2024.03.16 보안 이슈

==2024.03.16==

# 취약점 / 악성코드 

- Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub

https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html

- Ande Loader Malware Targets Manufacturing Sector in North America

https://thehackernews.com/2024/03/ande-loader-malware-targets.html

- Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers

https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html

- Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html

- 사이버 금융 활동 노리는 새로운 멀웨어 체이브클록

https://www.boannews.com/media/view.asp?idx=127663&page=9&kind=1

- 어도비 리더 설치파일로 위장한 정보탈취 악성코드 유포

https://www.boannews.com/media/view.asp?idx=127660&page=9&kind=1

- 비트코인 시세 급등에 따른 해킹 피해 주의보! 가상자산거래소 이용자 노린다

https://www.boannews.com/media/view.asp?idx=127697&page=8&kind=1

- 유명 브라우저에서 정보 탈취하는 새 멀웨어, 브이컴즈

https://www.boannews.com/media/view.asp?idx=127705&page=6&kind=1

- 윈도 스마트스크린 취약점 통해 다크게이트 퍼지고 있어

https://www.boannews.com/media/view.asp?idx=127733&page=5&kind=1

https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html

- 내부망 침투, 랜섬웨어 감염, 금전탈취 노리는 해커들의 악용 취약점 TOP 3

https://www.boannews.com/media/view.asp?idx=127716&page=4&kind=1

- 레드컬, 윈도 시스템 내 PCA를 악용하여 정보 탈취 공격 진행

https://www.boannews.com/media/view.asp?idx=127769&page=3&kind=1

https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html

# 국가지원 해킹그룹

- LAZARUS APT GROUP RETURNED TO TORNADO CASH TO LAUNDER STOLEN FUNDS

https://securityaffairs.com/160525/breaking-news/lazarus-apt-returned-tornado-cash.html#google_vignette

- MS 임원진 이메일 훔쳐간 러시아 해커들, 소스코드도 가져갔다

https://www.boannews.com/media/view.asp?idx=127603&page=12&kind=1

- 리투아니아, “중국 정부의 염탐 행위 수위 높아지고 있다”

https://www.boannews.com/media/view.asp?idx=127605&page=12&kind=1

- 러시아의 첩보부, “미국이 선거에 개입하려 한다”고 주장

https://www.boannews.com/media/view.asp?idx=127706&page=6&kind=1

- 北 해킹그룹 안다리엘, 국내 자산관리 솔루션 악용해 악성코드 배포

https://www.boannews.com/media/view.asp?idx=127778&page=1&kind=1

# 랜섬웨어 / 정보유출

- Over 12 million auth secrets and keys leaked on GitHub in 2023

https://www.bleepingcomputer.com/news/security/over-12-million-auth-secrets-and-keys-leaked-on-github-in-2023/

- 세계에서 가장 많이 퍼져 있는 ‘무명’ 랜섬웨어, 업그레이드 돼

https://www.boannews.com/media/view.asp?idx=127770&page=3&kind=1

# 다크웹 / OSINT / 계정 / 피싱

- Okta says data leaked on hacking forum not from its systems

https://www.bleepingcomputer.com/news/security/okta-says-data-leaked-on-hacking-forum-not-from-its-systems/

- 인텔브로커, 공공 기관과 계약 맺고 있는 기술 업체 해킹해 정보 판매 시작

https://www.boannews.com/media/view.asp?idx=127604&page=12&kind=1

- 형편과 수입 문제로 다크웹으로 들어가 활동하기 시작한 보안 전문가들

https://www.boannews.com/media/view.asp?idx=127613&page=12&kind=1

#AI 

- 챗GPT, 원래는 숨겼어야 할 비밀들을 술술 풀어놓기도 한다

http://www.boannews.com/media/view.asp?idx=127741&kind=&sub_kind=

- Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats

https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html

- 챗GPT의 플러그인들에서 초고위험도 취약점 나와

https://www.boannews.com/media/view.asp?idx=127731&page=5&kind=1

https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html

- MS, 시험 끝내고 4월부터 생성형 인공지능 보안 솔루션 선보일 예정

https://www.boannews.com/media/view.asp?idx=127768&page=3&kind=1

# 공급망

- 일본 침해대응센터, 북한의 라자루스가 공급망 공격을 한다고 경고

https://www.boannews.com/media/view.asp?idx=127611&page=12&kind=1

- PyPI 리포지터리에서 발견된 암호화폐 탈취 멀웨어들

https://www.boannews.com/media/view.asp?idx=127704&page=6&kind=1

https://thehackernews.com/2024/03/watch-out-these-pypi-python-packages.html

# 기타

- SIM swappers hijacking phone numbers in eSIM attacks

https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/

- International Monetary Fund email accounts hacked in cyberattack

https://www.bleepingcomputer.com/news/security/international-monetary-fund-email-accounts-hacked-in-cyberattack/#google_vignette

- 충북 경찰청, 페이스북 계정 해킹... 해커가 게시물 올렸다가 삭제하는 등 현재까지 ‘속수무책’

https://www.boannews.com/media/view.asp?idx=127766&page=3&kind=1