ポッドキャスト収録用のメモですよ。
podcast - #セキュリティのアレ - ゆるーいセキュリティのポッドキャストですよ。
事件、事故
警察庁とインドの共同捜査により、日本人を標的としたサポート詐欺の被疑者を検挙。JC3 と Microsofot 社が協力
(5/30) サポート詐欺被疑者の検挙に関するインド共和国との共同捜査について|警察庁Webサイト
(5/30) テクニカルサポート詐欺に対する JC3、株式会社ラック、マイクロソフト及び法執行機関の取組 | お知らせ | NEWS | 一般財団法人日本サイバー犯罪対策センター(JC3)
(5/29) インドの日本語学校生徒らが日本人狙いの「PCサポート詐欺」で摘発、不自然な発音で発覚 - 産経ニュース
(5/30) サポート詐欺疑いで6人逮捕 日印捜査、被害1億8千万円 | 共同通信
On May 28, 2025, India’s Central Bureau of Investigation (CBI), the country’s federal police service, executed raids at 19 locations across India to dismantle cyber-enabled financial fraud networks, including tech support fraud schemes. This operation, which disrupted a malicious enterprise impersonating Microsoft and targeting older adults in Japan, resulted in the arrest of six key operatives, the takedown of two illegal call centers, and the seizure of digital and physical infrastructure, such as computers, storage devices, digital video recorders, and phones.
(6/6) ラック、官民のサイバー対策組織と連携してサポート詐欺の被疑者検挙に貢献(2025年6月 6日)| 株式会社ラック
米司法省が BidenCash の関連ドメインを差し押さえ
The U.S. Attorney’s Office for the Eastern District of Virginia announced today the seizure of approximately 145 darknet and traditional internet domains, and cryptocurrency funds associated with the BidenCash marketplace. The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information.
(6/4) U.S. Government Seizes Approximately 145 Criminal Marketplace Domains | United States Secret Service
(6/4) BidenCash carding market domains seized in international operation
攻撃、脅威
CrowdStrike と Microsoft が攻撃者グループの命名に関して協力
(6/2) CrowdStrike and Microsoft Unite to Deconflict Cyber Threat Attribution
(6/3) How Microsoft names threat actors - Unified security operations | Microsoft Learn
CISA が Play ランサムウェアに関するアドバイザリを更新
(6/4) Updated Guidance on Play Ransomware | CISA
(6/4) #StopRansomware: Play Ransomware | CISA
Google が音声によるフィッシングのキャンペーン活動について報告
(6/5) The Cost of a Call: From Voice Phishing to Data Extortion | Google Cloud Blog
OpenAI が自社の AI モデルを悪用する活動について報告
(6/5) Disrupting malicious uses of AI: June 2025 | OpenAI
Cisco Talos がウクライナの重要インフラを狙う PathWiper マルウェアの活動について報告
(6/5) Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
脆弱性
CISA が Known Exploited Vulnerabilities (KEV) カタログに 5+3+1 個の脆弱性を追加
(6/2) CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability
- CVE-2023-39780 ASUS RT-AX55 Routers OS Command Injection Vulnerability
- CVE-2024-56145 Craft CMS Code Injection Vulnerability
- CVE-2025-3935 ConnectWise ScreenConnect Improper Authentication Vulnerability
- CVE-2025-35939 Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
(6/3) CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2025-21479 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
- CVE-2025-21480 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
- CVE-2025-27038 Qualcomm Multiple Chipsets Use-After-Free Vulnerability
(6/5) CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Google が Chrome のゼロデイ脆弱性を修正
(6/2) Chrome Releases: Stable Channel Update for Desktop
Google is aware that an exploit for CVE-2025-5419 exists in the wild.
Qualcomm 製の複数のチップセットに脆弱性。すでに悪用を確認
(6/2) Security Bulletins | Qualcomm Documentation
There are indications from Google Threat Analysis Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 may be under limited, targeted exploitation.
その他
X が新しいチャットサービスのベータ版を公開
(5/29) About Encrypted Direct Messages – DMs | X Help
(6/5) mjg59 | Twitter's new encrypted DMs aren't better than the old ones
Starting today we will be pausing the encrypted DMs feature while we work on making some improvements. You will still be able to access your encrypted DMs, but won't be able to send new ones.
— Engineering (@XEng) May 28, 2025
