[B! åŒ—æœé®®][Google] tukananaã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

tukanana id:tukanana

åŒ—æœé®®ã¨Googleã«é–¢ã™ã‚‹tukananaã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (9)

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

{{#following_bookmarks}}

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

{{/following_bookmarks}}

{{/is_wiped}}

An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader | Google Cloud Blog
tukanana 2024/09/18
security

Google

forensic-report

åŒ—æœé®®
ãƒªãƒ³ã‚¯
Internet Explorer 0-day exploited by North Korean actor APT37
tukanana 2022/12/08
security

forensic-report

Google

åŒ—æœé®®
ãƒªãƒ³ã‚¯
åŒ—æœé®®ã®ãƒãƒƒã‚«ãƒ¼ã‚°ãƒ«ãƒ¼ãƒ—ãŒChromeã®ã‚¼ãƒãƒ‡ã‚¤è„†å¼±æ€§ã€ŒCVE-2022-0609ã€ã‚’æ‚ªç”¨ã—ã¦ã„ãŸã¨åˆ¤æ˜Ž
åŒ—æœé®®æ”¿åºœã®æ”¯æ´ã‚’å—ã‘ãŸãƒãƒƒã‚«ãƒ¼ãŒã€Chromeã®ã‚¼ãƒãƒ‡ã‚¤è„†å¼±(ãœã„ã˜ã‚ƒã)æ€§ã€ŒCVE-2022-0609ã€ã‚’æ‚ªç”¨ã—ã¦ã€ã‚¢ãƒ¡ãƒªã‚«ã‚’æ‹ ç‚¹ã¨ã™ã‚‹ãƒ‹ãƒ¥ãƒ¼ã‚¹ãƒ¡ãƒ‡ã‚£ã‚¢ã‚„ITã€ä»®æƒ³é€šè²¨ã€é‡‘èžã‚µãƒ¼ãƒ“ã‚¹ãªã©å¹…åºƒã„æ¥ç•Œã§åƒãæ•°ç™¾äººã®ã‚³ãƒ³ãƒ”ãƒ¥ãƒ¼ã‚¿ãƒ¼ã«ãƒžãƒ«ã‚¦ã‚§ã‚¢ã‚’æ„ŸæŸ“ã•ã›ã‚ˆã†ã¨ã—ãŸã¨ã€GoogleãŒæœ¨æ›œæ—¥ã«ç™ºè¡¨ã—ã¾ã—ãŸã€‚ Countering threats from North Korea https://blog.google/threat-analysis-group/countering-threats-north-korea/ North Korean hackers unleashed Chrome 0-day exploit on hundreds of US targets | Ars Technica https://arstechnica.com/information-techno logy
tukanana 2022/03/25
security

Google

åŒ—æœé®®
ãƒªãƒ³ã‚¯
Countering threats from North Korea
On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups' activity has been publ icly tracked as Operation Dream Job and Operation AppleJeus. We observed the campaigns targeting U.S. based organizations spanning news media, IT, cryptocurrency and fintech indust
tukanana 2022/03/25
security

Google

forensic-report

åŒ—æœé®®
ãƒªãƒ³ã‚¯
GoogleãŒã€Œãƒã‚·ã‚¢æ”¿åºœç³»ãƒãƒƒã‚«ãƒ¼ãŒiOSã®ã‚¼ãƒãƒ‡ã‚¤è„†å¼±æ€§ã‚’çªã„ã¦ãƒ¨ãƒ¼ãƒãƒƒãƒ‘ã®æ”¿åºœé–¢ä¿‚è€…ã‚’æ”»æ’ƒã—ã¦ã„ãŸã€ã¨å ±å‘Š
Googleã®è„…å¨åˆ†æžã‚°ãƒ«ãƒ¼ãƒ—ãŒæ–°ãŸã«Chromeã§2ç¨®ã€Internet Explorerã§1ç¨®ã€WebKit(Safari)ã§1ç¨®ã®è¨ˆ4ç¨®ã®ã‚¼ãƒãƒ‡ã‚¤è„†å¼±æ€§ã«ã¤ã„ã¦è©³ç´°ã‚’å…¬é–‹ã—ã¾ã—ãŸã€‚ã“ã®4ç¨®ã®ä¸ã§ã‚‚WebKitã®è„†å¼±æ€§ã¯ã€Œãƒã‚·ã‚¢æ”¿åºœã®æ”¯æ´ã‚’å—ã‘ã¦ã„ã‚‹å¯èƒ½æ€§ã®ã‚ã‚‹ãƒãƒƒã‚«ãƒ¼ãŒç”¨ã„ãŸã€ã¨ã®ã“ã¨ã§ã€å ±é“å„ç¤¾ã«ã‚ˆã£ã¦ã²ã¨ãã‚å¤§ããå ±ã˜ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚ How we protect users from 0-day attacks https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/ iOS zero-day let SolarWinds hackers compromise fully updated iPhones | Ars Technica https://arstechnica.com/g
tukanana 2021/07/15
security

iOS

Google

Microsoft

ãƒã‚·ã‚¢

åŒ—æœé®®
ãƒªãƒ³ã‚¯
Update on campaign targeting security researchers
In January, the Threat Analysis Group documented a hacking campaign, which we were able to attribute to a North Korean government-backed entity, targeting security researchers. On March 17th, the same actors behind those attacks set up a new website with associated social media profiles for a fake company called â€œSecuriElite.â€ The new website claims the company is an offensive security company loc
tukanana 2021/04/05
security

åŒ—æœé®®

Google
ãƒªãƒ³ã‚¯
åŒ—æœé®®ã®ãƒãƒƒã‚«ãƒ¼ãŒChromeã®ã‚¼ãƒãƒ‡ã‚¤è„†å¼±æ€§ã‚’åˆ©ç”¨ã—ã¦è¡Œã£ãŸæ”»æ’ƒã«ã¤ã„ã¦MicrosoftãŒãƒ¬ãƒãƒ¼ãƒˆã‚’å…¬é–‹
åŒ—æœé®®æ”¿åºœã®æ”¯æ´ã‚’å—ã‘ã‚‹ã¨ã¿ã‚‰ã‚Œã‚‹ãƒãƒƒã‚«ãƒ¼é›†å›£ãŒã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ç ”ç©¶è€…ã‚’æ¨™çš„ã«æ”»æ’ƒã‚’è¡Œã£ã¦ã„ãŸã“ã¨ã‚’2021å¹´1æœˆ25æ—¥ã«GoogleãŒå ±å‘Šã—ã¾ã—ãŸã€‚ã“ã®æ”»æ’ƒãŒã©ã®ã‚ˆã†ã«è¡Œã‚ã‚ŒãŸã®ã‹ã«ã¤ã„ã¦MicrosoftãŒèª¿æŸ»ã‚’è¡Œã„ã€ãƒ¬ãƒãƒ¼ãƒˆã‚’ç™ºè¡¨ã—ã¦ã„ã¾ã™ã€‚ ZINC attacks against security researchers - Microsoft Security https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/ Microsoft: DPRK hackers 'likely' hit researchers with Chrome exploit https://www.bleepingcomputer.com/news/security/mic
tukanana 2021/01/30
security

Microsoft

Google

åŒ—æœé®®
ãƒªãƒ³ã‚¯
åŒ—æœé®®ãƒãƒƒã‚«ãƒ¼ã€SNSçµŒç”±ã§ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ç ”ç©¶è€…ã‚’æ¨™çš„ã«--ã‚°ãƒ¼ã‚°ãƒ«ãŒæ³¨æ„å–šèµ·
Googleã¯ç±³å›½æ™‚é–“1æœˆ25æ—¥ã€åŒ—æœé®®æ”¿åºœã®æ”¯æ´ã‚’å—ã‘ã‚‹ãƒãƒƒã‚«ãƒ¼é›†å›£ãŒã€è„†å¼±æ€§èª¿æŸ»ã«é–¢ã‚ã‚‹ã‚µã‚¤ãƒãƒ¼ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å°‚é–€å®¶ã‚‰ã‚’æ¨™çš„ã«ã—ã¦ã„ã‚‹ã“ã¨ã‚’æ˜Žã‚‰ã‹ã«ã—ãŸã€‚ æ”»æ’ƒã¯Googleã®è„…å¨åˆ†æžã‚°ãƒ«ãƒ¼ãƒ—ï¼ˆTAGï¼‰ã«ã‚ˆã£ã¦ç™ºè¦‹ã•ã‚ŒãŸã€‚åŒã‚°ãƒ«ãƒ¼ãƒ—ã¯æŒç¶šçš„æ¨™çš„åž‹æ”»æ’ƒï¼ˆAPTï¼‰ã®æ¤œå‡ºã‚’å°‚é–€ã¨ã™ã‚‹ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒãƒ¼ãƒ ã ã€‚ Googleã¯25æ—¥ã«å…¬è¡¨ã—ãŸTAGã®ãƒ¬ãƒãƒ¼ãƒˆã§ã€åŒ—æœé®®ã®ãƒãƒƒã‚«ãƒ¼ã‚‰ã¯Twitterã€LinkedInã€Telegramã€Discordã€Keybaseã¨ã„ã£ãŸå„ç¨®ã‚½ãƒ¼ã‚·ãƒ£ãƒ«ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ä¸Šã§è¤‡æ•°ã®ãƒ—ãƒãƒ•ã‚£ãƒ¼ãƒ«ã‚’ä½¿ç”¨ã—ã€å½ã®äººç‰©ã‚’è£…ã£ã¦ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ç ”ç©¶è€…ã‚‰ã«æŽ¥è§¦ã—ãŸã¨è¿°ã¹ãŸã€‚æŽ¥è§¦ã«é›»åãƒ¡ãƒ¼ãƒ«ãŒä½¿ã‚ã‚Œã‚‹ä¾‹ã‚‚ã‚ã£ãŸã¨ã—ã¦ã„ã‚‹ã€‚ TAGã®ãƒ¬ãƒãƒ¼ãƒˆã«ã¯ã€åŒ—æœé®®ã®ãƒãƒƒã‚«ãƒ¼ãŒæƒ…å ±ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®å°‚é–€å®¶ã‚‰ã‚’ãŠã³ãå¯„ã›ã¦ã ã¾ã™ãŸã‚ã«ä½¿ç”¨ã—ãŸã‚½ãƒ¼ã‚·ãƒ£ãƒ«ãƒ¡ãƒ‡ã‚£ã‚¢ä¸Šã®å½ãƒ—ãƒãƒ•ã‚£ãƒ¼ãƒ«ã®ãƒªãƒ³ã‚¯ä¸€è¦§ã‚‚è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹ã€‚ åŒ—æœ
tukanana 2021/01/27
security

Google

åŒ—æœé®®
ãƒªãƒ³ã‚¯
New campaign targeting security researchers
Over the past several months, the Threat Analysis Group has identified an ongoing campaign targeting security researchers working on vulnerability research and development at different companies and organizations.Â The actors behind this campaign, which we attribute to a government-backed entity based in North Korea, have employed a number of means to target researchers which we will outline below.
tukanana 2021/01/26
security

Google

åŒ—æœé®®
ãƒªãƒ³ã‚¯
1

ãŠçŸ¥ã‚‰ã›

ã‚‚ã£ã¨èªã‚€

å…¬å¼Twitter

@HatenaBookmark
ãƒªãƒªãƒ¼ã‚¹ã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“ã‚¹ã®ãŠçŸ¥ã‚‰ã›
@hatebu
æœ€æ–°ã®äººæ°—ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã®é…ä¿¡

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

jæ¬¡ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

kå‰ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

lã‚ã¨ã§èªã‚€

eã‚³ãƒ¡ãƒ³ãƒˆä¸€è¦§ã‚’é–‹ã

oãƒšãƒ¼ã‚¸ã‚’é–‹ã

è¨å®šã‚’å¤‰æ›´ã—ã¾ã—ãŸx