資安事件新聞週報 2022/12/12 ~ 2022/12/16

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2022/12/12 ~ 2022/12/16 1.重大弱點漏洞/後門/Exploit/Zero Day Avast 和 AVG Antivirus 的惡意軟件刪除功能中存在一個漏洞 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4173 VMware ESXi、Workstation 和 Fusion 更新解決了堆越界寫入漏洞 (CVE-2022-31705) https://www.cisa.gov/uscert/ncas/current-activity/2022/12/13/vmware-releases-security-updates-multiple-products VMware修補ESXi和vRealize重大漏洞 https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-esxi-and-vrealize-security-flaws/ VMware ESXi伺服器遭到Python後門程式鎖定 https://blogs.juniper.net/en-us/threat-research/a-custom-python-backdoor-for-vmware-esxi-servers 思科揭露IP電話高風險漏洞，恐導致RCE或DoS攻擊 https://www.bleepingcomputer.com/news/security/cisco-discloses-high-severity-ip-phone-bug-with-exploit-code/ Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware https://thehackernews.com/2022/12/cisco-warns-of-high-severity-unpatched.html AWS修補了可被用於發動DoS、資料外洩的容器映像檔服務漏洞 https://www.ithome.com.tw/news/154698 Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html Fortinet 發布安全更新以解決 FortiOS 中緩衝區溢位弱點 https://www.cisa.gov/uscert/ncas/current-activity/2022/12/12/fortinet-releases-security-updates-fortios Fortinet於11月底修補的SSL VPN系統漏洞，本週發出資安通告，原因是已出現攻擊行動 https://www.bleepingcomputer.com/news/security/fortinet-says-ssl-vpn-pre-auth-rce-bug-is-exploited-in-attacks/ Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability https://thehackernews.com/2022/12/fortinet-warns-of-active-exploitation.html fortinet fortiadc http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33875 fortinet fortideceptor http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30305 fortinet fortiproxy http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35843 f5 big-iq_centralized_management http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41622 sophos xg_firewall_firmware http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3709 逾4千個存在漏洞的Pulse Connect SSL VPN曝露於網路上，臺灣也有近200臺 https://censys.io/pulse-connect-secure-a-view-from-the-internet/ 多國Pulse Connect Secure主機暴露在網路上 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10236 微軟發佈12月份安全性公告 https://www.cisa.gov/uscert/ncas/current-activity/2022/12/13/microsoft-releases-december-2022-security-updates 微軟發布12月份例行修補，緩解2個零時差漏洞 https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2022-patch-tuesday-fixes-2-zero-days-49-flaws/ December 2022 Patch Tuesday: Get Latest Security Updates from Microsoft and More https://thehackernews.com/2022/12/december-2022-patch-tuesday-get-latest.html Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical' https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html Citrix發布針對 Citrix ADC 和 Citrix Gateway 的安全更新 https://www.cisa.gov/uscert/ncas/current-activity/2022/12/13/citrix-releases-security-updates-citrix-adc-citrix-gateway Citrix ADC的零時差漏洞已被用於攻擊行動 https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-citrix-adc-and-gateway-zero-day-patch-now/ Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html Top 5 Web App Vulnerabilities and How to Find Them https://thehackernews.com/2022/12/top-5-web-app-vulnerabilities-and-how.html IBM Content Navigator存在安全弱點 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43581 IBM Spectrum Scale 5.1.0.1 到 5.1.4.1 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43867 IBM Sterling Secure Proxy 6.0.3 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34361 mikrotik routeros http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45315 proofpoint enterprise_protection http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46332 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46333 Trend Micro 近期發布更新，以解決多個產品的安全性弱點 https://success.trendmicro.com/dcx/s/solution/000291830?language=en_US solarwinds orion_platform http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36962 Mozilla修補Firefox、Thunderbird弱點，若不修補恐導致系統遭到挾持 https://cybernews.com/news/firefox-thunderbird-flaws-allowed-system-takeover/ 二手樂高市集網站API存在漏洞，恐讓駭客挾持用戶帳號 https://salt.security/blog/missing-bricks-finding-security-holes-in-lego-apis SAP修補4項CVSS風險等級近乎滿分重大漏洞 https://www.securityweek.com/saps-december-2022-security-updates-patch-critical-vulnerabilities Adobe修補38個漏洞，大部分與Experience Manager有關 https://www.securityweek.com/adobe-patches-38-flaws-enterprise-software-products 研究人員揭露數款防毒軟體與EDR的零時差漏洞，一旦攻擊者利用就有機會破壞電腦資料 https://www.safebreach.com/resources/blog/safebreach-labs-researcher-discovers-multiple-zero-day-vulnerabilities/ 研究人員在漏洞挖掘大賽Pwn2Own Toronto 2022找出63個零時差漏洞 https://www.bleepingcomputer.com/news/security/hackers-earn-989-750-for-63-zero-days-exploited-at-pwn2own-toronto/ 2.銀行/金融/保險/證券/支付系統/金融監理新聞及資安 2023年永續金融執行淨零碳排和資安防駭將成為重頭戲 https://www.chinatimes.com/realtimenews/20221209004816-260410?chdtv Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html Why PCI DSS 4.0 Should Be on Your Radar in 2023 https://thehackernews.com/2022/12/why-pci-dss-40-should-be-on-your-radar.html 應對北京疫情機構銀行分散員工回公司 https://www.chinatimes.com/realtimenews/20221212001798-260409?chdtv 信用卡交易業者曝露9百萬交易資料 https://www.websiteplanet.com/blog/cornerstone-leak-report/ 逾40個電商網站成Magecart攻擊行動的目標，起因是未移除已停止支援的外掛元件 https://blog.jscrambler.com/defcon-skimming-a-new-batch-of-web-skimming-attacks/ 伊藤忠牽線國泰、全家結盟 https://www.chinatimes.com/newspapers/20221215000104-260202?chdtv 3.電子支付/行動支付/pay/資安領全聯踏入電支，半年內躍升亞軍！林敏雄「決心賠5年」搶攻支付市場 https://www.bnext.com.tw/article/73215/pxpay-plus-2022 電子支付會員破2千萬全支付逾200萬竄第三 https://reurl.cc/33Rg0O 新型詐騙！民眾身分遭盜「被電子支付開戶」成「詐騙犯」全台跑透說明 https://reurl.cc/QWmry5 不監管、只發展，只會讓台灣第三方支付的未來變詐騙之島 https://www.inside.com.tw/article/30019-Taiwan-Third-party-payment 離不開電子支付、7％曾投資加密貨幣... Dcard社群看新世代，台灣年輕人的金融觀跟你想的不一樣 https://reurl.cc/x1o5y5 電子票證第一家！悠遊卡拚明年初登錄興櫃，總經理提3大方向 https://www.bnext.com.tw/article/73164/easycard-emerging-stock-market-2022q4 健保署力推虛擬健保卡，下一步要整合電子處方箋和更多支付App https://www.ithome.com.tw/news/154702 看病免帶卡！虛擬健保卡申辦破36萬人行動支付擬再擴及LINE Pay https://health.ltn.com.tw/article/breakingnews/4153320 電支也能買運彩金管會研議 https://ctee.com.tw/news/finance/767830.html 沒有信用卡等電子支付的民眾有福了！銀行帳戶也能繳納規費加入台北通一鍵支付好便利 https://times.hinet.net/news/24290927 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安獲利1500萬美元成本僅數千元，DeFi套利者竟比駭客還賺 https://www.blocktempo.com/why-defi-arbitrageurs-earn-more-than-hackers/ FTX創辦人SBF在巴哈馬被逮捕！接下來可能回美接受審判 https://www.wealth.com.tw/articles/108e98d1-24c3-45ab-9892-f6faa7b146e6 OptionRoom：曾在12月6日遭駭客攻擊，被竊取部署錢包中所有資產 https://news.cnyes.com/news/id/5034352 幣安警告：部分幣種交易異常波動！CZ稱「已暫停」獲利帳戶提款 https://www.blocktempo.com/binance-warning-abnormally-volatile-altcoin-trading/ PeckShield：Web3項目TRQ疑似被駭客攻擊 https://news.cnyes.com/news/id/5034291 570萬加密貨幣交易所Gemini用戶個資外洩 https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/ 為何加密貨幣崩盤幾乎沒有殃及更廣泛的經濟 https://www.wsj.com/video/china/zh-hant/EE947443-5E01-4B9F-9C39-756BFD87BEB6.html 數據：Justin Sun從Binance提取3000逾萬枚BUSD和超1500萬枚USDT https://news.cnyes.com/news/id/5035885 以太坊研究駭客松在DoraHacks.io上線 https://news.cnyes.com/news/id/5036256?exp=a 萬字簡析｜2022美國加密監管：Web3金融監管大時代將臨 https://www.blocktempo.com/2022-state-of-crypto-regulation/ 鏈習生幣圈日報 2022.12.13｜十分鐘掌握全球區塊鏈及加密貨幣新聞 https://reurl.cc/rZoyW4 幣安涉「反洗錢法」已被美司法部調查四年? 幣安駁斥 : 報導不實 https://times.hinet.net/news/24305350 閱讀筆耕｜冷錢包是什麼？如何挑選 https://reurl.cc/Z1EK6M 乾坤大挪移！路透：FTX祕密更改軟體「無上限」動用客戶資金 https://www.wealth.com.tw/articles/b3978c17-5551-4675-a4de-87681605f21c 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Zerobot 僵屍網路利用物聯網漏洞迅速擴散 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10230 向量圖檔SVG被駭客用於偷渡惡意軟體QBot https://blog.talosintelligence.com/html-smugglers-turn-to-svg-images/ 烏克蘭政府遭到木馬化的Windows 10安裝光碟鎖定 https://www.mandiant.com/resources/blog/trojanized-windows-installers-ukrainian-government 律師事務所遭到惡意軟體Deathstalker鎖定 https://securelist.com/deathstalker-targets-legal-entities-with-new-janicab-variant/108131/ 勒索軟體攻擊濫用微軟簽章的驅動程式 https://www.bleepingcomputer.com/news/microsoft/microsoft-signed-malicious-windows-drivers-used-in-ransomware-attacks/ 美國針對醫療機構提出警告，勒索軟體BlackCat、LockBit攻擊行動升溫 https://www.scmagazine.com/analysis/ransomware/blackcat-lockbit-3-0-ransomware-target-healthcare-with-customizable-tactics-triple-extortion 間諜軟體Xnspy跟蹤數以千計的手機用戶 https://techcrunch.com/2022/12/12/xnspy-stalkerware-iphone-android/ WordPress網站遭到殭屍網路GoTrim鎖定，暴力破解管理者帳密 https://www.fortinet.com/blog/threat-research/gotrim-go-based-botnet-actively-brute-forces-wordpress-websites 美國加州政府財政部門遭勒索軟體LockBit攻擊 https://www.bleepingcomputer.com/news/security/lockbit-claims-attack-on-californias-department-of-finance/ 烏克蘭鐵路系統、國家機構遭到惡意軟體DolphinCape鎖定 https://therecord.media/ukrainian-railway-state-agencies-allegedly-targeted-by-dolphincape-malware/ 駭客利用木馬程式Chaos RAT入侵Linux電腦，目的是挖掘門羅幣 https://www.trendmicro.com/en_no/research/22/l/linux-cryptomining-enhanced-via-chaos-rat-.html 勒索軟體攻擊濫用微軟簽章的驅動程式 https://www.bleepingcomputer.com/news/microsoft/microsoft-signed-malicious-windows-drivers-used-in-ransomware-attacks/ 勒索軟體Play聲稱是比利時安特衛普市事故的攻擊者 https://www.bleepingcomputer.com/news/security/play-ransomware-claims-attack-on-belgium-city-of-antwerp/ 美國諾克斯學院遭到勒索軟體Hive攻擊 https://www.galesburg.com/story/news/local/2022/12/09/notorious-ransomware-group-claims-credit-for-knox-college-disruptions/69712979007/ 惡意軟體TrueBot藉由Netwrix Auditor漏洞與蠕蟲Raspberry Robin植入受害電腦 https://blog.talosintelligence.com/breaking-the-silence-recent-truebot-activity/ 美國組織遭伊朗駭客鎖定，透過GitHub散布惡意軟體Drokbk https://secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver New MuddyWater Threat: Old Kitten; New Tricks https://www.deepinstinct.com/blog/new-muddywater-threat-old-kitten-new-tricks Breaking the silence - Recent Truebot activity https://blog.talosintelligence.com/breaking-the-silence-recent-truebot-activity/ Iranian Exploitation Activities Continue as of November 2022 https://www.team-cymru.com/post/apt35-exploitation-activities-continue-as-of-november-2022 Google ads lead to fake software pages pushing IcedID (Bokbot) https://isc.sans.edu/diary/rss/29344 Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities https://www.welivesecurity.com/2022/12/14/unmasking-mirrorface-operation-liberalface-targeting-japanese-political-entities/ Royal Rumble: Analysis of Royal Ransomware https://www.cybereason.com/blog/royal-ransomware-analysis Probing Weaponized Chat Applications Abused in Supply-Chain Attacks https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/l/probing-weaponized-chat-applications-abused-in-supply-chain-attacks/IOCs_probing_weaponized_chat_apps_used_in_supply_chain_attack_.txt https://www.trendmicro.com/en_us/research/22/l/probing-weaponized-chat-applications-abused-in-supply-chain-atta.html Go語言開發的勒索軟體假冒PyPI、NPM套件向開發人員勒索 https://blog.phylum.io/phylum-detects-active-typosquatting-campaign-in-pypi RedGoBot - DDoS botnet written in the new Go language https://mp.weixin.qq.com/s/4iTA4LBNEnOQ5T5AcvZCCA GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites https://www.fortinet.com/blog/threat-research/gotrim-go-based-botnet-actively-brute-forces-wordpress-websites APT5: Citrix ADC Threat Hunting Guidance https://media.defense.gov/2022/Dec/13/2003131586/-1/-1/0/CSA-APT5-CITRIXADC-V1.PDF Mallox Ransomware showing signs of Increased Activity https://blog.cyble.com/2022/12/08/mallox-ransomware-showing-signs-of-increased-activity/ Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT https://www.trendmicro.com/en_us/research/22/l/linux-cryptomining-enhanced-via-chaos-rat-.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/l/linux-cryptocurrency-mining-attacks-enhanced-via-chaos-rat-/iocs-linux-cryptocurrency-mining-attacks-enhanced-via-chaos-rat.txt FortiOS - heap-based buffer overflow in sslvpnd https://www.fortiguard.com/psirt/FG-IR-22-398 Cloud Atlas targets entities in Russia and Belarus amid the ongoing war in Ukraine https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/ DeathStalker targets legal entities with new Janicab variant https://securelist.com/deathstalker-targets-legal-entities-with-new-janicab-variant/108131/ Drokbk Malware Uses GitHub as Dead Drop Resolver https://www.secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver New TrueBot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm https://thehackernews.com/2022/12/new-truebot-malware-variant-leveraging.html Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver https://thehackernews.com/2022/12/researchers-uncover-new-drokbk-malware.html Cryptocurrency Mining Campaign Hits Linux Users with Go-based CHAOS Malware https://thehackernews.com/2022/12/cryptocurrency-mining-campaign-hits.html Royal Ransomware Threat Takes Aim at U.S. Healthcare System https://thehackernews.com/2022/12/royal-ransomware-threat-takes-aim-at-us.html Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html Malware Strains Targeting Python and JavaScript Developers Through Official Repositories https://thehackernews.com/2022/12/malware-strains-targeting-python-and.html Cryptocurrency Mining Campaign Hits Linux Users with Go-based CHAOS Malware https://thehackernews.com/2022/12/cryptocurrency-mining-campaign-hits.html New GoTrim Botnet Attempting to Break into WordPress Sites' Admin Accounts https://thehackernews.com/2022/12/new-gotrim-botnet-attempting-to-break.html Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems https://thehackernews.com/2022/12/ransomware-attackers-use-microsoft.html Android Malware Campaign Leverages Money-Lending Apps to Blackmail Victims https://thehackernews.com/2022/12/android-malware-campaign-leverages.html Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages https://thehackernews.com/2022/12/hackers-bombard-open-source.html acer aspire_a315-22g_firmware http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4020 B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 iOS 16.2 Will Leave you Speechless – 7 More Changes! https://medium.com/macoclock/ios-16-2-will-leave-you-speechless-7-more-changes-a973ecc418a8 專為全球名人記者政要而設　Apple 發表三項先進保安功能 https://www.pcmarket.com.hk/apple-announce-3-uncoming-security-features-for-advanced-users/ Google Adds Passkey Support to Chrome for Windows, macOS and Android https://thehackernews.com/2022/12/google-adds-passkey-support-to-chrome.html New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products https://thehackernews.com/2022/12/new-actively-exploited-zero-day.html iPhone的WebKit零時差漏洞已被用於攻擊，蘋果亦為Mac電腦和Apple TV修補 https://techcrunch.com/2022/12/13/apple-zero-day-webkit-iphone/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力台灣隊伍贏得NASA黑客松兩金牌 AIT臉書貼文讚賞 https://www.cna.com.tw/news/aipl/202212110103.aspx 全球白帽駭客最高殿堂Pwn2Own競賽！台灣資安團隊2度摘冠創紀錄 https://3c.ltn.com.tw/news/51723 臺灣逾700臺視訊監視鏡頭畫面外洩，疑採用華為晶片所致 https://www.taiwannews.com.tw/en/news/4743272 體育頻道FuboTV遭到網路攻擊，導致世足轉播中斷 https://www.bleepingcomputer.com/news/security/fubotv-says-world-cup-streaming-outage-caused-by-a-cyberattack/ 北韓駭客組織Thallium疑假借尋求專家撰寫報告的名義收集情報 https://www.abc.net.au/news/2022-12-13/north-korean-cyber-spies-new-tactic-tricking-foreign-experts/101763756 北韓網路間諜有新招裝熟騙專家幫忙寫報告 https://udn.com/news/story/6809/6834150?from=udn_ch2_menu_v2_main_cate 北韓駭客組織出新招！已有多名美國學者受害微軟：間諜取得巨大成功 https://reurl.cc/zro3qe 北韓駭客最新伎倆！不費銀彈「純網釣」　多名戰略專家因這原因上鉤 https://today.line.me/tw/v2/article/j7oqozz 被駭客攻擊，一個國家網路癱瘓1個月！公務員只能用紙筆、3成系統還在修 https://www.bnext.com.tw/article/73176/vanuatu-internet-202212 美國德州州長下令州政府機關禁用抖音 https://www.trade.gov.tw/Pages/Detail.aspx?nodeID=45&pid=754268 美國封鎖了48個提供DDoS攻擊服務的網域 https://www.bleepingcomputer.com/news/security/fbi-seized-domains-linked-to-48-ddos-for-hire-service-platforms/ 日升級網路防禦修法允許先發制人 https://news.ltn.com.tw/news/world/breakingnews/4151958 加拿大皇家騎警暫停與Sinclair Technologies簽訂採購安裝通訊設備合約 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=aaed39c9-e937-45a0-b7f9-92ca982aa170 FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms https://thehackernews.com/2022/12/fbi-charges-6-seizes-48-domains-linked.html 資安專長專任教師(收件至112/1/31) https://tw.indeed.com/viewjob?jk=4df2e5bd31d06353 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全連駭客都知道台灣人個資不值錢 https://forum.gamer.com.tw/C.php?bsn=60076&snA=7483081&tnum=7&bPage=5 影城資料全外洩警智拆騙局 https://times.hinet.net/news/24302555 影城帳戶被升級！女大生急操作ATM解除　警攔：都是詐術 https://news.tvbs.com.tw/local/1988861 亞洲航空乘客資料外洩前曾受勒索軟件攻擊 https://reurl.cc/eWnRkm 澳洲電信逾13萬客戶資料外洩與駭客無關 https://money.udn.com/money/story/5599/6830411 澳洲電信業者TPG證實代管Exchange遭到攻擊，1.5萬客戶受到波及 https://www.theguardian.com/business/2022/dec/14/tpg-reveals-emails-of-15000-iinet-and-westnet-customers-exposed-in-hack 柔衛生局長社媒帳號被駭民眾勿輕信借錢簡訊 https://reurl.cc/lZlmYl 竊取臉書帳密的網釣攻擊有新招！駭客濫用臉書貼文逃避資安系統偵測 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/meta-phish-facebook-infrastructure-used-in-phishing-attack-chain/ 14萬NuGet、NPM、PyPI惡意套件被用於網釣攻擊 https://www.bleepingcomputer.com/news/security/open-source-repositories-flooded-by-144-000-phishing-packages/ 社群網站分析平臺Social Blade證實資料外洩 https://www.bleepingcomputer.com/news/security/social-blade-confirms-breach-after-hacker-posts-stolen-user-data/ 蘋果違反GDPR，恐面臨法國600萬歐元罰款 https://www.reuters.com/technology/top-advisor-french-data-privacy-watchdog-advises-6-mln-euro-fine-against-apple-2022-12-12/ 推特針對研究人員發現有1,700萬筆用戶資料外洩做出說明 https://www.ithome.com.tw/news/154699 車輛共享業者Uber再傳資料外洩，起因是第三方供應商遭駭 https://www.bleepingcomputer.com/news/security/uber-suffers-new-data-breach-after-attack-on-vendor-info-leaked-online/ 網路商店Vevor資料庫配置不當，逾600 GB資料公開 https://www.websiteplanet.com/blog/vevor-breach-report/ Google於正式版Chrome提供無密碼登入機制Passkey https://www.ithome.com.tw/news/154677 人力資源及薪資系統業者Sequoia資料外洩 https://www.wired.com/story/sequoia-hr-data-breach/ 新型態的網路釣魚 https://blog.twnic.tw/2022/12/12/24997/ E.研究報告/工具 2022 台灣選舉：境外資訊影響觀測報告 https://reurl.cc/OERyqy 資通安全管理法 https://www.mindomo.com/no/mindmap/mind-map-db6a24240fc04e9eb9477a03b08c2bb6 網路安全韌性成台灣企業首要考量：７大成功要素 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10227 研究人員揭露濫用JSON格式的SQL指令繞過應用程式防火牆的攻擊手法 https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf 隔離網路攻擊手法COVID-bit可在2公尺外透過電磁波竊取電腦資料 https://www.bleepingcomputer.com/news/security/air-gapped-pcs-vulnerable-to-data-theft-via-power-supply-radiation/ Summary of Iranian Advanced Persistent Threat (APT) 34 https://medium.com/hybrid-analyst/summary-of-iranian-advanced-persistent-team-apt-34-7624d213d20e Bug Bounty Hunting 101 — Remote Code Execution (RCE) https://thegrayarea.tech/bug-bounty-hunting-101-remote-code-execution-rce-268a38a1cb1d How to make your React application render faster https://medium.com/a-young-devoloper/how-to-make-your-react-application-render-faster-879bd397cfb1 Reflected XSS using Double Encoding https://infosecwriteups.com/got-another-xss-using-double-encoding-e6493a9f7368 How To Know You’re a SQL Beginner With Just 2 Interview Questions https://medium.com/learning-sql/how-to-know-youre-a-sql-beginner-with-just-2-interview-questions-12b5b6897f54 ChatGPT Is Having a Thomas Edison Moment https://tomsmith585.medium.com/chatgpt-is-having-a-thomas-edison-moment-8342dd70d2bd Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html Using XDR to Consolidate and Optimize Cybersecurity Technology https://thehackernews.com/2022/12/using-xdr-to-consolidate-and-optimize.html Why is Robust API Security Crucial in eCommerce https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html What Stricter Data Privacy Laws Mean for Your Cybersecurity Policies https://thehackernews.com/2022/12/what-stricter-data-privacy-laws-mean.html Top 4 SaaS Security Threats for 2023 https://thehackernews.com/2022/12/top-4-saas-security-threats-for-2023.html Researchers Demonstrate How EDR and Antivirus Can Be Weaponized Against Users https://thehackernews.com/2022/12/researchers-demonstrate-how-edr-and.html Google Launches OSV-Scanner Tool to Identify Open Source Vulnerabilities https://thehackernews.com/2022/12/google-launches-largest-distributed.html Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities https://thehackernews.com/2022/12/researchers-uncover-mirrorface-cyber.html F.商業 Sophos發現網路犯罪分子黑吃黑數百萬美元並提交仲裁 https://reurl.cc/Wq82kL 國內外網路攻擊頻傳，TeamT5 點出未來資安三大防禦重點 https://today.line.me/tw/v2/article/gz13JkN F5協助客戶防範AWS的複雜機器人網路攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10226 Zoom 年度資安盤點多面向提升溝通協作安全 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10235 2022 Fortinet 資安嘉年華跨域應用強化台灣資安韌性 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10228 TeamT5 杜浦數位安全：政府、企業面臨共通網路威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10234 Cloudflare免費提供零信任解決方案供高風險組織運用 https://www.ithome.com.tw/news/154683 防駭客用量子電腦入侵，戴爾：企業需了解量子加密技術 https://technews.tw/2022/12/13/post-quantum-cryptography-2/ G.政府立委爆2300萬筆個資外洩！賴清德、陳明通也受害 https://reurl.cc/LXQkbL 立委指戶政資料外洩籲政府公布調查結果 https://www.cna.com.tw/news/aipl/202212090115.aspx 戶政資料外洩時力批政院處理消極 https://reurl.cc/VRmdEy 政府應強化資安防護機制 https://www.mdnkids.com/content.asp?sub=4&sn=9492 抖音爭議唐鳳：政院將以國安角度跨部會討論 https://www.epochtimes.com/b5/22/12/9/n13881685.htm 抖音、小紅書涉資安公部門禁用　唐鳳：不包含民間手機 https://www.owlting.com/news/articles/231146 公務員禁用抖音、違規就懲處！4大公部門研擬跟進行政院，羅秉成：禁止範圍包含三大類，涉及國安將記過 https://www.businesstoday.com.tw/article/category/183027/post/202212120021/ 台灣月底舉行跨部會會議討論是否全面禁用抖音和TikTok https://www.voacantonese.com/a/taiwan-weighing-nationwide-ban-on-tiktok-20221212/6872820.html 數位部：明年3大方向加速數位產業發展資安打頭陣 https://ec.ltn.com.tw/article/breakingnews/4152314 你吃的麵線我沒興趣！藍委再酸天才IT大臣　別執政傲慢 https://www.ctwant.com/article/226292 駭客兜售我國戶政資料邱顯智批政院秘書長對調查進度一問三不知 https://reurl.cc/Wqy6N7 全臺戶政資料外洩事件延燒，立委要求政府儘速對民眾說明 https://www.cna.com.tw/news/aipl/202212090115.aspx https://www.ctwant.com/article/226380 資安就是國安！　蔡英文：提升防禦和應變能力強化台灣韌性 https://www.ftvnews.com.tw/news/detail/2022C12W0170 蔡總統：資安即國安境外認知作戰恐傷害民主 https://news.ltn.com.tw/news/politics/breakingnews/4152248 法媒解放報專訪唐鳳：強化架構對抗認知戰 https://www.cna.com.tw/news/aipl/202212150410.aspx H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安「車載資安是跨部門的事！」SGS 談ISO 21434、TISAX、ASPICE三大車載資安標準 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10219 D-Link dhp-w310av_firmware http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44930 D-Link dvg-g5402sp_firmware http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44929 D-Link dnr-322l_firmware http://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40799 TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE) https://www.exploit-db.com/exploits/51017 防疫，豈止一點-從抗病毒塗裝到物聯網門鎖資安，琺博築米大解密 https://n.yam.com/Article/20221212712636 資安公司：黑客偏愛攻擊較新車載系統建議 3 項汽車產業安全建議 https://today.line.me/hk/v2/article/WBggjyg 西門子、施耐德電機修補逾140個漏洞 https://www.securityweek.com/ics-patch-tuesday-siemens-fixes-80-openssl-openssh-flaws-switches I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 我國網路資安狂被駭監委申請自動調查 https://www.chinatimes.com/realtimenews/20220810003152-260407?chdtv 6.近期資安活動及研討會 TANET 2022 WORKSHOP PROGRAM -「第二屆數位鑑識、醫療私密與網駭安全」 2022/12/15 ~ 2022/12/17 https://tanet2022.esam.io/ ICS 2022 WORKSHOP PROGRAM -「Ubiquitous Cybersecurity and Forensics」 2022/12/15 ~ 2022/12/17 https://ics2022.esam.io/ HITCON GIRLS 2022 女性主管經驗談 2022/12/17 https://hitcon.kktix.cc/events/hitcongirlsworkexperience2022 【新竹限定】一日駭客體驗營｜６小時了解資安滲透 2022/12/17 https://www.accupass.com/event/2211150642209239161690 全球視野解鎖未來工作趨勢! Atlassian Work Life 大會精華分享 2022/12/17 https://www.meetup.com/taipei-atlassian-community-events/events/289787941/ 一日駭客x網路弱點滲透 2022/12/17 https://www.accupass.com/event/2210270652481821159224 幣圈資安必備知識，如何安全投資加密貨幣 2022/12/18 https://www.accupass.com/event/2212010638041616746126 製造業資安防禦新攻略！從邊緣到 IT 全面守護供應鏈 2022/12/21 https://www.accupass.com/event/2211180201203157149490 一鍵完成設備部署、資安、合規的實作秘笈 | In Taipei Apple Office 2022/12/23 https://jamf.kktix.cc/events/onetouch2022-2 【線上研討會】ISO/IEC 27001：2022 改版研討會 2022/12/23 https://www.accupass.com/event/2211090318242100958423 【高雄限定】一日駭客體驗營｜６小時了解資安滲透 2023/1/14 https://www.accupass.com/event/2211150721101457239234