2023.12.09 보안 이슈

==2023.12.09==

# 취약점 / 악성코드 

- AutoSpill attack steals credentials from Android password managers

https://www.bleepingcomputer.com/news/security/autospill-attack-steals-credentials-from-android-password-managers/

- BYPASSING MAJOR EDRS USING POOL PARTY PROCESS INJECTION TECHNIQUES

https://securityaffairs.com/155464/hacking/pool-party-bypassing-edr.html

- Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques

https://thehackernews.com/2023/12/researchers-unveal-guloader-malwares.html

- 전 세계 95%의 컴퓨터에 영향을 주는 위험한 취약점 로고페일

https://boannews.com/media/view.asp?idx=124406&page=10&kind=1

- 빠르게 발전하는 봇넷 멀웨어 피투피인펙트, 밉스 노리는 버전까지 등장

https://boannews.com/media/view.asp?idx=124441&page=9&kind=1

https://thehackernews.com/2023/12/new-p2pinfect-botnet-mips-variant.html

- 러시아의 APT28, 아웃룩의 취약점 노려 정보 탈취 중

https://boannews.com/media/view.asp?idx=124443&page=9&kind=1

https://thehackernews.com/2023/12/microsoft-warns-of-kremlin-backed-apt28.html

- 에이싱크랫 악성코드, WSF 스크립트로 유포 중

https://boannews.com/media/view.asp?idx=124417&page=8&kind=1

- [긴급] 유명 건설사 사칭한 ‘견적 요청’ 메일 급증

https://boannews.com/media/view.asp?idx=124484&page=8&kind=1

- 정체를 알 수 없는 자들이 오래된 소프트웨어 통해 미국 정부 기관 침해

https://boannews.com/media/view.asp?idx=124550&page=5&kind=1

https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html

- 시급한 패치 요망 : 아틀라시안 제품에서 자꾸만 발굴되는 초고위험도 취약점들

https://boannews.com/media/view.asp?idx=124553&page=5&kind=1

- 장시간 피해자 시스템에 머물 수 있는 새 리눅스 멀웨어 출현

https://boannews.com/media/view.asp?idx=124581&page=3&kind=1

https://thehackernews.com/2023/12/new-stealthy-krasue-linux-trojan.html

# 국가지원 해킹그룹

- HACKTIVISTS HACKED AN IRISH WATER UTILITY AND INTERRUPTED THE WATER SUPPLY

https://securityaffairs.com/155552/hacktivism/hacktivist-hacked-irish-water-utility.html

- New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace

https://thehackernews.com/2023/12/new-threat-actor-aeroblade-emerges-in.html

- N. Korea's Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks

https://thehackernews.com/2023/12/n-korean-kimsuky-targeting-south-korean.html

- [단독]北해커 '라자루스', 특정 문자열 추출해 사법부 정보 빼돌렸다

https://www.nocutnews.co.kr/news/6060174

- 북한 라자루스 추정 해커조직의 사법부 사이버 공격, 법원행정처의 입장과 대응은?

https://boannews.com/media/view.asp?idx=124434&page=10&kind=1

- 한반도 정세 다루는 외교안보기관 세종연구소, 소장 이메일 해킹 당했다

https://boannews.com/media/view.asp?idx=124578&page=3&kind=1

- 중동, 아프리카, 미국의 조직들을 공격하고 있는 미확인 단체

https://boannews.com/media/view.asp?idx=124396&page=11&kind=1

https://thehackernews.com/2023/12/agent-racoon-backdoor-targets.html

- 북한의 해커들, 지난 6년 동안 30억 달러에 달하는 암호화폐 훔쳐

https://boannews.com/media/view.asp?idx=124395&page=11&kind=1

https://www.bleepingcomputer.com/news/security/north-koreas-state-hackers-stole-3-billion-in-crypto-since-2017/

# 랜섬웨어 / 정보유출

- Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

https://thehackernews.com/2023/12/microsoft-warns-of-malvertising-scheme.html

# 다크웹 / OSINT / 계정 / 피싱

- 개인정보 유출 관련 내용으로 위장한 피싱 메일 유포 (Konni) - ASEC BLOG

https://asec.ahnlab.com/ko/59625/

- 인텔브로커라는 해커, 미국 국방부에서 자료 훔쳤다고 주장

https://boannews.com/media/view.asp?idx=124580&page=3&kind=1

- 삼성전자 주식 3주 지급한다고? OK금융투자 사칭 피싱 주의

https://boannews.com/media/view.asp?idx=124593&page=1&kind=1

#AI 

- Russia's AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

https://thehackernews.com/2023/12/russias-ai-powered-disinformation.html

- 챗GPT에 간단한 명령 내렸더니 ‘급발진’한 첨단 기술...훈련 데이터 쏟아냈다

https://boannews.com/media/view.asp?idx=124407&page=10&kind=1

- [주말판] 인공지능 기술의 상승세 때문에 변해가는 사이버 보험 업계

https://boannews.com/media/view.asp?idx=124483&page=1&kind=3

# 기타

- 15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack

https://thehackernews.com/2023/12/15000-go-module-repositories-on-github.html

- SkidSec 해커그룹, 남한 프린터 공격해 북한 선전물 유포!

https://boannews.com/media/view.asp?idx=124391&page=10&kind=1

- [사건 인터뷰] 서울경찰청 정진호 경감 “북한 해커조직 안다리엘, 랜섬웨어로 4억 7,000만원 뜯어내”

https://boannews.com/media/view.asp?idx=124405&page=10&kind=1

- AWS에 편리하게 접속하게 해 주는 STS 서비스, 공격의 통로 된다

https://boannews.com/media/view.asp?idx=124541&page=5&kind=1

https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html

- [단독] 컴백한 중국 해커조직 샤오치잉, 국내 언론사·부동산 사이트 공격 시도

https://boannews.com/media/view.asp?idx=124623&page=1&kind=1