今週の気になるセキュリティニュース - Issue #55

#55・
Weekly newsletter of Masafumi Negishi
73

issues

Subscribe to our newsletter

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Weekly newsletter of Masafumi Negishi will receive your email address.

Weekly newsletter of Masafumi Negishi
Weekly newsletter of Masafumi Negishi
ポッドキャスト収録用のメモですよ。(今週は収録なし)

事件、事故
OpenSea のユーザへのフィッシング攻撃により、17人のユーザから $1.7M 相当以上の NFT が盗難
OpenSea
Our team has been working around the clock to investigate the specific details of this phishing attack. While we haven’t yet determined the exact source, we wanted to share a couple of EOD updates:

🧵
ASUSTOR Japan
⚠️【緊急!!】ランサムウェアについて…⚠️

ASUSTORは今朝、ランサムウェア「DeadBolt」を受け、EZ-Connect、ASUSTOR EZ Sync、EZ-Connectサービスを一時的に停止し、原因解明に勤しんでおります。

ご利用のお客様には大変ご迷惑をおかけいたしております…今しばらく対応をお待ちください。 https://t.co/SYPZxASHdT
nekono_nanomotoni
約1ヶ月前にQNAP社製NASを標的に攻撃を仕掛けた #DeadBolt ランサムウェアが、次はASUSTOR社製NASを標的に暗号化を進めています。

活動開始から約1日が過ぎた現時点で、すでにWWで917台、国内で53台が暗号化されているようです(Shodanでの検索クエリは後述します)。 https://t.co/EYoyP3tT8H
Doug Madory
Here's a look back at today's simultaneous DDoS attacks against the websites of Ukraine's parliament, foreign ministry, and executive cabinet.
#UkraineRussiaCrisis
https://t.co/YVRNyyzxmh
https://t.co/eKupUAKRoo
https://t.co/8M0hmt6zPt https://t.co/68CBCXjqw3
Masafumi Negishi
昨日、ウクライナからの backscatter の増加を再び観測しました。政府機関ではありませんが、メディア、通信会社、銀行などが主なターゲットのようです。
(注:これらは実際に発生していると思われる DDoS 攻撃のうち、ごく一部を間接的に観測しているものです。) https://t.co/FKft930IiX
RT
Strong DDoS Cyberattack Targets RT

Editor-in-Chief Margarita Simonyan has confirmed the DDoS attack on the news agency.

RT has been able to repel the hit on their servers. https://t.co/qJbAPn8PXF
vx-underground
The Russian military website (https://t.co/h3n4oxn0ac) is returning HTTP error code 418 indicating the Russian Military is now a Teapot.

No, this is not a joke. https://t.co/At5vkNhray
Doug Madory
Now seeing DDoS attacks against Russian govt websites in possible retaliation to DDoS attacks against Ukrainian websites. #UkraineRussiaConflict

Among the RU targets, https://t.co/bvhrm8D6hb which is hosted by AS8291 (Russia State Internet Network). https://t.co/4vhbO8NCte
NetBlocks
⚠️ Confirmed: Multiple government websites in #Russia including the Kremlin and the State Duma have fallen offline; the incident comes amid a spate of cyberattacks targeting neighboring Ukraine 📉 https://t.co/K1pPQu7cHs
Anonymous
#Anonymous is currently involved in operations against the Russian Federation. Our operations are targeting the Russian government. There is an inevitability that the private sector will most likely be affected too. While this account cannot claim to speak for the whole (con)
Doug Madory
In addition to the DDoS attacks against Russian govt websites today, there were attempted DDoS attacks against the websites of major Russian banks as well.

Sberbank and Alfabank were targeted in consecutive DDoS attacks earlier today. #UkraineRussiaConflict https://t.co/FZVFT2lD3M
Masafumi Negishi
ウクライナだけでなく、ロシアからの backscatter の増加も観測しています。2/26 はロシアの政府機関からのパケットを多数観測しました。 https://t.co/nDt1wI3y2H
Anonymous TV 🇺🇦
JUST IN: #Anonymous takes down more than 300+ #Russian government, state media & banks websites in the last 48 hrs, with most of them currently offline. #OpRussia #FckPutin #FreeUkraine https://t.co/wfWB1M0jYI
Mykhailo Fedorov
We are creating an IT army. We need digital talents. All operational tasks will be given here: https://t.co/Ie4ESfxoSn. There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists.
攻撃、脅威
イランの攻撃者グループ MuddyWater の活動について、米CISA、FBI などが共同で注意喚起
ESET research
Breaking. #ESETResearch discovered a new data wiper malware used in Ukraine today. ESET telemetry shows that it was installed on hundreds of machines in the country. This follows the DDoS attacks against several Ukrainian websites earlier today 1/n
脆弱性
Zabbix に複数の脆弱性 (CVE-2022-23131, CVE-2022-23134)。悪用が確認されているとして、CISA は Known Exploited Vulnerabilities Catalog に追加。
その他
Did you enjoy this issue? Yes No
Weekly newsletter of Masafumi Negishi
Weekly newsletter of Masafumi Negishi

Security Researcher, IIJ-SECT, SANS Instructor in Japan, OWASP Japan Advisory Board, WASForum Hardening Project, 子供たちが安心して使える安全なネット社会を実現したいですね。

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.