[공지] 유지보수 안내

2022.04.01. 00:00 ~ 12:00 (KST)
CSRTEAM

9 in 10 companies attacked by ransomware would pay if hit again

Most organizations that have suffered a ransomware attack would choose to pay the ransom if hit again.

2022-05-17 00:40 (KST)
SecurityMagazine
해외

아직도 기피되는 보안, 가치를 좀 더 적극적으로 알려야 한다

보안은 생산성 저하 요인으로 언급되는 것이 보통이다. 대놓고 그렇게 이야기하지 못하더라도 사람들의 오랜 인식은 아직 다 바뀌지 않았다. 그래서 보안 팀은 다른 부서와 팀들에 좀더 파트너로서 다가가야 할 필요가 있다.[보안뉴스 문가용 기자] 사이버 보안이 사업에 미치는 영향과 그 값어치를 시각적으로 혹은 유형적으로 보여준다는 건 꽤나 까다로운 일이다. 특히

2022-05-17 00:05 (KST)
보안뉴스
국내

삼성전자 자회사 ‘세메스’의 반도체 분야 국가핵심기술, 중국으로 통째 유출됐다

지난해 국가핵심기술로 지정된 ‘초임계 세정 장비’ 기술, 중국으로 유출 세메스 퇴직연구원 2명, 협력사까지 가담시켜 공정 전체 그대로 베낀 후 장비 제작 중국으로부터 총 800억 원 받아...핵심인력 보안 관리와 협력사 보안 이슈 부각될 듯 [보안뉴스 권 준 기자] 삼성전자 자회사인 반도체 생산 장비 업체 세메스가 보유한 반도체 신기술로 국가핵심기술로도

2022-05-16 23:49 (KST)
보안뉴스
국내

Progress report on federal zero trust adoption

A study from General Dynamics Information Technology (GDIT) measured zero trust maturity in federal agencies since the Executive Order on Improving the Nation's Cybersecurity was released in May 2021.

2022-05-16 23:08 (KST)
SecurityMagazine
해외

Researchers Find Way to Run Malware on iPhone Even When It's OFF

A first-of-its-kind security analysis of iOS Find My function has demonstrated a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's executed while an iPhone is "off." The mechanism takes advantage of the fact that wireless chips re

2022-05-16 19:58 (KST)
The Hacker News
해외

Researchers Warn of "Eternity Project" Malware Service Being Sold via Telegram

An unidentified threat actor has been linked to an actively in-development malware toolkit called the "Eternity Project" that lets professional and amateur cybercriminals buy stealers, clippers, worms, miners, ransomware, and a distributed denial-of-service (DDoS) bot. What makes this malware-as-a

2022-05-16 18:55 (KST)
The Hacker News
해외

HTML attachments in phishing e-mails

The use of embedded HTML documents in phishing e-mails is a standard technique employed by cybercriminals. It does away with the need to put links in the e-mail body, which antispam engines and e-mail antiviruses usually detect with ease. HTML offers more possibilities than e-mail for camouflaging

2022-05-16 17:00 (KST)
SECURELIST
해외

HTML attachments in phishing e-mails

The use of embedded HTML documents in phishing e-mails is a standard technique employed by cybercriminals. It does away with the need to put links in the e-mail body, which antispam engines and e-mail antiviruses usually detect with ease. HTML offers more possibilities than e-mail for camouflaging

2022-05-16 17:00 (KST)
SECURELIST
해외

HTML attachments in phishing e-mails

The use of embedded HTML documents in phishing e-mails is a standard technique employed by cybercriminals. It does away with the need to put links in the e-mail body, which antispam engines and e-mail antiviruses usually detect with ease. HTML offers more possibilities than e-mail for camouflaging

2022-05-16 17:00 (KST)
SECURELIST
해외

HTML attachments in phishing e-mails

The use of embedded HTML documents in phishing e-mails is a standard technique employed by cybercriminals. It does away with the need to put links in the e-mail body, which antispam engines and e-mail antiviruses usually detect with ease. HTML offers more possibilities than e-mail for camouflaging

2022-05-16 17:00 (KST)
SECURELIST
해외

HTML attachments in phishing e-mails

The use of embedded HTML documents in phishing e-mails is a standard technique employed by cybercriminals. It does away with the need to put links in the e-mail body, which antispam engines and e-mail antiviruses usually detect with ease. HTML offers more possibilities than e-mail for camouflaging

2022-05-16 17:00 (KST)
SECURELIST
해외

과기정통부, 지능형 홈네트워크 해킹대응 강화...5~6월 보안점검

과학기술정보통신부는 5월 16일 월요일 정례브리핑을 통해 지능형 홈네트워크 실태점검 추진할 예정이라고 밝혔다. 지능형 홈네트워크 해킹대응 강화를 위한 필수설비 설치 및 보안 실태에 대한 관계부처 합동점검을 추진한다. 홈네트워크 기술 및 보안전문가 참여조사단 구성과 점검이 5월부터 6월까지 진행될 예정이라고 전했다. 또 지능형 CCTV의 핵심 기술인 시스템 반도체 국산 상용화도 강조했다. 해외에 의존하던 영상처리 SoC 국산화 및 지능형 CCTV 제조기업 공급으로 상용화하여 영상처리 SoC의 수급난이 해소될 전망이다. 마지막으로는

2022-05-16 16:31 (KST)
데일리시큐
국내

2022년 1분기, 신종 랜섬웨어 대거 등장...공격도 급증

2022년 1분기에는 BlackCat, DeadBolt, Sugar 등의 신종 랜섬웨어가 발견되었다. 공공기관 및 기업을 대상으로 파일 암호화와 데이터 탈취를 동시에 수행하는 랜섬웨어의 공격이 증가하고 있다. 또한 랜섬웨어 조직들은 러시아와 우크라이나 간에 발생한 전쟁 상황을 악용해 랜섬웨어를 유포하고 있는 것으로 조사됐다. 한국인터넷진흥원은 최근 2022년 1분기 랜섬웨어 동향 보고서를 발표하고 글로벌 랜섬웨어 현황에 대한 정보를 공유했다. 보고서에 따르면, 전 세계 기준 2022년 1분기 랜섬웨어 관련 시간 흐름에 따른 관심도

2022-05-16 16:20 (KST)
데일리시큐
국내

Sysrv botnet, 새로운 익스플로잇을 이용하여 Windows, Linux 서버 공격

Microsoft: Sysrv botnet targets Windows, Linux servers with new exploitsMS는 최근 Sysrv 봇넷이 Spring Framework 및 WordPress의 취약점을 이용하여 취약한 윈도우 및 리눅스 서버에 크립토마이닝 악성코드를 유포하고 있다고 밝혔습니다.  Redmond는 취약한 WordPress 및 Spring 스캐닝 기능이 포함된 새로운 변종(Sysrv-K라 불림)을 발견했습니다.  MS 보안인텔리전스팀은 "우리가 Sysrv-K라고 명명한 새로운 변종은 추가 공격을 지

2022-05-16 15:57 (KST)
ESTsecurity
국내

음료수 캔이나 스마트폰 거치대만 있어도 멀리서 도청 가능?

반짝이는 모든 물건들을 조심하라. 누군가 그 물체들의 표면에서 반사되는 빛을 연구함으로써 당신의 대화 내용을 알아낼 수 있기 때문이다. 이제 보안을 위해 책상도 깨끗하게 정리해야 하는 시대다. [보안뉴스 문가용 기자] 음료수 캔, 스마트폰 스탠드 혹은 아무 반짝이는 표면을 가진 가벼운 물체만 있으면 아무리 방음처리가 잘 되어 있는 방 안에 있는 시스템들도

2022-05-16 15:12 (KST)
보안뉴스
국내

SonicWall, SSLVPN SMA1000 기기의 취약점 패치해

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices   SonicWall이 SMA(Secure Mobile Access) 1000 어플라이언스에 존재하는 심각도 높은 인증 우회 취약점을 포함하여 3가지 보안 취약점에 대해 경고하는 권고문을 발표했습니다.   문제의 취약점은 펌웨어 버전 12.4.0 및 12.4.1을 실행하는 SMA 6200, 6210, 7200, 7210, 8000v에 영향을 미칩니다. 취약점 목록은 아래와 같습니다.   CVE-20

2022-05-16 14:00 (KST)
ESTsecurity
국내

[정보보호 카드뉴스] SMTP 서비스 피싱 악용 주의

[정보제공. 스틸리언]◆국내 최대 의료기관 정보보호 컨퍼런스 MPIS 2022 개최◆-주최: 데일리시큐-후원: 보건복지부·대한병원정보협회·대한병원정보보안협의회-대상: 전국 국공립 의료기관, 대학병원 및 민간 대중소형 병원 개인정보보호, 정보보안 책임자·실무자, 정보보호 시스템 관리자 -일시: 2022년 5월 24일 화요일 (오전9시~오후5시)-장소: 더케이호텔서울 가야금홀 및 로비-참석비용: 병원/의료 공공기관 관계자 무료참석-의료기관 이외 관계자유료참석: 의료기관/의료분야 공공기관 이외 참석자는 11만원(VAT 포함)-교육이수:

2022-05-16 13:15 (KST)
데일리시큐
국내

Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity

The European Parliament announced a "provisional agreement" aimed at improving cybersecurity and resilience of both public and private sector entities in the European Union. The revised directive, called "NIS2" (short for network and information systems), is expected to replace the existing legisl

2022-05-16 12:37 (KST)
The Hacker News
해외

Ukrainian Hacker Jailed for 4-Years in U.S. for Selling Access to Hacked Servers

A 28-year-old Ukrainian national has been sentenced to four years in prison for siphoning thousands of server login credentials and selling them on the dark web for monetary gain as part of a credential theft scheme. Glib Oleksandr Ivanov-Tolpintsev, who pleaded guilty to his offenses earlier this

2022-05-16 12:12 (KST)
The Hacker News
해외

최근 발견된 자이젤 장비의 취약점, 활발히 익스플로잇 되고 있어

자이젤, 최근 발견된 원격 임의 명령 실행 취약점 긴급히 패치해요약 : IT 외신 블리핑컴퓨터에 의하면 해커들이 최근 패치된 취약점인 CVE-2022-30525를 익스플로잇 하기 시작했다고 한다. 이는 자이젤(Zyxel)의 방화벽 및 VPN 장비들에서 발견된 취약점으로 성공적으로 익스플로잇 될 경우 원격에서 임의 명령을 주입할 수 있다고 한다. 공격자들은

2022-05-16 11:43 (KST)
보안뉴스
국내

설정 잘못된 엘라스틱서치 서버에서 579GB 데이터 유출돼

엘라스틱서치 서버의 설정 오류로 3억 건 넘는 기록들이 고스란히 노출돼요약 : 보안 외신 핵리드에 의하면 엘라스틱서치(ElasticSearch) 기반 서버들 두 개가 설정 오류로 인해 어마어마한 양의 데이터를 노출시켰다고 한다. 3억 5900만 건의 기록들이 이 두 개의 서버에 저장되어 있었으며, 용량은 579GB에 달한다고 한다. 두 서버 모두 하나의 조

2022-05-16 11:41 (KST)
보안뉴스
국내

용병 해커들, 브라질 투표 시스템에 침투하려다 실패

대통령의 정치적 공략 훼파하기 위해 모인 20명의 해커들요약 : AP통신에 의하면 20명의 해커들이 브라질 선거 관리 기관의 본부에 모여 3일 동안 브라질의 투표 시스템을 해킹하려 했다고 한다. 10월에 있을 대통령 선거를 준비하기 위함이다. 브라질에서는 이러한 선거 전 시스템 점검 행사가 항상 열리며, 아직까지 별다른 문제가 발견된 사례가 없었다. 하지만

2022-05-16 11:37 (KST)
보안뉴스
국내

새로운 Saitama 백도어, 요르단 외무부 관계자 노려

New Saitama backdoor Targeted Official from Jordan's Foreign Ministry   요르단 외무부를 노린 스피어 피싱 캠페인이 은밀한 새로운 백도어인 Saitama를 배포하는 것으로 나타났습니다.   Malwarebytes와 Fortinet FortiGuard Labs의 연구원은 이란 사이버 스파이 그룹인 APT34의 과거 캠페인과 유사성을 기반으로 해당 그룹이 이 캠페인을 실행한 것으로 추측했습니다.   Fortinet의 연구원인 Fred Gutierrez는 아래와 같이 설명했습니다.

2022-05-16 09:00 (KST)
ESTsecurity
국내

나도 모르는 쇼핑몰 결제 문자? 개인정보 노린 스미싱 무차별 ‘공습’

스미싱 문자에 링크를 포함하지 않아 사용자 의심 피해전화로 웹사이트 주소 알려주며 악성 앱 설치 유도...설치하면 휴대폰 정보 탈취[보안뉴스 원병철 기자] 최근 해외 쇼핑몰에서 결제가 됐다는 내용의 스미싱 문자가 지속적으로 발견돼 주의가 요구된다. 특히, 이 문자들은 별도의 URL 링크가 없어 피해자들이 직접 전화하도록 유도하는 것이 특징이다. 이스트시큐리

2022-05-15 23:55 (KST)
보안뉴스
국내

The LEGION collective calls to action to attack the final of the Eurovision song contest

The Pro-Russian volunteer movement known as LEGION is calling to launch DDoS attacks against the final of the Eurovision song contest. The LEGION is a Pro-Russian volunteer movement that focuses on DDOS attacks. The group made the headlines for attacks...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

OpRussia update: Anonymous breached other organizations

Another week has passed and Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the collective claims to have hacked multiple...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

Pro-Russian hacktivists target Italy government websites

Pro-Russian hacker group Killnet targeted the websites of several Italian institutions, including the senate and the National Institute of Health. A group of Pro-Russian hackers known as "Killnet" launched an attack against multiple websites of several...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

SonicWall urges customers to fix SMA 1000 vulnerabilities

SonicWall warns customers to address several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products. SonicWall urges customers to address several high-risk security vulnerabilities affecting its Secure...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

Zyxel fixed firewall unauthenticated remote command injection issue

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) affecting...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

Iran-linked COBALT MIRAGE group uses ransomware in its operations

Iranian group used Bitlocker and DiskCryptor in a series of attacks targeting organizations in Israel, the US, Europe, and Australia. Researchers at Secureworks Counter Threat Unit (CTU) are investigating a series of attacks conducted by the Iran-linked...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

New Nerbian RAT spreads via malspam campaigns using COVID-19

Researchers spotted a new remote access trojan, named Nerbian RAT, which implements sophisticated evasion and anti-analysis techniques. Researchers from Proofpoint discovered a new remote access trojan called Nerbian RAT that implements sophisticated...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

Massive hacking campaign compromised thousands of WordPress websites

Researchers uncovered a massive hacking campaign that compromised thousands of WordPress websites to redirect visitors to scam sites. Cybersecurity researchers from Sucuri uncovered a massive campaign that compromised thousands of WordPress websites...

2022-05-15 13:10 (KST)
Secuirty Affairs
해외

Red TIM Research (RTR) founds 2 bugs affecting F5 Traffix SDC

Experts at TIM research laboratory, Red Team Research (RTR), have disclosed a couple of bugs affecting F5 Traffix SDC. Among these 45 bugs fixed by the well-known manufacturer of computer security systems, 2 were detected by TIM research laboratory,...

2022-05-15 13:09 (KST)
Secuirty Affairs
해외

Five Eyes agencies warn of attacks on MSPs

Cybersecurity authorities from Five Eye warn of threats targeting managed service providers (MSPs) and potential supply chain attacks through them. Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. this...

2022-05-15 13:09 (KST)
Secuirty Affairs
해외

Microsoft fixes new PetitPotam Windows NTLM Relay attack vector

A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack.

2022-05-15 12:50 (KST)
BleepingComputer
해외

Angry IT admin wipes employer’s databases, gets 7 years in prison

Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data.

2022-05-15 12:50 (KST)
BleepingComputer
해외

Crypto thief threatened to cut man's fingers 'one by one,' stole £34K

Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000.-- Delivered by F

2022-05-15 12:50 (KST)
BleepingComputer
해외

The Week in Ransomware - May 13th 2022 - A National Emergency

While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide.

2022-05-15 12:50 (KST)
BleepingComputer
해외

Italian CERT: Hacktivists hit govt sites in ‘Slow HTTP’ DDoS attacks

Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days.

2022-05-15 12:50 (KST)
BleepingComputer
해외

EU Agrees New Cybersecurity Legislation for Critical Services Organizations

The rules will apply to medium and large organizations operating in critical sectors like healthcare and water management

2022-05-15 12:50 (KST)
infosecuirty
해외

Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits

Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers.

2022-05-15 12:50 (KST)
BleepingComputer
해외

#CYBERUK22: Cyber Trends from the Russia-Ukraine War

A panel of cyber leaders discuss Ukraine's cyber-resilience and other trends during the conflict

2022-05-15 12:50 (KST)
infosecuirty
해외

Fake Binance NFT Mystery Box bots steal victim's crypto wallets

A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories.

2022-05-15 12:50 (KST)
BleepingComputer
해외

Government's "Whole of Society" Cyber Strategy Takes Shape

First National Cyber Advisory Board co-chair appointed

2022-05-15 12:50 (KST)
infosecuirty
해외

SonicWall ‘strongly urges’ admins to patch SSLVPN SMA1000 bugs

SonicWall "strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances.

2022-05-15 12:50 (KST)
BleepingComputer
해외

Open Source Community Hands White House 10-Point Security Plan

Around $150m in funding will shape future of open source security

2022-05-15 12:49 (KST)
infosecuirty
해외

Google Chrome updates failing on Android devices in Russia

A growing number of Russian Chrome users on Android report getting errors when attempting to install the latest available update of the popular web browser.

2022-05-15 12:49 (KST)
BleepingComputer
해외

Ukrainian Gets Four Years for Brute Forcing Thousands of Credentials

Server logins were sold on dark web criminal marketplace

2022-05-15 12:49 (KST)
infosecuirty
해외

Iranian hackers exposed in a highly targeted espionage campaign

Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools.

2022-05-15 12:49 (KST)
BleepingComputer
해외

Oklahoma City Indian Clinic Data Breach Affects 40,000 Individuals

Investigation revealed unauthorized party accessed and possibly retained sensitive customer information

2022-05-15 12:49 (KST)
infosecuirty
해외

Ukrainian imprisoned for selling access to thousands of PCs

Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old from Ukraine, was sentenced today to 4 years in prison for stealing thousands of login credentials per week and selling them on a dark web marketplace.

2022-05-15 12:49 (KST)
BleepingComputer
해외

Costa Rica Declares National Emergency Following Conti Cyber-Attack

The declaration came with IT systems across several ministries rendered unusable

2022-05-15 12:49 (KST)
infosecuirty
해외

Eternity malware kit offers stealer, miner, worm, ransomware tools

Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted.

2022-05-15 12:49 (KST)
BleepingComputer
해외

Government Initiative Promises Rapid Blocking of Scam Sites

Real-time data sharing with ISPs could stop fraud at scale

2022-05-15 12:49 (KST)
infosecuirty
해외

Zyxel fixes firewall flaws that could lead to hacked networks

Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago.

2022-05-15 12:49 (KST)
BleepingComputer
해외

Trustpilot Deletes Millions of Fake Reviews in 2021

Persistent fraud threatens trust in e-commerce

2022-05-15 12:49 (KST)
infosecuirty
해외

BPFdoor: Stealthy Linux malware bypasses firewalls for remote access

A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years.

2022-05-15 12:49 (KST)
BleepingComputer
해외

Quarter of Security Pros Say Mental Health Has Worsened

Over a fifth are “very stressed” at work

2022-05-15 12:49 (KST)
infosecuirty
해외

Historic Hotel Stay, Complementary Emotet Exposure included

Historic Hotel of America serving up modern malware to their guests. Why securing your inbox with more than just anti-malware engines is needed to prevent cybercrime attacks.

2022-05-15 12:49 (KST)
BleepingComputer
해외

British Man Charged With Hacking US Bank Computers, Stealing Millions

The 10-count complaint alleges Idris Dayo Mustapha used phishing and other means to obtain user credentials

2022-05-15 12:49 (KST)
infosecuirty
해외