###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/2/13 ~ 2023/2/17 1.重大弱點漏洞/後門/Exploit/Zero Day Citrix 已發布Workspace App安全更新 https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/citrix-releases-security-updates-workspace-apps-virtual-apps-and Citrix針對虛擬化平臺與應用程式管理平臺進行修補 https://www.bleepingcomputer.com/news/security/citrix-fixes-severe-flaws-in-workspace-virtual-apps-and-desktops/ 思科針對旗下產品發布更新，修補開源防毒元件ClamAV重大漏洞 https://www.securityweek.com/critical-vulnerability-patched-in-cisco-security-products/ Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html Adobe 已發布安全更新，以解決多個 Adobe 產品中的弱點 https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/adobe-releases-security-updates-multiple-products Adobe發出旗下多種軟體重大漏洞與修補公告，範圍涵蓋Photoshop、After Effects等9款產品 https://www.zerodayinitiative.com/blog/2023/2/14/the-february-2023-security-update-overview Atlassian 發布 Jira 嚴重漏洞 CVE-2023-22501，並推出修補與暫時解決方案 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10317 微軟發佈2月份安全性公告 https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/microsoft-releases-february-2023-security-updates 微軟發布2月份例行修補，緩解3個零時差漏洞 https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2023-patch-tuesday-fixes-3-exploited-zero-days-77-flaws/ 微軟強制關閉Windows 10 PC上的IE，6月將完全移除 https://www.ithome.com.tw/news/155538 Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities https://thehackernews.com/2023/02/update-now-microsoft-releases-patches.html 錯誤配置和漏洞成雲端安全最大風險 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10319 CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws https://thehackernews.com/2023/02/cisa-warns-of-active-attacks-exploiting.html 大數據軟體Splunk修補高風險漏洞 https://www.securityweek.com/splunk-enterprise-updates-patch-high-severity-vulnerabilities/ Intel修補處理器防護元件SGX漏洞 https://www.theregister.com/2023/02/15/intel_sgx_vulns/ IBM於1月修補的檔案共享系統漏洞出現攻擊行動 https://www.securityweek.com/recently-patched-ibm-aspera-faspex-vulnerability-exploited-in-the-wild/ SAP發布2月份例行修補，當中有10分的重大漏洞，用戶需盡快處理 https://www.securityweek.com/saps-february-2023-security-updates-patch-high-severity-vulnerabilities/ 文件管理系統OnlyOffice、OpenKM、LogicalDOC、Mayan EDMS存在跨網站指令碼漏洞 https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/ 2.銀行/金融/保險/證券/金融監理 新聞及資安 郵局也有資安問題？民眾信箱遭郵局員工「誤植」 收到別人的轉帳資料 https://n.yam.com/Article/20230216440604 上市櫃公司傳資安事件 證交所將依重訊查核機制調查 https://pchome.megatime.com.tw/news/cat1/20230215/16763926756910018003.html 領先同業 元大人壽正式開辦全通路遠距投保 https://money.udn.com/money/story/5613/6973778 臺灣金融資安必須升級2大理由：全球資安新威脅和後疫轉型新風險 https://www.ithome.com.tw/news/155467 金融資安行動方案2.0版3大新方向：資安長聯盟化、生態圈資安和零信任 https://www.ithome.com.tw/news/155468 國泰金與調查局簽署資安聯防合作備忘錄 https://www.chinatimes.com/realtimenews/20230214003126-260410?chdtv 金融與銀行業平均每週遭受 4,664 次網路攻擊，如何強化資安免疫系統 https://buzzorange.com/techorange/2023/02/08/cybersecurity-in-the-financial-services-industry/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安 挪威行動支付Vipps向蘋果發起挑戰 盼歐盟採取反壟斷行動 https://news.cnyes.com/news/id/5087703 Samsung Wallet來囉！三星宣布今起進軍台灣等8大市場　行動支付、數位鑰匙一機搞定 https://www.winnews.com.tw/115802/ 歐付寶通過「APP無障礙開發指引」驗證　成為首家最友善支付APP https://www.cardu.com.tw/mpay/detail.php?40553 升格電支納管 金管會限大型第三方支付3∕15回覆 https://ec.ltn.com.tw/article/paper/1567454 阿里巴巴退出印度電子支付業者Paytm，以約1.67億美元出售剩餘股份 https://reurl.cc/qk8aOD 存放現金風險大 業者籲開放電子支付 https://news.ltn.com.tw/news/society/paper/1565712 Apple Pay Later還沒有譜？蘋果遇上技術問題，官方的iPhone訂閱制也沒下文 https://www.bnext.com.tw/article/74116/apple-financial-tech-services-delay 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 駭侵者以 16 個 NPM 詐騙測速程式套件來挖掘加密貨幣 https://www.twcert.org.tw/tw/cp-104-6933-0e237-1.html 全球收緊加密監管時，為何日本卻加緊擁抱 Web3 與穩定幣 https://www.blocktempo.com/where-other-countries-fear-crisis-japan-sees-opportunity/ 印度央行公布第二屆全球駭客馬拉松，包括CBDC、區塊鏈可擴展性用例 https://news.cnyes.com/news/id/5087495 Web3社交平台CyberConnect與BNB Chain合作舉辦Web3社交駭客松活動 https://news.cnyes.com/news/id/5087251 政府監管槍聲響起 ｜為什麼幣安、Coinbase 會被 SEC 盯上？未來監管方向會如何 https://blockcast.it/2023/02/15/what-we-need-to-know-when-regulatory-actions-on-vasp/ SEC考慮制定可能打壓Coinbase和其他加密貨幣平台的規則 https://reurl.cc/Q4320M ZachXBT：駭客Loyalist自2022年初以來已竊取超400萬美元的加密貨幣和NFT https://news.cnyes.com/news/id/5089000 挪威查獲1.75億遭北韓駭客竊取加密貨幣　可用於資助平壤核武計畫 https://tw.nextapple.com/international/20230217/F42B30EF3A55B925B1C838BDF763C510 挪威扣押北韓所竊加密貨幣 價值高達580萬美元 https://money.udn.com/money/story/5599/6977137?from=edn_newest_index 14萬枚比特幣砸盤動向》Mt.Gox 兩大債權人選擇「領取BTC賠償」 https://www.blocktempo.com/mt-gox-2-largest-creditors-pick-payout-option-mostly-in-bitcoin/ 台灣交易所介紹｜買 USDT 最優惠的入口平台「Rybit」 https://blockcast.it/2023/02/17/introducing-taiwan-exchange-rybit/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 殭屍網路Mirai變種V3G4鎖定物聯網裝置漏洞而來 https://unit42.paloaltonetworks.com/mirai-variant-v3g4/ New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html 惡意軟體Frebniis濫用IIS伺服器功能建立後門，目標是臺灣組織 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/frebniis-malware-iis 逾500臺VMware ESXi主機感染勒索軟體ESXiArgs，法、德為主要災區 https://censys.io/the-evolution-of-esxiargs-ransomware/ 鎖定VMware ESXi的勒索軟體近2年大幅出現 https://www.recordedfuture.com/in-before-the-lock-esxi 逾三分之一惡意軟體採用20種戰術與攻擊手法 https://www.picussecurity.com/resource/blog/the-red-report-2023-top-ten-attack-techniques 南美洲外交單位遭中國駭客鎖定，散布木馬程式ShadowPad https://twitter.com/MsftSecIntel/status/1625181255754039318 美國、南韓公共衛生機構遭北韓駭客鎖定，發動勒索軟體攻擊 http://www.cisa.gov/uscert/ncas/alerts/aa23-040a 研究人員揭露用於散布竊密軟體W4SP的惡意PyPI套件 https://www.fortinet.com/blog/threat-research/supply-chain-attack-via-new-malicious-python-packages-by-malware-author-core1337 美國加州奧克蘭市遭到勒索軟體攻擊，一週後宣布進入緊急狀態 https://www.oaklandca.gov/news/2023/city-of-oakland-targeted-by-ransomware-attack-core-services-not-affected 英國郵務業者Royal Mail遭勒索軟體LockBit索討6,500萬英鎊 https://www.itpro.co.uk/security/ransomware/370067/lockbit-releases-negotiation-history-royal-mail-ransom-65-million 太平洋島國東加遭到勒索軟體Medusa攻擊 https://therecord.media/tonga-is-the-latest-pacific-island-nation-hit-with-ransomware/ 駭客採用新的C2中繼站框架Havoc來繞過防毒軟體偵測 https://www.zscaler.com/blogs/security-research/havoc-across-cyberspace 美國組織遭到勒索軟體MortalKombat鎖定 https://blog.talosintelligence.com/new-mortalkombat-ransomware-and-laplas-clipper-malware-threats/ 竊密軟體Beep採用高度隱蔽的手法規避偵測 https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ 惡意NPM套件偽裝成網路速度測試工具，意圖利用受害電腦挖礦 https://blog.checkpoint.com/2023/02/14/check-point-cloudguard-spectral-detects-malicious-crypto-mining-packages-on-npm-the-leading-registry-for-javascript-open-source-packages/ 勒索軟體BlackCat聲稱從愛爾蘭大學MTU竊得6 GB資料 https://www.bankinfosecurity.com/blackcat-leaks-data-belonging-to-irish-university-a-21192? 新惡意軟體M2RAT 北韓駭客組織攻擊南韓 https://www.technice.com.tw/cloudtech/infosecurity/37842/ 又有新惡意程式利用ProxyShell漏洞散布 https://www.ithome.com.tw/news/155559 Exchange漏洞ProxyShell被用於挖礦攻擊 https://blog.morphisec.com/proxyshellminer-campaign ProxyShellMiner Campaign Creating Dangerous Backdoors https://blog.morphisec.com/proxyshellminer-campaign Open-source repository malware sows Havoc https://www.reversinglabs.com/blog/open-source-malware-sows-havoc-on-supply-chain NewsPenguin, a Previously Unknown Threat Actor, Targets Pakistan with Advanced Espionage Tool https://blogs.blackberry.com/en/2023/02/newspenguin-a-previously-unknown-threat-actor-targets-pakistan-with-advanced-espionage-tool New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign https://blog.talosintelligence.com/new-mortalkombat-ransomware-and-laplas-clipper-malware-threats/ https://raw.githubusercontent.com/Cisco-Talos/IOCs/51bbac61a9f41dc2d2f7b1e96b21b651efbc6efb/2023/02/new-mortalkombat-ransomware-and-laplas-clipper-malware-threats.txt Beepin' Out of the Sandbox: Analyzing a New, Extremely Evasive Malware https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Havoc Across the Cyberspace https://www.zscaler.com/blogs/security-research/havoc-across-cyberspace Dalbit (m00nlight): Chinese Hacker Group APT Attack Campaign https://asec.ahnlab.com/en/47455/ Frebniis: New Malware Abuses Microsoft IIS Feature to Establish Backdoor https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/frebniis-malware-iis Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks https://www.sentinelone.com/labs/wip26-espionage-threat-actors-abuse-cloud-infrastructure-in-targeted-telco-attacks/ Recent TZW Campaigns Revealed As Part of GlobeImposter Malware Family https://www.sentinelone.com/blog/recent-tzw-campaigns-revealed-as-part-of-globeimposter-malware-family/ Cyberattack on organizations and institutions of Ukraine using remote utilities (CERT-UA#5961) https://cert.gov.ua/article/3863542 DarkBit Ransomware Targets Israel with Command-Line Options and Optimized Encryption Routines https://blogs.blackberry.com/en/2023/02/darkbit-ransomware-targets-israel The Saaiwc Group conducts stealth activities in the name of multinational diplomacy https://mp.weixin.qq.com/s/7KOjLgeHsgEI7KuDhFOiKA Analysis of APT-C-56 (Transparent Tribe) camouflage resume attack campaign https://mp.weixin.qq.com/s/xU7b3m-L2OlAi2bU7nBj0A Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html 451個惡意PyPI套件在受害電腦植入Chrome擴充套件，目的是竊取加密貨幣 http://blog.phylum.io/phylum-discovers-revived-crypto-wallet-address-replacement-attack Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages! https://thehackernews.com/2023/02/python-developers-beware-clipper.html 惡意NPM套件aabquerys被駭客用於下載攻擊工具 https://www.reversinglabs.com/blog/open-source-malware-sows-havoc-on-supply-chain Researchers Hijack Popular NPM Package with Millions of Downloads https://thehackernews.com/2023/02/researchers-hijack-popular-npm-package.html North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations https://thehackernews.com/2023/02/north-korean-hackers-targeting.html U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html A CISOs Practical Guide to Storage and Backup Ransomware Resiliency https://thehackernews.com/2023/02/a-cisos-practical-guide-to-storage-and.html Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar https://thehackernews.com/2023/02/experts-warn-of-beep-new-evasive.html ESXiArgs Ransomware Hits Over 500 New Targets in European Countries https://thehackernews.com/2023/02/esxiargs-ransomware-hits-over-500-new.html North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware https://thehackernews.com/2023/02/north-koreas-apt37-targeting-southern.html Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware https://thehackernews.com/2023/02/financially-motivated-threat-actor.html Armenian Entities Hit by New Version of OxtaRAT Spying Tool https://thehackernews.com/2023/02/armenian-entities-hit-by-new-version-of.html Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps https://thehackernews.com/2023/02/hackers-using-google-ads-to-spread.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw https://thehackernews.com/2023/02/patch-now-apples-ios-ipados-macos-and.html macOS Ventura、Safari 更新　修正已被黑客利用漏洞 https://www.pcmarket.com.hk/macos-ventura-safari-update-fix-webkit-vulnerabilities/ 蘋果釋出iOS 16.3.1、macOS 13.2.1，修補已遭利用的漏洞 https://www.ithome.com.tw/news/155503 Google Rolling Out Privacy Sandbox Beta on Android 13 Devices https://thehackernews.com/2023/02/google-rolling-out-privacy-sandbox-beta.html 駭客在蘋果與Google市集上架CryptoRom應用程式，透過騙人安裝陌生App投資加密貨幣來詐財 https://news.sophos.com/en-us/2023/02/01/fraudulent-cryptorom-trading-apps-sneak-into-apple-and-google-app-stores/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 電力設備業者飛宏證實發生資安事故，受影響系統皆已恢復運作 https://news.cnyes.com/news/id/5084651 政府系統遭駭客持續攻擊 屋崙進緊急狀態 https://reurl.cc/a1vX69 國際記者聯盟揭發秘密承包商 曾暗中干預全球30多場大選 https://news.ltn.com.tw/news/world/breakingnews/4211984 Tor網路遭到阻斷服務攻擊長達7個月 https://blog.torproject.org/tor-network-ddos-attack/ 逾60個亞太地區組織在2021年遭駭客組織SideWinder攻擊 https://www.group-ib.com/media-center/press-releases/sidewinder-apt-report/ 滑雪板製造商Burton遭到網路攻擊，取消網路訂單 https://www.burton.com/announcement/system-outage.html 美國針對已出現攻擊行動的Windows和蘋果裝置漏洞提出警告，要求聯邦機構限期修補 https://www.bleepingcomputer.com/news/security/cisa-warns-of-windows-and-ios-bugs-exploited-as-zero-days/ 北歐航空遭到網路攻擊，起因疑為不滿瑞典焚燒古蘭經的抗議遊行 https://therecord.media/scandinavian-airlines-cyberattack-anonymous-sudan/ 德國又傳三個機場網站當機　疑遭駭客攻擊 https://www.taisounds.com/Global/Top-News/EUROPE/uid6591018571 援助土耳其地震的北約組織遭到鎖定！俄羅斯駭客Killnet干擾救援行動 https://www.cybersecurityintelligence.com/blog/russian-cyber-attack-disrupts-earthquake-aid-6785.html 阿拉伯駭客Al-Toufan攻擊巴林機場與新聞媒體的網站 https://www.securityweek.com/hackers-target-bahrain-airport-news-sites-to-mark-uprising/ 北韓駭客組織APT37透過惡意軟體M2RAT竊取電腦及手機資料 https://asec.ahnlab.com/ko/47622/ 俄羅斯駭客Nobelium發起攻擊行動MagicWeb，針對AD聯邦服務伺服器植入後門 https://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/ 中國間諜氣球幕後黑手？ 日媒：習近平下令創建的「戰略支援部隊」 https://newtalk.tw/news/view/2023-02-17/857894 以色列Technion大學遭勒索軟體DarkBit攻擊 https://www.bleepingcomputer.com/news/security/ransomware-hits-technion-university-to-protest-tech-layoffs-and-israel/ New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East https://thehackernews.com/2023/02/new-threat-actor-wip26-targeting.html Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems https://thehackernews.com/2023/02/hackers-create-malicious-dota-2-game.html Cloudflare證實客戶網站遭到大規模DDoS攻擊，駭客每秒發出7,100萬次請求 https://blog.cloudflare.com/cloudflare-mitigates-record-breaking-71-million-request-per-second-ddos-attack/ Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second https://thehackernews.com/2023/02/massive-http-ddos-attack-hits-record.html Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users https://thehackernews.com/2023/02/enigma-vector-and-tgtoxic-new-threats.html 資安業者Group-IB遭到中國駭客Tonto Team攻擊 https://www.group-ib.com/blog/tonto-team/ Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails https://thehackernews.com/2023/02/chinese-tonto-team-hackers-second.html Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad https://thehackernews.com/2023/02/chinese-hackers-targeting-south.html Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries https://thehackernews.com/2023/02/researchers-link-sidewinder-group-to.html Java初階工程師 https://www.104.com.tw/job/7wb8v?jobsource=m104 資安駐點工程師-ACSI https://www.linkedin.com/jobs/view/%E8%B3%87%E5%AE%89%E9%A7%90%E9%BB%9E%E5%B7%A5%E7%A8%8B%E5%B8%AB-acsi-at-acer-3471876486/?originalSubdomain=tw 國立陽明交通大學資訊技術服務中心 徵計畫技術員(網管資安)1名 https://infonews-fornthu.nctu.edu.tw/index.php?topflag=1&SuperType=2&SuperTypeNo=2&type=%BCx%A4%7E&id=20230200277&action=detail 【資安所】 資安管理師 https://www.104.com.tw/job/7wiyi?jobsource=googlejobs D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 簡訊詐騙占比創新高，Whoscall 提醒：注音文詐騙簡訊非偶然 https://technews.tw/2023/02/16/whoscall-5/ 從華航到iRent都被「駭」 資安危機事件一演再演…… 40天四起個資外洩 中小企業資安拉警報 https://www.businesstoday.com.tw/article/category/183027/post/202302150040/ 美國路易斯安那州大學HBCU於11月遭到攻擊，證實4.4萬學生個資外洩 https://therecord.media/louisiana-hbcu-says-personal-data-from-44000-students-accessed-in-november-cyberattack/ 第一個GoAnywhere零時差漏洞受害組織出現！美國田納西州醫療機構CHS證實百萬病人資料外洩 https://www.databreaches.net/community-health-systems-estimates-1-million-patients-impacted-by-vendors-goanywhere-breach/ 勒索軟體Clop聲稱利用GoAnywhere零時差漏洞攻陷130個組織 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-it-breached-130-orgs-using-goanywhere-zero-day/ 全球愛情詐騙氾濫，駭客很可能藉由ChatGPT建立取信受害者的資料 https://www.zawya.com/en/press-release/research-and-studies/tenable-warns-of-surge-in-romance-scams-that-abuse-the-currency-of-trust-luv5uw4z 當心愛情詐騙！FTC公布2022年有7萬人受害，損失金額高達13億美元 https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2023/02/romance-scammers-favorite-lies-exposed 中國45億筆民眾個資流入暗網 https://www.cna.com.tw/news/acn/202302140227.aspx 百事可樂遭惡意軟體攻擊，證實資料外洩 https://www.bleepingcomputer.com/news/security/pepsi-bottling-ventures-suffers-data-breach-after-malware-attack/ 美國婦產科醫院Garrison Women's Health傳出資料外洩，4千名病人就醫資料損毀 https://www.fosters.com/story/news/local/2023/02/10/garrison-womens-health-dover-nh-patient-medical-records-lost/69894288007/ 暈船仔注意！Bing聊天機器人「瘋狂示愛」 紐時專欄作家嚇到失眠 https://newtalk.tw/news/view/2023-02-17/857934 短網址服務遭濫用，駭客將使用者重新導向AdSense詐欺網站 https://blog.sucuri.net/2023/02/bogus-url-shorteners-redirect-thousands-of-hacked-sites-in-adsense-fraud-campaign.html 網域註冊服務商NameCheap遭駭，用戶收到假冒MetaMask與DHL的釣魚郵件 https://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/ 網路科技業者A10 Networks傳出遭勒索軟體Play攻擊，證實資料外洩 https://www.bleepingcomputer.com/news/security/a10-networks-confirms-data-breach-after-play-ransomware-attack/ 華航證實電商平臺系統連線異常，逾5千筆會員資料可能外洩 https://mops.twse.com.tw/ 整合機器學習模型ChatGPT的搜尋引擎Bing遭到誘騙，洩露開發機密 https://arstechnica.com/information-technology/2023/02/ai-powered-bing-chat-spills-its-secrets-via-prompt-injection-attack/ 美國加州多個醫療組織傳出遭勒索軟體攻擊，330萬病人個資外洩 https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf Reddit Suffers Security Breach Exposing Internal Documents and Source Code https://thehackernews.com/2023/02/reddit-suffers-security-breach-exposing.html Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected https://thehackernews.com/2023/02/massive-adsense-fraud-campaign.html Breaking the Security "Black Box" in DBs, Data Warehouses and Data Lakes https://thehackernews.com/2023/02/breaking-security-black-box-in-dbs-data.html E.研究報告/工具 ChatGPT 評：比密碼、密鑰都還要安全！硬體密鑰為何受到科技巨頭青睞 https://buzzorange.com/techorange/2023/02/15/hardware-authentication/ 蠕蟲惡意程式 Win32.Parite 深度分析與掃描程式 https://teamt5.org/tw/posts/how-to-detect-and-recover-from-virus-win32-parite/ IT業者Atlassian傳出資料外洩，起因是第三方供應商遭駭 https://cyberscoop.com/atlassian-hack-employee-data-seigedsec/ 有人以資安業者Emsisoft的名義製作假憑證，鎖定該公司客戶下手 https://www.emsisoft.com/en/blog/43619/alert-threat-actors-are-using-fake-emsisoft-code-signing-certificates-to-disguise-their-attacks/ 開發安全受到重視，主打記憶體安全為特色的程式語言Rust，套件採用增加6成 https://jfrog.com/artifact-state-of-union/ 為防範洩露開發機密，GitHub更新機器學習模型Copilot https://www.ithome.com.tw/news/155530 3 Overlooked Cybersecurity Breaches https://thehackernews.com/2023/02/3-overlooked-cybersecurity-breaches.html Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps https://thehackernews.com/2023/02/regular-pen-testing-is-key-to-resolving.html How ChatGPT Works: The Model Behind The Bot https://towardsdatascience.com/how-chatgpt-works-the-models-behind-the-bot-1ce5fca96286 Here’s a question for ChatGPT: why should Big Tech control conversational search assistants https://medium.com/enrique-dans/heres-a-question-for-chatgpt-why-should-big-tech-control-conversational-search-assistants-dcbba863178b Your Open-Source Incident Response Platform https://socfortress.medium.com/your-open-source-incident-response-platform-e9d839f02454 Open-source Data Tools will provide a way out of your overpriced cloud tools https://medium.com/@wesleynitikromo/open-source-data-tools-will-provide-a-way-out-of-your-overpriced-cloud-tools-4041bc394eb4 F.商業 Check Point CloudGuard 雲端原生安全平台打造智慧風險管理引擎 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10322 思科：近九成台灣企業認為須加強保障人工智慧應用中的消費者數據隱私 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10320 資安市場規模上看488億美元 神準享紅利 https://news.cnyes.com/news/id/5087195 G.政府 資安連出包 金管會二階段防範 https://ctee.com.tw/news/finance/808089.html 簡訊實聯制個資曾經不當保留　NCC澄清：已全數刪除 https://www.peoplenews.tw/articles/3127321474 審計部指出「簡訊實聯制」個資管理不當有外洩風險，NCC澄清表示已經刪除 https://www.techbang.com/posts/104005-the-governments-anti-epidemic-personal-assets-management-and 政府防疫個資管理與外部稽核作業未盡妥善，審計部敦促改善 https://www.audit.gov.tw/p/406-1000-8556,r12.php?Lang=zh-tw 余正煌論文案惹議又和同仁爆口角 基層反彈他慘遭拔官 https://udn.com/news/story/7321/6975649 調查局一級主管調動 主秘吳富梅掌「天下第一處」 https://news.ltn.com.tw/news/society/breakingnews/4213407 93人！因應2024總統大選 調查局資安、國安及國情主管大異動 https://udn.com/news/story/7320/6975951 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 NIST宣布採用Ascon系列演算法作為IoT裝置輕量加密標準 https://www.ithome.com.tw/news/155447 電動車充電樁通訊協定遭發現存有漏洞，可導致遠端關機、資料與電力遭竊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10318 VicOne打造車用虛擬化資安解決方案 https://ctee.com.tw/news/tech/808847.html 防止勒索病毒攻擊關鍵基礎設施　資安平台全面確保OT資安 https://reurl.cc/9VXWQ8 抖音出現駭入車輛解鎖的挑戰影片造成仿效！引發美國竊盜頻傳並造成死傷，現代、起亞打算召回升級防盜措施 https://www.bleepingcomputer.com/news/security/hyundai-kia-patch-bug-allowing-car-thefts-with-a-usb-cable/ 工控設備漏洞挖掘競賽Pwn2Own Miami 2023在2月14至16日舉行 https://www.zerodayinitiative.com/blog/2023/2/13/pwn2own-miami-2023-the-full-schedule Korenix JetWave工控無線Wi-Fi、電信路由器存在漏洞 https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetwave-series/ 西門子工控設備的通報漏洞數量大幅增加，2022年較前期翻倍 https://14520070.fs1.hubspotusercontent-na1.net/hubfs/14520070/Collateral/SynSaber_Industrial-CVE-Retrospective_2020-2021-2022.pdf 工業控制系統已知漏洞缺乏修補的比例逾2成 https://synsaber.com/resources/industrial-cve-retrospective-2020-2021-2022/ Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices https://thehackernews.com/2023/02/critical-infrastructure-at-risk-from.html Honeypot-Factory: The Use of Deception in ICS/OT Environments https://thehackernews.com/2023/02/honeypot-factory-use-of-deception-in.html Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs https://thehackernews.com/2023/02/researchers-warn-of-critical-security.html I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 資安免疫系統強化論壇 2023/2/21 https://buzzorange.com/techorange/forum/2023-cybersecurity-immune-system/ Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 加密大逃殺？善用 Web3 去中心化錢包 2023/2/22 https://www.accupass.com/event/2301301209062089881353 兩道資安關鍵防線 遠離遠距辦公資安風險 2023/2/23 https://www.accupass.com/event/2301170725591343770258 2023 資安365年會 數位供應鏈 資安不斷鏈 2023/2/23 https://www.informationsecurity.com.tw/seminar/2023_TPinfosecurity365/register.aspx 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/ 資安保險與資安鑑識創新服務論壇暨ACFD第二屆第四次會員大會 2023/3/3 https://acfd.kktix.cc/events/ci2023 DEVCORE Conference 2023 - 3/10 企業場 2023/3/10 https://devcore.kktix.cc/events/devcoreconf2023-0310 DEVCORE Conference 2023 - 3/11 駭客場 2023/3/11 https://devcore.kktix.cc/events/devcoreconf2023 掌握資安趨勢 讓大數據決策市場研討會 2023/3/16 https://www.accupass.com/event/2212200343421615169635 2022 OT 工控資安年會-活動報名 2023/3/24 https://reurl.cc/5Mq327 iPAS-「初級」資訊安全工程師-能力研習衝刺班 2023/4/15、4/22 https://www.cisanet.org.tw/Course/Detail/3948 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013