資安事件新聞週報 2022/6/6 ~ 2022/6/10
1.重大弱點漏洞/後門/Exploit/Zero Day
已修補的SAP商用軟體漏洞遭到濫用
https://onapsis.com/blog/three-actively-exploited-sap-vulnerabilities-identified-onapsis-research-labs
Even the Most Advanced Threats Rely on Unpatched Systems
https://thehackernews.com/2022/06/even-most-advanced-threats-rely-on.html
Windows又有新零時差漏洞DogWalk
https://times.hinet.net/news/23959255
研究人員揭露另一個MSDT零時差漏洞DogWalk
https://twitter.com/j00sean/status/1533889445027536899
繼 Follina 之後,又出現另一個微軟 MSDT 零時差漏洞「DogWalk」
https://technews.tw/2022/06/10/dogwalk-another-microsoft-ignored-msdt-vulnerability-like-follina-gets-unofficial-patch/
有人利用微軟Office的MSHTML、MSDT重大漏洞,在烏克蘭散布Cobalt Strike
https://cert.gov.ua/article/40559
MSDT零時差漏洞再度遭到利用,TA570用於散布惡意軟體QBot
https://www.bleepingcomputer.com/news/security/qbot-malware-now-uses-windows-msdt-zero-day-in-phishing-attacks/
Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability
https://thehackernews.com/2022/06/researchers-warn-of-unpatched-dogwalk.html
Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices
https://thehackernews.com/2022/06/unpatched-critical-flaws-disclosed-in-u.html
CISA Warned About Critical Vulnerabilities in Illumina's DNA Sequencing Devices
https://thehackernews.com/2022/06/cisa-warned-about-critical.html
Security bulletin: Security Bulletin: Apache Commons as used by IBM QRadar SIEM
is vulnerable to denial of service (CVE-2021-35515, CVE-2021-35516, CVE-2021-36090, CVE-2021-35517)
https://reurl.cc/8oOMN7
2.銀行/金融/保險/證券/支付系統/金融監理 新聞及資安
金融業是烏克蘭現代化的成敗關鍵
https://news.cnyes.com/news/id/4886569
強化資安 彰銀加入F-ISAC會員
https://reurl.cc/8oOMMM
天天與駭客諜對諜,他靠「孫子兵法」守護銀行資產
https://money.udn.com/money/story/5613/6350661
純網銀出新招 樂天銀行行動支付回饋2%
https://www.epochtimes.com/b5/22/6/10/n13756739.htm
3.電子支付/行動支付/pay/資安
LINE Pay 服務新推「信用卡」平台,輕鬆比較 LINE Points、現金回饋
https://technews.tw/2022/06/07/add-credit-cards-to-line-pay/
LINE Pay新功能上線 回饋超多網嗨翻
https://reurl.cc/b2y8Ky
網好奇「還有人沒用過行動支付的嗎?」 回應超兩極
https://reurl.cc/Eral5v
交通違規線上申辦及行動支付 安全省時方便
https://reurl.cc/QLOAKq
疫情刺激 國人行動支付使用率逾75%
https://ec.ltn.com.tw/article/breakingnews/3950809
「現金v.s.數位支付」哪種最常用?超過千萬人有戶頭 口碑第一名是它
https://reurl.cc/moN5KW
電子支付使用南北大不同 便民優先!專家建議整合系統
https://reurl.cc/g2Ey5R
梅驊出任街口電子支付新任董事長
https://www.inside.com.tw/article/27855-jkos-new-chairman
第三方支付淪詐騙漏洞 籲標註警語
https://reurl.cc/3oZEV9
國泰全球數位支付ETF 搶占Pay經濟
https://reurl.cc/VDqOVA
央行預告修正「電子支付機構管理條例」
https://reurl.cc/n1Rd81
第三方支付有漏洞 一組OTP密碼竟盜刷8次
https://reurl.cc/vd8OZL
網購芒果遇詐騙 女申請第三方支付遭盜刷19萬
https://reurl.cc/j1OZnZ
蘋果瘋先買後付/央行教戰BNPL 示警潛在風險
https://finance.ettoday.net/news/2267338
4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約 資安
標普發布穩定幣監督報告:未來有望成為「加密貨幣」與「法定貨幣」價值穩定的重要工具
https://www.thenewslens.com/article/167842
The ultimate NFT guide
https://medium.com/learn-bitcoin-blockchain/blockchain-project-report-6407b22bbfc3
Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users
https://thehackernews.com/2022/06/researchers-detail-how-cyber-criminals.html
DeFi駭客識別協議Lossless Protocol上線Fantom
https://news.cnyes.com/news/id/4888402
Optimism駭客通過鏈上消息表示將歸還1800萬枚OP
https://news.cnyes.com/news/id/4889811
1年創下15億筆交易,成為以太坊最大勁敵!為何大家都用BSC轉帳?專家說給你聽
https://www.storm.mg/article/4370931
駭客利用 Osmosis 交易所漏洞竊取超 500 萬美元
https://www.btcc.com/zh-TW/coin-news/events/osmosis-exchange-hacked
5.資安事件新聞
A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC
駭客藉由各種假冒的破解軟體遞送惡意程式,以竊取機密資訊及加密貨幣
https://www.ithome.com.tw/news/151377
多個殭屍網路加入利用Atlassian Confluence漏洞的行列
https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/
勒索軟體Cuba採取雙重勒索策略,要求受害者3天內進行談判
https://www.trendmicro.com/en_us/research/22/f/cuba-ransomware-group-s-new-variant-found-using-optimized-infect.html
最怕碰上勒索病毒「賠了夫人又折兵」!該怎麼徹底防範
https://www.bnext.com.tw/article/69877/hacker-virus--jie-kao
駭客組織Black Basta發展Linux版勒索軟體,鎖定VMware ESXi而來
https://www.bleepingcomputer.com/news/security/linux-version-of-black-basta-ransomware-targets-vmware-esxi-servers/
TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)
https://isc.sans.edu/diary/rss/28728
Qbot 惡意軟體現正利用 Windows MSDT 0-day 漏洞發動釣魚攻擊
https://www.twcert.org.tw/tw/cp-104-6204-0bc04-1.html
攻擊者透過Office檔案屬性投放惡意軟體SVCReady,進一步在受害電腦部署竊密程式RedLine
https://threatresearch.ext.hp.com/svcready-a-new-loader-reveals-itself/
搜尋引擎搜出假冒網站廣告! OBS Project 指下載軟件可能含有惡意軟件
https://www.pcmarket.com.hk/fake-obs-studio-website-ad-found-in-search-engine/
近期LockBit 2.0危害全球加劇,全球1到4月超過300名受害者,近期臺廠也傳接連遇害
https://www.ithome.com.tw/tech/151368
殭屍網路病毒XLoader隱匿C2伺服器難以追蹤
https://research.checkpoint.com/2022/xloader-botnet-find-me-if-you-can/
勒索軟體WannaFriendMe要求受害者從線上遊戲Roblox市集購買解密金鑰
https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/
義大利巴勒莫市營運中斷疑勒索軟體Vice Society所為
https://www.bleepingcomputer.com/news/security/vice-society-ransomware-claims-attack-on-italian-city-of-palermo/
惡意軟體Symbiote濫用BPF元件隱匿攻擊意圖
https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
https://www.intezer.com/blog/research/new-linux-threat-symbiote/
Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector
https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
https://reurl.cc/VDqvyn
Shining the Light on Black Basta
https://research.nccgroup.com/2022/06/06/shining-the-light-on-black-basta/
MakeMoney malvertising campaign adds fake update template
https://blog.malwarebytes.com/threat-intelligence/2022/06/makemoney-malvertising-campaign-adds-fake-update-template/
Gamaredon activity - Second Quarter 2022
https://twitter.com/500mk500/status/1534799900147339267
https://twitter.com/500mk500/status/1534804600246648832
Bumblebee Loader on The Rise
https://blog.cyble.com/2022/06/07/bumblebee-loader-on-the-rise/
Attackers Exploit MSDT Follina Bug to Drop RAT, Infostealer
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/follina-msdt-exploit-malware
Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134
https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/
FakeCrack: Crypto stealing campaign spread via fake cracked software
https://blog.avast.com/fakecrack-campaign
CVE-2022-26134 Threat Brief: Atlassian Confluence RCE Vulnerability
https://unit42.paloaltonetworks.com/cve-2022-26134-atlassian-code-execution-vulnerability/
Operation Tejas: A dying elephant curled up in the Kunlun Mountains
https://mp.weixin.qq.com/s/8j_rHA7gdMxY1_X8alj8Zg
From the Front Lines | Another Rebrand? Mindware and SFile Ransomware Technical Breakdown
https://www.sentinelone.com/blog/from-the-front-lines-another-rebrand-mindware-and-sfile-ransomware-technical-breakdown/
Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
https://www.trendmicro.com/en_us/research/22/f/closing-the-door-deadbolt-ransomware-locks-out-vendors-with-mult.html
Will the Real Msiexec Please Stand Up? Exploit Leads to Data Exfiltration
https://thedfirreport.com/2022/06/06/will-the-real-msiexec-please-stand-up-exploit-leads-to-data-exfiltration/
Spam Email Containing a Very Large ISO file
https://isc.sans.edu/diary/rss/28712
Outbreak of Follina in Australia
https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia/
Cyber attack on state organizations of Ukraine using the malicious program Cobalt Strike Beacon and exploits to vulnerabilities CVE-2021-40444 and CVE-2022-30190
https://cert.gov.ua/article/40559
殭屍網路Emotet企圖竊取Chrome用戶的信用卡資料
https://www.bleepingcomputer.com/news/security/emotet-malware-now-steals-credit-cards-from-google-chrome-users/
New Emotet Variant Stealing Users' Credit Card Information from Google Chrome
https://thehackernews.com/2022/06/new-emotet-variant-stealing-users.html
Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions
https://thehackernews.com/2022/06/evil-corp-cybercrime-group-shifts-to.html
Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware
https://thehackernews.com/2022/06/researchers-warn-of-spam-campaign.html
10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
https://thehackernews.com/2022/06/10-most-prolific-banking-trojans.html
B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊
疑網購年貨下載APP遭駭 商人欲24次盜提3小時虧10萬
https://reurl.cc/9GQNvY
10 Things To Do Instead of Scrolling Through Your Smartphone
https://medium.com/personal-growth-lab/10-things-to-do-instead-of-scrolling-through-your-smartphone-df9a17f1c7db
Apple's New Feature Will Install Security Updates Automatically Without Full OS Update
https://thehackernews.com/2022/06/apples-new-feature-will-install.html
Apple 於 2021 年拒絕近 16 萬種可能有資安疑慮的 App 上架
https://www.twcert.org.tw/tw/cp-104-6196-065a5-1.html
手機資安合格?NCC抽測僅i12過初測
https://times.hinet.net/news/23957446
手機資安抽測15款全過關 NCC今年擬擴大規模
https://reurl.cc/VDqOnn
NCC抽測15款手機資安 不只中國廠牌、4大暢銷品牌都靠「補考」過關
https://tw.appledaily.com/life/20220608/5Z2A3HMP7RE6ZM7XQJTRABVGO4/
中國紫光展銳晶片存在重大漏洞,全球一成手機用戶曝險
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
手機上網、內建App如何防範個資遭外洩?NCC 傳授「三不五要」撇步
https://3c.ltn.com.tw/news/49526
蘋果iOS 16偷學對手?外媒點名iPhone這些新功能安卓早就有
https://3c.ltn.com.tw/news/49541
HTC手機新品6月底發表 將與VIVERSE元宇宙平台整合
https://www.sogi.com.tw/articles/htc_viverse_smartphone/6258022
C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力
調查:企業遭網攻中斷營運 平均損失逾8千萬
https://ec.ltn.com.tw/article/breakingnews/3956404
網路環境危機四伏!全球 6 成企業自認資安存在盲點
https://buzzorange.com/techorange/2022/06/08/cyber-security-trend/
趨勢科技:可視性與控管上的漏洞正在侵蝕企業資安
https://technews.tw/2022/06/08/security-2/
新型態資安攻防戰開打,面對 APT 攻擊該如何主動防禦
https://buzzorange.com/techorange/2022/06/09/teamt5-cyber-security/
數位攻擊難控管 全球企業憂影響資安風險
https://turnnewsapp.com/livenews/tech/A07657002022060910104803
港媒《傳真社》宣布停止運作 上月才遭駭客入侵
https://www.ettoday.net/news/20220610/2270243.htm
FBI、NSA警告:北京支持的駭客 攻擊全球電信公司
https://reurl.cc/OAe3Mv
美國公布中國駭客攻擊電信業者與ISP所使用的連網設備漏洞
https://www.cisa.gov/uscert/ncas/alerts/aa22-158a
美國國務卿布林肯宣布成立的「國務院中國組」是什麼樣的團隊?能否有效應對中國挑戰
https://www.storm.mg/article/4373450?page=1
歐盟網路安全演練本月登場,聚焦醫療領域
https://www.ithome.com.tw/news/151346
烏軍活用民間無人機能量強化戰力
https://www.upmedia.mg/news_info.php?Type=2&SerialNo=146375
中國駭客組織Aoqin Dragon鎖定東南亞與澳洲而來
https://www.sentinelone.com/labs/aoqin-dragon-newly-discovered-chinese-linked-apt-has-been-quietly-spying-on-organizations-for-10-years/
【兩岸論壇】中共「帶路建設」 助長組織犯罪
https://www.ydn.com.tw/news/newsInsidePage?chapterID=1505246&type=forum
Hacking Scenarios: How Hackers Choose Their Victims
https://thehackernews.com/2022/06/hacking-scenarios-how-hackers-choose.html
A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia
https://thehackernews.com/2022/06/a-decade-long-chinese-espionage.html
U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers
https://thehackernews.com/2022/06/us-agencies-warn-about-chinese-hackers.html
FBI Seizes 'SSNDOB' ID Theft Service for Selling Personal Info of 24 Million People
https://thehackernews.com/2022/06/fbi-seizes-ssndob-id-theft-service-for.html
資安工程師(台南科工廠)
https://www.104.com.tw/job/7kv9h?jobsource=m104
電動車系統資安工程師-E131
https://www.104.com.tw/job/7nryn
資安網管工程師/助理工程師
https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?EMPLOYER_ID=12752&HIRE_ID=11238121
網路資安工程師
https://www.104.com.tw/job/7nsfc
台灣資安人才現缺口!DEVCORE 擴大開啟資安人才培育計畫
https://www.techbang.com/posts/96818-devcore-expands-information-security-talent-cultivation-program
職場金飯碗/十大新興工作 讓你未來20年職涯不被淘汰
https://money.udn.com/money/story/122329/6377766
D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全
機靈女森耍詐諞集團10分鐘 大嬸爆氣跳針吼:快關閉
https://www.setn.com/News.aspx?NewsID=1128376
遇投資詐騙報警又陷「局中局」4人見46萬飛了超崩潰
https://www.chinatimes.com/realtimenews/20220610002497-260402?chdtv
假冒電子錢包職員套資料 過百人受害失近$150萬 警拘10男女原文網址: 假冒電子錢包職員套資料 過百人受害失近$150萬 警拘10男女 | 香港01 https://www.hk01.com/sns/article/780222
https://reurl.cc/b2y8mo
又見求職詐騙!網假冒外送平台收會費盜個資
https://www.ftvnews.com.tw/video/detail/Let42lmX8sI
限12種犯罪才能調個資 臉書有安全盲點
https://reurl.cc/vd8O81
看中遲遲未修復的微軟「Follina」漏洞,國家贊助駭客鎖定歐美政府機構發動釣魚攻擊
https://technews.tw/2022/06/09/state-backed-hackers-exploit-microsoft-follina-bug-to-target-entities-in-europe-and-u-s/
網傳影片「總統先生你好!烏克蘭百姓對總統“澤連斯基”確有一番特別感情、為他著想、百姓勸降:你打不過他們的,投降吧,不要反抗了......!澤連斯基!我考慮下」
https://tfc-taiwan.org.tw/articles/7652
資安專家發現透過 Facebook Messenger 進行的大型釣魚攻擊活動
https://www.twcert.org.tw/tw/cp-104-6206-75457-1.html
老招數假親友真詐騙 龜山行員警方合力阻詐
https://www.epochtimes.com/b5/22/6/9/n13755508.htm
詐騙被害人不限學經歷 中研院副院長、政務委員都上當
https://www.ctwant.com/article/187118
迪卡儂被駭客入侵
https://ptthito.com/gossiping/m-1654427949-a-e8d/
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html
E.研究報告/工具
企業資安不容百密一疏!如何串連資料保護與資訊安全,杜絕駭客攻擊、啟動全面防護策略
https://buzzorange.com/techorange/2022/06/10/acronis/
$1000: How I could have Hack any account and become a billionaire overnight👑Top Crypto-Trading Platform
https://infosecwriteups.com/1000-how-i-could-have-hack-any-account-and-become-a-billionaire-overnight-top-crypto-trading-ff0e25b6013c
5 Advanced JavaScript concepts that will make you a better developer
https://levelup.gitconnected.com/5-advanced-javascript-concepts-that-will-make-you-a-better-developer-5d04292107a1
Software Architecture & System Design: I wish I had known about this earlier…
https://medium.com/@olgamitroshyna/software-architecture-i-wish-i-had-known-about-this-earlier-4df43eae57db
(Free) 6 Cyber Security Certification 2022.
https://medium.com/technology-hits/free-cyber-security-certifications-2022-75f13432cbff
Feature that are accepted for PHP 8.2
https://medium.com/@parvej.code/feature-that-are-accepted-for-php-8-2-f01722b5a658
Hibernate vs JPA vs Spring Data JPA
https://blog.devgenius.io/hibernate-vs-jpa-vs-spring-data-jpa-ff4485aaa780
Multi-factor Authentication In-The-Wild bypass methods
https://medium.com/proferosec-osm/multi-factor-authentication-in-the-wild-bypass-methods-689f53f0b62b
What I learned from reading 126* Information Disclosure Writeups
https://medium.com/@Sm9l/what-i-learnt-from-reading-126-information-disclosure-writeups-d896c5d5a2a4
DON’T sell your old laptops
https://ethr.me/dont-sell-your-old-laptops-2589fc97277e
Best DevOps tool in Demand 2022
https://blog.devgenius.io/best-devops-tool-in-demand-2022-6e902b64c434
Why Vim is better than VSCode
https://sean-warman.medium.com/why-vim-is-better-than-vscode-d09e2355eb37
How I “HACKED” my college site
https://a-rshukla.medium.com/how-i-hacked-my-college-site-5b759bbb04dc
Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier
https://thehackernews.com/2022/06/researchers-disclose-critical-flaws-in.html
Be Proactive! Shift Security Validation Left
https://thehackernews.com/2022/06/be-proactive-shift-security-validation.html
F.商業
Google保護軟體供應鏈、倡議零信任並改善安全性作業
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9890
Palo Alto Networks:零信任加 SASE助金融機構面對資安挑戰
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9887
Sophos最新行業調查報告《2022 年醫療保健行業勒索軟體現況》 2021 年勒索軟體對醫療機構的攻擊增加94%
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9892
Check Point Software推出反勒索軟體中心
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000636810_TCX7KJ9Z296G75L0WF729
是方兩路並進 邁向東亞數位匯流中心
https://wantrich.chinatimes.com/news/20220608900054-420301
Fortinet 新產品 FortiNDR 以人工智慧偵測並回應威脅攻擊
https://ctee.com.tw/industrynews/automation/656491.html
攜手三竹資訊 東聯化學引進CoLine南北跨區協作效率增
https://www.1111.com.tw/news/jobns/145967
以Trend Micro One全方位網路資安平台為中樞 強化資安風險應變治理
https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?cnlid=14&cat=50&id=0000636934_LQYLV4A521OMB45TFJTV0
Hewlett Packard Enterprise為中華開發金控提供雲端轉型建議
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9902
思科打造Cisco Security Cloud開放的安全雲端平台
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9901
突破網路限制、保障線上安全 NordVPN 6大特點介紹
https://www.storm.mg/stylish/4370374
A10 Networks:零信任、雲端和遠距工作加速企業數位化
https://n.yam.com/Article/20220610561486
DOE與Dragos多重合作 推出關鍵基礎設施資安集體防禦平台
https://iknow.stpi.narl.org.tw/Post/Read.aspx?PostID=19242
Mlytics推Origin Shield解決方案 保障客戶雲端資產
https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220605000947-260410
G.政府
金管會通過修正草案,上市櫃企業設立資安長成為當務之急
https://news.sina.com.tw/article/20220610/42004328.html
新北被爆「演給恩恩爸看」 資安專家痛批:離譜劇本!
https://news.ltn.com.tw/news/society/breakingnews/3953132
換發身分證拒載父母姓名獲部分勝訴 內政部:將提上訴
https://www.youtube.com/watch?v=MNcc3RA6rOY
台灣身分證「雙親+配偶欄」 外國人:揭露過多資訊
https://www.setn.com/News.aspx?NewsID=1128578
國海院與內政部地政司攜手合作 加速完備我國海域基礎調查
https://times.hinet.net/news/23960371
宣戰選舉假訊息 調查局資安站首派秘書、17人異動
https://news.ltn.com.tw/news/society/breakingnews/3956343
疾管署出包!全台竟「22815人」染疫亡 莊人祥急回
https://reurl.cc/55EWy7
前幕僚揭11組IP疑北市養網軍 資訊局:北市僅用4組
https://www.cna.com.tw/news/aloc/202206050135.aspx
柯文哲前幕僚指北市府11組IP疑養網軍 資訊局:錯誤訊息
https://www.ftvnews.com.tw/news/detail/2022605W0156
H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安
TXOne Networks 發表全新EdgeIPS Pro 216 聚焦中小型製造業
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9885
戴爾科技集團擴展多雲體驗,橫跨Cyber Recovery、數據分析及合作夥伴生態系
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9893
VMware 協助全球雲端服務廠商滿足客戶的主權雲服務需求
https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=9895
New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
https://thehackernews.com/2022/06/new-privacy-framework-for-iot-devices.html
宇瞻、華碩雲端合推工控資安方案 封裝廠測試過關
http://www.ksnews.com.tw/index.php/news/contents_page/0001614817
新工作型態興旺資安產業 ——兼論工業電腦廠廣積
https://www.businesstoday.com.tw/article/category/183025/post/202206080043/
華碩建構OT資安工控 鞏固智慧製造防護網
https://stock.pchome.com.tw/news/cat8/20220607/65460613034607224003.html
物聯網所面臨的資安威脅
https://blog.twnic.tw/2022/06/10/23311/
I.教育訓練
物聯網時代的15堂資安基礎必修課 (Practical Iot Hacking: The Definitive Guide to Attacking the Internet of Things)
https://www.tenlong.com.tw/products/9786263241756?list_name=p-r-zh_tw
中華軟協-iPAS「初級」資訊安全工程師能力研習衝刺班:全面招生中
https://www.cs.nycu.edu.tw/announcements/detail/8778
2022「證券期貨資訊安全實務養成課程」即日起開始報名
https://www.sfi.org.tw/news/news-7/3589
網路時代人人要學的資安基礎必修課 (How Cybersecurity Really Works)
https://www.tenlong.com.tw/products/9786263240384?list_name=p-r-zh_tw
不只是工程師才要懂的 App 資訊安全:取得資安檢測合格證書血淚史(iT邦幫忙鐵人賽系列書)
https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html
【資安管理國際證照懶人包】學習心得、考試要點一次整理!2022 轉職夢幻工作看這篇
https://buzzorange.com/techorange/2021/12/30/isaca/
CISSP考試心得 – Benson
https://reurl.cc/GbWvxd
CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得
https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/
EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022
https://reurl.cc/1oyEM8
CEH v11 考試心得與準備方式
https://blog.sean.taipei/2022/01/ceh
110年新進人員「校園資訊安全講座」教材
https://cc.nccu.edu.tw/p/406-1001-740,r18.php
【訓練教材D】資訊安全技術教育訓練教材
https://iscb.nchu.edu.tw/2019/07/d.html
109資通安全管理法數位教育訓練
https://reurl.cc/ARlmqp
110-1初級資訊安全工程師-資訊安全管理概論
https://yamol.tw/exam.php?id=104050
中大信息工程學系 栽培資訊科技領導人才
https://reurl.cc/ARZKDK
伊雲谷、中山大學產學合作 累積雲端資安人才能量
https://ctee.com.tw/industrynews/technology/587459.html
SANS Cyber Aces Online Tutorials
https://tutorials.cyberaces.org/tutorials.html
Free Online Cybersecurity Courses (MOOCs)
https://www.cyberdegrees.org/resources/free-online-courses/
Develop Your Cybersecurity Skills
https://www.cybrary.it/catalog/cybersecurity/
Mobile App Security
https://www.cybrary.it/course/mobile-app-security/
Introduction to Cybersecurity
https://reurl.cc/bnaj6d
How to Tackle SaaS Security Misconfigurations
https://thehackernews.com/2021/11/how-to-tackle-saas-security.html
How to Build a Security Awareness Training Program that Yields Measurable Results
https://thehackernews.com/2021/11/how-to-build-security-awareness.html
Common Attacks
https://choson.lifenet.com.tw/?p=1174
資安學習路上-滲透測試實務4
https://www.potatomedia.co/post/4191e744-64f3-4d33-af69-e3591adc2ed0
6.近期資安活動及研討會
醫療資安女力論壇 2022/6/11
https://isipevent.kktix.cc/events/e58d0573-copy-1
科技力x內容力 5G Craft 菁英挑戰賽號召各路英雄 2022/6/15
https://tomorrowsci.com/technology/20225g0526/
經濟部工業局沙崙資安服務基地 - 智慧製造的痛-駭客攻擊與勒索軟體威脅 2022/6/16
https://www.cisanet.org.tw/Course/Detail/2836
【滲透與入侵 - 供應鏈資安威脅】資安跨域交流活動 2022/6/20
https://www.tca.org.tw/exhibit_info1.php?n=1716
經濟部工業局沙崙資安服務基地 - 日誌大數據分析實戰 2022/6/23
https://bit.ly/3sJWjmp
資訊安全管理(週日班) 2022/7/3 ~ 2022/8/28
https://mymcu.mcu.edu.tw/zh-hant/product/e022205151
創科資訊②⓪②②軟體開發實戰訓練營➠線上實習說明會 2022/7/6
https://trunk-studio.kktix.cc/events/monosparta-code-camp-2022-9
風險導向資安稽核 2022/7/20
https://www.cisanet.org.tw/Course/Detail/2756
HITCON PEACE 2022 台灣駭客年會 2022/8/19 ~ 2022/8/20
https://hitcon.kktix.cc/events/hitcon-peace-2022
2022 CYBERSEC 資安大會 Jamf 攤位講座 2022/9/20 ~ 2022/9/22
https://jamf.kktix.cc/events/cybersec2022jamf
沒有留言:
張貼留言