資安事件新聞週報 2024/3/11 ~ 2024/3/15

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/3/11 ~ 2024/3/15 1.重大弱點漏洞/後門/Exploit/Zero Day 微軟發布多個產品的安全性更新公告 https://www.cisa.gov/news-events/alerts/2024/03/12/microsoft-releases-security-updates-multiple-products https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar 微軟發布3月份例行更新，修補61個漏洞 https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar https://www.zerodayinitiative.com/blog/2024/3/12/the-march-2024-security-update-review https://www.rapid7.com/blog/post/2024/03/12/patch-tuesday-march-2024/ https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2024-patch-tuesday-fixes-60-flaws-18-rce-bugs/ Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html Fortinet發佈多個安全更新 https://www.fortiguard.com/psirt/FG-IR-23-390 https://www.fortiguard.com/psirt/FG-IR-23-328 https://www.fortiguard.com/psirt/FG-IR-24-013 https://www.fortiguard.com/psirt/FG-IR-23-103 https://www.fortiguard.com/psirt/FG-IR-24-007 Fortinet示警FortiClientEMS存在嚴重SQL注入漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10990 Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html IBM MQ 和 IBM MQ Appliance https://nvd.nist.gov/vuln/detail/CVE-2024-25016 IBM QRadar SIEM存在多個弱點 https://www.ibm.com/support/pages/node/7140420 VMware Cloud Director https://nvd.nist.gov/vuln/detail/CVE-2024-22256 VMware ESXi、Workstation 和 Fusion 的 XHCI USB 控制器有弱點 https://nvd.nist.gov/vuln/detail/CVE-2024-22252 https://nvd.nist.gov/vuln/detail/CVE-2024-22254 https://nvd.nist.gov/vuln/detail/CVE-2024-22255 思科修補SSL VPN用戶端軟體高風險漏洞 https://www.securityweek.com/cisco-patches-high-severity-vulnerabilities-in-vpn-product/ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-client-crlf-W43V4G7 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-privesc-sYxQO6ds Cisco Secure client https://nvd.nist.gov/vuln/detail/CVE-2024-20337 https://nvd.nist.gov/vuln/detail/CVE-2024-20338 Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html QEMU Emulator Exploited as Tunneling Tool to Breach Company Network https://thehackernews.com/2024/03/cybercriminals-utilize-qemu-emulator-as.html CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability https://thehackernews.com/2024/03/cisa-warns-of-actively-exploited.html Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks https://thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability https://thehackernews.com/2024/03/proof-of-concept-exploit-released-for.html 應用程式開發平臺OpenEdge存在身分驗證繞過漏洞 https://securityaffairs.com/160347/hacking/progress-software-openedge-critical-flaw.html https://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-Authentication-Gateway-and-AdminServer https://www.horizon3.ai/attack-research/cve-2024-1403-progress-openedge-authentication-bypass-deep-dive/ SAP更新用戶端程式Chromium元件、修補重大層級的命令注入漏洞 https://www.securityweek.com/sap-patches-critical-command-injection-vulnerabilities/ Adobe發布3月例行更新，修補Experience Manager、ColdFusion漏洞 https://www.securityweek.com/adobe-patches-critical-flaws-in-enterprise-products/ WordPress有多個外掛程式陸續遭揭漏資安漏洞 https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6 https://www.wordfence.com/blog/2024/02/2063-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-ultimate-member-wordpress-plugin/ https://patchstack.com/articles/xss-vulnerability-in-litespeed-cache-plugin-affecting-4-million-sites/ https://patchstack.com/articles/critical-rce-patched-in-bricks-builder-theme/ https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/bricks/bricks-196-unauthenticated-remote-code-execution Google本月釋出的Chrome 123可望更新Safe Browsing，以即時防範網釣網站 https://www.ithome.com.tw/news/161790 2.銀行/金融/保險/證券/金融監理新聞及資安 PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html 金管會揭露今年施政重點，多項金融科技政策時程出爐 https://www.ithome.com.tw/news/161092 金管會發布113年金檢重點，首度明列雲端資安 https://www.ithome.com.tw/news/160437 ETF金檢揪行銷兩大缺失未揭露是業配文、廣告核銷帳務有疑慮 https://money.udn.com/money/story/5613/7806336 3.信用卡/電子支付/行動支付/pay/支付系統/資安 AFTEE先享後付升級五大風控機制今年目標商品交易總額成長180% https://news.cnyes.com/news/id/5486366 綠界去年賺2個股本　擬配息18.2元、殖利率4.42% https://finance.ettoday.net/news/2699773 綠界拒付17LIVE 1300萬稱「被駭」　數位部：法院判決後處理 https://tw.nextapple.com/finance/20240314/E7273209046809A0599B2281417EB373 愛金卡開通TWQR功能　一卡通特展移師華山 https://www.cardu.com.tw/news/detail.php?50923 從小額消費至投資理財　行動支付如何讓生活模式改變 https://www.ettoday.net/news/20240304/2693254.htm 台鐵全台432部自動售票機今起增「10種行動支付」 https://reurl.cc/krK7Gn icash Pay宣布TWQR上線用戶可不受通路限制支付 https://money.udn.com/money/story/5613/7823439 大阪交通卡 ICOCA 使用範圍包括東京？ICOCA 卡綁定手機 Apple Pay、購買、使用教學 https://osaka.letsgojp.com/archives/572479/ 第三方支付日均額查核金管會鎖定6家重點業者 https://reurl.cc/qrW5gD 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安數位新台幣發行最快3年後 https://www.cdns.com.tw/articles/976160 Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets https://thehackernews.com/2024/03/watch-out-these-pypi-python-packages.html 不怕美國證管會警示比特幣繼續突破70400美元再創歷史新高 https://today.line.me/tw/v2/article/LX7L5W2 比特幣6天內第4次創新高突破7萬3000美元 https://ec.ltn.com.tw/article/breakingnews/4607058 合約帶單引爭議！KOL被酸「拿群友資金對沖自身現貨」，聲明反嗆：某組織是誰幫忙成立 https://www.blocktempo.com/taiwan-crypto-perp-trading-kol-beef/ 混幣器Bitcoin Fog創辦人遭判「有罪」，美國陪審團：涉嫌暗網洗錢120萬枚比特幣 https://www.blocktempo.com/us-jury-find-crypto-mixer-bitcoin-fog-founder-guilty-of-money-laundering/ Polyhedra Network 傳遭駭客攻擊，官方回應 zkBridge 及用戶資金皆安全 https://www.zombit.info/polyhedra-network-hack-official-said-bridge-and-user-funds-safe/ Paraluni：已全款補償用戶損失，已開啟首個比特幣生態 RGB 資產映射 https://news.cnyes.com/news/id/5487878 比特幣序數和銘文的終極指南 https://www.blocktempo.com/the-ultimate-guide-to-bitcoin-ordinal-numbers-and-inscriptions/ DAOX交易所舉辦亞太地區2024年開發者大會 https://reurl.cc/54x0pq Lazarus Group相關的駭客過去24小時內使用Tornado Cash洗錢1200萬美元的ETH https://news.cnyes.com/news/id/5491532 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Java木馬程式Vcurms、Strrat透過AWS、GitHub散布 https://www.fortinet.com/blog/threat-research/vcurms-a-simple-and-functional-weapon 駭客上傳7個惡意PyPI套件，企圖竊取加密貨幣錢包的通關密語 https://www.reversinglabs.com/blog/bipclip-malicious-pypi-packages-target-crypto-wallet-recovery-passwords Windows安全機制SmartScreen弱點被用於散布惡意軟體DarkGate https://www.trendmicro.com/en_us/research/24/c/cve-2024-21412--darkgate-operators-exploit-microsoft-windows-sma.html 安卓惡意軟體PixPirate採用新型態策略在背景運作 https://securityintelligence.com/posts/pixpirate-brazilian-financial-malware/ 勒索軟體DoNex在1週內對5家歐美企業出手，要脅若不付錢，將持續對受害組織發動攻擊 https://twitter.com/H4ckManac/status/1765828331889406274 「變臉」勒索軟體利用CI/CD開發工具TeamCity漏洞從事攻擊行動 https://www.guidepointsecurity.com/blog/bianlian-gos-for-powershell-after-teamcity-exploitation/ 駭客組織Magnet Goblin鎖定甫公布的已知漏洞，散布惡意程式 https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/ WordPress外掛程式Popup Builder已知漏洞遭到利用，對3,300個網站植入惡意程式 https://blog.sucuri.net/2024/03/new-malware-campaign-found-exploiting-stored-xss-in-popup-builder-4-2-3.html 研究人員打造能針對生成式AI發動攻擊的蠕蟲程式ComPromptMized https://sites.google.com/view/compromptmized 勒索軟體駭客組織LockBit捲土重來，透過種子檔案散布竊得資料 https://www.resecurity.com/blog/article/lockbit-30s-bungled-comeback-highlights-the-undying-risk-of-torrent-based-data-leakage 勒索軟體LockBit遭執法單位圍剿，成員大量湧入另一個組織Akira https://www.linkedin.com/posts/yelisey-bohuslavskiy-214a02bb_akira-ransomware-lockbit-activity-7173017069142163457-vyPU/ 研究人員在11個國家發現新的攻擊基礎設施，疑為間諜軟體Predator使用 https://therecord.media/new-predator-spyware-infrastructure-identified 惡意程式FakeBat透過惡意廣告散布，駭客假借提供熱門應用程式為誘餌吸引用戶上當 https://www.malwarebytes.com/blog/threat-intelligence/2024/03/fakebat-delivered-via-several-active-malvertising-campaigns 惡意軟體FakeUpdates攻擊行動鎖定WordPress網站而來 https://blog.checkpoint.com/research/february-2024s-most-wanted-malware-wordpress-websites-targeted-by-fresh-fakeupdates-campaign/ 竊資軟體Tweaks鎖定Roblox玩家而來，駭客透過YouTube及Discord聲稱能增加遊戲體驗來散布惡意程式 https://www.zscaler.com/blogs/security-research/tweaks-stealer-targets-roblox-users-through-youtube-and-discord 勒索軟體GhostLocker 2.0鎖定中東、非洲、亞洲企業而來 https://blog.talosintelligence.com/ghostsec-ghostlocker2-ransomware/ 勒索軟體RA World濫用微軟作業系統的GPO群組原則物件，鎖定醫療產業及金融領域而來 https://www.trendmicro.com/en_ae/research/24/c/multistage-ra-world-ransomware.html 勒索軟體駭客攻擊關鍵基礎設施日益頻繁，2023年逾4成攻擊行動對其而來 https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf 安卓注意！新木馬病毒「隱藏App圖標」　偷偷轉走帳戶的錢 https://www.ettoday.net/news/20240315/2701028.htm z0Miner Exploits Korean Web Servers to Attack WebLogic Server https://asec.ahnlab.com/en/62564/ BianLian GOs for PowerShell After TeamCity Exploitation https://www.guidepointsecurity.com/blog/bianlian-gos-for-powershell-after-teamcity-exploitation Evasive Panda leverages Monlam Festival to target Tibetans https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/ Rhysida Ransomware New IOCs https://otx.alienvault.com/pulse/64d4cada6a33f2ecf9c533ea BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT https://thehackernews.com/2024/03/magnet-goblin-hacker-group-leveraging-1.html Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html Ande Loader Malware Targets Manufacturing Sector in North America https://thehackernews.com/2024/03/ande-loader-malware-targets.html DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Meta Details WhatsApp and Messenger Interoperability to Comply with EU's DMA Regulations https://thehackernews.com/2024/03/meta-details-whatsapp-and-messenger.html 懷疑自己的Facebook帳號被盜？學會這一招可以查詢登入記錄 https://today.line.me/tw/v2/article/RB778yZ 蘋果官方的「越獄版iPhone」曝光，黑市價值數千美元 https://www.techbang.com/posts/113010-this-is-apples-official-jailbreaked-iphone-black-market-for 蘋果應用程式市集App Store出現冒牌的Leather加密貨幣錢包 https://twitter.com/LeatherBTC/status/1764711738208063556 https://www.bleepingcomputer.com/news/security/fake-leather-wallet-app-on-apple-app-store-is-a-crypto-drainer/ AI模仿契哥WhatsApp求轉賬馬青總財政被騙4800元 https://reurl.cc/xLmzDz Google發布3月安卓例行更新，修補系統元件、高通晶片的重大漏洞 https://source.android.com/docs/security/bulletin/2024-03-01 https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2024-bulletin.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力美國FCC將高速網路寬頻定義增加為下載達100Mbps、上傳達20Mbps https://reurl.cc/XqKl8R 基隆教網中心遭殭屍網路攻擊延宕通報監院促檢討 https://www.cna.com.tw/news/aipl/202403140091.aspx 麥當勞大當機吃不到了！到店點餐、歡樂送都掛了 https://www.storm.mg/lifestyle/5054129 水電瓦斯防駭不足財損恐上億穆迪：投資人應注意風險 https://e-info.org.tw/node/238678 網安機構證實亞航調查資料被駭 https://www.sinchew.com.my/news/20240312/nation/5457661 駭客組織威脅攻擊明訊哥賓星:沒個資洩漏 https://www.sinchew.com.my/news/20240313/nation/5458728 美東輸油管線遭網路攻擊駭客疑為職業老手 https://reurl.cc/yY8xkM 新創、非英語系軟體開發者留意！日本示警Lazarus駭客組織發動PyPI 供應鏈攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10980 微軟遭遇大規模駭客攻擊引發外界對其資安疑慮 https://www.technice.com.tw/techmanage/infosecurity/100384/ 威脅升級微軟內部系統遭Midnight Blizzard入侵 https://www.technice.com.tw/techmanage/infosecurity/100376/ 針對俄羅斯駭客Midnight Blizzard入侵事故，微軟公布更多調查結果，指出駭客擴大攻擊力道 https://msrc.microsoft.com/blog/2024/03/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/ 攻擊鴻海子公司的LockBit一週就重生！資安3大攻擊趨勢揭密：威脅有哪些 https://today.line.me/tw/v2/article/vXBo0Rm 中國駭客組織Evasive Panda入侵藏傳佛教節日網站、藏文翻譯應用程式，鎖定亞洲用戶而來 https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/ 趙安吉特斯拉遭駭客入侵？！曾助「共」為虐麥康奈爾「反省」 https://www.secretchina.com/news/b5/2024/03/12/1057434.html 法國證實政府官網遭強烈網攻駭客團體宣稱犯案 https://money.udn.com/money/story/5599/7824923 法政府部門遭遇大規模網路攻擊親俄駭客組織坦承犯案 https://reurl.cc/dL3REq 法國政府遭遇前所未有的網路攻擊，駭客組織Anonymous Sudan聲稱是他們所為 https://www.straitstimes.com/world/europe/french-state-hit-by-cyberattacks-of-unprecedented-intensity-media-reports 美揭中國駭客入侵NASA噴射推進實驗室全面操控該系統 https://m.cnyes.com/news/id/2289552 美眾議院立法要求中國自TikTok撤資不從將祭禁令 https://www.cna.com.tw/news/aopl/202403140004.aspx 擔憂危害國家安全，美國眾議院要求抖音脫離母公司字節跳動 https://www.ithome.com.tw/news/161658 美國和歐盟網路安全當局簽署情報共享協議 https://blog.twnic.tw/2024/03/15/29564/ 以色列大學遭伊朗駭客鎖定，面臨供應鏈攻擊 https://op-c.net/blog/lord-nemesis-strikes-supply-chain-attack-on-the-israeli-academic-sector/ 俄羅斯總統大選在即，當地媒體Meduza遭遇國家資助的俄羅斯駭客大規模網路攻擊 https://therecord.media/meduza-independent-russian-media-organization-cyberattacks 立陶宛針對中國網路間諜行動提出警告，駭客意圖收集總統選舉、議會選舉情報 https://www.vsd.lt/en/reports/china/china-intensifies-intelligence-activities-against-lithuania-from-its-territory/ Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets https://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html South Korean Citizen Detained in Russia on Cyber Espionage Charges https://thehackernews.com/2024/03/south-korean-citizen-detained-in-russia.html RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html [校園專區-台北]資安工程師 https://www.104.com.tw/job/89cyj?jobsource=cmw_redirect 資安工程師 https://www.104.com.tw/job/8976u?jobsource=cmw_redirect (LINE Bank) Application Security Engineer_應用系統安全工程師 https://www.104.com.tw/job/6ty6x?jobsource=cmw_redirect 研發替代役-資安軟體應用研發工程師 https://www.104.com.tw/job/74oo9?jobsource=cmw_redirect (資訊系統部)資訊安全工程師 https://www.104.com.tw/job/82kn0?jobsource=cmw_redirect Security Engineer 資安工程師 https://www.104.com.tw/job/87mm2?jobsource=cmw_redirect 資安技術顧問_台中 https://www.104.com.tw/job/6a1tq?jobsource=cmw_redirect 資安工程師(21042801) https://www.104.com.tw/job/79prn?jobsource=cmw_redirect 資安、資訊系統應用工程師 https://www.104.com.tw/job/713ya?jobsource=cmw_redirect 資深資訊安全(資安工程師) https://www.104.com.tw/job/7x0kh?jobsource=cmw_redirect 網路資安工程師 https://www.104.com.tw/job/8422r?jobsource=cmw_redirect 資安技術顧問_高雄 https://www.104.com.tw/job/6k6em?jobsource=cmw_redirect 研發替代役_資安事件分析工程師 https://www.104.com.tw/job/7jvtt?jobsource=cmw_redirect 資安檢測實習生 https://www.104.com.tw/job/86sv1?jobsource=cmw_redirect 【2024年研發替代役】SOC系統研發工程師 (Java Engineer) https://www.104.com.tw/job/89drn?jobsource=cmw_redirect 【檢測防禦中心】漏洞研究工程師 https://www.104.com.tw/job/7xjp0?jobsource=cmw_redirect D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html 社交工程攻擊變體帶來新威脅：AI驅動的釣魚攻擊激增 https://blog.twnic.tw/2024/03/13/29560/ 宏碁菲律賓分公司傳出資料外洩，疑為外部供應商遭駭所致 https://www.bleepingcomputer.com/news/security/acer-confirms-philippines-employee-data-leaked-on-hacking-forum/ https://twitter.com/AcerPhils/status/1767551121629802875 Acer菲律賓合作商引發數據外洩面臨資安風險 https://www.technice.com.tw/techmanage/infosecurity/100703/ 商業電子郵件詐騙 (BEC) https://reurl.cc/4jzE2R 好市多提醒重複刷卡14次　她驚：進化了 https://www.mirrormedia.mg/external/setn_1437412 虛擬幣詐騙近四年詐走國人逾7億 https://www.ctee.com.tw/news/20240312700006-430301 降低虛擬貨幣詐騙、資安風險郭書彬建議這樣做 https://www.ctee.com.tw/news/20240312701441-430301 串流平台Roku遭遇數據外洩 https://www.worldjournal.com/wj/story/121472/7827340 中國駭客組織利用地緣政治議題在台發動社交工程攻擊 https://www.eettaiwan.com/20240312nt21-hacker-social-engineering/ 反向釣魚，揭露利用「代幣Decimals精度」的詐騙手法 https://www.blocktempo.com/expose-the-phishing-routine-using-token-accuracy/ 加國女子10萬點Aeroplan積分被盜了專家教防止駭客方法 https://reurl.cc/Z9kY1a 文字、聲音、影像都能造假連駭客都進階了 https://www.rti.org.tw/news/view/id/2198917 基因公司遭駭盜取華裔及猶太裔數據 https://www.worldjournal.com/wj/story/121368/7830508 ChatGPT外掛程式存在危險漏洞，恐曝露使用者資料 https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data 美國移民主管機關的IT承包商傳出遭駭，敏感資料流入駭客論壇 https://www.hackread.com/hacker-breach-federal-contractor-acuity-ice-uscis-data/ 駭客聲稱握有Okta去年資安事故外流客戶資料，遭到該公司否認 https://www.bleepingcomputer.com/news/security/okta-says-data-leaked-on-hacking-forum-not-from-its-systems/ http://www.linkedin.com/posts/kela-cyber_kela-cyber-flash-no-oktas-database-activity-7172568624270852097-fX9z/ 2023年近1,300萬組帳密資料在GitHub曝光 https://www.bleepingcomputer.com/news/security/over-12-million-auth-secrets-and-keys-leaked-on-github-in-2023/ 雲端檔案共享服務Dropbox遭到濫用，駭客將其用於網釣攻擊 https://darktrace.com/blog/legitimate-services-malicious-intentions-getting-the-drop-on-phishing-attacks-abusing-dropbox Python竊資軟體Snake散播增加新管道！攻擊者開始運用臉書即時通訊軟體Messenger進行誘騙 https://www.cybereason.com/blog/unboxing-snake-python-infostealer-lurking-through-messaging-service 駭客組織Tycoon與Storm-1575狼狽為奸，鎖定美國學校從事網釣攻擊 https://pixmsecurity.com/blog/uncategorized/us-public-school-districts-targeted-mfa-spear-phishing-campaigns-on-the-rise 民生直通車丨老年人如何防范金融消費詐騙？聽專家支招 http://big5.news.cn/gate/big5/www.news.cn/local/20240314/1480a1d52af94dfe9aa571af48678c49/c.html ChatGPT外掛程式洞很大個人資料遭竊風險高 https://www.technice.com.tw/techmanage/infosecurity/100863/ 冒165、「台北市反詐中心」假好心幫討詐款　刑事局提醒：小心二次詐騙 https://www.ctwant.com/article/324121 法國失業救濟機構France Travail遭到入侵，4,300萬人個資恐流出 https://www.bleepingcomputer.com/news/security/french-unemployment-agency-data-breach-impacts-43-million-people/ http://www.francetravail.fr/candidat/soyez-vigilants/cyberattaque-soyez-vigilants.html https://www.cybermalveillance.gouv.fr/tous-nos-contenus/actualites/violation-de-donnees-personnelles-france-travail-formulaire-lettre-plainte-202403 https://www.cnil.fr/fr/france-travail-la-cnil-enquete-sur-la-fuite-de-donnees-et-donne-des-conseils-pour-se-proteger 日產大洋洲分公司遭遇網路攻擊，10萬人個資外流 https://www.bleepingcomputer.com/news/security/nissan-confirms-ransomware-attack-exposed-data-of-100-000-people/ E.研究報告/工具報告：台灣遭網攻高於全球平均2.7倍，69%組織經歷RCE漏洞攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10973 Gartner：AI生成的深度偽造將影響身分認證與驗證方案的可靠度 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10983 研究人員揭露Google Gemini聊天機器人潛在的威脅 https://hiddenlayer.com/research/new-google-gemini-content-manipulation-vulns-found/ 研究人員針對微軟組態管理系統SCCM不當配置造成的威脅提出警告，並提供檢測工具 https://posts.specterops.io/misconfiguration-manager-overlooked-and-overprivileged-70983b8f350d 研究人員揭露駭客組織Muddled Libra攻擊手法的變化，並指出對方重度利用代理伺服器服務、虛擬機器隱匿行蹤 https://unit42.paloaltonetworks.com/muddled-libra/ Secrets Sensei: Conquering Secrets Management Challenges https://thehackernews.com/2024/03/secrets-sensei-conquering-secrets.html Guide: On-Prem is Dead. Have You Adjusted Your Web DLP Plan https://thehackernews.com/2024/03/data-leakage-prevention-in-age-of-cloud.html Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html 3 Things CISOs Achieve with Cato https://thehackernews.com/2024/03/3-things-cisos-achieve-with-cato.html Demystifying a Common Cybersecurity Myth https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html F.商業 SailPoint新解決方案產品配合計劃成熟度與業務規模完善身分安全 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10975 威實康科技與博通賽門鐵克擴大合作拓展亞太市場 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10974 雲端及AI應用資安風險增 CloudMile推資安管理解決方案簡化混合多雲風險管理助企業抵禦資料外洩 https://money.udn.com/money/story/12987/7828663 朋昶數位科技取得全球網路安全領導廠商 Palo Alto Networks 臺灣代理 https://news.owlting.com/articles/635174 恆隆行採用CyberArk強化數位轉型過程的身分安全與資安防護能力 https://www.digitalwall.com/scripts/displaypr.asp?UID=90524 微軟將從4月起推出Copilot For Security服務將人工智慧服務導入網路安全應用 https://mashdigi.com/microsoft-will-launch-copilot-for-security-service-from-april-to-introduce-artificial-intelligence-services-into-network-security-applications/ 微軟將推出網路安全AI助手協助客戶追蹤駭客不法活動 https://news.cnyes.com/news/id/5489231 面對全球駭客攻擊，奧義智慧如何以 AI 協防資安 https://sunrisemedium.com/p/513/cycraft Check Point 剖析 2024 年網路安全趨勢，揭示全新發展策略 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=14&cat=50&id=0000687337_C4H4VZT02Q9GMD83U3AMR 博通打算將賽門鐵克、Carbon Black整併，成立新的企業資安業務部門 https://www.broadcom.com/blog/broadcom-brings-together-two-proven-portfolios-to-deliver-complete-hybrid-cloud-cybersecurity 加密電子郵件服務Tuta Mail採用量子加密協議保護電子郵件 https://tuta.com/blog/post-quantum-cryptography OpenSSF接手主導軟體安全評估工具專案GUAC https://openssf.org/blog/2024/03/07/guac-joins-openssf-as-incubating-project/ G.政府數位部祭零信任戰力！年底前達47個A級單位完成導入 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10970 否認在IGF自我矮化唐鳳：是台灣實質參與聯合國會議的方法 https://www.rti.org.tw/news/view/id/2198812 陸方疑委由民間發動網攻唐鳳：我公部門防守成功 https://money.udn.com/money/story/5612/7828640 中國疑委由民間發動網攻唐鳳：台灣公部門防守得宜 https://www.cna.com.tw/news/afe/202403130165.aspx 陸網攻我防守得宜唐鳳：僅3民間單位被打入 https://www.ctee.com.tw/news/20240313701294-430104 金管會：上市櫃資安事件重大性標準首季明定 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10969 上市櫃公司資安重訊發布「重大性」標準出爐，不只明訂核心系統、官網遭駭，也涵蓋DDoS、個資外洩 https://www.ithome.com.tw/news/161745 企業「重大資安事件」重訊標準出爐：官網遭駭、個資外洩、DDoS都算 https://today.line.me/tw/v2/article/7NRnZqr 藍委揭數位身分證　損失逾10億 https://news.housefun.com.tw/news/article/186861415481.html 謝龍介爆數位身分證多賠4.3億林右昌認了：付機器錢 https://reurl.cc/prNzYZ 不在籍投票擴及其他選舉政治信任不足恐生更大爭議 https://www.rti.org.tw/news/view/id/2198806 監委認維護學術網路資安有「五大問題」促教育部檢討 https://news.ltn.com.tw/news/politics/breakingnews/4607502 監委批學術網路資安末端麻痺教育部：會同資安署及地方政府改善 https://news.ltn.com.tw/news/life/breakingnews/4608191 本市民營停車場業者系統遭駭客入侵，提醒民眾勿上當受騙 https://whdo.gov.taipei/News_Content.aspx?n=16B2CB1B675D53DF&sms=EF042250E10B7F6C&s=D2ED3A899D6C3736 發行數位新台幣，楊金龍：牽涉隱私權議題須謹慎處理 https://finance.technews.tw/2024/03/14/digital-ntd-involves-privacy-issues/ 美眾院要求中國自TikTok撤資數位部：持續關注 https://money.udn.com/money/story/5613/7830815 為協助臺灣產業加入國際衛星通訊領域供應鏈，工研院聯手美國在臺協會舉辦資安研討會 https://www.cna.com.tw/news/afe/202403110084.aspx https://www.itri.org.tw/ListStyle.aspx?DisplayStyle=01_content&SiteID=1&MmmID=1036276263153520257&MGID=113031110401892043 https://tsida.tw/news_detail_207.html 打造星鏈替代品：台灣的人造衛星網路計劃 https://cn.nytimes.com/business/20240315/taiwan-starlink-satellite/zh-hant/ 數位發展部資通安全署 113年資通安全稽核計畫 https://moda.gov.tw/ACS/operations/drill-and-audit/652 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安快更新！威聯通多款NAS作業系統曝嚴重漏洞遠端無需驗證也能攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10981 無人機產學合作中興大學、瑞思資訊、翔棋科技簽MOU https://www.ctee.com.tw/news/20240313700318-439901 聯網設備皆要防護台灣資安人才足夠嗎 https://today.line.me/tw/v2/article/PGppqPo 西門子公布行動裝置SIMATIC RF160B、應用程式管理平臺Ruggedcom漏洞 https://www.securityweek.com/ics-patch-tuesday-siemens-ruggedcom-devices-impacted-by-45-fortinet-vulnerabilities/ https://cert-portal.siemens.com/productcert/txt/ssa-770721.txt https://cert-portal.siemens.com/productcert/txt/ssa-832273.txt https://cert-portal.siemens.com/productcert/txt/ssa-366067.txt 公開5年的大樓門禁系統Nice Linear漏洞即將得到修補 https://www.securityweek.com/exploited-building-access-system-vulnerability-patched-years-after-disclosure/ 威聯通修補NAS重大層級身分驗證漏洞 https://www.qnap.com/zh-tw/security-advisory/qsa-24-09 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 DEVCORE CONFERENCE 2024 2024/3/16 https://devcore.kktix.cc/events/devcoreconf2024 【企業資安講堂】資安教育免費線上課程 2024/3/19 ~ 2024/11/19 https://acercsi.kktix.cc/events/2024csr 黑客視角：網站漏洞挖掘與防禦 2024/3/20 https://docs.google.com/forms/d/1OGcXzbo2vG9_DU5oQ9DCAF2zWJtewqrd4OM28zdatw4/edit 全方位資安防護與案例分享研討會 2024/3/20 https://www.tcsp.org.tw/active_detail.php?id=231 Comodo 打造無駭企業！阻擋未知攻擊 2024/3/21 https://www.accupass.com/event/2402191141192078649686 社團法人台灣駭客協會 113 年度會員春酒 2024/3/27 https://hitcon.kktix.cc/events/hit-banquet-113 Jamf 與 Microsoft 的最佳實踐：從 Apple 到多平台的裝置管理與安全 2024/3/29 https://jamf.kktix.cc/events/jamfxmicrosoft 中區(實體)--校園資安作業與外部審查實務 2024/4/8 https://tp2rc.tanet.edu.tw/node/790 資安稽核實務 2024/4/11-2024/4/12 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X22536 資通安全概論--中區--考前複習班 2024/6/4 https://moltke.nccu.edu.tw/Registration/registration.do?action=conferenceInfo&conferenceID=X22767 AI應用系統開發與生成式AI應用人才培訓班第一梯次 2024/6/27 ~ 2024/8/9 https://www.accupass.com/event/2401100729511706489107