banner
LightNews LightNews
kitafox.bsky.social
キタきつね
@kitafox.bsky.social
81 followers 6 following 11K posts
都内某企業セキュリティコンサル(専門PCI DSS)。セキュリティと生成AI記事をウォッチ中。Working as a security consultant(PCI DSS etc) at Tokyo. I'm focusing on security, and Generative AI news. https://x.com/foxbook https://foxsecurity.hatenablog.com/
x.com
Posts Media Videos Starter Packs
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
第3四半期に2,300万人以上がデータ侵害の被害に遭う

Over 23 Million Victims Hit by Data Breaches in Q3 #InfosecurityMagazine (Oct 16)

www.infosecurity-magazine.com/news/over-23...
Over 23 Million Victims Hit by Data Breaches in Q3
Data from the Identity Theft Resource Center reveals 23 million individuals victimized by breaches in Q3 2025
www.infosecurity-magazine.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
マイクロソフトが毎日100兆の信号を処理、AI攻撃が急増

AI Attacks Surge as Microsoft Process 100 Trillion Signals Daily #InfosecurityMagazine (Oct 16)

www.infosecurity-magazine.com/news/microso...
AI Attacks Surge as Microsoft Process 100 Trillion Signals Daily
Microsoft systems analyze over 100 trillion daily signals, suggesting dramatically increasing AI-driven cyber-threats
www.infosecurity-magazine.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
新たなルートキット攻撃、CiscoのSNMPの脆弱性を悪用して永続性を獲得

New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence #InfosecurityMagazine (Oct 17)

www.infosecurity-magazine.com/news/rootkit...
New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence
Trend Micro have reported a campaign exploiting a flaw in Cisco SNMP to install Linux rootkits on devices
www.infosecurity-magazine.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
マイクロソフト、Windows 11 PCにCopilot音声起動機能を追加

Microsoft adds Copilot voice activation on Windows 11 PCs #BleepingComputer (Oct 16)

www.bleepingcomputer.com/news/securit...
Microsoft adds Copilot voice activation on Windows 11 PCs
Microsoft says Windows 11 users can now start a conversation with the AI-powered Copilot digital assistant by saying the "Hey Copilot" wake word.
www.bleepingcomputer.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
北朝鮮のハッカーはEtherHidingを使ってブロックチェーン上にマルウェアを隠蔽している

North Korean hackers use EtherHiding to hide malware on the blockchain #BleepingComputer (Oct 16)

www.bleepingcomputer.com/news/securit...
North Korean hackers use EtherHiding to hide malware on the blockchain
North Korean hackers were observed employing the 'EtherHiding' tactic to deliver malware, steal cryptocurrency, and perform espionage with stealth and resilience.
www.bleepingcomputer.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
マイクロソフト、エージェント型AI駆動型Windowsタスク向けCopilot Actionsを発表

Microsoft debuts Copilot Actions for agentic AI-driven Windows tasks #BleepingComputer (Oct 16)

www.bleepingcomputer.com/news/microso...
Microsoft debuts Copilot Actions for agentic AI-driven Windows tasks
Microsoft announced today a new Windows 11 Copilot feature called Copilot Actions that enables AI agents to perform real tasks on local files and applications.
www.bleepingcomputer.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
F5による国家間の妥協:戦略的影響と企業防衛義務

The F5 Nation-State Compromise: Strategic Implications and Enterprise Defense Mandates #SecurityBoulevard (Oct 16)

securityboulevard.com/2025/10/the-...
The F5 Nation-State Compromise: Strategic Implications and Enterprise Defense Mandates
On October 15, 2025, F5 Networks, a key player in application delivery and security, disclosed a devastating breach that has sent ripples through the cybersecurity community. Dubbed the F5…
securityboulevard.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
開発者を仕事に戻しましょう

Get Your Developers Back to Work #SecurityBoulevard (Oct 16)

securityboulevard.com/2025/10/get-...
Get Your Developers Back to Work
Unused and dead code and Java vulnerabilities are making hard to get developers back to work. But there are ways. The post Get Your Developers Back to Work appeared first on Azul | Better Java…
securityboulevard.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 1d
北朝鮮のハッカーがブロックチェーンを使って暗号窃盗マルウェアを隠蔽していることが判明

North Korean hackers seen using blockchain to hide crypto-stealing malware #TheRecord (Oct 17)

therecord.media/north-korean...
North Korean hackers seen using blockchain to hide crypto-stealing malware
Google security researchers said they observed a Pyongyang-backed hacking group, tracked as UNC5342, deploying a method known as EtherHiding — a way of embedding malicious code inside smart contracts…
therecord.media
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
マイクロソフトは、主に盗まれたパスワードによる個人情報ハッキングが32%増加すると警告している

Microsoft warns of a 32% surge in identity hacks, mainly driven by stolen passwords #TheRecord (Oct 17)

therecord.media/microsoft-wa...
Microsoft warns of a 32% surge in identity hacks, mainly driven by stolen passwords
Hackers are also increasingly turning to other methods to obtain credentials. Microsoft tracked surges in the use of infostealer malware by criminals and an increase of IT scams where cybercriminals…
therecord.media
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
顔認識技術が出会い系アプリを新たな監視の場に変える

Facial recognition turns dating apps into a new surveillance front #BiometricUpdate (Oct 16)

www.biometricupdate.com/202510/facia...
Facial recognition turns dating apps into a new surveillance front | Biometric Update
Platforms like Cheaterbuster and CheatEye claim they can uncover a person’s Tinder profile - and their neighborhood - using nothing more than a single photo.
www.biometricupdate.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
ディープフェイクとソーシャルエンジニアリングが詐欺の強力な秘薬となる:リアリティ・ディフェンダー

Deepfakes, social engineering create potent elixir for fraud: Reality Defender #BiometricUpdate (Oct 16)

www.biometricupdate.com/202510/deepf...
Deepfakes, social engineering create potent elixir for fraud: Reality Defender | Biometric Update
The deepfakes panel covers macro trends, threats to law enforcement and government, a technical breakdown of the threats and practical solutions.
www.biometricupdate.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
信頼されたAI接続が敵対的になったとき

When trusted AI connections turn hostile #HelpNetSecurity (Oct 16)

www.helpnetsecurity.com/2025/10/16/r...
When trusted AI connections turn hostile - Help Net Security
Malicious MCP server attacks can hijack AI systems, evade scanners, and expose sensitive data, researchers warn in a new cybersecurity study.
www.helpnetsecurity.com
1
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
リスクの高い候補者の特定: セキュリティリーダーのための実践的な手順

Identifying risky candidates: Practical steps for security leaders #HelpNetSecurity (Oct 16)

www.helpnetsecurity.com/2025/10/16/f...
Identifying risky candidates: Practical steps for security leaders - Help Net Security
Fraudulent candidate identification strengthens insider threat defense through better vetting, digital risk checks, and HR collaboration.
www.helpnetsecurity.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
誰もがAIを望んでいるが、それを擁護する準備ができている人はほとんどいない

Everyone wants AI, but few are ready to defend it #HelpNetSecurity (Oct 16)

www.helpnetsecurity.com/2025/10/16/c...
Everyone wants AI, but few are ready to defend it - Help Net Security
Enterprises race to deploy AI, but rising AI infrastructure debt exposes major security and readiness gaps across industries.
www.helpnetsecurity.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
ヒューマノイドロボットがBluetoothハッキングの脆弱性を発見、中国にデータ漏洩

Humanoid robot found vulnerable to Bluetooth hack, data leaks to China #HelpNetSecurity (Oct 16)

www.helpnetsecurity.com/2025/10/16/u...
Humanoid robot found vulnerable to Bluetooth hack, data leaks to China - Help Net Security
A vulnerability in the Unitree G1 humanoid robot allows attackers to spy, steal data, and launch attacks via Bluetooth.
www.helpnetsecurity.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
サイバー攻撃者がLastPassや主要パスワードマネージャーを標的に

Cyberattackers Target LastPass, Top Password Managers #DarkReading (Oct 17)

www.darkreading.com/cyberattacks...
Cyberattackers Target LastPass, Top Password Managers
Be aware: a rash of phishing campaigns are leveraging the anxiety and trust employees have in password vaults securing all of their credentials.
www.darkreading.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
解決したふりをし続けるパスワード問題

The password problem we keep pretending to fix #HelpNetSecurity (Oct 16)

www.helpnetsecurity.com/2025/10/16/r...
The password problem we keep pretending to fix - Help Net Security
Experts warn that identity-related breaches continue to rise as weak passwords, help desk risks, and slow zero trust progress persist.
www.helpnetsecurity.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
中国のハッカーが台湾でAI最適化攻撃チェーンをテスト

China Hackers Test AI-Optimized Attack Chains in Taiwan #DarkReading (Oct 17)

www.darkreading.com/threat-intel...
China Hackers Test AI-Optimized Attack Chains in Taiwan
AI might help some threat actors in certain respects, but one group is proving that its use for cyberattacks has its limits.
www.darkreading.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
脆弱性スコアって、何の役に立つの?ほとんど役に立たない

Vulnerability scores, huh, what are they good for? Almost nothing #Register (Oct 16)

www.theregister.com/2025/10/16/c...
CVE, CVSS scores need overhauling, argues Codific CEO
: CVE and CVSS systems suffer from misaligned incentives and inconsistency
www.theregister.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
中国のサイバースパイがロシアのIT企業を盗聴、東から東への珍しい攻撃

Chinese cyberspies snoop on Russian IT biz in rare east-on-east attack #Register (Oct 16)

www.theregister.com/2025/10/16/c...
Chinese cyberspies compromised Russian tech provider
: Who needs enemies when you have friends like Xi?
www.theregister.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
北朝鮮のハッカーはイーサハイディングを利用してブロックチェーンのスマートコントラクト内にマルウェアを隠蔽している

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts #HakcerNews (Oct 16)

thehackernews.com/2025/10/nort...
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
Google reports North Korean hackers using EtherHiding to embed adaptive malware in blockchain smart contracts.
thehackernews.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
LinkPro LinuxルートキットはeBPFを使用して隠蔽し、マジックTCPパケットを介してアクティブ化します

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets #HakcerNews (Oct 16)

thehackernews.com/2025/10/link...
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets
Synacktiv uncovered LinkPro, a Golang rootkit using eBPF hide/knock modules activated by TCP window 54321.
thehackernews.com
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
ランサムウェア犯が暗号化より優先する攻撃 ~ 攻撃多次元化 Barracuda 調査 #ScanNetSecurity (Oct 16)

s.netsecurity.ne.jp/article/2025...
ランサムウェア犯が暗号化より優先する攻撃 ~ 攻撃多次元化 Barracuda 調査 | ScanNetSecurity
被害組織の 32 %が身代金を支払ってデータの復旧を試みたが、支払った組織の 41 %が全データまたは一部のデータを回復できなかった。一方、65 %はバックアップからデータを復元することに成功しており、適切なバックアップ戦略の重要性が浮き彫りになった。
s.netsecurity.ne.jp
kitafox.bsky.social
キタきつね @kitafox.bsky.social · 2d
ハッカーが「Zero Disco」攻撃でCiscoのSNMPの脆弱性を利用してLinuxルートキットを展開

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks #HackerNews (Oct 16)

thehackernews.com/2025/10/hack...
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks
Operation Zero Disco exploits Cisco IOS flaw CVE-2025-20352 to deploy persistent Linux rootkits
thehackernews.com