Advertisement · 728 × 90

Posts by piyokango

Preview
Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity The deal aims to accelerate AI adoption, train workers, and develop cybersecurity partnerships — the latest move by a hyperscaler to compete in the region.

マイクロソフト、日本のAIとサイバーセキュリティ強化に100億ドルを投資
#CybersecurityNews
www.darkreading.com/cloud-securi...

6 days ago 2 0 0 0

Booking .comの新たなデータ漏洩により、予約PINのリセットが必要に
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

6 days ago 2 1 0 0
Preview
OpenAI rotates macOS certs after Axios attack hit code-signing workflow OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack.

OpenAIは、Axios攻撃によってコード署名ワークフローが影響を受けたことを受け、macOSの証明書をローテーションした
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

6 days ago 4 1 0 0
Preview
Introducing a new spam policy for "back button hijacking"  |  Google Search Central Blog  |  Google for Developers

「戻るボタンの乗っ取り」に関する新たなスパム対策ポリシーを導入します
#CybersecurityNews
developers.google.com/search/blog/...

6 days ago 4 1 0 0
Preview
Over 100 Chrome Web Store extensions steal user accounts, data More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud.

100以上のChromeウェブストア拡張機能がユーザーアカウントとデータを盗む
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

6 days ago 1 1 0 0
Preview
Microsoft drops its second-largest monthly batch of defects on record The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information.

Microsoft、過去2番目に多い月間不具合報告数を発表
#CybersecurityNews
cyberscoop.com/microsoft-pa...

6 days ago 2 1 0 0
Preview
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses Stopping EDR killers, which employ bring-your-own-vulnerable-driver (BYOVD) attack techniques, is difficult, but not impossible.

EDRキラーのエコシステム拡大には、より強力なBYOD(Bring Your Own Device:私物端末向けウイルス対策)防御策が必要
#CybersecurityNews
www.darkreading.com/vulnerabilit...

6 days ago 2 1 0 0
Preview
AI Companies To Play Bigger Role in CVE Program, Says CISA Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future

CISA、AI企業はCVEプログラムにおいてより大きな役割を果たすと言及
#CybersecurityNews
www.infosecurity-magazine.com/news/ai-comp...

6 days ago 2 0 0 0
Preview
Signed Adware Operation Disables Antivirus Across 23,000 Hosts Huntress uncovers adware deploying AV-killing payloads via signed updates across 23,000 endpoints

署名付きアドウェアが23,000台のホストでアンチウイルスソフトを無効化
#CybersecurityNews
www.infosecurity-magazine.com/news/dragon-...

6 days ago 2 0 0 0
Advertisement
Preview
OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing

OpenAIがAIによるサイバー防御強化のためのGPT-5.4-Cyber​​を発表
#CybersecurityNews
www.infosecurity-magazine.com/news/openai-...

6 days ago 1 0 0 0

Claude、ActiveMQに存在する13年前のリモートコード実行の脆弱性をわずか数分で発見
#CybersecurityNews
www.freebuf.com/articles/ai-...

1 week ago 3 0 0 0
Preview
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack | Google Cloud Blog A North Korea-nexus threat actor targeted the popular axios NPM package in a massive supply chain attack.

北朝鮮関連の脅威アクターが、サプライチェーン攻撃で広く利用されているAxios NPMパッケージを侵害
#CybersecurityNews
cloud.google.com/blog/topics/...

1 week ago 1 0 0 0
Preview
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.

ハッカーがClaude CodeとGPT-4.1を使用して数億件のメキシコの記録を流出
#CybersecurityNews
hackread.com/hacker-claud...

1 week ago 2 0 0 0
Preview
ClickFix Malware Uses macOS Script Editor to Deliver Atomic Stealer Threat Labs Jamf Threat Labs uncovers a ClickFix-style attack that bypasses Terminal by exploiting macOS Script Editor via the applescript:// URL scheme to deliver an Atomic Stealer variant. Learn how it works.

ClickFix、macOS上でターミナルではなくスクリプトエディタを使用
#CybersecurityNews
www.jamf.com/blog/clickfi...

1 week ago 2 1 0 0
Preview
FBI Dismantles $20m Phishing Operation W3LL The W3LL phishing kit has been associated with fraud attempts totaling $20m

FBIが2000万ドル規模のフィッシング詐欺組織W3LLを摘発
#CybersecurityNews
www.infosecurity-magazine.com/news/fbi-dis...

1 week ago 1 0 0 0
Preview
OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.

OpenSSF、Linux Foundationの関係者を装ったSlack上のマルウェアキャンペーンを警告
#CybersecurityNews
hackread.com/openssf-malw...

1 week ago 1 0 0 0
Preview
WebinarTV Secretly Scraped Zoom Meetings of Anonymous Recovery Programs WebinarTV scraped and shared 12 steps-based anonymous meetings for people recovering from addiction and other private support groups.

WebinarTVは匿名回復プログラムのZoomミーティングを密かに収集していた
#CybersecurityNews
www.404media.co/webinartv-se...

1 week ago 2 0 0 0
Preview
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads The CPUID website was recently hacked and altered to deliver malicious versions of CPU-Z, HWMonitor, and PerfMonitor.

PCハードウェアコミュニティで人気の高いCPUIDウェブサイトが最近ハッキングされ、CPU-Z、HWMonitor、PerfMonitorの悪意のあるバージョンを配信するように改ざん
#CybersecurityNews
www.securityweek.com/cpuid-hacked...

1 week ago 2 0 0 0
Advertisement

Booking .comは、予約データが不正アクセス者に渡った可能性があると警告
#CybersecurityNews
www.theregister.com/2026/04/13/b...

1 week ago 2 0 0 0
Preview
A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data | CNN A hacker has allegedly stolen a massive trove of sensitive data – including highly classified defense documents and missile schematics – from a state-run Chinese supercomputer in what could potentially constitute the largest known heist of data from China.

あるハッカーが中国のスーパーコンピューターの一つに侵入し、盗んだ大量のデータを売りさばこうとしていると報道
#CybersecurityNews

edition.cnn.com/2026/04/08/c...

1 week ago 1 0 0 0
Preview
Ex-Meta worker investigated for downloading private Facebook photos The former employee was fired from Meta after being suspected of downloading 30,000 photos, the company said.

元Meta社員が3万枚のプライベートなFacebook写真をダウンロードした疑いで捜査対象に
#CybersecurityNews
www.bbc.com/news/article...

1 week ago 4 0 0 0
Preview
Russia's 'Fancy Bear' APT Continues Its Global Onslaught Victims don't need to match the cybercrime group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.

ロシアの「Fancy bear」 APTが世界規模での攻撃を継続
#CybersecurityNews
www.darkreading.com/threat-intel...

1 week ago 2 1 0 0
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs Censys researchers warned that thousands of devices are exposed to the Iranian government’s campaign targeting energy, water, and U.S. government services and facilities.

イランによる米国の重要インフラへの攻撃で、3900台の機器が標的に
#CybersecurityNews
cyberscoop.com/iran-attacke...

1 week ago 1 0 0 0
New VENOM phishing attacks steal senior executives' Microsoft logins Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials of C-suite executives across multiple industries.

新たなVENOMフィッシング攻撃により、上級幹部のMicrosoftアカウント情報が盗まれる
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

1 week ago 2 1 0 0
OtterCookie Expands Targeting to AI Coding Tools Malicious npm packages spoofing Gemini and popular JavaScript libraries deliver OtterCookie, targeting software developers

OtterCookieがAIコーディングツールへのターゲティングを拡大:トロイの木馬化されたnpmキャンペーンの分析
#CybersecurityNews
cyberandramen.net/2026/04/04/o...

1 week ago 1 0 0 0

国家ラジオテレビ総局は、「AI加工コンテンツ」に関連する2万3000本以上の違法動画を削除
#CybersecurityNews
www.toutiao.com/article/7626...

1 week ago 1 0 0 0
Advertisement
中央网信办召开全国网络法治工作会议_中央网络安全和信息化委员会办公室

中国国家インターネット情報弁公室は、サイバー法治に関する全国会議を開催
#CybersecurityNews
www.cac.gov.cn/2026-04/08/c...

1 week ago 1 0 0 0
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026 Discover how TrendAI Vision One™ empowers government agencies and educational institutions with advanced visibility, intelligence, and automation to stay ahead of evolving public sector threats.

米国公共部門が危機に瀕する:2026年第1四半期の脅威インテリジェンス
#CybersecurityNews
www.trendmicro.com/en_us/resear...

1 week ago 1 0 0 0
New ClickFix Campaign Unveiled: Modular NodeJS Malware Targets Windows Users Netskope uncovers a Node.js-based ClickFix campaign using gRPC over Tor for stealthy crypto theft. A leaked file exposed their entire MaaS backend.

ClickFixの新たなキャンペーンが明らかに:モジュール型NodeJSマルウェアがWindowsユーザーを標的に
#CybersecurityNews
securityonline.info/clickfix-nod...

1 week ago 2 0 0 0
Google Rolls Out Cookie Theft Protections in Chrome Google’s Device Bound Session Credentials in Chrome protect against session cookie theft by binding authentication to the device.

GoogleがChromeでCookie盗難防止機能を展開
#CybersecurityNews
www.securityweek.com/google-rolls...

1 week ago 1 0 0 0