj3nRnTgA 美國釋出用來評估AI安全的Dioptra平臺 https://www.ithome.com.tw/news/164169 NIST日前釋出Dioptra 1.0，是一個可用於評估AI安全及可靠性的軟體測試平臺 https://www.ithome.com.tw/news/164169 6 Types of Applications Security Testing You Must Know About https://thehackernews.com/2024/07/6-types-of-applications-security.html Offensive AI: The Sine Qua Non of Cybersecurity https://thehackernews.com/2024/07/offensive-ai-sine-qua-non-of.html How APT groups operate in Southeast Asia https://www.ptsecurity.com/ww-en/analytics/apt-groups-in-southeast-asia/ How Searchable Encryption Changes the Data Security Game https://thehackernews.com/2024/07/how-searchable-encryption-changes-data.html Offensive AI: The Sine Qua Non of Cybersecurity https://thehackernews.com/2024/07/offensive-ai-sine-qua-non-of.html The Power and Peril of RMM Tools https://thehackernews.com/2024/07/the-power-and-peril-of-rmm-tools.html Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground https://thehackernews.com/2024/07/cyber-threat-intelligence-illuminating.html How To Get the Most From Your Security Team's Email Alert Budget https://thehackernews.com/2024/07/how-to-get-most-from-your-security.html Obfuscation: There Are Two Sides To Everything https://thehackernews.com/2024/08/obfuscation-there-are-two-sides-to.html [GCP] Connect Cloud SQL to multiple VPCs https://medium.com/@poiblacktea/gcp-connect-cloud-sql-to-multiple-vpcs-f5b54acb1306 Unix-like Artifacts Collector https://github.com/tclahr/uac Automated Active Directory lab running on Proxmox https://github.com/brmkit/ad-training-lab Stargazers Ghost Network https://research.checkpoint.com/2024/stargazers-ghost-network/ APKDeepLens https://github.com/d78ui98/APKDeepLens Microsoft veteran shares Windows NT, 3.1, 95 Blue Screen of Death (BSOD) origin story https://www.neowin.net/news/microsoft-veteran-shares-windows-nt-31-95-blue-screen-of-death-bsod-origin-story/ F.商業亞洲首座H200算力中心在台灣！翔耀「軍火庫」10月底上線，為何它是AI新創福音 https://www.bnext.com.tw/article/79899/ai-computing-center--enlight-supermicro-vmfive 精誠收購藍新看準ＡＩ雲商機 https://m.cnyes.com/news/id/5651623 Fortinet 發布《2024年資安技能落差報告》：近九成企業組織在去年經歷與技能落差相關聯的資料外洩事件 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11144 Check Point 與逢甲大學攜手合作打造中臺灣資安人才培育基地 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11143 Google更新搜尋安全政策，簡化使用者移除偽造裸露圖像的流程 https://www.ithome.com.tw/news/164245 防範Windows竊密軟體，Google Chrome新增防護功能 https://www.ithome.com.tw/news/164219 W3C對Google決定續留第三方Cookie感到意外，呼籲重新考慮 https://www.ithome.com.tw/news/164217 Google解決Chrome密碼管理工具的臭蟲 https://www.ithome.com.tw/news/164165 G.政府打詐四法三讀，展開打詐新篇章全面查緝詐欺犯罪，落實罪贓返還，完善被害保護 https://n.yam.com/Article/20240728647114 復興高中AI資安學程正式啟動，並與東吳大學進行策略聯盟，實現學程無縫銜接 https://www.doe.gov.taipei/News_Content.aspx?n=B3DDF0458F0FFC11&sms=72544237BBE4C5F6&s=02C41D2E94033F0D H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 Secure Boot is completely broken on 200+ models from 5 big device makers https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/?fbclid=IwY2xjawERLIlleHRuA2FlbQIxMQABHYa4pkz1IArL5FeeoU7PU7fAmm2vpRM2eNuGkLiLqTTLywvEEOd7BeMZ3w_aem_bHk8_5dCrRdveX8O_azgaA I.教育訓練資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 Secure Code Warrior 線上學資安 - August 2024/8/1 ~ 2024/8/31 https://www.accupass.com/event/2407180405091105877998 Just a chat - with no Expectations 2024/8/3 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302230884/ COSCUP 2024 2024/8/3 ~ 2024/8/4 https://coscup.org/2024/zh-TW/ SyntaxError 2024/8/7 https://www.meetup.com/pythonhug/events/302308243/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/8/8 https://www.meetup.com/hackingthursday/events/302328132/ FinTech Summer CAMP 2024/8/5 ~ 2024/8/9 https://isipevent.kktix.cc/events/f2ce8bcc-copy-6 「資安技術人才培育計畫」免費線上講座 2024/8/6 https://www.acsiacad.com/subdetail/1066 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/6 https://www.meetup.com/taiwan-code-camp/events/302288283/ Taipei DevOps User Group 11th Event, supported by Wankuma Alliance 2024/8/9 https://www.meetup.com/taipei-devops-user-group/events/302076675/ AI職場工具應用：萬事問AI，但要怎麼問 2024/8/9 https://www.accupass.com/event/2407241036561802566403 Just a chat - with no Expectations 2024/8/10 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302365145/ 資安長零信任的第一堂課（八月場） 2024/8/13 https://jamf.kktix.cc/events/applexjamf-aug Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/13 https://www.meetup.com/taiwan-code-camp/events/302421006/ SyntaxError 2024/8/14 https://www.meetup.com/pythonhug/events/pqnsctygclbsb/ AI x 雲端系列研討會 - Postgres x Elastic x Vault 2024/8/14 ~ 2024/8/28 https://www.accupass.com/event/2407090959082119228820 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 ⟫ 2024/8/15 https://www.meetup.com/hackingthursday/events/302454317/ 第2屆 Web3資安暨信任論壇 ⟪共建智慧Web3│驅動數位信任⟫ 2024/8/15 https://www.accupass.com/event/2406260522161651051152 2024 HITCON x Yourator 資安職涯論壇｜現場企業徵才，解鎖你的資安未來 ꗃ 2024/8/17 https://www.accupass.com/event/2407120626187489710470 Just a chat - with no Expectations 2024/8/17 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302490813/ Taoyuan WordPress Café 桃園咖啡小聚 #39 2024/8/17 https://www.meetup.com/taoyuan-wordpress-meetup/events/302363697/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/20 https://www.meetup.com/taiwan-code-camp/events/302548977/ 2024全面阻絕詐騙論壇 2024/8/20 https://www.accupass.com/event/2407300901531515176080 SyntaxError 2024/8/21 https://www.meetup.com/pythonhug/events/pqnsctygclbcc/ Taipei dbt Meetup #26 for all folks working with data! (Hybrid 👫 + 🧑‍💻)2024/8/21 https://www.meetup.com/taipei-dbt-meetup/events/302491357/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/8/22 https://www.meetup.com/hackingthursday/events/psspctygclbdc/ Just a chat - with no Expectations 2024/8/24 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbgc/ 《報導者》的AI初體驗：我們如何建置立委發言監測儀表板 2024/8/26 https://www.meetup.com/rladies-taipei/events/302047204/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/27 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygclbkc/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/ SyntaxError 2024/8/28 https://www.meetup.com/pythonhug/events/pqnsctygclblc/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/8/29 https://www.meetup.com/hackingthursday/events/psspctygclbmc/ 資安職能培訓｜安全程式開發管理師 2024/8/31 ~ 2024/10/5 https://acsiacad.kktix.cc/events/308914 Just a chat - with no Expectations 2024/8/31 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbpc/ 第九屆《WHATs NEXT》未來科技產業高峰會 2024/9/3 https://www.accupass.com/event/2406060317121880421709 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/3 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcmbfb/ SyntaxError 2024/9/4 https://www.meetup.com/pythonhug/events/pqnsctygcmbgb/ 資安長零信任的第一堂課（九月場） 2024/9/19 https://jamf.kktix.cc/events/applexjamf-sep 資訊安全系列課程 2024/9/30 https://www.accupass.com/event/2407011640161317038989 資訊安全系列課程 2024/10/12 https://www.accupass.com/event/2407011633417884074930 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024 Threat Analyst Summit 2024 威脅分析師高峰會 2024/12/11 ~ 2024/12/12 https://teamt5tw.kktix.cc/events/tas2024