###### tags: `資安事件新聞週報` # 資安事件新聞週報 2026/3/23 ~ 2026/3/27 1.重大弱點漏洞/後門/Exploit/Zero Day F5修補Nginx網頁伺服器軟體高風險漏洞，未更新可能導致惡意MP4檔觸發遠端程式碼執行 https://www.ithome.com.tw/news/174691 Citrix發布安全更新，修補可能導致NetScaler ADC與Gateway敏感資料外洩的重大漏洞 https://www.ithome.com.tw/news/174637 Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks https://thehackernews.com/2026/03/citrix-urges-patching-critical.html Oracle推送緊急更新，修補Identity Manager重大漏洞 https://www.ithome.com.tw/news/174596 Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager https://thehackernews.com/2026/03/oracle-patches-critical-cve-2026-21992.html 微軟SharePoint高風險漏洞CVE-2026-20963遭實際利用，CISA列KEV名單 https://www.ithome.com.tw/news/174707 CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026 https://thehackernews.com/2026/03/cisa-flags-apple-craft-cms-laravel-bugs.html Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure https://thehackernews.com/2026/03/critical-langflow-flaw-cve-2026-33017.html Jenkins修補重大漏洞，開發環境若不更新恐遭遠端程式碼執行攻擊 https://www.ithome.com.tw/news/174594 Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://thehackernews.com/2026/03/hackers-exploit-cve-2025-32975-cvss-100.html Claude瀏覽器延伸套件存在零點擊漏洞ShadowPrompt，攻擊者可透過網站發動提示注入攻擊 https://www.ithome.com.tw/news/174716 大型語言模型開發工具Langflow存在重大漏洞，未經驗證的攻擊者可用於執行任意程式碼 https://www.ithome.com.tw/news/174606 Langflow重大漏洞甫公布就遭到利用 https://www.ithome.com.tw/news/174608 Google發布Chrome瀏覽器更新，修補8個高風險漏洞 https://www.ithome.com.tw/news/174659 Amazon Bedrock、LangSmith、SGLang存在與AI有關的弱點 https://thehackernews.com/2026/03/ai-flaws-in-amazon-bedrock-langsmith.html Ubuntu Desktop存在高風險本機權限提升漏洞，可能導致攻擊者接管系統 https://www.ithome.com.tw/news/174514 2.銀行/金融/保險/證券/金融監理 新聞及資安 金融木馬GoPix現身於巴西網路犯罪生態圈，透過中間人攻擊攔截HTTPS流量 https://securityonline.info/ghost-in-browser-advanced-gopix-trojan-mitm-attacks/ 資安金融科技 今秀業績 https://money.udn.com/money/story/11074/9396052 金管會關注「養龍蝦」風潮 要求金融業強化資安控管 https://ec.ltn.com.tw/article/breakingnews/5374362 3.信用卡/電子支付/行動支付/pay/支付系統/資安 新型WebRTC刷卡側錄程式現身，繞過CSP等防護機制 https://www.ithome.com.tw/news/174703 WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites https://thehackernews.com/2026/03/webrtc-skimmer-bypasses-csp-to-steal.html 日本驚覺 中國行動支付成逃稅漏洞 https://reurl.cc/yOMozE 遊日不用西瓜卡！日本關東11家鐵路啟用信用卡感應支付 跨線搭地鐵OK https://tech.udn.com/tech/story/124457/9402580 LINE Pay今年交易量挑戰衝破兆元 擴大電子支付、跨境布局 https://news.cnyes.com/news/id/6390573 騙了太多人！「幫我拍張條碼就好」，一句話清空你的電子錢包 https://cdn-news.org/News.aspx?EntityID=News&PK=00000000a48570d7a689f9289ad854498a79fda234582768 一卡通啟動3億元現金增資 強化支付服務版圖 https://ec.ltn.com.tw/article/breakingnews/5383996 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials https://thehackernews.com/2026/03/ghost-campaign-uses-7-npm-packages-to.html 加密貨幣禮品卡商城Bitrefill疑遭北韓Lazarus攻擊，舊憑證與機密資料快照成入侵跳板 https://www.ithome.com.tw/news/174613 Curve 創辦人：迷因幣是「摧毀加密形象」的罪魁禍首，比特幣與 DeFi 卻要背黑鍋 https://www.blocktempo.com/curve-founder-michael-egorov-slams-memecoins-destroy-crypto-trust/ 規避制裁成避風港 伊朗戰時加密貨幣流動量大 https://reurl.cc/GaEQ9v 巴西授權執法機構沒收加密貨幣 推動反洗錢新章 https://news.pchome.com.tw/finance/sunmedia/20260327/index-77460472515364329003.html 加密幣市場波動加劇 新手入門慎防詐騙與風險 https://n.yam.com/Article/20260327649404 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 中國駭客Red Menshen在電信公司植入後門BPFDoor https://www.ithome.com.tw/news/174715 執法機構出手打擊Aisuru與Kimwolf等大型殭屍網路 https://www.ithome.com.tw/news/174571 伊朗勒索軟體Pay2Key入侵美國醫療機構，3小時內加密所有檔案 https://www.ithome.com.tw/news/174706 協助勒索軟體「閰羅王」取得入侵管道的俄羅斯駭客面臨7年徒刑 https://therecord.media/hacker-russian-ransomware-sentenced-doj Mirai殭屍網路被用於大型DDoS攻擊平臺與非法代理伺服器 https://gbhackers.com/mirai-botnets/ VS Code自動執行機制遭濫用，北韓駭客企圖部署惡意軟體StoatWaffle https://www.ithome.com.tw/news/174664 假借提供AI代理OpenClaw的Docker部署套件，駭客企圖利用木馬竊取開發人員資料 https://www.darkreading.com/application-security/github-openclaw-deployer-repo-delivers-trojan 研究人員揭露可繞過防毒偵測的Zombie ZIP手法 https://www.ithome.com.tw/news/174597 .NET惡意軟體AOT將程式碼埋藏在黑箱，企圖迴避偵測 https://thehackernews.com/2026/03/ghost-campaign-uses-7-npm-packages-to.html 蠕蟲程式CanisterWorm於NPM儲存庫自我複製 https://www.ithome.com.tw/news/174614 惡意程式Speagle挾持文件安全平臺Cobra DocGuard，企圖掩蓋資料外洩的流量 https://thehackernews.com/2026/03/speagle-malware-hijacks-cobra-docguard.html 蠕蟲活動CanisterWorm升級，TeamPCP針對伊朗進行資料破壞攻擊 https://www.ithome.com.tw/news/174617 Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR https://thehackernews.com/2026/03/tax-search-ads-deliver-screenconnect.html TeamPCP再度發動供應鏈攻擊，Checkmarx的KICS掃描弱點掃描工具遭駭 https://www.ithome.com.tw/news/174629 TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams https://thehackernews.com/2026/03/google-adds-24-hour-wait-for-unverified.html U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage https://thehackernews.com/2026/03/us-sentences-russian-hacker-to-675.html Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks https://thehackernews.com/2026/03/russian-hacker-sentenced-to-2-years-for.html GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data https://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.html Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware https://thehackernews.com/2026/03/bearlyfy-hits-70-russian-firms-with.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 FBI警告伊朗駭客濫用Telegram作為C2攻擊異議人士 https://www.ithome.com.tw/news/174670 Google強化Android側載安全機制，導入冷靜期與多重驗證防堵詐騙 https://www.ithome.com.tw/news/174570 Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks https://thehackernews.com/2026/03/coruna-ios-kit-reuses-2023.html iOS漏洞利用套件Coruna調查有新發現！可追溯到3年前的攻擊Operation Triangulation https://www.ithome.com.tw/news/174713 iPhone漏洞利用工具DarkSword外流至GitHub，數億臺未更新裝置恐曝險 https://www.ithome.com.tw/news/174671 蘋果發布安全警告，未更新iPhone恐成攻擊目標，涉及DarkSword攻擊鏈 https://www.ithome.com.tw/news/174567 安卓惡意軟體Perseus冒充IPTV應用程式散布，於用戶的筆記軟體搜刮敏感資料 https://www.bleepingcomputer.com/news/security/new-perseus-android-malware-checks-user-notes-for-secrets/ FBI警告伊朗駭客Handala利用即時通訊軟體Telegram從事惡意軟體攻擊 https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/ CISA指出DarkSword利用的iOS漏洞已出現攻擊活動，要求聯邦機構兩週內完成修補 https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-darksword-ios-flaws-exploited-attacks/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 2025圖靈獎頒給量子資訊研究先驅，Charles Bennett與Gilles Brassard共同獲獎 https://www.ithome.com.tw/news/174591 特力海外子公司發生資安事件 https://mopsov.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=210316&SPOKE_DATE=20260323&COMPANY_ID=2908 融程電發生資安事件，駭客存取部分雲端資料並發出勒索信 https://mopsov.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=2&SPOKE_TIME=174655&SPOKE_DATE=20260324&COMPANY_ID=3416 駭客瞄準微軟SQL Server，疑透過掃描工具ICE Cloud Scanner充當跳板 https://www.ithome.com.tw/news/174693 戰事蔓延，導致AWS中東地區第二個服務區域陷入中斷 https://www.ithome.com.tw/news/174665 伊朗駭客Nasir Security鎖定海灣地區的能源公司從事網路間諜活動 https://securityaffairs.com/189865/cyber-warfare-2/pro-iranian-nasir-security-is-targeting-energy-companies-in-the-gulf.html 駭客組織Storm-2561假借提供企業級VPN用戶端軟體，意圖竊取企業VPN憑證 https://www.ithome.com.tw/news/174668 逾半數Magento電商平臺遭受PolyShell漏洞攻擊 https://www.ithome.com.tw/news/174686 Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover https://thehackernews.com/2026/03/magento-polyshell-flaw-enables.html 美國逮捕管理竊資軟體RedLine的亞美尼亞人士 https://www.bleepingcomputer.com/news/security/suspected-redline-infostealer-administrator-extradited-to-us/ 俄羅斯殭屍網路管理員在美國被判刑 https://therecord.media/russian-botnet-operator-sentenced-ransomware 俄羅斯逮捕涉嫌經營網路犯罪論壇LeakBase的管理員 https://www.bleepingcomputer.com/news/security/russia-arrests-suspected-owner-and-admin-of-leakbase-cybercrime-forum/ 英國起訴與亞洲詐騙生態圈有關的簡體中文地下市集Xinbi https://www.bleepingcomputer.com/news/security/uk-sanctions-xinbi-marketplace-linked-to-asian-scam-centers/ 美國財政部對6名北韓IT工作者與兩個實體進行制裁 https://thehackernews.com/2026/03/ofac-sanctions-dprk-it-worker-network.html 開源大型語言模型串接套件LiteLLM遭遇供應鏈攻擊 https://www.ithome.com.tw/news/174661 美國擴大供應鏈管制，外國製路由器納入國安風險清單 https://www.ithome.com.tw/news/174607 Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website https://thehackernews.com/2026/03/claude-extension-flaw-enabled-zero.html China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks https://thehackernews.com/2026/03/china-linked-red-menshen-uses-stealthy.html ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories https://thehackernews.com/2026/03/threatsday-bulletin-pqc-push-ai-vuln.html FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns https://thehackernews.com/2026/03/fcc-bans-new-foreign-made-routers-over.html TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html Trivy供應鏈攻擊影響逾1千個SaaS環境 https://www.ithome.com.tw/news/174680 Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages https://thehackernews.com/2026/03/trivy-supply-chain-attack-triggers-self.html 程式碼弱點掃描工具Trivy遭供應鏈攻擊，駭客透過GitHub Actions散布竊資軟體 https://www.ithome.com.tw/news/174601 Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them https://thehackernews.com/2026/03/we-found-eight-attack-vectors-inside.html Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper https://thehackernews.com/2026/03/trivy-hack-spreads-infostealer-via.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 微軟警告報稅季成網釣高峰，駭客鎖定納稅人和會計師發動攻擊 https://www.ithome.com.tw/news/174727 駭客假借提供美國報稅表單從事網釣，意圖藉由惡意廣告於民眾電腦植入遠端管理工具，並癱瘓防毒軟體運作 https://www.ithome.com.tw/news/174731 FBI警示Signal通訊軟體釣魚攻擊與俄羅斯情報機構有關，已入侵數千個帳號 https://www.ithome.com.tw/news/174584 Aura證實資料外洩事件，近90萬筆客戶聯絡資料遭未授權存取 https://www.ithome.com.tw/news/174589 漏洞懸賞平臺HackerOne傳出員工資料外洩 https://www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/ 大型AiTM網釣平臺Tycoon 2FA捲土重來，遭執法活動破壞後，僅兩天就回復先前狀態 https://www.ithome.com.tw/news/174650 駭客聲稱從雲端公司OVHcloud竊得600 TB資料，該公司表示資料並非來自他們的資料庫 https://hackread.com/ovhcloud-founder-denies-590tb-data-breach-claims/ 馬自達倉儲資訊系統遭駭，外洩員工、合作夥伴資料 https://www.ithome.com.tw/news/174609 竊資軟體VoidStealer透過除錯模式愚弄用戶，企圖竊取Chrome主金鑰 https://www.bleepingcomputer.com/news/security/voidstealer-malware-steals-chrome-master-key-via-debugger-trick/ 微軟Azure Monitor警示通知被濫用，駭客發送釣魚郵件要收信人回撥電話 https://www.bleepingcomputer.com/news/security/microsoft-azure-monitor-alerts-abused-in-callback-phishing-campaigns/ 歐洲刑警組織主導執法行動Operation Alice，撤下逾37萬個假的兒童色情素材網站 https://www.bleepingcomputer.com/news/security/police-take-down-373-000-fake-csam-sites-in-operation-alice/ 研究人員藉由AI推理行為降低瀏覽器防護，誘騙Perplexity Comet存取釣魚網頁 https://www.ithome.com.tw/news/174588 網釣攻擊ClickFix鎖定Windows用戶，藉由映射網路磁碟載入惡意程式 https://hackread.com/clickfix-scam-users-mapping-hacker-controlled-drives/ Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware https://thehackernews.com/2026/03/microsoft-warns-irs-phishing-hits-29000.html FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks https://thehackernews.com/2026/03/fbi-warns-russian-hackers-target-signal.html Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse https://thehackernews.com/2026/03/device-code-phishing-hits-340-microsoft.html LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace https://thehackernews.com/2026/03/leakbase-admin-arrested-in-russia-over.html E.研究報告/工具 54款EDR殺手工具透過自帶驅動程式手法，癱瘓受害電腦的端點防護系統 https://thehackernews.com/2026/03/54-edr-killers-use-byovd-to-exploit-34.html We Are At War https://thehackernews.com/2026/03/we-are-at-war.html Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception https://thehackernews.com/2026/03/masters-of-imitation-how-hackers-and.html The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks https://thehackernews.com/2026/03/the-importance-of-behavioral-analytics.html The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html The Kill Chain Is Obsolete When Your AI Agent Is the Threat https://thehackernews.com/2026/03/the-kill-chain-is-obsolete-when-your-ai.html LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks https://thehackernews.com/2026/03/langchain-langgraph-flaws-expose-files.html F.商業 蘋果推出Apple Business，MDM納入基礎服務 https://www.ithome.com.tw/news/174648 Google要在2029年完成PQC遷移，Android 17率先導入系統層PQC https://www.ithome.com.tw/news/174696 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents https://thehackernews.com/2026/03/5-learnings-from-first-ever-gartner.html 趨勢科技於RSA大會期間宣布重大轉型，企業資安事業群將以TrendAI為統一品牌識別 https://www.ithome.com.tw/news/174697 思科針對強化OpenClaw應用環境安全性需求，推出DefenseClaw管理工具 https://www.ithome.com.tw/news/174676 HP、Dell雙雙公布商用PC抗量子破解的技術 https://www.ithome.com.tw/news/174733 Databricks推Lakewatch跨足SIEM市場，以湖倉架構整合資安營運 https://www.ithome.com.tw/news/174669 G.政府 數發部首度於國際資安展會RSAC設立臺灣資安館 https://www.ithome.com.tw/news/174734 數發部核發數位就業金卡破千張 軟體開發占六成 https://www.cio.com.tw/109457/ 「養龍蝦」養出資安破口　數發部資安署推5招自保 https://finance.ettoday.net/news/3138134 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Ubiquiti修補UniFi網管平臺滿分重大漏洞，未更新恐導致帳戶遭接管 https://www.ithome.com.tw/news/174619 威聯通修補Pwn2Own資安競賽揭露的QHora路由器漏洞 https://www.ithome.com.tw/news/174643 I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g EC Council CASE.NET 認證準備 https://coolmandiary.blogspot.com/2025/04/ec-council-casenet.html EC Council CASE.NET(312-95)_筆記_Module1專有名詞及定義 https://coolmandiary.blogspot.com/2021/10/ec-council-casenet312-95module1.html GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po My ceh practical notes https://github.com/dhabaleshwar/CEHPractical/blob/main/Everything%20You%20Need.md CEHP課程筆記 https://hackmd.io/@nfu-johnny/B1Ju_BMPR ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 物聯網邊緣運算與資安實戰 2026/3/28 https://www.accupass.com/event/2412260751154280345070 應對 2026 資安新法：Google SecOps 如何自動化您的合規地圖 2026/3/31 https://www.accupass.com/event/2602240656105983582800 Gemini實戰全攻略-打造你的AI工作流 2026/5/30 https://www.accupass.com/event/2602191339327923594810