ポッドキャスト収録用のメモですよ。
podcast - #セキュリティのアレ - ゆるーいセキュリティのポッドキャストですよ。
事件、事故
NTTネクシアの元社員が「nanacoお問合せセンター」の業務において、顧客の残高を私的に詐取していた
(11/2) 弊社元社員による不正行為の発生について|お知らせ|NTTネクシア
NTTデータが全国銀行データ通信システムの障害に関する報告
(11/6) 全国銀行データ通信システムの障害に関する取り組みについて | NTTデータ - NTT DATA
中国工商銀行 (ICBC) でランサムウェア感染被害
(11/10) ICBCFS | INDUSTRIAL & COMMERCIAL BANK OF CHINA FINANCIAL SERVICES
On November 8, 2023, U.S. Eastern Time (November 9, 2023, Beijing Time), ICBC Financial Services (FS) experienced a ransomware attack that resulted in disruption to certain FS systems. Immediately upon discovering the incident, ICBC FS disconnected and isolated impacted systems to contain the incident. ICBC FS has been conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts. ICBC FS has also reported this incident to law enforcement. We successfully cleared US Treasury trades executed Wednesday (11/08) and Repo financing trades done on Thursday (11/09).
ICBC FS's business and email systems operate independently of the Industrial and Commercial Bank of China Group. The systems of the ICBC Head Office and other domestic and overseas affiliated institutions were not affected by this incident, nor was the ICBC New York Branch.
(11/9) World’s largest commercial bank ICBC confirms ransomware attack
(11/9) Industrial and Commercial Bank of China dealing with LockBit ransomware attack
(11/10) 中国国営の中国工商銀行でサイバー被害 米国債取引に影響、金利上昇 - 日本経済新聞
攻撃、脅威
Google Cloud が 2023年第 3四半期の Threat Horizons Report を公開
(11/6) Q3 2023 Threat Horizons Report
脆弱性
CISA が Citrix Netscaler の脆弱性 (CVE-2023-6966, Citrix Bleed) に関するガイダンスを公開
CISA が Known Exploited Vulnerabilities (KEV) カタログに 1+1 個の脆弱性を追加
(11/7) CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- CVE-2023-22518 Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
(11/8) CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- CVE-2023-29552 Service Location Protocol (SLP) Denial-of-Service Vulnerability
(11/9) SLP Sliding Away With Reflection Amplification Thanks To CVE-2023-29552
SysAid にパストラバーサルの脆弱性。すでに悪用を確認
(11/8) SysAid On-Prem Software CVE-2023-47246 Vulnerability - SysAid
(11/8) SysAid On-Prem Vulnerability Disclosure · Profero
(11/9) Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
(11/9) SysAid Zero-Day Vulnerability Exploited By Lace Tempest | Rapid7 Blog
(11/10) Critical Vulnerability: SysAid CVE-2023-47246
その他
日米韓の 3ヶ国が「サイバー協議体」を新たに設置
(11/6) 한미일 3국 고위급 사이버 협의체 신설 합의
(11/6) US, South Korea, Japan to launch consultative group on North's cyber threats | Reuters
(11/6) 日米韓「サイバー協議体」新たに設置へ 北朝鮮の脅威に対抗 | NHK | サイバー攻撃
IPA が「サイバー情報共有イニシアティブ(J-CSIP) 運用状況 [2023年7月~9月]」を公開
(11/9) サイバー情報共有イニシアティブ(J-CSIP) 運用状況 [2023 年 7 月~9 月]
CISA などが共同で、ソフトウェアサプライチェーンのセキュリティに関するガイダンスを公開
(11/9) CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain | CISA
Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework (ESF), this guidance provides software developers and suppliers with industry best practices and principles, including managing open source software and software bills of materials (SBOM), to maintain and provide awareness about the security of software.
