###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/2/5 ~ 2024/2/9 1.重大弱點漏洞/後門/Exploit/Zero Day Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-fortisiem-rce-bugs-in-confusing-disclosure/ https://www.fortiguard.com/psirt/FG-IR-23-130 https://nvd.nist.gov/vuln/detail/CVE-2024-23108 https://nvd.nist.gov/vuln/detail/CVE-2024-23109 https://nvd.nist.gov/vuln/detail/CVE-2023-34992 Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html FortiOS - Out-of-bound Write in sslvpnd https://fortiguard.fortinet.com/psirt/FG-IR-24-015 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21762 FortiOS - Format String Bug in fgfmd https://fortiguard.fortinet.com/psirt/FG-IR-24-029 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23113 零時差漏洞EventLogCrasher影響所有版本Windows https://www.bleepingcomputer.com/news/microsoft/new-windows-event-log-zero-day-flaw-gets-unofficial-patches/ https://twitter.com/floesen_/status/1749809453367779758 https://blog.0patch.com/2024/01/the-eventlogcrasher-0day-for-remotely.html 7.7萬臺Jenkins伺服器曝露於重大RCE漏洞風險 https://www.ithome.com.tw/news/161172 Ivanti Connect Secure的SSRF零時差漏洞遭到多組駭客利用 https://twitter.com/Shadowserver/status/1754145361029960189 QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7114777 Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html AnyDesk遭網路攻擊，外傳原始碼與憑證都遭駭 https://www.ithome.com.tw/news/161182 AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset https://thehackernews.com/2024/02/anydesk-hacked-popular-remote-desktop.html Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html Google Chrome、Microsoft Edge、Brave、Opera及Vivaldi等瀏覽器存在安全漏洞(CVE-2024-0519)，請儘速確認並進行修補 https://lis.mcut.edu.tw/p/406-1013-64574,r11.php?Lang=zh-tw Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html OAuth漏洞引發金融犯罪威脅：微軟呼籲強化MFA保護 https://blog.twnic.tw/2024/02/05/29500/ Google指控2023年8成零時差漏洞遭商業間諜軟體供應商濫用 https://blog.google/threat-analysis-group/commercial-surveillance-vendors-google-tag-report/ 空中巴士的飛行員應用程式存在漏洞，恐影響飛行安全 https://www.pentestpartners.com/security-blog/hacking-electronic-flight-bags-airbus-navblue-flysmart-manager/ 威聯通修補NAS作業系統QTS、檔案同步系統Qsync Central高風險漏洞 https://www.securityweek.com/qnap-patches-high-severity-bugs-in-qts-qsync-central/ GNU C程式庫glibc存在弱點，有可能讓攻擊者取得root權限，多個版本Linux曝險 https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog 2.銀行/金融/保險/證券/金融監理 新聞及資安 New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw https://thehackernews.com/2024/02/new-mispadu-banking-trojan-exploiting.html 彰化銀行資訊安全長、發言人異動 林玉葉、王淑芳接任 https://www.ctee.com.tw/news/20240202701781-430304 當「人造黑天鵝」成趨勢，台灣如何因應「數位珍珠港」的金融戰攻擊 https://www.thenewslens.com/article/198438 集保結算所今成立「數位暨資安部」　數位創新與資安韌性再進化 https://news.owlting.com/articles/301716 龔明鑫於合庫經理會議演講 籲企業：淨零轉型創造商機 https://news.cnyes.com/news/id/5444941 合庫銀經理會議 董座揭五大策略方向期再創佳績 https://reurl.cc/L42NDe 專訪期交所總經理 周建隆：拚下月底取得英國結算機構認可 https://ec.ltn.com.tw/article/paper/1629452 北富銀 AI「獵鷹系統」啟用！全國首創 AI 防洗錢模型　可減 45% 假警報 https://news.owlting.com/articles/604935 年檢舉近3百件偽冒案！富邦金控春節反詐不打烊 守護客戶財產安全 https://www.ctee.com.tw/news/20240206700661-430304 金管會要求春節服務不中斷　各保險公司緊急連絡電話看這裡 https://www.nownews.com/news/6360727 詐團搶年終！金管會統計詐騙增逾5千件 銀行紛推阻詐AI防護 https://reurl.cc/rr0LW4 金融木馬Mispadu透過Windows SmartScreen漏洞滲透 https://unit42.paloaltonetworks.com/mispadu-infostealer-variant/ 春節期間金融機構ATM運作不休息 https://www.banking.gov.tw/ch/home.jsp?id=540&parentpath=0,524,539&mcustomize=multimessage_view.jsp&dataserno=202402060002&aplistdn=ou=news,ou=multisite,ou=chinese,ou=ap_root,o=fsc,c=tw&dtable=News 春節連假實地抽測 金管會：9縣市ATM運作順暢 https://www.rti.org.tw/news/view/id/2195443 3.信用卡/電子支付/行動支付/pay/支付系統/資安 中國行動支付日益普及 外籍遊客卻深感不便 https://udn.com/news/story/7333/7761565 帳戶疑涉洗錢 印度支付龍頭Paytm股價連吞3根跌停 https://ec.ltn.com.tw/article/breakingnews/4573105 中國青年捨行動支付重拾現金交易：消費「有痛感」才能存錢 https://www.thenewslens.com/article/198296 線上點光明燈 公股銀、台灣Pay助力 https://www.chinatimes.com/newspapers/20240206000382-260208?chdtv TWQR行動支付進軍韓國　省1.5%手續費買爆3.5萬家特約商店　 https://news.tvbs.com.tw/life/2384249 中國內地電子支付懶人包｜AlipayHK跨境支付認證教學 網上匯款/乘車碼/深圳商場、餐廳優惠 https://reurl.cc/dLp7dk 中國呼和浩特首票跨境電商零售進口稅款電子支付落地 https://reurl.cc/138en9 電子支付侵犯個人自由? 德國「難民付款卡」引論戰 https://newtalk.tw/news/view/2024-02-03/907735 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html 上億美元XRP被盜，竟來自聯創個人帳戶，Ripple陷透明度質疑 https://www.panewslab.com/zh_hk/articledetails/xl5v12m4Ft.html Ripple 遭駭客攻擊後，幣安凍結了價值 4,2 萬美元的 XRP https://portalcripto.com.br/zh-TW/Ripple%E9%81%AD%E9%A7%AD%E5%AE%A2%E6%94%BB%E6%93%8A%E5%BE%8C%EF%BC%8C%E5%B9%A3%E5%AE%89%E5%87%8D%E7%B5%90%E4%BA%8642%E8%90%AC%E7%BE%8E%E5%85%83%E7%9A%84XRP/ Conic Finance在三天內吸引超過2600萬美元的存款 https://news.cnyes.com/news/id/5445201 Bonk DAO計劃為專注於Solana生態項目的基金投資50萬美元 https://news.cnyes.com/news/id/5443912 SagaDAO已成功追回上周被盜的全部資金 https://news.cnyes.com/news/id/5444262 SEC指控美國比特幣學院創辦人詐欺學生120萬美元 https://www.panewslab.com/zh_hk/sqarticledetails/wuh214esFt.html 高點套現5億鎂、躲過破產..FTX崩潰的最大受益者竟是一個柔道冠軍 https://www.blocktempo.com/the-biggest-beneficiary-of-ftx-bankruptcy-is-rashit-makhat/ FTX 宣布以 2022 年 XNUMX 月價值退款比特幣 https://portalcripto.com.br/zh-TW/ftx-%E5%AE%A3%E5%B8%83%E4%BB%A5-2022-%E5%B9%B4-XNUMX-%E6%9C%88%E5%83%B9%E5%80%BC%E9%80%80%E6%AC%BE%E6%AF%94%E7%89%B9%E5%B9%A3/#google_vignette GameFi 和 DeFi 如何融合 https://portalcripto.com.br/zh-TW/gamefi-%E5%92%8C-defi-%E5%A6%82%E4%BD%95%E8%9E%8D%E5%90%88/ 加密貨幣再遭駭 被竊走4100萬美元 https://www.rti.org.tw/news/player/id/2020052 幣安用戶個資驚傳在暗網販售！官方回應：查無風險 https://zombit.info/binance-users-kyc-data-seems-to-be-on-sale-on-the-dark-web/ 遭6.24億美元駭客攻擊兩年後Ronin捲土重來，哪些經驗值得業界學習 https://www.panewslab.com/zh_hk/articledetails/71lb2990Ft.html ZBexchange駭客再次向Tornado Cash存入1313枚ETH https://news.cnyes.com/news/id/5450467 估值 25 億美元的 Wormhole 即將空投！一文搞懂「W」的代幣經濟模型 https://blockcast.it/2024/02/08/wormhole-unveiled-the-token-economics-for-its-native-token-w/ Hacken：2個轉移Ripple聯創被盜資金的錢包與「XRP授權錢包」相關 https://news.cnyes.com/news/id/5449952 狂撈30億美元！北韓對加密貨幣 疑發動58起網路攻擊 https://news.ltn.com.tw/news/world/breakingnews/4575774 聯合國調查北韓駭客盜取930億元 助北韓發展核武 https://udn.com/news/story/6809/7763131 OKX 全球布局再下一城！進軍阿根廷、推出交易所及 Web3 錢包 https://blockcast.it/2024/02/08/okx-latest-global-expansion-launches-exchange-and-web3-wallet-in-argentina/ Pixels創辦人：已推出名為「任務版」的新系統，將是日後分發PIXEL代幣的主要係統 https://www.panewslab.com/zh_hk/sqarticledetails/47308kreFt.html 韓國檢方調查Wemade涉嫌逃避虛擬資產業務登記責任 https://news.cnyes.com/news/id/5450489 以太幣突破 2400 美元，本輪牛市週期能飆到 2.7 萬美元嗎 https://blockcast.it/2024/02/08/eth-could-reach-27k-this-bull-cycle-community-predicts/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 報告：台灣和日本約佔亞洲勒索攻擊的77% https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10925 台灣日本製造業遭勒索攻擊嚴重 在亞洲地區占比達七成 https://reurl.cc/krplWx 新加坡警方針對「加密貨幣駭客」惡意軟體發出聯合警告 https://news.cnyes.com/news/id/5445247 YouTube 擴充外掛FadBlock 遭植入惡意程式碼！開發者呼籲：盡快停用 https://3c.ltn.com.tw/news/56919 2千臺烏克蘭電腦遭到惡意軟體PurpleFox攻擊 https://cert.gov.ua/article/6277422 深圳原廠電腦內藏木馬！買家登入錢包私鑰遭竊「加密資產全蒸發…」 https://www.blocktempo.com/shenzhen-factory-computers-found-with-pre-installed-trojan/ 後門程式Activator假借macOS應用程式散布，停用作業系統內建的防護機制 https://www.sentinelone.com/blog/backdoor-activator-malware-running-rife-through-torrents-of-macos-apps/ 殭屍網路FritzFrog利用Log4Shell及PwnKit漏洞散布惡意程式 https://www.akamai.com/blog/security-research/fritzfrog-botnet-new-capabilities-log4shell 勒索軟體是工業控制系統與操作科技環境的頭號威脅 https://www.txone.com/news/txone-networks-published-annual-report-2023/ After FBI Takedown, KV-Botnet Operators Shift Tactics in Attempt to Bounce Back https://thehackernews.com/2024/02/after-fbi-takedown-kv-botnet-operators.html HijackLoader Evolves: Researchers Decode the Latest Evasion Methods https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html Facebook Advertising Spreads Novel Malware Variant https://www.trustwave.com/hubfs/Web/Library/Documents_pdf/FaceBook_Ad_Spreads_Novel_Malware.pdf ResumeLooters gang infects websites with XSS scripts and SQL injections https://www.group-ib.com/blog/resumelooters/ SmartApeSg Delivering NetSupport RAT https://www.esentire.com/blog/smartapesg-delivering-netsupport-rat APT-K-47 group uses new malware tools to launch data theft attacks https://paper.seebug.org/3115/ Distribution of Zephyr CoinMiner Using Autoit https://asec.ahnlab.com/en/61164/ Smargaft Harnesses EtherHiding for Stealthy C2 Hosting https://blog.xlab.qianxin.com/smargaft_abusing_binance-smart-contracts_en/ Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal https://otx.alienvault.com/pulse/65bcdb1d1e7f9b70bf1accaa U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance https://thehackernews.com/2024/02/us-imposes-visa-restrictions-on-those.html Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 12款Android App遭植入惡意間諜程式被揪出！暗中偷個資、竊聽來電 https://3c.ltn.com.tw/news/56907 研究人員公布安卓本地權限提升漏洞的概念性驗證程式，影響至少7個廠牌行動裝置 https://www.bleepingcomputer.com/news/security/exploit-released-for-android-local-elevation-flaw-impacting-7-oems/ https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html https://source.android.com/docs/security/bulletin/2023-12-01 Google發布2月份安卓例行更新，修補46個漏洞 https://source.android.com/docs/security/bulletin/2024-02-01 安卓木馬VajraSpy透過Google Play市集散布 https://www.welivesecurity.com/en/eset-research/vajraspy-patchwork-espionage-apps/ 約旦記者、社會運動人士、人權律師的手機遭間諜軟體Pegasus跟蹤 https://thehackernews.com/2024/02/pegasus-spyware-targeted-iphones-of.html Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan https://thehackernews.com/2024/02/pegasus-spyware-targeted-iphones-of.html Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 Cloudflare披露曾於去年感恩節遭遇駭客攻擊，但承諾客戶資料或系統未受影響 https://www.panewslab.com/zh_hk/articledetails/4dxx79maFt.html 駭客使用牙刷進行攻擊造成巨大損失 https://zh-tw.techwar.gr/328194/oi-hackers-prokaloun-terastia-zimia-me-epithesi-pou-chrisimopoiei-odontovourtses/#google_vignette 美琪瑪：公司部份資訊系統遭受駭客網路攻擊事件之說明 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=0b5cd0dd-194b-4782-b32e-10864e6e56c2 化學材料廠美琪瑪部分資訊系統遭網路攻擊 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=180109&SPOKE_DATE=20240205&COMPANY_ID=4721 旅館業者富野傳出分公司資訊系統遭網路攻擊 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=3&SPOKE_TIME=170130&SPOKE_DATE=20240205&COMPANY_ID=2736 富野：旗下分公司資訊系統遭受網路攻擊 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=7f9ea2ae-bf06-430c-8f17-7d6899710978 駭客入侵開車庫門 洛縣華人午夜驚魂 https://www.worldjournal.com/wj/amp/story/121359/7763011 惡意流量引導系統VexTrio被用於針對逾7萬個網域發動攻擊 https://blogs.infoblox.com/cyber-threat-intelligence/cybercrime-central-vextrio-operates-massive-criminal-affiliate-program/ 西門町酒店收炸彈恐嚇 電郵IP來自加州：不給2千萬就引爆 https://reurl.cc/eLpXgW Phantom短暫遭遇DDOS攻擊，現已恢復運行 https://news.cnyes.com/news/id/5443891 美國芝加哥兒童醫院Lurie遭遇網路攻擊，IT系統被迫離線 https://www.bleepingcomputer.com/news/security/lurie-childrens-hospital-took-systems-offline-after-cyberattack/ 針對去年9月遭遇網路攻擊，清潔劑製造商高樂氏損失4,900萬美元 https://www.bleepingcomputer.com/news/security/clorox-says-cyberattack-caused-49-million-in-expenses/ 俄羅斯駭客組織APT28發動NTLM中繼攻擊，鎖定全球企業組織高層下手 https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth.html 中國留學生被迫當間諜 美報告：世界之最 https://reurl.cc/138e7W 日媒：日本外交電報系統曾遭中國網攻 引美關切 https://www.cna.com.tw/news/aopl/202402050123.aspx 2千臺烏克蘭電腦遭到惡意軟體DirtyMoe、PurpleFox攻擊 https://cert.gov.ua/article/6277422 烏克蘭能源、交通、郵政機構遭遇網路攻擊 https://therecord.media/ukraine-cyberattacks-energy-postal-transportation 荷蘭情報局處公開指控 中國去年曾入侵荷軍事網路 https://news.ltn.com.tw/news/world/breakingnews/4574549 荷蘭軍事網路遭中國駭客入侵，利用Fortinet防火牆漏洞植入木馬程式 https://www.ncsc.nl/documenten/publicaties/2024/februari/6/mivd-aivd-advisory-coathanger-tlp-clear 俄羅斯駭客組織Shuckworm攻擊烏克蘭軍方，利用PowerShell後門程式進行滲透 https://www.securonix.com/blog/security-advisory-steadyursa-attack-campaign-targets-ukraine-military/ 俄羅斯太空氣象研究中心遭到烏克蘭駭客攻擊，破壞2 PB資料 https://gur.gov.ua/content/znyshchyly-vorozhu-planietu-detali-kiberataky-proty-tsentru-kosmichnoi-hidrometeorolohii-rf.html 阿爾巴尼亞研究所傳出遭到網路攻擊，部分系統受到影響，疑為伊朗駭客所為 https://therecord.media/iran-linked-hackers-claim-attack-on-albania-census-org https://www.facebook.com/institutistatistikave/posts/pfbid02aMQi8UxE6sYD2HE6viCfU1BXEpxnpEPfUNrvQFpykErGAFWt1fFoiYZxnDBLQqv4l https://cesk.gov.al/deklarate-zyrtare-5/ https://t.me/justice_homeland/451 歐盟《網路韌性法案》即將立法 https://blog.twnic.tw/2024/02/06/29552/ 駭客曝文件 證實伊朗售俄無人機 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1651770&type=international 菲律賓總統個人網站遭網攻 駭客IP位址來自中國 https://news.ltn.com.tw/news/world/breakingnews/4573229 中國國家主席習近平恐掌握菲律賓電網「隨時可影響100%軍事命脈」 https://www.youtube.com/watch?v=FADGUIj3jfs 美國政府將針對利用間諜軟體從事攻擊的人士祭出制裁，將拒絕提供簽證 https://cert.gov.ua/article/6277422 美國嚴打涉間諜活動中國殭屍網路 https://today.line.me/tw/v2/article/mWwgypE 分析師：美汰換中國製資通設備並非不行 但經費缺口有增無減 https://ec.ltn.com.tw/article/breakingnews/4571112 美國白宮發布「國家資安戰略」 https://www.lawbank.com.tw/treatise/pl_article.aspx?AID=P000260305 情報機構：中國駭客組織鎖定美基礎建設已至少5年 https://newtalk.tw/news/view/2024-02-08/908294 FTX 駭客落網？彭博社：美國司法部指控三人透過「SIM 卡交換攻擊」從 FTX 竊取 4 億鎂 https://zombit.info/ftx-s-missing-400-million-were-stolen-in-sim-swapping-hack-doj-says/ 美國司法部在FTX被竊4億美元的案件中指控三人 https://reurl.cc/qrpkK3 涉竊盜飛彈追蹤技術等商業機密 中國裔工程師被捕 https://www.rti.org.tw/news/view/id/2195371 美國宣布 破獲中國支持的基礎設施駭客行動 https://disp.cc/b/Military/gOLr 美空軍霍夫上將 掌網路司令部、國安局 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1650642&type=universal 美國五角大廈網路司令交接 慎防中國大陸干預美國選舉 https://udn.com/news/story/6809/7752279?from=udn-catebreaknews_ch2 中共駭客引眾怒 美國癱瘓「伏特颱風」 https://www.bannedbook.org/bnews/zh-tw/bannedvideo/20240203/1996387.html 美國FBI局長出席聽證會 控中駭客攻擊美基礎設施 https://today.line.me/tw/v2/article/7NRZapm 美國聯邦調查局長警告中國駭客正在攻擊美國關鍵基礎設施，目的是在中國政府侵略臺灣時阻止美國行動 https://www.cybersecuritydive.com/news/fbi-china-hackers-us-critical-infrastructure/706307/ https://www.fbi.gov/news/speeches/director-wrays-opening-statement-to-the-house-select-committee-on-the-chinese-communist-party https://www.fbi.gov/news/stories/china-s-hackers-have-entire-nation-in-their-crosshairs-fbi-director-warns https://www.fbi.gov/news/testimony/the-ccp-cyber-threats-to-the-american-homeland-and-national-security 澳洲官員提「網路威脅」 中國官員當場反駁：中國對世界有益 https://www.worldjournal.com/wj/story/121339/7752357 DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking https://thehackernews.com/2024/02/dirtymoe-malware-infects-2000-ukrainian.html Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks https://thehackernews.com/2024/02/russian-apt28-hackers-targeting-high.html U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks https://thehackernews.com/2024/02/us-sanctions-6-iranian-officials-for.html RedCurl cyber spies aim for Australia, Singapore and Hong Kong https://www.facct.ru/blog/redcurl-2024/ New Information on Cyberespionage Attacks against Myanmar Military Junta https://csirt-cti.net/2024/02/01/stately-taurus-continued-new-information-on-cyberespionage-attacks-against-myanmar-military-junta/ DIRTYMOE (PURPLEFOX) affected more than 2000 computers in Ukraine https://cert.gov.ua/article/6277422 Scaly Wolf uses White Snake stealer against Russian industry https://bi.zone/expertise/blog/scaly-wolf-primenyaet-stiler-white-snake-protiv-rossiyskoy-promyshlennosti/ 【風險諮詢】數位科技風險 - 金融業Fintech資安風險管理顧問 https://www.yourator.co/companies/deloitte/jobs/25425 資安顧問 https://www.yourator.co/companies/talentjump/jobs/32898 【風險諮詢】數位科技風險 - 資訊安全風險管理顧問 https://www.yourator.co/companies/deloitte/jobs/25424 Security Auditor 資安稽核員 https://www.yourator.co/companies/Dcard/jobs/34246 資安工程師 https://www.yourator.co/companies/talentjump/jobs/33875 [果核] 資安監控資深工程師_0419 https://www.yourator.co/companies/gamania/jobs/33787 資訊安全管理工程師 https://www.yourator.co/companies/iPASS/jobs/34036 【日商樂天】資安工程師 Offensive Security Engineer (DU) https://www.yourator.co/companies/rakuten/jobs/25024 資安維運工程師 https://www.yourator.co/companies/irentcar/jobs/33748 【專業支援】資安管理專業人員 https://www.yourator.co/companies/cathaybk/jobs/28277 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 駭客組織ResumeLooters利用SQL注入、XSS攻擊求職網站，竊取逾200萬人個資 https://www.group-ib.com/blog/resumelooters/ 微軟Azure AD測試以自拍驗證登入 https://www.ithome.com.tw/news/161243 跨國企業遭到Deepfake視訊會議詐騙，損失2億港幣 https://news.rthk.hk/rthk/ch/component/k2/1739101-20240204.htm https://hongkongfp.com/2024/02/05/multinational-loses-hk200-million-to-deepfake-video-conference-scam-hong-kong-police-say/ https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html Mozilla推出可移除使用者外洩個資的Mozilla Monitor Plus訂閱服務 https://www.ithome.com.tw/news/161231 超過18000個API 金鑰外洩! 影響多個主流網站使用之令牌 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10934 德州內戰」假訊息廣傳 BBC：微博成散播平台 https://www.cna.com.tw/news/aopl/202402030164.aspx 聯手台人蛇拿個資　中國犯罪集團買賣假護照 https://news.cts.com.tw/cts/international/202402/202402032283723.html#google_vignette 健保資料疑似外洩案 數位部澄清：數位部非健保個資主管機關 如涉資安部分全力配合偵辦 https://www.vac.gov.tw/vac_home/taoyuan/cp-2992-140170-203.html 選後Threads成為社群平台新寵 接觸不同分眾須留意資安及假訊息 https://ct.org.tw/html/news/3-3.php?cat=74&article=1397924 詐騙又有新招！網路申請貸款險被騙　「匯錢給你再匯出」提供帳戶恐成共犯 https://www.youtube.com/watch?v=nzbWr-WNdlU 網傳重要文件「迎新年LINE好友回饋禮，LINE Pay好禮三選一，掃QR碼領取新年好禮」 https://tfc-taiwan.org.tw/articles/10282 用軍階分類設群組假冒名人教投資 警：小心詐騙 https://reurl.cc/L42Ng3 遇虛擬幣詐騙! 工程師追「金流」 拿回百萬 https://www.youtube.com/watch?v=2VKKqrK-iqI HPE傳出內部資料流出駭客論壇，該公司著手調查駭客的說法 https://www.bleepingcomputer.com/news/security/hpe-investigates-new-breach-after-data-for-sale-on-hacking-forum/ 暗黑 AI 另一「妙用」：黑網 OnlyFake 用神經網路，450 元就能生成逼真身分證 https://www.inside.com.tw/article/34129-onlyfake-fake-id 中共化身幕後黑手 歐亞拉丁美洲逾百假新聞網推送「大外宣」資訊 https://www.soundofhope.org/post/791269?lang=b5 全球百餘假媒體助中大外宣 背後是中國公關公司 https://www.worldjournal.com/wj/story/121480/7763754 實體信件鼓勵掃碼領禮券 查核中心：詐騙訊息 https://www.cna.com.tw/news/ahel/202402060128.aspx 千萬別點開！LINE瘋傳「龍年搶紅包」訊息　事實查核中心：並非官方活動 https://ctinews.com/news/items/4Xamz5mwxA 重要文件？迎新年LINE好友回饋禮？掃QR碼領取？騙取個資手法 https://reurl.cc/4jlr7D LINE　Pay紅包小心有詐！「附連結」別點　恐被竊個資 https://news.cts.com.tw/cts/society/202402/202402092285596.html 小心！掃碼領取「迎新年LINE好友回饋禮？」查核機構：竊取個資 https://today.line.me/tw/v2/article/2DRYaqa 針對去年發生的資料外洩事故，電信業者Verizon證實6.3萬名員工個資流出 https://apps.web.maine.gov/online/aeviewer/ME/40/65b9290a-b22e-4ae7-93e7-5acb84357297.shtml 使用免費電子郵件信箱註冊身分釀禍？逾1,500臺網路作業人員的電腦感染竊資軟體，帳密資料流入暗網 https://securityaffairs.com/158329/cyber-crime/network-operators-credentials-found-in-dark-web.html https://www.bleepingcomputer.com/news/security/hacker-hijacks-orange-spain-ripe-account-to-cause-bgp-havoc/ https://www.infostealers.com/article/infostealer-infection-of-an-orange-employee-results-in-bgp-disruptions/ https://www.resecurity.com/blog/article/hundreds-of-network-operators-credentials-found-circulating-in-dark-web CIA史上最大洩密案！軟體工程師遭重判40年 更查獲持兒童色情照 https://newtalk.tw/news/view/2024-02-02/907628 美CIA史上最大規模洩密案！ 「數位珍珠港事件」幕後黑手遭重判40年 https://reurl.cc/RW2v9z Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents https://thehackernews.com/2024/02/former-cia-engineer-sentenced-to-40.html Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html Beware: Fake Facebook Job Ads Spreading 'Ov3r_Stealer' to Steal Crypto and Credentials https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html E.研究報告/工具 不是深偽也不是釣魚! Prompt Injection 才是生成式AI最大問題 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10933 給資安長的雲端安全相關20 個統計資料和趨勢 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10932 黑客攻防從入門到精通-社會工程學篇（簡體書） https://www.sanmin.com.tw/product/index/006194225 【DDoS】連發攻擊 https://vocus.cc/article/65bc7e79fd89780001c345c4 研究人員揭露ApateWeb攻擊行動，駭客企圖散布恐嚇程式、PUP程式 https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign/ Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security https://thehackernews.com/2024/02/cloudzy-elevates-cybersecurity.html Combined Security Practices Changing the Game for Risk Management https://thehackernews.com/2024/02/combined-security-practices-changing.html F.商業 「全球網路安全日」! Sophos 強調應建立強固的密碼以防憑證被竊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10931 Hitachi Vantara與思科聯手推出次世代混合雲代管服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10929 新加坡ABPGroup集團布局台灣，成立安普新科技公司 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10927 How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html 趨勢科技在IDC MarketScape現代化企業端點防護評比中獲選為領導者 https://www.ithome.com.tw/pr/161113 遠傳攜手數聯資安 推出DDoS防禦及攻擊演練服務 https://www.fetnet.net/content/corp/tw/LatestNews/LatestNews_Contents.html?uuid=3cd466f5-3364-4e5f-93b4-1ffd9375da94 中華電阻詐 打造資安防線 https://udn.com/news/story/7253/7751627 Unified Identity – look for the meaning behind the hype https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html 中華電「放心接」NMS隱碼服務 創造企客、消費者雙贏 https://reurl.cc/VN28oY 安碁資訊1月營收年增8% SOC監控評比勇奪國內資安業者之冠 https://wantrich.chinatimes.com/news/20240205900515-420101 開始提供Wi-Fi 7基地臺，Foritinet資安鐵三角添新成員 https://www.ithome.com.tw/review/161189 NEITHNET 全象限威脅獵捕，助企業防勒索攻擊 https://news.owlting.com/articles/605786 IBM推適用中小企業的大型主機LinuxONE 4 Express https://www.ithome.com.tw/news/161242 G.政府 國防部離職人員揭露 部屬對國防院董事長霍守業拍桌 https://udn.com/news/story/10930/7753949 內部公文遭兜售情戰計畫外流？軍情局：強化資安及蒐研紀律 https://reurl.cc/j36l4D 軍情局也陷資安危機？ 政府防火牆怎麼辦 https://reurl.cc/lgpvr9 顧資安、保護病人資料 馬偕醫院與法務部簽訂MOU https://udn.com/news/story/7270/7756945 113年春節期間資安警戒防護專案 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1651191 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 物聯網五大趨勢推動半導體產業發展 https://www.eettaiwan.com/20240202nt32-iot-five-trends/ 全球首次聚焦連網汽車安全漏洞，Pwn2Own Automotive競賽圓滿成功 https://cars.tvbs.com.tw/car-news/170760 TXOne Networks報告指出：勒索軟體即服務、供應鏈攻擊與地緣政治問題讓全球產業OT／ICS資訊安全日益複雜 https://n.yam.com/Article/20240205199942#google_vignette 三菱電機工業自動化系統存在漏洞，攻擊者可導致系統服務中斷、執行任意程式碼 https://www.securityweek.com/mitsubishi-electric-factory-automation-flaws-expose-engineering-workstations/ https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-02 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 【安碁學苑】IPAS 資訊安全工程師中級證照培訓班 2024/2/20 ~ 2024/7/15 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-1 資安五四三 2024/2/21 https://csa.kktix.cc/events/202402-543 2024 Duet AI for Google Cloud 全新攻略看這邊！手刀報名 2/21 Duet AI 線上研討會 2024/2/21 https://www.accupass.com/event/2401171309569808607700 2024資安365年會 2024/2/22 https://www.informationsecurity.com.tw/seminar/2024_TPinfosecurity365/register.aspx 『數位信任』暨『防詐產業』交流會 2024/2/22 https://www.accupass.com/event/2401190530421788718610 Google Cloud 資安攻略｜Cloud Armor 搭配負載平衡打造資安防護網 2024/2/23 https://www.accupass.com/event/2401150346098763080290 【安碁學苑】IPAS 資訊安全工程師中級證照培訓班 2024/2/20-2024/2/3/5 https://www.accupass.com/event/2312151022301066488466 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://buzzorange.com/techorange/forum/2024h1-cybersecurity-combat-exercise/ 資安事件調查與實務分析 2024/3/6（三） https://docs.google.com/forms/d/1bO_IhZ9gxZ-nFNGVva7ZfRWyX5B3n-sKEdW6nkPtj50/edit .NET / Java 安全程式開發達人集訓班（高雄場） 2024/3/6 ~ 2024/3/8 https://www.accupass.com/event/2401100307112987621850 【安碁學苑】資安技術人才培育｜實戰培訓首發班 2024/3/11 ~ 2024/3/29 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-2 DEVCORE CONFERENCE 2024 2024/3/16 https://devcore.kktix.cc/events/devcoreconf2024 【企業資安講堂】資安教育免費線上課程 2024/3/19 ~ 2024/11/19 https://acercsi.kktix.cc/events/2024csr 黑客視角：網站漏洞挖掘與防禦 2024/3/20 https://docs.google.com/forms/d/1OGcXzbo2vG9_DU5oQ9DCAF2zWJtewqrd4OM28zdatw4/edit 社團法人台灣駭客協會 113 年度會員春酒 2024/3/27 https://hitcon.kktix.cc/events/hit-banquet-113 中區(實體)--校園資安作業與外部審查實務 2024/4/8 https://tp2rc.tanet.edu.tw/node/790 AI應用系統開發與生成式AI應用人才培訓班第一梯次 2024/6/27 ~ 2024/8/9 https://www.accupass.com/event/2401100729511706489107