###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/7/22 ~ 2024/7/26 1.重大弱點漏洞/後門/Exploit/Zero Day 微軟終於透過新的復原工具排除 CrowdStrike 問題 https://www.kocpc.com.tw/archives/557206 Microsoft confirms CrowdStrike update also hit Windows 365 PCs https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-365-cloud-pcs-stuck-restarting-after-crowdstrike-update/ Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers https://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update https://blog.deurainfosec.com/microsoft-releases-tool-to-speed-up-recovery-of-systems-borked-by-crowdstrike-update/ CVE-2024-24919-PoC https://github.com/0nin0hanz0/CVE-2024-24919-PoC Exploiting CVE-2024-21412: A Stealer Campaign Unleashed https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed This repository contains an PoC for the critical vulnerability identified as CVE-2024-41107 in Apache CloudStack https://github.com/d0rb/CVE-2024-41107 Adobe、CISA針對Commerce及Magento重大漏洞提出警告，並指出已被用於攻擊行動 https://www.ithome.com.tw/news/164046 重大層級ServiceNow漏洞已被用於攻擊行動，駭客恐藉此竊取帳密資料 https://www.ithome.com.tw/news/164139 思科修補郵件安全閘道系統重大漏洞，若不處理攻擊者可建立root權限用戶 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH IBM QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7160858 IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7161462 Windows 10 KB5040525 fixes WDAC issues causing app failures, memory leak https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5040525-fixes-wdac-issues-causing-app-failures-memory-leak/ CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List https://thehackernews.com/2024/07/cisa-adds-twilio-authy-and-ie-flaws-to.html Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform https://thehackernews.com/2024/07/experts-expose-confusedfunction.html Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins https://thehackernews.com/2024/07/critical-docker-engine-flaw-allows.html CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software https://thehackernews.com/2024/07/cisa-warns-of-exploitable.html HPE Aruba Networking EdgeConnect SD-WAN gateway存在多個高風險弱點 https://nvd.nist.gov/vuln/detail/CVE-2024-41133 https://nvd.nist.gov/vuln/detail/CVE-2024-41134 https://nvd.nist.gov/vuln/detail/CVE-2024-41135 https://nvd.nist.gov/vuln/detail/CVE-2024-33519 https://nvd.nist.gov/vuln/detail/CVE-2024-22443 https://nvd.nist.gov/vuln/detail/CVE-2024-41914 https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04672en_us&docLocale=en_US https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt GitLab CE/EE存在高風險弱點CVE-2024-7047 https://nvd.nist.gov/vuln/detail/CVE-2024-7047 https://gitlab.com/gitlab-org/gitlab/-/issues/455318 https://www.tenable.com/cve/CVE-2024-7047 雲端平臺GCP的服務存在權限提升漏洞ConfusedFunction，未經授權的攻擊者可藉此存取敏感資料 https://www.ithome.com.tw/news/164150 Docker揭露嚴重度高達10分資安漏洞，問題出在外掛程式AuthZ的身分驗證，而且經過5年才發覺 https://www.ithome.com.tw/news/164148 2.銀行/金融/保險/證券/金融監理 新聞及資安 金融業防駭 金管會推動「零信任」 兩大關鍵 https://www.sinotrade.com.tw/richclub/news/66995f2b32ba0c933186456c 新加坡銀行將在3個月內汰除動態密碼 https://www.ithome.com.tw/news/163923 OCC發現美國半數大型銀行營運風險管理能力薄弱 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8294917a-506c-46e2-94e1-83eb32ff5ad3 金管會揭露CrowdStrike事故對臺金融業災情，保險業上千臺伺服器和上千臺PC受影響 https://www.ithome.com.tw/news/164084 微軟大當機 我金融業13家受影響保險業災情較重 https://www.chinatimes.com/realtimenews/20240723004938-260410?chdtv 金融科技如何降低人為因素及提升資料安全 https://news.pchome.com.tw/science/technice/20240723/index-72171997843250338005.html ECB’s Cyber Stress Test Reveals Material Deficits at Some Banks https://www.bloomberg.com/news/articles/2024-07-23/ecb-s-cyber-stress-test-reveals-material-deficits-at-some-banks 卡巴斯基7指南應對數據洩露速改密碼重發銀行卡 https://www.sinchew.com.my/news/20240723/nation/5785728?variant=zh-hant 3.信用卡/電子支付/行動支付/pay/支付系統/資安 Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files https://thehackernews.com/2024/07/magento-sites-targeted-with-sneaky.html 現金先留著！實測日本消費用「行動支付」超划算 低匯率.免手續費.現金回饋一兼三顧 https://health.udn.com/health/story/6006/8103499 歐洲的iPhone用戶將不再需要使用Apple Pay進行行動支付 https://reurl.cc/EjqMNK 數位支付3大類比一比 1分鐘看懂使用方式 https://www.cna.com.tw/news/ahel/202407200016.aspx Windows大當機影響行動支付 倡議團體：無現金社會風險高 https://reurl.cc/ZeR5d6 微軟系統「藍白當機畫面」　澳洲銀行PayID電子支付大當機！ https://tw.nextapple.com/international/20240719/DE33BE5E3C4E4D89A29FA48BD57FFF95 MTS 和 NCTD 推出非接觸式支付選項，為旅途中的乘客提供無縫通勤 https://gonctd.com/zh-TW/mts-nctd-introduce-contactless-payment-option-for-seamless-commutes-for-riders-on-the-go/ 全支付攻日奏捷 搶進南韓 https://money.udn.com/money/story/10871/8112096 日本直擊全支付交易 體驗PayPay無礙結帳 https://reurl.cc/GjzRRA PayPay執行董事：全支付年底可使用日本自動販賣機 https://udn.com/news/story/7239/8114294 全聯：全支付插旗日本領先對手 持續開疆闢土 https://udn.com/news/story/7241/8114141?from=udn-catelistnews_ch2 LINE Pay明年升級電支 https://news.housefun.com.tw/news/article/910464431179.html 泰國刺激消費發紅包 送1萬泰銖電子錢包 https://reurl.cc/Ejqqjv 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 ZachXBT：DMM Bitcoin駭客攻擊事件中被洗至Huione Guarantee已超3500萬美元 https://m.cnyes.com/news/id/5637944 Ethena Discord伺服器被攻擊，暫時不要點擊鏈接 https://www.panewslab.com/zh_hk/sqarticledetails/e7w888ohFt.html 駭客稱AT&T支付約40萬美元以刪除敏感數據，一筆比特幣交易疑似與該勒索付款有關 https://www.panewslab.com/zh_hk/sqarticledetails/01rxs5w4Ft.html DMM Bitcoin攻擊者或係朝鮮駭客組織，部分被盜資金已被轉入柬埔寨Huione平台 https://www.panewslab.com/zh_hk/sqarticledetails/rvdlij7jFt.html 聯合國報告：朝鮮駭客通過偽造簡歷滲透加密貨幣行業，年收入達6億美元 https://m.cnyes.com/news/id/5639415 北韓駭客竊取加密貨幣，洗錢手法大公開 https://buzzorange.com/techorange/2024/07/16/north-korean-hackers-sent-stolen-crypto-to-wallet-used-by-asian-payment-firm/ Scroll生態借貸平台Rho Markets或遭駭客攻擊 https://m.cnyes.com/news/id/5645019 WazirX：已聯繫多家平台封鎖被識別的攻擊者地址 https://news.cnyes.com/news/id/5644972 加密公司Wintermute正以約20億美元估值在與騰訊等投資者進行融資談判，融資規模或高達3億美元 https://www.panewslab.com/zh_hk/articledetails/sq0m865x.html 被詐騙的USDT能追回來嗎 https://reurl.cc/OMxoQD Animoca Brands：香港電訊將探討穩定幣支援本地及跨境支付，渣打銀行關注風險 https://www.panewslab.com/zh_hk/sqarticledetails/e5btpzw7Ft.html 現貨以太坊ETF預計7月23日上市；Binance HODLer空投首個項目Banana Gun(BANANA)上線 https://news.cnyes.com/news/id/5645504 以太坊現貨ETF上市也救不了ETH？六大困境持續打壓幣價 https://www.blocktempo.com/can-ethereum-etf-effect-ethereum-price-rise/ Michael Saylor 發布比特幣 21 條軍規：為什麼永遠不要賣BTC https://www.blocktempo.com/michael-saylor-bitcoin-21-rules/ DeFi exchange dYdX v3 website hacked in DNS hijack attack https://www.bleepingcomputer.com/news/security/defi-exchange-dydx-v3-website-hacked-in-dns-hijack-attack/ 加密貨幣最大做市商之一，「Wintermute」傳與騰訊洽談融資，估值20億美元 https://hk.investing.com/news/cryptocurrency-news/article-580857 比特幣與全球股市分化，特朗普成關鍵推手 https://hk.investing.com/news/economic-indicators/article-581847 WazirX駭客向兩個新地址轉移約16350枚ETH https://www.panewslab.com/zh_hk/sqarticledetails/nm2nxfgjFt.html dYdX：dYdX v3網站遭駭客入侵，請勿造訪網站或點擊相關鏈接 https://www.panewslab.com/zh_hk/sqarticledetails/xp390j3sFt.html Spectra被盜復盤：損失168 ETH，希望駭客同意還款90%的和解方案 https://news.cnyes.com/news/id/5649589 Kraken比特幣錢包餘額過去24小時減少超6000枚BTC https://m.cnyes.com/news/id/5649590 MonoSwap駭客將371枚ETH轉入Tornado Cash https://m.cnyes.com/news/id/5649977 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC Lockbit 勒索病毒成員在美認罪！吸金超5億鎂「多是比特幣」，判25年以上監禁 https://www.blocktempo.com/2-foreign-nationals-plead-guilty-in-lockbit-case/ 駭客鎖定CrowdStrike Falcon全球大當機事故，佯稱提供自動復原工具來散布惡意軟體 https://www.ithome.com.tw/news/164052 駭客散布冒牌AWS軟體套件，並透過JPEG圖檔進行C2通訊 https://blog.phylum.io/fake-aws-packages-ship-command-and-control-malware-in-jpeg-files/ 駭客組織Revolver Rabbit註冊50萬個網域用來散布惡意軟體 https://blogs.infoblox.com/threat-intelligence/rdgas-the-next-chapter-in-domain-generation-algorithms/ 竊資軟體Sys01透過被入侵的臉書帳號投放廣告散布 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/facebook-malvertising-epidemic-unraveling-a-persistent-threat-sys01/ 針對CrowdStrike更新出錯事故，伊朗駭客假借提供修復工具名義誘人下載，實際卻是散布資料破壞軟體 https://www.ithome.com.tw/news/164079 中國駭客組織GhostEmperor捲土重來，利用惡意程式Demodex從事攻擊行動 https://www.ithome.com.tw/news/164082 美國洛杉機高等法院傳出遭到勒索軟體攻擊，被迫關閉網路系統 https://www.bleepingcomputer.com/news/security/los-angeles-superior-court-shuts-down-after-ransomware-attack/ 勒索軟體Play鎖定VMware虛擬化環境而來 https://www.trendmicro.com/en_us/research/24/g/new-play-ransomware-linux-variant-targets-esxi-shows-ties-with-p.html 駭客佯稱提供電玩遊戲俠盜獵車手VI測試版散布惡意程式 https://hackread.com/grand-theft-auto-fake-gta-vi-beta-download-malware/ 惡意應用程式OilAlpha鎖定葉門人道救援組織而來 https://www.recordedfuture.com/research/oilalpha-spyware-used-to-target-humanitarian-aid-groups 臺灣及美國macOS用戶遭到鎖定，中國駭客Evasive Panda使用後門程式Macma從事攻擊行動 https://www.ithome.com.tw/news/164099 使用竊資軟體Lumma Stealer、Connecio的駭客加入利用CrowdStrike更新大當機為幌子的行列 https://www.ithome.com.tw/news/164106 北韓駭客Andariel以經濟利益為目標，發動勒索軟體攻擊 https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machine 針對美國醫院及醫療保健服務供應商部署勒索軟體的北韓駭客遭美國起訴 https://www.ithome.com.tw/news/164149 逾3千個GitHub帳號遭駭客組織Stargazer Goblin濫用，作為散布惡意軟體的管道 https://research.checkpoint.com/2024/stargazers-ghost-network/ Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html Exploiting the EvilVideo vulnerability on Telegram for Android https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/ Solving the 7777 Botnet enigma: A cybersecurity quest https://blog.sekoia.io/solving-the-7777-botnet-enigma-a-cybersecurity-quest/ SocGholish Malware Exploits BOINC Project for Covert Cyberattacks https://thehackernews.com/2024/07/socgholish-malware-exploits-boinc.html New Linux Variant of Play Ransomware Targeting VMware ESXi Systems https://thehackernews.com/2024/07/new-linux-variant-of-play-ransomware.html Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure https://thehackernews.com/2024/07/new-ics-malware-frostygoop-targeting.html Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html Chinese Hackers Target Taiwan and US NGO with MgBot Malware https://thehackernews.com/2024/07/chinese-hackers-target-taiwan-and-us.html Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS https://www.infosecurity-magazine.com/news/chinese-group-malware-target-os/ Chinese hackers deploy new Macma macOS backdoor version https://www.bleepingcomputer.com/news/security/evasive-panda-hackers-deploy-new-macma-macos-backdoor-version/ Hamster Kombat’s 250 million players targeted in malware attacks https://www.bleepingcomputer.com/news/security/hamster-kombats-250-million-players-targeted-in-android-windows-malware-attacks/ Windows July security updates send PCs into BitLocker recovery https://www.bleepingcomputer.com/news/microsoft/windows-july-security-updates-send-pcs-into-bitlocker-recovery/ Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer https://www.crowdstrike.com/blog/fake-recovery-manual-used-to-deliver-unidentified-stealer Fake update puts visitors at risk https://www.gdatasoftware.com/blog/2024/07/37976-socgholish-fake-update B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 蘋果再拉警報！98 國使用者遭間諜軟體鎖定，記者、企業高層最危險 https://reurl.cc/nNWMZn 手機屏幕自己動懷疑遭入侵　女子送修後發現竟是「這原因」 https://www.chinatimes.com/realtimenews/20240720003092-260402?chdtv Google開鍘！「4種APP」8月底將全被下架 https://www.mirrormedia.mg/external/ebc_432629 FBI利用以色列駭客工具成功破解川普刺客的安卓手機，過程僅耗時40分鐘 https://www.ithome.com.tw/news/164064 Android版Telegram漏洞讓駭客將惡意程式偽裝成影音檔 https://www.ithome.com.tw/news/164066 Apple Watch深海可救命！男子溺水撥緊急電話求救 多做1事順利脫困 https://tech.udn.com/tech/story/123152/8099365 Apple Watch「Vitals」APP將能更好的理解你的健康狀況，但只有在你睡覺時才有用 https://www.techbang.com/posts/116910-the-apple-watch-vital-signs-app-vitals-can-analyze-peoples 「Tinypod」是可以將你的舊 Apple Watch 變身成 iPod 的小配件 https://tw.news.yahoo.com/tinypod-turn-apple-watch-into-mini-ipod-083006091.html Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/ Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams https://thehackernews.com/2024/07/meta-removes-63000-instagram-accounts.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 深度剖析CSF 2.0框架，掌握治理背後的重大意義 https://www.ithome.com.tw/news/164098 快速掌握NIST CSF 2.0的7大重要改變 https://www.ithome.com.tw/news/164080 當資訊安全守護者出包時 https://udn.com/news/story/7339/8112340 駭客威脅即將公布竊取到手的資料 環球晶回應了 https://money.udn.com/money/story/5613/8118656 針對半導體矽晶圓廠環球晶圓6月遭駭事故，駭客組織Storm-1811聲稱是他們所為，要脅7月底公布竊得資料 https://udn.com/news/story/7238/8116748 光寶科：公司資安事件之處理及因應說明 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=d5dad5ea-b2ba-4ff2-97d8-28b62f708c8a 燦坤集團遭駭客攻擊！　線上購物官網癱瘓錯失颱風假商機 https://www.knews.com.tw/news/9A4F55D362FC150289B2C2D6A6C14626 燦坤、燦星網重訊公告 資訊系統遭受網路攻擊 https://money.udn.com/money/story/5612/8116449 知名物流業者遭受駭客攻擊資安事件研析 https://reurl.cc/VzGEN5 研究人員揭露HTTP請求偷渡手法TE.0，恐導致數千個Google Cloud網站曝險 https://www.bugcrowd.com/blog/unveiling-te-0-http-request-smuggling-discovering-a-critical-vulnerability-in-thousands-of-google-cloud-websites/ 密碼遭換、個資全都露！台灣工作室遭駭客入侵長達半年持續中 https://taronews.tw/2024/07/22/994335/ 佛州華人充當中共特工被起訴 https://www.bannedbook.org/bnews/zh-tw/baitai/20240725/2066636.html#google_vignette 遭駭客攻擊勒索 洛縣36家法院22日全關閉 https://www.worldjournal.com/wj/story/121471/8112400 駭客濫用生成式AI助長社交工程攻擊　企業資安防禦更艱辛 https://www.knews.com.tw/news/99ED3F4CECA7522EFB5F9528EF0E58C3 東南亞受網路攻擊日益嚴重　資安防禦應納入駭客使用人工智慧 https://www.taiwannews.com.tw/zh/news/5901580 Kubelet API成為濫用的標的！駭客將其用於攻擊K8s環境 https://www.aquasec.com/blog/kubernetes-exposed-exploiting-the-kubelet-api/ 東南亞國家喊加入「金磚集團」，究竟是是因親中還是「去美元化」的盤算 https://www.thenewslens.com/article/205613 駭客利用深偽技術線上應徵工作得逞，資安業者KnowBe4傳出不慎僱用北韓駭客，察覺異狀並尋求FBI協助調查 https://www.ithome.com.tw/news/164108 微軟大當機元凶慘了？全球最大保經公司：逾75家企業準備索賠 https://reurl.cc/GjzmNy 全球大當機暴露科技依賴風險 美網安局長批CrowdStrike更新缺陷 https://reurl.cc/QR19aM 盤點臺灣企業因CrowdStrike產品更新造成電腦當機的災情 https://www.ithome.com.tw/news/164062 CrowdStrike說明全球當機事件起於驗證軟體一隻臭蟲 https://www.ithome.com.tw/news/164100 上週CrowdStrike更新造成大量Windows電腦無法運作的資安事故，微軟估計有850萬臺Windows電腦受到影響 https://www.ithome.com.tw/news/164040 微軟全球大當機…為何院內病人權益未受影響？ 台大醫院曝主因 https://udn.com/news/story/6656/8108165?from=udn-catelistnews_ch2 微軟系統全球大當機重點一次看 出包公司CrowdStrike是什麼 https://www.cna.com.tw/news/aopl/202407190402.aspx 軟體更新引發大當機 凸顯全球系統互連脆弱性 https://money.udn.com/money/story/5599/8107555 微軟系統全球大當機！眾人「藍畫面」卡爛 真正元凶是它害的 https://tech.udn.com/tech/story/123154/8106039?from=redpush 出包資安公司CrowdStrike執行長出面致歉 稱已安排修復解決故障問題 https://www.sinotrade.com.tw/richclub/news/669a786832ba0c93310bd2f9 資安業出包！全球 IT 當機元凶 空運恐須數周復原 https://www.sinotrade.com.tw/richclub/news/669c093232ba0c9331163271 為何例行更新會釀微軟當機？專家分析恐是CrowdStrike疏忽了這事 https://udn.com/news/story/6811/8108250 CrowdStrike出包釀禍 波及這些美股券商交易 https://m.cnyes.com/news/id/5645199 專家：CrowdStrike軟體更新致全球大當機 暴露科技依賴風險 https://www.rti.org.tw/news/view/id/2213651 CrowdStrike釀「史上最慘」大當機！補償曝光驚呆眾人 https://tw.nextapple.com/international/20240725/DA0D65A84737768566E3D456DC0B2445 資安公司推送軟體更新致全球大當機　微軟估850萬台裝置受影響、不足1％ https://www.ftvnews.com.tw/news/detail/2024721W0004 微軟宣布365雲端服務問題解決 資安商CEO致歉：非網攻 https://www.chinatimes.com/realtimenews/20240719004684-260408?chdtv 微軟全球大當機! JR西日本運行出問題 CrowdStrike資安連不上 連台灣都受害 https://newtalk.tw/news/view/2024-07-19/928822 CrowdStrike害全球大當機　補償方案給10美元「禮物卡」還被當詐欺 https://today.line.me/tw/v2/article/QwLaok0 澳洲警告：駭客偽裝成CrowdStrike發假更新 https://reurl.cc/MOno24 微軟全球藍底白字大當機後，中國360安全衛士創始人跑出來說：中國災情少是因為90%電腦用360 https://www.techbang.com/posts/117032-after-microsofts-global-crash-with-white-on-a-blue-background 17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K. https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices https://thehackernews.com/2024/07/crowdstrike-explains-friday-windows.html APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K. https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool https://thehackernews.com/2024/07/patchwork-hackers-target-bhutan-with.html APT45: North Korea’s Digital Military Machine https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machine 資安管理助理顧問 https://ilabor.ntpc.gov.tw/cloud/GoodJob/job_title/1001146608 資訊安全技術顧問 https://ilabor.ntpc.gov.tw/cloud/GoodJob/job_title/1001146614 B-數位金融_營運規劃及法遵法務諮詢人員 https://www.1111.com.tw/job/112960903/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 假冒執法人員的詐騙再起 中國駐美國使領館呼籲提高警覺 https://reurl.cc/yLxaQy 林口警破獲詐團假冒駭客 追回被騙的錢「再狠狠騙1次」 https://reurl.cc/XGvbja 迪士尼被爆遭駭，多達1.1TB包括美術、未展出作品到個人資料內容洩漏 https://reurl.cc/LW9oMx 租屋都騙？他親自與詐騙者交涉揭「新手法」　提醒民眾遇「這情況」別匯款 https://www.ftvnews.com.tw/news/detail/2024715W0181 打擊騙案｜警方兩個月接12宗假冒技術支援騙案　駭客、警官由騙徒包「扮」 https://reurl.cc/bV1ol6 微軟大當機致全球逾5千航班取消　駭客趁機發假電郵 https://www.taisounds.com/news/content/84/137248 釣魚郵件的隱藏威脅 URL保護服務被駭客利用 https://news.pchome.com.tw/science/technice/20240720/index-72143540077198338005.html 新加坡示警不實訊息 引干預法封鎖郭文貴相關帳號 https://www.cna.com.tw/news/aopl/202407200118.aspx 暗網賣創意私房會員資料　檢警2行動「駭客滅站無法滅證」 https://www.ettoday.net/news/20240721/2781764.htm 駭客怒了！發動毀滅性攻擊刪光「創意私房」影音　置換首頁怒嗆 https://www.setn.com/News.aspx?NewsID=1501822 創意私房遭駭客攻破　檢警秘密偵查「掌握122名會員資料」 https://www.ctwant.com/article/351168/ 攝狼遍全台！Telegram偷拍大群廣告分潤每月百萬　再揭窺淫內幕 https://www.ettoday.net/news/20240721/2781580.htm 台牌家用監視器設定「公開影像」民控：隱私外洩 https://news.tvbs.com.tw/amp/life/2557994 家中「私人影像」被看光！？ SpotCam監視器爆疑慮 https://reurl.cc/z1mkx0 推銷娘惹糕駭長者電話 老千套密碼掃臉盜款 https://reurl.cc/9vg9xY 突破人力銀行限制取求職者個資 檢調約談10餘人 https://www.cna.com.tw/news/asoc/202407190002.aspx 104人力銀行回應人頭公司事件　提出8點求職安全提醒 https://finance.ettoday.net/news/2780619 保障求職安全！ 104人力銀行主動通報檢調偵辦不法 https://www.sinotrade.com.tw/richclub/news/669a00e232ba0c9331597436 有內鬼？暗網驚見移民署內部資料外洩 署長資訊也被公開兜售 https://news.ltn.com.tw/news/society/breakingnews/4744162 內部通訊錄被上網販售 移民署：不排除離職員工涉案 https://news.ltn.com.tw/news/society/breakingnews/4744326 移民署爆內鬼！暗網PO文出售含署長通訊錄　開價81萬被鎖定 https://www.ettoday.net/news/20240722/2782353.htm 移民署內部通訊錄驚傳流入駭客論壇，該單位表示非駭客攻擊外流，疑為離職員工所為 https://www.ithome.com.tw/news/164081 移民署內部通訊錄遭外流兜售　王鴻薇：資安即國安「快拴緊螺絲」 https://www.nownews.com/news/6477397 移民署內部通訊錄遭外洩 劉世芳：不具資安價值已通報處理 https://goosedaily.com/articles/248091 網路曬娃是門好生意？惡意陌生人看孩子的視角，絕對跟父母不同 https://issues.ptsplus.tv/articles/9268/ 騙案手法｜騙徒演大龍鳳盜取$1,000萬存款！以系統錯誤警告為餌！扮駭客、支援人員、警官誘導提款轉錢！遇電腦錯誤提示緊記3要點 https://www.etnet.com.hk/www/tc/lifestyle/wealth/scamexposure/91598?utm_source=website&utm_medium=copied-text 郵局提升服務？ 假簡訊誘上鉤 勿輕易點擊連結 https://www.worldjournal.com/wj/story/121360/8113013?from=wj_catelistnews_index 警員涉洩密騙土地遭搜索 台北市警局：主動調查、依法嚴處 https://www.chinatimes.com/realtimenews/20240723005279-260402?chdtv 全球大當機餘波…網路歹徒釣魚郵件 慎防「幫修復」打劫 https://www.worldjournal.com/wj/story/121177/8115208 遏制網路詐騙對未成年傷害　馬來西亞將加強打擊網路犯罪 https://www.taiwannews.com.tw/zh/news/5907773 彰化停班停課假訊息網路亂傳　縣府追究責任 https://tw.nextapple.com/local/20240725/778199B218E9E6DAB0E5E103027FEF2A 冒名詐騙又一波！魏哲家、蔡宏圖都遭盜用開假粉專　一次看懂如何防止上當 https://www.ftvnews.com.tw/news/detail/2024723W0183 Phish-Friendly Domain Registry “.top” Put on Notice https://krebsonsecurity.com/2024/07/phish-friendly-domain-registry-top-put-on-notice/ Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication https://www.darkreading.com/endpoint-security/goodbye-attackers-can-bypass-windows-hello-strong-authentication BreachForums v1 hacking forum data leak exposes members’ info https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum-data-leak-exposes-members-info/ Verizon to pay $16 million in TracFone data breach settlement https://www.bleepingcomputer.com/news/security/verizon-to-pay-16-million-in-tracfone-data-breach-settlement/ The Criminal IP API-powered favicon-finder is a tool for searching and generating hashes of favicons. https://github.com/KamilDogo/favicon-finder E.研究報告/工具 研究人員揭露人工智慧平臺SAP AI Core漏洞SAPwned，有可能被攻擊者存取帳密及客戶資料 https://www.ithome.com.tw/news/164045 Take a look at Forensic Analysis of Tor Browser on Windows 11: Unveiling the Dark Web's Secrets https://eforensicsmag.com/forensic-analysis-of-tor-browser-on-windows-11-unveiling-the-dark-webs-secrets/ How to Set up an Automated SMS Analysis Service with AI in Tines https://thehackernews.com/2024/07/how-to-set-up-automated-sms-analysis.html MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting https://thehackernews.com/2024/07/msps-mssps-how-to-increase-engagement.html How to Securely Onboard New Employees Without Sharing Temporary Passwords https://thehackernews.com/2024/07/how-to-securely-onboard-new-employees.html Leveraging AI as a Tool in Threat Management https://thehackernews.com/expert-insights/2024/06/leveraging-ai-as-tool-in-threat.html Beware Of Dating Apps Exposing Your Personal And Location Details To Cyber Criminals https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/dating-apps-security-risk/amp/ How a North Korean Fake IT Worker Tried to Infiltrate Us https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us How a Trust Center Solves Your Security Questionnaire Problem https://thehackernews.com/2024/07/how-trust-center-solves-your-security.html How to Reduce SaaS Spend and Risk Without Impacting Productivity https://thehackernews.com/2024/07/how-to-reduce-saas-spend-and-risk.html PSKracker is a collection of WPA/WPA2/WPS default algorithms/password generators/pingens https://github.com/soxrok2212/PSKracker 6 Types of Applications Security Testing You Must Know About https://thehackernews.com/2024/07/6-types-of-applications-security.html Keeping an eye on WSL through Microsoft Defender for Endpoint https://www.michalos.net/2024/06/25/keeping-an-eye-on-wsl-through-microsoft-defender-for-endpoint/ F.商業 為什麼 Fortify DAST 動態應用程式安全檢測很重要 https://marketing.ares.com.tw/newsletter/2024-07-cimes/fortify-webinspect-important Safeguard Personal and Corporate Identities with Identity Intelligence https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html 微軟推出 Microsoft Entra Suite 強化身份驗證零信任架構與治理 https://www.cdns.com.tw/articles/1050237 微軟對自家雲端物件儲存環境提供企業級惡意軟體掃描 https://www.ithome.com.tw/review/164007 新北親師生平臺再進化 攜手Fortinet簽MOU 強化數位品格力 https://reurl.cc/jWbe02 共育台灣資安人才，DEVCORE與全球資安培訓機構OffSec合作引進原廠講師實體課程 https://reurl.cc/3XdQ0X 資安大廠市占率恐將重新洗牌 https://today.line.me/tw/v2/article/mWYeRkz Google將抓漏獎金提高5倍 https://www.ithome.com.tw/news/163912 新版 Red Hat OpenShift 大幅簡化跨混合雲的多樣化工作負載 https://www.ithome.com.tw/pr/164004 F5 SOAS AI 2024報告 ：資料治理和安全問題存在差距，企業仍在擴大部署AI https://www.ithome.com.tw/pr/164026 伊雲谷與AWS簽訂戰略合作協議 深化區域合作 聚焦人才育留 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000697106_NAQ2TY5YLT4HVV72SRPZR BeyondTrust Remote 遠端支援，隨時隨地提供安全的個人設備或系統維護服務 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11136 Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model https://thehackernews.com/2024/07/meta-given-deadline-to-address-eu.html Google宣布放棄在Chrome中封鎖第三方Cookie的計畫 https://www.ithome.com.tw/news/164065 Google Abandons Plan to Phase Out Third-Party Cookies in Chrome https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html New Chrome Feature Scans Password-Protected Files for Malicious Content https://thehackernews.com/2024/07/new-chrome-feature-scans-password.html 電子地圖基金會Overture Maps發布開放地圖資料集的正式版 https://www.ithome.com.tw/news/164101 Nvidia推出企業用AI模型客製化平臺AI Foundry https://www.ithome.com.tw/news/164103 微軟開始於Bing搜尋測試AI生成結果 https://www.ithome.com.tw/news/164104 Mistral AI發表Mistral Large 2，挑戰GTP-4o與Llama 3.1 405B https://www.ithome.com.tw/news/164107 Apple Maps終於推出網頁版，臺灣已上線 https://www.ithome.com.tw/news/164105 Palo Alto Networks 推出 Prisma SASE 3.0 將零信任快速帶入 OT 環境 https://netmag.tw/2024/07/23/palo-alto-networks-launches-prisma-sase-3-0 IBM雲端金融三支箭 賦能金融業擁抱AI時代 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=13&id=697629 一張攻擊圖預測攻擊路徑，奧義智慧如何讓 AI 偵測資安事件 https://www.bnext.com.tw/article/79732/cycraft-cycarrier-cyber-security-check-taiwan-impact-ai-award-2024x InfoSec Taiwan國際資安組織大會成為資安產業鏈結平台 攜手產官學研打造生態圈　共推自主研發能量邁向國際 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/1CDD9F2F3776452E80CB45D8C700066C 史上Google最大併購案告吹！資安業者Wiz傳出拒絕併購協議，將尋求IPO https://www.ithome.com.tw/news/164092 G.政府 又是駭客！「基市健康E化博物館」粉專PO大量不雅片　衛生局回應 https://www.nownews.com/news/6471854 政府機關粉專遭盜用 數發部：應設社群平台管理機制 https://www.cna.com.tw/news/afe/202407210062.aspx 新北萬安演習今登場 模擬駭客攻擊主機釀交通癱瘓 https://m.match.net.tw/pc/news/life/20240723/8054331 民安10號、萬安47號演習也涵蓋資安演練，新北市針對交通控制系統遭駭進行應變處置 https://www.cna.com.tw/news/aloc/202407230243.aspx 中科院：已具備深偽技術相關研發能量 可協助國軍反認知作戰 https://www.cna.com.tw/news/aipl/202407160136.aspx 不滿數位部僅做半套！台灣駭客出手「刪光創意私房」影音　1標語警示眾人 https://www.ftnn.com.tw/news/270405 金管會強化金融業資安 公布導入零信任架構參考指引 https://www.chinatimes.com/realtimenews/20240719001214-260410?ctrack=pc_main_rtime_p01&chdtv 資安院靠AI揪160萬機器人帳號 源頭打詐鎖定廣告驗證 https://www.ctee.com.tw/news/20240719701400-430104 Windows停擺 數發部：資安事件快通報 桃機6航空地勤採人工作業因應 https://www.ctee.com.tw/news/20240720700069-439901 微軟當機全球受害 數發部長：台灣影響不大、仍須警惕幾件事 https://reurl.cc/bVZ89E 微軟釀當機災情 黃彥男：政府服務不會只用一家公有雲 https://www.fountmedia.io/article/235563 深偽技術武器化 慎防誤判確保國安 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1694004&type=universal 黃偉哲培育在地數位資安尖兵 臺南市資安攻防工具入門首場課程爆滿 https://www.tainan.gov.tw/News_Content.aspx?n=13371&s=8650073 加強資安意識 嘉縣府政風處辦理資訊安全講習 https://www.cna.com.tw/postwrite/chi/376926 金融業導入零信任架構參考指引 https://law.fsc.gov.tw/NewsContent.aspx?id=9915 YouBike不到1個月當機2次 北市府依合約罰1萬元挨轟太少 https://reurl.cc/bY46vM H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 人體植入NFC晶片成為門禁管理新型攻擊方式，使用嗅探犬成為資安新利器 https://www.techbang.com/posts/116976-the-implantation-of-nfc-chips-in-the-human-body-has-become-a NK首次核發型式認可證書予網路韌性船用設備 https://www.tssdnews.com.tw/?FID=9&CID=752319 2024 OT安全現狀報告：OT攻擊頻繁來襲七成台灣企業面臨每日威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11141 資策會成立FAITH 全台首家車輛軟體評測單位打造智慧車輛信賴環境 https://news.owlting.com/articles/759244 Moxa深耕工業互聯網 全球遍地開花 https://www.chinatimes.com/newspapers/20240724000332-260202?chdtv 工控系統惡意軟體FrostyGoop今年初發動攻擊，導致烏克蘭暖氣供應中斷 https://www.dragos.com/blog/protect-against-frostygoop-ics-malware-targeting-operational-technology/ New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure https://thehackernews.com/2024/07/new-ics-malware-frostygoop-targeting.html I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 【安碁學苑】資安職能培訓｜系統網路安全管理師 2024/7/27 ~ 2024/8/24 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-4 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/30 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygckbnc/ FinTech Summer CAMP 2024/8/5 ~ 2024/8/9 https://isipevent.kktix.cc/events/f2ce8bcc-copy-6 「資安技術人才培育計畫」免費線上講座 2024/8/6 https://www.acsiacad.com/subdetail/1066 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/ 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024