資安事件新聞週報 2025/9/1 ~ 2025/9/5

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2025/9/1 ~ 2025/9/5 1.重大弱點漏洞/後門/Exploit/Zero Day AI滲透測試自動化平臺HexStrike-AI遭濫用，駭客快速將Citrix NetScaler零時差漏洞用於實際攻擊 https://www.ithome.com.tw/news/171001 Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure https://thehackernews.com/2025/09/threat-actors-weaponize-hexstrike-ai-to.html SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild https://thehackernews.com/2025/09/sap-s4hana-critical-vulnerability-cve.html Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation https://thehackernews.com/2025/09/cisa-adds-tp-link-and-whatsapp-flaws-to.html 逾千臺Ollama伺服器曝露，近2成無須通過認證就能用於執行模型推論 https://www.ithome.com.tw/news/170999 K8s外掛Capsule驗證缺陷允許任意標籤注入，可破壞多租戶隔離 https://www.ithome.com.tw/news/170914 IBM Watsonx存在高風險漏洞，可被用於SQL注入攻擊 https://gbhackers.com/ibm-watsonx-vulnerability/ Google Web Designer存在漏洞，攻擊者有機會控制用戶端系統 https://gbhackers.com/google-web-designer-vulnerability/ Nvidia NeMo Curator存在高風險漏洞，可致本機權限提升與任意程式碼執行 https://www.ithome.com.tw/news/170927 2.銀行/金融/保險/證券/金融監理新聞及資安 Anatsa安卓金融木馬再擴散，鎖定攻擊831款財務與加密貨幣App https://www.ithome.com.tw/news/170855 安卓惡意軟體載入工具投放金融木馬、間諜軟體、竊資軟體 https://thehackernews.com/2025/09/android-droppers-now-deliver-sms.html Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans https://thehackernews.com/2025/09/android-droppers-now-deliver-sms.html AI詐騙、駭客攻擊頻傳！期交所集結期貨商資安長及高層逾80人強化資安打造韌性金融 https://news.cnyes.com/news/id/6142979 遠傳資安防禦方案，助陣金融業通過金管會測試 https://today.line.me/tw/v3/article/BMo9BG 民怨爆棚？這家金控公司連兩日釋出維護公告 https://inews.setn.com/news/1715273 銀行防詐凍結三大類「警示帳戶」新規！低餘額關帳、ATM 領錢限額一次看 https://finance.technews.tw/2025/09/05/alert-account/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安 HIVEX 促成大陸用戶在日本無現金支付微信支付可在 PayPay 掃碼 https://money.udn.com/money/story/5613/8985470 雙北公車也能掃碼上車 6大行動支付年底上線 https://reurl.cc/bmxonv Line Bank推出團體收帳創新服務，支援多人共同存款和共享帳務，未來擬支援電子支付 https://www.ithome.com.tw/news/170949 硬推電子支付傷感情？統一羅智先︰icash pay先做好生態再跨出去 https://ec.ltn.com.tw/article/breakingnews/5151645 螞蟻國際旗下Antom推AI智能體支付解決方案加速AI商業化應用 https://www.aastocks.com/tc/stocks/news/infocast-news/IC4569302/1 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安加密貨幣能否挺過 2025 年的 TGA 帳戶回補流動性緊縮 https://news.cnyes.com/news/id/6143025 美國 SEC 公布最新政策藍圖：「加密貨幣監管」成首要任務 https://blockcast.it/2025/09/05/u-s-sec-posts-agencys-near-term-agenda-jammed-with-crypto-efforts/ 區塊鏈應用大爆發！　從數位身分防詐到RWA投資，揭開金融新時代 https://news.videoland.com.tw/article/60573894-21d4-4390-a1ac-f3ce976ee514.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 北韓駭客Lazarus運用PondRAT、ThemeForestRAT、RemotePE對金融與加密貨幣產業下手 https://www.ithome.com.tw/news/171005 北韓駭客Lazarus散布跨平臺惡意軟體PondRAT、ThemeForestRAT、RemotePE https://thehackernews.com/2025/09/lazarus-group-expands-malware-arsenal.html 微軟VS Code市集新發布的延伸套件命名，未禁止沿用已下架套件名稱，恐遭攻擊者濫用 https://www.ithome.com.tw/news/170938 大型語言模型Claude AI被用於打造勒索軟體 https://www.bleepingcomputer.com/news/security/malware-devs-abuse-anthropics-claude-ai-to-build-ransomware/ 新型態後門MystRodX運用DNS和ICMP隱匿行蹤，暗中竊取資料 https://thehackernews.com/2025/09/researchers-warn-of-mystrodx-backdoor.html 中國駭客Silver Fox濫用微軟簽署的驅動程式，散布ValleyRAT木馬 https://www.ithome.com.tw/news/170993 中國駭客Silver Fox發動自帶驅動程式攻擊，透過防毒軟體元件散布惡意程式 https://thehackernews.com/2025/09/silver-fox-exploits-microsoft-signed.html 駭客組織NoisyBear透過ZIP檔案散布PowerShell載入工具，並進行資料外洩 https://gbhackers.com/noisybear-exploits-zip-files/ Sitecore零時差漏洞遭到利用，攻擊者用於植入後門 https://www.bleepingcomputer.com/news/security/hackers-exploited-sitecore-zero-day-flaw-to-deploy-backdoors/ 竊資軟體TamperedChef假借冒牌PDF編輯工具從事感染 https://www.bleepingcomputer.com/news/security/tamperedchef-infostealer-delivered-through-fraudulent-pdf-editor/ 韓國學術機構遭到鎖定，北韓駭客APT37企圖植入惡意軟體RokRAT https://thehackernews.com/2025/09/scarcruft-uses-rokrat-malware-in.html VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages https://thehackernews.com/2025/09/virustotal-finds-44-undetected-svg.html 俄羅斯駭客APT28鎖定北約成員國而來，對收信軟體Outlook用戶部署後門NotDoor https://www.ithome.com.tw/news/171020 Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries https://thehackernews.com/2025/09/russian-apt28-deploys-notdoor-outlook.html 駭客組織GhostRedirector鎖定65臺伺服器下手，散布後門程式Rungan、IIS模組Gamshen https://thehackernews.com/2025/09/ghostredirector-hacks-65-windows.html GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module https://thehackernews.com/2025/09/ghostredirector-hacks-65-windows.html Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers https://thehackernews.com/2025/09/malicious-npm-packages-exploit-ethereum.html Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution https://thehackernews.com/2025/08/researchers-warn-of-sitecore-exploit.html ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics https://thehackernews.com/2025/09/scarcruft-uses-rokrat-malware-in.html Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware https://thehackernews.com/2025/09/silver-fox-exploits-microsoft-signed.html Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets https://thehackernews.com/2025/09/malicious-npm-package-nodejs-smtp.html 社群網站X的Grok AI遭濫用，駭客以此散布惡意連結 https://www.bleepingcomputer.com/news/security/threat-actors-abuse-xs-grok-ai-to-spread-malicious-links/ Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions https://thehackernews.com/2025/09/cybercriminals-exploit-xs-grok-ai-to.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊蘋果開放申請2026年iPhone資安研究專案 https://www.securityweek.com/apple-seeks-researchers-for-2026-iphone-security-program/ Google 新政策：Android 應用程式開發者需經過身份驗證 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=12174 Google發布安卓9月例行更新，修補112項漏洞 https://www.ithome.com.tw/news/170996 安卓惡意軟體Brokewell透過假的TradingView廣告散布 https://www.bleepingcomputer.com/news/security/brokewell-android-malware-delivered-through-fake-tradingview-ads/ Meta修補蘋果裝置的WhatsApp零時差漏洞，並指出攻擊者串連作業系統漏洞從事攻擊行動 https://www.ithome.com.tw/news/170921 Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack https://thehackernews.com/2025/09/android-security-alert-google-patches.html WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices https://thehackernews.com/2025/08/whatsapp-issues-emergency-update-for.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 AWS阻止APT29水坑攻擊，避免微軟帳號遭竊用 https://www.ithome.com.tw/news/170925 Cloudflare阻擋11.5 Tbps超高流量DDoS攻擊 https://www.ithome.com.tw/news/171004 資安業者Cloudflare揭露流量達到11.5 Tbps的DDoS攻擊事故 https://www.bleepingcomputer.com/news/security/cloudflare-blocks-record-breaking-115-tbps-ddos-attack/ 不只Vibe Coding，駭客正把Claude Code用於Vibe Hacking https://www.ithome.com.tw/news/170951 俄羅斯、中國駭客組成網路犯罪集團ShadowSilk，利用滲透測試工具和已知漏洞，入侵中亞、亞太地區政府機關 https://www.ithome.com.tw/news/170955 烏克蘭網路傳出對SSL VPN、RDP系統發動大規模暴力破解攻擊 https://thehackernews.com/2025/09/ukrainian-network-fdn3-launches-massive.html 汽車業者Jaguar Land Rover遭遇網路攻擊，銷售、生產受到影響 https://www.ithome.com.tw/news/170991 輪胎大廠普利司通遭遇網路攻擊，生產受到影響 https://www.ithome.com.tw/news/171016 荷蘭警告Salt Typhoon鎖定當地關鍵基礎設施而來 https://securityaffairs.com/181677/apt/dutch-intelligence-warns-that-china-linked-apt-salt-typhoon-targeted-local-critical-infrastructure.html 中國駭客組織鎖定全球關鍵基礎設施荷蘭證實遭Salt Typhoon攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=12180 Google Fined $379 Million by French Regulator for Cookie Consent Violations https://thehackernews.com/2025/09/google-fined-379-million-by-french.html Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack https://thehackernews.com/2025/09/cloudflare-blocks-record-breaking-115.html Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication https://thehackernews.com/2025/08/amazon-disrupts-apt29-watering-hole.html 已棄用的搜狗輸入法更新伺服器遭入侵，駭客用於對臺網路間諜活動 https://www.ithome.com.tw/news/170928 搜狗注音廢棄伺服器遭劫持成對台網路間諜攻擊跳板 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=12186 Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign https://thehackernews.com/2025/08/abandoned-sogou-zhuyin-update-server.html Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices https://thehackernews.com/2025/09/ukrainian-network-fdn3-launches-massive.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全消費者信用評分業者環聯傳出資料外洩，影響440萬人 https://www.bleepingcomputer.com/news/security/transunion-suffers-data-breach-impacting-over-44-million-people/ 微軟10月將強制以MFA登入Azure服務 https://www.ithome.com.tw/news/170963 SaaS業者Workiva客戶資料外洩，攻擊者存取Salesforce系統得逞 https://www.bleepingcomputer.com/news/security/saas-giant-workiva-discloses-data-breach-after-salesforce-attack/ OneDrive網釣鎖定高階主管而來，假借薪資為幌子，意圖竊取帳密資料 https://gbhackers.com/onedrive-phishing-attack/ Salesloft Drift供應鏈攻擊出現新的受害者，資安業者Zscaler傳出資料外洩 https://www.ithome.com.tw/news/170937 美國指控機器人玩具製造商Apitor將孩童資料送至中國 https://www.bleepingcomputer.com/news/security/us-sues-robot-toy-maker-for-exposing-childrens-data-to-chinese-devs/ Salesloft Drift供應鏈攻擊事故受害範圍擴大，Cloudflare、Palo Alto Networks證實其雲端CRM系統資料外洩 https://www.ithome.com.tw/news/170989 企業網站「聯絡我們」表單引狼入室，惡意軟體MixShell網釣鎖定美國供應鏈製造商 https://www.ithome.com.tw/news/170950 Google發布聲明，駁斥Gmail資料外洩而要求25億用戶重設密碼的傳言 https://www.ithome.com.tw/news/170985 Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats https://thehackernews.com/2025/09/iranian-hackers-exploit-100-embassy.html Salesloft Drift權杖外洩事件擴大，波及部分Google Workspace帳號郵件 https://www.ithome.com.tw/news/170911 E.研究報告/工具從 CVE 漏洞探討 AI 機器人及可移動智慧載具面臨的各種資安風險 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=12176 Simple Steps for Attack Surface Reduction https://thehackernews.com/2025/08/simple-steps-for-attack-surface.html Can Your Security Stack See ChatGPT? Why Network Visibility Matters https://thehackernews.com/2025/08/can-your-security-stack-see-chatgpt-why.html When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider https://thehackernews.com/2025/09/when-browsers-become-attack-surface.html 資安鑑識工具Velociraptor遭濫用，駭客以此下載VS Code建立C2通道 https://thehackernews.com/2025/08/attackers-abuse-velociraptor-forensic.html Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling https://thehackernews.com/2025/08/attackers-abuse-velociraptor-forensic.html Shadow AI Discovery: A Critical Part of Enterprise AI Governance https://thehackernews.com/2025/09/shadow-ai-discovery-critical-part-of.html Detecting Data Leaks Before Disaster https://thehackernews.com/2025/09/detecting-data-leaks-before-disaster.html Automation Is Redefining Pentest Delivery https://thehackernews.com/2025/09/automation-is-redefining-pentest.html F.商業 AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals https://thehackernews.com/2025/07/ai-driven-trends-in-endpoint-security.html Varonis買下郵件安全業者SlashNext https://www.ithome.com.tw/news/171003 Claude Opus 4具自我防護機制，遭持續辱罵將自動結束對話 https://www.ithome.com.tw/news/170680 Anthropic開始預覽Claude for Chrome，瀏覽器AI代理人時代來臨 https://www.ithome.com.tw/news/170848 G.政府林宜敬接任數發部長，續推AI產業發展、強化資安韌性、打詐，加速數位政府建設 https://www.ithome.com.tw/news/170990 立法院三讀通過資通安全管理法修正條文，明訂公務機關不得使用危害國家的資通安全產品 https://www.cna.com.tw/news/aipl/202508290240.aspx 資安署長揭示我國最新國家資通安全發展方向，4大策略推動信賴安全的數位社會 https://www.ithome.com.tw/news/170917 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited https://thehackernews.com/2025/09/cisa-flags-tp-link-router-flaws-cve.html 5年前公開的TP-Link無線Wi-Fi訊號延伸器漏洞遭到利用 https://www.ithome.com.tw/news/170994 NIST發布輕量級加密新標準為物聯網設備築起安全防線 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=12162 美國指出TP-Link Archer C7、TL-WR841N已知漏洞遭到利用 https://securityaffairs.com/181886/hacking/u-s-cisa-adds-tp-link-archer-c7eu-and-tl-wr841n-flaws-to-its-known-exploited-vulnerabilities-catalog.html I.教育訓練資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g EC Council CASE.NET 認證準備 https://coolmandiary.blogspot.com/2025/04/ec-council-casenet.html EC Council CASE.NET(312-95)_筆記_Module1專有名詞及定義 https://coolmandiary.blogspot.com/2021/10/ec-council-casenet312-95module1.html GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po My ceh practical notes https://github.com/dhabaleshwar/CEHPractical/blob/main/Everything%20You%20Need.md CEHP課程筆記 https://hackmd.io/@nfu-johnny/B1Ju_BMPR ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 WordPress Quezon Province (MSEUF) Meetup - August 2025 2025/9/6 https://www.meetup.com/manila-wordpress-meetup/events/310247183/ 經營社群不踩雷！從資安到社群帳號風險一手包辦 2025/9/8 https://www.accupass.com/event/2508071027343708074520 Auditing GPO and OU modifications in Active Directory 2025/9/10 https://www.meetup.com/manageengine-philippines-events/events/310723298/ 【從外部到內部：AI如何重新定義資安攻防戰線】實體研討會 2025/9/10 https://www.accupass.com/event/2508060247253098836170 Click. Reset. Secure: Simplifying Identity Security for the Modern Workforce 2025/9/11 https://www.meetup.com/manageengine-philippines-events/events/310725580/ API 安全開發指南：漏洞修復與授權管理實務 2025/9/11-2025/9/12 https://www.accupass.com/event/2501021422337978365160 HITCON AI Freetalk 2025 2025/9/12 https://hitcon.kktix.cc/events/hitcon-ai-freetalk2025 MaiCoin 小學堂-進階版 2025/9/14 https://www.accupass.com/event/2506290659076526787040 ISA/IEC 62443 x CRA x 全球標準接軌：實務導入與跨域經驗啟示 2025/9/17 https://isatw.kktix.cc/events/isa-2025q3-isataiwan-meeting Taipei dbt Meetup #40 Design x Data 2025/9/17 https://www.meetup.com/taipei-dbt-meetup/events/310727110/ AI時代下，認識ISO/IEC 42001對企業人工智慧倫理的重要性 2025/9/18 https://www.accupass.com/event/2508150556471424431833 【資安課程諮詢】物聯網資訊安全實務 2025/9/19 https://www.accupass.com/event/2506270910121558046175 AI 時代下的系統分析與設計的 7 堂課（第二堂） 2025/9/19 https://mystudyway.kktix.cc/events/analysis-for-ai-2 2025年9月-iPAS 資訊安全工程師(初級)能力培訓班 2025/9/20 https://www.accupass.com/event/2505080338266282560860 ISO 27001:2022 資訊安全管理系統主導稽核員訓練課程 2025/9/22 https://www.accupass.com/event/2505190352351691427965 WordPress 彩虹小聚｜遠端工作經驗談 2025/9/23 https://www.meetup.com/taipei-wordpress/events/310762339/ MaiCoin 反詐騙講座 2025/9/24 https://www.accupass.com/event/2506290709471003672601 ONLINE 🌟 Intro to SQL for beginners 2025/9/24 https://www.meetup.com/le-wagon-tokyo-coding-station/events/310691490/ [On-Line] AWS Global Community Gatherings #11 2025/9/26 https://www.meetup.com/awsglobalcommunitygatherings/events/308856858/