図々しく荒削りで非論理的: 恐喝グループ「LAPSUS$」を理解する
2022 年の最初の数か月で業界の注目を集めた後、恐喝グループ「LAPSUS$」は息をひそめていますが、 What can we learn from this extortion group’s story and tactics?...
現在のサイバーセキュリティ対策における 6 つの重要事項
7 月 15 日までの週の主要トピックス: 技術的負債が政府のサイバーセキュリティ対策の成功を妨げる。SaaS のセキュリティ対策を怠ると被害に結び付く。最も危険なソフトウェアの弱点のランキング。重要インフラ保護対策について学んだこと。And much more!...
重要インフラ保護対策: 最近のセキュリティインシデントから学んだこと
Learn about well-known vulnerabilities and attacks and how they affected critical infrastructure —from Phone Phreaking to recent ransomware....
Microsoft の 2022 年 7 月月例セキュリティ更新プログラム、84 件の CVE を修正 (CVE-2022-22047)
Microsoft addresses 84 CVEs in its July 2022 Patch Tuesday release, including four critical flaws and one zero day that has been exploited in the wild....
Nessus Expert のご紹介 - 現代のアタックサーフェスに対応する新しい製品
Nessus は長年、脆弱性評価でその最も優秀な性能が認められてきました。With the introduction of Nessus Expert, you can now protect against new, emerging cyberthreats across cloud infrastructure and understand what's in your external attack surface....
Cloud and Data Security for Financial Services
Financial service organizations are adopting the cloud at a rapid pace. A robust solution for compliance and cloud security will ensure they enjoy all the benefits....
現在のサイバーセキュリティ対策における 6 つの重要事項
Topics that are top of mind for the week ending July 1 | Cybersecurity budgeting priorities. All you ever wanted to know about ransomware. CISOs weigh best-of-breed vs. platforms. The epidemic of identity-related breaches. And much more!...
CVE-2022-28219: Zoho ManageEngine ADAuditPlus における未認証リモートコード実行の脆弱性に対する概念実証が公開される
New information and technical details, including a proof-of-concept have been published for a remote code execution flaw in Zoho ManageEngine ADAudit Plus that was patched last month. ...
Forescout の「OT: ICEFALL」、オペレーショナルテクノロジーの設計上の脆弱性状態を調査
The latest research from Forescout’s Vedere Labs explores the state of risk management in operational technology through the lens of 56 insecure-by-design vulnerabilities....
ランサムウェアのエコシステム: 画面ロックから企業に数百万ドルの損害を与えるランサムウェア犯罪集団まで
Ransomware is a constantly evolving cyberthreat, and it is through its evolution that ransomware has managed to not only survive, but thrive....
Identifying XML External Entity: Tenable.io WAS を活用する
XML External Entity (XXE) flaws present unique mitigation challenges and remain a common attack path. Learn how XXE flaws arise, why some common attack paths are so challenging to mitigate and how Tenable.io Web Application Scanning can help....
CVE-2022-27511、CVE-2022-27512: Citrix、Application Delivery Management における 2 件の脆弱性を修正
Citrix patches a “nasty bug” in its Application Delivery Management solution that is difficult to exploit....