###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/1/30 ~ 2023/2/3 1.重大弱點漏洞/後門/Exploit/Zero Day New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack https://thehackernews.com/2023/02/cisa-alert-oracle-e-business-suite-and.html 中國駭客利用Fortinet於12月修補的SSL VPN漏洞部署後門程式 https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw Fortinet說明VPN漏洞被濫用攻擊政府單位 https://www.ithome.com.tw/news/155174 威聯通NAS因近期漏洞而曝險的臺灣設備數量近2千臺 https://censys.io/cve-2022-27596/ 威聯通修補NAS作業系統SQL注入漏洞 https://www.bleepingcomputer.com/news/security/qnap-fixes-critical-bug-letting-hackers-inject-malicious-code/ QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates https://thehackernews.com/2023/01/qnap-fixes-critical-vulnerability-in.html 部分思科IOS XE設備存在命令注入漏洞，攻擊者可以root權限執行任意命令 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL Realtek的SDK重大漏洞被用於攻擊行動，D-Link、LG、Zyxel等廠牌設備恐曝險 https://unit42.paloaltonetworks.com/realtek-sdk-vulnerability/ Realtek 漏洞遭利用! 超過 1.34 億次嘗試攻擊，鎖定物聯網設備 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10306 Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html Exchange Server 2013支援期還剩不到90天 https://www.ithome.com.tw/news/155144 微軟警告駭客仍在頻繁攻擊Exchange，用戶應儘速套用修補程式 https://www.ithome.com.tw/news/155285 漏洞一直來!微軟敦促客戶保護本地端Exchange伺服器 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10303 Microsoft Urges Customers to Secure On-Premises Exchange Servers https://thehackernews.com/2023/01/microsoft-urges-customers-to-secure-on.html Microsoft 推出 2023 年 1 月資安更新包 Patch Tuesday，共修復 98 個漏洞，其中有 1 個 0-day 漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10299 VMware事件記錄分析系統漏洞可被串連，取得root權限遠端執行任意程式碼 https://www.horizon3.ai/vmware-vrealize-cve-2022-31706-iocs/ VMware 發布 VMware vRealize Log Insight 安全性更新 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/25/vmware-releases-security-updates-vmware-vrealize-log-insight Cisco 近日發布更新以緩解Unified CM、Unified CM SME的安全性弱點 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/20/cisco-releases-security-advisory-unified-cm-and-unified-cm-sme DNS系統BIND 9存在漏洞，恐導致阻斷服務攻擊 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/27/isc-releases-security-advisories-multiple-versions-bind-9 ISC Releases Security Patches for New BIND DNS Software Vulnerabilities https://thehackernews.com/2023/01/isc-releases-security-patches-for-new.html New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices https://thehackernews.com/2023/02/new-sh1mmer-exploit-for-chromebook.html Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility https://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability https://thehackernews.com/2023/02/atlassians-jira-software-found.html 電信網路程式庫Open5GS GTP出現可被用於阻斷服務攻擊的漏洞 https://www.synopsys.com/blogs/software-security/cyrc-advisory-open5gs-gtp-library/ 密碼管理器KeePass出現漏洞，攻擊者能以明文匯出用戶帳密資料 https://www.bleepingcomputer.com/news/security/keepass-disputes-vulnerability-allowing-stealthy-password-theft/ WordPress線上課程外掛程式LearnPress存在重大漏洞，7.5萬個網站曝險 https://patchstack.com/articles/multiple-critical-vulnerabilities-fixed-in-learnpress-plugin-version/ Lexmark揭露伺服器端請求偽造漏洞，波及逾百種型號的印表機 https://www.bleepingcomputer.com/news/security/lexmark-warns-of-rce-bug-affecting-100-printer-models-poc-released/ Git修補重大RCE漏洞 https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 有海外期報價系統1/31起爆異常「遭駭」？期貨商已啟用備援或多個獨立平台仍可正常交易 https://www.ctwant.com/article/236024 勤業眾信預測：打造「Super APP」，將成 2023 年銀行業重點優先項目 https://buzzorange.com/techorange/2023/02/03/fintech-and-super-app/ 新壽率先啟動FIDO身分驗證 指紋或臉部辨識取代輸入密碼 https://udn.com/news/story/7239/6947873 證券公會2023年7大業務重點 首要權證避險降稅修法 https://reurl.cc/KXZznn 資安連線 場景融合 構築永續金融藍圖 https://www.digitimes.com.tw/seminar/DWebinar_20230215/?cf=AJ2 3.信用卡/電子支付/行動支付/pay/支付系統/資安 信用卡刷卡要小心！有惡意軟體在插卡與NFC刷卡之間動手腳，意圖竊取卡片資料 https://securelist.com/prilex-modification-now-targeting-contactless-credit-card-transactions/108569/ 永豐銀行信用卡傳出過年期間遭到盜刷，34名持卡人被刷110萬元 https://www.cna.com.tw/news/afe/202301310285.aspx 電子支付平臺PayPal證實遭到帳號填充攻擊，波及3.5萬用戶 https://apps.web.maine.gov/online/aeviewer/ME/40/766753f1-f9c7-4dc5-9a5c-fe0f3ff51c06.shtml 聯卡中心揭就醫支付洞察，去年刷卡簽帳533萬筆創5年新高 https://www.ithome.com.tw/news/155356 「電子支付」發紅包衝7成！央行曝國人轉帳習慣 https://reurl.cc/EXkNMk 電子支付帳戶 也可繳稅 https://reurl.cc/MXrm5v 電支跨機構共用平臺「購物」功能第二季上線，業者共享通路掃碼免換App還能共享當次交易資料 https://www.ithome.com.tw/news/155303 台灣電支發展不夠快！ 陳懿文揭小商家「不給嗶」2痛點 https://reurl.cc/OEda3v 以微服務打造電子支付新黑馬，全支付靠技術力服務百萬會員 https://www.ithome.com.tw/people/155004 電子支付應用擴大，虹堡、連宇營運爆發成長，兔年再戰新高 https://reurl.cc/nZkbdl 金管會：持續督導電子支付機構 協助民眾防制詐騙 https://reurl.cc/aaQbm7 跨足電支金融圈 電子支付可投資0050了 https://ctee.com.tw/news/fund/797150.html 香港WeChat Pay HK：港人新春期間於澳門消費交易金額按年增10倍 https://reurl.cc/Z1Dd33 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 借貸協議 Bonq 遭駭！洗出巨量 $BEUR 掏空 1.2 億美元，$ALBT 暴跌 80% https://www.blocktempo.com/bonq-protocol-hackerattack-albt/ 駭客竊取500萬美元AllianceBlock代幣後，代幣價格暴跌51% https://news.cnyes.com/news/id/5074149 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 惡意PyPI套件被用於竊取開發者電腦資料 https://blog.checkpoint.com/2023/02/01/the-rise-of-the-code-package-threat/ 惡意廣告攻擊也有新手法！駭客利用程式載入器迴避偵測 https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/ 英國自動化軟體業者ION Group傳出遭勒索軟體LockBit攻擊 https://www.bleepingcomputer.com/news/security/ransomware-attack-on-ion-group-impacts-derivatives-trading-market/ Go語言開發的竊密軟體Titan竊取瀏覽器與加密貨幣錢包資訊 https://www.uptycs.com/blog/titan-stealer-telegram-malware-campaign 駭客組織InTheBox在暗網兜售逾1,800種安卓銀行木馬相關工具 https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/ 駭客利用竊密軟體Vector Stealer挾持遠端桌面連線的相關組態檔案 https://blog.cyble.com/2023/02/01/vector-stealer-a-gateway-for-rdp-hijacking/ 勒索軟體Nevada同時鎖定Windows與VMware虛擬化平臺而來，祭出高額贖金拆帳利誘打手加入 https://resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot 惡意軟體HeadCrab鎖定Redis而來，利用1,200臺伺服器挖礦 https://blog.aquasec.com/headcrab-attacks-servers-worldwide-with-novel-state-of-art-redis-malware 歐美醫療院所面臨DDoS攻擊，原因是有人租賃Passion殭屍網路向這些單位行凶 https://www.radware.com/security/ddos-threats-attacks/passion-russian-botnet/ 印度炸藥商Solar Industries India遭駭，勒索軟體BlackCat聲稱竊得2 TB機密 https://securityaffairs.com/141409/data-breach/blackcat-ransomware-solar-industries-india.html 勒索軟體LockBit改用Conti的加密模組發動攻擊 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-goes-green-uses-new-conti-based-encryptor/ 歐洲大型汽車經銷商Arnold Clark傳出遭勒索軟體Play攻擊 https://www.bleepingcomputer.com/news/security/arnold-clark-customer-data-stolen-in-attack-claimed-by-play-ransomware/ 安卓金融木馬Godfather在更多歐洲國家橫行 https://blog.eclecticiq.com/the-godfather-banking-trojan-expands-application-targeting-to-affect-more-europe-based-victims 惡意軟體QBot濫用OneNote筆記檔案散布 https://blog.cyble.com/2023/02/01/qakbots-evolution-continues-with-new-strategies/ 安卓木馬Gigabud RAT假冒政府機關發動攻擊 https://blog.cyble.com/2023/01/19/gigabud-rat-new-android-rat-masquerading-as-government-agencies/ 駭客組織DragonSpark透過Go語言打造的惡意軟體規避偵測 https://www.sentinelone.com/labs/dragonspark-attacks-evade-detection-with-sparkrat-and-golang-source-code-interpretation/ 惡意軟體Gootloader採用更隱密的混淆手法規避偵測 https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations 勒索軟體Mimic在加密檔案的過程濫用搜尋工具Everything元件 https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html 研究人員找出惡意軟體Golden Chickens背後的駭客 https://www.esentire.com/web-native-pages/unmasking-venom-spider 資料破壞軟體SwiftSlicer被用於破壞AD網域 https://www.bleepingcomputer.com/news/security/hackers-use-new-swiftslicer-wiper-to-destroy-windows-domains/ 烏克蘭新聞媒體Ukrinform遭到5種資料破壞軟體攻擊 https://cert.gov.ua/article/3718487 以Python打造的RAT木馬程式鎖定Windows電腦而來 https://www.securonix.com/blog/security-advisory-python-based-pyration-attack-campaign/ 美、德、荷聯手，摧毀勒索軟體Hive基礎設施 https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant 中國駭客透過USB儲存裝置挾帶惡意軟體PlugX https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ 船隻管理系統ShipManager遭勒索軟體攻擊，恐波及上千艘船運作 https://www.bankinfosecurity.com/ransomware-attack-affects-1000-vessels-worldwide-a-20939 中東與北非遭到駭客組織Earth Bogle鎖定，散布木馬程式NjRAT https://www.trendmicro.com/en_us/research/23/a/earth-bogle-campaigns-target-middle-east-with-geopolitical-lures.html Avast宣布已打造出「變臉」勒索軟體解密工具 https://www.ithome.com.tw/news/155191 惡意軟體Batloader利用混淆的JavaScript指令碼發動攻擊 https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html CryptBot Infostealer: Malware Analysis https://any.run/cybersecurity-blog/cryptbot-infostealer-malware-analysis/ DoNot Go! Do not respawn https://www.welivesecurity.com/2022/01/18/donot-go-do-not-respawn/ Chinese PlugX Malware Hidden in Your USB Devices https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ New Mimic Ransomware Abuses Everything APIs for its Encryption Process https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations GuLoader: The NSIS Vantage Point https://www.trellix.com/en-us/about/newsroom/stories/research/guloader-the-nsis-vantage-point.html ‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/?utm_content=236429939&utm_medium=social&utm_source=twitter&hss_channel=tw-1141929006603866117 Malicious LNK File Disguised as a Normal HWP Document https://asec.ahnlab.com/en/46865/ OneNote Documents Increasingly Used to Deliver Malware https://www.proofpoint.com/us/blog/threat-insight/onenote-documents-increasingly-used-to-deliver-malware .NET Virtualization Thrives in Malvertising Attacks https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/ Operation Ice Breaker Targets The Gam(bl)ing Industry Right Before It's Biggest Gathering https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering Google sponsored ads malvertising targets password manager https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf New data wipers deployed against Ukraine https://cert.gov.ua/article/3718487 NCSC_MAR_C_00025_COLDSTEEL https://otx.alienvault.com/pulse/63da702509042269012119aa Analyzing and remediating a malware infested T95 TV box from Amazon https://www.malwarebytes.com/blog/news/2023/01/preinstalled-malware-infested-t95-tv-box-from-amazon Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices https://thehackernews.com/2023/01/researchers-discover-new-plugx-malware.html 3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox https://thehackernews.com/2023/01/3-lifehacks-while-analyzing-orcus-rat.html Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort https://thehackernews.com/2023/01/hive-ransomware-infrastructure-seized.html Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack https://thehackernews.com/2023/01/ukraine-hit-with-new-golang-based.html Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service https://thehackernews.com/2023/01/experts-uncover-identity-of-mastermind.html Titan Stealer: A New Golang-Based Information Stealer Malware Emerges https://thehackernews.com/2023/01/titan-stealer-new-golang-based.html Gootkit Malware Continues to Evolve with New Components and Obfuscations https://thehackernews.com/2023/01/gootkit-malware-continues-to-evolve.html New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector https://thehackernews.com/2023/01/new-report-reveals-nikowiper-malware.html Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards https://thehackernews.com/2023/02/prilex-pos-malware-evolves-to-block.html New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities https://thehackernews.com/2023/02/new-russian-backed-gamaredons-spyware.html New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers https://thehackernews.com/2023/02/new-threat-stealthy-headcrab-malware.html New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities https://thehackernews.com/2023/02/new-russian-backed-gamaredons-spyware.html Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years https://thehackernews.com/2023/01/researchers-uncover-packer-that-helped.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Mobile apps for Developers https://medium.com/@itsrakesh/top-mobile-apps-for-developers-boost-your-productivity-7ec8a18985dd 研究人員揭露能繞過臉書雙因素驗證的漏洞 https://medium.com/pentesternepal/two-factor-authentication-bypass-on-facebook-3f4ac3ea139c 蘋果發布iOS/iPadOS 16.3、macOS Ventura 13.2，修補WebKit可被用於執行任意程式碼的漏洞 https://www.securityweek.com/apple-patches-webkit-code-execution-flaws/ TikTok提美國資安保護計畫　眾院中國問題委員會主席：沒說服力 https://www.taisounds.com/Global/Top-News/All/uid5616974768 FB、IG出現資安漏洞！駭客可用電話號碼關閉雙重驗證 https://www.technice.com.tw/techmanage/internet/35407/ 廣告演員在臨演LINE群組罵人「垃圾」 判拘10日 https://udn.com/news/story/7321/6942522 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 資安事件頻傳…他問人才怎都去半導體？眾人曝原因：災難不會天天發生 https://udn.com/news/story/7269/6942320 韓媒：遭中國駭客攻擊12學術機構官網恢復 228再攻「威脅不大」 https://reurl.cc/aaQb7Y 南韓多家學術機構遭中國駭客攻擊 搶修後網頁恢復正常 https://news.ltn.com.tw/news/world/breakingnews/4198061 美國國防部啟動五角大廈漏洞懸賞計畫3.0，聚焦設施管理系統 https://www.securityweek.com/hack-pentagon-30-bug-bounty-program-focus-facility-control-systems 駭客在暗網張貼徵才廣告，祭出2萬美元月薪尋求打手 https://securelist.com/darknet-it-headhunting/108526/ 德國機場網站傳出成為俄羅斯駭客Killnet的攻擊目標 https://www.securityweek.com/cyberattacks-target-websites-of-german-airports-admin/ 中國駭客組織Dragonbridge一年散布逾5萬則垃圾資訊，內容涉及裴洛西訪臺 https://blog.google/threat-analysis-group/over-50000-instances-of-dragonbridge-activity-disrupted-in-2022/ APT34鎖定中東地區發動攻擊 https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html 烏克蘭IT軍隊聲稱破壞了俄羅斯天然氣公司Gazprom的基礎設施 https://securityaffairs.com/141640/hacktivism/it-army-of-ukraine-hacked-gazprom.html 烏克蘭政府遭到俄羅斯駭客組織Gamaredon的間諜軟體攻擊 https://scpc.gov.ua/article/229 俄羅斯駭客竄改微軟的公用程式，製作資料破壞軟體NikoWiper攻擊烏克蘭能源基礎設施 https://www.welivesecurity.com/2023/01/31/eset-apt-activity-report-t3-2022/ British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries https://thehackernews.com/2023/01/british-cyber-agency-warns-of-russian.html Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation https://thehackernews.com/2023/01/google-takes-down-50000-instances-of.html 北韓駭客Lazarus發動網路間諜行動，利用Zimbra漏洞潛入受害組織竊密 https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign https://thehackernews.com/2023/02/north-korean-hackers-exploit-unpatched.html 惡意軟體IceBreaker鎖定電玩、賭博業者而來 https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry https://thehackernews.com/2023/02/experts-warn-of-ice-breaker.html Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html 資安工程師 (SOC L3大數據資料分析師) https://www.104.com.tw/job/7mlzl?jobsource=m104 資安工程師 https://www.104.com.tw/job/6tnpu?jobsource=m104 【營運企劃】資安管理專業人員 https://www.yourator.co/companies/cathaybk/jobs/28277 國立臺灣大學電資學院電機工程學系資安專長師資徵聘 https://www.ee.ntu.edu.tw/doc/Recruiting%20Announcement%20in%20Information%20Security_V1_cht.pdf 國立成功大學教育部關鍵基礎設施資安人才及技術培育基地計畫約聘助理教授 https://cc.ncku.edu.tw/p/406-1213-248951,r391.php?Lang=zh-tw D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 有關iRent資料外洩事故，公路總局公布初步檢查結果 https://www.thb.gov.tw/News_Content_table.aspx?n=87&sms=13235&s=208674 個資危機又一樁! 超過10萬名iRent客戶資料可能早已外洩 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10310 和泰旗下共享汽機車服務iRent傳出資料外洩事故，曝險達9個月 https://techcrunch.com/2023/01/30/hotai-motor-exposed-irent-customer-data iRent驚傳個資外洩！要如何補救？　數位部這樣說 https://tw.nextapple.com/finance/20230201/598D5170587115A6393D369FEAFAD904 「怎麼都知道」的和運，讓全世界都知道用戶個資｜司法動態 https://plainlaw.me/posts/Hotai-exposed 微軟封鎖被用於OAuth網釣攻擊的合作夥伴帳號 https://msrc-blog.microsoft.com/2023/01/31/threat-actor-consent-phishing-campaign-abusing-the-verified-publisher-process/ 駭客濫用微軟認證的藍勾勾帳號，發動OAuth同意網路釣魚攻擊 https://www.bleepingcomputer.com/news/security/microsoft-disables-verified-partner-accounts-used-for-oauth-phishing/ Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html GitHub註銷遭竊的程式碼簽章 https://github.blog/2023-01-30-action-needed-for-github-desktop-and-atom-users/ GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html 上萬使用者遭到假冒DocuSign的網釣攻擊 https://www.armorblox.com/blog/breaking-the-impersonation-armorblox-stops-docusign-attack/ Google電信服務傳出資料外洩，導致駭客能進行SIM卡挾持攻擊 https://www.bleepingcomputer.com/news/security/google-fi-data-breach-let-hackers-carry-out-sim-swap-attacks/ 美國電信業者Charter Communications傳出資料外洩，疑似外部供應商遭駭所致 https://therecord.media/telecom-giant-charter-communications-says-third-party-vendor-had-security-breach/ 保時捷暫停發布NFT被盯上，駭客架設釣魚網站行騙 https://www.bleepingcomputer.com/news/security/porsche-halts-nft-launch-phishing-sites-fill-the-void/ 運動服飾業者JD Sports被駭，千萬客戶個資外流 https://www.londonstockexchange.com/news-article/JD./cyber-security-incident-regarding-historic-orders/15815662 俄羅斯科技業者Yandex原始碼流入駭客論壇，疑前員工所為 https://www.bleepingcomputer.com/news/security/yandex-denies-hack-blames-source-code-leak-on-former-employee/ 美國禁飛名單流入駭客論壇，當局著手調查 https://www.bleepingcomputer.com/news/security/us-no-fly-list-shared-on-a-hacking-forum-government-investigating/ Zendesk用戶個資外洩，起因是員工遭駭 https://www.ithome.com.tw/news/155283 北韓駭客TA444利用行銷策略進行網釣攻擊，5年竊得逾10億美元加密貨幣 https://www.ithome.com.tw/news/155272 密碼管理服務Bitwarden用戶遭鎖定，駭客濫用Google廣告進行網釣攻擊 https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/ 密碼管理解決方案業者LastPass母公司公布調查結果，證實旗下多個解決方案的用戶資料遭竊 https://www.goto.com/blog/our-response-to-a-recent-security-incident 電玩遊戲英雄聯盟開發商證實資料外洩，遊戲原始碼遭竊 https://www.ithome.com.tw/news/155265 印度人力銀行Rocket資料庫配置不當，曝露近千萬求職者與員工的資料 https://cybernews.com/security/hr-platform-data-leak/ 研究發現大型語言模型促進輿論操縱，假消息將更多更具說服力 https://www.ithome.com.tw/news/155179 大數據時代來臨，個資外洩機率增加！資安議題箭在弦上；資安概念股一次看 https://reurl.cc/06LbQM 高雄議員通訊軟體被盜用！　好友遭詐騙10萬元 https://www.mnews.tw/story/20230202sot12003 E.研究報告/工具 建構主動式防禦的6個關鍵技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10300 突破Office封鎖惡意VBA巨集執行的管制，駭客改由Visual Studio附加工具下手，透過映像檔夾帶檔案進攻 https://www.deepinstinct.com/blog/no-macro-no-worries-vsto-being-weaponized-by-threat-actors 研究人員針對CryptoAPI程式庫的欺騙漏洞公布細節，並提供概念性驗證攻擊程式 https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi 基於深度學習與資安威脅知識本體庫的情資威脅報告分析與分類 https://reurl.cc/aaQbDl Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group https://thehackernews.com/2023/01/researchers-uncover-connection-bw-moses.html Is Once-Yearly Pen Testing Enough for Your Organization https://thehackernews.com/2023/01/is-once-yearly-pen-testing-enough-for.html Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge https://thehackernews.com/2023/01/eliminating-saas-shadow-it-is-now.html You Don't Know Where Your Secrets Are https://thehackernews.com/2023/01/you-dont-know-where-your-secrets-are.html Auditing Kubernetes with Open Source SIEM and XDR https://thehackernews.com/2023/02/auditing-kubernetes-with-open-source.html Cybersecurity Budgets Are Going Up. So Why Aren't Breaches Going Down https://thehackernews.com/2023/02/cybersecurity-budgets-are-going-up-so.html The Pivot: How MSPs can Turn a Challenge Into a Once-in-a-Decade Opportunity https://thehackernews.com/2023/02/the-pivot-how-msps-can-turn-challenge.html DOM-Based XSS for fun and profit $$$! | Bug Bounty POC https://medium.com/@haroonhameed_76621/dom-based-xss-for-fun-and-profit-bug-bounty-poc-f4b9554e95d Google’s Sparrow Will Kill ChatGPT — It is Microsoft Teams vs. Slack All Over Again. https://entreprenal.com/googles-sparrow-will-kill-chatgpt-it-is-microsoft-teams-vs-slack-all-over-again-da8c5a69c58f How I used ChatGPT and Excel to save thousands of hours of work https://medium.com/@nielsbosma/how-i-used-chatgpt-and-excel-to-save-thousands-of-hours-of-work-a91f915242ef F.商業 響應 2023 年國際資料隱私日，Seagate 提六大資安趨勢 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10301 Zoom 雲端資料中心在台落地並通過行動應用程式資安檢測 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10304 AWS 2022 re:Invent彰顯四大雲端趨勢，針對資安快速行動 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10305 G.政府 iRent用戶個資傳外洩風險 數位部協助處理 https://reurl.cc/NG38Eq 和泰iRent個資外洩 綠委批金管會輕放 https://reurl.cc/qZybbg iRent資料外洩 金管會：後續處置無顯著疏失 https://money.udn.com/money/story/5613/6945365?from=edn_subcatelist_cate 蔡總統接見資安獎得主 強調資安就是國安 https://reurl.cc/oZlbAQ 力推「資安即國安2.0」 蔡英文：培養人才、提供產業更多支持 https://news.ltn.com.tw/news/politics/breakingnews/4200021 數位部新年度三大任務 資安掛帥 https://www.chinatimes.com/newspapers/20230203000193-260202?chdtv 資安堵漏 無人機驗證3月上路 https://www.chinatimes.com/newspapers/20230203000191-260202?chdtv 個資專責機構一年內成立 但權責恐淪紙老虎 https://reurl.cc/WqjYoe 蔡總統：持續加強社會各領域資安韌性(圖) https://today.line.me/tw/v2/article/oqkyOG6 3次大當機、金流納管跳票、6次漲價無人管 經民連：新內閣應拿出魄力治蝦皮 https://reurl.cc/jRx4EM H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html 研究人員針對不安全的軍事ICS基礎設施提出警告 https://blog.cyble.com/2023/01/27/insecure-military-ics-infrastructure-poses-a-risk-to-national-security/ 電動車充電站通訊協定存在弱點，攻擊者可得知車主資訊或是偷取電力 https://www.saiflow.com/hijacking-chargers-identifier-to-cause-dos/ 研究人員再度揭露AMI MegaRAC的BMC軟體漏洞 https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html Zyxel修補5G路由器、光纖網路終端設備的重大漏洞 https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders NIST正式發布AI風險管理框架 https://www.nist.gov/news-events/news/2023/01/nist-risk-management-framework-aims-improve-trustworthiness-artificial TP-Link、Netcomm路由器存在重大漏洞，恐被用於RCE攻擊 https://thehackernews.com/2023/01/critical-security-vulnerabilities.html 駭客組織GhostSec聲稱對於工控系統進行勒索軟體攻擊，理由是抗議俄羅斯發動戰爭 https://www.securityweek.com/cybersecurity-experts-cast-doubt-hackers-ics-ransomware-claims 美國針對Sewio、InHand Networks、西門子等廠牌的工控系統重大漏洞提出警告 https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html 許多人不自知「全都露」駭客入侵智慧家電看光光 https://www.worldjournal.com/wj/story/121473/6944040 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes 1.重大弱點漏洞/後門/Exploit/Zero Day New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack https://thehackernews.com/2023/02/cisa-alert-oracle-e-business-suite-and.html 中國駭客利用Fortinet於12月修補的SSL VPN漏洞部署後門程式 https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw Fortinet說明VPN漏洞被濫用攻擊政府單位 https://www.ithome.com.tw/news/155174 威聯通NAS因近期漏洞而曝險的臺灣設備數量近2千臺 https://censys.io/cve-2022-27596/ 威聯通修補NAS作業系統SQL注入漏洞 https://www.bleepingcomputer.com/news/security/qnap-fixes-critical-bug-letting-hackers-inject-malicious-code/ QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates https://thehackernews.com/2023/01/qnap-fixes-critical-vulnerability-in.html 部分思科IOS XE設備存在命令注入漏洞，攻擊者可以root權限執行任意命令 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL Realtek的SDK重大漏洞被用於攻擊行動，D-Link、LG、Zyxel等廠牌設備恐曝險 https://unit42.paloaltonetworks.com/realtek-sdk-vulnerability/ Realtek 漏洞遭利用! 超過 1.34 億次嘗試攻擊，鎖定物聯網設備 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10306 Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html Exchange Server 2013支援期還剩不到90天 https://www.ithome.com.tw/news/155144 微軟警告駭客仍在頻繁攻擊Exchange，用戶應儘速套用修補程式 https://www.ithome.com.tw/news/155285 漏洞一直來!微軟敦促客戶保護本地端Exchange伺服器 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10303 Microsoft Urges Customers to Secure On-Premises Exchange Servers https://thehackernews.com/2023/01/microsoft-urges-customers-to-secure-on.html Microsoft 推出 2023 年 1 月資安更新包 Patch Tuesday，共修復 98 個漏洞，其中有 1 個 0-day 漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10299 VMware事件記錄分析系統漏洞可被串連，取得root權限遠端執行任意程式碼 https://www.horizon3.ai/vmware-vrealize-cve-2022-31706-iocs/ VMware 發布 VMware vRealize Log Insight 安全性更新 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/25/vmware-releases-security-updates-vmware-vrealize-log-insight Cisco 近日發布更新以緩解Unified CM、Unified CM SME的安全性弱點 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/20/cisco-releases-security-advisory-unified-cm-and-unified-cm-sme DNS系統BIND 9存在漏洞，恐導致阻斷服務攻擊 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/27/isc-releases-security-advisories-multiple-versions-bind-9 ISC Releases Security Patches for New BIND DNS Software Vulnerabilities https://thehackernews.com/2023/01/isc-releases-security-patches-for-new.html New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices https://thehackernews.com/2023/02/new-sh1mmer-exploit-for-chromebook.html Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility https://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability https://thehackernews.com/2023/02/atlassians-jira-software-found.html 電信網路程式庫Open5GS GTP出現可被用於阻斷服務攻擊的漏洞 https://www.synopsys.com/blogs/software-security/cyrc-advisory-open5gs-gtp-library/ 密碼管理器KeePass出現漏洞，攻擊者能以明文匯出用戶帳密資料 https://www.bleepingcomputer.com/news/security/keepass-disputes-vulnerability-allowing-stealthy-password-theft/ WordPress線上課程外掛程式LearnPress存在重大漏洞，7.5萬個網站曝險 https://patchstack.com/articles/multiple-critical-vulnerabilities-fixed-in-learnpress-plugin-version/ Lexmark揭露伺服器端請求偽造漏洞，波及逾百種型號的印表機 https://www.bleepingcomputer.com/news/security/lexmark-warns-of-rce-bug-affecting-100-printer-models-poc-released/ Git修補重大RCE漏洞 https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 有海外期報價系統1/31起爆異常「遭駭」？期貨商已啟用備援或多個獨立平台仍可正常交易 https://www.ctwant.com/article/236024 勤業眾信預測：打造「Super APP」，將成 2023 年銀行業重點優先項目 https://buzzorange.com/techorange/2023/02/03/fintech-and-super-app/ 新壽率先啟動FIDO身分驗證 指紋或臉部辨識取代輸入密碼 https://udn.com/news/story/7239/6947873 證券公會2023年7大業務重點 首要權證避險降稅修法 https://reurl.cc/KXZznn 資安連線 場景融合 構築永續金融藍圖 https://www.digitimes.com.tw/seminar/DWebinar_20230215/?cf=AJ2 3.信用卡/電子支付/行動支付/pay/支付系統/資安 信用卡刷卡要小心！有惡意軟體在插卡與NFC刷卡之間動手腳，意圖竊取卡片資料 https://securelist.com/prilex-modification-now-targeting-contactless-credit-card-transactions/108569/ 永豐銀行信用卡傳出過年期間遭到盜刷，34名持卡人被刷110萬元 https://www.cna.com.tw/news/afe/202301310285.aspx 電子支付平臺PayPal證實遭到帳號填充攻擊，波及3.5萬用戶 https://apps.web.maine.gov/online/aeviewer/ME/40/766753f1-f9c7-4dc5-9a5c-fe0f3ff51c06.shtml 聯卡中心揭就醫支付洞察，去年刷卡簽帳533萬筆創5年新高 https://www.ithome.com.tw/news/155356 「電子支付」發紅包衝7成！央行曝國人轉帳習慣 https://reurl.cc/EXkNMk 電子支付帳戶 也可繳稅 https://reurl.cc/MXrm5v 電支跨機構共用平臺「購物」功能第二季上線，業者共享通路掃碼免換App還能共享當次交易資料 https://www.ithome.com.tw/news/155303 台灣電支發展不夠快！ 陳懿文揭小商家「不給嗶」2痛點 https://reurl.cc/OEda3v 以微服務打造電子支付新黑馬，全支付靠技術力服務百萬會員 https://www.ithome.com.tw/people/155004 電子支付應用擴大，虹堡、連宇營運爆發成長，兔年再戰新高 https://reurl.cc/nZkbdl 金管會：持續督導電子支付機構 協助民眾防制詐騙 https://reurl.cc/aaQbm7 跨足電支金融圈 電子支付可投資0050了 https://ctee.com.tw/news/fund/797150.html 香港WeChat Pay HK：港人新春期間於澳門消費交易金額按年增10倍 https://reurl.cc/Z1Dd33 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 借貸協議 Bonq 遭駭！洗出巨量 $BEUR 掏空 1.2 億美元，$ALBT 暴跌 80% https://www.blocktempo.com/bonq-protocol-hackerattack-albt/ 駭客竊取500萬美元AllianceBlock代幣後，代幣價格暴跌51% https://news.cnyes.com/news/id/5074149 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 惡意PyPI套件被用於竊取開發者電腦資料 https://blog.checkpoint.com/2023/02/01/the-rise-of-the-code-package-threat/ 惡意廣告攻擊也有新手法！駭客利用程式載入器迴避偵測 https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/ 英國自動化軟體業者ION Group傳出遭勒索軟體LockBit攻擊 https://www.bleepingcomputer.com/news/security/ransomware-attack-on-ion-group-impacts-derivatives-trading-market/ Go語言開發的竊密軟體Titan竊取瀏覽器與加密貨幣錢包資訊 https://www.uptycs.com/blog/titan-stealer-telegram-malware-campaign 駭客組織InTheBox在暗網兜售逾1,800種安卓銀行木馬相關工具 https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/ 駭客利用竊密軟體Vector Stealer挾持遠端桌面連線的相關組態檔案 https://blog.cyble.com/2023/02/01/vector-stealer-a-gateway-for-rdp-hijacking/ 勒索軟體Nevada同時鎖定Windows與VMware虛擬化平臺而來，祭出高額贖金拆帳利誘打手加入 https://resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot 惡意軟體HeadCrab鎖定Redis而來，利用1,200臺伺服器挖礦 https://blog.aquasec.com/headcrab-attacks-servers-worldwide-with-novel-state-of-art-redis-malware 歐美醫療院所面臨DDoS攻擊，原因是有人租賃Passion殭屍網路向這些單位行凶 https://www.radware.com/security/ddos-threats-attacks/passion-russian-botnet/ 印度炸藥商Solar Industries India遭駭，勒索軟體BlackCat聲稱竊得2 TB機密 https://securityaffairs.com/141409/data-breach/blackcat-ransomware-solar-industries-india.html 勒索軟體LockBit改用Conti的加密模組發動攻擊 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-goes-green-uses-new-conti-based-encryptor/ 歐洲大型汽車經銷商Arnold Clark傳出遭勒索軟體Play攻擊 https://www.bleepingcomputer.com/news/security/arnold-clark-customer-data-stolen-in-attack-claimed-by-play-ransomware/ 安卓金融木馬Godfather在更多歐洲國家橫行 https://blog.eclecticiq.com/the-godfather-banking-trojan-expands-application-targeting-to-affect-more-europe-based-victims 惡意軟體QBot濫用OneNote筆記檔案散布 https://blog.cyble.com/2023/02/01/qakbots-evolution-continues-with-new-strategies/ 安卓木馬Gigabud RAT假冒政府機關發動攻擊 https://blog.cyble.com/2023/01/19/gigabud-rat-new-android-rat-masquerading-as-government-agencies/ 駭客組織DragonSpark透過Go語言打造的惡意軟體規避偵測 https://www.sentinelone.com/labs/dragonspark-attacks-evade-detection-with-sparkrat-and-golang-source-code-interpretation/ 惡意軟體Gootloader採用更隱密的混淆手法規避偵測 https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations 勒索軟體Mimic在加密檔案的過程濫用搜尋工具Everything元件 https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html 研究人員找出惡意軟體Golden Chickens背後的駭客 https://www.esentire.com/web-native-pages/unmasking-venom-spider 資料破壞軟體SwiftSlicer被用於破壞AD網域 https://www.bleepingcomputer.com/news/security/hackers-use-new-swiftslicer-wiper-to-destroy-windows-domains/ 烏克蘭新聞媒體Ukrinform遭到5種資料破壞軟體攻擊 https://cert.gov.ua/article/3718487 以Python打造的RAT木馬程式鎖定Windows電腦而來 https://www.securonix.com/blog/security-advisory-python-based-pyration-attack-campaign/ 美、德、荷聯手，摧毀勒索軟體Hive基礎設施 https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant 中國駭客透過USB儲存裝置挾帶惡意軟體PlugX https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ 船隻管理系統ShipManager遭勒索軟體攻擊，恐波及上千艘船運作 https://www.bankinfosecurity.com/ransomware-attack-affects-1000-vessels-worldwide-a-20939 中東與北非遭到駭客組織Earth Bogle鎖定，散布木馬程式NjRAT https://www.trendmicro.com/en_us/research/23/a/earth-bogle-campaigns-target-middle-east-with-geopolitical-lures.html Avast宣布已打造出「變臉」勒索軟體解密工具 https://www.ithome.com.tw/news/155191 惡意軟體Batloader利用混淆的JavaScript指令碼發動攻擊 https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html CryptBot Infostealer: Malware Analysis https://any.run/cybersecurity-blog/cryptbot-infostealer-malware-analysis/ DoNot Go! Do not respawn https://www.welivesecurity.com/2022/01/18/donot-go-do-not-respawn/ Chinese PlugX Malware Hidden in Your USB Devices https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ New Mimic Ransomware Abuses Everything APIs for its Encryption Process https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations GuLoader: The NSIS Vantage Point https://www.trellix.com/en-us/about/newsroom/stories/research/guloader-the-nsis-vantage-point.html ‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/?utm_content=236429939&utm_medium=social&utm_source=twitter&hss_channel=tw-1141929006603866117 Malicious LNK File Disguised as a Normal HWP Document https://asec.ahnlab.com/en/46865/ OneNote Documents Increasingly Used to Deliver Malware https://www.proofpoint.com/us/blog/threat-insight/onenote-documents-increasingly-used-to-deliver-malware .NET Virtualization Thrives in Malvertising Attacks https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/ Operation Ice Breaker Targets The Gam(bl)ing Industry Right Before It's Biggest Gathering https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering Google sponsored ads malvertising targets password manager https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf New data wipers deployed against Ukraine https://cert.gov.ua/article/3718487 NCSC_MAR_C_00025_COLDSTEEL https://otx.alienvault.com/pulse/63da702509042269012119aa Analyzing and remediating a malware infested T95 TV box from Amazon https://www.malwarebytes.com/blog/news/2023/01/preinstalled-malware-infested-t95-tv-box-from-amazon Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices https://thehackernews.com/2023/01/researchers-discover-new-plugx-malware.html 3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox https://thehackernews.com/2023/01/3-lifehacks-while-analyzing-orcus-rat.html Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort https://thehackernews.com/2023/01/hive-ransomware-infrastructure-seized.html Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack https://thehackernews.com/2023/01/ukraine-hit-with-new-golang-based.html Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service https://thehackernews.com/2023/01/experts-uncover-identity-of-mastermind.html Titan Stealer: A New Golang-Based Information Stealer Malware Emerges https://thehackernews.com/2023/01/titan-stealer-new-golang-based.html Gootkit Malware Continues to Evolve with New Components and Obfuscations https://thehackernews.com/2023/01/gootkit-malware-continues-to-evolve.html New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector https://thehackernews.com/2023/01/new-report-reveals-nikowiper-malware.html Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards https://thehackernews.com/2023/02/prilex-pos-malware-evolves-to-block.html New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities https://thehackernews.com/2023/02/new-russian-backed-gamaredons-spyware.html New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers https://thehackernews.com/2023/02/new-threat-stealthy-headcrab-malware.html New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities https://thehackernews.com/2023/02/new-russian-backed-gamaredons-spyware.html Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years https://thehackernews.com/2023/01/researchers-uncover-packer-that-helped.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Mobile apps for Developers https://medium.com/@itsrakesh/top-mobile-apps-for-developers-boost-your-productivity-7ec8a18985dd 研究人員揭露能繞過臉書雙因素驗證的漏洞 https://medium.com/pentesternepal/two-factor-authentication-bypass-on-facebook-3f4ac3ea139c 蘋果發布iOS/iPadOS 16.3、macOS Ventura 13.2，修補WebKit可被用於執行任意程式碼的漏洞 https://www.securityweek.com/apple-patches-webkit-code-execution-flaws/ TikTok提美國資安保護計畫　眾院中國問題委員會主席：沒說服力 https://www.taisounds.com/Global/Top-News/All/uid5616974768 FB、IG出現資安漏洞！駭客可用電話號碼關閉雙重驗證 https://www.technice.com.tw/techmanage/internet/35407/ 廣告演員在臨演LINE群組罵人「垃圾」 判拘10日 https://udn.com/news/story/7321/6942522 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 資安事件頻傳…他問人才怎都去半導體？眾人曝原因：災難不會天天發生 https://udn.com/news/story/7269/6942320 韓媒：遭中國駭客攻擊12學術機構官網恢復 228再攻「威脅不大」 https://reurl.cc/aaQb7Y 南韓多家學術機構遭中國駭客攻擊 搶修後網頁恢復正常 https://news.ltn.com.tw/news/world/breakingnews/4198061 美國國防部啟動五角大廈漏洞懸賞計畫3.0，聚焦設施管理系統 https://www.securityweek.com/hack-pentagon-30-bug-bounty-program-focus-facility-control-systems 駭客在暗網張貼徵才廣告，祭出2萬美元月薪尋求打手 https://securelist.com/darknet-it-headhunting/108526/ 德國機場網站傳出成為俄羅斯駭客Killnet的攻擊目標 https://www.securityweek.com/cyberattacks-target-websites-of-german-airports-admin/ 中國駭客組織Dragonbridge一年散布逾5萬則垃圾資訊，內容涉及裴洛西訪臺 https://blog.google/threat-analysis-group/over-50000-instances-of-dragonbridge-activity-disrupted-in-2022/ APT34鎖定中東地區發動攻擊 https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html 烏克蘭IT軍隊聲稱破壞了俄羅斯天然氣公司Gazprom的基礎設施 https://securityaffairs.com/141640/hacktivism/it-army-of-ukraine-hacked-gazprom.html 烏克蘭政府遭到俄羅斯駭客組織Gamaredon的間諜軟體攻擊 https://scpc.gov.ua/article/229 俄羅斯駭客竄改微軟的公用程式，製作資料破壞軟體NikoWiper攻擊烏克蘭能源基礎設施 https://www.welivesecurity.com/2023/01/31/eset-apt-activity-report-t3-2022/ British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries https://thehackernews.com/2023/01/british-cyber-agency-warns-of-russian.html Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation https://thehackernews.com/2023/01/google-takes-down-50000-instances-of.html 北韓駭客Lazarus發動網路間諜行動，利用Zimbra漏洞潛入受害組織竊密 https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign https://thehackernews.com/2023/02/north-korean-hackers-exploit-unpatched.html 惡意軟體IceBreaker鎖定電玩、賭博業者而來 https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry https://thehackernews.com/2023/02/experts-warn-of-ice-breaker.html Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html 資安工程師 (SOC L3大數據資料分析師) https://www.104.com.tw/job/7mlzl?jobsource=m104 資安工程師 https://www.104.com.tw/job/6tnpu?jobsource=m104 【營運企劃】資安管理專業人員 https://www.yourator.co/companies/cathaybk/jobs/28277 國立臺灣大學電資學院電機工程學系資安專長師資徵聘 https://www.ee.ntu.edu.tw/doc/Recruiting%20Announcement%20in%20Information%20Security_V1_cht.pdf 國立成功大學教育部關鍵基礎設施資安人才及技術培育基地計畫約聘助理教授 https://cc.ncku.edu.tw/p/406-1213-248951,r391.php?Lang=zh-tw D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 有關iRent資料外洩事故，公路總局公布初步檢查結果 https://www.thb.gov.tw/News_Content_table.aspx?n=87&sms=13235&s=208674 個資危機又一樁! 超過10萬名iRent客戶資料可能早已外洩 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10310 和泰旗下共享汽機車服務iRent傳出資料外洩事故，曝險達9個月 https://techcrunch.com/2023/01/30/hotai-motor-exposed-irent-customer-data iRent驚傳個資外洩！要如何補救？　數位部這樣說 https://tw.nextapple.com/finance/20230201/598D5170587115A6393D369FEAFAD904 「怎麼都知道」的和運，讓全世界都知道用戶個資｜司法動態 https://plainlaw.me/posts/Hotai-exposed 微軟封鎖被用於OAuth網釣攻擊的合作夥伴帳號 https://msrc-blog.microsoft.com/2023/01/31/threat-actor-consent-phishing-campaign-abusing-the-verified-publisher-process/ 駭客濫用微軟認證的藍勾勾帳號，發動OAuth同意網路釣魚攻擊 https://www.bleepingcomputer.com/news/security/microsoft-disables-verified-partner-accounts-used-for-oauth-phishing/ Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html GitHub註銷遭竊的程式碼簽章 https://github.blog/2023-01-30-action-needed-for-github-desktop-and-atom-users/ GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html 上萬使用者遭到假冒DocuSign的網釣攻擊 https://www.armorblox.com/blog/breaking-the-impersonation-armorblox-stops-docusign-attack/ Google電信服務傳出資料外洩，導致駭客能進行SIM卡挾持攻擊 https://www.bleepingcomputer.com/news/security/google-fi-data-breach-let-hackers-carry-out-sim-swap-attacks/ 美國電信業者Charter Communications傳出資料外洩，疑似外部供應商遭駭所致 https://therecord.media/telecom-giant-charter-communications-says-third-party-vendor-had-security-breach/ 保時捷暫停發布NFT被盯上，駭客架設釣魚網站行騙 https://www.bleepingcomputer.com/news/security/porsche-halts-nft-launch-phishing-sites-fill-the-void/ 運動服飾業者JD Sports被駭，千萬客戶個資外流 https://www.londonstockexchange.com/news-article/JD./cyber-security-incident-regarding-historic-orders/15815662 俄羅斯科技業者Yandex原始碼流入駭客論壇，疑前員工所為 https://www.bleepingcomputer.com/news/security/yandex-denies-hack-blames-source-code-leak-on-former-employee/ 美國禁飛名單流入駭客論壇，當局著手調查 https://www.bleepingcomputer.com/news/security/us-no-fly-list-shared-on-a-hacking-forum-government-investigating/ Zendesk用戶個資外洩，起因是員工遭駭 https://www.ithome.com.tw/news/155283 北韓駭客TA444利用行銷策略進行網釣攻擊，5年竊得逾10億美元加密貨幣 https://www.ithome.com.tw/news/155272 密碼管理服務Bitwarden用戶遭鎖定，駭客濫用Google廣告進行網釣攻擊 https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/ 密碼管理解決方案業者LastPass母公司公布調查結果，證實旗下多個解決方案的用戶資料遭竊 https://www.goto.com/blog/our-response-to-a-recent-security-incident 電玩遊戲英雄聯盟開發商證實資料外洩，遊戲原始碼遭竊 https://www.ithome.com.tw/news/155265 印度人力銀行Rocket資料庫配置不當，曝露近千萬求職者與員工的資料 https://cybernews.com/security/hr-platform-data-leak/ 研究發現大型語言模型促進輿論操縱，假消息將更多更具說服力 https://www.ithome.com.tw/news/155179 大數據時代來臨，個資外洩機率增加！資安議題箭在弦上；資安概念股一次看 https://reurl.cc/06LbQM 高雄議員通訊軟體被盜用！　好友遭詐騙10萬元 https://www.mnews.tw/story/20230202sot12003 E.研究報告/工具 建構主動式防禦的6個關鍵技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10300 突破Office封鎖惡意VBA巨集執行的管制，駭客改由Visual Studio附加工具下手，透過映像檔夾帶檔案進攻 https://www.deepinstinct.com/blog/no-macro-no-worries-vsto-being-weaponized-by-threat-actors 研究人員針對CryptoAPI程式庫的欺騙漏洞公布細節，並提供概念性驗證攻擊程式 https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi 基於深度學習與資安威脅知識本體庫的情資威脅報告分析與分類 https://reurl.cc/aaQbDl Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group https://thehackernews.com/2023/01/researchers-uncover-connection-bw-moses.html Is Once-Yearly Pen Testing Enough for Your Organization https://thehackernews.com/2023/01/is-once-yearly-pen-testing-enough-for.html Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge https://thehackernews.com/2023/01/eliminating-saas-shadow-it-is-now.html You Don't Know Where Your Secrets Are https://thehackernews.com/2023/01/you-dont-know-where-your-secrets-are.html Auditing Kubernetes with Open Source SIEM and XDR https://thehackernews.com/2023/02/auditing-kubernetes-with-open-source.html Cybersecurity Budgets Are Going Up. So Why Aren't Breaches Going Down https://thehackernews.com/2023/02/cybersecurity-budgets-are-going-up-so.html The Pivot: How MSPs can Turn a Challenge Into a Once-in-a-Decade Opportunity https://thehackernews.com/2023/02/the-pivot-how-msps-can-turn-challenge.html DOM-Based XSS for fun and profit $$$! | Bug Bounty POC https://medium.com/@haroonhameed_76621/dom-based-xss-for-fun-and-profit-bug-bounty-poc-f4b9554e95d Google’s Sparrow Will Kill ChatGPT — It is Microsoft Teams vs. Slack All Over Again. https://entreprenal.com/googles-sparrow-will-kill-chatgpt-it-is-microsoft-teams-vs-slack-all-over-again-da8c5a69c58f How I used ChatGPT and Excel to save thousands of hours of work https://medium.com/@nielsbosma/how-i-used-chatgpt-and-excel-to-save-thousands-of-hours-of-work-a91f915242ef F.商業 響應 2023 年國際資料隱私日，Seagate 提六大資安趨勢 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10301 Zoom 雲端資料中心在台落地並通過行動應用程式資安檢測 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10304 AWS 2022 re:Invent彰顯四大雲端趨勢，針對資安快速行動 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10305 G.政府 iRent用戶個資傳外洩風險 數位部協助處理 https://reurl.cc/NG38Eq 和泰iRent個資外洩 綠委批金管會輕放 https://reurl.cc/qZybbg iRent資料外洩 金管會：後續處置無顯著疏失 https://money.udn.com/money/story/5613/6945365?from=edn_subcatelist_cate 蔡總統接見資安獎得主 強調資安就是國安 https://reurl.cc/oZlbAQ 力推「資安即國安2.0」 蔡英文：培養人才、提供產業更多支持 https://news.ltn.com.tw/news/politics/breakingnews/4200021 數位部新年度三大任務 資安掛帥 https://www.chinatimes.com/newspapers/20230203000193-260202?chdtv 資安堵漏 無人機驗證3月上路 https://www.chinatimes.com/newspapers/20230203000191-260202?chdtv 個資專責機構一年內成立 但權責恐淪紙老虎 https://reurl.cc/WqjYoe 蔡總統：持續加強社會各領域資安韌性(圖) https://today.line.me/tw/v2/article/oqkyOG6 3次大當機、金流納管跳票、6次漲價無人管 經民連：新內閣應拿出魄力治蝦皮 https://reurl.cc/jRx4EM H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html 研究人員針對不安全的軍事ICS基礎設施提出警告 https://blog.cyble.com/2023/01/27/insecure-military-ics-infrastructure-poses-a-risk-to-national-security/ 電動車充電站通訊協定存在弱點，攻擊者可得知車主資訊或是偷取電力 https://www.saiflow.com/hijacking-chargers-identifier-to-cause-dos/ 研究人員再度揭露AMI MegaRAC的BMC軟體漏洞 https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html Zyxel修補5G路由器、光纖網路終端設備的重大漏洞 https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders NIST正式發布AI風險管理框架 https://www.nist.gov/news-events/news/2023/01/nist-risk-management-framework-aims-improve-trustworthiness-artificial TP-Link、Netcomm路由器存在重大漏洞，恐被用於RCE攻擊 https://thehackernews.com/2023/01/critical-security-vulnerabilities.html 駭客組織GhostSec聲稱對於工控系統進行勒索軟體攻擊，理由是抗議俄羅斯發動戰爭 https://www.securityweek.com/cybersecurity-experts-cast-doubt-hackers-ics-ransomware-claims 美國針對Sewio、InHand Networks、西門子等廠牌的工控系統重大漏洞提出警告 https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html 許多人不自知「全都露」駭客入侵智慧家電看光光 https://www.worldjournal.com/wj/story/121473/6944040 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 Coffee & Code 2023/2/5 https://www.meetup.com/innovate-taiwan/events/291226558/ 資訊安全工程師初級培訓班 2023/2/7 ~ 2023/2/8 https://college.itri.org.tw/Home/LessonData/489FA646-8933-446D-BFA9-0F919B2BFCA4 金融資安研習營 2023/2/9 ~ 2023/2/10 https://fisw.ccisa.org.tw/ Just a chat - with no Expectations 2023/2/11 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/291127956/ WordPress 彰化小聚#26 2023/2/12 https://www.meetup.com/changhua-wordpress-meetup-group/events/290974160/ 2023大南方製造業資安趨勢論壇- 產業轉型 資安升級 2023/2/16 https://www.informationsecurity.com.tw/seminar/2023_KHinfosecurity365/index.htm 資安免疫系統強化論壇 2023/2/21 https://buzzorange.com/techorange/forum/2023-cybersecurity-immune-system/ Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 加密大逃殺？善用 Web3 去中心化錢包 2023/2/22 https://www.accupass.com/event/2301301209062089881353 兩道資安關鍵防線 遠離遠距辦公資安風險 2023/2/23 https://www.accupass.com/event/2301170725591343770258 2023 資安365年會 數位供應鏈 資安不斷鏈 2023/2/23 https://www.informationsecurity.com.tw/seminar/2023_TPinfosecurity365/register.aspx 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/ DEVCORE Conference 2023 - 3/10 企業場 2023/3/10 https://devcore.kktix.cc/events/devcoreconf2023-0310 DEVCORE Conference 2023 - 3/11 駭客場 2023/3/11 https://devcore.kktix.cc/events/devcoreconf2023 掌握資安趨勢 讓大數據決策市場研討會 2023/3/16 https://www.accupass.com/event/2212200343421615169635 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013 1.重大弱點漏洞/後門/Exploit/Zero Day New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack https://thehackernews.com/2023/02/cisa-alert-oracle-e-business-suite-and.html 中國駭客利用Fortinet於12月修補的SSL VPN漏洞部署後門程式 https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw Fortinet說明VPN漏洞被濫用攻擊政府單位 https://www.ithome.com.tw/news/155174 威聯通NAS因近期漏洞而曝險的臺灣設備數量近2千臺 https://censys.io/cve-2022-27596/ 威聯通修補NAS作業系統SQL注入漏洞 https://www.bleepingcomputer.com/news/security/qnap-fixes-critical-bug-letting-hackers-inject-malicious-code/ QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates https://thehackernews.com/2023/01/qnap-fixes-critical-vulnerability-in.html 部分思科IOS XE設備存在命令注入漏洞，攻擊者可以root權限執行任意命令 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL Realtek的SDK重大漏洞被用於攻擊行動，D-Link、LG、Zyxel等廠牌設備恐曝險 https://unit42.paloaltonetworks.com/realtek-sdk-vulnerability/ Realtek 漏洞遭利用! 超過 1.34 億次嘗試攻擊，鎖定物聯網設備 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10306 Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html Exchange Server 2013支援期還剩不到90天 https://www.ithome.com.tw/news/155144 微軟警告駭客仍在頻繁攻擊Exchange，用戶應儘速套用修補程式 https://www.ithome.com.tw/news/155285 漏洞一直來!微軟敦促客戶保護本地端Exchange伺服器 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10303 Microsoft Urges Customers to Secure On-Premises Exchange Servers https://thehackernews.com/2023/01/microsoft-urges-customers-to-secure-on.html Microsoft 推出 2023 年 1 月資安更新包 Patch Tuesday，共修復 98 個漏洞，其中有 1 個 0-day 漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10299 VMware事件記錄分析系統漏洞可被串連，取得root權限遠端執行任意程式碼 https://www.horizon3.ai/vmware-vrealize-cve-2022-31706-iocs/ VMware 發布 VMware vRealize Log Insight 安全性更新 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/25/vmware-releases-security-updates-vmware-vrealize-log-insight Cisco 近日發布更新以緩解Unified CM、Unified CM SME的安全性弱點 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/20/cisco-releases-security-advisory-unified-cm-and-unified-cm-sme DNS系統BIND 9存在漏洞，恐導致阻斷服務攻擊 https://www.cisa.gov/uscert/ncas/current-activity/2023/01/27/isc-releases-security-advisories-multiple-versions-bind-9 ISC Releases Security Patches for New BIND DNS Software Vulnerabilities https://thehackernews.com/2023/01/isc-releases-security-patches-for-new.html New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices https://thehackernews.com/2023/02/new-sh1mmer-exploit-for-chromebook.html Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility https://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability https://thehackernews.com/2023/02/atlassians-jira-software-found.html 電信網路程式庫Open5GS GTP出現可被用於阻斷服務攻擊的漏洞 https://www.synopsys.com/blogs/software-security/cyrc-advisory-open5gs-gtp-library/ 密碼管理器KeePass出現漏洞，攻擊者能以明文匯出用戶帳密資料 https://www.bleepingcomputer.com/news/security/keepass-disputes-vulnerability-allowing-stealthy-password-theft/ WordPress線上課程外掛程式LearnPress存在重大漏洞，7.5萬個網站曝險 https://patchstack.com/articles/multiple-critical-vulnerabilities-fixed-in-learnpress-plugin-version/ Lexmark揭露伺服器端請求偽造漏洞，波及逾百種型號的印表機 https://www.bleepingcomputer.com/news/security/lexmark-warns-of-rce-bug-affecting-100-printer-models-poc-released/ Git修補重大RCE漏洞 https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 有海外期報價系統1/31起爆異常「遭駭」？期貨商已啟用備援或多個獨立平台仍可正常交易 https://www.ctwant.com/article/236024 勤業眾信預測：打造「Super APP」，將成 2023 年銀行業重點優先項目 https://buzzorange.com/techorange/2023/02/03/fintech-and-super-app/ 新壽率先啟動FIDO身分驗證 指紋或臉部辨識取代輸入密碼 https://udn.com/news/story/7239/6947873 證券公會2023年7大業務重點 首要權證避險降稅修法 https://reurl.cc/KXZznn 資安連線 場景融合 構築永續金融藍圖 https://www.digitimes.com.tw/seminar/DWebinar_20230215/?cf=AJ2 3.信用卡/電子支付/行動支付/pay/支付系統/資安 信用卡刷卡要小心！有惡意軟體在插卡與NFC刷卡之間動手腳，意圖竊取卡片資料 https://securelist.com/prilex-modification-now-targeting-contactless-credit-card-transactions/108569/ 永豐銀行信用卡傳出過年期間遭到盜刷，34名持卡人被刷110萬元 https://www.cna.com.tw/news/afe/202301310285.aspx 電子支付平臺PayPal證實遭到帳號填充攻擊，波及3.5萬用戶 https://apps.web.maine.gov/online/aeviewer/ME/40/766753f1-f9c7-4dc5-9a5c-fe0f3ff51c06.shtml 聯卡中心揭就醫支付洞察，去年刷卡簽帳533萬筆創5年新高 https://www.ithome.com.tw/news/155356 「電子支付」發紅包衝7成！央行曝國人轉帳習慣 https://reurl.cc/EXkNMk 電子支付帳戶 也可繳稅 https://reurl.cc/MXrm5v 電支跨機構共用平臺「購物」功能第二季上線，業者共享通路掃碼免換App還能共享當次交易資料 https://www.ithome.com.tw/news/155303 台灣電支發展不夠快！ 陳懿文揭小商家「不給嗶」2痛點 https://reurl.cc/OEda3v 以微服務打造電子支付新黑馬，全支付靠技術力服務百萬會員 https://www.ithome.com.tw/people/155004 電子支付應用擴大，虹堡、連宇營運爆發成長，兔年再戰新高 https://reurl.cc/nZkbdl 金管會：持續督導電子支付機構 協助民眾防制詐騙 https://reurl.cc/aaQbm7 跨足電支金融圈 電子支付可投資0050了 https://ctee.com.tw/news/fund/797150.html 香港WeChat Pay HK：港人新春期間於澳門消費交易金額按年增10倍 https://reurl.cc/Z1Dd33 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 借貸協議 Bonq 遭駭！洗出巨量 $BEUR 掏空 1.2 億美元，$ALBT 暴跌 80% https://www.blocktempo.com/bonq-protocol-hackerattack-albt/ 駭客竊取500萬美元AllianceBlock代幣後，代幣價格暴跌51% https://news.cnyes.com/news/id/5074149 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 惡意PyPI套件被用於竊取開發者電腦資料 https://blog.checkpoint.com/2023/02/01/the-rise-of-the-code-package-threat/ 惡意廣告攻擊也有新手法！駭客利用程式載入器迴避偵測 https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/ 英國自動化軟體業者ION Group傳出遭勒索軟體LockBit攻擊 https://www.bleepingcomputer.com/news/security/ransomware-attack-on-ion-group-impacts-derivatives-trading-market/ Go語言開發的竊密軟體Titan竊取瀏覽器與加密貨幣錢包資訊 https://www.uptycs.com/blog/titan-stealer-telegram-malware-campaign 駭客組織InTheBox在暗網兜售逾1,800種安卓銀行木馬相關工具 https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/ 駭客利用竊密軟體Vector Stealer挾持遠端桌面連線的相關組態檔案 https://blog.cyble.com/2023/02/01/vector-stealer-a-gateway-for-rdp-hijacking/ 勒索軟體Nevada同時鎖定Windows與VMware虛擬化平臺而來，祭出高額贖金拆帳利誘打手加入 https://resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot 惡意軟體HeadCrab鎖定Redis而來，利用1,200臺伺服器挖礦 https://blog.aquasec.com/headcrab-attacks-servers-worldwide-with-novel-state-of-art-redis-malware 歐美醫療院所面臨DDoS攻擊，原因是有人租賃Passion殭屍網路向這些單位行凶 https://www.radware.com/security/ddos-threats-attacks/passion-russian-botnet/ 印度炸藥商Solar Industries India遭駭，勒索軟體BlackCat聲稱竊得2 TB機密 https://securityaffairs.com/141409/data-breach/blackcat-ransomware-solar-industries-india.html 勒索軟體LockBit改用Conti的加密模組發動攻擊 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-goes-green-uses-new-conti-based-encryptor/ 歐洲大型汽車經銷商Arnold Clark傳出遭勒索軟體Play攻擊 https://www.bleepingcomputer.com/news/security/arnold-clark-customer-data-stolen-in-attack-claimed-by-play-ransomware/ 安卓金融木馬Godfather在更多歐洲國家橫行 https://blog.eclecticiq.com/the-godfather-banking-trojan-expands-application-targeting-to-affect-more-europe-based-victims 惡意軟體QBot濫用OneNote筆記檔案散布 https://blog.cyble.com/2023/02/01/qakbots-evolution-continues-with-new-strategies/ 安卓木馬Gigabud RAT假冒政府機關發動攻擊 https://blog.cyble.com/2023/01/19/gigabud-rat-new-android-rat-masquerading-as-government-agencies/ 駭客組織DragonSpark透過Go語言打造的惡意軟體規避偵測 https://www.sentinelone.com/labs/dragonspark-attacks-evade-detection-with-sparkrat-and-golang-source-code-interpretation/ 惡意軟體Gootloader採用更隱密的混淆手法規避偵測 https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations 勒索軟體Mimic在加密檔案的過程濫用搜尋工具Everything元件 https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html 研究人員找出惡意軟體Golden Chickens背後的駭客 https://www.esentire.com/web-native-pages/unmasking-venom-spider 資料破壞軟體SwiftSlicer被用於破壞AD網域 https://www.bleepingcomputer.com/news/security/hackers-use-new-swiftslicer-wiper-to-destroy-windows-domains/ 烏克蘭新聞媒體Ukrinform遭到5種資料破壞軟體攻擊 https://cert.gov.ua/article/3718487 以Python打造的RAT木馬程式鎖定Windows電腦而來 https://www.securonix.com/blog/security-advisory-python-based-pyration-attack-campaign/ 美、德、荷聯手，摧毀勒索軟體Hive基礎設施 https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant 中國駭客透過USB儲存裝置挾帶惡意軟體PlugX https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ 船隻管理系統ShipManager遭勒索軟體攻擊，恐波及上千艘船運作 https://www.bankinfosecurity.com/ransomware-attack-affects-1000-vessels-worldwide-a-20939 中東與北非遭到駭客組織Earth Bogle鎖定，散布木馬程式NjRAT https://www.trendmicro.com/en_us/research/23/a/earth-bogle-campaigns-target-middle-east-with-geopolitical-lures.html Avast宣布已打造出「變臉」勒索軟體解密工具 https://www.ithome.com.tw/news/155191 惡意軟體Batloader利用混淆的JavaScript指令碼發動攻擊 https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html CryptBot Infostealer: Malware Analysis https://any.run/cybersecurity-blog/cryptbot-infostealer-malware-analysis/ DoNot Go! Do not respawn https://www.welivesecurity.com/2022/01/18/donot-go-do-not-respawn/ Chinese PlugX Malware Hidden in Your USB Devices https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ New Mimic Ransomware Abuses Everything APIs for its Encryption Process https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations GuLoader: The NSIS Vantage Point https://www.trellix.com/en-us/about/newsroom/stories/research/guloader-the-nsis-vantage-point.html ‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/?utm_content=236429939&utm_medium=social&utm_source=twitter&hss_channel=tw-1141929006603866117 Malicious LNK File Disguised as a Normal HWP Document https://asec.ahnlab.com/en/46865/ OneNote Documents Increasingly Used to Deliver Malware https://www.proofpoint.com/us/blog/threat-insight/onenote-documents-increasingly-used-to-deliver-malware .NET Virtualization Thrives in Malvertising Attacks https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/ Operation Ice Breaker Targets The Gam(bl)ing Industry Right Before It's Biggest Gathering https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering Google sponsored ads malvertising targets password manager https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf New data wipers deployed against Ukraine https://cert.gov.ua/article/3718487 NCSC_MAR_C_00025_COLDSTEEL https://otx.alienvault.com/pulse/63da702509042269012119aa Analyzing and remediating a malware infested T95 TV box from Amazon https://www.malwarebytes.com/blog/news/2023/01/preinstalled-malware-infested-t95-tv-box-from-amazon Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices https://thehackernews.com/2023/01/researchers-discover-new-plugx-malware.html 3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox https://thehackernews.com/2023/01/3-lifehacks-while-analyzing-orcus-rat.html Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort https://thehackernews.com/2023/01/hive-ransomware-infrastructure-seized.html Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack https://thehackernews.com/2023/01/ukraine-hit-with-new-golang-based.html Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service https://thehackernews.com/2023/01/experts-uncover-identity-of-mastermind.html Titan Stealer: A New Golang-Based Information Stealer Malware Emerges https://thehackernews.com/2023/01/titan-stealer-new-golang-based.html Gootkit Malware Continues to Evolve with New Components and Obfuscations https://thehackernews.com/2023/01/gootkit-malware-continues-to-evolve.html New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector https://thehackernews.com/2023/01/new-report-reveals-nikowiper-malware.html Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards https://thehackernews.com/2023/02/prilex-pos-malware-evolves-to-block.html New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities https://thehackernews.com/2023/02/new-russian-backed-gamaredons-spyware.html New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers https://thehackernews.com/2023/02/new-threat-stealthy-headcrab-malware.html New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities https://thehackernews.com/2023/02/new-russian-backed-gamaredons-spyware.html Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years https://thehackernews.com/2023/01/researchers-uncover-packer-that-helped.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Mobile apps for Developers https://medium.com/@itsrakesh/top-mobile-apps-for-developers-boost-your-productivity-7ec8a18985dd 研究人員揭露能繞過臉書雙因素驗證的漏洞 https://medium.com/pentesternepal/two-factor-authentication-bypass-on-facebook-3f4ac3ea139c 蘋果發布iOS/iPadOS 16.3、macOS Ventura 13.2，修補WebKit可被用於執行任意程式碼的漏洞 https://www.securityweek.com/apple-patches-webkit-code-execution-flaws/ TikTok提美國資安保護計畫　眾院中國問題委員會主席：沒說服力 https://www.taisounds.com/Global/Top-News/All/uid5616974768 FB、IG出現資安漏洞！駭客可用電話號碼關閉雙重驗證 https://www.technice.com.tw/techmanage/internet/35407/ 廣告演員在臨演LINE群組罵人「垃圾」 判拘10日 https://udn.com/news/story/7321/6942522 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 資安事件頻傳…他問人才怎都去半導體？眾人曝原因：災難不會天天發生 https://udn.com/news/story/7269/6942320 韓媒：遭中國駭客攻擊12學術機構官網恢復 228再攻「威脅不大」 https://reurl.cc/aaQb7Y 南韓多家學術機構遭中國駭客攻擊 搶修後網頁恢復正常 https://news.ltn.com.tw/news/world/breakingnews/4198061 美國國防部啟動五角大廈漏洞懸賞計畫3.0，聚焦設施管理系統 https://www.securityweek.com/hack-pentagon-30-bug-bounty-program-focus-facility-control-systems 駭客在暗網張貼徵才廣告，祭出2萬美元月薪尋求打手 https://securelist.com/darknet-it-headhunting/108526/ 德國機場網站傳出成為俄羅斯駭客Killnet的攻擊目標 https://www.securityweek.com/cyberattacks-target-websites-of-german-airports-admin/ 中國駭客組織Dragonbridge一年散布逾5萬則垃圾資訊，內容涉及裴洛西訪臺 https://blog.google/threat-analysis-group/over-50000-instances-of-dragonbridge-activity-disrupted-in-2022/ APT34鎖定中東地區發動攻擊 https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html 烏克蘭IT軍隊聲稱破壞了俄羅斯天然氣公司Gazprom的基礎設施 https://securityaffairs.com/141640/hacktivism/it-army-of-ukraine-hacked-gazprom.html 烏克蘭政府遭到俄羅斯駭客組織Gamaredon的間諜軟體攻擊 https://scpc.gov.ua/article/229 俄羅斯駭客竄改微軟的公用程式，製作資料破壞軟體NikoWiper攻擊烏克蘭能源基礎設施 https://www.welivesecurity.com/2023/01/31/eset-apt-activity-report-t3-2022/ British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries https://thehackernews.com/2023/01/british-cyber-agency-warns-of-russian.html Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation https://thehackernews.com/2023/01/google-takes-down-50000-instances-of.html 北韓駭客Lazarus發動網路間諜行動，利用Zimbra漏洞潛入受害組織竊密 https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign https://thehackernews.com/2023/02/north-korean-hackers-exploit-unpatched.html 惡意軟體IceBreaker鎖定電玩、賭博業者而來 https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry https://thehackernews.com/2023/02/experts-warn-of-ice-breaker.html Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html 資安工程師 (SOC L3大數據資料分析師) https://www.104.com.tw/job/7mlzl?jobsource=m104 資安工程師 https://www.104.com.tw/job/6tnpu?jobsource=m104 【營運企劃】資安管理專業人員 https://www.yourator.co/companies/cathaybk/jobs/28277 國立臺灣大學電資學院電機工程學系資安專長師資徵聘 https://www.ee.ntu.edu.tw/doc/Recruiting%20Announcement%20in%20Information%20Security_V1_cht.pdf 國立成功大學教育部關鍵基礎設施資安人才及技術培育基地計畫約聘助理教授 https://cc.ncku.edu.tw/p/406-1213-248951,r391.php?Lang=zh-tw D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 有關iRent資料外洩事故，公路總局公布初步檢查結果 https://www.thb.gov.tw/News_Content_table.aspx?n=87&sms=13235&s=208674 個資危機又一樁! 超過10萬名iRent客戶資料可能早已外洩 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10310 和泰旗下共享汽機車服務iRent傳出資料外洩事故，曝險達9個月 https://techcrunch.com/2023/01/30/hotai-motor-exposed-irent-customer-data iRent驚傳個資外洩！要如何補救？　數位部這樣說 https://tw.nextapple.com/finance/20230201/598D5170587115A6393D369FEAFAD904 「怎麼都知道」的和運，讓全世界都知道用戶個資｜司法動態 https://plainlaw.me/posts/Hotai-exposed 微軟封鎖被用於OAuth網釣攻擊的合作夥伴帳號 https://msrc-blog.microsoft.com/2023/01/31/threat-actor-consent-phishing-campaign-abusing-the-verified-publisher-process/ 駭客濫用微軟認證的藍勾勾帳號，發動OAuth同意網路釣魚攻擊 https://www.bleepingcomputer.com/news/security/microsoft-disables-verified-partner-accounts-used-for-oauth-phishing/ Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html GitHub註銷遭竊的程式碼簽章 https://github.blog/2023-01-30-action-needed-for-github-desktop-and-atom-users/ GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html 上萬使用者遭到假冒DocuSign的網釣攻擊 https://www.armorblox.com/blog/breaking-the-impersonation-armorblox-stops-docusign-attack/ Google電信服務傳出資料外洩，導致駭客能進行SIM卡挾持攻擊 https://www.bleepingcomputer.com/news/security/google-fi-data-breach-let-hackers-carry-out-sim-swap-attacks/ 美國電信業者Charter Communications傳出資料外洩，疑似外部供應商遭駭所致 https://therecord.media/telecom-giant-charter-communications-says-third-party-vendor-had-security-breach/ 保時捷暫停發布NFT被盯上，駭客架設釣魚網站行騙 https://www.bleepingcomputer.com/news/security/porsche-halts-nft-launch-phishing-sites-fill-the-void/ 運動服飾業者JD Sports被駭，千萬客戶個資外流 https://www.londonstockexchange.com/news-article/JD./cyber-security-incident-regarding-historic-orders/15815662 俄羅斯科技業者Yandex原始碼流入駭客論壇，疑前員工所為 https://www.bleepingcomputer.com/news/security/yandex-denies-hack-blames-source-code-leak-on-former-employee/ 美國禁飛名單流入駭客論壇，當局著手調查 https://www.bleepingcomputer.com/news/security/us-no-fly-list-shared-on-a-hacking-forum-government-investigating/ Zendesk用戶個資外洩，起因是員工遭駭 https://www.ithome.com.tw/news/155283 北韓駭客TA444利用行銷策略進行網釣攻擊，5年竊得逾10億美元加密貨幣 https://www.ithome.com.tw/news/155272 密碼管理服務Bitwarden用戶遭鎖定，駭客濫用Google廣告進行網釣攻擊 https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/ 密碼管理解決方案業者LastPass母公司公布調查結果，證實旗下多個解決方案的用戶資料遭竊 https://www.goto.com/blog/our-response-to-a-recent-security-incident 電玩遊戲英雄聯盟開發商證實資料外洩，遊戲原始碼遭竊 https://www.ithome.com.tw/news/155265 印度人力銀行Rocket資料庫配置不當，曝露近千萬求職者與員工的資料 https://cybernews.com/security/hr-platform-data-leak/ 研究發現大型語言模型促進輿論操縱，假消息將更多更具說服力 https://www.ithome.com.tw/news/155179 大數據時代來臨，個資外洩機率增加！資安議題箭在弦上；資安概念股一次看 https://reurl.cc/06LbQM 高雄議員通訊軟體被盜用！　好友遭詐騙10萬元 https://www.mnews.tw/story/20230202sot12003 E.研究報告/工具 建構主動式防禦的6個關鍵技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10300 突破Office封鎖惡意VBA巨集執行的管制，駭客改由Visual Studio附加工具下手，透過映像檔夾帶檔案進攻 https://www.deepinstinct.com/blog/no-macro-no-worries-vsto-being-weaponized-by-threat-actors 研究人員針對CryptoAPI程式庫的欺騙漏洞公布細節，並提供概念性驗證攻擊程式 https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi 基於深度學習與資安威脅知識本體庫的情資威脅報告分析與分類 https://reurl.cc/aaQbDl Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group https://thehackernews.com/2023/01/researchers-uncover-connection-bw-moses.html Is Once-Yearly Pen Testing Enough for Your Organization https://thehackernews.com/2023/01/is-once-yearly-pen-testing-enough-for.html Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge https://thehackernews.com/2023/01/eliminating-saas-shadow-it-is-now.html You Don't Know Where Your Secrets Are https://thehackernews.com/2023/01/you-dont-know-where-your-secrets-are.html Auditing Kubernetes with Open Source SIEM and XDR https://thehackernews.com/2023/02/auditing-kubernetes-with-open-source.html Cybersecurity Budgets Are Going Up. So Why Aren't Breaches Going Down https://thehackernews.com/2023/02/cybersecurity-budgets-are-going-up-so.html The Pivot: How MSPs can Turn a Challenge Into a Once-in-a-Decade Opportunity https://thehackernews.com/2023/02/the-pivot-how-msps-can-turn-challenge.html DOM-Based XSS for fun and profit $$$! | Bug Bounty POC https://medium.com/@haroonhameed_76621/dom-based-xss-for-fun-and-profit-bug-bounty-poc-f4b9554e95d Google’s Sparrow Will Kill ChatGPT — It is Microsoft Teams vs. Slack All Over Again. https://entreprenal.com/googles-sparrow-will-kill-chatgpt-it-is-microsoft-teams-vs-slack-all-over-again-da8c5a69c58f How I used ChatGPT and Excel to save thousands of hours of work https://medium.com/@nielsbosma/how-i-used-chatgpt-and-excel-to-save-thousands-of-hours-of-work-a91f915242ef F.商業 響應 2023 年國際資料隱私日，Seagate 提六大資安趨勢 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10301 Zoom 雲端資料中心在台落地並通過行動應用程式資安檢測 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10304 AWS 2022 re:Invent彰顯四大雲端趨勢，針對資安快速行動 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10305 G.政府 iRent用戶個資傳外洩風險 數位部協助處理 https://reurl.cc/NG38Eq 和泰iRent個資外洩 綠委批金管會輕放 https://reurl.cc/qZybbg iRent資料外洩 金管會：後續處置無顯著疏失 https://money.udn.com/money/story/5613/6945365?from=edn_subcatelist_cate 蔡總統接見資安獎得主 強調資安就是國安 https://reurl.cc/oZlbAQ 力推「資安即國安2.0」 蔡英文：培養人才、提供產業更多支持 https://news.ltn.com.tw/news/politics/breakingnews/4200021 數位部新年度三大任務 資安掛帥 https://www.chinatimes.com/newspapers/20230203000193-260202?chdtv 資安堵漏 無人機驗證3月上路 https://www.chinatimes.com/newspapers/20230203000191-260202?chdtv 個資專責機構一年內成立 但權責恐淪紙老虎 https://reurl.cc/WqjYoe 蔡總統：持續加強社會各領域資安韌性(圖) https://today.line.me/tw/v2/article/oqkyOG6 3次大當機、金流納管跳票、6次漲價無人管 經民連：新內閣應拿出魄力治蝦皮 https://reurl.cc/jRx4EM H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html 研究人員針對不安全的軍事ICS基礎設施提出警告 https://blog.cyble.com/2023/01/27/insecure-military-ics-infrastructure-poses-a-risk-to-national-security/ 電動車充電站通訊協定存在弱點，攻擊者可得知車主資訊或是偷取電力 https://www.saiflow.com/hijacking-chargers-identifier-to-cause-dos/ 研究人員再度揭露AMI MegaRAC的BMC軟體漏洞 https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html Zyxel修補5G路由器、光纖網路終端設備的重大漏洞 https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-buffer-overflow-vulnerabilities-of-cpe-fiber-onts-and-wifi-extenders NIST正式發布AI風險管理框架 https://www.nist.gov/news-events/news/2023/01/nist-risk-management-framework-aims-improve-trustworthiness-artificial TP-Link、Netcomm路由器存在重大漏洞，恐被用於RCE攻擊 https://thehackernews.com/2023/01/critical-security-vulnerabilities.html 駭客組織GhostSec聲稱對於工控系統進行勒索軟體攻擊，理由是抗議俄羅斯發動戰爭 https://www.securityweek.com/cybersecurity-experts-cast-doubt-hackers-ics-ransomware-claims 美國針對Sewio、InHand Networks、西門子等廠牌的工控系統重大漏洞提出警告 https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html 許多人不自知「全都露」駭客入侵智慧家電看光光 https://www.worldjournal.com/wj/story/121473/6944040 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 Coffee & Code 2023/2/5 https://www.meetup.com/innovate-taiwan/events/291226558/ 資訊安全工程師初級培訓班 2023/2/7 ~ 2023/2/8 https://college.itri.org.tw/Home/LessonData/489FA646-8933-446D-BFA9-0F919B2BFCA4 金融資安研習營 2023/2/9 ~ 2023/2/10 https://fisw.ccisa.org.tw/ Just a chat - with no Expectations 2023/2/11 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/291127956/ WordPress 彰化小聚#26 2023/2/12 https://www.meetup.com/changhua-wordpress-meetup-group/events/290974160/ 2023大南方製造業資安趨勢論壇- 產業轉型 資安升級 2023/2/16 https://www.informationsecurity.com.tw/seminar/2023_KHinfosecurity365/index.htm 資安免疫系統強化論壇 2023/2/21 https://buzzorange.com/techorange/forum/2023-cybersecurity-immune-system/ Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 加密大逃殺？善用 Web3 去中心化錢包 2023/2/22 https://www.accupass.com/event/2301301209062089881353 兩道資安關鍵防線 遠離遠距辦公資安風險 2023/2/23 https://www.accupass.com/event/2301170725591343770258 2023 資安365年會 數位供應鏈 資安不斷鏈 2023/2/23 https://www.informationsecurity.com.tw/seminar/2023_TPinfosecurity365/register.aspx 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/ DEVCORE Conference 2023 - 3/10 企業場 2023/3/10 https://devcore.kktix.cc/events/devcoreconf2023-0310 DEVCORE Conference 2023 - 3/11 駭客場 2023/3/11 https://devcore.kktix.cc/events/devcoreconf2023 掌握資安趨勢 讓大數據決策市場研討會 2023/3/16 https://www.accupass.com/event/2212200343421615169635 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013 (ISC)2 Certified in Cybersecurity https://github.com/cyberfascinate/ISC2-CC-Study-Material ISC2 CC (Certified in Cybersecurity) 考試經驗 https://lin0204.blogspot.com/2022/12/isc2-cc-certified-in-cybersecurity.html?m=1 CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 Coffee & Code 2023/2/5 https://www.meetup.com/innovate-taiwan/events/291226558/ 資訊安全工程師初級培訓班 2023/2/7 ~ 2023/2/8 https://college.itri.org.tw/Home/LessonData/489FA646-8933-446D-BFA9-0F919B2BFCA4 金融資安研習營 2023/2/9 ~ 2023/2/10 https://fisw.ccisa.org.tw/ Just a chat - with no Expectations 2023/2/11 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/291127956/ WordPress 彰化小聚#26 2023/2/12 https://www.meetup.com/changhua-wordpress-meetup-group/events/290974160/ 2023大南方製造業資安趨勢論壇- 產業轉型 資安升級 2023/2/16 https://www.informationsecurity.com.tw/seminar/2023_KHinfosecurity365/index.htm 資安免疫系統強化論壇 2023/2/21 https://buzzorange.com/techorange/forum/2023-cybersecurity-immune-system/ Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 加密大逃殺？善用 Web3 去中心化錢包 2023/2/22 https://www.accupass.com/event/2301301209062089881353 兩道資安關鍵防線 遠離遠距辦公資安風險 2023/2/23 https://www.accupass.com/event/2301170725591343770258 2023 資安365年會 數位供應鏈 資安不斷鏈 2023/2/23 https://www.informationsecurity.com.tw/seminar/2023_TPinfosecurity365/register.aspx 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/ DEVCORE Conference 2023 - 3/10 企業場 2023/3/10 https://devcore.kktix.cc/events/devcoreconf2023-0310 DEVCORE Conference 2023 - 3/11 駭客場 2023/3/11 https://devcore.kktix.cc/events/devcoreconf2023 掌握資安趨勢 讓大數據決策市場研討會 2023/3/16 https://www.accupass.com/event/2212200343421615169635 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013