TSUBAME Report Overflow (Jul-Sep 2025)
ID: 35c97941-2e29-529e-b65a-4f059172eac8
STIX ID: report--35c97941-2e29-529e-b65a-4f059172eac8
Feed Name: JPCERT Blog
### Executive summary: The TSUBAME quarterly overflow report describes monitoring from July–September 2025 that identified suspicious packets and scanning activity originating from devices including NVRs, a domestic enterprise router, and an SDN controller; many devices exposed Web UIs on common ports and sensors across Japan and overseas observed broad scanning (ports 22, 23, 80, 443, 8080, etc.). The report notes potential compromises where port forwarding exposes multiple devices behind single IPs, regional deployment patterns implying uniform configuration, and ongoing monitoring without confirmed remediation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.