2024.03.02 보안 이슈

==2024.03.02==

# 취약점 / 악성코드 

- RESEARCHERS FOUND A ZERO-CLICK FACEBOOK ACCOUNT TAKEOVER

https://securityaffairs.com/159782/hacking/zero-click-facebook-account-takeover.html

- Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub

https://thehackernews.com/2024/02/open-source-xeno-rat-trojan-emerges-as.html

- GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html

- Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities

https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html

- 아모스스틸러의 새 버전, 사파리 브라우저 쿠키와 암호화폐 지갑 공략

https://www.boannews.com/media/view.asp?idx=127130&page=6&kind=1

- 자기도 모르게 검은 돈 운반책이 되게 만드는 안드로이드 앱, 엑스헬퍼

https://www.boannews.com/media/view.asp?idx=127204&page=3&kind=1

# 국가지원 해킹그룹

- Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html

- New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

https://thehackernews.com/2024/02/new-backdoor-targeting-european.html

- Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html

- 언론사 칼럼 제목 인용한 ‘신년인사’ 스피어피싱 수법... 북한발 공격이었나

https://www.boannews.com/media/view.asp?idx=127008&page=12&kind=1

- 친구끼리 아웅다웅? 북한의 유명 백도어, 러시아 외교 시설에서 발견돼

https://www.boannews.com/media/view.asp?idx=127034&page=11&kind=1

- 전쟁 중인 우크라이나에 각종 멀웨어 유행 중...현재는 IDAT

https://www.boannews.com/media/view.asp?idx=127086&page=8&kind=1

https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html

- 美 연방수사국, 국제 공조로 APT28 그룹 네트워크 파괴

https://www.boannews.com/media/view.asp?idx=127124&page=6&kind=1

- 유비키티 장비 공략하는 러시아 해커들, 거대 봇넷 만들고 정보 빼간다

https://www.boannews.com/media/view.asp?idx=127189&page=4&kind=1

https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html

- 이란 UNC1549 해킹그룹, 이스라엘과 중동의 항공우주·방산 산업 집중 공격

https://www.boannews.com/media/view.asp?idx=127200&page=3&kind=1

https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html

- 중국 볼트타이푼의 하위 단체 볼트자이트, 미국에서 하던 것 아프리카에서도 하기 시작

https://www.boannews.com/media/view.asp?idx=127217&page=1&kind=1

# 랜섬웨어 / 정보유출

- Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs

https://securityaffairs.com/159640/cyber-crime/black-basta-bl00dy-ransomware-connectwise-screenconnect.html

- 국제 공조의 대대적인 성공 이후 1주일 만에 돌아온 록빗

https://www.boannews.com/media/view.asp?idx=127091&page=8&kind=1

# 다크웹 / OSINT / 계정 / 피싱

- Hackers target FCC, crypto firms in advanced Okta phishing attacks

https://www.bleepingcomputer.com/news/security/hackers-target-fcc-crypto-firms-in-advanced-okta-phishing-attacks/

- 8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html

- 클라우드 그룹웨어 ‘하이웍스’ 사칭 피싱메일 기승... 기업 사용자 계정 노려

https://www.boannews.com/media/view.asp?idx=127171&page=3&kind=1

- 피싱으로 탈취한 정보, 텔레그램 API로 전송돼

https://www.boannews.com/media/view.asp?idx=127261&page=1&kind=1

- 대만 국방부 등 정부부처의 계약문서, 해킹으로 유출돼 다크웹에 판매

https://www.boannews.com/media/view.asp?idx=127262&page=1&kind=1

#AI 

- 뉴욕타임스가 챗GPT 해킹했다고? 오픈AI, 법원에 주장

https://www.mk.co.kr/news/world/10953309

- Three Tips to Protect Your Secrets from AI Accidents

https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html

- 인공지능을 공개할 것이냐 말 것이냐, 그것이 문제로다

https://www.boannews.com/media/view.asp?idx=127023&page=11&kind=1

# 공급망

- New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html

- North Korean Hackers Targeting Developers with Malicious npm Packages

https://thehackernews.com/2024/02/north-korean-hackers-targeting.html

- Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html

- 카카오VX 위탁운영 골프장 ‘세라지오 GC’, 협력사 해킹으로 이용객 개인정보 유출

https://www.boannews.com/media/view.asp?idx=127009&page=12&kind=1

- 파이선 리포지터리에서 2년 간 잠자고 있던 패키지, 갑자기 업데이트 돼

https://www.boannews.com/media/view.asp?idx=127022&page=11&kind=1

https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html

# 클라우드 

- “클라우드 액세스 정보 훔친 공격자, 무단 암호화폐 채굴” - 데이터넷

https://www.datanet.co.kr/news/articleView.html?idxno=191247

- Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics

https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html

- 러시아 해커들, 오래된 계정 통해 클라우드 인프라 침해한다

https://www.boannews.com/media/view.asp?idx=127084&page=8&kind=1

# 기타

- 리그 오브 레전드 챔피언스 코리아, 경기 중 멈춤 사고...디도스 공격 정황

https://www.boannews.com/media/view.asp?idx=127133&page=6&kind=1

- [텔레그램 긴급진단-1] 사이버 범죄의 온상이 된 텔레그램, 그것이 알고 싶다

https://www.boannews.com/media/view.asp?idx=125787&page=1&kind=1