ข้อมูลกลุ่ม ส่วนตัว

administrators

  • Fortinet แพตช์ช่องโหว่ CVE-2025-25257 บน FortiWeb เสี่ยงถูกโจมตีแบบ SQL Injection

    ca507731-52cd-4411-9973-2546c7707e43-image.png

    Fortinet แพตช์ช่องโหว่ CVE-2025-25257 บน FortiWeb เสี่ยงถูกโจมต.png

    สามารถติดตามข่าวสารได้ที่ webboard หรือ Facebook NCSA Thailand 390f4243-7161-4c63-b033-8d1087d02b19-image.png

    โพสต์ใน Cyber Security News
  • ข้อมูลการรับสมัครงานของแมคโดนัลด์ กว่า 64 ล้านรายการ เสี่ยงรั่วไหลจากการตั้งรหัสผ่าน 123456

    fd239776-5eea-41b5-afec-cb568cc41a64-image.png

    ข้อมูลการรับสมัครงานของแมคโดนัลด์ กว่า 64 ล.png

    สามารถติดตามข่าวสารได้ที่ webboard หรือ Facebook NCSA Thailand 51ba8526-67c8-43f3-8aeb-67ce73fa98fe-image.png

    โพสต์ใน Cyber Security News
  • ช่องโหว่ร้ายแรงใน FortiWeb

    เมื่อวันที่ 10 กรกฎาคม 2568 Cyber Security Agency of Singapore (CSA) รายงานเกี่ยวกับบริษัท Fortinet ได้เผยแพร่การอัปเดตความปลอดภัยเพื่อแก้ไขช่องโหว่ร้ายแรงที่ส่งผลกระทบต่อผลิตภัณฑ์ FortiWeb บริษัท Fortinet ได้เผยแพร่การอัปเดตความปลอดภัยเพื่อแก้ไขช่องโหว่ร้ายแรง หมายเลข CVE-2025-25257 ที่ส่งผลกระทบต่อผลิตภัณฑ์ FortiWeb

    ผลกระทบ
    การใช้ประโยชน์จากช่องโหว่ในคำสั่ง Structured Query Language (SQL) สำเร็จอาจทำให้ผู้โจมตีที่ไม่ได้รับการยืนยันตัวตนสามารถรันโค้ดหรือคำสั่ง SQL ที่ไม่ได้รับอนุญาตผ่านการร้องขอ HTTP หรือ HTTPS ที่ถูกออกแบบมาโดยเฉพาะ
    ผลิตภัณฑ์ที่ได้รับผลกระทบ
    ช่องโหว่นี้ส่งผลกระทบต่อผลิตภัณฑ์ดังต่อไปนี้

    • FortiWeb รุ่น 7.6.0 ถึง 7.6.3
    • FortiWeb รุ่น 7.4.0 ถึง 7.4.7
    • FortiWeb รุ่น 7.2.0 ถึง 7.2.10
    • FortiWeb รุ่น 7.0.0 ถึง 7.0.10

    แนวทางการแก้ไข
    ผู้ใช้และผู้ดูแลระบบของผลิตภัณฑ์รุ่นที่ได้รับผลกระทบควรดำเนินการอัปเกรดเป็นรุ่นล่าสุดโดยทันที ในกรณีที่ไม่สามารถดำเนินการแพตช์ได้ทันทีหรือไม่เป็นไปได้ ผู้ดูแลระบบควรปิดใช้งานอินเทอร์เฟซการจัดการ HTTP/HTTPS เป็นการแก้ไขชั่วคราว

    อ้างอิง
    https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-069

    สามารถติดตามข่าวสารได้ที่ webboard หรือ Facebook NCSA Thailand 969ea637-2d49-433e-b32e-babf6e40b438-image.png

    โพสต์ใน Cyber Security News
  • แคมเปญ ClickFix ถูกใช้โจมตี แบบ Social Engineerin

    เมื่อวันที่ 10 กรกฎาคม 2568 Cyber Security Agency of Singapore (CSA) รายงานว่ามีผู้ไม่ประสงค์ดีใช้เทคนิคการหลอกลวงทางสังคม (Social Engineering) ที่เรียกว่า ClickFix เพื่อหลอกลวงให้ผู้ที่อาจตกเป็นเหยื่อรันคำสั่งที่เป็นอันตราย
    ตามรายงาน ผู้ไม่ประสงค์ดีใช้เทคนิค ClickFix เพื่อหลอกลวงให้ผู้ที่อาจตกเป็นเหยื่อรันคำสั่งที่เป็นอันตราย โดยอ้างว่าเป็นการ “แก้ไขด่วน” สำหรับปัญหาคอมพิวเตอร์ทั่วไป เทคนิคนี้มุ่งเป้าไปที่องค์กรในหลากหลายภาคส่วน รวมถึง อุตสาหกรรมเทคโนโลยี, การเงิน, การผลิต, การค้าส่งและค้าปลีก, หน่วยงานภาครัฐ, บริการวิชาชีพและกฎหมาย, สาธารณูปโภค และพลังงาน
    ClickFix คืออะไร
    ClickFix เป็นเทคนิคการหลอกลวงทางสังคมรูปแบบใหม่ที่ผู้ไม่ประสงค์ดีใช้มากขึ้น โดยหลอกให้ผู้ใช้ที่ถูกกำหนดเป้าหมายดำเนินการ “แก้ไขด่วน” สำหรับปัญหาคอมพิวเตอร์ เช่น ปัญหาด้านประสิทธิภาพ, ไดรเวอร์ขาดหาย หรือข้อผิดพลาดแบบป๊อปอัพ ตั้งแต่มีรายงานครั้งแรกในปี พ.ศ. 2567 เทคนิค ClickFix ได้นำไปสู่การแพร่กระจายมัลแวร์ผ่านเว็บไซต์ที่ถูกบุกรุก, โครงสร้างพื้นฐานการแจกจ่ายที่เป็นอันตราย และอีเมลฟิชชิ่ง
    กลยุทธ์ เทคนิค และขั้นตอน (TTPs)
    เทคนิค ClickFix อาศัยการ จี้คลิปบอร์ด (Clipboard Hijacking) โดยซอฟต์แวร์ที่เป็นอันตรายจะดักจับและแก้ไขข้อมูลที่ผู้ใช้คัดลอกและวางบนอุปกรณ์อย่างลับๆ โดยมักใช้กล่องโต้ตอบที่มีข้อความแสดงข้อผิดพลาดปลอมเพื่อหลอกให้ผู้ใช้คัดลอกสคริปต์หรือคำสั่งที่เป็นอันตรายลงในคลิปบอร์ดโดยใช้ ClickFix inject ก่อนให้คำแนะนำให้วางและรันเนื้อหาที่เป็นอันตราย ในช่วงไม่กี่เดือนที่ผ่านมา ผู้ไม่ประสงค์ดีได้ใช้หน้าเว็บยืนยันตัวตนปลอมที่ขอให้ผู้ใช้ดำเนินการบางอย่างก่อนเปลี่ยนเส้นทางไปยังหน้าเว็บที่ต้องการ ตัวอย่างข้อความป๊อปอัพของแคมเปญ ClickFix ปรากฏใน ภาคผนวก A ผู้ที่ตกเป็นเหยื่อมักดำเนินการตามขั้นตอนสามขั้นตอนที่ทำให้คำสั่ง PowerShell ที่เป็นอันตรายทำงานได้ ดังนี้:

    • เปิดกล่องโต้ตอบ Windows Run
    • คัดลอกและวางคำสั่ง PowerShell ที่เป็นอันตรายลงในเทอร์มินัลโดยอัตโนมัติหรือด้วยตนเอง [กด 'CTRL+V']
    • รันคำสั่ง [กด ‘Enter’]

    ผลกระทบ
    การดำเนินการเทคนิค ClickFix สำเร็จสามารถนำไปสู่การติดตั้งมัลแวร์หลากหลายประเภท เช่น NetSupport RAT, Latrodectus และ Lumma Stealer ซึ่งอาจส่งผลให้เกิดการขโมยข้อมูลประจำตัว, การรั่วไหลของข้อมูล, การบุกรุกบัญชีอีเมล และเหตุการณ์แรนซัมแวร์ ผู้ไม่ประสงค์ดีสามารถใช้การเข้าถึงระบบที่ถูกบุกรุกเพื่อยกระดับสิทธิ์และเคลี่อนย้ายไปยังระบบอื่นภายในเครือข่าย

    แนวทางการป้องกัน
    องค์กรควรดำเนินมาตรการป้องกันดังต่อไปนี้เพื่อป้องกันแคมเปญ ClickFix

    • เพิ่มความระมัดระวัง ต่อป๊อปอัพ “CAPTCHA” หรือ “Fix It” ปลอม และจดจำสัญญาณเตือน เช่น คำแนะนำให้ใช้กล่องโต้ตอบ Run โดยไม่คาดคิด
    • ปรับปรุงระบบ แอปพลิเคชัน และซอฟต์แวร์ให้เป็นเวอร์ชันล่าสุด และใช้ซอฟต์แวร์ป้องกันไวรัสที่ทันสมัยเพื่อตรวจจับมัลแวร์และลิงก์ฟิชชิ่งที่เป็นอันตราย
    • ใช้โซลูชัน SIEM เพื่อบันทึกข้อมูล, มองเห็นสินทรัพย์ และตรวจสอบระบบอย่างต่อเนื่องเพื่อตรวจจับการเชื่อมต่อเครือข่ายที่ผิดปกติและคำสั่ง PowerShell ที่เป็นอันตราย
    • บังคับใช้นโยบายควบคุมการเข้าถึงที่เข้มงวด เพื่อให้ผู้ใช้และระบบมีสิทธิ์ขั้นต่ำที่จำเป็น เพื่อจำกัดผลกระทบจากการถูกบุกรุกและป้องกันการยกระดับสิทธิ์และการเคลื่อนย้ายด้านข้าง
    • ใช้การควบคุมแอปพลิเคชัน (Application Whitelisting) เพื่ออนุญาตให้เฉพาะซอฟต์แวร์และสคริปต์ที่ได้รับอนุญาตทำงาน เพื่อป้องกันการรันไฟล์ปฏิบัติการที่ไม่รู้จักและสคริปต์ PowerShell ที่เป็นอันตราย
    • ผู้ดูแลระบบควรพิจารณาติดตามและบล็อก ตัวบ่งชี้การถูกโจมตี (IOCs) ที่เกี่ยวข้องกับแคมเปญ ClickFix ดังแสดงในตารางด้านล่าง

    อ้างอิง
    https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-068

    สามารถติดตามข่าวสารได้ที่ webboard หรือ Facebook NCSA Thailand 8a255db7-0ae9-4bec-9eba-b99988142062-image.png

    โพสต์ใน Cyber Security News
  • CISA ออกคำแนะนำเกี่ยวกับระบบควบคุมอุตสาหกรรม 13 รายการ

    Cybersecurity and Infrastructure Security Agency (CISA) ได้เผยแพร่คำแนะนำเกี่ยวกับระบบควบคุมอุตสาหกรรม (ICS) 13 รายการ เมื่อวันที่ 10 กรกฎาคม 2568 ซึ่งคำแนะนำเหล่านี้ให้ข้อมูลที่ทันท่วงทีเกี่ยวกับปัญหาด้านความปลอดภัยช่องโหว่ และช่องโหว่ที่อยู่รอบ ๆ ICS ในปัจจุบัน มีดังต่อไปนี้

    • ICSA-25-191-01 Siemens SINEC NMS
    • ICSA-25-191-02 Siemens Solid Edge
    • ICSA-25-191-03 Siemens TIA Administrator
    • ICSA-25-191-04 Siemens SIMATIC CN 4100
    • ICSA-25-191-05 Siemens TIA Project-Server and TIA Portal
    • ICSA-25-191-06 Siemens SIPROTEC 5
    • ICSA-25-191-07 Delta Electronics DTM Soft
    • ICSA-25-191-08 Advantech iView
    • ICSA-25-191-09 KUNBUS RevPi Webstatus
    • ICSA-25-191-10 End-of-Train and Head-of-Train Remote Linking Protocol
    • ICSA-25-121-01 KUNBUS GmbH Revolution Pi (Update A)
    • ICSA-25-135-19 ECOVACS DEEBOT Vacuum and Base Station (Update A)
    • ICSA-24-263-02 IDEC Products (Update A)

    ทั้งนี้ CISA สนับสนุนให้ผู้ใช้และผู้ดูแลระบบตรวจสอบคำแนะนำ ICS ที่เผยแพร่ใหม่สำหรับรายละเอียดทางเทคนิคและการบรรเทาผลกระทบ รายละเอียดเพิ่มเติมที่ https://www.cisa.gov/news-events/alerts/2025/07/10/cisa-releases-thirteen-industrial-control-systems-advisories

    อ้างอิง
    https://www.cisa.gov/news-events/alerts/2025/07/10/cisa-releases-thirteen-industrial-control-systems-advisories
    สามารถติดตามข่าวสารได้ที่ webboard หรือ Facebook NCSA Thailand e7262e87-84a7-4bc1-9c62-276cadeb48a2-image.png

    โพสต์ใน OT Cyber Security News
  • CISA ออกคำแนะนำเกี่ยวกับระบบควบคุมอุตสาหกรรม 1 รายการ

    Cybersecurity and Infrastructure Security Agency (CISA) ได้เผยแพร่คำแนะนำเกี่ยวกับระบบควบคุมอุตสาหกรรม (ICS) 1 รายการ เมื่อวันที่ 8 กรกฎาคม 2568 ซึ่งคำแนะนำเหล่านี้ให้ข้อมูลที่ทันท่วงทีเกี่ยวกับปัญหาด้านความปลอดภัยช่องโหว่ และช่องโหว่ที่อยู่รอบ ๆ ICS ในปัจจุบัน มีดังต่อไปนี้

    • ICSA-25-189-01 Emerson ValveLink Products

    ทั้งนี้ CISA สนับสนุนให้ผู้ใช้และผู้ดูแลระบบตรวจสอบคำแนะนำ ICS ที่เผยแพร่ใหม่สำหรับรายละเอียดทางเทคนิคและการบรรเทาผลกระทบ รายละเอียดเพิ่มเติมที่ https://www.cisa.gov/news-events/alerts/2025/07/08/cisa-releases-one-industrial-control-systems-advisory

    อ้างอิง
    https://www.cisa.gov/news-events/alerts/2025/07/08/cisa-releases-one-industrial-control-systems-advisory

    สามารถติดตามข่าวสารได้ที่ webboard หรือ Facebook NCSA Thailand 2a970d70-bddf-470b-9c4e-130f3ae56563-image.png

    โพสต์ใน OT Cyber Security News
  • Cyber Threat Intelligence 14 July 2025

    Financial Sector

    • Financial Firms Are Locking The Front Door But Leaving The Back Open
      "Financial institutions are building stronger defenses against direct cyberattacks, but they may be overlooking a growing problem: their vendors. According to Black Kite’s new report, third-party risk has become one of the biggest cybersecurity threats facing the financial sector."
      https://www.helpnetsecurity.com/2025/07/11/financial-firms-third-party-cyber-risk/
    • Factoring Cybersecurity Into Finance's Digital Strategy
      "The financial industry is witnessing a significant shift, fueled by artificial intelligence (AI) advancements to meet consumer demand for digital and personalized services. A recent Gartner report highlighted that the adoption of AI in financial functions surged by 21% in 2024 alone. With technological leaps transforming operations comes equal technological advancement for bad actors to breach financial institution infrastructures. As a result, financial institutions must undertake a critical responsibility to stay ahead of threats to safeguard their assets as well as customers' data and privacy. This requires implementing a combination of reactive defense mechanisms and designing proactive systems capable of anticipating and preventing emerging threats."
      https://www.darkreading.com/cyberattacks-data-breaches/factoring-cybersecurity-finances-digital-strategy

    Vulnerabilities

    Malware

    • Malware Found In Official GravityForms Plugin Indicating Supply Chain Breach
      "The Patchstack team has been monitoring targeted supply chain attacks involving a vendor of a plugin or theme. At first, we noticed that Groundhogg was affected by this supply chain attack, and its plugins were compromised by malware that was injected. The full details can be viewed here. Today, we received information about a possible targeted supply chain attack against Gravity Forms. We are still actively investigating to better understand the scale and impact, but as we have proof of infected websites and IOCs to keep an eye on, we're sharing this information in this post so people could check if they have been affected."
      https://patchstack.com/articles/critical-malware-found-in-gravityforms-official-plugin-site/
      https://www.bleepingcomputer.com/news/security/wordpress-gravity-forms-developer-hacked-to-push-backdoored-plugins/
    • BlackSuit: A Hybrid Approach With Data Exfiltration And Encryption
      "Cybereason Security Services issue Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. In this Threat Analysis report, Cybereason Security Services investigates a BlackSuit ransomware attack we recently observed that represents a significant threat to organizations, leveraging tools like Cobalt Strike for command and control (C2), rclone for data exfiltration, and BlackSuit ransomware for file encryption."
      https://www.cybereason.com/blog/blacksuit-data-exfil
    • Evolving Tactics Of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
      "In late 2024, we discovered a malware variant related to the SLOW#TEMPEST campaign. In this research article, we explore the obfuscation techniques employed by the malware authors. We deep dive into these malware samples and highlight methods and code that can be used to detect and defeat the obfuscation techniques. Understanding these evolving tactics is essential for security practitioners to develop robust detection rules and strengthen defenses against increasingly sophisticated threats."
      https://unit42.paloaltonetworks.com/slow-tempest-malware-obfuscation/
    • SafePay Ransomware: The Fast-Rising Threat Targeting MSPs
      "In Q1 2025, one ransomware group surged rapidly from obscurity to become one of the most active and dangerous actors on the global threat landscape: SafePay. It has quietly and aggressively built momentum, striking over 200 victims worldwide, including managed service providers (MSPs) and small-to-midsize businesses (SMBs) across industries. Acronis Threat Research Unit (TRU) analyzed several SafePay samples and confirmed the group’s use of recycled — but highly efficient — tactics, including disabling endpoint protection, deleting shadow copies and clearing logs to suppress detection and response. Unlike many ransomware groups that rely on affiliates in a ransomware-as-a-service (RaaS) model, SafePay appears to operate with centralized control, managing its own operations, infrastructure and negotiations."
      https://www.acronis.com/en-us/tru/posts/safepay-ransomware-the-fast-rising-threat-targeting-msps/
    • Wipe, Leak, Extort: The Crazy Hybrid Playbook Of Anubis Ransomware
      "Anubis is a ransomware-as-a-service (RaaS) operation that emerged in December 2024, and quickly distinguished itself by integrating file-wiping capabilities alongside the traditional encryption and data exfiltration. The group operates multiple affiliate programs with revenue splits ranging from 50% to 80%, and targets multiple sectors in several countries, including Australia, Canada, Peru and the United States."
      https://blog.barracuda.com/2025/07/11/wipe--leak--extort--the-crazy-hybrid-playbook-of-anubis-ransomwa

    Breaches/Hacks/Leaks

    • Albemarle Latest Virginia County Hit With Ransomware
      "Phone and technology outages that plagued Albemarle County last month were caused by a ransomware attack, officials said in a statement on Friday. The county warned residents that it “appears likely” the hackers accessed the data of local government and public school employees — including their driver’s license numbers, Social Security numbers, passport numbers, military IDs and more. Some of the 112,000 residents of the county, home to the city of Charlottesville, also may have had their names, addresses and Social Security numbers exposed. The county said it is still conducting its investigation into the ransomware attack, which was initially discovered on the morning of June 11."
      https://therecord.media/albemarle-virginia-ransomware-attack
    • Hacker Returns Cryptocurrency Stolen From GMX Exchange After $5 Million Bounty Payment
      "The person behind a $42 million theft from decentralized exchange GMX has returned the stolen cryptocurrency in exchange for a $5 million bounty. After the theft came to light on Wednesday, GMX promised the hacker not to pursue litigation if the funds were returned. “You've successfully executed the exploit; your abilities in doing so are evident to anyone looking into the exploit transactions,” the company said in a subsequent note on Thursday."
      https://therecord.media/hacker-returns-stolen-gmx-bounty
    • Exploiting Public APP_KEY Leaks To Achieve RCE In Hundreds Of Laravel Applications
      "Laravel APP_KEY leaks enable RCE via deserialization attacks. Collaboration with Synacktiv scaled findings to 600 vulnerable applications using 260K exposed keys from GitHub. Analysis reveals 35% of exposures coincide with other critical secrets including database, cloud tokens, and API credentials."
      https://blog.gitguardian.com/exploiting-public-app_key-leaks/
      https://thehackernews.com/2025/07/over-600-laravel-apps-exposed-to-remote.html

    General News

    • Hacktivist Attacks On Critical Infrastructure Grow As New Groups Emerge
      "Hacktivists are increasingly targeting critical infrastructure as they expand beyond the DDoS attacks and website defacements typically associated with ideologically motivated cyberattacks. Cyble’s assessment of the hacktivism threat landscape in the second quarter of 2025 found that industrial control system (ICS) attacks, data breaches, and access-based attacks now comprise 31% of hacktivist attacks, up from 29% in the first quarter (chart below)."
      https://cyble.com/blog/hacktivists-attacks-on-critical-infrastructure/
    • Where Policy Meets Profit: Navigating The New Frontier Of Defense Tech Startups
      "In this Help Net Security interview, Thijs Povel, Managing Partner at Ventures.eu, discusses how the firm evaluates emerging technologies through the lens of defense and resilience. He explains how founders from both defense and adjacent sectors are addressing policy shifts, procurement cycles, and dual-use innovation. Povel also offers guidance for founders on handling slow-moving procurement cycles and proving the business case for resilience solutions."
      https://www.helpnetsecurity.com/2025/07/11/thijs-povel-ventures-eu-dual-use-tech/
    • Employees Are Quietly Bringing AI To Work And Leaving Security Behind
      "While IT departments race to implement AI governance frameworks, many employees have already opened a backdoor for AI, according to ManageEngine. Shadow AI has quietly infiltrated organizations across North America, creating blind spots that even the most careful IT leaders struggle to detect. Despite formal guidelines and sanctioned tools, shadow Al has become the norm rather than the exception. 70% of IT decision makers (ITDMs) have identified unauthorized AI use within their organizations."
      https://www.helpnetsecurity.com/2025/07/11/organizations-shadow-ai-risk/
    • Romania And UK Arrest 14 In British Tax Repayment Scam Probe
      "Police on Thursday arrested 13 individuals in Romania and one in England on suspicion of engaging in a massive tax fraud scheme against Great Britain. The arrests appear to be tied to an operation probing a gang that used phishing attacks against British taxpayers to steal 47 million pounds - $63 million - from His Majesty's Revenue and Customs, the U.K. government agency responsible for collecting taxes. Parliament's Treasury Committee, which oversees the tax collector, slammed HMRC top brass for failing to notify lawmakers about the 2024 losses, which only came to light in June when 100,000 taxpayers received notification that their online accounts had been breached."
      https://www.bankinfosecurity.com/romania-uk-arrest-14-in-british-tax-repayment-scam-probe-a-28943
      https://hackread.com/14-arrested-romania-47-million-uk-tax-phishing-scam/
    • As Cyber-Insurance Premiums Drop, Coverage Is Key To Resilience
      "The cyber-insurance market continues to generate profits for underwriters, but competition in the market and softening demand has led to a decline in the total revenue from premiums for the third straight year in a row — a situation that could work in businesses' favor. Overall, cyber-insurance experts expect premiums to continue to decline in 2025 and likely level off next year, as market economics balance supply and demand. Renewal rates for cyber-insurance policies have declined each quarter for the last three quarters, which is expected to continue, according to credit and economic firm Fitch Ratings."
      https://www.darkreading.com/vulnerabilities-threats/cyber-insurance-premiums-drop-coverage-key-resilience
    • Google Trackers: What You Can Actually Escape And What You Can’t
      "Google is everywhere — in your emails, documents, maps, phone, in your working hours, and even in your leisure time. It’s become a part of our daily lives, and getting out of its ecosystem can feel impossible. But can switching to more privacy-focused options really help an ordinary user break free? Even if you stop using Google products directly, your data might still pass through its servers without your knowledge. Many websites use tools like Google Analytics, embed YouTube videos, run Google ads, or rely on Google Cloud. One common example is reCAPTCHA — countless websites use this tool to verify you’re a human user, and (you guessed it) it belongs to Google, too."
      https://www.safetydetectives.com/blog/google-dependency-and-user-data-tracking/
      https://hackread.com/new-study-google-tracking-persists-privacy-tools/
    • Behind The Code: How Developers Work In 2025
      "How are developers working in 2025? Docker surveyed over 4,500 people to find out, and the answers are a mix of progress and ongoing pain points. AI is gaining ground but still unevenly used. Security is now baked into everyday workflows. Most devs have left local setups behind in favor of cloud environments. And while tools are improving, coordination, planning, and time estimation still slow teams down."
      https://www.helpnetsecurity.com/2025/07/11/docker-2025-developer-trends/
    • July 2025 Breaks a Decade Of Monthly Android Patches
      "Google this week announced that no security patches have been released for Android, Pixel devices, and other Android-based platforms this month, ending a decade-long streak of security updates. As customary in the first week of each month, security bulletins were published for the core Android operating system, as well as for Pixel devices, Android Automotive OS (AAOS), Wear OS, and Pixel Watch, but they all contain the same message: there are no security patches in the July 2025 bulletin. This is the first month without security updates since Google started rolling out monthly Android fixes in August 2015, looking to make the mobile operating system safer for both users and vendors."
      https://www.securityweek.com/july-2025-breaks-a-decade-of-monthly-android-patches/
    • You Have a Fake North Korean IT Worker Problem - Here's How To Stop It
      "By now, the North Korean fake IT worker problem is so ubiquitous that if you think you don't have any phony resumes or imposters in your interview queue, you're asleep at the wheel. "Almost every CISO of a Fortune 500 company that I've spoken to — I'll just characterize as dozens that I've spoken to — have admitted that they had a North Korean IT worker problem," said Mandiant Consulting CTO Charles Carmakal during a threat-intel roundtable, admitting that even Mandiant's parent company Google is not immune. "We have seen this in our own pipelines," added Iain Mulholland, Google Cloud's senior director of security engineering."
      https://www.theregister.com/2025/07/13/fake_it_worker_problem/

    อ้างอิง
    Electronic Transactions Development Agency(ETDA) 3c510882-3c2c-495a-a933-93a38db9d167-image.png

    โพสต์ใน Cyber Security News
  • Cyber Threat Intelligence 11 July 2025

    Industrial Sector

    • CISA Releases Thirteen Industrial Control Systems Advisories
      "CISA released thirteen Industrial Control Systems (ICS) advisories on July 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
      ICSA-25-191-01 Siemens SINEC NMS
      ICSA-25-191-02 Siemens Solid Edge
      ICSA-25-191-03 Siemens TIA Administrator
      ICSA-25-191-04 Siemens SIMATIC CN 4100
      ICSA-25-191-05 Siemens TIA Project-Server and TIA Portal
      ICSA-25-191-06 Siemens SIPROTEC 5
      ICSA-25-191-07 Delta Electronics DTM Soft
      ICSA-25-191-08 Advantech iView
      ICSA-25-191-09 KUNBUS RevPi Webstatus
      ICSA-25-191-10 End-of-Train and Head-of-Train Remote Linking Protocol"
      https://www.cisa.gov/news-events/alerts/2025/07/10/cisa-releases-thirteen-industrial-control-systems-advisories

    Vulnerabilities

    Malware

    Breaches/Hacks/Leaks

    • McDonald’s AI Hiring Tool McHire Leaked Data Of 64 Million Job Seekers
      "A vulnerability in McHire, the AI-powered recruitment platform used by a vast majority of McDonald’s franchisees, exposed the personal information of over 64 million job applicants. The vulnerability, discovered by security researchers Ian Carroll and Sam Curry, allowed unauthorised access to sensitive data, including names, email addresses, phone numbers, and home addresses. The investigation began after reports surfaced on Reddit about the McHire chatbot, named Olivia and developed by Paradox.ai, giving strange responses. Researchers quickly found two critical weaknesses. First, the administration login for restaurant owners on McHire accepted easily guessable default credentials: “123456” for both username and password. This simple entry granted them administrator access to a test restaurant account within the system."
      https://hackread.com/mcdonalds-ai-hiring-tool-mchire-leaked-job-seekers-data/
      https://www.malwarebytes.com/blog/news/2025/07/mcdonalds-ai-bot-spills-data-on-job-applicants

    General News

    อ้างอิง
    Electronic Transactions Development Agency(ETDA) 5ceb878a-6263-4f6c-8467-f80d72c3d354-image.png

    โพสต์ใน Cyber Security News
  • Cyber Threat Intelligence 10 July 2025

    Financial Sector

    • June 2025 Security Issues In Korean & Global Financial Sector
      "This report comprehensively covers actual cyber threats and security issues related to financial companies in South Korea and abroad. This article includes an analysis of malware and phishing cases distributed to the financial sector, the top 10 malware strains targeting the financial sector, and the industry statistics of leaked Korean accounts on Telegram. A detailed look into the phishing email distribution case targeting the financial sector is also covered."
      https://asec.ahnlab.com/en/88936/

    Industrial Sector

    • ICS Patch Tuesday: Vulnerabilities Addressed By Siemens, Schneider, Phoenix Contact
      "July 2025 Patch Tuesday ICS security advisories have been published by Siemens, Schneider Electric and Phoenix Contact. Siemens has released nine new advisories, as well as a security bulletin urging customers to take steps to secure their industrial control systems (ICS) amid an increasing threat to the operational technology (OT) landscape. The alert cites the current geopolitical situation and references a recent US government alert warning organizations about a potential surge in attacks by Iran. The industrial giant also informed customers that its Sentron Powermanager and Desigo CC devices are not affected by a recently disclosed remote code execution vulnerability in Apache Tomcat."
      https://www.securityweek.com/ics-patch-tuesday-vulnerabilities-addressed-by-siemens-schneider-phoenix-contact-2/
    • Key Findings From The Fortinet 2025 Operational Technology Security Report
      "The IT/OT air gap is largely gone. Once isolated OT systems are now deeply interconnected with enterprise IT environments. And as these industrial systems continue to modernize, they have become increasingly vulnerable to threat actors. That reality has put OT cybersecurity squarely on the radar of executives, regulators, and adversaries alike. Fortinet’s 2025 State of Operational Technology and Cybersecurity Report provides a detailed examination of how organizations are addressing the increasing risks faced by today’s OT networks. Based on a global survey of more than 550 OT professionals across manufacturing, energy, transportation, and other critical sectors, the report captures the current state of OT security, including the progress made, the pressure OT teams still face, and the priorities shaping the future of OT environments. This seventh installment of the report includes four years of trending data to identify emerging trends in OT cybersecurity."
      https://www.fortinet.com/blog/business-and-technology/key-findings-from-the-fortinet-2025-operational-technology-security-report

    New Tooling

    • Kanvas: Open-Source Incident Response Case Management Tool
      "Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet of Doom) or similar files, so they can handle key tasks without jumping between different programs. “At its core, the tool leverages Excel as the backend. It includes a note-taking features that uses Markdown, allowing investigators to write structured, portable notes. These notes can be easily exported or shared in .md format, ensuring that documentation remains accessible even without the tool,” Jinto Antony, the author of the tool and Senior Investigator, Incident Response at WithSecure, told Help Net Security."
      https://www.helpnetsecurity.com/2025/07/09/kanvas-open-source-incident-response-case-management-tool/
      https://github.com/WithSecureLabs/Kanvas

    Vulnerabilities

    • Critical RCE Vulnerability In Mcp-Remote: CVE-2025-6514 Threatens LLM Clients
      "The JFrog Security Research team has recently discovered and disclosed CVE-2025-6514 – a critical (CVSS 9.6) security vulnerability in the mcp-remote project – a popular tool used by Model Context Protocol clients. The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it initiates a connection to an untrusted MCP server, posing a significant risk to users – a full system compromise. mcp-remote is a proxy that enables Large Language Model (LLM) hosts such as Claude Desktop to communicate with remote MCP servers, even if natively they only support communicating with local MCP servers."
      https://jfrog.com/blog/2025-6514-critical-mcp-remote-rce-vulnerability/
      https://www.bankinfosecurity.com/serious-flaws-patched-in-model-context-protocol-tools-a-28924
    • Ivanti, Fortinet, Splunk Release Security Updates
      "Ivanti, Fortinet, and Splunk on Tuesday announced patches for dozens of vulnerabilities across their product portfolios, including critical- and high-severity flaws. Security updates released for Ivanti Connect Secure (ICS) and Policy Secure (IPS), Endpoint Manager Mobile (EPMM), and Endpoint Manager (EPM) resolve a total of 11 bugs that require authentication to be exploited. The EPM update resolves three high-severity defects that could allow attackers to decrypt other users’ passwords or read arbitrary data from the database, while the EPMM refresh fixes two high-severity OS command injection flaws leading to remote code execution."
      https://www.securityweek.com/ivanti-fortinet-splunk-release-security-updates/
    • Ruckus Virtual SmartZone (vSZ) And Ruckus Network Director (RND) Contain Multiple Vulnerabilities
      "Multiple vulnerabilities have been identified in Ruckus Wireless management products, specifically Virtual SmartZone (vSZ) and Network Director (RND), including authentication bypass, hardcoded secrets, arbitrary file read by authenticated users, and unauthenticated remote code execution. These issues may allow full compromise of the environments managed by the affected software. At this time, we have not able to reach Ruckus Wireless or their parent company to include their response to these disclosed vulnerabilities, we recommend using these products only within isolated management networks accessible to trusted users."
      https://kb.cert.org/vuls/id/613753
      https://www.bleepingcomputer.com/news/security/ruckus-networks-leaves-severe-flaws-unpatched-in-management-devices/
      https://www.securityweek.com/unpatched-ruckus-vulnerabilities-allow-wireless-environment-hacking/
    • Count(er) Strike – Data Inference Vulnerability In ServiceNow
      "Varonis Threat Labs discovered a high-severity vulnerability in ServiceNow’s platform that could lead to significant data exposure and exfiltration, including PII, credentials, and other sensitive information. ServiceNow is a widely used platform with 85% of its customer base being in the Fortune 500. Our researchers were able to exploit the record count UI element on list pages, using enumeration techniques and query filters to infer and expose sensitive data from various tables within ServiceNow."
      https://www.varonis.com/blog/counter-strike-servicenow
      https://www.bleepingcomputer.com/news/security/new-servicenow-flaw-lets-attackers-enumerate-restricted-data/
    • An NVIDIA Container Bug & Chance To Harden Kubernetes
      "A once-dangerous NVIDIA Container Toolkit vulnerability showcases how to harden Kubernetes clusters against container escape. On Aug. 6 at Black Hat USA in Las Vegas, researchers from Wiz will host the session "Breaking Out of The AI Cage: Pwning AI Providers with NVIDIA Vulnerabilities." The talk expands on research the vendor published last September dedicated to CVE-2024-0132, a NVIDIA Container Toolkit time-of-check to time-of-use (TOCTOU) vulnerability that would have enabled container escapes for AI and cloud providers that use the popular open source component."
      https://www.darkreading.com/cloud-security/nvidia-container-bug-harden-kubernetes
    • AMD Warns Of New Meltdown, Spectre-Like Bugs Affecting CPUs
      "AMD is warning users of a newly discovered form of side-channel attack affecting a broad range of its chips that could lead to information disclosure. Akin to Meltdown and Spectre, the Transient Scheduler Attack (TSA) comprises four vulnerabilities that AMD said it discovered while looking into a Microsoft report about microarchitectural leaks. The four bugs do not appear too venomous at face value – two have medium-severity ratings while the other two are rated "low." However, the low-level nature of the exploit's impact has nonetheless led Trend Micro and CrowdStrike to assess the threat as "critical.""
      https://www.theregister.com/2025/07/09/amd_tsa_side_channel/
      https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html

    Malware

    • June 2025 Malware Spotlight: Discord Exploits Lead To Rising Threats
      "Cyber criminals continue to innovate, with a recent innovation involving the hijacking of expired Discord vanity invite links to silently deliver malicious payloads. This new campaign, discovered by Check Point Research, delivers AsyncRAT, now ranked number 3 among Top Malware for June. Using trusted platforms such as GitHub, Bitbucket, and Discord for payload delivery and data exfiltration, the attackers have devised an advanced multi-stage malware delivery system, including ClickFix phishing tactics and ChromeKatz to bypass encryption mechanisms. These developments underscore the ever-evolving nature of cyber threats, with SafePay remaining a top ransomware threat and the education sector continuing to face significant risks."
      https://blog.checkpoint.com/research/june-2025-malware-spotlight-discord-exploits-lead-to-rising-threats/
    • New AI Malware PoC Reliably Evades Microsoft Defender
      "A soon-to-be-released security evasion tool will help red teamers and hackers consistently bypass Microsoft Defender for Endpoint. Since November 2023, doomsayers have foretold of a future where large language models (LLMs) would help hackers develop malware more quickly, at scale, with capabilities beyond what humans could probably design on their own. That future hasn't quite materialized yet; hackers thus far have used artificial intelligence (AI) to generate simple malware and phishing content, and to aid in supplementary tasks like target research."
      https://www.darkreading.com/endpoint-security/ai-malware-poc-evades-microsoft-defender
      From Click To Compromise: Unveiling The Sophisticated Attack Of DoNot APT Group On Southern European * * Government Entities
      "The DoNot APT group, also identified by various security vendors as APT-C-35, Mint Tempest, Origami Elephant, SECTOR02, and Viceroy Tiger, has been active since at least 2016, and has been attributed by several vendors to have links to India. The global cybersecurity landscape is continually challenged by state-sponsored threat actors conducting espionage operations. The DoNot APT group (also known as APT-C-35), is believed to operate with a focus on South Asian geopolitical interests. This threat group typically targets government entities, foreign ministries, defense organizations, and NGOs especially those in South Asia and Europe."
      https://www.trellix.com/blogs/research/from-click-to-compromise-unveiling-the-sophisticated-attack-of-donot-apt-group-on-southern-european-government-entities/
      https://thehackernews.com/2025/07/donot-apt-expands-operations-targets.html
      https://securityaffairs.com/179774/apt/donot-apt-is-expanding-scope-targeting-european-foreign-ministries.html
    • Fake CNN And BBC Sites Used To Push Investment Scams
      "Cybercriminals are faking popular news websites such as CNN, BBC and CNBC to trick people into investing in fraudulent cryptocurrency schemes, according to a new report. Researchers at Bahrain-based cybersecurity firm CTM360 said they identified more than 17,000 such sites, which publish fake stories featuring prominent public figures, including national leaders and central bank governors. The articles falsely linked those figures to “fabricated investment schemes in order to build trust and get engagement from victims,” the researchers said."
      https://therecord.media/news-websites-faked-to-spread-investment-scams

    Breaches/Hacks/Leaks

    General News

    • June 2025 Trend Report On The Deep Web & Dark Web
      "The June 2025 trend report on the Deep Web & Dark Web is composed of the following topics: Ransomware, Data Breach, DarkWeb, CyberAttack, and Threat Actor. Please note that some of the information in the report may not be verifiable."
      https://asec.ahnlab.com/en/88933/
    • Why Your Security Team Feels Stuck
      "Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or blocked apps that send workers into the arms of shadow IT. But there’s a different kind of friction happening behind the scenes, and it’s hitting security teams themselves. It shows up during incident response, threat hunting, and day-to-day tasks. It’s the drag of too many tools, rigid approval chains, and a lack of clarity about who owns what. The irony is hard to ignore. In the name of securing the organization, security teams can end up slowed down by their own systems."
      https://www.helpnetsecurity.com/2025/07/09/why-cybersecurity-friction/
    • Know Your Enemy: Understanding Dark Market Dynamics
      "In popular culture, content providers portray the Dark Web as a sinister, unorganized Internet forum run by shadowy figures in hoodies. By all accounts, it is a hub of illegal activity. Reports show that 56.8% of content found on the Dark Web is illegal, 20% of global drug sales occur on Dark Web markets, and 60% of Dark Web marketplaces focus on cybercrime-related activities."
      https://www.darkreading.com/vulnerabilities-threats/understanding-dark-market-dynamics
    • Chatgpt Guessing Game Leads To Users Extracting Free Windows OS Keys & More
      "In a recent submission last year, researchers discovered a method to bypass AI guardrails designed to prevent sharing of sensitive or harmful information. The technique leverages the game mechanics of language models, such as GPT-4o and GPT-4o-mini, by framing the interaction as a harmless guessing game. By cleverly obscuring details using HTML tags and positioning the request as part of the game’s conclusion, the AI inadvertently returned valid Windows product keys. This case underscores the challenges of reinforcing AI models against sophisticated social engineering and manipulation tactics."
      https://0din.ai/blog/chatgpt-guessing-game-leads-to-users-extracting-free-windows-os-keys-more
      https://www.theregister.com/2025/07/09/chatgpt_jailbreak_windows_keys/

    อ้างอิง
    Electronic Transactions Development Agency(ETDA) 0c00b199-3dcb-4f60-b9f6-371bf928a262-image.png

    โพสต์ใน Cyber Security News
  • Cyber Threat Intelligence 09 July 2025

    Industrial Sector

    Vulnerabilities

    Malware

    Breaches/Hacks/Leaks

    General News

    • Exposure Management Is The Answer To: “Am I Working On The Right Things?”
      "In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment and prioritization. He also explains how PlexTrac’s platform streamlines the reporting process and enables teams to collaborate more effectively to speed up remediation. DeCloss looks forward to widespread adoption of Continuous Threat Exposure Management, believing it will help close the gap on unidentified vulnerabilities through continuous, contextual, and risk-informed security programs."
      https://www.helpnetsecurity.com/2025/07/08/dan-decloss-plextrac-exposure-management-strategy/
    • Cyberattacks Are Changing The Game For Major Sports Events
      "Sports fans and cybercriminals both look forward to major sporting events, but for very different reasons. Fake ticket sites, stolen login details, and DDoS attacks are common ways criminals try to make money or disrupt an event. Events like the FIFA World Cup, the Olympics, and major sports leagues pull in millions of viewers. The 2026 FIFA World Cup is expected to draw over 5.5 million fans in person, with 6 billion more engaging worldwide with the newly expanded 48-team tournament, generating massive online traffic across platforms such as ticketing, betting, streaming, and merchandise sales."
      https://www.helpnetsecurity.com/2025/07/08/sport-events-cybercrime/
    • CISOs Urged To Fix API Risk Before Regulation Forces Their Hand
      "Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report, API Security at a Turning Point, draws on a detailed assessment of 68 organizations across industries. It deliberately excludes regulated environments like UK Open Banking, where advanced security is mandated. The goal was to understand how typical businesses, those without regulatory pressure, are protecting their APIs. The results aren’t encouraging."
      https://www.helpnetsecurity.com/2025/07/08/report-enterprise-api-security-risks/
    • Combolists And ULP Files On The Dark Web: A Secondary And Unreliable Source Of Information About Compromises
      "Combolists and URL-Login-Password (ULP) files have existed since the earliest user data leaks. These files offer a convenient format for storing and distributing compromised credentials — typically just a username (or email) and password — where all “unnecessary” information is removed. It’s simplicity makes them ideal tools for cybercriminals launching attacks such as credential stuffing, phishing, and other forms of account-based exploitation. With the advent of modern infostealers, stealing login credentials has become easier and more automated than ever. At the same time, distributing stolen data has been simplified through platforms like dark web forums, file-sharing services, and Telegram channels."
      https://www.group-ib.com/blog/combolists-ulp-darkweb/
    • Sanctions Imposed On DPRK IT Workers Generating Revenue For The Kim Regime
      "Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Song Kum Hyok, (Song), a malicious cyber actor associated with the sanctioned Democratic People’s Republic of Korea (DPRK) Reconnaissance General Bureau (RGB) hacking group Andariel. Song facilitated an information technology (IT) worker scheme in which individuals, often DPRK nationals working from countries such as China and Russia, were recruited and provided with falsified identities and nationalities to obtain employment at unwitting companies to generate revenue for the DPRK regime. In some cases, these DPRK IT workers have been known to introduce malware into company networks for additional exploitation. OFAC is also sanctioning one individual and four entities involved in a Russia-based IT worker scheme that has generated revenue for the DPRK."
      https://home.treasury.gov/news/press-releases/sb0190
      https://therecord.media/north-korea-it-worker-scheme-us-sanctions-song-kum-hyok
      https://cyberscoop.com/treasury-slaps-sanctions-on-people-companies-tied-to-north-korean-it-worker-schemes/
    • Open Source Malware Index Q2 2025: Data Exfiltration Remains a Leading Threat
      "In the second quarter of 2025, Sonatype uncovered 16,279 pieces of open source malware, bringing the total number of malicious packages identified by our automated detection systems to 845,204 and counting. Once again, data exfiltration emerged as the dominant tactic, reinforcing a persistent and growing trend in software supply chain attacks targeting developers and CI/CD environments."
      https://www.sonatype.com/blog/open-source-malware-index-q2-2025
      https://www.darkreading.com/application-security/malicious-open-source-packages-spike
      https://www.infosecurity-magazine.com/news/malicious-open-source-surge-188/
    • 4 Critical Steps In Advance Of 47-Day SSL/TLS Certificates
      "The CA/Browser Forum's decision to reduce SSL/TLS certificate lifespans to just 47 days by 2029 is set to fundamentally change how organizations manage digital trust. While the full impact will unfold over several years, the transition begins much sooner, with certificate validity dropping to 200 days in less than a year (March 2026). This accelerated timeline means IT teams have a small window of time to prepare for these sweeping changes. To navigate this shift successfully and avoid operational disruptions, organizations must focus on a few key steps over the next 100 days."
      https://www.darkreading.com/cyberattacks-data-breaches/critical-steps-advance-ssl-tls-certificates
    • Iranian Ransomware Group Offers Bigger Payouts For Attacks On Israel, US
      "An Iranian ransomware gang has ramped up operations amid heightened tensions in the Middle East, offering larger profit shares to affiliates who carry out cyberattacks against Israel and the U.S., researchers said. The group, known as Pay2Key.I2P, is believed to be a successor to the original Pay2Key operation, which has been linked to Iran’s state-backed Fox Kitten hacking group. Fox Kitten has previously carried out cyber-espionage campaigns targeting Israeli and U.S. organizations. According to a new report from cybersecurity firm Morphisec, Pay2Key.I2P has adopted a ransomware-as-a-service model and claims to have collected more than $4 million in payments over the past four months."
      https://therecord.media/iran-ransomware-group-pay2keyi2p-israel-us-targets
      https://engage.morphisec.com/hubfs/Pay2Key_Iranian_Cyber_Warfare_Targets_the_West_Whitepaper.pdf
    • June 2025 Trends Report On Phishing Emails
      "This report provides the distribution quantity, statistics, trends, and case information on phishing emails and email threats collected and analyzed for one month in June 2025. The following are some statistics and cases included in the original report."
      https://asec.ahnlab.com/en/88919/
    • Statistics Report On Malware Targeting Windows Database Servers In The Q2 2025
      "The AhnLab SEcurity intelligence Center (ASEC) analysis team is responding to and categorizing attacks targeting MS-SQL and MySQL servers installed on Windows operating systems using the AhnLab Smart Defense (ASD) infrastructure. This post covers the damage and statistics of attacks that occurred on MS-SQL and MySQL servers in the second quarter of 2025 based on the logs. It also classifies the malware used in each attack and provides detailed statistics."
      https://asec.ahnlab.com/en/88920/
    • Statistics Report On Malware Targeting Windows Web Servers In Q2 2025
      "AhnLab SEcurity intelligence Center (ASEC) is responding to and categorizing attacks targeting poorly managed Windows web servers by utilizing their AhnLab Smart Defense (ASD) infrastructure. This post will cover the damage status of Windows web servers that have become attack targets and the statistics of attacks launched against these servers, based on the logs identified in the second quarter of 2025. It will also provide detailed statistics by categorizing the malware strains used in each attack."
      https://asec.ahnlab.com/en/88925/
    • Statistics Report On Malware Targeting Linux SSH Servers In Q2 2025
      "AhnLab SEcurity intelligence Center (ASEC) is using a honeypot to respond to and categorize brute-force and dictionary attacks that target poorly managed Linux SSH servers. This post covers the status of the attack sources identified in logs from the second quarter of 2025 and the statistics of attacks performed by these sources. It also classifies the malware used in each attack and provides detailed statistics."
      https://asec.ahnlab.com/en/88927/

    อ้างอิง
    Electronic Transactions Development Agency(ETDA) e14df195-8f6e-4c39-9088-09a9452fe539-image.png

    โพสต์ใน Cyber Security News