2023.03.25 보안 이슈

==2023.03.25==

# 취약점 / 악성코드 

- MS 제품군, 치명적 취약점 절반 이상 감소··· ‘연쇄 공격’ 조심해야

https://www.ciokorea.com/news/283621#csidxa097e319b85d95f98d48f114169be69 

- Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own

https://www.bleepingcomputer.com/news/security/windows-ubuntu-and-vmware-workstation-hacked-on-last-day-of-pwn2own/

- Kimsuky 그룹, ADS를 활용하여 악성코드 은폐

https://asec.ahnlab.com/ko/50394/

- 가짜 챗GPT 확장자 사칭한 페이크GPT, 페이스북 계정 탈취

 https://www.boannews.com/media/view.asp?idx=115449&kind=1&sub_kind= 

https://www.bleepingcomputer.com/news/security/facebook-accounts-hijacked-by-new-malicious-chatgpt-chrome-extension/

- PoC exploits released for Netgear Orbi router vulnerabilities

https://www.infosecurity-magazine.com/news/android-banking-trojan-nexus-maas/

- New Android Banking Trojan 'Nexus' Promoted As MaaS

https://www.infosecurity-magazine.com/news/android-banking-trojan-nexus-maas/

- 아이스드아이디 악성 워드 문서 악용한 안티 샌드박스 회피 기법 발견

 https://www.boannews.com/media/view.asp?idx=115326&kind=1&sub_kind= 

- New ShellBot bot targets poorly managed Linux SSH Servers

https://securityaffairs.com/143807/cyber-crime/shellbot-targets-linux-ssh-servers.html

- 미라이 봇넷 개발자들의 두 번째 작품, 초강력 디도스 공격 가능해

 https://www.boannews.com/media/view.asp?idx=115356&kind=1&sub_kind= 

- 자산 관리 솔루션 TCO!Stream, 원격 코드 실행 취약점 주의

 https://www.boannews.com/media/view.asp?idx=115331&kind=1&sub_kind= 

- 공인 인증 솔루션 VestCert, 취약점 주의 및 업데이트 필요

 https://www.boannews.com/media/view.asp?idx=115327&kind=1&sub_kind= 

- 공인 인증 솔루션(MagicLine4NX) 취약점 주의 및 업데이트 권고

https://asec.ahnlab.com/ko/50134/

 https://www.boannews.com/media/view.asp?idx=115500&kind=1&sub_kind= 

- 신종 정보 탈취 악성코드 LummaC2, 불법 크랙 위장 유포

https://asec.ahnlab.com/ko/49919/

- General Bytes Bitcoin ATMs hacked using zero-day, $1.5M stolen

https://www.bleepingcomputer.com/news/security/general-bytes-bitcoin-atms-hacked-using-zero-day-15m-stolen/

- 어도비 아크로뱃 서명 악용한 공격자들, 레드라인 멀웨어 퍼트려

 https://www.boannews.com/media/view.asp?idx=115337&kind=1&sub_kind= 

https://securityaffairs.com/143738/hacking/malware-via-adobe-acrobat-sign.html

- 미스파두 뱅킹 트로이목마, 남아메리카서 9만 개 이상 크리덴셜 훔쳐

 https://www.boannews.com/media/view.asp?idx=115338&kind=1&sub_kind= 

https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html

- Researchers Shed Light on CatB Ransomware's Evasion Techniques

https://thehackernews.com/2023/03/researchers-shed-light-on-catb.html

- 구글, 삼성 엑시노스칩에서 18개 심각한 보안취약점 발견...원격 공격 가능

 https://www.dailysecu.com/news/articleView.html?idxno=144540 

- 챗GPT로 새로운 버전의 블랙맘바 멀웨어 만드는 데 성공한 전문가들

 https://www.boannews.com/media/view.asp?idx=115290&kind=1&sub_kind= 

- 중국 해커들, 포티넷의 제로데이 취약점 통해 정찰 실시

 https://www.boannews.com/media/view.asp?idx=115286&kind=1&sub_kind= 

- Emotet Rises Again: Evades Macro Security via OneNote Attachments

https://thehackernews.com/2023/03/emotet-rises-again-evades-macro.html

- 사례비 지급 내용으로 위장한 OneNote 악성코드 (Kimsuky)

https://asec.ahnlab.com/ko/49843/

- MS 아웃룩 제로데이 취약점 패치 발표... 메일 읽지 않아도 탈취 가능

 https://www.boannews.com/media/view.asp?idx=115278&kind=1&sub_kind= 

- Guidance for investigating attacks using CVE-2023-23397

https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/


# 국가지원 해킹그룹

- China-linked hackers target telecommunication providers in the Middle East

https://securityaffairs.com/143928/apt/operation-soft-cell-china-telecom-providers.html

- 김수키 해킹그룹의 주요 공격 키워드 3가지는? 스피어피싱, 악성코드 다변화, 유명 SW 취약점

 https://www.boannews.com/media/view.asp?idx=115467&kind=1&sub_kind= 

- Scarcruft Bolsters Arsenal for targeting individual Android devices

https://medium.com/s2wblog/scarcruft-bolsters-arsenal-for-targeting-individual-android-devices-97d2bcef4ab

- 사이버 공격 단체 배드매직, 우크라이나의 주요 시설들 공격

 https://www.boannews.com/media/view.asp?idx=115391&kind=1&sub_kind= 

- 2022년, 제로데이를 가장 많이 공략한 건 중국의 해커들

 https://www.boannews.com/media/view.asp?idx=115341&kind=1&sub_kind= 

https://cyberscoop.com/mandiant-zero-day-vulnerabilities-china/

https://www.bleepingcomputer.com/news/security/hackers-mostly-targeted-microsoft-google-apple-zero-days-in-2022/

- 韓-獨 정보기관, 北 `킴수키`조직 신종 해킹수법 경고

 http://www.dt.co.kr/contents.html?article_no=2023032002109931081003 

https://thehackernews.com/2023/03/german-and-south-korean-agencies-warn.html

# 랜섬웨어 / 정보유출

- 러스트 기반 악성코드 ‘네바다’ 랜섬웨어 국내 유포 중

 https://www.boannews.com/media/view.asp?idx=115325&kind=1&sub_kind= 

- 쿠팡 "개인정보 유출 없다"…오픈마켓 판매자 유출 추정

 https://news.nate.com/view/20230320n28559?mid=n1101 

- [단독] 해킹된 쿠팡 개인정보 46만건…“X동 0호, 파티용품 50개”

https://www.hani.co.kr/arti/economy/it/1084330.html

- 미국, 유럽, 호주 노리는 새로운 랜섬웨어, 트리고나

 https://www.boannews.com/media/view.asp?idx=115287&kind=1&sub_kind= 

- Lowe’s Market chain leaves client data up for grabs

https://securityaffairs.com/143701/security/lowes-market-chain-data-leak.html

- US govt agencies released a joint alert on the Lockbit 3.0 ransomware

https://securityaffairs.com/143668/breaking-news/lockbit-3-0-ransomware-joint-alert.html

# 다크웹 / OSINT / 계정 / 피싱

- SharePoint Phishing Scam Targets 1600 Across US, Europe

https://www.infosecurity-magazine.com/news/sharepoint-phishing-scam-targets/

- Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking

https://medium.com/s2wblog/detailed-analysis-of-cryptocurrency-phishing-through-famous-youtube-channel-hacking-cd40de8dce6f

- MZ세대 마저... 삶을 포기하게 만드는 ‘보이스피싱’의 악랄한 수법

 https://www.boannews.com/media/view.asp?idx=114785&kind=1&sub_kind= 

# 공급망

- Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

https://thehackernews.com/2023/03/malicious-python-package-uses-unicode.html

- Hackers target .NET developers with malicious NuGet packages

https://www.bleepingcomputer.com/news/security/hackers-target-net-developers-with-malicious-nuget-packages/

- NBA is warning fans of a data breach after a third-party newsletter service hack

https://securityaffairs.com/143693/data-breach/nba-data-breach.html

# 기타

- 기업 발목을 잡을 수 있는 클라우드 실수 10가지 

https://www.ciokorea.com/news/283789

- OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident

https://thehackernews.com/2023/03/openai-reveals-redis-bug-behind-chatgpt.html

- 2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks

https://thehackernews.com/2023/03/2023-cybersecurity-maturity-report.html

- 챗GPT에서 발견된 버그, 대화 이력 정보 노출시켜

 https://www.boannews.com/media/view.asp?idx=115388&kind=1&sub_kind= 

- 다크웹의 유명 유출 사이트 운영자, 뉴욕에서 체포돼

 https://www.boannews.com/media/view.asp?idx=115342&kind=1&sub_kind= 

https://thehackernews.com/2023/03/breachforums-administrator-baphomet.html

- 지난 주 아크로니스 해킹 사고, 공격자가 과장한 것이었다

 https://www.boannews.com/media/view.asp?idx=115285&kind=1&sub_kind= 

- 틱톡만 문제? 틱톡의 자매앱도 선풍적인 인기 누리고 있어

 https://www.boannews.com/media/view.asp?idx=115283&kind=1&sub_kind= 

- The RTX 4090 is capable of cracking your password twice as fast as any other GPU

https://list23.com/1279301-the-rtx-4090-is-capable-of-cracking-your-password-twice-as-fast-as-any-other-gpu/