Tomo
@tomo.gr
某大企業のCSIRTやってる人
主にセキュリティ、たまにゲーム(WoW)
I am in charge of leader of a certain global trading company's CSIRT/SOC team. Registered Information Security Specialist in Japan.
Cyber Security and/or World of Warcraft
主にセキュリティ、たまにゲーム(WoW)
I am in charge of leader of a certain global trading company's CSIRT/SOC team. Registered Information Security Specialist in Japan.
Cyber Security and/or World of Warcraft
Reposted by Tomo
How to Integrate AI into Modern SOC Workflows
How to Integrate AI into Modern SOC Workflows
thehackernews.com
December 30, 2025 at 11:29 AM
How to Integrate AI into Modern SOC Workflows
Reposted by Tomo
Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
cybersecuritynews.com
December 30, 2025 at 12:19 PM
Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
Reposted by Tomo
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already compromised over 30 organizations across multiple sectors.
www.bleepingcomputer.com
December 6, 2025 at 7:18 PM
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Reposted by Tomo
In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising maintainers' accounts in a phishing attack.
Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack
In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising maintainers' accounts in a phishing attack.
www.bleepingcomputer.com
September 8, 2025 at 4:48 PM
In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising maintainers' accounts in a phishing attack.
Reposted by Tomo
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.
www.bleepingcomputer.com
September 8, 2025 at 7:54 PM
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.
Reposted by Tomo
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
thehackernews.com
July 11, 2025 at 4:01 PM
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Reposted by Tomo
Let’s Encrypt Started to Issue SSL/TLS Certificate for IP Address
Let's Encrypt Started to Issue SSL/TLS Certificate for IP Address
cybersecuritynews.com
July 3, 2025 at 1:17 PM
Let’s Encrypt Started to Issue SSL/TLS Certificate for IP Address
Reposted by Tomo
Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd
Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd
From courtroom breaches to cockpit infiltration, here’s this week’s Cyber Snapshot. Five critical stories you need on your radar, with safety advice included. We’ve got insider revenge, MFA manipulation, rogue browser extensions, and state-sponsored email theft, all in one rapid-fire rundown. Whether you’re in IT, cybersecurity compliance, or just trying to keep your team one […]
The post Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd appeared first on Heimdal Security Blog .
heimdalsecurity.com
July 3, 2025 at 1:23 PM
Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd
Reposted by Tomo
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
thehackernews.com
June 27, 2025 at 4:31 PM
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
参加してきました
ウクライナCERT人気だった
ウクライナCERT人気だった
FIRSTCON25 Delivers Global Collaboration and Groundbreaking Cybersecurity Initiatives
FIRSTCON25 Delivers Global Collaboration and Groundbreaking Cybersecurity Initiatives
Annual conference unveils new funding initiatives, platforms and tools, leadership appointments, and expanded global capacity building programs
www.first.org
June 27, 2025 at 10:48 PM
参加してきました
ウクライナCERT人気だった
ウクライナCERT人気だった
Reposted by Tomo
Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors
Scattered Spider hackers shift focus to aviation, transportation firms
Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors
www.bleepingcomputer.com
June 27, 2025 at 6:21 PM
Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors
Reposted by Tomo
Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack
Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack
In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought back against incident response teams.
www.darkreading.com
June 27, 2025 at 7:26 PM
Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack
Reposted by Tomo
According to Ransomware.live, qilin ransomware group has added SMC Corporation (🇯🇵) to its victims.
March 17, 2025 at 9:38 AM
According to Ransomware.live, qilin ransomware group has added SMC Corporation (🇯🇵) to its victims.
Reposted by Tomo
🚨Cyberattack Alert ‼️
🇪🇺🇯🇵 - SMC Corporation
Qilin hacking group claims to have breached the European branch of SMC Corporation.
Allegedly, 1.1 TB (552,000 files) of data were exfiltrated.
🇪🇺🇯🇵 - SMC Corporation
Qilin hacking group claims to have breached the European branch of SMC Corporation.
Allegedly, 1.1 TB (552,000 files) of data were exfiltrated.
March 17, 2025 at 10:06 AM
🚨Cyberattack Alert ‼️
🇪🇺🇯🇵 - SMC Corporation
Qilin hacking group claims to have breached the European branch of SMC Corporation.
Allegedly, 1.1 TB (552,000 files) of data were exfiltrated.
🇪🇺🇯🇵 - SMC Corporation
Qilin hacking group claims to have breached the European branch of SMC Corporation.
Allegedly, 1.1 TB (552,000 files) of data were exfiltrated.
Reposted by Tomo
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$ BOUNTY
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$$$ BOUNTY
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by law.
infosecwriteups.com
March 16, 2025 at 6:07 AM
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$ BOUNTY
