ポッドキャスト収録用のメモですよ。
podcast - #セキュリティのアレ - ゆるーいセキュリティのポッドキャストですよ。
事件、事故
DeepSeek の利用に関して、セキュリティやプライバシー上の問題点や悪用事例に関する報告、各国の利用規制の動向など
(1/27) DeepSeek Service Status - DeepSeek 网页/API 性能异常(DeepSeek Web/API Degraded Performance)
Due to large-scale malicious attacks on DeepSeek's services, we are temporarily limiting registrations to ensure continued service. Existing users can log in as usual. Thanks for your understanding and support.
Wiz Research has identified a publicly accessible ClickHouse database belonging to DeepSeek, which allows full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams containing chat history, secret keys, backend details, and other highly sensitive information. The Wiz Research team immediately and responsibly disclosed the issue to DeepSeek, which promptly secured the exposure.
(1/30) Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek
Our investigation into DeepSeek's vulnerability to jailbreaking techniques revealed a susceptibility to manipulation. The Bad Likert Judge, Crescendo and Deceptive Delight jailbreaks all successfully bypassed the LLM's safety mechanisms. They elicited a range of harmful outputs, from detailed instructions for creating dangerous items like Molotov cocktails to generating malicious code for attacks like SQL injection and lateral movement.
(1/31) Evaluating Security Risk in DeepSeek - Cisco Blogs
This article investigates vulnerabilities in DeepSeek R1, a new frontier reasoning model from Chinese AI startup DeepSeek. It has gained global attention for its advanced reasoning capabilities and cost-efficient training method. While its performance rivals state-of-the-art models like OpenAI o1, our security assessment reveals critical safety flaws.
Using algorithmic jailbreaking techniques, our team applied an automated attack methodology on DeepSeek R1 which tested it against 50 random prompts from the HarmBench dataset. These covered six categories of harmful behaviors including cybercrime, misinformation, illegal activities, and general harm.
The results were alarming: DeepSeek R1 exhibited a 100% attack success rate, meaning it failed to block a single harmful prompt. This contrasts starkly with other leading models, which demonstrated at least partial resistance.
Our findings suggest that DeepSeek’s claimed cost-efficient training methods, including reinforcement learning, chain-of-thought self-evaluation, and distillation may have compromised its safety mechanisms. Compared to other frontier models, DeepSeek R1 lacks robust guardrails, making it highly susceptible to algorithmic jailbreaking and potential misuse.
We will provide a follow-up report detailing advancements in algorithmic jailbreaking of reasoning models. Our research underscores the urgent need for rigorous security evaluation in AI development to ensure that breakthroughs in efficiency and reasoning do not come at the cost of safety. It also reaffirms the importance of enterprises using third-party guardrails that provide consistent, reliable safety and security protections across AI applications.
This large-scale cyber attack on DeepSeek is a well-planned and organized attack with clear objectives. The motive and purpose of attackers choosing to launch attacks at key nodes where DeepSeek has achieved remarkable results and attracted global attention is thought-provoking. This incident not only exposes the security risks of international cyberspace, but also reflects the technological competition and geopolitical game that Chinese technology enterprises may face in the process of globalization.
(2/4) Jailbreaking Generative AI with Deepseek - Exploring Risks
Soon after the launch of AI models DeepSeek and Qwen, Check Point Research witnessed cyber criminals quickly shifting from ChatGPT to these new platforms to develop malicious content. Threat actors are sharing how to manipulate the models and show uncensored content, ultimately allowing hackers and criminals to use AI to create malicious content. Called jailbreaking, there are many methods to remove censors from AI models. However, we now see in-depth guides to jailbreaking methods, bypassing anti-fraud protections, and developing malware itself.
(2/6) NowSecure Uncovers Multiple Security and Privacy Flaws in DeepSeek iOS Mobile App - NowSecure
国内動向
(2/3) DeepSeekに関する情報提供 |個人情報保護委員会
生成AIサービスについては、その利用が世界的に普及している中、新たにDeepSeek社注1 による生成AIサービスが開発され、サービス提供が開始されています。同社の生成AIサービスについては、日本国内でサービス提供体制が構築されている他のサービスとは異なり、留意すべき点がありますが、同社が公表するプライバシーポリシーは中国語と英語表記のもののみとなっています。このため、同社が公表するプライバシーポリシーの記載内容に関して、以下のとおり、情報提供を行います。
①当該サービスの利用に伴いDeepSeek社が取得した個人情報を含むデータは、中華人民共和国に所在するサーバに保存されること
②当該データについては、中華人民共和国の法令が適用されること
(2/6) DeepSeek 等の生成 AI の業務利用に関する注意喚起(事務連絡)
(2/6) ディープシークの生成AI利用「慎重な対応を」…林官房長官、各府省庁に政府方針の徹底通知 : 読売新聞
各国規制
(2/3) Taiwan bans government departments from using DeepSeek AI | Reuters
(2/5) Federal government bans DeepSeek AI from all government devices - Cyber Daily
(2/6) South Korean ministries block DeepSeek on security concerns, officials say | Reuters
(2/6) DeepSeek banned from civil servants' computers over spy concerns - DutchNews.nl
日本政府が能動的サイバー防御の関連法案を閣議決定
(2/7) サイバー安全保障に関する取組(能動的サイバー防御の実現に向けた検討など)|内閣官房ホームページ
(2/7) 政府、サイバー防御へ権限強化 通信監視、被害報告も義務付け | 共同通信
(2/7) 海外発サイバー攻撃、未然に防ぐ 政府が法案を閣議決定 - 日本経済新聞
攻撃、脅威
内閣サイバーセキュリティセンター (NISC) が国内の事業者への DDoS 攻撃に関する注意喚起
(2/4) DDoS 攻撃への対策について(注意喚起)
昨年12月から本年1月の年末年始にかけて、航空事業者・金融機関・通信事業者等に対するDDoS攻撃が相次いで発生しております。これらの攻撃はIoTボットネット等が用いられ、UDPフラッド攻撃やHTTPフラッド攻撃など、複数種類の攻撃が行われており、今後、大規模な攻撃が発生する可能性も否定できません。
(2/4) 年末年始の企業「DDoS攻撃」、異例の広範囲「絨毯爆撃型」…対策難しく「能動的防御」の必要性 : 読売新聞
年末年始に国内の航空や金融機関などが狙われた一連のサイバー攻撃は、大量のデータを送りつける「DDoS(ディードス)攻撃」の中でも、企業内のサーバーやネットワーク機器を広範囲に攻撃する「 絨毯じゅうたん 爆撃型」だったことが関係者への取材でわかった。絨毯爆撃型による攻撃が国内でこれほど大規模に行われるのは異例。特定の機器を狙った従来の攻撃より対策が難しく、専門家は「能動的サイバー防御」の導入の必要性を訴える。
Trend Micro が 7-Zip の脆弱性 (CVE-2025-0411) を悪用する攻撃活動について報告
- In September, 2024 the Zero Day Initiative (ZDI) Threat Hunting team identified the exploitation of a 7-Zip zero-day vulnerability used in a SmokeLoader malware campaign targeting Ukrainian entities.
- The vulnerability, CVE-2025-0411, was disclosed to 7-Zip creator Igor Pavlov, leading to the release of a patch in version 24.09 on November 30, 2024.
- CVE-2025-0411 allows the bypassing of Windows Mark-of-the-Web protections by double archiving files, thus preventing necessary security checks and allowing the execution of malicious content.
- The vulnerability was actively exploited by Russian cybercrime groups through spear-phishing campaigns, using homoglyph attacks to spoof document extensions and trick users and the Windows Operating System into executing malicious files.
- The vulnerability was likely exploited as a cyberespionage campaign against Ukrainian government and civilian organizations as part of the ongoing Russo-Ukraine conflict.
- We provide recommendations for organizations to proactively secure their systems. This includes updating 7-Zip to at least version 24.09, implementing strict email security measures, and conducting employee training on phishing (including homoglyph attacks).
Coveware が 2024年第 4四半期のランサムウェアレポートを公開
(2/4) Will Law Enforcement success against ransomware continue in 2025?
Chainalysis が 2024年のランサムウェアによる身代金支払いの状況について報告
(2/5) Crypto Ransomware 2025: 35.82% YoY Decrease in Ransomware Payments
The ransomware landscape experienced significant changes in 2024, with cryptocurrency continuing to play a central role in extortion. However, the total volume of ransom payments decreased year-over-year (YoY) by approximately 35%, driven by increased law enforcement actions, improved international collaboration, and a growing refusal by victims to pay.
警察庁が「令和6年における特殊詐欺及びSNS型投資・ロマンス詐欺の認知・検挙状況等について(暫定値版)」を公表
(2/7) 令和6年における特殊詐欺及びSNS型投資・ロマンス詐欺の認知・検挙状況等について(暫定値版)
脆弱性
Android が複数の脆弱性を修正。すでに悪用が確認されている脆弱性を含む。
(2/3) Android Security Bulletin February 2025 | Android Open Source Project
Note: There are indications that CVE-2024-53104 may be under limited, targeted exploitation.
CISA が Known Exploited Vulnerabilities (KEV) カタログに 4+1+5+1 個の脆弱性を追加
(2/4) CISA Adds Four Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2024-45195 Apache OFBiz Forced Browsing Vulnerability
- CVE-2024-29059 Microsoft .NET Framework Information Disclosure Vulnerability
- CVE-2018-9276 Paessler PRTG Network Monitor OS Command Injection Vulnerability
- CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
(2/5) CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability
(2/6) CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability
- CVE-2022-23748 Dante Discovery Process Control Vulnerability
- CVE-2024-21413 Microsoft Outlook Improper Input Validation Vulnerability
- CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
- CVE-2020-15069 Sophos XG Firewall Buffer Overflow Vulnerability
(2/7) CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability
その他
欧米各国が共同でエッジデバイスの保護に関するガイダンスを公表
CISA—in partnership with international and U.S. organizations—released guidance to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems.
