2023.03.04 보안 이슈

==2023.03.04==

# 취약점 / 악성코드 

- New FiXS ATM Malware Targeting Mexican Banks

https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html

- New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

https://thehackernews.com/2023/03/new-flaws-in-tpm-20-library-pose-threat.html

- 새로운 크립토재킹 캠페인, 잘못 설정된 레디스 DB 악용

 https://www.boannews.com/media/view.asp?idx=114824&kind=1&sub_kind= 

https://thehackernews.com/2023/03/new-cryptojacking-campaign-leverages.html

- Iron Tiger hackers create Linux version of their custom malware

https://www.bleepingcomputer.com/news/security/iron-tiger-hackers-create-linux-version-of-their-custom-malware/

- 굿로더와 페이크업데이트 멀웨어, 로펌들 노리기 시작해

 https://www.boannews.com/media/view.asp?idx=114778&kind=1&sub_kind= 

https://thehackernews.com/2023/03/cybercriminals-targeting-law-firms-with.html

- 윈도 시큐어 부트 뚫어내는 최초의 멀웨어, 블랙로터스

 https://www.boannews.com/media/view.asp?idx=114783&kind=1&sub_kind= 

https://thehackernews.com/2023/03/blacklotus-becomes-first-uefi-bootkit.html

- Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques

https://thehackernews.com/2023/03/parallax-rat-targeting-cryptocurrency.html

- RDP를 통해 유포 중인 GlobeImposter 랜섬웨어 (with MedusaLocker)

https://asec.ahnlab.com/ko/48621/

- CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

https://thehackernews.com/2023/02/cisa-issues-warning-on-active.html

- 새롭게 등장한 익스플로잇 프레임워크 EX-22, 록빗 랜섬웨어가 개발했을까

 https://www.boannews.com/media/view.asp?idx=114759&kind=1&sub_kind= 

https://www.bleepingcomputer.com/news/security/new-exfiltrator-22-post-exploitation-kit-linked-to-lockbit-ransomware/

- Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers

https://www.infosecurity-magazine.com/news/200000-new-mobile-banking-trojan/

- Lumma Stealer targets YouTubers via Spear-phishing Email

https://medium.com/s2wblog/lumma-stealer-targets-youtubers-via-spear-phishing-email-ade740d486f7

- 공격 성공률 높은 리그 익스플로잇 키트, 새롭게 분석돼

 https://www.boannews.com/media/view.asp?idx=114706&kind=1&sub_kind= 

https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html


- 인기 높은 오픈소스 컨테이너에 초고위험도 취약점 숨어 있어

 https://www.boannews.com/media/view.asp?idx=114633&kind=1&sub_kind= 

- 中 해커조직 ‘샤오치잉’ 악용한 취약점 공격코드, 보안장비에서 탐지 못했다

 https://www.boannews.com/media/view.asp?idx=114625&kind=1&sub_kind= 

- 애플의 생태계에서 발견된 새로운 유형의 취약점, 해결이 쉽지 않다

 https://www.boannews.com/media/view.asp?idx=114627&kind=1&sub_kind= 

- 악성코드 Quasar RAT, 틱톡 조회수 늘리기 프로그램 위장해 유포

 https://www.boannews.com/media/view.asp?idx=114611&kind=1&sub_kind= 

- 퓨어크립터 멀웨어, 정부 기관들을 각종 멀웨어로 감염시키고 있어

 https://www.boannews.com/media/view.asp?idx=114636&kind=1&sub_kind= 

https://www.bleepingcomputer.com/news/security/purecrypter-malware-hits-govt-orgs-with-ransomware-info-stealers/

# 국가지원 해킹그룹

- [단독] “대기업 인사도 피해” 거세지는 北 해킹 공세

 https://news.kmib.co.kr/article/view.asp?arcid=0018013071&code=61111611&cp=zu 

- Chinese Hackers Targeting European Entities with New MQsTTang Backdoor

https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html

- 취약점 공격으로 유포 중인 PlugX 악성코드

https://asec.ahnlab.com/ko/48725/

- PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks

https://thehackernews.com/2023/02/plugx-trojan-disguised-as-legitimate.html

- China Is Relentlessly Hacking Its Neighbors

https://www.wired.com/story/china-hack-emails-asean-southeast-asia/

- APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

https://thehackernews.com/2023/02/apt-c-36-strikes-again-blind-eagle.html

- 공공 기관 및 대학 등에 널리 사용하는 공인인증서 소프트웨어 취약점을 이용한 Lazarus 공격 그룹 공격 사례

https://asec.ahnlab.com/ko/48416/

- CERT of Ukraine says Russia-linked APT backdoored multiple govt sites

https://securityaffairs.com/142678/cyber-warfare-2/cert-of-ukraine-russia-backdoors.html

# 랜섬웨어 / 정보유출

- 미국 연방보안청, 랜섬웨어 공격에 당해 

 http://www.boannews.com/media/view.asp?idx=114766&kind=&sub_kind= 

- Hatch Ba