2023.04.29 보안 이슈

==2023.04.29==

# 취약점 / 악성코드 

- New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

https://thehackernews.com/2023/04/new-atomic-macos-stealer-can-steal-your.html

- Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

https://thehackernews.com/2023/04/zyxel-firewall-devices-vulnerable-to.html

- 해킹된 유튜브 계정으로 유포 중인 RecordBreaker 스틸러

https://asec.ahnlab.com/ko/51836/

- OneNote 와 CHM 을 통해 유포 중인 Qakbot 악성코드

https://asec.ahnlab.com/ko/51784/

- TP링크의 아처 와이파이 라우터, 미라이 멀웨어의 공격에 노출돼

 https://www.boannews.com/media/view.asp?idx=117518&kind=1&sub_kind= 

- GhostToken GCP vulnerability allowed hacking of Google accounts

https://www.androidheadlines.com/2023/04/ghosttoken-gcp-vulnerability-allowed-hacking-of-google-accounts.html

- 서비스 배치 프로토콜의 취약점, 디도스 공격 증폭시켜

 https://www.boannews.com/media/view.asp?idx=117519&kind=1&sub_kind= 

https://thehackernews.com/2023/04/new-slp-vulnerability-could-let.html

- [Vol.110] 2023년 1분기 보안 동향

 https://www.ahnlab.com/kr/site/securityinfo/asec/asecView.do?groupCode=VNI001&seq=33444 

- New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

https://thehackernews.com/2023/04/new-all-in-one-evilextractor-stealer.html

- Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers

https://thehackernews.com/2023/04/russian-hackers-suspected-in-ongoing.html

- '정보지' PDF? 잘못 클릭했다간…北 해커 '먹잇감' 된다

 https://news.mt.co.kr/mtview.php?no=2023042310203631952 

 https://www.boannews.com/media/view.asp?idx=117395&kind=1&sub_kind= 

- 기업 노리는 디코이독 멀웨어, 광범위한 악성 DNS 분석 통해 발견돼

 https://www.boannews.com/media/view.asp?idx=117405&kind=1&sub_kind= 

- 버려진 워드프레스 플러그인, 백도어 유포에 활용되다

 https://www.boannews.com/media/view.asp?idx=117406&kind=1&sub_kind= 

https://thehackernews.com/2023/04/hackers-exploit-outdated-wordpress.html

# 국가지원 해킹그룹

- Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

https://thehackernews.com/2023/04/tonto-team-uses-anti-malware-file-to.html

https://asec.ahnlab.com/ko/51868/

- Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

https://thehackernews.com/2023/04/paperbug-attack-new-politically.html

- APT trends report Q1 2023

https://securelist.com/apt-trends-report-q1-2023/109581/

- 중국의 해커들, 핑풀 멀웨어의 리눅스 버전 활용하는 중

 https://www.boannews.com/media/view.asp?idx=117574&kind=1&sub_kind= 

https://thehackernews.com/2023/04/chinese-hackers-using-pingpull-linux.html

- Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China

https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html

- 이란 해커들, 이스라엘 겨냥한 고급 사이버 공격 실시

 https://www.boannews.com/media/view.asp?idx=117522&kind=1&sub_kind= 

https://thehackernews.com/2023/04/iranian-hackers-launch-sophisticated.html

- 러시아의 털라인 줄 알았더니, 새로운 공격 단체 토미리스

 https://www.boannews.com/media/view.asp?idx=117477&kind=1&sub_kind= 

- 북한 해커들, 러스트버킷 사용해 맥 사용자 노리기 시작

 https://www.boannews.com/media/view.asp?idx=117472&kind=1&sub_kind= 

https://www.securityweek.com/north-korean-hackers-target-mac-users-with-new-rustbucket-malware/

# 랜섬웨어 / 정보유출

- RTM 랜섬웨어 운영자들, 리눅스 버전 개발해 배포 중

 https://www.boannews.com/media/view.asp?idx=117647&kind=1&sub_kind= 

https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html

- Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html

- “LGU+ 고객정보 유출 주원인 DB 취약점, 디도스 공격은 라우터 외부 노출”

 http://www.enewstoday.co.kr/news/articleView.html?idxno=1657412 

- [RSAC 2023 현장] 랜섬웨어 공격의 주요 타깃이 된 ‘OT’

 https://www.dailysecu.com/news/articleView.html?idxno=145520 

- EDR 소프트웨어 비활성화 하려는 랜섬웨어 단체, 오킬 사용해

 https://www.boannews.com/media/view.asp?idx=117470&kind=1&sub_kind= 

https://thehackernews.com/2023/04/ransomware-hackers-using-aukill-tool-to.html

# 다크웹 / OSINT / 계정 / 피싱

- 편의점 CU 개인정보 도용 '크리덴셜 스터핑' 피해 입었다

http://www.mediapen.com/news/view/813598

- Attention Online Shoppers: Don't Be Fooled by Their Sleek, Modern Looks — It's Magecart!

https://thehackernews.com/2023/04/attention-online-shoppers-dont-be.html

# 공급망

- 북한의 라자루스, 3CX에서만 공급망 공격 실시한 것 아니었다

 https://www.boannews.com/media/view.asp?idx=117408&kind=1&sub_kind= 

# 기타

- "챗GPT 작성 코드, 보안 수준 낮아 그냥 쓰면 위험" 

 https://zdnet.co.kr/view/?no=20230425105626 

- EU, AI 학습 데이터 공개 의무화 법안 제출

https://techrecipe.co.kr/posts/53468

- 보안 분야에 생성형 AI가 미칠 영향 

 http://www.datanet.co.kr/news/articleView.html?idxno=183066 

- 전 MS CIO가 생각하는 IT의 현재와 미래, 그리고 인공지능 

 http://www.boannews.com/media/view.asp?idx=117467&kind=&sub_kind= 

- ChatGPT is Back in Italy After Addressing Data Privacy Concerns

https://thehackernews.com/2023/04/chatgpt-is-back-in-italy-after.html

- [RSAC 2023 현장] “공격자와 거리를 좁히려면...AI 활용 그리고 시간"

 https://www.dailysecu.com/news/articleView.html?idxno=145624 

- [RSAC 2023] 다크웹의 메타버스 버전인 ‘다크버스’, 언젠가 큰 위협이 된다

 https://www.boannews.com/media/view.asp?idx=117654&kind=1&sub_kind= 

- 윈도 핵심 라이브러리를 러스트로 바꾸고 있는 MS

 https://www.boannews.com/media/view.asp?idx=117650&kind=1&sub_kind= 

- 어나니머스 수단, 이스라엘의 주요 시설과 인물들 겨냥해 집중 공격 중

 https://www.boannews.com/media/view.asp?idx=117573&kind=1&sub_kind= 

- 독일 정부, “화웨이 전력 관리 기술 통해 사보타쥬 가능하다” 주장

 https://www.boannews.com/media/view.asp?idx=117571&kind=1&sub_kind= 

- 경찰, 경기교육청 학력평가 성적 유출 최초 유포자 등 6명 검거

 https://mobile.newsis.com/view.html?ar_id=NISX20230427_0002283096#_PA 

- [RSAC 2023] RSA CEO의 개회사, “인공지능 감독하는 것이 보안의 새 임무”

 https://www.boannews.com/media/view.asp?idx=117525&kind=1&sub_kind= 

- 바이러스토탈, 인공지능 기반 멀웨어 분석 기능 새롭게 추가

 https://www.boannews.com/media/view.asp?idx=117473&kind=1&sub_kind= 

https://thehackernews.com/2023/04/google-cloud-introduces-security-ai.html

- Study: 84% of Companies Use Breached SaaS Applications - Here's How to Fix it for Free!

https://thehackernews.com/2023/04/study-84-of-companies-use-breached-saas.html

- 세계적인 관심 받고 있는 북한의 APT 단체 킴수키, 어떻게 막아야 하나

 https://www.boannews.com/media/view.asp?idx=117413&kind=1&sub_kind= 

- 미국 국방부 기밀 유출 사건, 내부자 위협에 대해 다시 생각케 해

 https://www.boannews.com/media/view.asp?idx=117391&kind=1&sub_kind= 

- 국제 사법 기관들과 경찰들, 메타에 암호화 도입 중단하라고 촉구

 https://www.boannews.com/media/view.asp?idx=117407&kind=1&sub_kind= 

- '해킹 백도어 설치시 5년이하 징역법' 발의

 https://news.nate.com/view/20230423n04324?mid=n0105