高度な OT セキュリティで国防総省ビル管理システムを保護
米国国防総省 (DoD) の ビル管理システム (BMS) に対するサイバー脅威は、IoT などのスマートテクノロジーの採用を機に飛躍的に増大しました。 These smart technologies are designed to improve the monitoring and maintenance of these systems, but they also create new…
ScreenConnect における脆弱性に関するよくある質問
Frequently asked questions about two vulnerabilities affecting ConnectWise ScreenConnect
マネージド型 Kubernetes のメリット
As an organization grows its usage of containers, managing them becomes more complex. A common response is to adopt Kubernetes for container orchestration. But how do you properly secure your Kubernetes clusters? And should your organization host its Kubernetes deployments or instead choose a…
サイバーセキュリティニュース: ChatGPT のコード解析機能はそこそこ、JCDC は重要インフラの保護強化を約束
Check out why ChatGPT’s code analysis skills left Carnegie Mellon researchers unimpressed. Plus, JCDC will put special focus on critical infrastructure security in 2024. Meanwhile, CISA and OpenSSF shine a spotlight on the security of software package repositories. And scammers leveraged tech tools…
豚殺し詐欺: Tinder、TikTok、WhatsApp、Telegram などを悪用した長期詐欺が数億ドルを盗取
本稿は、豚殺し詐欺を解説した 2 部構成のブログの第 1 部です。世界で何万人もの人に被害を与え、数億ドルの損失が生じた犯罪について解説し、This blog highlights the who and the how of Pig butchering scams, and details the Pig butchering…
豚殺し詐欺: ビットコイン、イーサリアム、ライトコイン、金スポット (XAUUSD) 投資が恋愛詐欺に悪用されて数億ドルの被害に
本稿は、2022 年末から 2024 年初旬まで実施した豚殺し詐欺の直接調査の内容を 2 部構成で解説するブログの第 2 部です。In this post, we delve into the types of investment scams perpetrated by pig butchers to steal hundreds of millions of dollars from victims, including in the form…
マイクロソフトの 2024 年 2 月月例セキュリティ更新プログラム 73 件の CVE に対処 (CVE-2024-21351、CVE-2024-21412)
Microsoft addresses 73 CVEs, including three zero-day vulnerabilities that were exploited in the wild.
サーバーレスアーキテクチャでクラウドネイティブアプリケーションを保護
Cybersecurity teams often struggle with securing cloud-native applications, which are becoming increasingly popular with developers. The good news is that deploying these applications on a serverless architecture can make it easier to protect them. Here’s why.
未使用のアクセスアナライザーで最小権限アクセスを実現
AWS IAM Access Analyzer can now detect action-level unused permissions. It’s a great enhancement in the native toolbox to achieve least privilege — but if you need comprehensive entitlements management at scale you will probably need additional tooling and work. Find out why and what you can do to…
CVE-2024-21762: Fortinet FortiOS の SSL-VPN 機能における境界外書き込みに関する緊急な脆弱性
Fortinet warns of “potentially” exploited flaw in the SSL VPN functionality of FortiOS, as government agencies warn of pre-positioning by Chinese state-sponsored threat actors in U.S. critical infrastructure through exploitation of known vulnerabilities
水の安全保障を強化:業界リーダーが議会証言
The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection recently brought together industry leaders and stakeholders to discuss the urgent need for protective measures, baseline cybersecurity standards and collaboration initiatives to fortify the nation’s critical…
サイバーセキュリティニュース: サイバーセキュリティー当局、重要インフラ組織に対する中国政府支援のボルトタイフーンについて警告
The Volt Typhoon hacking gang is stealthily breaching critical infrastructure IT environments so it can strike on behalf of the Chinese government, cyber agencies say. Plus, ransomware gangs netted $1 billion-plus in 2023. In addition, new group tasked with addressing the quantum computing threat…
営業チームに問い合わせる