ホワイトハット(101,708件)

「いちばん大切なことは、目には見えない」重要なことを見極めるため知識体系情報サイト

実は先日、20年使ってきたドコモをいよいよ見限ってauに鞍替えしたのだけど、人の多い駅前でもつながるわ、コンビニの中でもつながるわ、スーパーでもつながるわ、電車乗ってもつながるわで度肝を抜かれた。浦島太郎状態。 ドコモの品質ってここまで落ちぶれてたのか。一方で多様性の重要性を痛感 ホームセンターのレジで店のアプリが中々開かずもたもたしてたとき、「最近(ドコモの)電波悪いわよね。こうして上に掲げると入る時があるわよ」と原始的な対策を教えてくれたレジのおばちゃん、あのときはありがとう。 auに変えたら一瞬で開くようになったよ。おばちゃんにも呆れられるドコモの品質

20年使ってきたdocomoをいよいよ見限ってauに鞍替えしたのだけどどこでも繋がってびっくり…docomoのいい話や悪い話、auの悪い話といろんな情報続々 [トゥギャ…

Webページ

togetter.com

2025-08-31 08:00:04

詳細ページ

はじめに SREの大橋です。Assuredでは、開発プロセスの効率化を目的としてPull Requestごとに利用できるPreview環境を導入しました。そのインフラ選定にあたり、既に利用しているGKEを拡張する案と、サーバーレスのCloud Runを採用する案が挙がり、最終的にCloud Runを選択しました。 そもそもPreview環境とは? Preview環境とは、Pull Requestごとに動的に生成される独立したアプリケーションの実行環境で、コード変更を即座に確認できるため開発スピードの向上に繋がります。PRレビュー時に実際のアプリケーションを動作させながら確認できるため、QAエン…

Cloud Runで実現したGKEより低コストなPreview環境 - Assured Tech Blog

Webページ

tech.assured.jp

2025-08-30 20:08:24

詳細ページ

Bedrock Engineerとは何か?AWS発の開発者向け生成AIツールの概要と特徴を詳しく解説 AWS

Bedrock Engineerとは何か?AWS発の開発者向け生成AIツールの概要と特徴を詳しく解説 | 株式会社一創

Webページ

www.issoh.co.jp

2025-08-30 20:08:23

詳細ページ

Interpol アフリカ当局がサイバー犯罪・詐欺ネットワークを摘発 約1億ドルを回収し、1209人を逮捕 (2025.08.22): まるちゃんの情報セキュリティ気まぐれ日記

Webページ

maruyama-mitsuhiko.cocolog-nifty.com

2025-08-30 20:08:20

詳細ページ

An analysis of Tenable telemetry data shows that the vulnerabilities being exploited by Chinese state-sponsored actors remain unremediated on a considerable number of devices, posing major risk to the organizations that have yet to successfully address these flaws.BackgroundTenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding state-sponsored threat actor activity associated with the People’s Republic of China (PRC).On August 27, the National Security Agency (NSA) published a joint cybersecurity advisory (CSA) authored and co-authored by a number of security agencies from the United States, Australia, Canada, New Zealand, United Kingdom, Czech Republic, Finland, Germany, Italy, Japan, the Netherlands, Poland and Spain. This CSA provides guidance on PRC state-sponsored threat actor activity and provides tactics, techniques and procedures (TTPs) utilized by these advanced persistent threat (APT) actors. These malicious actors have routinely targeted critical infrastructure, including telecommunications providers, but have also been observed attacking government, transportation, military and lodging entities. While the CSA provides some vulnerabilities exploited by these actors, it’s clear that this is not an exhaustive list and organizations need to continue to be vigilant in addressing known and exploitable vulnerabilities which are often abused for initial access to a victims network.FAQIs this activity associated with Salt Typhoon?The CSA states that the associated activity “partially overlaps” with Salt Typhoon (also known as OPERATOR PANDA, RedMike, UNC5807, GhostEmperor and more), however, it does not specifically attribute this activity to any one threat actor.We published a blog post in January 2025 about Salt Typhoon, analyzing the vulnerabilities used by this threat actor. The overlap between the CVEs confirmed to be used by Salt Typhoon and this CSA includes a pair of Ivanti Connect and Policy Secure vulnerabilities, CVE-2023-46805 and CVE-2024-21887, which are used as part of an exploit chain.As the threat activity discussed in the recent CSA is more generally attributed to PRC state-sponsored actors, we recommend reviewing the blogs we have published on Volt Typhoon and the top 20 CVEs exploited by PRC state-sponsored actors. These blogs include CVEs known to be used by PRC actors, notably including Fortinet firewalls, Microsoft Exchange server and other applications and devices that are referenced in the CSA.What are the vulnerabilities known to have been exploited in these attacks?According to the CSA, the Chinese state-sponsored threat actors are having “considerable success exploiting publicly known common vulnerabilities and exposures (CVEs)” with the following CVEs being listed as used by these threat actors to gain initial access:CVEDescriptionCVSSv3VPRCVE-2024-21887Ivanti Connect Secure and Ivanti Policy Secure Command Injection Vulnerability9.110CVE-2023-46805Ivanti Connect Secure and Ivanti Policy Secure Authentication Bypass Vulnerability8.26.7CVE-2024-3400Command Injection Vulnerability in the GlobalProtect Gateway feature of PAN-OS1010CVE-2023-20273Cisco IOS XE Web UI Command Injection Vulnerability7.28.4CVE-2023-20198Cisco IOS XE Web UI Elevation of Privilege Vulnerability109.9CVE-2018-0171Cisco IOS and IOS XE Smart Install Remote Code Execution (RCE) Vulnerability9.89.2*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on August 29 and reflects VPR at that time.Are there proofs-of-concept (PoCs) available for/these vulnerabilities?Yes, all of the vulnerabilities referenced in the CSA have PoCs available.Are patches or mitigations available for these CVEs?Yes, each of the vendors for these products has released patches and, in many cases, mitigation guidance that may be used if immediate patching is not feasible. However, given that these vulnerabilities have been exploited in the wild, many of them over several years, full remediation of these vulnerabilities should be completed as soon as possible.CVEAffected ProductVendor AdvisoryCVE-2024-21887 and CVE-2023-46805Ivanti Connect Secure and Ivanti Policy SecureAdvisoryCVE-2024-3400Palo Alto PAN-OSAdvisoryCVE-2023-20273 and CVE-2023-20198Cisco IOS XEAdvisoryCisco Talos BlogCVE-2018-0171Cisco IOS and IOS XEAdvisoryHow many devices remain vulnerable to these six CVEs?From an analysis of Tenable telemetry data, we found that a significant number of devices remain unremediated and pose a major risk to the organizations that have yet to successfully patch. As noted in the CSA, these “APT actors may target edge devices regardless of who owns a particular device.” Even in cases where an impacted entity is not a target of interest, these actors may still use compromised devices to conduct additional attacks on targeted networks.In our analysis, we found that Cisco devices had surprisingly significant counts of unpatched devices. For CVE-2023-20273 and CVE-2023-20198, 40% of devices remain unmitigated, while 58% of devices scanned remain vulnerable to CVE-2018-0171.In stark contrast, only around 14% of devices have yet to remediate CVE-2024-21887 and CVE-2023-46805. For Palo Alto devices, only around 3% of devices have yet been patched for CVE-2024-3400.Given the mixed remediation rates amongst these six CVEs, it’s imperative that organizations quickly mitigate these threats and ensure their devices are fully up to date. As the CSA notes, these threat actors are not reliant on zero-day vulnerabilities, but rather continue to target known and exploitable vulnerabilities on edge devices in order to gain initial access to their victims' networks.Have any of these CVEs been classified under Tenable’s Vulnerability Watch?Yes, we have classified several of the CVEs referenced in this CSA under our Vulnerability Watch:CVEVulnerability Watch StatesFirst EstablishedLast EstablishedCVE-2024-21887Vulnerability of Concern2024-01-102024-08-28CVE-2023-46805Vulnerability of Concern2024-01-102025-02-05CVE-2024-3400Vulnerability of Interest, Vulnerability of Concern2024-04-122024-08-28CVE-2018-0171Vulnerability of Interest2025-08-212025-08-27CVE-2023-20273 and CVE-2023-20198 were not classified prior to the publication of this CSA, as we began our Vulnerability Watch classifications at the start of 2024. We have been publishing Cyber Exposure Alert content since late 2018, and published a blog post for CVE-2023-20198 and CVE-2023-20273 on the same day the advisory was released. We recently added CVE-2018-0171 following an FBI alert.As a result of this CSA, we have classified all six CVEs as Vulnerabilities Being Monitored. For more information about Vulnerability Watch, please visit our blog, Reducing Remediation Time Remains a Challenge: How Tenable Vulnerability Watch Can Help.Have any of these CVEs been added to the CISA KEV?Yes, each of these CVEs has been featured in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog.CVEDate AddedRemediation Due DateCVE-2024-218871/10/20241/22/2024CVE-2023-468051/10/20241/22/2024CVE-2024-34004/12/20244/19/2024CVE-2023-2027310/23/202310/27/2023CVE-2023-2019810/16/202310/20/2023CVE-2018-017111/3/20215/3/2022Has Tenable released any product coverage for these vulnerabilities?Yes, plugin coverage is available for each of these CVEs. A list of Tenable plugins for these vulnerabilities can be found on their individual CVE pages:CVE-2024-21887CVE-2023-46805CVE-2024-3400CVE-2023-20273CVE-2023-20198CVE-2018-0171This link will display all available plugins for these vulnerabilities, including upcoming plugins in our Plugins Pipeline.In addition to these CVEs, we also recommend scanning with plugin ID 105161 to identify if Cisco Smart Install is enabled on any Cisco devices in your network. As noted in the CSA, disabling the Cisco Smart Install feature is highly recommended. In an update to the security advisory for CVE-2018-0171 on August 20, 2025, Cisco noted that they are ”aware of continued exploitation activity of the vulnerability that is described in this advisory and strongly recommends that customers assess their systems and upgrade to a fixed software release as soon as possible.”Tenable Attack Path Analysis techniquesThe following are a list of associated Tenable Attack Path Analysis techniques for the TTPs discussed in the CSA:MITRE ATT&CK IDDescriptionTenable Attack Path techniquesT1040Network SniffingT1040_WindowsT1068Exploitation for Privilege EscalationT1068_WindowsT1082System Information DiscoveryT1082T1098.004Account ManipulationT1098.004T1190Exploit Public-Facing ApplicationT1190_AwsT1190_WAST1048.003Exfiltration over Alternative ProtocolT1048.003_WindowsT1059.006Command and Scripting Interpreter: Python"T1059.006_WindowsTenable Identity Exposure Indicators of Exposure and Indicators of AttackThe following are a list of Indicators of Exposure and Indicators of Attack for Tenable Identity Exposure:MITRE ATT&CK IDDescriptionIndicatorsT1003OS Credential DumpingC-ADM-ACC-USAGEC-ADMIN-RESTRICT-AUTHT1021Remote ServicesC-LAPS-UNSECURE-CONFIGC-AAD-PRIV-SYNCC-USERS-REVER-PWDST1068Exploitation for Privilege EscalationI-SamNameImpersonationT1190Exploit Public-Facing ApplicationAPPLICATION-ALLOWING-MULTI-TENANT-AUTHENTICATIONABILITY-OF-STANDARD-ACCOUNTS-TO-REGISTER-APPLICATIONSC-EXCHANGE-VERSIONT1199Trusted RelationshipC-DANGEROUS-TRUST-RELATIONSHIPC-ACCOUNTS-DANG-SID-HISTORYT1556Modify Authentication ProcessC-SHADOW-CREDENTIALST1595Active ScanningC-GUEST-ACCOUNTGUEST-ACCOUNTS-WITH-EQUAL-ACCESS-TO-NORMAL-ACCOUNTSUNRESTRICTED-GUEST-ACCOUNTSGUEST-ACCOUNT-WITH-A-PRIVILEGED-ROLEAdditional MITRE ATT&CK ResourcesMITRE ATT&CK IDDescriptionProductT1190Exploit Public-Facing ApplicationTenable Web App ScanningT1595Active ScanningTenable Attack Surface ManagementGet more informationJoint CSA: Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage SystemTenable blog: Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored ActorTenable Blog: CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure GatewaysTenable Blog: CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the WildTenable Blog: CVE-2023-20198: Zero-Day Vulnerability in Cisco IOS XE Exploited in the WildTenable Blog: Proof of Concept (and Patch) for Critical Cisco IOS Vulnerability: CVE-2018-0171Tenable Blog: Volt Typhoon: U.S. Critical Infrastructure Targeted by State-Sponsored ActorsTenable Blog: Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors (AA22-279A)Join Tenable's Research Special Operations (RSO) Team on the Tenable Community.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks - Security Boulevard

Webページ

securityboulevard.com

2025-08-30 20:08:19

詳細ページ

ご来店ありがとうございます。新刊発売予定のお知らせです。 2025年9月4日(木)、井上亜星著 『ゼロから始めるLean言語入門 ― 手を動かして学ぶ形式数学ライブラリ開発』の発売を予定しています。 書名にもある通り、本書はLeanという比較的新しいプログラミング言語の入門書です。プログラミング言語としてのLeanは、いわゆる関数型言語の仲間と言えます。 他の関数型言語、とくにHaskellを使ったことがあれば、典型的なアルゴリズムやデータ構造を扱うLeanのコードをなんとなく書けるかもしれません。その程度には「ふつうの言語」であるとも言えます。 しかしLeanには「ふつうの言語」にはない大きな特長もあります。具体的には、「数学の証

新刊『ゼロから始めるLean言語入門 ― 手を動かして学ぶ形式数学ライブラリ開発』 の発売を9/4に予定しています – 技術書出版…

Webページ

www.lambdanote.com

2025-08-30 20:08:17

詳細ページ

ShadowSilk:アジアの政府機関からデータ窃取を行う脅威アクター|ZipLineキャンペーン、正当なビジネス上のやりとりを装いMixShellを展開|UNC6384がWebトラフィックを乗っ取り、外交官にSOGU.SECバックドアを配布、

ShadowSilk:アジアの政府機関からデータ窃取を行う脅威アクター | Codebook|Security News

Webページ

codebook.machinarecord.com

2025-08-30 20:08:15

詳細ページ

AI Lab、コンピュータビジョン分野のトップカンファレンス「CVPR2023」にて3本の主著論文採択 | 株式会社サイバーエージェント

Webページ

www.cyberagent.co.jp

2025-08-30 20:08:14

詳細ページ

結論 感想:Qwen3で試したときは何か微妙だったが、やっとまともに使えるOSSローカルLLM(Web検索できるChatGpt等の代替ツール)が出てきたなという感じ。 以下設定方法まとめ 前提条件 ・LM Studioはインストールしておいてください ・GPT-OSS...

LM Studio(ローカルLLM)からgpt-ossでWeb検索のMCPが使えるように設定する #LMStudio - Qiita

Webページ

qiita.com

2025-08-30 20:08:12

詳細ページ

荷物で片手がふさがっていても大丈夫。Androidスマホには片手操作をサポートする隠れた機能が多数。キーボードを寄せたり、アドレスバーを下に移動させたり、画面を引き下げたりと、指が届かないストレスを解消できます。

「Androidの片手操作」が劇的にラクになる!知って得する便利な機能3選 | ライフハッカー・ジャパン

Webページ

www.lifehacker.jp

2025-08-30 20:08:10

詳細ページ

AIプログラム、つまりLLMを呼び出したりRAGを実装したりエージェントを作ったりといったプログラミングの演習をしたいときに、参加者のPCに十分なリソースを前提とできないことは多いと思います。 Java AIプログラミング記事でQwen3 1.7B Q4_K_Mを選んだ 先月gihyo.jpの連載で、「JavaでAIプログラミングをはじめよう」という記事を出しました。 「JavaでAIプログラミングをはじめよう」という短期連載をgihyo.jpで出しました - きしだのHatena そのときに、読者のPCにGPUが載ってたりMacであることだったりは前提にできないので、なるべく必要なリソースが…

AIプログラムの開発演習に使う低消費リソースローカルLLMはQwen3 1.7B Q4がベスト - きしだのHatena

Webページ

nowokay.hatenablog.com

2025-08-30 20:08:07

詳細ページ

JavaScriptの非同期処理とイベントループ コールスタック コールスタックは「いまどの関数が動いていて、その中でどの関数を呼び出したのか」を管理する仕組みです スタック構造なので、最後に呼ばれた関数から順番に処理が戻っていきます シングルスレッド Jav...

JavaScriptの非同期処理とイベントループ #JavaScript初心者 - Qiita

Webページ

qiita.com

2025-08-30 20:08:06

詳細ページ

【NHK】「魂の叫びに涙が止まらない」「特攻隊員の写真を動画にして動かしてみた!」戦後80年のことし。YouTubeなどには特攻隊…

あふれる特攻隊YouTube動画 生成AIで写真が…“創作遺書”の疑いも 回天と神風特攻隊 混同のケースも | NHK | 戦後80年

Webページ

www3.nhk.or.jp

2025-08-30 20:00:27

詳細ページ

ヤマハはクラウドサービスの利用拡大に対応するネットワーク機器『RTX840』を発売。

ヤマハ、新VPNルーター「RTX840」発売 処理性能30%向上とクラウド最適化

Webページ

ascii.jp

2025-08-30 20:00:26

詳細ページ

国土地理院は、明治以降に整備してきた旧版の紙の地形図を9月1日から画像データとしてオンライン販売する。

国土地理院、旧版の紙地形図を画像データで提供開始 9月1日から - ITmedia NEWS

Webページ

www.itmedia.co.jp

2025-08-30 20:00:13

詳細ページ