sga0221's Avatar

sga0221

@sga0221.bsky.social

IT Engineer / Cyber Security / Japanese

10 Followers  |  16 Following  |  160 Posts  |  Joined: 14.11.2024  |  1.5041

Latest posts by sga0221.bsky.social on Bluesky

Preview
Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly.

Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly.

16.10.2025 18:26 — 👍 22    🔁 12    💬 0    📌 3
Preview
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access.

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches

www.bleepingcomputer.com/news/securit...

16.10.2025 23:52 — 👍 0    🔁 0    💬 0    📌 0
Preview
SonicWall VPN accounts breached using stolen creds in widespread attacks Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials.

SonicWall VPN accounts breached using stolen creds in widespread attacks

www.bleepingcomputer.com/news/securit...

13.10.2025 23:22 — 👍 0    🔁 0    💬 0    📌 0
Preview
ランサムウェア グループがBBCの記者を勧誘-ハッカーが内通者を募集する一部始終|セキュリティニュースのセキュリティ対策Lab 2025年9月BBCのサイバー担当記者ジョー・タイディ氏が、暗号化メッセージアプリSignal上で犯罪グループを名乗る人物から**「あなたのPCへのアクセスと引き換えに、身代金の15%(のち25%)を支払う」との勧誘を受けました。この記者は社内承認のもと提案を受ける素振りを見せ最終的に拒否しますがその後MFA爆撃を受けました。

ランサムウェア グループがBBCの記者を勧誘-ハッカーが内通者を募集する一部始終

rocket-boys.co.jp/security-mea...

05.10.2025 23:29 — 👍 0    🔁 0    💬 0    📌 0
Preview
New MatrixPDF toolkit turns PDFs into phishing and malware lures A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential the...

New MatrixPDF toolkit turns PDFs into phishing and malware lures

www.bleepingcomputer.com/news/securit...

30.09.2025 23:14 — 👍 0    🔁 0    💬 0    📌 0
Preview
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers.

Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws

www.bleepingcomputer.com/news/securit...

30.09.2025 23:01 — 👍 0    🔁 0    💬 0    📌 0
Preview
Surge in coordinated scans targets Microsoft RDP auth servers Internet intelligence firm GreyNoise reports that it has recorded a significant spike in scanning activity consisting of nearly 1,971 IP addresses probing Microsoft Remote Desktop Web Access and RDP W...

Surge in coordinated scans targets Microsoft RDP auth servers

www.bleepingcomputer.com/news/securit...

RDP Web Accessが盲点か....(使ったことない)

28.08.2025 09:05 — 👍 0    🔁 0    💬 0    📌 0
Preview
Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning Threat actors have been using trojanized versions of well-known IT tools like PuTTY and WinSCP to spread the Oyster backdoor.

Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning

gbhackers.com/oyster-backd...

Puttyは広く使われてたソフトだから安易にPCに入れそうなイメージ

28.07.2025 23:12 — 👍 0    🔁 0    💬 0    📌 0
Preview
Malware found in NPM packages with 1 million weekly downloads A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT).

Malware found in NPM packages with 1 million weekly downloads

www.bleepingcomputer.com/news/securit...

08.06.2025 22:49 — 👍 0    🔁 0    💬 0    📌 0
Preview
Backdoored Open Source Malware Repositories Target Novice Cybercriminals A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.

Backdoored Open Source Malware Repositories Target Novice Cybercriminals - SecurityWeek

www.securityweek.com/backdoored-o...

05.06.2025 22:41 — 👍 0    🔁 0    💬 0    📌 0

ソーシャルエンジニアリングかぁ

03.06.2025 22:09 — 👍 0    🔁 0    💬 0    📌 0
Preview
Coinbase breach tied to bribed TaskUs support agents in India A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchan...

Coinbase breach tied to bribed TaskUs support agents in India

www.bleepingcomputer.com/news/securit...

03.06.2025 22:08 — 👍 0    🔁 0    💬 1    📌 0
Preview
How to Analyze Node.js, Python, Android, and Linux Malware See hands-on examples of how you can analyze and detect hard-to-catch malware using ANY.RUN's Interactive Sandbox.

How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN

any.run/cybersecurit...

28.05.2025 23:42 — 👍 0    🔁 0    💬 0    📌 0
New Guidance for SIEM and SOAR Implementation | CISA

New Guidance for SIEM and SOAR Implementation

www.cisa.gov/news-events/...

28.05.2025 00:05 — 👍 0    🔁 0    💬 0    📌 0
Preview
Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw Akamai documents a privilege escalation flaw in Windows Server 2025 after Redmond declines to ship an immediate patch.

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw

www.securityweek.com/akamai-micro...

dMSA(Windows Server 2025 Domain Controllerの新機能)の仕様上の欠陥による権限昇格の脆弱性

26.05.2025 23:22 — 👍 0    🔁 0    💬 0    📌 0
Preview
Coinbase attackers obtained data for 69,461 customers Coinbase estimates that a data breach caused by insider wrongdoing affected 69,461 customers.

Coinbase reveals almost 70K customers affected in data breach

cybernews.com/security/coi...

21.05.2025 23:12 — 👍 0    🔁 0    💬 0    📌 0
Preview
IIJが受けた「Living off the Land攻撃」、河野前デジタル相が24年8月に危険性を指摘 インターネットイニシアティブが2025年4月15日に同社の「IIJセキュアMXサービス」から400万件超のアカウント情報が漏洩した可能性があると発表。同社の谷脇康彦社長は2025年5月13日、サービスが受けた攻撃は「Living off the Land攻撃」だったことを明らかにした。

IIJが受けた「Living off the Land攻撃」、河野前デジタル相が24年8月に危険性を指摘

xtech.nikkei.com/atcl/nxt/col...

入り込まれちゃうと気づけないよねって話と理解

21.05.2025 22:52 — 👍 0    🔁 0    💬 0    📌 0
Preview
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains A threat actor named 'Hazy Hawk' has been using DNS CNAME hijacking to hijack abandoned cloud endpoints of domains belonging to trusted organizations and incorporate them in large-scale scam delivery ...

Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains

www.bleepingcomputer.com/news/securit...

20.05.2025 23:39 — 👍 0    🔁 0    💬 0    📌 0

AI for Securityの難しさでもあるか

19.05.2025 23:53 — 👍 0    🔁 0    💬 0    📌 0
Preview
AI Web Application Firewalls Bypassed Using Prompt Injection Techniques Web Application Firewalls (WAFs) have been a critical defense mechanism protecting web applications from malicious traffic and attacks such as SQL Injection and Cross-Site Scripting (XSS).

AI Web Application Firewalls Bypassed Using Prompt Injection Techniques

cybersecuritynews.com/ai-web-appli...

Security for AIの難しさ

19.05.2025 23:51 — 👍 0    🔁 0    💬 1    📌 0
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558 The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.

Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558

22.04.2025 21:41 — 👍 1    🔁 1    💬 0    📌 0
Preview
Active! Mail RCE flaw exploited in attacks on Japanese orgs An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan.

Active! Mail RCE flaw exploited in attacks on Japanese orgs

www.bleepingcomputer.com/news/securit...

22.04.2025 23:16 — 👍 0    🔁 0    💬 0    📌 0
Preview
Eight days from patch to exploitation for Microsoft flaw : It's now hitting govt, enterprise targets

Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days

www.theregister.com/2025/04/21/m...

21.04.2025 23:21 — 👍 0    🔁 0    💬 0    📌 0
【セキュリティ ニュース】「Active! mail」に深刻な脆弱性、すでに悪用も - 侵害確認方法を調査中(1ページ目 / 全2ページ):Security NEXT ウェブメールシステム「Active! mail 6」に深刻な脆弱性が明らかとなった。すでに悪用が確認されている。開発元がアップデートを提供するとともに、侵害状況の確認方法を調べており、ログの保全などが呼びかけられている。 :Security NEXT

【セキュリティ ニュース】「Active! mail」に深刻な脆弱性、すでに悪用も - 侵害確認方法を調査中(1ページ目 / 全2ページ):Security NEXT www.security-next.com/169498

20.04.2025 22:44 — 👍 0    🔁 0    💬 0    📌 0
Preview
Cisco Webex bug lets hackers gain code execution via meeting links Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

Cisco Webex bug lets hackers gain code execution via meeting links

www.bleepingcomputer.com/news/securit...

20.04.2025 22:16 — 👍 0    🔁 0    💬 0    📌 0
Preview
7 Steps to Take After a Credential-Based cyberattack Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they stri...

7 Steps to Take After a Credential-Based cyberattack

www.bleepingcomputer.com/news/securit...

20.04.2025 22:14 — 👍 0    🔁 0    💬 0    📌 0
Preview
New Windows Task Scheduler Vulnerabilities Allows Command Execution as Admin User

New Windows Task Scheduler Vulnerabilities Allows Command Execution as Admin User

16.04.2025 18:40 — 👍 1    🔁 1    💬 0    📌 0
Preview
CISA's 11-Month Extension Ensures Continuity of MITRE's CVE Program MITRE’s U.S.-funded CVE program, a core tool for tracking vulnerabilities, faces funding expiry Wednesday, risking to impact global security.

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

16.04.2025 21:10 — 👍 5    🔁 1    💬 1    📌 0
Preview
Govtech giant Conduent confirms client data stolen in January cyberattack American business services giant and government contractor Conduent disclosed today that client data was stolen in a January 2025 cyberattack.

Govtech giant Conduent confirms client data stolen in January cyberattack

www.bleepingcomputer.com/news/securit...

一度やられるともう一度やられる例だな

14.04.2025 23:22 — 👍 0    🔁 0    💬 0    📌 0
Preview
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity.

Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches

13.04.2025 18:25 — 👍 1    🔁 1    💬 0    📌 0

@sga0221 is following 15 prominent accounts