■「VMware SD-WAN」に認証バイパスの脆弱性
https://www.security-next.com/147648
https://www.vmware.com/security/advisories/VMSA-2023-0015.html
■Androidに限定的な標的型攻撃か、リモートコード実行の「Critical」な脆弱性も
https://news.yahoo.co.jp/articles/e10687988452e60b7d9b5bfde81fc37a8ad58cdb
■Fighting notification spam in Microsoft Edge
https://blogs.windows.com/msedgedev/2023/07/06/fighting-notification-spam-microsoft-edge/
■The five-day job: A BlackByte ransomware intrusion case study
https://www.microsoft.com/en-us/security/blog/2023/07/06/the-five-day-job-a-blackbyte-ransomware-intrusion-case-study/
■New StackRot Linux kernel flaw allows privilege escalation
https://www.bleepingcomputer.com/news/security/new-stackrot-linux-kernel-flaw-allows-privilege-escalation/
■StackRot Linux Kernel Bug Has Exploit Code on the Way
https://www.darkreading.com/vulnerabilities-threats/stackrot-linux-kernel-bug-exploit-code
■Increased Truebot Activity Infects U.S. and Canada Based Networks
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-187a
https://www.security-next.com/147656
■Iranian Hackers’ Sophisticated Malware Targets Windows and macOS Users
https://thehackernews.com/2023/07/iranian-hackers-sophisticated-malware.html
■Spoofing Attack Prevention
https://securityboulevard.com/2023/07/spoofing-attack-prevention/
■A Frictionless – And Secure – CAPTCHA Alternative
https://securityboulevard.com/2023/07/a-frictionless-and-secure-captcha-alternative/
■Using Zero Trust to reduce fraud and abuse
https://securityboulevard.com/2023/07/using-zero-trust-to-reduce-fraud-and-abuse/
■Apps with 1.5M installs on Google Play send your data to China
https://www.bleepingcomputer.com/news/security/apps-with-15m-installs-on-google-play-send-your-data-to-china/
■Talos Vulnerability Report
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1698
■Ransomware Affiliates, Triple Extortion, and the Dark Web Ecosystem
https://www.bleepingcomputer.com/news/security/ransomware-affiliates-triple-extortion-and-the-dark-web-ecosystem/
■経産省と警察庁、クレカ番号流出対策で覚書 – 実態把握を促進
https://www.security-next.com/147622
■「LINE PLACE」の投稿レシート画像が第三者から参照可能に
https://www.security-next.com/147618
■都水道局の委託先従業員が個人情報を不正入手 – 知人に提供か
https://www.security-next.com/147499
■数分でランサムウェア攻撃を検知しているのに75%が身代金を支払っているのはなぜ? フォーティネット
https://atmarkit.itmedia.co.jp/ait/articles/2307/06/news041.html
■Microsoft、『ローカル セキュリティ機関の保護』の不具合を修正したと2度目の発表。しかし、今回も修正されていない
https://www.nichepcgamer.com/archives/microsoft-says-they-fixed-the-local-security-authority-protection-bug-but-its-not-fixed.html