###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/08/05 ~ 2024/08/09 1.重大弱點漏洞/後門/Exploit/Zero Day 瀏覽器存在長達18年的漏洞被用於攻擊行動，Chrome、Firefox、Safari都中招 https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser 已結束生命週期的思科IP電話存在重大漏洞，未經驗證的攻擊者能以root權限執行作業系統層級命令 https://www.ithome.com.tw/news/164393 CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html 系統背景自動產生的影子資源恐出現弱點！研究人員揭AWS服務存在Bucket Monopoly、Shadow Resources漏洞 https://www.ithome.com.tw/news/164396 網路監控系統WhatsUp Gold的重大層級漏洞傳出已被用於攻擊行動 https://www.bleepingcomputer.com/news/security/critical-progress-whatsup-rce-flaw-now-under-active-exploitation/ Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now https://thehackernews.com/2024/08/critical-security-flaw-in-whatsup-gold.html 6月WhatsUp Gold修補漏洞，8月初駭客攻擊行動開始現蹤 https://www.ithome.com.tw/news/164388 Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities https://thehackernews.com/2024/08/windows-downgrade-attack-risks-exposing.html Microsoft Copilot Studio存在高風險弱點CVE-2024-38206 https://nvd.nist.gov/vuln/detail/CVE-2024-38206 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206 Windows智慧應用程式控制與SmartScreen存在漏洞，可被攻擊者輕易繞過 https://www.ithome.com.tw/news/164336 Windows Smart App Control, SmartScreen bypass exploited since 2018 https://www.bleepingcomputer.com/news/microsoft/windows-smart-app-control-smartscreen-bypass-exploited-since-2018/ 研究人員揭露Windows更新機制缺陷，並宣稱能重新引入已修補漏洞 https://www.ithome.com.tw/news/164368 Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities https://thehackernews.com/2024/08/windows-downgrade-attack-risks-exposing.html Windows 10再見！微軟宣布「停支援日期」：超過70%用戶面臨資安風險 https://n.yam.com/Article/20240805596941#google_vignette 全景軟體 HWATAIServiSign Windows版本 - Stack-based Buffer Overflow https://www.twcert.org.tw/tw/cp-132-7968-ce2ef-1.html 達煬科技 WinMatrix3 Web 套件 - SQL Injection https://nvd.nist.gov/vuln/detail/CVE-2024-7202 https://nvd.nist.gov/vuln/detail/CVE-2024-7201 https://www.twcert.org.tw/tw/cp-132-7962-dd216-1.html https://www.twcert.org.tw/tw/cp-132-7960-0ee18-1.html 蘋果釋出各平臺安全更新，並針對macOS Monterey修補3月公布的RTKit零時差漏洞 https://www.ithome.com.tw/news/164296 Mail SQR Expert and Mail Archiving Expert https://nvd.nist.gov/vuln/detail/CVE-2024-5670 https://www.twcert.org.tw/en/cp-139-7959-09d0e-2.html https://www.twcert.org.tw/tw/cp-132-7958-817f4-1.html ERP系統OFBiz遭到殭屍網路Mirai鎖定，針對路徑穿越漏洞而來 https://www.ithome.com.tw/news/164333 New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution https://thehackernews.com/2024/08/new-zero-day-flaw-in-apache-ofbiz-erp.html Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault https://www.bleepingcomputer.com/news/security/samsung-to-pay-1-000-000-for-rces-on-galaxys-secure-vault/ 針對MFT檔案傳輸系統MOVEit零時差漏洞攻擊事故，Progress證實美國證交所對其進行調查 https://www.ithome.com.tw/news/164382 Google發布Chrome 127更新、Mozilla推出Firefox 129，修補高風險層級漏洞 https://www.securityweek.com/chrome-firefox-updates-patch-serious-vulnerabilities/ 郵件伺服器Roundcube存在漏洞，攻擊者可在受害者的瀏覽器執行JavaScript指令碼 https://www.sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/ Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords https://thehackernews.com/2024/08/roundcube-webmail-flaws-allow-hackers.html 2.銀行/金融/保險/證券/金融監理 新聞及資安 資訊安全高規格防護　宏泰人壽保護客戶個資不受威脅 https://www.winnews.com.tw/193496/ 零信任架構參考指引 六大高風險領域先行 https://www.accounting.org.tw/lnktopic.aspx?n=2841 金融上雲條件呼之欲出 Azure 合規範本推波助瀾 https://news.owlting.com/articles/23820 遭柯粉造謠中傷 國泰人壽找第三方檢測APP：確認安全無虞 https://news.ltn.com.tw/news/life/breakingnews/4758590 國銀六大核心放款半年增逾3120億元 3類產業最缺錢 https://www.cathaysec.com.tw/cathaysec/News/nContent.aspx?NewsDate=20240805&CSeqNO=E8139989 金融業之冠是它！上半年「阻詐逾2000件」　金額達12.4億元 https://www.setn.com/News.aspx?NewsID=1510181 玉山金控揭露兩項金融科技進展，要用微前端、微服務打造新一代行網銀 https://www.ithome.com.tw/news/164384 Google Cloud Spanner Graph 助金融詐騙偵測 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11158 New Android Trojan "BlankBot" Targets Turkish Users' Financial Data https://thehackernews.com/2024/08/new-android-trojan-blankbot-targets.html 3.信用卡/電子支付/行動支付/pay/支付系統/資安 將來銀行攜手全支付推日本消費回饋最高 25%，新戶輸入邀請碼再拿 500 全點 https://www.techbang.com/posts/117287-in-the-future-banks-will-work-with-full-payment-to-promote-up 支付方式百百種，台灣四大支付方式差在哪 https://web3plus.bnext.com.tw/article/2904? 全支付攻日奏捷 搶進南韓 https://money.udn.com/money/story/10871/8112096 香港的士八達通機加入 WeChat Pay / 微信支付，內地旅客出行更便利 （附人民幣繳付車資資訊） https://hk.news.yahoo.com/wechat-pay-outopus-082351339.html 日本旅遊不用換日幣！台日「跨境支付」逾百萬家店都能刷 https://reurl.cc/Nlrm55 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 35個「死亡」VC項目解密：獲超11億美元融資，DeFi、NFT和遊戲失敗率最高 https://www.blocktempo.com/autopsy-report-on-35-dead-crypto-vc-projects/ 鏈上資料深度分析：Mt. Gox償付影響到底有多大 https://www.panewslab.com/zh_hk/sqarticledetails/2i1o474pFt.html 2024 Web3 鏈上資安守衛戰 https://quedicshares.com/latest/events-2 史諾登比特幣大會演講全文：比特幣的隱私性日益減少，監管機構能夠取得鏈上訊息 https://www.panewslab.com/zh_hk/sqarticledetails/6p16wnw6Ft.html 過去30天內，約有64,000枚BTC從交易所轉移出去 https://m.cnyes.com/news/id/5662362 區塊鏈加密技術上場 Galaxy手機資安有新招 https://www.technice.com.tw/techmanage/infosecurity/127737/ 投資泰達幣（USDT）被騙-委託駭客追回 https://reurl.cc/ey81pR Nomad攻擊者駭客1小時前抄底買入16,892枚ETH https://m.cnyes.com/news/id/5664860 日本DMM交易所驚爆遭駭 逾4千枚近百億比特幣外流 https://reurl.cc/34N44V 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 勒索軟體集團Dark Angels今年初曾收到一筆高達7,500萬美元的贖金 https://www.ithome.com.tw/news/164216 新興攻擊手法濫用免費Cloudflare隧道服務，靈活交付惡意軟體 https://www.ithome.com.tw/news/164275 哈薩克企業組織遭到駭客團體Bloody Wolf鎖定，散布惡意程式Strrat https://bi.zone/eng/expertise/blog/bloody-wolf-primenyaet-kommercheskoe-vpo-strrat-protiv-organizatsiy-v-kazakhstane/ 勒索軟體駭客鎖定企業IT人員，企圖散布RAT木馬SharpRhino http://www.quorumcyber.com/insights/sharprhino-new-hunters-international-rat-identified-by-quorum-cyber/ 勒索軟體Magniber傳出針對個人使用者發動攻擊的情況大幅增加 https://www.bleepingcomputer.com/news/security/surge-in-magniber-ransomware-attacks-impact-home-users-worldwide/ 法國博物館傳出遭遇勒索軟體攻擊，但遭到相關單位否認 https://www.ithome.com.tw/news/164345 勒索軟體駭客Royal東山再起並組成BlackSuit再度犯案，2年內已索討5億美元 https://www.cisa.gov/news-events/alerts/2024/08/07/royal-ransomware-actors-rebrand-blacksuit-fbi-and-cisa-release-update-advisory 南亞媒體組織遭到Go語言打造的後門程式GoGra攻擊 https://symantec-enterprise-blogs.security.com/threat-intelligence/cloud-espionage-attacks 兩組北韓駭客利用竄改與有更新漏洞的遠端安全存取軟體，散布惡意程式 https://www.ithome.com.tw/news/164348 北韓駭客組織Moonstone Sleet透過NPM套件向Windows電腦散布惡意程式碼 https://securitylabs.datadoghq.com/articles/stressed-pungsan-dprk-aligned-threat-actor-leverages-npm-for-initial-access/ 研究人員揭露合法雲端服務被用於散布後門程式的態勢日趨複雜，臺灣也有組織遇害 https://www.ithome.com.tw/news/164395 駭客入侵 ISP 在軟體更新套件中植入惡意程式 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11160 A Chinese hacking group tracked as 'StormBamboo' Compromises ISP to Abuse Insecure Software Update Mechanisms https://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/ Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication https://thehackernews.com/2024/08/new-windows-backdoor-bitsloth-exploits.html 駭客入侵 ISP 在軟體更新套件中植入惡意程式 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11160 Hackers breach ISP to poison software updates with malware https://www.bleepingcomputer.com/news/security/hackers-breach-isp-to-poison-software-updates-with-malware/ Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs https://www.darkreading.com/cloud-security/ransomware-gangs-exploit-esxi-bug-for-instant-mass-encryption-of-vms Beware the RAT: Android Remote Access malware strikes in Malaysia https://www.group-ib.com/blog/craxs-rat-malaysia/ New Android Trojan "BlankBot" Targets Turkish Users' Financial Data https://thehackernews.com/2024/08/new-android-trojan-blankbot-targets.html Mint Stealer - New MaaS Malware Threatens Confidential Data3 https://securityonline.info/mint-stealer-new-maas-malware-threatens-confidential-data/ North Korean hackers exploit VPN update flaw to install malware https://www.bleepingcomputer.com/news/security/north-korean-hackers-exploit-vpn-update-flaw-to-install-malware/ New LianSpy malware hides by blocking Android security feature https://www.bleepingcomputer.com/news/security/new-lianspy-malware-hides-by-blocking-android-security-feature/ New Android Spyware LianSpy Evades Detection Using Yandex Cloud https://thehackernews.com/2024/08/new-android-spyware-lianspy-evades.html Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware https://www.darkreading.com/threat-intelligence/russia-fighting-ursa-apt-car-ads-headlace-malware Ransomware gang targets IT workers with new SharpRhino malware https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-gang-targets-it-workers-with-new-sharprhino-malware/ North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry https://thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet.html Keytronic reports losses of over $17 million after ransomware attack https://www.bleepingcomputer.com/news/security/keytronic-reports-losses-of-over-17-million-after-ransomware-attack/ New Go-based Backdoor GoGra Targets South Asian Media Organization https://thehackernews.com/2024/08/new-go-based-backdoor-gogra-targets.html FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million https://thehackernews.com/2024/08/fbi-and-cisa-warn-of-blacksuit.html McLaren hospitals disruption linked to INC ransomware attack https://www.bleepingcomputer.com/news/security/mclaren-hospitals-disruption-linked-to-inc-ransomware-attack/ New Go-based Backdoor GoGra Targets South Asian Media Organization https://thehackernews.com/2024/08/new-go-based-backdoor-gogra-targets.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 監視王國！中國推「網號、網證」 微信、小紅書開始測試 https://news.ltn.com.tw/news/world/breakingnews/4757142 名為BingoMod的Android平台惡意軟體會在竊取裝置銀行帳戶後，順便將受影響裝置抹除 https://reurl.cc/34L4O0 委託駭客服務遠端駭入手機：以Ext駭客服務的案例分析 https://reurl.cc/Mjdj8v 港府資安新規！公務員辦公室用WhatsApp、Gmail等須獲批 https://www.chinatimes.com/realtimenews/20240805002266-260409?chdtv 政府部門用個人電郵即時通訊指引收緊 指三類程式有重大保安風險 須首長批准 https://life.mingpao.com/general/article?issue=20240805&nodeid=1722797262865 陸官方曾指易洩密 騰訊將關閉文件助手功能 https://www.chinatimes.com/realtimenews/20240806002596-260410?chdtv Google發布8月份安卓例行更新，修補零時差漏洞CVE-2024-36971 https://www.ithome.com.tw/news/164342 蘋果同態加密技術以開源Swift開源套件釋出 https://www.ithome.com.tw/news/164261 Chameleon Android Banking Trojan Targets Users Through Fake CRM App https://thehackernews.com/2024/08/chameleon-android-banking-trojan.html Critical Vulnerability in WhatsApp for Windows Allows Hackers to Execute to Arbitrary Code https://reurl.cc/XRkRAg Google fixes Android kernel zero-day exploited in targeted attacks https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-targeted-attacks/ Google Patches New Android Kernel Vulnerability Exploited in the Wild https://thehackernews.com/2024/08/google-patches-new-android-kernel.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 偉聯部份資訊系統遭受駭客網路攻擊事件說明 https://reurl.cc/Nl6VEn 偉聯 : 本公司公告部份資訊系統遭受駭客網路攻擊事件說明 https://www.cathaysec.com.tw/cathaysec/News/nContent.aspx?NewsDate=20240805&CSeqNO=T0542956 資訊系統供應商智聯服務內部資訊系統遭到攻擊 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=212026&SPOKE_DATE=20240805&COMPANY_ID=6751 顯示器製造商偉聯科技傳出遭遇網路攻擊 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=161226&SPOKE_DATE=20240805&COMPANY_ID=9912 報告指黑客針對商用硬件的攻擊日漸增加 https://unwire.pro/2024/08/05/hp-wolf-security/security/ 駭客疑似鎖定配置不當的Jupyter Notebook，企圖利用Minecraft套件將其打造成DDoS攻擊工具 https://www.ithome.com.tw/news/164334 微軟指控達美航空拒絕協助、系統太舊，導致IT難復原 https://www.ithome.com.tw/news/164367 針對7月19日全球更新大當機事故，CrowdStrike再度提出新的說明 https://www.crowdstrike.com/blog/channel-file-291-rca-available/ 駭客組織USDoD聲稱握有資安業者CrowdStrike掌握的駭客名冊，以及2.5億筆入侵指標資料 https://hackread.com/hacker-scrapes-publishes-crowdstrike-ioc-list/ 2024上半年網攻機率攀高 TeamT5指出臺灣名列亞洲前3大受害國 https://www.ctee.com.tw/news/20240805701686-431202 新加坡1.3萬學生上課用平板筆電停擺，原因是數位教室管理平臺Mobile Guardian遇駭 https://www.ithome.com.tw/news/164347 台灣受駭客攻擊頻率冠全球MIT資安大師就問一句：政府有專業資安長嗎 https://www.storm.mg/article/5214358 針對CrowdStrike的EDR系統大當機事故，達美航空打算求償5億美元 https://www.ithome.com.tw/news/164312 防毒軟體更新造成全球大當機 https://reurl.cc/QE3bVp 資安遵循與實務操作的挑戰 https://money.udn.com/money/story/6710/8139816?from=edn_subcatelist_cate DigiCert註銷逾8萬個SSL憑證 https://www.ithome.com.tw/news/164291 研究人員揭露DNS攻擊行動Sitting Ducks，逾3.5萬個網域遭到挾持 https://www.bleepingcomputer.com/news/security/sitting-ducks-dns-attacks-let-hackers-hijack-over-35-000-domains/ 專門針對Minecraft伺服器的DDoS攻擊工具包鎖定配置不當的Jupyter Notebook而來 https://www.aquasec.com/blog/panamorfi-a-new-discord-ddos-campaign/ 駭客入侵新手法！AI駭客利用HDMI電磁輻射重現螢幕資訊，密碼和敏感資料恐遭竊取 https://www.ptt.cc/bbs/PC_Shopping/M.1722742720.A.CA1.html 把 AI 資料中心放在太空能解決缺電危機嗎？台灣有機會發展嗎 https://technews.tw/2024/08/03/ascend-space-data-center/ 提升全民資安意識 嚴防中共網攻 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1697293&type=forum 為報復以哈戰爭，以色列駭客WeRedEvils聲稱癱瘓伊朗的網際網路運作 https://www.theregister.com/2024/08/02/israeli_hacktivists/https://www.theregister.com/2024/08/02/israeli_hacktivists/ 美國即將公佈保護數據免遭量子駭客攻擊的演算法工具 https://big5.ftchinese.com/interactive/166400?exclusive 中國駭客組織Evasive Panda入侵網路服務供應商，藉由DNS中毒從事供應鏈攻擊 https://www.ithome.com.tw/news/164300 疑似與中國政府有關的駭客組織攻擊台灣研究中心 https://reurl.cc/ey83LW 臺灣研究機構遭中國駭客組織APT41攻擊 https://www.ithome.com.tw/news/164297 台灣研究中心遭疑似內地黑客入侵　密碼與數據被竊 https://www.hk01.com/article/1044168?utm_source=01articlecopy&utm_medium=referral 中共駭客APT41入侵 全球網路安全的警鐘 https://newtalk.tw/citizen/view/63727 Chinese APT41 Group Breaches Taiwanese Research Institute https://reurl.cc/34LoXj APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack https://thehackernews.com/2024/08/apt41-hackers-use-shadowpad-cobalt.html Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor https://www.darkreading.com/cyberattacks-data-breaches/attackers-hijack-facebook-pages-promote-malicious-ai-photo-editor Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool https://thehackernews.com/2024/08/hackers-exploit-misconfigured-jupyter.html Microsoft Azure outage takes down services across North America https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-outage-takes-down-services-across-north-america/amp/ Suspicious Minds: Insider Threats in The SaaS World https://thehackernews.com/2024/08/suspicious-minds-insider-threats-in.html Kazakh Organizations Targeted by 'Bloody Wolf' Cyber Attacks https://thehackernews.com/2024/08/kazakh-organizations-targeted-by-bloody.html Russia's Priorities in Prisoner Swap Suggest Cyber Focus https://www.darkreading.com/cyber-risk/russias-priorities-in-prisoner-swap-suggest-cyber-focus North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry https://thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet.html 數字辦推網絡攻防演練 邀政府公營機構參加 https://www.wenweipo.com/epaper/view/newsDetail/1819442888451428352.html 德國罕見召見中共大使 抗議聯邦機構遭網攻 https://reurl.cc/rv8D6k 網路戰前線！德國揭露中共駭客組織的秘密 https://talk.ltn.com.tw/article/breakingnews/4757368 國際駭客對中國出手！刊署名「習明澤」報導中共高官洗錢海外 https://today.line.me/tw/v2/article/LXjX3GG 駭客入侵？女兒踢爆習近平「假改革真清算」　7億美金藏海外 https://today.line.me/tw/v2/article/9m9BR5g 高達 70% 的網路釣魚，以竊取登入憑證為目標！網路釣魚有多猖獗？15個關鍵數據告訴你 https://blog.trendmicro.com.tw/?p=83516 Stressed Pungsan : DPRK-aligned threat actor leverages npm for initial access https://securitylabs.datadoghq.com/articles/stressed-pungsan-dprk-aligned-threat-actor-leverages-npm-for-initial-access/ Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool https://thehackernews.com/2024/08/hackers-exploit-misconfigured-jupyter.html 研究人員揭露Linux核心跨快取攻擊手法SLUBStick https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/ New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html Linux kernel impacted by new SLUBStick cross-cache attack https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/ DPRK APT Group Kimsuky Targets University Researchers in S. Korea https://www.cyberresilience.com/threatintel/apt-group-kimsuky-targets-university-researchers/ 資安管理人員 https://www.yourator.co/companies/HNCB/jobs/36436 資訊安全顧問師 https://job.taiwanjobs.gov.tw/Internet/index/JobDetail.aspx?R2=11&EMPLOYER_ID=2374573&HIRE_ID=12931703 『平鎮總部』資安工程師 https://www.1111.com.tw/job/130288604/ Security DevOps Engineer - TC24102 https://www.1111.com.tw/job/130297619/ 產品經理 https://www.104.com.tw/job/88nwv?jobsource=google DTS Security Engineer https://www.csie.ntust.edu.tw/p/405-1038-116034,c3076.php?Lang=zh-tw 資訊暨圖書中心資訊組資安專章計畫人員(儲備人力) https://www.104.com.tw/job/8bgjv?jobsource=google 資安工程師/資深工程師（WEB安全方向） https://www.1111.com.tw/job/130304953/ D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 資安警示：LSE（London Stock Exchange）詐騙海外操控收割 請勿加入、7旬翁抵押房產遭詐400萬、LSE（London Stock Exchange）涉詐黑幕公開 https://blog.udn.com/G_116123732873183198/180870166 英國青少年持刀騷亂假消息推波助瀾，首相警告社群平台嚴加管控 https://reurl.cc/1b4ZGW 「慈濟醫院」通知被冒名領藥？ 阿北依對方指示慘噴20多萬 https://www.chinatimes.com/realtimenews/20240803002074-260402?chdtv 假花蓮慈濟醫院「藥劑師」告知健保卡被盜用　北市男中詐騙連環計損失20萬 https://tw.nextapple.com/local/20240803/9CCDFC836469CFE36BCB846653CA08D9 通用、現代、Honda 這幾家車商不只蒐集你的開車習慣資訊 (加速與剎車習慣、超速記錄等等)，還賤售給保險商 GM, Honda, and Hyundai are selling driver data to insurers for pennies https://qz.com/gm-honda-and-hyundai-are-selling-driver-data-to-insur-1851607334 駭客在臉書上聲稱提供AI圖片編輯工具，意圖散布竊資軟體 https://www.trendmicro.com/en_us/research/24/h/malvertising-campaign-fake-ai-editor-website-credential-theft.html 資安業者統計 科技業仍是駭客進行網路釣魚攻擊首選 https://money.udn.com/money/story/5612/8141091 Check Point：微軟高居網路釣魚攻擊首選、蘋果次之 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11156 網交虛擬美魔女提供帳戶　杜紫宸淪詐團幫凶險遭訴 https://www.mirrormedia.mg/story/20240804inv001 某局長分享遇WhatsApp詐騙訊息 體驗免費按摩再送鮑魚月餅 https://reurl.cc/QE3zDb 研究人員揭露微軟Entra ID隱藏的身分驗證機制，恐讓攻擊者取得全域管理員權限 https://www.darkreading.com/application-security/hazy-issue-entra-id-privileged-users-become-global-admins 研究人員揭露鎖定臉書行動裝置用戶的電子商務詐騙活動 https://www.ithome.com.tw/news/164313 駭客濫用Google Drawing和WhatsApp功能從事網釣攻擊 https://www.menlosecurity.com/blog/google-drawings-and-whatsapp-zero-hour-open-redirection-phish-exposed DOJ and FTC Sue TikTok for Violating Children's Privacy Laws https://thehackernews.com/2024/08/doj-and-ftc-sue-tiktok-for-violating.html APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure https://thehackernews.com/2024/08/apt28-targets-diplomats-with-headlace.html Hackers Abuse Microsoft Office Forms to Launch Two-Step Phishing Attacks https://www.linkedin.com/pulse/hackers-abuse-microsoft-office-forms-launch-two-step-sdjoc/ 460萬美國選民資料曝露，起因是科技業者伺服器配置不當 https://www.vpnmentor.com/news/report-election-records-breach/ M365網路釣魚防護警示可遮蔽，有心人士可透過CSS樣式表隱藏 https://www.ithome.com.tw/news/164374 Microsoft 365 anti-phishing feature can be bypassed with CSS https://www.bleepingcomputer.com/news/security/microsoft-365-anti-phishing-feature-can-be-bypassed-with-css/ INTERPOL recovers over $40 million stolen in a BEC attack https://www.bleepingcomputer.com/news/security/interpol-recovers-over-40-million-stolen-in-a-bec-attack/ BBC news fake QR codes on parking ticket machines https://www.bbc.com/news/articles/clynnkrgj24o New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links https://thehackernews.com/2024/08/new-phishing-scam-uses-google-drawings.html E.研究報告/工具 01: 從零開始:資安滲透初探 https://ithelp.ithome.com.tw/articles/10343234 02: 資安滲透初探: 鐵人賽大綱 https://ithelp.ithome.com.tw/articles/10343238 03: 資安滲透初探: 介紹 https://ithelp.ithome.com.tw/articles/10343322?sc=rss.qu 2024年資訊安全考量報告：科技、媒體與電信產業 https://kpmg.com/tw/zh/home/insights/2024/08/cybersecurity-considerations-2024-technology-media-and-telecommunications.html Azure - AKS - 使用 AAD Pod Identity 進行 Azure 服務驗證 https://skychang.github.io/2020/11/29/Azure-AKS_AAD_Pod_Identity/ 研究人員公布駭客如何將人工智慧機器人Copilot變成武器 https://www.darkreading.com/application-security/how-to-weaponize-microsoft-copilot-for-cyberattackers What are TTPs in Malware? – Tactics, Techniques, and Procedures https://cyberpress.org/ttps/ regex Hunter- Fast website endpoint sensitive data and Leaks JS files endpoint API Key Scraper https://github.com/securi3ytalent/regexHunter AutoRDPwn is a post-exploitation framework created in Powershell, https://github.com/JoelGMSec/AutoRDPwn Threat Analysis Group | HACKING GOOGLE | Documentary EP001 https://youtu.be/N7N4EC20-cM?feature=shared Pure DNS https://github.com/d3mondev/puredns Parsero https://github.com/behindthefirewalls/Parsero DirAuto https://github.com/eliaz5536/DirAuto How to implement Microservices in Java https://javatechonline.com/microservices-in-java/ Trape (stable) v2.0 https://github.com/jofpin/trape The Loper Bright Decision: How it Impacts Cybersecurity Law https://thehackernews.com/2024/08/the-loper-bright-decision-how-it.html Enhancing Incident Response Readiness with Wazuh https://thehackernews.com/2024/08/enhancing-incident-response-readiness.html Study automation scripting with PowerShell in this $15 course bundle deal https://www.bleepingcomputer.com/offer/deals/study-automation-scripting-with-powershell-in-this-15-course-bundle-deal/ 5 Free Things for Everybody https://blog.shodan.io/5-free-things-for-everybody/ Azure Networking https://github.com/nehalineogi/azure-networking Hardening the RAG chatbot architecture powered by Amazon Bedrock: Blueprint for secure design and anti-pattern mitigation https://aws.amazon.com/ru/blogs/security/hardening-the-rag-chatbot-architecture-powered-by-amazon-bedrock-blueprint-for-secure-design-and-anti-pattern-migration/ F.商業 熱門廣告攔截工具uBlock Origin即將遭Chrome棄用 https://www.ithome.com.tw/news/164290 Windows 11 market share on Steam drops below 46% https://www.neowin.net/news/windows-11-market-share-on-steam-drops-below-46/ 資安股又新增一生力軍，中華資安國際預計8月20日上興櫃 https://www.ithome.com.tw/news/164299 CISA任命首任AI長Lisa Einstein https://www.ithome.com.tw/news/164293 數位經濟推動企業全球佈局　自動化工具降低應用存取風險 打造邊緣到雲統一平台　保障安全性兼具用戶體驗 https://www.netadmin.com.tw/netadmin/zh-tw/trend/90D621C578534BCCB766502942BD1F82 台驊共享辦公室講座 微軟硏究院總監談多元宇宙與協作技術 https://www.chinatimes.com/realtimenews/20240804002875-260410?chdtv 卡位雲端 安碁資訊現增800萬股 https://www.ctee.com.tw/news/20240805700202-439901 趨勢科技推深偽偵測方案，防範AI視訊詐騙 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11157 惡意攻擊加劇 AWS加裝AI防護網 https://www.technice.com.tw/techmanage/infosecurity/127958/ 趨勢科技在黑帽大會展示深偽偵測技術，強調企業需重新設想AI時代的網路風險管理 https://www.ithome.com.tw/news/164363 趨勢科技傳出有意吸引買家出售 https://www.reuters.com/markets/deals/cybersecurity-firm-trend-micro-explores-sale-sources-say-2024-08-08/ G.政府 新北「零信任資安聯防系統」獲「未來潛力專案」國際認證 https://n.yam.com/Article/20240802410400 北市公務雲成效亮眼 提升公務服務能量 https://news.owlting.com/articles/161975 擔任零日攻擊總顧問挨轟　沈伯洋：查證能力有點問題 https://www.ettoday.net/news/20240804/2790749.htm 沈伯洋無軍事背景當總顧問 退將批「零日攻擊」很荒謬 https://www.chinatimes.com/newspapers/20240804000386-260118?chdtv 強化公務人員必要之資通安全知能　資安署署長蒞金講課 https://newstaiwan.net/2024/08/02/210259/ 詐騙、警示帳戶「雙升」 審計部點名：NCC打詐不如預期 https://www.cmmedia.com.tw/home/articles/48371 審計部警告戶役政系統存在資安風險，內政部規畫回應將於今年底完成更新 https://www.chinatimes.com/realtimenews/20240730005327-260407me-using-brute-ratel-175741987d87 打詐以AI攻AI 國家數位安全防護全面升級 https://news.immigration.gov.tw/NewsSection/Detail/D9772F68-B8F9-4594-A70A-4D66F638A608?lang=TW&topic=onetouch H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 振生半導體執行長張振豐：以硬體資安優勢，讓台灣半導體在歐洲市場佔一席之地 https://zh.theicons.net/2024/08/02/jmem-technology CISA警告陞泰視訊監控設備漏洞已被用於攻擊行動 https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 CISA對臺灣視訊監控設備廠商產品示警，表明產品漏洞已被用於攻擊行動 https://www.ithome.com.tw/news/164310 洛杉磯竊賊配備Wi-Fi干擾器破壞家庭監視系統，當地警方呼籲當地住戶：使用傳統有線警報系統 https://www.techbang.com/posts/117227-los-angeles-burglars-began-using-wi-fi-jammers-to-disrupt 保護資安？美國自動駕駛車擬禁用中國軟體，中方跳腳籲公平競爭 https://www.storm.mg/article/5217409 太陽能發電系統存在重大漏洞，若不修補恐導致大規模停電 https://www.ithome.com.tw/news/164378 Rockwall Automation可程式化邏輯控制器存在安全繞過漏洞 https://www.ithome.com.tw/news/164319 Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access CVE-2024-6242 https://thehackernews.com/2024/08/critical-flaw-in-rockwell-automation.html RISC-V處理器存在GhostWrite漏洞，攻擊者有機會取得設備完整控制權 https://www.ithome.com.tw/news/164398 I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 Just a chat - with no Expectations 2024/8/10 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302365145/ 資安長零信任的第一堂課（八月場） 2024/8/13 https://jamf.kktix.cc/events/applexjamf-aug Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/13 https://www.meetup.com/taiwan-code-camp/events/302421006/ SyntaxError 2024/8/14 https://www.meetup.com/pythonhug/events/pqnsctygclbsb/ 後量子密碼偵測與遷移工作坊3 軍工領域面對後量子遷移暨產業量子安全經驗分享 2024/8/15 http://www.twcloud.org.tw/xmevent/cont?sid=0O214507362649184530&xsmsid=0I194031315298462880 AI x 雲端 系列研討會 - Postgres x Elastic x Vault 2024/8/14 ~ 2024/8/28 https://www.accupass.com/event/2407090959082119228820 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 ⟫ 2024/8/15 https://www.meetup.com/hackingthursday/events/302454317/ 第2屆 Web3資安暨信任論壇 ⟪共建智慧Web3│驅動數位信任⟫ 2024/8/15 https://www.accupass.com/event/2406260522161651051152 2024 HITCON x Yourator 資安職涯論壇｜ 現場企業徵才，解鎖你的資安未來 ꗃ 2024/8/17 https://www.accupass.com/event/2407120626187489710470 Just a chat - with no Expectations 2024/8/17 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/302490813/ Taoyuan WordPress Café 桃園咖啡小聚 #39 2024/8/17 https://www.meetup.com/taoyuan-wordpress-meetup/events/302363697/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/20 https://www.meetup.com/taiwan-code-camp/events/302548977/ 2024全面阻絕詐騙論壇 2024/8/20 https://www.accupass.com/event/2407300901531515176080 SyntaxError 2024/8/21 https://www.meetup.com/pythonhug/events/pqnsctygclbcc/ Taipei dbt Meetup #26 for all folks working with data! (Hybrid 👫 + 🧑‍💻)2024/8/21 https://www.meetup.com/taipei-dbt-meetup/events/302491357/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/8/22 https://www.meetup.com/hackingthursday/events/psspctygclbdc/ Just a chat - with no Expectations 2024/8/24 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbgc/ 《報導者》的AI初體驗：我們如何建置立委發言監測儀表板 2024/8/26 https://www.meetup.com/rladies-taipei/events/302047204/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/8/27 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygclbkc/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/ SyntaxError 2024/8/28 https://www.meetup.com/pythonhug/events/pqnsctygclblc/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/8/29 https://www.meetup.com/hackingthursday/events/psspctygclbmc/ 資安職能培訓｜安全程式開發管理師 2024/8/31 ~ 2024/10/5 https://acsiacad.kktix.cc/events/308914 Just a chat - with no Expectations 2024/8/31 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygclbpc/ 第九屆《WHATs NEXT》未來科技產業高峰會 2024/9/3 https://www.accupass.com/event/2406060317121880421709 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/9/3 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcmbfb/ SyntaxError 2024/9/4 https://www.meetup.com/pythonhug/events/pqnsctygcmbgb/ 資安長零信任的第一堂課（九月場） 2024/9/19 https://jamf.kktix.cc/events/applexjamf-sep 資訊安全系列課程 2024/9/30 https://www.accupass.com/event/2407011640161317038989 資訊安全系列課程 2024/10/12 https://www.accupass.com/event/2407011633417884074930 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024 Threat Analyst Summit 2024 威脅分析師高峰會 2024/12/11 ~ 2024/12/12 https://teamt5tw.kktix.cc/events/tas2024