資安事件新聞週報 2023/10/23 ~ 2023/10/27

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/10/23 ~ 2023/10/27 1.重大弱點漏洞/後門/Exploit/Zero Day 2023Q3零時差資安漏洞激增，短短一個多月爆出20個零時差漏洞，特別是涉及底層漏洞似乎變多 https://www.ithome.com.tw/news/159484 研究人員公布Citrix NetScaler重大漏洞Citrix Bleed的概念性驗證攻擊程式碼 https://www.bleepingcomputer.com/news/security/citrix-bleed-exploit-lets-hackers-hijack-netscaler-accounts/ https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 https://twitter.com/Shadowserver/status/1717024004488442269 Citrix警告NetScaler重大漏洞的攻擊行動仍持續進行 https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/ F5針對BIG-IP重大漏洞CVE-2023-46747提出警告，呼籲IT人員儘速套用更新程式 https://securityboulevard.com/2023/10/technical-advisory-f5-big-ip-unauthenticated-rce-vulnerability-cve-2023-46747/ https://my.f5.com/manage/s/article/K000137368 https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/ F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html 研究人員揭露SoftEther VPN、文書處理軟體一太郎漏洞 https://blog.talosintelligence.com/vulnerability-roundup-oct-25-2023/ Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software https://thehackernews.com/2023/10/nation-state-hackers-exploiting-zero.html Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/ 鎖定零時差漏洞CVE-2023-20198的受害範圍擴大，近4.2萬臺思科設備感染後門程式 https://censys.com/cve-2023-20198-cisco-ios-xe-zeroday/ Cisco零日漏洞感染數5萬變100　黑客造數藏巨大陰謀 https://www.wepro180.com/231026_cisco/ 思科揭露另一個網路設備作業系統IOS XE零時差漏洞，駭客用來植入Lua打造的惡意程式 https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/ 遭植入後門的思科IOS XE設備數量出現異常銳減狀現象，有資安廠商證實攻擊者其實是滅除遭駭痕跡，並植入新後門 https://www.ithome.com.tw/news/159466 https://twitter.com/onyphe/status/1715633541264900217 https://dashboard.shadowserver.org/statistics/combined/time-series/?date_range=7&source=compromised_website&source=compromised_website6&tag=device-implant%2B&group_by=geo&style=stacked https://twitter.com/CERTCyberdef/status/1715787627800969374 https://twitter.com/uk_daniel_card/status/1716131549945430356?s=46 https://www.linkedin.com/feed/update/urn:li:activity:7122238350849150976/ IOS XE零日漏洞威脅擴大! 超過4萬台思科設備被植入後門帳號 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10758 Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html VMware修補vCenter伺服器重大漏洞，並對不再支援的舊版產品提供更新 https://www.vmware.com/security/advisories/VMSA-2023-0023.html VMware事件記錄分析系統的RCE漏洞出現概念性驗證攻擊程式碼 https://www.bleepingcomputer.com/news/security/vmware-warns-admins-of-public-exploit-for-vrealize-rce-flaw/ https://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive-and-iocs/ https://www.vmware.com/security/advisories/VMSA-2023-0021.html VMware事件記錄分析系統的RCE漏洞傳出被用於攻擊行動 https://www.bleepingcomputer.com/news/security/vmware-warns-admins-of-public-exploit-for-vrealize-rce-flaw/ Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html Grammarly、Vidio、Bukalapak網路應用程式存在重大OAuth漏洞 https://www.ithome.com.tw/news/159511 IBM QRadar SIEM contains multiple vulnerabilities in components. https://www.ibm.com/support/pages/node/7060803?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E Mozilla發布Firefox 119，修補3個高風險漏洞 https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/ Google更新Chrome 118，修補記憶體濫用漏洞 https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_24.html SolarWinds存取權限稽核系統存在重大漏洞，攻擊者可能得以遠端執行任意程式碼 https://www.bleepingcomputer.com/news/security/critical-rce-flaws-found-in-solarwinds-access-audit-solution/ 2.銀行/金融/保險/證券/金融監理新聞及資安黃天牧：數位金融要二倍速快跑 https://reurl.cc/2E71O9 黃天牧：數位金融時不我予 https://reurl.cc/Wvz6Yk 巴西金融木馬Grandoreiro針對西班牙、墨西哥而來 https://www.proofpoint.com/us/blog/threat-insight/copacabana-barcelona-cross-continental-threat-brazilian-banking-malware 「金融服務業辦理數位身分驗證指引」建立金融業數位身分驗證的共通語言 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10772 金管會發布「金融服務業辦理數位身分驗證指引」，建立身分驗證共通原則，也加速業者辦理新型態應用的作業流程 https://www.ithome.com.tw/news/159467 第一銀行揭2025數位轉型策略，擴大全行以客戶需求導向驅動業務開發 https://www.ithome.com.tw/news/159512 第一銀行榮獲數位金融獎「數位資訊安全優質獎」 https://www.ctee.com.tw/news/20231023701648-430304 台北富邦銀行連續三年榮獲工商時報「數位金融獎-數位資訊安全獎」殊榮 https://www.upmedia.mg/news_info.php?Type=9&SerialNo=185428 富邦金暨六子公司勇奪12項大獎 https://reurl.cc/6QXoR6 台中銀獲第三屆工商時報「數位資訊安全獎-優質獎」 https://wantrich.chinatimes.com/news/20231024900881-420101#google_vignette 中信落實普惠金融創新兼顧資安獲肯定 https://www.ctee.com.tw/news/20231023701709-431201 工商時報數位金融獎中華郵政榮獲雙獎殊榮 https://reurl.cc/Y0mgoo 彰銀打造友善金融科技生態圈 https://reurl.cc/bleQb6 兆豐銀行榮獲工商時報數金獎「數位資訊安全優質獎」 https://reurl.cc/QZNrob 群益期貨斬獲數位金融三大獎！個人化交易體驗獲金質獎殊榮 https://reurl.cc/q0a7b0 3.信用卡/電子支付/行動支付/pay/支付系統/資安財金公司與銀行、電支業者共推TWQR，讓用戶可跨電支、銀行特約商家掃碼付款 https://www.ithome.com.tw/news/159463 竊資軟體GoPIX鎖定巴西行動支付系統用戶而來 https://securelist.com/crimeware-report-gopix-lumar-rhysida/110871/ 勒索軟體Rhysida與竊資軟體Lumar、GoPIX串連，攻擊巴西行動支付系統 https://securelist.com/crimeware-report-gopix-lumar-rhysida/110871/ Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware https://securelist.com/crimeware-report-gopix-lumar-rhysida/110871/ Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware https://thehackernews.com/2023/10/malvertising-campaign-targets-brazils.html 中國駭客透過冒牌貸款應用程式，騙取使用印度數位支付平臺安卓用戶的個資及銀行帳號 https://www.hackread.com/chinese-scammers-fake-loan-apps-money-laundering/ 中國駭客透過冒牌貸款App洗錢 https://www.cloudsek.com/whitepapers-reports/chinese-scammers-launder-money-through-upi-a-new-threat-to-indias-digital-payment-ecosystem 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安江永昌提「台灣首部加密貨幣專法」，立法院一讀通過 https://blockcast.it/2023/10/27/taiwan-officially-proposes-crypto-bill-with-first-reading-passed/ Kraken計劃於11月按法院命令與美國國稅局分享特定用戶資訊 https://news.cnyes.com/news/id/5359338 加密貨幣平台HKVAEX擬申請香港牌照，幣安稱該平台不屬於該集團 https://reurl.cc/x6e5bb BingX發佈 2023年第四季度最新加密貨幣分析報告 https://n.yam.com/Article/20231027349810 投資人獲利了結、 BTC 跌至 3.4 萬美元！分析師：明年底上看 12.5 萬美元 https://blockcast.it/2023/10/27/bitcoin-cools-off-at-34k-but-could-reach-125k-by-2024-year-end-matrixport-said/ 聯合國最新研究：開採加密貨幣會對氣候、水和土地造成重大環境影響 https://reurl.cc/r6kybN 玄學炒幣？占星術預測加密貨幣走勢，在泰國紅翻 https://www.blocktempo.com/astrology-predictions-trending-in-thailand/ 美國國會議員指控幣安、Tether幫助哈馬斯獲得不法資金加強打擊加密貨幣與恐怖主義聯繫 https://hk.investing.com/news/economic-indicators/article-394764 「妖幣製造商」：Upbit 正在奪取加密貨幣市場的定價權 https://blockcast.it/2023/10/27/mina-is-up-85-in-one-week-amid-upbit-listing-whats-happening-here/ 加密研究Elliptic：哈瑪斯用加密貨幣籌款的真相 https://www.blocktempo.com/setting-the-record-straight-on-crypto-crowdfunding-by-hamas/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 智利電信業者GTD傳出遭勒索軟體Rorschach攻擊 https://www.bleepingcomputer.com/news/security/chilean-telecom-giant-gtd-hit-by-the-rorschach-ransomware-gang/ 勒索軟體駭客鎖定舊版Adobe ColdFusion下手，散布LockBit 3.0變種程式 https://news.sophos.com/en-us/2023/10/19/ransomware-actor-exploits-coldfusion-servers-but-comes-away-empty-handed/ 歐洲刑警組織宣布破壞勒索軟體Ragnar Locker的基礎設施 https://www.europol.europa.eu/media-press/newsroom/news/ragnar-locker-ransomware-gang-taken-down-international-police-swoop Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer https://thehackernews.com/2023/10/europol-dismantles-ragnar-locker.html 駭客假借知名電競設備業者海盜船的名義徵才，目的是散布惡意軟體DarkGate、RedLine Stealer https://labs.withsecure.com/publications/darkgate-malware-campaign 木馬程式Quasar RAT透過DLL側載手法躲避偵測 https://www.uptycs.com/blog/quasar-rat Quasar RAT's Dual DLL Sideloading Technique https://www.uptycs.com/blog/quasar-rat 巴基斯坦和阿富汗遭到駭客組織DoNot Team鎖定，散布名為Firebird的後門程式 https://thehackernews.com/2023/10/donot-teams-new-firebird-backdoor-hits.html DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan https://thehackernews.com/2023/10/donot-teams-new-firebird-backdoor-hits.html Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar https://thehackernews.com/2023/10/quasar-rat-leverages-dll-side-loading.html An iLUMMAnation on LummaStealer https://blogs.vmware.com/security/2023/10/an-ilummanation-on-lummastealer.html DarkGate malware campaign https://labs.withsecure.com/publications/darkgate-malware-campaign https://www.malwarebytes.com/blog/business/2023/10/on-the-frontlines-battling-an-in-the-wild-darkgate-infection-with-malwarebytes-mdr 勒索軟體駭客BlackCat利用新工具Munchkin散布加密程式 https://unit42.paloaltonetworks.com/blackcat-ransomware-releases-new-utility-munchkin/ BlackCat Climbs the Summit With a New Tactic https://unit42.paloaltonetworks.com/blackcat-ransomware-releases-new-utility-munchkin/ Organizations under attack from cryptominer-keylogger-backdoor combo https://securelist.com/miner-keylogger-backdoor-attack-b2b/110761/ The forgotten malvertising campaign https://www.malwarebytes.com/blog/threat-intelligence/2023/10/the-forgotten-malvertising-campaign Woodynet.net,Id3.net and me. https://www.criminalip.io/asset/report/69.166.14.38 https://www.criminalip.io/asset/report/114.215.222.125 https://dnschecker.org/ip-location.php?ip=31.204.146.148 https://www.criminalip.io/domain/report?scan_id=8544746 https://hybrid-analysis.com/sample/ab4672795b872e01bc7411fec294eab22d54e97b133769a3de306d9633fa24d6/5efec3f6b03bcb74f200310b https://www.criminalip.io/images/search/domain/category/icon_page_redirections.svg https://www.criminalip.io/domain/report?scan_id=8544687 https://hybrid-analysis.com/sample/ab4672795b872e01bc7411fec294eab22d54e97b133769a3de306d9633fa24d6/653366aac5f632cbbf0f0000 https://hybrid-analysis.com/sample/020fe56e2d49ead60b67a1e20b43ee0846c493c7edb3118b34c5c964fc131794/6533667318fa4c29320ec174 https://hybrid-analysis.com/sample/2acab1228e8935d5dfdd1756b8a19698b6c8b786c90f87993ce9799a67a96e4e Malware stories: Deworming the XWorm https://cert.pl/en/posts/2023/10/deworming-the-xworm/ 惡意軟體StripedFly利用EternalBlue漏洞，感染百萬臺電腦 https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/ StripedFly: Perennially flying under the radar https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/ When PAM Goes Rogue: Malware Uses Authentication Modules for Mischief https://unit42.paloaltonetworks.com/linux-pam-apis/ Malvertisers Using Google Ads to Target Users Searching for Popular Software https://thehackernews.com/2023/10/malvertisers-using-google-ads-to-target.html Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware https://thehackernews.com/2023/10/vietnamese-hackers-target-uk-us-and.html The Rise of S3 Ransomware: How to Identify and Combat It https://thehackernews.com/2023/10/the-rise-of-s3-ransomware-how-to.html 伊朗駭客組織Tortoiseshell發動惡意程式IMAPLoader攻擊 https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/yellow-liderc-ships-its-scripts-delivers-imaploader-malware.html Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks https://thehackernews.com/2023/10/iranian-group-tortoiseshell-launches.html Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware https://thehackernews.com/2023/10/microsoft-warns-as-scattered-spider.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊蘋果發布安全性更新iOS 17.1、macOS Sonoma 14.1，修補21個iOS漏洞、44個macOS漏洞 https://www.securityweek.com/apple-ships-major-ios-macos-security-updates/ iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation https://thehackernews.com/2023/10/operation-triangulation-experts-uncover.html Hong Kong residents targeted in malvertising campaigns for WhatsApp, Telegram https://www.malwarebytes.com/blog/threat-intelligence/2023/10/hong-kong-residents-targeted-in-malvertising-campaigns-for-whatsapp-telegram iLeakage攻擊手法可從Safari瀏覽器竊取蘋果用戶的密碼、電子郵件 https://www.bleepingcomputer.com/news/security/new-ileakage-attack-steals-emails-passwords-from-apple-safari/ https://ileakage.com/ https://ileakage.com/files/ileakage.pdf https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/ iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A- and M-Series CPUs https://thehackernews.com/2023/10/ileakage-new-safari-exploit-impacts.html 分析抖音危害李忠憲：沒有人像柯文哲這麼敢 https://news.ltn.com.tw/news/politics/breakingnews/4471395 美國41州指控Meta 臉書及IG蓄意讓孩子上癮 https://reurl.cc/Y0mgR4 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 2023 神盾盃資安競賽暨資安論壇 11/2日集思北科大舉行 https://www.thehubnews.net/archives/298777 羅昇:說明本公司部份資訊系統遭受駭客網路攻擊 https://news.cnyes.com/news/id/5359336?exp=a 紅隊發起攻擊！該來談談產業資安問題 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=1&id=0000677282_RAO182UT9IAGIY1JYFBBA&wpidx=5 線上影視平臺LiTV基礎設施1月遭破壞，涉案前IT主管遭起訴，檢方透露更多細節 https://www.ettoday.net/news/20231020/2606195.htm 美國連鎖便利商店Kwik Trip的IT系統服務中斷，起因是遭到網路攻擊 https://www.bleepingcomputer.com/news/security/kwik-trip-finally-confirms-cyberattack-was-behind-ongoing-outage/ 18國資安專家匯聚臺灣，展開跨國資安攻防演練CODE 2023，臺灣奪得冠軍 https://moda.gov.tw/ACS/press/news/press/8583 FinTIP警報吁提防親以色列駭客國行：日常預防性警告 https://reurl.cc/A0XVDd 為提升醫療照護產業的網路安全，美國CISA提供一站式工具包 https://www.cisa.gov/topics/cybersecurity-best-practices/healthcare 美國CISA、NSA發布新的身分及存取管理指南 https://media.defense.gov/2023/Oct/04/2003313510/-1/-1/0/ESF%20CTR%20IAM%20MFA%20SSO%20CHALLENGES.PDF 美國CISA正在制訂新版的國家網路安全事件回應計畫 https://therecord.media/cisa-working-on-national-incident-response-plan 新加坡對於鎖定當地網站的SQL注入攻擊提出警告 https://www.csa.gov.sg/alerts-advisories/Advisories/2023/ad-2023-021 駭客組織0ktapus持續從事檔案加密及破壞，向受害者進行勒索 https://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/ 駭客組織YoroTrooper鎖定獨立國協國家而來 https://blog.talosintelligence.com/attributing-yorotrooper/ 俄羅斯駭客APT28透過零時差漏洞，入侵法國政府機關、企業組織、學術機構 https://www.cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-009/ 亞太地區的政府機關遭到駭客組織發動TetrisPhantom攻擊，利用安全加密隨身碟散布惡意程式，入侵隔離網路 https://www.ithome.com.tw/news/159514 歐洲政府機關遭到俄羅斯駭客Winter Vivern鎖定，針對網頁電子郵件系統Roundcube發起零時差漏洞攻擊 https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/ Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw https://thehackernews.com/2023/10/record-breaking-100-million-rps-ddos.html 34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams https://thehackernews.com/2023/10/34-cybercriminals-arrested-in-spain-for.html Crambus: New Campaign Targets Middle Eastern Government https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/crambus-middle-east-government Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan https://blog.talosintelligence.com/attributing-yorotrooper/ U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses https://thehackernews.com/2023/10/us-doj-cracks-down-on-north-korean-it_20.html YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group https://thehackernews.com/2023/10/yorotrooper-researchers-warn-of.html 資安官 Chief Information Security Officer https://www.linkedin.com/jobs/view/%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD-chief-information-security-officer-at-shopline-3744311463/ 資訊部 - 網路管理工程師 https://www.104.com.tw/job/84k7t?jobsource=n104bank2 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全員工被釣魚，D-Link驚爆資料外洩事件 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10760 Okta 遭駭用戶資料被竊，BeyondTrust、Cloudflare受影響 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10757 Okta證實客戶技術支援系統遭駭，帳密資料外洩 https://www.bleepingcomputer.com/news/security/okta-says-its-support-system-was-breached-using-stolen-credentials/ https://sec.okta.com/harfiles https://www.beyondtrust.com/blog/entry/okta-support-unit-breach https://blog.cloudflare.com/how-cloudflare-mitigated-yet-another-okta-compromise/ 密碼管理平臺1Password證實因Okta資料外洩遭遇網路攻擊 https://www.bleepingcomputer.com/news/security/1password-discloses-security-incident-linked-to-okta-breach/ 調查：全球50%生成式人工智慧的用戶可能曾在相關應用程式輸入個資 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10752 有人兜售臉書與Instagram的警方入口網站的存取權限 https://securityaffairs.com/152811/cyber-crime/facebook-and-instagrams-police-portal-access.html 針對8月遭遇的勒索軟體攻擊事件，Seiko公布資料外洩的情形 https://www.sii.co.jp/en/news/topics/2023/10/25/12232/ 老闆跟你要資料、帳號被鎖、侵權警告、信箱滿了可能都是釣魚郵件要騙你預防詐騙信的 5 個重點 https://www.inside.com.tw/article/33175-five-ways-to-prevent-scam-letters#google_vignette 密西根大學針對8月遭遇的網路攻擊公布調查結果，證實學生、教職員的個資外洩 https://www.bleepingcomputer.com/news/security/university-of-michigan-employee-student-data-stolen-in-cyberattack/ Hacktivism in the Israel-Hamas Conflict | Citizen Data Leakage Using Old Malware https://www.sentinelone.com/blog/hacktivism-in-the-israel-hamas-conflict-citizen-data-leaked-using-old-malware/ Okta's Support System Breach Exposes Customer Data to Unidentified Threat Actors https://thehackernews.com/2023/10/oktas-support-system-breach-exposes.html 1Password Detects Suspicious Activity Following Okta Support Breach https://thehackernews.com/2023/10/1password-detects-suspicious-activity.html Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html 12名房仲向歹徒購買小白機查詢屋主個資，依個資法遭到起訴 https://news.ltn.com.tw/news/society/breakingnews/4462410 E.研究報告/工具駭侵新手法：將惡意程式碼藏身於區塊鏈內，更加難以偵測也無法下架 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10755 研究人員揭露攻擊行動Operation Triangulation更多細節 https://securelist.com/triangulation-validators-modules/110847/ 窺探職場上所需之資安專業技術與能力 Tdohconf https://www.slideshare.net/jack51706/tdohconf Updated MATA attacks industrial companies in Eastern Europe https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/18092216/Updated-MATA-attacks-Eastern-Europe_full-report_ENG.pdf WatchDog Mining Organization's Activity Analysis https://www.antiy.cn/research/notice&report/research_report/WatchDogTrojans_Analysis.html PLAYCrypt Extortion Software Analysis https://www.antiy.cn/research/notice&report/research_report/PlayCrypt_Analysis.html 研究人員揭露Python竊資軟體ExelaStealer https://www.fortinet.com/blog/threat-research/exelastealer-infostealer-enters-the-field ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges https://thehackernews.com/2023/10/exelastealer-new-low-cost-cybercrime.html Who's Experimenting with AI Tools in Your Organization https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html Make API Management Less Scary for Your Organization https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html The Danger of Forgotten Pixels on Websites: A New Case Study https://thehackernews.com/2023/10/the-danger-of-forgotten-pixels-on.html Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms https://thehackernews.com/2023/10/critical-oauth-flaws-uncovered-in.html How to Keep Your Business Running in a Contested Environment https://thehackernews.com/2023/10/how-to-keep-your-business-running-in.html Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html F.商業 AI、持續性威脅暴露管理列Gartner 2024年十大戰略技術趨勢 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10754 Google Cloud Summit Taipei 2023 助力台灣企業掌握AI 創新關鍵 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10759 Google擴大AI抓漏獎勵範圍，新增生成式AI類別 https://www.ithome.com.tw/news/159528 https://blog.google/technology/safety-security/google-ai-security-expansion/ https://security.googleblog.com/2023/10/googles-reward-criteria-for-reporting.html 整體產業企業資安風險圖（2023～2024） https://www.ithome.com.tw/article/159258 GOOGLE與戰國策集團力推HTTPS及SSL：雙重保障網站排名與安全 https://tyenews.com/2023/10/443739/ 3C女孩激推網路防詐神器！申辦「中華電信防駭守門員」免安裝秒守護 https://www.ettoday.net/news/20231027/2594467.htm G.政府政府推出111短碼簡訊平臺，杜絕詐騙集團冒用公家名義簡訊詐騙 https://www.ithome.com.tw/news/159462 為防堵假冒政府機關的簡訊詐騙，數位發展部推出專屬短碼簡訊平臺111 https://moda.gov.tw/press/press-releases/8607 台南沙崙科學城持續發展進駐率93% https://www.cna.com.tw/news/aloc/202310270058.aspx H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 Unleashing the Power of the Internet of Things and Cyber Security https://thehackernews.com/2023/10/unleashing-power-of-internet-of-things.html QNAP 偕同 Digital Ocean 成功阻斷 NAS 弱密碼攻擊，保障用戶資料安全 https://reurl.cc/V4nAMy 工控自動化設備業者Rockwell針對思科IOS XE零時差漏洞提出警告，旗下工業網路交換器也曝險 https://www.securityweek.com/rockwell-automation-warns-customers-of-cisco-zero-day-affecting-stratix-switches/ https://www.rockwellautomation.com/en-in/support/advisory.PN1653.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-297-01 俄羅斯工業組織遭到後門程式攻擊，駭客企圖竊取機密資料 https://securelist.ru/ataki-na-industrialnyj-i-gosudarstvennyj-sektory-rf/108229/ 全球網路攝影機帶來的機會與挑戰 https://www.slideshare.net/tw_dsconf/ss-64107449 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會旅遊服務銜接 AIGC 的各種坑 2023/10/30 https://www.meetup.com/rladies-taipei/events/296239571/ OpenText 當AI遇見資安零信任浪潮下產業新競局 - MetaAge 邁達特 2023/11/2 https://www.metaage.com.tw/events/283 ISC2 Taipei Chapter 2023年度會員大會暨「信任始於安全」研討會 2023/11/4 https://isc2taipei.kktix.cc/events/nosecuritynotrust 2023金融資安論壇-金融上雲迎風挑戰資安布局 2023/11/7 https://www.accupass.com/event/2309260331486394385550?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ Web應用滲透測試 2023/11/9 ~ 2023/11/10 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 MOPCON 2023 2023/11/11 ~ 2023/11/12 https://mopcon.kktix.cc/events/2023-students https://mopcon.kktix.cc/events/mopcon-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512 國泰天職學X職游｜How IT Works SMART 2023/11/18 https://www.accupass.com/event/2309190510226744374250?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 2023 台灣智動化檢測驗證聯盟大會暨工業安全規範研討會 2023/11/22 https://www.accupass.com/event/2309200309193935682920?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 資安防無懼一步到位 : Affordable SOC 有效強化企業核心資安防護力 2023/11/28 https://www.gss.com.tw/content-page/173-currcular/3599-2023-11-28 Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 【Monosparta】②⓪②④ 第一梯次軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401