tc034のアンテナ

おとなりアンテナ | おすすめページ

1. 2025/05/28 20:03:12 Japan Vulnerability Notes

   最終更新日：2025/05/28
   JVNVU#93832736:
   Johnson Controls製iSTAR Configuration Utility（ICU）ツールにおける初期化されていない変数の使用の脆弱性 [2025/05/28 13:30]
   
2. 2025/05/28 19:45:17 The Hacker News - Cybersecurity News and Analysis

   How 'Browser-in-the-Middle' Attacks Steal Sessions in Seconds
   May 28, 2025 Browser Security / Credential Theft
   Would you expect an end user to log on to a cybercriminal's computer, open their browser

3. 2025/05/28 19:44:47 Trend Micro Latest Security News

   https://www.trendmicro.com/vinfo/us/security/rss/securitynews Security News from Trend Micro provides the latest news and updates, insight and analysis, as well as advice on the latest threats, alerts

4. 2025/05/28 19:24:38 セキュリティ - ITmedia エンタープライズ

   企業は「Windows 11」移行を“軽視”している？　その背景とは
   NISTが脆弱性管理の新指標「LEV」を提案　EPSSやKEVより信頼できる？
   

5. 2025/05/28 18:05:49 Cyber Security News Today | Articles on Cyber Security, Malware Attack updates | Cyware

   patchstack
   Malware and Vulnerabilities
   May 27, 2025
   Unpatched Critical Vulnerability in TI WooCommerce Wishlist Plugin
   A critical unauthenticated arbitrary file upload vulnerability, tracked as CVE-2

6. 2025/05/28 16:58:59 BleepingComputer.com - Technology news and support

   8
   Do You Know Which AI Tools Are Running in Your Users’ Browsers?
   

7. 2025/05/28 09:33:09 Alerts | CISA

   Johnson Controls Inc. (16)
   May 27, 2025
   Alert
   CISA Releases One Industrial Control Systems Advisory
   May 27, 2025
   ICS Advisory | ICSA-25-146-01
   Johnson Controls iSTAR Configuration Utility (ICU) Tool
   M

8. 2025/05/28 07:43:14 HackRead | Latest Cyber Crime - InfoSec- Tech - Hacking News

   ChatGPT o3 Resists Shutdown Despite Instructions, Study Claims
   Top Scams in Affiliate Marketing to Know in 2025
   Adidas Confirms Cyber Attack, Customer Data Stolen
   Why Quiet Expertise No Longer Wins Cy

9. 2025/05/28 06:32:10 Dark Reading | Security | Protect The Business - ...

   Paolo Uccello's painting "St. George and the Dragon"
   Application Security
   DragonForce Ransomware Strikes MSP in Supply Chain AttackDragonForce Ransomware Strikes MSP in Supply Chain Attack
   byAlexander

10. 2025/05/28 06:22:12 Blog | Tenable®

    2025/5/25
    ICYMI: エクスポージャーマネジメントアカデミーのハイライトを振り返る
    毎週月曜日、Tenable のサイバーエクスポージャー管理アカデミーでは、脆弱性管理からサイバーエクスポージャー管理への移行に必要な、実用的で現実的なガイダンスを提供しています。 This week, we look back on some highlights from the first cou

11. 2025/05/28 04:56:59 News_China’s Diplomacy in the new Era

    China ready to expand economic, trade cooperation with Cambodia -- premier
    China ready to expand economic, trade cooperation with Cambodia -- premier
    

12. 2025/05/28 04:56:30 まるちゃんの情報セキュリティ気まぐれ日記

    経済産業省 「産業サイバーセキュリティ研究会」が「政策の方向性」と「産業界へのメッセージ」を発出（2025.05.23）
    2025.05.27
    経済産業省 「産業サイバーセキュリティ研究会」が「政策の方向性」と「産業界へのメッセージ」を発出（2025.05.23）
    こんにちは、丸山満彦です。
    経済産業省が第9回「産業サイバーセキュリティ研究会」を開催しましたね...
    新たな制度の整備や中小企業等へ

13. 2025/05/28 01:30:23 JVN iPedia

    Last Updated:2025/05/27
    Total Records:3000
    2025/05/27 Update
    JVNDB-2025-001238
    Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers
    9.8(C

14. 2025/05/27 18:24:48 Krebs on Security – In-depth security news and investigation

    43 Comments
    

15. 2025/05/26 22:31:29 IIJ Security Diary – IIJ-SECT

    脆弱性
    セキュリティ事件
    

16. 2025/05/26 06:43:46 NCC Group Research – Making the world safer and more secure

    Research (1295)
    Ken Gannon (3)
    Chainspotting 2: The Unofficial Sequel to the 2018 Talk "Chainspotting" - OffensiveCon 2025
    Read more
    Ken Gannon
    23 May 2025
    

17. 2025/05/25 21:52:14 セキュリティは楽しいかね？ Part 2

    2025-05-25
    今週の気になるセキュリティニュース - Issue #224
    欧米の法執行機関や Microsoft などの協力により Lumma Stealer マルウェアのインフラを摘発
    欧米の法執行機関の Operation Endgame 作戦により、DanaBot など複数のマルウェアを摘発
    DeFi サービスの Cetus から $223M 相当のトークンが不正に流出
    Krebs

18. 2025/05/25 21:07:00 Threat Insight Information & Resources | Proofpoint Blog

    Data Security & Governance
    Data & SaaS Security Posture
    Contain SaaS and identity sprawl by responding to account takeovers and understanding your risk posture.
    Data Security Posture Management
    Unlock

19. 2025/05/25 05:21:55 Google Online Security Blog

    Tracking the Cost of Quantum Factoring
    May 23, 2025
    Posted by Craig Gidney, Quantum Research Scientist, and Sophie Schmieg, Senior Staff Cryptography Engineer
    Google Quantum AI's mission is to build b

20. 2025/05/24 23:42:34 Homepage - The Record by Recorded Future

    Ransomware hackers charged, infrastructure dismantled in international law enforcement operation
    Commvault clients should beware of campaign targeting cloud applications, CISA says
    Jonathan Greig| May

21. 2025/05/24 23:02:27 TrendLabs Security Intelligence Blog

    Stay ahead of phishing, BEC, ransomware and scams with AI-powered email security, stopping threats with speed, ease and accuracy.
    Learn more
    AI Security
    AI Security
    Proactive AI Security
    Strengthen yo

22. 2025/05/24 21:30:46 AdaptiveMobile Security Blog

    White Paper Excerpt | May 22, 2025 | Enea
    Verified Senders, Encryption and Rich Media: Improving Messaging but Adding New Risks
    Read more
    Tags: A2P Messaging, CPaaS, RBM, RCS, SMS
    White Paper Excerpt

23. 2025/05/24 17:24:52 Project Zero

    Friday, May 23, 2025
    The Windows Registry Adventure #7: Attack surface analysis
    Posted by Mateusz Jurczyk, Google Project Zero
    In the first three blog posts of this series, I sought to outline what th

24. 2025/05/24 05:37:37 国家互〓网〓急中心

    2025-05-22[安全报告/周报]网络安全信息与动态周报-2025年第20期
    2025-05-20[安全报告/周报]CNVD漏洞周报2025年第18期
    2025-05-23关于“游蛇”黑产攻击活动的风险提示
    2022-03-01关于BlackMoon僵尸网络大规模传播的风险提示
    2025-05-23关于“游蛇”黑产攻击活动的风险提示
    

25. 2025/05/21 06:47:38 Malware-Traffic-Analysis.net

    I started this blog in 2013 to share pcaps and malware samples.  Due to issues with Google, I've had to take most all blog posts down from 2014 through 2016, and I've been slowly restoring these pages
26. 2025/05/20 07:49:44 CCDCOE

    Tõnis Saar to become new director of NATO Cooperative Cyber Defence Centre of Excellence
    This August, Tõnis Saar will assume the role of Director of the NATO Cooperative Cyber Defence Centre of Excell

27. 2025/05/18 03:02:19 Zero Day Initiative — Blog

    Pwn2Own Berlin 2025: Day Three Results
    May 17, 2025 | Dustin Childs CONTINUE READING
    Blog post
    Pwn2Own Berlin 2025: Day Three Results
    May 17, 2025
    Microsoft, Pwn2Own, NVIDIA, VMware
    Blog post
    Pwn2Ow

28. 2025/05/17 09:58:44 Threat Research Blog | FireEye Inc

    Trellix Partner Portal Login Become a Partner Partner Locator
    Search for a Trellix Partner
    PARTNER LOCATOR
    Search for a Trellix Partner
    

29. 2025/05/15 16:33:22 The Citizen Lab - University of Toronto

    John Scott-Railton Testifies Before EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs
    May 14, 2025
    News
    On May 13, 2025, the Citizen Lab’s senior researcher John Scott-Railton tes

30. 2025/05/08 09:30:31 Industrial (ICS/OT) Cyber Security | Dragos

    ICS Security Roadmap
    Internal Network Security Monitoring
    

31. 2025/05/07 14:47:06 piyolog

    混乱を招いたとして、利用料金還元を公表
    NEXCO中日本は、システム障害発生時における高速道路の利用料金について、多大な混乱を招いたとして、その重大性にかんがみて利用料金の還元を行うと公表した。一部料金所でETCの無線通信が継続して行われており、課金データも正常であったことから、該当する利用者に対してはカード会社などを通じて請求が進められており、これらを還元する。また支払い手続きの申し出を行ってい

32. 2025/04/25 23:59:16 JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ

    マルウェア
    増渕 維摩(Yuma Masubuchi)
    2025/04/24
    Ivanti Connect Secureに設置されたマルウェアDslogdRAT
    以前、Ivanti Connect Secureの脆弱性を利用して設置されたマルウェアSPAWNCHIMERAについて紹介しましたが、SPA...
    続きを読む>
    2025年10
    

33. 2025/03/27 16:27:43 Research 調査研究/ブログ一覧 ｜ 三井物産セキュアディレクション株式会社

    2025.03.14
    2025年2月度 MBSD-SOCの検知傾向トピックス
    MBSD-SOC
    監視
    #洲崎俊
    #諌山貴由
    #金子俊介
    #サイバーインテリジェンスグループ
    #国分裕
    #井餘田 笙悟
    #白倉 大河
    #小山凌弥
    #廣田一貴
    #露木 拓巳
    #戸田廉
    #MI2
    #古川 菜摘
    

34. 2025/03/22 06:39:05 Insights - MDSec

    Red Teaming with ServiceNow
    Introduction Over the course of numerous Red Team engagements MDSec has often gained privileged access to a target’s ServiceNow instance. This has, in turn, facilitated a v

35. 2025/02/15 23:37:57 VirusTotal Blog

    Important Update: IP Address Change for VirusTotal
    We're making a change to the IP address for www.virustotal.com . If you're currently whitelisting our IP address in your firewall or...
    

36. 2025/02/14 23:35:29 InfosecMatter - Practical Cyber Security

    Copyright © 2025 InfosecMatter | About | Privacy Policy | Contact Us
    

37. 2025/01/20 18:43:51 Keen Security Lab Blog

    © 2025 Tencent Keen Security Lab
    

38. 2025/01/04 00:33:40 Qualys Security Blog | Expert network security guidance and news

    © 2025 Qualys, Inc. All rights reserved. Privacy Policy . Accessibility
    

39. 2025/01/03 21:40:02 Akamai Security Intelligence and Threat Research Blog - Akamai SITR

    ©2025 Akamai Technologies
    

40. 2025/01/03 06:20:39 1234n6

    1234n6 © 2025
    

41. 2025/01/02 07:04:23 Insights - MDSec

    Copyright 2025 MDSec
    

42. 2025/01/01 22:49:22 Threatpost | The first stop for security news

    Copyright © 2025 Threatpost
    

43. 2024/11/28 10:12:57 Blog

    Nov 25, 2024
    Remote Code Execution with Spring Properties
    Recently a past student came to me with a very interesting unauthenticated vulnerability in a Spring application that they were having a hard

44. 2024/11/08 14:05:44 Blog | Stealthbits Technologies

    For comprehensive data, identity and infrastructure security, check out the Netwrix solutions page.
    

45. 2024/10/13 07:34:01 CPR-Zero

    CVE-2024-43504
    Microsoft Excel | Use after Free
    10-Oct-24
    Vulnerabilities #: 210 | List ordered by CPR-ID [descending]
    

46. 2024/08/04 01:56:08 dirkjanm.io

    Persisting on Entra ID applications and User Managed Identities with Federated Credentials
    7 minute read July 31, 2024
    Using applications and service principals for persistence and privilege escalatio

47. 2024/07/05 22:15:56 setodaNote

    📑メモ
    解決策に行き着くまでに調べた限り、原因の候補は以下の2つ。
    今回は後者が原因だった。本来は /etc/ssh/sshd_config に Printmotd no と設定すべきところ、アップデートした際に設定が抜け落ちていたらしい。当該環境では sshd の設定で Printmotd が指定されていない場合のデフォルト値は Printmotd yes となっていたため表示されるようになって

48. 2023/10/26 12:33:48 BinaryEdge - Science and Technology

    Domain error
    Failed to resolve DNS path for this host
    

49. 2023/08/01 22:34:20 国家信息安全漏洞〓

    ARM Compiler 安全漏洞
    CNNVD-202307-2178
    2023-07-27
    ARM Compiler 安全漏洞
    CNNVD-202307-2177
    2023-07-27
    ARM Compiler 安全漏洞
    CNNVD-202307-2176
    2023-07-27
    Online Fire Reporting System 安全漏洞
    CNNVD-202307-2175
    2023-07

50. 2022/01/21 22:32:45 Newsroom | Europol

    You need to enable JavaScript to run this app.
    Loading application.Please wait.

51. 2021/09/15 11:13:59 〓得警惕！美国网〓将〓展行〓，“前出狩〓”！|国防部|网〓攻〓|美〓|网〓〓_网易〓〓

    174 跟〓 174
    157 跟〓 157
    美国走了一圈腰杆硬了！〓克〓〓〓放言，不排除〓俄〓〓可能性！
    〓血〓世界 2021-09-13 17:55:38
    15 跟〓 15
    民众〓始唱反〓？美国将迎来空前〓〓，美士兵警告：国家可能分裂
    〓略〓察〓 2021-09-13 17:56:48
    112 跟〓 112
    美国参〓〓〓席会〓副主席：我〓的目〓是，永不与中国〓〓
    〓球〓〓〓事 2021-09-1

52. 2021/08/19 16:49:29 注意喚起

    最終更新: 2021-08-19
    2021-08-19 ISC BIND 9の脆弱性（CVE-2021-25218）に関する注意喚起 (公開) 3.79KB

53. 2020/03/18 14:20:48 GCHQ

    You need to enable JavaScript to run this app.