piyokango's Avatar

piyokango

@piyokango.bsky.social

セキュリティインコです🐣 Blueskyでは海外のセキュリティ関連記事を中心につぶやきます。気の向くままブログ(piyolog)も書いてます📝Podcast #セキュリティのアレ も参加中です🎤よろしくお願いします~🐦 プロフィール画像はアレティさんに描いて頂きました😃

1,126 Followers  |  2 Following  |  973 Posts  |  Joined: 27.11.2023  |  1.9252

Latest posts by piyokango.bsky.social on Bluesky

Preview
Ransomware Payments Get Bigger Even as Fewer Pay Fewer organizations are paying the ransom when confronted with a ransomware attack – but those that do make ransomware payments

ランサムウェアの支払額は減少する一方で、支払額は増加している
#CybersecurityNews
thecyberexpress.com/ransomware-p...

22.10.2025 01:54 — 👍 3    🔁 2    💬 1    📌 0
Preview
Pro-Russia Information Operations Leverage Russian Drone Incursions into Polish Airspace | Google Cloud Blog Pro-Russia information operations promoting narratives related to the incursion of Russian drones into Polish airspace.

親ロシア派の情報作戦はロシアのドローンによるポーランド領空侵犯を利用
#CybersecurityNews
cloud.google.com/blog/topics/...

22.10.2025 01:50 — 👍 2    🔁 0    💬 0    📌 0
Preview
Proactive protection

ソルティ・マッチ:最近のSalt Typhoonの侵入に関するDarktraceの見解
#CybersecurityNews
www.darktrace.com/blog/salty-m...

22.10.2025 01:50 — 👍 1    🔁 0    💬 0    📌 0
Preview
What the Huge AWS Outage Reveals About the Internet Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web—and highlighting a long-standing weakness in the internet's infrastructure.

AWSの大規模障害がインターネットについて明らかにしたこと
#CybersecurityNews
www.wired.com/story/what-t...

22.10.2025 01:49 — 👍 4    🔁 1    💬 0    📌 1
Tracking Malware and Attack Expansion: A Hacker Group’s Journey across Asia | FortiGuard Labs FortiGuard Labs has tracked a hacker group expanding attacks from Mainland China to Malaysia, linking campaigns through shared code, infrastructure, and tactics.…

マルウェアと攻撃拡大の追跡:アジアを横断するハッカー集団の旅
#CybersecurityNews
www.fortinet.com/blog/threat-...

22.10.2025 01:47 — 👍 1    🔁 0    💬 0    📌 0
Preview
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER | Google Cloud Blog Russia state-sponsored COLDRIVER started using new malware immediately following a May public disclosure of their activity.

ロボットになるか、そうでないか:ロシア政府が支援するCOLDRIVERに起因する新たなマルウェア
#CybersecuityNews
cloud.google.com/blog/topics/...

22.10.2025 01:46 — 👍 1    🔁 0    💬 0    📌 0
Preview
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities Trend Research examines the latest version of the Vidar stealer, which features a full rewrite in C, a multithreaded architecture, and several enhancements that warrant attention. Its timely evolution...

高速、広範囲、そして捉えにくい:Vidar Stealer 2.0 がインフォスティーラーの機能をアップグレードする方法
#CybersecurityNews
www.trendmicro.com/en_us/resear...

22.10.2025 01:45 — 👍 1    🔁 0    💬 0    📌 0
Preview
Lumma Stealer Slowed by Doxxing Campaign The prolific threat actors behind the Lumma Stealer malware have been slowed by an underground doxxing campaign in recent months.

DOXINGキャンペーンにより Lumma Stealer の活動鈍化
#CybersecurityNews
thecyberexpress.com/lumma-steale...

22.10.2025 01:30 — 👍 1    🔁 0    💬 0    📌 0
Preview
Odyssey Stealer & AMOS Hit macOS Developers with Fake Homebrew Sites A large-scale macOS malware campaign mimics trusted dev tools to spread Odyssey Stealer and AMOS via fake Homebrew sites. Learn more.

Odyssey StealerとAMOSのキャンペーン、偽ツールを通じてmacOS開発者を標的に
#CybersecurityNews
hunt.io/blog/macos-o...

20.10.2025 05:28 — 👍 1    🔁 0    💬 0    📌 0
Preview
TikTok videos continue to push infostealers in ClickFix attacks Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware.

TikTok動画、ClickFixを介してInfostealerを駆り立て続けている
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

20.10.2025 05:25 — 👍 2    🔁 0    💬 0    📌 0
Preview
Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities A nation-state actor stole BIG-IP source code and information on undisclosed vulnerabilities from F5. We explain what sets this theft apart from others.

脅威概要:国家レベルの攻撃者がF5のソースコードと未公開の脆弱性を盗む
#CybersecurityNews
unit42.paloaltonetworks.com/nation-state...

17.10.2025 07:01 — 👍 3    🔁 0    💬 0    📌 0
Preview
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains | Google Cloud Blog North Korea threat actor UNC5342 is leveraging the EtherHiding technique in espionage and financially motivated operations.

北朝鮮がEtherHidingを採用:ブロックチェーン上に国家レベルのマルウェアを潜ませる
#CybersecurityNews
cloud.google.com/blog/topics/...

17.10.2025 07:00 — 👍 1    🔁 0    💬 0    📌 0
Preview
中國駭客Flax Typhoon將地理資訊平臺元件ArcGIS充當後門,埋伏受害組織超過一年 資安業者ReliaQuest揭露專門鎖定地理位置資訊伺服器(GIS)ArcGIS的攻擊行動,中國駭客Flax Typhoon利用的手法相當罕見,他們將現成的Java伺服器物件延伸功能(Server Object Extension,SOE)改造成Web Shell,充當後門使用,以便藉由合法流量掩蓋行蹤

中国ハッカーFlax Typhoonが地理情報プラットフォームのコンポーネントであるArcGISをバックドアとして利用、1年以上にわたり被害組織に潜伏
#CybersecurityNews
www.ithome.com.tw/news/171705

17.10.2025 06:59 — 👍 2    🔁 0    💬 0    📌 0
Preview
Fake LastPass, Bitwarden breach alerts lead to PC hijacks An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the...

偽のLastPass、Bitwardenの侵害アラートがPCの乗っ取りにつながる
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

17.10.2025 06:58 — 👍 2    🔁 0    💬 0    📌 0
CISA Issues Emergency Directive to Address Critical Vulnerabilities in F5 Devices | CISA

CISA、F5デバイスの重大な脆弱性に対処するための緊急指令発令
#CybersecurityNews
www.cisa.gov/news-events/...

17.10.2025 06:58 — 👍 1    🔁 0    💬 0    📌 0
Preview
Elasticsearch Leak Exposes 6 Billion Records from Scraping, Old and New Breaches Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Elasticsearchの漏洩、スクレイピング、新旧の侵害から60億件のレコードが流出
#CybersecurityNews
hackread.com/elasticsearc...

17.10.2025 06:57 — 👍 1    🔁 0    💬 0    📌 0
Preview
PhantomVAI Loader Delivers a Range of Infostealers PhantomVAI is a new loader used to deploy multiple infostealers. We discuss its overall evolution and use of steganography and obfuscated scripts.

PhantomVAI Loaderはさまざまなインフォスティーラーを配信
#CybersecurityNews
unit42.paloaltonetworks.com/phantomvai-l...

17.10.2025 06:57 — 👍 1    🔁 0    💬 0    📌 0
Preview
When the monster bytes: tracking TA585 and its arsenal | Proofpoint US Key findings  TA585 is a sophisticated cybercriminal threat actor recently named by Proofpoint. It operates its entire attack chain from infrastructure to email delivery to malware

モンスターバイト:TA585とその武器を追跡
#CybersecurityNews
www.proofpoint.com/us/blog/thre...

17.10.2025 06:56 — 👍 1    🔁 0    💬 0    📌 0
Preview
Anatomy of an Attack: The "BlackSuit Blitz" at a Global Equipment Manufacturer BlackSuit ransomware delivered by APT Ignoble Scorpius started with a vishing attack. Read how Unit 42 helped and the ultimate outcome.

攻撃の解剖:世界的な機器メーカーへの「BlackSuit Blitz」
#CybersecurityNews
unit42.paloaltonetworks.com/anatomy-of-a...

17.10.2025 06:53 — 👍 1    🔁 0    💬 0    📌 0
Preview
Security firms dispute credit for overlapping CVE reports FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting t...

セキュリティ企業は重複したCVE報告の功績に異議を唱える
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

17.10.2025 06:52 — 👍 1    🔁 0    💬 0    📌 0
Preview
SonicWall VPN accounts breached using stolen creds in widespread attacks Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials.

広範囲にわたる攻撃で盗まれた認証情報使用、SonicWallのVPNアカウントが侵害
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

13.10.2025 18:27 — 👍 1    🔁 0    💬 0    📌 0
Preview
Hackers Target ScreenConnect Features For Network Intrusions A rise in attacks exploiting RMM tools like ScreenConnect enables system control via phishing tactics

ハッカー、ネットワーク侵入にScreenConnect機能標的
#CybersecurityNews
www.infosecurity-magazine.com/news/hackers...

13.10.2025 18:26 — 👍 2    🔁 0    💬 0    📌 0
Preview
OpenAI’s Guardrails Can Be Bypassed by Simple Prompt Injection Attack Follow us on Blue Sky, Mastodon Twitter, Facebook and LinkedIn @Hackread

OpenAIのガードレール、単純なプロンプトインジェクション攻撃によって回避可能
#CybersecurityNews
hackread.com/openai-guard...

13.10.2025 18:25 — 👍 4    🔁 1    💬 0    📌 0
Preview
The Golden Scale: Bling Libra and the Evolving Extortion Economy Scattered Lapsus$ Hunters: Organizations, be aware of the effort of this cybercriminal alliance as they target retail and hospitality for extortion.

黄金の天秤:Bling Libraと進化する恐喝経済
#CybersecurityNews
unit42.paloaltonetworks.com/scattered-la...

13.10.2025 18:25 — 👍 1    🔁 0    💬 0    📌 0
Preview
100,000+ IP Botnet Launches Coordinated RDP Attack Wave Against US Infrastructure Since October 8, 2025, GreyNoise has tracked a coordinated botnet operation involving over 100,000 unique IP addresses from more than 100 countries targeting Remote Desktop Protocol (RDP) services in ...

10万以上のIPボットネットが米国のインフラに対して協調的なRDP攻撃を開始
#CybersecurityNews
www.greynoise.io/blog/botnet-...

13.10.2025 18:24 — 👍 3    🔁 0    💬 0    📌 0
Preview
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot Forescout said that the TwoNet actor was lured into attacking a honeypot disguised as a water treatment utility, providing insights into the group’s tactics

親ロシア派ハクティビスト、水道事業のハニーポットへの攻撃を「主張」
#CybersecurityNews
www.infosecurity-magazine.com/news/russia-...

13.10.2025 18:24 — 👍 2    🔁 0    💬 0    📌 0
Preview
DDoS Botnet Aisuru Blankets US ISPs in Record DDoS The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Ver...

DDoSボットネットAisuru、米国ISPを記録的なDDoS攻撃
#CybersecurityNews
krebsonsecurity.com/2025/10/ddos...

13.10.2025 18:23 — 👍 2    🔁 0    💬 0    📌 0
Preview
Velociraptor leveraged in ransomware attacks Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool.

ランサムウェア攻撃に利用されたヴェロキラプトル
#CybersecurityNews
blog.talosintelligence.com/velociraptor...

10.10.2025 03:06 — 👍 1    🔁 0    💬 0    📌 0
Preview
Investigating targeted “payroll pirate” attacks affecting US universities | Microsoft Security Blog Microsoft Threat Intelligence has identified a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert...

米国の大学を標的とした「給与海賊」攻撃の調査
#CybersecurityNews
www.microsoft.com/en-us/securi...

10.10.2025 03:05 — 👍 2    🔁 0    💬 0    📌 0
Preview
Renewal of cyber information-sharing law must mind the gap, senator says Companies that are still sharing threat information with the government despite the lapse of the law known as CISA 2015 should be protected retroactively when Congress revives that authority, Sen. Gar...

サイバー情報共有法の改正はギャップに留意する必要があると上院議員が主張
#CybersecuriyNews
therecord.media/cisa-2015-re...

10.10.2025 03:04 — 👍 2    🔁 0    💬 0    📌 0

@piyokango is following 2 prominent accounts