Tomo's Avatar

Tomo

@tomo.gr.bsky.social

某大企業のCSIRTやってる人 主にセキュリティ、たまにゲーム(WoW) I am in charge of leader of a certain global trading company's CSIRT/SOC team. Registered Information Security Specialist in Japan. Cyber Security and/or World of Warcraft

54 Followers  |  72 Following  |  302 Posts  |  Joined: 11.09.2023  |  1.8637

Latest posts by tomo.gr on Bluesky

MSIgniteがAI一色。

セキュリティで小規模MSSPが生き残れる未来が想像できなくなったのでキャリアチェンジすべきか真剣に悩み中

18.11.2025 19:35 — 👍 0    🔁 0    💬 0    📌 0

a SQL query なのか an SQL queryなのか。みんなはどっち?

28.09.2025 14:05 — 👍 0    🔁 0    💬 0    📌 0
Preview
Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising maintainers' accounts in a phishing attack.

In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising maintainers' accounts in a phishing attack.

08.09.2025 12:48 — 👍 20    🔁 10    💬 3    📌 9
Preview
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.

08.09.2025 15:54 — 👍 14    🔁 8    💬 0    📌 2
Preview
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

11.07.2025 16:01 — 👍 1    🔁 1    💬 0    📌 0
Preview
Let's Encrypt Started to Issue SSL/TLS Certificate for IP Address

Let’s Encrypt Started to Issue SSL/TLS Certificate for IP Address

03.07.2025 13:17 — 👍 0    🔁 1    💬 0    📌 0
Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd From courtroom breaches to cockpit infiltration, here’s this week’s Cyber Snapshot. Five critical stories you need on your radar, with safety advice included. We’ve got insider revenge, MFA manipulation, rogue browser extensions, and state-sponsored email theft, all in one rapid-fire rundown. Whether you’re in IT, cybersecurity compliance, or just trying to keep your team one […] The post Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd appeared first on Heimdal Security Blog .

Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd

03.07.2025 13:23 — 👍 2    🔁 2    💬 0    📌 0

二要素って言い方はあまりしないかも、多要素(Multi Factor Authentication)の方がおすすめ

パスワードを使わない場合でも・・・

・ TPM搭載デバイスを保有していること
・ デバイスの認証を持っていること

など、複数の要素を認証しているので・・・・

01.07.2025 22:40 — 👍 0    🔁 0    💬 1    📌 0
Preview
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

27.06.2025 16:31 — 👍 0    🔁 1    💬 0    📌 0

参加してきました
ウクライナCERT人気だった

27.06.2025 22:48 — 👍 0    🔁 0    💬 0    📌 0
Preview
Scattered Spider hackers shift focus to aviation, transportation firms Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors

Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors

27.06.2025 14:21 — 👍 8    🔁 8    💬 0    📌 0
Preview
Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought back against incident response teams.

Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack

27.06.2025 19:26 — 👍 0    🔁 1    💬 0    📌 0

今月のアレにコペンハーゲン行く人いるだろうか

15.06.2025 11:56 — 👍 0    🔁 0    💬 0    📌 0
Post image

思いっきり色々使える、おうちサーバーになりそう
(TRとかXeonではないので、小規模だけど)

26.04.2025 09:13 — 👍 0    🔁 0    💬 0    📌 0
Preview
U.S. Govt. Funding for MITRE's CVE Ends April 16, Cybersecurity Community on Alert CVE funding ends April 16, risking delays in vulnerability tracking, advisories, and cyber response tools.

息を呑んで見守っている。

thehackernews.com/2025/04/us-g...

16.04.2025 11:39 — 👍 0    🔁 1    💬 0    📌 0

According to Ransomware.live, qilin ransomware group has added SMC Corporation (🇯🇵) to its victims.

17.03.2025 09:38 — 👍 0    🔁 1    💬 0    📌 0
Post image

🚨Cyberattack Alert ‼️

🇪🇺🇯🇵 - SMC Corporation

Qilin hacking group claims to have breached the European branch of SMC Corporation.

Allegedly, 1.1 TB (552,000 files) of data were exfiltrated.

17.03.2025 10:06 — 👍 3    🔁 2    💬 0    📌 0
Preview
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$$$ BOUNTY Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by law.

CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$ BOUNTY

16.03.2025 06:07 — 👍 4    🔁 2    💬 0    📌 0
Post image Post image Post image Post image

某大使館でのイベントに参加
日本のはずなのにそこは完全に欧州だった。

08.03.2025 05:13 — 👍 1    🔁 0    💬 0    📌 0
Post image Post image Post image Post image

イギリスのロンドンにある
バターシーパワーステーション…廃火力発電所をショッピングモールにしちゃったもの。外の迫力と中がモダンなモールで驚いた。

08.03.2025 05:10 — 👍 0    🔁 0    💬 0    📌 0

今回の出張、ほぼ全ての支払いをカードで済ませてポンドに至っては1ポンドも持ってかなかった

28.02.2025 05:15 — 👍 0    🔁 0    💬 0    📌 0
Post image Post image Post image Post image

1週間かけて、オランダ/イギリス出張。帰りはフランス経由だったので空港散策に入出国だけつけた

28.02.2025 04:52 — 👍 0    🔁 0    💬 0    📌 0
Preview
Code injection attacks using publicly disclosed ASP. NET machine keys Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-ex...

公開された ASP.NET マシン キーを使用したコード インジェクション攻撃
#CybersecurityNews
www.microsoft.com/en-us/securi...

06.02.2025 23:57 — 👍 2    🔁 3    💬 0    📌 0
Preview
NVIDIA GPU Display Driver Vulnerability Lets Attackers Steal Files Remotely - Update Now NVIDIA has released a critical software security update to address multiple vulnerabilities affecting its GPU Display Driver and Virtual GPU (vGPU) software.

NVIDIA GPU Display Driver Vulnerability Lets Attackers Steal Files Remotely – Update Now

03.02.2025 11:19 — 👍 7    🔁 3    💬 0    📌 0

詐欺に注意: YouTube 上の偽の Minecraft、Roblox ハックにマルウェア隠蔽、子供がターゲットに
#CybersecurityNews
www.mcafee.com/blogs/intern...

02.02.2025 03:44 — 👍 2    🔁 3    💬 0    📌 0
Preview
FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks.

FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent

29.01.2025 19:33 — 👍 1    🔁 1    💬 0    📌 0

切り出したVLANセグメントにn150くらいでサーバー置こうかなぁ

26.01.2025 14:26 — 👍 0    🔁 0    💬 0    📌 0
Preview
Record-breaking 5.6 Tbps DDoS Attack From 13,000 Mirai Hacked Devices

Record-breaking 5.6 Tbps DDoS Attack From 13,000 Mirai Hacked Devices

22.01.2025 05:03 — 👍 1    🔁 1    💬 0    📌 0

今日はとてもわかりやすい英語で助かる

22.01.2025 05:51 — 👍 0    🔁 0    💬 0    📌 0

JSAC、同時通訳聞くのは苦手だからと忌避してるけど、訛り強めの英語はキツイ。昨日はそれで途中で力尽きたよ

22.01.2025 05:50 — 👍 2    🔁 0    💬 0    📌 0

@tomo.gr is following 19 prominent accounts