2022.10.22 보안 이슈

==2022.10.22==

-가트너, ‘2023년 10대 전략 기술’ 발표 

http://www.bikorea.net/news/articleView.html?idxno=35298

- [긴급] 거세지는 北 사이버공격, ‘내PC 돌보미’로 위장한 악성코드 유포! 

http://www.boannews.com/media/view.asp?idx=110854&kind=&sub_kind=

- Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684

https://securityaffairs.co/wordpress/137273/hacking/fortinet-cve-2022-40684-vulnerable-systems.html

- Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

https://securityaffairs.co/wordpress/137243/cyber-crime/oomiya-lockbit-3-0-ransomware.html

- 비너스 랜섬웨어, 노출된 원격 데스크톱 서비스 노려

http://www.boannews.com/media/view.asp?idx=110710

- 인도 최대의 전력 회사, 사이버 공격의 표적이 돼

http://www.boannews.com/media/view.asp?idx=110706

https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html

- Clearview AI gets third €20 million fine for illegal data collection

https://www.bleepingcomputer.com/news/security/clearview-ai-gets-third-20-million-fine-for-illegal-data-collection/

- New Phishing Campaign Targets Saudi Government Service Portal

https://www.infosecurity-magazine.com/news/phishing-campaign-saudi-government/

- Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware

https://thehackernews.com/2022/10/emotet-botnet-distributing-self.html

- Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

https://thehackernews.com/2022/10/multiple-campaigns-exploit-vmware.html

- 데이터베이스 설정 오류로 2.4TB 데이터 유출시킨 마이크로소프트

https://www.boannews.com/media/view.asp?idx=110893&kind=1&sub_kind=

https://securityaffairs.co/wordpress/137397/data-breach/microsoft-data-leak-2.html

- 올드그렘린 랜섬웨어, 수많은 러시아 조직들 공략해

https://www.boannews.com/media/view.asp?idx=110891&kind=1&sub_kind=

- 우크라이나의 기반 시설 공격하는 러시아, 인터넷 통신도 훼방

https://www.boannews.com/media/view.asp?idx=110890&kind=1&sub_kind=

- Health system data breach due to Meta Pixel hits 3 million patients

https://www.bleepingcomputer.com/news/security/health-system-data-breach-due-to-meta-pixel-hits-3-million-patients/

- Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access

https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html

- Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware

https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html

- Software Supply Chain Attacks Soar 742% in Three Years

https://www.infosecurity-magazine.com/news/software-supply-chain-attacks-soar/

- Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update

https://thehackernews.com/2022/10/experts-warn-of-stealthy-powershell.html

- 취약한 아파치 톰캣 웹 서버를 대상으로 설치되는 코인 마이너 악성코드

https://asec.ahnlab.com/ko/40315/

- Chinese 'Spyder Loader' Malware Spotted Targeting Organizations in Hong Kong

https://thehackernews.com/2022/10/chinese-spyder-loader-malware-spotted.html

- European Police Arrest a Gang That Hacked Wireless Key Fobs to Steal Cars

https://thehackernews.com/2022/10/european-police-arrest-gang-that-hacked.html

- 아파치 라이브러리에서 나온 초고위험도 취약점, 로그4셸 될까 주시 중

https://www.boannews.com/media/view.asp?idx=110792&kind=1&sub_kind=

- 새로운 UEFI 펌웨어 툴킷 블랙로터스, 다크웹에 출현

https://www.boannews.com/media/view.asp?idx=110780&kind=1&sub_kind=

https://hothardware.com/news/sinister-blacklotus-uefi-bootkit-for-windows-goes-up-for-sale-on-hacking-forum

- 네덜란드 경찰, 데드볼트 랜섬웨어 공격자 속여 복호화 키 확보

https://www.boannews.com/media/view.asp?idx=110779&kind=1&sub_kind=

https://www.infosecurity-magazine.com/news/deadbolt-ransomware-extorts/

- Qakbot 악성코드, 행위탐지 우회 기능 더해 국내 유포... 이메일 하이재킹 방식

http://www.boannews.com/media/view.asp?idx=110853

- 블랙바스타 랜섬웨어, 큐봇 통해 유포되고 있어

https://www.boannews.com/media/view.asp?idx=110778&kind=1&sub_kind=

https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html

- “업데이트 파일 받으라”... 北, 카카오 대란 하루 만에 해킹 시도했다

https://www.chosun.com/politics/diplomacy-defense/2022/10/18/244DJ5OZ2BHS7G3NBCALUM7BW4/