Lightnews — Scholar-powered news

Improve Collaboration to Hit Back At Rising Fraud, Says techUK

November 15, 2025 at 8:00 AM

キタきつね

@kitafox.bsky.social

増加する詐欺行為に対抗するには、連携を強化する必要があるとtechUKは指摘

Improve Collaboration to Hit Back At Rising Fraud, Says techUK #InfosecurityMagazine (Nov 13)

www.infosecurity-magazine.com/news/collabo...

Industry body techUK calls for real-time intelligence sharing across sectors to combat fraud

CISO Pay Increases 7% As Budget Growth Slows

November 15, 2025 at 7:01 AM

キタきつね

@kitafox.bsky.social

予算の伸びが鈍化する中、CISOの給与は7％増加

CISO Pay Increases 7% As Budget Growth Slows #InfosecurityMagazine (Nov 13)

www.infosecurity-magazine.com/news/ciso-pa...

An IANS study finds CISO compensation rose 6.7% on average in 2025 while budget growth halved compared to 2024

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

November 15, 2025 at 6:00 AM

キタきつね

@kitafox.bsky.social

「IndonesianFoods」npmワームが44,000個の悪意あるパッケージを公開

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages #InfosecurityMagazine (Nov 14)

www.infosecurity-magazine.com/news/indones...

A new npm worm dubbed “IndonesianFoods” has doubled the number of known malicious packages

Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time.

November 15, 2025 at 5:00 AM

キタきつね

@kitafox.bsky.social

人気のAndroidベースのフォトフレームは起動時にマルウェアをダウンロードする

Popular Android-based photo frames download malware on boot #BleepingComputer (Nov 13)

www.bleepingcomputer.com/news/securit...

www.bleepingcomputer.com

November 15, 2025 at 4:00 AM

キタきつね

@kitafox.bsky.social

AI生成コンテンツが次世代フィッシング攻撃とBEC攻撃を加速させる仕組み：検出と防御戦略

How AI-Generated Content is Fueling Next-Gen Phishing and BEC Attacks: Detection and Defense Strategies #SecurityBoulevard (Nov 13)

securityboulevard.com/2025/11/how-...

How AI-Generated Content is Fueling Next-Gen Phishing and BEC Attacks: Detection and Defense Strategies

With AI phishing attacks rising 1,760% and achieving a 60% success rate, learn how attackers use AI, deepfakes and automation — and discover proven, multi-layered defense strategies to protect your…

securityboulevard.com

November 15, 2025 at 3:00 AM

キタきつね

@kitafox.bsky.social

エンドゲーム作戦：警察が3つの主要なサイバー犯罪ツールの削除を発表

Operation Endgame: Police reveal takedowns of three key cybercrime tools #TheRecord (Nov 13)

therecord.media/operation-en...

Operation Endgame: Police reveal takedowns of three key cybercrime tools

The Rhadamanthys infostealer, the VenomRAT remote access trojan and the Elysium botnet were targeted in the latest phase of the international police action known as Operation Endgame.

therecord.media

November 15, 2025 at 2:00 AM

キタきつね

@kitafox.bsky.social

イタリアの大手ウェブホスティングプロバイダーの顧客を狙ったフィッシング攻撃

Phishing campaign targets customers of major Italian web hosting provider #TheRecord (Nov 14)

therecord.media/phishing-cam...

Phishing campaign targets customers of major Italian web hosting provider

The operation used a sophisticated phishing kit designed to impersonate the login and payment pages of Aruba S.p.A., stealing customer credentials and credit card details.

therecord.media

November 15, 2025 at 1:01 AM

キタきつね

@kitafox.bsky.social

ドイツ、量子セキュリティIDカードの概念実証を発表

Germany presents proof-of-concept for quantum-secure ID card #BiometricUpdate (Nov 13)

www.biometricupdate.com/202511/germa...

Germany presents proof-of-concept for quantum-secure ID card | Biometric Update

The proof-of-concept involved chips produced by German semiconductor manufacturer Infineon, featuring a new design that supports PQC algorithms.

www.biometricupdate.com

November 15, 2025 at 12:00 AM

キタきつね

@kitafox.bsky.social

偽のスパムフィルターアラートが受信トレイに届く

Fake spam filter alerts are hitting inboxes #HelpNetSecurity (Nov 13)

www.helpnetsecurity.com/2025/11/13/p...

Fake spam filter alerts are hitting inboxes - Help Net Security

A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning.

Rhadamanthys infostealer operation disrupted by law enforcement - Help Net Security

November 14, 2025 at 11:00 PM

キタきつね

@kitafox.bsky.social

ラダマンティスのインフォスティーラー活動は法執行機関によって阻止された

Rhadamanthys infostealer operation disrupted by law enforcement #HelpNetSecurity (Nov 13)

www.helpnetsecurity.com/2025/11/13/r...

Operation Endgame, a joint effort between law enforcement and judicial authorities, has disrupted the Rhadamanthys infostealer operation.

Wanna bet? Scammers are playing the odds better than you are - Help Net Security

November 14, 2025 at 10:01 PM

キタきつね

@kitafox.bsky.social

賭けてみませんか？詐欺師はあなたよりも上手くオッズを操作しています

Wanna bet? Scammers are playing the odds better than you are #HelpNetSecurity (Nov 13)

www.helpnetsecurity.com/2025/11/13/c...

Online betting scams are on the rise as criminals use AI, fake apps, and deepfakes to trick players and steal their money.

Automation can't fix broken security basics - Help Net Security

November 14, 2025 at 8:01 PM

キタきつね

@kitafox.bsky.social

自動化ではセキュリティ基盤の欠陥を修復できない

Automation can’t fix broken security basics #HelpNetSecurity (Nov 13)

www.helpnetsecurity.com/2025/11/13/s...

Many enterprises admit the security basics are still broken, with slow patching, weak oversight, and poor hygiene exposing major risks.

The browser is eating your security stack - Help Net Security

November 14, 2025 at 12:00 PM

キタきつね

@kitafox.bsky.social

ブラウザがセキュリティスタックを食い尽くす

The browser is eating your security stack #HelpNetSecurity (Nov 13)

www.helpnetsecurity.com/2025/11/13/b...

The 2025 LayerX report shows rising browser security risks as AI and SaaS use outgrow enterprise oversight.

Gartner Says Internal Auditors to Focus on Cybersecurity, Data Governance and Regulatory Compliance in 2026

November 14, 2025 at 11:30 AM

キタきつね

@kitafox.bsky.social

ガートナーは、内部監査担当者が2026年にサイバーセキュリティ、データガバナンス、規制コンプライアンスに重点を置くと予測しています

Gartner Says Internal Auditors to Focus on Cybersecurity, Data Governance and Regulatory Compliance in 2026 #Gartner (Nov 13)

www.gartner.com/en/newsroom/...

Gartner survey: #Cybersecurity vulnerabilities, #data governance and regulatory #compliance are three of the most common risk areas expected to be included in 2026 internal #audit plans. Read the…

www.gartner.com

November 14, 2025 at 11:00 AM

キタきつね

@kitafox.bsky.social

ガートナーは、欧州のIT支出が2026年に11%増加すると予測している

Gartner Forecasts IT Spending in Europe to Grow 11% in 2026 #Gartner (Nov 13)

www.gartner.com/en/newsroom/...

Gartner Forecasts IT Spending in Europe to Grow 11% in 2026

Gartner analyst John Lovelock said IT spending in Europe is projected to total $1.4 trillion in 2026. Read more here. #GartnerSYM #AI #CIO

www.gartner.com

November 14, 2025 at 10:30 AM

キタきつね

@kitafox.bsky.social

組織はSSOやパスキーを導入し、不適切なパスワード使用の習慣を解決

Orgs Move to SSO, Passkeys to Solve Bad Password Habits #DarkReading (Nov 14)

www.darkreading.com/identity-acc...

Orgs Move to SSO, Passkeys to Solve Bad Password Habits

In 2025, employees are still using weak passwords. Instead of forcing an impossible change, security leaders are working around the problem.

www.darkreading.com

November 14, 2025 at 10:00 AM

キタきつね

@kitafox.bsky.social

Google、中国のSMSフィッシング詐欺撲滅のため訴訟

Google Sues to Disrupt Chinese SMS Phishing Triad #KrebsonSecurity (Nov 13)

krebsonsecurity.com/2025/11/goog...

Google Sues to Disrupt Chinese SMS Phishing Triad

Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast…

krebsonsecurity.com

November 14, 2025 at 9:30 AM

キタきつね

@kitafox.bsky.social

AIサイドバースプーフィング：AIブラウザへの新たな攻撃

AI sidebar spoofing: a new attack on AI browsers #Kaspersky (Nov 13)

www.kaspersky.com/blog/ai-side...

How a fake AI sidebar can steal your data

Researchers have demonstrated how malicious extensions can create fake AI sidebars in the Comet and Atlas browsers, and spoof the models' responses. We explain how to avoid becoming a victim.

www.kaspersky.com

November 14, 2025 at 9:00 AM

キタきつね

@kitafox.bsky.social

Google、Lighthouseの「フィッシング初心者向け」キットを悪用した中国拠点の詐欺師25人を提訴

Google sues 25 China-based scammers behind Lighthouse 'phishing for dummies' kit #Register (Nov 12)

www.theregister.com/2025/11/12/g...

Google sues 25 China-based scammers behind phishing kit

: 600+ phishing websites and 116 of these use a Google logo

NHS supplier ends 18-month probe into cyberattack

November 14, 2025 at 8:30 AM

キタきつね

@kitafox.bsky.social

NHSサプライヤー、患者の死につながったランサムウェア攻撃の調査を終了

NHS supplier ends probe into ransomware attack that contributed to patient death #Register (Nov 13)

www.theregister.com/2025/11/13/s...

: Synnovis's 18-month forensic review of Qilin intrusion completed, now affected patients to be notified

Washington Post admits Clop crew lifted bank and SSN data

November 14, 2025 at 8:00 AM

キタきつね

@kitafox.bsky.social

特報、特報、すべて読んでください：ワシントンポストがクロップの事件で大打撃を受ける

Extra, extra, read all about it: Washington Post clobbered in Clop caper #Register (Nov 13)

www.theregister.com/2025/11/13/w...

: Nearly 10,000 staff and contractors warned after attackers raided newspaper's Oracle EBS setup

Ransomed CTO falls on sword, refuses to pay extortion demand

November 14, 2025 at 8:00 AM

キタきつね

@kitafox.bsky.social

身代金を要求されたCTOが脅迫に応じず支払いを拒否

Ransomed CTO falls on sword, refuses to pay extortion demand #Register (Nov 13)

www.theregister.com/2025/11/13/r...

: Checkout.com will instead donate the amount to fund cybercrime research