2024.11.02 보안 이슈

==2024.11.02==

# 취약점 / 악성코드 

- Windows Themes 0-day opens door to NTLM credential theft

https://go.theregister.com/feed/www.theregister.com/2024/10/30/zeroday_windows_themes/

- Microsoft SharePoint RCE bug exploited to breach corporate network

https://www.bleepingcomputer.com/news/security/microsoft-sharepoint-rce-bug-exploited-to-breach-corporate-network/

- New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

https://thehackernews.com/2024/10/new-lightspy-spyware-version-targets.html

- 윈도 최신 보안 패치도 소용없다? 새롭게 연구된 다운데이트 공격

https://boannews.com/media/view.asp?idx=133857&page=8&kind=1

https://boannews.com/media/view.asp?idx=133847&page=9&kind=1

- 슬랙 광고 클릭하면 설치되는 멀버타이징 공격... 리디렉션 기법 악용

https://boannews.com/media/view.asp?idx=133916&page=6&kind=1

- 메타 플랫폼에서 9월부터 유행하는 멀버타이징 캠페인, 무료 앱 주의

https://boannews.com/media/view.asp?idx=133967&page=4&kind=1

https://thehackernews.com/2024/10/malvertising-campaign-hijacks-facebook.html

- 은행과의 통화를 가로채는 페이크콜 멀웨어, 한국 사용자 노려

https://boannews.com/media/view.asp?idx=133969&page=4&kind=1

https://thehackernews.com/2024/11/new-fakecall-malware-variant-hijacks.html

- 소포스, 중국 해커와 싸운 5년 간의 기록 공개해

https://boannews.com/media/view.asp?idx=133999&page=2&kind=1

https://www.bleepingcomputer.com/news/security/sophos-reveals-5-year-battle-with-chinese-hackers-attacking-network-devices/

- 해킹 그룹 팀TNT, 도커 생태계 침해해 암호화폐 채굴

https://boannews.com/media/view.asp?idx=133846&page=9&kind=1

https://thehackernews.com/2024/10/notorious-hacker-group-teamtnt-launches.html

# 국가지원 해킹그룹

- 사이버사령부 “北, 해커 8400명 운영…올해 軍·기관 등 1만500건 해킹시도”

https://www.chosun.com/politics/2024/10/30/QC3OPOP4T5FW3BQNJVJNOWIB2E/

- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

https://thehackernews.com/2024/11/microsoft-warns-of-chinese-botnet.html

- Inside Iran's Cyber Playbook: AI, Fake Hosting, and Psychological Warfare

https://thehackernews.com/2024/11/inside-irans-cyber-playbook-ai-fake.html

- 러시아 군, 우크라이나 신병들의 장비를 집중적으로 감염시키고 있어

https://boannews.com/media/view.asp?idx=133891&page=7&kind=1

# 랜섬웨어 / 정보유출

- [단독] 협력사 또 뚫렸다‥현대차·기아 신차 계획 줄줄이 유출

https://imnews.imbc.com/replay/2024/nwdesk/article/6652171_36515.html

- Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

https://thehackernews.com/2024/11/massive-git-config-breach-exposes-15000.html

- 이전에 패치된 소닉월VPN의 취약점, 두 랜섬웨어 조직이 익스플로잇

https://boannews.com/media/view.asp?idx=133845&page=9&kind=1

- 북한의 해킹 조직, 플레이 랜섬웨어와 손잡고 활동해

https://boannews.com/media/view.asp?idx=133968&page=4&kind=1

https://thehackernews.com/2024/10/north-korean-group-collaborates-with.html

# 다크웹 / OSINT / 계정 / 피싱

- Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials

https://thehackernews.com/2024/10/cybercriminals-use-webflow-to-deceive.html

- Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

https://thehackernews.com/2024/10/enterprise-identity-threat-report-2024.html

- 이탈리아의 사이버 범죄자들, 국가 데이터베이스 훔쳐 다크웹에 판매

https://boannews.com/media/view.asp?idx=133893&page=7&kind=1

- 러시아 해커들, 스피어피싱으로 전 세계 100여개 조직 공격 중

https://boannews.com/media/view.asp?idx=133970&page=4&kind=1

- 새로운 피싱키트 슈고우, 유명 브랜드 사칭하며 빠르게 세력 넓혀

https://boannews.com/media/view.asp?idx=133998&page=2&kind=1

https://thehackernews.com/2024/11/new-phishing-kit-xiu-gou-targets-users.html

#AI 

- “AI의 오픈소스 시대 열리나” OSI, 오픈소스 AI 정의 1.0 발표

https://www.itworld.co.kr/news/352972

- 금융 망분리 규제 완화, 토스가 준비 중인 AI 전략 – 바이라인네트워크

https://byline.network/2024/10/29-311/

- Azure AI Vulnerabilities Allowed Bypass of Moderation Safeguards

https://hackread.com/azure-ai-vulnerabilities-bypass-moderation-safeguards/

- 챗GPT의 안전장치 무력화시키는 탈옥 공격 기법 개발돼

https://boannews.com/media/view.asp?idx=133922&page=6&kind=1

https://gbhackers.com/new-chatgpt-4o-jailbreak-technique/

- 여러 오픈소스 인공지능 모델에 영향주는 강력한 취약점 40여 개 발견돼

https://boannews.com/media/view.asp?idx=133923&page=6&kind=1

https://thehackernews.com/2024/10/researchers-uncover-vulnerabilities-in.html

# 공급망

- BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

https://thehackernews.com/2024/10/beavertail-malware-resurfaces-in.html

- Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

https://thehackernews.com/2024/10/researchers-uncover-python-package.html

- LottieFiles Issues Warning About Compromised "lottie-player" npm Package

https://thehackernews.com/2024/10/lottiefiles-issues-warning-about.html

# 클라우드 

- CloudScout: Evasive Panda scouting cloud services

https://www.welivesecurity.com/en/eset-research/cloudscout-evasive-panda-scouting-cloud-services/

- 중국 해커들, 클라우드 서비스 노리려 새로운 공격 도구 활용

https://boannews.com/media/view.asp?idx=133892&page=7&kind=1

https://thehackernews.com/2024/10/chinese-hackers-use-cloudscout-toolset.html

# 기타

- [전문가 기고] 반드시 알아야 할 엔드포인트 보안의 4가지 주요 영역 - 아이티데일리

http://www.itdaily.kr/news/articleView.html?idxno=228213

- 파이썬, 자바스크립트 제치고 깃허브 최다 사용 언어 등극…AI 성장과 맞물린 결과

https://www.itworld.co.kr/news/353217

- 친러 성향 해커 ‘서버 킬러스’, 서울·인천 등 국내 CCTV 100대 이상 해킹 주장

https://boannews.com/media/view.asp?idx=133977&page=3&kind=1

- 친러 해킹그룹, 우크라이나 지원 빌미로 한국 공격... 랜섬웨어·디도스 주의 권고

https://boannews.com/media/view.asp?idx=134007&page=1&kind=1