2024.06.01 보안 이슈

==2024.06.01==

# 취약점 / 악성코드 

- 고스트엔진 이용해 XMRig 배포한 암호화폐 채굴 캠페인 발견

http://www.boannews.com/media/view.asp?idx=130068&kind=&sub_kind=

- 가짜 백신 사이트 운영하는 공격자들, 정보 탈취형 멀웨어 유포

http://www.boannews.com/media/view.asp?idx=130083&kind=&sub_kind=

- WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites

https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html

- Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

https://thehackernews.com/2024/05/check-point-warns-of-zero-day-attacks.html

- RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

https://thehackernews.com/2024/05/redtail-crypto-mining-malware.html

- 티피링크의 게임용 라우터에서 초고위험도 취약점 발견... 즉각 패치 개발해 배포

https://www.boannews.com/media/view.asp?idx=130119&page=10&kind=5

- 새로운 유형의 ATM 멀웨어 등장, 60% 성공률 자랑

https://www.boannews.com/media/view.asp?idx=130120&page=10&kind=1

- 구글 플레이에 또 스며든 악성 앱, 이번에는 90개 이상 발견돼

https://www.boannews.com/media/view.asp?idx=130174&page=7&kind=1

- 디스코드 사용자 노리는 멀웨어 공격, 최근 들어 급증

https://www.boannews.com/media/view.asp?idx=130227&page=4&kind=1

- 게임 프로그램으로 위장해 유포 중인 악성코드 잇따라 발견

https://www.boannews.com/media/view.asp?idx=130253&page=3&kind=1

- 해적판 MS 오피스 통해 각종 멀웨어 퍼트리고 있는 해커들

https://www.boannews.com/media/view.asp?idx=130262&page=2&kind=1

- 워드프레스에서 사용되는 유명 플러그인 세 개서 취약점 발견돼

https://www.boannews.com/media/view.asp?idx=130263&page=2&kind=1

# 국가지원 해킹그룹

- [단독] 북한, 총선 전 국내 여론조사업체 해킹 시도

https://news.nate.com/view/20240524n29533?mid=n0100

- 국내 기업 대상 공격에 사용 중인 SmallTiger 악성코드 (Kimsuky, Andariel 그룹) - ASEC BLOG

https://asec.ahnlab.com/ko/65918/

- Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets

https://thehackernews.com/2024/05/pakistan-linked-hackers-deploy-python.html

- Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group

https://thehackernews.com/2024/05/microsoft-uncovers-moonstone-sleet-new.html

- Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors

https://thehackernews.com/2024/05/cyber-espionage-alert-lilacsquid.html

- Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting

https://thehackernews.com/2024/05/russian-hackers-target-europe-with.html

- 북한 해킹그룹 라자루스, 훔친 가상자산 이동하다 딱 걸렸다

https://www.boannews.com/media/view.asp?idx=130163&page=8&kind=1

# 랜섬웨어 / 정보유출

# 다크웹 / OSINT / 계정 / 피싱

- Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

https://thehackernews.com/2024/05/okta-warns-of-credential-stuffing.html

- 피싱 공격자들 사이에서 새롭게 유행하는 세 가지

https://www.boannews.com/media/view.asp?idx=130118&page=10&kind=1

- 브리치포럼즈, 사법기관의 공조로 폐쇄된 지 2주만에 부활했나

https://www.boannews.com/media/view.asp?idx=130274&page=1&kind=1

#AI 

- Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data

https://thehackernews.com/2024/05/experts-find-flaw-in-replicate-ai.html

- OpenAI, Meta, and TikTok Crack Down on Covert Influence Campaigns, Some AI-Powered

https://thehackernews.com/2024/05/openai-meta-tiktok-disrupt-multiple-ai.html

- AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform

https://thehackernews.com/2024/06/ai-company-hugging-face-notifies-users.html

- 각광 받는 대형 언어 모델, 특별 취급은 필요 없다

https://www.boannews.com/media/view.asp?idx=130097&page=11&kind=1

- 마이크로소프트의 새로운 기능 ‘리콜’, 프라이버시 위협할까

https://www.boannews.com/media/view.asp?idx=130275&page=1&kind=1

# 공급망

- Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package

https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html

- SW 공급망 공격 위협이 거세질수록 SBOM의 중요성이 커지는 이유

https://www.boannews.com/media/view.asp?idx=129909&page=6&kind=3

- 파이선 리포지터리 PyPI에서 악성 패키지 유포되고 있어

https://www.boannews.com/media/view.asp?idx=130229&page=4&kind=1

# 클라우드 

# 기타

- Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

https://thehackernews.com/2024/05/microsoft-warns-of-surge-in-cyber.html

- Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

https://thehackernews.com/2024/05/mysterious-cyber-attack-takes-down.html

- 중국 배후 해커조직, 공격 탐지·추적 피하는 ORB 네트워크 활용해 스파이 활동

https://www.boannews.com/media/view.asp?idx=130074&page=11&kind=1

- 중국 해커 니옌, 광운대·제주대 계정정보 해킹 주장... 또 시작됐나

https://www.boannews.com/media/view.asp?idx=130077&page=11&kind=1

- 대범하고 실력 좋은 해킹 조직들, 상품권 발행 업체들을 직접 노려

https://www.boannews.com/media/view.asp?idx=130096&page=11&kind=1

- 기업 네트워크로 들어가는 문인 VPN 노리는 해커들

https://www.boannews.com/media/view.asp?idx=130121&page=9&kind=1