資安事件新聞週報 2023/1/2 ~ 2023/1/6

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2023/1/2 ~ 2023/1/6 1.重大弱點漏洞/後門/Exploit/Zero Day CISA Warns of Active exploitation of JasperReports Vulnerabilities https://thehackernews.com/2022/12/cisa-warns-of-active-exploitation-of.html Citrix 數千台伺服器存在嚴重安全風險 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10270 Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities https://thehackernews.com/2022/12/thousands-of-citrix-servers-still.html Qualcomm Chipsets and Lenovo BIOS Get Security Updates to Fix Multiple Flaws https://thehackernews.com/2023/01/qualcomm-chipsets-and-lenovo-bios-get.html 群輝修補VPN路由器的重大漏洞 https://www.synology.com/en-us/security/advisory/Synology_SA_22_26 Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html Fortinet修補應用程式交付控制器FortiADC任意程式碼執行漏洞 https://www.securityweek.com/high-severity-command-injection-flaws-found-fortinets-fortitester-fortiadc Fortinet and Zoho Urge Customers to Patch Enterprise Software Vulnerabilities https://thehackernews.com/2023/01/fortinet-and-zoho-urge-customers-to.html Zoho修補影響ManageEngine多個特權管理產品的嚴重漏洞 https://www.manageengine.com/privileged-session-management/advisory/cve-2022-47523.html 逾6萬臺Exchange仍未修補ProxyNotShell漏洞 https://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/ 2.銀行/金融/保險/證券/支付系統/金融監理新聞及資安使用法語的非洲國家銀行遭到駭客組織Bluebottle寄生攻擊 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/bluebottle-banks-targeted-africa 全民發現金直接入帳、ATM請領、郵局臨櫃都可能 https://udn.com/news/story/123271/6886912?from=udn-ch1_breaknews-1-cate6-news 立委憂資安問題籲搭配數位轉帳 https://reurl.cc/rZG2Vy 日常生活全刷卡？5招超前部屬防盜刷，達人加碼解答「為什麼信用卡背面一定要簽名」 https://smart.businessweekly.com.tw/Reading/IndepArticle.aspx?ID=6009746 金融資安行動方案發布2.0，新增14項措施，將鼓勵金融機構擁抱零信任 https://www.ithome.com.tw/news/154907 金融業明年金檢重點大股東干政、資安、防詐入列 https://udn.com/news/story/7239/6860041 3.電子支付/行動支付/pay/資安中捷行動支付案完成簽約預計今年底啟用 https://reurl.cc/VROgx6 中捷行動支付建置可刷卡、掃QR code進站預計今年啟用 https://www.chinatimes.com/realtimenews/20230105004344-260405?chdtv 行動支付業掀登錄興櫃潮 https://udn.com/news/story/7239/6887451 支付業者積極卡位傳LINE Pay擬今年興櫃 https://www.epochtimes.com/b5/23/1/5/n13900083.htm 街口支付開放18歲註冊享受行動支付便利生活 https://www.chinatimes.com/newspapers/20230104000298-260203?chdtv 電支習慣大戰開打！44萬「新成年人」口袋又不深，為何成業者狂吸對象 https://www.bnext.com.tw/article/73588/18y-payment-2022q4 成年下修至18歲一卡通MONEY、街口支付喜迎新用戶 https://udn.com/news/story/7239/6886642 愛金卡推電支跨機構平台繳費免出門 https://ctee.com.tw/news/finance/787293.html 沒網路、沒銀行帳戶怎麼做FinTech？非洲行動支付新創Paga的虛實整合路 https://www.cw.com.tw/article/5123957 聚焦B2B2C集合場景需求，聯手業者擴大微金融服務 https://www.ithome.com.tw/news/154936 健保E化電子繳款單環保愛地球 https://reurl.cc/qZA2WD 電子支付大戰白熱化！全支付進逼街口、一卡通雙雄 https://www.chinatimes.com/realtimenews/20230103000003-260410?chdtv 專營電子支付業務許可申請書件新增律師作為認證人 https://reurl.cc/oZ26E3 蝦皮金流違法營運民團籲委外納管 https://reurl.cc/EXly5A 數位車牌化身電子支付工具！它如何讓你的生活變得更安全、更便利 https://www.businesstoday.com.tw/article/category/183015/post/202212160020/ Pay戰白熱化！只有3個錢包能活下來，55.9%選擇關鍵 https://www.bnext.com.tw/article/73353/mastercard-annual-report-2022q4 【電支戰略分析：街口支付】開放平臺擴大異業合作，將推分級制度深化會員經營 https://www.ithome.com.tw/news/154931 4.加密貨幣/數位貨幣/挖礦/區塊鍊/智能合約/WEB3 資安加密貨幣投資機器人3Commas坦承資料外洩，駭客聲稱竊得10萬個API金鑰 https://www.bleepingcomputer.com/news/security/crypto-platform-3commas-admits-hackers-stole-api-keys/ 一GMX巨鯨遭駭客攻擊，被盜金額約340萬美元 https://news.cnyes.com/news/id/5052858 鏈習生幣圈日報 2023.01.05｜十分鐘掌握全球區塊鏈及加密貨幣新聞 https://reurl.cc/X5Mg3g 手上的NFT變阿嬤裸照？Magic Eden澄清「肉色海」：圖片暫存遭攻擊 https://www.blocktempo.com/magic-eden-said-3rd-party-cache-images-was-compromised/ Immunefi：2022年駭客攻擊和欺詐事件損失超39億美元，年增率下降51.2% https://news.cnyes.com/news/id/5054414 比特幣 14 歲了，2023上漲或暴跌都有可能發生 https://reurl.cc/10AEp8 加密貨幣交易所 Gemini 570 萬用戶遭大規模釣魚攻擊，意圖騙取受害者加密資產 https://www.twcert.org.tw/tw/cp-104-6838-d122c-1.html 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 美國路易斯安那州醫院受勒索軟體攻擊影響 27萬名病患 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10266 安卓金融木馬SpyNote攻擊行動升溫，起因是原始碼公開 https://www.threatfabric.com/blogs/spynote-rat-targeting-financial-institutions.html SpyNote Strikes Again: Android Spyware Targeting Financial Institutions https://thehackernews.com/2023/01/spynote-strikes-again-android-spyware.html 竊密軟體Vidar透過社群網站與加密即時通訊軟體連結C2中繼站 https://asec.ahnlab.com/en/44554/ Windows錯誤報告工具遭到濫用，被用於部署惡意軟體Pupy RAT https://labs.k7computing.com/index.php/pupy-rat-hiding-under-werfaults-cover/ 防毒業者Bitdefender提供勒索軟體MegaCortex解密工具 https://www.bleepingcomputer.com/news/security/bitdefender-releases-free-megacortex-ransomware-decryptor/ Linux惡意軟體被用於散布挖礦程式 https://asec.ahnlab.com/en/45182/ 日本警方成功解鎖勒索軟體LockBit加密的檔案，協助3家受害企業復原資料 https://cybernews.com/news/japan-police-successful-decrypting-data-lockbit-ransomware/ 駭客利用竊得的銀行資料來製作惡意Excel檔案，藉此散布木馬程式BitRAT https://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure 洛杉磯市房屋管理局傳出遭到勒索軟體LockBit攻擊 https://techcrunch.com/2023/01/03/hackers-claims-ransomware-attack-on-los-angeles-housing-authority/ 澳洲昆士蘭科技大學遭到勒索軟體Royal攻擊 https://www.bleepingcomputer.com/news/security/royal-ransomware-claims-attack-on-queensland-university-of-technology/ 美國鐵路公司Wabtec遭勒索軟體LockBit攻擊而資料外洩 https://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/ WordPress網站遭到Linux惡意軟體鎖定，利用30種外掛程式漏洞注入惡意指令碼 https://news.drweb.com/show/?i=14646&lng=en&c=23 勒索軟體駭客架設偽造網站來公布受害組織資料 https://www.bleepingcomputer.com/news/security/ransomware-gang-cloned-victim-s-website-to-leak-stolen-data/ 加拿大銅礦業者遭勒索軟體攻擊被迫關閉 https://cumtn.com/investors/press-releases/2022/copper-mountain-mining-subject-to-ransomware-attac-4881/ 加拿大兒童醫院SickKids收到勒索軟體LockBit的解密金鑰，恢復部分受害系統 https://www.ithome.com.tw/news/154967 葡萄牙大型港口傳出遭到勒索軟體LockBit攻擊 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-claims-attack-on-port-of-lisbon-in-portugal/ 英國布里斯托爾社區大學遭勒索軟體攻擊 https://www.thesunchronicle.com/news/local_news/bristol-community-college-admits-it-was-ransom-hacked/article_31cd33a3-f58d-58ef-ab4c-00ebdc4e1afd.html 2022 全年，至少有 200 個美國政府、教育、醫療保健等公用事業單位遭到勒贖攻擊 https://www.twcert.org.tw/tw/cp-104-6836-866a7-1.html APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector https://thehackernews.com/2022/12/apt-hackers-turn-to-malicious-excel-add.html WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html 蠕蟲程式Raspberry Robin鎖定歐洲金融和保險業而來 https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe Raspberry Robin Worm Evolves to Attack Financial and Insurance Sectors in Europ https://thehackernews.com/2023/01/raspberry-robin-worm-evolves-to-attack.html The FBI's Perspective on Ransomware https://thehackernews.com/2023/01/the-fbis-perspective-on-ransomware.html New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner https://thehackernews.com/2023/01/new-shc-based-linux-malware-targeting.html Shc Linux Malware Installing CoinMiner https://asec.ahnlab.com/en/45182/ CircleCI warns of security breach — rotate your secrets! https://twitter.com/sanitybit/status/1610839628155850752 https://www.bleepingcomputer.com/news/security/circleci-warns-of-security-breach-rotate-your-secrets/ https://circleci.com/blog/january-4-2023-security-alert/ B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G / 即時通訊 Google修補Android約60個漏洞 https://www.securityweek.com/androids-first-security-updates-2023-patch-60-vulnerabilities 研究發現：透過 AI 程式碼產生器所開發 App 恐有安全漏洞風險 https://technews.tw/2023/01/01/code-generating-ai-can-introduce-security-vulnerabilities/ 蘋果被迫開放第三方應用程式商店，「暗黑版 App Store」創辦人不樂見 https://technews.tw/2022/12/16/app-store-dma-altstore/ C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 / 資安人力 Chrome瀏覽器將擴大封鎖HTTP網站存取 https://9to5google.com/2022/12/28/chrome-block-insecure-http-downloads/ 雲端服務業者Rackspace再透露12月資安事故調查結果，駭客存取部分用戶資料 https://www.bleepingcomputer.com/news/security/rackspace-customer-email-data-accessed-in-ransomware-attack/ 雲端服務業者Rackspace表示12月的資安事故是Play勒索軟體所為 https://www.bleepingcomputer.com/news/security/rackspace-confirms-play-ransomware-was-behind-recent-cyberattack/ Slack證實部分原始碼遭竊 https://slack.com/intl/en-au/blog/news/slack-security-update CI/CD程式整合交付服務遭濫用，南非駭客Automated Libra將其用於加密貨幣挖礦 https://unit42.paloaltonetworks.com/purpleurchin-steals-cloud-resources/ 波蘭警告俄羅斯駭客Ghostwriter的攻擊行動 https://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/ 波蘭政府發布資安警訊，多種駭侵攻擊活動正在加強 https://www.twcert.org.tw/tw/cp-104-6844-fe255-1.html 烏克蘭民用基礎設施成俄羅斯駭客偏好攻擊的目標 https://www.bankinfosecurity.com/ukraine-russian-hackers-focus-civilian-infrastructure-a-20831 英國《衛報》遭網路攻擊，多國員工需暫時在家工作 https://technews.tw/2023/01/06/the-guardian-ransomware-attack-hits-week-two-as-staff-told-to-work-from-home/ 美國主導的印太安全架構「輪輻體系」，應對中國崛起的能力竟是如此地脆弱 https://www.thenewslens.com/article/179105 BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies https://thehackernews.com/2022/12/bitkeep-confirms-cyber-attack-loses.html BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection https://thehackernews.com/2022/12/bluenoroff-apt-hackers-using-new-ways.html RedZei Chinese Scammers Targeting Chinese Students in the U.K. https://thehackernews.com/2023/01/redzei-chinese-scammers-targeting.html Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain https://thehackernews.com/2023/01/blind-eagle-hackers-return-with-refined.html Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations https://thehackernews.com/2023/01/bluebottle-cybercrime-group-preys-on.html 持續開發持續整合業者CircleCI遭遇資安事故，通知用戶更換密鑰 https://www.bleepingcomputer.com/news/security/circleci-warns-of-security-breach-rotate-your-secrets/ CircleCI Urges Customers to Rotate Secrets Following Security Incident https://thehackernews.com/2023/01/circleci-urges-customers-to-rotate.html 【資安星鏈計畫】數聯資安儲備資安工程師(六個月約聘, 通過培訓轉正) https://www.104.com.tw/job/7v0xo 資深資訊安全工程師 https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?EMPLOYER_ID=124369&HIRE_ID=11682583 資安檢測工程師 https://www.104.com.tw/job/7v2zd?jobsource=google_job D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞/網路霸凌/帳號安全 2億推特用戶電郵資料流入駭客論壇僅賣2美元 https://www.ithome.com.tw/news/155006 2億推特用戶電子郵件信箱資料遭駭客以2美元賤賣 https://www.bleepingcomputer.com/news/security/200-million-twitter-users-email-addresses-allegedly-leaked-online/ 推特2021遭駭2022才發現 2.35億個帳號電郵被公布 https://reurl.cc/VROg4Q 募資掌上型資安滲透測試工具Flipper Zero成為駭客對研究人員發動網釣攻擊的幌子 https://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/ 臉書、IG未經用戶同意收集個資，愛爾蘭重罰3.9億歐元 https://www.dataprotection.ie/en/news-media/data-protection-commission-announces-conclusion-two-inquiries-meta-ireland Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak https://thehackernews.com/2022/12/facebook-to-pay-725-million-to-settle.html Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html The Evolving Tactics of Vidar Stealer: From Phishing Emails to Social Media https://thehackernews.com/2023/01/the-evolving-tactics-of-vidar-stealer.html LastPass遭到集體控告，起因是外洩事故疑與資料管理不當有關 https://www.courtlistener.com/docket/66696047/doe-individually-and-on-behalf-of-all-others-similarly-situated-v/ LastPass遭到集體控告，起因是外洩事故與該公司資料管理不當有關 https://www.courtlistener.com/docket/66696047/doe-individually-and-on-behalf-of-all-others-similarly-situated-v/ Mitigate the LastPass Attack Surface in Your Environment with this Free Tool https://thehackernews.com/2023/01/mitigate-lastpass-attack-surface-in.html 近20個汽車廠牌的API漏洞恐曝露車主個資，甚至可冒用製造商員工身分、進入公司系統 https://samcurry.net/web-hackers-vs-the-auto-industry/ Volvo汽車資料外洩，200 GB資料流入駭客論壇兜售 https://www.ithome.com.tw/news/154990 美國ERP業者伺服器配置不當，曝露50萬印度求職者資料 https://www.hackread.com/erp-firm-expose-india-job-seekers-data/ 【冒充你老闆寄信給你】「製造業」成為駭客肥羊，盤點最常見 5 種資安威脅 https://buzzorange.com/techorange/2023/01/05/manufacturing-cyber-security/ 手機防詐騙貼士｜教你4招預防釣魚詐騙　Email出現這內容要注意 https://www.hk01.com/article/849879?utm_source=01articlecopy&utm_medium=referral E.研究報告/工具光環論文資安修正 https://hackmd.io/@TeamWithBreak/ry31y_I4j 雲原生之軟體安全韌性 https://blog.twnic.tw/2023/01/05/25320/ 領英：年輕人有優勢的5種軟技能 https://www.cw.com.tw/article/5124303 視訊會議怎麼做最安心？推薦６招強化資安防護 https://reurl.cc/ROGglG New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software https://thehackernews.com/2022/12/new-malvertising-campaign-via-google.html Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust https://thehackernews.com/2023/01/enforcement-vs-enrollment-based.html 10 types of cognitive bias to watch out for in UX research & design https://bootcamp.uxdesign.cc/10-types-of-cognitive-bias-to-watch-out-for-in-ux-research-design-b9f0f5ef86c1 20 Entertaining Uses of ChatGPT You Never Knew Were Possible https://markwschaefer.medium.com/20-entertaining-uses-of-chatgpt-you-never-knew-were-possible-3bc2644d4507 My Top 10 Open Source Apps of 2022 https://medium.com/@x.line/my-top-10-open-source-apps-of-2022-99cd3b5c2113 Comparing Sysmon and EclecticIQ Endpoint Response — Event Filters https://eclecticiq.medium.com/comparing-sysmon-and-eclecticiq-endpoint-response-event-filters-6b862dddfe6a My Note-Taking, Productivity, PKM Apps for 2023 https://ednico.medium.com/my-note-taking-productivity-pkm-apps-for-2023-16d5a1398b54 Vulnerability Management at Lyft: Enforcing the Cascade - Part 1 https://eng.lyft.com/vulnerability-management-at-lyft-enforcing-the-cascade-part-1-234d1561b994 F.商業 F5預測應用服務2023趨勢：新型態應用領域環境的5大關鍵技術 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10268 Fortinet《2022年雲端資安報告》：資安人才荒、技能落差成「雲世代」最大挑戰 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10265 趨勢科技支援採用開放標準的 AWS 資安資料湖 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10269 是德科技 Ixia 事業部指定力麗科技為台灣區代理商 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10264 台灣富士軟片資訊助提升數據資產安全性 https://ctee.com.tw/industrynews/technology/786680.html 安碁資訊提供防駭攻防演練去年營收大增近9成 https://wantrich.chinatimes.com/news/20230105900709-420101 2022營收年增88％安碁資訊擴金融資安量能 https://ec.ltn.com.tw/article/breakingnews/4175990 趨勢科技成立 5G 資安 CTOne　守護 5G 世代通訊技術資訊安全 https://www.netadmin.com.tw/netadmin/zh-tw/snapshot/5DC29655AFBC433E9CCF482E7A6CE6C9 F5擴充SaaS安全方案推出F5 Distributed Cloud App Infrastructure Protection https://netmag.tw/2023/01/05/f5-extended-saas-security-programme-launsf5-distributed-cloud-app-infrastructure-protection G.政府數位發展部設置資通安全研究院，首任院長由何全德擔任 https://www.ithome.com.tw/news/155003 資安院召開首次董事會，何全德出任院長 https://technews.tw/2023/01/04/taiwan-securiy/ 還稅「領現金」填帳戶個資恐外洩？數位部：已請「資安院」協防駭客 https://today.line.me/tw/v2/article/kEGNqNJ 立院協商刑法修正草案不實性影像營利最高判7年 https://www.cna.com.tw/news/aipl/202301050376.aspx 台灣導彈重要儀器被爆送大陸維修當局指資安鑑定無洩密 https://reurl.cc/mZ52QA 雄三飛彈經緯儀送中維修中科院：資安鑑定無洩密 https://reurl.cc/NGdgox 雄三飛彈零件被送山東維修　民眾黨：民進黨還有臉說抗中保台 https://www.ctwant.com/article/231216 禁抖音擴及民間？數位部：民主國家難度高　先讓民眾了解資安風險 https://www.taisounds.com/Taiwan/Politics/uid5098918128 H.工控系統/ICS/SCADA/IOT/物聯網/車聯網/電動車/人工智慧/AI/ML/人臉辨識/醫療相關資安協助 IoT 裝置抵禦以關鍵基礎設施為目標的攻擊 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=10271 Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers https://thehackernews.com/2022/12/researcher-uncovers-potential.html PyTorch機器學習框架感染惡意程式碼，原因是相依元件遭到駭客竄改、置換 https://pytorch.org/blog/compromised-nightly-dependency/#how-to-check-if-your-python-environment-is-affected PyTorch Machine Learning Framework Compromised with Malicious Dependency https://thehackernews.com/2023/01/pytorch-machine-learning-framework.html Arlo 宣佈陸續停止支援舊款網路相機 https://chinese.engadget.com/arlo-end-of-life-policy-100012814.html 物聯網安全高峰論壇特別報導強力落實軟/硬體防護　供應鏈全面把關車用資安 https://reurl.cc/qZA2oq 5天吸引百萬人註冊！解密ChatGPT從煉成到商機應用，背後關鍵技術如何生成 https://meet.bnext.com.tw/articles/view/49901? 工控物聯網資安照步來　國際化準則融合OT/IT安全 https://reurl.cc/GXyvYA 保障車主個人資料與隱私安全，VicOne 在 CES 2023 推出全新車用資安方案 https://www.ddcar.com.tw/article/33682 I.教育訓練 iPAS資訊安全工程師中級筆記 https://hackmd.io/@Not/iPASInformationSecuritySpecialist iPas資安工程師證照考前研習 https://reurl.cc/GEbA3p Coursera 盤點 7 項雲端資安認證，高薪跳板都在這了！ https://buzzorange.com/techorange/2022/07/12/cloud-security-certificates/ 全球網絡安全勞動力失衡 (ISC)2免費課程及考試填補人才缺口 https://reurl.cc/m39MDj CISSP資安認證的8大領域 https://2formosa.blogspot.com/2022/12/CISSP-topic-domains.html CISSP考試心得 https://reurl.cc/KbY83j CISSP考試心得 – Benson https://reurl.cc/GbWvxd 目標導向-20天光速考過CISSP https://reurl.cc/2Zq6zn CISSP證照考試實戰心得第一章：初期準備工作 https://netmag.tw/2022/06/17/the-cissp-has-learned-the-first-chapter-in-actual-combat CPSA(CREST Practitioner Security Analyst) 資安分析師考試心得 https://tech-blog.cymetrics.io/posts/huli/crest-cpsa-prepare/ EC-Council CEH v11 考試心得、改版資訊以及準備方向 2021、2022 https://reurl.cc/1oyEM8 CEH v11 考試心得與準備方式 https://blog.sean.taipei/2022/01/ceh 深度解析 CPENT 考試心得、以及與 OSCP 的比較 https://reurl.cc/41eL8v EC-Council CPENT v1 滲透測試認證 – 內容及心得分享 https://hackercat.org/pentesting/ec-council-cpent-v1-experience-review [備考心得]CompTIA Security+ (SY0–601) 上篇 https://reurl.cc/M053DK [備考心得]CompTIA Security+ (SY0–601) 下篇 https://reurl.cc/M053Gv 不只是工程師才要懂的 App 資訊安全：取得資安檢測合格證書血淚史（iT邦幫忙鐵人賽系列書） https://news.pchome.com.tw/living/books/20220202/index-64375841669874292009.html Learn NIST Inside Out With 21 Hours of Training @ 86% OFF https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html 駭客與國家: 網路攻擊與地緣政治新常態 The hacker and the state: cyber attacks and the new normal of geopolitic https://reurl.cc/D3nKKj Practical Network Penetration Tester (PNPT) Certification Review https://tmc222.medium.com/practical-network-penetration-tester-pnpt-certification-review-4280e4e164df WUSON常用的基本詞彙 https://choson.lifenet.com.tw/?p=1958 我國網路資安狂被駭監委申請自動調查 https://www.chinatimes.com/realtimenews/20220810003152-260407?chdtv 6.近期資安活動及研討會 TAIPEI INTERNET MONEY - Open to new members 2023/1/7 https://www.meetup.com/taipei-internet-money/events/290492310/ XR Meetup 2023/1/7 https://www.meetup.com/taiwanvirtualreality/events/290416808/ 美國 Fintech 新創 Infra / DevOps 工程師的一天 2023/1/7 https://www.meetup.com/pyladiestw/events/290403644/ 線上資安專題講座-微軟雲端資安趨勢解析及學習資源 2023/1/7 https://isipevent.kktix.cc/events/e58d0573-copy-10 Just a chat - with no Expectations 2023/1/7 https://www.meetup.com/taipei-%E6%9A%97%E5%8F%B7%E9%80%9A%E8%B2%A8-cryptocurrency-meetup/events/290646851/ 資安攻防人才養成班免費課程說明會 2023/1/11 https://www.accupass.com/event/2301040559501903522935 SyntaxError 2023/1/11 https://www.meetup.com/pythonhug/events/290712298/ 雲端系統工程師就業養成班免費課程說明會 2023/1/11 https://www.accupass.com/event/2212060153371286902387 Taipei.py 2023 1 月聚會 2023/1/12 https://www.meetup.com/taipei-py/events/290416829/ 一鍵完成設備部署、資安、合規的實作秘笈 | In Taipei Apple Office 2023/1/12 https://jamf.kktix.cc/events/onetouch2023-1 思科雲端攻防戰_企業資安人才計畫全面啟動 2023/1/13 https://www.accupass.com/event/2212290832308264964090 【高雄限定】一日駭客體驗營｜６小時了解資安滲透 2023/1/14 https://www.accupass.com/event/2211150721101457239234 線上資安專題講座-工業控制系統資安威脅分析與防禦策略 2023/1/14 https://isipevent.kktix.cc/events/6c2fc51b WordPress - 桃園午茶小聚 #20 2023/1/14 https://www.meetup.com/taoyuan-wordpress-meetup/events/290644354/ WordPress 台北小聚 - 新年快樂 @ 巴菲特國際商務中心 2023/1/16 https://www.meetup.com/taipei-wordpress/events/290629883/ 加密大逃殺？善用 Web3 去中心化錢包 2023/1/18 https://www.accupass.com/event/2212280753431784994319 Hugging Face : Image Classification 2023/2/21 https://www.meetup.com/tensorflow-user-group-taipei/events/290714239/ 淺談總經數據與金融市場應用 2023/2/27 https://www.meetup.com/rladies-taipei/events/290280800/