資安事件新聞週報 2023/5/22 ~ 2023/5/26

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/5/22 ~ 2023/5/26 1.重大弱點漏洞/後門/Exploit/Zero Day Cisco 近日發布更新以解決 Cisco Small Business Series Switches 的安全性弱點 https://www.cisa.gov/news-events/alerts/2023/05/19/cisco-releases-security-advisory-small-business-series-switches 警告: VMware ESXi 平臺防護不足，逐步淪為網路犯罪獵物 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10481 Barracuda郵件安全閘道遭到零時差漏洞攻擊 https://status.barracuda.com/incidents/34kx82j5n4q9 Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html 應用程式框架Expo出現OAuth漏洞，恐導致帳號遭到接管 https://salt.security/blog/a-new-oauth-vulnerability-that-may-impact-hundreds-of-online-services 徵求使用者Cookie存取權限的WordPress外掛程式出現XSS漏洞，150萬網站曝險 https://www.wordfence.com/blog/2023/05/wordfence-firewall-blocks-bizarre-large-scale-xss-campaign/ GitLab修補CVSS滿分的重大漏洞 https://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16-0-1-released/ PHP軟體管理平臺Pimcore出現漏洞，若不修補恐被用於執行任意程式碼 https://www.sonarsource.com/blog/pimcore-one-click-two-security-vulnerabilities/ 2.銀行/金融/保險/證券/金融監理新聞及資安駭客組織FIN7利用Clop勒索軟體發動攻擊 Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks https://thehackernews.com/2023/05/notorious-cyber-gang-fin7-returns-cl0p.html https://twitter.com/MsftSecIntel/status/1659347803989057541 Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html 爭取百萬分之一秒領先張志堅打造證券業聯發科 https://www.worldjournal.com/wj/story/122163/7167851 以色列物流、金融服務業者的網站遭到伊朗駭客TA456鎖定 https://www.clearskysec.com/fata-morgana/ 30個葡萄牙政府機關、金融機構遭巴西駭客鎖定 https://www.sentinelone.com/labs/operation-magalenha-long-running-campaign-pursues-portuguese-credentials-and-pii/ 如何當好資安長？永豐銀行資安長揭4大必備技能 https://ithome.com.tw/news/157048 公股銀行防駭演練及強化資訊安全 https://reurl.cc/8jGE2o 打造臺灣金融專屬資安人才職能地圖，聚焦課程設計以促進培訓 https://www.ithome.com.tw/news/156897 阻詐成效金融業之冠　中信銀行攜手警政署簽訂合作意向書 https://finance.ettoday.net/news/2505286 3.信用卡/電子支付/行動支付/pay/支付系統/資安行動支付常用度破7成　明後年將超越實體卡 https://www.cardu.com.tw/news/detail.php?48898 全家會員APP異常！咖啡全消失、電子支付不能用　業者回應了 https://www.mirrormedia.mg/story/20230525edi040/ 淘寶也可用Apple Pay付錢了！為電商熱戰先鋪路，背後兩大策略拆解 https://www.bnext.com.tw/article/75352/taobao-taiwan-uses-apple-pay 淘寶攜手Apple Pay在台跨境支付盼提升資安防護 https://www.rti.org.tw/news/view/id/2168671 瞄準無信用卡族悠遊付附隨卡擬明年上市 https://udn.com/news/story/7239/7180657 赴陸無行動支付怎辦？2「解方」順利開通　台資銀行：業務增逾3倍 https://www.ettoday.net/news/20230518/2500972.htm 台灣PAY藏繳稅大戶！一次付清逾百萬　新竹人佔3成 https://finance.ettoday.net/news/2505492 台灣電子支付與純網銀地圖 https://reurl.cc/mDn8oY 悠遊付系統故障遭批「最差電子支付」悠遊卡公司回應了 https://www.chinatimes.com/realtimenews/20230523004771-260405?chdtv 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations https://thehackernews.com/2023/05/indonesian-cybercriminals-exploit-aws.html 跨鏈橋 MultiChain「出金延遲」引爆恐慌，傳15億鎂資金遭警方扣押、$MULTI重挫30% https://www.blocktempo.com/cross-chain-protocol-multichain-stops-working-in-some-chains-rumors-of-arrest-of-the-team/ MultiChain跨鏈橋暴雷》鏈上資金恐慌外逃的真相 https://www.blocktempo.com/multichain-data-analysis-is-there-really-a-panic-outflow-of-funds/ 區塊鏈金融服務提供商Unbanked將逐步關閉 https://news.cnyes.com/news/id/5192607 Conflux深度研究》為何是香港概念幣？中國官方投資、合作中國電信BSIM https://www.blocktempo.com/conflux-research-report/ Glassnode報告：比特幣銘文、BRC-20怎麼爆發的？源起那瘋狂的一週 https://www.blocktempo.com/glassnode-research-bitcoin-ordinals-and-brc20-token/ Adaverse研究報告：非洲、南亞和東南亞新興經濟體，引領全球加密貨幣採用率 https://www.blocktempo.com/emerging-markets-are-gaining-ground-in-the-cryptocurrencies-global-adoption/ 疫情加速保險業無接觸服務發展，應用區塊鏈在家就能輕鬆、快速辦理賠 https://www.storm.mg/lifestyle/4797391 香港確定將開放「散戶交易加密幣」！穩定幣、借貸服務仍被禁止 https://blockcast.it/2023/05/23/hong-kong-lets-retail-investors-trade-crypto/ 資安公司Unciphered破解Trezor冷錢包！PIN碼、助記詞皆可提取 https://abmedia.io/unciphered-hacked-seed-phrase-from-trezor-hard-wallet WorldCoin私鑰會「自動備份」Google雲端，小心資金被盜！ https://www.blocktempo.com/worldcoin-crypto-project-will-backup-private-key-on-google-cloud/ 台灣第一家！交易所XREX取得最新資安認證，有哪些差異與優勢 https://web3plus.bnext.com.tw/article/891? 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 新型惡意軟體Domino正藉由電子郵件進行攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10478 抖音影片剪輯軟體CapCut遭冒用，駭客假借提供工具的名義散布竊密軟體 https://blog.cyble.com/2023/05/19/capcut-users-under-fire/ 惡意NPM套件被用於散布竊資軟體TurkoRAT https://www.reversinglabs.com/blog/rats-found-hiding-in-the-npm-attic 惡意軟體Sotdas監控處理器的使用率來避免被發現行蹤 https://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discovered 惡意軟體Legion鎖定SSH伺服器與AWS帳密而來 https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/ 英國企業遭勒索軟體攻擊，傳出有員工趁火打劫，向高階主管勒索 https://serocu.police.uk/man-convicted-of-blackmail-and-other-offences/ 台灣企業有錢且願付錢　資安軟體勒索資組織分工工業化 https://today.line.me/tw/v2/article/OpRX3vv CloudWizard APT: the bad magic story goes on https://otx.alienvault.com/pulse/6467a7ac79c273e1aeab8999 Analysis of the CloudWizard APT framework https://securelist.com/cloudwizard-apt/109722/ IcedID Macro Ends in Nokoyawa Ransomware https://thedfirreport.com/2023/05/22/icedid-macro-ends-in-nokoyawa-ransomware/ Kraken - The Deep Sea Lurker https://0xtoxin.github.io/malware%20analysis/KrakenKeylogger-pt1/ 勒索軟體BlackCat利用惡意驅動程式Poortry繞過防毒軟體偵測 BlackCat Ransomware Deploys New Signed Kernel Driver https://reurl.cc/Eo7AgK https://www.trendmicro.com/en_us/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver.html 勒索軟體Royal著手打造惡意軟體載入工具 https://www.linkedin.com/posts/yelisey-bohuslavskiy-214a02bb_royal-ransomware-apt-activity-7064301345599565824-EwaW/ 美國達拉斯市遭勒索軟體Royal攻擊，駭客要脅要公布竊得的員工個資及法院資料 https://www.cybersecuritydive.com/news/dallas-ransomware-data-leak-threat/650883/ 勒索軟體Qilin改以程式語言Rust開發，鎖定教育、醫療、金融產業而來 https://www.group-ib.com/blog/qilin-ransomware/ 惡意驅動程式Wintapix鎖定中東而來 https://www.fortinet.com/blog/threat-research/wintapix-kernal-driver-middle-east-countries 木馬程式AhMyth透過安卓螢幕錄製App散布 https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/ 費城詢問報傳出遭到勒索軟體Cuba攻擊 https://www.bleepingcomputer.com/news/security/cuba-ransomware-claims-cyberattack-on-philadelphia-inquirer/ 德國軍武製造商Rheinmetall證實遭到勒索軟體BlackBasta攻擊 https://www.bleepingcomputer.com/news/security/arms-maker-rheinmetall-confirms-blackbasta-ransomware-attack/ 以色列組織遭到勒索軟體Moneybird攻擊 https://research.checkpoint.com/2023/agrius-deploys-moneybird-in-targeted-attacks-against-israeli-organizations/ 勒索軟體Buhti鎖定列印管理系統PaperCut的漏洞而來 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/buhti-ransomware 勒索軟體Obsidian ORB要求受害者以禮物卡支付贖金 https://blog.cyble.com/2023/05/25/obsidian-orb-ransomware-demands-gift-cards-as-payment/ 安卓間諜軟體Predator鎖定媒體、政治人物、Meta高階主管而來 http://blog.talosintelligence.com/mercenary-intellexa-predator/ 殭屍網路Dark Fros鎖定電玩產業而來 https://www.akamai.com/blog/security-research/dark-frost-botnet-unexpected-author-profile Back in Black: BlackByte Ransomware returns with its New Technology (NT) version https://blog.cluster25.duskrise.com/2023/05/22/back-in-black-blackbyte-nt Malvertising via brand impersonation is back again https://www.malwarebytes.com/blog/threat-intelligence/2023/05/malvertising-its-a-jungle-out-there 美國關鍵基礎設施遭到中國駭客Volt Typhoon鎖定 Volt Typhoon targets US critical infrastructure with living-off-the-land techniques https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/ Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware https://thehackernews.com/2023/05/meet-jack-from-romania-mastermind.html Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware https://thehackernews.com/2023/05/searching-for-ai-tools-watch-out-for.html New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East https://thehackernews.com/2023/05/new-wintapixsys-malware-engages-in.html Data Stealing Malware Discovered in Popular Android Screen Recorder App https://thehackernews.com/2023/05/data-stealing-malware-discovered-in.html Legion Malware Upgraded to Target SSH Servers and AWS Credentials https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html IIS網頁伺服器遭到北韓駭客Lazarus鎖定 https://asec.ahnlab.com/en/53132/ N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html 北韓駭客Kimsuky透過惡意軟體RandomQuery發動攻擊 https://www.sentinelone.com/labs/kimsuky-ongoing-campaign-using-tailored-reconnaissance-toolkit/ North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware https://thehackernews.com/2023/05/north-korean-kimsuky-hackers-strike.html Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code https://thehackernews.com/2023/05/buhti-ransomware-gang-switches-tactics.html Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html Exchange伺服器遭到惡意軟體PowerExchange攻擊 https://www.fortinet.com/blog/threat-research/operation-total-exchange-backdoor-discovered New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government https://thehackernews.com/2023/05/new-powerexchange-backdoor-used-in.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Warning: Samsung Devices Under Attack! New Security Flaw Exposed https://thehackernews.com/2023/05/samsung-devices-under-active.html 5 Must-Know Facts about 5G Network Security and Its Cloud Benefits https://thehackernews.com/2023/05/5-must-know-facts-about-5g-network.html 支持反政府武裝組織胡塞的駭客盯上協助葉門的人士，監控其手機 https://www.recordedfuture.com/oilalpha-likely-pro-houthi-group-targeting-arabian-peninsula 暴力破解手法不僅用於密碼猜測，有人找出可用於破解手機指紋驗證的作法 https://arxiv.org/pdf/2305.10791.pdf 美國警告三星ASLR繞過漏洞已出現攻擊行動 https://www.bleepingcomputer.com/news/security/cisa-warns-of-samsung-aslr-bypass-flaw-exploited-in-attacks/ 三星修補已被用於攻擊阿拉伯聯合大公國的手機漏洞 https://www.bankinfosecurity.com/samsung-patches-memory-address-randomization-bypass-flaw-a-22139 Google針對安卓應用程式推出漏洞懸賞計畫 https://twitter.com/GoogleVRP/status/1660580119574880257 蘋果用戶趕快更新！iPhone出現「新漏洞」：駭客可入侵手機 https://www.ftvnews.com.tw/news/detail/2023523W0163 安卓手機陷保安危機百元電路板可攻破指紋解鎖 https://m.eprice.com.tw/mobile/talk/4544/5784976/1 潛伏1年！熱門APP化身竊聽軟體盜個資 https://www.technice.com.tw/cloudtech/infosecurity/54461/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力中小企業成APT駭客組織重要目標，其MSP也遭到鎖定 https://www.proofpoint.com/us/blog/threat-insight/small-and-medium-business-APT-phishing-landscape-in-2023 找不到資安人才？安碁學苑培育企業資安即戰力首重兩大關鍵 https://esg.gvm.com.tw/article/27646 研究：超過9成網路攻擊針對備份儲存庫，強制企業支付勒索贖金 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10483 今年要求1千4百多家公司設置專責資安單位，目前僅2成達標 https://ithome.com.tw/news/157014 避免資安意識培訓失敗3大主因，可混搭5種模式打造客製化課程 https://www.ithome.com.tw/news/157009 雲端服務業者Cloudflare在臺灣資安大會揭露2023第1季DDoS攻擊態勢，並針對DNS放大攻擊升溫的態勢提出警告 https://cyber.ithome.com.tw/2023/session-page/2059 駭客組織Bad Magic埋伏在烏克蘭恐超過十年 https://securelist.com/cloudwizard-apt/109722/ 印度駭客濫用AWS EC2進行挖礦 https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor/ 研究人員打造大型語言機器學習模型DarkBERT，可自動化從暗網收集威脅情報 https://arxiv.org/abs/2305.08596 彰基電腦大當機找到原因了資安系統升級維護演練後出包 https://www.chinatimes.com/realtimenews/20230525003526-260405?chdtv 涉嫌為中企在台徵才庫柏負責人訊後交保 https://news.pts.org.tw/article/638092 霍夫獲提名接掌美國安局與網路司令部 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1588600&type=international 緩解美國安擔憂，TikTok 擬允許甲骨文審查原始碼 https://technews.tw/2023/05/24/tiktok-oracle-source-code/ 中國限制海外取得經濟數據！福建省統計局官網無法瀏覽 https://technews.tw/2023/05/26/bureau-of-statistics/ China Bans U.S. Chip Giant Micron, Citing "Serious Cybersecurity Problems" https://thehackernews.com/2023/05/china-bans-us-chip-giant-micron-citing.html 中國駭客入侵關島電信系統，真正目標是台灣 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10489 China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html Bad Magic's Extended Reign in Cyber Espionage Goes Back Over a Decade https://thehackernews.com/2023/05/bad-magics-extended-reign-in-cyber.html Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html 國家級駭客GoldenJackal鎖定中東、南亞政府與外交機構下手 http://securelist.com/goldenjackal-apt-group/109677/ GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments https://thehackernews.com/2023/05/goldenjackal-new-threat-group-targeting.html Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry https://thehackernews.com/2023/05/iranian-tortoiseshell-hackers-targeting.html 資安駐點工程師-ACSI https://www.linkedin.com/jobs/view/%E8%B3%87%E5%AE%89%E9%A7%90%E9%BB%9E%E5%B7%A5%E7%A8%8B%E5%B8%AB-acsi-at-%E5%AE%8F%E7%A2%81-3603599181/?originalSubdomain=tw 網路／資安工程師 https://job.taiwanjobs.gov.tw/internet/index/jobDetail.aspx?R2=15&EMPLOYER_ID=96020&HIRE_ID=11936853 Security Administrator資安管理師－知名日系網路娛樂公司（16973） https://www.104.com.tw/job/804r7?jobsource=googlejobs 資安檢測工程師（滲透測試） https://www.104.com.tw/job/805aq?jobsource=googlejobs 國軍高雄總醫院屏東分院附設民眾診療服務處資訊員 https://job.taiwanjobs.gov.tw/Internet/index/jobDetail.aspx?R2=11&EMPLOYER_ID=97627&HIRE_ID=11979617 財團法人台灣商品檢測驗證中心資安測試工程師 https://job.taiwanjobs.gov.tw/Internet/index/jobDetail.aspx?R2=5&EMPLOYER_ID=66239&HIRE_ID=11969477 資安解決方案架構師(Pre-sales) https://www.linkedin.com/jobs/view/%E8%B3%87%E5%AE%89%E8%A7%A3%E6%B1%BA%E6%96%B9%E6%A1%88%E6%9E%B6%E6%A7%8B%E5%B8%AB-pre-sales-at-adecco-3616414595/?originalSubdomain=tw D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes https://thehackernews.com/2023/05/uk-fraudster-behind-ispoof-scam.html E.U. Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations https://thehackernews.com/2023/05/eu-regulators-hit-meta-with-record-13.html 微笑單車傳遭駭！4萬會員個資恐快洩　新北交通局：將協助求償 https://www.ctwant.com/article/258171 YouBike資料外洩範圍擴大，受害人數超過4萬名 https://traffic.tycg.gov.tw/businessD/post/upt.aspx?p0=104908 YouBike系統遭駭屏縣府要求限期改善加強資安防護 https://www.epochtimes.com/b5/23/5/24/n14003129.htm YouBike個資外洩！高市交通局派員檢查並要求盡速改善 https://www.setn.com/News.aspx?NewsID=1299207 Youbike遭境外攻擊台南用戶個資外洩　蔡筱薇：市府資安處理慢 https://www.ettoday.net/news/20230525/2506115.htm 中市交通局會同數治局至微笑單車公司稽查二度要求加強資安防護 https://www.agesnews.com/archives/548462 共享單車服務YouBike遭境外攻擊，2.1萬筆用戶資料恐外洩 https://www.youbike.com.tw/region/main/news/service/6466fa1bc14d3a099e376943/ https://www.youbike.com.tw/region/main/news/service/646959a862da755d7f62abb3/ 雷朋眼鏡母公司Luxottica證實2021年資料外洩，7千萬筆資料被公布 https://www.bleepingcomputer.com/news/security/luxottica-confirms-2021-data-breach-after-info-of-70m-leaks-online/ 商業郵件詐騙也出現攻擊服務化的情況！研究人員揭露BEC攻擊工具服務BulletProftLink https://www.microsoft.com/en-us/security/business/security-insider/reports/shifting-tactics-fuel-surge-in-business-email-compromise/ 商業郵件詐騙攻擊數量2022年較前年翻倍成長 https://www.secureworks.com/resources/rp-irs-learning-from-incident-response-team-2022-year-in-review 加密貨幣網釣攻擊也出現服務化的現象，Inferno Drainer從近5千人盜取加密貨幣 https://drops.scamsniffer.io/post/5-9-million-stolen-by-scam-as-a-service-provider-called-inferno-drainer/ 為防範應徵者上當，LinkedIn針對徵才貼文提供認證機制 https://techcrunch.com/2023/05/22/linkedin-verification-tools-job-posts-adds-message-warnings-potential-scams/ 駭客透過AI產生五角大廈爆炸影片，假冒知名媒體散布訊息，導致美國股市應聲下跌 https://www.bleepingcomputer.com/news/security/pentagon-explosion-hoax-goes-viral-after-verified-twitter-accounts-push/ 電子報發送軟體SuperMailer被用於網釣攻擊 https://cofense.com/blog/supermailer-abuse-explodes-now-responsible-for-14-of-all-credential-phish-discovered-in-inboxes/ 駭客挾持Microsoft 365帳號並濫用RPMSG附件竊密 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/microsoft-encrypted-restricted-permission-messages-deliver-phishing/ 以隨身碟複製經辦公文洩密案例 https://www.iachu.nat.gov.tw/view.php?theme=070_news&subtheme=&id=240 推特流傳趙長鵬Deepfake影片，幣安資安長警告：大量AI技術用於欺騙KYC驗證 https://abmedia.io/ai-deepfakes-spoofing-kyc-verification 統聯客運遭駭 3個月4萬筆個資外洩 https://news.ltn.com.tw/news/life/paper/1584560 候選人財產申報個資外流　李進勇：未來會加強防護 https://www.setn.com/News.aspx?NewsID=1299560 企業洩個資受騙民眾求償難律師：應減輕舉證責任 https://www.cna.com.tw/news/asoc/202305230305.aspx 博客來會員個資外洩北檢認定境外駭客入侵簽結 https://www.cna.com.tw/news/asoc/202305240186.aspx 博客來遭駭外洩3000筆個資　駭客來自境外抓不到 https://www.upmedia.mg/news_info.php?Type=24&SerialNo=173422 E.研究報告/工具 Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight https://thehackernews.com/2023/05/dr-active-directory-vs-mr-exposed.html Are Your APIs Leaking Sensitive Data https://thehackernews.com/2023/05/are-your-apis-leaking-sensitive-data.html KeePass Exploit Allows Attackers to Recover Master Passwords from Memory https://thehackernews.com/2023/05/keepass-exploit-allows-attackers-to.html PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted https://thehackernews.com/2023/05/pypi-repository-under-attack-user-sign.html The Rising Threat of Secrets Sprawl and the Need for Action https://thehackernews.com/2023/05/the-rising-threat-of-secrets-sprawl-and.html What to Look for When Selecting a Static Application Security Testing (SAST) Solution https://thehackernews.com/2023/05/what-to-look-for-when-selecting-static.html GUAC 0.1 Beta: Google's Breakthrough Framework for Secure Software Supply Chains https://thehackernews.com/2023/05/guac-01-beta-googles-breakthrough.html Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024 https://thehackernews.com/2023/05/privacy-sandbox-initiative-google-to.html 資安大小事－Web 與弱點掃描 https://hackmd.io/@gvviUiwoQPWdHWgXwrzryA/S1h_cXXw9 F.商業 Google Cloud 在台10周年，聚焦「生成式AI」強化網路安全 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10476 橘子集團選用 CyberArk身分安全平台保護玩家、客戶及員工 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10474 NetApp推出全新全快閃SAN陣列並保證勒索軟體恢復 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10479 PyPI暫停新專案及使用者註冊，原因是難以招架駭客大肆濫用的情況 https://www.ithome.com.tw/news/156975 資料外洩警訊：採用零信任架構，台灣企業的最佳選擇 https://www.openfind.com.tw/taiwan/markettrend_detail.php?news_id=24813 G.政府過立院三讀！非公務機關個資外洩最高罰1500萬元 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10473 資安法規劃四項修法方向數位部年底前提到政院審查 https://udn.com/news/story/7238/7181671 資安法修法唐鳳：無共識可能會採兩階段 https://reurl.cc/QXdMAq 資安法修法討論4方向唐鳳：盼年底前提院版 https://reurl.cc/94El8O 提升公部門資安唐鳳：啟動韌性巡檢年底彙整樣態 https://www.cna.com.tw/news/afe/202305220125.aspx 資安法包山包海紙包不住火 https://news.m.pchome.com.tw/politics/idn/20230522/index-68473499143749224001.html 數位部帶隊台美資安外交新突破 https://wantrich.chinatimes.com/amp/news/20230522900034-420201 臺美資安交流於臺南沙崙登場，NIST CSF 2.0將於2024年初發布 https://www.facebook.com/te.nics.tw/posts/173983842277517 政府無權逼企業交出用戶敏感資訊，但可以買 https://technews.tw/2023/05/22/the-government-will-buy-ur-data/ 電子發票平台弱密碼　財政部六招補漏 https://news.housefun.com.tw/news/article/178741376994.html 電子發票平台出現資安漏洞政院今將召開資安會報 https://money.udn.com/money/story/5613/7181513 電子發票平台爆資安漏洞財部今赴政院資安會報報告 https://reurl.cc/AAqV6Q 國家通訊傳播委員會網站傳出洩漏報關民眾個資 https://www.ncc.gov.tw/chinese/news_detail.aspx?site_content_sn=8&is_history=0&pages=0&sn_f=48994 徐巧芯踢爆資安漏洞 NCC：已加強網站身分檢核功能 https://udn.com/news/story/6656/7190068 徐巧芯曝NCC變詐騙幫凶洪孟楷：民進黨資安保護是笑話一場 https://www.chinatimes.com/realtimenews/20230525003338-260407?chdtv 與友好國聯手護資安國合會辦研習模擬實際攻防 https://www.cna.com.tw/news/aipl/202305250211.aspx 數位部網站爆有嚴重資安漏洞長達7個月　專家曝：讓駭客可自由進出、潛伏 https://www.upmedia.mg/news_info.php?Type=24&SerialNo=173586 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 ASD損壞造成華碩路由器全球大規模當機、斷網 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10480 華碩路由器疑收到有問題的安全更新資訊而造成故障 https://www.bleepingcomputer.com/news/hardware/asus-routers-knocked-offline-worldwide-by-bad-security-update/ 惡意軟體CosmicEnergy鎖定電力供應業者的工控系統而來 https://www.mandiant.com/resources/blog/cosmicenergy-ot-malware-russian-response New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids https://thehackernews.com/2023/05/new-cosmicenergy-malware-exploits-ics.html 研究人員針對Zyxel防火牆漏洞提出警告，至少有4.2萬臺設備可能曝險 https://attackerkb.com/topics/N3i8dxpFKS/cve-2023-28771/rapid7-analysis Zyxel Issues Critical Security Patches for Firewall and VPN Products https://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html 殭屍網路Mirai變種IZ1H9鎖定上網設備、事件記錄分析系統漏洞而來 https://unit42.paloaltonetworks.com/mirai-variant-iz1h9/ D-Link修補網路管理系統的重大漏洞 https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332 防駭客竊聽及偷車　VicOne發表智慧座艙資安防護方案 https://finance.ettoday.net/news/2504906 中企出口無人機設後門飛近中國邊境竟會掉頭 https://reurl.cc/v7DYpj I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 6.近期資安活動及研討會《區塊鏈初階課程》假日班 2023/5/27~2023/5/28 https://www.accupass.com/event/2304100341503819251900 大型語言模型時代下，建置解決方案該有的姿勢/知識 (Building solutions with LLMs) 2023/5/29 https://www.meetup.com/rladies-taipei/events/293170581/ 5月台北例會_美國聯邦政府的供應鏈資安管理－以CMMC為例 (採線上舉辦) 2023/5/30 https://www.caa.org.tw/newsdetail-16263.html 台灣數位創新領航論壇 Taiwan Digital Innovation Navigation Forum 2023/5/30 https://www.accupass.com/event/2304240303341594373938 Azure AI 基礎知識 2023/5/31 https://mktoevents.com/Microsoft+Event/393899/157-GQE-382?wt.mc_id=AID3058385_QSG_EML_640902&wt.mc_id=AID3058380_EML_8317669 【Monosparta】②⓪②③ 第二梯次軟體開發實戰訓練營➠線上說明會 2023/5/31 ~ 2023/6/28 https://trunk-studio.kktix.cc/events/monosparta-202307 虎頭山創新園區資安 X 物聯網課程 2023/6/1 https://www.accupass.com/event/2305240826579277792730 GDG Taoyuan 資安x物聯網主題講座系列：SSDLC安全開發 2023/6/1 https://gdg.community.dev/events/details/google-gdg-taoyuan-presents-gdg-taoyuan-zi-an-xwu-lian-wang-zhu-ti-jiang-zuo-xi-lie-ssdlcan-quan-kai-fa/ 資安分析新手村：掌握網路封包分析技術（線上課程） 2023/6/13 https://forms.gle/msePzws5GtcDunrc7 資安分析新手村：掌握網路封包分析技術（實體課程）2023/6/14 https://forms.gle/mtpZNPCpTVyv97Dr9 黑客視角：網站漏洞挖掘與防禦 ( 線上課程) 2023/6/27 https://forms.gle/JpThJxMgxZd3uNh39 黑客視角：網站漏洞挖掘與防禦 ( 實體課程) 2023/6/28 https://forms.gle/qQAqx8KZzzntSyLd9 COSCUP 2023 2023/07/29 ~ 2023/07/30 https://coscup.org/2023/zh-TW/landing InfoSec Taiwan 2023 國際資安大會 2023/8/1 ~ 2023/8/3 https://csa.kktix.cc/events/infosectaiwan2023 DEF CON 32 2023/8/10 ~ 2023/8/13 https://defcon.org/index.html HITCON CMT 2023 2023/08/18 ~ 2023/08/19 https://hitcon.org/2023/CMT/ PyCon TW 2023 2023/9/2 ~ 2023/9/3 https://tw.pycon.org/2023/zh-hant/registration/tickets Hou.Sec.Con 2023/10/12 ~ 2023/10/13 https://web.cvent.com/event/76d46ccb-fe00-4fe5-ba46-e4a77c807f21/summary (ISC)2 SECURITY CONGRESS LEAD WITH CONFINDENCE 2023/10/25 ~ 2023/10/27 https://www.isc2.org/Congress-2023