資安事件新聞週報 2022/12/5 ~ 2022/12/9

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2022/12/5 ~ 2022/12/9 1.重大弱點漏洞/後門/Exploit/Zero Day F5、Zyxel、D-Link設備遭殭屍網路Zerobot鎖定，利用21個漏洞入侵 https://www.fortinet.com/blog/threat-research/zerobot-new-go-based-botnet-campaign-targets-multiple-vulnerabilities CISA公布已知利用漏洞清單滿一年，有近860個漏洞入列，近期新增5個古老漏洞 https://www.ithome.com.tw/news/154595 FreeBSD使用的Ping軟體元件出現嚴重漏洞，駭客恐能遠端挾持具有該弱點的FreeBSD系統 https://thehackernews.com/2022/12/critical-ping-vulnerability-allows.html Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems https://thehackernews.com/2022/12/critical-ping-vulnerability-allows.html Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability https://thehackernews.com/2022/12/google-rolls-out-new-chrome-browser.html Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers https://thehackernews.com/2022/12/hackers-exploiting-redis-vulnerability.html 網頁瀏覽器IE的零時差漏洞迄今仍是國家級駭客利用的對象 https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/ Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers https://thehackernews.com/2022/12/google-warns-of-internet-explorer-zero.html Google修補今年第9個Chrome零時差漏洞 https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html Google為Chrome 108修補零時差漏洞 https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html NPM提供更精細的權限管理，以強化套件生態安全 https://www.ithome.com.tw/news/154615 Sophos修補防火牆任意程式碼執行漏洞 https://www.securityweek.com/several-code-execution-vulnerabilities-patched-sophos-firewall IBM Cloud的PostgreSQL資料庫服務出現漏洞，可被用於未經授權的存取 https://www.wiz.io/blog/hells-keychain-supply-chain-attack-in-ibm-cloud-databases-for-postgresql 雲端服務業者Rackspace代管的數千臺Exchange伺服器中斷運作，起因疑為重大漏洞ProxyNotShell https://www.bleepingcomputer.com/news/technology/rackspace-ongoing-exchange-outage-caused-by-security-incident/ Linux的Snapd競爭條件漏洞有可能與舊漏洞串連，讓攻擊者取得root權限 https://blog.qualys.com/vulnerabilities-threat-research/2022/11/30/race-condition-in-snap-confines-must_mkdir_and_open_with_perms-cve-2022-3328 Intel的資料中心管理主控臺存在身分驗證漏洞 https://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-cve-2022-33942/ 72% 組織電腦系統仍含有 Log4Shell 漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10229 2.銀行/金融/保險/證券/支付系統/金融監理新聞及資安俄羅斯大型金融機構VTB遭到DDoS攻擊 https://www.bleepingcomputer.com/news/security/massive-ddos-attack-takes-russia-s-second-largest-bank-vtb-offline/ 蔡英文指示強化金融韌性金管會將射四箭因應 https://news.cnyes.com/news/id/5029771 總統指示強化金融韌性黃天牧規劃3大新政策今明年端出 https://udn.com/news/story/7239/6821341 國泰金控資安制度獲BSI「資訊韌性」四項大獎肯定 https://reurl.cc/zrKR0p 當機成常態?金管會年底前開罰國泰世華銀 https://ctee.com.tw/news/finance/767437.html 國泰金打造新一代電子病歷平台瞄準金融醫療生態圈 https://reurl.cc/91bNdv 3.電子支付/行動支付/pay/資安新型詐騙！民眾身分遭盜「被電子支付開戶」成「詐騙犯」全台跑透說明 https://reurl.cc/vmKOrA 電子支付大戰白熱化！全支付42天圈粉200萬，進逼街口、一卡通雙雄 https://www.gvm.com.tw/article/96979 不監管、只發展，只會讓台灣第三方支付的未來變詐騙之島 https://www.inside.com.tw/article/30019-Taiwan-Third-party-payment 世足賽帶起運彩熱林楚茵建議電子支付押注 https://reurl.cc/LXQrY9 樂購蝦皮退場已跳票金管會：延至明年6月 https://reurl.cc/4Xbe2R 電子支付首家！歐付寶導入財金公司平台串接銀行快付 https://www.cardu.com.tw/mpay/detail.php?40240 全支付進逼街口、一卡通！「300萬會員」後挑戰才開始？電支真正戰場為何 https://www.bnext.com.tw/article/72674/pxpayplus-2022q4 最大國民支付品牌悠遊卡董事會決議送件興櫃 https://reurl.cc/RO9Gaz 搶攻行動支付市場 NewTaiPAY 招募全國特約商店加入 https://reurl.cc/vmKO9A 你下單我付款？網購用行動支付竟遭「誤綁誤刷」 https://reurl.cc/deqkKk LINE Pay 用戶破1,100萬行動支付金額飆 https://ctee.com.tw/news/tech/756347.html 不是主流但特別功用的台灣Pay：查詢銀行餘額方便還可以無卡ATM提款 https://www.cool3c.com/article/185997 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安網路安全公司：朝鮮駭客組織Lazarus與新的加密貨幣駭客計劃有關 https://news.cnyes.com/news/id/5027815 FTX破產｜FTX 如何走向破產？SBF 公開訪談 https://www.stockfeel.com.tw/sbf-ftx-%E8%A8%AA%E5%95%8F/ FTX 高管終於聘請調查團隊！協尋丟失的數十億美元加密資產 https://www.blocktempo.com/ftx-hired-alixpartners-to-look-for-billions-cryptocurrencies/ 北韓養網軍神祕駭客海撈加密貨幣 https://www.wealth.com.tw/articles/0118d11d-22a4-4c7c-9c31-0262b51f30ff 微軟安全報告：有駭客針對加密行業公司進行定向攻擊 https://news.cnyes.com/news/id/5029867?exp=a 微軟發現駭客使用惡意Excel檔案攻擊加密公司 https://abmedia.io/20221207-microsoft-discovered-targeted-attacks-against-the-cryptocurrency-industry 鏈金術師｜怎樣評估DeFi項目安全性 https://bossmindmedia.com/blog/4/post/defi-7167 Web3投注平台Dexsport遭駭客攻擊損失價值40萬美元的BUSD https://news.cnyes.com/news/id/5030361 Helio Protocol 正與駭客談判中，已回購 300萬枚 $HAY、幣價漲回 0.96鎂 https://www.blocktempo.com/helio-protocol-is-in-negotiation-with-hay-exploiter/ SEC再查交易平台！幣安、Coinbase、FTX.US 皆在重點名單 https://www.blocktempo.com/sec-started-the-crypto-exchanges-investigation-including-binance-and-coinbase/ 20個ETHIndia駭客松FEVM獲獎項目一覽 https://news.cnyes.com/news/id/5028297 Ankr更新》將調資1,500萬鎂恢復基金，購買增發的HAY補償受損用戶 https://www.blocktempo.com/ankr-says-the-15m-recovery-fund-will-be-allocated-to-purchase-additional-hay/ BNB Chain Builder Grant 11 月受贈項目公布：Owl Protocol 和 BlockVision https://news.cnyes.com/news/id/5029008 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 微軟OneNote筆記軟體檔案遭到濫用，被拿來散布惡意軟體Formbook https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trojanized-onenote-document-leads-to-formbook-malware/ 市值數十億美元的製造公司遭勒索軟體Babuk鎖定 https://blog.morphisec.com/babuk-ransomware-variant-major-attack 暗網出現軟體封裝系統Zombinder，讓駭客在Android、Windows應用程式挾帶惡意軟體 https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html 加密貨幣投資人遭到鎖定，駭客透過Telegram群組散布惡意軟體 https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/ 研究人員關閉被用於DDoS攻擊的殭屍網路KmsdBot https://www.ithome.com.tw/news/154605 美國警告醫療機構遭到勒索軟體Royal鎖定 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ 美國大型醫療連鎖機構CommonSpirit Health證實遭勒索軟體攻擊 https://www.bleepingcomputer.com/news/security/commonspirit-health-ransomware-attack-exposed-data-of-623-000-patients/ 以色列、南非、香港組織遭到資料破壞軟體Fantasy攻擊 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ 俄羅斯市長辦公室、法院遭資料破壞軟體CryWiper攻擊 https://securelist.ru/novyj-troyanec-crywiper/106114/ WordPress網站的外掛程式遭到感染，被用於推送詐騙訊息 https://blog.sucuri.net/2022/12/infected-wordpress-plugins-redirect-to-push-notification-scam.html 比利時安特衛普市線上服務中斷，起因疑為勒索軟體攻擊 https://www.bleepingcomputer.com/news/security/antwerps-city-services-down-after-hackers-attack-digital-partner/ 雲端服務業者Rackspace代管的Exchange伺服器服務證實遭勒索軟體攻擊 https://www.securityweek.com/rackspace-confirms-ransomware-attack-it-tries-determine-if-data-was-stolen 勒索軟體與資料破壞程式只有一線之隔，駭客基於公開的Cryptonite程式碼，而發展出加密而無法解密的惡意程式 https://www.fortinet.com/blog/threat-research/The-story-of-a-ransomware-turning-into-an-accidental-wiper 北韓駭客Lazarus假借提供加密貨幣應用程式，散布惡意軟體AppleJeus https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/ 駭客自帶系統管理工具PRoot攻擊Linux主機 https://sysdig.com/blog/proot-post-explotation-cryptomining/ ZIP與RAR壓縮檔已成為駭客主要用來埋藏惡意軟體的管道 https://threatresearch.ext.hp.com/hp-wolf-security-threat-insights-report-q3-2022/ 法國教學醫院André-Mignot遭勒索軟體攻擊，病人被迫轉院 https://www.bleepingcomputer.com/news/security/ransomware-attack-forces-french-hospital-to-transfer-patients/ 印度再傳醫學中心遭到勒索軟體攻擊 https://scroll.in/latest/1038970/delhis-safdarjung-hospital-says-it-suffered-cyber-attack-in-november 美國針對勒索軟體Cuba攻擊發布警告 https://www.cisa.gov/uscert/ncas/alerts/aa22-335a Google 警告有黑客利用被盜 Android 證書金鑰認證惡意軟件 https://unwire.pro/2022/12/06/google-android/security/ 無良認知戰！　北韓駭客利用梨泰院悲劇散播惡意軟體 https://tw.nextapple.com/international/20221208/33B5E01A1FD306BB04EEC50983EA482E Google資安分析：北韓駭客藉梨泰院案散播惡意軟體 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1551470&type=universal Suspected Iran-Nexus TAG-56 Uses UAE Forum Lure for Credential Theft Against US Think Tank https://www.recordedfuture.com/suspected-iran-nexus-tag-56-uses-uae-forum-lure-for-credential-theft-against-us-think-tank Blowing Cobalt Strike Out of the Water With Memory Analysis https://unit42.paloaltonetworks.com/cobalt-strike-memory-analysis/ Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign https://broadcom-software.security.com/blogs/threat-intelligence/cranefly-new-tools-technique-geppei-danfuan Analysis of an Intrusion Campaign Targeting Telco and BPO Companies https://www.crowdstrike.com/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/ Vice Society: Profiling a Persistent Threat to the Education Sector https://unit42.paloaltonetworks.com/vice-society-targets-education-sector/ Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities https://www.fortinet.com/blog/threat-research/zerobot-new-go-based-botnet-campaign-targets-multiple-vulnerabilities Mirai Botnet and Gafgyt DDoS Team Up Against SOHO Routers https://isc.sans.edu/diary/rss/29304 DEV-0139 launches targeted attacks against the cryptocurrency industry https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/ Cyber-Espionage in the Middle East: Investigating a New BackdoorDiplomacy Threat Actor Campaign https://www.bitdefender.com/files/News/CaseStudies/study/426/Bitdefender-PR-Whitepaper-BackdoorDiplomacy-creat6507-en-EN.pdf 歐洲、亞太地區遭到中國駭客Mustang Panda鎖定，假借歐盟對烏克蘭戰爭提出的建議名義，散布惡意軟體 https://blogs.blackberry.com/en/2022/12/mustang-panda-uses-the-russian-ukrainian-war-to-attack-europe-and-asia-pacific-targets Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets https://blogs.blackberry.com/en/2022/12/mustang-panda-uses-the-russian-ukrainian-war-to-attack-europe-and-asia-pacific-targets?s=09 Calisto show interests into entities involved in Ukraine war support https://blog.sekoia.io/calisto-show-interests-into-entities-involved-in-ukraine-war-support/ Fantasy – a new Agrius wiper deployed through a supply chain attack https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ A Closer look at BlackMagic ransomware https://blog.cyble.com/2022/12/07/a-closer-look-at-blackmagic-ransomware/?utm_content=230789894&utm_medium=social&utm_source=twitter&hss_channel=tw-1141929006603866117 WSzero, a DDoS family that uses 21 vulnerabilities to spread, has been developed to a 4th version https://blog.netlab.360.com/new-ddos-botnet-wszeor/ 美國軍火供應商遭到俄羅斯駭客TAG-53攻擊 https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations Hackers Sign Android Malware Apps with Compromised Platform Certificates https://thehackernews.com/2022/12/hackers-sign-android-malware-apps-with.html Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware https://thehackernews.com/2022/12/russian-courts-targeted-by-new-crywiper.html North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html Understanding NIST CSF to assess your organization's Ransomware readiness https://thehackernews.com/2022/12/understanding-nist-csf-to-assess-your.html Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware https://thehackernews.com/2022/12/open-source-ransomware-toolkit.html Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022 https://thehackernews.com/2022/12/vice-society-ransomware-attackers.html New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network https://thehackernews.com/2022/12/new-go-based-zerobot-botnet-exploiting.html Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps https://thehackernews.com/2022/12/researchers-uncover-darknet-service.html Attacks in the Palestinian-Israeli region surrounding the World Cup in Qatar https://mp.weixin.qq.com/s/48Atw1b6Oe7A-vlsKHYWwg B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊蝦皮、國泰後又1樁全家App掛了寄杯沒法換扯出陰謀論當機原因竟然是 https://wantrich.chinatimes.com/news/20221209900722-420501 Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely https://thehackernews.com/2022/12/watch-out-these-android-keyboard-apps.html Telcom and BPO Companies Under Attack by SIM Swapping Hackers https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html Apple Boosts Security With New iMessage, Apple ID, and iCloud Protections https://thehackernews.com/2022/12/apple-boosts-security-with-new-imessage.html 蘋果為iCloud加入全程加密等安全功能 https://www.ithome.com.tw/news/154601 蘋果計劃採用新加密系統來抵禦駭客和保護iCloud數據 https://reurl.cc/10kA5Q 蘋果為iCloud備份等服務加入端到端加密功能同時支援實體安全金鑰 https://reurl.cc/deqkN2 Google修補安卓81個漏洞 https://source.android.com/docs/security/bulletin/2022-12-01 漏洞挖掘大賽Pwn2Own Toronto 2022開幕，研究人員一天內兩度成功攻陷三星手機 https://www.zerodayinitiative.com/blog/2022/12/5/pwn2own-toronto-2022-day-one-results Google為Pixel 7手機提供免費VPN服務 https://blog.google/products/pixel/feature-drop-december-2022/ 電信業者與業務流程外包公司遭鎖定，目的是竊取SIM挾持攻擊所需的電信業者權限 https://www.crowdstrike.com/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/ 三星、LG、聯發科供安卓設備使用的憑證遭惡意程式濫用 https://www.bleepingcomputer.com/news/security/samsung-lg-mediatek-certificates-compromised-to-sign-android-malware/ 為強化記憶體安全，Android 13有更多元件改用Rust開發 https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html Google Messages測試群組聊天全程加密功能 https://www.ithome.com.tw/news/154549 駭客假冒VPN應用程式，鎖定安卓(Android)手機用戶散布間諜軟體 https://reurl.cc/NGNdok 舊手機別當垃圾丟！ 3C回收不怕個資洩光光流程教學一次就會 https://e-info.org.tw/node/235663 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力資安人才缺乏相關企業各出奇招 https://ctee.com.tw/news/tech/770289.html 東吳大學聯手資安業者，成立反網路勒索攻擊應變小組 https://www-ch.scu.edu.tw/october/news/19118 5萬個網站遭到竄改，駭客注入世界盃足球賽下注內容來擾亂SEO結果 https://blog.sucuri.net/2022/12/chinese-gambling-spam-targets-world-cup-keywords.html 駭客組織CashRewindo濫用註冊多年的網域名稱架設詐騙網站，規避資安防護系統偵測 https://blog.confiant.com/cashrewindo-how-to-age-domains-for-an-investment-scam-like-fine-scotch-a48d22788c84 聯繫台媒要打暗號　新疆人用表情符號「茶、手、雞」自保 https://www.mirrormedia.mg/story/20221205pol007/ 中國政府網站遭駭客組織匿名者攻擊，起因是響應白紙運動 https://www.cna.com.tw/news/acn/202212010327.aspx 國際特赦組織加拿大分部網站遭駭客攻擊，專家指北京是背後黑手 https://tw.aboluowang.com/2022/1207/1838776.html 國際特赦組織加拿大分部遭中國駭客攻擊 https://www.amnesty.ca/news/news-releases/cyber-breach-statement/ 資安業者CloudSEK遭駭，他們懷疑是一家監控暗網的資安業者所為 https://www.bleepingcomputer.com/news/security/cloudsek-claims-it-was-hacked-by-another-cybersecurity-firm/ 伊朗駭客APT42鎖定政治人物、新聞記者下手，挾持其Google帳號 https://www.hrw.org/news/2022/12/05/iran-state-backed-hacking-activists-journalists-politicians 以色列、埃及組織遭伊朗駭客MuddyWater鎖定，濫用遠端管理工具Syncro與檔案共享服務發動攻擊 https://www.deepinstinct.com/blog/new-muddywater-threat-old-kitten-new-tricks 美國COVID-19救濟金傳出被盜，疑中國駭客APT41所為 https://www.nbcnews.com/tech/security/chinese-hackers-covid-fraud-millions-rcna59636 與中國政府有關成都駭客組織盜走美紓困金2000萬 https://www.worldjournal.com/wj/story/121187/6818078 俄羅斯駭客入侵歐美組織，目的是綁架這些單位的網路流量，以此攻擊烏克蘭 https://www.lupovis.io/russia-compromises-major-uk-and-us-organisations-to-attack-ukraine/ 美特勤局證實　兩年多來遭中國駭客竊取數千萬美元COVID-19救濟金 https://tw.nextapple.com/international/20221206/CFD020667AD1AC9E18E1F8940BF7B444 英美加聯合指控俄羅斯駭客竊取武肺研究資訊 https://www.pourquoi.tw/intlnews-nasaoa-200711-200717-1/ COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics https://thehackernews.com/2022/12/iranian-state-hackers-targeting-key.html Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks https://thehackernews.com/2022/12/chinese-hackers-target-middle-east.html Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities https://thehackernews.com/2022/12/chinese-hackers-using-russo-ukrainian.html Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier https://thehackernews.com/2022/12/russian-hackers-spotted-targeting-us.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全亞洲國際密碼學會議在臺登場，PQC標準化在即，NIST呼籲及早做好轉換因應 https://www.ithome.com.tw/news/154609 Advanced Phishing Campaign Targeting Individuals & Businesses in the Middle East (Part 2) https://cloudsek.com/threatintelligence/advanced-phishing-campaign-targeting-individuals-businesses-in-the-middle-east-part-2/ 駭客在暗網兜售15萬筆印度醫院的病人資料 https://cloudsek.com/threatintelligence/indian-central-board-of-higher-education-compromised-by-team-mysterious-bangladesh/ 540萬Twitter外洩用戶個資,已出現在駭客論壇,立即檢查你的個資是否遭到洩漏 https://blog.trendmicro.com.tw/?p=75632 E.研究報告/工具 The Value of Old Systems https://thehackernews.com/2022/12/the-value-of-old-systems.html What the CISA Reporting Rule Means for Your IT Security Protocol https://thehackernews.com/2022/12/what-cisa-reporting-rule-means-for-your.html When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker https://thehackernews.com/2022/12/when-being-attractive-gets-risky-how.html 企業資安防護怎麼做？用對 ATT&CK 框架，可使防禦能量倍增 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10214 How XDR Helps Protect Critical Infrastructure https://thehackernews.com/2022/12/how-xdr-helps-protect-critical.html Best Year-End Cybersecurity Deals from Uptycs, SANS Institute, and Bitdefender https://thehackernews.com/2022/12/best-year-end-cybersecurity-deals-from.html Machine Learning for Fraud Detection in Streaming Services https://netflixtechblog.com/machine-learning-for-fraud-detection-in-streaming-services-b0b4ef3be3f6 OpenAI’s ChatGPT Bot Imagines Its Worst Possible Self https://kantrowitz.medium.com/openais-chatgpt-bot-imagines-its-worst-possible-self-bf057b697bbb OpenAI’s ChatGPT Is the World’s Best Chatbot https://towardsdatascience.com/openais-chatgpt-is-the-world-s-best-chatbot-a25fa9f54442 10 Startup business models you must know (with examples) https://navdeepyadav.medium.com/10-startup-business-models-you-must-know-with-examples-b274f012e1a2 OTP Leaking Through Cookie Leads to Account Takeover https://ag3n7.medium.com/otp-leaking-through-cookie-leads-to-account-takeover-4fb96f255e2f How to create front end dashboards in Python using pieSparrow https://medium.com/@itsdaniyalm/how-to-create-front-end-dashboards-in-python-using-piesparrow-6c1cfd9ec4a0 10 Must-Know Machine Learning Algorithms for Data Scientists https://johnvastola.medium.com/10-must-know-machine-learning-algorithms-for-data-scientists-adbf3272398a Why is Robust API Security Crucial in eCommerce https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver https://thehackernews.com/2022/12/researchers-uncover-new-drokbk-malware.html What Stricter Data Privacy Laws Mean for Your Cybersecurity Policies https://thehackernews.com/2022/12/what-stricter-data-privacy-laws-mean.html F.商業 Palo Alto Networks 看2023：雲端供應鏈攻擊擾亂企業運作 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10217 卡巴斯基：2023年郵件伺服器和衛星成主要攻擊目標 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10213 趨勢科技：每三台家用連網裝置就有一台面臨資安風險 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10221 AWS推出資安資料湖Amazon Security Lake https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10215 思科最新調查：員工使用未註冊裝置增加混合工作資安風險 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10220 思科揭露資安韌性成功關鍵，管理高層支持和文化培養最重要 https://www.ithome.com.tw/news/154589 紅帽於RHEL作業系統整合開源雲端安全軟體架構Keylime https://www.ithome.com.tw/news/154613 1Password推出單一簽入瀏覽器擴充套件，支援Google、Facebook、GitHub https://www.ithome.com.tw/news/154568 千億國防產值，CMMC規範成唯一入場券 https://www.ithome.com.tw/article/154533 攻擊型資安公司 DEVCORE 擴大徵才把駭客作為你的終身職 https://techsaydigi.com/2022/12/67330.html 戴夫寇爾︰台需要更多駭客思維的資安人才 https://ec.ltn.com.tw/article/breakingnews/4146860 G.政府衛福部桃園醫院驚傳資訊系統遭駭客入侵 https://www.mirrormedia.mg/story/20221206soc001/ 駭客入侵「部桃」竄改點滴險害命　全院個資外洩 https://www.ettoday.net/news/20221207/2395915.htm 竊取個資、竄改給藥資料衛福部桃園醫院遭中國駭客攻陷 https://news.ltn.com.tw/news/life/breakingnews/4147163 部桃採用中國系統後門大開　吹哨者驚爆：害醫護給錯藥 https://www.mirrormedia.mg/story/20221206soc002/ 中國駭客入侵醫院竊資料！遭植惡意程式「病患給藥錯誤」部桃3點回應 https://www.setn.com/News.aspx?NewsID=1219379 遭爆駭客入侵「醫囑被竄改」　部桃三點聲明：個資未外洩 https://www.nownews.com/news/5994067 部立桃園醫院系統遭駭多次！病患安全陷危機　衛福部：院方延遲通報已懲處 https://tw.nextapple.com/life/20221207/19E6EB7661EB3D559752E8A995218587 衛福部桃園醫院多主機遭駭竊取大量醫病資料？院方回應了 https://udn.com/news/story/7320/6820529 部桃遭駭急澄清沒個資外洩王必勝認了！院方「延遲通報」已懲處 https://cnews.com.tw/003221207a02/ 個資看光光！使用大陸系統　頻遭駭客入侵 https://news.tvbs.com.tw/life/1983325 部立醫院資訊商用中國系統遭駭薛瑞元承認須更新 https://video.ltn.com.tw/article/CfIaJRNKnto/PLI7xntdRxhw3f4pUhXV0L2ve5j1Ztthf_ 醫院每天遭上萬次駭客攻擊衛福部：裴洛西訪台時最高峰 https://news.ltn.com.tw/news/life/breakingnews/4147815 部桃加強資安防駭　發展雲端電子病歷 https://bccnews.com.tw/archives/359823 部桃遭駭！衛福部曝「電腦遭植惡意程式」　無個資外洩 https://www.nownews.com/news/5994885 衛福部桃園醫院遭攻擊去年駭客還闖入「高權限群組」 https://news.ltn.com.tw/news/life/breakingnews/4148070 賴清德顧立雄個資外流成駭客商品國民黨：下一個是朝野立委 https://cnews.com.tw/215221207a05/ 駭客攻進總統府？賴清德顧立雄近三年家庭資料都被看光光 https://ptthito.com/gossiping/m-1670298972-a-9ef/ 戶籍資料外洩2千3百萬筆謝衣鳳籲停止內鬥，內政部、國安會應動起來 https://www.peoplenews.tw/articles/e6164d1608 台灣2300萬筆個資網上賣　藍黨團痛批蔡政府別以為都外包就沒責任 https://www.ctwant.com/article/224831 2300萬個資遭駭藍：成立數發部很諷刺 https://www.worldjournal.com/wj/story/121221/6823692 時代力量立委戶籍資料遭曝光！邱顯智呼籲行政院扛責 https://www.peoplenews.tw/articles/a8cbebb0ad 全民個資網上賤賣藍委問責：總統宣示的資安即國安呢 https://reurl.cc/AybmQp 關鍵基礎設施防駭大作戰安碁資訊協助經濟部轄下事業機構進行資安攻防實戰演練 https://www.owlting.com/news/articles/230176 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs https://thehackernews.com/2022/12/cisa-warns-of-multiple-critical.html New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html American Megatrends的BMC軟體出現重大漏洞，超過15個廠牌的伺服器曝險 https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/ Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQL https://thehackernews.com/2022/12/researchers-disclose-supply-chain-flaw.html Iranian Hackers Strike Diamond Industry with Data-Wiping Malware in Supply-Chain Attack https://thehackernews.com/2022/12/iranian-hackers-strike-diamond-industry.html SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars https://thehackernews.com/2022/12/siriusxm-vulnerability-lets-hackers.html 更加針對性! 趨勢科技車用資安新公司VicOne預測OTA將成攻擊標的 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=10210 Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks https://thehackernews.com/2022/12/microsoft-alerts-cryptocurrency.html SEMI推半導體資安風險評級服務，盼促進產業鏈提升資安量能 https://www.ithome.com.tw/news/154611 SEMI半導體資安風險評級服務正式上線 https://www.semi.org/zh/products-services/semitwn-semiconductor-cybersecurity-service/assessment-fundamentum Netgear修補路由器組態配置不當的弱點 https://medium.com/tenable-techblog/netgear-router-network-misconfiguration-70ac695c81a6 三菱電機PLC設備出現帳密保護不足的弱點 https://www.nozominetworks.com/blog/flaws-in-gx-works3-threaten-mitsubishi-electric-safety-plc-security/ Global Platform在臺推動物聯網安全SESIP標準 https://globalplatform.org/latest-news/globalplatform-and-winbond-host-iot-security-certification-seminar/ 你家「被上網」嗎？網揭中國晶片監視器網路洩個資 https://news.ltn.com.tw/news/society/breakingnews/4144875 台灣監視器畫面"被上網" 疑因中製系統遭駭 https://news.cts.com.tw/cts/life/202212/202212062118012.html 趨勢科技推出全新「第二代智慧網安管家」，保護智慧家庭連網裝置安全 https://www.techbang.com/posts/102148-trend-micro-launches-the-new-second-generation-smart-network 「車載資安是跨部門的事！」SGS 談ISO 21434、TISAX、ASPICE三大車載資安標準 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10219 手機鑰匙被盜、充電設施被駭、勒索病毒擴散！汽車資安報告：偷竊、擄車勒贖、產線癱瘓 https://car.pchome.com.tw/news_content.html?nid=209950 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 我國網路資安狂被駭監委申請自動調查 https://www.chinatimes.com/realtimenews/20220810003152-260407?chdtv 6.近期資安活動及研討會 Taipei dbt Meetup #8 (in-person 👫 & online 👨‍💻)2022/12/10 https://www.meetup.com/taipei-dbt-meetup/events/289554036/ 鴻海研究院-NExT Forum：量子通信技術與應用 2022/12/12 https://www.accupass.com/event/2211140443441110230297 Networking Happy Hour @ Taipei Blockchain Week - Barcade 2022/12/13 https://www.meetup.com/taiwan-blockchain-cryptocurrency/events/289618006/ 強化郵件與雲端資安！Google Workspace & HENNGE 線上研討會 2022/12/13 https://www.accupass.com/event/2211150553486394682940 Jamf Nation Taipei｜2023 全球資安模型 CIO/CISO 高峰會 2022/12/15 https://jamf.kktix.cc/events/jamfnation2022 TANET 2022 WORKSHOP PROGRAM -「第二屆數位鑑識、醫療私密與網駭安全」 2022/12/15 ~ 2022/12/17 https://tanet2022.esam.io/ ICS 2022 WORKSHOP PROGRAM -「Ubiquitous Cybersecurity and Forensics」 2022/12/15 ~ 2022/12/17 https://ics2022.esam.io/ HITCON GIRLS 2022 女性主管經驗談 2022/12/17 https://hitcon.kktix.cc/events/hitcongirlsworkexperience2022 【新竹限定】一日駭客體驗營｜６小時了解資安滲透 2022/12/17 https://www.accupass.com/event/2211150642209239161690 全球視野解鎖未來工作趨勢! Atlassian Work Life 大會精華分享 2022/12/17 https://www.meetup.com/taipei-atlassian-community-events/events/289787941/ 一日駭客x網路弱點滲透 2022/12/17 https://www.accupass.com/event/2210270652481821159224 幣圈資安必備知識，如何安全投資加密貨幣 2022/12/18 https://www.accupass.com/event/2212010638041616746126 製造業資安防禦新攻略！從邊緣到 IT 全面守護供應鏈 2022/12/21 https://www.accupass.com/event/2211180201203157149490 一鍵完成設備部署、資安、合規的實作秘笈 | In Taipei Apple Office 2022/12/23 https://jamf.kktix.cc/events/onetouch2022-2 【線上研討會】ISO/IEC 27001：2022 改版研討會 2022/12/23 https://www.accupass.com/event/2211090318242100958423 【高雄限定】一日駭客體驗營｜６小時了解資安滲透 2023/1/14 https://www.accupass.com/event/2211150721101457239234