マイクロソフト、2023 年 9 月の月例セキュリティ更新プログラムで 61 件の CVE に対応 (CVE-2023-36761)
Microsoft addresses 61 CVEs including two vulnerabilities that were exploited in the wild
AA23-250A: 複数の国家による脅威アクターが CVE-2022-47966 および CVE-2022-42475 を悪用
A joint Cybersecurity Advisory examines the exploitation of two critical vulnerabilities by nation-state threat actors.
AA23-215A: 2022 年に最も日常的に悪用された脆弱性
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022.
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core における API へ認証なしにアクセスできる脆弱性
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
MOVEit Transfer の脆弱性と Cl0p ランサムウェアギャングに関するよくある質問
活動のさかんな CL0P ランサムウェアハッカー集団によって悪用された脆弱性など、MOVEit Transfer の脆弱性に関する FAQ をご紹介します。
CVE-2023-20887: VMware Aria Operations for Networks におけるコマンド インジェクションの脆弱性
VMware issues advisory to address three flaws in its VMware Aria Operations for Networks solution, including a critical command injection flaw assigned a CVSSv3 score of 9.8.
Microsoft の 2023 年 6 月月例セキュリティ更新プログラム、70 件の CVE を修正 (CVE-2023-29357)
Microsoft addresses 70 CVEs in its June 2023 Patch Tuesday update including six rated as critical.
Volt Typhoon: 国際サイバーセキュリティ当局、中国の国家支援型サイバー攻撃集団に関連する活動の詳細を発表
Several international cybersecurity authorities from the United States, United Kingdom, Australia, Canada and New Zealand issue a joint advisory detailing tactics, techniques and procedures used in recent attacks by a Chinese state-sponsored threat actor.
マイクロソフトの 2023 年 5 月月例セキュリティ更新プログラム、38 件の CVE を修正 (CVE-2023-29336)
Microsoft addresses 38 CVEs including three zero-day vulnerabilities, two of which were exploited in the wild.
CVE-2023-20864: VMware Aria Operations for Logs のデシリアライゼーションの脆弱性
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8.
マイクロソフトの 2023 年 4 月月例セキュリティ更新プログラム: 97 件の CVE を修正 (CVE-2023-28252)
Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day.
マイクロソフト 2023 年 2 月月例セキュリティ更新プログラム、75 件の CVE を修正 (CVE-2023-23376)
Microsoft addresses 75 CVEs including three zero-day vulnerabilities that were exploited in the wild.
営業チームに問い合わせる