資安事件新聞週報 2023/8/21 ~ 2023/8/25

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/8/21 ~ 2023/8/25 1.重大弱點漏洞/後門/Exploit/Zero Day 中國駭客濫用含有漏洞的瀏覽器、防毒軟體檔案，透過DLL挾持部署Cobalt Strike https://www.sentinelone.com/labs/chinese-entanglement-dll-hijacking-in-the-asian-gambling-sector/ 企業儲存系統Dell Compellent的整合工具存在寫死帳密漏洞，VMware vCenter管理員帳號曝險 https://www.darkreading.com/threat-intelligence/dell-credentials-bug-vmware-environments-takeover https://www.dell.com/support/kbdoc/zh-tw/000216615/dsa-2023-282-security-update-for-dell-storage-integration-tools-for-vmware-dsitv-vulnerabilities https://forum.defcon.org/node/245711 Jenkins修補外掛程式的CSRF及XSS漏洞 https://www.securityweek.com/jenkins-patches-high-severity-vulnerabilities-in-multiple-plugins/ Juniper修補網路設備作業系統的RCE漏洞 https://www.juniper.net/documentation/us/en/software/jweb-ex/jweb-ex-application-package/topics/concept/ex-series-j-web-interface-overview-App.html Juniper公告 Junos OS漏洞影響SRX及EX所有版本 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10642 Juniper 近日發布針對 Junos OS 中多個弱點的安全報告 https://www.cisa.gov/news-events/alerts/2023/08/18/juniper-releases-security-advisory-multiple-vulnerabilities-junos-os New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now https://thehackernews.com/2023/08/new-juniper-junos-os-flaws-expose.html 開源網管軟體OpenNMS存在漏洞，有可能被用於竊取資料、發動DoS攻擊 https://www.darkreading.com/application-security/patch-now-opennms-bug-steals-data-triggers-denial-of-service https://www.synopsys.com/blogs/software-security/cyrc-advisory-cve-2023-0871-opennms/ https://opennms.atlassian.net/browse/NMS-16069?jql=text ~ "CVE-2023-0871" 美國CISA 將 Citrix ShareFile 漏洞加到 KEV 清單 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10635 The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack https://thehackernews.com/2023/08/the-vulnerability-of-zero-trust-lessons.html 零信任的漏洞：Storm-0558 駭客事件的教訓 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10643 駭客自4月就利用WinRAR零時差漏洞發動攻擊 https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/ RARLAB 已發布安全更新，以解決 WinRAR 的弱點 https://www.zerodayinitiative.com/advisories/ZDI-23-1152/ WinRAR存在RCE漏洞，8月發布6.23版進行修補 https://www.zerodayinitiative.com/advisories/ZDI-23-1152/ WinRAR 再傳漏洞　駭客利用零時差漏洞竊取投資人加密貨幣 https://netmag.tw/2023/08/25/winrar-retransmits-loophole-hackers-using-zero-zero-loophole-to-steal-investors-cryptocurrency New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC https://thehackernews.com/2023/08/new-winrar-vulnerability-could-allow.html WinRAR Security Flaw Exploited in Zero-Day Attacks to Target Traders https://thehackernews.com/2023/08/winrar-security-flaw-exploited-in-zero.html Cisco 發布多個產品的安全公告 https://www.cisa.gov/news-events/alerts/2023/08/17/cisco-releases-security-advisories-multiple-products Ivanti修補旗下行動裝置管理平臺的API身分驗證繞過漏洞，並指出已出現攻擊行動 https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software https://thehackernews.com/2023/08/ivanti-warns-of-critical-zero-day-flaw.html Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog https://thehackernews.com/2023/08/critical-adobe-coldfusion-flaw-added-to.html 逾3千臺開源即時通訊系統Openfire尚未修補路徑穿越漏洞，未經身分驗證的攻擊者可建立新的管理員帳號而奪取這些系統 https://www.bleepingcomputer.com/news/security/over-3-000-openfire-servers-vulnerable-to-takover-attacks/ https://vulncheck.com/blog/openfire-cve-2023-32315 https://github.com/igniterealtime/Openfire/security/advisories/GHSA-gw42-f939-fhvm Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw https://thehackernews.com/2023/08/thousands-of-unpatched-openfire-xmpp.html Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches https://thehackernews.com/2023/08/urgent-fbi-warning-barracuda-email.html 美國針對Barracuda郵件安全閘道用戶提出警告，已修補漏洞的設備仍可能遭到攻擊，因此呼籲用戶更換 https://www.ic3.gov/Media/News/2023/230823.pdf Google首度發布Chrome每週更新，修補4個高風險漏洞 https://www.securityweek.com/first-weekly-chrome-security-update-patches-high-severity-vulnerabilities/ 2.銀行/金融/保險/證券/金融監理新聞及資安金管會提醒企業重視資安風險管理，並適時評估投保資安保險 https://www.ib.gov.tw/ch/home.jsp?id=239&parentpath=0,2,238&mcustomize=news_view.jsp&dataserno=202308240009&dtable=News 金管會公布資安險市場需求大躍進 2022年增逾1倍 https://udn.com/news/story/7239/7392745 「資安風險」保費驟增！2022年飆破4億　5年翻4.51倍 https://finance.ettoday.net/news/2568176 企業風險意識提高 2022年資安險首度賣破600件 https://reurl.cc/VLkdEQ 嘸「鯰魚效應」！純網銀虧錢業務.資安挑戰大 https://globalnewstv.com.tw/202308/209060/ 期交所4大重點強化資通安全管理品質及韌性 https://ww2.money-link.com.tw/RealtimeNews/NewsContent.aspx?SN=5254417001&PU=0010 安卓金融木馬Gigabud RAT鎖定東南亞用戶下手 https://www.group-ib.com/blog/gigabud-banking-malware/ 信用卡被盜刷、銀行比你早一步知道？一文看 AI 如何追上快速變化的犯罪者行為 https://buzzorange.com/techorange/2023/08/25/sas-ai-finance/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安電子支付跨機構共用平臺「購物」功能9月將試營運，未來消費者可以同一電支App在其他業者的特約商家消費付款 https://www.ithome.com.tw/news/158450 遊日本可刷街口、全支付及玉山錢包，免1.5%手續費！攜手PayPay有什麼來頭？ https://www.bnext.com.tw/article/76482/tbcasoft-hivex-paypay-jkopay-pxpay-plus-e.sun-bank 行動支付掃碼跨境支付平臺Hivex居中牽線，街口、玉山、全支付用戶未來可望在日本PayPay商家掃碼支付 https://www.ithome.com.tw/news/158412 玉山銀、兩大電支將接通日本最大行動支付 https://udn.com/news/story/7239/7392168 行動支付為何普及率低？網分析Line Pay、Apple Pay優缺點 https://udn.com/news/story/120912/7394059 聯邦卡用戶注意今起國際行動支付綁卡僅限持卡人手機門號 https://ec.ltn.com.tw/article/breakingnews/4404754 日本東京的東急田園都市線將率先導入支援 QR Code 與信用卡支付的閘口，預計 2024 年春季遍及東急全線 https://www.cool3c.com/article/197908 電子支付跨機構共用平臺「購物」功能於今年第三季上線各電支特約店家條碼互通 https://www.kocpc.com.tw/archives/507268 電子支付QR Code互通　最快10月掃碼免切換 https://www.cardu.com.tw/news/detail.php?49598 逾230萬用戶注意！　悠遊付9月起收取「提領」手續費 https://finance.ettoday.net/news/2568655 不只能付款！電子支付一條龍服務還能儲蓄.投資 https://reurl.cc/mDEm4G 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal https://thehackernews.com/2023/08/tornado-cash-founders-charged-in.html North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns https://thehackernews.com/2023/08/north-korean-affiliates-suspected-in.html 索賠代理商 Kroll 爆資安事故！FTX：部分用戶個資外洩，慎防詐騙 https://blockcast.it/2023/08/25/ftx-bankruptcy-claim-agent-suffered-cybersecurity-incident-claimant-data-compromised/ 已清算 30 萬枚 BNB，駭客帳戶還會造成多大拋壓 https://blockcast.it/2023/08/24/bnb-chain-hacker-loses-10percent-of-stolen-funds-in-venus-liquidation/ 被指幫助朝鮮最大駭客，美國財政部制裁Tornado Cash創始人 https://news.cnyes.com/news/id/5300900 美國 OFAC 宣布：Tornado Cash 聯合創辦人被列入制裁名單 https://news.knowing.asia/news/c805c949-4c51-44ab-97d4-4f32018cf1a6 去中心化交易所Cypher遭駭100萬鎂，官方稱還不起..要IDO自救 https://www.blocktempo.com/cypher-was-hacked-launch-ido/ FTX、BlockFi索賠代理商遭攻擊！Kroll客戶個資洩漏，注意駭客釣魚信 https://www.blocktempo.com/ftx-blockfi-claimant-data-compromised-in-kroll/ 網傳幣安拋售比特幣以護盤 BNB？ CZ 正式否認 https://blockcast.it/2023/08/25/mica-daily-26/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 惡意軟體Whiffy Recon透過Wi-Fi無線網路追蹤受害者 https://www.secureworks.com/blog/smoke-loader-drops-whiffy-recon-wi-fi-scanning-and-geolocation-malware 駭客透過惡意廣告及SEO中毒攻擊，散布惡意程式DarkGate https://www.malwarebytes.com/blog/threat-intelligence/2023/08/darkgate-reloaded-via-malvertising-campaigns 越來越多駭客利用Slack及Trello埋藏惡意軟體攻擊 https://www.recordedfuture.com/threat-actors-leverage-internet-services-to-enhance-data-theft-and-weaken-security-defenses 研究人員揭露可被用於寄生攻擊的11款可執行檔 https://pentera.io/blog/the-lol-isnt-so-funny-when-it-bites-you-in-the-bas/ 勒索軟體Akira鎖定思科VPN系統入侵企業組織 https://www.bleepingcomputer.com/news/security/akira-ransomware-targets-cisco-vpns-to-breach-organizations/ 丹麥主機代管業者CloudNordic、AzeroCloud遭遇勒索軟體攻擊，客戶資料尚未復原 https://www.bleepingcomputer.com/news/security/hosting-firm-says-it-lost-all-customer-data-after-ransomware-attack/ https://www.radio4.dk/nyheder/mange-danske-virksomheder-er-ramt-af-hackerangreb-der-er-ingen-virksomhed-tilbage/ 勒索軟體Cuba利用Veeam備份系統漏洞發動攻擊 https://www.ithome.com.tw/news/158413 40萬臺電腦組成殭屍網路，被拿來提供代理伺服器服務牟利 https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware Monti 勒索軟體中發現新Linux加密器 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10650 報告指勒索軟件活動減少但針對性攻擊增加 https://unwire.pro/2023/08/24/fortinet-7/security/ 搶錢啊! 韓企疑遭中國駭客入侵! 獅子大開口"勒索20億"不給錢就癱瘓公司 https://www.potatomedia.co/post/a62b01c4-60ee-4ae9-9951-15fd7fab448e Malware-as-a-Service: Redline Stealer Variants Demonstrate a Low-Barrier-to-Entry Threat https://blog.eclecticiq.com/redline-stealer-variants-demonstrate-a-low-barrier-to-entry-threat Ransomware Roundup – Trash Panda and A New Minor Variant of NoCry https://www.fortinet.com/blog/threat-research/ransomware-roundup-trash-panda-and-nocry-variant Agniane Stealer https://www.zscaler.com/blogs/security-research/agniane-stealer-dark-webs-crypto-threat Why LaZagne Makes D-Bus API Vigilance Crucial https://unit42.paloaltonetworks.com/lazagne-leverages-d-bus/ Zoho ManageEngine服務臺系統漏洞遭到北韓駭客Lazarus鎖定，用於散布惡意程式QuiteRAT、CollectionRAT https://www.bleepingcomputer.com/news/security/hackers-use-public-manageengine-exploit-to-breach-internet-org/ https://blog.talosintelligence.com/lazarus-quiterat/ https://blog.talosintelligence.com/lazarus-collectionrat/ Lazarus Group's infrastructure reuse leads to discovery of new malware https://blog.talosintelligence.com/lazarus-collectionrat/ Lazarus 利用 Zoho ManageEngine 關鍵漏洞佈署隱形惡意軟體 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10651 Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware https://thehackernews.com/2023/08/lazarus-group-exploits-critical-zoho.html From Conti to Akira | Decoding the Latest Linux & ESXi Ransomware Families https://www.sentinelone.com/blog/from-conti-to-akira-decoding-the-latest-linux-esxi-ransomware-families/ Scarabs colon-izing vulnerable servers https://www.welivesecurity.com/en/eset-research/scarabs-colon-izing-vulnerable-servers/ IOC's from my personal devices for the week starting 08/21/23 - Pure Linux https://hybrid-analysis.com/sample/a55c43184ee4ec03a636b357e8fef5ce2e8fde34f61a28610d4ca285db9b07e4/64e43114272b03328005b88b https://hybrid-analysis.com/sample/db47ed2f22009cab171b7d16ec3462258ddf7bed0a6a9af198e5394e783198c0/64e3ff9747b24214820d5c1a https://hybrid-analysis.com/sample/32bc49b0d1d7aba6742b0e81dc0105c54bd5c9f32321f96b1594fbbe36692880 https://hybrid-analysis.com/sample/bad3965a417d2fd936116414be04591aedc9275d3c545b3709334d3805d69bef/64e3ffbd15668ff65803bf54 https://hybrid-analysis.com/sample/a55c43184ee4ec03a636b357e8fef5ce2e8fde34f61a28610d4ca285db9b07e4 https://hybrid-analysis.com/sample/db47ed2f22009cab171b7d16ec3462258ddf7bed0a6a9af198e5394e783198c0 https://hybrid-analysis.com/sample/0d4a7cda209c9701bc4cd19aac861d2be8aa1ce6258922d64e711de3d9bad2ae/64e679f61825d88cf802a74d https://hybrid-analysis.com/sample/b2efd5e0c2f695063a8bce40c8182aa70f33c4b1b77d232b7530d89fb9646f0c/64e52411dbff7da2f4065fe7 https://hybrid-analysis.com/sample/bad3965a417d2fd936116414be04591aedc9275d3c545b3709334d3805d69bef https://hybrid-analysis.com/sample/1ba7314785f705d0a3db7a3a8ae1da4fe11a2f776287ce3aabc3f3931469447b/64e67888f8d1145b63007ad1 https://hybrid-analysis.com/sample/27c46f4f186b2168b1d37057378b58667151088cea24c8944d539d251d0b7f6d/64e678fba4a2aff1640fc39a Cuba Ransomware Deploys New Tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America https://blogs.blackberry.com/en/2023/08/cuba-ransomware-deploys-new-tools-targets-critical-infrastructure-sector-in-the-usa-and-it-integrator-in-latin-america WHIRLPOOL Backdoor | CISA https://www.cisa.gov/news-events/analysis-reports/ar23-230a IOC's found on my pesonal devices; week starting 08/14/23 https://otx.alienvault.com/pulse/64dd9c1d76a7807782a691d3 惡意程式XWorm透過紅隊演練工具注入受害電腦 https://www.fortinet.com/blog/threat-research/malware-distributed-via-freezers-and-syk-crypter 駭客假借提供生產力應用程式，對Mac電腦用戶散布惡意軟體XLoader https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/ XLoader's Latest Trick | New macOS Variant Disguised as Signed OfficeNote App https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/ New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App https://thehackernews.com/2023/08/new-variant-of-xloader-macos-malware.html 駭客透過WoofLocker工具包，假借客服的名義進行詐騙 https://www.malwarebytes.com/blog/threat-intelligence/2023/08/wooflocker2 WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams https://thehackernews.com/2023/08/wooflocker-toolkit-hides-malicious.html Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection https://thehackernews.com/2023/08/thousands-of-android-malware-apps-using.html 日本手錶製造商Seiko傳出遭到勒索軟體BlackCat攻擊 https://www.bleepingcomputer.com/news/security/japanese-watchmaker-seiko-breached-by-blackcat-ransomware-gang/ New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools https://thehackernews.com/2023/08/new-blackcat-ransomware-variant-adopts.html This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers https://thehackernews.com/2023/08/this-malware-turned-thousands-of-hacked.html Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware https://thehackernews.com/2023/08/syrian-threat-actor-evlf-unmasked-as.html Spacecolon Toolset Fuels Global Surge in Scarab Ransomware Attacks https://thehackernews.com/2023/08/spacecolon-toolset-fuels-global-surge.html Roblox開發人員遭惡意軟體Luna Grabber鎖定，藉由NPM套件發動攻擊 https://www.reversinglabs.com/blog/fake-roblox-api-packages-luna-grabber-npm Fake Roblox packages target npm with Luna Grabber information-stealing malware https://www.reversinglabs.com/blog/fake-roblox-api-packages-luna-grabber-npm Over a Dozen Malicious npm Packages Target Roblox Game Developers https://thehackernews.com/2023/08/over-dozen-malicious-npm-packages.html 俄羅斯駭客APT29利用即時通訊軟體Zulip來隱匿C2 https://blog.eclecticiq.com/german-embassy-lure-likely-part-of-campaign-against-nato-aligned-ministries-of-foreign-affairs New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia https://thehackernews.com/2023/08/new-telegram-bot-telekopye-powering.html Telekopye: Hunting Mammoths using Telegram bot https://www.welivesecurity.com/en/eset-research/telekopye-hunting-mammoths-using-telegram-bot/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 3千個安卓App安裝程式透過壓縮演算法來對抗研究人員反組譯 https://www.bleepingcomputer.com/news/security/thousands-of-android-apks-use-compression-trick-to-thwart-analysis/ https://twitter.com/joe4security/status/1674042511969468418?s=46&t=8iDWtqgX0z4LwOwqYr8JWA https://www.zimperium.com/blog/over-3000-android-malware-samples-using-multiple-techniques-to-bypass-detection/ The Hidden Dangers of Public Wi-Fi https://thehackernews.com/2023/08/the-hidden-dangers-of-public-wi-fi.html New "Whiffy Recon" Malware Triangulates Infected Device Location via Wi-Fi Every Minute https://thehackernews.com/2023/08/new-whiffy-recon-malware-triangulates.html Meta Set to Enable Default End-to-End Encryption on Messenger by Year End https://thehackernews.com/2023/08/meta-set-to-enable-default-end-to-end.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力台灣資安這一年元宇宙評：勉強及格 https://reurl.cc/4oZ04v 台灣受攻擊居亞太之冠！2023 年上半年資安五大發現匯總 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10628 2023 年上半年攻擊者的停留時間縮短至 8 天 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10644 資安廠：新資料竊取意程式已能完全掌控 Facebook 商業帳號 https://technews.tw/2023/08/24/palo-alto-networks-nodestealer-2-0-facebook/ 自行車零件廠日馳證實遭遇網路攻擊 https://money.udn.com/money/story/5612/7380920 清潔用品製造商Clorox遭到入侵，部分IT系統被迫離線 https://www.theregister.com/2023/08/15/clorox_cleans_up_security_breach/ 國際刑警組織逮捕14名竊取4千萬美元的嫌犯 https://www.group-ib.com/media-center/press-releases/africa-cyber-surge-ii/ 澳洲能源軟體業者Energy One遭遇網路攻擊 https://www.securityweek.com/australian-energy-software-firm-energy-one-hit-by-cyberattack/ 許多間諜活動其實都是外包運作，一點也不像詹姆士龐德 https://www.thenewslens.com/article/190301 英媒大起底中共間諜用領英引誘數千官員 https://reurl.cc/qLQloR 針對駭客在網路攻擊濫用遠端監控工具，CISA提出防禦計畫 https://www.cisa.gov/topics/partnerships-and-collaboration/joint-cyber-defense-collaborative/jcdc-remote-monitoring-and-management-cyber-defense-plan 北韓預告10月再射間諜衛星推測技術獲相當進展 https://www.cna.com.tw/news/aopl/202308240197.aspx 北韓發射衛星再度失敗沖繩凌晨警報大響 https://reurl.cc/K0Naqe 北韓駭客Kimsuky傳出針對美韓軍事演習下手 https://www.reuters.com/world/north-korean-hackers-target-us-south-korea-military-drills-police-say-2023-08-20/ 14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown https://thehackernews.com/2023/08/14-suspected-cybercriminals-arrested.html 香港企業組織成駭客集團Carderbee發動供應鏈攻擊的目標 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/carderbee-software-supply-chain-certificate-abuse Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates https://thehackernews.com/2023/08/carderbee-attacks-hong-kong.html Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/carderbee-software-supply-chain-certificate-abuse 臺灣政府企業組織、美軍事採購系統遭到惡意軟體HiatusRAT攻擊 https://blog.lumen.com/hiatusrat-takes-little-time-off-in-a-return-to-action/ HiatusRAT Malware Resurfaces: Taiwan Firms and U.S. Military Under Attack https://thehackernews.com/2023/08/hiatusrat-malware-resurfaces-taiwan.html 微軟：中駭客組亞麻颱風鎖定台政府機構 https://reurl.cc/QXzvmo 微軟示警中駭客組織鎖定台灣政府機關暗中進行監控 https://www.cna.com.tw/news/aopl/202308250131.aspx 中駭客組織鎖定台灣公部門數位部：有機制可掌握 https://udn.com/news/story/7238/7395007 Flax Typhoon using legitimate software to quietly access Taiwanese organizations https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/ China-Linked Flax Typhoon Cyber Espionage Targets Taiwan's Key Sectors https://thehackernews.com/2023/08/china-linked-flax-typhoon-cyber.html 【資訊科技】資安技術人員(內稽內控) https://www.104.com.tw/job/7npcp?jobsource=jolist_b_relevance 【確信諮詢服務】資安風險顧問 (無經驗可/歡迎應屆畢業生) https://www.104.com.tw/job/81zsu?jobsource=jolist_b_relevance 資訊查核人員 https://www.104.com.tw/job/7nmpf?jobsource=jolist_b_relevance 【風險諮詢】電腦審計顧問(新竹所) https://www.104.com.tw/job/61cg0?jobsource=jolist_b_relevance 電腦稽核人員 https://www.104.com.tw/job/7lh5t?jobsource=jolist_b_relevance 電腦稽核人員 https://www.104.com.tw/job/7puxo?jobsource=jolist_b_relevance 【諮詢服務】科技風險暨電腦審計服務 - 顧問 (台北所) https://www.104.com.tw/job/2xqqp?jobsource=jolist_b_relevance 電腦稽核人員 https://www.104.com.tw/job/5gxi7?jobsource=jolist_b_relevance ISO 27001 資訊安全管理系統稽核員 https://www.104.com.tw/job/817ea?jobsource=jolist_b_relevance 資訊安全專責人員 https://www.104.com.tw/job/82p7y?jobsource=jolist_b_relevance 資安分析師【資訊技術服務處】(台北) https://www.104.com.tw/job/7u5c6?jobsource=jolist_b_relevance 電腦稽核人員 https://www.104.com.tw/job/72bdx?jobsource=jolist_b_relevance 資安風險管理顧問 https://www.104.com.tw/job/7mn7z?jobsource=jolist_b_relevance 資訊安全暨資訊科技風險管理人員 https://www.104.com.tw/job/7yj9w?jobsource=jolist_b_relevance ISO/IEC 27001 資訊安全管理系統主導稽核員 https://www.104.com.tw/job/80khv?jobsource=jolist_b_relevance 【稽核室】稽核人員 https://www.104.com.tw/job/80ln5?jobsource=jolist_b_relevance 裕隆集團關係企業-資安管理工程師-依學經歷核敘 https://www.104.com.tw/job/7okf1?jobsource=jolist_b_relevance 電腦稽核人員(IT Auditor)_稽核處 https://www.104.com.tw/job/7qkxc?jobsource=jolist_b_relevance 個資保護專員 https://www.104.com.tw/job/81lgm?jobsource=jolist_b_relevance (兼職) ISO/IEC 27001 資訊安全管理系統主導稽核員 https://www.104.com.tw/job/81254?jobsource=jolist_b_relevance 資安管理師(視訊/線上面談) https://www.104.com.tw/job/5ii0u?jobsource=jolist_b_relevance 資訊安全稽核師_稽核處 https://www.104.com.tw/job/7ms71?jobsource=jolist_b_relevance 元大證券-稽核部-資訊稽核人員 https://www.104.com.tw/job/8278m?jobsource=jolist_b_relevance 資訊資安管理專員 https://www.104.com.tw/job/81lvp?jobsource=jolist_b_relevance 總部功能-資安資訊中心-資安管理工程師(內湖) https://www.104.com.tw/job/5txkw?jobsource=jolist_b_relevance 稽核總處-資深稽核人員 https://www.104.com.tw/job/7u311?jobsource=jolist_b_relevance 資安工程師 https://www.yes123.com.tw/wk_index/job.asp?p_id=1518627_23225023&job_id=20230824031014_22887594 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 Microsoft Phishing Collection https://www.virustotal.com/gui/collection/fedac4f0929e27b30f53bd1f7fa05779c32f0eb57c009d04158a2d0181c3ed70 趨勢科技與國際刑警組織合作破獲知名網路釣魚集團 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10632 7成臺灣五星飯店電郵設置不全，消費者易遭詐騙威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10630 隨著虛假 Threads 網站的增加，網路釣魚的隱憂不斷增加 https://blog.twnic.tw/2023/08/24/27825/ 俄羅斯駭客利用Telegram機器Telekopye發動網釣攻擊 https://www.welivesecurity.com/en/eset-research/telekopye-hunting-mammoths-using-telegram-bot/ New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft https://thehackernews.com/2023/08/new-wave-of-attack-campaign-targeting.html How to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive Scopes https://thehackernews.com/2023/08/how-to-investigate-oauth-grant-for.html Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead https://thehackernews.com/2023/08/agile-approach-to-mass-cloud-credential.html 大型語言學習網站DuoLingo驚傳資料外洩，有人在駭客論壇兜售用戶個資 https://therecord.media/duolingo-investigating-dark-web-post-offering-data-from-2-6-million-accounts https://twitter.com/FalconFeedsio/status/1617735519194214413 https://twitter.com/vxunderground/status/1693742275145150927 https://www.bleepingcomputer.com/news/security/scraped-data-of-26-million-duolingo-users-released-on-hacking-forum/ Discord針對今年3月發生的資料外洩事故進行說明 https://apps.web.maine.gov/online/aeviewer/ME/40/723efb4f-1987-4731-84ad-3c98a5afcf45.shtml 10萬網路犯罪論壇用戶帳密資料曝光 https://www.hudsonrock.com/blog/100-000-hackers-exposed-from-top-cybercrime-forums 駭客可偽裝蘋果裝置引誘使用者透露敏感資料 https://techcrunch.com/2023/08/16/this-70-device-can-spoof-an-apple-device-and-trick-you-into-sharing-your-password/ 特斯拉指控內賊流出7.5萬名員工個資 https://apps.web.maine.gov/online/aeviewer/ME/40/014ae6db-4cb7-464b-b827-5d73f0bbc911.shtml 美國能源業者遭到鎖定，駭客透過QR Code發動網釣攻擊 https://cofense.com/blog/major-energy-company-targeted-in-large-qr-code-campaign/ 俄駭客散布假訊息打擊北約可信度 https://reurl.cc/2LpdNm E.研究報告/工具以問題導向式學習為核心的網路與資安教學系統之實作 https://ndltd.ncl.edu.tw/cgi-bin/gs32/gsweb.cgi/login?o=dnclcdr&s=id=%22111NKUS0392009%22.&searchmode=basic 任天堂將採用 Denuvo 技術防止 Switch 盜版遊戲 https://www.cool3c.com/article/197944 研究人員揭露惡意程式CypherRAT、CraxsRAT開發者的身分 https://www.cyfirma.com/outofband/unmasking-evlf-dev-the-creator-of-cypherrat-and-craxsrat/ 駭客利用後攻擊工具包Merlin對烏克蘭發動攻擊 https://cert.gov.ua/article/5391805 How to Scale Cybersecurity for Your Business https://www.cisecurity.org/insights/blog/how-to-scale-cybersecurity-for-your-business How to minimize third-party risk with vendor management https://www.vanta.com/downloads/minimize-third-party-risk-with-strong-vendor-management CISOs Tout SaaS Cybersecurity Confidence, But 79% Admit to SaaS Incidents, New Report Finds https://thehackernews.com/2023/08/cisos-tout-saas-cybersecurity.html Navigating Legacy Infrastructure: A CISO's Actionable Strategy for Success https://thehackernews.com/2023/08/navigating-legacy-infrastructure-cisos.html Go further and faster with your technology https://www.insight.com/en_US/home.html?_m=3n.009a.3129.kl0ao0dcsu.245s Learn How Your Business Data Can Amplify Your AI/ML Threat Detection Capabilities https://thehackernews.com/2023/08/learn-how-your-business-data-can.html 研究人員揭露DNS中毒攻擊手法MaginotDNS，有可能破壞整個頂級網域名稱 https://www.bleepingcomputer.com/news/security/maginotdns-attacks-exploit-weak-checks-for-dns-cache-poisoning/ Tunnel Warfare: Exposing DNS Tunneling Campaigns using Generative Models – CoinLoader Case Study https://research.checkpoint.com/2023/tunnel-warfare-exposing-dns-tunneling-campaigns-using-generative-models-coinloader-case-study/ 研究人員揭露繞過Windows安全機制的攻擊手法NoFilter，進而在受害電腦提升權限 https://www.deepinstinct.com/blog/nofilter-abusing-windows-filtering-platform-for-privilege-escalation F.商業 Chronicle 資安儲存與安全分析平台 https://www.wingwill.com.tw/zh-tw/%E9%9B%B2%E7%AB%AF%E7%94%A2%E5%93%81%E8%88%87%E6%9C%8D%E5%8B%99/google/chronicle-security-siem-soar/ 蓋亞資訊資安防護助攻，Qubic瞄準2023 NFT三大企業應用趨勢 https://www.cw.com.tw/article/5126977 拓展零信任應用，臺灣啟動資安採購商機 https://www.ithome.com.tw/article/158417 蔡政府「資安即國安」睿控網安籲：借鏡美CISA集中資源 https://udn.com/news/story/7240/7390627 Check Point Software 攜手臺科大，導入國際級資源培育資安專才 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10647 AI 浪潮襲來，資料治理成企業轉型關鍵！攜手微軟，炬識科技宣布升級資料治理服務 https://www.techbang.com/posts/108681-the-wave-of-ai-is-coming-and-data-governance-is-the-key-to G.政府抗DDoS攻擊！數位部網站融合靜態化＋IPFS技術，並導入雲原生架構的數位服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10638 為強化政府網站韌性，數位部帶頭採用雲原生技術 https://moda.gov.tw/press/press-releases/6237 數發部周年李彥秀：詐騙、資安一事無成 https://news.pchome.com.tw/politics/nownews/20230824/index-69285085511630207001.html 數位部滿周年「政績與人民無交集」賴士葆：唐鳳任性做自己 https://www.chinatimes.com/realtimenews/20230824006095-260407?chdtv 業界期待：資安數據分析阻絕駭客 https://reurl.cc/qLQlap 數位部：積極打詐攜手部會、檢警及業界源頭防堵 https://www.rti.org.tw/news/view/id/2177679 數位部即滿周年！唐鳳宣布試辦防詐短碼111 https://tyenews.com/2023/08/424387/ 防詐騙！數位發展部政府短碼簡訊「111」9月底試辦 https://www.gvm.com.tw/article/105665 強化臺灣通訊網路韌性，數位部打算與中軌道衛星業者SES合作 https://www.ithome.com.tw/news/158328 國科會公布運用生成式AI的指引草案 https://join.gov.tw/policies/detail/9f21a1e6-edd0-45e9-8ad6-b92354abb1fa H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安以智慧無線技術打造IoT創新未來 https://www.eettaiwan.com/20230825nt11-silicon-labs-works-with-2023/ Rockwell的Thin Client設備管理系統被揭露漏洞，恐暴露工控環境的人機介面 https://www.securityweek.com/rockwell-thinmanager-vulnerabilities-could-expose-industrial-hmis-to-attacks/ https://www.tenable.com/security/research/tra-2023-28 https://www.cisa.gov/news-events/ics-advisories/icsa-23-234-03 鴻海研究院聯手MIT推出黑客松，Security by Design成電動車創新服務基礎 https://www.ithome.com.tw/news/158385 TP-Link智慧燈泡存在漏洞，攻擊者可用來竊取網路環境的Wi-Fi密碼 https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/ I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 NISRA Enlightened 2023 2023/8/28 ~ 2023/8/31 https://nisra.kktix.cc/events/2023enlightened 【資安課程】數位鑑識工具與實務課程｜ACW SOUTH數位產業署沙崙資安服務基地 2023/8/31 https://ievents.iii.org.tw/EventS.aspx?t=0&id=2170 臺美TTIC智慧製造資安韌性座談會 2023/8/31 https://seminar.tier.org.tw/SignupForm.aspx?GUID=CAE0920D-FA97-4B85-9989-0EFF310143A8 2023中部製造業資安論壇 2023/9/1 https://www.informationsecurity.com.tw/seminar/2023_TCM/register.aspx PyCon TW 2023 2023/9/2 ~ 2023/9/3 https://tw.pycon.org/2023/zh-hant/registration/tickets IR系列課程：惡意程式獵捕與網路封包探索｜ACW SOUTH數位產業署沙崙資安服務基地 2023/9/6 https://ievents.iii.org.tw/EventS.aspx?t=0&id=2191 Web應用滲透測試 2023/9/7 ~ 2023/9/8 https://www.chtti.cht.com.tw/general/course_info.jsp?activity_id=631 KNIME Data Connect: Taiwan (Onsite/Hybrid) 2023/9/14 https://www.meetup.com/knime-users-taiwan/events/295003668/ Secure Our Streets 2023 2023/9/14 https://www.meetup.com/automotive-security-research-group-taipei/events/292175225/ [GDG] Artificial Intelligence Information Security Day 2023/9/16 https://gdg-taipei.kktix.cc/events/artificial-intelligence-information-security-day Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary 國家高速網路與計算中心平行計算程式設計基礎課程 2023/10/17 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4033&from_course_list_url=homepage OCF 培訓活動: 如何建立安全的網路架構 II 2023/10/21 https://ocftw.kktix.cc/events/ocftot2023 (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023 【亞洲最具指標供應鏈高峰會】Supply Chain Summit 2023 2023/11/14 ~ 2023/11/15 https://www.accupass.com/event/2307070154211343470512