資安事件新聞週報 2024/09/30 ~ 2024/10/04

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/09/30 ~ 2024/10/04 1.重大弱點漏洞/後門/Exploit/Zero Day Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw https://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html https://github.com/p33d/CVE-2024-45519 HPE Aruba修補無線基地臺重大層級的命令注入漏洞 https://www.ithome.com.tw/news/165253 HPE Aruba Networking修復Aruba Access Points重大漏洞 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11277 TeamViewer 近日發布遠端桌面軟體安全性更新 https://www.ithome.com.tw/news/165230 Citrix 發佈 XenServer 和 Citrix Hypervisor 的安全性更新 https://www.cisa.gov/news-events/alerts/2024/09/25/citrix-releases-security-updates-xenserver-and-citrix-hypervisor https://support.citrix.com/s/article/CTX691646-xenserver-and-citrix-hypervisor-security-update-for-cve202445817?language=en_US Linux近日發布說明以解決通用 UNIX 列印系統 (CUPS) 的安全性弱點 https://www.tenable.com/blog/cve-2024-47076-cve-2024-47175-cve-2024-47176-cve-2024-47177-faq-cups-vulnerabilities https://www.upwind.io/feed/critical-9-9-linux-bug-exposes-containers-hosts-and-endpoints-to-remote-code-execution-rce-exploits Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution https://thehackernews.com/2024/09/critical-linux-cups-printing-system.html Linux kernel Netfilter UaF leads to LPE CVE-2024-26808 https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md NVIDIA Container Toolkit 漏洞（CVE-2024-0132和CVE-2024-0133） https://www.trendmicro.com/en_us/research/24/i/nvidia-ai-container-toolkit-vulnerability-fix.html Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now https://thehackernews.com/2024/09/progress-software-releases-patches-for.html CVE-2024-38200 : PoC and wirte-up for Microsoft Office NTLMv2 Disclosure Vulnerability https://github.com/passtheticket/CVE-2024-38200 WatchGuard身分驗證系統存在重大漏洞 https://www.ithome.com.tw/news/165280 購物網站外掛TI WooCommerce Wishlist存在重大漏洞，恐影響10萬網站 https://www.ithome.com.tw/news/165277 Microsoft Office NTLMv2 Disclosure CVE-2024-38200 https://github.com/passtheticket/CVE-2024-38200 撇隱私疑慮！Win11年度大更新「5大AI體驗一次看」這功能蒐證超好用 https://reurl.cc/vv4x9k 微軟內建資安機制意外門戶洞開　犯罪集團趁火打劫 Windows漏洞掀安全風暴　駭客撿到槍大肆竊資 https://www.netadmin.com.tw/netadmin/zh-tw/trend/7B37BDA2DC494EFAA0D01C1177D4BF3C Inappropriate implementation in V8 (ARM64) CVE-2024-7965 https://github.com/bi-zone/CVE-2024-7965 pgAdmin4 Sensitive Information Exposure CVE-2024-9014 https://github.com/EQSTLab/CVE-2024-9014 WebDAV https://nvd.nist.gov/vuln/detail/CVE-2024-25660 https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25660 Wechat https://nvd.nist.gov/vuln/detail/CVE-2024-9108 https://plugins.trac.wordpress.org/browser/wechat-social-login/trunk/includes/social/class-xh-social-wp-api.php?rev=2111074#L39 https://www.wordfence.com/threat-intel/vulnerabilities/id/06881386-3c92-426b-948d-58e8a8bee624?source=cve https://nvd.nist.gov/vuln/detail/CVE-2024-9106 https://plugins.trac.wordpress.org/browser/wechat-social-login/trunk/add-ons/social-qq/class-xh-social-channel-qq.php?rev=2080785#L284 https://www.wordfence.com/threat-intel/vulnerabilities/id/1bd44471-1a9c-4465-a52a-be64d51e7ea1?source=cve Firefox https://nvd.nist.gov/vuln/detail/CVE-2024-9401 https://nvd.nist.gov/vuln/detail/CVE-2024-9402 https://nvd.nist.gov/vuln/detail/CVE-2024-9403 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-48 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://bugzilla.mozilla.org/show_bug.cgi?id=1917807 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476 Python Infostealer Patching Windows Exodus App, (Wed, Sep 18th) https://unsafe.sh/go-262637.html Zimbra上個月修補的CVE-2024-45519遭大規模利用 https://www.ithome.com.tw/news/165329 Critical Zimbra RCE flaw actively exploited to take over servers https://www.bleepingcomputer.com/news/security/critical-zimbra-rce-flaw-actively-exploited-to-take-over-servers/ Ivanti裝置管理系統重大SQL注入漏洞已被用於攻擊行動 https://www.ithome.com.tw/news/165330 CVE-2024-29824: Critical Vulnerability in Ivanti Endpoint Manager Actively Exploited, PoC Published https://securityonline.info/cve-2024-29824-critical-vulnerability-in-ivanti-endpoint-manager-actively-exploited-poc-published/ Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch https://thehackernews.com/2024/10/ivanti-endpoint-manager-flaw-actively.html PoC Demo Video : CVE-2024-43454 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability https://www.youtube.com/watch?v=IN0NOhzy0Vg Supermicro基板管理控制器韌體存在能被輕易利用的漏洞 https://www.ithome.com.tw/news/165326 2.銀行/金融/保險/證券/金融監理新聞及資安第一銀行網銀遭到DDoS攻擊 https://mops.twse.com.tw/mops/web/ajax_t05sr01_1?firstin=true&stp=1&step=1&SEQ_NO=2&SPOKE_TIME=65123&SPOKE_DATE=20241001&COMPANY_ID=2892 駭客攻擊頻傳！一銀證實遇網路攻擊：已啟動防禦機制 https://reurl.cc/nv41o2 一銀遭網路DDoS攻擊公股銀再成狙擊標的 https://www.ctee.com.tw/news/20241002700157-439901 兆豐金與刑事警察局簽訂「金融阻駭反詐資安聯防」MOU https://udn.com/news/story/7239/8263498 誰最需要資安險？投保大戶變了電腦、半導體業超越金融業 https://money.udn.com/money/story/122377/8254011 山陀兒颱風來襲金管會請銀行留意3事項 https://www.ctee.com.tw/news/20241001700538-430301 綠電採購中信銀將以2025年買下2993萬度為目標 https://udn.com/news/story/7239/8262850 中國信託銀行推出「首創」防詐功能　行動銀行APP成為客戶最強後盾 https://www.gvm.com.tw/article/115956 盛寶銀行宣布關閉香港辦公室 https://www.epochtimes.com/b5/24/10/2/n14342424.htm 台新銀行攜手財金公司推無卡提款QR Code晉級版 https://udn.com/news/story/7239/8260469 中信銀加入財金公司 ATM 跨行無卡提款 QR Code 服務行列 https://money.udn.com/money/story/5613/8261400 國泰世華攜手財金公司全台近5300台 ATM「QR Code 提款」再進化 https://money.udn.com/money/story/5613/8261240 戶頭有10萬只能領3千！中國銀行防詐騙祭「限制取款」措施惹議 https://reurl.cc/ZVqr4Q 臺北市政府與富邦人壽攜手強化市府反詐防護網 https://n.yam.com/Article/20240930276862#google_vignette 臺銀人壽復興崗打詐宣導提升警覺心 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1712326 防金融詐騙助特教生金融培訓金管會首創「金融教育貢獻獎」 https://www.cna.com.tw/postwrite/chi/382775 新安東京海上產險推動防詐公益宣導獲金管會頒獎肯定 https://reurl.cc/34pjMV 上海證券交易所交易系統異常正排查原因 https://udn.com/news/story/7333/8255065 上海證券交易所今系統全面測試專家：此次測試動靜確實較大 https://udn.com/news/story/7333/8258901 台股暴跌！永豐金證券交易系統異常小股民痛批 https://ec.ltn.com.tw/article/breakingnews/4759221 櫃買最新法規線上看得到 https://money.udn.com/money/story/11074/8259156 集保股東e化服務再進化，超過500萬App用戶明年將可用數位簽章免臨櫃辦理股務事務 https://www.ithome.com.tw/news/165289 俄羅斯駭客FIN7以DeepNude生成器為誘餌，目的是散布惡意程式 https://www.ithome.com.tw/news/165307 Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations https://thehackernews.com/2024/10/andariel-hacker-group-shifts-focus-to.html Alleged BCP Bank Data Shared Again https://dailydarkweb.net/alleged-bcp-bank-data-shared-again/ 3.信用卡/電子支付/行動支付/pay/支付系統/資安樂天信用卡遭駭客攻擊未緊急應變，金管會列6大缺失、罰250萬 https://www.cna.com.tw/news/afe/202409300422.aspx 境外人士信用卡綁定陸行動支付 8試點城市開通提供便利 https://www.chinatimes.com/realtimenews/20241001005408-260409?chdtv 計程車司機收電子支付車資遭誤認詐騙共犯列警示帳戶 https://news.pts.org.tw/article/716499 軟銀「用PayPay付薪水」創日本首例 8成民眾仍想領現金 https://reurl.cc/GpLoOW TWQR一同壯大銀行與電支生態 https://taiwanbanker.tabf.org.tw/paperDetail?id=4605 TWQR：非現金支付的最後一哩路 https://taiwanbanker.tabf.org.tw/paperDetail?id=4604 誆稱「中油PAY遭駭客入侵」詐團話術騙走工程師99萬 https://www.chinatimes.com/realtimenews/20240929003045-260402?chdtv 支付pay詐騙話術縣警局提醒民眾謹記防詐五不 https://www.kmdn.gov.tw/1117/1271/1272/570946 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign https://thehackernews.com/2024/09/crypto-scam-app-disguised-as.html 突然出手！幣安限制「俄羅斯受制裁用戶」訪問平臺下一步行動是 https://hk.investing.com/news/economic-indicators/article-643723 DeSci+生物科技，BIO Protocol將加密貨幣帶入新應用場景 https://news.cnyes.com/news/id/5728313 中國要開放！前財政副長批：加密貨幣「遙遙落後」，該學習美國政策轉向 https://reurl.cc/xv4O5L 幣安在阿根廷完成註冊全球第20個監管里程碑 https://reurl.cc/pv4Wl8 全球首個承認比特幣交易合法國家，速覽「德國」加密稅收與監管制度 https://reurl.cc/MjL00K 韓國通訊巨頭曝資安漏洞！Kakao 高管槓上自家加密錢包 https://reurl.cc/34poo9 北韓駭客滲透加密貨幣產業，十餘家公司無意間僱用北韓IT人員 https://www.panewslab.com/zh_hk/sqarticledetails/js2uyd7bFt.html 北韓IT工人頻繁滲透加密公司，潛伏後進行駭客攻擊 https://news.cnyes.com/news/id/5730181 Zeus Network與Sec3達成審計合作，主網上線在即 https://news.cnyes.com/news/id/5730179 北韓滲透幣圈手法曝光：Sushi等10多家Web3企業誤聘北韓臥底 https://www.blocktempo.com/north-korea-infiltrated-the-crypto-industry/ AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition https://thehackernews.com/2024/10/ai-powered-rhadamanthys-stealer-targets.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 駭客鎖定俄語使用者用HTML偷渡手法散布DCRat木馬 https://www.ithome.com.tw/news/165278 駭客組織Patchwork鎖定中國企業組織，散布後門程式Nexe https://cyble.com/blog/nexe-backdoor-unleashed-patchwork-apt-groups-sophisticated-evasion-of-defenses/ 駭客組織8220散布惡意軟體Hadooken及K4Spreader挾持雲端環境 https://blog.sekoia.io/hadooken-and-k4spreader-the-8220-gangs-latest-arsenal/ 馬來西亞駭客組織DragonForce 利用改良版LockBit和Conti勒索軟體發動攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11281 勒索軟體開發者？「LockBit」成員被逮捕 https://www3.nhk.or.jp/nhkworld/zt/news/k10014598151000/ 駭客偽裝成求職者散布後門程式More_eggs https://www.trendmicro.com/en_us/research/24/i/mdr-in-action--preventing-the-moreeggs-backdoor-from-hatching--.html 竊資軟體Rhadamanthys透過AI進行文字辨識，挖掘加密貨幣錢包通關密語 https://www.recordedfuture.com/research/rhadamanthys-stealer-adds-innovative-ai-feature-version 惡意軟體Skuld Stealer、Blank Grabber鎖定Roblox作弊玩家而來 https://www.imperva.com/blog/trouble-in-da-hood-malicious-actors-use-infected-pypi-packages-to-target-roblox-cheaters/ Ransomware attack forces UMC Health System to divert some patients https://www.bleepingcomputer.com/news/security/ransomware-attack-forces-umc-health-system-to-divert-some-patients/ Inside the Dragon: DragonForce Ransomware Group https://www.group-ib.com/blog/dragonforce-ransomware/ Smishing attempt 09-26-24, infrastructure is less than 24 hours old. https://otx.alienvault.com/pulse/66f5ea0b795c4dbe2c4fc609 駭客組織Storm-0501偷走憑證攻入Entra ID，橫向移動範圍從內部跨至雲端 https://www.ithome.com.tw/news/165275 Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks https://thehackernews.com/2024/09/microsoft-identifies-storm-0501-as.html New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet https://thehackernews.com/2024/10/new-cryptojacking-attack-targets-docker.html The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector https://securityaffairs.com/168633/uncategorized/vanilla-tempest-used-inc-ransomware.html 31 New Ransomwares are Detected by Malware Researchers in SEPTEMBER https://dailydarkweb.net/31-new-ransomwares-are-detected-by-malware-researchers-in-september/ A Measure of Motive: How Attackers Weaponize Digital Analytics Tools https://cloud.google.com/blog/topics/threat-intelligence/how-attackers-weaponize-digital-analytics-tools LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort https://thehackernews.com/2024/10/lockbit-ransomware-and-evil-corp.html Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals https://thehackernews.com/2024/10/fake-job-applications-deliver-dangerous.html MDR in Action: Preventing The More_eggs Backdoor From Hatching https://www.trendmicro.com/en_us/research/24/i/mdr-in-action--preventing-the-moreeggs-backdoor-from-hatching--.html Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal https://blog.sekoia.io/hadooken-and-k4spreader-the-8220-gangs-latest-arsenal/ https://raw.githubusercontent.com/SEKOIA-IO/Community/refs/heads/main/IOCs/8220Gang/8220_Gang_iocs_20242409.csv Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware https://thedfirreport.com/2024/09/30/nitrogen-campaign-drops-sliver-and-ends-with-blackcat-ransomware/ New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking https://thehackernews.com/2024/10/new-perfctl-malware-targets-linux.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊手機千萬別做這件事！恐有資安疑慮　就這功能讓你懷疑廣告在偷聽 https://reurl.cc/E6LrKA 告個沒完，Epic對Google、三星的APK安裝機制提出訴訟 https://www.4gamers.com.tw/news/detail/67561/epic-sue-google-samsung-to-inconvenient-app-install ２款APP藏病毒快刪掉！小心個資被盜、錢被偷，專家揭防毒方法 https://supertaste.tvbs.com.tw/hot/351533 手機與租車連線「壞習慣」個資未刪恐惹麻煩 https://reurl.cc/nv4rnD Threat Actor Allegedly Selling Zero-Day Android RCE Exploit for $800,000 https://dailydarkweb.net/threat-actor-allegedly-selling-zero-day-android-rce-exploit-for-800000/ Alleged KintApp Breach Exposes High-Profiles From Thai Organizations https://dailydarkweb.net/alleged-kintapp-breach-exposes-high-profiles-from-thai-organizations/ Fake Trading Apps Target Victims Globally via Apple App Store and Google Play https://thehackernews.com/2024/10/fake-trading-apps-target-victims.html Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks https://thehackernews.com/2024/10/android-14-adds-new-security-features.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 65% 網站缺乏防護易遭機器人攻擊! 電子商務和奢侈品產業尤最 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11270 如何發動DDoS呢 https://www.youtube.com/watch?v=zcW_HfZ_B0w 總統府也曾被攻擊！超可怕的資安危機 #DDoS 是什麼？駭客怎麼發動「殭屍大軍」怎麼癱瘓網路？該怎麼預防 https://www.youtube.com/watch?v=kutPU3Ty1Zg BB. call、無人機都可能成為傷人武器！網路安全成全球共同問題，數策會高志明：企業需評估漏洞 https://www.businesstoday.com.tw/article/category/183027/post/202410010050/ 網路部隊無遠弗屆掌握數位戰場優勢 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1712305&type=forum 組織型駭客利用物聯網設備建立大規模殭屍網路，恐對我國關鍵基礎設施構成威脅 https://www.nutn.edu.tw/information_details.html?boardno=94986&classid=3 外國干預10月起更加活躍　俄羅斯、伊朗透過AI、駭客、散佈假訊息達到目的 https://www.storm.mg/article/5248120 中共稱遭台灣駭客網攻國安單位揭真相 https://www.secretchina.com/news/b5/2024/10/03/1070584.html 中共稱遭國軍網攻台專家：掩蓋國內矛盾 https://www.epochtimes.com/b5/24/10/1/n14342094.htm 中共起底「臺獨」網軍「匿名者64」 Are You Serious https://indsr.org.tw/focus?typeid=15&uid=11&pid=2728 中國大陸公布「匿名者64」國防院學者：為掩蓋內部民怨 https://udn.com/news/story/10930/8263518 中共遭駭無的放矢賊喊抓賊淪笑柄 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1712322&type=forum Rackspace內部系統遭入侵，問題出在第三方應用程式 https://www.ithome.com.tw/news/165263 法新社傳出遭遇網路攻擊，波及合作夥伴IT系統及內容交付 https://www.afp.com/en/agency/press-releases-newsletter/afp-detects-attack-its-it-systems 巴基斯坦駭客Transparent Tribe鎖定印度Linux電腦而來 https://www.cyfirma.com/research/osint-investigation-hunting-malicious-infrastructure-linked-to-transparent-tribe/ 日本警視廳因應孤狼式恐攻擬成立專責調查部門 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1712030 北韓駭客傳出滲透德國國防業者Diehl Defence https://www.securityweek.com/north-korea-hackers-linked-to-breach-of-german-missile-manufacturer/ Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors https://thehackernews.com/2024/10/cloudflare-thwarts-largest-ever-38-tbps.html WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks https://thehackernews.com/2024/10/wordpress-litespeed-cache-plugin.html U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes https://thehackernews.com/2024/09/us-charges-three-iranian-nationals-for.html U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails https://thehackernews.com/2024/10/uk-hacker-charged-in-375-million.html Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks https://thehackernews.com/2024/09/critical-flaws-in-tank-gauge-systems.html UNC1860 Hackers Use Specialized Tools & Backdoors To Penetrate Victims’ Networks https://cybersecuritynews.com/specialised-hacking-tools-to-penetrate-victims-networks/#google_vignette Google details UNC2970 North Korea-linked espionage hackers targeting US energy, aerospace sectors https://industrialcyber.co/ransomware/google-details-unc2970-north-korea-linked-espionage-hackers-targeting-us-energy-aerospace-sectors/ 中國駭客CeranaKeeper鎖定東南亞竊取機敏資料 https://www.welivesecurity.com/en/eset-research/separating-bee-panda-ceranakeeper-making-beeline-thailand/ China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration https://thehackernews.com/2024/10/china-linked-ceranakeeper-targeting.html Separating the bee from the panda: CeranaKeeper making a beeline for Thailand https://www.welivesecurity.com/en/eset-research/separating-bee-panda-ceranakeeper-making-beeline-thailand/ UserSec Claims New DDoS Attack Service: OVERLOAD https://dailydarkweb.net/usersec-claims-new-ddos-attack-service-overload/ CyberDragon Announces Cyber Operation Against South Korea https://dailydarkweb.net/cyberdragon-announces-cyber-operation-against-south-korea/ Threat Actor Claims Breach of Indonesian Government Database https://dailydarkweb.net/threat-actor-claims-breach-of-indonesian-government-database/ MrHamza Claims Responsibility for Disabling Saudi Security Website https://dailydarkweb.net/mrhamza-claims-responsibility-for-disabling-saudi-security-website/ Threat Actor Claims Breach of Rivoli Group AE https://dailydarkweb.net/threat-actor-claims-breach-of-rivoli-group-ae/ North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks https://thehackernews.com/2024/10/north-korean-hackers-using-new.html 自動化AI暨資安系統程式開發工程師_13448 https://www.104.com.tw/job/8g7vf?jobsource=google 資安工程師 (桃園) https://www.yes123.com.tw/wk_index/job.asp?p_id=83151_04322046&job_id=20240930103032_549388 資安工程師 https://www.1111.com.tw/job/98835075/ 【AR/MR】MIS專員 https://www.1111.com.tw/job/130336866/ 資安工程師 https://job.taiwanjobs.gov.tw/internet/index/JobDetail.aspx?R2=11&EMPLOYER_ID=86371&HIRE_ID=13063499 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全網民誤點谷歌假廣告易遭駭客偷個資盜提 https://reurl.cc/E6Lpka 女模上海機場刷臉「照片被安檢員偷存」　個資外洩遭硬加微信 https://today.line.me/tw/v2/article/EXQ2kKk 【詐騙】網傳「監理服務網，可查交通罰鍰查詢及繳納」 https://tfc-taiwan.org.tw/articles/11063 疾管署遭冒名寄「COVID-19解封前測問卷」籲勿上當 https://reurl.cc/0dldb9 COVID-19解封前測問卷？疾管署：駭客惡意郵件 https://news.ltn.com.tw/news/politics/paper/1670057 假資訊氾濫...日媒指控近200個大陸假帳號社群平台煽動琉球獨立 https://udn.com/news/story/6809/8268380 定存戶頭遭駭盜2.3萬夫婦痛失兒女教育費 https://guangming.com.my/%E5%AE%9A%E5%AD%98%E6%88%B6%E9%A0%AD%E9%81%AD%E9%A7%AD%E7%9B%9C2-3%E8%90%AC-%E5%A4%AB%E5%A9%A6%E7%97%9B%E5%A4%B1%E5%85%92%E5%A5%B3%E6%95%99%E8%82%B2%E8%B2%BB 明碼儲存用戶密碼，Meta被愛爾蘭政府罰款9,100萬歐元 https://www.ithome.com.tw/news/165265 Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext https://thehackernews.com/2024/09/meta-fined-91-million-for-storing.html Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials https://thehackernews.com/2024/10/free-sniper-dz-phishing-tools-fuel.html Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms https://thehackernews.com/2024/09/hackers-exploit-default-credentials-in.html 483,000 Victims: Phishing Scam Unlocks Phones, Steals Data https://securityonline.info/483000-victims-phishing-scam-unlocks-phones-steals-data/#google_vignette Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications https://cybersecuritynews.com/intelbroker-deloitte-data/ PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data https://thehackernews.com/2024/10/pypi-repository-found-hosting-fake.html 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage https://thehackernews.com/2024/10/5-actionable-steps-to-prevent-genai.html Alleged Sportstech Breach Leaked +44,000 Customer Data https://dailydarkweb.net/alleged-sportstech-breach-leaked-44000-customer-data/ INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa https://thehackernews.com/2024/10/interpol-arrests-8-in-major-phishing.html E.研究報告/工具自行建立Ansible執行環境使用ansible-navigator指令工具 https://www.uuu.com.tw/Public/content/article/24/20240923.htm 面對零時差攻擊，該如何應對 https://teamt5.org/tw/posts/how-to-deal-with-zero-day-attacks/ FIDO在零信任架構中的角色：政策與實踐的雙重保障 https://ithelp.ithome.com.tw/articles/10361962 常見資安攻擊手法 https://ithelp.ithome.com.tw/articles/10358699 突破困境：開源記錄收集與分析系統系列 https://ithelp.ithome.com.tw/users/20118848/ironman/7961 穿梭於秘密通道：揭密那些深藏在 VPN 的漏洞 https://teamt5.org/tw/posts/shuttling-through-secret-pipes-unveiling-vulnerabilities-in-leading-vp-ns-vpn/ The API Security Disconnect https://www.akamai.com/lp/report/the-api-security-disconnect Digital Fortresses Under Siege: Threats to Modern Application Architectures https://www.akamai.com/lp/soti/securing-apps-report-2024 How Securing APIs Factors into DORA Compliance https://www.akamai.com/blog/security/how-securing-apis-factors-into-dora-compliance Embed API Security into Regulatory Compliance: Six Examples to Watch https://www.akamai.com/blog/security/embed-api-security-into-regulatory-compliance-six-examples How to Plan and Prepare for Penetration Testing https://thehackernews.com/2024/09/how-to-plan-and-prepare-for-penetration.html Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA https://thehackernews.com/2024/09/session-hijacking-20-latest-way-that.html 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage https://thehackernews.com/2024/10/5-actionable-steps-to-prevent-genai.html Malware Reverse Engineering for Beginners - Part 1: From 0x0 https://intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/ Malware Reverse Engineering for Beginners - Part 2 https://intezer.com/blog/incident-response/malware-reverse-engineering-for-beginners-part-2/ Active_Directory_Advanced_Threat_Hunting https://buff.ly/47NKdvy Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs https://blogs.jpcert.or.jp/en/2024/09/windows.html 5 Must-Have Tools for Effective Dynamic Malware Analysis https://thehackernews.com/2024/10/5-must-have-tools-for-effective-dynamic.html When CUPS Runneth Over: The Threat of DDoS https://www.akamai.com/blog/security-research/october-cups-ddos-threat How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections https://www.trendmicro.com/en_us/research/24/i/how-ransomhub-ransomware-uses-edrkillshifter-to-disable-edr-and-.html Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 1 https://security.humanativaspa.it/exploiting-amd-atdcm64a.sys-arbitrary-pointer-dereference-part-1/ Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 2 https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-2/ F.商業 Akamai在當今蓬勃發展的API經濟中保護其安全 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=13&id=698747 聚焦微分段、Cloud WAF 與 API 安全三大面向，邁達特攜手 Akamai 構築強大資安防線 https://www.inside.com.tw/article/35896-MetaAge ThreatVision 入侵指標（ IoCs）幫助您禦敵致勝 https://teamt5.org/tw/posts/making-the-most-of-threatvision-iocs/ Chrome 瀏覽器採用 NIST 認可的 ML-KEM 量子加密技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11265 迎戰AI數位威脅，打造API零信任安全研討會圓滿落幕探討AI時代資安新挑戰 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11271 Sophos: 亞太地區及日本對資安託管服務需求持續成長 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11276 新版作業系統上市在即，微軟為AI功能Recall加強安全措施 https://www.ithome.com.tw/news/165245 微軟說明Recall資安架構，強調對隱私安全的防護機制 https://www.4gamers.com.tw/news/detail/67544/microsoft-update-recall-security-and-privacy-architecture 趨勢科技警告企業裝置與帳號為第一、二高風險資產 https://www.sinotrade.com.tw/richclub/news/66fa8bbd32ba0c9331a6c1e5 2024 Imperva API Security 態勢報告 & API 和機器人攻擊的經濟影響 https://www.ciphertech.com.tw/all_news/products_news/imperva_news/the-state-and-economic-impact-of-api-security-in-2024/ A Hacker's Era: Why Microsoft 365 Protection Reigns Supreme https://thehackernews.com/2024/09/why-microsoft-365-protection-reigns-supreme.html API盤點-UTDS https://reurl.cc/QEGLn0 義商Olidata重新上市，專攻人工智慧、大數據和網路安全領域 https://www.trade.gov.tw/Pages/Detail.aspx?nodeid=45&pid=791129 Oracle 砸 65 億美元！馬來西亞將迎來首座 Oracle 雲端服務中心 https://buzzorange.com/techorange/2024/10/02/oracle-to-build-new-cloud-facilities-in-malaysia/ 根據NETSCOUT的2024年上半年威脅情報報告，DDoS攻擊急劇上升，駭客行動主義行為激增，威脅全球關鍵基礎設施 https://reurl.cc/dylaZg 微軟Windows大型更新11 24H2 登場　5大AI功能一次看 https://www.ettoday.net/news/20241003/2828208.htm PostgreSQL 17正式推出，效能、JSON處理與資料庫管理全面提升 https://www.ithome.com.tw/news/165239 家用、SMB單機版Office 2024上市 https://www.ithome.com.tw/news/165303 GCP更新資料庫服務，強化AlloyDB AI支援、推Memorystore for Valkey 7.2 https://www.ithome.com.tw/news/165310 How to Get Going with CTEM When You Don't Know Where to Start https://thehackernews.com/2024/10/how-to-get-going-with-ctem-when-you.html The Secret Weakness Execs Are Overlooking: Non-Human Identities https://thehackernews.com/2024/10/the-secret-weakness-execs-are.html G.政府金管會提醒企業重視資安風險管理，適時評估投保資安保險 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11273 強化公家機關網站系統設計中的資訊安全與韌性 https://reurl.cc/oy41z3 數位部助民間成立資安實驗室 22款無人機通過檢測 https://reurl.cc/DlLxxR 台軍被揭不少設備由大陸製造　引起關注 https://hk.crntt.com/doc/1069/8/7/7/106987727.html?coluid=0&kindid=0&docid=106987727&mdate=1003160043 【政府觀點：數位發展部資通安全署副署長鄭欣明】《資安法》修訂全面升級：強化管理、專業培訓與人才配置 https://www.ithome.com.tw/news/165315 【專家觀點：合盛律師事務所主持律師張紹斌】深入審視資安法修訂，法律專家提出11大重要議題 https://www.ithome.com.tw/news/165316 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安 Microchip ASF 重大資安漏洞，物聯網設備恐遭遠端攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11280 Kia網站漏洞可讓攻擊者駭入並控制車子，2013年以後車款受影響 https://www.ithome.com.tw/news/165243 別用中國製網路監控攝影機！南韓大量用戶私密影片被傳到色情網站 https://news.ltn.com.tw/news/world/breakingnews/4814717 助力半導體生態系制定安全框架　防堵威脅滲入營運場域結盟領軍供應鏈資安規範　平台化全面防護OT安全 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/0C294C734EB74137A7D6DF63165ED671#google_vignette 將車用資安DNA深植汽車生態鏈，VicOne通過TISAX AL3汽車工業資訊安全最高等級認證 https://reurl.cc/1b7ZZX 自主研發資安平台守護工業物聯網　保障安全與合規兼具零信任架構落地工業網路　搞定加解密與金鑰管理 https://www.netadmin.com.tw/netadmin/zh-tw/trend/34B5391686ED48F4BD16D7CE3C0A2ABF 中國車竊取隱私又一樁？澳洲車主控比亞迪Atto 3「竊聽車內聲音」經銷商給出回應 https://cars.tvbs.com.tw/car-news/216579 嚴管工廠醫院OT聯網風險　避免外部惡意程式攻擊侵害準確辨識醫療專屬協定　IoMT場域增添資安防護 https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/A568A88A181C411FAFD779880E83F2FF#google_vignette DrayTek修補危險程度達到10分的重大漏洞，70萬臺路由器恐受影響 https://www.ithome.com.tw/news/165332 臺廠普萊德交換器存在重大漏洞 https://www.ithome.com.tw/news/165321 Buffer overflow in Supermicro BMC IPMI CVE-2024-36435 https://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py DrayTek fixed critical flaws in over 700,000 exposed routers https://www.bleepingcomputer.com/news/security/draytek-fixed-critical-flaws-in-over-700-000-exposed-routers/ I.教育訓練資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po My ceh practical notes https://github.com/dhabaleshwar/CEHPractical/blob/main/Everything%20You%20Need.md CEHP課程筆記 https://hackmd.io/@nfu-johnny/B1Ju_BMPR ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSEP (Evasion Techniques and Breaching Defenses (PEN-300) http://github.com/In3x0rabl3/OSEP OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 Just a chat - with no Expectations 2024/10/5 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/303444308/ 【2024/10】WordPress 彩虹小聚 @言文字：與攝影師共創佳作 2024/10/7 https://www.meetup.com/taipei-wordpress/events/303617026/ 超智動化引領企業數位革命，AI賦能助力績效倍增 2024/10/8 https://www.accupass.com/event/2409160309165764824040 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/10/8 https://www.meetup.com/taiwan-code-camp/events/303502393/ Machine Learning Tech Talks 2024/10/9 https://www.meetup.com/machine-learning-tech-talks/events/303540769/ SyntaxError 2024/10/9 https://www.meetup.com/pythonhug/events/303523313/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/10/10 https://www.meetup.com/hackingthursday/events/303543444/ 資訊安全系列課程 2024/10/12 https://www.accupass.com/event/2407011633417884074930 Simple curcuits and LEDs 2024/10/12 https://www.meetup.com/electronics-workshop/events/303213155/ Just a chat - with no Expectations 2024/10/12 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/303580882/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/10/15 https://www.meetup.com/taiwan-code-camp/events/303638715/ 從數據到智慧：ELK在AI/ML的產業應用案例分享 2024/10/16 https://www.accupass.com/event/2407160249006539823800 SyntaxError 2024/10/16 https://www.meetup.com/pythonhug/events/303660161/ AgileGirls 2024十月聚會：從建立個人品牌到實踐數位游牧 2024/10/16 https://agilecommtw.kktix.cc/events/agilegirls202410 Taipei dbt Meetup #28 for all folks working with data! (Hybrid 👫 + 🧑‍💻)2024/10/16 https://www.meetup.com/taipei-dbt-meetup/events/303598095/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/10/17 https://www.meetup.com/hackingthursday/events/303681206/ 小紅書、Tiktok及網路社群中的性別與統戰議題 2024/10/17 https://www.accupass.com/event/2409250632161255214277 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 Rust 1.82 Release Party 2024/10/19 https://www.meetup.com/taipei-rust-users-group/events/303481501/ Just a chat - with no Expectations 2024/10/19 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcnbzb/ Taoyuan WordPress Café 桃園咖啡小聚 #41 2024/10/19 https://www.meetup.com/taoyuan-wordpress-meetup/events/303579694 資安沙龍活動 2024/10/22 https://csa.kktix.cc/events/s-salon Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/10/22 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcnbdc/ SyntaxError 2024/10/23 https://www.meetup.com/pythonhug/events/pqnsctygcnbfc/ 數位轉型永續前行-永續轉型下一步，資拓宏宇打造雲端智能生態圈 2024/10/23 https://www.accupass.com/event/2409040538442023020384 破解資安挑戰：應對開發人才短缺及安全漏洞 2024/10/24 https://www.accupass.com/event/2409230215124045210950 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/10/24 https://www.meetup.com/hackingthursday/events/psspctygcnbgc/ Vault 實戰工作坊：配置、策略與治理，打造堅不可摧的企業級資料防護 2024/10/25 https://www.accupass.com/event/2409100237076012078380 Just a chat - with no Expectations 2024/10/26 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcnbjc/ MOPCON 2024 行動科技年會 - 早鳥票 / 一般票 / 團體票 2024/10/26 - 2024/10/27 https://mopcon.kktix.cc/events/mopcon-2024 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/10/29 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygcnbmc/ Jamf Nation Live 2024 台北站 - 教育經驗分享專場 2024/10/29 https://jamf.kktix.cc/events/jamfnationlive-2024-edu HITCON Cyber Range 2024 企業藍隊－競賽導覽 2024/10/30 https://hitcon.kktix.cc/events/hitcon-cr-2024-guidedtour HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024 SyntaxError 2024/10/30 https://www.meetup.com/pythonhug/events/pqnsctygcnbnc/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/10/30 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/303635198/ HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會淡水 2024/10/31 https://www.meetup.com/hackingthursday/events/psspctygcnbpc/ Just a chat - with no Expectations 2024/11/2 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcpbdb/ 【安碁學苑】資安職能培訓｜安全程式開發管理師 2024/11/23 ~ 2024/12/21 https://acsiacad.kktix.cc/events/308914 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/11/27 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/bmzxltygcpbkc/ 【2024 RMN ASIA】AI 驅動零售變革 · RMN重新定義行銷生態 2024/11/28 https://www.accupass.com/event/2409050256092193763570 【TIRI線上董事、公司治理主管進修課程】漫談資安治理的盲點與對策 2024/11/29 https://www.accupass.com/event/2408290602361963077719 Threat Analyst Summit 2024 威脅分析師高峰會 2024/12/11 ~ 2024/12/12 https://teamt5tw.kktix.cc/events/tas2024 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/12/25 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/bmzxltygcqbhc/