2019년 12월 17일 보안정보 입니다.

12월 17일 보안정보 입니다. 

=================================================

+ 주요 취약점 - Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

1. Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds
[요약]
Privilege Escalation (CVE-2019-19241)
- https://www.exploit-db.com/exploits/47779

=================================================

+ 취약점 - Microsoft Teams Instant Messenger DLL Hijacking 외 1건

1. Microsoft Teams Instant Messenger DLL Hijacking
[요약]
vulnerable to remote DLL hijacking.
- https://packetstormsecurity.com/files/155677/Microsoft-Teams-Instant-Messenger-DLL-Hijacking.html

2. 데비안 보안 권고, DSA-4585-1 Thunderbird-보안 업데이트
[요약]
Thunderbird에서 여러 보안 문제가 발견되어 임의의 코드가 실행될 수 있음.
- https://www.debian.org/security/2019/dsa-4585

=================================================

+ 보안정보 - 16 억 개의 LightInTheBox 고객 기록 노출 외 2건

1. 16 억 개의 LightInTheBox 고객 기록 노출
[요약]
온라인 소매업체 LightInTheBox가 3개월 동안 노출된 16억 명의 구매자 레코드를 포함하는 1.3TB의 데이터를 발표.
LightInTheBox가 단순히 서버를 보호하고 적절한 액세스 규칙을 구현했다면 전체 상황을 피할 수 있었을 것.
노출 된 데이터는 여러 형태의 사기 및 온라인 공격에 취약한 영향을 미침.
- https://www.scmagazine.com/home/security-news/data-breach/1-6-billion-lightinthebox-customer-records-left-exposed/

2. 랜섬웨어 공격으로 중단 된 NJ 병원의 의료 서비스
[요약]
뉴저지 병원은 랜섬웨어 공격으로 희생 된 후 일부 수술 및 기타 의료 절차를 취소해야한다고 발표.
병원은 FBI에 통보하고 자체 조사를 수행하기 위해 디지털 포렌식 회사를 고용.
조직은 먼저 크립토 랜섬웨어 감염을 방지하기위한 조치를 취하여 보안 사고에 대한 방어를 강화하는 것이 중요.
- https://www.tripwire.com/state-of-security/security-data-protection/medical-care-at-nj-hospital-disrupted-by-ransomware-attack/

3. 비자, “북미 주유소 노리는 카드 사기 공격 증가 중” 경고
[요약]
자기 띠 카드 많은 북미 시장, 카드 관련 공격 증가 중.
핀8이 특히 유명한 공격 단체. 주유소 체인 집중해서 노리는 중.
EMV 카드 기반이 아닌 곳, 카드 사기단 유혹함.
- https://www.boannews.com/media/view.asp?idx=85209&page=1&kind=1

=================================================