資安事件新聞週報 2020/11/23 ~ 2020/11/27

###### tags: `資安事件新聞週報` # 資安事件新聞週報 2020/11/23 ~ 2020/11/27 1.重大弱點漏洞/後門/Exploit/Zero Day 兩中國製路由器被指有「後門」漏洞　沃爾瑪亞馬遜有售 https://reurl.cc/2gGExn 近五萬台 Fortinet VPN 登入資訊遭竊，全球多家金融機構與政府機關被駭 https://www.twcert.org.tw/tw/cp-104-4175-96cb7-1.html Fortinet 社製 FortiOS の SSL VPN 機能の脆弱性 (CVE-2018-13379) https://www.jpcert.or.jp/newsflash/2020112701.html 玩家用蘋果 T2 晶片漏洞　將 Mac 開機聲改成歷代 PlayStation 開機音樂 https://m.eprice.com.tw/tech/talk/1184/5588869/1 Red Hat ceph-ansible 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25677 VMWare 產品多個漏洞 https://www.vmware.com/security/advisories/VMSA-2020-0026.html https://www.auscert.org.au/bulletins/ESB-2020.4160/ VMware Security Advisory - VMSA-2020-0027 https://www.vmware.com/security/advisories/VMSA-2020-0027.html https://kb.cert.org/vuls/id/724367 VMWare管理平臺產品Workspace One爆重大指令注入漏洞，官方公布緩解措施，修補程式還在路上 https://www.ithome.com.tw/news/141292 VMWare 虛擬環境逃逸漏洞通告 https://cert.360.cn/warning/detail?id=df1ba30fbbfe62a3629dfef6ed96ac1c Critical Unpatched VMware Flaw Affects Multiple Corporates Products https://thehackernews.com/2020/11/critical-unpatched-vmware-flaw-affects.html 2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software https://thehackernews.com/2020/11/2-factor-authentication-bypass-flaw.html 視訊會議服務 Webex 漏洞，可能遭駭侵者潛入會議 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=8900 October CMS 跨站脚本漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15249 Linux kernel 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15437 cPanel 存在漏洞繞過2FA 致數千萬網站遭受黑客攻擊 https://www.wangan.com/articles/1809 英國呼籲各大組織儘速修補MobileIron行動裝置管理漏洞2020-15505 https://www.ithome.com.tw/news/141298 Brocade FabricOS 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15376 MediaWiki 跨站脚本漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29003 Libvnc xvnc 安全漏洞 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29074 2.銀行/金融/保險/證券/支付系統/ 新聞及資安金管會啟動「打炒房」！將專案金檢10家銀行 https://news.housefun.com.tw/news/article/157894278077.html AFMA 銀行競爭力評比新核心 https://money.udn.com/money/story/5613/5040939 保險業務4缺失合庫人壽挨罰400萬、4糾正 https://reurl.cc/Ezl4r1 5大公股行庫招考1300人起薪36K https://reurl.cc/D6k4mO 合庫銀將徵才近300人 https://www.chinatimes.com/newspapers/20201126000450-260209?chdtv 資安專家︰銀行核證過程題目應更複雜 https://news.ltn.com.tw/news/society/paper/1415100 開放銀行第二階段集保領軍 https://ctee.com.tw/news/finance/376468.html 【金融業FIDO應用實例】行動銀行安全性提升，更多臺灣金融業建置FIDO，企金行動App也將跟進 https://www.ithome.com.tw/news/141253 電商平台跨足保險服務下階段涵蓋店家需求 https://www.cna.com.tw/news/afe/202011260240.aspx 金融博覽會明登場展現無卡消費、掃臉繳費等服務 https://udn.com/news/story/7239/5046231 New Grelos Skimmer Variants https://www.riskiq.com/blog/external-threat-management/magecart-grelos/ https://community.riskiq.com/article/8c4b4a7a OFFICERS FOIL FRAUDSTERS FROM STEALING €40 MILLION IN PAYMENT CARD SCAM https://www.europol.europa.eu/newsroom/news/officers-foil-fraudsters-stealing-%E2%82%AC40-million-in-payment-card-scam 3.電子支付/行動支付/pay/資安利用行動支付漏洞盜刷200萬 https://udn.com/news/story/7320/5044276 謊稱持卡人改門號綁定行動支付╱詐團騙過銀行盜刷200萬 https://news.ltn.com.tw/news/society/paper/1415099 行動支付買鞋她開手機「計算機」功能亂按數字騙倒店員賺一票 https://www.chinatimes.com/realtimenews/20201127005901-260409?chdtv 台灣行動支付喜愛排行 APPLE PAY僅第五 https://www.chinatimes.com/realtimenews/20201126004832-260410?chdtv 揭開行動支付五大應用模式成功關鍵秘訣 https://money.udn.com/money/story/10860/5036962 行動支付偏好度超越實體信用卡 https://www.chinatimes.com/newspapers/20201113000238-260205?chdtv 電子支付大幅成長 https://money.udn.com/money/story/5613/5038578 一張圖搞懂Apple Pay、Line Pay、街口支付有何不同 https://finance.ettoday.net/news/1860414 全聯PX Pay將進軍電子支付！今年業績突破1400億，林敏雄分析三大成長動能 https://www.bnext.com.tw/article/60133/pxmart-px-pay-electronic-payment 悠遊卡PK一卡通電子支付白熱化 https://reurl.cc/r8GrKZ 結合電子支付財長盼雲端發票占比明年衝35% https://udn.com/news/story/7239/5040400 4.加密貨幣/挖礦/區塊鍊資安發現 DeFi 的漏洞與選擇 https://reurl.cc/9XN7EY 藉佈局區塊鏈將新竹打造為新創首都！交大攜手Maxonrow成立科技管理暨區塊鏈研究中心 https://news.knowing.asia/news/1f0bb405-6998-45f6-b926-238e6687c758 FT：臉書最快明年1月推Libra幣但只會與美元掛鉤 https://udn.com/news/story/6811/5049172?from=udn-catelistnews_ch2 人行前行長周小川：發展電子支付貨幣要求同存異 https://udn.com/news/story/7333/5040354 CBDC是萬靈丹？最新報告：CBDC比私營數位貨幣更能保障隱私 https://news.knowing.asia/news/3ed522a0-7d4a-477c-b9d9-ef47e02720dc 數位人幣不與行動支付競爭 https://reurl.cc/r8GrYZ 陸數位衝過頭…人行表態拒收現金將吞罰 https://ctee.com.tw/news/china/377511.html 麻生太郎：日本有必要密切關注數位人民幣發展 https://ec.ltn.com.tw/article/breakingnews/3360727 TOYOTA與加密貨幣交易所合作！將探索數位貨幣和區塊鏈 https://news.knowing.asia/news/18d037c6-648d-4d5d-b4f8-8c43f49efe2c 延後實施！韓國將從2022年元月起開始對加密貨幣徵稅 https://news.knowing.asia/news/3180da18-f726-4f91-8b7a-c29e9e9d1557 數碼人幣首批試點　香港能否爭飲「頭啖湯」 https://reurl.cc/A8m4bj 5.資安事件新聞 A.病毒木馬 / 殭屍網路 / 勒索軟體 / Adware /APT /後門程式/IOC 南韓知名集團E-Land遭勒索軟體攻擊，23家門市暫停營運 https://www.ithome.com.tw/news/141300 學校如果自採網路設備或如有自用時，別採購中國品牌Jetstream與Wavlink，有隱藏後門程式 http://webnas.bhes.ntpc.edu.tw/wordpress/archives/19561 iPhone 「行事曆」上的垃圾廣告邀請,可能夾帶病毒,該如何移除 https://blog.trendmicro.com.tw/?p=66178 被勒索軟體侵襲的法國IT服務業者Sopra Steria估計受損超過4,000萬歐元 https://www.ithome.com.tw/news/141325 AZORult Delivered by GuLoader https://www.vmray.com/cyber-security-blog/azorult-delivered-by-guloader-malware-analysis-spotlight/ Luhansk Ukraine Gov. Phishing Campaign https://mp.weixin.qq.com/s/aMj_EDmTYyAouHWFbY64-A Campaign related to the Armenia-Azerbaijan conflict https://www.domaintools.com/resources/blog/current-events-to-widespread-campaigns-pivoting-from-samples-to-identify Ragnar Locker Ransomware https://blog.blazeinfosec.com/dissecting-ragnar-locker-the-case-of-edp/ https://www.deepinstinct.com/2020/04/27/ragnar-locker-ransomware-unlocked-by-deep-instinct/ Kimsuky maldoc targeting South Korea with Biden Lure https://twitter.com/RedDrip7/status/1329628989699235840?s=20 RegretLocker http://chuongdong.com/reverse%20engineering/2020/11/17/RegretLocker/ https://blog.malwarebytes.com/ransomware/2020/11/regretlocker-new-ransomware-can-encrypt-windows-virtual-hard-disks/ PYSA/Mespinoza Ransomware https://thedfirreport.com/2020/11/23/pysa-mespinoza-ransomware/ MooBot Using 0day Targeting UNIX CCTV DVR https://blog.netlab.360.com/moobot-0day-unixcctv-dvr-en/ Weaponizing Open Source Software for Targeted Attacks https://www.trendmicro.com/en_us/research/20/k/weaponizing-open-source-software-for-targeted-attacks.html TrickBot Packed Modules and New C2 infrastructure that uses Mikrotik routers https://labs.bitdefender.com/2020/11/trickbot-is-dead-long-live-trickbot/ Mustang Panda (TA416) Using Golang PlugX Malware Loader https://www.proofpoint.com/us/blog/threat-insight/ta416-goes-ground-and-returns-golang-plugx-malware-loader Remcos RAT malware being distributed as malspam https://asec.ahnlab.com/ko/16269/ Blackrota, a heavily obfuscated backdoor written in Go https://blog.netlab.360.com/blackrota-an-obfuscated-backdoor-written-in-go-en/ New Version of Stantinko Group Linux Proxy Trojan masquerades as httpd https://www.intezer.com/blog/research/stantinkos-proxy-after-your-apache-server/ Egregor RaaS Continues Using Cobalt Strike and Rclone https://labs.sentinelone.com/egregor-raas-continues-the-chaos-with-cobalt-strike-and-rclone/ WAPDropper: An Android Malware Subscribing Victims to Premium Services https://research.checkpoint.com/2020/enter-wapdropper-subscribe-users-to-premium-services-by-telecom-companies/ Ranzy - Ransomware as a Service https://labs.sentinelone.com/ranzy-ransomware-better-encryption-among-new-features-of-thunderx-derivative/ MedusaLocker Ransomware Analysis https://www.cybereason.com/blog/medusalocker-ransomware Evolution of Emotet: From Banking Trojan to Malware Distributor https://thehackernews.com/2020/11/anyrun-emotet-malware-analysis.html Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies https://thehackernews.com/2020/11/stantinko-botnet-now-targeting-linux.html B.行動安全 / iPhone / Android /穿戴裝置 /App / 5G 利用APP程式漏洞超商店長狂詐185萬元點數 https://udn.com/news/story/7320/5045738 菸商APP遭駭！超商店長自學程式鑽系統漏洞...公司損失185萬 http://www.nexttv.com.tw/NextTV/News/Home/Society/2020-11-26/310485.html 菸商台灣分公司APP遭盜領點數　竹南2超商兄弟店長+親友神鬼手法曝 https://www.ettoday.net/news/20201126/1863377.htm 百度遭美國資安公司踢爆：偷收集 IMEI、IMSI 與 MAC 傳回中國 https://www.inside.com.tw/article/21678-Warning-Banned-Baidu-Apps-Exposed-Sensitive-Data-On-Up-To-Android-Phones 百度App遭爆：偷把資料傳回中國14億個資恐外洩 https://www.ntdtv.com/gb/2020/11/25/a102995233.html 百度怎麼都知道？因為 Android 版 App 有 600 萬個資全外洩 https://technews.tw/2020/11/25/baidu-android-app-data-leaking-20201125/ 小心百度APP 14億用戶敏感數據傳送中國 https://www.secretchina.com/news/b5/2020/11/26/953748.html China's Baidu Android Apps Caught Collecting Sensitive User Data https://thehackernews.com/2020/11/baidus-android-apps-caught-collecting.html Facebook Messenger Bug Lets Hackers Listen to You Before You Pick Up the Call https://thehackernews.com/2020/11/facebook-messenger-bug-lets-hackers.html WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages https://thehackernews.com/2020/11/warning-unpatched-bug-in-go-sms-pro-app.html 德國5G恐排除華為習近平致電梅克爾籲保持開放 https://www.cna.com.tw/news/aopl/202011240361.aspx 德國5G恐排除華為習近平急電梅克爾:盼德國和歐盟對中國企業保持開放 https://tw.appledaily.com/international/20201125/VQEOW6YSCNFLZAKP3LZD6BO5TA/ 德國敞開大門？資安法草案未排除華為 https://www.chinatimes.com/realtimenews/20201126002820-260410?chdtv 使用華為5G設備英開罰 https://ctee.com.tw/news/global/375787.html 山友必備 Nokia 215 4G手機可待機20天超安心 https://www.chinatimes.com/realtimenews/20201125002548-260412?chdtv C.事件 / 駭客 / DDOS / APT / 雲端/ 暗網/ 徵才 / 國際資安事件網路犯罪盯上遊戲玩家,七對策自保 https://blog.trendmicro.com.tw/?p=66143 網路陷阱不可忽視三大建議讓孩子遠離網路惡勢力 https://saydigi-tech.com/2020/11/32942.html 國內資訊產品代工大廠疑遭駭侵攻擊 https://www.twcert.org.tw/tw/cp-104-4156-b7a28-1.html 研華遭駭客攻擊　系統一度癱瘓 https://tw.appledaily.com/finance/20201124/KDRCNWKOLRFMDFXC2VKOP6IGOI/ 因擔憂與中國分享太多用戶資料 Airbnb資安信託長於去年離職 https://nadailynews.com/49114/ CNN曾追Dominion 歐巴馬政府顧問：2020大選必遭駭 https://www.ntdtv.com.tw/b5/20201125/video/283829.html 18個月調查安全專家：美選舉系統存大量漏洞 https://www.ntdtv.com/b5/2020/11/24/a102994294.html 菲大選用Smartmatic投票機台中選會：有黑箱疑慮 https://www.epochtimes.com/b5/20/11/24/n12571843.htm D.資料外洩/個資法/GDPR/網路詐騙/網路釣魚/盜刷/假新聞健保署開放死者資料　挨轟「欺負死人不會講話」 https://tw.appledaily.com/headline/20201125/AQXS3PR46NDK3CZGZPSDHAWZJI/ 釣魚詐騙也搭《鬼滅之刃》熱潮！簡單一招輕鬆破解 https://3c.ltn.com.tw/news/42418 疫情期刷卡增詐騙也猖狂 https://www.worldjournal.com/wj/story/121275/5039072 銀行大漏洞！詐團騙過客服改電話、信箱綁定行動支付盜刷 https://news.ltn.com.tw/news/society/breakingnews/3362465 10萬份僅售40元　內地知名招聘網再陷簡歷洩露倒賣事件 https://reurl.cc/Md54vp 加州囚犯騙取失業金　2萬人獲批共1.4億美元 https://hk.on.cc/hk/bkn/cnt/amenews/20201125/bkn-20201125202512413-1125_00972_001.html 攻堅破詐騙！主嫌租豪宅當機房　長腿妹當話務騙大陸民眾 https://www.setn.com/News.aspx?NewsID=855166 Yahoo寄來的電子郵件要求輸入帳密否則停權？當心資料遭竊 https://www.mygopen.com/2020/11/yahoo-email.html 資安廠商公布 2020 年最多人使用的前 200 組密碼 https://www.twcert.org.tw/tw/cp-104-4173-b8050-1.html 易遊網中資色彩遭質疑林佳龍：相信該公司會努力符合法令 https://www.rti.org.tw/news/view/id/2085694 憂中國掌控民間團體籲政府令禁旅行社跨境傳輸個資 https://www.rti.org.tw/news/view/id/2085698 易遊網董座駁跨境洩個資民團加碼新事證 https://reurl.cc/Oq3GrR 國際刑警組織逮捕3名電子郵件詐騙嫌犯 https://www.ithome.com.tw/news/141323 Spoofed FBI Domains Pose Cyber and Disinformation Risks https://www.ic3.gov/Media/Y2020/PSA201123 Information Leakage in AWS Resource-Based Policy APIs https://unit42.paloaltonetworks.com/aws-resource-based-policy-apis/ Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities https://thehackernews.com/2020/11/interpol-arrest-3-nigerian-bec-scammers.html E.研究報告 Web安全：JSON注入漏洞 https://read01.com/RMy6GGP.html#.X8ET5WgzbIU CVE-2020-1938 環境搭建與漏洞復現 https://www.cnblogs.com/Remokey/p/14034598.html 漏洞分析- Apache Tomcat WebSocket DoS (CVE-2020-13935) https://xz.aliyun.com/t/8550 新漏洞使我們可以最好地了解谷歌的新Chromecast https://www.ahjcg.cn/Article/2020/1125/29169.html Apache Unomi遠程命令執行漏洞（CVE-2020-13942） https://blog.csdn.net/qq_41832837/article/details/110153415 Wsreset漏洞的分析與利用 https://zhuanlan.zhihu.com/p/311684745 ImageMagick PDF解析漏洞允許黑客執行shell命令 https://www.sohu.com/a/434295192_354899 Windows打印機驅動程序本地提權漏洞分析（CVE-2019-19363） https://www.4hou.com/posts/O5OL Why Replace Traditional Web Application Firewall (WAF) With New Age WAF https://thehackernews.com/2020/11/why-replace-traditional-web-application.html RFI/LFI Payload List https://hakin9.org/rfi-lfi-payload-list/ Dtrackを使った組織侵入型ランサムインシデントの分析 https://blog.macnica.net/blog/2020/11/dtrack.html Investigation with a twist: an accidental APT attack and averted data destruction https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/incident-response-polar-ransomware-apt27/ F.商業 GitLab 13.6可自動部署程式碼至AWS EC2 https://www.ithome.com.tw/news/141304 K8s分散式儲存etcd成為CNCF頂級專案 https://www.ithome.com.tw/news/141302 精誠第三屆「資安攻防電競賽」冠軍隊伍出爐 http://tw.systex.com/20201124-newsrelease/ 台灣 IBM 提出 IBM X-Force Red，為 5G 時代資安提供解決方案 https://technews.tw/2020/11/24/ibm-taiwan-x-force-red/ 數位鑑識與電子取證為未來蒐證重點 https://www.chinatimes.com/realtimenews/20201125003773-260410?chdtv 鑑識科技研討會勤業眾信：留意數位證據保存議題 https://udn.com/news/story/7238/5043641 防範針對無伺服器平台攻擊趨勢科技推雲端防護方案 https://reurl.cc/q8Ar0D 【廠商服務及產品FIDO應用態勢】Google、微軟都在強化網路服務登入安全，更多廠商服務及產品應用FIDO https://www.ithome.com.tw/news/141256 防範資安威脅，趨勢科技針對雲端原生應用程式與 API 防護提出解決方案 https://reurl.cc/8nM00b 自動化取代人力資安管理，Check Point 推出網路安全平台 https://technews.tw/2020/11/26/it-check-point-security/ 中信國際電訊 CPC 攜手戰略夥伴，三大亮點共譜數位轉型藍圖 https://technews.tw/2020/11/26/cpc-boundless-digitalization-cloud-network-convergence-summit/ G.政府國防大學戰略研究中心專題論壇精進資安防護 https://reurl.cc/Md54bk 刑事局長黃明昭投書韓媒籲攜手防疫也防駭 https://money.udn.com/money/story/5599/5040711 刑事局長投書大馬媒體籲支持台灣參與國際組織 https://money.udn.com/money/story/5599/5043691?from=edn_breaknewstab_index 資安、個資保護行政院：由數位發展部主責 https://www.cna.com.tw/news/aipl/202011250150.aspx 政府組改李孟諺：數位發展部主責個資保護資安署統籌政府資安 https://www.rti.org.tw/news/view/id/2085646 部署數位經濟實力政院：5大面向推動落實 https://www.ydn.com.tw/news/newsInsidePage?chapterID=1290928 數位身分證eID資安議題誰來管？立委范雲呼籲另訂專法，由具備獨立職能的數位發展部來承接 https://reurl.cc/9XN74X 數位發展五面向政委郭耀煌：是未來國家戰略議題 https://www.chinatimes.com/realtimenews/20201124005282-260410?chdtv 中央指定竹市試辦數位身分證議會反對促市府回絕 https://news.ltn.com.tw/news/politics/breakingnews/3362184 大談5G及智慧城市結合新北無人機聯隊、食安平台吸睛 https://udn.com/news/story/7241/5043112?from=udn-ch1_breaknews-1-cate6-news 人才荒有解政院明拍板設半導體研究學院 https://www.chinatimes.com/realtimenews/20201125006313-260410?chdtv 工研院「2030技術策略與藍圖論壇」　瞄準下一個十年產業新局　用科技帶領臺灣尋新價值 https://www.itri.org.tw/ListStyle.aspx?DisplayStyle=01_content&SiteID=1&MmmID=1036276263153520257&MGID=109112416305033748 【政府FIDO應用實例】內政部TW FidO介接便民服務與公務系統，讓國人登入政府服務簡易又安全 https://www.ithome.com.tw/news/141254 政院資安處將移入數位發展部主責資安、個資保護 https://www.epochtimes.com/b5/20/11/25/n12574543.htm 政院拍板「創新條例」草案！學士畢業生可直接報考研究學院博士班 https://newtalk.tw/news/view/2020-11-26/500175 實名認證「EZ WAY易利委」財政部、海關掛保證 https://www.chinatimes.com/realtimenews/20201126004827-260410?chdtv H.工控系統/ICS/SCADA 相關資安 Researchers Warn of Critical Flaw Affecting Industrial Automation Systems https://thehackernews.com/2020/11/researchers-warn-of-critical-flaws.html NEXCOM NIO 50 明文傳輸敏感信息漏洞 https://www.cics-vd.org.cn/publish/main/list/leakInfo/leakInfo_12472.html Columbia Weather Systems Weather MicroServer 輸入驗證錯誤漏洞 https://www.cics-vd.org.cn/publish/main/list/leakInfo/leakInfo_12454.html 運用ICT與5G 協助台灣高階醫材邁向國際 https://times.hinet.net/topic/23130798 I.教育訓練迎接年末轉職潮，面對企業上雲現在式，工程師如何拿下隱形職涯機會 https://buzzorange.com/techorange/2020/11/24/aws_cloud_career_training/ Understanding MySQL Memory Usage with Performance Schema https://www.percona.com/blog/2020/11/02/understanding-mysql-memory-usage-with-performance-schema/?utm_content=blog Open University http://www.open.ac.uk/ Cybrary https://www.techradar.com/best/best-online-cyber-security-courses#1-cybrary US Department of Homeland Security https://www.techradar.com/best/best-online-cyber-security-courses#2-us-department-of-homeland-security Open Security Training https://www.techradar.com/best/best-online-cyber-security-courses#3-open-security-training Heimdal Security https://www.techradar.com/best/best-online-cyber-security-courses#4-heimdal-security Sans Cyber Aces Online https://www.techradar.com/best/best-online-cyber-security-courses#5-sans-cyber-aces-online K.物聯網/IOT/人工智慧特斯拉密鑰有多好騙？僅用3分鐘，你的Model X就可能被駭客開走 https://news.knowing.asia/news/bb71f19b-95cf-4d93-9d4d-214383e004de Tesla修補可直接把Model X開走的安全漏洞 https://www.ithome.com.tw/news/141290 Tesla修補可直接把Model X開走的安全漏洞！Model S鑰匙圈中讓駭客可盜走該電動車的安全漏洞 https://www.insoler.com/forum/topic/16062890309332.htm 不只 Deepfake，研究報告發現歹徒利用人工智慧犯罪 https://technews.tw/2020/11/26/deepfake-ai-trend-micro/ 資安攻擊事件頻傳，最新物聯網設備認驗證制度大公開 https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=8907 6.近期資安活動及研討會物聯網資安標章成果發表會 2020/12/01 https://www.taics.org.tw/RecentACTForm.aspx?ACTCat_id=1&ACT_id=11148 AWS 開發者的年末盛會 2020 年 12 月 4 日 (五) https://aws.amazon.com/tw/events/taiwan/devday/?sc_category=mult g0v Summit 2020 台灣零時政府雙年會 12/4 ~ 12/6 https://g0v-summit-2020.kktix.cc/events/c0nf https://g0v-summit-2020.kktix.cc/events/eat-table 吱吱盃駭客松 2020/12/11 https://nsysuisc.kktix.cc/events/hackathon2020 Cyber Next , Security First 產業交流活動 12/11 https://www.acw.org.tw/News/Detail.aspx?id=1161 智慧製造工控資安研討會 12/11 https://docs.google.com/forms/d/e/1FAIpQLSf0eOAJls_h9QjOeS5I4AiZO2KrPWsKtsM7EQZ1KQNQutREiw/viewform 交通大學亥客書院高階網頁滲透測試 12/5 12/12 https://hackercollege.nctu.edu.tw/?p=1224 SP-ISAC 資安沙龍12/17 https://spisac.kktix.cc/events/20201217 【智慧資安】超前部署AI機器學習提升資安防護力【Power of X 科技講堂】 12/17 http://tw.systex.com/powerofx-webinar-1217/ LINE TAIWAN TECHPULSE 2020 大會12/18 https://www.computerdiy.com.tw/20201120_line/ 交通大學亥客書院系統滲透測試與漏洞利用 12/19 https://hackercollege.nctu.edu.tw/?p=1226 利用NAC系統進行資安聯防提升企業資安與競爭力【Power of X 科技講堂】 12/28 http://tw.systex.com/powerofx-webinar-1228/ 交通大學亥客書院 AI於資訊安全之應用 2021/1/9 1/16 https://hackercollege.nctu.edu.tw/?p=1228 交通大學亥客書院企業網域控管－Active Directory攻擊與防禦 2021/1/23 https://hackercollege.nctu.edu.tw/?p=1230 2021 南新科技中心寒假營隊 [駭客攻防資安體驗營] 2021年1月21-22日 https://www.nsjh.tn.edu.tw/modules/tadnews/index.php?nsn=7790

Syntax	Example	Reference
# Header	Header	基本排版
- Unordered List	Unordered List
1. Ordered List	Ordered List
- [ ] Todo List	Todo List
> Blockquote	Blockquote
Bold font	Bold font
Italics font	Italics font
~~Strikethrough~~	~~Strikethrough~~
19^th^	19^th
H~2~O	H₂O
++Inserted text++	Inserted text
==Marked text==	Marked text
[link text](https:// "title")	Link
![image alt](https:// "title")	Image
`Code`	`Code`	在筆記中貼入程式碼
```javascript var i = 0; ```	`var i = 0;`
:smile:		Emoji list
{%youtube youtube_id %}	Externals
$L^aT_eX$	L^aT_eX
:::info This is a alert area. :::	This is a alert area.