2022.12.03 보안 이슈

==2022.12.03==

- Top 3 Non-Technical Cybersecurity Trends for 2023

https://www.trendmicro.com/en_us/ciso/22/l/cybersecurity-trends-2023.html

- 내년 주요 사이버위협은…'피싱 공격 이메일→협업툴 확대'

https://www.newstong.co.kr/view3.aspx?seq=11285227

- Police arrest 55 members of 'Black Panthers' SIM Swap gang

https://www.bleepingcomputer.com/news/security/police-arrest-55-members-of-black-panthers-sim-swap-gang/

- How Windows 11's Enhanced Phishing Protection guards your password

https://www.bleepingcomputer.com/news/microsoft/how-windows-11s-enhanced-phishing-protection-guards-your-password/

- Hackers Use Archive Files and HTML Smuggling to Bypass Detection Tools

https://www.infosecurity-magazine.com/news/archives-and-html-smuggling-to/

- Samsung, LG, Mediatek certificates compromised to sign Android malware

https://www.bleepingcomputer.com/news/security/samsung-lg-mediatek-certificates-compromised-to-sign-android-malware/

- 남북 외교안보 학술회의로 위장한 북한 해킹 공격 포착!

https://www.boannews.com/media/view.asp?idx=112194&kind=1&sub_kind=

- Russian Hackers Steal 50 Million Passwords From 111 Countries Using Infostealer Malware

https://www.cpomagazine.com/cyber-security/russian-hackers-steal-50-million-passwords-from-111-countries-using-infostealer-malware/

- 고 언어 기반 멀웨어 레디고, 레디스 서버 공략 중

https://www.boannews.com/media/view.asp?idx=112196&kind=1&sub_kind=

https://www.bleepingcomputer.com/news/security/new-redigo-malware-drops-stealthy-backdoor-on-redis-servers/

- New DuckLogs malware service claims having thousands of ‘customers’

https://www.bleepingcomputer.com/news/security/new-ducklogs-malware-service-claims-having-thousands-of-customers-/

- 쿠바 랜섬웨어, 100여 개 피해 조직으로부터 6천만 달러 갈취

https://www.boannews.com/media/view.asp?idx=112198&kind=1&sub_kind=

https://www.bleepingcomputer.com/news/security/fbi-cuba-ransomware-raked-in-60-million-from-over-100-victims/

- 트리고나 랜섬웨어, 전 세계적으로 활동량 늘리는 중

http://www.boannews.com/media/view.asp?idx=112120

- Hackers Target Colombia's Healthcare System With Ransomware

https://www.infosecurity-magazine.com/news/ransomware-target-colombias-health/

- 틱톡의 인비저블 챌린지 통해 멀웨어 퍼진다

http://www.boannews.com/media/view.asp?idx=112116

- Kaspersky Security Bulletin 2022. Statistics

https://securelist.com/ksb-2022-statistics/108129/

- [주말판] 인공지능의 보안 측면에서의 치명적 한계 : 학습 과정의 개입

http://www.boannews.com/media/view.asp?idx=111914

- 클라우드 보안이 점점 더 어려워지는 이유? 멀티 클라우드 때문

http://www.boannews.com/media/view.asp?idx=112170

- 2022년에만 두 번째...라스트패스에서 또 정보 침해 사고

https://www.boannews.com/media/view.asp?idx=112199&kind=1&sub_kind=

https://www.bleepingcomputer.com/news/security/lastpass-says-hackers-accessed-customer-data-in-new-breach/

- 암호화 기술 제공 업체 ENC시큐리티, 1년 넘게 중요 데이터 노출시켜

https://www.boannews.com/media/view.asp?idx=112158&kind=1&sub_kind=

- 무관심과 욕심 속에 무럭무럭 자라나고 있는 보안 업계 내 회색 시장

http://www.boannews.com/media/view.asp?idx=112167

- 새롭게 등장한 멀웨어 프레임워크, 개발한 곳은 스페인의 IT 회사

http://www.boannews.com/media/view.asp?idx=112163

https://www.bleepingcomputer.com/news/security/google-discovers-windows-exploit-framework-used-to-deploy-spyware/

- 가짜 코로나 추적 앱 통해 퍼지는 퍼니셔 랜섬웨어

http://www.boannews.com/media/view.asp?idx=112119

- Android and iOS apps with 15 million installs extort loan seekers

https://www.bleepingcomputer.com/news/security/android-and-ios-apps-with-15-million-installs-extort-loan-seekers/

- Majority of US Defense Contractors Not Meeting Basic Cybersecurity Requirements

https://www.infosecurity-magazine.com/news/us-defense-contractors/

- 중국 해커들로 의심되는 조직, USB 드라이브 통해 멀웨어 퍼트려

https://www.boannews.com/media/view.asp?idx=112160&kind=1&sub_kind=

https://www.infosecurity-magazine.com/news/hackers-target-southeast-asia-with/

- 북한의 해커들, 새로운 돌핀 백도어 이용해 한국 공격

https://www.boannews.com/media/view.asp?idx=112161&kind=1&sub_kind=

https://thehackernews.com/2022/12/north-korea-hackers-using-new-dolphin.html

https://www.bleepingcomputer.com/news/security/new-windows-malware-also-steals-data-from-victims-mobile-phones/

- 사이버 범죄단 체포하기 위한 국제 공조, “어떤 나라도 혼자 할 수 없다”

https://www.boannews.com/media/view.asp?idx=112076&kind=1&sub_kind=

- Hacker attempts to sell data of 500 million WhatsApp users on dark web

https://www.cshub.com/attacks/news/hacker-attempts-to-sell-data-of-500m-whatsapp-users-on-dark-web

- 웹 로그인시 새로운 팝업? ‘피싱’ 의심 우선! 팝업형 피싱 공격 증가

https://www.boannews.com/media/view.asp?idx=112125&kind=1&sub_kind=

https://www.dailysecu.com/news/articleView.html?idxno=141681

- 메타, 페이스북에서의 데이터 스크랩 건으로 2억 6500만 유로의 벌금형 처해

https://www.boannews.com/media/view.asp?idx=112070&kind=1&sub_kind=

- 새로운 BMC 펌웨어 오류들 십여 개 등장하며 OT와 IoT에 빨간불

https://www.boannews.com/media/view.asp?idx=112069&kind=1&sub_kind=

- 디스코드를 C&C로 활용하는 RedLine Infostealer 주의!

https://blog.alyac.co.kr/4999

- Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

https://securityaffairs.co/wordpress/139085/cyber-crime/iabs-offers-access-via-fortinet-products.html

- AWS 앱싱크에서 위험한 취약점 발견돼

https://www.boannews.com/media/view.asp?idx=112068&kind=1&sub_kind=

- 국제 공조로 아프리카 사이버 범죄 조직 체포하고 인프라 무력화

https://www.boannews.com/media/view.asp?idx=112067&kind=1&sub_kind=

- 北, 해킹으로 미사일 자금 마련…사이버 제재로 막아질까

https://cm.asiae.co.kr/article/2022112910195363721