sga0221
LightNews LightNews
sga0221.bsky.social
sga0221
@sga0221.bsky.social
10 followers 16 following 160 posts
IT Engineer / Cyber Security / Japanese
Posts Replies Media Videos
Reposted by sga0221
bleepingcomputer.com
Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly.
Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections
Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly.
www.bleepingcomputer.com
October 16, 2025 at 10:26 PM
sga0221.bsky.social
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches

www.bleepingcomputer.com/news/securit...
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches
Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access.
www.bleepingcomputer.com
October 16, 2025 at 11:52 PM
sga0221.bsky.social
SonicWall VPN accounts breached using stolen creds in widespread attacks

www.bleepingcomputer.com/news/securit...
SonicWall VPN accounts breached using stolen creds in widespread attacks
Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials.
www.bleepingcomputer.com
October 13, 2025 at 11:22 PM
sga0221.bsky.social
ランサムウェア グループがBBCの記者を勧誘-ハッカーが内通者を募集する一部始終

rocket-boys.co.jp/security-mea...
ランサムウェア グループがBBCの記者を勧誘-ハッカーが内通者を募集する一部始終|セキュリティニュースのセキュリティ対策Lab
2025年9月BBCのサイバー担当記者ジョー・タイディ氏が、暗号化メッセージアプリSignal上で犯罪グループを名乗る人物から**「あなたのPCへのアクセスと引き換えに、身代金の15%(のち25%)を支払う」との勧誘を受けました。この記者は社内承認のもと提案を受ける素振りを見せ最終的に拒否しますがその後MFA爆撃を受けました。
rocket-boys.co.jp
October 5, 2025 at 11:29 PM
sga0221.bsky.social
New MatrixPDF toolkit turns PDFs into phishing and malware lures

www.bleepingcomputer.com/news/securit...
New MatrixPDF toolkit turns PDFs into phishing and malware lures
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential the...
www.bleepingcomputer.com
September 30, 2025 at 11:14 PM
sga0221.bsky.social
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws

www.bleepingcomputer.com/news/securit...
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers.
www.bleepingcomputer.com
September 30, 2025 at 11:01 PM
sga0221.bsky.social
Surge in coordinated scans targets Microsoft RDP auth servers

www.bleepingcomputer.com/news/securit...

RDP Web Accessが盲点か....(使ったことない)
Surge in coordinated scans targets Microsoft RDP auth servers
Internet intelligence firm GreyNoise reports that it has recorded a significant spike in scanning activity consisting of nearly 1,971 IP addresses probing Microsoft Remote Desktop Web Access and RDP W...
www.bleepingcomputer.com
August 28, 2025 at 9:05 AM
sga0221.bsky.social
Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning

gbhackers.com/oyster-backd...

Puttyは広く使われてたソフトだから安易にPCに入れそうなイメージ
Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning
Threat actors have been using trojanized versions of well-known IT tools like PuTTY and WinSCP to spread the Oyster backdoor.
gbhackers.com
July 28, 2025 at 11:19 PM
sga0221.bsky.social
Malware found in NPM packages with 1 million weekly downloads

www.bleepingcomputer.com/news/securit...
Malware found in NPM packages with 1 million weekly downloads
A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT).
www.bleepingcomputer.com
June 8, 2025 at 10:49 PM
sga0221.bsky.social
Backdoored Open Source Malware Repositories Target Novice Cybercriminals - SecurityWeek

www.securityweek.com/backdoored-o...
Backdoored Open Source Malware Repositories Target Novice Cybercriminals
A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.
www.securityweek.com
June 5, 2025 at 10:41 PM
sga0221.bsky.social
Coinbase breach tied to bribed TaskUs support agents in India

www.bleepingcomputer.com/news/securit...
Coinbase breach tied to bribed TaskUs support agents in India
A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchan...
www.bleepingcomputer.com
June 3, 2025 at 10:08 PM
sga0221.bsky.social
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN

any.run/cybersecurit...
How to Analyze Node.js, Python, Android, and Linux Malware
See hands-on examples of how you can analyze and detect hard-to-catch malware using ANY.RUN's Interactive Sandbox.
any.run
May 28, 2025 at 11:42 PM
sga0221.bsky.social
New Guidance for SIEM and SOAR Implementation

www.cisa.gov/news-events/...
New Guidance for SIEM and SOAR Implementation | CISA
www.cisa.gov
May 28, 2025 at 12:05 AM
sga0221.bsky.social
Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw

www.securityweek.com/akamai-micro...

dMSA(Windows Server 2025 Domain Controllerの新機能)の仕様上の欠陥による権限昇格の脆弱性
Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw
Akamai documents a privilege escalation flaw in Windows Server 2025 after Redmond declines to ship an immediate patch.
www.securityweek.com
May 26, 2025 at 11:23 PM
sga0221.bsky.social
Coinbase reveals almost 70K customers affected in data breach

cybernews.com/security/coi...
Coinbase attackers obtained data for 69,461 customers
Coinbase estimates that a data breach caused by insider wrongdoing affected 69,461 customers.
cybernews.com
May 21, 2025 at 11:12 PM
sga0221.bsky.social
IIJが受けた「Living off the Land攻撃」、河野前デジタル相が24年8月に危険性を指摘

xtech.nikkei.com/atcl/nxt/col...

入り込まれちゃうと気づけないよねって話と理解
IIJが受けた「Living off the Land攻撃」、河野前デジタル相が24年8月に危険性を指摘
インターネットイニシアティブが2025年4月15日に同社の「IIJセキュアMXサービス」から400万件超のアカウント情報が漏洩した可能性があると発表。同社の谷脇康彦社長は2025年5月13日、サービスが受けた攻撃は「Living off the Land攻撃」だったことを明らかにした。
xtech.nikkei.com
May 21, 2025 at 10:52 PM
sga0221.bsky.social
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains

www.bleepingcomputer.com/news/securit...
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains
A threat actor named 'Hazy Hawk' has been using DNS CNAME hijacking to hijack abandoned cloud endpoints of domains belonging to trusted organizations and incorporate them in large-scale scam delivery ...
www.bleepingcomputer.com
May 20, 2025 at 11:39 PM
sga0221.bsky.social
AI Web Application Firewalls Bypassed Using Prompt Injection Techniques

cybersecuritynews.com/ai-web-appli...

Security for AIの難しさ
AI Web Application Firewalls Bypassed Using Prompt Injection Techniques
Web Application Firewalls (WAFs) have been a critical defense mechanism protecting web applications from malicious traffic and attacks such as SQL Injection and Cross-Site Scripting (XSS).
cybersecuritynews.com
May 19, 2025 at 11:51 PM
Reposted by sga0221
infosec.skyfleet.blue
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.
www.darkreading.com
April 22, 2025 at 9:41 PM
sga0221.bsky.social
Active! Mail RCE flaw exploited in attacks on Japanese orgs

www.bleepingcomputer.com/news/securit...
Active! Mail RCE flaw exploited in attacks on Japanese orgs
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan.
www.bleepingcomputer.com
April 22, 2025 at 11:16 PM
sga0221.bsky.social
Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days

www.theregister.com/2025/04/21/m...
Eight days from patch to exploitation for Microsoft flaw
: It's now hitting govt, enterprise targets
www.theregister.com
April 21, 2025 at 11:21 PM
sga0221.bsky.social
【セキュリティ ニュース】「Active! mail」に深刻な脆弱性、すでに悪用も - 侵害確認方法を調査中(1ページ目 / 全2ページ):Security NEXT www.security-next.com/169498
【セキュリティ ニュース】「Active! mail」に深刻な脆弱性、すでに悪用も - 侵害確認方法を調査中(1ページ目 / 全2ページ):Security NEXT
ウェブメールシステム「Active! mail 6」に深刻な脆弱性が明らかとなった。すでに悪用が確認されている。開発元がアップデートを提供するとともに、侵害状況の確認方法を調べており、ログの保全などが呼びかけられている。 :Security NEXT
www.security-next.com
April 20, 2025 at 10:44 PM
sga0221.bsky.social
Cisco Webex bug lets hackers gain code execution via meeting links

www.bleepingcomputer.com/news/securit...
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.
www.bleepingcomputer.com
April 20, 2025 at 10:17 PM
sga0221.bsky.social
7 Steps to Take After a Credential-Based cyberattack

www.bleepingcomputer.com/news/securit...
7 Steps to Take After a Credential-Based cyberattack
Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they stri...
www.bleepingcomputer.com
April 20, 2025 at 10:14 PM
Reposted by sga0221
infosec.skyfleet.blue
New Windows Task Scheduler Vulnerabilities Allows Command Execution as Admin User
New Windows Task Scheduler Vulnerabilities Allows Command Execution as Admin User
cybersecuritynews.com
April 16, 2025 at 6:40 PM