###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/8/14 ~ 2023/8/18 1.重大弱點漏洞/後門/Exploit/Zero Day 攻擊行動Labrat鎖定GitLab而來，目的是挾持程式碼儲存庫進行挖礦或是盜取網路頻寬 https://sysdig.com/blog/labrat-cryptojacking-proxyjacking-campaign/ 企業儲存系統Dell Compellent存在寫死帳密漏洞，VMware vCenter管理員帳號曝險 https://www.bleepingcomputer.com/news/security/dell-compellent-hardcoded-key-exposes-vmware-vcenter-admin-creds/ 為強化資料安全，MongoDB支援查詢受到加密保護的資料 https://www.ithome.com.tw/news/158330 Zoom的零接觸設定功能存在漏洞，有可能被用於遠端發動攻擊 https://www.ithome.com.tw/news/158321 Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping https://thehackernews.com/2023/08/zoom-ztp-audiocodes-phones-flaws.html Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations https://thehackernews.com/2023/08/critical-security-flaws-affect-ivanti.html 近2千臺Citrix NetScaler伺服器遭遇零時差漏洞攻擊，被植入後門程式 https://blog.fox-it.com/2023/08/15/approximately-2000-citrix-netscalers-backdoored-in-mass-exploitation-campaign/ Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability https://thehackernews.com/2023/08/nearly-2000-citrix-netscaler-instances.html CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks https://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack https://thehackernews.com/2023/08/the-vulnerability-of-zero-trust-lessons.html 微軟發佈8月份安全性公告 https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug 微軟披露 15 個高嚴重性漏洞，駭客甚至可直接關閉發電廠 https://www.inside.com.tw/article/32482-Micorsoft-warns-%20CODESYS-V3-SDK 微軟發布安全更新以解決多個產品遠端程式碼執行 (RCE) 弱點 https://www.ithome.com.tw/news/158182 微軟程式碼儲存庫PowerShell Gallery弱點可被用於供應鏈攻擊 https://blog.aquasec.com/powerhell-active-flaws-in-powershell-gallery-expose-users-to-attacks Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks https://thehackernews.com/2023/08/experts-uncover-weaknesses-in.html Adobe 已發布安全更新，以解決多個 Adobe 產品中的弱點 https://www.cisa.gov/news-events/alerts/2023/08/08/adobe-releases-security-updates-multiple-products Fortinet 近日發布 FortiOS 的安全性更新 https://www.fortiguard.com/psirt/FG-IR-23-149 Google將每週發布 Chrome 安全更新 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10620 Google Chrome 首度支援抗量子加密演算法 預防被量子電腦入侵 https://netmag.tw/2023/08/17/google-chromes-new-encryption-skills-to-guard-against-quantum-attacks Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116 https://thehackernews.com/2023/08/enhancing-tls-security-google-adds.html Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions https://thehackernews.com/2023/08/google-chromes-new-feature-alerts-users.html 電子商務平臺Magento去年的重大漏洞被用於Xurum攻擊行動 https://www.akamai.com/blog/security-research/new-sophisticated-magento-campaign-xurum-webshell Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability https://thehackernews.com/2023/08/ongoing-xurum-attacks-on-e-commerce.html Java應用程式框架Spring元件出現存取控制漏洞，恐導致WebFlux應用程式曝險 https://jfrog.com/blog/spring-webflux-cve-2023-34034-write-up-and-proof-of-concept/ WordPress佈景主題外掛程式Avada存在漏洞 https://www.infosecurity-magazine.com/news/flaws-wordpress-avada-theme-plugin/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 New Financial Malware 'JanelaRAT' Targets Latin American Users https://thehackernews.com/2023/08/new-financial-malware-janelarat-targets.html Gigabud RAT Android Banking Malware Targets Institutions Across Countries https://thehackernews.com/2023/08/gigabud-rat-android-banking-malware.html ATM集中控管平臺Iagona ScrutisWeb存在漏洞，可被用於遠端執行命令 https://www.synack.com/blog/exploits-explained-finding-flaws-in-an-atm-software-tool/ 拉丁美洲金融科技業遭到JanelaRAT木馬程式攻擊 https://www.zscaler.com/blogs/security-research/janelarat-repurposed-bx-rat-variant-targeting-latam-fintech 憂駭客釀金融癱瘓！金管會擴大「攻防演練」　強化資安韌性 https://news.tvbs.com.tw/tech/2209706 數位部與歐洲復興開發銀行簽MOU 推數位發展轉型 https://www.rti.org.tw/news/view/id/2176867 國泰世華銀再爆系統異常　公司回應了 https://finance.ettoday.net/news/2563377 3.信用卡/電子支付/行動支付/pay/支付系統/資安 這五個地方 避免用簽帳卡 https://www.worldjournal.com/wj/story/122985/7369410 持2類國際卡 赴中國旅遊行動支付嘛也通 https://ctee.com.tw/news/finance/916540.html 支付寶綁信用卡 遊大陸更便利 https://www.chinatimes.com/newspapers/20230818000378-260114?chdtv 行動支付與網銀崛起：日本消費者的數位金融新興趨勢 https://www.thenewslens.com/article/189589 兆豐卡阻詐出絕招 首推國際行動支付綁卡限本人手機號碼 https://udn.com/news/story/7239/7366400 防詐再出招 行動支付嚴把關 https://www.chinatimes.com/newspapers/20230811000188-260205?chdtv 元大銀行數位防詐 守護行動支付交易安全 https://ctee.com.tw/industrynews/financesmanage/918771.html OTP驗證失靈？ 銀行將增加門號核對阻詐國際行動支付盜刷 https://udn.com/news/story/7239/7323025 利用會員電子支付漏洞 狂詐百貨賣場近千萬元三人被逮 https://reurl.cc/eDr0zK 新型詐騙！電子支付成詐騙漏洞 山寨簡訊騙「逾期未繳」卸民眾心防 https://reurl.cc/VL9Gzy 盯上「電子支付」漏洞　詐團撒網發偽冒簡訊騙個資盜刷上千萬 https://n.yam.com/Article/20230817628987 彎道超車的中國電子支付　如何變成詐騙溫床 https://www.cw.com.tw/article/5126869 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 派盾：RocketSwap遭遇攻擊，已損失471枚ETH https://news.cnyes.com/news/id/5290387 「不聽勸」導致超200萬美元損失，簡析Zunami Protocol被攻擊原理 https://news.cnyes.com/news/id/5290403 Zunami Protocol遭價格操縱攻擊，損失超210萬鎂！慢霧創辦人：兩個月前警告過… https://www.blocktempo.com/zunami-protocol-loses-2-1-million-for-price-manipulation-hack/ 新北檢拒收冷錢包「外國製造會被盜」，郭哲敏641萬USDT贓款淪為檢警保管 https://www.blocktempo.com/new-taipei-district-prosecutors-office-refused-to-lock-up-the-usdt-as-pilferage/ Ethcon Korea 2023以太坊開發者大會和駭客馬拉松現已開放註冊 https://news.cnyes.com/news/id/5290932 鏈上治理平台JKLabs完成200萬美元pre-seed輪融資，1kx等參投 https://news.cnyes.com/news/id/5291063 Bitget首屆公益活動「加密體驗日」，吸引全球10個地區1000名青年參與 https://news.cnyes.com/news/id/5292408 Sui Liquid Staking駭客馬拉松現已開放報名 https://news.cnyes.com/news/id/5292637 CertiK：Saga項目Discord服務器遭到駭客入侵 https://news.cnyes.com/news/id/5294277 比特幣私鑰生成命令行工具「bx seed」存在弱隨機性的重大漏洞，現已修復 https://news.cnyes.com/news/id/5288942 Base鏈地雷沒爆完？DEX RocketSwap也傳遭駭，損失逾472ETH https://www.blocktempo.com/base-project-rocketswap_labs-has-announced-an-exploit/ Web3.0 活動｜萬向「區塊鏈全球峰會」9/19 上海盛大回歸 https://www.blocktempo.com/the-9th-blockchain-summit-return-on-september-19/ 多個知名加密錢包內含多個 0-day 漏洞，可能導致加密資產遭竊 https://www.twcert.org.tw/tw/cp-104-7316-e90bb-1.html FBI 警示：詐騙者假冒 NFT 開發人員騙取加密貨幣數位資產 https://www.twcert.org.tw/tw/cp-104-7308-ade66-1.html Tether CTO：將推出基於USDT和XAUT的行動支付應用程式 https://reurl.cc/M8eYOL 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 勒索攻擊受害者3個月內二次受害機率高達6倍 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10626 Mac電腦遭惡意軟體AdLoad鎖定，被用來架設殭屍網路 https://cybersecurity.att.com/blogs/labs-research/mac-systems-turned-into-proxy-exit-nodes-by-adload 40萬臺電腦組成殭屍網路，被拿來提供代理伺服器服務牟利 https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware 惡意軟體DroxiDat鎖定南非發電廠而來 https://securelist.com/focus-on-droxidat-systembc/110302/ 偽冒 Flipper Zero 的詐騙網站以免費裝置誘騙用戶安裝惡意軟體 https://www.twcert.org.tw/tw/cp-104-7298-b7292-1.html 勒索軟體Knight假借旅遊評論網站Tripadvisor投訴信件散布 https://www.ithome.com.tw/news/158281 https://twitter.com/felixw3000/status/1689541933062868992 https://www.bleepingcomputer.com/news/security/knight-ransomware-distributed-in-fake-tripadvisor-complaint-emails/ 駭客組織BlackCat打造新的勒索軟體Sphynx，整合Impacket、Remcom在網路上橫向感染 https://www.bleepingcomputer.com/news/microsoft/microsoft-blackcats-sphynx-ransomware-embeds-impacket-remcom/ New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools https://thehackernews.com/2023/08/new-blackcat-ransomware-variant-adopts.html Xurum: New Magento Campaign Discovered https://otx.alienvault.com/pulse/64d69f098146e2b80ae306a3 勒索軟體Monti針對法律及政府單位而來，採用新的加密工具對Linux主機下手 https://www.trendmicro.com/en_us/research/23/h/monti-ransomware-unleashes-a-new-encryptor-for-linux.html Monti Ransomware Unleashes a New Encryptor for Linux https://www.trendmicro.com/en_us/research/23/h/monti-ransomware-unleashes-a-new-encryptor-for-linux.html IOC's off of my personal devices Aug 14th - June 28th | Come one come all, something for everyone https://otx.alienvault.com/pulse/64da05cdba55fc9cf872cb11 Attackers Distribute Malware via Freeze.rs And SYK Crypter https://www.fortinet.com/blog/threat-research/malware-distributed-via-freezers-and-syk-crypter Raccoon Stealer Announce Return After Hiatus https://cyberint.com/blog/financial-services/raccoon-stealer/ Old exploit kits still kicking around in 2023 https://www.malwarebytes.com/blog/threat-intelligence/2023/08/old-exploit-kits-still-kicking-around-in-2023 DLL Hijacking in the Asian Gambling Sector https://www.sentinelone.com/labs/chinese-entanglement-dll-hijacking-in-the-asian-gambling-sector/ New SystemBC Malware Variant Targets Southern African Power Company https://thehackernews.com/2023/08/new-systembc-malware-variant-targets.html 木馬程式QwixxRAT透過Telegram接收攻擊者命令 https://www.uptycs.com/blog/remote-access-trojan-qwixx-telegram QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord https://thehackernews.com/2023/08/qwixxrat-new-remote-access-trojan.html DotRunpeX - demystifying new virtualized .NET injector used in the wild https://research.checkpoint.com/2023/dotrunpex-demystifying-new-virtualized-net-injector-used-in-the-wild/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode https://thehackernews.com/2023/08/new-apple-ios-16-exploit-enables.html iOS 16出現假飛航模式的攻擊手法，可讓攻擊者欺騙用戶並暗中遠端存取手機 https://www.jamf.com/blog/fake-airplane-mode-a-mobile-tampering-technique-to-maintain-connectivity/ 駭客透過測試版軟體名義吸引愛嚐鮮的用戶安裝，迴避App市集查核機制 https://www.bleepingcomputer.com/news/security/threat-actors-use-beta-apps-to-bypass-mobile-app-store-security/#google_vignette FBI 警告 Beta App 藏資安危機，8 大徵兆要注意 https://www.inside.com.tw/article/32523-malicious-app iPhone和Android用戶小心！駭客使用ChatGPT進行詐欺 https://www.technice.com.tw/cloudtech/infosecurity/64434/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 臺灣駭客年會HITCON Community 2023於8月18日正式登場，聚焦AI資安議題 https://hitcon.org/2023/CMT/ 臺灣CTF戰隊TWN 48獲DEF CON CTF全球第三 https://www.ithome.com.tw/news/158240 駭客於DEF CON進行衛星搶旗賽Hack-A-Sat https://hackasat.com/ 衛星抓漏 容許駭客攻擊 https://udn.com/news/story/6811/7366927 是誰網攻武漢地震監測中心 北京官媒栽給美國 https://www.cna.com.tw/news/acn/202308140090.aspx 臺灣五星級飯店的DNS未妥善設置DMARC與SPF比例偏高 https://cymetrics.io/zh-tw/latest/news/cymetrics-releases-2023-taiwan-top15-5-star-hotel-exposure-assessment-report 駭客盯上台灣！「每秒攻擊1.5萬次」大增8成 資安廠：手法更針對 https://reurl.cc/zYV2bk NoName網路恐怖組織攻擊策略　駭客卧底揭露 https://www.technice.com.tw/cloudtech/infosecurity/63814/ 駭客組織Lapsus$僅利用諸如SIM卡挾持等簡單的技倆，就入侵數十家知名企業 https://www.ithome.com.tw/news/158266 日本助印太國家發展網路安全擴大共享網攻情報 https://www.pourquoi.tw/intlnews-neasia-230811-230817-3/ 日本政府網站傳出遭到駭客組織匿名者攻擊，起因是抗議福島排放核電廠廢水造成汙染 https://www.theregister.com/2023/08/14/hactivitsts_claim_japanese_government_attack/ https://anonsecita.wordpress.com/2023/08/10/opfukushima-operazione-save-ocean-pacific/ 駭客集團聲稱針對福島廢水事件攻擊日本政府網站 https://hk.xfastest.com/178902/jp_net_atk/ 駭客組織APT35鎖定居住於德國的伊朗人士下手 https://www.verfassungsschutz.de/SharedDocs/kurzmeldungen/DE/2023/2023-08-10-cyber-brief-01-2023.html 中國駭客RedHotel針對包括臺灣在內的17個國家，進行為期3年的網路攻擊行動 https://www.recordedfuture.com/redhotel-a-prolific-chinese-state-sponsored-group-operating-at-a-global-scale 中國駭客APT31利用Dropbox及其他雲端檔案共享服務外洩資料 https://ics-cert.kaspersky.com/publications/reports/2023/08/10/common-ttps-of-attacks-against-industrial-organizations-implants-for-uploading-data/ 韓國國家情報院：朝鮮駭客今年上半年通過加密貨幣漏洞非法斂財1.8億美元 https://news.cnyes.com/news/id/5293848 金正恩笑了！北韓加密駭客今年得手1.8億美元，半數用來資助飛彈試射 https://www.blocktempo.com/north-korean-hackers-made-a-180-million-in-the-first-half-of-the-year/ 瑞星捕获BlindEagle组织针对哥伦比亚发起的APT攻击 https://www.aqniu.com/vendor/98909.html ESET發現外國駐白俄羅斯外交官遭駭客監控 https://reurl.cc/2LnxZE 美國賓州醫院和醫保系統遭網絡攻擊 https://www.epochtimes.com/b5/23/8/13/n14053256.htm 美國針對駭客組織Lapsus$的攻擊行動提出警告，企業組織應強化雙因素驗證措施 https://www.dhs.gov/news/2023/08/10/cyber-safety-review-board-releases-report-activities-global-extortion-focused 美國NIST發布網路安全框架2.0版草案 https://www.cybersecuritydive.com/news/nist-draft-overhaul-cybersecurity-framework/690381/ 美國CISA針對後門程式Whirlpool攻擊行動發出警告，駭客針對Barracuda郵件安全閘道而來 https://www.cisa.gov/news-events/analysis-reports/ar23-221a 美國政府祭出近2,000萬美元獎金，號召高手以AI尋找漏洞 https://www.ithome.com.tw/news/158234 支持「台獨」的美國議員稱中國駭客攻破了他的電子郵箱 https://reurl.cc/GA1zdp 美議員郵件遭中國駭客入侵 誓言確保台軍售交付 https://www.cna.com.tw/news/aopl/202308160010.aspx 美國馬州喬郡公校網路遭駭 4500用戶受影響 多數是教職員 https://www.worldjournal.com/wj/story/121277/7372933 若台海開戰 美網路官員警告：北京恐攻擊美國關鍵基礎設施 https://www.chinatimes.com/realtimenews/20230815001401-260409?chdtv Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested https://thehackernews.com/2023/08/lolek-bulletproof-hosting-servers.html Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks https://thehackernews.com/2023/08/charming-kitten-targets-iranian.html Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums https://thehackernews.com/2023/08/over-12000-computers-compromised-by.html North Korean Hackers Suspected in New Wave of Malicious npm Packages https://thehackernews.com/2023/08/north-korean-hackers-suspected-in-new.html Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn https://thehackernews.com/2023/08/cybercriminals-abusing-cloudflare-r2.html NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security https://thehackernews.com/2023/08/nofilter-attack-sneaky-privilege.html China-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike Beacons https://thehackernews.com/2023/08/china-linked-bronze-starlight-group.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 Google在臺推出暗網通報的個資追蹤功能 https://support.google.com/googleone/answer/13409560?hl=en 美國能源業者遭到鎖定，駭客透過QR Code發動網釣攻擊 https://cofense.com/blog/major-energy-company-targeted-in-large-qr-code-campaign/ 駭客濫用Cloudflare R2物件儲存服務代管釣魚網頁的攻擊行動顯著增加，半年內增61倍 https://www.ithome.com.tw/news/158320 即時通訊軟體Discord搭配的第三方服務網站資料外洩，76萬用戶資料在駭客論壇拍賣 https://stackdiary.com/the-data-of-760000-discord-io-users-was-put-up-for-sale-on-the-darknet/ 門諾醫院針對公益捐款網站資料外洩事件發布資安公告，表明已採取多項措施改善捐款網站安全 https://public.mch.org.tw/index.php?action=news_in&id=742 駭客組織MoustachedBouncer鎖定外交機關發動AiTM網釣攻擊 https://www.welivesecurity.com/en/eset-research/moustachedbouncer-espionage-against-foreign-diplomats-in-belarus/ IBM資料處理業務遭MOVEit Transfer漏洞攻擊，數百萬美國人健康資訊外流 https://therecord.media/missouri-medicaid-health-info-moveit-breach https://apps.web.maine.gov/online/aeviewer/ME/40/5b434968-ff60-47f4-ac52-fb7946cf3bc6.shtml https://dss.mo.gov/press/pdf/dss-third-party-cyber-attack-protection.pdf Phishing links piped to my personal devices http://hybrid-analysis.com/sample/4d8c2597fa65831b53c1cf32f418852f59f574c8811e9005121a5f6340b419de http://hybrid-analysis.com/sample/aa9862795c36c1eb69e665ffb00eb26e357f78e834fde753c823ff093199ed5d/64512d1b26a4544a2e012b74 EvilProxy 網路釣魚攻擊針對 120,000 名 Microsoft 365 用戶 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10621 India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First https://thehackernews.com/2023/08/india-passes-new-digital-personal-data.html What's the State of Credential theft in 2023 https://thehackernews.com/2023/08/whats-state-of-credential-theft-in-2023.html 使用Zimbra的企業組織遭鎖定，駭客企圖竊取用戶的電子郵件帳密資料 https://www.welivesecurity.com/en/eset-research/mass-spreading-campaign-targeting-zimbra-users/ New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft https://thehackernews.com/2023/08/new-wave-of-attack-campaign-targeting.html 無密碼時代正式來臨！全面解析 FIDO 應用，專家點出兩大場景台廠有著力機會 https://fc.bnext.com.tw/articles/view/3038? Google推出首款量子對抗的FIDO2金鑰 https://security.googleblog.com/2023/08/toward-quantum-resilient-security-keys.html Google Introduces First Quantum Resilient FIDO2 Security Key Implementation https://thehackernews.com/2023/08/google-introduces-first-quantum.html 俄羅斯駭客APT29利用即時通訊軟體Zulip來隱匿C2 https://blog.eclecticiq.com/german-embassy-lure-likely-part-of-campaign-against-nato-aligned-ministries-of-foreign-affairs Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks https://thehackernews.com/2023/08/russian-hackers-use-zulip-chat-app-for.html 南門書局29萬粉專被駭！改名「來深圳龍華砍我」網看傻：笑一個太大聲 https://www.setn.com/News.aspx?NewsID=1339513 陌生 rar zip 7Z 壓縮檔不要開 商家粉絲團信件退貨詐騙要小心 https://techsaydigi.com/2023/08/76869.html ShopBack百萬用戶個資外洩　星國重罰174萬台幣 https://news.tvbs.com.tw/world/2211797 趨勢科技與國際刑警組織合作 破獲網路釣魚集團 https://www.cna.com.tw/news/ait/202308170080.aspx 機場「1常見行為」千萬別跟風！專家示警帳戶恐被盜光　恐怖下場曝 https://www.setn.com/news.aspx?newsid=1337986 凝聚民主同盟共識 對抗認知作戰威脅 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1607728&type=forum 逾10萬個駭客論壇帳戶　惡意軟體竊取資料 https://www.technice.com.tw/cloudtech/infosecurity/63836/ 新疆公布打击侵犯公民个人信息违法犯罪8起典型案例 https://www.aqniu.com/vendor/98903.html 实时检测网络钓鱼攻击的5种方法 https://www.aqniu.com/vendor/98906.html Coremail AI实验室：利用高级语境和视觉智能进行钓鱼邮件检测 https://www.4hou.com/posts/RKnO E.研究報告/工具 研究人員揭露繞過Windows安全機制的攻擊手法NoFilter，進而在受害電腦提升權限 https://www.deepinstinct.com/blog/nofilter-abusing-windows-filtering-platform-for-privilege-escalation 研究人員揭露DNS中毒攻擊手法MaginotDNS，有可能破壞整個頂級網域名稱 https://www.bleepingcomputer.com/news/security/maginotdns-attacks-exploit-weak-checks-for-dns-cache-poisoning/ 只需 100 美元硬體，黑帽駭客大會揭示特斯拉 AMD 晶片漏洞 可解鎖付費功能 https://netmag.tw/2023/08/16/researchers-succeed-jb-tesla-onboard-computer-can-execute-arbitrary-programs-steal-data 網頁機器人解析圖靈驗證機制CAPTCHA能力優於人類，難以達到遏阻機器人的目的 https://www.ithome.com.tw/news/158233 小隊長將帳密資料張貼於公務電腦惹禍！三重分局員警盜用查詢逾20位名人個資 https://news.ltn.com.tw/news/society/breakingnews/4394895 大量 LinkedIn 帳號遭駭侵者發動大規模竊取攻擊 https://www.twcert.org.tw/tw/cp-104-7318-42f23-1.html 網路安全研究人員成爲駭客犯罪分子的目標 https://big5.ftchinese.com/interactive/119259?exclusive How to Scale Cybersecurity for Your Business https://www.cisecurity.org/insights/blog/how-to-scale-cybersecurity-for-your-business New Python URL Parsing Flaw Could Enable Command Execution Attacks https://thehackernews.com/2023/08/new-python-url-parsing-flaw-enables.html Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus https://thehackernews.com/2023/08/researchers-uncover-decade-long-cyber.html Researchers Shed Light on APT31's Advanced Backdoors and Data Exfiltration Tactics https://thehackernews.com/2023/08/researchers-shed-light-on-apt31s.html Identity Threat Detection and Response: Rips in Your Identity Fabric https://thehackernews.com/2023/08/identity-threat-detection-and-response.html Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ CyberPower資料中心基礎設施管理平臺存在漏洞 https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk https://thehackernews.com/2023/08/multiple-flaws-in-cyberpower-and.html Guide: How Google Workspace-based Organizations can leverage Chrome to improve Security https://thehackernews.com/2023/08/guide-how-google-workspace-based.html Why You Need Continuous Network Monitoring https://thehackernews.com/2023/08/why-you-need-continuous-network.html Creating Windows Access Tokens With God Privilege https://paper.seebug.org/3009/ 银狐木马技术分析 https://cert.360.cn/warning/detail?id=64dca0de22adc884abcd7e0d ADAudit Plus利用分析——数据加密分析 https://www.4hou.com/posts/MKQB F.商業 Palo Alto Networks 推出 CI/CD Security將安全性擴展到軟體交付流程 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10623 Zoom：期待為台灣資安發展扮演建設性角色 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10618 資安業者Check Point以4.9億美元買下零信任新創Perimeter 81 https://www.checkpoint.com/press-releases/check-point-to-acquire-perimeter-81-to-deliver-the-fastest-and-most-secure-sase-solution-in-the-industry/ G.政府 法務部調查局分別與新北市立聯合醫院、亞東證券簽署資安聯防合作備忘錄 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10617 TWCERT/CC首度舉辦企業資安演練，數位發展部領軍，邀來10家企業組隊參與 https://www.ithome.com.tw/news/158242 數位部導入國際FIDO標準 唐鳳：沒密碼就不怕被騙走 https://www.cna.com.tw/news/afe/202308150270.aspx H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 警告：Zyxel 路由器五年前的漏洞仍在被利用 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10627 特斯拉車載系統被研究人找出越獄的方式 https://www.ithome.com.tw/news/158301 美國發布針對電動汽車充電站的網絡安全準則草案 https://reurl.cc/y7q5mD 福特證實車載資訊系統Sync3存在Wi-Fi元件漏洞 https://www.ithome.com.tw/news/158288 https://media.ford.com/content/fordmedia/fna/us/en/news/2023/08/10/ford_provides-customer-guidance-in-response-to-supplier-disclosu.html https://www.ti.com/lit/er/swra773/swra773.pdf Codesys V3軟體開發套件存在高風險漏洞，可能導致全球PLC控制設備遭到RCE或DoS攻擊 https://www.microsoft.com/en-us/security/blog/2023/08/10/multiple-high-severity-vulnerabilities-in-codesys-v3-sdk-could-lead-to-rce-or-dos/ TP-Link Archer AX21 - Unauthenticated Command Injection https://www.exploit-db.com/exploits/51677 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 GO!!JIRA 社團實體日 2023/08/19 https://www.meetup.com/taipei-atlassian-community-events/events/294803808/ WordPress - 桃園午茶小聚 #27 2023/08/19 https://www.meetup.com/taoyuan-wordpress-meetup/events/294930398/ 行政人員個資行政檢查研習 2023/8/21 https://stli.iii.org.tw/news-event.aspx?d=1232&no=16 騰雲資安暑期營 2023/8/21 https://tengyun-security.kktix.cc/events/409411b1 大數據分析進階班 (台中) 2023/8/21 ~ 2023/8/22 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=612 AIoT應用實作研習班 (台中) 2023/8/23 ~ 2023/8/24 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=604 5G+AIOT機器人智慧生活應用科學營 2023/8/23 ~ 2023/8/25 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=625 產業資安經驗傳承及國際資安需求講座課程 2023/8/23 https://www.tca.org.tw/exhibit_info1.php?n=2003 全面備戰資安韌性 雲端資安全攻略 2023/8/24 https://www.accupass.com/event/2307190344132041357276 NISRA Enlightened 2023 2023/8/28 ~ 2023/8/31 https://nisra.kktix.cc/events/2023enlightened 【資安課程】數位鑑識工具與實務課程｜ACW SOUTH數位產業署沙崙資安服務基地 2023/8/31 https://ievents.iii.org.tw/EventS.aspx?t=0&id=2170 臺美TTIC智慧製造資安韌性座談會 2023/8/31 https://seminar.tier.org.tw/SignupForm.aspx?GUID=CAE0920D-FA97-4B85-9989-0EFF310143A8 2023中部製造業資安論壇 2023/9/1 https://www.informationsecurity.com.tw/seminar/2023_TCM/register.aspx PyCon TW 2023 2023/9/2 ~ 2023/9/3 https://tw.pycon.org/2023/zh-hant/registration/tickets IR系列課程：惡意程式獵捕與網路封包探索｜ACW SOUTH數位產業署沙崙資安服務基地 2023/9/6 https://ievents.iii.org.tw/EventS.aspx?t=0&id=2191 Web應用滲透測試 2023/9/7 ~ 2023/9/8 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 KNIME Data Connect: Taiwan (Onsite/Hybrid) 2023/9/14 https://www.meetup.com/knime-users-taiwan/events/295003668/ Secure Our Streets 2023 2023/9/14 https://www.meetup.com/automotive-security-research-group-taipei/events/292175225/ [GDG] Artificial Intelligence Information Security Day 2023/9/16 https://gdg-taipei.kktix.cc/events/artificial-intelligence-information-security-day Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary 國家高速網路與計算中心 平行計算程式設計基礎課程 2023/10/17 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4033&from_course_list_url=homepage OCF 培訓活動: 如何建立安全的網路架構 II 2023/10/21 https://ocftw.kktix.cc/events/ocftot2023 (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512