2024.07.06 보안 이슈

==2024.07.06==

# 취약점 / 악성코드 

- Hackers attack HFS servers to drop malware and Monero miners

https://www.bleepingcomputer.com/news/security/hackers-attack-hfs-servers-to-drop-malware-and-monero-miners/

- Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks

https://thehackernews.com/2024/07/israeli-entities-targeted-by.html

- GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

https://thehackernews.com/2024/07/gootloader-malware-delivers-new.html

- OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers

https://thehackernews.com/2024/07/ovhcloud-hit-with-record-840-million.html

- Over 14M servers may be vulnerable to OpenSSH's regreSSHion RCE flaw. Here's what you need to do

https://www.zdnet.com/article/over-14m-servers-may-be-vulnerable-to-opensshs-regresshion-rce-flaw-heres-what-you-need-to-do/#ftag=RSSbaffb68

- 오픈SSH 생태계의 새 취약점, 알고 보니 2006년도 취약점이 부활한 것

https://boannews.com/media/view.asp?idx=131054&page=5&kind=1

- 해외에서 금융정보 훔친 악성 앱, 한국에 상륙... 금융소비자 주의보!

https://boannews.com/media/view.asp?idx=131094&page=3&kind=1

- 2021년에 발견된 MSHTML의 취약점, 최근 캠페인에 악용돼

https://boannews.com/media/view.asp?idx=131099&page=3&kind=1

https://thehackernews.com/2024/07/microsoft-mshtml-flaw-exploited-to.html

# 국가지원 해킹그룹

- Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware

https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html

https://securityaffairs.com/165097/apt/cisco-nx-os-zero-day-chinese-hackers.html

- South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware

https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html

- 랜섬웨어 공격자들이 늘어난다고? 그러면 랜섬웨어를 위장 도구로 사용하면 어떨까?

https://boannews.com/media/view.asp?idx=131027&page=7&kind=1

- 북한 사이버 공격력의 원천은? 과학 천재들이 해킹 영재로 육성

https://boannews.com/media/view.asp?idx=131077&page=3&kind=2

# 랜섬웨어 / 정보유출

- New Eldorado ransomware targets Windows, VMware ESXi VMs

https://www.bleepingcomputer.com/news/security/new-eldorado-ransomware-targets-windows-vmware-esxi-vms/

- 랜섬웨어 공격 받은 ‘인니 국가데이터센터’... 복구 늦어져 공공 서비스 차질

https://boannews.com/media/view.asp?idx=130974&page=9&kind=1

- 병원 폭격 중인 랜섬웨어 공격자들, 미국 의료계 비상

https://boannews.com/media/view.asp?idx=131100&page=3&kind=1

- 일본 토요타시, 42만명 도시 인구 전체 개인정보 유출됐다

https://boannews.com/media/view.asp?idx=131137&page=1&kind=1

# 다크웹 / OSINT / 계정 / 피싱

- 인기 원격 접근 프로그램 팀뷰어, 러시아 APT에 의해 침해돼

https://boannews.com/media/view.asp?idx=130997&page=8&kind=1

- 1월부터 빈번하게 나타나는 0x80070643 오류, 피싱 소재로 활용돼

https://boannews.com/media/view.asp?idx=130998&page=8&kind=1

https://www.bleepingcomputer.com/news/security/fake-it-support-sites-push-malicious-powershell-scripts-as-windows-fixes/

- 사용자의 악성코드 실행을 유도하는 피싱메일 주의보

https://boannews.com/media/view.asp?idx=131034&page=6&kind=1

- 이더리움으로부터 메일 목록 훔쳐 피싱 공격 시도했으나 허사

https://boannews.com/media/view.asp?idx=131139&page=1&kind=1

#AI 

- Brazil Halts Meta's AI Data Processing Amid Privacy Concerns

https://thehackernews.com/2024/07/brazil-halts-metas-ai-data-processing.html

- [AI 보안전문가 릴레이 인터뷰-2] 고려대 정보보호대학원 김휘강 교수

https://boannews.com/media/view.asp?idx=129645&page=4&kind=5

# 공급망

- Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

https://thehackernews.com/2024/07/indian-software-firms-products-hacked.html

- Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

https://thehackernews.com/2024/07/polyfillio-attack-impacts-over-380000.html

- 10년 간 방치됐던 애플 생태계의 공급망 공격 가능성, 최근에야 제거돼

https://boannews.com/media/view.asp?idx=131055&page=4&kind=1

https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html

# 클라우드 

# 기타

- 오픈AI, 지난해 사내 메신저 해킹당했었다

https://www.chosun.com/economy/tech_it/2024/07/05/2J52ZQWVGNCWBLCM4ABO4WKDNM/

- AI 클라우드 쉽게 쓴다…금융 '망분리' 규제완화

https://www.hankyung.com/article/2024070430251

- Router maker's support portal hacked, replies with MetaMask phishing

https://www.bleepingcomputer.com/news/security/router-makers-support-portal-hacked-replies-with-metamask-phishing/

- Infostealer malware logs used to identify child abuse website members

https://www.bleepingcomputer.com/news/security/infostealer-malware-logs-used-to-identify-child-abuse-website-members/

- Cloudflare blames recent outage on BGP hijacking incident

https://www.bleepingcomputer.com/news/security/cloudflare-blames-recent-outage-on-bgp-hijacking-incident/

- SK쉴더스, ‘2024 상반기 보안 트렌드 및 안전한 AI 활용 위한 보안 전략’ 공개

https://boannews.com/media/view.asp?idx=131040&page=5&kind=3

- 웹과 앱을 노린 보안 위협 6가지... 디도스 공격, 제로데이 취약점, API 보안 위협 등

https://boannews.com/media/view.asp?idx=131006&page=5&kind=5