ポッドキャスト収録用のメモですよ。
podcast - #セキュリティのアレ - ゆるーいセキュリティのポッドキャストですよ。
事件、事故
日本政府は OpenAI に対して著作権侵害となるような行為を行わないよう要請
(10/10) 城内内閣府特命担当大臣記者会見要旨 令和7年10月10日 - 内閣府
(10/10) 日本政府、OpenAIに「著作権侵害行為」を行わないよう要請 Sora 2での“アニメ風動画”問題を受け(1/2 ページ) - ITmedia NEWS
(10/4) Sora update #1 - Sam Altman
Vodafone で英国全土における大規模な障害が発生
(10/13) Vodafone is still 'recovering' following a major outage – here's what we know | TechRadar
(10/14) Vodafone says outage affecting thousands of customers resolved
At ~14:00 UTC, @VodafoneUK effectively dropped off the Internet, with traffic dropping to zero. No word from the provider on outage cause, and their network status checker page is currently unavailable.https://t.co/qFQgpTlpo9https://t.co/1HEi3CK9zbhttps://t.co/VkDHgM6Qiu pic.twitter.com/HDXlmnrdHS
— Cloudflare Radar (@CloudflareRadar) October 13, 2025
Vodafone UK traffic is beginning to recover at 16:04 UTC (5:04pm local). Outage lasted about two hours. https://t.co/7cD11Ev8Fu pic.twitter.com/2g6R2ffiGQ
— Doug Madory (also on Bluesky) (@DougMadory) October 13, 2025
米司法省がカンボジアを拠点とするプリンス・グループの会長を起訴し、約150億ドル相当の Bitcoin を差し押さえ
BROOKLYN, NY - An indictment was unsealed today in federal court in Brooklyn charging Chen Zhi, also known as “Vincent,” the founder and chairman of Prince Holding Group (Prince Group), a multinational business conglomerate based in Cambodia, with wire fraud conspiracy and money laundering conspiracy for directing Prince Group’s operation of forced-labor scam compounds across Cambodia. Individuals held against their will in the compounds engaged in cryptocurrency investment fraud schemes, known as “pig butchering” scams, that stole billions of dollars from victims in the United States and around the world. The defendant is at large.
The United States Attorney’s Office for the Eastern District of New York and the Department’s National Security Division also filed today a civil forfeiture complaint against approximately 127,271 bitcoin, currently worth approximately $15 billion, that are proceeds and instrumentalities of the defendant’s fraud and money laundering schemes, and were previously stored in unhosted cryptocurrency wallets whose private keys the defendant had in his possession. Those funds (the Defendant Cryptocurrency) are presently in the custody of the U.S. government. The complaint is the largest forfeiture action in the history of the Department of Justice.
(10/14) $15 billion seized by US originates from Iran/China bitcoin miner "theft"
F5 が長期間に渡り不正アクセスされていたと報告。BIG-IP のソースコードの一部と未公開の脆弱性情報などが持ち出されていた。CISA は緊急指令 ED 26-01 を発出
(10/15) F5 Security Incident
In August 2025, we learned a highly sophisticated nation-state threat actor maintained long-term, persistent access to, and downloaded files from, certain F5 systems. These systems included our BIG-IP product development environment and engineering knowledge management platforms. We have taken extensive actions to contain the threat actor. Since beginning these activities, we have not seen any new unauthorized activity, and we believe our containment efforts have been successful.
(10/15) Quarterly Security Notification (October 2025)
(10/15) ffiv-20251015
(10/15) ED 26-01: Mitigate Vulnerabilities in F5 Devices | CISA
(10/15) F5 says hackers stole undisclosed BIG-IP flaws, source code
攻撃、脅威
Microsoft Digital Defense Report 2025 が公開
(10/16) Extortion and ransomware drive over half of cyberattacks - Microsoft On the Issues
In 80% of the cyber incidents Microsoft’s security teams investigated last year, attackers sought to steal data—a trend driven more by financial gain than intelligence gathering. According to the latest Microsoft Digital Defense Report, written with our Chief Information Security Officer Igor Tsyganskiy, over half of cyberattacks with known motives were driven by extortion or ransomware. That’s at least 52% of incidents fueled by financial gain, while attacks focused solely on espionage made up just 4%. Nation-state threats remain a serious and persistent threat, but most of the immediate attacks organizations face today come from opportunistic criminals looking to make a profit.
(10/16) Microsoft Digital Defense Report 2025 | Microsoft
Mandiant が EtherHiding を悪用する 2つの攻撃活動について報告
(10/17) DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains | Google Cloud Blog
(10/17) New Group on the Block: UNC5142 Leverages EtherHiding to Distribute Malware | Google Cloud Blog
脆弱性
Microsoft が 2025年 10月の月例パッチを公開。すでに悪用が確認されている脆弱性を含む。
(10/14) 2025 年 10 月のセキュリティ更新プログラム (月例)
今月のセキュリティ更新プログラムで修正した脆弱性のうち、以下の脆弱性は更新プログラムが公開されるよりも前に悪用が行われていることや脆弱性の詳細が一般へ公開されていることを確認しています。お客様においては、更新プログラムの適用を早急に行ってください。脆弱性の詳細は、各 CVE のページを参照してください。 - CVE-2025-2884 Cert CC: CVE-2025-2884 TPM2.0 リファレンス実装における境界外読み取りの脆弱性 - CVE-2025-24052 Windows Agere モデム ドライバーの特権昇格の脆弱性 - CVE-2025-47827 MITRE CVE-2025-47827: IGEL OS 11 以前のセキュア ブート バイパス - CVE-2025-59230 Windows Remote Access Connection Manager の特権の昇格の脆弱性 - CVE-2025-24990 Windows Agere モデム ドライバーの特権昇格の脆弱性
(10/14) Zero Day Initiative — The October 2025 Security Update Review
CISA が Known Exploited Vulnerabilities (KEV) カタログに 5+1 個の脆弱性を追加
(10/14) CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2016-7836 SKYSEA Client View Improper Authentication Vulnerability
- CVE-2025-6264 Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
- CVE-2025-24990 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- CVE-2025-47827 IGEL OS Use of a Key Past its Expiration Date Vulnerability
- CVE-2025-59230 Microsoft Windows Improper Access Control Vulnerability
(10/15) CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- CVE-2025-54253 Adobe Experience Manager Forms Code Execution Vulnerability
その他
Windows 10 のサポートが終了
(10/14) Windows 10、Windows 8.1、Windows 7 のサポート終了 | Microsoft Windows
NCSC の Annual Review 2025 が公開
(10/14) NCSC Annual Review 2025 - NCSC.GOV.UK
ACSC の Annual Cyber Threat Report 2024-2025 が公開
(10/14) Annual Cyber Threat Report 2024-2025 | Cyber.gov.au
日本証券業協会が「インターネット取引における不正アクセス等防止に向けたガイドライン」を改正
(10/15) 「インターネット取引における不正アクセス等防止に向けたガイドライン」の改正について | パブリックコメントの募集の結果について | 日本証券業協会
