【ニュース】

■2025年

◇2025年1月

◆Chinese hackers targeted sanctions office in Treasury attack (BleepingComputer, 2025/01/02 13:09)
[中国ハッカー、財務省攻撃で制裁事務局を標的に]
https://www.bleepingcomputer.com/news/security/chinese-hackers-targeted-sanctions-office-in-treasury-attack/
⇒ https://malware-log.hatenablog.com/entry/2025/01/02/000000_4

◆CISA says recent government hack limited to US Treasury (BleepingComputer, 2025/01/06 15:58)
[CISAによると、最近の政府へのハッキングは米財務省に限定されている]
https://www.bleepingcomputer.com/news/security/cisa-says-recent-government-hack-limited-to-us-treasury/
⇒ https://malware-log.hatenablog.com/entry/2025/01/06/000000_6

◆Treasury hackers also breached US foreign investments review office (BleepingComputer, 2025/01/10 12:02)
[財務省のハッカーは、米国の外国投資審査室にも侵入した]
https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/
⇒ https://malware-log.hatenablog.com/entry/2025/01/10/000000_7

◆CISA orders agencies to patch BeyondTrust bug exploited in attacks (BleepingComputer, 2025/01/13 15:58)
[CISA、BeyondTrustのバグを修正するよう機関に命令 攻撃で悪用]
https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-beyondtrust-bug-exploited-in-attacks/
⇒ https://malware-log.hatenablog.com/entry/2025/01/13/000000

◇2025年2月

◆BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key (The Hacker News, 2025/02/01)
[BeyondTrust、ゼロデイ攻撃により、侵害されたAPIキー経由で17社のSaaS顧客を公開]
https://thehackernews.com/2025/02/beyondtrust-zero-day-breach-exposes-17.html
⇒ https://malware-log.hatenablog.com/entry/2025/02/01/000000_3