2023.07.01 보안 이슈

==2023.07.01==

# 취약점 / 악성코드 

- Beware: New 'RustBucket' Malware Variant Targeting macOS Users

https://thehackernews.com/2023/07/beware-new-rustbucket-malware-variant.html

- Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

https://thehackernews.com/2023/06/cybercriminals-hijacking-vulnerable-ssh.html

- MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?

https://thehackernews.com/2023/06/mitre-unveils-top-25-most-dangerous.html

- 메일을 통해 유포되는 NetSupport 악성코드

https://asec.ahnlab.com/ko/54901/

- Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

https://thehackernews.com/2023/06/fluhorse-flutter-based-android-malware.html

- Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

https://thehackernews.com/2023/06/newly-uncovered-thirdeye-windows-based.html

- '매직라인 취약점 이용해 50여곳 해킹"...北, SW 취약점 공격

https://www.inews24.com/view/1607744

- 국정원, ‘보안인증 SW 취약점’ 악용 해킹 경고

 https://www.nkeconomy.com/news/articleView.html?idxno=11928 

- 가짜 성인 콘텐츠로 위장한 멀웨어 디씨랫, 빠르게 퍼지고 있어

 https://www.boannews.com/media/view.asp?idx=119606&kind=1&sub_kind= 

- New Mockingjay Process Injection Technique Could Let Malware Evade Detection

https://thehackernews.com/2023/06/new-mockingjay-process-injection.html

- 아나차라는 뱅킹 트로이목마 퍼트리는 새 캠페인 적발돼

 https://www.boannews.com/media/view.asp?idx=119549&kind=1&sub_kind= 

https://thehackernews.com/2023/06/anatsa-banking-trojan-targeting-users.html

- 마이크로소프트 팀즈의 취약점, 보안 장치 우회해 멀웨어 심게 한다

 https://www.boannews.com/media/view.asp?idx=119546&kind=1&sub_kind= 

- Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

https://thehackernews.com/2023/06/japanese-cryptocurrency-exchange-falls.html

- U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

https://thehackernews.com/2023/06/us-cybersecurity-agency-adds-6-flaws-to.html

# 국가지원 해킹그룹

- Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks

https://thehackernews.com/2023/06/iranian-hackers-charming-kitten-utilize.html

- From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

https://thehackernews.com/2023/06/from-muddyc3-to-phonyc2-irans.html

- North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

https://thehackernews.com/2023/06/north-korean-hacker-group-andariel.html

- 문서 뷰어로 위장한 악성 배치 파일(*.bat) 유포 중(Kimsuky)

https://asec.ahnlab.com/ko/54952/

- 크롬 원격 데스크톱을 악용하는 Kimsuky 공격 그룹

https://asec.ahnlab.com/ko/54804/

- Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

https://thehackernews.com/2023/06/microsoft-warns-of-widescale-credential.html

- 중국의 APT 볼트타이푼, 대만 공격을 위한 발판 마련하고 있나

 https://www.boannews.com/media/view.asp?idx=119562&kind=1&sub_kind= 

https://thehackernews.com/2023/06/chinese-hackers-using-never-before-seen.html

- 북한 김수키 해킹그룹, 다양한 주제 악용해 CHM 악성코드 유포 작전 펼쳤다

 https://www.boannews.com/media/view.asp?idx=119630&kind=1&sub_kind= 

- 킴수키(Kimsuky)조직의 'Mail Online Security' 프로그램 위장 공격 주의!

https://blog.alyac.co.kr/5185

- 北, 14년간 29개국에 사이버 공격...'첩보 활동'이 전체 71.5%

 https://www.jayupress.com/news/articleView.html?idxno=18851 

- 북한·중국·러시아, 세계 사이버안전 위협하는 문제아 3인방 활동 활발

http://www.ddaily.co.kr/page/view/2023062514254530809

# 랜섬웨어 / 정보유출

- 서드파티 침해 사고로 7천만 달러 내야 할 위기에 처한 TSMC

 https://www.boannews.com/media/view.asp?idx=119766&kind=1&sub_kind= 

https://edition.cnn.com/2023/06/30/tech/tsmc-supplier-ransomware/index.html

- 새 랜섬웨어 그룹 에잇베이스, 중소기업 80군데 공략에 성공

 https://www.boannews.com/media/view.asp?idx=119674&kind=1&sub_kind= 

- 아키라 랜섬웨어의 리눅스 버전, VM웨어 ESXi 서버 노려

 https://www.boannews.com/media/view.asp?idx=119673&kind=1&sub_kind= 

- 크리시스 랜섬웨어, RDP 통해 비너스 랜섬웨어 설치... 네트워크도 공격 대상

 https://www.boannews.com/media/view.asp?idx=119631&kind=1&sub_kind= 

- 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses

https://thehackernews.com/2023/06/8base-ransomware-spikes-in-activity.html

- 클롭 랜섬웨어, 무브잇 피해자들 서서히 공개하기 시작하나

 https://www.boannews.com/media/view.asp?idx=119603&kind=1&sub_kind= 

- 록빗 랜섬웨어, 한 달 잠잠하더니 새로운 시스템 연구하고 있었나

 https://www.boannews.com/media/view.asp?idx=119493&kind=1&sub_kind= 

# 다크웹 / OSINT / 계정 / 피싱

- Top 5 Best Dark Web Monitoring Tools in 2023

https://www.techtimes.com/articles/293096/20230630/top-5-best-dark-web-monitoring-tools-2023.htm

- Inside Threat Actors: Dark Web Forums vs. Illicit Telegram Communities

https://www.bleepingcomputer.com/news/security/inside-threat-actors-dark-web-forums-vs-illicit-telegram-communities/

#AI 

- 3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

https://thehackernews.com/2023/06/3-reasons-saas-security-is-imperative.html

- The Right Way to Enhance CTI with AI (Hint: It's the Data)

https://thehackernews.com/2023/06/the-right-way-to-enhance-cti-with-ai.html

- Introducing DarkBERT: combating cyber crimes at scale with AI

https://medium.com/s2wblog/introducing-darkbert-combating-cyber-crimes-at-scale-with-ai-5821e2ff74e3

- [기획:AI]챗GPT 등장, ‘AI전쟁’의 서막

 http://www.abckr.net/news/articleView.html?idxno=50135 

- How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS

https://thehackernews.com/2023/06/how-generative-ai-can-dupe-saas.html

# 공급망

- 일본, 주요 해킹 조직들 사이에서 인기 급부상 중

 https://www.boannews.com/media/view.asp?idx=119742&kind=1&sub_kind= 

- New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

https://thehackernews.com/2023/06/new-ongoing-campaign-targets-npm.html

- 서드파티 침해로 중요 데이터 유출된 미국의 항공사들

 https://www.boannews.com/media/view.asp?idx=119550&kind=1&sub_kind= 

# 기타

- 지니언스, 침해사고 의심 정황 발견... 공식 입장문 통해 밝혀

 https://www.boannews.com/media/view.asp?idx=119744&kind=1&sub_kind= 

- 소프트웨어 보안을 강화하기 위한 세 가지 전략

 https://www.boannews.com/media/view.asp?idx=119764&kind=1&sub_kind= 

- 러-우 사이버전 일환? 바그너 그룹 소행? 러시아 군용 통신위성 해킹으로 마비

 https://www.boannews.com/media/view.asp?idx=119765&kind=1&sub_kind= 

- 제로데이 취약점 악용 선별적 침투 공격 전략 프로파일링 보고서 공개돼

 https://www.dailysecu.com/news/articleView.html?idxno=147417 

- 기업들에서 사용하는 SIEM 플랫폼, 공격자들의 기술 대부분을 알지 못한다

 https://www.boannews.com/media/view.asp?idx=119679&kind=1&sub_kind= 

- 보이스피싱 조직에 신용불량자 개인정보 판매... 7억여원 수수한 일당 24명 검거

 https://www.boannews.com/media/view.asp?idx=119662&kind=1&sub_kind= 

- 5 Things CISOs Need to Know About Securing OT Environments

https://thehackernews.com/2023/06/5-things-cisos-need-to-know-about.html

- 삼성전자·LG헬로비전, 개인정보 유출 과징금 각각 9억·11억 처분

 https://news.nate.com/view/20230628n28777?mid=n1101 

- 모의 해커가 생각하는 가장 필수적인 정보 보안 3대장

 https://www.boannews.com/media/view.asp?idx=119610&kind=1&sub_kind= 

- 미국 연방 기관 네트워크에 연결된 수많은 장비들, 인터넷에 노출돼 있어

 https://www.boannews.com/media/view.asp?idx=119605&kind=1&sub_kind= 

- Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

https://thehackernews.com/2023/06/beyond-asset-discovery-how-attack.html

- 알라딘 e북 해킹 유출 사고 한 달... 전자책 업계 빅 5, 어떻게 대응하고 있나

 https://www.boannews.com/media/view.asp?idx=119366&kind=1&sub_kind= 

- 직장 내 개인정보보호 중요성 커져...꼭 지켜야 할 수칙은?

 https://www.dailysecu.com/news/articleView.html?idxno=147270 

- 라스트패스, 이번에는 사용자 로그인까지 막혀

 https://www.boannews.com/media/view.asp?idx=119488&kind=1&sub_kind=