###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/08/12 ~ 2024/08/16 1.重大弱點漏洞/後門/Exploit/Zero Day 0.0.0.0 零日漏洞使 Chrome、Firefox、Mozilla、 Safari瀏覽器面臨遠端程式碼執行風險 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11174 多個瀏覽器存在長達18年的漏洞，Chrome、Firefox、Safari都面臨危機 https://www.ithome.com.tw/news/164420 FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html 美國CISA 示警Cisco 舊版 Smart Install 功能已被用於攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11173 Windows系統近日曝出一個嚴重的安全漏洞 https://www.cve.org/CVERecord?id=CVE-2024-38063 https://www.panewslab.com/zh_hk/sqarticledetails/1pc7e6ueFt.html https://m.cnyes.com/news/id/5684115 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 微軟8月例行更新公布10個零時差漏洞，其中6個已出現實際攻擊 https://www.ithome.com.tw/news/164472 微軟近日發現Windows Update零日漏洞 https://www.technice.com.tw/techmanage/infosecurity/129675/ https://netmag.tw/2024/08/12/major-windows-flaw-remote-hackers-can-revert-pcs https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202 Windows 10與Server 2016以上版本CLFS.sys存在DoS漏洞，或致藍畫面當機 https://www.ithome.com.tw/news/164448 New Windows SmartScreen bypass exploited as zero-day since March https://www.bleepingcomputer.com/news/microsoft/new-windows-smartscreen-bypass-exploited-as-zero-day-since-march/ Microsoft Discloses 10 Zero-Day Bugs in Patch Tuesday Update https://www.darkreading.com/vulnerabilities-threats/microsoft-discloses-10-zero-day-bugs-in-pacth-tuesday-update Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2024-patch-tuesday-fixes-9-zero-days-6-exploited/ Windows 10 KB5041580 update released with 14 fixes, security updates https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5041580-update-released-with-14-fixes-security-updates/ Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days https://thehackernews.com/2024/08/microsoft-issues-patches-for-90-flaws.html CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html 微软RDL服务极危远程代码执行漏洞 (CVE-2024-38077) 安全通告 https://www.secrss.com/articles/68984 CVE-2024-38077-POC https://github.com/CloudCrowSec001/CVE-2024-38077-POC/blob/main/CVE-2024-38077.md CVE-2024-38077 https://nvd.nist.gov/vuln/detail/CVE-2024-38077 CVE-2024-38077 https://github.com/qi4L/CVE-2024-38077 CVE-2024-38077: Vulnerabilitatea 0-Click RCE 'MadLicense' afectează Windows Server de la versiunea 2000 până la 2025 https://threatspotting.ro/latest/cve202438077-vulnerabilitatea-0click-rce-madlicense-afecteaza-windows-server-de-la-versiunea-2000-pana-la-2025?fbclid=IwY2xjawElZQ9leHRuA2FlbQIxMQABHVmTb0v5hxqiWyTtFTQqQKEtlK1z0eqO8mxNRccdFhU6AegUK0vN3ZiaFg_aem_lvxkh4zm6d12yP9nYPBHjg 【CVE-2024-38077】核弹级Windows RCE漏洞如何自检并修复该漏洞（附批量漏洞检测工具及分析伪代码） https://blog.csdn.net/m0_62783065/article/details/141059922 研究人員揭露Windows更新機制缺陷，並宣稱能重新引入已修補漏洞 https://www.ithome.com.tw/news/164368 Windows 重大漏洞！ 駭客可遠端將修補完全的 PC 打回原型重現數千漏洞 https://netmag.tw/2024/08/12/major-windows-flaw-remote-hackers-can-revert-pcs Windows 10、11都中招！微軟認了大漏洞：所有電腦都會被降級攻擊 https://3c.ltn.com.tw/news/59179 Windows Update downgrade attack "unpatches" fully-updated systems https://www.bleepingcomputer.com/news/microsoft/windows-update-downgrade-attack-unpatches-fully-updated-systems/ Microsoft Windows 多個漏洞 CVE-2024-21302 和 CVE-2024-38202 https://www.hkcert.org/tc/security-bulletin/microsoft-windows-multiple-vulnerabilities_20240808 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21302 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202 0-Click Outlook RCE Vulnerability Triggered When Email is Clicked – Technical Analysis https://gbhackers.com/0-click-outlook-rce-vulnerability/amp/ Windows智慧應用程式控制與SmartScreen存在漏洞，可被攻擊者輕易繞過 https://www.ithome.com.tw/news/164336 Dismantling Smart App Control https://www.elastic.co/security-labs/dismantling-smart-app-control 微軟揭露OpenVPN的4個零時差漏洞 https://www.ithome.com.tw/news/164429 Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE https://thehackernews.com/2024/08/microsoft-reveals-four-openvpn-flaws.html Windows 11 KB5040546 測試版出現新的桌面小工具介面以及自訂Feed https://www.techbang.com/posts/117178-windows-11-kb5040546-beta-edition-tries-to-use-a-new-widget 微軟最後一次的Windows 7更新把桌面變黑了 https://www.ithome.com.tw/news/135489 零點擊漏洞CVE-2024-38063影響所有啟用IPv6的視窗作業系統 https://www.bleepingcomputer.com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/ CVE-2024-38063 (CVSS 9.8): 0-Click RCE Affects All Windows Systems https://securityonline.info/cve-2024-38063-cvss-9-8-0-click-rce-affects-all-windows-systems/ Office尚無更新版的漏洞可能導致敏感資料外洩，多個版本受影響 https://www.ithome.com.tw/news/164409 收信軟體Outlook表單注入漏洞CVE-2024-38173可被用於遠端執行任意程式碼 https://blog.morphisec.com/cve-2024-38173-form-injection Office存在可能導致敏感資料外洩的漏洞，微軟目前尚未提供修補程式 https://www.ithome.com.tw/news/164409 Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html Microsoft discloses unpatched Office flaw that exposes NTLM hashes https://www.bleepingcomputer.com/news/security/microsoft-discloses-unpatched-office-flaw-that-exposes-ntlm-hashes/ Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server https://blog.orange.tw/2024/08/confusion-attacks-en.html Apache Software Foundation CVE-2023-48396 https://nvd.nist.gov/vuln/detail/CVE-2023-48396 Apache Software Foundation https://nvd.nist.gov/vuln/detail/CVE-2024-27181 Apple釋出各平臺安全更新，還針對舊版macOS修補RTKit零日漏洞 https://www.ithome.com.tw/news/164296 Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers https://thehackernews.com/2024/08/experts-uncover-severe-aws-flaws.html 數百萬使用AMD Ryzen和EPYC CPU的系統受到Sinkclose漏洞影響，緩解措施已推出 https://www.xfastest.com/thread-291047-1-1.html 研究人員揭露AMD晶片存在近20年的SinkClose漏洞 https://www.ithome.com.tw/news/164412 ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections https://www.wired.com/story/amd-chip-sinkclose-flaw/ Critical AWS Services Vulnerability Let Attackers Execute Remote Code https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/aws-vulnerability-remote-execution/amp/ Head Mar Hacker Group Exploit CVE-2023-38831 Vulnerability in WinRAR https://cyberpress.org/head-mar-hacker-group/#google_vignette FreeBSD更新發布，修補OpenSSH高風險漏洞CVE-2024-7589 https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access https://thehackernews.com/2024/08/critical-flaw-in-ivanti-virtual-traffic.html SAP 嚴重漏洞允許遠端攻擊者繞過身份驗證 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11180 Adobe發布8月例行更新，修補72個漏洞 https://www.securityweek.com/adobe-calls-attention-to-massive-batch-of-code-execution-flaws/ GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover https://thehackernews.com/2024/08/github-vulnerability-artipacked-exposes.html Ivanti應用程式交付系統存在身分驗證繞過漏洞，已有概念性驗證程式碼公開，用戶應儘速處理 https://www.ithome.com.tw/news/164482 Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access https://thehackernews.com/2024/08/critical-flaw-in-ivanti-virtual-traffic.html GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks https://thehackernews.com/2024/08/ghostwrite-new-t-head-cpu-bugs-expose.html Google無線檔案傳輸工具Quick Share存在漏洞，影響Windows、安卓裝置 https://www.ithome.com.tw/news/164493 密碼管理器1Password存在缺陷，攻擊者有機會竊取用戶的密碼 https://www.helpnetsecurity.com/2024/08/09/cve-2024-42219-cve-2024-42218/ The IBM QRadar SIEM Amazon Web Services protocol is vulnerable to access restriction bypass and sensitive information exposure (CVE-2020-8908, CVE-2023-2976) https://www.ibm.com/support/pages/node/7165686 2.銀行/金融/保險/證券/金融監理 新聞及資安 資安專家警告：到國外渡假旅客應注意使用自動提款機的風險 https://reurl.cc/1boYGD 純網銀首見！將來銀行獲最新版資安、減碳雙驗證 https://reurl.cc/jyg8WM 中輸銀升級資安防護 落實金融生態鏈的當責 助企業與全球競合 https://www.cw.com.tw/article/5131354 櫃買中心舉行新舊任董事長交接典禮 簡立忠提五大方向 https://www.sinotrade.com.tw/richclub/news/66b996d732ba0c93315d4b6b 循「金融業運用AI指引」台新銀行攜手OneDegree Global 打造負責任AI系統 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11164 35家金融業者組聯盟用AI模型偵測警示帳戶攔阻詐騙金流，下一步要用聯合學習精進模型 https://www.ithome.com.tw/news/164486 六年大砸86億，國泰世華銀行明年啟動核心系統現代化 https://www.ithome.com.tw/news/164534 第一份金融上雲操作書來了！銀行公會發布「金融機構運用雲端服務實務手冊」 https://www.ithome.com.tw/news/164533 3.信用卡/電子支付/行動支付/pay/支付系統/資安 蘋果讓步！歐盟 App Store 開放外部支付，但要收「過路費」 https://buzzorange.com/techorange/2024/08/09/apple-revises-dma-compliance-for-app-store-link-outs/ 第三方支付成詐騙新手法！｜警籲民眾勿貪小便宜 https://reurl.cc/rv1Yyb 震驚！韓擁4千萬用戶Kakao Pay，竟將5百億個資交給中國支付寶 https://news.tvbs.com.tw/world/2583400 震驚！韓國最大行動支付 Kakao Pay 竟將 4,000 萬用戶個資交給支付寶 https://infosecu.technews.tw/2024/08/13/kakao-pay/ 綁定中資APP 形同個資免費送中 https://ec.ltn.com.tw/article/paper/1661654 電子支付也可買股票 全盈攜口袋證券推投資服務 https://ec.ltn.com.tw/article/breakingnews/4767308 不開手機就能Pay　JCB研發UWB新支付 https://www.cardu.com.tw/news/detail.php?53121 悠遊卡用戶再等等！iPhone NFC支付開放 台灣仍待確認 https://newtalk.tw/news/view/2024-08-15/932354 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 幣安從外部駭客手中追回超過7,300 萬美元被盜資金 https://www.binance.com/zh-CN/square/post/2024-08-08-binance-recovers-over-73m-in-stolen-funds-from-external-hacks-11892747677081 「Dark Skippy」機制可竊取比特幣硬體錢包私鑰 https://m.cnyes.com/news/id/5678013 灰度向Coinbase Prime轉入7706枚ETH https://www.theblockbeats.info/flash/259437 Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys https://thehackernews.com/2024/08/rogue-pypi-library-solana-users-steals.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Windows EFS可被用來實作勒索軟體，防毒軟體偵測不到 https://www.ithome.com.tw/news/135488 提供應用程式為誘餌，駭客在Chrome、Edge植入惡意延伸套件 https://www.ithome.com.tw/news/164418 中國駭客APT31、APT27發起攻擊行動EastWind，散布後門程式CloudSorcerer https://securelist.ru/eastwind-apt-campaign/110020/ USB蠕蟲CMoon透過天然氣業者網站散布，企圖竊取俄羅斯企業組織資料 https://securelist.ru/how-the-cmoon-worm-collects-data/109988/ 駭客在GitHub架設冒牌WinRAR網站，意圖散布惡意程式 https://blog.sonicwall.com/en-us/2024/08/beware-of-fake-winrar-websites-malware-hosted-on-github/ 駭客假借提供密碼產生器Google Authenticator，意圖散布竊資軟體Latrodectus、ACR Stealer https://cyble.com/blog/double-trouble-latrodectus-and-acr-stealer-observed-spreading-via-google-authenticator-phishing-site/ FBI查封勒索軟體Radar基礎設施 https://www.fbi.gov/contact-us/field-offices/cleveland/news/international-investigation-leads-to-shutdown-of-ransomware-group 勒索軟體駭客組織Black Basta嘗試利用社交工程活動，企圖散布惡意程式載入工具SystemBC https://www.rapid7.com/blog/post/2024/08/12/ongoing-social-engineering-campaign-refreshes-payloads/ 勒索軟體RansomHub試圖透過自帶驅動程式手法停用端點資安防護 https://www.ithome.com.tw/news/164521 殭屍網路Gafgyt鎖定設置弱密碼的SSH主機，占據GPU資源挖礦 https://www.aquasec.com/blog/gafgyt-malware-variant-exploits-gpu-power-and-cloud-native-environments/ 駭客假借寄送訂單的名義散布以Python打造的竊資軟體，企圖搜括受害者各式資料 https://blog.barracuda.com/2024/08/14/phishing-advanced-infostealer-data-exfiltration FBI查封勒索軟體Dispossessor基礎設施 https://www.ithome.com.tw/news/164530 Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs https://www.bleepingcomputer.com/news/security/malware-force-installs-chrome-extensions-on-300-000-browsers-patches-dlls/ EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files https://thehackernews.com/2024/08/russian-government-hit-by-eastwind.html FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany https://thehackernews.com/2024/08/fbi-shuts-down-dispossessor-ransomware.html CERT-UA Report: UAC-0198: Mass distribution of ANONVNC (MESHAGENT) among government organizations of Ukraine https://cert.gov.ua/article/6280345 New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining https://thehackernews.com/2024/08/new-gafgyt-botnet-variant-targets-weak.html Black Basta-Linked Attackers Target Users with SystemBC Malware https://thehackernews.com/2024/08/black-basta-linked-attackers-targets.html Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges https://thehackernews.com/2024/08/belarusian-ukrainian-hacker-extradited.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Custom ROMs have had just about enough of being Android's second-class citizens https://www.androidauthority.com/custom-roms-vs-google-3469378/ 王義川曝手機分析群眾 資安學者打臉藍白 https://reurl.cc/A2RgZK 安全研究人員：駭客可透過 5G 基頻漏洞將協議降至 4G 以竊取資料 https://reurl.cc/E6Zgk0 Google 修復已被攻擊的Android 內核級零日漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11163 中資App洗產地清單驚人 網：武俠小說基本全中 https://newtalk.tw/news/view/2024-08-14/932169 https://hafat.github.io/cn_game.html https://docs.google.com/spreadsheets/d/1OYx-fTuLiY9QEkZKj8-v1kSU0vnZ7Uepk9gc9GlQcUM/edit?fbclid=IwY2xjawEpgXBleHRuA2FlbQIxMAABHSM6UjEbv9cJJcmiqeWBenmzcZROAEqWqVaQyfw_a3PoHx-WHXOmD1Es9g_aem_al_4hzN5lrBDvU6jEGI-SA&pli=1&gid=0#gid=0 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 NIST正式發布3款PQC標準，鼓勵各界盡快轉換以因應量子破密威脅 https://www.ithome.com.tw/news/164456 CI/CD工作流程服務GitHub Actions恐曝露知名專案的GitHub憑證 https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ NPM大量垃圾套件氾濫，恐影響開源生態系安全性 https://www.ithome.com.tw/news/164419 臺灣資安戰隊11回參與DEF CON CTF資安搶旗賽，獲得第7名佳績 https://www.ithome.com.tw/news/164501 97%台灣企業在過去一年至少遭受兩次與身分相關的資安入侵事件 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11169 臺灣資安戰隊參與DEF CON資安搶旗賽，獲得第7名佳績 https://www.facebook.com/moda.gov.tw/posts/500967092749394 從Windows大當機事件　反思資安韌性政策 https://www.cmmedia.com.tw/home/articles/48507 資安業者CrowdStrike獲頒Pwnie Awards史詩級失敗獎項 https://www.ithome.com.tw/news/164446 中國資安業者宣稱造成全球EDR大當機的問題可被用於攻擊，遭到CrowdStrike否認 https://www.crowdstrike.com/blog/tech-analysis-addressing-claims-about-falcon-sensor-vulnerability/ 成最新網攻目標 業者：商用客機受影響 https://www.ntdtv.com/b5/2024/08/11/a103904595.html 美國DEF CON 駭客年會 駭客群集挑戰投票系統漏洞 https://www.taiwannews.com.tw/zh/news/5917306 微軟：伊朗加強與美國大選有關的網路攻擊 https://big5.ftchinese.com/interactive/166910?exclusive 川普競選團隊傳出遭遇伊朗國家級駭客攻擊 https://securityaffairs.com/166895/cyber-warfare-2/donald-trumps-campaign-hacked.html 川普團隊稱駭客攻擊 內部通訊與副手檔案遭曝光 https://today.line.me/tw/v2/article/3NmgGkB 美國警告無效 中國駭客組織「伏特颱風」一樣囂張 https://news.ltn.com.tw/news/world/breakingnews/4765100 美網路安全專家：陸駭客「伏特颱風」能力令人不寒而慄 https://www.chinatimes.com/realtimenews/20240811001453-260409?ctrack=pc_main_rtime_p01&chdtv 北韓駭客kimsuky鎖定研究人員及教授發動網路間諜攻擊 https://www.cyberresilience.com/threatintel/apt-group-kimsuky-targets-university-researchers/ 韓國軍事偵察機的機密驚傳遭竊，起因是國防承包商受到北韓駭客攻擊 https://www.ithome.com.tw/news/164436 美國田納西州男子經營筆電農場，協助北韓駭客在美、英企業「工作」 https://www.ithome.com.tw/news/164451 微軟1月遭駭事故傳出英國內政部也是受害單位，郵件帳號遭俄羅斯駭客Midnight Blizzard入侵 https://www.ithome.com.tw/news/164447 駭客冒充烏克蘭安全局散布惡意軟體AnonVNC，攻擊烏克蘭政府超過100臺電腦 https://cip.gov.ua/en/news/khakeri-rozpovsyudzhuyut-shkidlive-programne-zabezpechennya-nibito-vid-imeni-sbu 網路間諜團體XDSpy鎖定俄羅斯及摩爾多瓦而來 https://habr.com/ru/companies/f_a_c_c_t/news/831420/ 伊朗駭客APT42試圖鎖定美國兩大總統候選人陣營，發動網路攻擊 https://www.ithome.com.tw/news/164520 New APT Group Actor240524: A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel https://nsfocusglobal.com/new-apt-group-actor240524-a-closer-look-at-its-cyber-tactics-against-azerbaijan-and-israel/ DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs https://thehackernews.com/2024/08/doj-charges-nashville-man-for-helping.html Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users https://thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html University Professors Targeted by North Korean Cyber Espionage Group https://thehackernews.com/2024/08/university-professors-targeted-by-north.html Hackers posing as Ukraine’s Security Service infect 100 govt PCs https://www.bleepingcomputer.com/news/security/hackers-posing-as-ukraines-security-service-infect-100-govt-pcs/ Tennessee Man Helped DPRK Workers Get Jobs at US Orgs, Fund WMDs https://www.darkreading.com/remote-workforce/tennessee-man-helped-dprk-workers-get-jobs-at-us-orgs-fund-wmds Iran Targeting 2024 US Election https://blogs.microsoft.com/on-the-issues/2024/08/08/iran-targeting-2024-us-election/ DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals https://thehackernews.com/2024/08/ddos-attacks-surge-46-in-first-half-of.html 中國駭客組織Earth Baku轉移目標，鎖定歐洲、中東、非洲地區發動攻擊 https://www.trendmicro.com/en_us/research/24/h/earth-baku-latest-campaign.html China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa https://thehackernews.com/2024/08/china-backed-earth-baku-expands-cyber.html RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks https://thehackernews.com/2024/08/ransomhub-group-deploys-new-edr-killing.html 台北-資安分析師 https://www.104.com.tw/job/8dhbi?jobsource=google 資安專案管理師（資安檢測技術PM） https://www.104.com.tw/job/7t7m1?jobsource=google 【IT】雲端資安工程師 (台北) https://www.104.com.tw/job/8c0l5?jobsource=google 資安工程師(資安部) https://www.104.com.tw/job/86xdt?jobsource=google 資安工程師 https://www.104.com.tw/job/875d0?jobsource=google 資安工程師 https://www.104.com.tw/job/8c2py?jobsource=google 無人機資安檢測工程師 https://www.104.com.tw/job/85qol?jobsource=google 資訊處 資安專責人員 https://www.104.com.tw/job/8cntr?jobsource=google 資安專案管理 https://www.104.com.tw/job/8dbk6?jobsource=google 【SI】資安工程師 https://www.104.com.tw/job/7usit?jobsource=google D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 X平台訓練AI 暫不用歐盟用戶資料 https://www.chinatimes.com/realtimenews/20240809002702-260410?chdtv 用資安防護應援今年度巴黎賽事，如何識破數位詐騙、突破竊資包圍網 https://buzzorange.com/techorange/2024/08/09/dark-web-shows-cybercriminals-ready-for-olympics/ 科技業者資料庫配置不當，導致美國460萬選民資料曝露網上 https://www.ithome.com.tw/news/164405 IT業者資料庫配置不當，曝露美國460萬選民資料 https://www.ithome.com.tw/news/164405 香港上半年1.9萬件詐騙案　較去年同期成長6.2% https://www.ettoday.net/news/20240810/2794778.htm 研究人員揭露鎖定臉書用戶的電子商務詐騙活動 https://www.ithome.com.tw/news/164313 M365 Copilot可被濫用進行釣魚攻擊 https://www.ithome.com.tw/news/164426 14億筆騰訊用戶資料驚傳流入駭客論壇 https://www.ithome.com.tw/news/164463 防不勝防！win-rar.co與win-rar.com哪個是正牌的 https://www.ithome.com.tw/news/164527 National Public Data驚傳資料外洩，29億筆記錄遭竊 https://www.securityweek.com/unconfirmed-hack-of-2-9-billion-records-at-national-public-data-sparks-media-frenzy-amid-lawsuits/ How Phishing Attacks Adapt Quickly to Capitalize on Current Events https://thehackernews.com/2024/08/how-phishing-attacks-adapt-quickly-to.html Telegram Bot Selling Phishing Tools to Bypass 2FA & Hack Microsoft 365 Accounts https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/telegram-bot-selling-phishing-tools/amp/ Ukraine Warns of New Phishing Campaign Targeting Government Computers https://thehackernews.com/2024/08/ukraine-warns-of-new-phishing-campaign.html New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data https://thehackernews.com/2024/08/new-cyber-threat-targets-azerbaijan-and.html E.研究報告/工具 手殘都會！「PiVPN」在樹莓派快速部屬 OpenVPN Server https://www.jkg.tw/p1500/ 資訊安全介紹 https://ithelp.ithome.com.tw/m/articles/10344025 資安鐵三角CIA https://ithelp.ithome.com.tw/articles/10344272?sc=rss.qu 資訊安全跟網路安全的不同 https://ithelp.ithome.com.tw/articles/10343441 【開局地端紅隊小白與雲端資安的清晨Punch】Day1 寫在前面 https://ithelp.ithome.com.tw/articles/10344206 新電腦必用！Winutil 一鍵安裝所有常用軟體、關閉和移除 Windows 用不到的功能 https://www.kocpc.com.tw/archives/559942 開啟SELinux真的很要命嗎⁉如何幫助你處理SELinux錯誤 https://supr.link/IfGeK 從 mongodb 轉移到 PostgreSQL 的心路歷程 https://medium.com/@tony.infisical/the-great-migration-from-mongodb-to-postgresql-fa3978bc143b 研究人員揭露微軟Entra ID隱藏的身分驗證機制弱點UnOAuthorized，恐讓攻擊者取得全域管理員權限 https://www.ithome.com.tw/news/164488 Threat Actors’ Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/ Attacking Samsung RKP https://blog.impalabs.com/2111_attacking-samsung-rkp.html Exploiting pfsense Remote Code Execution – CVE-2022-31814 https://laburity.com/exploiting-pfsense-remote-code-execution-cve-2022-31814/ Ghost in the PPL Part 1: BYOVDLL https://blog.scrt.ch/2024/08/09/ghost-in-the-ppl-part-1-byovdll/ Windows Defender MP Logs - A Story of Artifacts https://www.thedfirspot.com/post/windows-defender-mp-logs-a-story-of-artifacts A deep dive into CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability https://bughunters.google.com/blog/6303226026131456/a-deep-dive-into-cve-2023-2163-how-we-found-and-fixed-an-ebpf-linux-kernel-vulnerability DLL Jmping: Old Hollow Trampolines in Windows DLL Land https://www.blackhillsinfosec.com/dll-jmping/ “Journey from LFI to RCE!!!”-How I was able to get the same in one of the India’s popular property buy/sell company. https://infosecwriteups.com/bugbounty-journey-from-lfi-to-rce-how-a69afe5a0899 Create fud payload | msfvenom + metasploit + python https://en.hacks.gr/%CE%B4%CE%B7%CE%BC%CE%B9%CE%BF%CF%85%CF%81%CE%B3%CE%B1-fud-payload-msfvenom-metasploit-python/ Design Patterns in Java With Examples https://javatechonline.com/java-design-patterns-java/ Creating Undetectable Windows Malware (Villain C2 Framework+ PowerShell Obfuscation + Undetectable Delivery) https://medium.com/@sam.rothlisberger/creating-undetectable-windows-malware-villain-c2-framework-powershell-obfuscation-undetectable-3652998e4152 LangGraph Engineer https://github.com/hwchase17/langgraph-engineer Check out the HackberryPi Zero, a Raspberry Pi-based hacking tool https://www.techspot.com/news/104179-check-out-hackberrypi-zero-raspberry-pi-based-hacking.html Generate datasets of cloud audit logs for common attacks https://github.com/datadog/grimoire RISC-V Linux SoC, marchID: 0x2b https://github.com/splinedrive/kianRiscV Fuzzing scripting languages' interpreters' native functions using AFL++ to find memory corruption and more https://joshua.hu/aflplusplus-fuzzing-scripting-languages-natively Quick Start Instructions for CWE REST API Users https://github.com/CWE-CAPEC/REST-API-wg Prowide ISO 20022 https://mvnrepository.com/artifact/com.prowidesoftware Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks https://www.linkedin.com/pulse/industrial-remote-access-tool-ewon-cosy-vulnerable-root-p3tjf/ Why Hardsec Matters: From Protecting Critical Services to Enhancing Resilience https://thehackernews.com/2024/08/why-hardsec-matters-from-protecting.html The Internet OS! Free, Open-Source, and Self-Hostable. https://github.com/HeyPuter/puter MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. https://github.com/MaLDAPtive/Invoke-Maldaptive Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html Why Hardsec Matters: From Protecting Critical Services to Enhancing Resilience https://thehackernews.com/2024/08/why-hardsec-matters-from-protecting.html F.商業 OPSWAT收購InQuest，強化聯邦市場策略、網路檢測和威脅情報能力 https://www.ithome.com.tw/pr/164372 提升網路資安防護力，Fortinet系統平臺2024年度大改版 https://www.ithome.com.tw/review/164355 趨勢科技與GMI Cloud合作，擴展資安AI平台策略 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11172 安全更新引發大當機，CrowdStrike傳有意買下修補程式管理新創Action1改善軟體開發流程 https://www.ithome.com.tw/news/164468 網通大廠思科擬裁員數千人 未來將聚焦資安、AI https://www.ttv.com.tw/finance/view/?i=0820241206221877DF9B8ACE4B398FC169EA430B3104675C&from=587 Identity Threat Detection and Response Solution Guide https://thehackernews.com/2024/08/identity-threat-detection-and-response.html The Windows 10 clock is ticking: 5 ways to save your old PC in 2025 (most are free) https://www.zdnet.com/article/the-windows-10-clock-is-ticking-5-ways-to-save-your-old-pc-in-2025-most-are-free/ The AI Hangover is Here – The End of the Beginning https://thehackernews.com/2024/08/the-ai-hangover-is-here-end-of-beginning.html G.政府 提升資料傳輸安全 資安A級機關年底全導入T-Road https://money.udn.com/money/story/5612/8152028 資安A級機關全面部署T-Road 數發部：提升跨機關傳出安全 https://reurl.cc/dyGZZy 數發部：今年底前 T-Road將全面部署47個資安A級機關 https://udn.com/news/story/7240/8151884 數位部透露導入T-Road最新進度，47個資安A級機關將於年底完成，未來擴大到地方政府 https://www.ithome.com.tw/news/164497 打詐新四法上路，電信事業從業人員應配合打詐事項 https://www.kocpc.com.tw/archives/559742 資安風險就是國安風險 國防院學者示警中國APP入侵 https://today.line.me/tw/v2/article/5yjgVJE 只要中國政府管轄APP 都有資安疑慮 https://reurl.cc/Yqj4za 加強菸酒事業資安強度，保障菸酒個資檔案安全 https://www.tainan.gov.tw/News_Content.aspx?n=13371&s=8675051 數發部出席國際資訊安全會議 揭新型態網攻因應對策 https://www.cna.com.tw/news/afe/202408120192.aspx 數位發展部率團參與資安會議DEF CON 32，分享臺灣網路安全與通訊韌性經驗 https://moda.gov.tw/press/press-releases/13324 臺灣數位信任協會成立，專注詐騙防治與數位安全議題 https://www.ithome.com.tw/news/164499 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 無人機新規12月上路！14歲就可考飛行執照 飛行條件一文看 https://www.ctee.com.tw/news/20240810700009-430503 美國逾4萬臺工業控制設備曝露在網際網路，逾半數與大樓自動化有關 https://www.securityweek.com/over-40000-internet-exposed-ics-devices-found-in-us-censys/ 工控系統遠端存取解決方案Ewon Cosy+存在漏洞，攻擊者有機會取得root權限 https://www.ithome.com.tw/news/164432 Sonos智慧喇叭漏洞讓駭客得以監聽使用者 https://www.ithome.com.tw/news/164438 西門子、施耐德電機、Aveva、Rockwell Automation、CISA針對工業系統資安漏洞發布公告 https://www.securityweek.com/ics-patch-tuesday-advisories-released-by-siemens-schneider-rockwell-aveva/ Ecovacs robot vacuums can be hijacked remotely to spy on you https://www.techspot.com/news/104208-ecovacs-robot-vacuums-can-hijacked-remotely-spy-you.html Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in.html Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks https://thehackernews.com/2024/08/industrial-remote-access-tool-ewon-cosy.html I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 2024 HITCON x Yourator 資安職涯論壇｜ 現場企業徵才，解鎖你的資安未來 ꗃ 2024/8/17 https://www.accupass.com/event/2407120626187489710470 Just a chat - with no Expectations 2024/8/17 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302490813/ Taoyuan WordPress Café 桃園咖啡小聚 #39 2024/8/17 https://www.meetup.com/taoyuan-wordpress-meetup/events/302363697/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/20 https://www.meetup.com/taiwan-code-camp/events/302548977/ 2024全面阻絕詐騙論壇 2024/8/20 https://www.accupass.com/event/2407300901531515176080 SyntaxError 2024/8/21 https://www.meetup.com/pythonhug/events/pqnsctygclbcc/ Taipei dbt Meetup #26 for all folks working with data! (Hybrid 👫 + 🧑‍💻)2024/8/21 https://www.meetup.com/taipei-dbt-meetup/events/302491357/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/8/22 https://www.meetup.com/hackingthursday/events/psspctygclbdc/ HACKS IN TAIWAN CONFERENCE - COMMUNITY 2024 https://hitcon.org/2024/CMT/ Just a chat - with no Expectations 2024/8/24 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbgc/ 《報導者》的AI初體驗：我們如何建置立委發言監測儀表板 2024/8/26 https://www.meetup.com/rladies-taipei/events/302047204/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/27 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygclbkc/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/ SyntaxError 2024/8/28 https://www.meetup.com/pythonhug/events/pqnsctygclblc/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/8/29 https://www.meetup.com/hackingthursday/events/psspctygclbmc/ 資安職能培訓｜安全程式開發管理師 2024/8/31 ~ 2024/10/5 https://acsiacad.kktix.cc/events/308914 Just a chat - with no Expectations 2024/8/31 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbpc/ 第九屆《WHATs NEXT》未來科技產業高峰會 2024/9/3 https://www.accupass.com/event/2406060317121880421709 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/3 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcmbfb/ SyntaxError 2024/9/4 https://www.meetup.com/pythonhug/events/pqnsctygcmbgb/ 資安長零信任的第一堂課（九月場） 2024/9/19 https://jamf.kktix.cc/events/applexjamf-sep 資訊安全系列課程 2024/9/30 https://www.accupass.com/event/2407011640161317038989 資訊安全系列課程 2024/10/12 https://www.accupass.com/event/2407011633417884074930 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024 Threat Analyst Summit 2024 威脅分析師高峰會 2024/12/11 ~ 2024/12/12 https://teamt5tw.kktix.cc/events/tas2024