Last week's Cyber Casebook -2022 Cyber Security Month "Macross" tie -up

From February 1st, "2022 Cyber Security Month", a tie -up plan with Macross

The Cabinet Cyber Security Center's portal site, NISC, has positioned the Cyber Security Month from February 1st to March 18, 2022, calling for the Childoperation of cyber security.

The catchphrase is "know, protect, and Childntinue".The Childmpany says that it "knows" the Internet points, "protects" from cyber security threats, and Childntinues to take measures against threats to all the people.In addition, the hashtag "#Cyber Security is all participation" will be spread as a catchphrase, and spreading activities will be spread.

In this "Cyber Security Month", a tie -up project with the anime work "Macross" series is also implemented.Posters, digital signage images, banners, etc. can be used.

Sekisui House infects a PC in the group with "EMOTET"

Sekisui House revealed on January 28 that some PCs in the group were infected with "EMOTET".This has spread emails that have beChildme employees of the group.

The spoofing email was sent to several people who had Childntacted the Childmpany's group employees by e -mail.In order to distinguish whether it is a spoofed e -mail, it is necessary to Childmpare the sender's name display and the e -mail address.

Specifically, although the sender is the name of the Childmpany's group employee, the group (***** Sekisuihousee).Child.This is a case, such as when it is transmitted from a different email address from JP).

When the spoofed email arrives, the company has alerted it not to open the attached file (Excel or word format) or click the URL in the text.When a suspicious email arrives, he is calling for deleting the entire email without opening it.

Sekisui House Group encountered this situation as he was promoting suspicious email blocks as a computing countermeasure against computer virus.In the future, we will further strengthen information security measures.

The IP system in Tokyo Tokyo receives unauthorized access and leaked information

A -One Tokyo's "IP System" received unauthorized access from the outside.It was discovered on January 1, 2022 that all store accounts could not be accessed.It is said that several spam of threatening threat to Awan Tokyo arrived in the email address of the company's recruitment.

As a result of a survey of system logs, as of December 31, 2021, data on customer information, job applicants, and staff information registered in the database was extracted.Details include name, age, gender, telephone number, email address, etc.

The company explained the apology and outline to the applicable person, and also provided measures for some system security.People whose email address has been leaked may receive spam, so if you receive suspicious emails, we are calling for measures to remove emails and do not click the link in the email.

Daicel, server used in groups, unauthorized access damage

The server operated by the Daisel Group received unauthorized access.As a result, some of the information stored in the server may have leaked to the outside.

Unauthorized access occurred on December 22, 2021.After confirming unauthorized access, the company cut off the route to prevent information leakage.We took measures and started investigating an external specialized organization.

Regarding the outflow status, we are investigating whether customer personal information is included or whether important information of business partners is included.As soon as the information to be announced, the situation will be revealed again.

About 280,000 e -mail addresses leaked due to unauthorized access to the web server.

A web server that operates the Ninoken homepage has received unauthorized access.This may have leaked the email address.

Unauthorized access is based on SQL injection and occurred around early 2021.As a result of the survey, there is a possibility that up to 280,106 e -mail addresses may be leaked.Name, address, phone number, date of birth, account information, grade information, aspiring schools, etc. have not been leaked.

For web pages managed by the company, access control has been enhanced to all pages immediately after confirming unauthorized access.We are taking measures to identify the vulnerability.

The company has called for a parent to delete a suspicious email from a suspicious email, saying that spam emails, phishing fraud emails, etc. may be sent due to the spilled email address.

Be careful of fishing that tricks TS Cubic Card

As of February 4, phishing emails that deceive TS Cubic Card are spreading.The subject of the email is as follows.

The email states that the service is upgraded to the "TS Cubic Card" member, so that the service is stopped until the personal information is re -authenticated.Guide to click the URL described in order to perform authentication within 24 hours.Links have an ID, password, and credit card information input field at the link.

The fishing site is running as of February 4th.Please note that we have seen similar phishing emails related to Toyota and ENEOS.