今週の気になるセキュリティニュース - Issue #218 (04/13) から

Google がロシアの攻撃者グループ UNC5837 による RDP を悪用する攻撃活動について報告

Windows Remote Desktop Protocol: Remote to Rogue (04/08)

https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol/

 

Fortinet が Fortinet 製品の脆弱性を悪用する攻撃活動について報告

Analysis of Threat Actor Activity | Fortinet Blog (04/10)

https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity

 

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA (04/08)

https://www.cisa.gov/news-events/alerts/2025/04/08/cisa-adds-two-known-exploited-vulnerabilities-catalog

…

CVE-2025-29824 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability (04/08-12)

https://www.cve.org/CVERecord?id=CVE-2025-29824

『Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.』

 

Android が複数の脆弱性を修正。すでに悪用が確認されている脆弱性を含む。

Android Security Bulletin—April 2025 | Android Open Source Project (04/07)

https://source.android.com/docs/security/bulletin/2025-04-01

Note: There are indications that the following may be under limited, targeted exploitation.                                                                                    

        CVE-2024-53150

        CVE-2024-53197

 

トランプ大統領が TikTok 禁止法案の施行をさらに 75日間延期

Extending the TikTok Enforcement Delay – The White House (04/04)

https://www.whitehouse.gov/presidential-actions/2025/04/extending-the-tiktok-enforcement-delay/

6/19まで。

 

出典

今週の気になるセキュリティニュース - Issue #218 (04/13)

https://negi.hatenablog.com/entry/2025/04/13/214713