###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/4/10 ~ 2023/4/14 1.重大弱點漏洞/後門/Exploit/Zero Day 微軟發佈4月份安全性公告 https://msrc.microsoft.com/update-guide/releaseNote/2023-Apr 微軟修補一個已被勒索軟體駭客濫用的零時差漏洞 https://www.ithome.com.tw/news/156373 資安業者呼籲用戶應儘速修補MSMQ重大漏洞 https://www.bleepingcomputer.com/news/security/windows-admins-warned-to-patch-critical-msmq-queuejumper-bug/ Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html Microsoft Outlook 發布重大漏洞公告，Openfind 協助客戶即時因應資安威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10400 Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers https://thehackernews.com/2023/04/newly-discovered-by-design-flaw-in.html Cisco 發布多個產品的安全公告 https://sec.cloudapps.cisco.com/security/center/publicationListing.x 思科針對旗下網路安全、身分驗證安全產品修補漏洞 https://www.securityweek.com/cisco-patches-code-and-command-execution-vulnerabilities-in-several-products/ CISA 命令美國聯邦政府各單位立即修補最新 5 個漏洞，其中有一漏洞已遭用於勒贖攻擊 https://www.twcert.org.tw/tw/cp-104-7041-4dd23-1.html CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management https://thehackernews.com/2023/04/google-launches-new-cybersecurity.html HP 將於 90 天內修復多款 LaserJet 雷射印表機中的嚴重資安漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10403 SUNNET CTMS培訓大師 - Path Traversal https://www.twcert.org.tw/tw/cp-132-7033-878ab-1.html 強化資安！OpenAI 啟動漏洞獎勵計劃，廣發英雄帖除蟲 https://www.inside.com.tw/article/31301-openai-bug-bounty 可執行任意程式碼　Adobe Acrobat、Acrobat Reader 被發現漏洞 https://www.pcmarket.com.hk/adobe-acrobat-and-acrobat-reader-found-to-be-vulnerable-to-arbitrary-code-execution/ 特斯拉客戶關係管理系統TRT出現漏洞，恐導致員工帳號遭到接管 https://medium.com/@evan.connelly/post-account-takeover-account-takeover-of-internal-tesla-accounts-bc720603e67d 推特公開的演算法被找出漏洞，恐被用於惡搞特定人士的帳號 https://www.theregister.com/2023/04/07/twitter_code_cve_substack/ Sophos修補網頁安全閘道的任意程式碼執行漏洞 https://wsa.sophos.com/docs/ws1000/ws1000/concepts/ReleaseNotes_4.3.10.4.html 日本文書處理軟體Ichitaro出現重大漏洞，可被用於執行任意程式碼 https://blog.talosintelligence.com/vuln-spotlight-justsystems-ichitaro/ 全面採用雙因素驗證、快速套用修補程式是防範網路攻擊的有效手段 https://www.businesswire.com/news/home/20230406005089/en/Groundbreaking-Research-from-Marsh-McLennan-Reveals-Direct-Link-between-Key-Cybersecurity-Controls-and-Reduced-Cyber-Risk SAP發布4月例行更新，修補2個重大漏洞 https://www.bleepingcomputer.com/news/security/sap-releases-security-updates-for-two-critical-severity-flaws/ Fortinet修補資料分析系統的重大漏洞 https://www.fortiguard.com/psirt-monthly-advisory/april-2023-vulnerability-advisories 2.銀行/金融/保險/證券/金融監理 新聞及資安 Top 10 Cybersecurity Trends for 2023: From Zero Trust to Cyber Insurance https://thehackernews.com/2023/04/top-10-cybersecurity-trends-for-2023.html 遠東商銀X北市調查處 簽署資安合作備忘錄 https://readers.ctee.com.tw/cm/20230411/a44ac8/1234784/share 義大利禁 ChatGPT 金管會： 國內銀行尚未使用ChatGPT 技術，兩個月內提方案 https://www.inside.com.tw/article/31281-ai-chatgpt-bank 金控祭高薪挖角資安好手！警界驚爆出走潮？台灣資安斷鏈？擊破駭客之亂！警政署解密「科技犯罪」 https://video.ltn.com.tw/article/0HnYmz86PDg/PLI7xntdRxhw0-A2jbjU7ivAaOVNaUSF0j 1400萬客戶個資遭竊 澳金融公司Latitude拒付贖金 https://news.cts.com.tw/cna/general/202304/202304112164524.html Amazon禁售滲透測試設備Flipper Zero，原因是此產品可用於金融卡側錄攻擊 https://reurl.cc/MRVrDp 3.信用卡/電子支付/行動支付/pay/支付系統/資安 行動支付攜手銀行 APP一站式完成存款領息 https://reurl.cc/OVndDy Apple Pay進軍韓國，馬上被控侵權！是真有問題還是碰到「專利蟑螂」 https://www.bnext.com.tw/article/74835/apple-pay-kr-wy-april- 第三方支付開始成長 誰會是贏家?誰會成為飆股 https://news.cnyes.com/news/id/5142701 薪資直匯行動支付　日本受薪階級擔憂更甚期待 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000661141_GIN0T6FW5DUOQB0V98914 網購、行動支付詐騙猖獗 數位部祭7招打詐 https://ec.ltn.com.tw/article/breakingnews/4265810 亞洲電子支付夯 僅日本、泰國愛用現金 https://reurl.cc/AdYxze 防堵電子支付遭盜用　4/1起核驗原始手機碼 https://www.cardu.com.tw/news/detail.php?48456 金融機構危機處理要點 擬納入電子支付、信用卡 https://money.udn.com/money/story/5613/7044752 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 韓國交易所 GDAC 熱錢包被駭！損失上千萬美元、占總資產 23% https://blockcast.it/2023/04/11/south-korean-exchange-gdac-got-hacked/ 【塊轉Web3】一覺醒來NFT全消失！區塊鏈詐騙怎麼防？專訪趨勢科技協理劉彥伯 https://web3plus.bnext.com.tw/article/626? LUNC DeFi項目Terraport 在發布幾天後遭駭，近150億LUNC被盜 https://www.btcc.com/zh-TW/coin-news/market-updates/lunc-defi-project-terraport-hacked 零U投毒詐騙加強版「小額代幣釣魚」是什麼？鏈上已有800萬美元被盜 https://www.blocktempo.com/what-is-small-value-transfer-and-fake-token-transfer-phishing/ Euler Finance社區就如何將追回的被盜資金分配給用戶進行投票 https://news.cnyes.com/news/id/5141357 以太坊「上海升級」會怎樣 https://www.cw.com.tw/article/5125364 金正恩籲壯大戰爭嚇阻力！錢從哪來　北朝鮮駭客竊虛擬貨幣盜資金 https://www.ftvnews.com.tw/news/detail/2023411I13M1 掌握加密貨幣2大法律重點，避免投資變損失 https://www.bnext.com.tw/article/74704/allen%26overy Tether將此前攻擊MEV事件相關地址列入黑名單 https://news.cnyes.com/news/id/5142190 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC WinRAR SFX 壓縮文件可以運行 PowerShell 且不被檢測到 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10407 以色列間諜軟體肆虐至少10國　記者、異議人士都「受駭」 https://www.upmedia.mg/news_info.php?Type=3&SerialNo=170149 資安研究機構：以色列新間諜軟體具自我銷毀功能 https://today.line.me/tw/v2/article/gzN8Exz 勒索軟體Nokoyama利用Windows的CLFS零時差漏洞發動攻擊 https://securelist.com/nokoyawa-ransomware-attacks-with-windows-zero-day/109483/ 駭客入侵網站並注入指令碼，假借Chrome更新散布惡意軟體 https://insight-jp.nttsecurity.com/post/102ic6o/webgoogle-chrome 微軟公布檢測UEFI惡意程式BlackLotus的指引 https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/ 卡巴斯基揭露安卓惡意軟體的供應鏈，駭客能一口氣取得能上架Google Play市集的工具、投放廣告 https://securelist.com/google-play-threats-on-the-dark-web/109452/ 惡意程式載入器BatLoader攻擊將持續延燒 https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-batloader Mirai變種RapperBot採用新型態暴力破解手法入侵連網設備 https://securelist.com/crimeware-report-uncommon-infection-methods-2/109522/ 竊資軟體RedLine假冒ChatGPT、Google Bard聊天機器人軟體散布 https://veriti.ai/blog/research/from-chatgpt-to-redline-stealer-the-dark-side-of-openai-and-google-bard/ 英國肯德基、必勝客1月遭勒索軟體攻擊，約300家門市停業1天 https://www.bleepingcomputer.com/news/security/kfc-pizza-hut-owner-discloses-data-breach-after-ransomware-attack/ 後門程式Balada Injector發動注入攻擊，肆虐5年以來，受害的WordPress網站高達1百萬個 https://blog.sucuri.net/2023/04/balada-injector-synopsis-of-a-massive-ongoing-wordpress-malware-campaign.html 德國遊艇造船廠Lürssen傳出遭勒索軟體攻擊 https://www.darkreading.com/attacks-breaches/super-yacht-specialist-dry-dock-ransomware-attack 網路攻擊者將零信任概念發揮到極致！竊資軟體Typhon Reborn一口氣納入近20種反分析機制 https://blog.talosintelligence.com/typhon-reborn-v2-features-enhanced-anti-analysis/ 美國企業遭到駭客組織Midnight鎖定，聲稱加密檔案進行勒索 https://www.bleepingcomputer.com/news/security/fake-ransomware-gang-targets-us-orgs-with-empty-data-leak-threats/ 駭客上傳大量含有惡意連結的套件，癱瘓NPM套件庫的運作 https://medium.com/checkmarx-security/who-broke-npm-malicious-packages-flood-leading-to-denial-of-service-77ac707ddbf1 駭客向NPM 投放大量偽造軟體套件，引發DoS 攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10412 Hackers Flood NPM with Bogus Packages Causing a DoS Attack https://thehackernews.com/2023/04/hackers-flood-npm-with-bogus-packages.html Who Broke NPM? Malicious Packages Flood Leading to Denial of Service https://medium.com/checkmarx-security/who-broke-npm-malicious-packages-flood-leading-to-denial-of-service-77ac707ddbf1 微星證實遭到網路攻擊，呼籲用戶要從該公司網站取得韌體檔案 https://www.theregister.com/2023/04/07/msi_cyberattack_bios/ MSI微星遭勒贖400萬美元 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10404 Taiwanese PC Company MSI Falls Victim to Ransomware Attack https://thehackernews.com/2023/04/taiwanese-pc-company-msi-falls-victim.html New Cylance Ransomware with Power-Packed CommandLine Options https://blog.cyble.com/2023/04/07/new-cylance-ransomware-with-power-packed-commandline-options/ ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access https://www.mandiant.com/resources/blog/alphv-ransomware-backup Demystifying Money Message Ransomware https://blog.cyble.com/2023/04/06/demystifying-money-message-ransomware/ MERCURY and DEV-1084: Destructive attack on hybrid environment https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/ Threat Roundup for March 31 to April 7 https://blog.talosintelligence.com/threat-roundup-0331-0407-2/ Attack chain leads to XWORM and AGENTTESLA https://www.elastic.co/es/security-labs/attack-chain-leads-to-xworm-and-agenttesla Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign https://blog.sucuri.net/2023/04/balada-injector-synopsis-of-a-massive-ongoing-wordpress-malware-campaign.html GuLoader Targeting the Financial Sector Using a Tax-themed Phishing Lure https://www.esentire.com/blog/guloader-targeting-the-financial-sector-using-a-tax-themed-phishing-lure 惡意NuGet套件被用於會竊取加密貨幣的惡意程式 https://jfrog.com/blog/impala-stealer-malicious-nuget-package-payload/ Analysis of the First NuGet (.Net) Malicious Package Attack https://jfrog.com/blog/impala-stealer-malicious-nuget-package-payload/ Nokoyawa ransomware attacks with Windows zero-day https://securelist.com/nokoyawa-ransomware-attacks-with-windows-zero-day/109483/ Following the Lazarus group by tracking DeathNote campaign https://securelist.com/the-lazarus-group-deathnote-campaign/109490/ QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia https://www.microsoft.com/en-us/security/blog/2023/04/11/dev-0196-quadreams-kingspawn-malware-used-to-target-civil-society-in-europe-north-america-the-middle-east-and-southeast-asia/ https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/ MS-SQL 서버를 공격 중인 Trigona 랜섬웨어 - ASEC BLOG https://asec.ahnlab.com/ko/51168/ Bitter Group distributes CHM malware to Chinese institutions https://asec.ahnlab.com/ko/50851/ Threat Actor Spotlight: RagnarLocker Ransomware https://blog.sygnia.co/threat-actor-spotlight-ragnarlocker-ransomware Malware Disguised as Document from Ukraine's Energoatom Delivers Havoc Demon Backdoor https://www.fortinet.com/blog/threat-research/malware-disguised-as-document-ukraine-energoatom-delivers-havoc-demon-backdoor Money Ransomware: The Latest Double Extortion Group https://yoroi.company/research/money-ransomware-the-latest-double-extortion-group/ Investigating the resurgence of the Mexals campaign https://www.akamai.com/blog/security-research/mexals-cryptojacking-malware-resurgence https://github.com/akamai/akamai-security-research/blob/main/malware/mexals/iocs.csv Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector https://www.sentinelone.com/labs/transparent-tribe-apt36-pakistan-aligned-threat-actor-expands-interest-in-indian-education-sector/ Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign https://thehackernews.com/2023/04/over-1-million-wordpress-sites-infected.html Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages https://thehackernews.com/2023/04/cryptocurrency-stealer-malware.html Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit https://thehackernews.com/2023/04/israel-based-spyware-firm-quadream.html RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware https://thehackernews.com/2023/04/rtm-locker-emerging-cybercrime-group.html Dark web forum whac-a-mole https://blog.talosintelligence.com/threat-source-newsletter-april-13-2023/ Chameleon: A New Android Malware Spotted In The Wild https://blog.cyble.com/2023/04/13/chameleon-a-new-android-malware-spotted-in-the-wild/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 微軟、資安機構報告：全球至少10國以上媒體、政要iPhone遭以色列間諜軟體駭入 https://news.cnyes.com/news/id/5142584 4 月起 eSIM 手機維修可免費換卡，還能每 5 年免費換發一次 https://m.eprice.com.tw/mobile/talk/5035/5779292/1 蘋果為舊版行動裝置、電腦作業系統修補零時差漏洞CVE-2023-28206、CVE-2023-28205 https://www.bleepingcomputer.com/news/apple/apple-fixes-recently-disclosed-zero-days-on-older-iphones-and-ipads/ 蘋果修補2個零時差漏洞，影響範圍涵蓋行動裝置與電腦 https://www.bleepingcomputer.com/news/apple/apple-fixes-two-zero-days-exploited-to-hack-iphones-and-macs/ Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit https://thehackernews.com/2023/04/israel-based-spyware-firm-quadream.html Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security https://thehackernews.com/2023/04/cybercriminals-turn-to-android-loaders.html New Python-Based "Legion" Hacking Tool Emerges on Telegram https://thehackernews.com/2023/04/new-python-based-legion-hacking-tool.html Severe Android and Novi Survey Vulnerabilities Under Active Exploitation https://thehackernews.com/2023/04/severe-android-and-novi-survey.html WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks https://thehackernews.com/2023/04/whatsapp-introduces-new-device.html Kyocera列印的安卓App存在漏洞，恐被用於部署惡意程式 https://jvn.jp/en/vu/JVNVU98434809/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 資安人才不足 大廠推培訓認證深耕台灣市場 https://ec.ltn.com.tw/article/breakingnews/4267299 趨勢科技調查網路犯罪組織「企業化」 依規模分三級 https://udn.com/news/story/7240/7092740?from=udn-ch1_breaknews-1-0-news 調查：網路犯罪組織規模近合法企業，也面臨成本、辦公室角力挑戰 https://ccc.technews.tw/2023/04/12/cybercrime/ 發動DDoS攻擊的駭客偏好控制VPS來產生流量 http://blog.cloudflare.com/ddos-threat-report-2023-q1/ AI或變「駭客」搭檔？1分鐘內破解近千萬密碼 https://www.secretchina.com/news/b5/2023/04/11/1033184.html 傳出遭到網路軟體攻擊的Western Digital正逐步恢復資料備份服務 https://www.cybersecuritydive.com/news/western-digital-restores-my-cloud-home/647330/ 駭客聲稱從Western Digital竊走10 TB資料 https://techcrunch.com/2023/04/13/hackers-claim-vast-access-to-western-digital-systems/ Azure儲存的金鑰有可能遭到濫用，被用於提升權限或是執行RCE攻擊 https://orca.security/resources/blog/azure-shared-key-authorization-exploitation/ 為防範BGP挾持，荷蘭政府計畫全面導入RPKI標準，目前公部門的網站與郵件伺服器已有7成導入 https://www.ithome.com.tw/news/156316 挖礦軟體攻擊行動color1337鎖定Linux主機，並根據運算資源多寡，用於挖掘門羅幣，或是被用於散播惡意程式 https://tehtris.com/en/blog/linux-focus-on-a-cryptomining-attack-dubbed-color1337/ 公民實驗室與微軟揭露另一以色列駭客公司QuaDream https://www.ithome.com.tw/news/156371 衛星接收器遭到駭客組織GhostSec下手 https://blog.cyble.com/2023/03/27/ghostsec-targeting-satellite-receivers/ 美國警告鎖定企業的色情勒索攻擊行動 https://www.ic3.gov/Media/Y2023/PSA230407 美國防部推5G戰略 提升軍民雙邊能量 https://view.ctee.com.tw/technology/49428.html 美NSA資安主管警告：若中國入侵台灣將造成全球資安崩潰 「現在」就該想辦法 https://reurl.cc/OVn9O7 Google表示，烏克蘭衝突改變了網路威脅的格局 https://blog.twnic.tw/2023/04/12/26146/ 美國與北約組織的烏克蘭戰爭的軍事機密資料傳出在網際網路上公開 https://www.securityweek.com/secret-us-documents-on-ukraine-war-plan-spill-onto-internet-report/ 印度教育機構遭巴基斯坦駭客Transparent Tribe盯上 https://www.sentinelone.com/labs/transparent-tribe-apt36-pakistan-aligned-threat-actor-expands-interest-in-indian-education-sector/ 北韓駭客組織APT43鎖定政府機關而來，發動Archipelago攻擊 https://blog.google/threat-analysis-group/how-were-protecting-users-from-government-backed-attacks-from-north-korea/ 北韓駭客組織Lazarus發動DeathNote攻擊行動，鎖定國防工業而來 https://securelist.com/the-lazarus-group-deathnote-campaign/109490/ 伊朗駭客MuddyWater發動資料破壞攻擊 https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/ 針對線上服務停擺，英國警政機關ACRO證實遭到網路攻擊所致 https://www.bleepingcomputer.com/news/security/uk-criminal-records-office-confirms-cyber-incident-behind-portal-issues/ 英國揭露進攻性網路防禦原則 https://www.infosecurity-magazine.com/news/uk-offensive-cyber-capabilities/ 比利時人資系統業者SD Worx遭遇網路攻擊，英國及愛爾蘭服務的IT系統被迫關閉 https://www.bleepingcomputer.com/news/security/sd-worx-shuts-down-uk-payroll-hr-services-after-cyberattack/ ChatGPT Security: OpenAI's Bug Bounty Program Offers Up to $20,000 Prizes https://thehackernews.com/2023/04/chatgpt-security-openais-bug-bounty.html North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack https://thehackernews.com/2023/04/lazarus-sub-group-labyrinth-chollima.html Estonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military https://thehackernews.com/2023/04/estonian-national-charged-in-us-for.html Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions https://thehackernews.com/2023/04/pakistan-based-transparent-tribe.html Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign https://thehackernews.com/2023/04/lazarus-hacker-group-evolves-tactics.html 資安工程師-ACSI https://www.linkedin.com/jobs/view/%E8%B3%87%E5%AE%89%E5%B7%A5%E7%A8%8B%E5%B8%AB-acsi-at-acer-3559376699/?originalSubdomain=tw 顧問類-(資訊安全檢測顧問) https://pwc.wd3.myworkdayjobs.com/en-US/Global_Experienced_Careers/job/Taipei/C---_419558WD 集團 資安架構工程師 https://www.yourator.co/companies/Giant/jobs/29299?locale=zh-TW 資安專案經理-台北(中芯) https://www.104.com.tw/job/7ylcz?jobsource=googlejobs 5S元富證券-資安管理師 https://www.skfh.com.tw/hr/job_detail.aspx?id=49827 資訊部資安暨系統管理專員 https://www.104.com.tw/job/7ynpq?jobsource=googlejobs D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen https://thehackernews.com/2023/04/kodi-confirms-data-breach-400k-user.html 2022年釣魚郵件激增569% https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10398 三星機密差點因員工向 ChatGPT 求解而裸奔！我們到底該不該放緩 AI 發展 https://buzzorange.com/techorange/2023/04/11/ai-regulation/ FBI示警：公用免費USB充電站 易被駭客竊個資 https://news.ttv.com.tw/news/11204110032700N 資安公司監測160萬人，竟有3.1%員工上傳機敏資料到ChatGPT https://www.ithome.com.tw/news/156293 ChatGPT成洩密管道！資安公司監測160萬人 7天內4.96萬人外洩機敏資料 https://newtalk.tw/news/view/2023-04-12/866161 婆婆媽媽盲目投資「米得平台」304萬 血本無歸還告輸 https://news.ltn.com.tw/news/society/breakingnews/4267820 泰國公衛部遭駭！5500萬民眾個資出售 警方追緝陸軍中士 https://today.line.me/tw/v2/article/BEPQnl6 Adobe傳出用戶帳密外洩，要求重設密碼 https://www.hackread.com/adobe-resets-user-passwords-data-breach/ 特斯拉汽車的攝影機擷取影像傳出遭原廠不當取得與使用狀況，該公司員工竟私自拿來取樂，有侵犯客戶隱私疑慮 https://www.reuters.com/technology/tesla-workers-shared-sensitive-images-recorded-by-customer-cars-2023-04-06/ 特斯拉車主提出訴訟，指控該公司允許員工濫用車輛鏡頭錄下的影片 https://www.ithome.com.tw/news/156344 駭客濫用Quickbooks服務發動商業詐騙郵件攻擊 https://www.avanan.com/blog/phishing-from-quickbooks 竊資軟體Creal將加密貨幣用戶帶往釣魚網站，進而挾持YouTube頻道管理員帳號 https://blog.cyble.com/2023/03/29/creal-new-stealer-targeting-cryptocurrency-users-via-phishing-sites/ 許多企業與組織未落實員工離職後的帳號清理作業，近半數民眾反映他們曾使用這些帳號來存取系統 https://www.passwordmanager.com/47-of-workers-admit-to-hacking-accounts-with-former-employers-passwords/ 駭客濫用合法服務進行網路釣魚攻擊的情況日益頻繁 https://securityintelligence.com/articles/new-phishing-hides-behind-trusted-services/ 駭客組織Ares兜售企業與政府機關資料庫的情況升溫 https://www.cyfirma.com/outofband/ares-leaks-emerging-cyber-crime-cartel/ 研究人員展示如何濫用ChatGPT產生惡意程式，且能迴避防毒軟體偵測 https://www.forcepoint.com/blog/x-labs/zero-day-exfiltration-using-chatgpt-prompts 美國華人遭到鎖定，歹徒假冒中國當局進行詐騙 https://www.ic3.gov/Media/Y2023/PSA230410 現代汽車法國、義大利分公司資料外洩，曝露車主個資 https://www.bleepingcomputer.com/news/security/hyundai-data-breach-exposes-owner-details-in-france-and-italy/ 逾4成IT人員被高層要求不要通報資料外洩事故 https://www.bitdefender.com/blog/businessinsights/bitdefender-2023-cybersecurity-assessment/ 企業上雲真的重視安全嗎？根據雲端服務業者的調查，運用弱密碼的用戶比例竟接近一半 https://services.google.com/fh/files/blogs/gcat_threathorizons_full_apr2023.pdf 中國駭客組織APT41去年下旬針對臺灣媒體發動釣魚攻擊，濫用同一家雲端服務業者的不同協作服務及開源工具，考驗雲端服務業的檢測能力 https://services.google.com/fh/files/blogs/gcat_threathorizons_full_apr2023.pdf 美國報稅季接近尾聲，會計師成網釣攻擊的目標 https://www.microsoft.com/en-us/security/blog/2023/04/13/threat-actors-strive-to-cause-tax-day-headaches/ 別讓不當設定網站成為駭客任意進出竊取帳密資料的寶庫！有人正在網路販售這類工具 https://www.cadosecurity.com/legion-an-aws-credential-harvester-and-smtp-hijacker/ E.研究報告/工具 資通安全證照清單 https://hackmd.io/@kmo/security_lic_list DDoS攻擊潮起潮落　如何提高網站安全性應對未來挑戰 https://www.wepro180.com/230412_cloudmile_alex/ 研究人員針對VM2沙箱程式庫重大漏洞發布概念性驗證程式碼 https://www.bleepingcomputer.com/news/security/exploit-available-for-critical-bug-in-vm2-javascript-sandbox-library/ 消除2%資安風險有可能讓大部分關鍵資產受到保護 https://info.xmcyber.com/2023-state-of-exposure-management Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library https://thehackernews.com/2023/04/researchers-discover-critical-remote.html Researchers Uncover Thriving Phishing Kit Market on Telegram Channels https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool https://thehackernews.com/2023/04/microsoft-takes-legal-action-to-disrupt.html Are Source Code Leaks the New Threat Software vendors Should Care About https://thehackernews.com/2023/04/are-source-code-leaks-new-threat.html The Service Accounts Challenge: Can't See or Secure Them Until It's Too Late https://thehackernews.com/2023/04/the-service-accounts-challenge-cant-see.html Why Shadow APIs are More Dangerous than You Think https://thehackernews.com/2023/04/why-shadow-apis-are-more-dangerous-than.html The comprehensive guide to Python project setup https://levelup.gitconnected.com/the-comprehensive-guide-to-python-project-setup-c1fe776c108f Context-Aware Knowledge Graph Chatbot With GPT-4 and Neo4j https://medium.com/neo4j/context-aware-knowledge-graph-chatbot-with-gpt-4-and-neo4j-d3a99e8ae21e Why everyone should try GPT-4, even the CEO https://kozyrkov.medium.com/why-everyone-should-try-gpt-4-even-the-ceo-1a00367c4c12 Google introduces Data Clean Rooms in BigQuery https://medium.com/geekculture/google-introduces-data-clean-rooms-in-bigquery-7f50e9bb4995 How To Setup Auto-GPT: The Autonomous GPT-4 AI https://medium.com/generative-ai/how-to-setup-auto-gpt-the-autonomous-gpt-4-ai-d0a304dbe9f3 The ChatGPT Skill That Pays Up to $335,000 a Year https://artificialcorner.com/the-chatgpt-skill-that-pays-up-to-335-000-a-year-bda045eed47f Upgrade Your Data Visualisations: 4 Python Libraries to Enhance Your Matplotlib Charts https://towardsdatascience.com/upgrade-your-data-visualisations-4-python-libraries-to-enhance-your-matplotlib-charts-74361bc3b92e F.商業 HPE透過擴大HPE Alletra產品組合，推出提升災難復原與備份還原資料服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10406 Zoom 聯手 Okta 推出會議身分驗證管理功能 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10401 資安韌性與數位發展並行 微軟協助企業推動數位造局 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=14&cat=50&id=0000661110_8VH00KTU2F0KKNLFE93MJ 微軟偕同夥伴打造資安盛宴 揭示零信任、雲原生SOC的奧妙解方 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&cat=50&id=0000661172_0SB06B788YNJM51H5Q3RY 安全織網再進化！Fortinet 最新 FortiOS 7.4，助企業強化資安與自動化 http://www.compotechasia.com/a/press/2023/0412/53973.html 增強的API防禦、精細的機器學習功能和新的託管服務產品提供了跨分散式環境的全面保護 F5 全新 AI 驅動應用和 API 安全功能保護數位服務 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/83AABCAA11B04C07941799FD4D93AA2B 提升企業安全防護 第一線整合SD-WAN與虛擬防火牆強化生產韌性 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=13&cat=30&id=0000661421_WB25F5EI10TGLF2TZNHAW 為強化軟體開發供應鏈安全，Google推出deps.dev API與Assured OSS https://security.googleblog.com/2023/04/announcing-depsdev-api-critical.html LinkedIn聯手Clear Secure、微軟，推出使用者身分驗證服務 https://www.linkedin.com/pulse/linkedins-new-verification-features-include-clear-entra-rodriguez/ 微軟宣布Exchange Online用戶端存取規則功能延後一年停用 https://www.bleepingcomputer.com/news/microsoft/microsoft-delays-exchange-online-cars-deprecation-until-2024/ G.政府 駁欠薪說法 資安院：2月22日起已完整準時撥付同仁薪資 https://udn.com/news/story/7238/7089874 資安院欠薪是真的？徐巧芯秀勞動局回函酸：勞工果然是蔡英文心裡最軟的一塊肉 https://www.storm.mg/article/4773718 資安即國安　台東醫院簽署資安備忘錄 https://reurl.cc/0ER7Nl 公家機關監視器遇駭公開直播. 暴露出台灣資安問題嚴重 https://enn.tw/?p=376524 學校教育網路屢遭殭屍網路攻擊 監委申請調查 https://www.cna.com.tw/news/aipl/202304120124.aspx 唐鳳登上法國國會聽證：台灣處境絕非與歐洲無關 https://ec.ltn.com.tw/article/breakingnews/4268764 院版個資法修正草案出爐 資安界：規避政府責任 https://reurl.cc/Q4x0n9 行政院通過個人資料保護法修正草案，提高刑責並將設置個人資料保護委員會 https://www.ey.gov.tw/Page/9277F759E41CCD91/2d6bb590-fa47-435f-818e-c196c25733e0 政院通過「個人資料保護法」第1條之1、第48條、第56條修正草案 設置個資保護獨立監督機關並提高個資外洩罰責 https://www.ey.gov.tw/Page/9277F759E41CCD91/2d6bb590-fa47-435f-818e-c196c25733e0 政院成立個資保護委員會 洩個資最高罰千萬 https://reurl.cc/pLA7n8 行政院會通過「打詐3法」：收集帳戶最重可處5年、網路投資廣告實名制、洩漏個資最重罰千萬 https://www.thenewslens.com/article/153129 詐騙廣告盜用張忠謀夫婦身分勿上當，立委研擬台版「數位服務法」 https://technews.tw/2023/04/13/fake-celebrity-scams/ 數發部推卸資安責任　賴士葆：唐鳳讓國家打詐隊擺爛 https://ctinews.com/news/items/ogxwJ1ZoaG 結盟38名立委員 賴品妤倡議個資保護委員會 籲行政院勿打假球 https://www.peoplenews.tw/articles/a3dd6b39ac 國防部軍機被平台揭露 美政府低調處理 https://anntw.com/articles/20230411-4get H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products https://thehackernews.com/2023/04/cisa-warns-of-critical-ics-flaws-in.html 趨勢旗下VicOne攻車用資安市場 獲第三方認證 https://news.m.pchome.com.tw/finance/cna/20230411/index-16811847271296718003.html 簡明仁簡民智父子聯手　大眾電腦推出車用資安解決方案 https://howlife.cna.com.tw/financial/20230412s004.aspx 從資安合規看全球物聯網安全發展趨勢 https://technews.tw/2023/04/12/global-internet-of-things-security-trend-from-the-perspective-of-information-security/ IoT需求包羅萬象　MCU華麗變身 https://www.eettaiwan.com/202300411nt11-responding-to-iot-needs-mcu-transformation/ 美國針對Hitachi Energy、mySCADA工控系統的重大漏洞提出警告 https://www.cisa.gov/news-events/alerts/2023/04/06/cisa-releases-seven-industrial-control-systems-advisories 西門子、施耐德電機發布4月份例行修補 https://www.securityweek.com/ics-patch-tuesday-siemens-schneider-electric-address-dozens-of-vulnerabilities/ 海康威視儲存解決方案出現重大漏洞，恐曝露監視器錄下的影片 https://www.securityweek.com/critical-vulnerability-in-hikvision-storage-solutions-exposes-video-security-data/ 以色列自動灌溉系統遭到網路攻擊，被迫中斷運作 https://www.jpost.com/israel-news/article-738790 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 AI & XR Meetup 2023/4/15 https://www.meetup.com/taiwan-ai-xr-discovery-meetups/events/292574374/ WordPress - 桃園午茶小聚 #23 2023/4/15 https://www.meetup.com/taoyuan-wordpress-meetup/events/292467443/ iPAS-「初級」資訊安全工程師-能力研習衝刺班 2023/4/15、4/22 https://www.cisanet.org.tw/Course/Detail/3948 Taipei dbt Meetup #10 (in-person 👫 & online 👨‍💻)2023/4/16 https://www.meetup.com/taipei-dbt-meetup/events/291861526/ 資安五四三 2023/4/18 https://csa.kktix.cc/events/1f504d33 Hugging Face :Object Detection 2023/4/18 https://www.meetup.com/tensorflow-user-group-taipei/events/290714768/ 平行計算程式設計基礎課程 2023/4/18 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4032&from_course_list_url=course_index 網路自由小聚 [4月] 特別場：FOSDEM 2023 分享會 2023/4/20 https://ocftw.kktix.cc/events/internetfreedom-apr2023 無所不在的混合雲與ZTA交流研討會 2023/4/20 https://www.nehs.hc.edu.tw/?p=14035 資安韌性與金融科技創新 2023/4/21 https://www.accupass.com/event/2303281153102586247910 資安大師班 - 讓專家來為你解密資安實戰 2023/4/21 https://www.accupass.com/event/2303310934086693440470 「Meta 台灣 AR 黑客松」 2023/4/22 ~ 2023/4/23 https://www.arhackathon.tw/ 資通系統資安防護基準控制措施 2023/4/25 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X21464 EDB 15 資安新功能 TDE & SSL 保衛資料庫安全 2023/4/26 https://www.accupass.com/event/2303310808018123738370 RSA Conference 2023 2023/4/24 ~ 2023/4/27 https://www.rsaconference.com/usa 如何做好工業控制網路安全 2023/4/27 https://www.accupass.com/event/2303300158119715085090 網站應用程式安全（資安專業課程訓練） 2023/4/28 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X21031 SEMI STANDARDS 半導體設備資安研討會議 2023/5/5 https://www.semi.org/en/connect/events/semi-standards-bandaotishebeizianyantaohuiyi TWCC-CLI 進階操作- AI/ML 自動流程 2023/5/12 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4035&from_course_list_url=course_index 【實作體驗營】一日駭客x網路弱點滲透 2023/5/13 https://www.accupass.com/event/2303030820005796452650 5月台北例會_美國聯邦政府的供應鏈資安管理－以CMMC為例 (採線上舉辦) 2023/5/30 https://www.caa.org.tw/newsdetail-16263.html iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013 (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023