2024.05.04 보안 이슈

==2024.05.04==

# 취약점 / 악성코드 

- DIRTY STREAM ATTACK POSES BILLIONS OF ANDROID INSTALLS AT RISK

https://securityaffairs.com/162699/hacking/dirty-stream-android-installs-risk.html

- CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

https://thehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html

- Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications

https://thehackernews.com/2024/05/hackers-increasingly-abusing-microsoft.html

- 구글, 플레이 스토어에 등록되려던 수상한 앱 228만 개 막았다

https://boannews.com/media/view.asp?idx=129427&page=9&kind=1

https://thehackernews.com/2024/04/google-prevented-228-million-malicious.html

- 가짜 크롬 업데이트로 위장해 퍼지고 있는 브로크웰 멀웨어

https://boannews.com/media/view.asp?idx=129429&page=9&kind=1

- 수수께끼 같은 해킹 조직 머들링미어캣, DNS 시스템 조작 중

https://boannews.com/media/view.asp?idx=129430&page=9&kind=1

https://thehackernews.com/2024/04/china-linked-muddling-meerkat-hijacks.html

- 앱 개발 프레임워크 ‘일렉트론’으로 제작된 인포스틸러 악성코드 발견

https://boannews.com/media/view.asp?idx=129373&page=8&kind=1

- 알 프로그래밍 언어의 버그, 공급망 공격에 의한 공급망 공격 가능케 해

https://boannews.com/media/view.asp?idx=129445&page=7&kind=1

https://thehackernews.com/2024/04/new-r-programming-vulnerability-exposes.html

- 새롭게 등장한 안드로이드 멀웨어 더블유피퍼, 각종 정보 수집

https://boannews.com/media/view.asp?idx=129504&page=5&kind=1

- 공격자들만 알고 있는 ‘은둔의 API’에 유의하라!

https://boannews.com/media/view.asp?idx=129512&page=5&kind=1

- 라우터 통해 비밀 IP 영역에까지 쳐들어가는 새 멀웨어 커틀피시

https://boannews.com/media/view.asp?idx=129513&page=5&kind=1

https://thehackernews.com/2024/05/new-cuttlefish-malware-hijacks-router.html

- 버라이즌의 DBIR 2024, “취약점 익스플로잇 공격이 2배 가까이 늘어나”

https://boannews.com/media/view.asp?idx=129551&page=3&kind=1

# 국가지원 해킹그룹

- Iranian hackers pose as journalists to push backdoor malware

https://www.bleepingcomputer.com/news/security/iranian-hackers-pose-as-journalists-to-push-backdoor-malware/

- NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources

https://thehackernews.com/2024/05/nsa-fbi-alert-on-n-korean-hackers.html

- Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html

- Pupy RAT, 윈도우와 리눅스 시스템 노려... 한국과 아시아 국가 공격

https://boannews.com/media/view.asp?idx=129340&page=12&kind=1

- 벤처 캐피탈 직원 사칭 피싱 공격 발견... 북한 라자루스 해킹 수법과 유사

https://boannews.com/media/view.asp?idx=129301&page=12&kind=1

- 시그넘 캐피탈 직원 사칭 북한 해커, 3일 만에 중국 투자사 직원으로 위장했다

https://boannews.com/media/view.asp?idx=129471&page=6&kind=1

# 랜섬웨어 / 정보유출

- 클릭센스 서버들에서 발견된 취약점 셋, 캑터스 랜섬웨어가 반년 전부터 악용 중

https://boannews.com/media/view.asp?idx=129371&page=11&kind=1

- 타깃컴파니 랜섬웨어 그룹, MS SQL 서버 공격

https://boannews.com/media/view.asp?idx=129420&page=9&kind=1

- 드롭박스의 이시그니처 플랫폼에서 침해 사고 발생

https://boannews.com/media/view.asp?idx=129502&page=5&kind=1

https://thehackernews.com/2024/05/dropbox-discloses-breach-of-digital.html

# 다크웹 / OSINT / 계정 / 피싱

- 옥타의 인증 서비스 겨냥한 크리덴셜 스터핑 공격 급증 중

https://boannews.com/media/view.asp?idx=129360&page=11&kind=1

https://thehackernews.com/2024/04/okta-warns-of-unprecedented-surge-in.html

- 진짜 네이버는 어느 쪽일까?... 포털 로그인 페이지 위장한 피싱 주의보

https://boannews.com/media/view.asp?idx=129364&page=10&kind=1

#AI 

- 딥러닝 기반 Tesseract를 활용해 정보를 탈취하는 ViperSoftX

https://asec.ahnlab.com/ko/64931/

- U.S. Government Releases New AI Security Guidelines for Critical Infrastructure

https://thehackernews.com/2024/04/us-government-releases-new-ai-security.html

# 공급망

- Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years

https://thehackernews.com/2024/04/millions-of-malicious-imageless.html

- 좋은 의도의 소프트웨어 물자표, 오히려 사이버 공격자들의 금맥이 될라

https://boannews.com/media/view.asp?idx=129448&page=7&kind=1

# 클라우드 

# 기타

- [긴급 주의] 해킹 당한 국내 대학·기관 사이트 다수 발견, 접속시 불법 성인·도박 사이트로...2차 피해 우려

https://www.dailysecu.com/news/articleView.html?idxno=155639

- Japanese police create fake support scam payment cards to warn victims

https://www.bleepingcomputer.com/news/security/japanese-police-create-fake-support-scam-payment-cards-to-warn-victims/

- US govt warns of pro-Russian hacktivists targeting water facilities

https://www.bleepingcomputer.com/news/security/us-govt-warns-of-pro-russian-hacktivists-targeting-water-facilities/

- [2024 제로트러스트-기기 및 엔드포인트 보안 리포트] 편리하지만 공격 표면이 될 엔드포인트를 보호하라

https://boannews.com/media/view.asp?idx=129421&page=7&kind=3