A joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) has warned that the BlackMatter ransomware group has targeted “multiple” organizations deemed critical infrastructure, including two organizations in the U.S. food and agriculture sector. The agencies did not name did not name […]
日立グループ、2021年12月13日以降すべての送受信メールでPPAP利用廃止
日立グループは2021年12月13日から、送受信ともにパスワード付きZIPファイル(いわゆるPPAP)の利用を廃止すると発表した。その日付以降は、パスワード付きZIPファイルが添付されたメールを送受信した場合は、直接担当者などに届くこともなく、また送信もされることはない。代わりに配送を抑止したという通知がされるとしている(日立リリース)。
すべて読む
| セキュリティセクション
| セキュリティ
|
関連ストーリー:
原子力規制委、PP…
F12 isn’t hacking: Missouri governor threatens to prosecute local journalist for finding exposed state data
Missouri governor Mike Parson is facing a monumental backlash after threatening to prosecute a journalist for responsibly reporting a serious security lapse in the state’s website. Earlier this week, St. Louis Post-Dispatch journalist Josh Renaud reported that the website for the state’s Department of Elementary and Secondary Education (DESE) was exposing over 100,000 teachers’ Social Security […]
Spot AI emerges from stealth with $22M for a platform to draw out more intelligence from organizations’ basic security videos
Security cameras, for better or for worse, are part and parcel of how many businesses monitor spaces in the workplace for security or operational reasons. Now, a startup is coming out of stealth with funding for tech designed to make the video produced by those cameras more useful. Spot AI has built a software platform […]
US Govt Reveals Three More Ransomware Attacks on Water Treatment Plants This Year
Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA. From a report: The attacks — which h…
セキュリティにおける「ゼロトラスト」とは何か? その解釈を巡る混乱と、普及に向けた壁
次世代型セキュリティモデルとして注目されている「ゼロトラスト」の概念。“バズワード”としてもてはやされる反面、その解釈を巡る混乱も起きているのが現状だ。そして、ゼロトラストの真の意味と目的についての混同も、このコンセプトの実践を難しくしている。
…
Twitch takedown: Is extortion the new ransomware?
The nature of the Twitch attack and the shift toward extortion rather than demanding ransoms is serious and significant.
WhatsApp now lets users encrypt their chat backups in the cloud
WhatsApp is beginning to roll out a new feature that will provide its two billion users the option to encrypt their chat history backup in iCloud or Google Drive, patching a major loophole that has been exploited by governments to obtain and review private communication between individuals. WhatsApp has long encrypted chats between users on […]
How Coinbase Phishers Steal One-Time Passwords
An anonymous reader quotes a report from from Krebs on Security: A recent phishing campaign targeting Coinbase users shows thieves are getting smarter about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phi…
Some of Verizon’s Visible Cell Network Customers Say They’ve Been Hacked
Verizon’s Visible network has confirmed that some accounts were accessed without authorization. Visible is a cell service owned and operated by Verizon that “pitches itself as a less expensive, ‘all-digital’ network, meaning there aren’t any physical s…