資安事件新聞週報 2023/4/24 ~ 2023/4/28

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/4/24 ~ 2023/4/28 1.重大弱點漏洞/後門/Exploit/Zero Day 美國 CISA 最新收錄三大漏洞，涉及Google和ChatGPT https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10424 CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug https://thehackernews.com/2023/04/cisa-adds-3-actively-exploited-flaws-to.html Google雲平台現「鬼魂漏洞」，能讓惡意軟體隱身 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10425 VMware 發布 Aria Operations for Logs 安全更新 https://www.cisa.gov/news-events/alerts/2023/04/21/vmware-releases-security-update-aria-operations-logs VMware兩套PC虛擬化軟體被挖出漏洞，本周公布修補方式 https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-zero-day-exploit-chain-used-at-pwn2own/ VMware Releases Critical Patches for Workstation and Fusion Software https://thehackernews.com/2023/04/vmware-releases-critical-patches-for.html Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products https://thehackernews.com/2023/04/cisco-and-vmware-release-security.html Cisco 發布多個產品的安全公告 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cml-auth-bypass-4fUCCeG5 思科伺服器管理工具存在零時差漏洞，恐被用於跨網站指令碼攻擊 https://www.bleepingcomputer.com/news/security/cisco-discloses-xss-zero-day-flaw-in-server-management-tool/ Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now https://thehackernews.com/2023/04/zyxel-firewall-devices-vulnerable-to.html Modernizing Vulnerability Management: The Move Toward Exposure Management https://thehackernews.com/2023/04/modernizing-vulnerability-management.html Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks https://thehackernews.com/2023/04/apache-superset-vulnerability-insecure.html 服務定位協定SLP漏洞恐被用於DDoS流量放大攻擊 https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks https://thehackernews.com/2023/04/new-slp-vulnerability-could-let.html 微軟正式宣判 Windows 10 功能更新到此（22H2）為止 https://www.kocpc.com.tw/archives/489870 強化企業版本Chrome安全，Google提供擴充套件評估工具 https://cloud.google.com/blog/products/chrome-enterprise/secure-enterprise-browsing-more-data-protections-visibility-and-insights 電子商務平臺PrestaShop出現能讓後臺使用者刪除資料庫的漏洞 https://www.bleepingcomputer.com/news/security/prestashop-fixes-bug-that-lets-any-backend-user-delete-databases/ 開源資料視覺化工具Apache Superset存在RCE漏洞 https://www.horizon3.ai/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution/ 強化PyPI套件發布者的身分安全性，可運用無密碼方式自動發布套件 https://www.securityweek.com/solarwinds-platform-update-patches-high-severity-vulnerabilities/ Intel處理器存在瞬間執行漏洞，恐被用於旁路攻擊 https://arxiv.org/pdf/2304.10877.pdf SolarWinds修補高風險漏洞 https://www.securityweek.com/solarwinds-platform-update-patches-high-severity-vulnerabilities/ 開源物件儲存系統MinIO存在漏洞，起因是ChatGPT採用了含有漏洞的版本 https://www.greynoise.io/blog/openai-minio-and-why-you-should-always-use-docker-cli-scan-to-keep-your-supply-chain-clean 供資安人員通報GitHub儲存庫漏洞的功能正式上線 https://github.blog/2023-04-19-private-vulnerability-reporting-now-generally-available/ Google Cloud平臺存在漏洞GhostToken，恐導致用戶帳號遭到挾持 https://astrix.security/ghosttoken-exploiting-gcp-application-infrastructure-to-create-invisible-unremovable-trojan-app-on-google-accounts/ GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform https://thehackernews.com/2023/04/ghosttoken-flaw-could-let-attackers.html 阿里雲PostgreSQL資料庫出現2個重大漏洞 https://www.wiz.io/blog/brokensesame-accidental-write-permissions-to-private-registry-allowed-potential-r Kubernetes的API被用於植入後門程式 https://blog.aquasec.com/leveraging-kubernetes-rbac-to-backdoor-clusters 2.銀行/金融/保險/證券/金融監理新聞及資安 Attention Online Shoppers: Don't Be Fooled by Their Sleek, Modern Looks — It's Magecart! https://thehackernews.com/2023/04/attention-online-shoppers-dont-be.html Veeam備份伺服器漏洞被駭客組織FIN7用於攻擊行動 https://labs.withsecure.com/publications/fin7-target-veeam-servers 銀行自律上路防堵供應鏈資安出包 https://readers.ctee.com.tw/cm/20230427/a04aa4/1237319/share 遭永豐金告背信罪一審無罪...「吹哨人」張晉源駭客手法毀3台筆電！疑藏「利益交換」鐵證 https://www.fountmedia.io/article/166350 是駭客還是「吹哨人」？張晉源專業手法毁三台重要証據筆電 https://tw.news.yahoo.com/%E6%98%AF%E9%A7%AD%E5%AE%A2%E9%82%84%E6%98%AF-%E5%90%B9%E5%93%A8%E4%BA%BA-%E5%BC%B5%E6%99%89%E6%BA%90%E5%B0%88%E6%A5%AD%E6%89%8B%E6%B3%95%E6%AF%81%E4%B8%89%E5%8F%B0%E9%87%8D%E8%A6%81%E8%A8%BC%E6%93%9A%E7%AD%86%E9%9B%BB-020959474.html 北歐銀行用戶遭到網釣簡訊鎖定 https://heimdalsecurity.com/blog/mitid-smishing-nordea-bank/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安台灣大Apple「iPhone卡緊收」5月登場！用iPhone收款　免刷卡機即可搶攻嗶商機 https://www.winnews.com.tw/130155/ 港人北上如何免VPN登錄WhatsApp　港元亦可完成電子支付 https://www.hk01.com/article/892485?utm_source=01articlecopy&utm_medium=referral 通勤月票新卡免費領　公總：現有電子票證、行動支付也可綁定 https://www.ettoday.net/news/20230427/2487913.htm 「一卡通Money」領錢要收費！5／1起　逾10家金融機構入列 https://finance.ettoday.net/news/2488323 掃QR碼支付超方便　詐騙3手法曝！網址「O變成0」要看清 https://www.ctwant.com/article/253017 2023繳稅神卡是哪張？「信用卡、行動支付」回饋懶人包比拚 https://www.nownews.com/news/6119637 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安美國政府、Mt.Gox 託管人各持 205,514、137,890 BTC https://www.blocktempo.com/us-government-and-mtgox-trustee-hold-10-billion-btc/ 英國監管機構要求慈善機構謹慎接受加密貨幣並需遵守稅收和反洗錢規則 https://news.cnyes.com/news/id/5157692 Polygon生態項目0VIX疑遭駭客攻擊，損失約200萬美元 https://news.cnyes.com/news/id/5159378 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 美英警告：俄駭客組織在 Cisco 路由器部署Jaguar Tooth惡意軟體 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10430 Mac 比較少惡意軟體？資安報告揭露 Mac 與 Windows、Linux 的風險 https://3c.yipee.cc/217147/mac-%E6%AF%94%E8%BC%83%E5%B0%91%E6%83%A1%E6%84%8F%E8%BB%9F%E9%AB%94%EF%BC%9F%E8%B3%87%E5%AE%89%E5%A0%B1%E5%91%8A%E6%8F%AD%E9%9C%B2-mac-%E8%88%87-windows%E3%80%81linux-%E7%9A%84%E9%A2%A8%E9%9A%AA/ BabLock（又名 Rorschach）勒索病毒 https://www.trendmicro.com/en_us/research/23/d/an-analysis-of-the-bablock-ransomware.html 越南駭客散布竊資軟體SYS01 Stealer，管道是挾持企業臉書帳號來發送廣告 https://labs.guard.io/malverposting-with-over-500k-estimated-infections-facebook-ads-fuel-this-evolving-stealer-54b03d24b349 針對Mac電腦而來的竊資軟體Atomic，目標是洗劫50種加密貨幣錢包 https://www.bleepingcomputer.com/news/security/new-atomic-macos-info-stealing-malware-targets-50-crypto-wallets/ 惡意軟體Lobshot透過Google廣告散布 https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware Linux、NAS與VMware虛擬化平臺遭到勒索軟體RTM Locker鎖定 https://www.uptycs.com/blog/rtm-locker-ransomware-as-a-service-raas-linux Linux系統成為中國駭客組織Alloy Taurus目標之一，他們開發出專用的後門程式PingPull https://unit42.paloaltonetworks.com/alloy-taurus/ 伊朗駭客組織Charming Kitten散布惡意軟體BellaCiao https://www.bitdefender.com/blog/businessinsights/unpacking-bellaciao-a-closer-look-at-irans-latest-malware/ 俄國駭客組織Tomiris利用惡意軟體Turla混淆視聽 https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/ 美國軍艦製造商Fincantieri Marinette Marine傳出遭勒索軟體攻擊 https://news.usni.org/2023/04/20/ransomware-attack-hits-marinette-marine-shipyard-results-in-short-term-delay-of-frigate-freedom-lcs-construction TP-Link無線路由器漏洞遭到利用，植入殭屍網路病毒Mirai https://www.zerodayinitiative.com/blog/2023/4/21/tp-link-wan-side-vulnerability-cve-2023-1389-added-to-the-mirai-botnet-arsenal 駭客透過重新上架PyPI同名套件來散布惡意程式 https://www.reversinglabs.com/blog/package-names-repurposed-to-push-malware-on-pypi 惡意軟體分析網站VirusTotal導入大型語言模型 https://blog.virustotal.com/2023/04/introducing-virustotal-code-insight.html DNS惡意軟體工具包Decoy Dog鎖定組織的網路設備而來 https://blogs.infoblox.com/cyber-threat-intelligence/cyber-threat-advisory/dog-hunt-finding-decoy-dog-toolkit-via-anomalous-dns-traffic/ 勒索軟體CrossLock繞過作業系統的事件追蹤機制 https://blog.cyble.com/2023/04/18/crosslock-ransomware-emerges-new-golang-based-malware-on-the-horizon/ 惡意軟體Raspberry Robin採用新的迴避偵測手法 https://research.checkpoint.com/2023/raspberry-robin-anti-evasion-how-to-exploit-analysis/ 安卓木馬Fakecalls濫用合法簽章迴避檢測 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fakecalls-android-malware-abusing-legitimate-signing-key/ 美國與歐洲組織遭到惡意軟體EvilExtractor攻擊 https://www.fortinet.com/blog/threat-research/evil-extractor-all-in-one-stealer 駭客組織利用Google廣告散布BumbleBee https://www.secureworks.com/blog/bumblebee-malware-distributed-via-trojanized-installer-downloads 惡意軟體代打服務Faceless向網路罪犯出售匿名身分 https://krebsonsecurity.com/2023/04/giving-a-face-to-the-malware-proxy-service-faceless/ 加拿大黃頁搜尋網站Yellow Pages傳出遭到勒索軟體Black Basta攻擊 https://www.bleepingcomputer.com/news/security/yellow-pages-canada-confirms-cyber-attack-as-black-basta-leaks-data/ X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/xtrader-3cx-supply-chain Mac用戶遭到北韓駭客鎖定，發動惡意軟體RustBucket攻擊 https://www.jamf.com/blog/bluenoroff-apt-targets-macos-rustbucket-malware/ 'RustBucket' malware targets macOS https://www.jamf.com/blog/bluenoroff-apt-targets-macos-rustbucket-malware/ 俄國駭客組織Tomiris利用惡意軟體Turla混淆視聽 https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/ Tomiris called, they want their Turla malware back https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/ Analyzing DNS Traffic for Anomalous Domains and Threat Detection https://blogs.infoblox.com/cyber-threat-intelligence/cyber-threat-advisory/dog-hunt-finding-decoy-dog-toolkit-via-anomalous-dns-traffic/ EvilExtractor – All-in-One Stealer https://www.fortinet.com/blog/threat-research/evil-extractor-all-in-one-stealer Open-Source Gh0st RAT Still Haunting Inboxes 15 Years After Release https://cofense.com/blog/open-source-gh0st-rat-still-haunting-inboxes-15-years-after-release/ RokRAT Malware Distributed Through LNK Files https://asec.ahnlab.com/en/51751/ Chinese Alloy Taurus Updates PingPull Malware https://unit42.paloaltonetworks.com/alloy-taurus/ Attackers Use Containers for Profit via TrafficStealer https://www.trendmicro.com/en_us/research/23/d/attackers-use-containers-for-profit-via-trafficstealer.html Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware https://businessinsights.bitdefender.com/unpacking-bellaciao-a-closer-look-at-irans-latest-malware Magecart threat actor rolls out convincing modal forms https://www.malwarebytes.com/blog/threat-intelligence/2023/04/kritec-art New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets https://thehackernews.com/2023/04/new-atomic-macos-stealer-can-steal-your.html Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware https://thehackernews.com/2023/04/lazarus-subgroup-targeting-apple.html Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach https://thehackernews.com/2023/04/lazarus-xtrader-hack-impacts-critical.html N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX https://thehackernews.com/2023/04/nk-hackers-employ-matryoshka-doll-style.html Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions https://thehackernews.com/2023/04/tonto-team-uses-anti-malware-file-to.html Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers https://thehackernews.com/2023/04/google-gets-court-order-to-take-down.html Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites https://thehackernews.com/2023/04/hackers-exploit-outdated-wordpress.html Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack https://thehackernews.com/2023/04/ransomware-hackers-using-aukill-tool-to.html Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor https://thehackernews.com/2023/04/iranian-hackers-launch-sophisticated.html LimeRAT Malware Analysis: Extracting the Config https://thehackernews.com/2023/04/limerat-malware-analysis-extracting.html RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Google Authenticator App Gets Cloud Backup Feature for TOTP Codes https://thehackernews.com/2023/04/google-authenticator-app-gets-cloud.html 終於！Google Authenticator開啟帳號登入同步雲端的功能 https://netmag.tw/2023/04/27/finally-google-authenticator-has-enabled-the-feature-of-syncing-account-login-to-the-cloud 山寨Minecraft手機App在系統背景載入廣告牟利 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/hiddenads-spread-via-android-gaming-apps-on-google-play/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力新光三越設安控長從資安包辦到食安 https://www.gvm.com.tw/article/102129 鎖定科技與零售業的API與應用程式攻擊翻倍成長 https://www.akamai.com/lp/soti/slipping-through-the-security-gaps-the-rise-of-application-and-api-attacks 駭客正侵入AT&T電子郵件帳戶以竊取用戶的加密資產 https://news.cnyes.com/news/id/5158674 駭客於Docker環境部署TrafficStealer，將流量導向特定網站進行牟利 https://www.trendmicro.com/en_us/research/23/d/attackers-use-containers-for-profit-via-trafficstealer.html 「新東南海鮮」藏駭客？溢波遭利用、駭進LiTV https://news.ebc.net.tw/news/society/364356 線上影視平臺LiTV雲端基礎設施1月遭破壞，初步調查結果出爐，疑為離職工程師報復，已拘提、交保候傳 https://www.cna.com.tw/news/asoc/202304270204.aspx LiTV遭駭財損近3千萬元刑事局拘提前工程師送辦 https://today.line.me/tw/v2/article/GgoKLmy 工程師不爽前東家廣告推播狂炸，駭進資料庫把片全刪光！用戶過年沒得看、LiTV差點倒閉 https://www.businesstoday.com.tw/article/category/183027/post/202304280008/ 樂高遭駭客入侵系統：不提告反而還放任，背後的原因是什麼 https://www.gvm.com.tw/article/102183 38國參與北約組織2023年網路攻防演習 https://ccdcoe.org/news/2023/worlds-largest-cyber-defense-exercise-locked-shields-kicks-off-in-tallinn/ 以色列組織遭到伊朗駭客Educated Manticore鎖定 https://research.checkpoint.com/2023/educated-manticore-iran-aligned-threat-actor-targeting-israel-via-improved-arsenal-of-tools/ 加拿大天然氣管線遭到俄羅斯駭客Zarya攻擊 https://securityaffairs.com/145307/cyber-warfare-2/canadian-gas-pipeline-disruptive-attack.html 沙國王儲訪中隱藏任務？引進中國技術大規模監控人民 https://technews.tw/2023/04/28/the-saudi-crown-prince-wants-to-build-a-trillion-dollar-utopia-in-the-desert/ 俄羅斯駭客劫持烏克蘭境內攝影機，收集軍隊動向情報 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10423 尹錫悅赴美國會演說強調韓美日須共抗北韓威脅 https://news.cts.com.tw/cna/international/202304/202304282171436.html 美網安部隊前進多國協助對抗駭客 https://tw.news.yahoo.com/news%2F%E7%BE%8E%E7%B6%B2%E5%AE%89%E9%83%A8%E9%9A%8A%E5%89%8D%E9%80%B2%E5%A4%9A%E5%9C%8B-%E5%8D%94%E5%8A%A9%E5%B0%8D%E6%8A%97%E9%A7%AD%E5%AE%A2-160000772.html 爆中國境內替北韓駭客「洗錢」美國制裁3人 https://tw.news.yahoo.com/%E7%88%86%E4%B8%AD%E5%9C%8B%E5%A2%83%E5%85%A7%E6%9B%BF%E5%8C%97%E9%9F%93%E9%A7%AD%E5%AE%A2-%E6%B4%97%E9%8C%A2-%E7%BE%8E%E5%9C%8B%E5%88%B6%E8%A3%813%E4%BA%BA-091751807.html FBI局長：中國的網路威脅空前、在美設警察站太離譜 https://www.worldjournal.com/wj/story/121148/7129287 中國駭客組織Evasive Panda疑似透過騰訊即時通訊軟體更新的管道，鎖定國際NGO組織人員散布後門程式 https://www.welivesecurity.com/2023/04/26/evasive-panda-apt-group-malware-updates-popular-chinese-software/ New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web https://thehackernews.com/2023/04/new-all-in-one-evilextractor-stealer.html Critical Vulnerabilities in PaperCut Print Management Software https://www.huntress.com/blog/critical-vulnerabilities-in-papercut-print-management-software Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html 列印管理軟體PaperCut漏洞已出現攻擊行動，但仍有9成伺服器尚未修補 https://www.huntress.com/blog/critical-vulnerabilities-in-papercut-print-management-software Microsoft：駭客利用PaperCut漏洞　植入勒索軟體 https://www.technice.com.tw/outbound/50501/ 出現更多駭客濫用PaperCut漏洞，勒索軟體駭客Clop、LockBit以此進行竊密 https://twitter.com/MsftSecIntel/status/1651346653901725696 Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers https://thehackernews.com/2023/04/russian-hackers-suspected-in-ongoing.html Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering https://thehackernews.com/2023/04/russian-hackers-tomiris-targeting.html Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks https://thehackernews.com/2023/04/chinese-hackers-using-pingpull-linux.html Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks https://thehackernews.com/2023/04/charming-kittens-new-bellaciao-malware.html 資訊安全顧問【高雄業一技服】 https://glints.com/tw/en/opportunities/jobs/%E8%B3%87%E8%A8%8A%E5%AE%89%E5%85%A8%E9%A1%A7%E5%95%8F%E9%AB%98%E9%9B%84%E6%A5%AD%E4%B8%80%E6%8A%80%E6%9C%8D/dd393730-f68b-41ef-9909-f0a73b853438 BC_資安程式設計師 https://job.1111.com.tw/job/103736314/ 雲平台資安技術工程師(CSS) https://www.104.com.tw/job/7z7nv D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全個資外洩不能忍資通安全不能等 https://tw.news.yahoo.com/%E5%80%8B%E8%B3%87%E5%A4%96%E6%B4%A9%E4%B8%8D%E8%83%BD%E5%BF%8D-%E8%B3%87%E9%80%9A%E5%AE%89%E5%85%A8%E4%B8%8D%E8%83%BD%E7%AD%89-124732929.html 臉書私訊「違反規定」有詐　賣家個資險被盜 https://news.tvbs.com.tw/local/2109300 南非Peugeot分公司外流車主資訊 https://cybernews.com/security/peugeot-user-data-leak-south-america/ 扒兩層皮！北市警「詐騙」被害人 2大過免職 https://www.msn.com/zh-tw/news/national/%E6%89%92%E5%85%A9%E5%B1%A4%E7%9A%AE-%E5%8C%97%E5%B8%82%E8%AD%A6-%E8%A9%90%E9%A8%99-%E8%A2%AB%E5%AE%B3%E4%BA%BA-2%E5%A4%A7%E9%81%8E%E5%85%8D%E8%81%B7/ar-AA1ap0rn?ocid=Peregrine 科技業者仍是駭客網路釣魚攻擊冒用品牌的首選 https://blog.checkpoint.com/security/retail-giant-walmart-ranks-first-in-list-of-brands-most-likely-to-be-imitated-in-phishing-attempts-in-q1-2023/ Gogolook推出Roo AI，以生成式AI技術打造AI智能問答服務，能根據提問提醒用戶小心詐騙 https://www.ithome.com.tw/news/156566 濫用ChatGPT的網路釣魚攻擊活動，在2022年就已現蹤 https://info.zscaler.com/resources-industry-reports-threatlabz-phishing-report ChatGPT's Data Protection Blind Spots and How Security Teams Can Solve Them https://thehackernews.com/2023/04/chatgpts-data-protection-blind-spots.html Study: 84% of Companies Use Breached SaaS Applications - Here's How to Fix it for Free! https://thehackernews.com/2023/04/study-84-of-companies-use-breached-saas.html 未受保護的網頁伺服器曝露逾700億個檔案 https://cybelangel.com/2023-state-of-easm-report-cybelangel-analysis-of-half-billion-internet-facing-apps-devices-reveals-top-trends-in-critical-exposures-to-cyberattacks-across-industries/ 錯誤配置的雲端軟體登錄檔曝露逾2.5億個物件 https://www.aquasec.com/cloud-native-academy/docker-container/registry-scanning/ ESET分析二手企業路由器，56%含有前用戶的配置資料 https://www.ithome.com.tw/news/156547 E.研究報告/工具 Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks https://thehackernews.com/2023/04/browser-security-survey-87-of-saas.html Why Your Detection-First Security Approach Isn't Working https://thehackernews.com/2023/04/why-your-detection-first-security.html ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection https://thehackernews.com/2023/04/vipersoftx-infostealer-adopts.html Kubernetes的API存取控制機制RBAC遭到濫用，駭客接管並用於挖礦 https://blog.aquasec.com/leveraging-kubernetes-rbac-to-backdoor-clusters Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining https://thehackernews.com/2023/04/kubernetes-rbac-exploited-in-large.html Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis https://thehackernews.com/2023/04/google-cloud-introduces-security-ai.html 科學家用樂高打造了一台可以製造出人類皮膚的3D列印機 https://tomorrowsci.com/technology/%E7%A7%91%E5%AD%B8%E5%AE%B6%E7%94%A8%E6%A8%82%E9%AB%98%E6%89%93%E9%80%A0%E4%BA%86%E4%B8%80%E5%8F%B0%E5%8F%AF%E4%BB%A5%E8%A3%BD%E9%80%A0%E5%87%BA%E4%BA%BA%E9%A1%9E%E7%9A%AE%E8%86%9A%E7%9A%843d%E5%88%97/ Google在多項安全解決方案整合AI大型語言模型Sec-PaLM https://cloud.google.com/blog/products/identity-security/rsa-google-cloud-security-ai-workbench-generative-ai F.商業 A10 Networks與Fastly合作首推應用交付解決方案與下一代 WAF 整合加強雲端防禦 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10429 Palo Alto Networks：加密風潮退散，勒索軟體改竊取資料、騷擾脅迫 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10426 趨勢科技加入Microsoft私有邊緣運算生態系 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10428 14 Kubernetes and Cloud Security Challenges and How to Solve Them https://thehackernews.com/2023/04/14-kubernetes-and-cloud-security.html 簡單上手！跨區追劇、遊戲及資安，使用 NordVPN 來完成 https://today.line.me/tw/v2/article/YaWMJ0W 陞泰推AI安控主機，Q3起搶類比安防市場 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=d5cdf5c8-f57e-44d9-83ad-1a0707169125 Netron網創資訊提供跨雲端平台整合服務提升企業營運韌性 https://n.yam.com/Article/20230428605560 AWS擴大GuardDuty安全防守範圍，可偵測容器、資料庫與無伺服器應用安全威脅 https://www.businesswire.com/news/home/20230424005364/en/AWS-Announces-Three-New-Amazon-GuardDuty-Capabilities-to-Help-Customers-Protect-Container-Database-and-Serverless-Workloads G.政府籲完備資安法規立委：應加強OT規範 https://www.epochtimes.com/b5/23/4/27/n13982881.htm 資安外洩頻傳民眾黨團籲儘速推動修正草案 https://udn.com/news/story/6656/7126638 立院民眾黨團籲修《資通安全管理法》納入OT面向 https://news.ltn.com.tw/news/politics/breakingnews/4283478 數位部攜無店面公會合作推防詐平台 30業者響應 https://ctee.com.tw/livenews/aj/ctee/a11608002023042712242352 台灣詐騙電話猖獗陳美雅促民政局落實資安防護 https://www.cdns.com.tw/articles/789703 首波商用衛星通信頻率申請 2業者通過審查 https://www.rti.org.tw/news/view/id/2166075 林右昌拜會電商防堵網路詐騙 https://wantrich.chinatimes.com/news/20230427900944-420501 陳麗娜質詢要求市府全面更新公文系統落實樹木修剪及宣導參與式預算 https://www.youngnews3631.com/news_detail.php?NewsID=3856 ChatGPT應用於市政議員認為有資安及正確性疑慮應深入研究不宜躁進 https://tcc8707.tcc.gov.tw/News_Content7.aspx?n=560ED0A737D102A8&sms=E37CE4C8B22090C0&s=8127E542297F87D1 調查局發布新人事！電腦偵辦科長上任　盼重建燒毀辦公室 https://www.ettoday.net/news/20230428/2488682.htm 調查局廉政大樓失火，起火點為資通安全處 https://news.pts.org.tw/article/633794 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安思科修補工控系統的重大漏洞 https://www.securityweek.com/cisco-patches-critical-vulnerabilities-in-industrial-network-director-modeling-labs/ I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會【資安系列工作坊】Fundamental of Windows Binary Reverse - Windows 逆向工程 2023/4/29 https://hackersir.kktix.cc/events/20230429-reverse 《數位沙龍座談小聚》崛起的區塊鏈正在顛覆我們的世界 2023/4/29 https://www.accupass.com/event/2304250834177851746850 【線上課程】ISO 27001:2022 資訊安全管理訓練 2023/4/29 https://www.accupass.com/event/2303060251572486924020 Just a chat - with no Expectations 2023/4/29 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/292783537/ 新竹比特幣交流討論 Hsinchu Bitcoin Discussions 2023/5/1 https://www.meetup.com/hsinchu-bitcoin-discussions/events/293147093/ Hugging Face :Depth Estimation 2023/5/2 https://www.meetup.com/tensorflow-user-group-taipei/events/290714782/ SyntaxError 2023/5/3 https://www.meetup.com/pythonhug/events/292869093/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2023/5/4 https://www.meetup.com/hackingthursday/events/292891721/ Bitcoin Socratic Seminar + Bitcoin and Nostr Meetup 2023/5/4 https://www.meetup.com/taiwan-bitdevs/events/293166577/ Web3 Meetup - 去中心應用 2023/5/4 https://www.accupass.com/event/2304070305181394577572 SEMI STANDARDS 半導體設備資安研討會議 2023/5/5 https://www.semi.org/en/connect/events/semi-standards-bandaotishebeizianyantaohuiyi 營業秘密保護與資訊安全管理 2023/5/6 https://www.accupass.com/event/2304241603381258796798 人工智慧之民事侵權責任探究 2023/5/6 https://www.accupass.com/event/2304241735321819706360 TEDxNYCULive 2023：Possibility 可能性 2023/5/7 https://www.accupass.com/event/2304180415231057647711 社團法人台灣駭客協會 112 年度第一次會員聚會 2023/5/9 https://hitcon.kktix.cc/events/hit-banquet-112 2023 CYBERSEC 資安大會 Jamf Apple 資安館 2023/5/9 ~ 2023/5/11 https://jamf.kktix.cc/events/cybersec2023jamf Microsoft Azure 虛擬培訓日：基礎知識 2023/5/9 ~ 2023/5/10 https://mktoevents.com/Microsoft+Event/394403/157-GQE-382?wt.mc_id=AID3058380_QSG_EML_640883&wt.mc_id=AID3058380_EML_8317669 台灣網路講堂「建構多元異質的數位韌性」座談會 2023/5/10 https://www.twsig.tw/20230510/ Hack The Capitol 6.0 2023/5/10 ~ 2023/5/11 https://www.icsvillage.com/hack-the-capitol-2023 黑暗網站憑據如何導致軟體供應鏈攻擊 2023/5/11 https://lp.cyberark.com/how-dark-web-credentials-lead-to-a-software-supply-chain-attack-tc-registrationlp.html?utm_campaign=identity_security Airflow Taiwan User Meetup #4 2023/5/11 https://www.meetup.com/taipei-py/events/292991559/ TWCC-CLI 進階操作- AI/ML 自動流程 2023/5/12 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4035&from_course_list_url=course_index 【實作體驗營】一日駭客x網路弱點滲透 2023/5/13 https://www.accupass.com/event/2303030820005796452650 借助現代分析實現數位轉型 2023/5/15 ~ 2023/5/16 https://mktoevents.com/Microsoft+Event/394032/157-GQE-382?wt.mc_id=AID3058384_QSG_EML_640909&wt.mc_id=AID3058380_EML_8317669 Elastic Security－檢測、調查和應對多變的威脅 2023/5/17 https://www.accupass.com/event/2304190909578502986500 上市櫃資安法規要求在即企業如何掌握法遵與因應策略 2023/5/19 https://www.accupass.com/event/2304270202566389789600 Taipei dbt Meetup #11 (in-person 👫 & online 👨‍�2023/5/24 https://www.meetup.com/taipei-dbt-meetup/events/292891149/ Elixir meetup �2023/5/24 https://www.meetup.com/elixirtw-taipei/events/293147308/ 資安五四三 2023/5/25 （線上14:00 - 15:30） https://csa.kktix.cc/events/202305-543 鏈三上雲：資安解析峰會掌握Web 3資安動向，開啟鏈雲新模式 2023/5/25 https://www.accupass.com/event/2304120730519814020340 《區塊鏈初階課程》平日班 2023/5/25~2023/5/26 https://www.accupass.com/event/2304100300531686137286 3小時帶你了解AWS雲端服務與優勢 2023/5/26 https://www.uuu.com.tw/Public/content/edm/20230526_AWSDiscoveryDay_BC.htm 《區塊鏈初階課程》假日班 2023/5/27~2023/5/28 https://www.accupass.com/event/2304100341503819251900 大型語言模型時代下，建置解決方案該有的姿勢/知識 (Building solutions with LLMs) 2023/5/29 https://www.meetup.com/rladies-taipei/events/293170581/ 5月台北例會_美國聯邦政府的供應鏈資安管理－以CMMC為例 (採線上舉辦) 2023/5/30 https://www.caa.org.tw/newsdetail-16263.html 台灣數位創新領航論壇 Taiwan Digital Innovation Navigation Forum 2023/5/30 https://www.accupass.com/event/2304240303341594373938 Azure AI 基礎知識 2023/5/31 https://mktoevents.com/Microsoft+Event/393899/157-GQE-382?wt.mc_id=AID3058385_QSG_EML_640902&wt.mc_id=AID3058380_EML_8317669 資安分析新手村：掌握網路封包分析技術（線上課程） 2023/6/13 https://forms.gle/msePzws5GtcDunrc7 資安分析新手村：掌握網路封包分析技術（實體課程）2023/6/14 https://forms.gle/mtpZNPCpTVyv97Dr9 黑客視角：網站漏洞挖掘與防禦 ( 線上課程) 2023/6/27 https://forms.gle/JpThJxMgxZd3uNh39 黑客視角：網站漏洞挖掘與防禦 ( 實體課程) 2023/6/28 https://forms.gle/qQAqx8KZzzntSyLd9 InfoSec Taiwan 2023 國際資安大會 2023/8/1 ~ 2023/8/3 https://csa.kktix.cc/events/infosectaiwan2023 DEF CON 32 2023/8/10 ~ 2023/8/13 https://defcon.org/index.html Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023