¡°GrimResource is a ¡°a novel, in-the-wild code execution technique leveraging specially crafted MSC files,¡± the researchers wrote. ¡°GrimResource allows attackers to execute arbitrary code in Microsoft Management Console (mmc.exe) with minimal security warnings, ideal for gaining initial access and evading defenses.¡±¡±
-Cyberexpress-
- º¸¾È Àü¹® ¸ÅüµéÀ» Àд٠º¸¸é in the wild¶ó´Â Ç¥ÇöÀ» ¸¹ÀÌ ¹ß°ßÇÒ ¼ö ÀÖ½À´Ï´Ù. wild´Â '°ÅÄ£¡¯, ¡®¾ß»ýÀÇ¡¯¶ó´Â ¶æÀÌÁÒ. in the wild´Â ±×·¡¼ ¡®¾ß»ý¿¡¼¡¯, ¡®±æµé¿©ÁöÁö ¾ÊÀº »óÅ·Ρ¯¶ó´Â ¶æÀÌ µË´Ï´Ù.
- ±×·±µ¥ ±×°Ç ÀϹÝÀûÀÎ ¿ë¾îÀÇ À̾߱â°í, »çÀ̹ö °ø°Ý°ú º¸¾È »ç°ÇÀ» À̾߱âÇÏ´Â ¸Æ¶ô¿¡¼ in the wild´Â ¾î¶² Àǹ̸¦ °®°Ô µÇ´Â °É±î¿ä?
- Á¤º¸ º¸¾È ºÐ¾ß¿¡¼ ¾ê±âÇÏ´Â in the wild´Â ¡®ÀÌ¹Ì °ø°ÝÀÌ ÁøÇàµÇ°í ÀÖ´Ù¡¯´Â ¶æÀÔ´Ï´Ù. ÆÐÄ¡°¡ ³ª¿À±âµµ Àü¿¡, ȤÀº Ãë¾àÁ¡ ºÐ¼®ÀÌ ÀÌ·ïÁö±âµµ Àü¿¡, º¸¾È Àü¹®°¡µéÀÌ ¹Ì¸® ¿¹»óÇÏ°í ¹æ¾î ´ëÃ¥À» ¸¶·ÃÇϱ⵵ Àü¿¡ °ø°ÝÀÚµéÀÌ ¸ÕÀú ¿òÁ÷À̱⠽ÃÀÛÇß´Ù´Â ¶æÀÌÁÒ. Áï °¡»óÀÇ À§ÇùÀÌ ¾Æ´Ï¶ó Çö½ÇÀÇ À§ÇùÀ̶ó´Â Àǹ̸¦ °®°Ô µË´Ï´Ù.
- À§ÀÇ ¹ßÃé¹®Àº º¸¾È ¸Åü »çÀ̹ö¿¢½ºÇÁ·¹½º¿¡¼ ³ª¿Â °ÍÀε¥, ±×¸²¸®¼Ò½º(GrimResource)¶ó´Â °ø°Ý ±â¹ý¿¡ ´ëÇÑ ³»¿ë¿¡¼ µû¿Ô½À´Ï´Ù. ±×¸²¸®¼Ò½º°¡ ÀÌ¹Ì °ø°ÝÀÚµéÀÌ ÇÑâ È°¿ëÇÏ°í ÀÖ´Â ÄÚµå ½ÇÇà ±â¹ýÀ̶ó´Â ¶æ¿¡¼ in the wild°¡ »ç¿ëµÆ½À´Ï´Ù.
- in the wild¸¦ Çϳª·Î ¹¾î ´ÜÀÏ Çü¿ë»ç·Î »ç¿ëÇÒ ¶§´Â in-the-wildó·³ ÇÏÀÌÇÂÀ» ºÙÀÔ´Ï´Ù.
- Ãß°¡·Î ¿¹¹®À» º¸°Ú½À´Ï´Ù.
* The exploit is already done in the wild.
(Ãë¾àÁ¡ ÀͽºÇ÷ÎÀÕ °ø°ÝÀÌ ÀÌ¹Ì ÇØÄ¿µé »çÀÌ¿¡¼ ÁøÇàµÇ´Â ÁßÀÌ´Ù.)
* Hackers are leveraging compiled V8 JavaScript in the wild to deploy malware.
(ÇØÄ¿µéÀÌ ÇöÀç ÀÌ¹Ì ÄÄÆÄÀϸµÀÌ µÈ V8 ÀÚ¹Ù½ºÅ©¸³Æ®¸¦ È°¿ëÇÏ¿© ¸Ö¿þ¾î¸¦ ÆÛÆ®¸®´Â ÁßÀÌ´Ù.)
* Palo Alto Networks is warning that a critical flaw is being actively exploited in the wild.
(ÆȷξËÅä³×Æ®¿÷½º°¡ ¡®ÃÊ°íÀ§Çèµµ Ãë¾àÁ¡À» °ø°ÝÀÚµéÀÌ ÀÌ¹Ì ÇÑâ ÀͽºÇ÷ÎÀÕ ÇÏ´Â Áß¡¯À̶ó°í °æ°íÇß´Ù.)
¡Ø ÀÌ Äڳʴ º¸¾È´º½º¿¡¼ ¹ß°£ÇÏ´Â ÇÁ¸®¹Ì¾ö ¸®Æ÷Æ®ÀÇ [µ¥Àϸ® º¸¾È´º½º+] ÄÜÅÙÃ÷¸¦ ÅëÇØ 2ÁÖ »¡¸® ¸¸³ª½Ç ¼ö ÀÖ½À´Ï´Ù.
[±¹Á¦ºÎ ¹®°¡¿ë ±âÀÚ(globoan@boannews.com)]
-Cyberexpress-
[À̹ÌÁö = gettyimagesbank]
- º¸¾È Àü¹® ¸ÅüµéÀ» Àд٠º¸¸é in the wild¶ó´Â Ç¥ÇöÀ» ¸¹ÀÌ ¹ß°ßÇÒ ¼ö ÀÖ½À´Ï´Ù. wild´Â '°ÅÄ£¡¯, ¡®¾ß»ýÀÇ¡¯¶ó´Â ¶æÀÌÁÒ. in the wild´Â ±×·¡¼ ¡®¾ß»ý¿¡¼¡¯, ¡®±æµé¿©ÁöÁö ¾ÊÀº »óÅ·Ρ¯¶ó´Â ¶æÀÌ µË´Ï´Ù.
- ±×·±µ¥ ±×°Ç ÀϹÝÀûÀÎ ¿ë¾îÀÇ À̾߱â°í, »çÀ̹ö °ø°Ý°ú º¸¾È »ç°ÇÀ» À̾߱âÇÏ´Â ¸Æ¶ô¿¡¼ in the wild´Â ¾î¶² Àǹ̸¦ °®°Ô µÇ´Â °É±î¿ä?
- Á¤º¸ º¸¾È ºÐ¾ß¿¡¼ ¾ê±âÇÏ´Â in the wild´Â ¡®ÀÌ¹Ì °ø°ÝÀÌ ÁøÇàµÇ°í ÀÖ´Ù¡¯´Â ¶æÀÔ´Ï´Ù. ÆÐÄ¡°¡ ³ª¿À±âµµ Àü¿¡, ȤÀº Ãë¾àÁ¡ ºÐ¼®ÀÌ ÀÌ·ïÁö±âµµ Àü¿¡, º¸¾È Àü¹®°¡µéÀÌ ¹Ì¸® ¿¹»óÇÏ°í ¹æ¾î ´ëÃ¥À» ¸¶·ÃÇϱ⵵ Àü¿¡ °ø°ÝÀÚµéÀÌ ¸ÕÀú ¿òÁ÷À̱⠽ÃÀÛÇß´Ù´Â ¶æÀÌÁÒ. Áï °¡»óÀÇ À§ÇùÀÌ ¾Æ´Ï¶ó Çö½ÇÀÇ À§ÇùÀ̶ó´Â Àǹ̸¦ °®°Ô µË´Ï´Ù.
- À§ÀÇ ¹ßÃé¹®Àº º¸¾È ¸Åü »çÀ̹ö¿¢½ºÇÁ·¹½º¿¡¼ ³ª¿Â °ÍÀε¥, ±×¸²¸®¼Ò½º(GrimResource)¶ó´Â °ø°Ý ±â¹ý¿¡ ´ëÇÑ ³»¿ë¿¡¼ µû¿Ô½À´Ï´Ù. ±×¸²¸®¼Ò½º°¡ ÀÌ¹Ì °ø°ÝÀÚµéÀÌ ÇÑâ È°¿ëÇÏ°í ÀÖ´Â ÄÚµå ½ÇÇà ±â¹ýÀ̶ó´Â ¶æ¿¡¼ in the wild°¡ »ç¿ëµÆ½À´Ï´Ù.
- in the wild¸¦ Çϳª·Î ¹¾î ´ÜÀÏ Çü¿ë»ç·Î »ç¿ëÇÒ ¶§´Â in-the-wildó·³ ÇÏÀÌÇÂÀ» ºÙÀÔ´Ï´Ù.
- Ãß°¡·Î ¿¹¹®À» º¸°Ú½À´Ï´Ù.
* The exploit is already done in the wild.
(Ãë¾àÁ¡ ÀͽºÇ÷ÎÀÕ °ø°ÝÀÌ ÀÌ¹Ì ÇØÄ¿µé »çÀÌ¿¡¼ ÁøÇàµÇ´Â ÁßÀÌ´Ù.)
* Hackers are leveraging compiled V8 JavaScript in the wild to deploy malware.
(ÇØÄ¿µéÀÌ ÇöÀç ÀÌ¹Ì ÄÄÆÄÀϸµÀÌ µÈ V8 ÀÚ¹Ù½ºÅ©¸³Æ®¸¦ È°¿ëÇÏ¿© ¸Ö¿þ¾î¸¦ ÆÛÆ®¸®´Â ÁßÀÌ´Ù.)
* Palo Alto Networks is warning that a critical flaw is being actively exploited in the wild.
(ÆȷξËÅä³×Æ®¿÷½º°¡ ¡®ÃÊ°íÀ§Çèµµ Ãë¾àÁ¡À» °ø°ÝÀÚµéÀÌ ÀÌ¹Ì ÇÑâ ÀͽºÇ÷ÎÀÕ ÇÏ´Â Áß¡¯À̶ó°í °æ°íÇß´Ù.)
¡Ø ÀÌ Äڳʴ º¸¾È´º½º¿¡¼ ¹ß°£ÇÏ´Â ÇÁ¸®¹Ì¾ö ¸®Æ÷Æ®ÀÇ [µ¥Àϸ® º¸¾È´º½º+] ÄÜÅÙÃ÷¸¦ ÅëÇØ 2ÁÖ »¡¸® ¸¸³ª½Ç ¼ö ÀÖ½À´Ï´Ù.
[±¹Á¦ºÎ ¹®°¡¿ë ±âÀÚ(globoan@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
¹®°¡¿ë±âÀÚ ±â»çº¸±â
[2024-10-31] 
