資安事件新聞週報 2021/10/11 ~ 2021/10/15

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2021/10/11 ~ 2021/10/15 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 近日發布更新以解決多個產品的安全性弱點 https://us-cert.cisa.gov/ncas/current-activity/2021/10/07/cisco-releases-security-updates-multiple-products Micro Focus ArcSight Enterprise Security Manager (ESM) CVE-2021-38124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-38124 Trend Micro ServerProtect http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36745 Apache HTTP伺服器存在安全漏洞(CVE-2021-42013)，允許攻擊者遠端執行任意程式碼 https://www.isda.org.tw/2021/10/09/0a4bf59c2d6b1fc5d36850718f1675f4/ New Patch Released for Actively Exploited 0-Day Apache Path Traversal to RCE Attacks https://thehackernews.com/2021/10/new-patch-released-for-actively.html Zyxel VPN2S http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-35028 Nagios XI http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36363 Oracle Linux Oswatcher http://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-2464 Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack https://thehackernews.com/2021/10/update-your-windows-pcs-immediately-to.html Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects https://thehackernews.com/2021/10/code-execution-bug-affects-yamale.html Sonicwall SonicOS 7.0 - Host Header Injection https://www.exploit-db.com/exploits/50414 Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS) https://www.exploit-db.com/exploits/50413 SolarWinds Kiwi CatTools 3.11.8 - Unquoted Service Path https://www.exploit-db.com/exploits/50416 2.銀行/金融/保險/證券/支付系統/ 新聞及資安合庫銀數位資安優等生 https://money.udn.com/money/story/5636/5811783 銀行組-數位資訊安全獎建資安管理儀表板全行落實 https://readers.ctee.com.tw/cm/20211013/a81asb1/1149785/share 四大面向國泰產險精進資安防護 https://readers.ctee.com.tw/cm/20211014/a74asa4/1150030/share 數位轉型有成中壽獲「數位金融獎」雙優質獎 https://ctee.com.tw/industrynews/financesmanage/529787.html LINE Bank通過資安管理及個資保護雙項驗證 https://today.line.me/tw/v2/article/mWlXljW 和泰產險精實資安韌性，獲首屆工商時報數位金融獎 https://turnnewsapp.com/livenews/finance/A78817002021100716414952 台灣康健人壽將售予安達金管會：依5大原則審查 https://reurl.cc/6DvL4d 黃天牧與國銀總經理開會揭4大重點政策 https://money.udn.com/money/story/5613/5801005 3.電子支付/行動支付/pay/資安悠遊卡和一卡通都可以互相轉帳了：電子支付跨機構共用平台正式上線 https://www.cool3c.com/article/167001 LINE pay、街口「轉帳」都通了！電子支付跨機構共用平台上線 https://finance.technews.tw/2021/10/14/electronic-payment-cross-institution-sharing-platform/ 佈局電子支付市場，全家攜手玉山、拍付合資「全盈支付」獲公平會點頭 https://reurl.cc/kLOqK3 全家、玉山銀、拍付國際合資公平會准設全盈支付公司 https://wantrich.chinatimes.com/news/20211014S505796 全盈、全支付攻嗶經濟金管會：12/24前須申請發照 https://www.cna.com.tw/news/afe/202110140315.aspx 歐付寶營運擴張觸角加入銀行跨行轉帳市場 https://wantrich.chinatimes.com/news/20211014S506618 移工匯兌傳佳音！　統振獲金管會許可辦理業務 https://finance.ettoday.net/news/2102378 電支和銀行帳戶能夠互相轉帳了！但開放繳費、繳稅讓業者卻步，原因為何 https://www.bnext.com.tw/article/65582/digital-payment-next-step 用戶破500萬！街口電支、保特保險經紀人共創線上投保 https://udn.com/news/story/7239/5792031 財部力推台灣Pay支付標準招手街口與Line Pay加入 https://udn.com/news/story/7239/5819073 逾60萬人五倍券綁台灣Pay 占行動支付63% https://udn.com/news/story/7239/5800604 4.加密貨幣/挖礦/區塊鍊/智能合約資安 Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets https://thehackernews.com/2021/10/critical-flaw-in-opensea-could-have-let.html 加密幣挖礦中國列「負面清單」產業美國擬監管嚴控 https://reurl.cc/L7WXWL 以太坊背後的男人天才V神布特林 https://www.chinatimes.com/newspapers/20211009000314-260210?chdtv V神：薩爾瓦多強制採用比特幣與加密貨幣的「自由理想」背道而馳 https://news.cnyes.com/news/id/4738978 CBDC是零售支付最後一哩路？楊金龍：央行發數位貨幣需有三個條件 https://www.gvm.com.tw/article/83217 行動支付公司Square投資的比特幣價值翻倍，目前超過4.7億美元 https://news.cnyes.com/news/id/4746224 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 狙擊手攻擊! 鎖定 ESXi 伺服器和虛擬機器的新型 Python 勒索軟體 https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=9497 惡意程式設法關閉UEFI安全開機功能，並被用於間諜攻擊 https://www.ithome.com.tw/news/147200 Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes https://unit42.paloaltonetworks.com/exploits-interactsh/ A Handshake with MySQL Bots https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/handshake-with-mysql-bots/ Explosive New MirrorBlast Campaign Targets Financial Companies https://blog.morphisec.com/explosive-new-mirrorblast-campaign-targets-financial-companies New Yanluowang ransomware used in targeted attacks https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-targeted-ransomware MysterySnail attacks with Windows zero-day https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/ Roundup of ransomware in the CIS https://securelist.com/cis-ransomware/104452/ Multi-universe of adversary: multiple campaigns of the Lazarus group and their connections https://vblocalhost.com/uploads/VB2021-Park.pdf https://vblocalhost.com/uploads/VB2021-08.pdf https://vblocalhost.com/conference/presentations/multi-universe-of-adversary-multiple-campaigns-of-the-lazarus-group-and-their-connections/ Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo https://thehackernews.com/2021/10/indian-made-mobile-spyware-targeted.html Ransomware Group FIN12 Aggressively Going After Healthcare Targets https://thehackernews.com/2021/10/ransomware-group-fin12-aggressively.html Researchers Warn of FontOnLake Rootkit Malware Targeting Linux Systems https://thehackernews.com/2021/10/researchers-warn-of-fontonlake-rootkit.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 iOS15.0.1嚴重漏洞！黑客展示遠程控制 https://tinyurl.com/ydrf5mhf 中國App偷看用戶相簿微信淘寶QQ都這麼做 https://reurl.cc/zW1rG0 中國電信強化漏洞治理夯實關鍵信息基礎設施安全 https://www.sohu.com/a/495186432_482239 中共「淨網」行動再升級！逾1.6萬人遭逮捕 2600件APP被下架 https://newtalk.tw/news/view/2021-10-11/649385 Critical Remote Hacking Flaws Disclosed in Linphone and MicroSIP Softphones https://thehackernews.com/2021/10/critical-remote-hacking-flaws-disclosed.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力一名匿名駭客宣稱駭入遊戲直播平台 Twitch，取得該站網站、應用程式等所有原始碼、影音直播主付款記錄 https://twcert.pixnet.net/blog/post/334457895 陸13歲駭客攻陷臉書釀癱瘓？調查曝光竟是大烏龍 https://www.chinatimes.com/realtimenews/20211009002111-260409?chdtv 宏碁印度售後服務系統遭駭，用戶與財務資料流落暗網 https://www.ithome.com.tw/news/147286 Acer confirms breach of after-sales service systems in India https://www.bleepingcomputer.com/news/security/acer-confirms-breach-of-after-sales-service-systems-in-india/ 量化交易公司mgnr公布駭客攻擊細節 https://amp-news.cnyes.com/news/id/4744407 Google 警告 1.4萬名 Gmail 用戶，恐淪為俄羅斯駭客 APT28 的目標 https://reurl.cc/dxneWM 新發現 APT攻擊團體 ChamelGang，攻擊俄羅斯、美國、台灣等多國能源、航空產業與政府機關 https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=12&aid=9499 不只共機！駭客1個月攻擊我2000萬次　調查局合作FBI捍衛數位國土 https://new7.storm.mg/article/3989267 美商務部更新資安建議防外國對手企業掌控 https://wantrich.chinatimes.com/news/20211013S505011 英國監管機構ICO向G7建議減少使用同意cookie 的彈出式視窗 https://blog.twnic.tw/2021/10/13/20140/ 前北韓高層受訪爆料北韓內部腐化 https://udn.com/news/story/6809/5808433 中國4大企業遭政府審查！「淨網」已逮逾1.6萬人 https://reurl.cc/35X348 中國網安周開啟“西安時間” 2021年國家網絡安全宣傳周今啟幕 http://it.people.com.cn/BIG5/n1/2021/1011/c433780-32249771.html 美軍前軟體長：中國大幅超車，美國已輸掉美中 AI競賽 https://www.inside.com.tw/article/25156-china-has-won-ai-battle-with-us-pentagons-ex-software-chief-says 美中諜戰升溫! CIA設「中國任務中心」陸戰隊密訓台軍 https://reurl.cc/DZjXpm 微軟報告：過去一年中共駭客攻擊“地緣政治目標”顯著 https://m.soundofhope.org/post/552963?lang=b5 你才落後！中共黨報：台灣與中國硬脫鉤致數位經濟沒落 https://ec.ltn.com.tw/article/breakingnews/3698958 中國公安淨網行動嚴打侵犯個人信息及網絡水軍等犯罪行為 https://reurl.cc/MkOXpL Experts Warn of Unprotected Prometheus Endpoints Exposing Sensitive Information https://thehackernews.com/2021/10/experts-warn-of-unprotected-prometheus.html Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice https://thehackernews.com/2021/10/digital-signature-spoofing-flaws.html GitHub Revoked Insecure SSH Keys Generated by a Popular git Client https://thehackernews.com/2021/10/github-revoked-insecure-ssh-keys.html Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers https://thehackernews.com/2021/10/microsoft-fended-off-record-24-tbps.html Microsoft Warns of Iran-Linked Hackers Targeting US and Israeli Defense Firms https://thehackernews.com/2021/10/microsoft-warns-of-iran-linked-hackers.html Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices https://thehackernews.com/2021/10/ukraine-arrests-operator-of-ddos-botnet.html Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack https://thehackernews.com/2021/10/verify-end-users-at-helpdesk-to-prevent.html Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages https://thehackernews.com/2021/10/ad-blocking-chrome-extension-caught.html CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems https://thehackernews.com/2021/10/cisa-issues-warning-on-cyber-threats.html Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries https://thehackernews.com/2021/10/google-were-tracking-270-state.html 資訊安全管控（安控）人員 https://www.104.com.tw/job/42v7a?jobsource=job_same_B 網路資訊安全人員【SGH005 戰略數據中心】 https://www.104.com.tw/job/7b0fa?jobsource=job_same_B 資訊部資訊安全小組 - J1991 https://www.104.com.tw/job/77n3k?jobsource=job_same_B 資深資安工程師/資安工程師 https://www.104.com.tw/job/7d7e7?jobsource=job_same_B 資訊安全管理稽核員/客戶經理Information Security (ISO 27001) Auditor https://www.104.com.tw/job/kyb5?jobsource=job_same_B 資安人員 https://www.104.com.tw/job/7dx56?jobsource=job_same_B C.顧問類-銀行業風險管理與數據分析 https://www.104.com.tw/job/6tqjf?jobsource=job_same_B 資安工程師 https://reurl.cc/OkMEGy 資安管理師(或資安顧問) https://www.104.com.tw/job/7by6d 資安系統工程師-新竹(DF6) https://www.104.com.tw/job/72scw?jobsource=analysis_jobsame D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全美國人超擔憂：中俄網路攻擊、個資外洩 https://reurl.cc/px3Z98 打擊駭客、網路詐騙　大陸「淨網」狂捕逾1.6萬人 https://news.tvbs.com.tw/tech/1605085 「好食券地圖變孤兒」停止更新！　創作者嘆：政府未當數位領頭羊　還洩個資 https://tw.appledaily.com/life/20211009/RNNDRP6NJBETZJ23BHAMJCX2QM/ 確保網紅頻道與閒置帳號安全，Google 為 1.5 億多用戶預設啟用雙因素認證 https://technews.tw/2021/10/12/google-two-factor-authentication-default-millions-of-users/ E.研究報告/工具響應全球加密日 https://blog.twnic.tw/2021/10/15/20250/ The Ultimate SaaS Security Posture Management (SSPM) Checklist https://thehackernews.com/2021/10/the-ultimate-saas-security-posture.html Penetration Testing Your AWS Environment - A CTO's Guide https://thehackernews.com/2021/10/penetration-testing-your-aws.html [資訊安全] 雲端系統的共同責任劃分(Shared responsibility model ) https://reurl.cc/q1VZNg 給非營利組織的資安自保手冊 https://www.techsoup-taiwan.org.tw/edm_2021_10 公益團體的資安策略指南（一）：透視黑色產業鏈，建構防禦碉堡 https://npost.tw/archives/63453 去中心化域名的缺點與如何解決 https://blog.twnic.tw/2021/10/14/20142/ 網路安全工程師教你：透過Kali Linux設定蜜罐記錄駭客行為 https://heatask.com/game/486351.html 讓駭客決定數位身份證的發行日吧 https://futurecity.cw.com.tw/index.php/article/1526 Brute-force Login and Bypass Account lockout on elabFTW 1.8.5 - Paper https://www.exploit-db.com/docs/50417 インシデント対応演習のススメ https://creators-note.chatwork.com/entry/2021/10/15/180142 SysmonForLinux https://github.com/Sysinternals/SysmonForLinux F.商業 Thales: MFA採用過低、脆弱的VPN是雲端優先世界中的兩大存取挑戰 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9502 Swimlane和Elastic攜手為資安維運團隊提供可擴充架構 https://reurl.cc/q1VZry HKT x Cisco 新世代Wi-Fi 6應對新常態網絡風險 https://reurl.cc/WXxqNL VMware Security 主管 Karen Worstell：雲+零信任是遠端工作資安好解方 https://www.inside.com.tw/article/25134-vmware-security-zero-trust 五倍券助攻，Win 11將催動換機潮？答案「這時候」揭曉 https://www.gvm.com.tw/article/83141 高雄市實現智慧觀光抗疫！遠傳大數據應用助攻精準分析景區人流 https://www.inside.com.tw/article/25006-fet-dt 又碩協同HP整合網路監控客製化 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&id=0000620585_AGT48OOD93PWZI4UK0U2J 金融科技新創推薦獎Baby Unicorn－奧義智慧 AI資安監控防護網受肯定 https://www.chinatimes.com/newspapers/20211013000483-260210?chdtv G.政府五倍券網站程式碼含簡體字！立委酸 https://reurl.cc/EZjXYa 五倍券網站程式碼含簡體字！高虹安狠酸：作弊連名字都抄 https://www.nownews.com/news/5407039 五倍券程式碼竟有簡體字高虹安指有資安疑慮、關貿不用心 https://cnews.com.tw/174211011a01/ 五倍券官網原始碼註解文字出現簡體字已迅速修正完成 https://money.udn.com/money/story/5635/5808902 五倍券網站見簡體字王美花：絕對沒有資安的問題 https://udn.com/news/story/7238/5810230 民眾氣炸　綁定後就接到奇怪電話 https://news.housefun.com.tw/news/article/175400313339.html 檔案遺失不斷增加學習歷程如何善後 https://udn.com/news/story/7339/5809508 區公所資料淪為駭客攻擊目標　南市議員籲重視資安問題 https://today.line.me/tw/v2/article/Za2VW2r H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識相關資安【資安234】會不會你的攝影機其實是駭客在監控? 物聯網的資安風險 https://player.soundon.fm/p/8fdc3e51-8bfb-4bfa-9c65-8ea2ce5a6eb7/episodes/a4984eaa-efa2-4454-af9d-65d597681f8d ISO21434 車聯網時代來臨，資安防護再升級研討會 https://www.tuvnord.com.tw/content/news/news_mean.aspx?id=132 工控系統危機四伏，掌握工控資安風險管理要點 https://www.informationsecurity.com.tw/article/article_detail_2021.aspx?aid=9503 I.教育訓練 [Day29] 資安自學之路小回顧 https://ithelp.ithome.com.tw/articles/10281684?sc=iThelpR Day29 - Exploitation- Linux kernels 漏洞 https://ithelp.ithome.com.tw/articles/10281660 Kubernetes CKA課程筆記 10 https://reurl.cc/EZjXzg 資安通識教育訓練 -CS資安防衛戰- https://sites.google.com/email.nchu.edu.tw/isms-game/%E9%A6%96%E9%A0%81 Hong Kong CTF ASSOCIATION https://www.hkctf.org/ 資安系列 https://home.gamer.com.tw/creationCategory.php?owner=chejia&c=356116 6.近期資安活動及研討會 Why Open Source 10/18 https://reurl.cc/gzGQlp 系統防護及內網威脅通報應變實戰班 10/18 10/26 https://www.tabf.org.tw/CourseDetail.aspx?PID=442805 Flutter Widget and layout tutorial 10/19 https://reurl.cc/GbjXld .conf21 Virtual 10/19 ~ 10/21 https://conf.splunk.com/event-details/pricing.html#tabs/virtual 數據分析與資料視覺化技術分享 10/20 https://reurl.cc/KreXqR RFID硬體資安實戰 10/22 https://www2.nchu.edu.tw/news-detail/id/51923 第七梯次AppScan應用程式資安檢測線上工作坊 10/22 http://www.pershingdata.com.tw/tw/news_activities_content.aspx?id=167 中華電信學院樹莓派學開車，手把手實做人工智慧自駕車板橋第四梯 10/21 ~ 10/22 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=317 Your First Day in GCP 10/21 https://reurl.cc/bnVGxr Abstract System Design & Implementation EP.3 Communication 10/21 https://reurl.cc/Q6RWD0 資安事件應變機制及稽核重點 10/22 https://www.caa.org.tw/coursedetail-3619.html Friday with Android 2021: Android Study Jams - Week 4 10/22 https://reurl.cc/Zje1zg Chatbot with Firebase and Dialogflow 10/23 https://reurl.cc/MkOXGX 2021 MOPCON 行動科技年會 10/23 ~ 10/24 https://www.accupass.com/event/2107211505081465802842 Intro to ML: Image Processing; Cloud Study Jam @TamkangUniversity 10/24 https://reurl.cc/xEa1XE 加密技術的應用如何在隱私與安全間取得平衡 10/27 https://www.twcert.org.tw/tw/cp-105-5163-ada65-1.html 【資安學院】資安事故處理實務 10/27 https://www.cisanet.org.tw/News/activity_more?id=MjY0NA== 使用Dialogflow做一個自己的Line bot 10/29 https://reurl.cc/px3ZXr GDSC PNU Weekly wrokshop seminar 11/5 ~ 12/10 https://reurl.cc/px3ZV4 【資安學院】國際資安標準與攻擊趨勢分享 11/10 https://www.cisanet.org.tw/News/activity_more?id=MjY3OA== HITCON 2021 台灣駭客年會 11/26 ~ 11/27 https://kktix.com/events/hitcon-2021/ GDSC PNU Weekly wrokshop seminar 11/26 https://reurl.cc/n5NZRv 行動裝置安全與稽核研習班 12/2 https://www.tabf.org.tw/CourseDetail.aspx?PID=449543 GDSC PNU Weekly wrokshop seminar 12/3 https://reurl.cc/82v5Ob 後疫新常態下的資安事故處理實務 12/3 https://reurl.cc/GbVj9Z 中華電信學院委外廠商安全程式碼撰寫基礎測驗班 12/14 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=427 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=428 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=429