2023.04.08 보안 이슈

==2023.04.08==

# 취약점 / 악성코드 

- Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

https://securityaffairs.com/144379/hacking/microsoft-fixed-azure-ad-bug.html

- 크로미움 기반 브라우저 노리는 새로운 암호화폐 탈취 ‘Rilide’ 악성코드 출현

 https://www.boannews.com/media/view.asp?idx=116846&kind=&sub_kind= 

- Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari

https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html

- 이메일 하이재킹을 통해 Qakbot 악성코드 국내 유포 중

https://asec.ahnlab.com/ko/51109/

- CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products

https://thehackernews.com/2023/04/cisa-warns-of-critical-ics-flaws-in.html

- 큐냅 OS들에서 발견된 제로데이 취약점 2개, 80만 장비에 영향 미쳐

 https://www.boannews.com/media/view.asp?idx=116888&kind=1&sub_kind= 

- Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks

https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html

- Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques

https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html

- 北 김수키 해킹그룹, ‘사례비 지급’ 위장한 원노트 악용해 악성코드 유포

 https://www.boannews.com/media/view.asp?idx=116841&kind=1&sub_kind= 

- 마이크로소프트 오피스 불법 복제 버전 설치한 우크라이나 기업, 침해사고 발생

 https://www.boannews.com/media/view.asp?idx=116847&kind=1&sub_kind= 

- 이란 타깃 암호화폐 탈취 악성코드 유포하는 VPN 멀버타이징 캠페인 발견

 https://www.boannews.com/media/view.asp?idx=116843&kind=1&sub_kind= 

- 해킹그룹 비터, 중국 기관 타깃 APT 공격... CHM 악성코드 유포중

 https://www.boannews.com/media/view.asp?idx=116834&kind=1&sub_kind= 

- New Rilide Malware Targeting Chromium-Based Browsers to Steal Cryptocurrency

https://thehackernews.com/2023/04/new-rilide-malware-targeting-chromium.html

- Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions

https://thehackernews.com/2023/04/microsoft-tightens-onenote-security-by.html

- 안드로이드 및 iOS 기기 제로데이 취약점 악용한 스파이웨어 공급업체 적발

 https://www.dailysecu.com/news/articleView.html?idxno=144939 

# 국가지원 해킹그룹

- 우크라이나가 직접 겪은 러시아 ‘사이버 공격’ 교훈과 시사점 

https://www.itworld.co.kr/news/285847

- Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise

https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html

- Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

https://thehackernews.com/2023/04/google-tag-warns-of-north-korean-linked.html

- Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

https://thehackernews.com/2023/04/arid-viper-hacking-group-using-upgraded.html

- 북한 해킹그룹 ‘APT43’, 사이버 범죄로 북한의 스파이 활동 지원

 https://www.boannews.com/media/view.asp?idx=116810&kind=1&sub_kind= 

 https://www.dailysecu.com/news/articleView.html?idxno=144928 

# 랜섬웨어 / 정보유출

- Taiwanese PC Company MSI Falls Victim to Ransomware Attack

https://thehackernews.com/2023/04/taiwanese-pc-company-msi-falls-victim.html

- 수수께끼와 같은 랜섬웨어 로르샤흐, 암호화 속도는 추종불허

 https://www.boannews.com/media/view.asp?idx=116837&kind=1&sub_kind= 

https://thehackernews.com/2023/04/rorschach-ransomware-emerges-experts.html

- Western Digital Hit by Network Security Breach - Critical Services Disrupted!

https://thehackernews.com/2023/04/western-digital-hit-by-network-security.html

# 다크웹 / OSINT / 계정 / 피싱

- 프루프포인트, 2023 피싱 현황 보고서 발표 

https://www.ciokorea.com/news/285703

- 치밀해진 BEC 공격, 지난해 글로벌 조직 4분의 3이 피해 입었다

 https://www.boannews.com/media/view.asp?idx=116886&kind=1&sub_kind= 

- 레코디드퓨처, “북한 사이버 공격은 한국이 주요 타깃, 99%는 피싱”

 https://www.ddaily.co.kr/news/article/?no=261136 

- 최근 BEC 공격자들, 돈보다 물품을 노리는 쪽으로 방향을 틀고 있다

 https://www.boannews.com/media/view.asp?idx=116755&kind=1&sub_kind= 

# 공급망

- Supply Chain Compromise or False Positive: The Intriguing Case of efile.com

https://isc.sans.edu/diary/rss/29708

- Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels

https://thehackernews.com/2023/04/supply-chain-attacks-and-critical.html

- 3CX DesktopApp 공급망 공격, 국내에서도 확인

https://asec.ahnlab.com/ko/50965/

- 통화·화상회의 등 가능한 3CX DesktopApp에서 공급망 공격 발생

 https://www.boannews.com/media/view.asp?idx=116779&kind=1&sub_kind= 

 https://www.boannews.com/media/view.asp?idx=116815&kind=1&sub_kind= 

- 3CX DesktopApp 사용 주의 (CVE-2023-29059)

https://asec.ahnlab.com/ko/50797/

- Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack

https://thehackernews.com/2023/04/cryptocurrency-companies-targeted-in.html

# 기타

- 인공신경망 원리를 알면 챗GPT 잘 알 수 있다 

 http://www.boannews.com/media/view.asp?idx=116783&kind=&sub_kind= 

- 영국 규제당국 “생성형 AI에 사용되는 데이터, 데이터 보호법 적용된다” 경고 

https://www.itworld.co.kr/news/285421

- “비용 차이 10배 이상” 클라우드보다 코로케이션이 HPC에 더 적합한 이유 

https://www.itworld.co.kr/news/285793

- “클라우드 갈아타기 문턱 낮춰라” 영국서 AWSㆍMS 규제 움직임 

https://www.itworld.co.kr/news/285799

- 사이버 범죄자들, 차량 내 CAN 프로토콜 통해 자동차 훔쳐갔다

 https://www.boannews.com/media/view.asp?idx=116938&kind=1&sub_kind= 

- Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool

https://thehackernews.com/2023/04/microsoft-takes-legal-action-to-disrupt.html

- Are Source Code Leaks the New Threat Software vendors Should Care About?

https://thehackernews.com/2023/04/are-source-code-leaks-new-threat.html

- 거대 다크웹 시장 제네시스마켓, 국제 공조 활동으로 폐쇄돼

 https://www.boannews.com/media/view.asp?idx=116887&kind=1&sub_kind= 

- 챗GPT 속여서 탐지율 0%의 스테가노그래피 멀웨어 제작 성공

 https://www.boannews.com/media/view.asp?idx=116883&kind=1&sub_kind= 

- [G-PRIVACY 2023-영상] 체이널리시스 “2022년 가상자산 불법거래액 26조...이중 2조2천300억은 북한 해킹그룹 소행”

 https://www.dailysecu.com/news/articleView.html?idxno=144974 

- 영업비밀, 퇴직자에 의한 유출이 절반 차지

 https://www.dailysecu.com/news/articleView.html?idxno=144966 

- 사이버 범죄 조직 규모가 클수록 기업 형태 갖춰

 https://www.dailysecu.com/news/articleView.html?idxno=144964 

- 미국에서 뜨거운 논란거리인 틱톡, CIO와 CISO들에겐 어떤 의미일까?

 https://www.boannews.com/media/view.asp?idx=116816&kind=1&sub_kind=