JPCERT/CC Eyes

JPCERT/CC Eyes

JPCERT Coordination Center official Blog

Language:

  • JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites Incident
    中井 尚子(Shoko Nakai)

    中井 尚子(Shoko Nakai)

    September 6, 2022
    JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites
    JPCERT/CC releases a URL dataset of phishing sites confirmed from January 2019 to June 2022, as we received many requests for more specific information after publishing a blog article on trends of phishing sites and compromised domains in 2021. The list is available in the following GitHub repository. Phishing URL dataset from JPCERT/CC https://github.com/JPCERTCC/phishurl-list/ Each column contains the following: date: Date confirmed by JPCERT/CC URL: Entire URL of a phishing...

    Read more

  • A File Format to Aid in Security Vulnerability Disclosure – the first step to a proper connection Standard-Guideline
    戸塚 紀子(Noriko Totsuka)

    戸塚 紀子(Noriko Totsuka)

    August 30, 2022
    A File Format to Aid in Security Vulnerability Disclosure – the first step to a proper connection
    Hello. I am Noriko Totsuka from Early Warning Group. The Early Warning Group publishes security information such as security alerts and early warning information, as well as JVN Advisories. As a vulnerability coordinator, I am in charge of a series of coordination tasks, from coordinating with developers of target products, including taking countermeasures based on the vulnerability-related information reported to JPCERT/CC by vulnerability finders such as security researchers, to the...

    Read more

  • YamaBot Malware Used by Lazarus Malware
    朝長 秀誠 (Shusei Tomonaga)

    朝長 秀誠 (Shusei Tomonaga)

    July 7, 2022
    YamaBot Malware Used by Lazarus
    JPCERT/CC is continuously investigating the activities by Lazarus. In ...

    Read more

  • VSingle malware that obtains C2 server information from GitHub Malware
    朝長 秀誠 (Shusei Tomonaga)

    朝長 秀誠 (Shusei Tomonaga)

    July 5, 2022
    VSingle malware that obtains C2 server information from GitHub
    Some types of malware use DGA, obfuscate destination information, or c...

    Read more

  • TSUBAME Report Overflow (Jan-Mar 2022) Cyber Metrics
    鹿野 恵祐 (Keisuke Shikano)

    鹿野 恵祐 (Keisuke Shikano)

    June 30, 2022
    TSUBAME Report Overflow (Jan-Mar 2022)
    This TSUBAME Report Overflow series discuss monitoring trends of overseas TSUBAME sensors and other activities which the Internet Threat Monitoring Quarterly Reports does not include. This article covers the monitoring results for the period of October to December 2021. The scan trends observed with TSUBAME sensors in Japan are presented in graphs here. Looking back on 2021 Figure 1 shows a comparison and transition of the total number of IP...

    Read more

  • What’s happening in Ukraine on the Internet? – Data from Shodan Trends Cyber Metrics
    村上 勇樹(Yuki Murakami)

    村上 勇樹(Yuki Murakami)

    June 27, 2022
    What’s happening in Ukraine on the Internet? – Data from Shodan Trends
    JPCERT/CC Cyber Metrics Group utilizes various kinds of data in order to understand what is happening on the Internet and call for appropriate cybersecurity measures based on the analysis. For example, we operate TSUBAME [1], an Internet threat monitoring system, and Mejiro [2] , an Internet risk visualization service. In this article, we used data from Shodan Trends to check how the recent situation in Ukraine looks on the Internet....

    Read more

  • JPCERT/CC participated in the Locked Shields 2022 Event
    小宮山 功一朗 (Koichiro Sparky Komiyama)

    小宮山 功一朗 (Koichiro Sparky Komiyama)

    June 1, 2022
    JPCERT/CC participated in the Locked Shields 2022
    1. What is Locked Shields? Locked Shields is a cyber exercise organized by NATO CCDCOE. It is a large-scale and complex exercise which took place in late April 2022. JPCERT/CC participated in this exercise as a member of the Japan-UK Blue team. We would like to report on the event. Scene of participation by the Japanese and British teams(Source: https://twitter.com/ModJapan_jp/status/1517113397745426439) The purpose of participating in Locked Shields was to deepen...

    Read more

  • Trends of Reported Phishing Sites and Compromised Domains in 2021 Incident
    中井 尚子(Shoko Nakai)

    中井 尚子(Shoko Nakai)

    May 25, 2022
    Trends of Reported Phishing Sites and Compromised Domains in 2021
    JPCERT/CC received 44,242 incident reports in 2021 and of that 23,104 ...

    Read more

  • Analysis of HUI Loader Malware
    朝長 秀誠 (Shusei Tomonaga)

    朝長 秀誠 (Shusei Tomonaga)

    May 19, 2022
    Analysis of HUI Loader
    To conceal malware’s features, attackers sometimes encode the malware and decode it only when they execute it. In such cases, the encoded malware is loaded and executed by a program called loader. In this way, an attacker can split the malware into a loader and encoded malware. Minimizing the loader’s features and hiding important features of the malware make detection on infected hosts more difficult. Among such loaders, this article...

    Read more

  • ICS Security Conference 2022 Event
    河野 一之 (Kazuyuki Kohno)

    河野 一之 (Kazuyuki Kohno)

    April 7, 2022
    ICS Security Conference 2022
    JPCERT/CC held ICS Security Conference 2022 on February 3, 2022. The purpose of the conference is to share the current status of threats in ICS both in Japan and abroad as well as efforts by ICS security stakeholders. It also aims to help participants improve their ICS security measures and establish best practices. The conference has been held annually since 2009, and this year’s was the 14th conference. The event...

    Read more

  • Previous 10 articles
  • Next 10 articles

Categories

  • Malware
  • Incident
  • Event
  • Vulnerability
  • Security Technology
  • Forensic
  • Cyber Metrics
  • ICS-OT
  • Other

Tags

  • Python
  • Conference
  • Datper
  • ChChes
  • Training
  • Statistics and Indicator
  • Tool
  • BlackTech
  • LogonTracer
  • Report
  • Splunk
  • ElasticStack
  • impfuzzy
  • volatility
  • RedLeaves
  • PlugX
  • DarkHotel
  • Banking malware
  • Pacific_Islands
  • CSIRT
  • Password
  • Policy
  • DDoS
  • APT
  • Trend
  • Africa
  • SecureCoding
  • SysmonSearch
  • JSAC
  • IoT
  • IIoT
  • Quasar
  • LODEINFO
  • Lazarus
  • Emotet
  • Phishing
  • Metrics
  • TSUBAME
  • Standard-Guideline

Authors

  • 鹿野 恵祐 (Keisuke Shikano)
  • 関口 晃弘 (Akihiro Sekiguchi)
  • 衛藤 亮介 (Ryosuke Eto)
  • 福本 郁哉(Ikuya Fukumoto)
  • 登山 昌恵 (Masae Toyama)
  • 田中 信太郎(Shintaro Tanaka)
  • 洞田 慎一 (Shinichi Horata)
  • 河野 一之 (Kazuyuki Kohno)
  • 水野 哲也 (Tetsuya Mizuno)
  • 村上 勇樹(Yuki Murakami)
  • 朝長 秀誠 (Shusei Tomonaga)
  • 戸塚 紀子(Noriko Totsuka)
  • 岩崎 照平(Shohei Iwasaki)
  • 小宮山 功一朗 (Koichiro Sparky Komiyama)
  • 寺本 健悟(Kengo Teramoto)
  • 増渕 維摩(Yuma Masubuchi)
  • 堀 充孝(Mitsutaka Hori)
  • 喜野 孝太(Kota Kino)
  • 内田 有香子 (Yukako Uchida)
  • 佐條 研(Ken Sajo)
  • 伊藤 智貴 (Tomo Ito)
  • 中野 巧 (Takumi Nakano)
  • 中村 恭脩(kyosuke Nakamura)
  • 中井 尚子(Shoko Nakai)
  • JPCERT/CC

Archives

  • 20236
  • 202219
  • 202120
  • 202021
  • 201918
  • 201812
  • 201717
  • 201618
  • 201520
  • 201418
  • 20137
  • 20122
  • 20118
  • 20104

JPCERT Coordination Center

JPCERT/CC
8F Tozan Bldg, 4-4-2 Nihonbashi-Honcho, Chuo-ku, Tokyo 1030023 JAPAN

TEL: +81-3-6271-8901 FAX: +81-3-6271-8908

  • Privacy Policy
  • Disclaimer

© 1996-2023 JPCERT/CC