資安事件新聞週報 2023/1/23 ~ 2023/1/27

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/1/23 ~ 2023/1/27 1.重大弱點漏洞/後門/Exploit/Zero Day New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks https://thehackernews.com/2023/01/new-microsoft-azure-vulnerability.html VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities https://thehackernews.com/2023/01/vmware-releases-patches-for-critical.html 疑似中國駭客攻擊Fortinet漏洞植入後門程式 https://www.ithome.com.tw/news/155263 合勤修補多項產品韌體漏洞，包括1項風險值9.8分的重大漏洞 https://www.ithome.com.tw/news/155269 2.銀行/金融/保險/證券/金融監理新聞及資安春節期間金融機構ATM運作不休息 https://reurl.cc/qZ7nap 金管會除夕扮神秘客抽查全台9 縣市ATM　「全數合格」 https://finance.ettoday.net/news/2427296 網銀約定轉帳成詐騙新手法金管會要求國銀設警語示警 https://money.udn.com/money/story/5613/6926618 隨便都3個帳戶　銀行帳戶太多怎麼管？專家提6點建議 https://finance.ettoday.net/news/2396542 春節期間遠距投保金管會提醒確認內容避免爭議 https://news.cts.com.tw/cna/money/202301/202301242135047.html 金管會促各保險公司春節期間保戶服務不中斷 https://www.tssdnews.com.tw/?FID=32&CID=656079 下個金融風暴？美議員擬廢除31兆鎂債務上限，允許「無限制舉債」 https://www.blocktempo.com/us-democrats-propose-legislation-eliminate-debt-ceiling/ 確保順利開工金融業連假結束前將進行系統測試 https://reurl.cc/DXzp7m 3.信用卡/電子支付/行動支付/pay/支付系統/資安駭客盜刷信用卡 GrabPay用戶2分鐘失1500元 https://reurl.cc/LXynM7 3.5萬Paypal用戶帳號遭憑證填充攻擊 https://www.ithome.com.tw/news/155262 電子支付平台PayPal遭黑客攻擊　近3.5萬用戶資料或外洩 https://reurl.cc/gQVA0b 你一定要看的2023年信用卡全攻略 https://money.udn.com/money/story/5648/6917271 繳醫療費啟動行動支付一卡通推「醫指付」及iPASS MONEY雙管道 https://udn.com/news/story/7239/6914180 以微服務打造電子支付新黑馬，全支付靠技術力服務百萬會員 https://www.ithome.com.tw/people/155004 詐騙手法推陳出新金管會持續督導電支機構助民防詐 https://udn.com/news/story/7239/6931024 悠遊卡先發支付業吹興櫃風 https://ctee.com.tw/news/finance/786430.html 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 SEC起訴Mango駭客「違反證券法」，與CFTC爭搶管轄Defi、預言機 https://www.blocktempo.com/sec-charges-mango-hacker-for-116-million-mango-mango-markets-exploit/ 加密貨幣圈又倒一家公司 Genesis在美聲請破產 https://www.chinatimes.com/realtimenews/20230121001588-260408?chdtv 微軟的元宇宙未來告終？受大規模裁員影響，虛擬平台 AltSpaceVR 將 3月關 https://www.inside.com.tw/article/30516-microsoft-mass-layout-affects-metaverse-projects 美檢查扣FTX創辦人212億元資產多為羅賓漢股份 https://money.udn.com/money/story/10511/6926355 暗網市場Solaris遭競爭對手Kraken攻擊，已凍結其比特幣錢包 https://news.cnyes.com/news/id/5068975?exp=a 投資加密貨幣，六大常見詐騙手法、如何防範 https://www.blocktempo.com/six-common-scams-when-investing-in-cryptocurrencies/ 以太坊上海升級完成「影子分叉」！開發員：公共測試網未來幾天上線 https://www.blocktempo.com/the-public-testnet-for-ethereum-shanghai-will-go-live-in-the-coming-days/ 華爾街狂人：「幣圈壞蛋們」肖想比特幣現貨ETF上市，感謝SEC主席阻止 https://www.blocktempo.com/jim-cramer-thanks-sec-chairman/ SEC與灰度就「GBTC轉比特幣ETF」3月將於法院公開辯論 https://www.blocktempo.com/sec-will-debate-with-grayscale-in-court-about-the-conversion-of-gbtc-to-etf/ 駭客也看漲ETH！Wormhole攻擊者將1.5億贓款「槓桿做多」以太坊 https://www.blocktempo.com/wormhole-hacker-moves-155m-eth/ 幣安誤將B代幣抵押資產存在存儲交易所客戶資金的錢包 https://reurl.cc/MXpD43 Wormhole攻擊者正將竊取資產以借貸形式槓桿做多ETH https://news.cnyes.com/news/id/5069274 拆分策略 —— 加密寒冬生存框架 https://blockcast.it/2023/01/25/a-framework-for-survival-in-crypto-winter/ Moonbirds創始人錢包遭駭客攻擊，25枚Chromie Squiggles被盜 https://news.cnyes.com/news/id/5069637 BTC下殺？近14億鎂比特幣選擇權本週到期，最大痛點$1.9萬 https://www.blocktempo.com/deribit-metrics-about-2-billion-btc-and-eth-options-expire-this-week/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 陸車廠遭駭客勒索　疑不付贖金被嗆「寧願花千萬請歌手」 https://www.ettoday.net/news/20230121/2412612.htm 你知道嗎 OneNote 筆記服務也成為散播木馬病毒的途徑了… https://www.kocpc.com.tw/archives/478170 Analyzing Malicious OneNote Documents https://blog.didierstevens.com/2023/01/22/analyzing-malicious-onenote-documents/ Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results - SentinelOne https://www.sentinelone.com/blog/breaking-down-the-seo-poisoning-attack-how-attackers-are-hijacking-search-results/ Following the LNK metadata trail https://blog.talosintelligence.com/following-the-lnk-metadata-trail/ https://github.com/Cisco-Talos/IOCs/blob/main/2023/01/following-the-lnk-metadata-trail.txt New Research Delves into the World of Malicious LNK Files and Hackers Behind Them https://thehackernews.com/2023/01/new-research-delves-into-world-of.html Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html Android Users Beware: New Hook Malware with RAT Capabilities Emerges https://thehackernews.com/2023/01/android-users-beware-new-hook-malware.html Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html Emotet Malware Makes a Comeback with New Evasion Techniques https://thehackernews.com/2023/01/emotet-malware-makes-comeback-with-new.html Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats https://unit42.paloaltonetworks.com/realtek-sdk-vulnerability/ Technical Advisory: Proxy*Hell Exploit Chains in the Wild https://businessinsights.bitdefender.com/technical-advisory-proxyhell-exploit-chains-in-the-wild Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection https://thehackernews.com/2023/01/chinese-hackers-utilize-golang-malware.html Emotet Returns With New Methods of Evasion https://blogs.blackberry.com/en/2023/01/emotet-returns-with-new-methods-of-evasion Emotet Malware Makes a Comeback with New Evasion Techniques https://thehackernews.com/2023/01/emotet-malware-makes-comeback-with-new.html Vice Society Ransomware Group Targets Manufacturing Companies https://reurl.cc/pZlAKa https://www.trendmicro.com/en_us/research/23/a/vice-society-ransomware-group-targets-manufacturing-companies.html The Titan Stealer: Notorious Telegram Malware Campaign https://www.uptycs.com/blog/titan-stealer-telegram-malware-campaign Protecting Against Malicious Use of Remote Monitoring and Management Software https://www.cisa.gov/uscert/ncas/alerts/aa23-025a PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration https://thehackernews.com/2023/01/pyration-new-python-based-rat-utilizes.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 APP廣告也能蓋台？全球1100萬台設備受害駭客鑽漏洞每日投放120億則廣告獲利 https://reurl.cc/kqxMnL Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram https://thehackernews.com/2023/01/gamaredon-group-launches-cyberattacks.html WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws https://thehackernews.com/2023/01/whatsapp-hit-with-55-million-fine-for.html Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud https://thehackernews.com/2023/01/samsung-galaxy-store-app-found.html 手機容量被吃光怎辦？LINE也要大掃除　「簡單3招」快速釋放空間 https://www.setn.com/News.aspx?NewsID=1241543 TikTok 承認員工可操控熱門內容，關係密切創作者和公司內容手動推送 https://technews.tw/2023/01/23/tiktok-admits-employees-can-manipulate-popular-content/ 注意資安問題！Bondee 社群爆紅，前身疑為中國問題 App「啫喱」 https://www.inside.com.tw/article/30523-what-is-bondee Messenger開始向用戶推送預設端到端加密功能 https://www.ithome.com.tw/news/155261 舊瓶裝新酒恐個資外洩？「Bondee」App跟它長超像列出「中國台灣」隱私條款 https://udn.com/news/story/7088/6929444 WhatsApp帶強迫性的用戶條款，被愛爾蘭罰550萬歐元 https://www.ithome.com.tw/news/155260 蘋果修補macOS、iOS WebKit程式碼執行漏洞 https://www.ithome.com.tw/news/155266 蘋果最新OS更新，Apple ID開始可以用實體金鑰進行雙因素驗證了 https://times.hinet.net/news/24374318 iOS 16.3 正式版更新釋出：全新 8 項更新重點整理（同場加映：watchOS 9 與 iPadOS 16.3 更新） https://www.kocpc.com.tw/archives/478221 Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability https://thehackernews.com/2023/01/apple-issues-updates-for-older-devices.html Facebook Introduces New Features for End-to-End Encrypted Messenger App https://thehackernews.com/2023/01/facebook-introduces-new-features-for.html Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud https://thehackernews.com/2023/01/samsung-galaxy-store-app-found.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力駭客冒充 7-Zip、CCleaner、OBS 等知名軟體滲透 Google 搜尋廣告 https://www.kocpc.com.tw/archives/478075 《GTAOnline》PC版別玩！知名爆料者警告駭客已能修改帳號並駭進電腦 https://tw.news.yahoo.com/nogtavpchere-235948698.html ChatGPT大熱好壞參半　黑客欲試作惡意用途 https://www.pcmarket.com.hk/chatgpt-hacker/ 微軟Outlook等多項服務驚傳當機微軟公司回應了 https://tw.nextapple.com/international/20230125/932127A940EFA8CB09BA6BA7BA5C2758 微軟Azure多地區雲端服務中斷，影響M365、PowerBI和Xbox服務 https://www.ithome.com.tw/news/155271 FBI：Lazarus Group和APT38為Harmony駭客攻擊幕後黑手 https://news.cnyes.com/news/id/5069244 俄羅斯駭客始研究 ChatGPT快將作惡意用途 https://reurl.cc/Wq6AW7 美機場電腦停機事件原因公佈：FAA約聘人員誤刪檔案釀災 https://www.ithome.com.tw/news/155249 《戰地風雲1》亞服傳遭駭客癱瘓，中國外掛聯盟發起「賽博一戰」炸服事件 https://www.4gamers.com.tw/news/detail/56709/china-and-russia-cheaters-declare-war-so-called-cyber-battlefield-1 Robinhood推特帳戶遭駭客攻擊 https://news.cnyes.com/news/id/5069595 駭客威脅公開《英雄聯盟》原始碼，遊戲公司Riot遭勒索千萬美元 https://www.ithome.com.tw/news/155265 電商平台擺爛不願加強資安防護　警方用這招 https://www.nownews.com/news/6025858 英國劍橋被滲透？外媒曝中國與40所英國頂大合作包藏禍心 https://ec.ltn.com.tw/article/breakingnews/4192513 英媒：心存不軌北京以學術合作滲透英國頂尖名校 https://www.secretchina.com/news/b5/2023/01/24/1027289.html 北韓新一波駭客手法轉向「憑證竊取」攻擊 https://www.technice.com.tw/cloudtech/infosecurity/34950/ 曾挺裴洛西訪台灣！麥卡錫傳春季來台訪問 https://reurl.cc/aaOMQQ 美國前國務卿龐培歐回憶錄：金正恩說中國人都是騙子北韓需駐南韓美軍保護 https://www.taiwannews.com.tw/ch/news/4790839 中國駭客入侵南韓12學術機關　預告「下波攻擊」2000政府部門官網 https://www.ettoday.net/news/20230125/2428377.htm 韓國70家學術機構官網遭中國駭客組織「曉騎營」攻擊 https://reurl.cc/eWRA6L 原來是"低階"的駭客攻擊啊? 中國駭客組織"曉騎營"狂駭南韓學術機構 https://www.youtube.com/watch?v=496N5tABB8Y 南韓多家學術機構遭駭中國駭客組織揚言公布韓政府資料 https://news.ltn.com.tw/news/world/breakingnews/4193012 囂張！韓學術機構遭陸駭客組織入侵揚言要公布國家機密 https://reurl.cc/YdgopL 中國駭客下戰帖韓12機構證實官網遭駭 https://udn.com/news/story/6809/6929199?from=udn-ch1_breaknews-1-cate5-news FBI：美國加密資產被盜幕後黑手是北韓 https://ec.ltn.com.tw/article/breakingnews/4192633 FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft https://thehackernews.com/2023/01/fbi-says-north-korean-hackers-behind.html North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks https://thehackernews.com/2023/01/north-korean-hackers-turn-to-credential.html U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software https://thehackernews.com/2023/01/us-federal-agencies-fall-victim-to.html Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages https://thehackernews.com/2023/01/over-4500-wordpress-sites-hacked-to.html <資安系列> 資安主管/資安工程師 (887) https://www.104.com.tw/job/7vnbs?jobsource=googlejobs 金兔年轉換跑道大作戰盤點四大產業趨勢人才需求 https://news.cnyes.com/news/id/5063823 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html 從螺螄粉「統戰包裝」看中國滲透台灣　矢板明夫示警：一定不能掉以輕心 https://www.setn.com/News.aspx?NewsID=1242369 假求職名義誘騙個資案猖獗金管會提醒落實查證 https://news.cts.com.tw/cna/money/202301/202301222134682.html 澳洲最大醫療保險公司遭駭客戶醫療紀錄陸續被公開 https://reurl.cc/Z1KZMQ KakaoTalk遭海外登入？當心北韓駭客釣魚手法 https://www.cna.com.tw/news/ait/202301250132.aspx LastPass Parent Company GoTo Suffers Data Breach, Customers' Backups Compromised https://thehackernews.com/2023/01/lastpass-parent-company-goto-suffers.html LastPass母公司GoTo證實用戶密碼備份和加密金鑰已洩漏 https://www.ithome.com.tw/news/155264 投資詐騙花樣多當心淪肥羊　金管會提醒「防詐3不3要」 https://tw.nextapple.com/local/20230125/9137355817CD3D6153C541B6663F4600 E.研究報告/工具認識駭客（Hacker），Cracker（破壞者），激進駭客（Hacktivist）網路犯罪份子（Cybercriminal）,白帽（White Hat）,黑帽（Black Hat）,灰帽（Grey Hat） https://blog.trendmicro.com.tw/?p=1857 如何利用 ChatGPT 有效率的將網站中所有 jQuery 轉換成 VanillaJS https://blog.miniasp.com/post/2023/01/25/Convert-jQuery-to-VanillaJS-using-ChatGPT 雲端小白怎麼開始學習呢 https://www.youtube.com/watch?v=BJNhca3SR3A The Cyber Security Body of Knowledge https://www.cybok.org/media/downloads/CyBOK_v1.1.0.pdf OSINT At Home - Tutorials on Digital Research https://www.youtube.com/playlist?app=desktop&list=PLrFPX1Vfqk3ehZKSFeb9pVIHqxqrNW8Sy Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium https://thehackernews.com/2023/01/security-navigator-research-some.html 6 Types of Risk Assessment Methodologies + How to Choose https://thehackernews.com/2023/01/6-types-of-risk-assessment.html SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric https://thehackernews.com/2023/01/saas-security-posture-management-sspm.html Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks https://thehackernews.com/2023/01/threat-actors-turn-to-sliver-as-open.html Making a shit-ton of money with ChatGPT. Experiment 1 https://medium.com/@nassuf/making-a-shit-ton-of-money-with-chatgpt-experiment-1-52c60ec8037f How to make your Python GUI look awesome https://medium.com/@SrvZ/how-to-make-your-python-gui-look-awesome-9372c42d7df4 DOM-Based XSS for fun and profit $$$! | Bug Bounty POC https://medium.com/@haroonhameed_76621/dom-based-xss-for-fun-and-profit-bug-bounty-poc-f4b9554e95d A Simple Guide to OpenAI API with Python https://artificialcorner.com/a-simple-guide-to-openai-api-with-python-3bb4ed9a4b0a EP61|數據會說話，只是各說各話 https://player.soundon.fm/p/bf36d034-1963-434b-8d4f-7e9395904e7f/episodes/91b90468-5b10-4ed4-bd5b-aa89e20d1db2 Unix/Linux Command Combinations That Every Developer Should Know https://levelup.gitconnected.com/unix-linux-command-combinations-that-every-developer-should-know-9ae475cf6568 SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric https://thehackernews.com/2023/01/saas-security-posture-management-sspm.html Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks https://thehackernews.com/2023/01/threat-actors-turn-to-sliver-as-open.html ChatGPT vs. My Google Coding Interview https://medium.com/codex/chatgpt-vs-my-google-coding-interview-8ab474b759b6 How to Be the Type of Person Everyone Wants to Know https://medium.com/s/notes-on-changing-your-life/how-to-be-the-type-of-person-everyone-wants-to-know-b7e996313c39 Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium https://thehackernews.com/2023/01/security-navigator-research-some.html ChatGPT in an iOS Shortcut — Worlds Smartest HomeKit Voice Assistant https://matemarschalko.medium.com/chatgpt-in-an-ios-shortcut-worlds-smartest-homekit-voice-assistant-9a33b780007a Processing guarantees in Kafka https://medium.com/@andy.bryant/processing-guarantees-in-kafka-12dd2e30be0e F.商業全球網路攻擊年增38%，台灣各組織平均每週受攻擊逾3000次 https://today.line.me/tw/v2/article/WBgxv5y G.政府健保署個資外洩案引發國安問題　黃重諺：須亡羊補牢透過法律遏止生 https://www.ftvnews.com.tw/news/detail/2023120P05M1 11情治系統個資全遭洩　健保署前主祕神祕帳戶爆鉅款匯入 https://www.mirrormedia.mg/story/20230117inv006/ 從戶政到健保資料外洩案看我國個資保障，唐鳳部長理當不能以一句配合偵辦輕輕帶過 https://www.thenewslens.com/article/180013 確保通傳網路資通安全數位部春節守護不中斷 https://moda.gov.tw/press/press-releases/3627 網友到數位發展部臉書嗆聲釣出唐鳳本人暖回 https://news.ltn.com.tw/news/politics/breakingnews/4191261 傳陳建仁點頭接任閣揆藍委籲重視民意：改善治安資安 https://udn.com/news/story/6656/6929063 數位部8大施政導入統一傳輸系統強化公部門資安 https://www.cna.com.tw/news/afe/202301260015.aspx 民眾財損近7億！個資外洩頻傳　哪部會負責 https://www.nownews.com/news/6025823 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安泰國掀中國電動車浪潮分析：民眾信任度仍不高、資安疑雲恐成硬傷 https://tw.aboluowang.com/2023/0121/1857704.html 10個WI-FI安全技巧防止家庭網路成為駭客目標 https://www.technice.com.tw/techmanage/internet/34914/ 防堵無人機資安漏洞 TTC擬攜手業者3月設驗測實驗室 https://money.udn.com/money/story/5612/6930389?from=edn_newestlist_cate_side I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 6.近期資安活動及研討會 SyntaxError 2023/2/1 https://www.meetup.com/pythonhug/events/291102083/ Airflow Taiwan User Meetup 2023/2/2 https://www.meetup.com/taipei-py/events/290566341/ 金融資安研習營 2023/2/9 ~ 2023/2/10 https://fisw.ccisa.org.tw/ WordPress 彰化小聚#26 2023/2/12 https://www.meetup.com/changhua-wordpress-meetup-group/events/290974160/ Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 兩道資安關鍵防線遠離遠距辦公資安風險 2023/2/23 https://www.accupass.com/event/2301170725591343770258 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/ DEVCORE Conference 2023 - 3/10 企業場 2023/3/10 https://devcore.kktix.cc/events/devcoreconf2023-0310 DEVCORE Conference 2023 - 3/11 駭客場 2023/3/11 https://devcore.kktix.cc/events/devcoreconf2023 掌握資安趨勢讓大數據決策市場研討會 2023/3/16 https://www.accupass.com/event/2212200343421615169635 iPAS中級資訊安全人員訓練班 2023/5/4 ~ 2023/6/1 https://edu.tcfst.org.tw/web/tw/class/show.asp?courseidori=12C013