資安事件新聞週報 2023/3/13 ~ 2023/3/17

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/3/13 ~ 2023/3/17 1.重大弱點漏洞/後門/Exploit/Zero Day Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-074a https://www.cisa.gov/news-events/analysis-reports/ar23-074a Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency https://thehackernews.com/2023/03/multiple-hacker-groups-exploit-3-year.html 美國聯邦機構遭到駭客利用跨平臺應用程式框架Progress Telerik漏洞入侵 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-074a Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities https://thehackernews.com/2023/03/fortinet-fortios-flaw-exploited-in.html Fortinet 發布多個產品的安全公告 https://www.cisa.gov/news-events/alerts/2023/03/09/fortinet-releases-march-2023-vulnerability-advisories Fortinet 近日發布更新以解決 FortiOS 和 FortiProxy 的安全性弱點 https://www.fortiguard.com/psirt/FG-IR-23-001 Fortinet零時差漏洞傳出遭到中國駭客利用 https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem Cisco 發布多個產品的安全公告 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-csrfv-DMx6KSwV Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack https://thehackernews.com/2023/03/microsoft-rolls-out-patches-for-80-new.html Microsoft Outlook權限提升安全性漏洞CVE-2023-23397防護策略 https://success.trendmicro.com/dcx/s/solution/000292525?language=en_US Microsoft Outlook Elevation of Privilege Vulnerability CVE-2023-23397 安全漏洞 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397 CVE-2023-23397 script https://github.com/microsoft/CSS-Exchange/blob/a4c096e8b6e6eddeba2f42910f165681ed64adf7/docs/Security/CVE-2023-23397.md CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild https://thehackernews.com/2023/03/cisa-issues-urgent-warning-adobe.html Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips https://thehackernews.com/2023/03/google-uncovers-18-severe-security.html Mozilla發布Firefox 111，修補7個高風險漏洞 https://www.securityweek.com/mozilla-patches-high-severity-vulnerabilities-with-release-of-firefox-111/ SAP發布3月例行更新，修補5個重大漏洞 https://www.bleepingcomputer.com/news/security/sap-releases-security-updates-fixing-five-critical-vulnerabilities/ 美國警告VMware Cloud Foundation重大漏洞已出現攻擊行動 https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-vmware-rce-flaw-exploited-in-attacks/ 美國針對網路電視Plex多媒體伺服器漏洞提出警告，傳出可能是駭客用於入侵LastPass工程師的管道 https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-plex-bug-after-lastpass-breach/ 美國政府採用的對抗量子運算的加密演算法出現漏洞 https://eprint.iacr.org/2022/1713 密碼管理器Bitwarden出現漏洞，攻擊者有機會藉由iframe竊取密碼 https://flashpoint.io/blog/bitwarden-password-pilfering/ 威聯通啟動漏洞獎勵計畫 https://www.qnap.com/zh-tw/news/2023/qnap-%E5%95%9F%E5%8B%95%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E%E7%8D%8E%E5%8B%B5%E8%A8%88%E7%95%AB-%E7%A9%8D%E6%A5%B5%E5%AE%88%E8%AD%B7%E8%B3%87%E5%AE%89%E7%A2%BA%E4%BF%9D%E7%B6%B2%E8%B7%AF%E5%AE%89%E5%85%A8 2.銀行/金融/保險/證券/金融監理新聞及資安澳洲金融業者Latitude遭到網路攻擊，用戶個資外洩 https://latitudefs.zendesk.com/hc/en-au/articles/13777669694225-Latitude-Cyber-Incident-Update 集保結算所成立數位暨資安部力求數位創新與資安韌性再進化 https://udn.com/news/story/7239/7029607 金管會提醒企業重視資安風險管理適時評估投保資安保險 https://reurl.cc/zA1vN0 國泰金攜調查局建資安防護網 https://money.udn.com/money/story/5613/6996955 公股董總開會資安兵棋推演 https://www.chinatimes.com/newspapers/20230310000187-260202?chdtv 中國駭客鎖定台金融機構，持續以釣魚信件攻擊 https://technews.tw/2023/03/16/teamt5-phishing-from-china/ 金融科技成強勢新顯學　台灣卻潛藏資安風險？立委鍾佳濱：參考GDPR更新《個資法》 https://today.line.me/tw/v2/article/EXL3DnY 農業金庫推個人網銀預計6月底獲資安國際認證 https://reurl.cc/Y8E28D 擔心銀行帳戶一夕被搬空嗎？金管會4月起有新解方 https://udn.com/news/story/7239/7029088 3.信用卡/電子支付/行動支付/pay/支付系統/資安電支嵌入第三方App 條件鬆綁 https://money.udn.com/money/story/5613/7029338 台灣好行路線全面開通行動支付功能旅客將享便捷乘車體驗 https://n.yam.com/Article/20230317464988 快被金管會納管了！LINE Pay、熊貓外送代收付款破10億 https://udn.com/news/story/7239/7036632 日新版勞基法「數位支付薪資」新制 4 月上路，日經：恐無企業準時適法 https://www.inside.com.tw/article/30998-Japan%20labor%20salary%20digital%20pay 手機變成刷卡機，聯合信用卡中心推商店全新收款體驗 https://technews.tw/2023/03/17/mobile-phone-becomes-credit-card-machine/ 三星強強聯手對戰Apple Pay https://ctee.com.tw/news/global/812761.html 電子支付大調查 2要素成圈粉關鍵 https://reurl.cc/6Nv1Qr 印星連結電子支付平台莫迪預期將成主流交易模式 https://reurl.cc/XLGdqe Visa：8成行動支付使用者「週週用」回饋率是關鍵 https://ec.ltn.com.tw/article/breakingnews/4235983 港鐵新款閘機面世　兼容多項電子支付　今年底引入信用卡付款 https://www.hk01.com/article/877219?utm_source=01articlecopy&utm_medium=referral Mercedes-Benz推出Mercedes Pay+，首度將汽車變成電子支付設備 https://www.carstuff.com.tw/car-news/item/37719-mercedes-benz-mercedes-pay.html Apple Pay 進北捷有譜！內部資料曝 2026開放 https://www.inside.com.tw/article/31028-Apple-Pay-Taipei-MRT-2026 Samsung Pay、Naver Pay結盟防堵Apple Pay登陸韓國 https://ctee.com.tw/livenews/gj/ctee/A98641002023022122291244 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme https://thehackernews.com/2023/03/authorities-shut-down-chipmixer.html Euler駭客攻擊事件受損金額約為1.97億美元 https://news.cnyes.com/news/id/5116273 NFT市集OpenSea出現跨網站搜尋漏洞 https://www.imperva.com/blog/deanonymizing-opensea-nft-owners-via-xs-leaks-vulnerability/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 威脅全球400多家銀行的網銀木馬，可完整執行詐欺鏈 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10368 資安專家遭駭侵者於 LinkedIn 鎖定發動惡意軟體植入攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10365 Webshell 網站指令列惡意程式22年偵測數量最多 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10371 歐盟遭到俄羅斯駭客攻擊，利用波蘭外交使者行程做為幌子，並藉由歐盟檔案交換系統散布惡意程式 https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine 卡巴斯基提供勒索軟體Conti變種「MeowCorp」解密工具 https://www.ithome.com.tw/news/155986 沒有加密檔案的勒索！勒索軟體「變臉」改變索討贖金的策略 https://redacted.com/blog/bianlian-ransomware-gang-continues-to-evolve/ 860個關鍵基礎設施在2022年遭到勒索軟體攻擊 http://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf 文具用品批發商Essendant營運中斷傳出是遭到勒索軟體攻擊，但遭到否認 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-claims-essendant-attack-company-says-network-outage-/ Staples旗下文具用品公司Essendant業務中斷，起因可能是遭遇網路攻擊 https://www.bleepingcomputer.com/news/security/staples-owned-essendant-facing-multi-day-outage-orders-frozen/ AI產生的YouTube影片被用於散布竊密軟體 https://cloudsek.com/blog/threat-actors-abuse-ai-generated-youtube-videos-to-spread-stealer-malware 衛星網路SpaceX零件製造商傳出遭到勒索軟體LockBit入侵 https://www.theregister.com/2023/03/13/lockbit_spacex_ransomware/ LockBit駭客宣稱駭得SpaceX產品設計藍圖，威脅馬斯克贖回 https://www.ithome.com.tw/news/155985 Amazon旗下的居家安全業者Ring傳出遭勒索軟體攻擊 https://gizmodo.com/amazon-ring-ransomware-gang-claims-hack-1850223835 資安業者揭露支付贖金助長勒索軟體攻擊的態勢，駭客得到的資金可發動9次攻擊 https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/understanding-ransomware-using-data-science 北韓駭客Lazarus利用含有弱點的簽章應用程式發動攻擊 https://thehackernews.com/2023/03/lazarus-group-exploits-zero-day.html 殭屍網路病毒Prometei入侵1萬個系統 https://blog.talosintelligence.com/prometei-botnet-improves/ 檔案共享系統GoAnywhere零時差漏洞已被勒索軟體Clop用於攻擊行動 https://www.bleepingcomputer.com/news/security/clop-ransomware-gang-begins-extorting-goanywhere-zero-day-victims/ 針對2020年勒索軟體事故，雲端服務業者Blackbaud支付300萬美元罰款 https://www.bleepingcomputer.com/news/security/blackbaud-to-pay-3m-for-misleading-ransomware-attack-disclosure/ 針對惡意軟體濫用OneNote散布的事件頻傳，微軟打算加強防護措施 https://www.bleepingcomputer.com/news/microsoft/microsoft-onenote-to-get-enhanced-security-after-recent-malware-abuse/ 以色列大學傳出遭到伊朗駭客發動勒索軟體攻擊 https://therecord.media/israel-technion-ransomware-attack-iran-darkbit-muddywater Nevada Ransomware: Yet Another Nokayawa Variant https://www.zscaler.com/blogs/security-research/nevada-ransomware-yet-another-nokayawa-variant Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities https://research.checkpoint.com/2023/pandas-with-a-soul-chinese-espionage-attacks-against-southeast-asian-government-entities/ Stealing the LIGHTSHOW — North Korea's UNC2970 https://www.mandiant.com/resources/blog/lightshow-north-korea-unc2970 https://www.mandiant.com/resources/blog/lightshift-and-lightshow Xenomorph v3: a new variant with ATS targeting more than 400 institutions https://www.threatfabric.com/blogs/xenomorph-v3-new-variant-with-ats.html 惡意軟體Emotet再度死灰復燃、QSnatch攻擊在2022躍居首位 https://www.akamai.com/blog/security/a-deep-dive-on-malicious-dns-traffic Emotet Again! The First Malspam Wave of 2023 https://www.deepinstinct.com/blog/emotet-again-the-first-malspam-wave-of-2023 https://github.com/deepinstinct/Emotet-IOCs/blob/main/DLLs.txt Emotet Returns, Now Adopts Binary Padding for Evasion https://www.trendmicro.com/en_us/research/23/c/emotet-returns-now-adopts-binary-padding-for-evasion.html DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection https://www.deepinstinct.com/blog/ducktail-threat-operation-re-emerges-with-new-lnk-powershell-and-other-custom-tactics-to-avoid-detection https://github.com/deepinstinct/DuckTail_IOCs/blob/main/Archives.txt https://github.com/deepinstinct/DuckTail_IOCs/blob/main/LNK.txt https://github.com/deepinstinct/DuckTail_IOCs/blob/main/URLs.txt Bee-Ware of Trigona, An Emerging Ransomware Strain https://unit42.paloaltonetworks.com/trigona-ransomware-update/ Winter Vivern | Uncovering a Wave of Global Espionage https://www.sentinelone.com/labs/winter-vivern-uncovering-a-wave-of-global-espionage/ MySQL、phpMyAdmin、Postgres系統遭到惡意軟體GoBruteforcer鎖定 https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/ GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/ AsynRAT Trojan - Bill Payment (Pago de la factura) https://isc.sans.edu/diary/rss/29626 CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking https://www.sentinelone.com/blog/decrypting-catb-ransomware-analyzing-their-latest-attack-methods/ The slow Tick-ing time bomb: Tick APT group compromise of a DLP software developer in East Asia https://www.welivesecurity.com/2023/03/14/slow-ticking-time-bomb-tick-apt-group-dlp-software-developer-east-asia/ Incoming Silicon Valley Bank Related Scams https://isc.sans.edu/diary/rss/29630 https://github.com/DomainTools/SecuritySnacks/blob/main/2023/SVB-Related-Domains/SVB-Related-Domains.csv BatLoader Continues to Abuse Google Search Ads https://www.esentire.com/blog/batloader-continues-to-abuse-google-search-ads-to-deliver-vidar-stealer-and-ursnif CHM Malware Disguised as North Korea-related Questionnaire (Kimsuky) https://asec.ahnlab.com/en/49295/ South Korean Android Banking Menace – FakeCalls https://research.checkpoint.com/2023/south-korean-android-banking-menace-fakecalls/ Pandora analysis (Ilnas-04570323.exe) - malicious files included in an email https://www.circl.lu/doc/misp/feed-osint/abc51826-68fd-4cef-9a06-86ec17e66ef1.json New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide https://thehackernews.com/2023/03/new-version-of-prometei-botnet-infects.html China-linked Hackers Targeting Unpatched SonicWall SMA Devices with Malware https://thehackernews.com/2023/03/china-linked-hackers-targeting.html International Law Enforcement Takes Down Infamous NetWire Cross-Platform RAT https://thehackernews.com/2023/03/international-law-enforcement-takes.html 歐美媒體與科技業者的資安人員遭到北韓駭客UNC2970鎖定 https://thehackernews.com/2023/03/north-korean-unc2970-hackers-expands.html North Korean UNC2970 Hackers Expands Operations with New Malware Families https://thehackernews.com/2023/03/north-korean-unc2970-hackers-expands.html Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware https://thehackernews.com/2023/03/hackers-exploiting-remote-desktop.html IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks https://thehackernews.com/2023/03/icefire-linux-ransomware.html Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian Targets https://thehackernews.com/2023/03/kamikakabot-malware-used-in-latest-dark.html BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html The Prolificacy of LockBit Ransomware https://thehackernews.com/2023/03/the-prolificacy-of-lockbit-ransomware.html Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant https://thehackernews.com/2023/03/xenomorph-android-banking-trojan.html Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware https://thehackernews.com/2023/03/lookalike-telegram-and-whatsapp.html Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection https://thehackernews.com/2023/03/chinese-and-russian-hackers-using.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom https://thehackernews.com/2023/03/researchers-uncover-over-dozen-security.html Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising https://thehackernews.com/2023/03/fake-chatgpt-chrome-extension-hijacking.html TikTok洗腦還藏資安風險　一文看哪些國家已禁用 https://www.taisounds.com/Global/Top-News/All/uid6971119739 抖音資安爭議連環爆，台灣政府卻慢半拍！資安專家：僅有行政院禁用完全不夠 https://www.businesstoday.com.tw/article/category/183025/post/202303160023/ 三星Exynos晶片出現重大RCE漏洞，波及三星、Google、Vivo手機 https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力資安不設防…從公部門到民間駭客駭一輪 https://sdgs.udn.com/sdgs/story/123433/7037214 Akamai亞太客戶遭到大規模DDoS攻擊 https://www.akamai.com/blog/security/record-breaking-ddos-in-apac 電玩遊戲浩劫殺陣2的開發商遭到俄羅斯駭客攻擊 https://www.bleepingcomputer.com/news/security/stalker-2-game-developer-hacked-by-russian-hacktivists-data-stolen/ 2022年網路攻擊增加近4成，教育、研究單位是首要目標 https://www.checkpoint.com/press-releases/check-point-software-releases-its-2023-security-report-highlighting-rise-in-cyberattacks-and-disruptive-malware/ 英國大型寄宿學校Wymondham證實遭遇網路攻擊 https://therecord.media/wymondham-college-cyberattack-uk-boarding-school 國光客運傳出遭到網路攻擊，波及旅客訂票，迄今網站仍停擺 https://news.ltn.com.tw/news/life/breakingnews/4240505 智原發生網路資安事件受影響系統已回復運作 https://www.cna.com.tw/news/afe/202303160349.aspx Google稱中國隱性網絡攻擊衝擊美國政府和私人網絡 https://reurl.cc/qkV7QN 南亞政府機關遭到駭客組織Dark Pink鎖定 https://blog.eclecticiq.com/dark-pink-apt-group-strikes-government-entities-in-south-asian-countries Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects https://thehackernews.com/2023/03/large-scale-cyber-attack-hijacks-east.html Kubernetes叢集被用於挖礦，但駭客更換挖掘的數位貨幣為Dero https://www.crowdstrike.com/blog/crowdstrike-discovers-first-ever-dero-cryptojacking-campaign-targeting-kubernetes/ New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining https://thehackernews.com/2023/03/new-cryptojacking-operation-targeting.html Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration https://thehackernews.com/2023/03/cryptojacking-group-teamtnt-suspected.html 東亞資料外洩防護業者遭到駭客組織Tick鎖定 https://www.welivesecurity.com/2023/03/14/slow-ticking-time-bomb-tick-apt-group-dlp-software-developer-east-asia/ Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company https://thehackernews.com/2023/03/tick-apt-targeted-high-value-customers.html A New Security Category Addresses Web-borne Threats https://thehackernews.com/2023/03/a-new-security-category-addresses-web.html Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials https://thehackernews.com/2023/03/winter-vivern-apt-group-targeting.html 為促成更多女性參與資安工作，美國CISA與非營利組織WiCyS簽署合作備忘錄 https://www.cisa.gov/news-events/news/cisa-and-women-cybersecurity-strengthen-partnership-bridge-gender-gap-cyber-and-tech 公股銀行搶資安人才祭7萬高薪 https://reurl.cc/eXzeOb 這2家公股銀行開缺！將招募逾400人起薪上看5.9萬 https://reurl.cc/qkVxZE D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily https://thehackernews.com/2023/03/microsoft-warns-of-large-scale-use-of.html 獨立國家國協、大使館、歐盟醫療機構遭到YoroTrooper攻擊行動鎖定 https://blog.talosintelligence.com/yorotrooper-espionage-campaign-cis-turkey-europe/ YoroTrooper Stealing Credentials and Information from Government and Energy Organizations https://thehackernews.com/2023/03/yorotrooper-stealing-credentials-and.htm 宏碁 160 GB 敏感資料正在暗網銷售 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10362 求償難民眾提升資安意識自保 https://sdgs.udn.com/sdgs/story/123433/7037177 假蝦皮真詐騙業者︰與蝦皮資安無關 https://ec.ltn.com.tw/article/paper/1572478 駭入知名電商網站詐騙老梗得逞二百多萬老本飛了 https://reurl.cc/a1qO2Z 網傳「ChatGPT VIP試用服務，月付199打賞訂閱」 https://tfc-taiwan.org.tw/articles/8898 資安威脅層出不窮…逾6成企業遠距辦公遭外洩 https://ctee.com.tw/news/tech/826834.html 居家辦公演變為隨處辦公，三分之二企業因遠距工作員工面臨資料外洩風險 https://www.fortinet.com/blog/industry-trends/work-from-anywhere-global-study-2023-highlights 美國法警局資料流入駭客論壇 https://www.bleepingcomputer.com/news/security/hacker-selling-data-allegedly-stolen-in-us-marshals-service-hack/ 美國醫療照護業者ILS疑420萬人資料外洩 https://www.bleepingcomputer.com/news/security/healthcare-provider-ils-warns-42-million-people-of-data-breach/ 駭客鎖定美國矽谷銀行倒閉相關議題，進行網釣攻擊 https://blog.cyble.com/2023/03/14/svb-collapse-triggers-heightened-cybersecurity-concerns/ 資料安全保護廠商Rubrik證實資料外洩，起因是遭到GoAnywhere零時差漏洞攻擊 https://www.rubrik.com/blog/company/23/3/fortra-goanywhere 柬埔寨總理韓森傳出Telegram帳號被盜，指控攻擊IP位址來自臺灣，刑事警察局表示很可能是被當作VPN跳板 https://www.cib.npa.gov.tw/ch/app/news/view?module=news&id=1886&serno=067c5129-551d-4a11-aef9-35725111479d 駭客組織DEV-1101發動大規模AiTM網釣攻擊 https://www.microsoft.com/en-us/security/blog/2023/03/13/dev-1101-enables-high-volume-aitm-campaigns-with-open-source-phishing-kit/ 洛杉磯市房屋管理局1月發生勒索軟體攻擊事故，證實民眾資料外洩 https://www.hacla.org/sites/default/files/Documents/HACLA%20-%20Website%20Notice%20-%20English%20Final.pdf 醫療設備大廠Zoll Medical資料外洩，影響100萬人 https://www.ithome.com.tw/news/155923 醫療照護業者Cerebral證實318萬用戶資料可能外洩 http://cerebral.com/static/hippa_privacy_breach-4000c6eb21449c2ecd8bd13706750cc2.pdf 荷蘭養老院遭勒索軟體Qilin攻擊，醫護人士的護照遭竊 https://www.security.nl/posting/788375/Ransomwaregroep+publiceert+paspoorten+artsen+Gelderse+oudereninstelling 伊朗駭客假冒大西洋理事會人員攻擊人權鬥士 https://www.secureworks.com/blog/cobalt-illusion-masquerades-as-atlantic-council-employee 資安業者Acronis傳出資料外洩，該公司表示流出的資料為單一客戶所有 https://www.securityweek.com/acronis-clarifies-hack-impact-following-data-leak/ BMW義大利網站洩露網頁應用系統的開發資料 https://cybernews.com/security/bmw-exposes-italy-clients/ E.研究報告/工具 When Partial Protection is Zero Protection: The MFA Blind Spots No One Talks About https://thehackernews.com/2023/03/when-partial-protection-is-zero.html How to Apply NIST Principles to SaaS in 2023 https://thehackernews.com/2023/03/how-to-apply-nist-principles-to-saas-in.html The Different Methods and Stages of Penetration Testing https://thehackernews.com/2023/03/the-different-methods-and-stages-of.html 5 Crucial Things to Know About GPT-4 https://medium.com/the-generator/5-crucial-things-to-know-about-gpt-4-53628dc7da8e 層出不窮的風險，未來資安的安全趨勢 https://www.digiknow.com.tw/knowledge/640e7a537f87a 以紅隊演練找出資安漏洞、看《工作細胞》學資安分工、用雲端災難備援，這樣抵禦駭客的效果可以有多棒 https://buzzorange.com/techorange/2023/03/16/2023-cybersecurity-immune-system-2/ 研究人員揭露Outlook零時差漏洞的概念性驗證手法，說明極為容易用於攻擊 https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/ Kali Linux發布10週年版本，著眼防禦安全領域 https://www.kali.org/blog/kali-linux-2023-1-release/ F.商業增強企業數位身份保護能力的新利器－ITDR https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10361 上市櫃公司間約有 2-3%採購紅隊演練，「真實性」成資安檢測重點 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10367 Check Point Software: 高達48%的EMAIL夾帶惡意檔案以微軟office檔案佯裝 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10358 Aruba 分析新世代網路六大趨勢帶動數位韌性再升級 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10357 G.政府追查10萬高階圖檔遭駭檢質疑故宮遲未報案 https://www.worldjournal.com/wj/story/121221/7035061 故宮博物院館藏的數位圖檔傳出遭到中國盜賣，起因是將檔案存放在對外提供服務的伺服器 https://www.npm.gov.tw/News-Content.aspx?sno=04013271&l=1&idstr=MDEwMDAwMDE= 臺灣個資外洩頻傳，消基會提個資修法三大建議 https://www.ithome.com.tw/news/155951 擋複合攻擊國營事業準備好了嗎 https://sdgs.udn.com/sdgs/story/123433/7037185?from=udn-breaknews_ch1010 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 What's Wrong with Manufacturing https://thehackernews.com/2023/03/whats-wrong-with-manufacturing.html 2024年RED強制資安規範上路立德國際協助搶攻歐盟物聯網供應鏈 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000659370_9FP2XRKH86ICFTLF77L01 9成家用監控鏡頭有網絡安全隱患！易被駭客入侵、私隱影片外洩！邊款係唯一推薦？邊款問題最嚴重 https://www.etnet.com.hk/mobile/tc/lifestyle/officetips/workgossip/83490 針對俄羅斯的工控系統攻擊2022下半大幅增加，駭客主要鎖定內容管理系統Bitrix的漏洞下手 https://ics-cert.kaspersky.com/publications/reports/2023/03/06/threat-landscape-for-industrial-automation-systems-statistics-for-h2-2022/ 西門子、施耐德電機發布3月份例行更新，修補超過100個漏洞 https://www.securityweek.com/ics-patch-tuesday-siemens-schneider-electric-address-over-100-vulnerabilities/ 無人機資安聯合驗測實驗室正式成立 https://www.ithome.com.tw/news/155897 中國Akuvox智慧門鈴存在漏洞，可被用於控制攝影機或打開門鎖 https://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms 2024年RED強制資安規範上路立德國際協助搶攻歐盟物聯網供應鏈 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000659370_9FP2XRKH86ICFTLF77L01 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 [Python 入門] 線上 2023/03 月份 2023/3/18 https://www.meetup.com/pyladiestw/events/291843185/ 一鍵完成設備部署、資安、合規的實作秘笈-三月場 | In Taipei Apple Office（商務場）2023/3/23 https://jamf.kktix.cc/events/onetouch2303 AWS TechFest資安攻防入門實戰營 2023/3/23 https://reurl.cc/NqQve9 落實企業資安防護，強化企業營運韌性＿資安研討會 2023/3/23 https://www.accupass.com/event/2302060303531883855085 用Immersive Open Web 創造您自己的3D世界. 2023/3/23 https://www.meetup.com/hubs-creators-meetup/events/291532452/ 2022 OT 工控資安年會-活動報名 2023/3/24 https://reurl.cc/5Mq327 網路自由小聚 [3月] X-Road vs T-Road 2023/3/29 https://ocftw.kktix.cc/events/internetfreedom-mar2023 珈特科技_APPLE資安研討會 2023/3/29 https://gettechnology.kktix.cc/events/1c9146ab 次世代 IT 管理啓動雲端旅程 2023/3/30 此活動為線上活動 https://www.accupass.com/event/2302030247499784123840 iPAS-「初級」資訊安全工程師-能力研習衝刺班 2023/4/15、4/22 https://www.cisanet.org.tw/Course/Detail/3948 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013