資安事件新聞週報 2020/7/20 ~ 2020/7/24

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/7/20 ~ 2020/7/24 1.重大弱點漏洞/後門/Exploit/Zero Day 被指控手機 App 存在資安漏洞　DJI 反駁：阻止逃避飛安功能之破解 https://reurl.cc/L38KRx 研究稱大疆無人機控制應用存在安全漏洞 https://cn.nytimes.com/usa/20200724/dji-drones-security-vulnerability/ 又一「中國製造」被曝安全漏洞搜集手機信息 https://tw.aboluowang.com/2020/0724/1480944.html Researchers Reveal New Security Flaw Affecting China's DJI Drones https://thehackernews.com/2020/07/dji-drone-hacking_24.html DJI ANDROID GO 4 APPLICATION SECURITY ANALYSIS https://www.synacktiv.com/en/publications/dji-android-go-4-application-security-analysis.html DJI Privacy Analysis Validation https://blog.grimm-co.com/2020/07/dji-privacy-analysis-validation.html 思科產品洩露敏感資料漏洞 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 Citrix Systems Workspace App 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8207 出現RCE漏洞，微軟將停用RemoteFX vGPU功能 https://www.ithome.com.tw/news/138961 微軟修補可能破壞LTE無線連結的Windows 10臭蟲 https://www.ithome.com.tw/news/138963 蘋果修補MacOS、iOS等多個程式碼執行、DoS攻擊等漏洞 https://www.ithome.com.tw/news/138919 Apple 發布 iOS、iPadOS 13.6 更新，一次修復 29 個資安漏洞 https://www.twcert.org.tw/tw/cp-104-3792-bfef6-1.html Thousands of Flawed F5 BIG-IP Networking Products Unpatched https://www.bankinfosecurity.com/thousands-flawed-f5-big-ip-networking-products-unpatched-a-14663 美國資安主管機關要求24小時內修補 Windows DNS 嚴重漏洞 https://www.twcert.org.tw/tw/cp-104-3790-2265e-1.html Microsoft .NET Framework, SharePoint Server和Visual Studio存在資安漏洞 https://www.twcert.org.tw/tw/cp-104-3808-88e32-1.html 微軟Office 365將在10月15日關閉對TLS 1.0/1.1的支援 https://www.ithome.com.tw/news/138954 Google釋出Chrome 84，修補38個安全漏洞，正式移除對TLS 1.0/1.1的支援 https://www.ithome.com.tw/news/138842 微軟釋出Microsoft Edge 84，關閉對TLS 1.0/1.1的支援 https://www.ithome.com.tw/news/138927 微軟即將恢復每月選擇性功能更新 https://www.ithome.com.tw/news/138935 SAP修復NetWeaver AS JAVA 應用伺服器重大資安漏洞 https://www.twcert.org.tw/tw/cp-104-3777-73d7d-1.html Oracle WebLogic遠程代碼執行漏洞預警 https://www.huaweicloud.com/notice/2018/20200715144531217.html Google釋出Chrome 84，修補38個安全漏洞，正式移除對TLS 1.0/1.1的支援 https://ithome.com.tw/news/138842 LibreNMS 安全漏洞 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15877 遠距會議服務 Zoom 修復 Windows 版的遠端執行任意程式碼 0-day 漏洞 https://www.twcert.org.tw/tw/cp-104-3785-3e50b-1.html 出現RCE漏洞，微軟將停用RemoteFX vGPU功能 https://today.ithome.com.tw/news/138961 Adobe issues emergency fixes for critical vulnerabilities in Photoshop, Bridge, Prelude https://www.zdnet.com/article/adobe-issues-emergency-fixes-for-vulnerabilities-in-photoshop-prelude/#ftag=RSSbaffb68 SUSE releases major Linux update https://www.zdnet.com/article/suse-releases-major-linux-update/#ftag=RSSbaffb68 思科發布安全公告公開致謝360發現Cisco AnyConnect文件損壞漏洞 http://finance.jrj.com.cn/tech/2020/07/17152930274391.shtml 趕快更新！微軟一次修復 18 個「重大」漏洞、共 123 個資安缺失 https://3c.ltn.com.tw/news/41046 microsoft -- multiple_products https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-1025 microsoft -- multiple_windows_products https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-1400 microsoft -- multiple_windows_servers https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-1350 microsoft -- visual_studio_code_eslint_extension https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-1481 Oracle WebLogic Server https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-14625 sophos -- xg_firewall https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-15504 Android MX Player Path Traversal to Code Execution https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34 2.銀行/金融/保險/證券/支付系統/ 新聞及資安興櫃系統昨當機櫃買中心：初判硬體故障/非資安問題 https://reurl.cc/Qdy5X0 興櫃系統當機櫃買中心：排除資安問題 https://ctee.com.tw/news/stock/304224.html 興櫃大當機「突發非駭客」 https://tw.appledaily.com/finance/20200721/4ZH6R5QMQRRBDD4R5X4QMOFJJ4/ 櫃買中心興櫃系統上午當機，目前恢復連線並將統一說明 https://finance.technews.tw/2020/07/20/tpex-unusual/ 興櫃交易系統當機70分鐘櫃買中心搶修恢復 https://reurl.cc/z83jz7 股癌都在用！金管會盯上eToro(e投睿)，為什麼史蒂夫和戴夫還是完勝加密貨幣交易所 https://www.abmedia.io/etoro-is-illegal-in-taiwan-but-is-still-overwhelm-binance/ 有關全球金融中心指數排名之說明 https://www.fsc.gov.tw/ch/home.jsp?id=96&parentpath=0,2&mcustomize=news_view.jsp&dataserno=202007190001&toolsflag=Y&dtable=News 開放銀行Part2 國泰、台新入選 https://ctee.com.tw/news/finance/303600.html 證監發聲明指惡法無礙惟未提「國家機密」處理準則 https://hk.appledaily.com/finance/20200719/VRUNP2BQALVOD2W273XYKV3IU4/ 還能淘嗎?傳淘寶台灣與中國共用平台投審會要查 https://reurl.cc/mn8GKA 淘寶、天貓登台增資三千萬經濟部、投審會駁回 https://reurl.cc/V6rbk6 發現信用卡、郵件或銀行帳密、被盜時該怎麼辦 https://blog.trendmicro.com.tw/?p=64589 台版餘額寶延宕數月終符合法規街口託付寶正式上線 https://reurl.cc/L3yV3y 金管會放行　胡亦嘉終於盼到「街口託付寶」上線 https://www.storm.mg/article/2869719 金管會對街口託付寶上線之回應 https://reurl.cc/9EjzpV 街口託付寶規模破億，金管會示警：架構尚未核准 https://technews.tw/2020/07/22/jkos-new-product-fsc-warning/ 【港版國安法】公股啟動獵港金融人才　兆豐銀大喊要獵50人 https://tw.appledaily.com/property/20200720/MHS5BCZID5VLKK23Q2MNLGFTCI/ 金管會將成立金融科技單一窗口平臺，整合產學Fintech跨部會法規調適建議 https://reurl.cc/0oAREM 個人資安險保什麼？和泰產險線上開講 https://udn.com/news/story/7239/4709823 國內3大純網銀即將開幕 3大電信、金控銀行皆為股東 https://reurl.cc/O1Znp9 ATM robber WinPot: a slot machine instead of cutlets https://securelist.com/atm-robber-winpot/89611/#comment-3173447 Mastercard launches sustainable card programme https://www.finextra.com/newsarticle/36257/mastercard-launches-sustainable-card-programme London’s finance sector under scrutiny over damning Russia report https://www.fnlondon.com/articles/londons-finance-sector-under-scrutiny-over-damning-russia-report-20200722 3.電子支付/行動支付/pay/資安你最喜歡哪種「Pay」？　「這3個Pay」最多人使用 https://news.tvbs.com.tw/life/1358443 無現金社會不遠！行動支付比例逐年增嗶經濟成市場主流 https://reurl.cc/D9R5Ee 彰銀攜台灣Pay 祭三大行動支付策略 https://money.udn.com/money/story/5636/4725932 原民會「挺原民．享優惠」行動支付最高回饋5,000元 https://times.hinet.net/news/22983089 想搶振興商機拉抬市占台灣Pay該做的是改善消費者體驗 https://news.cnyes.com/news/id/4507342 4.虛擬貨幣/區塊鍊/數位貨幣/相關新聞及資安推特遇「駭」幕後英雄現身！加密貨幣交易所及時攔截　價值超過800萬 https://www.ettoday.net/news/20200721/1766018.htm 「區塊鍊」投資詐騙！宜蘭女電子新貴3個月遭詐200萬　300人遭詐億元 https://www.ettoday.net/news/20200719/1764422.htm 幣安 CZ 曾公開支持！烏鴉幣 Ravencoin 遭駭：3 行代碼憑空鑄幣，駭客得手 570 萬美元 RVN https://www.blocktempo.com/3-lines-of-code-worth-5-7-million/ 為開發者提供「攻擊環境」？以太坊基金會發布兩個ETH 2.0攻擊網 https://news.knowing.asia/news/3ef154c7-16a1-4f41-87d7-59f0a994e39f ENAI虛擬貨幣買賣保證月獲利3成？逾300人遭詐1億 https://m.ltn.com.tw/news/society/breakingnews/3233193 假投資虛擬貨幣真詐欺 7天逾3百人報案 https://udn.com/news/story/7321/4713732?from=udn-ch1_breaknews-1-cate2-news 網友調侃 “不是要送比特幣 ?” 馬斯克回應「只賣狗狗幣」後 DOGE 再度大漲 https://reurl.cc/R45ldr Microcin is here With asynchronous sockets, steganography, GitLab ban and a sock https://securelist.com/microcin-is-here/97353/#comment-3172713 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 安卓用戶注意！新病毒偽裝「系統更新」中鏢後果曝光 https://reurl.cc/8GK6No 多達一千三百種以上釣魚詐騙攻擊工具，可在駭侵論壇中買到 https://www.twcert.org.tw/tw/cp-104-3783-7a72b-1.html 新型 Android 木馬病毒假冒「Google更新」竊個資！337款App遭駭客鎖定 https://3c.ltn.com.tw/news/41103 Google提醒你更新系統？小心是新病毒竊取個資 https://newtalk.tw/news/view/2020-07-23/440147 Garmin疑遭勒索軟體攻擊，產線預計將停擺兩天，手機App更新無法同步 https://www.ithome.com.tw/news/139004 Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack https://thehackernews.com/2020/07/garmin-ransomware-attack.html 新勒索病毒Avaddon, 發送「只給你的照片」,郵件內文只有一個笑臉符號 https://blog.trendmicro.com.tw/?p=65153 殭屍網路爭奪戰來了趨勢科技：小心成為網路犯罪幫兇 https://reurl.cc/V6AZKy 從2300萬次爆增到2.49億次！資安公司警告：網路大站來了…駭客集團積極攻擊路由器建立殭屍網路 https://reurl.cc/X61r9a Prometei 殭屍網路病毒利用Windows SMB漏洞植入挖礦軟體 https://www.ithome.com.tw/news/138981 Prometei botnet and its quest for Monero https://blogs.cisco.com/security/talos/prometei-botnet-and-its-quest-for-monero CYBERSECURITY: RANSOMWARE ALERT https://www.sec.gov/files/Risk%20Alert%20-%20Ransomware.pdf Malicious Cryptocurrency Trading Apps Target MacOS Users https://www.bankinfosecurity.com/malicious-cryptocurrency-trading-apps-target-macos-users-a-14660 Emotet Botnet Returns After Months-Long Hiatus https://www.bankinfosecurity.com/emotet-botnet-returns-after-months-long-hiatus-a-14654 Try2Cry ransomware tries to worm its way to other Windows systems https://www.bleepingcomputer.com/news/security/try2cry-ransomware-tries-to-worm-its-way-to-other-windows-systems/ njRAT Malware Analysis https://malwr-analysis.com/2020/06/21/njrat-malware-analysis/ OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory https://unit42.paloaltonetworks.com/oilrig-novel-c2-channel-steganography/ MATA: Multi-platform targeted malware framework https://securelist.com/mata-multi-platform-targeted-malware-framework/97746/ New Android malware targets over 300 different apps - with a focus on dating and social media https://www.techradar.com/news/new-android-malware-targets-over-300-different-apps-with-a-focus-on-dating-and-social-media Doctor Web’s June 2020 virus activity review https://news.drweb.com/show/review/?i=13917&lng=en Chinese APT group targets India and Hong Kong using new variant of MgBot malware https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/ MATA Malware Framework Latest Move for North Korean Hackers https://www.infosecurity-magazine.com/news/mata-malware-framework-north Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK https://www.theregister.com/2020/07/21/twilio_sdk_code_injection/ TrickBot malware returns with some devious new tools https://www.techradar.com/news/trickbot-malware-returns-with-some-devious-new-tools Avaddon Ransomware Still Using Excel 4.0 Macros https://www.infosecurity-magazine.com/news/avaddon-ransomware-still-using/ Emotet Returns in Malspam Attacks Dropping TrickBot, QakBot https://threatpost.com/emotet-returns-in-malspam-attacks-dropping-trickbot-qakbot/157604/ Emotet botnet returns after a five-month absence https://www.zdnet.com/article/emotet-botnet-returns-after-a-five-month-absence/#ftag=RSSbaffb68 Ransomware gang demands $7.5 million from Argentinian ISP https://www.zdnet.com/article/ransomware-gang-demands-7-5-million-from-argentinian-isp/#ftag=RSSbaffb68 New Android Malware Now Steals Passwords For Non-Banking Apps Too https://thehackernews.com/2020/07/android-password-hacker.html Indian enterprises witness spurt in Ransomware Attacks: Report https://www.crn.in/news/indian-enterprises-witness-spurt-in-ransomware-attacks-report/ Malware Found In Chinese Banking Software https://www.cybersecurityintelligence.com/blog/malware-found-in-chinese-banking-software-5100.html malware-trends formbook https://any.run/malware-trends/formbook Ransomware gang demands $7.5 million from Argentinian ISP https://www.zdnet.com/google-amp/article/ransomware-gang-demands-7-5-million-from-argentinian-isp/ North Korean Hackers Spotted Using New Multi-Platform Malware Framework https://thehackernews.com/2020/07/lazarus-north-korean-hackers.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G 參與蘋果iOS抓漏獎勵的研究人員將收到特製版iPhone https://www.ithome.com.tw/news/138990 蘋果推白帽駭客專用機 iPhone 出借，提高抓蟲效率 https://www.inside.com.tw/article/20453-Apple-security-research-device 發現iPhone漏洞不能講？資安專家退出蘋果安全研究計劃 https://newtalk.tw/news/view/2020-07-24/440713 TikTok抖音被禁！美眾院表決通過　聯邦、國會公務機不准用 https://www.wealth.com.tw/home/articles/26659 Twitter泄露130個用戶敏感信息 Vanity URL功能存在漏洞 https://kknews.cc/tech/qx4r28y.html 三名黑客惡作劇，暴露 Twitter 最大漏洞，IPFS 能解決該類問題嗎 https://www.chainnews.com/zh-hant/articles/725297868487.htm 推特36個帳戶私人訊息遭駭客讀取！荷蘭政府官員中標 https://newtalk.tw/news/view/2020-07-23/439963 推特上週遭駭客入侵前員工透露有千人有權更改帳戶設定 https://ec.ltn.com.tw/article/breakingnews/3238558 員工被騙內部權限！Twitter 名人盜帳號事件為「社交工程」攻擊 https://www.inside.com.tw/article/20415-An-update-on-twitter-security-incident FBI率領調查「推特大規模遭駭案」！　高層認駭客「組織攻擊」從員工下手 https://www.ettoday.net/news/20200717/1762694.htm 美多位名人推特遭駭捲入詐騙比特幣案 https://news.pts.org.tw/article/487493 遭駭之前推特正加緊腳步找懸缺已久的資安長 https://money.udn.com/money/story/10511/4708615 14年來「災難級」資安事件！馬斯克等名人推特遭駭入發詐財文 https://www.gvm.com.tw/article/73722 Twitter 遭最大規模駭侵攻擊，多個認證名人、品牌帳號被用以發送詐騙訊息 https://www.twcert.org.tw/tw/cp-104-3787-46f24-1.html Twitter多個帳戶被駭，原因竟出自比特幣釣魚騙局 https://news.knowing.asia/news/4abe5506-7284-444d-92fd-db32267f38a6 比特幣詐騙案疑有推特員工共謀？FBI、紐約州介入調查 https://www.ithome.com.tw/news/138889 FBI 出手調查！駭客在幣安, Coinbase, BitGo 留下蹤跡或能鎖定身份 https://reurl.cc/Kk7zZM 推特真相報告｜官方證實:「社交工程」駭客手法得手，130 個名人 Twitter 受害 https://www.blocktempo.com/twitter-updated-on-wednesdays-attack/ 有用戶數據被下載！推特遭大規模攻擊後，四名駭客浮出水面 https://news.knowing.asia/news/82c8501c-255f-416d-acb2-6ec0fc254534 Twitter says hackers downloaded the data of eight users in Wednesday's hack https://www.zdnet.com/article/twitter-says-hackers-downloaded-the-data-of-eight-users-in-wednesdays-hack/#ftag=RSSbaffb68 Twitter hack: Coinbase blocks $280,000 in Bitcoin theft https://www.zdnet.com/article/twitter-hack-coinbase-blocks-280000-in-bitcoin-theft/#ftag=RSSbaffb68 中國第一個廣受海外歡迎的社交媒體，TikTok收集哪些用戶數據引發美國政府擔憂 https://www.storm.mg/article/2853813 推特史上最大規模詐騙！名人.公司皆被駭 https://reurl.cc/lVmAov A New Flaw In Zoom Could Have Let Fraudsters Mimic Organisations https://thehackernews.com/2020/07/zoom-vanity-url-vulnerability.html 名列印度禁用App 訊連旗下企業提申訴 https://money.udn.com/money/story/5599/4706644 人不在中國，就能放心用中國App？德國商店引進微信支付與支付寶，情報單位警告有風險 https://www.thenewslens.com/article/137943 隱乳女神用公共WI-FI手機遭駭　換衣被監控男友求救 https://www.mirrormedia.mg/story/20200722insight005/ 快充遭駭起火…駭客鎖定充電器入侵手機實測有18款超易駭！ https://reurl.cc/Y12qpx 蘋果中國應用商店一周下架2500款遊戲為六月同期4倍 https://news.sina.com.tw/article/20200715/35767234.html 手機疑遭間諜軟件監控加泰議長質疑西班牙政府所為 https://reurl.cc/Mvp0zn 南韓的自我隔離 app 存在巨大安全漏洞 https://chinese.engadget.com/south-korea-covid-19-quarantine-app-security-flaw-093019226.html 中國5G資安再掀爭議「支付寶」等程式遭德情報機構點名 https://reurl.cc/z8vb5N 中國發現針對 USB 充電器進行攻擊的 BadPower 惡意程式 https://reurl.cc/X6dn3D 小心快充連接器也能被駭，駭客可藉此燒毀手機元件引發火災 https://ccc.technews.tw/2020/07/22/new-hack-can-trick-power-bricks-into-starting-fires/ 使用手機快充注意了！「BadPower」安全漏洞或致設備燒毀 https://kknews.cc/tech/5jvv63l.html BadPower attack corrupts fast chargers to melt or set your device on fire https://www.zdnet.com/article/badpower-attack-corrupts-fast-chargers-to-melt-or-set-your-device-on-fire/#ftag=RSSbaffb68 Linux基金會發表兩個基於Google/蘋果API的開源疫情追蹤程式 https://www.ithome.com.tw/news/138938 庫德洛：TikTok脫離中國抖音成美國公司較好 https://reurl.cc/3DgAO0 Google Authenticator 兩步驟驗證設定教學，提昇帳號安全技巧 https://mrmad.com.tw/google-authenticator Three Trump officials have now hinted at a TikTok ban this month https://www.zdnet.com/article/three-trump-officials-have-now-hinted-at-a-tiktok-ban-this-month/#ftag=RSSbaffb68 C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件 Slack帳密不好用，在網路黑市乏人問津 https://www.ithome.com.tw/news/139017 【幫這位熱血資安工程師 QQ】做資安做到離婚、網站還賣不出去，他為什麼要堅持下去？ https://buzzorange.com/techorange/2020/07/21/have-i-been-pwned-3/ 【從「發送細胞簡訊」學防駭】善用ISAC或CERT分享資安情報，通知潛在利害關係人 https://www.ithome.com.tw/news/138885 【從「疫調完整不獵巫」學防駭】落實追查潛在風險與鼓勵通報，資安觀念要更進步 https://www.ithome.com.tw/news/138883 【從「疫情指揮中心」學防駭】面對資安事件不能群龍無首，必須建立資安應變團隊 https://www.ithome.com.tw/news/138882 【從「敵我意識」學防駭】打造「零信任」資安意識，落實最低限度授權是第一步 https://www.ithome.com.tw/news/138887 資安情資通報+攻防演練平台有效抵禦未來資安攻擊 https://systexcbi.kktix.cc/events/sec0716?locale=en 簡報：中國借世衛調查展開宣傳；美稱中國駭客竊疫苗數據 https://cn.nytimes.com/morning-brief/20200722/coronavirus-who-us-china-hacking-vaccine/zh-hant/ 巨額贖金！阿根廷最大電信遭駭客勒索 2.2 億門羅幣，不忘附上買幣教程(Telecom) https://www.blocktempo.com/ransomware-revil-argentina-telecom-monero/ 以色列水利系統接連遭到網路攻擊，駭客竟是針對農業水泵和氯控制器下手 https://www.ithome.com.tw/news/138971 以色列供水系統，遭到兩次駭侵攻擊 https://www.twcert.org.tw/tw/cp-104-3804-005e0-1.html Two more cyber-attacks hit Israel's water system https://www.zdnet.com/article/two-more-cyber-attacks-hit-israels-water-system/#ftag=RSSbaffb68 英國抓包俄羅斯駭客，知情人士表示該攻擊活動疑似由總統普丁同意發起 https://reurl.cc/exRb4M 中英關係交惡！Tiktok全球總部遷移倫敦計畫中止 https://newtalk.tw/news/view/2020-07-20/438218 解放軍報復性出征？專家曝中美關係冰點…恐斷交不惜開戰 https://www.setn.com/News.aspx?NewsID=784418 美只是受駭人？川普早放寬CIA對陸俄神秘網攻不只偷還搞破壞 https://www.chinatimes.com/realtimenews/20200718000020-260408?chdtv 新國安法引發憂慮，部分VPN提供商關閉香港服務器 https://reurl.cc/O1Za33 會中文有加分？美FBI「2招募條件」曝光台人嗨翻：想投 https://reurl.cc/rxybqZ Forbes調查指稱FBI利用旅遊分銷公司Sabre資料庫進行全球監控 https://www.ithome.com.tw/news/138926 美指控兩駭客助中共迫害宗教人士 https://www.epochtimes.com/b5/20/7/23/n12279164.htm 中國駭客攻擊香港天主教會人士 https://www.ithome.com.tw/news/138894 【駭客攻擊】香港教區恐成中國駭客目標外媒：疑重點在港展開網絡間諜活動 https://hk.news.appledaily.com/local/20200720/64ODSDJLL5W4RKD7NOV74IPPVA/ Chinese state hackers target Hong Kong Catholic Church https://www.zdnet.com/article/chinese-state-hackers-target-hong-kong-catholic-church/ Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions https://thehackernews.com/2020/07/chinese-hackers-hong-kong-india.html Chinese APT group targets India and Hong Kong using new variant of MgBot malware https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/ 美國FCC禁止以政府資金購買中國通訊設備與服務 https://www.isda.org.tw/2020/07/22/7bc57e336388bc990536a29c2909abad/ 川普前顧問爆料「天啟四騎士」出動全面計畫擊垮中共 https://reurl.cc/xZyv85 勒令72小時關閉中國領事館美國說保護知識產權及美國人個資中國指控該總領館受炸彈死亡威脅 https://reurl.cc/D9RlMO 美國批准對臺軍售中國:制裁對臺軍售承包商 https://news.pts.org.tw/article/487260 F-Secure：山寨版思科交換器暗藏安全風險 https://www.ithome.com.tw/news/138867 美英等國資安機關警告，俄羅斯駭侵團體針對肺炎疫苗研發單位發動攻擊 https://www.twcert.org.tw/tw/cp-104-3788-dc34b-1.html 財經100秒: 法國傳2028年前實質禁用華為 https://www.ntdtv.com/b5/2020/07/23/a102900471.html 德國法院：警方、政府不得隨意要求ISP及電信商提供用戶個資 https://www.ithome.com.tw/news/138939 美國制裁11家協助中國侵犯人權的公司，當中的O-Film Tech為蘋果、微軟與Amazon的供應商 https://www.ithome.com.tw/news/138941 美司法部控中國資助駭客鎖定新冠疫苗研究 https://money.udn.com/money/story/10511/4720372 美國指控兩名中國駭客到處竊取商業機密與研發資訊 https://www.ithome.com.tw/news/138959 資安單位警告：俄國間諜鎖定美加英新肺疫苗研發機構 https://udn.com/news/story/6809/4708225 疫苗研究成果恐遭竊！英指控俄情報機構持續發動網攻 https://money.udn.com/money/story/5599/4708476 美商務部：11家中企侵害新疆人權、強逼勞動將祭制裁 https://reurl.cc/0o5d1o 美國稱中國駭客竊取機密尋求新冠病毒相關數據 https://reurl.cc/621dGZ 黑帽黑客歷史盤點：中國頂尖高手基本已被收編 https://kknews.cc/code/yjb39nn.html DOJ indicts two Chinese hackers for attempted IP theft of COVID-19 research https://www.zdnet.com/article/doj-indicts-two-chinese-hackers-for-ip-theft-of-covid-19-research/#ftag=RSSbaffb68 UK 'Failed' to Probe Threat of Russian Election Interference https://www.bankinfosecurity.com/uk-failed-to-probe-threat-russian-election-interference-a-14672 US Charges 2 Chinese Hackers for Targeting COVID-19 Research and Trade Secrets https://thehackernews.com/2020/07/chinese-hackers-covid19.html Chinese Hackers Indicted on 11 Counts, Including Attack on British AI Firm https://www.cbronline.com/cybersecurity/breaches/chinese-hackers-indicted/ US indicts hackers working with China's Ministry of State Security https://www.bleepingcomputer.com/news/security/us-indicts-hackers-working-with-chinas-ministry-of-state-security/ 資安規範管理師 https://www.104.com.tw/job/702j4 采照策略資安規範管理師 https://pttcareer.com/job/M.1595498589.A.DDD.html 資安工程師 https://www.104.com.tw/job/703g3 109 年 - 109 臺灣銀行_新進人員甄試_八職等-海外資安儲備人員、資訊安全人員 https://reurl.cc/7XGm0y 資安工程師 https://job.taiwanjobs.gov.tw/Internet/jobwanted/JobDetail.aspx?EMPLOYER_ID=1134770&HIRE_ID=9832841 D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞資安報告：免費VPN不設防 2000萬人被「看光光」 https://news.ltn.com.tw/news/world/breakingnews/3231081 YouTube放任侵權及比特幣詐騙，蘋果創辦人之一的Steve Wozniak與其他17人提告 https://www.ithome.com.tw/news/139022 一個安全漏洞暴露了家譜數據庫GEDmatch 中超過100 萬份DNA資料 http://www.secwk.com/2020/07/23/18244/ 中華電信驚傳續約漏洞　499吃到飽變2699！苦主慘賠4支iPhone11 https://tw.appledaily.com/local/20200716/3ALCTUV6FFO6CI53D5QFKHKLQ4/ 因疫情無法出國設機房　詐騙集團改包「清境民宿」 https://tw.appledaily.com/local/20200721/X3PSRBQBLHQ6OQL6SWCOQWBBMM/ 詐團無法出國改躲清境民宿藏木馬App騙下載 https://udn.com/news/story/7315/4720179?from=udn-ch1_breaknews-1-cate2-news Google更新是假的！駭客冒名發送更新系統通知授權後個資全被看光 https://reurl.cc/ZO0V1p MGM資安事件擴大 1.4億筆個資被兜售 https://www.lvcnn.com/news.php?id=31011 台南知名直播平台爆遭駭！詐騙集團假藉名義騙入會匯8千 https://reurl.cc/Qdrk7o 暑假學童黏網路恐洩個資　消保處：別亂打卡、記得清除登入紀錄 https://tw.appledaily.com/life/20200720/4NVYHIBLQCYXQWP3OAXNGRZSLE/ 轉當資安Youtuber教你保護個資！周庭：準備2支手機 https://m.ltn.com.tw/news/world/breakingnews/3234400 假投資真詐騙金門2男大生破財20萬元 https://www.chinatimes.com/realtimenews/20200721004906-260402?chdtv 美電子云供應商遭駭客襲擊英七所大學和人權觀察網站數據失竊 https://www.soundofhope.org/post/404029?lang=b5 退休公務員誤信「老師」投資比特幣險賠光養老金！近期還發生了這3起虛擬貨幣詐騙案 https://reurl.cc/nz9qXl 假冒知名美妝購物網客服警提供關鍵字防詐騙 https://www.cna.com.tw/news/asoc/202007180115.aspx 臉書「我不敢相信是你」Messenger 釣魚網頁出沒！不小心點連結怎麼辦 https://applealmond.com/posts/74866 「我不敢相信是你？」臉書收到影片連結別亂點！帳號防盜這樣做 https://3c.ltn.com.tw/news/41075 健身教練遭詐14萬小三、MOMO、World Gym名列高風險賣場 https://www.chinatimes.com/realtimenews/20200718003183-260402?chdtv 台灣特戰女兵「跟你說早安」火辣照瘋傳引網民哄動　官方咁回應 https://reurl.cc/z8vpga 特戰女兵清涼照外流遭製長輩圖「跟你說早安」 https://reurl.cc/GV95kG 特戰女兵火辣玩抖音上上下下練體能超輕鬆 https://news.ebc.net.tw/news/living/219343 特戰女兵照遭改外流國防部回應了 https://reurl.cc/oLnVrl 台女兵性感照疑遭友人分享　軍方：檢討是否違規 https://hk.on.cc/hk/bkn/cnt/cnnews/20200721/bkn-20200721183430862-0721_00952_001.html 特戰女兵私密床照瘋傳！上萬網友暴動國軍回應了 https://news.ebc.net.tw/news/living/219253 韓疫情肆虐詐欺猖獗騙走近2000億韓圜 http://globalnewstv.com.tw/202007/118570/ 為何網美IG容易被盜？網揭原因 https://reurl.cc/kdRVor University of York discloses data breach, staff and student records stolen https://www.zdnet.com/article/university-of-york-discloses-data-breach-staff-and-student-records-stolen/#ftag=RSSbaffb68 CouchSurfing investigates data breach after 17m user records appear on hacking forum https://www.zdnet.com/article/couchsurfing-investigates-data-breach-after-17m-user-records-appear-on-hacking-forum/#ftag=RSSbaffb68 Slack credentials abundant on cybercrime markets, but little interest from hackers https://www.zdnet.com/article/slack-credentials-abundant-on-cybercrime-markets-but-little-interest-from-hackers/#ftag=RSSbaffb68 Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online https://thehackernews.com/2020/07/iranian-hacking-training-videos.html Waterloo insurance firm Heartland Farm Mutual experienced data breach https://www.therecord.com/business/2020/07/08/waterloo-insurance-firm-heartland-farm-mutual-experienced-data-breach.html Cloud computing provider Blackbaud paid a ransom after data breach https://securityaffairs.co/wordpress/106175/data-breach/blackbaud-ransomware-attack.html Announcing public preview of Microsoft Endpoint Data Loss Prevention https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-microsoft-endpoint-data-loss/ba-p/1534085 E.研究報告 CVE-2020-3452：Cisco ASA/FTD 任意文件讀取漏洞通告 https://www.anquanke.com/post/id/211543 Snyk 研究發現開源軟件漏洞數量下降 https://www.chainnews.com/zh-hant/articles/731964243975.htm 微軟SharePoint漏洞的詳細解析現身了 https://www.ithome.com.tw/news/138987 活用NAS全攻略：十個讓你的NAS更安全的方法 https://hk.xfastest.com/56738/qnap-nas-tutorial-how-to-enhance-the-security-of-your-nas/ 【開源程式最佳保存法】Github 將 21 TB 的程式碼轉換成「膠捲」，送到北極永凍層冰封 1000 年 https://buzzorange.com/techorange/2020/07/20/github-stores-code-in-arctic/ RMI Bypass Jep290（Jdk8u231）反序列化漏洞分析 https://www.anquanke.com/post/id/211722 低功耗藍牙（BLE）出現重連接漏洞，我們該如何保護已啟用藍牙的移動設備 https://zhuanlan.zhihu.com/p/162827439 Hacker behind Ripoff Report extortion attempt extradited to the US https://www.zdnet.com/article/hacker-behind-ripoff-report-extortion-attempt-extradited-to-the-us/#ftag=RSSbaffb68 Magnitude exploit kit – evolution https://securelist.com/magnitude-exploit-kit-evolution/97436/#comment-3172156 Abusing Azure AD SSO with the Primary Refresh Token https://dirkjanm.io/abusing-azure-ad-sso-with-the-primary-refresh-token/ Why Application Security Should Be Considered An Enabler For Business https://thehackernews.com/2020/07/cybersecurity-for-businesses.html GReAT thoughts: Awesome IDA Pro plugins https://securelist.com/great-ida-pro-plugins/97898/ New 'Shadow Attack' can replace content in digitally signed PDF files https://www.zdnet.com/article/new-shadow-attack-can-replace-content-in-digitally-signed-pdf-files/#ftag=RSSbaffb68 Google's Project Zero team won't be applying for Apple's SRD program https://www.zdnet.com/article/googles-project-zero-team-wont-be-applying-for-apples-srd-program/#ftag=RSSbaffb68 Analysis of .NET Thanos Ransomware Supporting Safeboot with Networking Mode https://www.fortinet.com/blog/threat-research/analysis-of-net-thanos-ransomware-supporting-safeboot-with-networking-mode Tutorial of ARM Stack Overflow Exploit – Defeating ASLR with ret2plt https://www.fortinet.com/blog/threat-research/tutorial-of-arm-stack-overflow-exploit-defeating-aslr-with-ret2plt The Streaming Wars: A Cybercriminal’s Perspective https://securelist.com/the-streaming-wars-a-cybercriminals-perspective/97851/ Spox Phishing Kit Harvests Chase Bank Credentials https://blog.sucuri.net/2020/07/spox-phishing-kit-harvests-chase-bank-credentials.html CHAOS https://github.com/tiagorlampert/CHAOS SharePoint and Pwn :: Remote Code Execution Against SharePoint Server Abusing DataSet https://srcincite.io/blog/2020/07/20/sharepoint-and-pwn-remote-code-execution-against-sharepoint-server-abusing-dataset.html ADB-Toolkit - Tool for testing your Android device https://www.kitploit.com/2020/07/adb-toolkit-tool-for-testing-your.html Introduction to Graph Neural Network (GNN): A Primer https://medium.com/hackergirly/introduction-to-graph-neural-network-gnn-a-primer-ebee55a89fcd DDoS Botnets Are Entrenched in Asia & Amplification Attacks Set Records https://www.darkreading.com/threat-intelligence/ddos-botnets-are-entrenched-in-asia-and-amplification-attacks-set-records/d/d-id/1338415 21-Year-Old Cypriot Hacker Extradited to U.S. Over Fraud and Extortion Charges https://thehackernews.com/2020/07/cypriot-hacker-extradited.html Why Application Security Should Be Considered An Enabler For Business https://thehackernews.com/2020/07/cybersecurity-for-businesses.html すぐ貢献できる！偽サイトの探索から通報まで https://qiita.com/v_avenger/items/2eeef2d69c85eb1570e8 Windows Kernel Exploit Cheat Sheet for [HackTheBox] https://kakyouim.hatenablog.com/entry/2020/05/27/010807 Rare and hardest to crack Enigma code machine sells for $437,000 https://www.zdnet.com/article/rare-and-hardest-to-crack-enigma-code-machine-sells-for-437000/ HAT Hacker HAT review — The MagPi magazine https://magpi.raspberrypi.org/articles/hat-hacker-hat-review GitHub security team finds remote code execution bug in popular Node.js changelog library https://portswigger.net/daily-swig/amp/github-security-team-finds-remote-code-execution-bug-in-popular-node-js-changelog-library DDoS Botnets Are Entrenched in Asia & Amplification Attacks Set Records https://www.darkreading.com/threat-intelligence/ddos-botnets-are-entrenched-in-asia-and-amplification-attacks-set-records/ BlackRock - the Trojan that wanted to get them all https://www.threatfabric.com/blogs/blackrock_the_trojan_that_wanted_to_get_them_all.html Analysts Detect New Banking Malware https://www.infosecurity-magazine.com/news/analysts-detect-new-banking/ Geolocating Mobile Phones With An IP https://nixintel.info/osint/geolocating-mobile-phones-with-an-ip/ Exchange body calls for creation of a global crypto taxonomy https://www.finextra.com/newsarticle/36259/exchange-body-calls-for-creation-of-a-global-crypto-taxonomy New ‘Meow’ attack has wiped dozens of unsecured databases https://www.bleepingcomputer.com/news/security/new-meow-attack-has-wiped-dozens-of-unsecured-databases/ F.商業【港版國安法】LINE母公司：伺服器遷往新加坡已刪除所有在香港的數據資料 https://hk.appledaily.com/finance/20200722/U77UAYSYJSZZZ46J3EWGXUEXC4/ 避開國安法！南韓網路巨擘Naver將香港資料移至新加坡 https://reurl.cc/D9RlEd 資策會數位轉型專書 30個本土企業案例 https://reurl.cc/GV921D 看好K8s多叢集管理需求，紅帽推出進階應用解決方案 https://www.ithome.com.tw/review/138908 MDR基於SOAR運行自動化劇本　減少人力操作更具效益專家知識納入智慧分析　助力SOC團隊精準判讀 http://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/5312979A15764D5B99E9176358CE2736 基於雲端平台運行機器學習　輔助事件分析供鑑識回應脫胎自電信級資料中心　力拼全方位資安服務 http://www.netadmin.com.tw/netadmin/zh-tw/trend/04690AA578FB4906B8984047E7941AB8 合勤董座朱順一：只要你是個咖，就是駭客攻擊目標 https://udn.com/news/story/7240/4727760?from=udn-ch1_breaknews-1-cate6-news 合勤看重資安分割新創「黑貓資訊」　董座朱順一：辦資安大賽培養專業人才 https://www.ettoday.net/news/20200724/1768700.htm 本土高手雲集不計較時間心力　壓低月費幫中小企業練資安苦主見習被滲透過程　大神級資安服務像教學 http://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/C61AF16E96E94F3FBFBC90FFDD7DB52E 雲原生與邊緣顛覆舊架構　降低損害及RTO端賴新思維傳統資料保護日漸失靈　商業服務復原力才是王道 http://www.netadmin.com.tw/netadmin/zh-tw/trend/A5C2E49A57FC40EC9EC37DF3E9027CB6 The Linux Foundation offers Advanced Cloud Engineer Bootcamp program https://www.zdnet.com/article/the-linux-foundation-offers-advanced-cloud-engineer-bootcamp-program/#ftag=RSSbaffb68 IBM Verify Gateway vulnerability allowed remote attackers to brute-force their way in https://www.zdnet.com/article/ibm-verify-gateway-vulnerability-allowed-remote-attackers-to-force-their-way-in/#ftag=RSSbaffb68 Support grows for an Australian active cyber defence program https://www.zdnet.com/article/support-grows-for-an-australian-active-cyber-defence-program/#ftag=RSSbaffb68 IBM intros new security dashboard for its financial services cloud https://www.zdnet.com/article/ibm-intros-new-security-dashboard-for-its-financial-services-cloud/#ftag=RSSbaffb68 Microsoft releases the next-generation of its Azure Stack HCI service https://www.zdnet.com/article/microsoft-releases-the-next-generation-of-its-azure-stack-hci-service/#ftag=RSSbaffb68 IBM, Red Hat, Adobe team up to help regulated industries with data-driven marketing https://www.zdnet.com/article/ibm-red-hat-adobe-team-up-to-help-regulated-industries-with-data-driven-marketing/#ftag=RSSbaffb68 Microsoft releases preview of its Dynamics 365 Connected Store and Fraud Protection services https://www.zdnet.com/article/microsoft-releases-preview-of-its-dynamics-365-connected-store-and-fraud-protection-services/#ftag=RSSbaffb68 Microsoft plans for single-screen Windows 10X rollout in spring 2021; dual-screen in spring 2022 https://www.zdnet.com/article/microsoft-plans-for-single-screen-windows-10x-rollout-in-spring-2021-dual-screen-in-spring-2022/#ftag=RSSbaffb68 G.政府資安爭議對外不對內？網友大曝綠營「黑歷史」 https://reurl.cc/7Xgz5k 衝衝衝變拖拖拖：危害資安產品清單，一年半無下文 https://hoonting.blogspot.com/2020/07/blog-post_60.html 小姊姊站一排仙氣逼人　真實身分竟是調查官 https://tw.appledaily.com/local/20200721/MAEL4X72PSJ2ZRD36HFRFPALVI/ 國防部：戰鬥平板採購與資安管控嚴謹 https://www.ydn.com.tw/News/390378 沒機密不怕被駭？國軍戰鬥平板後續案竟未升級資安防護 https://reurl.cc/g7Vbl4 NCC通過OTT專法草案業者著登記.顧公眾權益 https://news.pts.org.tw/article/487264 陸軍官校：確遵資安規範辦理招標媒體報導與事實不符 https://reurl.cc/V6r08b 陸官太陽能屋頂疑用華為零組件廠商：是用台達電 https://times.hinet.net/news/22981124 軍校招標太陽能險用華為　標檢局：明年訂逆變器資安檢測規範 https://tw.news.appledaily.com/politics/20200721/3NKOBJKXFG33OJFR3KFSYN36WE/ 陸軍官校厝頂安太陽能枋疑用華為網路零件 https://news.pts.org.tw/article/487859 華為產品入侵立院秘書長下令拆除 https://reurl.cc/ZO0ZjM 【獨家】資安危機！立院已遭紅色入侵　啟用近2年太陽能逆變器是「華為製造」 https://tw.appledaily.com/politics/20200721/R6LLOGWUJDDP2KGOQ7OIAVZYM4/ 踢爆立院用華為配件未見拆除只撕下LOGO標籤 https://tw.news.appledaily.com/headline/20200723/4V7VA3BJO6CFUCYOSTYG6WYAJU/ 立法院資安危機暫解除　太陽能設備改用台廠變流器 https://ctee.com.tw/industrynews/greenenv/306801.html 新版身分證製作商傳曾與中國公安合作中央印製廠：不會接觸個資 https://m.ltn.com.tw/news/politics/breakingnews/3238779 從中國eID官網急刪合作廠商談New eID的國安危機 https://talk.ltn.com.tw/article/breakingnews/3233995 夯到斷線！客庄券瞬間湧入20萬筆申請狂當 https://reurl.cc/O1lrgr 兩岸若開戰　前國安局長蔡得勝：台灣不能打、不禁打、打不贏 https://www.ettoday.net/news/20200721/1765712.htm 強化產業連結台美攜手網路安全合作、掌握資安競爭力 https://turnnewsapp.com/livenews/finance/B03004002020071717501078 資安戰略扮演要角王美花：台廠攜手美商合作 https://money.udn.com/money/story/5612/4710160 H.工控系統/ICS/SCADA 相關資安港口日益成為網絡攻擊目標 https://reurl.cc/vDlvKy 剖析資安狙殺鏈CKC 醫療儀控入侵風險高 https://www.digitimes.com.tw/iot/article.asp?cat=158&cat1=20&cat2=70&id=0000589713_uq68itab0vmmi34rwnrly Advantech iView CVE-2020-14503 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-14503 siemens -- sicam_mmu_and_sgu_and_t https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10042 siemens -- sicam_mmu_and_sgu_and_t https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10038 I.教育訓練黑客攻防：從入門到精通(攻防與腳本程式編程篇)（簡體書） https://www.sanmin.com.tw/Product/index/005076442 How Threat Researchers Leverage the Darknet to Stay Ahead of Cyber Threats https://www.fortinet.com/blog/threat-research/how-threat-researchers-leverage-darknet-to-stay-ahead-of-cyber-threats How I Bypassed Crowdstrike Restriction https://medium.com/@viveik.chauhan/how-i-bypass-crowdstrike-restriction-1bc558abd464 Introduction into Eland - DataFrames and Machine Learning backed by Elasticsearch https://www.youtube.com/watch?v=U8fnkzp_sfo& J.物聯網/IOT/人工智慧/車聯網/光聯網/深度學習/機器學習/無人機/人臉辨識應用程式白名單-於車載平台與視窗系統防護之介紹 https://reurl.cc/4RKnoR 6.近期資安活動及研討會交通大學亥克書院基礎網頁安全與滲透測試 7/25 https://hackercollege.nctu.edu.tw/?p=1182 Android 11 Meetup - Languages and Android 11 Compatibility 7/30 https://www.meetup.com/GDG-Hsinchu/events/271377323/ Taipei Rails Meetup 7/30 https://www.meetup.com/rails-taiwan/events/271494964/ 5G資安從I開始－ 5G專網資安技術指引研議座談會 7月31日(五) http://www.tca.org.tw/exhibit_info1.php?n=1250 COSCUP 2020 8/1 https://coscup.org/2020/zh-TW #33 Azure Data Explorer 彎道超車 Elasticsearch - 五倍的馬士現身說法 8/5 https://www.meetup.com/Azure-Taiwan/events/271347892/ 【AWS】Security Engineering on AWS 雲端資訊安全認證課程 8/5 ~ 8/7 https://www.accupass.com/event/2005270919111855176110 109年度教育訓練 — 從系統層級來看聯網裝置資安 8/6 https://www.hcrc.edu.tw/education_detail/102 SITCON 2020 8/8 https://sitcon.org/2020/ CYBERSEC 2020 臺灣資安大會 8/12 https://cyber.ithome.com.tw/ AI/BigData技能養成班系列課程-白帽駭客認知班(確定開課) 8/14 https://www.accupass.com/event/2005060928471871405427 高雄場-資安趨勢暨物聯網(IoT)資安探討 8/17 https://tacert.mis.nsysu.edu.tw/p/404-1257-207359.php 臺北場-資安趨勢暨網路攻防技術 8/20 https://tacert.mis.nsysu.edu.tw/p/404-1257-237050.php 自然語言處理技術再進化，Google BERT讓聊天機器人更能理解人類意圖，進入全新境界 8/22 https://www.techbang.com/posts/78985-course-bert-technology-practice NISRA Enlightened 2020 8/24 https://nisra.kktix.cc/events/2020enlightened 開源碼網管軟體實作(高雄上機實作)8/26 https://tacert.mis.nsysu.edu.tw/p/404-1257-207353.php 認證系統安全從業人員 SSCP 輔導班 9/5 ~ 9/13 https://www.iiiedu.org.tw/courses/asq902t2001/ 邊緣計算系統之大數據與深度學習應用 9/11 https://reurl.cc/62OD9k 數據分析與機器學習案例實務(四)應用實例 9/14 https://reurl.cc/1xAoMp 系統防護及內網威脅通報應變實戰班 11/17、11/24 http://service.tabf.org.tw/tw/user/409646/course1-4.htm