今週の気になるセキュリティニュース - Issue #50

#50・
Weekly newsletter of Masafumi Negishi
73

issues

Subscribe to our newsletter

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Weekly newsletter of Masafumi Negishi will receive your email address.

Weekly newsletter of Masafumi Negishi
Weekly newsletter of Masafumi Negishi
事件、事故
OpenSubtitles が昨年 8月に不正アクセスを受けていたことを報告
In August 2021 we received message on Telegram from a hacker, who showed us proof that he could gain access to the user table of opensubtitles.org, and downloaded a SQL dump from it.
He asked for a BTC ransom to not disclose this to public and promise to delete the data.
欧米の法執行機関の連携により、サイバー犯罪者に利用されていた VPN サービス事業者 VPNLab.net を摘発
This week, law enforcement authorities took action against the criminal misuse of VPN services as they targeted the users and infrastructure of VPNLab.net. The VPN provider’s service, which aimed to offer shielded communications and internet access, were being used in support of serious criminal acts such as ransomware deployment and other cybercrime activities. 
On 17 January, disruptive actions took place in a coordinated manner in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States and the United Kingdom. Law enforcement authorities have now seized or disrupted the 15 servers that hosted VPNLab.net’s service, rendering it no longer available. Led by the Central Criminal Office of the Hannover Police Department in Germany, the action took place under the EMPACT security framework objective Cybercrime - Attacks Against Information Systems.
ナイジェリアの法執行機関がビジネスメール詐欺 (BEC) の犯罪者グループを摘発
The Nigerian Police Force (NPF) has arrested 11 alleged members of a prolific cybercrime network as part of a national police operation coordinated with INTERPOL.
Arrested by officers of the NPF Cybercrime Police Unit and INTERPOL’s National Central Bureau (NCB) in Nigeria, many of the suspects are thought to be members of ‘SilverTerrier’, a network known for Business Email Compromise (BEC) scams which have harmed thousands of companies globally.
赤十字国際委員会 (ICRC) の委託先業者への不正アクセスにより、51万人余りの個人データが流出
The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention. The data originated from at least 60 Red Cross and Red Crescent National Societies around the world.
Crypto.com の複数のユーザへの不正アクセスがあり、およそ $34M 相当の暗号資産が流出
On 17 January 2022, Crypto.com learned that a small number of users had unauthorized crypto withdrawals on their accounts. Crypto.com promptly suspended withdrawals for all tokens to initiate an investigation and worked around the clock to address the issue. No customers experienced a loss of funds. In the majority of cases we prevented the unauthorized withdrawal, and in all other cases customers were fully reimbursed.
The incident affected 483 Crypto.com users. 
Unauthorised withdrawals totalled 4,836.26 ETH, 443.93 BTC and approximately US$66,200 in other cryptocurrencies.
攻撃、脅威
ウクライナ政府を攻撃する破壊型マルウェア WhisperGate について Microsoft などが報告
Today, we’re sharing that we’ve observed destructive malware in systems belonging to several Ukrainian government agencies and organizations that work closely with the Ukrainian government. The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable. We’re sharing this information to help others in the cybersecurity community look out for and defend against these attacks.
マルウェアが悪用するファイル共有サービスについて、デジタルアーツが報告
攻撃者は正規のファイル共有サービスを悪用してマルウェアを拡散しようとすることがあります。
URLhausに報告されたURL(※1)をもとに分類したところ、2021年の年末にかけては「Discord」と「OneDrive」の2サービスのURLが突出していました。
脆弱性
Safari 15 の IndexedDB API に脆弱性
In this article, we discuss a software bug introduced in Safari 15’s implementation of the IndexedDB API that lets any website track your internet activity and even reveal your identity.
その他
Did you enjoy this issue? Yes No
Weekly newsletter of Masafumi Negishi
Weekly newsletter of Masafumi Negishi

Security Researcher, IIJ-SECT, SANS Instructor in Japan, OWASP Japan Advisory Board, WASForum Hardening Project, 子供たちが安心して使える安全なネット社会を実現したいですね。

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.