piyokango

AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges Cloudflare said it received complaints from customers about Perplexity using stealthy tactics to evade network blocks against systematic browsing and scraping of web pages.

AI企業Perplexityがクローラーのブロックを回避しているとCloudflareが主張
#CybersecurityNews
cyberscoop.com/perplexity-b...

Scammers Use Microsoft 365 Direct Send to Spoof Emails Targeting US Firms Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

詐欺師がMicrosoft 365 Direct Sendを利用して米国企業を狙った偽メールを配信
#CybersecurityNews
hackread.com/scammers-mic...

Hacker infighting exposes Qilin ransomware affiliate panel The internal workings of a popular ransomware-as-a-service operator have been exposed by a rival hacking group.

ハッカーの内紛でQilinランサムウェア関連パネルが暴露される
#CybersecurityNews
www.cyberdaily.au/security/124...

Millions of age checks as UK Online Safety Act gets rolling : But it's OK, claims Brit government, no personal data stored 'unless absolutely necessary'

英国オンライン安全法施行に伴い、何百万件もの年齢確認を実施
#CybersecurityNews
www.theregister.com/2025/08/04/m...

CrowdStrike investigated 320 North Korean IT worker cases in the past year Threat hunters saw North Korean operatives almost daily, reflecting a 220% year-over-year increase in activity, CrowdStrike said in a new report.

CrowdStrike、過去1年間に320件の北朝鮮IT労働者事件を調査
#CybersecurityNews
cyberscoop.com/crowdstrike-...

Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations - Check Point Research Key Findings Introduction Check Point Research (CPR) has been closely monitoring the ongoing exploitation of a group of Microsoft SharePoint Server vulnerabilities collectively referred to as “ToolShe...

ToolShell以前：Storm-2603の過去のランサムウェア活動を探る
#CybersecurityNews
research.checkpoint.com/2025/before-...

Attackers exploit link-wrapping services to steal Microsoft 365 logins A threat actor has been abusing link wrapping services from reputed technology companies to mask malicious links leading to Microsoft 365 phishing pages that collect login credentials.

攻撃者はリンクラッピングサービスを悪用してMicrosoft 365のログイン情報を盗む
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Why Cybersecurity Should Be a Board-Level Priority in Every Company - Perspective from Serhii Mikhalap Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

サイバーセキュリティがすべての企業で取締役会レベルの優先事項であるべき理由 - セルヒー・ミカラップ氏の視点
#CybersecurityNews
hackread.com/cybersecurit...

Ransomware spike linked to potential zero-day flaw in SonicWall devices Researchers say hackers using the Akira ransomware strain may be exploiting the vulnerability en masse.

ランサムウェアの急増、SonicWallデバイスの潜在的なゼロデイ脆弱性に関連している
#CybersecurityNews
www.cybersecuritydive.com/news/ransomw...

Staggering 800% Rise in Infostealer Credential Theft Flashpoint data reveals an 800% increase in credentials stolen via infostealers in just six months

インフォスティーラーによる認証情報の盗難、驚異の800%増加
#CybersecurityNews
www.infosecurity-magazine.com/news/stagger...

Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing | Proofpoint US Key findings  Threat actors are impersonating various enterprises with fake Microsoft OAuth applications to steal credentials.  These campaigns bypass multifactor authentication

Microsoft OAuth アプリのなりすましキャンペーンが MFA フィッシングにつながる
#CybersecurityNews
www.proofpoint.com/us/blog/thre...

Industry groups urge vigilance as Scattered Spider evolves tactics Information-sharing organizations warned their members that Scattered Spider continues to pose a major threat.

業界団体は、Scattered Spiderの戦術が進化する中、警戒を呼びかけ
#CybersecurityNews
www.cybersecuritydive.com/news/ISAC-vi...

Over 200 Malicious Open Source Packages Traced to Lazarus Campaign North Korea’s Lazarus Group has been blamed for a cyber-espionage campaign using open source packages

200以上の悪意あるオープンソースパッケージがLazarusキャンペーンに起因することが判明
#CybersecurityNews
www.infosecurity-magazine.com/news/200-mal...

Dropbox drops Dropbox Passwords : Read-only in weeks, deleted forever in months

DropboxがDropbox Passwordsを廃止したことで、ユーザーはプランBを模索
#CybersecurityNews
www.theregister.com/2025/07/30/d...

Hackers plant 4G Raspberry Pi on bank network in failed ATM heist The UNC2891 hacking group, also known as LightBasin, used a 4G-equipped Raspberry Pi hidden in a bank's network to bypass security defenses in a newly discovered attack.

ハッカーが銀行ネットワークに4G Raspberry Piを仕掛けるもATM強盗失敗
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Journalist Discovers Google Vulnerability That Allowed People to Disappear Specific Pages From Search Negative articles about a tech CEO vanished from Google after someone made fraudulent requests using the Refresh Outdated Content Tool.

ジャーナリストがGoogleの脆弱性を発見、検索結果から特定のページを消すことが可能に
#CybersecurityNews
www.404media.co/journalist-d...

Google to Publicly Report New Vulnerabilities Within One Week of Vendo Google’s Project Zero team will provide limited details of new vulnerabilities early following discovery, in a bid to speed up end users’ patching

Google、ベンダーへの開示から1週間以内に脆弱性公表の予定
#CybersecurityNews
www.infosecurity-magazine.com/news/google-...

Third of Exploited Flaws Weaponized Within a Day of Disclosure 32.1% of vulnerabilities listed in VulnCheck’s Known Exploited Vulnerabilities catalog were weaponized before being detected or within the following day

悪用された脆弱性の3分の1、公開から1日以内に武器化される
#CybersecurityNews
www.infosecurity-magazine.com/news/third-k...

Research shows data breach costs have reached an all-time high IBM’s yearly report finds that a data breach now costs U.S. organizations more than $10 million for recovery.

IBMの調査より、データ漏洩のコストが過去最高に到達
#CybersecurityNews
cyberscoop.com/ibm-cost-dat...

Google says UK government has not demanded an encryption backdoor for its users' data | TechCrunch Google refused to tell a U.S. senator whether the company had received a secret U.K. surveillance order demanding access to encrypted data, similar to an order served on Apple earlier this year.

Google、英国政府がユーザーデータの暗号化バックドアを要求していないと言及
#CybersecurityNews
techcrunch.com/2025/07/29/g...

Minnesota activates National Guard after St. Paul cyberattack Minnesota Governor Tim Walz has activated the National Guard in response to a crippling cyberattack that struck the City of Saint Paul, the state's capital, on Friday.

米国ミネソタ州、St. Paulへのサイバー攻撃を受け州兵動員
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

How attackers are still phishing "phishing-resistant" authentication Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth tricks to sneak past modern MFA. See how Push Security shuts them down.

攻撃者は「フィッシング耐性」のある認証をいかにしてフィッシングしているのか
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Trojan.WinLNK/Powershell Runner | Point Wild Introduction A malicious LNK (Windows Shortcut) file attack is a common and stealthy technique used by cybercriminals to deliver malware by exploiting the functionality of Windows shortcut files. A co...

Trojan.WinLNK/Powershell ランナー
#CybersecurityNews
www.pointwild.com/threat-intel...

From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 | Google Cloud Blog The anatomy of UNC3944's vSphere-centric attacks, and a fortified, multi-pillar defense strategy required for mitigation.

ヘルプデスクからハイパーバイザーへ: UNC3944 から VMware vSphere 資産を守る
#CybersecurityNews
cloud.google.com/blog/topics/...

Threat Actors Lure Victims Into Downloading .HTA Files Using ClickFix To Spread Epsilon Red Ransomware | CloudSEK CloudSEK discovered a new Epsilon Red ransomware campaign targeting users globally via fake ClickFix verification pages. Active since July 2025, threat actors use social engineering and impersonate pl...

脅威アクター、ClickFixを使って被害者を誘導し、.HTAファイルをダウンロードさせ、Epsilon Redランサムウェアを拡散
#CybersecurityNews
www.cloudsek.com/blog/threat-...

Phishers Target Aviation Execs to Scam Customers KrebsOnSecurity recently heard from a reader whose boss's email account got phished and was used to trick one of the company's customers into sending a large payment to scammers. An investigation into...

フィッシング詐欺師、航空業界の幹部を狙って顧客を騙す
#CybersecurityNews
krebsonsecurity.com/2025/07/phis...

[PDF] 偵察から制御へ：サイバースパイ活動におけるKimsuky APTの作戦計画
#CybersecurityNews
www.aryaka.com/docs/reports...

Hundreds of organizations breached by SharePoint mass-hacks | TechCrunch One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country's stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hac...

SharePointの大規模ハッキングにより数百の組織が侵害される
#CybersecurityNews
techcrunch.com/2025/07/23/h...

Infostealer malware now targets cracked software users A recent analysis by AhnLab Security Intelligence Center highlights a growing cybersecurity threat from infostealer malware posing as cracked software and keygens, which are increasingly distributed t...

Infostealerマルウェアはクラックされたソフトウェアのユーザーをターゲットにしている
#CybersecurityNews
www.scworld.com/brief/infost...

Microsoft Most Phished Brand in Q2 2025, Check Point Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

CheckPoint Research、2025年第2四半期に最もフィッシング被害に遭ったブランドはMicrosoftと報告
#CybersecurityNews
hackread.com/microsoft-mo...