Pismo.md (47)
←← 掲示板一覧に戻る ← スレッド一覧に戻る2 野に咲く名無し@転載禁止 2024/07/26 (金) 00:46:37.304 ID:???-409297181023
すんごい馬鹿
Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer
https://www.crowdstrike.com/blog/fake-recovery-manual-used-to-deliver-unidentified-stealer/
The analyzed file,
New_Recovery_Tool_to_help_with_CrowdStrike_issue_impacting_Windows.docm
(SHA256 hash:
803727ccdf441e49096f3fd48107a5fe55c56c080f46773cd649c9e55ec1be61
), is a Word document containing malicious macros.
3 野に咲く名無し@転載禁止 2024/07/26 (金) 00:50:05.331 ID:???-441642870145
凄い馬鹿...
CrowdStrike offers a $10 apology gift card to say sorry for outage
https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/" data-lightbox="image">https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/" loading="lazy">
https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/
CrowdStrike, the cybersecurity firm that crashed millions of computers with a botched update all over the world last week, is offering its partners a $10 Uber Eats gift card as an apology, according to several people who say they received the gift card, as well as a source who also received one.
4 野に咲く名無し@転載禁止 2024/07/26 (金) 00:52:21.141 ID:???-539300267298
🤔
🚨 Data Breach Alert: CrowdStrike 🚨
A member of BreachForums has posted about a significant data breach involving CrowdStrike. The compromised data includes aliases, last active dates, status, origin, target industries, target countries, actor types, and motivations. Additionally, their entire IOC list, comprising more than 250 million data points, has been scraped and will be released soon.
5 野に咲く名無し@転載禁止 2024/07/26 (金) 00:55:06.869 ID:???-586838080885
PXEとか久しぶりに聞いた
New Recovery Tool to help with CrowdStrike issue impacting Windows endpoints
https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959
Additional considerations
Although the USB option is preferred, some devices may not support USB connections. In such cases, we provide detailed steps below for using the Preboot Execution Environment (PXE) option. If the device cannot connect to a PXE network and USB is not an option, reimaging the device might be a solution.
6 野に咲く名無し@転載禁止 2024/07/26 (金) 00:58:23.089 ID:???-289615390812
これも馬鹿...
Google Abandons Plan to Phase Out Third-Party Cookies in Chrome
https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html
"Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they'd be able to adjust that choice at any time,"
8 野に咲く名無し@転載禁止 2024/07/26 (金) 01:04:53.138 ID:???-438135413761
Police infiltrates, takes down DigitalStress DDoS-for-hire service
https://www.bleepingcomputer.com/news/security/police-infiltrates-takes-down-digitalstress-ddos-for-hire-service/
DDoS-for-hire service DigitalStress was taken down on July 2 in a joint law enforcement operation led by the United Kingdom's National Crime Agency (NCA).
Others involved in the booter service confirmed on the operation's Telegram channel that Skiop has been unreachable since July 2. They also warned against accessing the digitalstress[.]net because they believed it was a honeypot.
9 野に咲く名無し@転載禁止 2024/07/26 (金) 01:06:22.144 ID:???-814790326812
CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software
https://thehackernews.com/2024/07/cisa-warns-of-exploitable.html
The list of four vulnerabilities is listed below -
CVE-2024-4076 (CVSS score: 7.5) - Due to a logic error, lookups that triggered serving stale data and required lookups in local authoritative zone data could have resulted in an assertion failure
CVE-2024-1975 (CVSS score: 7.5) - Validating DNS messages signed using the SIG(0) protocol could cause excessive CPU load, leading to a denial-of-service condition.
CVE-2024-1737 (CVSS score: 7.5) - It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing
CVE-2024-0760 (CVSS score: 7.5) - A malicious DNS client that sent many queries over TCP but never read the responses could cause a server to respond slowly or not at all for other clients
10 野に咲く名無し@転載禁止 2024/07/26 (金) 01:08:46.999 ID:???-482223943732
🤔
New Chrome Feature Scans Password-Protected Files for Malicious Content
https://thehackernews.com/2024/07/new-chrome-feature-scans-password.html
In cases where such files are embedded within password-protected archives, users now have the option to "enter the file's password and send it along with the file to Safe Browsing so that the file can be opened and a deep scan may be performed."
11 野に咲く名無し@転載禁止 2024/07/26 (金) 01:09:39.971 ID:???-209495254606
Play Ransomware and LockBit Allegedly Created an Alliance
https://dailydarkweb.net/play-ransomware-and-lockbit-allegedly-created-an-alliance/
12 野に咲く名無し@転載禁止 2024/07/26 (金) 01:12:16.654 ID:???-529442613897
🫠
BreachForums Database Allegedly Leaked
https://dailydarkweb.net/breachforums-database-allegedly-leaked/
The alleged leak of the full BreachForum v1 database reportedly contains comprehensive records up to November 29, 2022. According to the claim, the database includes private messages, threads, payment logs, detailed IP logs for each user, and more.
According to the leak, some of the following data points are now available to the public:
・Username
・Password
・Email
・Birthday
・Date format and time zone
・Last IP
13 野に咲く名無し@転載禁止 2024/07/26 (金) 01:13:53.891 ID:???-802586438231
Open source distributed Platform as a Service (PaaS). A self-hosted Vercel / Netlify / Cloudflare alternative.
https://github.com/taubyte/tau
14 野に咲く名無し@転載禁止 2024/07/26 (金) 01:15:43.216 ID:???-174820180319
Announcing AES-GEM (AES with Galois Extended Mode)
https://blog.trailofbits.com/2024/07/12/announcing-aes-gem-aes-with-galois-extended-mode/
Security researchers have been sounding the alarm about AES-GCM’s weaknesses for years. Nineteen years ago, Niels Ferguson submitted a paper to a NIST project on block cipher modes outlining authentication weaknesses in AES-GCM (although NIST would ultimately standardize it). And earlier this year, Amazon published a paper that detailed practical challenges with AES-GCM and posited that AES’ 128-bit block size is no longer sufficient, preferring a 256-bit block cipher (i.e., Rijndael-256).
To address these issues, I propose a new block cipher mode called Galois Extended Mode (GEM for short), which I presented last month at the NIST workshop on the requirements for an accordion mode cipher. AES-GEM improves the security of GCM in every dimension with minimal performance overhead.
15 野に咲く名無し@転載禁止 2024/07/26 (金) 01:18:59.503 ID:???-920468062581
Good Smile Company was Allegedly Breached
https://dailydarkweb.net/good-smile-company-was-allegedly-breached/
A threat actor published a database on a dark web forum claiming that it belongs to Good Smile Company. Good Smile Company is a Japanese manufacturer of hobby products and scale figures. The alleged leak is 184,245 rows in total, and there is data from 76,474 unique users.
According to the forum post, the data is from 2024. The post also contains sample data from the leak, and the alleged data includes the following:
・Customer ID
・Customer Name
・E-Mail
・Nickname
・Customer Group
・Status
・IP
・Date Added
・Gender
・Login
・Type
・Address1
16 野に咲く名無し@転載禁止 2024/07/26 (金) 01:20:39.918 ID:???-671359707603
CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-193a
17 野に咲く名無し@転載禁止 2024/07/26 (金) 01:22:30.080 ID:???-484155751681
Indian Firm Linked to Fake DMCA Notices Silencing Journalists
https://hackread.com/fake-dmca-requests-threaten-investigative-journalism/
Is critical journalism under attack? A recent exposé reveals a disturbing trend: Companies, in this case, an Indian firm, using fake DMCA notices to silence investigative reports. Learn how “Delete Negative Links” schemes work!
19 野に咲く名無し@転載禁止 2024/07/26 (金) 01:24:21.608 ID:???-696991097127
Cybersecurity Firm KnowBe4 Tricked into Hiring North Korean Hacker as IT Pro
https://hackread.com/cybersecurity-firm-knowbe4-hire-north-korean-hacker/
The incident began when KnowBe4 hired a remote software engineer who cleared multiple rounds of interviews and background checks. Upon receiving a company-issued Mac, the device immediately began loading malware, triggering KnowBe4’s onboard security software.
An investigation, conducted in collaboration with the FBI and cybersecurity firm Mandiant, uncovered the shocking truth: the hired engineer was a North Korean national using a stolen US identity. The attacker’s profile picture was a convincing AI-generated image, further masking their true identity.
20 野に咲く名無し@転載禁止 2024/07/26 (金) 01:24:57.960 ID:???-360367694311
すまんこれなんのスレ?
21 野に咲く名無し@転載禁止 2024/07/26 (金) 01:25:19.347 ID:???-212065447073
タイ全裸の会社しか知らない😆
22 野に咲く名無し@転載禁止 2024/07/26 (金) 01:26:37.646 ID:???-336649909129
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
https://thehackernews.com/2024/07/north-korean-hackers-shift-from-cyber.html
"APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009," researchers Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, and Michael Barnhart said. "APT45 has been the most frequently observed targeting critical infrastructure."
It's worth mentioning that APT45, along with APT38 (aka BlueNoroff), APT43 (aka Kimsuky), and Lazarus Group (aka TEMP.Hermit), are elements within North Korea's Reconnaissance General Bureau (RGB), the nation's premier military intelligence organization.
26 野に咲く名無し@転載禁止 2024/07/26 (金) 01:30:43.263 ID:???-591903284096
Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking
https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html
The online crimes also have an offline aspect involving human trafficking wherein people are lured with the promise of high-paying jobs and are coerced into supporting sports betting schemes and promoting pig butchering scams and other cryptocurrency scams, according to the Asian Racing Federation (ARF).
27 野に咲く名無し@転載禁止 2024/07/26 (金) 01:33:49.934 ID:???-434502756582
>>26
Inside the 'living hell' of Cambodia's scam operations
https://www.france24.com/en/live-news/20221109-inside-the-living-hell-of-cambodia-s-scam-operations
Covid shutdowns had left the builder out of work, so when he heard he could earn $2,000 a month on a construction project in Cambodia, he jumped at the chance.
But he soon realised he had been lured by a scamming gang to a compound in the seaside resort of Sihanoukville, along with hundreds of others.
There he was forced to work 12 to 16 hour shifts, trawling social media and dating apps on a hunt for victims to scam out of huge sums.
28 野に咲く名無し@転載禁止 2024/07/26 (金) 01:35:26.992 ID:???-299619071485
>>27
詐欺で労働力としてのカモ引っ掛けて安価な労働力として使えない国への詐欺をやらせる😥
29 野に咲く名無し@転載禁止 2024/07/26 (金) 01:37:46.866 ID:???-988810788933
Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams
https://thehackernews.com/2024/07/meta-removes-63000-instagram-accounts.html
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams
Meta's actions come as INTERPOL said it conducted a global law enforcement operation referred to as Jackal III that targeted West African organized crime groups such as Black Axe, leading to scores of arrests and the seizure of $3 million in illegal assets, including cryptocurrencies and luxury items.
The effort, which took place between April 10 and July 3, 2024, spanned 21 countries and was orchestrated with an aim to dismantle transnational organized crime syndicates involved in cyber fraud, human trafficking, drug smuggling, and violent crimes both within Africa and globally.
30 野に咲く名無し@転載禁止 2024/07/26 (金) 01:39:12.749 ID:???-595377526568
‘The new normal’: work from home is here to stay, US data shows
https://www.theguardian.com/money/article/2024/jul/12/working-from-home-data
The most recent survey results, released at the end of June, show that the same percentage of employed people who did at least some remote work in 2023 is the same percentage as those who did remote work in 2022.
In other words, it’s the first stabilization in the data since before the pandemic, when only a small percentage of workers did remote work, and a sign that remote work is here to stay.
32 野に咲く名無し@転載禁止 2024/07/26 (金) 01:39:49.768 ID:???-317013777266
世界初、量子コンピュータを利用した屋外多数同時接続実験に成功
〜量子とデジタルをハイブリッドしたアルゴリズムの開発と実証〜
https://www.nict.go.jp/press/2024/07/25-1.html
33 野に咲く名無し@転載禁止 2024/07/26 (金) 01:41:28.879 ID:???-502608724281
水やり係がスレ立て
34 野に咲く名無し@転載禁止 2024/07/26 (金) 01:41:31.898 ID:???-805844925125
Anyone can Access Deleted and Private Repository Data on GitHub
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github
You can access data from deleted forks, deleted repositories and even private repositories on GitHub. And it is available forever. This is known by GitHub, and intentionally designed that way.
35 野に咲く名無し@転載禁止 2024/07/26 (金) 01:43:14.437 ID:???-537673997911
Phish-Friendly Domain Registry “.top” Put on Notice
https://krebsonsecurity.com/2024/07/phish-friendly-domain-registry-top-put-on-notice/
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”
Interisle’s newest study examined nearly two million phishing attacks in the last year, and found that phishing sites accounted for more than four percent of all new .top domains between May 2023 and April 2024. Interisle said .top has roughly 2.76 million domains in its stable, and that more than 117,000 of those were phishing sites in the past year.
36 野に咲く名無し@転載禁止 2024/07/26 (金) 01:45:43.728 ID:???-702418467500
🤑
140k US Credit Card Information is Allegedly For Sale
https://dailydarkweb.net/140k-us-credit-card-information-is-allegedly-for-sale/
According to the threat actor the quantity of the leak is 140,000 U.S. credit card (CC) numbers. It is claimed to be around 35% valid, meaning approximately 49,000 of these credit card numbers are asserted to be fully valid according to the dark web forum post.
37 野に咲く名無し@転載禁止 2024/07/26 (金) 01:51:10.021 ID:???-321544586005
IANA IPv6 Special-Purpose Address Registry
https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml
3fff::/20
Documentation [RFC-ietf-v6ops-rfc3849-update-05]
2024-07
38 野に咲く名無し@転載禁止 2024/07/26 (金) 01:52:22.740 ID:???-239450309205
A Practical Guide to PrintNightmare in 2024
https://itm4n.github.io/printnightmare-exploitation/
39 野に咲く名無し@転載禁止 2024/07/26 (金) 01:53:39.351 ID:???-149236799346
Hackers Abuse Cloudflare WARP To Hijack Cloud Services
https://cybersecuritynews.com/cloudflare-warp-hijack/
The primary advantage of utilizing Cloudflare WARP for an attacker is probably the increased anonymity it provides and the decreased suspicion surrounding traffic associated with Cloudflare.
“Attacks observed exclusively connect directly to IP addresses rather than Cloudflare’s CDN, with the attacker in control of the transport and application layers. As such, it is not possible to determine the IP of the attackers”, Cado Security researchers shared with Cyber Security News.
40 野に咲く名無し@転載禁止 2024/07/26 (金) 01:54:10.450 ID:???-769212797386
Privacy and DNS Client Subnet
https://www.potaroo.net/ispcol/2024-07/client-subnet.html
41 野に咲く名無し@転載禁止 2024/07/26 (金) 01:56:54.621 ID:???-632491652968
>>6
Third Party Cookies Must Be Removed
https://www.w3.org/2001/tag/doc/web-without-3p-cookies/
Third-party (AKA cross-site) cookies are harmful to the web, and must be removed from the web platform. This finding explains why they must be removed, and examines the challenges in removing them. We highlight some use cases that depend on third-party cookies and offer some examples of designed-for-purpose technologies that can replace them. Specification authors are expected to ensure they do not undermine the benefits of removing third-party cookies when proposing new web platform technologies.
42 野に咲く名無し@転載禁止 2024/07/26 (金) 02:06:37.829 ID:???-735703445703
Switzerland now requires all government software to be open source
https://www.zdnet.com/article/switzerland-now-requires-all-government-software-to-be-open-source/
43 野に咲く名無し@転載禁止 2024/07/26 (金) 02:07:35.265 ID:???-490132396109
いい話
44 野に咲く名無し@転載禁止 2024/07/26 (金) 02:08:11.564 ID:???-636563536235
泣いた😭
45 野に咲く名無し@転載禁止 2024/07/26 (金) 07:07:24.325 ID:???-474316518265
久しぶりに.mdスレみた
47 野に咲く名無し@転載禁止 2024/07/26 (金) 10:52:40.746 ID:???-387702935472
このスレどういう意味?