Iran's Cavern Framework, KDDI 12M Breach & Supply Chain Backdoors
カートのアイテムが多すぎます
ご購入は五十タイトルがカートに入っている場合のみです。
カートに追加できませんでした。
しばらく経ってから再度お試しください。
ウィッシュリストに追加できませんでした。
しばらく経ってから再度お試しください。
ほしい物リストの削除に失敗しました。
しばらく経ってから再度お試しください。
ポッドキャストのフォローに失敗しました
ポッドキャストのフォロー解除に失敗しました
-
ナレーター:
-
著者:
(00:00:58) MuddyWater Shifts From Scanning to Stealing
(00:01:29) DHS Platform Breach, World Cup Exposure
(00:02:05) KDDI Exposes 12 Million Customer Records
(00:02:37) Supply Chain Backdoors Hit OpenAI and Vercel
(00:03:15) Ransomware Refuses to Break Even
(00:04:06) What to Watch Next
Iranian state-sponsored hackers are making headlines on two fronts today. The Cavern C2 framework — attributed to a group tied to Iran's Ministry of Intelligence — has been exposed as a modular, purpose-built espionage platform targeting Israeli IT providers and government entities, built with deliberate anti-analysis features. Simultaneously, MuddyWater has shifted gears: after scanning more than twelve thousand internet-exposed systems, the group is now executing targeted credential harvesting and data exfiltration across Middle East aviation, energy, and government sectors.
On the government breach front, the Department of Homeland Security is investigating a compromise of an unclassified interagency platform, with World Cup security planning materials potentially exposed — a significant operational intelligence risk.
Japanese telecom giant KDDI disclosed a breach affecting 12.2 million customer email addresses and 7.6 million passwords, traced to a third-party software vulnerability — the same supply chain attack pattern that also surfaced in the compromise of Aqua Security's Trivy, Bitwarden, and Checkmarx. Those backdoored tools allowed credential theft from developer machines, with downstream impact reaching OpenAI and Vercel.
Finally, ransomware now appears in 44 percent of all data breaches — up from 32 percent — yet 64 percent of victims are refusing to pay, and total tracked crypto ransom payments fell 35 percent year-over-year. The economics of extortion are shifting.
This is your essential daily briefing on the threats, breaches, and attacker moves shaping the global security landscape.
This episode includes AI-generated content.
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません