2023.04.01 보안 이슈

==2023.04.01==

# 취약점 / 악성코드 

- Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation

https://thehackernews.com/2023/04/cacti-realtek-and-ibm-aspera-faspex.html

- "인터넷뱅킹 보안인증SW 업데이트하세요"…北, 국내외 60여곳 해킹

 http://www.dt.co.kr/contents.html?article_no=2023033002109931081004 

- Spyware campaigns using zero-days found in Italy, Malaysia, Kazakhstan, UAE

https://therecord.media/spyware-google-italy-malaysia-kazakhstan-uae

- Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices

https://securityaffairs.com/144114/hacking/cve-2023-23529-apple-zero-day.html

- 김수키 해커조직의 악성코드 은폐 수법 분석했더니...

 https://www.boannews.com/media/view.asp?idx=115540&kind=1&sub_kind= 

- Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe

https://thehackernews.com/2023/03/stealthy-dbatloader-malware-loader.html

- New IcedID variants shift from bank fraud to malware delivery

https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/

- MS, “러시아 해커들이 아웃룩 제로데이를 작년 4월부터 익스플로잇”

 https://www.boannews.com/media/view.asp?idx=115571&kind=1&sub_kind= 

- Updates from the MaaS: new threats delivered through NullMixer

https://securityaffairs.com/144092/malware/maas-threats-delivered-through-nullmixer-malware.html

- New MacStealer Targets Catalina, Newer MacOS Versions

https://www.infosecurity-magazine.com/news/macstealer-targets-macos-versions/

- How scammers employ IPFS for email phishing

https://securelist.com/ipfs-phishing/109158/

- EDR 제품을 통한 정보 탈취형 악성코드 분석

https://asec.ahnlab.com/ko/50518/

# 국가지원 해킹그룹

- 윈터비번 해킹 그룹, 짐브라 취약점 통해 NATO 이메일 열람

 https://www.boannews.com/media/view.asp?idx=116731&kind=1&sub_kind= 

https://www.bleepingcomputer.com/news/security/winter-vivern-hackers-exploit-zimbra-flaw-to-steal-nato-emails/

- 중국의 레드골프 해킹 그룹, 키플러그 백도어를 윈도/리눅스에 심어

 https://www.boannews.com/media/view.asp?idx=116732&kind=1&sub_kind= 

https://thehackernews.com/2023/03/chinese-redgolf-group-targeting-windows.html

- 비터APT 그룹, 중국의 핵 에너지 분야 공격해

 https://www.boannews.com/media/view.asp?idx=115615&kind=1&sub_kind= 

- 북한의 해커들, 암호화폐 채굴 위해 ‘클라우드 채굴’ 기법 사용

 https://www.boannews.com/media/view.asp?idx=115613&kind=1&sub_kind= 

https://thehackernews.com/2023/03/north-korean-apt43-group-uses.html

- 파키스탄의 공격 단체 사이드코피, 인도 국방부 공격

 https://www.boannews.com/media/view.asp?idx=115617&kind=1&sub_kind= 

https://thehackernews.com/2023/03/pakistan-origin-sidecopy-linked-to-new.html

- Technical analysis of China-linked Earth Preta APT’s infection chain

https://securityaffairs.com/144078/apt/earth-preta-infection-chain.html

# 랜섬웨어 / 정보유출

- 록빗 3.0 랜섬웨어 조직, 국세청 홈페이지 공격 주장... 국세청은 부인

 https://www.boannews.com/media/view.asp?idx=116717&kind=1&sub_kind= 

 https://www.dailysecu.com/news/articleView.html?idxno=144815 

- 트위터 소스코드 유출 사건, 어쩌면 거대한 보안 재앙의 신호탄 될 수 있어

 https://www.boannews.com/media/view.asp?idx=115634&kind=1&sub_kind= 

- 새로 나타난 다크파워 랜섬웨어, 한 달 만에 10개 조직 침해

 https://www.boannews.com/media/view.asp?idx=115538&kind=1&sub_kind= 

https://www.bleepingcomputer.com/news/security/new-dark-power-ransomware-claims-10-victims-in-its-first-month/

# 다크웹 / OSINT / 계정 / 피싱

- [긴급] 온라인 쇼핑몰 결제 페이지 피싱 통한 카드정보 유출 ‘비상’

 https://www.boannews.com/media/view.asp?idx=115562&kind=1&sub_kind= 

- New BEC Tactics Enable Fake Asset Purchases

https://www.infosecurity-magazine.com/news/new-bec-tactics-enable-fake-asset/

- FBI: Business email compromise tactics used to defraud U.S. vendors

https://www.bleepingcomputer.com/news/security/fbi-business-email-compromise-tactics-used-to-defraud-us-vendors/

# 공급망

- "北, 하루 1200만명 쓰는 온라인 통화서비스 '3CX' 해킹"

 https://www.boannews.com/media/view.asp?idx=115665&kind=1&sub_kind= 

https://thehackernews.com/2023/03/3cx-desktop-app-targeted-in-supply.html

 http://news.heraldcorp.com/view.php?ud=20230401000039 

# 기타

- 가트너, 사이버 보안 8대 주요 전망 발표 

 http://www.itdaily.kr/news/articleView.html?idxno=213276 

- [단독] 우려가 현실로…삼성전자, 챗GPT 빗장 풀자마자 ‘오남용’ 속출

https://n.news.naver.com/article/243/0000042639

- 이탈리아, 개인정보 우려에 챗GPT 차단…서방국가 처음 

https://www.yonhapnewstv.co.kr/news/MYH20230401007700641

- MS, 애저 서비스에서 발견된 고위험군 취약점 패치

 https://www.boannews.com/media/view.asp?idx=116742&kind=1&sub_kind= 

- 애저 액티브 디렉토리의 간편한 멀티테넌트 설정, 빙뱅 공격 가능케 해

 https://www.boannews.com/media/view.asp?idx=116733&kind=1&sub_kind= 

https://thehackernews.com/2023/04/microsoft-fixes-new-azure-ad.html

- AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services

https://thehackernews.com/2023/03/alienfox-malware-targets-api-keys-and.html

- 1천 명의 IT 전문가들, 인공지능 개발 6개월만 중단하자 제안

 https://www.boannews.com/media/view.asp?idx=116678&kind=1&sub_kind= 

 http://www.digitaltoday.co.kr/news/articleView.html?idxno=472974 

- MS, 사이버보안에도 초거대AI 접목…`시큐리티 코파일럿` 선봬

 http://www.dt.co.kr/contents.html?article_no=2023032902109931081002 

https://thehackernews.com/2023/03/microsoft-introduces-gpt-4-ai-powered.html

- Introducing self-service SBOMs

https://github.blog/2023-03-28-introducing-self-service-sboms/

- Exchange Online to block emails from vulnerable on-prem servers

https://www.bleepingcomputer.com/news/security/exchange-online-to-block-emails-from-vulnerable-on-prem-servers/

- 어나니머스 출신 해커, 폐쇄된 브리치포럼 부활시켜

 https://www.boannews.com/media/view.asp?idx=115568&kind=1&sub_kind= 

- 상업용 스파이웨어, 미국 연방 기관들에서는 사용 금지돼

 https://www.boannews.com/media/view.asp?idx=115566&kind=1&sub_kind= 

https://thehackernews.com/2023/03/president-biden-signs-executive-order.html

- FBI의 브리치포럼 일망타진으로 다크웹 일대 혼란

 https://www.boannews.com/media/view.asp?idx=115521&kind=1&sub_kind= 

- 영국 국가범죄수사국, 가짜 디도스 서비스 사이트 개설해 범죄자들 유혹

 https://www.boannews.com/media/view.asp?idx=115519&kind=1&sub_kind= 

https://securityaffairs.com/144011/cyber-crime/nca-fake-ddos-for-hire-sites.html

- 깃허브, RSA SSH 호스트 키를 실수로 공개해

 https://www.boannews.com/media/view.asp?idx=115520&kind=1&sub_kind= 

- 챗GPT 버그, 유료 사용자들의 지불 정보 노출시켜

 https://www.boannews.com/media/view.asp?idx=115524&kind=1&sub_kind= 

https://securityaffairs.com/144057/data-breach/openai-chatgpt-redis-bug-data-leak.html

- 당신 폰을 훤히 들여다본다... ‘백도어 해킹’의 신무기 스파이칩

https://www.chosun.com/national/2023/03/26/OFITXVYDOJE6JNP6FE5756ITUE/