2024.03.30 보안 이슈

==2024.03.30==

# 취약점 / 악성코드 

- Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice

https://thehackernews.com/2024/03/alert-new-phishing-attack-delivers.html

- Exploit released for Fortinet RCE bug used in attacks, patch now

https://www.bleepingcomputer.com/news/security/exploit-released-for-fortinet-rce-bug-used-in-attacks-patch-now/

- CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability

https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html

- TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

https://thehackernews.com/2024/03/themoon-botnet-resurfaces-exploiting.html

- Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware

https://thehackernews.com/2024/03/hackers-target-macos-users-with.html

- 이메일 훔치는 스트렐라스틸러, 미국과 유럽에서 기승

https://www.boannews.com/media/view.asp?idx=128112&page=14&kind=1

https://thehackernews.com/2024/03/new-strelastealer-phishing-attacks-hit.html

- 4만 개 라우터로 구성된 대규모 사물인터넷 봇넷 발견돼

https://www.boannews.com/media/view.asp?idx=128231&page=6&kind=1

# 국가지원 해킹그룹

- China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

https://thehackernews.com/2024/03/china-linked-group-breaches-networks.html

- Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties

https://thehackernews.com/2024/03/russian-hackers-use-wineloader-malware.html

- Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries

https://thehackernews.com/2024/03/two-chinese-apt-groups-ramp-up-cyber.html

- Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite

https://thehackernews.com/2024/03/new-linux-bug-could-lead-to-user.html

- 북한 킴수키, CHM 파일을 공격에 활용하기 시작해

https://www.boannews.com/media/view.asp?idx=128110&page=14&kind=1

https://thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html

- 이란의 TA450, 악성 PDF 활용해 원격 모니터링 도구 퍼트려

https://www.boannews.com/media/view.asp?idx=128179&page=10&kind=1

https://thehackernews.com/2024/03/iran-linked-muddywater-deploys-atera.html

- 北 APT37 해커조직, RoKRAT 파일리스 공격... 북한관련 원고 사칭했다

https://www.boannews.com/media/view.asp?idx=128238&page=5&kind=1

- 디노다스랫의 리눅스 버전, 일부 국가 정부 기관에 침투

https://www.boannews.com/media/view.asp?idx=128331&page=2&kind=1

https://thehackernews.com/2024/03/linux-version-of-dinodasrat-spotted-in.html

# 랜섬웨어 / 정보유출

# 다크웹 / OSINT / 계정 / 피싱

- 비밀번호 재설정 알림 연속으로 보내 애플 ID 해킹한다…어떤 공격법?

https://www.digitaltoday.co.kr/news/articleView.html?idxno=511453

- AMERICAN FAST-FASHION FIRM HOT TOPIC HIT BY CREDENTIAL STUFFING ATTACKS

https://securityaffairs.com/161192/data-breach/hot-topic-suffered-credential-stuffing-attacks.html

- New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts

https://www.bleepingcomputer.com/news/security/new-mfa-bypassing-phishing-kit-targets-microsoft-365-gmail-accounts/

- Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html

- CISCO WARNS OF PASSWORD-SPRAYING ATTACKS TARGETING SECURE FIREWALL DEVICES

https://securityaffairs.com/161205/hacking/cisco-warns-password-spraying-attacks.html

#AI 

- 인공지능 이용자 보호 법률 만든다…AI 생성물 표시 의무화도 추진

https://www.korea.kr/news/policyNewsView.do?newsId=148927330&call_from=rsslink

- 인공지능의 성급한 도입으로 쌓여가는 기술 부채

http://www.boannews.com/media/view.asp?idx=127483&kind=&sub_kind=

- 국내 첫 AI 의료기기 보안 지침 나온다…내년 1월 시행

https://www.etnews.com/20240322000174

- UN, 인공지능에 관한 결의안 새롭게 채택해

https://www.boannews.com/media/view.asp?idx=128186&page=10&kind=1

- 인기 높은 인공지능 프레임워크 레이AI에서 7개월째 패치되지 않은 취약점 나와

https://www.boannews.com/media/view.asp?idx=128235&page=6&kind=1

https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html

# 공급망

- KDE advises extreme caution after theme wipes Linux user's files

https://www.bleepingcomputer.com/news/linux/kde-advises-extreme-caution-after-theme-wipes-linux-users-files/

- 깃허브 공략하는 공격자들, 빠르게 고도화 되고 있다

https://www.boannews.com/media/view.asp?idx=128196&page=8&kind=1

https://thehackernews.com/2024/03/hackers-hijack-github-accounts-in.html

- 누겟 패키지 관리 도구에 수상한 패키지가 하나 등장

https://www.boannews.com/media/view.asp?idx=128232&page=6&kind=1

https://thehackernews.com/2024/03/malicious-nuget-package-linked-to.html

- [긴급] XZ Utils 라이브러리에서 백도어 악성코드 발견... 주요 리눅스 배포판에 영향

https://www.boannews.com/media/view.asp?idx=128350&page=1&kind=1

https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html

- PyPI를 임시 중단시키기까지 한 대형 공급망 공격

https://www.boannews.com/media/view.asp?idx=128332&page=2&kind=1

https://thehackernews.com/2024/03/pypi-halts-sign-ups-amid-surge-of.html

# 클라우드 

- One-Click AWS Vulnerability Let Attackers Takeover User's Web Management Panel

https://gbhackers.com/one-click-aws-vulnerability/

- “구름 속에도 함정이 있다” 클라우드에서 애플리케이션을 개발할 때 고려할 10가지 원칙

https://www.itworld.co.kr/news/331112

# 기타

- [단독]경찰, '사법부 해킹' 압수수색 한 달 만에 종료…침입 경로 훑는다

https://m.nocutnews.co.kr/news/6116839

- 중국의 해킹 조직 함께 제재하기로 한 미국과 영국 정부

https://www.boannews.com/media/view.asp?idx=128195&page=8&kind=1