2023.06.03 보안 이슈

==2023.06.03==

# 취약점 / 악성코드 

- 새로운 호라봇 캠페인, 피해자의 지메일과 아웃룩 계정 탈취해

 https://www.boannews.com/media/view.asp?idx=118748&kind=1&sub_kind= 

https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html

- 하루살이 전략으로 선회하고 있는 큐봇, 잠자는 시간도 늘려

 https://www.boannews.com/media/view.asp?idx=118749&kind=1&sub_kind= 

https://thehackernews.com/2023/06/evasive-qbot-malware-leverages-short.html

- New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html

- Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

https://thehackernews.com/2023/06/unmasking-xe-group-experts-reveal.html

- Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

https://thehackernews.com/2023/06/active-mirai-botnet-variant-exploiting.html

- 레드아이즈 악성코드, 한컴 오피스 문서파일로 위장해 유포

 https://www.boannews.com/media/view.asp?idx=118665&kind=1&sub_kind= 

- 기가바이트의 PC 일부에서 백도어와 비슷한 기능 발견돼

 https://www.boannews.com/media/view.asp?idx=118702&kind=1&sub_kind= 

https://thehackernews.com/2023/05/critical-firmware-vulnerability-in.html

- RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

https://thehackernews.com/2023/05/romcom-rat-using-deceptive-web-of-rogue.html

- Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months

https://thehackernews.com/2023/05/alert-hackers-exploit-barracuda-email.html

- Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

https://thehackernews.com/2023/05/sneaky-dogerat-trojan-poses-as-popular.html

- 신종 악성코드 ‘골도슨’ 사태로 불거진 앱의 보안 취약성 논란 살펴보니

 https://www.boannews.com/media/view.asp?idx=117768&kind=1&sub_kind= 

- New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

https://thehackernews.com/2023/05/new-bruteprint-attack-lets-attackers.html

- 사이버 범죄자들의 강력한 새 무기, 에이스크립터

 https://www.boannews.com/media/view.asp?idx=118581&kind=1&sub_kind= 

https://thehackernews.com/2023/05/acecryptor-cybercriminals-powerful.html

- Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims

https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html

- 고 언어 기반의 멀웨어 곱랫, 일본의 리눅스 라우터 공략 중

 https://www.boannews.com/media/view.asp?idx=118582&kind=1&sub_kind= 

https://thehackernews.com/2023/05/new-gobrat-remote-access-trojan.html

# 국가지원 해킹그룹

- Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html

- 한미(韓美) 합동 보안권고문 : 북한 킴수키(Kimsuky) 조직의 싱크탱크, 학계, 미디어 대상 사회공학적 기법을 악용한 해킹공격 주의!

https://blog.alyac.co.kr/5162

https://thehackernews.com/2023/06/north-koreas-kimsuky-group-mimics-key.html

- "北 해커 빼돌린 우리 기술로 천리마 발사 시도"...첫 대가성 제재

 http://www.kookje.co.kr/news2011/asp/newsbody.asp?code=0100&key=20230602.99099000449&kid 

- N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT

https://thehackernews.com/2023/06/n-korean-scarcruft-hackers-exploit.html

# 랜섬웨어 / 정보유출

- 산업 장비 제조사 ABB, 랜섬웨어 공격으로 데이터 잃어

 https://www.boannews.com/media/view.asp?idx=118577&kind=1&sub_kind= 

# 다크웹 / OSINT / 계정 / 피싱

- "휴면 계정, 공격 시작 지점으로 악용 쉬워" 옥타, 신원 트렌드 보고서 

https://www.itworld.co.kr/news/292177

- “정상 문서·악성문서 함께 보내는 스피어피싱 발견” 

 http://www.datanet.co.kr/news/articleView.html?idxno=183845 

- [긴급] 다크웹 해킹포럼에 한국군 무인기(드론) 관련 해킹정보 판매글 올라와

 https://www.dailysecu.com/news/articleView.html?idxno=146464 

#AI 

-“AI로 완전 자동화된 맬웨어 캠페인이 곧 등장할 것” 

https://www.itworld.co.kr/news/292645

- "우리도 우리가 무섭다" 규제 요청하는 AI 업계 

https://www.itworld.co.kr/news/292663


# 공급망

- [ET단상]AI시대 돌입한 사이버보안, 진화의 방향은 

https://www.etnews.com/20230531000116

- "공유지의 비극은 어디서든 가능하다" 챗GPT와 LLM의 어두운 미래 

https://www.itworld.co.kr/news/292693

- “국가적 차원의 소프트웨어 공급망보안 체계 마련 시급한 상황”

 https://www.dailysecu.com/news/articleView.html?idxno=146563 

- Malicious PyPI Packages Using Compiled Python Code to Bypass Detection

https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html

- 4억 명 넘게 다운로드 한 구글 플레이 내 악성 모듈

 https://www.boannews.com/media/view.asp?idx=118647&kind=1&sub_kind= 

- PyPI Implements Mandatory Two-Factor Authentication for Project Owners

https://thehackernews.com/2023/05/pypi-implements-mandatory-two-factor.html

# 기타

- 디스코드 내 암호화폐 커뮤니티 집중 공략하는 해커들

 https://www.boannews.com/media/view.asp?idx=118697&kind=1&sub_kind= 

- Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities

https://thehackernews.com/2023/05/beware-of-ghost-sites-silent-threat.html

- 500만 개 사이트에 플러그인 취약점 패치 강제 적용하는 워드프레스

 https://www.boannews.com/media/view.asp?idx=118646&kind=1&sub_kind= 

- 캡챠를 뚫기 위해 인간 농장까지 마련한 사이버 범죄 조직

 https://www.boannews.com/media/view.asp?idx=118648&kind=1&sub_kind= 

https://thehackernews.com/2023/05/captcha-breaking-services-with-human.html

- 짐보프로토콜 해킹 공격으로 암호화폐 750만 달러어치 사라져

 https://www.boannews.com/media/view.asp?idx=118580&kind=1&sub_kind= 

- 전 세계에서 이어지는 틱톡 사용 금지 논란, 어떻게 봐야 하나

 https://www.boannews.com/media/view.asp?idx=118289&kind=1&sub_kind= 

- 3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them

https://thehackernews.com/2023/05/3-challenges-in-building-continuous.html