###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/9/25 ~ 2023/9/29 1.重大弱點漏洞/後門/Exploit/Zero Day 為減少供應鏈中存在的資安風險，美國CISA發布新版硬體物料清單框架 https://www.cisa.gov/sites/default/files/2023-09/A%20Hardware%20Bill%20of%20Materials%20Framework%20for%20Supply%20Chain%20Risk%20Management%20%28508%29.pdf CI/CD系統TeamCity存在能挾持伺服器的漏洞，研究人員警告可能很快就會出現攻擊行動 https://www.securityweek.com/in-the-wild-exploitation-expected-for-critical-teamcity-flaw-allowing-server-takeover/ https://www.sonarsource.com/blog/teamcity-vulnerability/ https://blog.jetbrains.com/teamcity/2023/09/critical-security-issue-affecting-teamcity-on-premises-update-to-2023-05-4-now/ 網際網路系統協會修補DNS軟體BIND高風險漏洞 https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html 立即更新！GitLab示警並修補嚴重漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10711 Google Chrome推出Safe Browsing功能並協作AI安全 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10721 Google釋出Google-Extended工具，讓出版商拒絕內容被用來訓練AI https://www.ithome.com.tw/news/159042 Google發布電腦版Chrome 117，修補已出現攻擊行動的影音編碼器libvpx元件漏洞 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html Google再緊急修補Chrome零時差漏洞 https://www.ithome.com.tw/news/159044 Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability https://thehackernews.com/2023/09/update-chrome-now-google-releases-patch.html Google Bard臭蟲讓用戶對話出現在公開Google搜尋結果中 https://www.ithome.com.tw/news/159045 IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7040672?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html Microsoft is Rolling out Support for Passkeys in Windows 11 https://thehackernews.com/2023/09/microsoft-is-rolling-out-support-for.html Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data https://thehackernews.com/2023/09/researchers-uncover-new-gpu-side.html Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server https://thehackernews.com/2023/09/progress-software-releases-urgent.html Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts https://thehackernews.com/2023/09/cisco-warns-of-vulnerability-in-ios-and.html MongoDB釋出生成式AI新開發功能，簡化創建與搬遷應用 https://www.ithome.com.tw/news/159038 研究人員揭露顯示晶片旁路漏洞GPU.zip，各家廠商的晶片組都有可能曝險 https://www.hertzbleed.com/gpu.zip/ Mozilla發布Firefox 118，修補高風險記憶體漏洞 https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/ 蘋果發布macOS 14 Sonoma，修補逾60個漏洞 https://www.securityweek.com/macos-14-sonoma-patches-60-vulnerabilities/ 開源即時通訊系統Openfire存在高風險漏洞，已被用於攻擊行動 https://www.bleepingcomputer.com/news/security/hackers-actively-exploiting-openfire-flaw-to-encrypt-servers/ 針對日前修補的libwebp零時差漏洞，Google將其CVSS評分提升至10分 https://www.bleepingcomputer.com/news/security/google-assigns-new-maximum-rated-cve-to-libwebp-bug-exploited-in-attacks/ Atlassian修補旗下Jira、Confluence、Bitbucket、Bamboo漏洞 https://confluence.atlassian.com/security/security-bulletin-september-19-2023-1283691616.html 趨勢科技修復 Apex One 端點保護解決方案的 0-day 漏洞 https://www.twcert.org.tw/tw/cp-104-7422-f4338-1.html 12,000 台 Juniper 網通產品內含嚴重 RCE 漏洞 https://www.twcert.org.tw/tw/cp-104-7420-59097-1.html 2.銀行/金融/保險/證券/金融監理 新聞及資安 北美、歐洲安卓用戶遭到金融木馬Xenomorph鎖定 https://www.threatfabric.com/blogs/xenomorph 逾40家拉丁美洲銀行客戶遭到木馬程式BBTok鎖定 https://research.checkpoint.com/2023/behind-the-scenes-of-bbtok-analyzing-a-bankers-server-side-components/ Behind the Scenes of BBTok: Analyzing a Banker’s Server Side Components https://research.checkpoint.com/2023/behind-the-scenes-of-bbtok-analyzing-a-bankers-server-side-components/ New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks https://thehackernews.com/2023/09/new-variant-of-banking-trojan-bbtok.html Xenomorph Malware Strikes Again: Over 30+ US Banks Now Targeted https://www.threatfabric.com/blogs/xenomorph Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions https://thehackernews.com/2023/09/xenomorph-banking-trojan-new-variant.html 金融、電商、電信業注意! 機器人攻擊造成英美企業年損失達8,560萬美元 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10720 今年上半資安險理賠飆升，原因是勒索軟體攻擊大幅增加 https://info.coalitioninc.com/rs/566-KWJ-784/images/Coalition_2023-Claims-Mid-Year-Update.pdf 銀行 忙培訓資安高階專家 https://www.ctee.com.tw/news/20230925700058-439901 防駭壓力測試 金融業10月大演練 https://www.chinatimes.com/newspapers/20230925000100-260202?chdtv 【2023資安SOC臺灣需求現況】法遵壓力增大，驅動企業強化資安 https://www.ithome.com.tw/news/158990 3.信用卡/電子支付/行動支付/pay/支付系統/資安 全支付創國內首見電子支付買基金 落地商轉 https://news.cnyes.com/news/id/5333029 街口支付10/2跨境日本　全支付電支雞落地商轉 https://www.cardu.com.tw/news/detail.php?49826 街口支付攜手PayPay 打造全新日本支付體驗 https://reurl.cc/WvDRRD 百貨App綁卡盜刷頻傳！ 將研擬防堵機制 https://reurl.cc/QZ4eeZ 防止行動盜刷3大要訣 下載網銀加LINE收簡訊 https://reurl.cc/m0lrr7 百貨APP綁卡屢遭盜刷　聯卡中心兩方向阻詐 https://www.cardu.com.tw/news/detail.php?49830 街口支付日本店家付款流程教學：到日本也能用台灣行動支付了 https://applealmond.com/posts/204804 蘋果錢包、Apple Pay遭指控違反市場壟斷！但法官不這麼認為 https://tech.udn.com/tech/story/123151/7472754 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 北韓駭客組織Lazarus Group大豐收！錢包曝光持有逾4千萬比特幣 https://abmedia.io/north-korea-hacker-lazarus-group-holding-bitcoin 100天竊3億鎂加密資產，北韓駭客「拉撒路集團」將目標從DeFi轉向CEX https://www.blocktempo.com/how-the-lazarus-group-is-stepping-up-crypto-hacks-and-changing-its-tactics/ 香港加密貨幣公司 慘遭駭客竊走2億美元 https://ec.ltn.com.tw/article/breakingnews/4439351 Mixin Network遭駭客攻擊，涉及資金約2億美元 https://www.binance.com/zh-TC/feed/post/2023-09-25-mixin-network-2-1202796 一覽入圍 ETHGlobal 紐約駭客松的 13 個獲勝專案 https://web3caff.com/zh_tc/archives/72094 Justin Sun：HTX已全額承擔駭客攻擊造成的損失，用戶資產安全 https://news.cnyes.com/news/id/5333221 Cyvers Alerts：HTX熱錢包遭駭客攻擊損失約790萬美元 https://news.cnyes.com/news/id/5333209 火幣遇駭被盜 5 千枚 ETH！孫宇晨：相當於兩週收入、全額彌補損失 https://blockcast.it/2023/09/26/htx-lost-8m-of-ether-due-to-a-hack/ MICA Daily｜HTX 火幣交易所遭攻擊，孫宇晨公布駭客地址 https://news.owlting.com/articles/474706 加密貨幣新聞摘要2023/09/26：HTX 駭客攻擊損失 800萬、美聯儲：代幣化降低進入其它市場的門檻、Vitalik將大量 ETH 轉至 Coinbase https://www.dcard.tw/f/blockchain/p/253400978 駭侵者假冒討債公司，攻擊 Celsius 加密貨幣借貸服務債權人 https://www.twcert.org.tw/tw/cp-104-7424-7deb4-1.html TikTok 上充斥假冒 Elon Musk 的加密貨幣發放詐騙攻擊 https://www.twcert.org.tw/tw/cp-104-7414-c1adf-1.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 繼聲稱竊得Sony內部資料，勒索軟體駭客RansomedVC向日本電信業者NTT Docomo勒索 https://www.resecurity.com/blog/article/ransomedvc-in-the-spotlight-what-is-known-about-the-ransomware-group-targeting-major-japanese-businesses 駭客鎖定GitHub儲存庫，假借機器人程式Dependabot植入惡意程式碼 https://checkmarx.com/blog/surprise-when-dependabot-contributes-malicious-code/ 駭客組織ShadowSyndicate運用7款勒索軟體從事攻擊行動 https://www.group-ib.com/blog/shadowsyndicate-raas/ 科威特財政部傳出遭勒索軟體Rhysida攻擊 https://securityaffairs.com/151501/cyber-crime/rhysida-ransomware-kuwait-ministry-of-finance.html 駭客組織Sandman鎖定電信業者散布惡意軟體LuaDream https://s1.ai/Sandman 烏克蘭軍方遭到鎖定，駭客利用無人機手冊當誘餌，散布惡意程式 https://www.securonix.com/blog/threat-labs-security-advisory-new-starkvortex-attack-campaign-threat-actors-use-drone-manual-lures-to-deliver-merlinagent-payloads/ 病毒攻擊AI化！衍生「勒索洗錢產業鏈」　台灣企業成國際駭客肥羊 https://today.line.me/tw/v2/article/x2JYyOj P2PInfect 僵屍網路透過各種隱形變種惡意軟體，活動量暴增 600 倍 https://www.twcert.org.tw/tw/cp-104-7426-e94ef-1.html From ScreenConnect to Hive Ransomware in 61 hours https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/ PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/ GOLD MELODY: Profile of an Initial Access Broker https://www.secureworks.com/research/gold-melody-profile-of-an-initial-access-broker RedLine Stealer : A new variant surfaces, Deploying using Batch Script https://www.cyfirma.com/outofband/redline-stealer-a-new-variant-surfaces-deploying-using-batch-script/ New STARK#VORTEX Attack Campaign: Threat Actors Use Drone Manual Lures to Deliver MerlinAgent Payloads https://www.securonix.com/blog/threat-labs-security-advisory-new-starkvortex-attack-campaign-threat-actors-use-drone-manual-lures-to-deliver-merlinagent-payloads/ Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics https://thehackernews.com/2023/09/deadglyph-new-advanced-backdoor-with.html A multi-ransomware cybercriminal group https://www.cert.ssi.gouv.fr/uploads/CERTFR-2023-CTI-007.pdf https://www.cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-007/ 駭客假借提供密碼管理軟體Bitwarden，散布惡意軟體ZenRAT https://www.proofpoint.com/us/blog/threat-insight/zenrat-malware-brings-more-chaos-calm 美國針對勒索軟體Snatch的攻擊行動提出警告 https://www.darkreading.com/attacks-breaches/fbi-cisa-issue-joint-warning-on-snatch-ransomware-as-a-service 檔案下載工具Free Download Manager遭植入惡意程式，疑烏克蘭駭客所為 https://thehackernews.com/2023/09/ukrainian-hacker-suspected-to-be-behind.html https://securelist.com/backdoored-free-download-manager-linux-malware/110465/ https://www.freedownloadmanager.org/blog/?p=664 勒索軟體BlackCat聲稱入侵車輛資訊系統製造商Clarion https://www.securityweek.com/researchers-discover-attempt-to-infect-leading-egyptian-opposition-politician-with-predator-spyware/ ZenRAT: Malware Brings More Chaos Than Calm https://www.proofpoint.com/us/blog/threat-insight/zenrat-malware-brings-more-chaos-calm Dusting for fingerprints: ShadowSyndicate, a new RaaS player https://www.group-ib.com/blog/shadowsyndicate-raas/ It's not everyday you find an unattributed, undocumented bootkit on your device https://hybrid-analysis.com/sample/3a5ebc49abc447974cf0ed138d3fba477f94802ecab50f65e92742c125f635cb https://hybrid-analysis.com/sample/26a134a7a2f3fc32cf893b0023f6eccf035c588d4b2dafadef44ecc48ccd5848 https://hybrid-analysis.com/sample/94437ed7d32a626c1efa05a9458ac3cdc89b543551869add2fbe5fc3921dcd40 https://hybrid-analysis.com/sample/69ec979973471faa9299f9990f7399b162a93120cf21e99cd5fa217d5d8171e8 https://www.virustotal.com/gui/file/c7aedc5f97bcb4bf316d2645aaf9871f8c67de663cd777c61324a9ef2d5a7738/details https://www.virustotal.com/gui/file/3a5ebc49abc447974cf0ed138d3fba477f94802ecab50f65e92742c125f635cb/details https://www.virustotal.com/gui/file/067fc514414e89fa29898b3d61ce88577bebc2fbcad0ba42c2b769698c8baafc?nocache=1 Surprise: When Dependabot Contributes Malicious Code https://checkmarx.com/blog/surprise-when-dependabot-contributes-malicious-code/ A cryptor, a stealer and a banking trojan https://securelist.com/crimeware-report-asmcrypt-loader-lumma-stealer-zanubis-banker/110512/ Malicious ad served inside Bing's AI chatbot https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot Uknown Java Implant - /usr/share/java/jondo/JAP.jar https://www.virustotal.com/gui/file/5a8bed8bbd97ff19c7eb8ef44e4bac74a46d177100cd873ba50a624132844223/behavior https://hybrid-analysis.com/sample/5a8bed8bbd97ff19c7eb8ef44e4bac74a46d177100cd873ba50a624132844223/65166219479b17414402d3dd Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers https://thehackernews.com/2023/09/critical-jetbrains-teamcity-flaw-could.html New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software https://thehackernews.com/2023/09/new-zenrat-malware-targeting-windows.html ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families https://thehackernews.com/2023/09/shadowsyndicate-new-cybercrime-group.html Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites https://thehackernews.com/2023/09/microsofts-ai-powered-bing-chat-ads-may.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 埃及政府傳出對總統候選人下手，利用零時差漏洞在iPhone手機植入間諜軟體Predator https://www.ithome.com.tw/news/158942 https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/ https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/ APT36 駭侵團體以假冒 YouTube App 感染 Android 行動裝置 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10718 蘋果上周修補的3個漏洞是被用來安裝Predator間諜程式 https://www.ithome.com.tw/news/158942 New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable https://thehackernews.com/2023/09/apple-rushes-to-patch-3-new-zero-day.html Post-Quantum Cryptography: Finally Real in Consumer Apps https://thehackernews.com/2023/09/post-quantum-cryptography-finally-real.html 來電辨識軟體遭駭侵團體變造植入惡意軟體 https://www.twcert.org.tw/tw/cp-104-7436-255d9-1.html 通訊軟體 Signal 推出可對抗量子電腦運算的端對端加密演算法 https://www.twcert.org.tw/tw/cp-104-7428-e086f-1.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 兩岸網路戰打得火熱其實是好事？耶魯大學教授：一個國家若不準備動武，網路攻擊是最物美價廉的做法 https://www.businesstoday.com.tw/article/category/183025/post/202309260023/ 中國大陸 两高一部联合印发《关于依法惩治网络暴力违法犯罪的指导意见》 https://www.aqniu.com/industry/99925.html 中國大陸外交部：美國持續監控華為　以非法手段企圖阻撓中國企業發展 https://www.881903.com/news/china/2503710 中國大陸國安部：美人計、高薪兼職、網路聊天都可能是境外間諜陷阱 https://www.chinatimes.com/realtimenews/20230925001787-260409?ctrack=pc_main_rtime_p01&chdtv 中國大陸揭境外間諜勾連手段　扮美女索機密 https://hk.on.cc/hk/bkn/cnt/cnnews/20230925/bkn-20230925180101585-0925_00952_001.html 百慕達政府遭駭侵攻擊 https://www.twcert.org.tw/tw/cp-104-7434-3e9ea-1.html 奧克蘭大眾運輸系統管理中心疑因勒贖攻擊而癱瘓 https://www.twcert.org.tw/tw/cp-104-7416-f9b11-1.html 東南亞政府機關遭到駭客組織Gelsemium鎖定 https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ 中國、北韓多個駭客組織鎖定美國衛生機構而來 https://www.hhs.gov/sites/default/files/dprk-chinese-cyber-crime-threats-us-hph.pdf 後門程式Deadglyph鎖定中東而來 https://www.welivesecurity.com/en/eset-research/stealth-falcon-preying-middle-eastern-skies-deadglyph/ 美國國家學生資訊交換所遭遇MOVEit Transfer零時差漏洞攻擊，影響890所學校 https://www.ithome.com.tw/news/158882 110個組織遭勒索軟體Akira鎖定，利用思科SSL VPN漏洞入侵，加密Windows、Linux電腦檔案 https://www.logpoint.com/en/blog/emerging-threat/emerging-threat-akira-not-a-cyberpunk-movie-a-very-real-ransomware-threat/ 後門程式Deadglyph鎖定中東政府機關而來 https://www.welivesecurity.com/en/eset-research/stealth-falcon-preying-middle-eastern-skies-deadglyph/ 中國、北韓駭客組織鎖定美國衛生機構及醫療產業而來 https://www.hhs.gov/sites/default/files/dprk-chinese-cyber-crime-threats-us-hph.pdf 東南亞政府機關遭到駭客組織中國駭客Mustang Panda、Alloy Taurus、Gelsemium鎖定 https://thehackernews.com/2023/09/new-report-uncovers-three-distinct.html Iranian Nation-State Actor OilRig Targets Israeli Organizations https://thehackernews.com/2023/09/iranian-nation-state-actor-oilrig.html Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/ Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda https://unit42.paloaltonetworks.com/stately-taurus-attacks-se-asian-government/ From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese https://thehackernews.com/2023/09/from-watering-hole-to-spyware.html New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government https://thehackernews.com/2023/09/new-report-uncovers-three-distinct.html Examining the Activities of the Turla APT Group https://www.trendmicro.com/en_us/research/23/i/examining-the-activities-of-the-turla-group.html https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/i/examining-the-activities-of-the-turla-apt-group/ioc-examining-the-activities-of-the-turla-apt-group.txt Multi-year Chinese APT Campaign Targets South Korean Academic, Government, and Political Entities https://go.recordedfuture.com/hubfs/reports/cta-2023-0919.pdf https://www.recordedfuture.com/multi-year-chinese-apt-campaign-targets-south-korean-academic-government-political-entities Budworm: APT Group Uses Updated Custom Tool in Attacks on Government and Telecoms Org https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/budworm-tool-update-telecoms-govt 中國駭客TAG-74發起攻擊行動，鎖定韓國散布後門程式ReVBShell https://www.recordedfuture.com/multi-year-chinese-apt-campaign-targets-south-korean-academic-government-political-entities Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign https://thehackernews.com/2023/09/chinese-hackers-tag-74-targets-south.html China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies https://thehackernews.com/2023/09/china-linked-budworm-targeting-middle.html 中國駭客BlackTech竄改思科路由器韌體，入侵美國、日本跨國企業的網路環境 https://www.securityweek.com/chinese-gov-hackers-caught-hiding-in-cisco-router-firmware/ https://media.defense.gov/2023/Sep/27/2003309107/-1/-1/0/CSA_BLACKTECH_HIDE_IN_ROUTERS_TLP-CLEAR.PDF https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csa-cyber-report-sept-2023 China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies https://thehackernews.com/2023/09/chinas-blacktech-hacking-group.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 網紅收1郵件，點開慘噴10幾萬！揭信用卡遭盜刷經過：瞬間變窮光蛋 https://www.storm.mg/lifestyle/4874077 旅遊淪詐騙1／真假旅遊網站難辨　Booking.com遭鎖定？網友示警「要小心」 https://www.ctwant.com/article/286012 旅遊淪詐騙2／雄獅個資外洩36萬筆民眾成肥羊 警：打165查詐騙最準 https://reurl.cc/8Nq02b 資安業者Mandiant針對中國駭客的威脅提出警告，手法從社交工程逐漸轉向漏洞利用攻擊 https://www.ithome.com.tw/news/159003 Sony傳出資料外洩，有兩組人馬聲稱是他們所為 https://www.ithome.com.tw/news/159013 https://www.hackread.com/ransomedvc-ransomware-group-sony-cyberattack/ https://www.bleepingcomputer.com/news/security/sony-investigates-cyberattack-as-hackers-fight-over-whos-responsible/ LastPass用戶遭鎖定，駭客對其發動釣魚郵件攻擊，要脅若不驗證部分功能將遭停用 https://www.ithome.com.tw/news/158995 https://www.malwarebytes.com/blog/news/2023/09/nasty-lastpass-phish https://blog.lastpass.com/2023/09/lastpass-threat-intel-team-and-phishlabs-work-together-to-protect-customers-from-phishing-scams/ 研究人員揭露新的ZeroFont網釣攻擊手法，佯稱郵件已通過防護系統掃描 http://isc.sans.edu/diary/A+new+spin+on+the+ZeroFont+phishing+technique/30248/ 駭客組織AtlasCross佯稱美國紅十字會，意圖透過釣魚郵件散布惡意程式 http://nsfocusglobal.com/warning-newly-discovered-apt-attacker-atlascross-exploits-red-cross-blood-drive-phishing-for-cyberattack/ 釣魚簡訊攻擊Smishing Triad範圍延伸到阿拉伯聯合大公國 https://www.resecurity.com/blog/article/Smishing-Triad-Impersonates-Emirates-Post-Target-UAE-Citizens 駭客利用冒充訂房網站Booking.com進行網釣攻擊 https://www.ithome.com.tw/news/158944 駭客透過冒牌訂房網站Booking.com竊取信用卡資料 https://www.akamai.com/blog/security-research/sophisticated-phishing-campaign-targeting-hospitality Booking.com遭鎖定成「詐騙工具」　今年案件已破百！業者回應了 https://www.mirrormedia.mg/story/20230925edi029 Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations https://www.mandiant.com/resources/blog/apt29-evolving-diplomatic-phishing Warning: Newly Discovered APT Attacker AtlasCross Exploits Red Cross Blood Drive Phishing for Cyberattack https://nsfocusglobal.com/warning-newly-discovered-apt-attacker-atlascross-exploits-red-cross-blood-drive-phishing-for-cyberattack/ Stealing More Than Towels: The New InfoStealer Campaign Hitting Hotels and Travel Agencies https://perception-point.io/blog/stealing-more-than-towels-the-new-infostealer-campaign-hitting-hotels-and-travel-agencies/ Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests https://www.akamai.com/blog/security-research/sophisticated-phishing-campaign-targeting-hospitality Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals https://thehackernews.com/2023/09/ukrainian-military-targeted-in-phishing.html Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors https://thehackernews.com/2023/09/red-cross-themed-phishing-attacks.html GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions https://thehackernews.com/2023/09/github-repositories-hit-by-password.html 加拿大安省懷孕生育機構遭駭客入侵 300萬省民資料外洩 https://reurl.cc/1Ge3mY Sony爆旗下所有系統遭入侵 駭客組織得手近6,000份檔案揚言暗網販售 https://game.udn.com/game/story/122089/7466159?from=udn-indexnewnews_ch2003 四種人容易成為身份盜竊目標 https://blog.trendmicro.com.tw/?p=79047 E.研究報告/工具 人性弱點是網路防禦最弱環節 https://reurl.cc/ZyX91A 【提升資安SOC能力關鍵】聚焦新資安設備普及、自動化SOAR及AI成熟度發展 https://www.ithome.com.tw/news/158988 【技术原创】Zyxel固件解密 https://www.4hou.com/posts/rqYW 基于机器学习的 Android 恶意 App 识别 https://www.4hou.com/posts/WKXJ 加密C2框架Mythic流量分析 https://www.4hou.com/posts/PKAw How to Interpret the 2023 MITRE ATT&CK Evaluation Results https://thehackernews.com/2023/09/how-to-interpret-2023-mitre-att.html Are You Willing to Pay the High Cost of Compromised Credentials https://thehackernews.com/2023/09/are-you-willing-to-pay-high-cost-of.html Essential Guide to Cybersecurity Compliance https://thehackernews.com/2023/09/essential-guide-to-cybersecurity.html Go further and faster with your technology https://www.insight.com/en_US/home.html?_m=3n.009a.3158.kl0ao0dcsu.25a2 Threat Report: High Tech Industry targeted the most with 46% of attack traffic tagged by NLX https://thehackernews.com/2023/09/threat-report-high-tech-industry.html New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On https://thehackernews.com/2023/09/new-survey-uncovers-how-companies-are.html The Convergence of AI + Cybersecurity https://abnormalsecurity.com/convergence?utm_source=hackernews&_m=3n.009a.3159.kl0ao0dcsu.25bg Online Master's in Cybersecurity Risk Management https://scs.georgetown.edu/programs/484/online/online-masters-in-cybersecurity-risk-management/ The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies https://thehackernews.com/2023/09/the-dark-side-of-browser-isolation-and.html F.商業 思科收購 Splunk著眼AI的安全與韌性 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10715 HPE Aruba Networking 推出新的 2.5GB 交換器與 Wi-Fi 6 存取點 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10716 Tenable推出全新資通安全弱點通報平台 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10704 AWS一口氣釋出多項生成式AI新功能，並正式推出Amazon Bedrock https://www.ithome.com.tw/news/159040 趨勢舉辦全球員工AI競賽 微軟贊助釋放人才潛能 https://www.ctimes.com.tw/DispNews/tw/230925153333.shtml IBM 認為人工智慧、自動化將是企業最大護盾 https://www.inside.com.tw/article/32893-ibm-ai-security Bitdefender 在臺推出防毒資安軟體繁體中文版並成立 7×24 在地服客服團隊 https://reurl.cc/l7vgZd 今年最大科技併購案！思科收購資安公司 Splunk，兩原因揭露為何值得砸 9 千億 https://www.managertoday.com.tw/articles/view/67467?utm_source=copyshare Google澄清與博通之間關係並未生變，雙方仍舊人工智慧運算維持合作 https://reurl.cc/p5Lr6a G.政府 數位部預告修正資安法 公部門禁用危害國家資安產品 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10717 資訊服務採購作業指引9月25日正式上路，明訂公部門編列專屬資安預算 https://www.ithome.com.tw/news/158979 https://www.ithome.com.tw/article/158898 https://planpe.pcc.gov.tw/prms/explainLetter/readPrmsExplainLetterContentDetail?pkPrmsRuleContent=75001760&_csrf=41c91031-1b1a-45e1-8814-ff2f59c93227 政府資服採購指引上路 四大重點可不訂底價 https://www.ctee.com.tw/news/20230926700724-430104 數位部預告修正資安法，明訂公部門禁用危害國家安全的資安產品 https://www.cna.com.tw/news/afe/202309230215.aspx 唐鳳出席全球新興科技峰會　拜會AIT主席、Meta高層 https://www.ftvnews.com.tw/news/detail/2023925W0310 唐鳳接受美媒專訪：AI將對中共極權形成挑戰 https://reurl.cc/5OM41V 唐鳳訪美拜會AIT華府總部 共商資安聯防 https://www.cna.com.tw/news/afe/202309250213.aspx 澳洲參眾議員訪團來台 交流印太情勢、資安等議題 https://www.cna.com.tw/news/aipl/202309250035.aspx 睽違兩年 工研院 ICT TechDay 資通訊日10月登場 https://www.sinotrade.com.tw/richclub/news/6511290007900a8711a68a81 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Raspberry Pi 5開放預購，終於有電源鍵了 https://www.ithome.com.tw/news/159043 數位風暴襲擊　全球汽車影音設備龍頭遭駭客入侵 https://www.technice.com.tw/uncategorized/71908/ 前進歐洲?! 需要考慮車用資安測試及資安標準 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000674522_15Q66GAF1UC3P83QGD9Y2 華碩、亞旭、微軟三強聯手！共同打造整合 OT、CT 與 IT 智慧工廠，開創智慧製造新里程 https://buzzorange.com/techorange/2023/09/25/asus-askey-microsoft/ I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 【 2023/10 】WordPress 台北小聚 - WordCamp Taiwan 2023 準備完售 @ 資策會Living Lab+ 2023/10/2 https://www.meetup.com/taipei-wordpress/events/296248047/ Hugging Face : Document Question Answering 2023/10/3 https://www.meetup.com/tensorflow-user-group-taipei/events/295006156/ SyntaxError 2023/10/4 https://www.meetup.com/pythonhug/events/296099362/ 雲上漫遊 Party on Cloud 派對 2023/10/4 https://www.accupass.com/event/2309280558551378413130?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ Airflow Taiwan User Meetup #9 2023/10/5 https://www.meetup.com/taipei-py/events/295948520/ 網路自由小聚特別場： TWIGF 會後趴 - 今年國內外大拜拜大家都在談些什麼 2023/10/5 https://ocftw.kktix.cc/events/internetfreedom-october2023-special HackingThursday 固定聚會@2023 -- 台北 Taipei 2023/10/5 https://www.meetup.com/hackingthursday/events/296123372/ Robotics Initial Meetup 2023/10/5 https://www.meetup.com/taipei-robotics-meetup-group/events/296377686/ .NET / Java 安全程式開發達人集訓班 2023/10/5 ~ 2023/10/6 https://www.accupass.com/event/2308220855471251214400?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 國家高速網路與計算中心 雲端平台 - 奇靈雲用戶教育訓練 2023/10/12 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4062&from_course_list_url=course_index Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary Taipei DevOps User Group Launch Event, supported by Wankuma Alliance 2023/10/13 https://www.meetup.com/taipei-devops-user-group/events/295716641/ 資安五四三 2023/10/13 https://csa.kktix.cc/events/202310-543 Taipei DevOps User Group Launch Event 2023/10/13 https://www.meetup.com/taipei-devops-user-group/events/295716641/ 《歐立威科技 2023 研討會》10/13 | 【線上】Vault 進階實戰工作坊：零信任安全策略&資料保護 2023/10/13 https://www.accupass.com/event/2309130552361111434529?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 國家高速網路與計算中心 平行計算程式設計基礎課程 2023/10/17 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4033&from_course_list_url=homepage Elixir Taiwan monthly meetup 2023/10/17 https://www.meetup.com/elixirtw-taipei/events/296057946/ 數位轉型-看見台灣數位競爭力 國際論壇暨成果發表會 2023/10/17 https://www.accupass.com/event/2309130748501529132371?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 國家高速網路與計算中心 三維空間資訊共構教育訓練 2023/10/18 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4065&from_course_list_url=course_index 國家高速網路與計算中心 資料聯盟技術教育訓練 2023/10/18 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4066&from_course_list_url=course_index 【強化DevOps開發流程安全】 說明會報名 2023/10/19 https://www.accupass.com/event/2309080142511166709262?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 國家高速網路與計算中心 ANSYS LS-DYNA基礎訓練課程 2023/10/20 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4029&from_course_list_url=course_index OCF 培訓活動: 如何建立安全的網路架構 II 2023/10/21 https://ocftw.kktix.cc/events/ocftot2023 After WordCamp：你參加 WordCamp Taiwan 2023了嗎？ - 彰化小聚#34 2023/10/21 https://www.meetup.com/changhua-wordpress-meetup-group/events/296254308/ AI/Machine Learning Trivia Night! 2023/10/24 https://www.meetup.com/taipei_langchain/events/296326252/ Drupal 台北小聚 - 聊天、喝飲料、吃Pizza @聖誕老人國際股份有限公司 2023/10/25 https://www.meetup.com/drupal-mentoring-taipei/events/296351711/ (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023 旅遊服務銜接 AIGC 的各種坑 2023/10/30 https://www.meetup.com/rladies-taipei/events/296239571/ ISC2 Taipei Chapter 2023年度會員大會暨「信任始於安全」研討會 2023/11/4 https://isc2taipei.kktix.cc/events/nosecuritynotrust 2023金融資安論壇-金融上雲 迎風挑戰資安布局 2023/11/7 https://www.accupass.com/event/2309260331486394385550?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ Web應用滲透測試 2023/11/9 ~ 2023/11/10 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 MOPCON 2023 2023/11/11 ~ 2023/11/12 https://mopcon.kktix.cc/events/2023-students https://mopcon.kktix.cc/events/mopcon-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512 國泰天職學X職游｜How IT Works SMART 2023/11/18 https://www.accupass.com/event/2309190510226744374250?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ 2023 台灣智動化檢測驗證聯盟大會暨工業安全規範研討會 2023/11/22 https://www.accupass.com/event/2309200309193935682920?utm_source=web&utm_medium=search_result_%E8%B3%87%E5%AE%89&utm_campaign=accu_e_ High Velocity ITSM Taipei 2023/11/25 https://www.meetup.com/taipei-atlassian-community-events/events/295913312/ Jamf Nation Live Taipei 2023 2023/12/19 https://jamf.kktix.cc/events/jamfnation2023 【Monosparta】②⓪②④ 第一梯次 軟體開發實戰訓練營➠線上說明會 2024/1/17 https://trunk-studio.kktix.cc/events/monosparta-202401