資安事件新聞週報 2024/1/29 ~ 2024/2/2

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/1/29 ~ 2024/2/2 1.重大弱點漏洞/後門/Exploit/Zero Day New Windows Event Log zero-day flaw gets unofficial patches https://www.bleepingcomputer.com/news/microsoft/new-windows-event-log-zero-day-flaw-gets-unofficial-patches/ 7.7萬臺Jenkins伺服器曝露於重大RCE漏洞風險 https://socradar.io/critical-jenkins-cli-file-read-vulnerability-could-lead-to-rce-attacks-cve-2024-23897/ https://twitter.com/cyb3rops/status/1750835886051275057 https://twitter.com/Shadowserver/status/1751964510955372855 https://twitter.com/shoucccc/status/1750601321831633026 https://socradar.io/critical-jenkins-cli-file-read-vulnerability-could-lead-to-rce-attacks-cve-2024-23897/ Linux程式庫glibc弱點有可能讓攻擊者取得root權限 https://www.bleepingcomputer.com/news/security/new-linux-glibc-flaw-lets-attackers-get-root-on-major-distros/ New Linux glibc flaw lets attackers get root on major distros https://www.bleepingcomputer.com/news/security/new-linux-glibc-flaw-lets-attackers-get-root-on-major-distros/ New Glibc Flaw Grants Attackers Root Access on Major Linux Distros https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html CISA下令美國聯邦機構48小時內切斷Ivanti Connect Secure、Ivanti Policy Secure連線，清查受害情況並回報 https://www.cisa.gov/news-events/directives/supplemental-direction-v1-ed-24-01-mitigate-ivanti-connect-secure-and-ivanti-policy-secure Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities https://thehackernews.com/2024/02/warning-new-malware-emerges-in-attacks.html Ivanti針對已出現攻擊行動的零時差漏洞著手調查，SSL VPN、NAC產品線又有新漏洞 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-zero-day-exploited-in-attacks/ Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation https://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords https://thehackernews.com/2024/01/researchers-uncover-outlook.html 新漏洞近期密集揭露！影響Apple、Atlassian、VMware、Apache和Fortra系列產品 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10916 Ivanti零時差漏洞公告後已出現第2波攻擊行動，駭客用來散布Rust惡意程式 https://www.synacktiv.com/publications/krustyloader-rust-malware-linked-to-ivanti-connectsecure-compromises IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7114134?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known https://www.ibm.com/support/pages/node/7112498?myns=swgother&mynp=OCSSBQAC&mync=E&cm_sp=swgother-_-OCSSBQAC-_-E MFT檔案傳輸系統GoAnywhere存在身分驗證繞過漏洞，近800臺主機曝險 https://www.cybersecuritydive.com/news/goanywhere-unpatched-critical-CVE/705759/ https://www.fortra.com/security/advisory/fi-2024-001 https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/ https://censys.com/goanywhere-mft-vulnerabilities-are-going-nowhere-for-now/ https://www.cybersecuritydive.com/news/goanywhere-unpatched-critical-CVE/705759/ Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html 思科Unified Communications產品爆嚴重漏洞，允許駭客遠端控制系統 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10922 Cisco Unified Communications產品遠端程式碼執行漏洞 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm Juniper 近日發布針對 Junos OS 中多個弱點的安全報告 https://supportportal.juniper.net/s/article/2024-01-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-have-been-addressed?language=en_US Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html Top Security Posture Vulnerabilities Revealed https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html Microsoft fixes connection issue affecting Outlook email apps https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-connection-issue-affecting-outlook-email-apps/ 命令列工具runC存在弱點Leaky Vessels，攻擊者可用於逃逸容器並取得主機權限 https://snyk.io/blog/leaky-vessels-docker-runc-container-breakout-vulnerabilities/ GitLab發布安全性更新，修補任意寫入檔案的重大漏洞 https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/ 數款人工智慧、機器學習平臺存在嚴重漏洞 https://www.securityweek.com/critical-vulnerabilities-found-in-ai-ml-open-source-platforms/ WordPress外掛程式Better Search Replace漏洞已出現攻擊行動 https://www.bleepingcomputer.com/news/security/hackers-target-wordpress-database-plugin-active-on-1-million-sites/ 資安業者WatchGuard、Panda旗下端點防護產品存在漏洞，攻擊者可發動阻斷服務攻擊、執行任意程式碼 https://news.sophos.com/en-us/2024/01/25/multiple-vulnerabilities-discovered-in-widely-used-security-driver/ 2.銀行/金融/保險/證券/金融監理新聞及資安揭秘針對臺灣金融單位的供應鏈攻擊手法 https://research.cycraft.ai/financial-supply-chain-attack-b6798751705e 344間郵局臨櫃交易一度延遲！中華郵政：疑瞬間大量資料湧入 https://news.ltn.com.tw/news/life/breakingnews/4570249 344間郵局一早系統「卡住」！中華郵政說明原因：狀況已排除 https://www.setn.com/News.aspx?NewsID=1422195 金管會揭露今年施政重點，多項金融科技政策時程出爐 https://www.ithome.com.tw/news/161092 金管會4措施　金融服務春節不打烊 https://news.housefun.com.tw/news/article/188455410122.html 警銀聯手防金融犯罪永豐金2023年防詐金額達3.18億元 https://www.ctee.com.tw/news/20240130701542-430304 永豐金拚打擊詐騙　永豐銀去年堵詐3.18億元 https://www.mirrormedia.mg/story/20240130fin002 開放銀行推進第3階段金管會：至今未收到業者申請 https://reurl.cc/rrYE81 證券商負責人業務座談會就56項重要業務建議達成共識並重申資安零容忍 https://www.twse.com.tw/market_insights/zh/detail/ff8080818d397607018d59980557006e 玉山銀行積極拓展AI服務，打造顧客導向的AI應用 https://www.bnext.com.tw/article/78268/esunbank_ai_service? 調查：台灣八成保險業者 SaaS 平台帳密外洩，突顯影子 IT 問題 https://infosecu.technews.tw/2024/01/31/shadow-it-taiwan-insurance/ 英國最大冤案郵局系統問題致數百員工遭判詐欺日本富士通道歉 https://www.cna.com.tw/news/aopl/202401310354.aspx 巴西警方阻止金融木馬Grandoreiro運作，逮捕5名駭客 https://www.gov.br/pf/pt-br/assuntos/noticias/2024/01/pf-combate-organizacao-criminosa-que-praticava-fraudes-bancarias-eletronicas-contra-vitimas-no-exterior 惡意軟體AllaKore RAT透過金融詐欺向墨西哥散布 https://blogs.blackberry.com/en/2024/01/mexican-banks-and-cryptocurrency-platforms-targeted-with-allakore-rat Mexican Banks and Cryptocurrency Platforms Targeted With AllaKore RAT https://blogs.blackberry.com/en/2024/01/mexican-banks-and-cryptocurrency-platforms-targeted-with-allakore-rat AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html 3.信用卡/電子支付/行動支付/pay/支付系統/資安 AI正在塑造信用卡支付產業　強化資安重中之重 https://forum.ettoday.net/news/2674424 出國必看！台灣行動支付「日、韓都能用」　免跨國手續費超方便 https://travel.ettoday.net/article/2677019.htm 台韓金融支付大突破 ! TWQR登韓國當地消費「無痛付款」 https://www.ctee.com.tw/news/20240131701364-430301 首波加入韓國支付應用元大實現跨國行動支付金融體驗 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=5ea5dd69-db73-4a0b-a70e-6dc662482e36 「新北幣」行動支付推2年議員批：有錢也做不好 https://reurl.cc/QeaYyp 711 或全家能用 Apple Pay、Samsung Pay、Google Pay、LINE Pay 嗎？去便利商店真的可以帶手機就好 https://agirls.aotter.net/post/63035 行動支付鹹水雞顧客遭控「假明細」騙餐 https://reurl.cc/kronRr 行動支付比較慢？他嘆「常感應不到」網狂搖頭：一堆人拿錢數半天 https://udn.com/news/story/120912/7731491 5分鐘帶你認識行動支付背後的技術 https://vocus.cc/article/64a37079fd89780001932db2 香港八達通革新推動電子支付助力香港邁向智慧城市 https://reurl.cc/orY8nM 網絡釣魚增27% 5年新高多涉銀行金融電子支付行業香港電腦保安協調中心籲防AI詐騙 https://reurl.cc/E4QV3k 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining https://thehackernews.com/2024/02/headcrab-20-goes-fileless-targeting.html ZachXBT：Ripple疑似遭到駭客攻擊導致約2.13億XRP被盜，價值約1.125億美元 https://www.panews.io/zh_hk/sqarticledetails/f6ya21xtFt.html Chris Larsen：遭攻擊的是個人賬戶執法部門已介入調查 https://www.hk01.com/article/986792?utm_source=01articlecopy&utm_medium=referral Immunefi：1月因駭客導致1.26億美元的加密貨幣損失 https://news.cnyes.com/news/id/5442745 FTX駭客抓到了！美國司法部：SIM卡劫持攻擊盜走4億美元，會償還債權人 https://www.blocktempo.com/us-doj-caught-the-ftx-hacker-three-people-stole-400m-through-sim-swapping-hack/ 比特幣價格會跌到3萬美元嗎？今年升百倍加密貨幣有哪些 https://news.cnyes.com/news/id/5437196 PeckShield：2023年加密領域發生600多次重大駭客攻擊，造成約26.1億美元的損失 https://news.cnyes.com/news/id/5439039 PeckShield：2023 年加密貨幣安全與復原的進展 https://portalcripto.com.br/zh-TW/2023-%E5%B9%B4%EF%BC%8Cpeckshield-%E5%9C%A8%E5%8A%A0%E5%AF%86%E8%B3%87%E7%94%A2%E7%9A%84%E5%AE%89%E5%85%A8%E5%92%8C%E5%BE%A9%E5%8E%9F%E6%96%B9%E9%9D%A2%E5%8F%96%E5%BE%97%E9%80%B2%E5%B1%95/ 好萊塢想拍「12萬枚比特幣竊案」刺激大片！一切從鴛鴦大盜駭入Bitfinex交易所開始 https://www.blocktempo.com/amazon-is-making-a-film-on-the-bitfinex-theft-of-120000-bitcoins/ Dmail公佈Season1空投細節：1月30日開始共空投750萬枚DAMIL，佔總供應量的3.75% https://www.panewslab.com/zh_hk/sqarticledetails/szixdjs5Ft.html 6枚Beanz和2枚Azuki Elementals被駭客盜取 https://news.cnyes.com/news/id/5440610 1.6億枚CRV拋壓！Curve創辦人鎖倉協議2/1到期，OTC買家已大賺20％ https://www.blocktempo.com/160-million-crv-will-be-unlocked-on-february-1/ PeckShield：DeFi協定MIM_Spell遭駭客攻擊，損失約649萬美元 https://www.panewslab.com/zh_hk/sqarticledetails/41ilpp2jFt.html 全球供應鏈面臨區塊化之挑戰 https://www.trademag.org.tw/page/newsid1/?id=7895391&iz=6 以太坊早期顧問：以太坊基金會曾參與2016年Gatecoin駭客事件 https://news.cnyes.com/news/id/5440918 德國警方扣押5萬枚BTC創歷史紀錄！比特幣OG上繳21億鎂盜版網站非法收入 https://www.blocktempo.com/german-police-seize-50000-btc/ Abracadabra 遭攻擊損失 650 萬美元，團隊：用戶資產不受影響 https://abmedia.io/abracadabra-was-attacked-and-lost-6500-thousand 加密貨幣挾持攻擊Commando Cat鎖定曝露的Dokcer API下手 https://www.cadosecurity.com/the-nine-lives-of-commando-cat-analysing-a-novel-malware-campaign-targeting-docker/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 去年第四季只有29%的勒索軟體受害者支付贖金，創下歷史新低 https://www.ithome.com.tw/news/161081 俄羅斯駭客組織Shuckworm攻擊烏克蘭軍方，利用PowerShell後門程式進行滲透 https://www.securonix.com/blog/security-advisory-steadyursa-attack-campaign-targets-ukraine-military/ Redis伺服器遭無檔案惡意軟體HeadCrab 2.0鎖定，將其用於挖礦 https://blog.aquasec.com/headcrab-2.0-evolving-threat-in-redis-malware-landscape 殭屍網路FritzFrog利用Log4Shell及PwnKit漏洞散布惡意程式 https://www.akamai.com/blog/security-research/fritzfrog-botnet-new-capabilities-log4shell 惡意軟體DarkGate透過微軟協作平臺Teams群組散布 https://cybersecurity.att.com/blogs/security-essentials/darkgate-malware-delivered-via-microsoft-teams-detection-and-response GitHub、Vimeo等雲端服務平臺遭到濫用，被拿來散布USB惡意程式 http://www.mandiant.com/resources/blog/unc4990-evolution-usb-malware 針對去年9月發生的勒索軟體攻擊，Johnson Controls估計損失2,700萬美元 https://www.bleepingcomputer.com/news/security/johnson-controls-says-ransomware-attack-cost-27-million-data-stolen/ 勒索軟體Faust透過程式碼儲存庫Gitea進行散布 https://www.fortinet.com/blog/threat-research/phobos-ransomware-variant-launches-attack-faust 勒索軟體「變臉」鎖定美國及歐洲的醫療、製造業而來 https://unit42.paloaltonetworks.com/bianlian-ransomware-group-threat-assessment/ 英國警告人工智慧在未來2年恐讓勒索軟體威脅加劇 https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat 竊資軟體WhiteSnake透過惡意PyPI套件散布 https://www.fortinet.com/blog/threat-research/info-stealing-packages-hidden-in-pypi 以Java打造的竊資軟體Ns-stealer透過破解軟體散布，並以Discord機器人外流竊得資料 https://www.trellix.com/about/newsroom/stories/research/java-based-sophisticated-stealer-using-discord-bot-as-eventlistener/ 英國化妝品業者Lush證實遭到網路攻擊，疑為勒索軟體駭客組織Akira所為 https://www.computerweekly.com/news/366567932/Akira-ransomware-gang-claims-Lush-cyber-attack https://www.theregister.com/2024/01/26/akira_lush_ransomware/ Go語言惡意程式CherryLoader偽裝成筆記應用程式散布 https://arcticwolf.com/resources/blog/cherryloader-a-new-go-based-loader-discovered-in-recent-intrusions/ China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html Malicious ads for restricted messaging applications target Chinese users https://www.malwarebytes.com/blog/threat-intelligence/2024/01/malicious-ads-for-restricted-messaging-applications-target-chinese-users Stately Taurus Targets Myanmar Amidst Concerns over Military Junta’s Handling of Rebel Attacks https://csirt-cti.net/2024/01/23/stately-taurus-targets-myanmar/ The Endless Struggle Against APT10: Insights from LODEINFO https://blog-en.itochuci.co.jp/entry/2024/01/24/134100 Ransomware Roundup - Albabat https://www.fortinet.com/blog/threat-research/ransomware-roundup-albabat New Go-based Malware Loader Discovered https://arcticwolf.com/resources/blog/cherryloader-a-new-go-based-loader-discovered-in-recent-intrusions/ Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration https://cyble.com/blog/uncovering-atomic-stealer-amos-strikes-and-the-rise-of-dead-cookies-restoration/ Another Phobos Ransomware Variant Launches Attack https://www.fortinet.com/blog/threat-research/phobos-ransomware-variant-launches-attack-faust Info Stealing Packages Hidden in PyPI https://www.fortinet.com/blog/threat-research/info-stealing-packages-hidden-in-pypi CrackedCantil: Malware Work Together https://any.run/cybersecurity-blog/crackedcantil-breakdown/ The Bear and The Shell: New Campaign Against Russian Opposition https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition File_Hash https://otx.alienvault.com/pulse/657090dfeb2b51b7a0a0f5b7 Trigona Ransomware Threat Actor Uses Mimic Ransomware https://asec.ahnlab.com/en/61000/ VajraSpy: A Patchwork of espionage apps https://www.welivesecurity.com/en/eset-research/vajraspy-patchwork-espionage-apps/ Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree https://thehackernews.com/2024/01/russian-trickbot-mastermind-gets-5-year.html SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks https://thehackernews.com/2024/01/systembc-malwares-c2-server-analysis.html Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware https://thehackernews.com/2024/01/italian-businesses-hit-by-weaponized.html Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs https://thehackernews.com/2024/02/interpol-arrests-31-in-global-operation.html FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network https://thehackernews.com/2024/02/fritzfrog-returns-with-log4shell-and.html PurpleFox malware infects thousands of computers in Ukraine https://www.bleepingcomputer.com/news/security/purplefox-malware-infects-thousands-of-computers-in-ukraine/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Malicious Ads on Google Target Chinese Users with Fake Messaging Apps https://thehackernews.com/2024/01/malicious-ads-on-google-target-chinese.html CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability https://thehackernews.com/2024/02/cisa-warns-of-active-exploitation-of.html 加LINE好友要小心!掃QRcode加好友有陷阱資安專家: 恐洩個資 https://www.youtube.com/watch?v=M_s6BSff22I iPhone被偷多一層防護！iOS 17.3推「遭竊裝置防護」，更新後新功能一次看 https://www.bnext.com.tw/article/78304/iphone-ios-173 中華電信「放心接」NMS隱碼服務提供企業安全通訊平台建構客戶端資料安全防線 https://www.cht.com.tw/zh-tw/home/cht/messages/2024/0202-1640 蘋果Vision Pro發售前夕竟遭駭客盯上！官方緊急修復安全漏洞 https://3c.ltn.com.tw/news/56867 混合實境裝置Vision Pro上市在即，蘋果為其修補WebKit零時差漏洞 https://support.apple.com/HT214070 他點這款「LINE新貼圖」嚇到路邊大叫！網氣炸「一定封鎖」教你關閉方法 https://tech.udn.com/tech/story/123154/7742405 More Android apps riddled with malware spotted on Google Play https://www.bleepingcomputer.com/news/security/more-android-apps-riddled-with-malware-spotted-on-google-play/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力馬斯克：第一位將 Neuralink 電腦植入大腦的病人已經完成手術 https://technews.tw/2024/01/30/first-neuralink-brain-implant/ 資安長角色轉變中從技術主管變成重要決策者 https://www.technice.com.tw/techmanage/infosecurity/94364/ GKE錯誤配置恐讓攻擊者接管K8s叢集、存取敏感資訊 https://www.ithome.com.tw/news/161050 https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/ https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2024-003 71%組織經歷SaaS資安事件 SEC祭新法規成資安長一大挑戰 https://www.technice.com.tw/techmanage/infosecurity/94655/ 美國政府要求AI業者提供安全測試報告 https://www.whitehouse.gov/briefing-room/statements-releases/2024/01/29/fact-sheet-biden-harris-administration-announces-key-ai-actions-following-president-bidens-landmark-executive-order/ 加拿大外交部傳出遭到網路攻擊，關閉部分資訊系統因應 https://www.theglobeandmail.com/politics/article-global-affairs-hit-by-cyberattack-shuts-down-computer-systems-to-fix/ 美已破壞北京殭屍網絡，FBI 示警：駭客意圖造成重大傷害 https://www.inside.com.tw/article/34094-fbi-director-china-wray 網攻猖獗資安人員易陷警報疲勞 https://reurl.cc/4jNLXj 不只微軟！「午夜暴雪」在23年5月已滲透HPE 電子郵件系統 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10921 針對11月遭到俄羅斯駭客組織APT29入侵高階主管電子郵件信箱的事故，微軟揭露更多細節 https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/ 研究人員揭露ApateWeb攻擊行動，駭客企圖散布恐嚇程式、PUP程式 https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign/ 烏克蘭能源、交通、郵政機構連續遭遇俄羅斯的網路攻擊，導致服務受到衝擊 https://therecord.media/ukraine-cyberattacks-energy-postal-transportation 俄羅斯研究中心遭到烏克蘭駭客攻擊，破壞2 PB資料 https://securityaffairs.com/158214/hacktivism/ukraines-ministry-of-defense-hit-russian-recent-center.html 中國公安部長：中美禁毒合作工作組正式啟動 https://tw.nextapple.com/international/20240131/EF9623F9937A01F2DE44FADE10622426 超強後門！中國APT攻擊者「黑木」已潛伏５年以上 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10923 NSPX30: A sophisticated AitM-enabled implant evolving since 2005 https://www.welivesecurity.com/en/eset-research/nspx30-sophisticated-aitm-enabled-implant-evolving-since-2005/ ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk/ 中國駭客組織Mustang Panda鎖定緬甸國防部、外交部，部署後門程式PlugX https://csirt-cti.net/2024/01/23/stately-taurus-targets-myanmar/ 中共潛藏的木馬各國安全大患 https://ec.ltn.com.tw/article/breakingnews/4569022 韓企半導體技術外洩中國兄弟檔接手非法出口設備 https://www.rti.org.tw/news/view/id/2194420 加拿大驅逐中國女子涉參與僑辦間諜活動 https://reurl.cc/13OK0Y 憂心恐遭竊情資.智財! 中國留學生激發美國安意識多名學生入美遭拒 https://www.youtube.com/watch?v=idSLmdoPFMY 美國CIA最大洩密案！前美中情局雇員洩露駭客工具　被重判40年 https://today.line.me/tw/v2/article/Opz8Y6y 美更新中共軍企名單長江存儲入列 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1649894 涉走私美製電子零件給伊朗美國起訴4名中國人 https://reurl.cc/G4Nngy 他山之石美國痛擊中共網攻 https://talk.ltn.com.tw/amp/article/paper/1629055 美國FBI局長將赴眾院作證指大陸駭客正鎖定美基礎設施 https://udn.com/news/story/6809/7746680 美國FBI局長國會作證指控中國黑客瞄準美國基礎設施中國此前駁斥散布“虛假信息” https://reurl.cc/eLkMpK 憂北京侵台時妨礙美軍戰備行動　美癱瘓中國駭客網絡 https://today.line.me/tw/v2/article/Za9gYZ7 路透：美國反擊中國駭客遠端破壞網路設備 https://www.rti.org.tw/news/view/id/2194412 中國駭客行動遭揭露後竟變本加厲美國已遠端阻撓 https://reurl.cc/09WKQb 中國駭客以殭屍網路攻擊基礎設施、危及印太軍事行動美國展開大反攻 https://www.taiwannews.com.tw/ch/news/5087342 路透社：華府成功癱瘓中國黑客Volt Typhoon　阻止網絡攻擊 https://www.hk01.com/article/986054?utm_source=01articlecopy&utm_medium=referral https://www.justice.gov/opa/pr/us-government-disrupts-botnet-peoples-republic-china-used-conceal-hacking-critical https://www.cisa.gov/news-events/news/opening-statement-cisa-director-jen-easterly https://www.cisa.gov/resources-tools/resources/secure-design-alert-security-design-improvements-soho-device-manufacturers Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign https://thehackernews.com/2024/02/exposed-docker-apis-under-attack-in.html U.S. Feds Shut Down China-Linked "KV-Botnet" Targeting SOHO Routers https://thehackernews.com/2024/02/us-feds-shut-down-china-linked-kv.html Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs https://thehackernews.com/2024/01/microsoft-warns-of-widening-apt29.html Scaly Wolf uses White Snake stealer against Russian industry https://bi.zone/expertise/blog/scaly-wolf-primenyaet-stiler-white-snake-protiv-rossiyskoy-promyshlennosti/ Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents https://thehackernews.com/2024/02/former-cia-engineer-sentenced-to-40.html DIRTYMOE (PURPLEFOX) affected more than 2000 computers in Ukraine https://cert.gov.ua/article/6277422 Interpol operation Synergia takes down 1,300 servers used for cybercrime https://www.bleepingcomputer.com/news/legal/interpol-operation-synergia-takes-down-1-300-servers-used-for-cybercrime/#google_vignette 教育處(教育網路中心)-113年度教育網路中心基礎維運計畫專任資安助理 https://www.klcg.gov.tw/tw/klcg1/3209-282102.html 資安管理專員 https://job.taiwanjobs.gov.tw/internet/index/jobDetail.aspx?R2=15&EMPLOYER_ID=66025&HIRE_ID=12516807 【資安所】行政工讀生 https://www.104.com.tw/job/87yyd?jobsource=cmw_redirect 【資安所】計畫管理師 https://www.104.com.tw/job/86ovc?jobsource=cmw_redirect 【資安所】資安測試工讀生 https://www.104.com.tw/job/87yyc?jobsource=cmw_redirect 【資安所】專案管理師 https://www.104.com.tw/job/82axt?jobsource=cmw_redirect 【資安所】數位信任分析師 https://www.104.com.tw/job/85ja4?jobsource=cmw_redirect 【資安所】資安系統測試工程師 https://www.104.com.tw/job/86s56?jobsource=cmw_redirect 資安滲透工程師-ACSI https://www.linkedin.com/jobs/view/%E8%B3%87%E5%AE%89%E6%BB%B2%E9%80%8F%E5%B7%A5%E7%A8%8B%E5%B8%AB-acsi-at-acer-3816356780/?originalSubdomain=tw AB21460 2024校園徵才-資安分析師 https://www.linkedin.com/jobs/view/ab21460-2024%E6%A0%A1%E5%9C%92%E5%BE%B5%E6%89%8D-%E8%B3%87%E5%AE%89%E5%88%86%E6%9E%90%E5%B8%AB-at-asus-3816706546/?originalSubdomain=tw 【台北】資安技術人員/資安服務工程師(總公司)－日系知名保險公司 https://www.reeracoen.tw/zh-tw/jobs/17560 端點開發工程師-1XU12R https://www.104.com.tw/job/7wovv 資深資安工程師 (台北) https://glints.com/tw/en/opportunities/jobs/%E8%B3%87%E6%B7%B1%E8%B3%87%E5%AE%89%E5%B7%A5%E7%A8%8B%E5%B8%AB-%E5%8F%B0%E5%8C%97/fa3ef458-dcf8-41d6-a190-d3c3d5d2bdc6 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 NSA Admits Secretly Buying Your Internet Browsing Data without Warrants https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs https://thehackernews.com/2024/02/cloudflare-breach-nation-state-hackers.html 義大利資料保護機構指責OpenAI的ChatGPT違反資料保護規定 https://reurl.cc/g4YRv7 Windows 更新後不問自取 ?! Edge 被指擅自匯入其他瀏覽器資料 https://reurl.cc/K498je TikTok未實現資安承諾　仍分享美國使用者數據給中國母公司 https://today.line.me/tw/v2/article/Qw7Mqze 防詐騙！酷澎攜中華電信導入物流隱碼技術 https://news.cnyes.com/news/id/5444601 Coupang 酷澎與中華電信合作物流隱碼保護消費者隱私 https://money.udn.com/money/story/5612/7751036?from=edn_newest_index HKCERT發表年度資訊保安資料及預測新一代釣魚攻擊真偽難辨駭客挪用人工智慧犯案將成新趨勢 https://www.bo6s.com.tw/news_detail.php?NewsID=77182 情色照GG？社群平台X要弄內容審核中心百名人力過濾不當內容 https://tech.udn.com/tech/story/123154/7741896?from=udn-indexnewnews_ch1024 2024年最高危密碼私隱專家警告千萬別再用 https://today.line.me/hk/v2/article/0MRMG1G 名人群組邀投資？小心血本無歸！「假投資」詐騙金額連3年居冠 https://wealth.businessweekly.com.tw/GArticle.aspx?id=ARTL010403710 資料盜竊是什麼，又要如何避免資料遺失 https://nordvpn.com/zh-tw/blog/ziliao-daoqie/ 印度電信商被駭客入侵，達 7.5 億用戶個人資訊外洩 https://infosecu.technews.tw/2024/01/31/personal-information-of-750-million-indian-telecom-users-hacked/ FTC orders Blackbaud to boost security after massive data breach https://www.bleepingcomputer.com/news/security/ftc-orders-blackbaud-to-boost-security-after-massive-data-breach/ Cloudflare證實內部的Atlassian伺服器去年11月遭國家級駭客入侵 https://blog.cloudflare.com/thanksgiving-2023-security-incident Cloudflare hacked using auth tokens stolen in Okta attack https://www.bleepingcomputer.com/news/security/cloudflare-hacked-using-auth-tokens-stolen-in-okta-attack/ 賓士員工GitHub的Token不慎公開，恐導致其原始碼外流 https://redhuntlabs.com/blog/mercedes-benz-source-code-at-risk-github-token-mishap-sparks-major-security-concerns/ 數百組網路操作員的帳密資料流入暗網 https://www.resecurity.com/blog/article/hundreds-of-network-operators-credentials-found-circulating-in-dark-web 美國針對IT技術支援詐騙提出警告，駭客透過快遞收取受害者的錢財 https://www.ic3.gov/Media/Y2024/PSA240129 美國國家安全局坦承暗中購買民眾上網記錄 https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html 人工智慧新創Anthropic證實資料外洩，起因是第三方供應商遭駭 https://www.ithome.com.tw/news/161054 https://windowsreport.com/anthropics-data-breach-letter/ https://venturebeat.com/ai/anthropic-confirms-it-suffered-a-data-leak/ 針對資料外洩事故，基因檢驗業者23andMe證實駭客竊取相關資料長達半年而未曾察覺 https://www.bleepingcomputer.com/news/security/23andme-data-breach-hackers-stole-raw-genotype-data-health-reports/ E.研究報告/工具你說這資安漏洞怎麼管──企業有 80% 資料四散在 email、傳送檔案等 https://buzzorange.com/techorange/2024/01/31/sailpoint-2024-unified-identity-security-strategy/ 關於國安駭客三兩事(一) https://vocus.cc/article/65b95e85fd897800015b8616 關於國安駭客三兩事(二) https://vocus.cc/article/65b96897fd897800015b9e48 關於國安駭客三兩事(三) https://vocus.cc/article/65b9763efd897800015bbe54 Compromised routers are still being exploited as malicious infrastructure to target government organizations in Europe and the Caucasus https://harfanglab.io/en/insidethelab/compromised-routers-infrastructure-target-europe-caucasus/ https://raw.githubusercontent.com/HarfangLab/iocs/main/TRR240101/trr240101_yara.ya Perfecting the Defense-in-Depth Strategy with Automation https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations https://thehackernews.com/2024/01/italian-data-protection-watchdog.html The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules https://thehackernews.com/2024/01/the-sec-wont-let-cisos-be-understanding.html Why the Right Metrics Matter When it Comes to Vulnerability Management https://thehackernews.com/2024/02/why-right-metrics-matter-when-it-comes.html RunC Flaws Enable Container Escapes, Granting Attackers Host Access https://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security https://thehackernews.com/2024/02/cloudzy-elevates-cybersecurity.html F.商業中華資安國際資安再獲殊榮連續五年資安廠商評鑑五A最高評價 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10914 中華電信公布2023年第四季營運成果暨全年營運成果 https://reurl.cc/bDmW6E Palo Alto Networks：現行資安機制不能只應對以謀取金錢為主的攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10915 HPE Aruba Networking: 網路的任務不是連接任何東西，而是成為安全原則的執行層 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10919 企業為何必須重新制訂2024年的身份安全策略 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10918 Microsoft Purview 利用 AI 功能保護及管理所有資料的最新功能 https://news.microsoft.com/zh-tw/features/microsoft-purview-3/ 趨勢科技Trend Vision One資安平台獲Gartner報告防護能力肯定 https://www.ctimes.com.tw/DispNews-tw.asp?O=HK81U8ND7FYSAA00NC 中菲行正式通過 ISO27001:2022 的轉版認證 https://www.sinotrade.com.tw/richclub/news/65b7934207900a8711ef0f93 駭客續用勒索軟體　瞄準政府、醫療、製造業三大進攻標的 https://finance.ettoday.net/news/2675455 Pure Storage結合Veeam　聯手演繹現代化資料保護典範 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=13&id=684379 新加坡資安龍頭ABPGroup集團正式成立台灣資安代理公司── 安普新科技（ABPSecurite），逐步實現東協暨台灣網路安全佈局計劃 https://www.bnext.com.tw/article/78293/abp2024.0 G.政府新樓醫院與臺南市調處齊心防駭　攜手聯防資安攻擊 https://news.owlting.com/articles/310505 詐騙猖獗立委籲增科技偵查量能、對平台課責 https://news.ipcf.org.tw/112115 數位皮夾明年推出，擬整合行動自然人憑證健保卡 https://infosecu.technews.tw/2024/01/30/digital-wallet-next-year/ 國軍113年春節連續假期通電資整備注意事項 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1649587 面對網路數位風險政府與人民應有的作為 https://www.businesstoday.com.tw/article/category/183015/post/202401260026/ 台灣成功自製量子電腦！「量子國家隊」打勝仗，台灣成為極少數能自主研發的國家 https://www.storm.mg/lifestyle/5004818 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 OT資安實例：大型工業控制設備聯網的網路威脅及解方 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10913 TXOne Networks報告指出：勒索軟體即服務、供應鏈攻擊與地緣政治問題讓全球產業OT／ICS資訊安全日益複雜 http://www.compotechasia.com/a/press/2024/0131/56738.html TXOne Networks 統計勒索病毒攻台日製造業比重達77% https://money.udn.com/money/amp/story/5613/7746345 施耐德電機近日遭 Cactus 勒索軟體攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10924 調查：RaaS、供應鏈攻擊與地緣政治讓產業 OT／ICS 資安複雜化 https://infosecu.technews.tw/2024/01/31/txone-networks-raas-ot-ics/ 中國針對特斯拉禁令再度擴大，將 Tesla 的網路與哨兵系統視同間諜不得入政府機構場所 https://www.techbang.com/posts/112792-chinas-ban-has-been-extended-again-and-spies-and-teslas-are 美商務部長警告：中國製電動車存重大國安風險 https://reurl.cc/yYARMq Westermo工控交換器存在漏洞，有可能被用於竄改設備組態 https://www.securityweek.com/westermo-switch-vulnerabilities-can-facilitate-attacks-on-industrial-organizations/ 首屆汽車漏洞挖掘競賽Pwn2Own Automotive結果出爐，找出49個漏洞、發出130萬美元獎金 https://www.zerodayinitiative.com/blog/2024/1/25/pwn2own-automotive-2024-day-three-results https://www.zerodayinitiative.com/blog/2024/1/24/pwn2own-automotive-2024-day-one-results https://www.zerodayinitiative.com/blog/2024/1/24/pwn2own-automotive-2024-day-two-results https://www.zerodayinitiative.com/blog/2024/1/25/pwn2own-automotive-2024-day-three-results I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 6.近期資安活動及研討會 LearnWeb Taiwan Meetup #18 如何成為一名魔法師：ChatGPT 的魔咒學與黑魔法防禦術 2024/2/3 https://learnweb-taiwan.kktix.cc/events/learnweb-meetup-18 第七屆《Hit AI & Blockchain》人工智慧暨區塊鏈產業高峰會 2024/2/6 https://www.accupass.com/event/2311160625102022535520 【安碁學苑】IPAS 資訊安全工程師中級證照培訓班 2024/2/20 ~ 2024/7/15 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-1 資安五四三 2024/2/21 https://csa.kktix.cc/events/202402-543 2024 Duet AI for Google Cloud 全新攻略看這邊！手刀報名 2/21 Duet AI 線上研討會 2024/2/21 https://www.accupass.com/event/2401171309569808607700 2024資安365年會 2024/2/22 https://www.informationsecurity.com.tw/seminar/2024_TPinfosecurity365/register.aspx 『數位信任』暨『防詐產業』交流會 2024/2/22 https://www.accupass.com/event/2401190530421788718610 Google Cloud 資安攻略｜Cloud Armor 搭配負載平衡打造資安防護網 2024/2/23 https://www.accupass.com/event/2401150346098763080290 【安碁學苑】IPAS 資訊安全工程師中級證照培訓班 2024/2/20-2024/2/3/5 https://www.accupass.com/event/2312151022301066488466 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://buzzorange.com/techorange/forum/2024h1-cybersecurity-combat-exercise/ 資安事件調查與實務分析 2024/3/6（三） https://docs.google.com/forms/d/1bO_IhZ9gxZ-nFNGVva7ZfRWyX5B3n-sKEdW6nkPtj50/edit .NET / Java 安全程式開發達人集訓班（高雄場） 2024/3/6 ~ 2024/3/8 https://www.accupass.com/event/2401100307112987621850 【安碁學苑】資安技術人才培育｜實戰培訓首發班 2024/3/11 ~ 2024/3/29 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-2 DEVCORE CONFERENCE 2024 2024/3/16 https://devcore.kktix.cc/events/devcoreconf2024 【企業資安講堂】資安教育免費線上課程 2024/3/19 ~ 2024/11/19 https://acercsi.kktix.cc/events/2024csr 黑客視角：網站漏洞挖掘與防禦 2024/3/20 https://docs.google.com/forms/d/1OGcXzbo2vG9_DU5oQ9DCAF2zWJtewqrd4OM28zdatw4/edit 社團法人台灣駭客協會 113 年度會員春酒 2024/3/27 https://hitcon.kktix.cc/events/hit-banquet-113 中區(實體)--校園資安作業與外部審查實務 2024/4/8 https://tp2rc.tanet.edu.tw/node/790 AI應用系統開發與生成式AI應用人才培訓班第一梯次 2024/6/27 ~ 2024/8/9 https://www.accupass.com/event/2401100729511706489107