今週の気になるセキュリティニュース - Issue #184

Revue アレかね

ポッドキャスト収録用のメモですよ。

podcast - #セキュリティのアレ - ゆるーいセキュリティのポッドキャストですよ。


事件、事故

National Public Data が不正アクセスによる情報漏洩を公表

(8/16) Security Incident

There appears to have been a data security incident that may have involved some of your personal information. The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024. We conducted an investigation and subsequent information has come to light. What Information Was Involved? The information that was suspected of being breached contained name, email address, phone number, social security number, and mailing address(es).

(8/11) Hackers leak 2.7 billion data records with Social Security numbers

Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.

(8/14) Troy Hunt: Inside the "3 Billion People" National Public Data Breach

(8/16) National Public Data confirms breach exposing Social Security numbers


攻撃、脅威

Palo Alto Networks が2024年上半期のランサムウェア活動状況を報告

(8/9) Ransomware Review: First Half of 2024


FBI がランサムウェアグループ Radar/Dispossessor を摘発

(8/12) International Investigation Leads to Shutdown of Ransomware Group — FBI

On August 12, FBI Cleveland announced the disruption of “Radar/Dispossessor"—the criminal ransomware group led by the online moniker "Brain"—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain.

(8/12) Northern District of Ohio | Websites Seized in Multi-national, Ransomware Takedown | United States Department of Justice


XLab がボットネットによる X への DDoS 攻撃について報告

(8/14) Behind the Scenes: A Brief Overview of the DDoS Attack on the Trump-Musk Livestream


Google がイランの攻撃者グループ APT42 によるフィッシングキャンペーンについて報告

(8/14) Iranian backed group steps up phishing campaigns against Israel, U.S.

Today Google’s Threat Analysis Group (TAG) is sharing insights on APT42, an Iranian government-backed threat actor, and their targeted phishing campaigns against Israel and Israeli targets. We are also confirming recent reports around APT42’s targeting of accounts associated with the U.S. presidential election.


Citizen Lab などが共同で、ロシアの攻撃者グループ COLDRIVER および COLDWASTREL によるフィッシングキャンペーンについて報告

(8/14) Rivers of Phish: Sophisticated Phishing Targets Russia’s Perceived Enemies Around the Globe - The Citizen Lab

(8/14) Russia-linked phishing campaigns ensnare civil society and NGOs


NICT が 2024年上半期の IoT ボットの観測状況を報告

(8/15) 2024年上半期のIoTボットの観測状況 - NICTER Blog


脆弱性

Microsoft が 2024年 8月の月例パッチを公開。すでに悪用が確認されている脆弱性を含む。

(8/13) 2024 年 8 月のセキュリティ更新プログラム (月例) | MSRC Blog | Microsoft Security Response Center

今月のセキュリティ更新プログラムで修正した脆弱性のうち、以下の脆弱性は更新プログラムが公開されるよりも前に悪用や脆弱性の詳細が一般へ公開されていることを確認しています。お客様においては、更新プログラムの適用を早急に行ってください。脆弱性の詳細は、各 CVE のページを参照してください。

(8/13) Zero Day Initiative — The August 2024 Security Update Review

(8/13) New Windows SmartScreen bypass exploited as zero-day since March


CISA が Known Exploited Vulnerabilities (KEV) カタログに 6+1 個の脆弱性を追加

(8/13) CISA Adds Six Known Exploited Vulnerabilities to Catalog | CISA

(8/15) CISA Adds One Known Exploited Vulnerability to Catalog | CISA

  • CVE-2024-28986 SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability


その他

NISTが最初の 3つの耐量子計算機暗号標準を公開

(8/13) NIST Releases First 3 Finalized Post-Quantum Encryption Standards | NIST

(8/13) IBM-Developed Algorithms Announced as NIST's First Published Post-Quantum Cryptography Standards


公安調査庁が令和6年「内外情勢の回顧と展望」を公表

(8/15) 令和6年「内外情勢の回顧と展望」の公表について | 公安調査庁