資安事件新聞週報 2023/5/15 ~ 2023/5/19

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/5/15 ~ 2023/5/19 1.重大弱點漏洞/後門/Exploit/Zero Day 思科交換器出現重大漏洞，可被用於遠端執行任意程式碼 https://www.bleepingcomputer.com/news/security/cisco-warns-of-critical-switch-bugs-with-public-exploit-code/ Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks https://thehackernews.com/2023/05/critical-flaws-in-cisco-small-business.html WordPress外掛程式Elementor漏洞可讓攻擊者挾持管理員帳號，百萬網站恐曝險 https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites/ New Flaw in WordPress Plugin Used by Over a Million Sites Under Active Exploitation https://thehackernews.com/2023/05/severe-security-flaw-exposes-over.html 超級跑車製造商法拉利WordPress網站出現漏洞，起因是使用舊版外掛程式 https://www.char49.com/articles/we-dont-have-a-ferrari-but-we-had-their-database-credentials 開源密碼管理器KeePass出現漏洞，攻擊者有可能藉此取得主控密碼 https://github.com/vdohney/keepass-password-dumper Linux核心漏洞NetFilter恐被用於取得root權限 https://www.bleepingcomputer.com/news/security/new-linux-kernel-netfilter-flaw-gives-attackers-root-privileges/ 2.銀行/金融/保險/證券/金融監理新聞及資安 Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands https://thehackernews.com/2023/05/darknet-carding-kingpin-pleads-guilty.html 企業為何需自己建立內部資安檢測團隊？台灣樂天網安主管以實務經驗現身說法 https://www.ithome.com.tw/news/156927 三竹資訊多項新系統齊發！董座邱宏哲：目標三年導入 50 家券商 https://finance.technews.tw/2023/05/18/action-watch-system/ 打造臺灣金融專屬資安人才職能地圖，聚焦課程設計以促進培訓 https://www.ithome.com.tw/news/156897 內賊外賊都要防金管會力推「零信任」資安架構 https://udn.com/news/story/7239/7165044 銀行自律上路防堵供應鏈資安出包 https://ctee.com.tw/uncategorized/851904.html 3.信用卡/電子支付/行動支付/pay/支付系統/資安藍新科技部署Akamai資安方案，全力阻止惡意流量干擾金流服務 https://www.metaage.com.tw/news/showcases/527 新北市府花6千萬推行動支付APP遭疑成效不彰僅7萬人使用 https://news.ltn.com.tw/news/politics/breakingnews/4305044 赴陸無行動支付怎辦？2「解方」順利開通台資銀行：業務增逾3倍 https://www.ettoday.net/news/20230518/2500972.htm 台北捷運預期將可在2026年增加以Apple Pay等行動支付方式搭乘 https://reurl.cc/1enpaQ 行動支付夯銀行賠錢買點數集客 https://ctee.com.tw/news/finance/863597.html 陸9成人使用無紙化交易遊客無電子支付嘆「便利與我無關」 https://www.ettoday.net/news/20230518/2501267.htm 《金融》街口連結台新帳戶日本跨境支付嘛也通 https://reurl.cc/pLqVNd 街口支付2項違規金管會公告裁罰 https://finance.ettoday.net/news/2499672 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 CertiK：ArbitrumNews DAO項目Discord服務器已被入侵，請勿點擊任何鏈接 https://news.cnyes.com/news/id/5185002 白帽駭客心動！LayerZero和Immunefi掛出「1500萬美元」生態漏洞賞金 https://www.blocktempo.com/layerzero-launches-15m-bug-bounty-program/ 韓虛擬資產用戶保護法案或於本月通過，將授予金委會監督權力 https://news.cnyes.com/news/id/5183952 擬於本月通過《虛擬資產用戶保護法》！韓國如何強化加密監管改革 https://news.knowing.asia/news/b71a2bbe-7aae-402c-9278-f089ef8e8e65 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 研究：三分之二的組織連續第二年回報遭到勒索軟體攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10467 數聯資安分享近期ERS與MDR主機發現之IOC情資 https://www.tcrc.edu.tw/new/new-list/ers-mdr-ioc 勒索軟體Royal著手打造惡意軟體載入工具 https://www.linkedin.com/posts/yelisey-bohuslavskiy-214a02bb_royal-ransomware-apt-activity-7064301345599565824-EwaW/ 勒索軟體Qilin改以程式語言Rust開發，鎖定教育、醫療、金融產業而來 https://www.group-ib.com/blog/qilin-ransomware/ 惡意軟體CopperStealer透過Chrome瀏覽器外掛程式散布，盜走受害者的加密貨幣 https://www.trendmicro.com/en_us/research/23/e/water-orthrus-new-campaigns-deliver-rootkit-and-phishing-modules.html Zimbra郵件伺服器遭到勒索軟體MalasLocker鎖定，駭客要求向非營利組織捐款換取解密金鑰 https://www.bleepingcomputer.com/news/security/malaslocker-ransomware-targets-zimbra-servers-demands-charity-donation/ 美國、澳洲針對勒索軟體BianLian近期的攻擊態勢提出警告 https://www.bleepingcomputer.com/news/security/fbi-confirms-bianlian-ransomware-switch-to-extortion-only-attacks/ 勒索軟體CheckMate鎖定SMB檔案共用協定而來 https://cybernews.com/security/checkmate-ransomware-victims/ 惡意VSCode外掛程式恐在開發人員電腦植入遠端Shell、竊取密碼 https://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/ IT服務業者ScanSource證實遭到勒索軟體攻擊，導致系統中斷運作 https://storage.pardot.com/704223/1684277198bEZlDMDs/CIR_PressRelease_Final_051623.pdf 政府機關與航空業者遭駭客組織Lancefly鎖定，散布後門程式Merdoor https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lancefly-merdoor-zxshell-custom-backdoor 逾30款惡意PyPI套件被用於發動供應鏈攻擊 https://www.fortinet.com/blog/threat-research/more-supply-chain-attacks-via-malicious-python-packages 勒索軟體MichaelKors針對Linux及VMware虛擬化平臺而來 https://www.crowdstrike.com/blog/hypervisor-jackpotting-lack-of-antivirus-support-opens-the-door-to-adversaries/ 惡意軟體CLR SqlShell針對微軟SQL Server下手 https://asec.ahnlab.com/en/52479/ Follina漏洞攻擊行動再度出現，這次被用於散布木馬程式Xworm https://www.securonix.com/blog/securonix-threat-labs-security-meme4chan-advisory/ 中亞政府遭到惡意軟體DownEx攻擊 https://www.bitdefender.com/blog/businessinsights/deep-dive-into-downex-espionage-operation-in-central-asia/ 殭屍網路RapperBot不只利用受害裝置發動DDoS攻擊，也將其用於挖礦 https://www.fortinet.com/blog/threat-research/rapperbot-ddos-botnet-expands-into-cryptojacking Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lancefly-merdoor-zxshell-custom-backdoor Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads https://www.securonix.com/blog/securonix-threat-labs-security-meme4chan-advisory/ BlackSuit Ransomware Strikes Windows and Linux Users https://blog.cyble.com/2023/05/12/blacksuit-ransomware-strikes-windows-and-linux-users/ Chinese Hacker Group Stealing Information From Korean Companies https://asec.ahnlab.com/en/52538/ ASEC Weekly Phishing Email Threat Trends (April 30th, 2023 – May 6th, 2023) https://asec.ahnlab.com/en/52667/ RecordBreaker Infostealer Disguised as a Well-known Korean Software https://asec.ahnlab.com/en/52542/ Dissecting Rancoz Ransomware https://blog.cyble.com/2023/05/11/dissecting-rancoz-ransomware/ Geacon Brings Cobalt Strike Capabilities to macOS Threat Actors https://www.sentinelone.com/blog/geacon-brings-cobalt-strike-capabilities-to-macos-threat-actors/ Water Orthrus’s New Campaigns Delivers Rootkit and Phishing Modules https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/e/water-orthrus-new-campaigns-deliver-rootkit-and-phishing-modules/waterorthrus_iocs.txt https://www.trendmicro.com/en_us/research/23/e/water-orthrus-new-campaigns-deliver-rootkit-and-phishing-modules.html 駭客組織RA Group利用Babuk原始碼打造勒索軟體，鎖定美國與南韓組織 https://blog.talosintelligence.com/ra-group-ransomware/ Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source code https://blog.talosintelligence.com/ra-group-ransomware/ https://github.com/Cisco-Talos/IOCs/blob/main/2023/05/ra-group-ransomware.txt LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea https://asec.ahnlab.com/en/52570/ 8220 Gang Evolves With New Strategies https://www.trendmicro.com/en_us/research/23/e/8220-gang-evolution-new-strategies-adapted.html 8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency https://thehackernews.com/2023/05/8220-gang-exploiting-oracle-weblogic.html The Dragon Who Sold His Camaro: Analyzing Custom Router Implant https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/ APT28 leverages multiple phishing techniques to target Ukrainian civil society https://blog.sekoia.io/apt28-leverages-multiple-phishing-techniques-to-target-ukrainian-civil-society/ Qakbot C2s https://www.team-cymru.com/post/visualizing-qakbot-infrastructure Java RAT C2 https://isc.sans.edu/diary/rss/29864 Threat Actors Using Fake QuickBooks Software to Scam Organizations https://www.esentire.com/blog/threat-actors-using-fake-quickbooks-software-to-scam-organizations CACTUS ransomware https://www.kroll.com/en/insights/publications/cyber/cactus-ransomware-prickly-new-variant-evades-detection OilAlpha: A Likely Pro-Houthi Group Targeting Entities Across the Arabian Peninsula https://www.recordedfuture.com/oilalpha-likely-pro-houthi-group-targeting-arabian-peninsula https://go.recordedfuture.com/hubfs/reports/cta-2023-0516.pdf The distinctive rattle of APT SideWinder https://www.group-ib.com/blog/hunting-sidewinder/ AndoryuBot’s DDOS Rampage https://blog.cyble.com/2023/05/17/andoryubots-ddos-rampage/ Minas — a multi-stage cryptocurrency miner infection https://securelist.com/minas-miner-on-the-way-to-complexity/109692/ StopRansomware: BianLian Ransomware Group https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-136a Most prevalent malware files from last week https://blog.talosintelligence.com/newsletter-may-18-2023/ XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks https://thehackernews.com/2023/05/xworm-malware-exploits-follina.html New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows https://thehackernews.com/2023/05/new-variant-of-linux-backdoor-bpfdoor.html 教育機構的列印管理系統PaperCut遭到勒索軟體駭客Bl00dy盯上 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-131a 伊朗駭客也針對列印管理系統PaperCut漏洞發動攻擊 https://twitter.com/MsftSecIntel/status/1654610012457648129 Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability https://thehackernews.com/2023/05/bl00dy-ransomware-gang-strikes.html New Ransomware Gang RA Group Hits U.S. and South Korean Organizations https://thehackernews.com/2023/05/new-ransomware-gang-ra-group-hits-us.html Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign https://thehackernews.com/2023/05/researchers-uncover-powerful-backdoor.html New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems https://thehackernews.com/2023/05/new-michaelkors-ransomware-as-service.html CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware https://thehackernews.com/2023/05/clr-sqlshell-malware-targets-ms-sql.html CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules https://thehackernews.com/2023/05/water-orthrus-copperstealer-malware.html Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign https://thehackernews.com/2023/05/researchers-uncover-powerful-backdoor.html U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator https://thehackernews.com/2023/05/us-offers-10-million-bounty-for-capture.html Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware https://thehackernews.com/2023/05/searching-for-ai-tools-watch-out-for.html Rust-Based Info Stealers Abuse GitHub Codespaces https://www.trendmicro.com/zh_hk/research/23/e/rust-based-info-stealers-abuse-github-codespaces.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/e/rust-based-info-stealers-abuse-github-codespaces/IOC-list-rust-based-info-stealers-abuse-github-codespaces.txt B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions https://thehackernews.com/2023/05/apple-thwarts-2-billion-in-app-store.html OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users https://thehackernews.com/2023/05/oilalpha-emerging-houthi-linked-cyber.html WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities https://thehackernews.com/2023/05/webkit-under-attack-apple-issues.html This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide https://thehackernews.com/2023/05/this-cybercrime-syndicate-pre-infected.html 路上撿到「tsmc手機」！內行一看急壞了　專家曝：恐被公司嚴重關切 https://www.setn.com/News.aspx?NewsID=1297398 Apple 於 2022 年共封鎖 170 萬個存有隱私與資安問題的 App https://www.twcert.org.tw/tw/cp-104-7127-69368-1.html NVIDIA 和 ServiceNow 可能已找到生成式 AI 超強 App！人資和客服工作可望「自動化」 https://buzzorange.com/techorange/2023/05/18/servicenow-and-nvidia-announce-partnership-to-build-generative-ai-across-enterprise-it/ 手機「自動解鎖」恐為被入侵警訊！這 4 款機型被點名是駭客的最愛 https://3c.ltn.com.tw/news/53302 「幽靈之觸」盜銀行帳密　4款機型最易中招 https://today.line.me/tw/v2/article/vXn5vOK 駭客假借ChatGPT名義散布騙錢軟體FleeceGPT https://news.sophos.com/en-us/2023/05/17/fleecegpt-mobile-apps-target-ai-curious-to-rake-in-cash/ 使用 ChatGPT 服務當心！資安專家發現多個假 App 收取高額費用 https://www.owlting.com/news/articles/359123 Sophos：假扮合法ChatGPT App向使用者騙取數千美元 http://www.ctimes.com.tw/DispNews-tw.asp?O=HK75IA6KRNOSAA00NC iPhone等必須升級！蘋果火速發布iOS 16/15更新：修復一系列漏洞 https://reurl.cc/eX0ZO7 蘋果發布iOS 16.5、macOS Ventura 13.4，修補3個已出現攻擊行動的WebKit零時差漏洞 https://www.bleepingcomputer.com/news/apple/apple-fixes-three-new-zero-days-exploited-to-hack-iphones-macs/ 9款手機證實有漏洞！新駭客手法「直接解鎖」　iPhone也中了 https://www.setn.com/News.aspx?NewsID=1296979 近9百萬臺安卓裝置恐預載了惡意軟體Guerrilla https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html 家長控管App出現漏洞，恐被用於攻擊、解除管制功能 https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/ 蘋果2022年審核610萬個App，逾四分之一遭封殺 https://www.apple.com/newsroom/2023/05/app-store-stopped-more-than-2-billion-in-fraudulent-transactions-in-2022/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力佛心駭客入侵　不為牟利只求慈善捐款 https://www.technice.com.tw/cloudtech/infosecurity/53423/ 台灣居冠全球! 2023 年首季平均每週遭攻擊逾 3,000 次 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10465 瑪莎百貨和帝亞吉歐的養老金計劃可能受網路攻擊影響 https://big5.ftchinese.com/interactive/109588?exclusive 計程車派遣服務Yoxi遭帳號填充攻擊，大量占用系統資源影響營運 https://www.facebook.com/yoxiTW/posts/pfbid0n7AwbB9s6nb91ZTmduYoDotZdJ4vpaQv1pScJRfuav6FjXQyKmj7aZ7JszzXTDJHl 美國搖滾樂團Smashing Pumpkins傳出對竊取未公開歌曲的駭客支付贖金 https://securityaffairs.com/146029/cyber-crime/smashing-pumpkins-paid-ransom.html 俄國駭客勒索獲2億贖金聯邦懸賞千萬捉拿 https://reurl.cc/eX0ZOR 美眾議院聽證：如何對抗中共的經濟侵略 https://reurl.cc/KMyvep 烏克蘭、愛爾蘭、日本、冰島加入北約網路防禦卓越中心 https://ccdcoe.org/news/2023/the-nato-ccdcoe-welcomes-new-members-iceland-ireland-japan-and-ukraine/ 以Go語言打造的Cobalt Strike衍生版本遭到濫用，被用於攻擊Mac電腦 https://www.sentinelone.com/blog/geacon-brings-cobalt-strike-capabilities-to-macos-threat-actors/ 主要目標鎖定臺灣的駭客組織Taidoor，具備經營12個惡意程式家族的開發量能 https://www.ithome.com.tw/news/156849 台達電、飛宏爆內鬼，高階主管竊取特斯拉充電樁機密投靠中國科技公司 https://www.mirrormedia.mg/story/20230509inv003/ 監守自盜並向老闆勒索，Ubiquiti開發人員被判刑6年 https://www.justice.gov/usao-sdny/pr/former-employee-technology-company-sentenced-six-years-prison-stealing-confidential 費城詢問報遭到網路攻擊，報紙暫停出刊 https://www.inquirer.com/news/philadelphia/philadelphia-inquirer-hack-cyber-disruption-20230514.html Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html Former Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case https://thehackernews.com/2023/05/former-ubiquiti-employee-gets-6-years.html Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks https://thehackernews.com/2023/05/escalating-china-taiwan-tensions-fuel.html 技術專案經理 https://www.104.com.tw/job/7xvxu?jobsource=m104 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages https://thehackernews.com/2023/05/new-phishing-as-service-platform-lets.html 外媒：MSI金鑰外洩事件將影響Intel設備生態圈 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10471 網傳簡訊「遠通電收eTag-你有一筆過路費逾期未繳費、您的eTag賬單自動扣款失敗」 https://tfc-taiwan.org.tw/articles/9161 你有密碼小本本嗎？「搞丟就完了vs.紙本反而不會被駭」　兩派人爭資安戰翻 https://www.ettoday.net/dalemon/post/66507 YouBike首度遭境外攻擊！ 2.1萬筆會員資料外流 https://news.ltn.com.tw/news/society/breakingnews/4307198 YouBike系統遭攻擊市府交通處：請民眾勿信詐騙電話及訊息 https://reurl.cc/GezlX3 成大也接恐嚇信稱引爆20顆炸彈警方查無所獲 https://news.cts.com.tw/cna/society/202305/202305182179912.html 接到「自稱誠品書局」來電　作家一個問題讓詐騙仔怒掛電話 https://www.ctwant.com/article/257520 有人在誠品網路書店買書後，接到宣傳統戰資訊的市調電話，疑中國將其用於對臺民眾進行心理戰 https://news.ltn.com.tw/news/politics/paper/1582972 日本215萬臺豐田汽車的位置資料曝光長達10年，起因是雲端服務的配置不當釀禍 https://company.toyotaconnected.co.jp/news/press/2023/0512/%E3%80%80 即時通訊軟體Discord證實資料外洩，使用第三方應用程式的用戶恐曝險 https://www.bleepingcomputer.com/news/security/discord-discloses-data-breach-after-support-agent-got-hacked/ 假電郵竊資社媒帳戶遭駭嚴重專家提3建議 https://www.worldjournal.com/wj/story/121275/7175684 網絡釣魚新攻擊！冒充HKTV Mall、OpenRice等：拆解欺騙手法＋5招防中伏 https://www.businesstimes.com.hk/articles/146430/ 傳奇駭客開嗆Kucoin！懸賞「100萬美元」找出27萬筆個資外洩，獎金僅5千 https://www.blocktempo.com/corben-leo-got-irritated-with-kucoin-1m-dollars-loophole-bounty/ 咖啡廳追殺1星客反遭群攻！他逆風挺老闆1關鍵「否則就變路易莎」 https://www.setn.com/News.aspx?NewsID=1296664 臺灣在4月上旬遭到中國駭客惡意郵件、惡意軟體攻擊爆增 https://www.trellix.com/en-us/about/newsroom/stories/research/china-taiwan-tensions-spark-surge-in-cyberattacks-on-taiwan.html 地下市集兜售的事件記錄資料激增670% https://www.secureworks.com/research/the-growing-threat-from-infostealers 統聯客運傳出資料外洩，關閉網站及App訂票功能 https://www.setn.com/News.aspx?NewsID=1295437 以色列駭客假借公司併購名義，針對跨國企業發動商業郵件詐騙攻擊 https://abnormalsecurity.com/resources/exploring-rise-of-israel-based-bec-attacks E.研究報告/工具 Google 新推出域名 .zip 和 .mov！但為何遭到資安專家反對 https://www.inside.com.tw/article/31685-google-pushes-zip-and-mov-domains-onto-the-internet 部署於Azure的VM遭到鎖定，駭客濫用主控臺植入遠端管理工具進行控制 https://www.mandiant.com/resources/blog/sim-swapping-abuse-azure-serial Solving Your Teams Secure Collaboration Challenges https://thehackernews.com/2023/05/solving-your-teams-secure-collaboration.html Why High Tech Companies Struggle with SaaS Security https://thehackernews.com/2023/05/why-high-tech-companies-struggle-with.html How to Reduce Exposure on the Manufacturing Attack Surface https://thehackernews.com/2023/05/how-to-reduce-exposure-on-manufacturing.html Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight? https://thehackernews.com/2023/05/dr-active-directory-vs-mr-exposed.html F.商業 Cyolo Product Overview: Secure Remote Access to All Environments https://thehackernews.com/2023/05/cyolo-product-overview-secure-remote.html Identifying a Patch Management Solution: Overview of Key Criteria https://thehackernews.com/2023/05/identifying-patch-management-solution.html 叡揚建構資安意識安全達人養成計劃熱門 https://wantrich.chinatimes.com/news/20230519900119-420101 微軟雲端儲存將自動解開掃描受密碼保護的壓縮檔案以免暗藏惡意程式 https://reurl.cc/o0NqLq 四大關鍵雲端科技，助多元產業數位轉型、增強韌性體質 Google Cloud 人工智慧技術力助產業開創商機 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/5FA3E8952766441EAA20CCBD3A38EB35 零壹深耕資安營運帶勁 https://udn.com/news/story/7253/7172404 孚朗公司代理資料抹除軟體品牌Blancco https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10475 Google Cloud導入AI，助攻台企四產業轉型！再端AI資安新技術建防護網 https://www.bnext.com.tw/article/75307/googlecloud-10years-ai-security Zyxel發表一款專為小型企業及遠端辦公需求的資安路由器 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000663397_7P22CJ68L5F0MG65YJQHO&cat=60 OpenSSF獲微軟、Google挹注500萬美元強化開源軟體安全 https://openssf.org/press-release/2023/05/10/openssf-welcomes-new-members-veteran-cybersecurity-expert-as-general-manager-and-new-funding/ 惡意軟體分析平臺VirusTotal為AI分析機制提供更多指令碼的支援 https://www.bleepingcomputer.com/news/security/virustotal-ai-code-analysis-expands-windows-linux-script-support/ Google宣布旗下服務的新安全及隱私保護功能 https://blog.google/technology/safety-security/online-safety-features-updates-google-io-2023/ 為強化使用者隱私保護，瀏覽器業者Brave推出Forgetful Browsing，目的是清除第一方的Cookie資料 https://brave.com/privacy-updates/25-forgetful-browsing/ G.政府總統盼臺灣資安能量助產業數位轉型之路更順利 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10459 強化關鍵通資基礎設施防護力確保國安 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1587409&type=universal 荷蘭投資局來訪交流資安商機 https://www.chinatimes.com/newspapers/20230519000315-260208?chdtv 台印度資安專家研討會聚焦AI運用防禦能力 https://www.cna.com.tw/news/ait/202305190303.aspx 基隆關籲請報關業者依「報關業個人資料檔案安全維護管理辦法」強化個人資料保護 https://www.mof.gov.tw/singlehtml/384fb3077bb349ea973e7fc6f13b6974?cntId=8a7360b8681e47c496b664b3f79afd82 台南官兵「裸上身、吃檳榔」拍照傳網惹議　單位將加強資安督管 https://enn.tw/?p=399919 阿共打來怎麼辦？「點麵線」部長唐鳳終於醒過來了 https://www.gvm.com.tw/article/102748 財政部電子發票平臺企業帳號竟採用共通的預設密碼，恐曝露上市櫃公司營業資料 http://www.peoplenews.tw/articles/27c82e35c1 立法院三讀通過個資法修正條文，明訂主管機關、非公務機關個資外洩最高可罰1,500萬元 https://www.cna.com.tw/news/aipl/202305160037.aspx H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance https://thehackernews.com/2023/05/netgear-routers-flaws-expose-users-to.html 工控大廠ABB遭勒索軟體攻擊，嚴重影響業務運作 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10469 TXOne Networks聚焦智慧工廠、車廠、藥廠三大關鍵場域，提供OT資安新思維 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10460 Claroty四大特色獨步市場提升醫院防護力 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10463 駭客兜售能源組織的工控與OT系統的初始存取管道 https://25608397.fs1.hubspotusercontent-eu1.net/hubfs/25608397/Report-Dark-Web-Threats-Against-The-Energy-Industry.pdf Teltonika Networks工控LTE路由器存在漏洞，若不修補恐成為駭客入侵企業的管道 https://www.securityweek.com/teltonika-vulnerabilities-could-expose-thousands-of-industrial-orgs-to-remote-attacks/ Belkin旗下的Wemo智慧電源插頭出現記憶體緩衝區溢位漏洞，可被用於命令注入攻擊 https://sternumiot.com/iot-blog/mini-smart-plug-v2-vulnerability-buffer-overflow/ 研華串行設備伺服器存在漏洞，可被用於命令注入攻擊、導致記憶體溢位 https://cyberdanube.com/en/multiple-vulnerabilities-in-advantech-eki-15xx-series/ 工業自動化業者Rockwell Automation修補旗下產品重大漏洞 https://www.securityweek.com/organizations-informed-of-over-a-dozen-vulnerabilities-in-rockwell-automation-products/ 為防範使用AI過程可能曝露智慧財產或是機密，Cloudflare提供相關保護措施 https://blog.cloudflare.com/introducing-constellation/ 臺科大資工系教授呼籲使用開源5G新風險，得小心駭客打造惡意基地臺發送偽造簡訊 https://www.ithome.com.tw/news/156879 Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks https://thehackernews.com/2023/05/industrial-cellular-routers-at-risk-11.html Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs https://thehackernews.com/2023/05/serious-unpatched-vulnerability.html 歐盟外交機關遭到中國駭客鎖定，在TP-Link路由器植入惡意程式 https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/ China's Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks https://thehackernews.com/2023/05/chinas-mustang-panda-hackers-exploit-tp.html Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts https://thehackernews.com/2023/05/inside-qilin-ransomware-affiliates-take.html How to Reduce Exposure on the Manufacturing Attack Surface https://thehackernews.com/2023/05/how-to-reduce-exposure-on-manufacturing.html I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 6.近期資安活動及研討會 Taipei dbt Meetup #11 (in-person 👫 & online 👨‍�2023/5/24 https://www.meetup.com/taipei-dbt-meetup/events/292891149/ Elixir meetup �2023/5/24 https://www.meetup.com/elixirtw-taipei/events/293147308/ 資安五四三 2023/5/25 （線上14:00 - 15:30） https://csa.kktix.cc/events/202305-543 鏈三上雲：資安解析峰會掌握Web 3資安動向，開啟鏈雲新模式 2023/5/25 https://www.accupass.com/event/2304120730519814020340 《區塊鏈初階課程》平日班 2023/5/25~2023/5/26 https://www.accupass.com/event/2304100300531686137286 3小時帶你了解AWS雲端服務與優勢 2023/5/26 https://www.uuu.com.tw/Public/content/edm/20230526_AWSDiscoveryDay_BC.htm 《區塊鏈初階課程》假日班 2023/5/27~2023/5/28 https://www.accupass.com/event/2304100341503819251900 大型語言模型時代下，建置解決方案該有的姿勢/知識 (Building solutions with LLMs) 2023/5/29 https://www.meetup.com/rladies-taipei/events/293170581/ 5月台北例會_美國聯邦政府的供應鏈資安管理－以CMMC為例 (採線上舉辦) 2023/5/30 https://www.caa.org.tw/newsdetail-16263.html 台灣數位創新領航論壇 Taiwan Digital Innovation Navigation Forum 2023/5/30 https://www.accupass.com/event/2304240303341594373938 Azure AI 基礎知識 2023/5/31 https://mktoevents.com/Microsoft+Event/393899/157-GQE-382?wt.mc_id=AID3058385_QSG_EML_640902&wt.mc_id=AID3058380_EML_8317669 【Monosparta】②⓪②③ 第二梯次軟體開發實戰訓練營➠線上說明會 2023/5/31 ~ 2023/6/28 https://trunk-studio.kktix.cc/events/monosparta-202307 資安分析新手村：掌握網路封包分析技術（線上課程） 2023/6/13 https://forms.gle/msePzws5GtcDunrc7 資安分析新手村：掌握網路封包分析技術（實體課程）2023/6/14 https://forms.gle/mtpZNPCpTVyv97Dr9 黑客視角：網站漏洞挖掘與防禦 ( 線上課程) 2023/6/27 https://forms.gle/JpThJxMgxZd3uNh39 黑客視角：網站漏洞挖掘與防禦 ( 實體課程) 2023/6/28 https://forms.gle/qQAqx8KZzzntSyLd9 COSCUP 2023 2023/07/29 ~ 2023/07/30 https://coscup.org/2023/zh-TW/landing InfoSec Taiwan 2023 國際資安大會 2023/8/1 ~ 2023/8/3 https://csa.kktix.cc/events/infosectaiwan2023 DEF CON 32 2023/8/10 ~ 2023/8/13 https://defcon.org/index.html HITCON CMT 2023 2023/08/18 ~ 2023/08/19 https://hitcon.org/2023/CMT/ PyCon TW 2023 2023/9/2 ~ 2023/9/3 https://tw.pycon.org/2023/zh-hant/registration/tickets Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023