2024.04.20 보안 이슈

==2024.04.20==

# 취약점 / 악성코드 

- 2024년 3월 악성코드 공격 동향 분석해보니... ‘리네이머’ 비중 압도적

https://www.boannews.com/media/view.asp?idx=128958&page=1&kind=1

- Google ad impersonates Whales Market to push wallet drainer malware

https://www.bleepingcomputer.com/news/security/google-ad-impersonates-whales-market-to-push-wallet-drainer-malware/#google_vignette

- Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

https://thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html

- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks

https://thehackernews.com/2024/04/ta558-hackers-weaponize-images-for-wide.html

- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

https://thehackernews.com/2024/04/cisco-warns-of-global-surge-in-brute.html

- Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

https://thehackernews.com/2024/04/hackers-exploit-fortinet-flaw-deploy.html

- Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

https://thehackernews.com/2024/04/hackers-exploit-openmetadata-flaws-to.html

- Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html

- Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html

- New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

https://thehackernews.com/2024/04/new-redline-stealer-variant-disguised.html

- 이반티 보안 취약점 악용한 5개 공격그룹 포착됐다

https://www.boannews.com/media/view.asp?idx=128907&page=9&kind=1

- 악명 높은 해킹 그룹 핀7, 한 대형 자동차 회사 노리고 백도어 퍼트려

https://www.boannews.com/media/view.asp?idx=129037&page=1&kind=1

https://thehackernews.com/2024/04/fin7-cybercrime-group-targeting-us-auto.html

# 국가지원 해킹그룹

- UKRAINIAN BLACKJACK GROUP USED ICS MALWARE FUXNET AGAINST RUSSIAN TARGETS

https://securityaffairs.com/161865/hacking/blackjack-ics-malware-fuxnet.html

- RUSSIA IS TRYING TO SABOTAGE EUROPEAN RAILWAYS, CZECH MINISTER SAID

https://securityaffairs.com/161899/cyber-warfare-2/russia-sabotage-european-railways-czech.html

- MISINFORMATION AND HACKTIVIST CAMPAIGNS TARGETING THE PHILIPPINES SKYROCKET

https://securityaffairs.com/161909/intelligence/misinformation-targeting-the-philippines.html

- Russian Sandworm hackers pose as hacktivists in water utility breaches

https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-pose-as-hacktivists-in-water-utility-breaches/

- Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

https://thehackernews.com/2024/04/chinese-linked-lightspy-ios-spyware.html

- Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

https://thehackernews.com/2024/04/hackers-target-middle-east-governments.html

- 10년 동안 우크라이나 정부에 숨어 있던 멀웨어

https://www.boannews.com/media/view.asp?idx=129035&page=1&kind=1

https://thehackernews.com/2024/04/offlrouter-malware-evades-detection-in.html

# 랜섬웨어 / 정보유출

- Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

https://thehackernews.com/2024/04/akira-ransomware-gang-extorts-42.html

- 랜섬웨어 공격자에게 돈 냈는데도 협박이 이어지고 있어

https://www.boannews.com/media/view.asp?idx=128902&page=10&kind=1

# 다크웹 / OSINT / 계정 / 피싱

- 악명 높은 해커 인텔브로커, 미국 정부 기관들 고객으로 둔 회사 침해해

https://www.boannews.com/media/view.asp?idx=128905&page=10&kind=1

- 집 앞에 우편물 도착안내서가? 신종 보이스피싱 ‘레터피싱’ 주의보

https://www.boannews.com/media/view.asp?idx=129044&page=1&kind=1

#AI 

- GPT4, 보안 권고문을 읽는 것 만으로도 취약점 익스플로잇 할 수 있다

https://www.boannews.com/media/view.asp?idx=129048&page=1&kind=1

# 공급망

- 시스코 듀오의 다중인증 서비스, 서드파티 사고로 침해돼

https://www.boannews.com/media/view.asp?idx=128913&page=1&kind=1

- 제2의 XZ유틸즈 사태? 오픈JS재단에서도 비슷한 시도 적발

https://www.boannews.com/media/view.asp?idx=128948&page=7&kind=1

https://thehackernews.com/2024/04/openjs-foundation-targeted-in-potential.html

- SW 공급망 보안 가이드라인 1.0 발표... 어떤 내용 담겼나

https://www.boannews.com/media/view.asp?idx=128993&page=4&kind=2

# 클라우드 

- Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks

https://thehackernews.com/2024/04/muddled-libra-shifts-focus-to-saas-and.html

- How Attackers Can Own a Business Without Touching the Endpoint

https://thehackernews.com/2024/04/showcasing-networkless-identity-attacks.html

- AWS와 구글 클라우드 등 위협하는 리키CLI 취약점 발견돼

https://www.boannews.com/media/view.asp?idx=128947&page=7&kind=1

https://thehackernews.com/2024/04/aws-google-and-azure-cli-tools-could.html

# 기타

- 사이버전을 이해해야 지속되는 지정학적 충돌을 알 수 있다

https://www.boannews.com/media/view.asp?idx=128242&page=3&kind=1