Security Hubã«ãªãããå±±æ¬ææµ·ã§ãã CVE2024-6387ã«ã¯regreSSHion ã¨ããé称ãããã¾ã å æ¥å ¬è¡¨ãããOpenSSHã®èå¼±æ§ï¼CVE2024-6387ï¼ã®ãããå½ã¦å¯¾å¿ããã¾ããã対å¿ããç°å¢ã§ã¯ã»ãã¥ãªãã£ç·æ¥å¯¾å¿ã®ããã¥ã¢ã«ããªãã£ãã®ã§ãæé ããæ¤è¨ãå®â¦
Security Hubã«ãªãããå±±æ¬ææµ·ã§ãã 稼åãã¦ããç°å¢ã§Inspectorãæå¹åããã¨ã大éã®èå¼±æ§ãæ¤åºããã¦é©ããããã¨ããããã¨æãã¾ãã ãã®éã«ãã¾ãã¯ã©ã®èå¼±æ§ã«å¯¾å¿ãå¿ è¦ããèå¼±æ§ã®å¯¾å¿åªå é ãè©ä¾¡ããææ³ãæµç¨ãã¦åªå é ãæ¤è¨ãããâ¦
ECé¨æè¡3課ã®å±±æ¬ææµ·ã§ãã Daft Punkã§å¥½ããªã¢ã«ãã ã¯ãRandom Access Memoryã§ãã éæ¿ã§ããã youtu.be AWSã®èå¼±æ§æ¤åºãµã¼ãã¹InspectorãOSéã¨ã¨ã¼ã¸ã§ã³ããã¼ã¹ã»ã¨ã³ã¼ã¸ã§ã³ãã¬ã¹éã§æ¯è¼ãã¾ãã è¨äºã®ã¹ã³ã¼ã Inspectorã¯ä¸»ã«EC2ã¤ã³â¦
ECé¨æè¡3課ã®å±±æ¬ææµ·ã§ãã the smithsã§å¥½ããªã¢ã«ãã ã¯ãã©ããæé«ã§ããthe smithsã§ãã youtu.be AWSã®ã»ãã¥ãªãã£ã®æ¤åºãµã¼ãã¹ã®GuardDutyã®ãªãã·ã§ã³ãæ¯è¼ãã¾ãã EC2ãã¡ã¤ã³ã«ä½¿ã£ãç°å¢ã§å°å ¥ãæ¤è¨ãããæ©ä¼ãå¤ããGuardDutyã¨GuardDâ¦
ã¨ã³ã¿ã¼ãã©ã¤ãºã¯ã©ã¦ãé¨ æè¡3課ã®å±±æ¬ææµ·ã§ãã 好ããªããªã³ã¹ã®ã¢ã«ãã ã¯ãPrinceãã§ãã ãã®PVã®å¤§å¦çã¿ãããªé¢¨è²ã®ããªã³ã¹ããå¾ã®ã¤ã¡ã¼ã¸ã¨å¤§ããããé¢ãã¦ãã¦ããªããããããã¦å¥½ãã§ãã ãã¦ã å æ¥AWSã»ãã¥ãªãã£ããã°ã«ã¦ãã¹ãâ¦
ããã«ã¡ã¯ãã¨ã³ã¿ã¼ãã©ã¤ãºã¯ã©ã¦ãé¨ã®å±±æ¬ææµ·ã§ãã ãã©ã³ãã¼ã¸ã§ããã·ãã£ã§å¥½ããªã¢ã«ãã ã¯LOVE FLASH FEVERã§ãã1ã¤ã«çµãã®ãé£ããã¨ããã§ããã å æ¥ãCloudFormationãç¨ãã¦ãSecurityHubã®ã»ãã¥ãªãã£æ¨æºã®æå¹åã¨ã³ã³ããã¼ã«ã®ç¡â¦
ããã«ã¡ã¯ã6æããECé¨æè¡3課ã«é å±ããã¾ãããå±±æ¬ææµ·ã§ãã ã¶ã»ããªã¹ã®å¥½ããªã¢ã«ãã ã¯ã¼ãã¤ãã¿ã»ã¢ã³ããã¿ã§ãã ä»åã¯ã¹ããªãããã¥ã¼DNSã«ã¤ãã¦ã®èª¿æ»ã¨å®è£ æ¹æ³ããæ¡å ãã¾ãã ã¹ããªãããã¥ã¼DNSã¨ã¯ DNSã¯ã¨ãªéä¿¡å ã«ãã£ã¦ãç°ãªâ¦
ã¯ããã¾ãã¦ã2023å¹´3æã«ãµã¼ãã¼ã¯ã¼ã¯ã¹ã«å ¥ç¤¾ããå±±æ¬ææµ·ã§ãã 以å¾ãããããããããã¾ãã 好ããªã¬ããã»ãã§ãããªã³ã®ã¢ã«ãã ã¯ãã£ã¸ã«ã«ã»ã°ã©ãã£ãã£ã§ãã æ¥é±å®æ½ããããããã¯ã¼ã¯ã¹ãã·ã£ãªã¹ã試é¨ã®è©¦é¨ãåããäºå®ã§ãã https:â¦