[B! ã‚¤ãƒ©ãƒ³] tukananaã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

tukanana id:tukanana

ã‚¤ãƒ©ãƒ³ã«é–¢ã™ã‚‹tukananaã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (21)

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

{{#following_bookmarks}}

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

{{/following_bookmarks}}

{{/is_wiped}}

UNC1860 and the Temple of Oats: Iranâ€™s Hidden Hand in Middle Eastern Networks | Google Cloud Blog
tukanana 2024/09/20
security

Google

forensic-report

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
ã‚¤ãƒ©ãƒ³ã®ä½œå®¶ãŒã€Œ.ã€ã ã‘ã§æœ€é«˜æŒ‡å°Žè€…ã®Xãƒã‚¹ãƒˆã«è¿”ä¿¡ã—ãŸã“ã¨ã§æ‡²å½¹12å¹´ã®åˆ‘ã«
ã‚¤ãƒ©ãƒ³ã®æœ€é«˜æŒ‡å°Žè€…ã§ã‚ã‚‹ãƒãƒ¡ãƒã‚¤å¸«ãŒX(æ—§Twitter)ã«æŠ•ç¨¿ã—ãŸãƒã‚¹ãƒˆã«å¯¾ã—ã€Œ.ã€ã¨ã„ã†è¿”ä¿¡ã‚’è¡Œã£ãŸã“ã¨ãŒæ”¿æ¨©æ‰¹åˆ¤ã¨è¦‹ãªã•ã‚Œã€ä½œå®¶å…¼æ´»å‹•å®¶ã®ãƒ›ã‚»ã‚¤ãƒ³ãƒ»ã‚·ãƒ£ãƒ³ãƒ™ã‚¶ãƒ‡æ°ã«å¯¾ã—æ‡²å½¹12å¹´ã®åˆ‘ãŒå®£å‘Šã•ã‚Œã¾ã—ãŸã€‚ Iran writer Shanbehzadeh sentenced to 12 years after tweeting dot to supreme leader : NPR https://www.npr.org/2024/09/02/g-s1-20579/iran-sentenced-12-years-tweet-supreme-leader A single dot under Khamenei's tweet gets Iranian blogger long jail term | Iran International https://www.iranintl.com/e
tukanana 2024/09/04
ã‚¤ãƒ©ãƒ³

ã“ã‚Œã¯ã²ã©ã„

twitter

SNS
ãƒªãƒ³ã‚¯
ã‚¤ãƒ©ãƒ³ãŒã€Œã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ãƒ»ãƒãƒžã‚¹æˆ¦äº‰ã€ã®è£ã§åã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ä¸–è«–å½¢æˆã®ãŸã‚ã®ã‚µã‚¤ãƒãƒ¼æ´»å‹•ã‚’å¼·åŒ–ã—ã¦ã„ã‚‹ã¨GoogleãŒå ±å‘Š
Googleã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ç ”ç©¶ãƒãƒ¼ãƒ ã€ŒThreat Analysis Group(TAG)ã€ãŒ2024å¹´2æœˆ14æ—¥ã«ã€ã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ãƒ»ãƒãƒžã‚¹æˆ¦äº‰ã«ãŠã‘ã‚‹ã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã®æ¦‚æ³ã‚’ã¾ã¨ã‚ãŸãƒ¬ãƒãƒ¼ãƒˆã‚’ç™ºè¡¨ã—ã¾ã—ãŸã€‚ã“ã®ãƒ¬ãƒãƒ¼ãƒˆã«ã‚ˆã‚Šã€ã‚¤ãƒ©ãƒ³ãŒã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ã‚„ã‚¢ãƒ¡ãƒªã‚«ã®ä¸–è«–ã‚’æ¨™çš„ã¨ã—ãŸã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã¸ã®é–¢ä¸Žã‚’å¼·ã‚ã¦ã„ã‚‹ã“ã¨ã‚„ã€ã‚¦ã‚¯ãƒ©ã‚¤ãƒŠ æˆ¦äº‰ã®ä¸€ç’°ã¨ã—ã¦ãƒã‚·ã‚¢ãŒè¡Œã£ã¦ã„ã‚‹ã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã¨ã®å¤§ããªé•ã„ãªã©ãŒæµ®ãå½«ã‚Šã«ãªã‚Šã¾ã—ãŸã€‚ Tool of First Resort: Israel-Hamas War in Cyber https://blog.google/techno logy/safety-security/tool-of-first-resort-israel-hamas-war-in-cyber/ Googleã®TAGã¯ã€ä»Šå›žç™ºè¡¨ã—ãŸãƒ¬ãƒãƒ¼ãƒˆã€Œ(PDFãƒ•ã‚¡ã‚¤ãƒ«)Tool of First Resortã€ã®
tukanana 2024/02/16
ã‚¤ãƒ©ãƒ³

security

Google
ãƒªãƒ³ã‚¯
ã‚¤ãƒ©ãƒ³ã¯åã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ã®ã‚µã‚¤ãƒãƒ¼ä½œæˆ¦ã§ã€ŒAIç”Ÿæˆã®ãƒ‹ãƒ¥ãƒ¼ã‚¹ã‚ãƒ£ã‚¹ã‚¿ãƒ¼ã€ã‚’ç”¨ã„ã¦ã„ã‚‹ã€ã‚¢ãƒ¡ãƒªã‚«å¤§çµ±é ˜é¸ã«ã‚‚å½±éŸ¿åŠ›ã‚’ç™ºæ®ã™ã‚‹æ‡¸å¿µã‚‚
2023å¹´10æœˆã«ãƒãƒžã‚¹ã¨ã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ã®æˆ¦äº‰ãŒå§‹ã¾ã£ã¦ä»¥é™ã€ã‚¤ãƒ©ãƒ³æ”¿åºœã¨é–¢é€£ã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ãŒãƒãƒžã‚¹ã‚’æ”¯æ´ã™ã‚‹ã‚µã‚¤ãƒãƒ¼ä½œæˆ¦ã‚’å±•é–‹ã—ã¦ã„ã¾ã™ã€‚Microsoft Threat Analysis Center(MTACï¼šMicrosoftè„…å¨åˆ†æžã‚»ãƒ³ã‚¿ãƒ¼)ãŒã€ã‚¤ãƒ©ãƒ³ã«ã‚ˆã‚‹åã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ã®ã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã«ã¤ã„ã¦ã®èª¿æŸ»çµæžœã‚’å…¬é–‹ã—ã¾ã—ãŸã€‚ Iran accelerates cyber ops against Israel from chaotic start - Microsoft On the Issues https://blogs.microsoft.com/on-the-issues/2024/02/06/iran-accelerates-cyber-ops-against-israel/ Iran's srael cyber ops tease US election meddling tacti
tukanana 2024/02/09
security

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs | Microsoft Security Blog
tukanana 2024/01/18
security

forensic-report

ã‚¤ãƒ©ãƒ³

Microsoft
ãƒªãƒ³ã‚¯
ã‚¤ãƒ©ãƒ³ã®æ ¸æ–½è¨ç ´å£Šä½œæˆ¦ã®ãŸã‚ã‚¢ãƒ¡ãƒªã‚«ãŒ1500å„„å††ã‚’è²»ã‚„ã—ã‚ªãƒ©ãƒ³ãƒ€ã®ã‚¹ãƒ‘ã‚¤çµ„ç¹”ãŒä½œæˆ¦ã‚’å®Ÿæ–½ã—ãŸã‚‚ã®ã®ã‚ªãƒ©ãƒ³ãƒ€æ”¿åºœã¯äº‹æ…‹ã‚’æŠŠæ¡ã—ã¦ã„ãªã‹ã£ãŸå¯èƒ½æ€§ãŒæµ®ä¸Š
ã‚¢ãƒ¡ãƒªã‚«ã¨ã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ã¯2000å¹´ä»£å¾ŒåŠã«ã‚¤ãƒ©ãƒ³ã®æ ¸å®Ÿé¨“æ–½è¨ã¸ã®å¦¨å®³å·¥ä½œã‚’ä¸»å°Žã—ã¦ã„ãŸã“ã¨ãŒçŸ¥ã‚‰ã‚Œã¦ãŠã‚Šã€å¦¨å®³å·¥ä½œã§ã¯ã‚¢ãƒ¡ãƒªã‚«ã¨ã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ãŒé–‹ç™ºã—ãŸãƒžãƒ«ã‚¦ã‚§ã‚¢ã€Œã‚¹ã‚¿ãƒƒã‚¯ã‚¹ãƒãƒƒãƒˆã€ãŒä½¿ã‚ã‚ŒãŸã“ã¨ã‚„ã€ã‚¹ã‚¿ãƒƒã‚¯ã‚¹ãƒãƒƒãƒˆã‚’æ”»æ’ƒå¯¾è±¡ã¸ä¾µå…¥ã•ã›ãŸã®ã¯ã‚ªãƒ©ãƒ³ãƒ€ã®æƒ…å ±æ©Ÿé–¢ã€ŒAIVDã€ã®ã‚¹ãƒ‘ã‚¤ã§ã‚ã‚‹ã“ã¨ãªã©ãŒé–¢ä¿‚è€…ã«ã‚ˆã£ã¦è¨¼è¨€ã•ã‚Œã¦ã„ã¾ã™ã€‚æ–°ãŸã«ã€ã‚¹ã‚¿ãƒƒã‚¯ã‚¹ãƒãƒƒãƒˆã®é–‹ç™ºã«10å„„ãƒ‰ãƒ«(ç´„1500å„„å††)è¦æ¨¡ã®è³‡é‡‘ãŒæŠ•å…¥ã•ã‚Œã¦ã„ãŸã“ã¨ã‚„ã€AIVDã®é–¢ä¸Žã‚’ã‚ªãƒ©ãƒ³ãƒ€æ”¿åºœãŒèªè˜ã—ã¦ã„ãªã‹ã£ãŸã“ã¨ãªã©ãŒå ±ã˜ã‚‰ã‚Œã¾ã—ãŸã€‚ Sabotage in Iran: een missie in duisternis https://www.volkskrant.nl/kijkverder/v/2024/sabotage-in-iran-een-missie-in-duisternis~v989743/ "Dutch engineer
tukanana 2024/01/15
security

ã‚¤ãƒ©ãƒ³

ã‚¢ãƒ¡ãƒªã‚«
ãƒªãƒ³ã‚¯
è¨å‚™ã®ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã‚’ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã€Œ1111ã€ã‹ã‚‰å¤‰æ›´ã—ãªã‹ã£ãŸæ°´é“äº‹æ¥è€…ãŒã‚¤ãƒ©ãƒ³ã®ãƒãƒƒã‚«ãƒ¼ã«ãƒãƒƒã‚ãƒ³ã‚°ã•ã‚Œã¦ã—ã¾ã†
2023å¹´11æœˆä»¥é™ã€ã‚¤ãƒ©ãƒ³ã®ã‚¤ã‚¹ãƒ©ãƒ é©å‘½é˜²è¡›éšŠ(IRGC)å‚˜ä¸‹ã«ã‚ã‚‹ã€ŒCyberAv3ngersã€ã¨ã„ã†ãƒãƒƒã‚ãƒ³ã‚°ã‚°ãƒ«ãƒ¼ãƒ—ãŒã€ã‚¤ã‚¹ãƒ©ã‚¨ãƒ«è£½ã®ã‚³ãƒ³ãƒ”ãƒ¥ãƒ¼ã‚¿ãƒ¼æ©Ÿå™¨ã‚’ä½¿ã†ã‚¢ãƒ¡ãƒªã‚«ã®æ°´é“æ–½è¨ãªã©ã«ãƒãƒƒã‚ãƒ³ã‚°ã‚’è¡Œã£ã¦ã„ã¾ã™ã€‚ä¸€éƒ¨ã®æ°´é“äº‹æ¥è€…ã¯ã€è¨å‚™ã®ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã‚’ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆè¨å®šã®ã€Œ1111ã€ã‹ã‚‰å¤‰æ›´ã—ã¦ã„ãªã‹ã£ãŸãŸã‚ã€ç°¡å˜ã«ãƒãƒƒã‚ãƒ³ã‚°ã•ã‚Œã¦ã—ã¾ã£ãŸã¨å ±ã˜ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚ IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities | CISA https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a Iran-linked cyberattacks t
tukanana 2023/12/26
security

OT

ã‚¤ãƒ©ãƒ³

password
ãƒªãƒ³ã‚¯
ã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã§ã‚¤ãƒ©ãƒ³ã®ã‚¬ã‚½ãƒªãƒ³ã‚¹ã‚¿ãƒ³ãƒ‰ã®70ï¼…ãŒåœæ¢ã€ã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ç³»ãƒãƒƒã‚«ãƒ¼ãŒçŠ¯è¡Œå£°æ˜Žã‚’ç™ºè¡¨
ã‚¤ãƒ©ãƒ³ã®å›½æœ‰ãƒ¡ãƒ‡ã‚£ã‚¢ãŒ2023å¹´12æœˆ18æ—¥ã«ã€ã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã«ã‚ˆã‚Šã‚¤ãƒ©ãƒ³å…¨åœŸã«ã‚ã‚‹ã‚¬ã‚½ãƒªãƒ³ã‚¹ã‚¿ãƒ³ãƒ‰ã®70ï¼…ãŒã‚µãƒ¼ãƒ“ã‚¹ã‚’åœæ¢ã—ãŸã¨å ±ã˜ã¾ã—ãŸã€‚åŒæ—¥ã€ã‚¤ãƒ©ãƒ³å´ãŒã‚¤ã‚¹ãƒ©ã‚¨ãƒ«ã¨ã¤ãªãŒã‚ŠãŒã‚ã‚‹ã¨ä¸»å¼µã—ã¦ã„ã‚‹ãƒãƒƒã‚«ãƒ¼é›†å›£ãŒã€ã€Œæ”»æ’ƒã¯ã‚¤ã‚¹ãƒ©ãƒ å…±å’Œå›½ã®ä¾µç•¥ã«å¯¾æŠ—ã™ã‚‹ã‚‚ã®ã§ã‚ã‚‹ã€ã¨ã®çŠ¯è¡Œå£°æ˜Žã‚’ç™ºè¡¨ã—ã¾ã—ãŸã€‚ Iran points at Israeli-linked group as cyberattack disrupts fuel network | News | Al Jazeera https://www.aljazeera.com/news/2023/12/18/iran-says-cyberattack-disrupts-petrol-stations-across-country Israel-linked group claims cyberattack that shut down 70%
tukanana 2023/12/20
security

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
ä¸å›½ã®æŒç¶šçš„æ¨™çš„åž‹æ”»æ’ƒã‚°ãƒ«ãƒ¼ãƒ—Playful Taurusã«ã‚ˆã‚‹ã‚¤ãƒ©ãƒ³ã§ã®æ´»å‹•
This post is also available in: English (è‹±èªž) æ¦‚è¦ Playful Taurusã¯æ—¥å¸¸çš„ã«ã‚µã‚¤ãƒãƒ¼ã‚¹ãƒ‘ã‚¤æ´»å‹•ã‚’è¡Œã†ä¸å›½ã®æŒç¶šçš„æ¨™çš„åž‹æ”»æ’ƒã‚°ãƒ«ãƒ¼ãƒ—ã§ã™ã€‚APT15ã€BackdoorDiplomacyã€Vixen Pandaã€KeChangã€NICKELã®åå‰ã§ã‚‚çŸ¥ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®ã‚°ãƒ«ãƒ¼ãƒ—ã¯å°‘ãªãã¨ã‚‚2010å¹´ã«ã¯æ´»å‹•ã‚’é–‹å§‹ã—ã¦ãŠã‚Šã€æ´å²çš„ã«åŒ—å—ç±³ã€ã‚¢ãƒ•ãƒªã‚«ã€ä¸æ±ã®æ”¿åºœæ©Ÿé–¢ã‚„å¤–äº¤æ©Ÿé–¢ã‚’æ¨™çš„ã«ã—ã¦ãã¾ã—ãŸã€‚ 2021å¹´6æœˆã€ESETã¯åŒã‚°ãƒ«ãƒ¼ãƒ—ãŒãƒ„ãƒ¼ãƒ«ã‚ãƒƒãƒˆã‚’æ›´æ–°ã—ã€Turianã¨å‘¼ã°ã‚Œã‚‹æ–°ãŸãªãƒãƒƒã‚¯ãƒ‰ã‚¢ã‚’æè¼‰ã—ãŸã¨å ±å‘Šã—ã¾ã—ãŸã€‚ã“ã®ãƒãƒƒã‚¯ãƒ‰ã‚¢ã®é–‹ç™ºã¯ç¾åœ¨ã‚‚æ´»ç™ºã«è¡Œã‚ã‚Œã¦ã„ã¾ã™ã€‚ç§ãŸã¡ã¯ã“ã®ãƒ„ãƒ¼ãƒ«ã¯ã‚‚ã£ã±ã‚‰Playful Taurusã®ã‚¢ã‚¯ã‚¿ãƒ¼ã ã‘ãŒä½¿ç”¨ã—ã¦ã„ã‚‹ã¨è©•ä¾¡ã—ã¦ã„ã¾ã™ã€‚ã“ã®ã‚±ã‚¤ãƒ‘ãƒ“ãƒªãƒ†ã‚£ã®é€²åŒ–ã«ã¤ã¥ãã€æœ€è¿‘ç§ãŸã¡ã¯åŒãƒãƒƒã‚¯ãƒ‰ã‚¢ã®æ–°ãŸãªäºœç¨®ã¨
tukanana 2023/01/20
security

ä¸å›½

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
ã‚¤ãƒ©ãƒ³ãŒæ”¯æ´ã™ã‚‹ãƒãƒƒã‚«ãƒ¼é›†å›£ãŒã‚¢ãƒ¡ãƒªã‚«ã®æ”¿åºœæ©Ÿé–¢ã‚’ãƒãƒƒã‚ãƒ³ã‚°ã€Log4Shellã‚’åˆ©ç”¨ã—ãŸä»®æƒ³é€šè²¨ã®ãƒžã‚¤ãƒ‹ãƒ³ã‚°ãƒžãƒ«ã‚¦ã‚§ã‚¢ã‚’å±•é–‹ã—ã¦ã„ã‚‹
ã•ã¾ã–ã¾ãªãƒ—ãƒã‚°ãƒ©ãƒ ã«ä½¿ã‚ã‚Œã¦ã„ã‚‹Javaã®ãƒã‚°å‡ºåŠ›ãƒ©ã‚¤ãƒ–ãƒ©ãƒªã«ã€ŒLog4Shell(CVE-2021-44228)ã€ã¨ã„ã†è„†å¼±(ãœã„ã˜ã‚ƒã)æ€§ãŒç™ºè¦šã—ã¦ã‹ã‚‰ã€ä»®æƒ³é€šè²¨ãƒžã‚¤ãƒ‹ãƒ³ã‚°ã‚„ãƒ‡ãƒ¼ã‚¿ç›—é›£ãªã©ãŒå¤šç™ºã—ãŸã‚Šã€æ”¿åºœç³»ãƒãƒƒã‚ãƒ³ã‚°ã‚°ãƒ«ãƒ¼ãƒ—ãŒLog4Shellã‚’åˆ©ç”¨ã—ã¦ã„ã‚‹ã“ã¨ã‚’MicrosoftãŒè¦å‘Šã—ãŸã‚Šã¨ã€å¤§ããªæ··ä¹±ã‚’ç”Ÿã‚“ã§ã„ã¾ã™ã€‚ã‚¢ãƒ¡ãƒªã‚«ã®é€£é‚¦æœæŸ»å±€(FBI)ã¨ã‚¢ãƒ¡ãƒªã‚«ã‚µã‚¤ãƒãƒ¼ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ»ç¤¾ä¼šåŸºç›¤å®‰å…¨ä¿éšœåº(CISA)ãŒ2022å¹´11æœˆ16æ—¥ã«å…±åŒã§ç™ºè¡¨ã—ãŸå‹§å‘Šã«ã‚ˆã‚‹ã¨ã€ã‚¤ãƒ©ãƒ³æ”¿åºœã‹ã‚‰æ”¯æ´ã‚’å—ã‘ãŸãƒãƒƒã‚«ãƒ¼ã‚°ãƒ«ãƒ¼ãƒ—ãŒé€£é‚¦æ°‘é–“è¡Œæ”¿æ©Ÿé–¢(FCEB)ã®çµ„ç¹”ã‚’ãƒãƒƒã‚ãƒ³ã‚°ã—ã€æš—å·è§£èªãƒžãƒ«ã‚¦ã‚§ã‚¢ã€ŒXMRigã€ã‚’å°Žå…¥ã—ã¦ã„ãŸã“ã¨ãŒæ˜Žã‚‰ã‹ã«ãªã‚Šã¾ã—ãŸã€‚ CISA and FBI Release Advisory on Iranian Government-Sponsored APT Actors Comp
tukanana 2022/11/17
security

ã‚¤ãƒ©ãƒ³

ã‚¢ãƒ¡ãƒªã‚«

linux
ãƒªãƒ³ã‚¯
Iran-Linked APT Cozies Up to 'Enemies' in Trust-Based Spy Game
tukanana 2022/09/15
security

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations | Microsoft Security Blog
tukanana 2022/08/29
security

forensic-report

Linux

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
tukanana 2022/03/11
security

forensic-report

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
Log4j2 In The Wild | Iranian-Aligned Threat Actor "TunnelVision" Actively Exploiting VMware Horizon
tukanana 2022/02/21
security

linux

forensic-report

ã‚¤ãƒ©ãƒ³

ã‚¢ãƒ¡ãƒªã‚«
ãƒªãƒ³ã‚¯
APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit - Check Point Research
tukanana 2022/01/12
security

forensic-report

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
ä¸å›½ãƒ»ã‚¤ãƒ©ãƒ³ãƒ»åŒ—æœé®®ãƒ»ãƒˆãƒ«ã‚³ã®æ”¯æ´ã‚’å—ã‘ãŸãƒãƒƒã‚ãƒ³â€‹â€‹ã‚°ã‚°ãƒ«ãƒ¼ãƒ—ãŒLog4jã®ã‚¼ãƒãƒ‡ã‚¤è„†å¼±æ€§ã€ŒLog4Shellã€ã‚’æ‚ªç”¨ã—ã¦ã„ã‚‹ã¨MicrosoftãŒç™ºè¡¨
2021å¹´12æœˆ14æ—¥ã€MicrosoftãŒJavaã®Log4jãƒ©ã‚¤ãƒ–ãƒ©ãƒªã«å˜åœ¨ã—ã¦ã„ãŸãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã‚’å¯èƒ½ã«ã™ã‚‹ã‚¼ãƒãƒ‡ã‚¤è„†å¼±æ€§ã€ŒLog4Shellã€ãŒä¸å›½ãƒ»ã‚¤ãƒ©ãƒ³ãƒ»åŒ—æœé®®ãƒ»ãƒˆãƒ«ã‚³ã«é–¢é€£ã™ã‚‹æ”¿åºœç³»ãƒãƒƒã‚ãƒ³ã‚°ã‚°ãƒ«ãƒ¼ãƒ—ã«ã‚ˆã£ã¦ç”¨ã„ã‚‰ã‚Œã‚‹ã“ã¨ã‚’ç¢ºèªã—ãŸã¨ç™ºè¡¨ã—ã¾ã—ãŸã€‚ã•ã‚‰ã«åŒæ—¥ã«ã¯ã‚¢ãƒ¡ãƒªã‚«ã®ã‚µã‚¤ãƒãƒ¼ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ»ã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£åº(CISA)ãŒè¡Œæ”¿å„çœã«å¯¾ã—ã¦Log4Shellã®ä¿®æ£ãƒ‘ãƒƒãƒã‚’12æœˆ24æ—¥ã¾ã§ã«é©ç”¨ã™ã‚‹ã‚ˆã†ã«é€šé”ã‚’å‡ºã—ã¾ã—ãŸã€‚ Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation - Microsoft Security Blog https://www.microsoft.com/security/blog/2021/12/11/guida
tukanana 2021/12/16
security

Microsoft

Java

linux

ä¸å›½

åŒ—æœé®®

ã‚¤ãƒ©ãƒ³
ãƒªãƒ³ã‚¯
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability | Microsoft Security Blog
January 10, 2022 recap â€“ The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe. This open-source component is widely used across many suppliersâ€™ software and services. By nature of Log4j being a component, the vulnerabilities affect not only applications that use vulnerable libraries, but also any services that use these applications, so customers may
tukanana 2021/12/16
ã€ŒMSTICã¯ã¾ãŸã€CVE-2021-44228ã®è„†å¼±æ€§ãŒã€ä¸å›½ã€ã‚¤ãƒ©ãƒ³ã€åŒ—æœé®®ã€ãŠã‚ˆã³ãƒˆãƒ«ã‚³ã‚’èµ·æºã¨ã™ã‚‹è¤‡æ•°ã®è¿½è·¡ã•ã‚ŒãŸå›½æ°‘å›½å®¶æ´»å‹•ã‚°ãƒ«ãƒ¼ãƒ—ã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã—ã¾ã—ãŸã€‚ã€

security

Microsoft

ä¸å›½

ã‚¤ãƒ©ãƒ³

åŒ—æœé®®
ãƒªãƒ³ã‚¯
Espionage Campaign Targets Telecoms Organizations across Middle East and Asia
tukanana 2021/12/15
security

ã‚¤ãƒ©ãƒ³

æºå¸¯é›»è©±
ãƒªãƒ³ã‚¯
å›½å®¶é–“ã®ã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã®å¿œé…¬ãŒã€Œç”Ÿæ´»ã‚¤ãƒ³ãƒ•ãƒ©ã€ã«æ³¢åŠã—ã€ä¸€èˆ¬å¸‚æ°‘ã‚’å·»ãè¾¼ã¿å§‹ã‚ãŸ
tukanana 2021/12/06
ã‚¤ãƒ©ãƒ³

security
ãƒªãƒ³ã‚¯
SMS Messages Socially Engineered to Steal Billions of Rial from Iran's Citizens - Check Point Software
tukanana 2021/12/02
security

ã‚¤ãƒ©ãƒ³

æºå¸¯é›»è©±

SMS
ãƒªãƒ³ã‚¯
1 2 æ¬¡ã®ãƒšãƒ¼ã‚¸

ãŠçŸ¥ã‚‰ã›

ã‚‚ã£ã¨èªã‚€

å…¬å¼Twitter

@HatenaBookmark
ãƒªãƒªãƒ¼ã‚¹ã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“ã‚¹ã®ãŠçŸ¥ã‚‰ã›
@hatebu
æœ€æ–°ã®äººæ°—ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã®é…ä¿¡

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

jæ¬¡ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

kå‰ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

lã‚ã¨ã§èªã‚€

eã‚³ãƒ¡ãƒ³ãƒˆä¸€è¦§ã‚’é–‹ã

oãƒšãƒ¼ã‚¸ã‚’é–‹ã

è¨å®šã‚’å¤‰æ›´ã—ã¾ã—ãŸx