2019년 12월 10일 보안정보 입니다.

12월 10일 보안정보 입니다.

=================================================

+ 주요 취약점 - Oracle WebLogic Server 원격코드 실행 보안 업데이트 권고

1. Oracle WebLogic Server 원격코드 실행 보안 업데이트 권고
[요약]
WebLogic Server에서 안전하지 않은 역직렬화로 인해 발생하는 인증 우회 및 원격코드 실행 취약점(CVE-2019-2890)
- https://www.oracle.com/security-alerts/cpuoct2019.html

=================================================

+ 취약점 - Microsoft Windows Windows 10 UAC Bypass 외 2건

1. Microsoft Windows Windows 10 UAC Bypass
[요약]
UAC bypass vulnerability
- https://packetstormsecurity.com/files/155593/Microsoft-Windows-Windows-10-UAC-Bypass.html

2. Mozilla Firefox Windows 64-Bit Chain Exploit
[요약]
Arbitrary code execution
- https://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html

3. OpenSSL x64_64 Montgomery squaring procedure buffer overflow (CVE-2019-1551)
[요약]
buffer overflow vulnerability
- https://exchange.xforce.ibmcloud.com/vulnerabilities/172752

=================================================

+ 보안정보 - 베트남과 연결된 Ocean Logus APT, BMW와 현대자동차 네트워크 공격해 외 2건

1. 베트남과 연결된 Ocean Logus APT, BMW와 현대자동차 네트워크 공격해
[요약]
APT32는 워터링홀 공격을 통한 공격 캠페인에 Windows와 Mac용 악성코드 모두를 사용.
공격자들은 최근 자동차 제조업체들을 공격하여 타깃 네트워크에 침투 툴인 “Cobalt Strike”를 배포하는 데 성공.
BMW와 현대자동차 모두 BR 매스컴이 발표한 보고서에 대해 어떠한 대응도 하지 않음.
- https://securityaffairs.co/wordpress/94805/hacking/ocean-lotus-hacked-bmw-hyundai.html

2. 러시아의 유명 APT 단체 가마레돈, 우크라이나 노리며 공격 재개
[요약]
러시아의 APT 단체인 가마레돈, 다시 한 번 우크라이나 노리기 시작.
우크라이나 정부, 외교, 군 관련 기관을 노리며 다단계로 시스템 감염시킴.
물론 가마레돈을 똑같이 흉내 낸 다른 공격 단체일 가능성도 있음.
- https://www.boannews.com/media/view.asp?idx=85060

3. 이스라엘과 중국을 이어준 중간자 공격, 1백만 달러 사라져
[요약]
대범한 사기꾼들, 궁극의 중간자 공격으로 백만 달러 가로챔.
투자 회사와 투자 받는 회사 사이에서 이메일들을 조작함.
심지어 싱가포르에서의 회의 일정까지 취소시키기까지 함.
- https://www.boannews.com/media/view.asp?idx=85069

=================================================