2023.05.06 보안 이슈

==2023.05.06==

# 취약점 / 악성코드 

- Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html

- New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html

- New Android Malware 'FluHorse' Targeting East Asian Markets with Deceptive Tactics

https://thehackernews.com/2023/05/new-android-malware-fluhorse-targeting.html

- Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html

- Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads

https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.html

- Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html

- 국내 유명 소프트웨어로 위장한 RecordBreaker 정보탈취 악성코드

https://asec.ahnlab.com/ko/52190/

- 중국 해킹 그룹 어스롱자이, 새로운 멀웨어 들고 다시 나타나

 https://www.boannews.com/media/view.asp?idx=117792&kind=1&sub_kind= 

- 북한의 APT 단체, 매크로 악용이 어려워지자 LNK 파일 활용으로 선회

 https://www.boannews.com/media/view.asp?idx=117771&kind=1&sub_kind= 

- Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices

https://thehackernews.com/2023/05/hackers-exploiting-5-year-old-unpatched.html

- 원노트와 도움말 파일 통해 악성코드 ‘칵봇’ 또 다시 유포

 https://www.boannews.com/media/view.asp?idx=117704&kind=1&sub_kind= 

- 구글 광고 플랫폼 악용하는 공격자들, 롭샷이라는 새 멀웨어 들고 나타나

 https://www.boannews.com/media/view.asp?idx=117799&kind=1&sub_kind= 

https://thehackernews.com/2023/05/lobshot-stealthy-financial-trojan-and.html

- MS-SQL 서버 공격에 사용되는 CLR SqlShell 분석

https://asec.ahnlab.com/ko/51977/

- 미국 CISA, “미라이 봇넷이 패치 안 된 TP링크 라우터들 노린다” 경고

 https://www.boannews.com/media/view.asp?idx=117755&kind=1&sub_kind= 

https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html

- 러시아 해커들, 롭샷이라는 새로운 멀웨어 활용 중

 https://www.boannews.com/media/view.asp?idx=117694&kind=1&sub_kind= 

- 멀웨어 없는 공격 늘어나고 있어 무용지물 되고 있는 멀웨어 탐지 기술

 https://www.boannews.com/media/view.asp?idx=117673&kind=1&sub_kind= 

- 베트남 해킹 단체, 전 세계 50만 개 장비 감염시켜

 https://www.boannews.com/media/view.asp?idx=117692&kind=1&sub_kind= 

https://thehackernews.com/2023/05/vietnamese-threat-actor-infects-500000.html

- 구글, 플레이 스토어 새롭게 강화하며 수십억 달러의 피해 예방했다 주장

 https://www.boannews.com/media/view.asp?idx=117762&kind=1&sub_kind= 

https://thehackernews.com/2023/05/google-blocks-143-million-malicious.html

# 국가지원 해킹그룹

- Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

https://securityaffairs.com/145731/cyber-warfare-2/sandworm-apt-winrar-destructive-attacks.html

- N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks

https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html

- 새로 발견된 볼드스파이, 이란 정부와 관련 있는 듯

 https://www.boannews.com/media/view.asp?idx=117753&kind=1&sub_kind= 

https://thehackernews.com/2023/05/bouldspy-android-spyware-iranian.html

- APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html

- 이란 APT 그룹의 새로운 무기 벨라시아오, 이란 해커의 발전상 드러내

 https://www.boannews.com/media/view.asp?idx=117817&kind=1&sub_kind= 

https://therecord.media/iran-apt-charming-kitten-bellaciao-malware-us-europe-asia

# 랜섬웨어 / 정보유출

- 티모바일, 2023년 들어 두 번째 데이터 침해 사고 겪어

 https://www.boannews.com/media/view.asp?idx=117693&kind=1&sub_kind= 

- 세일즈포스 커뮤니티 클라우드의 설정 오류로 민감 정보 새나가

 https://www.boannews.com/media/view.asp?idx=117690&kind=1&sub_kind= 

# 다크웹 / OSINT / 계정 / 피싱

- Why the Things You Don't Know about the Dark Web May Be Your Biggest Cybersecurity Threat

https://thehackernews.com/2023/05/why-things-you-dont-know-about-dark-web.html

- "130만원이면 비번 삽니다"…기업망 쉽게 뚫린 이유 있었네

 https://news.nate.com/view/20230430n11460?mid=n0105 

# 공급망

- Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised

https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html

- 국내 VPN 설치파일에 포함되어 유포 중인 SparkRAT

https://asec.ahnlab.com/ko/52076/

#AI 

- 금융위원회, 「AI 기반 신용평가모형 검증체계」 및 「금융분야 AI 보안 가이드라인」 마련

 https://m.lawtimes.co.kr/Content/Article?serial=187302 

- 삼성전자, 챗GPT 사용 금지..."자체 솔루션 준비 중" 

https://www.etnews.com/20230502000316

- [주말판] 진실을 추구하는 안전한 인공지능, 있을 수 있을까?

 https://www.boannews.com/media/view.asp?idx=117674&kind=1&sub_kind= 

- 해커도 챗GPT 쓴다…양날의 칼 AI [AI토피아]

https://www.sedaily.com/NewsView/29PH1OQPI3/GD05

- 챗GPT 프롬프트 통한 민감 정보 유출 막기 위해 등장한 프라이빗GPT

 https://www.boannews.com/media/view.asp?idx=117814&kind=1&sub_kind= 

- Can ChatGPT detect phishing links?

https://securelist.com/chatgpt-anti-phishing/109590/

- [RSAC 2023 현장 인터뷰] 인공지능과 API 보안이 시장의 중심으로 이동

 https://www.dailysecu.com/news/articleView.html?idxno=145633 

- [RSAC 2023 현장-종합] 인공지능이 보안산업의 판도 바꿀 것

 https://www.dailysecu.com/news/articleView.html?idxno=145627 

# 기타

- Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts

https://thehackernews.com/2023/05/google-introduces-passwordless-secure.html

- Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust

https://thehackernews.com/2023/05/operation-spector-534-million-seized.html

- 차기 사이버 전장, 어쩌면 모든 곳에 존재하는 펌웨어가 될 지도

 https://www.boannews.com/media/view.asp?idx=117705&kind=1&sub_kind= 

- Why Telecoms Struggle with SaaS Security

https://thehackernews.com/2023/05/why-telecoms-struggle-with-saas-security.html

- 사이버 공격이 시작됐을 때 허둥지둥 움직이지 않으려면

 https://www.boannews.com/media/view.asp?idx=117698&kind=1&sub_kind= 

- Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

https://thehackernews.com/2023/05/wanted-dead-or-alive-real-time.html

- 국내 12개 유튜브 채널 동시 해킹... 가상자산 기업 ‘리플’ 연관된 피해 확산

 https://www.boannews.com/media/view.asp?idx=117672&kind=1&sub_kind= 

- IT 부서와 최종 사용자들은 가장 가까운 협력 파트너여야 한다

 https://www.boannews.com/media/view.asp?idx=117466&kind=1&sub_kind=