サクサク読めて、
アプリ限定の機能も多数!
アプリで開く
●はてなブックマークって?
●アプリ・拡張の紹介
●ユーザー登録
●ログイン
●ログアウト
トップへ戻る
総合
●人気
●新着
●
IT
●
最新ガジェット
●
自然科学
●
経済・金融
●
おもしろ
●
マンガ
●
ゲーム
●
はてなブログ︵総合︶
一般
●人気
●新着
●
社会ニュース
●
地域
●
国際
●
天気
●
グルメ
●
映画・音楽
●
スポーツ
●
はてな匿名ダイアリー
世の中
●人気
●新着
●
新型コロナウイルス
●
働き方
●
生き方
●
地域
●
医療・ヘルス
●
教育
●
はてな匿名ダイアリー
政治と経済
●人気
●新着
●
政治
●
経済・金融
●
企業
●
仕事・就職
●
マーケット
●
国際
●
はてなブログ︵政治と経済︶
暮らし
●人気
●新着
●
カルチャー・ライフスタイル
●
ファッション
●
運動・エクササイズ
●
結婚・子育て
●
住まい
●
グルメ
●
お金
●
はてなブログ︵暮らし︶
●
掃除・整理整頓
●
雑貨
●
買ってよかったもの
●
旅行
●
アウトドア
●
趣味
学び
●人気
●新着
●
人文科学
●
社会科学
●
自然科学
●
語学
●
ビジネス・経営学
●
デザイン
●
法律
●
本・書評
●
将棋・囲碁
●
はてなブログ︵学び︶
テクノロジー
●人気
●新着
●
IT
●
セキュリティ技術
●
はてなブログ︵テクノロジー︶
●
AI・機械学習
●
プログラミング
●
エンジニア
おもしろ
●人気
●新着
●
まとめ
●
ネタ
●
おもしろ
●
これはすごい
●
かわいい
●
雑学
●
癒やし
エンタメ
●人気
●新着
●
スポーツ
●
映画
●
音楽
●
アイドル
●
芸能
●
お笑い
●
サッカー
●
話題の動画
アニメとゲーム
●人気
●新着
●
マンガ
●
Webマンガ
●
ゲーム
●
任天堂
●
PlayStation
●
アニメ
●
バーチャルYouTuber
●
オタクカルチャー
●
おすすめ
買ってよかったもの
﹃BleepingComputer.com - News, Reviews, and Technical Support﹄
●
人気
●
新着
●
すべて
10users
www.bleepingcomputer.com
HomeNewsSecurityHackers abused API to verify millions of Authy MFA phone numbers Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. Authy is a mobile app that generates multi-factor authentication codes at websites w
●
テクノロジー
●2024/07/04 13:54
●Security
●あとで読む
5users
www.bleepingcomputer.com
HomeNewsSecurityMalicious VSCode extensions with millions of installs discovered A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme to include risky code. Further research into the VSCode Marketplace found thousands of extensions with millions of insta
●
テクノロジー
●2024/06/10 03:14
●security
3users
www.bleepingcomputer.com
HomeNewsSecurityNSA warns of North Korean hackers exploiting weak DMARC email policies The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. Together with the U.S. State Department, the two agencies cautioned that the attackers abuse misconfigured DMARC
●
テクノロジー
●2024/05/05 16:39
●あとで読む
5users
www.bleepingcomputer.com
Japanese police placed fake payment cards in convenience stores to protect the elderly targeted by tech support scams or unpaid money fraud. The cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card," and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism. Their purpose is to warn elder victims seeking payment card
●
テクノロジー
●2024/04/28 10:23
●security
16users
www.bleepingcomputer.com
HomeNewsMicrosoftMicrosoft says Russian hackers breached its systems, accessed source code Microsoft says Russian hackers breached its systems, accessed source code Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack. In January, Microsoft disclosed
●
テクノロジー
●2024/03/09 02:07
●Microsoft
●セキュリティ
●security
●あとで読む
3users
www.bleepingcomputer.com
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system. The threat actor first gained access to Cloudflare's self-hosted Atlassian server on November 14 and then accessed the company's Confluence and Jira systems following a reconnaissance stag
●
テクノロジー
●2024/02/02 08:27
●あとで読む
3users
www.bleepingcomputer.com
HomeNewsSecurityIsrael warns of BiBi wiper attacks targeting Linux and Windows Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems. Over the weekend, Israel's CERT published an alert with rules that could help organizations identify or prevent the threat actors' activi
●
テクノロジー
●2023/11/14 08:05
●techfeed
●Linux
●あとで読む
9users
www.bleepingcomputer.com
1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to its Okta ID management tenant. "We detected suspicious activity on our Okta instance related to their Support System incident. After a thorough investigation, we concluded that no 1Password user data was accessed," reads a very brief security incident notif
●
テクノロジー
●2023/10/24 09:32
●security
●あとで読む
3users
www.bleepingcomputer.com
HomeNewsSecurityOkta says its support system was breached using stolen credentials Update October 20, 16:15 EDT: Added BeyondTrust incident details. Update October 20, 18:59 EDT: Added Cloudflare incident details. Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials. "The threat
●
テクノロジー
●2023/10/21 21:17
●security
3users
www.bleepingcomputer.com
HomeNewsSecurityEvilProxy uses indeed.com open redirect for Microsoft 365 phishing A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from the Indeed employment website for job listings. The threat actor is using the EvilProxy phishing service that can collect session cookies, which can be used to bypas
●
テクノロジー
●2023/10/04 14:23
●Microsoft
●セキュリティ
●security
●あとで読む
3users
www.bleepingcomputer.com
A new Linux vulnerability, known as 'Looney Tunables' and tracked as CVE-2023-4911, enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader. The GNU C Library (glibc) is the GNU system's C library and is in most Linux kernel-based systems. It provides essential functionality, including system calls like open, malloc, prin
●
テクノロジー
●2023/10/04 13:42
●techfeed
●Linux
34users
www.bleepingcomputer.com
A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. The campaign started on September 12, 2023, and was first discovered by Sonatype, whose analysts unearthed 14 malicious packages on npm. Phylum reports that after a brief operational hiatus on September 16 and 17, the attack has resumed and expanded to the
●
テクノロジー
●2023/09/29 08:27
●ssh
●npm
●python
●security
●あとで読む
●data
3users
www.bleepingcomputer.com
HomeNewsSecuritySignal adds quantum-resistant encryption to its E2EE messaging protocol Signal has announced that it upgraded its end-to-end communication protocol to use quantum-resistant encryption keys to protect users from future attacks. Quantum computers that use qubits (superpositions of 0 and 1) have the potential to be much more powerful and faster than current systems, allowing them to p
●
テクノロジー
●2023/09/21 08:19
●セキュリティ
3users
www.bleepingcomputer.com
HomeNewsSecurityHackers exploit critical Juniper RCE bug chain after PoC release Hackers are using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface. Successful exploitation enables unauthenticated attackers to remotely execute code on unpatched devices. "With a specific request that doesn't require authentication an a
●
テクノロジー
●2023/08/30 07:58
●セキュリティ
●security
3users
www.bleepingcomputer.com
HomeNewsSecurityScraped data of 2.6 million Duolingo users released on hacking forum The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information. Duolingo is one of the largest language learning sites in the world, with over 74 million monthly users worldwide. In January 2023, someone was se
●
テクノロジー
●2023/08/23 20:44
●security
3users
www.bleepingcomputer.com
HomeNewsSecurityMillions of GitHub repos likely vulnerable to RepoJacking, researchers say Millions of GitHub repos likely vulnerable to RepoJacking, researchers say Millions of GitHub repositories may be vulnerable to dependency repository hijacking, also known as "RepoJacking," which could help attackers deploy supply chain attacks impacting a large number of users. The warning comes from AquaSe
●
テクノロジー
●2023/06/23 09:23
4users
www.bleepingcomputer.com
HomeNewsSecurityFortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an undisclosed, critical pre-authentication remo
●
テクノロジー
●2023/06/12 06:55
●セキュリティ
●security
8users
www.bleepingcomputer.com
HomeNewsSecurityMalicious Microsoft VSCode extensions steal passwords, open remote shells Malicious Microsoft VSCode extensions steal passwords, open remote shells Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times. According to Check Point, whose analysts discovered the malicious
●
テクノロジー
●2023/05/18 10:07
●security
●あとで読む
3users
www.bleepingcomputer.com
Cybersecurity researchers and IT admins have raised concerns over Google's new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery. Earlier this month, Google introduced eight new top-level domains (TLD) that could be purchased for hosting websites or email addresses. The new domains are .dad, .esq, .prof, .phd, .nexus, .foo, and for th
●
テクノロジー
●2023/05/17 10:08
3users
www.bleepingcomputer.com
The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS. The new ransomware encryptors were discovered by cybersecurity researcher MalwareHunterTeam who found a ZIP archive on VirusTotal that contained what appears to be most of the available LockBit encryptors. Historically, the Lo
●
テクノロジー
●2023/04/17 04:34
3users
www.bleepingcomputer.com
HomeNewsSecurityNew MacStealer macOS malware steals passwords from iCloud Keychain A new info-stealing malware named MacStealer is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers, cryptocurrency wallets, and potentially sensitive files. MacStealer is being distributed as a malware-as-a-service (MaaS), where the developer sells premade builds for $100,
●
テクノロジー
●2023/03/28 02:22
4users
www.bleepingcomputer.com
HomeNewsMicrosoftWindows 11 Snipping Tool privacy bug exposes cropped image content A severe privacy flaw named 'acropalypse' has also been found to affect the Windows Snipping Tool, allowing people to partially recover content that was edited out of an image. Last week, security researchers David Buchanan and Simon Aarons discovered that a bug in Google Pixel's Markup Tool caused the original ima
●
テクノロジー
●2023/03/22 09:46
4users
www.bleepingcomputer.com
HomeNewsSecurityHow to prevent Microsoft OneNote files from infecting Windows with malware The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach corporate networks. Here's how to block malicious OneNote phishing attachments from infecting Windows. To give a little background on how we got to Microsoft OneNote files becoming the
●
テクノロジー
●2023/03/06 06:47
3users
www.bleepingcomputer.com
The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access or overwrite sensitive data, such as cryptographic keys. TPM is a hardware-based technology that provides operating systems with tamper-resistant secure cryptographic functions. It can be used to store cryptographic keys, passwords, and other critical data, ma
●
テクノロジー
●2023/03/05 19:14
6users
www.bleepingcomputer.com
HomeNewsSecurityLastPass: DevOps engineer hacked to steal password vault data in 2022 breach LastPass revealed more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months. LastPass disclosed a breach in December where threat actors stole partially encrypted password vault data and customer information
●
テクノロジー
●2023/02/28 11:13
3users
www.bleepingcomputer.com
In our tests, the phishing page will accept credentials and, once submitted, redirect users to the legitimate Bitwarden login page. However, our initial tests used fake credentials, and the page was shut down by the time we began testing with actual Bitwarden test login credentials. Therefore, we were unable to see if the phishing page would also attempt to steal MFA-backed session cookies (authen
●
テクノロジー
●2023/01/28 00:05
●security
5users
www.bleepingcomputer.com
HomeNewsSecurityHackers now use Microsoft OneNote attachments to spread malware Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. This comes after attackers have been distributing malware in emails using malicious Word and Excel attachments that l
●
テクノロジー
●2023/01/22 11:08
4users
www.bleepingcomputer.com
HomeNewsSecurityAuth0 fixes RCE flaw in JsonWebToken library used by 22,000 projects Update 1/31/23: Auth0 has withdrawn their security advisory on the JsonWebToken poisoning attack disclosed by Palo Alto Networks earlier this month. "After review and validation of community feedback regarding the viability of exploitation, it was determined that due to the multiple prerequisites required for succ
●
テクノロジー
●2023/01/10 22:58
●脆弱性
57users
www.bleepingcomputer.com
HomeNewsSecuritySlack's private GitHub code repositories stolen over holidays Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at workplaces and digital communities around the world. Customer data is not affected BleepingComputer has come across a secur
●
テクノロジー
●2023/01/05 19:01
●slack
●security
●あとで読む
●セキュリティ
●tech
●ネット
●programming
●仕事
●ニュース
次のページ
このページはまだ
ブックマークされていません
このページを最初にブックマークしてみませんか?
﹃BleepingComputer.com - News, Reviews, and Technical Support﹄の新着エントリーを見る
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
●総合
●一般
●世の中
●政治と経済
●暮らし
●学び
●テクノロジー
●エンタメ
●アニメとゲーム
●おもしろ
●アプリ・拡張機能
●開発ブログ
●ヘルプ
●お問い合わせ
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●公式アカウント
●ホットエントリー
●はてなブログ
●はてなブログPro
●人力検索はてな
●はてなブログ タグ
●はてなニュース
●ソレドコ
Copyright © 2005-2024 Hatena. All Rights Reserved.
設定を変更しましたx