資安事件新聞週報 2022/3/7 ~ 2022/3/11
1.重大弱點漏洞/後門/Exploit/Zero Day
Cisco 近日發布更新以解決多個產品的安全性弱點
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-dos-JLh9TxBp
Critical Patches Issued for Cisco Expressway Series, TelePresence VCS Products
https://thehackernews.com/2022/03/critical-patches-issued-for-cisco.html
Critical Bugs Could Let Attackers Remotely Hack, Damage APC Smart-UPS Devices
https://thehackernews.com/2022/03/critical-bugs-could-let-attackers.html
TP-Link無線路由器RCE漏洞的攻擊程式已遭公開,建議用戶立即進行更新
https://www.twcert.org.tw/tw/cp-104-5815-b7721-1.html
駭客透過VoIP系統漏洞放大流量發動DDoS攻擊,新手法可將流量放大近43億倍
https://www.akamai.com/blog/security/phone-home-ddos-attack-vector
Amazon Echo 驚現「自駭」漏洞!駭客讓智慧音箱對自己下惡意指令
https://technews.tw/2022/03/10/novel-attack-turns-amazon-devices-against-themselves/
Critical "Access:7" Supply Chain Vulnerabilities Impact ATMs, Medical and IoT Devices
https://thehackernews.com/2022/03/critical-access7-supply-chain.html
Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses
https://thehackernews.com/2022/03/critical-rce-bugs-found-in-pascom-cloud.html
The Continuing Threat of Unpatched Security Vulnerabilities
https://thehackernews.com/2022/03/the-continuing-threat-of-unpatched.html
New Security Vulnerability Affects Thousands of Self-Managed GitLab Instances
https://thehackernews.com/2022/03/new-security-vulnerability-affects.html
微軟發佈3月份安全性公告
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/08/microsoft-releases-march-2022-security-updates
IBM QRadar SIEM and Apache log4j version 1 usage
https://www.ibm.com/support/pages/node/6561889?myns=swgother&mynp=OCSSBQAC&mynp=OCSSKMKU&mync=E&cm_sp=swgother-_-OCSSBQAC-OCSSKMKU-_-E
QRadar: After an upgrade the Admin tab repeatedly displays, "A new version of the event collection service is available for upgrade."
https://www.ibm.com/support/pages/node/6555146?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E
2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP
https://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html
New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container
https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html
三大廠牌處理器出現新的推測執行漏洞
https://www.bleepingcomputer.com/news/security/intel-amd-arm-warn-of-new-speculative-execution-cpu-bugs/
近3成WordPress外掛程式存在重大漏洞,卻沒有相關修補程式可用
https://patchstack.com/whitepaper/the-state-of-wordpress-security-in-2021
McAfee(R) Safe Connect VPN - Unquoted Service Path Elevation Of Privilege
https://www.exploit-db.com/exploits/50814
Webmin 1.984 - Remote Code Execution (Authenticated)
https://www.exploit-db.com/exploits/50809
Malwarebytes 4.5 - Unquoted Service Path
https://www.exploit-db.com/exploits/50806
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50797
2.銀行/金融/保險/證券/支付系統/金融監理 新聞及資安
財長:公股行庫全力支援受俄烏戰爭影響企業
https://turnnewsapp.com/livenews/finance/A95620002022031020155649
銀行業提防兩大新風險
https://udn.com/news/story/7338/6156147
台數位金融蓬勃發展 資安人才搶手
https://www.epochtimes.com/b5/22/3/8/n13630992.htm
將來銀行備戰329開業 帳號自由選搶先預訂
https://www.cardu.com.tw/news/detail.php?45579
玉山金多元領域 招募菁英
https://reurl.cc/nEb5rd
玉山金今年將徵才600人
https://money.udn.com/money/story/5613/6145078?from=edn_subcatelist_cate
元大金徵才!首招投資研究MA 接軌國際金融市場
https://udn.com/news/story/7239/6142255
迎數位金融浪潮 金融業招攬多元領域人才
https://ctee.com.tw/news/finance/604989.html
中信金首創多語系人才交流! 泰國、印尼國籍諮詢踴躍
https://finance.ettoday.net/news/2202123
總經理集體出動!9大金控徵才條件一次看 百萬年薪不是夢
https://www.setn.com/News.aspx?NewsID=1080564
3.電子支付/行動支付/pay/資安
行動支付盛行 LINE Pay愛心捐款逾4億元
https://www.chinatimes.com/realtimenews/20220310001962-260410?chdtv
一卡通Money、街口、悠遊付…8家電子支付!儲值、轉帳、提領手續費多少
https://www.cardu.com.tw/mpay/detail.php?38340
新版LINE Pay App怎麼用?和一卡通Money怎麼區分
https://reurl.cc/OpakQg
一卡通與LINE Bank聯手合作 啟動國內首次純網銀與電支帳戶連結
https://www.chinatimes.com/realtimenews/20220311004800-260410?chdtv
全支付電支執照准了!9月1日前須開業
https://ctee.com.tw/wealth/fintech/602407.html
全家拿下電子支付執照!成全台第一間零售通路結合金融產業的電子支付
https://www.inside.com.tw/article/26820-familymart-epay
支付戰 純網銀參一腳
https://udn.com/news/story/7239/6133108
一卡通Money捐款助烏克蘭 轉帳免手續費
https://reurl.cc/Qjl6O0
「全支付」取得電子支付營業執照 全聯PX Pay升級 「全支付」電支登場
https://news.sina.com.tw/article/20220303/41309548.html
Steam 俄羅斯無法使用電子支付 用戶無法購買任何遊戲
https://unwire.hk/2022/03/08/russiasteam/game-channel/
PayPal擴大制裁 停止在俄羅斯提供服務
https://ec.ltn.com.tw/article/breakingnews/3849713
4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約 資安
破獲史上最高額比特幣洗錢案 美國追回逾36億美元
https://www.chinatimes.com/realtimenews/20220311000013-260408?chdtv
地緣衝突和通脹高漲之下,加密貨幣的又一個牛市在醞釀
https://hk.investing.com/analysis/article-100084
BNB Chain宣布舉辦駭客馬拉松 提供1000萬美元獎金和種子資金
https://news.cnyes.com/news/id/4827275
派盾:攻擊Fantasm Finance駭客使用Tornado.cash混幣1,007 ETH
https://news.cnyes.com/news/id/4828605
美加速草擬加密貨幣法規、發行數位美元 阻止俄國逃避經濟制裁
https://times.hinet.net/news/23795861
俄羅斯提議禁止使用和開採加密貨幣
https://blog.twnic.tw/2022/03/07/21829/
BaconProtocol遭受駭客攻擊損失100萬美元
https://news.cnyes.com/news/id/4824695
虛擬貨幣洗錢 列非常高風險
https://reurl.cc/EpNZQK
全球首台NFT自動販賣機設立紐約華爾街!用信用卡即可進行交易
https://newtalk.tw/news/view/2022-03-07/719781
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC
資料破壞軟體RURansom鎖定俄羅斯實體下手
https://www.trendmicro.com/en_us/research/22/c/new-ruransom-wiper-targets-russia.html
勒索軟體Ragnar Locker鎖定52個美國關鍵基礎設施實體下手
https://www.documentcloud.org/documents/21397387-ragnarlocker-ransomware-indicators-of-compromise
NVIDIA外流「程式碼簽章」遭駭客利用 將惡意軟體偽裝成官方驅動程式
https://www.cool3c.com/article/174071
KPMG:企業遭網攻 勒索軟體最常見
https://readers.ctee.com.tw/cm/20220310/a11aa11/1173584/share
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
https://blog.talosintelligence.com/2022/03/iranian-supergroup-muddywater.html
Conti Ransomware | CISA
https://www.cisa.gov/uscert/ncas/alerts/aa21-265a
Lazyscripter’s scripts: double compromise in a single obfuscation
https://lab52.io/blog/very-very-lazy-lazyscripters-scripts-double-compromise-in-a-single-obfuscation/
Nvidia leak - abused certificate for signing malicious code and tools such as mimikatz
https://twitter.com/cyb3rops/status/1499514240008437762
PROPHET SPIDER Exploits Citrix ShareFile
https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile/
中國駭客APT41利用網頁應用系統的零時差漏洞,攻擊美國州政府
https://www.mandiant.com/resources/apt41-us-state-governments
Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant
https://thehackernews.com/2022/03/chinese-apt41-hackers-broke-into-at.html
A Summary of APT41 Targeting U.S. State Governments
https://www.mandiant.com/resources/apt41-us-state-governments
The Good, the Bad, and the Web Bug: TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates
https://www.proofpoint.com/us/blog/threat-insight/good-bad-and-web-bug-ta416-increases-operational-tempo-against-european
MS Office Files Involved Again in Recent Emotet Trojan Campaign
https://www.fortinet.com/blog/threat-research/ms-office-files-involved-in-emotet-trojan-campaign-pt-one
Fake Purchase Order Used to Deliver Agent Tesla
https://www.fortinet.com/blog/threat-research/fake-purchase-order-used-to-deliver-agent-tesla
SharkBot Banking Malware Spreading via Fake Android Antivirus App on Google Play Store
https://thehackernews.com/2022/03/sharkbot-banking-malware-spreading-via.html
Cyberattack on the state authorities of Ukraine using the malicious program Cobalt Strike Beacon
https://cert.gov.ua/article/37704
B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊
Both Sides in Russia-Ukraine War Heavily Using Telegram for Disinformation and Hacktivism
https://thehackernews.com/2022/03/both-sides-in-russia-ukraine-war.html
路透:TikTok與甲骨文接近就美國用戶資料儲存達成協議
https://news.cnyes.com/news/id/4830218
三星證實Galaxy原始碼遭竊 籲用戶啟用雙重認證
https://www.mypeoplevol.com/Article/18135
Google Play驚見4款「入侵網銀」App 有下載的快移除
https://www.ctwant.com/article/171569
SIGNAL創辦人警告用TELEGRAM存資安風險
https://www.isda.org.tw/2022/03/05/dad0487bad728eea166aab47e5e187c6/
Apple公司寫信向國會議員解釋"側載"是一種惡意軟件的危險
https://reurl.cc/GoqbGZ
掃實聯制竟有木馬病毒 資安公司警告:這款萬人下載APP有狀況
https://www.ctwant.com/article/171052
SIM卡漏洞遭SimJacker入侵! 駭客發送簡訊即可監控掌握手機 10億用戶面臨威脅
https://www.bg3.co/a/simqia-lou-dong-zao-simjackerru-qin-hai-ke-fa-song-jian-xun-ji-ke-jian-kong-zhang-wo-shou-ji-10yi-yong-hu-mian-lin-wei-xie.html
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力
隱私計算網路Oasis開啟為期8周的駭客松活動
https://news.cnyes.com/news/id/4829919?exp=a
資料中心 四大關鍵技術報告 節能效率 / 混和架構 / 資訊安全 / 人工智慧
https://wantrich.chinatimes.com/news/20220306900027-420301
科技經濟戰 台灣別輸了
https://udn.com/news/story/7315/6143600
照片型社群軟體很可怕?家長免驚,安全4步驟引導孩子上網
https://isafe.moe.edu.tw/article/2524?user_type=3&topic=9
報告指近一成 IT 資安事件原因為外接儲存裝置
https://technews.tw/2022/03/10/top-attack-vectors-january-2022/
Nvidia、電子五哥遭駭客下毒手,問題不在預算不足!專家:資安不能疊床架屋
https://www.bnext.com.tw/article/68053/check-point--security-trend
駭入三星、Nvidia的駭客要利誘微軟、蘋果等公司員工協助內應
https://www.ithome.com.tw/news/149841
沒有牆的廠房資安 如何保平安
https://udn.com/news/story/11726/6152404
東映動畫遭駭客惡意入侵 《數碼寶貝:幽靈遊戲》《ONE PIECE》等多部動畫皆受影響
https://www.toy-people.com/?p=69830
俄羅斯政府網站遭駭,疑似遭供應鏈攻擊
https://www.bleepingcomputer.com/news/security/russian-government-sites-hacked-in-supply-chain-attack/
若俄軍持續進攻 烏克蘭政府將研擬轉移機密數據至他國
https://news.ltn.com.tw/news/world/breakingnews/3854626
資安公司:中國駭客發動攻擊 美至少6州政府受害
https://tw.appledaily.com/international/20220309/KUTTIHPR6FE7ZLSIFU3HJWVOA4/
肆無忌憚 中共駭客入侵美國6州府系統
https://www.youtube.com/watch?v=95gltBFsQOg
美多家政府機構遭駭客攻擊? 陸外交部:賊喊捉賊
https://m.match.net.tw/pc/news/international/20220309/6424677
華為暗助普丁 欲建監控和人臉識別系統
https://reurl.cc/Opakb9
傳共機失事/國安局為越南記者爆料背書?張競:孤證風險高
https://cnews.com.tw/174220311a01/
沈舟:俄軍遭遇高科技對手 中共傻眼
https://www.epochtimes.com/b5/22/3/10/n13635530.htm
俄羅斯入侵烏克蘭掀「史上最大網軍戰」 專家警告失控後果
https://www.setn.com/News.aspx?NewsID=1081835
匿名者駭入俄羅斯串流與電視台,播放烏克蘭戰場畫面
https://technews.tw/2022/03/07/anonymous-hack-russia-tv/
「烏克蘭版唐鳳」31歲副總理靠手機護國 號召駭客抗俄
https://udn.com/news/story/122663/6144938
逾40萬名自願者加入烏駭客團隊 對俄發起網攻
https://www.merit-times.com/NewsPage.aspx?unid=758021
烏克蘭IT軍團、無人機 打響現代AI戰爭
https://reurl.cc/Qjl6a9
全球善款湧向烏克蘭,外加15億鉅額加密貨幣,虛擬戰場意外開啟
https://www.gvm.com.tw/article/87718
CISA與FBI警告加強防範資料抹除攻擊
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9747
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
https://thehackernews.com/2022/03/hackers-abuse-mitel-devices-to-amplify.html
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Security Engineer (資安產品工程師)
https://www.1111.com.tw/job/98688477/
聯華電子-資安門禁安檢員(週休二日、見紅休)
https://www.518.com.tw/job-GonqXX.html
資訊部-網管工程師(海外儲備幹部)
https://www.104.com.tw/job/7ehcg?jobsource=jolist_c_date
Product Manager(WISE-PaaS AI ,內湖瑞光路)
https://tw.talent.com/view?id=668ba61756e7
資訊安全工程師(HS220310009)
https://www.104.com.tw/job/7k7f6
中華資安國際行政助理
https://worknowapp.com/jobs/a34d86c8-30d8-46b9-8aa9-b92a75b2d382
網路資安 工程師
https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?R2=6&EMPLOYER_ID=905564&HIRE_ID=11026685
徵才訊息---資訊應用管理師
https://www.cs.nycu.edu.tw/announcements/detail/8798
資安工作5年成長1.5倍!上市櫃編制人力、資安新鮮人成搶手貨
https://www.bnext.com.tw/article/68027/information-security-fresh-crew
防駭客、會抓鬼!資安人才夯 求職網統計:平均月薪53K、職缺增1.5倍
https://tw.appledaily.com/life/20220309/HDUXHN7HE5BTFHQRHDETZUZNX4/
精誠 今年將擴大招募逾千人
https://ctee.com.tw/news/tech/605326.html
宏碁集團擴大徵才 精誠資訊擬招募千人
https://newtalk.tw/news/view/2022-03-04/718819
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全
Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
https://thehackernews.com/2022/03/google-russian-hackers-target.html
Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts
https://thehackernews.com/2022/03/ukrainian-cert-warns-citizens-of.html
Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html
中國駭客APT31針對美國政府相關的Gmail帳號發動網釣攻擊
https://twitter.com/ShaneHuntley/status/1501224764530069504
歐洲議會指中、俄操控訊息 肯定台灣抗假訊息成果
https://news.pts.org.tw/article/571169
本土劇女星內衣露出照遭盜用! 急出面求刪:會讓人家斷章取義
https://star.ettoday.net/news/2205495?redirect=1
裸照外流抓不到駭客「只有內部人員」 謝忻曝心境:沮喪佔據生活
https://star.ettoday.net/news/2204721
NVIDIA 遭駭客最後通牒:開源GPU驅動程式,否則公佈機密資料
https://vitomag.com/tech/whohk.html
Nvidia遭駭客勒索100萬美元否則出售GPU LHR算力解鎖技術
https://netmag.tw/2022/03/04/nvidia-was-blackmailed-for-1-million-or-sold-gpu-lhr-to-unlock-technology
高達 190 GB 數據外洩!駭客攻擊三星,Galaxy 原始碼也外流
https://www.inside.com.tw/article/26948-hackers-stole-samsungs-galaxy-source-code
NVIDIA遭駭客入侵7萬多員工密碼遭洩露,還「順便」駭了三星釋出190GB機密資料
https://www.techbang.com/posts/94635-more-than-70000-nvidia-employee-passwords-were-leaked-the
三星電子遭駭客攻擊,未造成用戶資料外洩
https://srtechmedia.com/news/68de6502-6f91-49e8-9d2f-7ecab9038f88
千騙萬騙離不開ATM|樹林警助民保住90萬存款
http://n.yam.com/Article/20220309995533
俄烏戰爭假消息多 史丹福學者教7點辨識
https://www.worldjournal.com/wj/story/121519/6151643
俄烏及台海情勢 羅致政:台灣社會需慎防假訊息
https://cnews.com.tw/%E4%BF%84%E7%83%8F%E5%8F%8A%E5%8F%B0%E6%B5%B7%E6%83%85%E5%8B%A2%E5%BA%A7%E8%AB%87%E6%9C%83-%E7%BE%85%E8%87%B4%E6%94%BF%EF%BC%9A%E5%8F%B0%E7%81%A3%E7%A4%BE%E6%9C%83%E9%9C%80%E6%85%8E%E9%98%B2%E5%81%87/
[NFT詐騙] 假MetaversePRO網站
https://blog.trendmicro.com.tw/?p=71519
虛擬投資 「詐翻」老少
https://news.housefun.com.tw/news/article/202531327350.html
遠傳friDay購物平台疑個資外洩 詐騙連分期付款都清楚
https://tw.appledaily.com/property/20220305/TJQ7DCVC2REKPNWTNGKX4B567Q/
花式Office漏洞及社交工程激增 「信賴」須重新定義 郵件資安攻擊板塊位移 物流詐騙信隨疫情增25倍
https://www.netadmin.com.tw/netadmin/zh-tw/trend/0F45CFDD9DDC40E598067616356FA51F
多組駭侵者假借金援烏克蘭為由,設立加密貨幣詐騙捐款專戶
https://www.twcert.org.tw/tw/cp-104-5813-c2793-1.html
E.研究報告/工具
當資安標準遇到管理
https://www.semi.org/zh/technology_and_trends/cybersecurity_standards
老舊系統不是IT問題,而是資安折舊問題
https://www.semi.org/zh/business_and_markets/cybersecurity/legacy_software
如何取回管理權 避免再次「被駭」
https://www.mnews.tw/story/20220307rep002
資安鬼故事之Reverse shell
https://forum.gamer.com.tw/C.php?bsn=60030&snA=597736
能將 DDoS 封包放大 65 倍的全新攻擊手法橫空出世!任何新手都能輕鬆癱瘓目標
https://technews.tw/2022/03/06/hackers-begin-weaponizing-tcp-middlebox-reflection-for-amplified-ddos-attacks/
API Architecture - Performance Best Practices for REST APIs
https://abdulrwahab.medium.com/api-architecture-performance-best-practices-for-rest-apis-1d4a5922dae1
Binary Tree Pre Order Traversal using Tail Recursion
https://medium.com/@dhruvikasharma20/binary-tree-preorder-traversal-using-tail-recursion-37390dc410b9
Using Node.js for Backend Web Development in 2022
https://medium.com/geekculture/using-node-js-for-backend-web-development-in-2022-f2917c6c0a87
How I built my tech startup as a solo developer
https://medium.com/dreamwod-tech/how-i-built-my-tech-startup-as-a-solo-developer-45390f460002
How I created a Trojan Malware — Ethical Hacking
https://infosecwriteups.com/how-i-created-a-trojan-malware-ethical-hacking-82239a6b64c6
Becoming an SDET / QA Automation Test Engineer Road Map Step By Step in 2022
https://thetestlead.medium.com/becoming-an-sdet-qa-automation-test-engineer-road-map-step-by-step-in-2022-9f75cc03007c
Android Development Trends for 2022
https://betterprogramming.pub/android-development-trends-for-2022-51734382bce1
How to Exploit Current Events for Clicks
https://davidbclear.medium.com/how-to-exploit-current-events-for-clicks-bec33c246e74
6 steps to set up linux server with Nginx Docker & SSL
https://towardsdev.com/6-steps-to-set-up-linux-server-with-nginx-docker-ssl-ef501860610b
The Incident Response Plan - Preparing for a Rainy Day
https://thehackernews.com/2021/06/the-incident-response-plan-preparing.html
Understanding How Hackers Recon
https://thehackernews.com/2022/03/understanding-how-hackers-recon.html
Researchers Demonstrate New Side-Channel Attack on Homomorphic Encryption
https://thehackernews.com/2022/03/researchers-demonstrate-new-side.html
F.商業
Google Buys Cybersecurity Firm Mandiant for $5.4 Billion
https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html
Google砸1530億收購 Mandiant! 添網路安全生力軍
https://finance.ettoday.net/news/2205628?from=amp_newslist
FedEx、博通都愛用!Okta 如何協助企業打造「去中心化」身份管理
https://www.inside.com.tw/article/26968-odin-info
鎖定關鍵任務 搭載DFMD表現更佳 Pure推旗艦儲存 效能安全兼顧
https://www.netadmin.com.tw/netadmin/zh-tw/market/ACE23C88204E43D79F8F8B4DBECB5ED8
Check Point Software 揭密企業如何應戰複雜資安威脅情勢
https://reurl.cc/DdMgWO
迎接後疫情的資料儲存、資安商機!Synology擴充20%人力:從台灣出發打世界盃
https://www.bnext.com.tw/article/68049/synology-2022
合勤投控以駭客為師,將資安轉化成企業競爭優勢
https://times.hinet.net/news/23792807
聯達資訊成為中華資安國際「SecuTex」台灣代理商
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9752
中租迪和實現安全的數位轉型之旅,資安防護網扮演幕後功臣
https://news.sina.com.tw/article/20220309/41348572.html
F5 Distributed Cloud Services 強化數位世界保護
https://reurl.cc/EpNZoR
Fortinet發布新世代防火牆FortiGate 3000F,助企業建立混合式資安架構
https://www.techbang.com/posts/94587-fortinet-announces-next-gen-firewall-fortigate-3000f
G.政府
港務公司依循資安法擴大推動資安 提供更安全航運服務
https://reurl.cc/g0bW97
資策會與奧勒岡台灣工商會簽訂MOU 加強國際產業技術趨勢交流合作
https://news.sina.com.tw/article/20220310/41355874.html
烏俄戰爭顯示政府強化資安防護網的重要 台南政風處舉專業研習會
https://www.ettoday.net/news/20220311/2206049.htm
台美簽署69.9億軍購合約 新型野戰資訊通信系統2024運交台灣
https://news.ltn.com.tw/news/politics/breakingnews/3856089
衛服部將推資療資安聯防機制 擬納入醫院評鑑制度中
https://ibmi.taiwan-healthcare.org/zh//email.php?REFDOCID=0qexf0ecg3k504oi
調查局動員百人 偵辦陸企違法挖角人才案
https://reurl.cc/Y95jXD
TWCERT/CC 2022年2月資安電子報
https://epaper.twcert.org.tw/2022_02/
唐鳳接任數位發展部召集人!掌管電信、資安,新設部門是什麼一次看懂
https://today.line.me/tw/v2/article/GgOM6rZ
中山大學「國際金融研究學院」揭牌 陳其邁偕同蔡總統啟動儀式
https://news.sina.com.tw/article/20220304/41319932.html
H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安
Bureau Veritas取得IECEE認可IEC 62443標準資安檢測實驗室資格
https://reurl.cc/bkbXME
捷而思透析車聯網資安為當務之急需要提前部署
https://www.digitimes.com.tw/iot/article.asp?cat=130&cat1=40&cat2=35&id=0000630299_EFG1ILK1LX1AY88B4NST9
瀚錸科技代理Remote.It為工控設備提供安全遠程連線管理服務
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&cat=60&id=0000630256_3YR1NR2E62MCAM5RU8J0E
I.教育訓練
中華軟協-iPAS「初級」資訊安全工程師能力研習衝刺班:全面招生中
https://www.cs.nycu.edu.tw/announcements/detail/8778
2022「證券期貨資訊安全實務養成課程」即日起開始報名
https://www.sfi.org.tw/news/news-7/3589
網路時代人人要學的資安基礎必修課 (How Cybersecurity Really Works)
https://www.tenlong.com.tw/products/9786263240384?list_name=p-r-zh_tw
不只是工程師才要懂的 App 資訊安全:取得資安檢測合格證書血淚史(iT邦幫忙鐵人賽系列書)
https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html
【資安管理國際證照懶人包】學習心得、考試要點一次整理!2022 轉職夢幻工作看這篇
https://buzzorange.com/techorange/2021/12/30/isaca/
CISSP考試心得 – Benson
https://reurl.cc/GbWvxd
CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得
https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/
EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022
https://reurl.cc/1oyEM8
CEH v11 考試心得與準備方式
https://blog.sean.taipei/2022/01/ceh
110年新進人員「校園資訊安全講座」教材
https://cc.nccu.edu.tw/p/406-1001-740,r18.php
【訓練教材D】資訊安全技術教育訓練教材
https://iscb.nchu.edu.tw/2019/07/d.html
109資通安全管理法數位教育訓練
https://reurl.cc/ARlmqp
110-1初級資訊安全工程師-資訊安全管理概論
https://yamol.tw/exam.php?id=104050
中大信息工程學系 栽培資訊科技領導人才
https://reurl.cc/ARZKDK
伊雲谷、中山大學產學合作 累積雲端資安人才能量
https://ctee.com.tw/industrynews/technology/587459.html
SANS Cyber Aces Online Tutorials
https://tutorials.cyberaces.org/tutorials.html
Free Online Cybersecurity Courses (MOOCs)
https://www.cyberdegrees.org/resources/free-online-courses/
Develop Your Cybersecurity Skills
https://www.cybrary.it/catalog/cybersecurity/
Mobile App Security
https://www.cybrary.it/course/mobile-app-security/
Introduction to Cybersecurity
https://reurl.cc/bnaj6d
How to Tackle SaaS Security Misconfigurations
https://thehackernews.com/2021/11/how-to-tackle-saas-security.html
How to Build a Security Awareness Training Program that Yields Measurable Results
https://thehackernews.com/2021/11/how-to-build-security-awareness.html
Common Attacks
https://choson.lifenet.com.tw/?p=1174
6.近期資安活動及研討會
2022嘉藥反毒與資安機器人競賽 2022/3/12
https://reurl.cc/9OO7kj
Scala Taiwan #39 - 用Scala寫基因體醫學 2022/3/15
https://www.meetup.com/Scala-Taiwan-Meetup/events/284242666/
Flutter Festival Taipei 2022/3/16
https://www.meetup.com/Flutter-Taipei/events/283785315/
【Drupal台北小聚】預防網路駭客攻擊,如何選擇一個安全又穩定的網站CMS系統 2022/03/18
https://www.accupass.com/event/2203041031371662916900
國家高速網路與計算中心教育訓練 「大數據程式開發平台(VM版本)」建置與開發實務課程 2022/3/18
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3972&from_course_list_url=homepage
OSCP 高階滲透測試精進班 2022-02-12~2022-03-20
https://college.itri.org.tw/course/all-events/35FC13F1-05A3-44CF-85B1-2D01B6F92632.html
資安新知科技研習課程-「資安鑑識課程-系列Ⅰ初級課程:LINE 社交平台資安機制:雲端 LINE Chatting 機器人系統」2022/3/25
https://docs.google.com/forms/d/1pjgu56Qqxuo9-eQTndqLzK2oZuzAWnv3v78VvuipDwA/viewform?edit_requested=true
中部場-公部門如何揪出潛伏資安威脅研討會(限政府機關報名)2022/4/13
https://www.cisanet.org.tw/Course/Detail/2783
南部場-公部門如何揪出潛伏資安威脅研討會(限政府機關報名) 2022/4/21
https://www.cisanet.org.tw/Course/Detail/2784
國家高速網路與計算中心教育訓練 「大數據程式開發平台(VM版本)」建置與開發實務課程 2022/5/27
https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=3983&from_course_list_url=homepage
風險導向資安稽核 2022/7/20
https://www.cisanet.org.tw/Course/Detail/2756
沒有留言:
張貼留言