###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/10/30 ~ 2023/11/03 1.重大弱點漏洞/後門/Exploit/Zero Day FIRST推出新版漏洞風險評分系統CVSS 4.0 https://www.first.org/newsroom/releases/20231101 FIRST Announces CVSS 4.0 - New Vulnerability Scoring System https://thehackernews.com/2023/11/first-announces-cvss-40-new.html 研究人員在漏洞挖掘競賽Pwn2Own Toronto 2023找出近60個零時差漏洞 https://www.zerodayinitiative.com/blog/2023/10/27/pwn2own-toronto-2023-day-four-results F5 BIG-IP重大漏洞已被用於攻擊行動 https://www.securityweek.com/attackers-exploiting-critical-f5-big-ip-vulnerability/ F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html 政府機關、科技產業、法律機構遭到Citrix Bleed漏洞攻擊鎖定 https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966 研究人員公布思科IOS XE零時差漏洞的概念性驗證程式碼 https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-cisco-ios-xe-flaw-many-hosts-still-hacked/ 34款Windows驅動程式存在弱點，有可能讓攻擊者挾持電腦、抹除韌體 https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover https://thehackernews.com/2023/11/researchers-find-34-windows-drivers.html Microsoft Windows 11 - 'apds.dll' DLL hijacking (Forced) https://www.exploit-db.com/exploits/51733 Microsoft 365應用程式的SketchUp 3D程式庫存在117個漏洞 https://www.zscaler.com/blogs/security-research/threatlabz-discovers-117-vulnerabilities-microsoft-365-apps-sketchup-3d Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes https://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html 3千臺可透過網際網路存取的Apache ActiveMQ伺服器曝露於重大漏洞，可被遠端執行任意程式碼 https://www.bleepingcomputer.com/news/security/3-000-apache-activemq-servers-vulnerable-to-rce-attacks-exposed-online/ https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt https://www.shadowserver.org/what-we-do/network-reporting/accessible-activemq-service-report/ 中小企業組織及校園留意！Roundcube Webmail爆零日漏洞已被用來攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10771 VMware 發布 vCenter Server 安全更新 https://www.cisa.gov/news-events/alerts/2023/10/26/vmware-releases-security-advisory-vcenter-server VMware 發布 VMware Tools 安全更新 https://www.vmware.com/security/advisories/VMSA-2023-0024.html Atlassian證實有人公布DevOps協作平臺Confluence重大漏洞CVE-2023-22518細節，呼籲用戶防範相關攻擊行動 https://www.bleepingcomputer.com/news/security/atlassian-warns-of-exploit-for-confluence-data-wiping-bug-get-patching/ Atlassian針對DevOps協作平臺Confluence重大漏洞提出警告 https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html Google發布電腦版Chrome 119，修補15個漏洞 https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html 針對K8s打造的Nginx Ingress控制器存在高風險漏洞 https://www.armosec.io/blog/cve-2023-5043-nginx-ingress/ Splunk 9.0.5 - admin account take over https://www.exploit-db.com/exploits/51747 2.銀行/金融/保險/證券/金融監理 新聞及資安 「金融服務業辦理數位身分驗證指引」建立金融業數位身分驗證的共通語言 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10772 中東政府機關、金融單位遭伊朗駭客組織鎖定，利用IIS後門程式Liontail攻擊伺服器 https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/ 全國農業金庫法務部調查局 推動資安聯防 https://money.udn.com/money/story/5636/7545215 王道銀行資安長改由李耀中擔任，生效日12/4 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=deb1c85d-1f1b-4593-b5eb-154414f285be 富邦金控代子公司富邦人壽資訊安全長異動 https://reurl.cc/x6kdZZ 證交所：券商資安零容忍 https://reurl.cc/edZqxK 3.信用卡/電子支付/行動支付/pay/支付系統/資安 環匯亞太手機感應收款服務「iPhone 卡緊收」登台 https://www.chinatimes.com/realtimenews/20231101001708-260410?chdtv 新光人壽數位服務 消滅金融不平等 LINE官方帳號變身智能保險箱 黏粉逾456萬 https://www.businesstoday.com.tw/article/category/183021/post/202310270025/ 南韓無現金業務擬擴海外 行動支付業者百家爭鳴 https://news.pts.org.tw/article/664954 LINE Bank攜手街口支付 瞄準行動支付市場 https://reurl.cc/kaQmNx 跨境支付再下一城！LINE Pay 與韓國新羅免稅店簽訂合作 https://finance.technews.tw/2023/11/02/line-pay-mou/ 贊助亞運、挨罰306億擺脫監管 支付寶加速進攻百國 https://wantrich.chinatimes.com/news/20231103900009-420101 中國行動支付普及 官媒批拒收現金損人民幣尊嚴 https://www.rti.org.tw/news/view/id/2185060 電子支付共用QR Code，各種支付掃同一碼就能付款，為什麼可能是三輸 https://www.businessweekly.com.tw/business/blog/3013697 整合電子支付 TW QR Code上路…方便民眾掃碼結帳 https://udn.com/news/story/7239/7527645 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 駭客發動EleKtra-Leak挖礦攻擊，利用GitHub曝露的AWS帳密來奪取用戶EC2運算服務，替他們挖掘加密貨幣 https://unit42.paloaltonetworks.com/malicious-operations-of-exposed-iam-keys-cryptojacking 研究人員揭露440萬美元加密貨幣竊盜事故，起因疑與密碼管理解決方案LastPass資料外洩有關 https://www.bleepingcomputer.com/news/security/lastpass-breach-linked-to-theft-of-44-million-in-crypto/ https://twitter.com/zachxbt/status/1717901088521687330 https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/ 土耳其新立法 防範加密貨幣犯罪活動 https://www.chinatimes.com/realtimenews/20231101004176-260410?chdtv 印度發動全國執法行動，查緝網路與加密貨幣詐騙分子 https://www.twcert.org.tw/tw/cp-104-7486-12d29-1.html 比特幣年滿15歲 價值翻漲3,400萬倍 https://www.chinatimes.com/realtimenews/20231101006366-260410?chdtv Multichain在1.26億美元的駭客攻擊後恢復處理橋接交易 https://news.cnyes.com/news/id/5363788 北韓駭客新攻擊》惡意軟體滲透交易所，100天已搬空3億美元 https://www.blocktempo.com/lazarus-group-strikes-again-at-exchange/ 又一無牌交易所被盯上！香港證監會將 HOUNAX 列入「可疑平台」名單 https://blockcast.it/2023/11/02/hk-sfc-added-hounax-to-suspicious-virtual-asset-trading-platforms-alert-list/ 另一加密貨幣業者SafeMoon遭美國SEC提告 https://www.ithome.com.tw/news/159604 PeckShield：Onyx被駭客攻擊受損約210萬美元 https://news.cnyes.com/news/id/5363520 Unibot駭客賣出420萬LMI，LMI日內跌幅達37.7% https://news.cnyes.com/news/id/5363320 穩定幣Frax前端驚傳遭駭！域名商緊急修復後，創辦人籲保持警惕 https://www.blocktempo.com/hackers-attack-frax-front-end-of-web-pages/ 香港證監會發布「代幣化證券」指引：「有條件性開放」散戶參與 https://blockcast.it/2023/11/02/hong-kong-circular-on-tokenisation-of-sfc-authorised-investment-products/ Beosin EagleEye：10 月因駭客攻擊、釣魚詐騙和 Rug Pull 造成的總損失金額，達 5161 萬美元 https://news.knowing.asia/news/f7c2d2bf-6047-44c3-9b62-defb216ad3e3 Block比特幣營收/財測夯、行動支付勁揚 盤後飆 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=431a03ec-dae9-4738-b8e0-aa1db84c4d9b 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 醫療保健業者Henry Schein傳出遭到勒索軟體BlackCat攻擊，35 TB內部資料外流 https://www.bleepingcomputer.com/news/security/blackcat-ransomware-claims-breach-of-healthcare-giant-henry-schein/ 50個國家組織宣誓不向勒索軟體低頭，拒付贖金 https://www.ithome.com.tw/news/159600 惡意軟體StripedFly利用永恆之藍漏洞，感染百萬臺電腦 https://www.ithome.com.tw/news/159563 醫療機構遭勒索軟體攻擊加密率三年來最高 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10778 駭客組織0ktapus部署勒索軟體BlackCat，從事檔案加密及破壞，向受害者進行勒索 https://www.ithome.com.tw/news/159564 駭侵團體假冒 Cosair 在 LinkedIn 上徵才，藉機散布惡意軟體 https://www.twcert.org.tw/tw/cp-104-7484-50c87-1.html 俄羅斯駭客Turla散布後門程式Kazuar，行蹤變得更加隱密 https://unit42.paloaltonetworks.com/pensive-ursa-uses-upgraded-kazuar-backdoor/ LockBit勒索台積電！名古屋港也遭駭癱瘓2天 https://news.cts.com.tw/cts/international/202311/202311022247209.html 惡意軟體Ghostpulse透過MSIX安裝程式散布 https://www.elastic.co/security-labs/ghostpulse-haunts-victims-using-defense-evasion-bag-o-tricks Google動態廣告遭到濫用，攻擊者散布惡意程式 https://www.malwarebytes.com/blog/threat-intelligence/2023/10/malvertising-via-dynamic-search-ads-delivers-malware-bonanza 加拿大多倫多市立圖書館傳出遭勒索軟體Black Basta攻擊 https://www.bleepingcomputer.com/news/security/toronto-public-library-outages-caused-by-black-basta-ransomware-attack/ 資料破壞軟體BiBi-Linux鎖定以色列組織而來 https://www.securityjoes.com/post/bibi-linux-a-new-wiper-dropped-by-pro-hamas-hacktivist-group 新興駭客組織Hunters International攻擊英國學校，疑為勒索軟體Hive捲土重來 https://www.bleepingcomputer.com/news/security/new-hunters-international-ransomware-possible-rebrand-of-hive/ 惡意NuGet套件濫用MSBuild元件部署惡意程式 https://www.reversinglabs.com/blog/iamreboot-malicious-nuget-packages-exploit-msbuild-loophole LockBit 模仿犯使用外洩的程式碼發展新勒索軟體進行攻擊 https://www.docutek.com.tw/newsDetail.php?id=561 低價惡意軟體套件氾濫，導致RAT木馬程式攻擊行動顯著增加 https://www.darkreading.com/endpoint/malware-meal-kits-serve-up-no-fuss-rat-attacks A cascade of compromise: unveiling Lazarus' new campaign https://securelist.com/unveiling-lazarus-new-campaign/110888/ Systemd-Journald https://otx.alienvault.com/pulse/653ce70d6cb295004ddca8a2 A Retrospective on AvosLocker https://www.zscaler.com/blogs/security-research/retrospective-avoslocker GHOSTPULSE haunts victims using defense evasion bag o' tricks https://www.elastic.co/security-labs/ghostpulse-haunts-victims-using-defense-evasion-bag-o-tricks CloudKeys in the Air: Tracking Malicious Operations of Exposed IAM Keys https://unit42.paloaltonetworks.com/malicious-operations-of-exposed-iam-keys-cryptojacking/ Mystic Stealer Revisited https://www.zscaler.com/blogs/security-research/mystic-stealer-revisited Security Brief: TA571 Delivers IcedID Forked Loader https://otx.alienvault.com/pulse/653ffea19a18b3b8df3684eb 駭客組織Prolific Puma向網路罪犯提供短網址服務長達4年之久 https://blogs.infoblox.com/cyber-threat-intelligence/prolific-puma-shadowy-link-shortening-service-enables-cybercrime/ Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime https://blogs.infoblox.com/cyber-threat-intelligence/prolific-puma-shadowy-link-shortening-service-enables-cybercrime/ Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) https://unit42.paloaltonetworks.com/pensive-ursa-uses-upgraded-kazuar-backdoor/ Analysis of activities of suspected APT-C-36 (Blind Eagle) organization launching Amadey botnet Trojan https://mp.weixin.qq.com/s/-7U1-NTP0EdVOtptzbHUsg Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware https://thehackernews.com/2023/10/microsoft-warns-as-scattered-spider.html Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware https://thehackernews.com/2023/10/hackers-using-msix-app-packages-to.html Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html 北韓駭客組織Lazarus針對Mac電腦下手，散布惡意程式Kandykorn https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware https://thehackernews.com/2023/11/north-korean-hackers-tageting-crypto.html Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection https://thehackernews.com/2023/11/turla-updates-kazuar-backdoor-with.html Malicious NuGet Packages Caught Distributing SeroXen RAT Malware https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html 勒索軟體HelloKitty傳出正在利用Apache ActiveMQ的重大漏洞 https://www.rapid7.com/blog/post/2023/11/01/etr-suspected-exploitation-of-apache-activemq-cve-2023-46604/ HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability https://thehackernews.com/2023/11/hellokitty-ransomware-group-exploiting.html 48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems https://thehackernews.com/2023/11/48-malicious-npm-packages-found.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 哈馬斯駭客組織Arid Viper宣稱提供約會應用程式，鎖定阿拉伯安卓用戶下手 https://blog.talosintelligence.com/arid-viper-mobile-spyware/ 蘋果修補iOS裝置的MAC位址廣播漏洞 https://techcrunch.com/2023/10/27/apple-fixes-bug-that-undermined-ios-privacy-feature-for-years/ https://twitter.com/mysk_co/status/1717541345223389346 https://support.apple.com/HT213982 https://support.apple.com/HT213981 https://support.apple.com/HT213988 https://support.apple.com/HT213987 資安專家發現 Android 木馬惡意軟體，可盜錄通話內容 https://www.twcert.org.tw/tw/cp-104-7490-eb2e6-1.html 反對派控政府駭入手機 印度風聲鶴唳 https://udn.com/news/story/6809/7544014 惡意廣告App上架Google Play市集，已有200萬人下載 https://news.drweb.com/show/review/?lng=en&i=14767 多個 Android 惡意軟體上架 Google Play Store，下載達 200 萬次 https://www.twcert.org.tw/tw/cp-104-7488-78efb-1.html iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A- and M-Series CPUs https://thehackernews.com/2023/10/ileakage-new-safari-exploit-impacts.html Canada Bans WeChat and Kaspersky Apps On Government Devices https://thehackernews.com/2023/10/canada-bans-wechat-and-kaspersky-apps.html Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App https://thehackernews.com/2023/10/arid-viper-targeting-arabic-android.html CanesSpy Spyware Discovered in Modified WhatsApp Versions https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 2023 神盾盃資安競賽暨資安論壇公私協力提升台灣資安能量 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10773 數位時代下公益團體的資安現狀 https://reurl.cc/bly0vy 為確保AI安全，28國簽署布萊切利宣言 https://www.ithome.com.tw/news/159602 HTTP/2 Rapid Reset攻擊橫行，2023第三季DDoS流量大幅增加 https://blog.cloudflare.com/ddos-threat-report-2023-q3/ 逾6成白帽駭客利用生成式AI來發現漏洞 https://www.hackerone.com/press-release/hackers-surpass-300-million-all-time-earnings-hackerone-platform 大英圖書館遭遇網路攻擊，網路服務及圖書館業務受到衝擊 https://www.bleepingcomputer.com/news/security/british-library-knocked-offline-by-weekend-cyberattack/ 針對2020年SolarWinds供應鏈攻擊事故，美國證券交易委員指控該公司蓄意隱瞞 https://www.ithome.com.tw/news/159568 英國辦全球AI安全峰會 中共代表引起疑慮 https://reurl.cc/nLRe8e 波音證實遭遇網路攻擊，導致零件配送網站服務中斷 https://www.ithome.com.tw/news/159618 https://www.bleepingcomputer.com/news/security/boeing-confirms-cyberattack-amid-lockbit-ransomware-claims/ https://www.theregister.com/2023/11/02/boeing_cyber_incident/ 北韓駭客Lazarus鎖定軟體供應商發動供應鏈攻擊，企圖竊取原始碼 http://securelist.com/unveiling-lazarus-new-campaign/110888/ 以哈衝突駭客網攻 專家：台灣應引以為戒，加強網路安全 https://www.voacantonese.com/a/lnc-rising-phishing-letters-pose-threat-to-israel-and-taiwan-20231101-cantonese-ry/7336919.html 沈伯洋：反制中共對台作戰必須先具備敵我意識 https://www.cna.com.tw/news/aipl/202311010185.aspx 資訊戰專家揭中共對台八大戰術 https://www.epochtimes.com/b5/23/11/1/n14107804.htm 中國對台威脅加劇 台灣該做好什麼準備 https://www.secretchina.com/news/b5/2023/11/01/1048665.html#google_vignette Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally https://thehackernews.com/2023/11/predictive-ai-in-cybersecurity-outcomes.html SaaS Security is Now Accessible and Affordable to All https://thehackernews.com/2023/11/saas-security-is-now-accessible-and.html Trojanized PyCharm Software Version Delivered via Google Search Ads https://thehackernews.com/2023/10/trojanized-pycharm-software-version.html N. Korean Lazarus Group Targets Software Vendor Using Known Flaws https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East https://thehackernews.com/2023/11/iranian-cyber-espionage-group-targets.html 全國農業金庫徵才報名啟動 https://www.bo6s.com.tw/news_detail.php?NewsID=73256 業務專員_熟悉資安產品與Account Management經驗佳_AMR861 https://www.104.com.tw/job/85kh6?jobsource=googlejobs 資訊工程師 IT Engineer https://www.104.com.tw/job/7dp0d?jobsource=joblist_morej 資安人員 https://www.104.com.tw/job/7tzxi?jobsource=joblist_morej 證交所徵才 強化資安 https://money.udn.com/money/story/5607/7539967 【資訊系統類】資訊安全管理資深/高級專員 https://www.104.com.tw/job/7l9qd?jobsource=joblist_morej D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 身分驗證解決方案業者Okta再傳資料外洩，起因是第三方供應商遭駭 https://www.bleepingcomputer.com/news/security/okta-hit-by-third-party-data-breach-exposing-employee-information/ 美國國防部逾63萬封電子郵件外洩，又是因為服務廠商遭MOVEit Transfaer零時差攻擊所致 https://www.bloomberg.com/news/articles/2023-10-30/hackers-accessed-632-000-email-addresses-at-defense-doj 研究人員揭露濫用維基百科的攻擊手法Wiki-Slack，將Slack用戶進行重新導向 https://www.esentire.com/blog/the-wiki-slack-attack CCleaner 又被駭客入侵，電子郵件、位址全都露 https://today.line.me/tw/v2/article/9m5pkLR CCleaner用戶資料遭外流，原因是母公司遭遇MOVEit Transfer零時差漏洞攻擊 https://twitter.com/troyhunt/status/1717291454341750929 醫療資料整合平臺Mirth Connect存在重大漏洞，恐曝露病人敏感資料 https://www.horizon3.ai/nextgen-mirth-connect-remote-code-execution-vulnerability-cve-2023-43208/ 詐騙集團利用以巴戰爭人道救援騙取加密貨幣捐款 https://www.twcert.org.tw/tw/cp-104-7492-d1342-1.html 有人假冒慈善機構的名義，聲稱為以巴衝突的難民募款行騙 https://www.bleepingcomputer.com/news/security/palestine-crypto-donation-scams-emerge-amid-israel-hamas-war/ 美國內華達州CCSD學區遭遇大規模資料外洩，駭客向家長寄送竊得的學生資料進行施壓 https://www.bleepingcomputer.com/news/security/hackers-email-stolen-student-data-to-parents-of-nevada-school-district/ https://www.reviewjournal.com/local/education/some-ccsd-parents-get-suspicious-email-with-information-about-their-kids-2928929/ https://news3lv.com/news/local/some-ccsd-families-worried-after-receiving-email-from-california-school-district-with-pictures-private-info-about-their-children https://www.databreaches.net/hackers-escalate-leak-200k-ccsd-students-data-claim-to-still-have-access-to-ccsd-email-system/ 伊朗駭客組織MuddyWater鎖定以色列組織，透過N-able遠端管理工具控制受害電腦 https://www.deepinstinct.com/blog/muddywater-en-able-spear-phishing-with-new-ttps Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html ServiceNow Data Exposure: A Wake-Up Call for Companies https://thehackernews.com/2023/10/servicenow-data-exposure-wake-up-call.html EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub https://thehackernews.com/2023/10/elektra-leak-cryptojacking-attacks.html Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html Meta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy Laws https://thehackernews.com/2023/10/meta-launches-paid-ad-free-subscription.html E.研究報告/工具 MITRE發布第14版ATT&CK，強化社交工程、工業控制系統、行動裝置領域攻防敘述 https://medium.com/mitre-attack/attack-v14-fa473603f86b Excel擴充套件檔案XLL成駭客2023年第三季散布惡意程式愛用的十大檔案類型 https://www.theregister.com/2023/11/01/xll_macro_attack_surge/ 為協助資源缺乏的組織強化資安，美國CISA推出免費事件記錄工具Logging Made Easy https://www.cisa.gov/news-events/alerts/2023/10/27/cisa-announces-launch-logging-made-easy 認識資安框架：給資安人員的指南 https://www.jamf.com/zh-tw/blog/security-frameworks-guide-for-infosec-pros/ 國小自學架伺服器、高中解出LINE漏洞！資安國手的「駭客精神」3大學習心法 https://www.parenting.com.tw/article/5096367 Akamai旗下子公司傳出遭到駭客鎖定，透過XMPP即時通訊服務監聽 https://notes.valdikss.org.ru/jabber.ru-mitm/ Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html How to Keep Your Business Running in a Contested Environment https://thehackernews.com/2023/10/how-to-keep-your-business-running-in.html Researchers Expose Prolific Puma's Underground Link Shortening Service https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html F.商業 中小企業的資安挑戰及如何平衡資安需求與資源 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10776 聯華食品攜手Akamai安全落實雲端化目標 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10733 Zyxel宣布推出USG FLEX H 系列安全防火牆，瞄準中小型企業用戶 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10763 TeamT5 與 ThreatQuotient 合作威脅情資整合 助力企業超前部署 https://teamt5.org/tw/posts/teamt5-s-threatvision-integrated-into-threatq/ Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html PentestPad: Platform for Pentest Teams https://thehackernews.com/2023/10/pentestpad-platform-for-pentest-teams.html Hands on Review: LayerX's Enterprise Browser Security Extension https://thehackernews.com/2023/11/hands-on-review-layerxs-enterprise.html G.政府 遭疑中資廠商入院保養半導體設備　工研院：一切合法合規 https://www.mirrormedia.mg/story/20231102soc002 共享運具業者個資外洩罰太輕 北市擬修法最重可廢止營業許可 https://www.ctee.com.tw/news/20231101701514-431401 臺南辦「強化供應鏈資安防護工作坊」 協助產業智慧轉型、資安同行 https://www.tainan.gov.tw/News_Content.aspx?n=13370&s=8599832 中共滲透全世界！國安局長：對岸正以五大面向對台發動「無煙硝戰爭」 https://www.cmmedia.com.tw/home/articles/43225 調查局國際安全研討會登場　陳建仁：假訊息成民主最大威脅 https://www.mirrormedia.mg/story/20231101inv004 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 財團法人電信技術中心：今年底正式發布「無人機資安保障規範」 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10767 Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations https://thehackernews.com/2023/11/mysterious-kill-switch-disrupts-mozi.html D-Link上網安全閘道存在SQL注入漏洞 https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000_sql_:sysmanage:editrole.php.md 國內已有近20款Wi-Fi 6E、7相關產品取得NCC認證，年底前更多產品陸續上市 https://www.ithome.com.tw/news/159623 中製無人機造成資安隱患　美眾議員提議「安全無人機法案」 https://www.ftvnews.com.tw/news/detail/2023B02F01M1 美中科技戰延燒！ 美眾議員提禁購「中製無人機」 https://reurl.cc/z67xV0 硬體信任根：智慧家庭IoT安全的關鍵 https://www.eettaiwan.com/20231102nt33-hard-are-rot-the-key-to-iot-security-in-smart-homes/ OpenPLC WebServer 3 - Denial of Service https://www.exploit-db.com/exploits/51746 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 ISC2 Taipei Chapter 2023年度會員大會暨「信任始於安全」研討會 2023/11/4 https://isc2taipei.kktix.cc/events/nosecuritynotrust 2023金融資安論壇-金融上雲 迎風挑戰資安布局 2023/11/7 https://www.accupass.com/event/2309260331486394385550?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ Hugging Face : Robotics 2023/11/7 https://www.meetup.com/tensorflow-user-group-taipei/events/295006192/ FRC2023 組織賦能研討會 2023/11/8 https://www.accupass.com/event/2310260645001607342200 Atelli × Meta「AI獲客術」掌握數據 高效變現 2023/11/9 https://www.accupass.com/event/2309280434121144355100 Web應用滲透測試 2023/11/9 ~ 2023/11/10 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 MOPCON 2023 2023/11/11 ~ 2023/11/12 https://mopcon.kktix.cc/events/2023-students https://mopcon.kktix.cc/events/mopcon-2023 2023台灣資安通報應變年會 2023/11/14 https://twcert2023conference.kktix.cc/events/20031114 HITCON Carnival 2023 攻防演練論壇 & 賽況導覽 2023/11/14 https://hitcon.kktix.cc/events/hitcon-event-fcode-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512 訓練成效與轉移評量 2023/11/15 https://www.accupass.com/event/2309010250591550572730 Golang Taiwan Gathering #76 @交大資工 2023/11/16 https://www.meetup.com/golang-taipei-meetup/events/296578927/ 國泰天職學X職游｜How IT Works SMART 2023/11/18 https://www.accupass.com/event/2309190510226744374250?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 2023 台灣智動化檢測驗證聯盟大會暨工業安全規範研討會 2023/11/22 https://www.accupass.com/event/2309200309193935682920?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 資安漏洞怎麼補？從認知、布局及端點防護談起(暫時) 2023/11/23 https://metashield.kktix.cc/events/5867ed48 【ACAD安碁學苑】上市上櫃公司資安策略及管控 2023/11/23 https://www.accupass.com/event/2310191642498549788800 High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 2023台北國際金融博覽會 2023/11/24 ~ 2023/11/26 https://www.accupass.com/event/2307200240122074808667 High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ 資安防無懼 一步到位 : Affordable SOC 有效強化企業核心資安防護力 2023/11/28 https://www.gss.com.tw/content-page/173-currcular/3599-2023-11-28 Flutter Meetup #8 2023/11/29 https://www.meetup.com/flutter-taipei/events/296465276/ Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 【Monosparta】②⓪②④ 第一梯次 軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401