資安事件新聞週報 2022/11/21 ~ 2022/11/25

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2022/11/21 ~ 2022/11/25 1.重大弱點漏洞/後門/Exploit/Zero Day 研究人員公布微軟Exchange漏洞ProxyNotShell的概念性驗證攻擊程式 https://www.bleepingcomputer.com/news/security/exploit-released-for-actively-abused-proxynotshell-exchange-bug/ 研究人員公布macOS沙箱逃逸漏洞的概念性驗證程式 https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal/ Akamai全面解析六類漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10184 Atlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket Products https://thehackernews.com/2022/11/atlassian-releases-patches-for-critical.html Atlassian修補Bitbucket伺服器的重大命令注入漏洞 https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-command-injection-bug-in-bitbucket-server/ Top 10 Vulnerability Management Tools for 2022 – A Complete Review https://www.reflectiz.com/blog/vulnerability-management-tools/?utm_source=email AWS的AppSync服務出現跨租戶漏洞 https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/ Samba修補可被用於阻斷服務、遠端執行任意碼的漏洞 https://www.securityweek.com/samba-patches-vulnerability-can-lead-dos-remote-code-execution 研究人員發現勒索軟體Zeppelin漏洞，並用於製作解密金鑰 https://blog.unit221b.com/dont-read-this-blog/0xdead-zeppelin 2.銀行/金融/保險/證券/支付系統/金融監理新聞及資安印度證券保管服務商CDSL遭惡意軟體攻擊，內部系統也受到破壞 https://techcrunch.com/2022/11/18/cdsl-malware-internal-systems/ 她15年辛苦存523萬，領錢竟「帳戶歸零」還欠56萬，全因行員做這件事…開戶1動作恐被盜領 https://www.businesstoday.com.tw/article/category/183012/post/202211230075/ 收到銀行通知？信用卡資料無條件接受美國查緝管轄？與實際情況不符 https://www.mygopen.com/2022/11/bank.html 網傳圖片「自2023年1月1日起，台灣人民的個人財產往來以及銀行、信用卡之間的資料，必須無條件接受美國財政部及司法部查緝管轄」 https://tfc-taiwan.org.tw/articles/8482 印度在農村地區推出 75 個數位銀行據點以推動普惠金融 https://blog.twnic.tw/2022/11/24/24900/ 華南金設資訊安全長林貴姬接任 https://ctee.com.tw/news/finance/761486.html 金融資安若出包恐增提風險資本計提、影響業務准駁 https://reurl.cc/mZrbDM 財金雙部會力推資安防護 https://udn.com/news/story/7239/6760864 完備資安制度建構聯防體系 https://www.chinatimes.com/newspapers/20221109000338-260210?chdtv 數位業務優化解決投資痛點 https://reurl.cc/337Ax8 3.電子支付/行動支付/pay/資安用行動支付買車票享有旅平險嗎？6大Q&A一次搞懂 https://reurl.cc/069bXK 全支付拿下台鐵、特力屋等通路！「300萬會員」後挑戰才開始？電支真正戰場為何 https://www.bnext.com.tw/article/72674/pxpayplus-2022q4 泰國Google錢包插旗！邁向電子支付無現金社會央行拚2026現金流減半 https://reurl.cc/ymYbmM 樋熥支付來台整合線上線下 https://reurl.cc/MX4mXp 零售轉戰電子支付的策略思維 https://fc.bnext.com.tw/articles/view/2552 電子支付首家！歐付寶導入財金公司平台串接銀行快付 https://www.cardu.com.tw/mpay/detail.php?40240 帳戶錢秒被搬光！悠遊付、街口成詐騙溫床　可要求損害賠償 https://finance.ettoday.net/news/2387661 第三方支付詐騙簡訊暴增！金管會祭防堵新招 https://reurl.cc/jR34Rp 支付綁卡盜刷手法曝金管會：簡訊告知「綁卡」非消費 https://udn.com/news/story/7239/6767590 支付大戰/蝦皮效應發威，金管會將祭2招防第三方支付業者躲避規管 https://money.udn.com/money/story/5613/6781603 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安因加密貨幣交易所FTX破產受害的用戶被駭客盯上，透過推特認證的帳號流傳Deepfake影片吸引想翻本的人 https://www.vice.com/en/article/v7vj9a/sam-bankman-fried-deepfake-offers-refund-to-victims-in-verified-twitter-account-scam 加密貨幣交易所Coinbase、MetaMask雙因素驗證被繞過，駭客透過TeamViewer、冒牌客服支援得逞 https://pixmsecurity.com/blog/phish/coinbase-attacks-bypass-2fa/ 台灣Defi新創 Numbers Protocol 遭駭客攻擊！Slowmist籲：盡快斷開“跨鏈橋錢包連結” https://www.blocktempo.com/numbers-protocol-announcement-the-cross-chain-bridge-has-been-attacked/ CryptoQuant CEO：Mt. Gox駭客相關地址行動了沉睡7年的1萬枚比特幣 https://news.cnyes.com/news/id/5018194 與 Mt.Gox 駭客事件有關的 BTC-e 錢包轉移 10,000 顆比特幣到兩個不明地址 https://zombit.info/btc-e-exchange-address-wakes-up-linked-mt-gox-hack/# 加密貨幣交易所FTX破產事件前執行長當私人金庫、花3億美金置產 https://www.taiwannews.com.tw/ch/news/4728407 閱讀筆耕｜比特幣是什麼？比特幣的源起、運作與特性 https://reurl.cc/DX4pWm FTX更多荒唐事跡曝光！SBF把公司當「私人領地」，部分資產可能已消失 https://www.bnext.com.tw/article/72815/ftx-ceo-company-private 俄國研擬成立「國有加密交易所」，杜防FTX慘案和漏稅 https://www.blocktempo.com/russian-congress-is-making-law-to-launch-national-crypto-exchange/ 數據：過去10小時Nexo地址共轉出15498枚ETH，其中過半已轉至Binance交易所 https://news.cnyes.com/news/id/5019397 屋漏偏逢連夜雨！駭客鏈上留言稱已掌握 Steaker 用戶個資不付錢就公開 https://www.inside.com.tw/article/29797-steaker-hacked 數據：過去48小時內，BTC鯨魚出售了超10萬枚BTC https://news.cnyes.com/news/id/5019019 FTX事件對演算藝術的影響 https://reurl.cc/584LgM 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Play 勒索軟體利用用戶存取惡意網站時的檔案下載形式進入系統 https://blog.trendmicro.com.tw/?p=74797 2022年全球醫療機構因勒索軟體攻擊平均停機超過16天 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10196 微軟：93% 勒索軟體事件回應項目顯示特權存取和橫向移動控制不足 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10183 Sophos：犯罪分子透過網路犯罪商業化、發動更多新型勒索軟體攻擊和加倍竊取憑證來牟取暴利 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10193 閰羅王勒索軟體背後的駭客組織是俄羅斯人 https://www.trellix.com/en-gb/about/newsroom/stories/research/yanluowang-ransomware-leaks-analysis.html 電腦遊戲玩家遭到鎖定，駭客假借提供微星Afterburner公用程式散布挖礦軟體 https://blog.cyble.com/2022/11/23/fake-msi-afterburner-sites-delivering-coin-miner/ 惡意瀏覽器擴充套件SearchBlox針對Roblox玩家而來，20萬用戶上當 https://www.bleepingcomputer.com/news/security/backdoored-chrome-extension-installed-by-200-000-roblox-players/ 安卓版OpenVPN、SoftVPN應用程式遭到竄改，被用於散布間諜軟體 https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/ 印度資訊中心的伺服器遭到勒索軟體攻擊，影響醫學研究機構AIIMS運作 https://indianexpress.com/article/cities/delhi/aiims-ransomware-attack-services-hit-8285901/ 美國企業遭到勒索軟體Black Basta鎖定 https://www.cybereason.com/blog/threat-alert-aggressive-qakbot-campaign-and-the-black-basta-ransomware-group-targeting-u.s.-companies Google針對殭屍網路Glupteba經營者起訴，贏得官司勝利 https://blog.google/outreach-initiatives/public-policy/a-ruling-in-our-legal-case-against-the-glupteba-botnet/ Roblox玩家遭鎖定，瀏覽器被植入惡意擴充套件 https://www.bleepingcomputer.com/news/security/backdoored-chrome-extension-installed-by-200-000-roblox-players/ 安卓惡意軟體Sharkbot偽裝成檔案總管App散布 https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/ 勒索駭客組織Donut也開始加密受害電腦檔案 https://www.bleepingcomputer.com/news/security/donut-extortion-group-also-targets-victims-with-ransomware/ 竊密軟體Aurora攻擊行動升溫，至少有7組駭客採用 https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/ 竊密軟體Ducktail藉由WhatsApp散布 https://www.withsecure.com/en/whats-new/pressroom/ducktail-attacks-costing-victims-hundreds-of-thousands-of-dollars 惡意軟體VenomSoftX假冒Google試算表瀏覽器擴充套件，竊取加密貨幣錢包 https://decoded.avast.io/janrubin/vipersoftx-hiding-in-system-logs-and-spreading-venomsoftx/ 亞洲航空遭到勒索軟體駭客Daixin攻擊，5百萬旅客與員工資料外洩 https://www.databreaches.net/airasia-victim-of-ransomware-attack-passenger-and-employee-data-acquired/ 竊密軟體Aurora攻擊行動升溫，至少有7組駭客採用 https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/ 中國駭客組織Earth Preta濫用Google Drive散布惡意軟體 https://www.trendmicro.com/en_us/research/22/k/earth-preta-spear-phishing-governments-worldwide.html 勒索軟體AXLocker結合加密受害電腦檔案及竊取Discord帳號能力 https://blog.cyble.com/2022/11/18/axlocker-octocrypt-and-alice-leading-a-new-wave-of-ransomware-campaigns/ 惡意軟體QBot透過MoTW漏洞入侵受害電腦 https://www.bleepingcomputer.com/news/security/new-attacks-use-windows-security-bypass-zero-day-to-drop-malware/ PyPI再傳惡意套件，數百人受害，駭客運用隱寫技術將程式碼埋藏在圖片 https://www.ithome.com.tw/news/154311 惡意軟體Mars Stealer有漏洞資安公司：駭客恐反受其害 https://www.technice.com.tw/cloudtech/infosecurity/27734/ 資安人員發現新一波針對美國企業的Black Basta勒索軟體攻擊 https://times.hinet.net/news/24271980 DUCKTAIL: An infostealer targeting Facebook Business accounts https://labs.withsecure.com/content/dam/labs/docs/WithSecure_Research_DUCKTAIL.pdf https://github.com/WithSecureLabs/iocs/blob/master/DUCKTAIL/iocs.csv Koxic Ransomware Being Distributed in Korea https://asec.ahnlab.com/en/42343/ Bahamut cybermercenary group targets Android users with fake VPN apps https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/ Beware of Cybercriminals Preying on Online Shoppers on Black Friday https://www.fortinet.com/blog/threat-research/Beware-of-Cybercriminals-Preying-on-Online-Shoppers-on-Black-Friday Fake MSI Afterburner Sites Delivering Coin-Miner https://blog.cyble.com/2022/11/23/fake-msi-afterburner-sites-delivering-coin-miner/ THREAT ALERT: Aggressive Qakbot Campaign and the Black Basta Ransomware Group Targeting U.S. Companies https://www.cybereason.com/blog/threat-alert-aggressive-qakbot-campaign-and-the-black-basta-ransomware-group-targeting-u.s.-companies WannaRen Returns as Life Ransomware, Targets India https://www.trendmicro.com/en_us/research/22/k/wannaren-returns-as-life-ransomware--targets-india.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/k/wannaren-returns-as-life-ransomware,-targets-india/wannaren-returns-as-life-ransomware-iocs.txt Ransomware Roundup: Cryptonite Ransomware https://www.fortinet.com/blog/threat-research/Ransomware-Roundup-Cryptonite-Ransomware An In-Depth Look at the North Korean Threat Actor, ZINC https://explore.avertium.com/resource/an-in-depth-look-at-north-korean-threat-actor-zinc RobinBot – A new type of DDoS botnet in rapid expansion https://mp.weixin.qq.com/s/CQgBh46m3aU1ZDs503M8AQ ViperSoftX: Hiding in System Logs and Spreading VenomSoftX https://decoded.avast.io/janrubin/vipersoftx-hiding-in-system-logs-and-spreading-venomsoftx/ Nighthawk Pentest Tool https://raw.githubusercontent.com/fboldewin/YARA-rules/master/nighthawk.yar https://www.proofpoint.com/us/blog/threat-insight/nighthawk-and-coming-pentest-tool-likely-gain-threat-actor-notice https://www.mdsec.co.uk/2022/05/nighthawk-0-2-catch-us-if-you-can/ Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament https://www.trellix.com/en-us/assets/docs/arab-fifa-campaigns-poc.pdf Android SharkBot Droppers on Google Play Underline Platform's Security Needs https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/ Aurora: a rising stealer flying under the radar https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/ Earth Preta Spear-Phishing Governments Worldwide https://www.trendmicro.com/en_us/research/22/k/earth-preta-spear-phishing-governments-worldwide.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/k/earth-preta-spear-phishing-governments-worldwide/IOCs-earth-preta-spear-phishing-since-march.txt LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities https://thehackernews.com/2022/11/lodarat-malware-resurfaces-with-new.html Hive Ransomware Attackers Extorted $100 Million from Over 1,300 Companies Worldwide https://thehackernews.com/2022/11/hive-ransomware-attackers-extorted-100.html FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva https://thehackernews.com/2022/11/fbi-wanted-leader-of-notorious-zeus.html Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware https://thehackernews.com/2022/11/microsoft-warns-of-hackers-using-google.html Notorious Emotet Malware Returns With High-Volume Malspam Campaign https://thehackernews.com/2022/11/notorious-emotet-malware-returns-with.html Google Wins Lawsuit Against Russians Linked to Blockchain-based Glupteba Botnet https://thehackernews.com/2022/11/google-wins-lawsuit-against-russians.html Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild https://thehackernews.com/2022/11/google-identifies-34-cracked-versions.html Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware https://thehackernews.com/2022/11/researchers-warn-of-cyber-criminals.html Daixin Ransomware Gang Steals 5 Million AirAsia Passengers' and Employees' Data https://thehackernews.com/2022/11/daixin-ransomware-gang-steals-5-million.html Notorious Emotet Malware Returns With High-Volume Malspam Campaign https://thehackernews.com/2022/11/notorious-emotet-malware-returns-with.html 34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malware https://thehackernews.com/2022/11/34-russian-hacker-groups-stole-over-50.html Ducktail Malware Operation Evolves with New Malicious Capabilities https://thehackernews.com/2022/11/ducktail-malware-operation-evolves-with.html This Malware Installs Malicious Browser Extensions to Steal Users' Passwords and Cryptos https://thehackernews.com/2022/11/this-malware-installs-malicious-browser.html New RansomExx Ransomware Variant Rewritten in the Rust Programming Language https://thehackernews.com/2022/11/new-ransomexx-ransomware-variant.html This Android File Manager App Infected Thousands of Devices with SharkBot Malware https://thehackernews.com/2022/11/this-android-file-manager-app-infected.html Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware https://thehackernews.com/2022/11/black-basta-ransomware-gang-actively.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Meta Reportedly Fires Dozens of Employees for Hijacking Users' Facebook and Instagram Accounts https://thehackernews.com/2022/11/meta-reportedly-fires-dozens-of.html Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation https://thehackernews.com/2022/11/meta-takes-down-fake-facebook-and.html Meta開除挾持使用者臉書與IG帳號的員工 https://thehackernews.com/2022/11/meta-reportedly-fires-dozens-of.html Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html Arm修補的Mali GPU晶片漏洞手機廠商仍未套用，數百萬安卓手機曝險 https://www.ithome.com.tw/news/154424 Arm晶片的GPU驅動程式漏洞恐使數百萬手機曝險 https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html Windows版iCloud顯示其他用戶照片，引發資安疑慮 https://www.ithome.com.tw/news/154359 Android漏洞恐讓攻擊者繞過手機螢幕鎖定保護 https://www.ithome.com.tw/news/154208 別讓駭客有機會入侵　資安專家：安卓用戶容易忽略這點 https://www.ettoday.net/news/20221124/2387078.htm 歐洲資料保護專員指出：卡達世界盃官方App有隱私風險，不建議球迷下載使用 https://www.techbang.com/posts/101969-the-european-data-protection-commissioner-pointed-out-that C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 TWCERT 2022台灣資安通報應變年會聚焦「資安韌性營運永續」 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10182 已中止發展與維護的Boa網頁伺服器系統成為攻擊目標，駭客藉此對能源組織下手 https://www.microsoft.com/en-us/security/blog/2022/11/22/vulnerable-sdk-components-lead-to-supply-chain-risks-in-iot-and-ot-environments/ 英國威廉王子網站傳出遭駭客組織Killnet攻擊 https://www.express.co.uk/news/uk/1699778/Killnet-hackers-Russia-war-UK-websites-Royal-Family-latest-update 俄羅斯網路監管機關傳出遭到白俄羅斯駭客入侵 https://therecord.media/belarusian-hacktivists-claim-to-breach-russias-internet-regulator/ 歐洲議會網站在遭駭客攻擊癱瘓數小時後已恢復正常 https://reurl.cc/Z19o6Q 歐洲議會遭到DDoS攻擊，起因是認定俄羅斯實行恐怖主義 https://www.ithome.com.tw/news/154391 俄毀烏半數電網歐洲議會認俄支持恐怖主義傳克里米亞被襲前英相爆德勸降猛料 https://m.soundofhope.org/post/673929?lang=b5 美國政府要求聯邦機構半年內導入後量子加密防護措施 https://www.scmagazine.com/analysis/data-security/white-house-sets-six-month-timeline-for-agencies-to-kick-off-post-quantum-encryption-migration-work 美國國防部揭露零信任框架與藍圖，預計於2027年完成部署 https://www.ithome.com.tw/news/154403 「看到的都已被駭客操控」中國製無人機充斥華府上空　美憂國安風險 https://tw.nextapple.com/international/20221124/DA4A1D21CA59F9F1A44DEE4A898AEC9B 首設部長級資安首長，澳洲運用資安政策發揮國際影響力 https://www.ithome.com.tw/news/154345 伊朗駭客在美國聯邦機構網路上植入挖礦程式 https://www.ithome.com.tw/news/154274 美太空軍在夏威夷成立首座海外指揮中心　針對防禦中國而設 https://www.upmedia.mg/news_info.php?Type=3&SerialNo=160018 CENTR 發布關於歐洲國家域名註冊機構註冊資料準確性的白皮書 https://blog.twnic.tw/2022/11/25/24904/ 中國網絡法治十年回顧學術研討會成功舉辦 https://www.secrss.com/articles/49379 W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack https://thehackernews.com/2022/11/w4sp-stealer-constantly-targeting.html Chinese 'Mustang Panda' Hackers Actively Targeting Governments Worldwide https://thehackernews.com/2022/11/chinese-mustang-panda-hackers-actively.html U.S. Authorities Seize Domains Used in 'Pig butchering' Cryptocurrency Scams https://thehackernews.com/2022/11/us-authorities-seize-domains-used-in.html Top Cyber Threats Facing E-Commerce Sites This Holiday Season https://thehackernews.com/2022/11/top-cyber-threats-facing-e-commerce.html 資訊安全管理師-全日總公司 https://www.104.com.tw/job/7tray 資安開發工程師(視訊/線上面談)-擴編職缺 https://www.104.com.tw/job/7trgj 資安稽核管理師 https://www.104.com.tw/job/79z8m?jobsource=jolist_d_relevance D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全自由亞洲電臺傳出資料外洩，近4千人受影響 https://therecord.media/personal-data-of-nearly-4000-people-leaked-in-hack-of-radio-free-asia/ 國際警方聯手破獲線上詐騙服務iSpoof https://www.ithome.com.tw/news/154428 俄羅斯駭客7個月內竊取了逾5千萬組密碼 https://www.group-ib.com/media-center/press-releases/professional-stealers/ 偽裝成新加坡國際貨幣交易平臺詐騙網域遭到扣押 https://www.justice.gov/usao-edva/pr/court-authorizes-seizure-domains-used-furtherance-cryptocurrency-pig-butchering-scheme 黑色星期五相關的垃圾郵件逾半數有詐 https://www.bitdefender.com/blog/hotforsecurity/just-your-yearly-dose-of-black-friday-spam-cybercrooks-get-ahead-of-the-game-to-steal-shoppers-info 以世界盃足球賽為幌子的釣魚郵件攻擊升溫，被用於散布Emotet、QBot、Remcos惡意軟體 https://www.trellix.com/en-us/about/newsroom/stories/research/email-cyberattacks-on-arab-countries-rise.html 駭客組織Luna Moth發動電話網釣攻擊，遠端協助工具Zoho Assist遭濫用而成為綁架受害者電腦的幫凶 https://unit42.paloaltonetworks.com/luna-moth-callback-phishing/ Google提供的Data Studio遭到濫用，影響搜尋引擎結果 https://www.bleepingcomputer.com/news/security/google-search-results-poisoned-with-torrent-sites-via-data-studio/ 15萬Mastodon用戶資料遭到網頁抓取而洩露 https://www.hackread.com/leaky-server-mastodon-users-data/ 教育機構遭到駭客鎖定，以Instagram異常登入的名義發動網釣攻擊 https://www.armorblox.com/blog/instagram-credential-phishing-email-attack 常用密碼駭客1秒就破解！你的密碼有在這份清單上嗎 https://money.udn.com/money/story/5599/6789710 Meta旗下WhatsApp發生數據洩露，涉及近5億用戶 https://news.knowing.asia/news/dfa50ae4-4c82-4d31-896c-55f64f3bb208 全球近 5 億 WhatsApp 用戶的電話號碼被駭客明碼標售影響涵蓋 84 個國家/地區 https://www.kocpc.com.tw/archives/471007 Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign https://thehackernews.com/2022/11/chinese-hackers-using-42000-imposter.html Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022 https://thehackernews.com/2022/11/indian-government-publishes-draft-of.html Been Doing It The Same Way For Years? Think Again. https://thehackernews.com/2022/11/been-doing-it-same-way-for-years-think.html Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns https://thehackernews.com/2022/11/luna-moth-gang-invests-in-call-centers.html E.研究報告/工具為讓組織能發現Cobalt Strike遭濫用的跡象，Google發布YARA規則 https://www.ithome.com.tw/news/154301 紅隊? 藍隊? 資安界全明星運動會的分組嗎？feat. 黃綱正 https://player.soundon.fm/p/8fdc3e51-8bfb-4bfa-9c65-8ea2ce5a6eb7/episodes/ef76ae50-c262-40c3-8f41-d669334f1614 研究：美國開源軟件安全評價方法體系分析 https://www.secrss.com/articles/49394 域滲透-橫向移動命令總結 https://www.freebuf.com/articles/system/350266.html Threat hunting with MITRE ATT&CK and Wazuh https://thehackernews.com/2022/11/threat-hunting-with-mitre-att-and-wazuh.html Here's How to Ensure Your Incident Response Strategy is Ready for Holiday Hackers https://thehackernews.com/2022/11/heres-how-to-ensure-your-incident.html Been Doing It The Same Way For Years? Think Again. https://thehackernews.com/2022/11/been-doing-it-same-way-for-years-think.html Hackers Exploiting Abandoned Boa Web Servers to Target Critical Industries https://thehackernews.com/2022/11/hackers-exploiting-abandoned-boa-web.html Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike https://thehackernews.com/2022/11/nighthawk-likely-to-become-hackers-new.html Boost Your Security with Europe's Leading Bug Bounty Platform https://thehackernews.com/2022/11/boost-your-security-with-europes.html Bahamut Cyber Espionage Hackers Targeting Android Users with Fake VPN Apps https://thehackernews.com/2022/11/bahamut-cyber-espionage-hackers.html How I learned Hacking as a teenager https://medium.com/codex/how-i-learned-hacking-as-a-teenager-4120a7ae69eb Reflected XSS using Double Encoding https://ag3n7.medium.com/got-another-xss-using-double-encoding-e6493a9f7368 My Coding Productivity Hack! https://medium.com/@y0ung.m4mba/my-coding-productivity-hack-394373de491a CSS vs CSS-in-JS Performance https://medium.com/@pitis.radu/css-vs-css-in-js-performance-bcbdf8e1f6ff Best Windows Terminal System Monitors https://medium.com/technology-hits/best-windows-terminal-system-monitors-8ab401b555ae Using Log Parsing to Stop Microsoft IIS Backdoor Attacks https://medium.com/eclecticiq/using-log-parsing-to-stop-microsoft-iis-backdoor-attacks-3bd6081dc47d 10 Core SQL Concepts Every Developer Needs to Know https://medium.com/geekculture/10-core-sql-concepts-every-developer-needs-to-know-10ed6d1ebb67 P1 Bug Hunting: A Step by Step Guide to SQL Injection https://thegrayarea.tech/p1-bug-hunting-a-step-by-step-guide-to-sql-injection-76f95c8986b0 F.商業 DLP架構越來越複雜 ! Acronis 推創新追蹤機制，預防嚴重資料洩漏 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10186 安華聯網解析SBOM管理對策，循序化解軟體供應鏈資安破口 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10190 Google雲端部署可抵抗量子攻擊的加密演算法 https://www.ithome.com.tw/news/154344 微軟中小企業雲端DDoS防護服務正式上線 https://www.ithome.com.tw/news/154361 黑色產業鏈盛行! 戴夫寇爾綜合 AI+駭客思維檢視資安體質提升資安策略 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10198 培育資安人才，風險辨識可為第一步 https://technews.tw/2022/11/24/devcore-deepfake/ 資安人才缺口持續擴大，建議企業整合及自動化安全基礎建設以有效抵禦威脅 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/C10EDCCD1F3D45548003CC020AB66C2F 資安、雲端需求有撐，精誠看明年審慎樂觀 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=a5bcc8df-ef87-476b-af5a-36795f2bec76 安碁資訊資安學苑明年對外開課擬拓展泰國業務 https://www.cna.com.tw/news/afe/202211240066.aspx 安碁資訊強攻SOC商機 https://www.sinotrade.com.tw/richclub/news/637f9c09ebc145b27d66d2a4 G.政府涉收陸企資金對臺認知作戰，法務部調查局約談6人送辦 https://www.cna.com.tw/news/asoc/202211180172.aspx 「紙飛機」選前現災情保三警線上阻駭客入侵公務系統 https://news.ltn.com.tw/news/society/breakingnews/4134542 選舉期間請各單位注意資安維運暨系統之防護。 https://www.shu.edu.tw/News.aspx?from=01&sID=29778 強化資訊安全！教育部宣布大學將禁用「大陸廠牌」電腦、影印機、監視器 https://reurl.cc/28zArn 台軍官「投降承諾書」被訴國安局長促修法同叛國罪 https://reurl.cc/GX4qbx 監委巡察關注資安王國材：汰換中國製資通設備 https://living.taronews.tw/2022/11/24/875212/ 四技二專特殊選才增額資安人才計畫校系有加註 https://news.cts.com.tw/cna/life/202211/202211242114210.html 疫苗護照啟發電子病歷新應用，衛福部要將出院病摘加入蘋果健康App https://www.ithome.com.tw/news/154379 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安臺廠Lanner基板管理控制器韌體被揭露13個漏洞，其中4個最嚴重，恐使OT與IoT設備遭到攻擊 https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/ 歐姆龍PLC設備重大漏洞被用於散布工控系統惡意軟體 https://www.securityweek.com/omron-plc-vulnerability-exploited-sophisticated-ics-malware 微軟：IoT裝置內嵌的Boa網頁伺服器逾20年未更新許多企業因此被駭而不自知 https://reurl.cc/OEGoO9 法規帶動資安剛需自由系統成電子IC大廠資安戰略夥伴 https://www.digitimes.com.tw/iot/article.asp?id=0000650467_VBI5PLJ45IKNO78H35VQX MCU扮物聯網要角國際大廠產品策略各有千秋 https://www.digitimes.com.tw/iot/article.asp?id=0000650677_IAC542O68OHN126O2SWZZ 真實案例！惡意黑客利用物聯網設備成功入侵電網 https://www.secrss.com/articles/49412 《工業互聯網密碼支撐標準體系建設指南》《車聯網（智能網聯汽車）密碼支撐標準體系建設指南》正式發布 https://www.aqniu.com/homenews/91498.html I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 我國網路資安狂被駭監委申請自動調查 https://www.chinatimes.com/realtimenews/20220810003152-260407?chdtv 6.近期資安活動及研討會 2023智慧安控解決方案趨勢與商機論壇 2022/11/28 https://www.tca.org.tw/exhibit_info1.php?n=1837 DevOps Taiwan Meetup #46（線上） - 地端雲端佈署之規劃方針 2022/11/29 https://devops.kktix.cc/events/meetup-46 Taiwan BitDevs Meetup - There is Bitcoin and There is Everything Else 2022/11/29 https://www.meetup.com/taiwan-bitdevs/events/289921132/ Google ML Summit 2022分享 / Jack 訪談 2022/11/29 https://www.meetup.com/tensorflow-user-group-taipei/events/289926225/ 成為軟體工程師第 1 步：Campus Program Batch #3 政大午餐交流會 2022/11/30 https://www.accupass.com/event/2211150648564758418520 SyntaxError 2022/11/30 https://www.meetup.com/pythonhug/events/289945667/ [Python 入門] 線上 2022/12 月份 2022/12/3 https://www.meetup.com/pyladiestw/events/289602296/ Taipei Video Tech #8 2022/12/5 https://www.meetup.com/taipei-video-technology/events/289181348/ 物聯網安全高峰論壇 2022/12/6 https://www.mem.com.tw/event/web%20test/index.html Digital Drinks Q4 Professional Networking 2022/12/8 https://www.meetup.com/taiwan-digital-drinks/events/289763244/ 【2022 BSI國際資安標準管理年會】國際資安標準轉版登場建構數位信任生態系 X ISO 27001: 2022開啟資訊安全新篇章 2022/12/9 https://www.accupass.com/event/2209140534491861303029 Taipei dbt Meetup #8 (in-person 👫 & online 👨‍💻)2022/12/10 https://www.meetup.com/taipei-dbt-meetup/events/289554036/ 鴻海研究院-NExT Forum：量子通信技術與應用 2022/12/12 https://www.accupass.com/event/2211140443441110230297 Networking Happy Hour @ Taipei Blockchain Week - Barcade 2022/12/13 https://www.meetup.com/taiwan-blockchain-cryptocurrency/events/289618006/ 強化郵件與雲端資安！Google Workspace & HENNGE 線上研討會 2022/12/13 https://www.accupass.com/event/2211150553486394682940 Jamf Nation Taipei｜2023 全球資安模型 CIO/CISO 高峰會 2022/12/15 https://jamf.kktix.cc/events/jamfnation2022 TANET 2022 WORKSHOP PROGRAM -「第二屆數位鑑識、醫療私密與網駭安全」 2022/12/15 ~ 2022/12/17 https://tanet2022.esam.io/ ICS 2022 WORKSHOP PROGRAM -「Ubiquitous Cybersecurity and Forensics」 2022/12/15 ~ 2022/12/17 https://ics2022.esam.io/ HITCON GIRLS 2022 女性主管經驗談 2022/12/17 https://hitcon.kktix.cc/events/hitcongirlsworkexperience2022 【新竹限定】一日駭客體驗營｜６小時了解資安滲透 2022/12/17 https://www.accupass.com/event/2211150642209239161690 全球視野解鎖未來工作趨勢! Atlassian Work Life 大會精華分享 2022/12/17 https://www.meetup.com/taipei-atlassian-community-events/events/289787941/ 一日駭客x網路弱點滲透 2022/12/17 https://www.accupass.com/event/2210270652481821159224 製造業資安防禦新攻略！從邊緣到 IT 全面守護供應鏈 2022/12/21 https://www.accupass.com/event/2211180201203157149490 一鍵完成設備部署、資安、合規的實作秘笈 | In Taipei Apple Office 2022/12/23 https://jamf.kktix.cc/events/onetouch2022-2 【線上研討會】ISO/IEC 27001：2022 改版研討會 2022/12/23 https://www.accupass.com/event/2211090318242100958423 【高雄限定】一日駭客體驗營｜６小時了解資安滲透 2023/1/14 https://www.accupass.com/event/2211150721101457239234