###### tags: `資安事件新聞週報` # 資安事件新聞週報 2024/6/24 ~ 2024/6/28 1.重大弱點漏洞/後門/Exploit/Zero Day 研究人員針對Wget漏洞提出警告，呼籲用戶近期應留意相關資安公告 https://www.ithome.com.tw/news/163594 Phoenix UEFI韌體存在高風險漏洞，數百款採用Intel處理器的個人電腦、筆電、伺服器恐受影響 https://www.ithome.com.tw/news/163626 75%的Magento電商平臺恐存在重大資安漏洞CosmicSting，若不設法修補，攻擊者有可能取得完整控制權 https://www.ithome.com.tw/news/163623 微軟發布安全更新以解決Wi-Fi驅動程式弱點 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078 https://www.ithome.com.tw/news/163562 Microsoft pulls Windows 11 KB5039302 update causing reboot loops https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/microsoft/microsoft-pulls-june-windows-11-kb5039302-update-causing-repeated-restarts/amp/ 微軟將透過Windows每月例行更新一併修補Visual Studio https://www.ithome.com.tw/news/163636 兆勤已終止支援的NAS設備再度遭到鎖定，殭屍網路嘗試利用甫公布的漏洞進行滲透 https://www.ithome.com.tw/news/163661 Progress在6月底揭露與修補MOVEit兩個重大漏洞 https://www.ithome.com.tw/news/163658 遠端桌面連線解決方案供應商TeamViewer傳出內部網路遭APT駭客入侵 https://www.bleepingcomputer.com/news/security/teamviewers-corporate-network-was-breached-in-alleged-apt-hack/ TeamViewer's corporate network was breached in alleged APT hack https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/teamviewers-corporate-network-was-breached-in-alleged-apt-hack/amp/ 研究人員揭露新型態攻擊手法GrimResource，利用MMC管理主控臺存取受害電腦並迴避偵測 http://www.elastic.co/security-labs/grimresource GrimResource - Microsoft Management Console for initial access and evasion https://www.elastic.co/security-labs/grimresource New Attack Technique Exploits Microsoft Management Console Files https://thehackernews.com/2024/06/new-attack-technique-exploits-microsoft.html 電子商務平臺PrestaShop的臉書外掛程式存在漏洞，已有攻擊者用於竊取信用卡付款詳細資訊 https://www.ithome.com.tw/news/163644 Juniper Networks 發布 Juniper Secure Analytics 安全更新修補多個弱點 https://nvd.nist.gov/vuln/detail/CVE-2019-13224 https://nvd.nist.gov/vuln/detail/CVE-2019-19012 https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 https://lists.debian.org/debian-lts-announce/2019/07/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW/ https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP8-IF03?language=en_US QRadar: 7.5.0 UP8 deployments can experience replication issues after the 21 June auto update completes (resolved) https://www.ibm.com/support/pages/node/7158277 NVMe: New Vulnerabilities Made Easy https://www.cyberark.com/resources/threat-research-blog/nvme-new-vulnerabilities-made-easy OwnCloud RCE zeroday exploit https://www.youtube.com/watch?v=_eCn2J9lIvk PoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution https://github.com/vin01/poc-cve-2024-38396 WhatsUp Gold存在多個高風險弱點 https://nvd.nist.gov/vuln/detail/CVE-2024-4883 https://nvd.nist.gov/vuln/detail/CVE-2024-4885 https://nvd.nist.gov/vuln/detail/CVE-2024-5008 https://nvd.nist.gov/vuln/detail/CVE-2024-5009 https://nvd.nist.gov/vuln/detail/CVE-2024-5010 https://nvd.nist.gov/vuln/detail/CVE-2024-5011 https://nvd.nist.gov/vuln/detail/CVE-2024-5012 https://nvd.nist.gov/vuln/detail/CVE-2024-5013 https://nvd.nist.gov/vuln/detail/CVE-2024-5014 https://nvd.nist.gov/vuln/detail/CVE-2024-5015 https://nvd.nist.gov/vuln/detail/CVE-2024-5016 https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 https://www.progress.com/network-monitoring Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts https://thehackernews.com/2024/06/multiple-wordpress-plugins-compromised.html Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP https://thehackernews.com/2024/06/new-moveit-transfer-vulnerability-under.html Google Introduces Project Naptime for AI-Powered Vulnerability Research https://thehackernews.com/2024/06/google-introduces-project-naptime-for.html 開源人工智慧基礎設施平臺Ollama存在漏洞Probllama，若不修補恐被用於RCE攻擊 https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032 瀏覽器存在安全漏洞(CVE-2024-5274) https://www.nehs.hc.edu.tw/?p=20790 A Novel DoS Vulnerability affecting WebRTC Media Servers https://www.rtcsec.com/article/novel-dos-vulnerability-affecting-webrtc-media-servers/ Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks https://thehackernews.com/2024/06/prompt-injection-flaw-in-vanna-ai.html Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application https://thehackernews.com/2024/06/critical-sqli-vulnerability-found-in.html Fortra針對檔案共用平臺FileCatalyst Workflow的SQL注入漏洞發出警告 https://www.fortra.com/security/advisory/fi-2024-008 GitLab存在重大漏洞，攻擊者可冒用任意用戶身分執行Pipeline工作流程 https://about.gitlab.com/releases/2024/06/26/patch-release-gitlab-17-1-1-released/#run-pipelines-as-any-user Critical GitLab bug lets attackers run pipelines as any user https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/critical-gitlab-bug-lets-attackers-run-pipelines-as-any-user/amp/ The exploit prediction scoring system: What it is and how to use it https://graylog.org/post/the-exploit-prediction-scoring-system-what-it-is-and-how-to-use-it/ ESET NOD32 Antivirus CVE-2024-2003 https://nvd.nist.gov/vuln/detail/CVE-2024-2003 IBM WebSphere Application Server CVE-2024-37532 https://nvd.nist.gov/vuln/detail/CVE-2024-37532 VMware vCenter Server https://nvd.nist.gov/vuln/detail/CVE-2024-37079 https://nvd.nist.gov/vuln/detail/CVE-2024-37080 https://nvd.nist.gov/vuln/detail/CVE-2024-37081 CVE-2024-34102 : A pre-authentication XML entity injection issue in Magento / Adobe Commerce. https://github.com/bigb0x/CVE-2024-34102 2.銀行/金融/保險/證券/金融監理 新聞及資安 金融木馬Medusa鎖定安卓用戶下手，攻擊範圍遍及歐美7個國家 https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered 加速落實金融資安行動方案2.0，金管會提供金融上手零信任架構的三步驟 https://www.ithome.com.tw/news/162972 質感金融再升級！國泰世華銀行黏住客戶，瞄準智慧化、個人化體驗 https://www.bnext.com.tw/article/79501/cathaybank202407 勒索軟體LockBit聲稱入侵美國聯準會，竊得33 TB敏感資料，但傳出遭駭的實際上是一家銀行 https://www.ithome.com.tw/news/163671 Chinese Winnti Group Intensifies Financially Motivated Attacks https://gbhackers.com/chinese-winnti-group-financial-attacks/ FBI起訴加密網路團伙FIN9 https://m.cnyes.com/news/id/5610823 4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree https://thehackernews.com/2024/06/4-fin9-linked-vietnamese-hackers.html 3.信用卡/電子支付/行動支付/pay/支付系統/資安 金管會修法擴大電支特約機構涵蓋外送、計程車等平臺，開放專營電支業者上雲 https://www.ithome.com.tw/news/163690 蘋果「先買後付」服務掰了 改1方式付款 https://www.chinatimes.com/realtimenews/20240623000983-260405?chdtv iPASS一卡通迎來新里程碑　支援共用「TWQR」掃碼支付服務 https://www.nownews.com/news/6457134 「全聯」刷卡機當機 民眾改現金結帳直呼不便 https://reurl.cc/oRMQ4D Line Pay刪除信用卡／簽帳金融卡教學，解除綁定舊卡超簡單 https://mrmad.com.tw/line-pay-delete-credit-card#google_vignette 超市龍頭電子支付會員破千萬找天團Energy站台攬客 https://reurl.cc/qVRN4q 4.5% 回饋無上限，拼 500 萬會員數！全支付想攻電支龍頭，優勢在哪 https://www.managertoday.com.tw/articles/view/68777?utm_source=copyshare 交流資服拓第三方支付版圖 ACpay營收占比7成 https://news.cnyes.com/news/id/5615520 北上電子支付｜中資行推動港澳居民及外籍人士在內地支付便利化 https://inews.hket.com/article/3782339 Facebook PrestaShop module exploited to steal credit cards https://www.bleepingcomputer.com/news/security/facebook-prestashop-module-exploited-to-steal-credit-cards/ WordPress、Magento、OpenCart網站遭到新型態信用卡側錄工具Caesar Cipher Skimmer鎖定 https://blog.sucuri.net/2024/06/caesar-cipher-skimmer.html New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites https://thehackernews.com/2024/06/new-credit-card-skimmer-targets.html 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安 OKX 上線「CHZ 鏈上賺幣」產品！即日起開放用戶申購 https://blockcast.it/2024/06/21/chz-launching-on-okx-on-chain-earn/ Jump Crypto 傳被美國 CFTC 調查，涉嫌操縱 Terra 市場 https://www.blocktempo.com/the-cftc-is-probing-jump-cryptos-crypto-activity/ 去中心化自治組織HectorDAO已申請Chapter 15破產保護 https://news.cnyes.com/news/id/5608936 去中心化交易所SphereX已启动测试网 https://www.panewslab.com/zh_hk/articledetails/80jy05wi.html 美說唱歌手50 Cent X帳戶被盜，駭客推廣GUNIT幣騙取3億美元 https://news.cnyes.com/news/id/5610770 饒舌歌手50 Cent聲稱X帳號遭駭客攻擊，駭客推廣加密貨幣騙取約3億美元 https://www.panewslab.com/zh_hk/sqarticledetails/iclz1ejkFt.html 50 Cent 使用「GUNIT」代幣反駁參與價值 500 億美元的加密貨幣欺詐 https://portalcripto.com.br/zh-TW/50-cent-%E9%A7%81%E6%96%A5%E4%BD%BF%E7%94%A8-Gunit-%E4%BB%A3%E5%B9%A3%E5%8F%83%E8%88%87%E5%83%B9%E5%80%BC-500-%E5%84%84%E7%BE%8E%E5%85%83%E7%9A%84%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E6%AC%BA%E8%A9%90/ 過去7天超3800枚BTC從Coinbase Pro流出 https://www.panewslab.com/zh_hk/sqarticledetails/f5c9un2oFt.html ZachXBT：繼BtcTurk之後Sportsbet再遭攻擊，損失超350萬美元 https://www.panewslab.com/zh_hk/sqarticledetails/e0hcb1iyFt.html CoinStats安全事件導致某Blurr.eth錢包損失870萬美元MKR https://www.panewslab.com/zh_hk/sqarticledetails/m4nl0143Ft.html 4503枚比特幣遭駭 日本DMM恐損失482億日圓 https://reurl.cc/r9jO7E 虛擬貨幣平台「BitAsset」是中資 亞太易安特前董20萬交保 https://www.epochtimes.com/b5/24/6/21/n14274698.htm 陸資未經許可設虛擬貨幣交易平台遭搜索 公會這樣說 https://www.sinotrade.com.tw/richclub/news/6676615b016bc5273545484c 一文看懂全球加密貨幣監管現狀：台灣、中國、美國、歐盟各要怎麼做 https://web3plus.bnext.com.tw/article/2734 陸「金交所」加速退場！ 8家被取消資質 粵豫等省已出清 https://www.chinatimes.com/realtimenews/20240622001682-260409?chdtv 聖結石喊：ETH可能要開始大噴了！因為這3大理由 https://www.blocktempo.com/youtuber-saint-on-eth-price/ Pudgy Penguins與OverpassIP成立母公司Igloo；博彩平台Sportsbet遭駭客攻擊損失超350萬美元 https://www.panewslab.com/zh_hk/articledetails/0b0fip3mFt.html CoinStats安全事件受损钱包Blurr.eth被盗870万美元MKR https://www.theblockbeats.info/flash/254293 若推數位台幣 央行︰保留現金發行 https://ec.ltn.com.tw/article/paper/1652943 中國推動區塊鏈技術與數位人民幣的戰略意涵 https://indsr.org.tw/respublicationcon?uid=14&resid=795&pid=1134 https://indsr.org.tw/uploads/Download/109%E7%B6%931416-%E6%88%B0%E7%95%A5%E8%88%87%E8%A9%95%E4%BC%B0%E7%AC%AC10%E5%8D%B7%E7%AC%AC2%E6%9C%9F--%E5%8F%AF%E6%90%9C%E5%B0%8B.pdf P2PInfect botnet targets REdis servers with new ransomware module https://www.bleepingcomputer.com/news/security/p2pinfect-botnet-targets-redis-servers-with-new-ransomware-module/ 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 巴基斯坦駭客組織Cosmic Leopard鎖定Windows、macOS、安卓裝置散布惡意程式 https://www.ithome.com.tw/news/163474 駭客組織Void Arachne鎖定中國用戶，假借提供VPN軟體、Deepfake人工智慧工具散布惡意程式Winos https://www.ithome.com.tw/news/163597 發動供應鏈攻擊的Polyfill.io經營者傳出另起爐灶，再度向超過10萬網站傳送惡意程式碼 https://www.ithome.com.tw/news/163707 舊版瀏覽器網站相容套件Polyfill被中國公司買下並植入惡意程式碼，恐影響10萬網站 https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/ 惡名昭彰的LockBit 組織似乎捲土重來 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11116 5個上架到WordPress.org市集的外掛程式遭到供應鏈攻擊，被植入惡意指令碼 https://www.ithome.com.tw/news/163662 勒索軟體駭客組織RansomHub鎖定多種平臺發動攻擊，VMware虛擬化平臺是他們的新興標的 https://www.ithome.com.tw/news/163627 專門鎖定Redis伺服器的殭屍網路P2PInfect出現新的攻擊手法，駭客為其加入勒索軟體模組 https://www.cadosecurity.com/blog/from-dormant-to-dangerous-p2pinfect-evolves-to-deploy-new-ransomware-and-cryptominer 駭客組織Boolka鎖定網站發動SQL注入攻擊，意圖植入木馬程式Bmanger https://https//thehackernews.com/2024/06/new- 惡意軟體載入工具SquidLoader鎖定中國企業組織而來，企圖透過偽裝成Word檔案的附件引誘員工上鉤 https://www.ithome.com.tw/news/163645 駭客組織APT-C-35鎖定安卓裝置發動超過120起攻擊行動，散布惡意程式Rafel RAT https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/ 研究人員揭露難以被防毒軟體察覺的殭屍網路病毒Zergeca https://blog.xlab.qianxin.com/a-deep-dive-into-the-zergeca-botnet/ 癱瘓CDK Global系統的兇手傳出為勒索軟體BlackSuit，駭客索討數千萬美元贖金 https://www.ithome.com.tw/news/163608 Rust竊資軟體Fickle利用PowerShell繞過使用者帳號控制防護機制 https://www.ithome.com.tw/news/163629 後門程式Oyster透過惡意廣告散布，駭客聲稱提供Chrome、Teams等網路應用程式，誘騙使用者上當 https://www.rapid7.com/blog/post/2024/06/17/malvertising-campaign-leads-to-execution-of-oyster-backdoor/ 廣告軟體AdsExhaust偽裝成Meta虛擬實境裝置的應用程式散布 https://www.esentire.com/blog/adsexhaust-a-newly-discovered-adware-masquerading-oculus-installer Rootkit程式Diamorphine變種鎖定Linux主機而來，可藉由特定套件執行任意作業系統命令 https://decoded.avast.io/davidalvarez/new-diamorphine-rootkit-variant-seen-undetected-in-the-wild/ 研究證實駭客利用假冒錯誤訊息 引誘使用者點選「修復」反而執行惡意程式 https://netmag.tw/2024/06/23/hackers-exploit-fake-errors-to-execute-malware 中國、北韓駭客組織鎖定全球關鍵基礎設施散布勒索軟體 https://www.sentinelone.com/labs/chamelgang-attacking-critical-infrastructure-with-ransomware/ 角川集團遭勒索軟體攻擊事故，駭客組織BlackSuit聲稱是他們做的 https://www.ithome.com.tw/news/163704 惡意軟體Snowblind濫用安卓安全功能，意圖突破防護 http://promon.co/app-threat-reports/snowblind 惡意NPM套件鎖定AWS用戶而來，先休眠4個月減少他人關注 https://www.reversinglabs.com/blog/a-lurking-npm-package-makes-the-case-for-open-source-health-checks 韓國網路服務供應商KT傳出針對使用網路硬碟的用戶植入惡意程式碼，60萬用戶受害 https://www.theregister.com/2024/06/27/kt_p2p_malware_claim/ Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware https://thehackernews.com/2024/06/chinese-and-n-korean-hackers-target.html Chinese hackers are increasingly deploying ransomware, researchers say https://cyberscoop.com/chinese-hackers-are-increasingly-deploying-ransomware-researchers-say/ Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign https://www.linkedin.com/pulse/chinese-hackers-deploy-spicerat-sugargh0st-global-espionage-hulcf/ ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor https://thehackernews.com/2024/06/excobalt-cyber-gang-targets-russian.html Military-themed Email Scam Spreads Malware to Infect Pakistani Users https://thehackernews.com/2024/06/military-themed-emails-used-to-spread.html Oyster Backdoor Spreading via Trojanized Popular Software Downloads https://thehackernews.com/2024/06/oyster-backdoor-spreading-via.html Iranian Hackers Deploy Rafel RAT in Android Ransomware Operation https://thehackernews.com/2024/06/iranian-hackers-deploy-rafel-rat-in.html My workaround to getting files onto OTX - Windows system32 sha256 dump https://otx.alienvault.com/pulse/667879806fcf703f9b4b99de AdsExhaust, a Newly Discovered Adware MasqueradingOculus https://www.esentire.com/blog/adsexhaust-a-newly-discovered-adware-masquerading-oculus-installer Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices https://thehackernews.com/2024/06/iranian-hackers-deploy-rafel-rat-in.html ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor https://thehackernews.com/2024/06/excobalt-cyber-gang-targets-russian.html Malvertising Campaign Leads to Execution of Oyster Backdoor https://www.rapid7.com/blog/post/2024/06/17/malvertising-campaign-leads-to-execution-of-oyster-backdoor/ New Cyberthreat 'Boolka' Deploying BMANAGER Trojan via SQLi Attacks https://thehackernews.com/2024/06/new-cyberthreat-boolka-deploying.html Chamelgang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 手機投射電視或洩隱私駭客利用手機鏡像盜個資 https://reurl.cc/gGA0AR Google Pixel現「資安嚴重漏洞」 美政府急令聯邦僱員更新 https://reurl.cc/9vkG4a 聯合線上 udn News App - Sensitive Information Exposure https://www.twcert.org.tw/tw/cp-132-7892-aafd2-1.html https://www.twcert.org.tw/tw/cp-132-7894-aebd8-1.html AI裝置Rabbit r1遭爆洩露眾多API金鑰 https://www.ithome.com.tw/news/163682 Warning: New Adware Campaign Targets Meta Quest App Seekers https://thehackernews.com/2024/06/warning-new-adware-campaign-targets.html Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/ Linux、Android 一個不留！傳華為 HarmonyOS NEXT 要刪光美國相關原始碼 https://technews.tw/2024/06/17/huawei-harmonyos-next-rumor/ Warning: New Adware Campaign Targets Meta Quest App Seekers https://thehackernews.com/2024/06/warning-new-adware-campaign-targets.html 蘋果發布AirPods韌體更新，修補藍牙耳機配對漏洞 https://www.ithome.com.tw/news/163674 Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping https://thehackernews.com/2024/06/apple-patches-airpods-bluetooth.html New Medusa Android Trojan Targets Banking Users Across 7 Countries https://thehackernews.com/2024/06/new-medusa-android-trojan-targets.html C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 建立公司的「校友會」吧！和離職員工保持聯繫，意想不到的 3 大好處 https://www.managertoday.com.tw/articles/view/68771??utm_source=copyshare 4成企業今年要招募資安好手，資安事件應變人才最搶手 https://www.ithome.com.tw/article/163451 去年遭攻擊近4千億次 台企淪駭客眼中肥羊 https://udn.com/news/story/124068/8049888 上網心驚驚！大型攻擊雖減少，小型攻擊變新威脅 https://www.cw.com.tw/article/5130894 「不流血戰爭」 大規模網攻威脅巴黎奧運 駭客攻擊將比東京奧運增8-12倍 https://www.worldjournal.com/wj/story/121187/8050321?from=wj_catelistnews 更會偽裝、更易造假 AI變駭客強大幫手 https://udn.com/news/story/124068/8049903 最具攻擊思維的資安專家 解密白帽駭客工作日常 https://vip.udn.com/event/newmedia_white-hat-hacker 不見血的戰爭駭客衝擊地緣政治 https://vip.udn.com/event/newmedia_cyber-attack?from=udn_ch2_menu_v2_main_index 黑化生成式科技助駭客犯罪　揭露資安危害與攻擊手法　全民警戒假訊息　企業被駭現身說法 https://www.mirrormedia.mg/external/mnews_20240622rep002 易主後的polyfill.io被用來執行供應鏈攻擊 https://www.ithome.com.tw/news/163667 六福珠寶系統被駭 核實洩1800客資料 https://reurl.cc/YErKrx 企業重視資安的文化，不能只靠資安事件來驅動 https://www.ithome.com.tw/article/163112 華碩在股市公開觀測站發布重大訊息，證實部分資訊系統參數設定不當導致產品資料曝光 https://www.ithome.com.tw/news/163656 第二輪MITRE ATT&CK託管服務評估計畫結果出爐，考驗突然遭遇APT10與BlackCat攻擊的反應力 https://www.ithome.com.tw/news/163654 有日媒報導 角川可能已經向駭客付錢 https://www.ptt.cc/bbs/C_Chat/M.1719043767.A.546.html 一週內2度遭駭 波蘭2024歐洲盃比賽網路轉播中斷 https://www.rti.org.tw/news/view/id/2210475 越南駭客在美國被起訴涉及加密貨幣的價值 7100 萬美元的網路犯罪 https://news.cnyes.com/news/id/5610715 Github 成為網路勒索攻擊目標，駭客盜用帳號Gitloker 進行攻擊 https://www.twcert.org.tw/tw/cp-104-7890-2e953-1.html 三駭客出擊公私單位 網站與臉書帳戶被捕 https://unitednews.net.ph/article.php?post=102645 駭客「破解」大型語言模型以昭顯缺陷 https://big5.ftchinese.com/interactive/159965?exclusive 印尼軍方和資料中心驚傳遭駭，癱瘓機場自動通關系統 https://www.cna.com.tw/news/aopl/202406250200.aspx 俄羅斯駭客組織ExCobalt利用後門程式GoRed攻擊當地政府機關、關鍵基礎設施 https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/excobalt-gored-the-hidden-tunnel-technique/ 台灣資安拉警報！？中資駭客組織鎖定台灣政府機構 https://www.youtube.com/watch?v=HhYZH_-RfsI 中國駭客組織針對亞洲電信業者植入後門，嘗試竊取帳密資料 https://www.ithome.com.tw/news/163647 中國駭客組織SneakyChef鎖定亞洲、歐洲、中東、非洲政府機關，散布惡意程式SugarGh0st https://blog.talosintelligence.com/sneakychef-sugarghost-rat/ 美資安公司：中國駭客鎖定逾70台灣機構 網攻規模前所未見 https://www.cna.com.tw/news/aipl/202406240274.aspx 資安公司：中國資助駭客團體加強攻擊台灣多個組織 https://today.line.me/tw/v2/article/0MnE89P 美網安報告指中國強化對台灣網攻 中方反駁 https://www.cna.com.tw/news/acn/202406240234.aspx 美資安公司揭露︰規模更勝以往 中國資助駭客團體 大選期間猛攻台灣 https://news.ltn.com.tw/news/world/paper/1653160 資安公司指北京資助駭客「網攻台政府機構」　毛寧：毫無可信度 https://news.campaign.yahoo.com.tw/2022-election/article.php?id=2026d25e-b946-3a02-bb45-1d801b6b15ae 中國駭客組織RedJuliett近半年鎖定臺灣75個組織發動攻擊，目標主要是高科技產業，但外交經濟、社會運動團體也遭鎖定 https://www.ithome.com.tw/news/163641 資安公司：中國駭客「鎖定台灣機構」　逾70個！規模前所未見 https://www.ettoday.net/news/20240624/2764234.htm RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations https://thehackernews.com/2024/06/redjuliett-cyber-espionage-campaign.html 史無前例規模！疑中共支持駭客組織　猛攻台灣光電、人臉辨識公司 https://tw.nextapple.com/international/20240624/EC17E2C83528D2F7771CDFA5E998B46F Chinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation https://www.recordedfuture.com/redjuliett-intensifies-taiwanese-cyber-espionage-via-network-perimeter https://go.recordedfuture.com/hubfs/reports/cta-cn-2024-0624.pdf Hackers Attacking Linux Cloud Servers To Gain Complete Control https://gbhackers.com/hackers-linux-cloud-control-storage/ 德國憲法保衛局年度報告：中共網攻達新高 https://www.epochtimes.com/b5/24/6/22/n14275402.htm 美將限制投資中國AI 防助發展精密技術威脅國安 https://www.cna.com.tw/news/aopl/202406220029.aspx 被認定對國家安全有潛在威脅性 俄羅斯防毒軟體卡巴斯基在美國遭禁 https://tech.udn.com/tech/story/123153/8047015?from=udn-indexnewnews_ch1024 防毒軟體變竊密武器？ 美禁售卡巴斯基遭俄猛批 https://ec.ltn.com.tw/article/breakingnews/4713108 美國正式宣布自 7/24 起禁賣卡巴斯基軟體產品，同步制裁十餘名高層主管 https://netmag.tw/2024/06/23/us-bans-more-than-10-sanctions-on-kaspersky U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban https://thehackernews.com/2024/06/us-treasury-sanctions-12-kaspersky.html Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack https://thehackernews.com/2024/06/over-110000-websites-affected-by.html Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks https://thehackernews.com/2024/06/prompt-injection-flaw-in-vanna-ai.html Russian National Indicted for Cyber Attacks on Ukraine Before 2022 Invasion https://thehackernews.com/2024/06/russian-national-indicted-for-cyber.html 資安專案管理 https://www.104.com.tw/job/8dbk6?jobsource=google 總公司 管理部—資安總務人員 https://www.1111.com.tw/job/130284885/ 資安管理 https://job.taiwanjobs.gov.tw/internet/index/JobDetail.aspx?EMPLOYER_ID=1166746&HIRE_ID=12852171&R2=5 資安助理工程師 https://www.104.com.tw/job/8dga4?jobsource=google 資安駐點工程師-ACSI https://www.linkedin.com/jobs/view/%E8%B3%87%E5%AE%89%E9%A7%90%E9%BB%9E%E5%B7%A5%E7%A8%8B%E5%B8%AB-acsi-at-%E5%AE%8F%E7%A2%81-3785136844/?originalSubdomain=tw 【資安所】網路資安分析師 https://www.104.com.tw/job/8dfih?jobsource=google D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 美司法部將訴TikTok 侵犯13歲以下兒童隱私 https://reurl.cc/QRkKk5 黑化生成式科技助駭客犯罪　揭露資安危害與攻擊手法　全民警戒假訊息 https://www.mnews.tw/story/20240622rep002 美國洛縣衛生局網路遭釣魚攻擊 4.7萬人個資恐洩 https://reurl.cc/xajVrE 遠離詐騙第1步：不要接電話 https://www.worldjournal.com/wj/amp/story/121617/8047357 美國聯合健保子公司遭駭 7月底通知個人客戶 https://reurl.cc/9vYmlX 本校並未發送類似訊息，如有收到相關簡訊即為詐騙/騷擾 https://lib.tut.edu.tw/p/406-1013-45082,r51.php?Lang=zh-tw 別再被「一頁式廣告」詐騙！　留意「7大特點」別上當 https://health.ettoday.net/news/2763839 欠395元水費簡訊「將被斷水斷電」　假的！點連結繳納卻慘遭盜刷信用卡 https://tw.nextapple.com/local/20240624/D898417408AA627A75056042F9067202 惡意軟體沙箱服務業者Any.Run的員工遭到鎖定，駭客對其發動網釣攻擊 https://www.ithome.com.tw/news/163659 YouTube直播平臺出現馬斯克Deepfake影片，對方企圖詐騙加密貨幣 https://www.ithome.com.tw/news/163635 英國健保遇網攻3億筆個資流暗網 傳美FBI協同調查 https://udn.com/news/story/6809/8049822 勒索軟體駭客組織Qilin傳出在Telegram頻道外流400 GB英國國民保健署及病人資料 https://hackread.com/qilin-ransomware-attack-nhs-patient-data-leak-telegram/ 9成人全動怒！綠執政詐騙暴增21％ 最新網路民調太震撼 https://reurl.cc/XG8400 注意！詐騙新三寶「萌娃、寵物、幫投票」，遠傳：LINE上設陷阱 竟用廣告3B原理 https://www.techbang.com/posts/115403-note-scam-the-new-three-treasures-cute-babies-pets-and-help 資安警示：Telegram 釣魚陷阱多，帳號也可能直接不見 https://abmedia.io/slowmist-founder-warning-telegram-phishing 網傳簡訊「您的Line已違規使用，請用Google登入電腦版，掃QRcode解除違規 」 https://tfc-taiwan.org.tw/articles/10745 合成影像詐騙新招 新北多里長收到威脅影片 https://video.udn.com/news/1289899 微軟旗下語音技術廠商管理不當，離職員工竊取美國賓州醫院百萬病患個資 https://www.ithome.com.tw/news/163672 Phishing Incident Report: Facts and Timeline https://any.run/cybersecurity-blog/phishing-incident-report/ WikiLeaks' Julian Assange Released from U.K. Prison, Heads to Australia https://thehackernews.com/2024/06/wikileaks-julian-assange-released-from.html E.研究報告/工具 教你怎麼直接用 Siri 跟 ChatGPT App 對話，免 API Key、完全免費 https://www.kocpc.com.tw/archives/552040 零信任之父John Kindervag: 瞭解五件事，才能在零信任中獲取成功 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11118 研究人員揭露新的攻擊手法SnailLoad，藉由網路延遲的變化推測用戶的活動內容 https://snailload.com/ 研究人員揭露新型態攻擊手法GrimResource，利用MMC管理主控臺存取受害電腦並迴避偵測 http://www.elastic.co/security-labs/grimresource 攻擊指標詳細資料 https://zh-tw.docs.tenable.com/identity-exposure/SaaS/Content/User/IndicatorsofAttack/ioa-details.htm 如何運用 CSF 2.0 框架管理企業網路安全風險 https://www.openfind.com.tw/taiwan/markettrend_detail.php?news_id=24826 How to Cut Costs with a Browser Security Platform https://thehackernews.com/2024/06/how-to-cut-costs-with-browser-security.html How to Use Tines's SOC Automation Capability Matrix https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment https://www.guidepointsecurity.com/blog/sccm-exploitation-evading-defenses-and-moving-laterally-with-sccm-application-deployment/ Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege https://github.com/sokaRepo/CoercedPotatoRDL APT28-Adversary-Simulation https://github.com/S3N4T0R-0X0/APT28-Adversary-Simulation Hackers Attacking Vaults, Buckets, And Secrets To Steal Data https://www.linkedin.com/pulse/hackers-attacking-vaults-buckets-secrets-steal-data-cisos-insights-9xkuf/ Ease the Burden with AI-Driven Threat Intelligence Reporting https://thehackernews.com/2024/06/ease-burden-with-ai-driven-threat.html Medusa Reborn: A New Compact Variant Discovered https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered Practical Guidance For Securing Your Software Supply Chain https://thehackernews.com/2024/06/practical-guidance-for-securing-your.html The Secrets of Hidden AI Training on Your Data https://thehackernews.com/2024/06/the-secrets-of-hidden-ai-training-on.html How to Use Python to Build Secure Blockchain Applications https://thehackernews.com/2024/06/how-to-use-python-to-build-secure.html How confidential computing is changing cloud data security https://www.sdxcentral.com/articles/contributed/how-confidential-computing-is-changing-cloud-data-security/2023/08/ F.商業 又一家國際大廠來台！蘋果擬設資料中心 已與台廠合作設計 https://money.udn.com/money/story/5612/8051388 混合型企業面臨的四大挑戰，Check Point 提出資安長因應之道 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11119 趨勢科技在最新MITRE Engenuity ATT&CK® Evaluations評測中取得攻擊可視性100%的成績 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11115 敦陽科技、Palo Alto Networks攜手共推MDR服務 全力助企業提升資安防護力 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11117 OPSWAT連續第三年榮獲網路安全卓越獎三項殊榮 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11113 Copilot革新工作模式 台灣微軟與伊雲谷、雲馥打造企業AI應用新典範 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?CnlID=13&id=694988 台南晶英為無線基地台換裝 全台首家加入綠色支付計畫飯店 共創循環經濟 https://www.tssdnews.com.tw/?FID=64&CID=747076#google_vignette 從防火牆到SASE新舊技術共保資安 https://www.technice.com.tw/technology/software/120573/ 思科台灣數位加速計畫3.0啟動 引領轉型並打造數位韌性新世代 https://www.cio.com.tw/ciscos-taiwan-digital-acceleration-program-3-0-launch-leading-in-transformation-and-building-digital-resilience-new-generation/ 聯強揭示微軟Windows IoT Enterprise發展 靈活對應各市場需求及AI應用 https://www.digitimes.com.tw/tech/dt/n/shwnws.asp?id=0000695491_NQ93ROLZLUXK3G06KZHIQ Microsoft adds checkboxes in its Excel Windows and Mac apps with web and mobile coming soon https://www.neowin.net/news/microsoft-adds-checkboxes-in-its-excel-windows-and-mac-apps-with-web-and-mobile-coming-soon/ Amazon S3首度整合惡意程式偵測，一年限量免費使用 https://www.ithome.com.tw/news/163694 Google推出人工智慧技術驅動的漏洞研究專案Naptime https://googleprojectzero.blogspot.com/2024/06/project-naptime.html G.政府 台灣國家衛生研究院攜手華碩 推動算力、數據以及次世代醫療資訊等三大面向發展 https://tech.udn.com/tech/story/123153/8047014 《資通安全管理法》總整理，企業資安防禦重點、必備軟體一次掌握 https://host.com.tw/cyber-security-management-act 數位身分證無下文　劉世芳：涉及資安問題 https://hk.crntt.com/doc/1600/2/2/7/160022708.html?coluid=0&kindid=0&docid=160022708&mdate=0625143003 法務部送1張紙就要上百億！黃國昌：建置科偵系統超過調查局、刑事局全年預算 https://reurl.cc/2YGWLa Google 台灣攜手數位發展部、資策會與北科大共同啟動台灣資安人才培育計畫 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=11114 縣府辦AI與電子化政府專題講座 https://www.kmdn.gov.tw/1117/1271/1272/567762 掌握AI時代趨勢提升電子治理效能 金門縣政府辦理專題講座 https://www.gokinmentour.com/grasp-the-trends-of-the-ai-era-to-improve-electronic-governance-efficiency-kinmen-county-government-holds-special-lectures/ 調查局76名高階主管異動！葉麗卿陞國維處長　周士楨調資安站主任 https://rwnews.tw/article.php?news=16048 公部門誤用中國製無人機 學者：有必要效法美國檢討法規 https://www.epochtimes.com/b5/24/6/24/n14276204.htm 工研院攜手產學研前進歐盟網路通訊大會　6G國際合作成果豐碩 https://www.itri.org.tw/ListStyle.aspx?DisplayStyle=01_content&SiteID=1&MmmID=1036276263153520257&MGID=113062412265935798 高雄市府3作法加速推動資安轉型，更以AI強化城市治理 https://www.ithome.com.tw/news/163651 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療 相關資安 軟體服務商CDK系統遭攻擊　駭客討數千萬美元贖金！北美車商受衝擊 https://www.ettoday.net/news/20240623/2763328.htm 智慧防禦新時代：VicOne xNexus 與 xZETA 全面提升汽車供應鏈安全 https://www.youtube.com/watch?v=I6d0f2LP19Q 美國 駭客攻擊 逾萬汽車經銷商癱瘓 部分商家重拾紙筆、回到手工作業 https://c.cari.com.my/forum.php?mod=viewthread&tid=5109440#google_vignette 20多家企業齊聚高雄　設立「AIoT永續創新研發中心」 https://reurl.cc/QRkK02 友通推新系列嵌入式系統 拓工業自動化應用商機 https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=2400b53b-63ec-4b89-84fb-74286a628a64 自動駕駛上路 衍生安全漏洞 https://udn.com/news/story/124068/8049897 研究人員針對西門子修補的SICAM設備漏洞提出警告，若不修補有可能被用於針對能源產業攻擊 https://www.ithome.com.tw/news/163681 I.教育訓練 資安事件發生必要知道的復原程序，降低傷害 https://www.ithome.com.tw/pr/163614 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p iPAS◆資訊安全規劃實務◆中級測驗題庫彙編(123題) https://reurl.cc/orlD1g GCP Associate Cloud Engineer (ACE) 學習心得、教材資源與筆記分享 — 學習天然高可用與零信任設計 https://medium.com/blacksecurity/gcp-associate-cloud-engineer-78f736aee7ad Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 一般人也能拿到國際資安認證！CSCU安全電腦使用者認證課程 https://www.ithome.com.tw/pr/160954 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得 第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CISSP證照考試實戰心得 第二章：規律且有紀律的讀書策略 https://netmag.tw/2022/07/01/the-cissp-is-in-the-field-of-combat-chapter-two-regular-and-disciplined-reading-strategies CISSP證照考試實戰心得 第三章：終極一戰 https://netmag.tw/2022/07/12/the-cissp-has-learned-a-third-chapter-in-actual-combat-experience-the-ultimate-battle Quick CISSP Infographic for IPSec https://www.studynotesandtheory.com/single-post/quick-cissp-infographic-for-ipsec CSSLP Certification - Security models in F# https://github.com/vbocan/csslp Certified Secure Software Lifecycle Professional in bullet points https://github.com/joeyhage/csslp-notes CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh CEH https://github.com/a3cipher/CEH CodeRed by EC-Council https://github.com/codered-by-ec-council EC-Council CEH Practical / Master 準備心得 — 讓理論與實作相輔相成的學習 https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2 EC-Council CEHP考試準備心得 https://hackmd.io/@9dCJrgb6QHGd8dRfgHO0zg/r14xNn1po ECSA v10 考試心得與讀書資料分享/ ECSA v10 Review and Study Materials https://medium.com/blacksecurity/ecsa-v10-1ec76c0eb7d4 EC-Council ECSA資安分析專家 v10 考試心得分享 https://javaxtalk.blogspot.com/2019/05/ec-council-ecsa-v10.html 20180817 EC-Council ECSA v10 PASS https://www.ptt.cc/bbs/License/M.1534571704.A.5BA.html 關於EC-Council CPENT和LPT Master滲透測試證照準備方式及心得分享 https://medium.com/@ChadSecurity/%E9%97%9C%E6%96%BCec-council-cpent%E5%92%8Clpt-master%E6%BB%B2%E9%80%8F%E6%B8%AC%E8%A9%A6%E8%AD%89%E7%85%A7%E6%BA%96%E5%82%99%E6%96%B9%E5%BC%8F%E5%8F%8A%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB-efb63de00a8d 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review CPENT 從暴力到破解 https://hackmd.io/@3WAsoRFgSlyy7pm10p60kg/ByO0zs295 Ec-Council CPENT心得 - 資安菜鳥從CEH到LPT Master https://4hsienyang.medium.com/cpent-lpt-master-ccaebf2dbc7f CPENT考試心得分享：一次拿到 LPT 滲透測試大師認證 https://ucom.uuu.com.tw/web/Testimony/Article/4404 kaizensecurity/CPENT https://github.com/kaizensecurity/CPENT/tree/master CPENT : Pentesting like NO OTHERS ! https://www.linkedin.com/pulse/cpent-pentesting-like-others-belly-rachdianto/ Journey of My CPENT Exam https://medium.com/techiepedia/journey-of-my-cpent-exam-3a5d7ee6d917 [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv comptia-security-plus https://github.com/ajfuto/comptia-security-plus security-plus https://github.com/fjavierm/security-plus CompTIA Security+ Certification Practice Test Questions https://www.examcompass.com/comptia/security-plus-certification/free-security-plus-practice-tests#google_vignette 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html App防駭學，資安防護實戰課程全面提升安全觀念 https://www.ithome.com.tw/pr/161505 OSEP (Evasion Techniques and Breaching Defenses (PEN-300) 心得分享 https://hackmd.io/@henry-ko/HyQ56e8eF OSCP（Offensive Security Certified Professional） https://github.com/0x584A/oscp-notes/tree/master ISACA Certified Information Systems Auditor® (CISA) 國際電腦稽核師認證準備歷程心得、申請流程分享- 2023年 https://reurl.cc/aVLoX9 Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 證照仍是學習資安基本功的主要管道，有專家打造「資安證照地圖」 https://www.ithome.com.tw/news/156754 用證照證明自己實力之餘，更應將證照視為督促學習的最大動力 https://www.ithome.com.tw/news/156756 打破證照誤解與迷思，資安專家帶你釐清資安證照的意義 https://www.ithome.com.tw/news/156755 Accelerate Your Career with the Global Leader in Cyber Security Training https://www.sans.org/mlp/promo-partnership-hacker-news/ 【成大資安社社課】資安禁術 - 逆向工程地獄試煉 https://www.youtube.com/watch?v=4Yc3-9CjG6U 透過實務演練，教你建立實作標準的安全SOP流程 https://www.ithome.com.tw/pr/163514 6.近期資安活動及研討會 Just a chat - with no Expectations 2024/6/29 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/lsmkqsygcjbmc/ Atlassian首席工程師談Atlas 2024/6/29 https://www.meetup.com/taipei-atlassian-community-events/events/301693147/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/2 https://www.meetup.com/taiwan-code-camp/events/301595937/ Create stunning presentations with AI 2024/7/3 https://www.meetup.com/taipei-education-technology-meetup-group/events/301712995/ 高雄 Rails Meetup 2024/7/3 https://www.meetup.com/rails-taiwan/events/qxfvjkygckbfb/ SyntaxError 2024/7/3 https://www.meetup.com/pythonhug/events/pqnsctygckbfb/ 終結孤單，打造你的 AI 女友！ 零基礎 Python 入門 2024/7/3 https://www.accupass.com/event/2406040447558404875600 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/7/4 https://www.meetup.com/hackingthursday/events/psspctygckbgb/ 國家高速網路與計算中心 教育訓練 RSC The Merck Index資料庫中文線上 2024/7/4 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4105&from_course_list_url=homepage Taipei DevOps User Group 10th Event, supported by Wankuma Alliance 2024/7/5 https://www.meetup.com/taipei-devops-user-group/events/301638147/ ISO 27001：2022資訊安全管理系統主導稽核員訓練 2024/7/8 ~ 2024/7/12 https://www.accupass.com/event/2403090707238144555890 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/9 https://www.meetup.com/taiwan-code-camp/events/301731506/ 國家高速網路與計算中心 教育訓練 ABAQUS基礎訓練課程 2024/7/9 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4099&from_course_list_url=homepage 思科中小企業資安防護座談會 2024/7/10 https://www.accupass.com/event/2405310744321719028648 InfoSec Taiwan 2024 國際資安組織大會 2024/7/9 ~ 2024/7/11 https://csa.kktix.cc/events/infosectaiwan2024 Taipei dbt Meetup #25 for all folks working with data! (Hybrid 👫 + 🧑‍💻)2024/7/11 https://www.meetup.com/taipei-dbt-meetup/events/301357571/ Airflow Taiwan User Meetup #15 feats Taipei dbt 2024/7/11 https://www.meetup.com/taipei-py/events/301356454/ .NET / Java 安全程式開發達人集訓班 2024/7/11 ~ 2024/7/12 https://www.accupass.com/event/2405280149081202805431 CraftCon Taiwan 奧義 AI 資安年會 2024/7/12 https://www.accupass.com/event/2404221057531664149101 電子資訊交換標準共識座談會 2024/7/16 https://www.accupass.com/event/2406241046006788745940 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/16 https://www.meetup.com/taiwan-code-camp/events/301873079/ Elastic Stack (ELK) 智能平台：從高效能 AI 搜索到全面監控與安全防護 2024/7/17 https://www.accupass.com/event/2406180701341855640550 【第1期】2024企業資訊安全基礎課程 2024/7/17 https://www.accupass.com/event/2402020448251773447860 資訊安全系列課程 2024/7/17 - 2024/11/9 https://www.accupass.com/event/2404290752591014846953 台灣駭客年會 HITCON Training 2024 2024/7/17-2024/7/20 https://hitcon.kktix.cc/events/hitcon-training-2024 電子簽章（名）法人金融應用法規與實務研討會 2024/7/19 https://www.accupass.com/event/2406240243517254896540 Taoyuan WordPress Café 桃園咖啡小聚 #38 2024/7/20 https://www.meetup.com/taoyuan-wordpress-meetup/events/301729248/ 微軟MVP - 關於生成式AI的兩三事 2024/7/22 https://www.meetup.com/rladies-taipei/events/301812934/ Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/23 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygckbfc/ Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/7/24 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702433/ 國家高速網路與計算中心 教育訓練 NVIDIA GPU 計算 2024/7/24 https://edu.nchc.org.tw/course/one_course_introduction.asp?lms_auto_course_id=4094&from_course_list_url=homepage 國際自動化協會臺灣分會：資安驗證與場域評估專業聚會 2024/7/25 https://isatw.kktix.cc/events/isa-2024q3-isasecure-1 HITCON Cyber Range 2024 企業藍隊競賽 2024/7/26 ~ 2024/10/30 https://hitcon.kktix.cc/events/hitcon-cyberrange-2024 【安碁學苑】資安職能培訓｜系統網路安全管理師 2024/7/27 ~ 2024/8/24 https://acsiacad.kktix.cc/events/6ebd7fbd-copy-4 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/7/30 https://www.meetup.com/taiwan-code-camp/events/xfxtjtygckbnc/ FinTech Summer CAMP 2024/8/5 ~ 2024/8/9 https://isipevent.kktix.cc/events/f2ce8bcc-copy-6 Free Startup Fundraising Office Hours Expert AMA with Angel Investor Scott Fox! 2024/8/28 https://www.meetup.com/taipei-startups-investors-masterminds-network/events/299702435/ 第二屆台南Web3產業國際博覽會 TAINAN WEB3 INTERNATIONAL FAIR 2024/10/18 https://www.accupass.com/event/2406150525111725753130 HITCON Enterprise 2024 台灣駭客年會 2024/10/30 https://hitcon.kktix.cc/events/hitcon-ent-2024