###### tags: `資安事件新聞週報` # 資安事件新聞週報 2025/3/31 ~ 2025/4/4 1.重大弱點漏洞/後門/Exploit/Zero Day Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign https://thehackernews.com/2025/04/nearly-24000-ips-target-pan-os.html Fortinet FortiSwitchManager https://nvd.nist.gov/vuln/detail/CVE-2023-25610 Fortinet FortiMail https://nvd.nist.gov/vuln/detail/CVE-2021-26091 IBM Security QRadar Analyst Workflow for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities https://www.ibm.com/support/pages/node/7230024 Mozilla Patches Critical Firefox Bug Similar to Chrome's Recent Zero-Day Vulnerability https://thehackernews.com/2025/03/mozilla-patches-critical-firefox-bug.html 5 Impactful AWS Vulnerabilities You're Responsible For https://thehackernews.com/2025/03/5-impactful-aws-vulnerabilities-youre.html Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp https://thehackernews.com/2025/03/russian-hackers-exploit-cve-2025-26633.html Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent https://thehackernews.com/2025/04/google-patches-quick-share.html Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse https://thehackernews.com/2025/04/google-fixed-cloud-run-vulnerability.html Ivanti修補Connect Secure已遭中國駭客利用的零時差漏洞 https://www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/ Apache基金會修補Parquet危險層級達到10分的重大層級漏洞 https://www.bleepingcomputer.com/news/security/max-severity-rce-flaw-discovered-in-widely-used-apache-parquet/ Canon印表機存在重大層級漏洞，攻擊者有機會用以執行任意程式碼 https://www.ithome.com.tw/news/168218 網路作業系統VyOS存在中間人攻擊漏洞，以Debain為基礎的作業系統也可能曝險 https://securityonline.info/vyos-and-debian-systems-vulnerable-to-man-in-the-middle-attacks-cve-2025-30095/ 微軟揭露開機程式GRUB2、U-Boot、Barebox高風險資安漏洞 https://www.bleepingcomputer.com/news/security/microsoft-uses-ai-to-find-flaws-in-grub2-u-boot-barebox-bootloaders/ Ubuntu出現可繞過內建防護機制的弱點，若與核心元件漏洞串連將造成重大危害 https://ithome.com.tw/news/168165 Linux與嵌入式系統用戶注意！三大系統開機載入器記憶體緩衝區溢位漏洞 https://www.ithome.com.tw/news/168210 2.銀行/金融/保險/證券/金融監理 新聞及資安 FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites https://thehackernews.com/2025/04/fin7-deploys-anubis-backdoor-to-hijack.html 安卓金融木馬Crocodilus鎖定西班牙及土耳其而來 https://thehackernews.com/2025/03/new-android-trojan-crocodilus-abuses.html 新光金控資安保證 通過 ISO/IEC 27001：2022國際驗證 https://money.udn.com/money/story/5613/8646792 元富證券榮獲F-ISAC特優殊榮 展現資安治理實力 https://udn.com/news/story/7251/8638887 3.信用卡/電子支付/行動支付/pay/支付系統/資安 Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign https://thehackernews.com/2025/04/legacy-stripe-api-exploited-to-validate.html 「TWQR 乘車碼」正式啟動 手機就是車票 https://udn.com/news/story/7239/8628789 歐付寶電子支付開放獨資戶註冊申請電子發票 攜手小微商戶邁向數位化 https://money.udn.com/money/story/5635/8644330 美國紙本支票9/30前將停用 社安金改電子支付 https://www.worldjournal.com/wj/story/121172/8648293 聯卡中心四大策略 啟動六都以外縣市合作計畫推電子支付 https://money.udn.com/money/story/5613/8622325?from=edn_newest_index 日韓電子支付有哪些？全支付、街口支付、一卡通回饋一次看 https://reurl.cc/K8QLX9 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign https://thehackernews.com/2025/04/over-1500-postgresql-servers.html 逾1500臺PostgreSQL伺服器遭到鎖定，駭客發動無檔案挖礦攻擊 https://thehackernews.com/2025/04/over-1500-postgresql-servers.html USDC穩定幣開發商Circle申請IPO https://www.ithome.com.tw/news/168216 加密貨幣成詐騙溫床？沈雲驄：小額分散投資，降低風險 https://reurl.cc/XAVNjE 揭秘北韓駭客如何竊取數十億美元加密貨幣以維持該國政權運轉 https://reurl.cc/W01MrO 黃珊珊版加密貨幣專法與現行草案比較：專責機構、KOL 納管、沙盒接軌成亮點 https://abmedia.io/huang-shan-shan-crypto-draft-comparison 美國將這三種加密貨幣當作國家戰略儲備，絕對不是巧合 https://hao.cnyes.com/post/143087 加密貨幣持有者大調查：5,500 萬美國人的數位資產圖譜，誰在使用加密貨幣 https://blockcast.it/2025/04/03/annual-report-on-cryptocurrency-holders-in-the-united-states-of-america/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 駭客假借稅務為由，透過PDF和QR Code散布惡意軟體 https://thehackernews.com/2025/04/microsoft-warns-of-tax-themed-email.html Russian Influence Operations Target German Elections https://go.recordedfuture.com/hubfs/reports/ta-ru-2025-0213.pdf WordPress外掛程式資料夾成網路攻擊溫床！網站被植入惡意程式及垃圾內容 https://www.ithome.com.tw/news/168179 NPM老套件久未維護成攻擊破口，淪為資訊竊取惡意工具 https://www.ithome.com.tw/news/168221 惡意軟體Shelby鎖定中東而來，透過GitHub接收命令、外傳竊得資料 https://securityonline.info/shelby-malware-abuses-github-for-control-and-data-theft/ 惡意軟體載入工具KoiLoader透過LNK檔案散布，藉由PowerShell傳遞竊資軟體 https://securityonline.info/koiloader-reloaded-new-variant-uses-lnk-abuse-script-chains-and-powershell-to-deliver-stealer-payload/ 俄羅斯駭客Gamaredon以軍事行動為誘餌，對烏克蘭散布Remcos RAT https://thehackernews.com/2025/03/russia-linked-gamaredon-uses-troop.html 惡意程式CoffeeLoader冒充華碩電腦整合設定軟體，該工具用GPU執行程式碼而逃過資安偵測 https://ithome.com.tw/news/168156 CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection https://thehackernews.com/2025/03/coffeeloader-uses-gpu-based-armoury.html 駭客利用假通訊軟體向台灣用戶發動PJobRAT惡意軟體攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11772 安卓惡意軟體PJobRAT鎖定臺灣使用者而來，假借聊天App散布 https://www.ithome.com.tw/news/168166 PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps https://thehackernews.com/2025/03/pjobrat-malware-campaign-targeted.html APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware https://thehackernews.com/2025/03/apt36-spoofs-india-post-website-to.html BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability https://thehackernews.com/2025/03/blacklock-ransomware-exposed-after.html Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine https://thehackernews.com/2025/03/russia-linked-gamaredon-uses-troop.html 惡意軟體Resurge鎖定Ivanti的SSL VPN漏洞而來 https://www.ithome.com.tw/news/168184 惡意軟體Resurge利用Ivanti的SSL VPN漏洞入侵伺服器 https://thehackernews.com/2025/03/resurge-malware-exploits-ivanti-flaw.html RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features https://thehackernews.com/2025/03/resurge-malware-exploits-ivanti-flaw.html Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks https://thehackernews.com/2025/03/hackers-repurpose-ransomhubs.html Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers https://thehackernews.com/2025/04/outlaw-group-uses-ssh-brute-force-to.html New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth https://thehackernews.com/2025/04/new-malware-loaders-use-call-stack.html Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices https://thehackernews.com/2025/04/triada-malware-preloaded-on-counterfeit.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 蘋果修補舊版iOS、iPadOS、macOS三個零時差漏洞 https://www.ithome.com.tw/news/168229 New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials https://thehackernews.com/2025/03/new-android-trojan-crocodilus-abuses.html Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices https://thehackernews.com/2025/04/apple-backports-critical-fixes-for-3.html Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices https://thehackernews.com/2025/04/apple-fined-150-million-by-french.html Google推動安全機制前移，Android程式碼撰寫階段即啟動政策違規提醒 https://www.ithome.com.tw/news/168168 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 鋼鐵廠盛餘遭到網路攻擊 https://mopsov.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=210922&SPOKE_DATE=20250330&COMPANY_ID=2029 接連攻擊臺灣醫院企業的CrazyHunter現形，主嫌身分為20歲中國籍羅姓駭客 https://www.ithome.com.tw/news/168224 CrazyHunter勒索攻擊規模擴大，振曜、沛亨、東荃同時遭攻擊，駭客一次攻擊鎖定同集團的3家公司 https://www.ithome.com.tw/news/168167 振曜科技網站首頁遭置換，駭客恐嚇已竊取3家公司資料 https://www.ithome.com.tw/news/168172 針對發生在3月份的GitHub供應鏈攻擊事故，研究人員揭露是鎖定Coinbase而來 https://www.bleepingcomputer.com/news/security/recent-github-supply-chain-attack-traced-to-leaked-spotbugs-token/ 精誠資訊遭駭客勒索攻擊 疑似與中國駭侵組織有關 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11775 精誠收到駭客勒索信，著手釐清受影響範圍 https://mopsov.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=1&SPOKE_TIME=170209&SPOKE_DATE=20250331&COMPANY_ID=6214 駭客聲稱入侵資安業者Check Point，兜售存取管道 https://hackread.com/hacker-breach-check-point-cybersecurity-firm-access/ 伊朗駭客MuddyWater鎖定盟國伊拉克、葉門從事網路間諜活動 https://www.darkreading.com/cyberattacks-data-breaches/irans-mois-linked-apt34-spies-allies-iraq-yemen China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions https://thehackernews.com/2025/04/china-linked-earth-alux-uses-vargeit.html Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation https://thehackernews.com/2025/04/europol-dismantles-kidflix-with-72000.html D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 推特(X) 28億用戶資料疑外洩 內部員工所為 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11774 社群網站X驚傳28億用戶資料外洩 https://hackread.com/twitter-x-of-2-8-billion-data-leak-an-insider-job/ 檢查URL的網域名稱還是有可能被帶到惡意網站！網釣工具包Morphing Meerkat濫用DNS MX記錄、重開放導向漏洞 https://www.ithome.com.tw/news/168169 駭客組織Storm-1811利用微軟Teams訊息及語音網釣發動攻擊，藉由TeamViewer部署惡意軟體 https://hackread.com/microsoft-teams-vishing-deploy-malware-via-teamviewer/ 甲骨文外洩病患醫療資訊，處理方式惹議 https://www.ithome.com.tw/news/168175 Oracle旗下的醫療照護軟體供應商傳出資料外洩，美國病人資料外流 https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/ 駭客在網上公開三星德國分公司27萬筆客服資料 https://www.ithome.com.tw/news/168180 中國駭客利用網釣工具包Lucid，發送iMessage、RCS訊息對近170個企業組織下手 https://www.bleepingcomputer.com/news/security/phishing-platform-lucid-behind-wave-of-ios-android-sms-attacks/ PhaaS actor uses DoH and DNS MX to dynamically distribute phishing https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/ New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims' DNS Email Records https://thehackernews.com/2025/03/new-morphing-meerkat-phishing-kit.html E.研究報告/工具 愚人節的數位軍演 https://reurl.cc/NYREMQ 因應量子破密威脅，臺灣今年將推出PQC遷移指引，預計4月臺灣資安大會發布 https://www.ithome.com.tw/news/168238 NPM套件遭到挾持，駭客為其加入混淆的指令碼挖掘API金鑰 https://thehackernews.com/2025/03/nine-year-old-npm-packages-hijacked-to.html Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts https://thehackernews.com/2025/03/nine-year-old-npm-packages-hijacked-to.html Case Study: Are CSRF Tokens Sufficient in Preventing CSRF Attacks https://thehackernews.com/2025/04/new-case-study-global-retailer.html How SSL Misconfigurations Impact Your Attack Surface https://thehackernews.com/2025/04/how-ssl-misconfigurations-impact-your.html F.商業 F5 任命林志方為台灣區總經理 加速推動雲端資安與AI驅動應用交付 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11769 供應商與第三方零組件供應商是汽車產業中最脆弱環節 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11767 OPSWAT的MetaDefender Kiosk 如何確保礦業商不受可移動多媒體威脅 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11765 微軟Windows 365 Link準系統開賣了 https://www.ithome.com.tw/news/168251 Amazon Project Kuiper、Alphabet子公司都在策畫連網服務挑戰Starlink https://www.ithome.com.tw/news/168249 微軟Copilot Studio的AI代理開始支援深度推理，M365也增加AI研究員及AI分析師代理 https://www.ithome.com.tw/news/168223 微軟Windows 11將改版BSOD、強制登入帳號才能安裝 https://www.ithome.com.tw/news/168214 Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers https://thehackernews.com/2025/04/helping-your-clients-achieve-nist.html Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform https://thehackernews.com/2025/04/enterprise-gmail-users-can-now-send-end.html AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock https://thehackernews.com/2025/04/ai-adoption-in-enterprise-breaking.html G.政府 TWCERT/CC 公布近期攻擊台灣之駭客組織活動概況 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11771 數發部數位憑證皮夾沙盒測試即日起開放申請 https://technews.tw/2025/03/31/tw-digital-wallet/ 數位發展部：四大策略 資安業產值明年衝千億 https://money.udn.com/money/story/5612/8614322 政府資安標案驚見中國貼牌監視器　涉案廠商竟還是「安控國家隊」隊長 https://new7.storm.mg/article/5344018 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 Researchers Uncover 46 Critical Flaws in Solar Power Systems From Sungrow, Growatt, and SMA https://thehackernews.com/2025/03/researchers-uncover-46-critical-flaws.html 全球居易路由器傳出不斷重開機事故，該公司後來鬆口證實是漏洞攻擊 https://ithome.com.tw/news/168133 研究人員揭露Sungrow、Growatt、SMA太陽能設備資安漏洞 https://thehackernews.com/2025/03/researchers-uncover-46-critical-flaws.html I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po My ceh practical notes https://github.com/dhabaleshwar/CEHPractical/blob/main/Everything%20You%20Need.md CEHP課程筆記 https://hackmd.io/@nfu-johnny/B1Ju_BMPR ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 Tokyo Indie Hackers Meetup 2025/4/6 https://www.meetup.com/tokyo-indie-hackers/events/307022659/ WordPress 彩虹小聚 ：色彩魔法｜提升網站吸引力的秘訣 2025/4/7 https://www.meetup.com/taipei-wordpress/events/306914356/ Chinese Linguistics, History, and Etymology 2025/4/8 https://www.meetup.com/formosa-technology-and-philosophy-symposium/events/xtjqqtyhcgblb/ Use WhatsAPP with MCP 2025/4/8 https://www.meetup.com/hk-application-of-ai-in-teaching-group/events/306914908/ Workshop AI video (media) creation 2025/4/8 https://www.meetup.com/taipei-education-technology-meetup-group/events/307041980/ 【資安課程諮詢】物聯網資訊安全實務 2025/4/10 - 2025/4/12 https://www.accupass.com/event/2412260750552102835426 企業 IT 必修課：虛擬化備援 + 弱點掃描，打造無縫資安防護 2025/4/11 https://mstech.kktix.cc/events/d41efa20 Tokyo Indie Hackers Meetup 2025/4/13 https://www.meetup.com/tokyo-indie-hackers/events/306891802/ CYBERSEC 2025 臺灣資安大會 2025/4/15 - 2025/4/17 https://cybersec.ithome.com.tw/2025/ Jamf 資安體驗館 - 2025 CYBERSEC 資安大會 2025/4/15 https://jamf.kktix.cc/events/cybersec2025-jamf Digital Rogue Meetup #07 2025/4/15 https://www.meetup.com/taiwan-digital-rogue/events/307040574/ 2025資安大會_數聯資安 AI 戰情室 2025/4/15 - 2025/4/17 https://www.accupass.com/event/2504010948318292701610 Taipei dbt Meetup #35 for all folks working with data! (Hybrid 👫 + 🧑‍💻) 2025/4/16 https://www.meetup.com/taipei-dbt-meetup/events/306748734/ How to Build a Side Hustle with AI in One Weekend 2025/4/16 https://www.meetup.com/shanghai-startup-idea-to-ipo/events/306699962/ How to build a team to run your SOC and SIEM 2025/4/16 https://www.meetup.com/manageengine-philippines-events/events/306912388/ 2025台灣產業AI化大調查暨AI落地指引發佈會 2025/4/17 https://www.accupass.com/event/2503100549105962692750 最即時的 7x24 MDR 服務 從雲端到端點，打造滴水不漏的防護網 2025/4/18 https://www.accupass.com/event/2503281010151330038742 GenAI 打開潘朵拉的盒子 ─「跨領域」和「面對未知」將成為新生存法則 2025/4/18 https://www.accupass.com/event/2503110835176314212290 Hack The Box Meetup: #1 2025/4/21 https://www.meetup.com/hack-the-box-meetup-ph/events/306862104/ Taipei dbt Meetup #35 for all folks working with data! (Hybrid 👫 + 🧑‍💻) 2025/4/23 https://www.meetup.com/taipei-dbt-meetup/events/306748734/ HYBRID EVENT 🌟 Cyber security basic training with Rakuten, session 1 2025/4/23 https://www.meetup.com/le-wagon-tokyo-coding-station/events/307018839/ [Online] Living off of Bitcoin 2025/4/24 https://www.meetup.com/philippine-bitcoiners/events/306825206/ [Online] Living off of Bitcoin 2025/4/24 https://www.meetup.com/philippine-bitcoiners/events/306825206/ MasterClass: Automated Content Creation & Social Media Management 2025/4/24 https://www.meetup.com/workoptional-ai-future-of-work/events/306253285/ [On-Line] AWS Global Community Gatherings #6 2025/4/25 https://www.meetup.com/awsglobalcommunitygatherings/events/306112237/ Agile Hsinchu 2025年3月份實體分享 2025/4/27 https://agilecommhc.kktix.cc/events/agilehsinchu20250427 AI 時代的資安新挑戰：如何讓開發更快速、更安全 2025/5/15 https://www.accupass.com/event/2503170831057559152230 Google Cloud Summit Taipei 2025/6/12 https://cloudonair.withgoogle.com/events/summit-taipei-2025 API 安全開發指南：漏洞修復與授權管理實務 2025/9/11-2025/9/12 https://www.accupass.com/event/2501021422337978365160