Microsoft、Azure Synapse Analytics における脆弱性を修正
Since March 10, Tenable Research has attempted to work with Microsoft to address two serious flaws in the underlying infrastructure of Azure Synapse Analytics....
現在の脅威の状況: 最も注目すべき脆弱性
Among the thousands of vulnerabilities disclosed so far in 2022, we highlight five and explain why they matter....
Twitter の暗号通貨詐欺:Bored Ape Yacht Club、Azuki、その他のプロジェクトが NFT や暗号通貨を盗むために偽装される
Scammers are using verified and unverified accounts to impersonate notable NFT projects like Bored Ape Yacht Club and others, tagging Twitter users to drive them to phishing websites....
2021 年の最も注目すべき脆弱性と上位に入らなかった脆弱性
Tenable が編纂した「脅威状況のまとめ (2021)」では、2021 年に発見された最も重要な脆弱性 5 件が取り上げられ解説されています。 本稿では、そこで取り上げられなかった他の影響度の高い脆弱性について詳細を探ります。When putting together the Threat Landscape Retrospective (TLR) for 2021, the Security Response Team had a particularly difficult chal...
脅威状況のまとめ (2021): 最も重要な脆弱性を中心に
A review of the year in vulnerabilities and breaches, with insights to help guide cybersecurity strategy in 2022 and beyond....
YouTube ショート: ビュー数とサブスクライバー数を増加させるために盗まれた TikTok 動画がアダルト出会い系サイトや疑わしい製品のために使用される
As Google's TikTok competitor YouTube Shorts gains viewers, hordes of scammers are quick to follow....
ビットコイン、イーサリアム、ドージコイン、カルダノ、リップル、柴犬コインの偽のプレゼントが YouTube Live で急増
Scammers are leveraging compromised YouTube accounts to promote fake cryptocurrency giveaways for Bitcoin, Ethereum, Dogecoin, Cardano, Ripple, Shiba Inu and other cryptocurrencies....
サーバー側要求偽造の検出に Tenable.io WAS を活用する
Learn how SSRF flaws arise, why three common attack paths are so challenging to mitigate and how Tenable.io Web Application Scanning can help....
TikTok LIVE 詐欺: 盗まれたライブ配信映像が TikTok ギフトを獲得するために使用されたり、収益のために詐欺に使用される
Stolen video footage of celebrities, content creators and others is being used by scammers in TikTok LIVE streams to earn TikTok gifts, peddle questionable products and drive users to adult dating websites....
イーロン・マスク氏と YouTube 広告詐欺: 暗号通貨関連の動画で SpaceX と称する偽コイン販促に勧誘
Scammers are on pace to steal nearly $1 million USD from unsuspecting users through a popular decentralized finance protocol, Uniswap, by abusing YouTube to promote a fake SpaceX coin as part of ads appearing before and during cryptocurrency videos.BackgroundIn early May, scammers compromised Twitte...
オリジン間リソース共有における脆弱性
To avoid exposure to a variety of web application vulnerabilities, specific security considerations must be made when implementing Cross-Origin Resource SharingToday’s modern web applications rely heavily on JavaScript to be dynamic, and ensure the best experience for end-users. Providing content an...
新型コロナウイルス感染症(COVID-19)に便乗した Venmo、PayPal、Cash AppCVE を利用するプレゼント詐欺
The economic impact of COVID-19, which is causing record unemployment, creates a golden opportunity for scammers looking to target vulnerable people desperate for cash to help pay their bills.As Cash App steps up the frequency of its giveaways, and celebrities and other notable figures launch giveaw...