Home > Àüü±â»ç

[±Û·Î¹ú ´º½º Ŭ¸®ÇÎ] ¡°¾îµµºñ Ç÷¡½Ã ±ä±Þ ÆÐÄ¡¡± èâ

ÀÔ·Â : 2014-11-26 10:55
ÆäÀ̽ººÏ º¸³»±â Æ®À§ÅÍ º¸³»±â ³×À̹ö ¹êµå º¸³»±â Ä«Ä«¿À ½ºÅ丮 º¸³»±â ³×À̹ö ºí·Î±× º¸³»±â

¼Ò´Ï ÇÈó½º ÀæÀº ÇØÅ·¿¡ ³ëÃâµÇ°í ±¸±ÛÀº ÀæÀº ¼Ö·ç¼Ç ³»³õ°í

·¹±äÀº ´çºÐ°£ Á¶»ç ¹× ºÐ¼® À̾îÁú µí


[º¸¾È´º½º ¹®°¡¿ë] ¼Ò´Ï ÇÈ󽺰¡ ¶Ç ´çÇß½À´Ï´Ù. Ç÷¹À̽ºÅ×À̼ÇÀÌ ´çÇÑ Áö ¾ó¸¶ Áö³ªÁö ¾Ê¾Ò°í ¼Ò´Ï ÇÈó½º ¿ª½Ã ºÒ°ú Áö³­ ÇØ¿¡ ÇØÅ·¿¡ ´ëÇÑ ¾È ÁÁÀº ±â¾ïÀ» °¡Á®¿ÔÀ½¿¡µµ ¸»ÀÔ´Ï´Ù. Áö±Ý ÇØÄ¿·Î º¸ÀÌ´Â ÀÏ´ç°ú Çù»ó Áß¿¡ ÀÖ´Ù°í ÇÏ´Ï ÀÏÀÌ ¾î¶»°Ô ÁøÇàµÉÁö ±Ã±ÝÇÕ´Ï´Ù. ¹°·Ð ¼Ò´Ï ÀÚü¿¡¼­µµ ±× Çù»ó ³»¿ëÀ» ¹àÈ÷Áö ¾Ê°í ÀÖ¾î, Áø½ÇÀÌ ¾ó¸¶³ª ¾Ë·ÁÁúÁö Á¶±Ý ȸÀÇÀûÀ̱ä ÇÕ´Ï´Ù¸¸.

 

 ¡ã ¼Ò´Ï ÇÈó½º Á÷¿øµéÀÌ Ãâ±ÙÇؼ­ ÄÄÇ»Å͸¦ Å°ÀÚ ³ªÅ¸³­ È­¸é

¾îµµºñ´Â ±ä±Þ ÆÐÄ¡¸¦ ¹èÆ÷Çߴµ¥, ÀÌ´Â Áö³­ 10¿ù¿¡ ÀÖ¾ú´ø °ø½Ä ÆÐÄ¡¿¡ ´ëÇÑ ÆÐÄ¡·Î º¼ ¼ö ÀÖ¾î ¾î¶»°Ô º¸¸é ÇÑ ¹ø¿¡ ÀÏÀ» Á¦´ë·Î ó¸®ÇÏÁö ¸øÇÑ °ÍÀ¸·Îµµ º¸ÀÌ°í ÆÐÄ¡ÀÇ ÆÐÄ¡¶ó´Â ½Å°³³ä Ã¥ÀÓ°¨À» º¸´Â °Íµµ °°¾Æ ¹¦ÇÕ´Ï´Ù. ¶ÇÇÑ ±¸±Û ¿ª½Ã ¿äÁò º¸¾È¿¡ ¾öû³­ ÅõÀÚ¸¦ ÇÏ°í ÀÖ´Â µíÇÑ ¸ð½ÀÀä, º¸¾ÈÀÌ °ú¿¬ ³»³â¿¡ ¾ó¸¶³ª Å« À̽´°¡ µÉ Áö ±â´ë°¡ µË´Ï´Ù.


1. ¼Ò´Ï ÇÈó½º ÇØÅ·À¸·Î ³×Æ®¿öÅ© ´Ù¿î(Infosecurity Magazine)

http://www.infosecurity-magazine.com/news/sony-pictures-hack-shuts-down/


¼Ò´Ï ÇÈó½º ÇöÀç ³×Æ®¿öÅ© ÇØÅ· »çÅ Á¡°Ë Áß(Threat Post)

http://threatpost.com/sony-pictures-dealing-with-apparent-network-compromise/109625


¼Ò´Ï ÇÈó½º, ÇØÄ¿ ¼ÒÇàÀ¸·Î ³×Æ®¿öÅ© ´Ù¿î½ÃÄÑ(The Register)

http://www.theregister.co.uk/2014/11/25/sony_pictures_in_it_lockdown_after_alleged_hacker_hosing/


¼Ò´Ï ÇÈó½º, ±â¾÷ ³×Æ®¿öÅ© ÇØÅ·À¸·Î Â÷´Ü(Security Week)

http://www.securityweek.com/sony-pictures-hack-leads-corporate-network-shutdown

¼Ò´Ï ÇÈ󽺰¡ ¶Ç ÇØÅ·´çÇß½À´Ï´Ù. ±×·¡¼­ ±â¾÷ ÀüüÀÇ ³×Æ®¿öÅ© ¸ÁÀ» Â÷´ÜÇÏ°í Á¡°Ë Áß¿¡ ÀÖ½À´Ï´Ù. À̹ø¿¡ ¼Ò´Ï ÇÈ󽺸¦ ÇØÅ·ÇÑ ´Üü´Â GOP(Guardians of Peace, ÆòÈ­ ¼öÈ£ÀÚ)¶ó°í ¾Ë·ÁÁ® ÀÖ½À´Ï´Ù. ÇØÅ·´çÇÑ Á÷¿øµéÀÇ ÄÄÇ»ÅÍ¿¡ ¡°hacked by GOP¡±¶ó´Â ¸Þ½ÃÁö°¡ ¼ÛÃâµÇ¾ú´Ù°í ÇÕ´Ï´Ù. GOP´Â ¼Ò´Ï ÇÈó½ºÀÇ ºñ¹Ð Á¤º¸¸¦ ÈÉÃij´ٸç ÀڽŵéÀÇ ¿ä±¸¸¦ µé¾îÁÙ °ÍÀ» Çù¹ÚÁ¶·Î ¿äûÇÏ°í ÀÖ½À´Ï´Ù. ÇÏÁö¸¸ ¾ÆÁ÷ ¿ä±¸ »çÇ×ÀÌ ¹«¾ùÀÎÁö´Â ¾ÆÁ÷ ±× ´©±¸µµ ¹àÈ÷°í ÀÖÁö ¾Ê½À´Ï´Ù. ¼Ò´Ï ÇÈ󽺴 2011³â¿¡µµ ·êÁî¼½(LulzSec)À̶õ ±×·ì¿¡ ÀÇÇØ ÇØÅ·´çÇÑ ÀûÀÌ ÀÖ°í, ¿ÃÇØ¿¡´Â ¼Ò´Ï Ç÷¹À̽ºÅ×ÀÌ¼Ç ³×Æ®¿öÅ©¿¡ ´ëÇÑ °ø°ÝÀ¸·Î 1¾ï °ÇÀÇ »ç¿ëÀÚ Á¤º¸°¡ À¯ÃâµÈ ÀûÀÌ ÀÖÁÒ. ¼Ò´Ï°¡ º¸¾È °­È­¿¡ ¾î·Á¿òÀÌ ÀÖ´Â °ÇÁö, ¾Æ´Ï¸é ¼Ò´ÏÀÇ ÄÜÅÙÃ÷°¡ ±×·¸°Ô³ª ¸Å·ÂÀûÀÎ °ÇÁö, ÇÏ¿©Æ° ÇØÅ·¿¡ °è¼ÓÇؼ­ ½Ã´Þ¸®°í ÀÖ½À´Ï´Ù.


2. ¾îµµºñ Ç÷¡½Ã ±ä±Þ ÆÐÄ¡(Threat Post)

http://threatpost.com/adobe-releases-emergency-flash-player-patch/109623


¾îµµºñ, Çø®»õÀÇ ÇÏÀÌÀè ¹ö±× Á×À̱â À§ÇÑ ±ä±Þ ÆÐÄ¡(The Register)

http://www.theregister.co.uk/2014/11/25/thought_you_were_done_with_patching_this_month_adobe_can_fix_that/


¾îµµºñ, Ç÷¡½Ã Ç÷¹À̾î ÆÐÄ¡·Î ¹æ¾î¸· °­È­(Security Week)

http://www.securityweek.com/adobe-patches-flash-player-add-additional-protection-against-attack

À̹ø¿¡´Â À©µµ¿ì, ¸Æ, ¸®´ª½º »ç¿ëÀÚ ¸ðµÎ¸¦ À§ÇÑ ÆÐÄ¡À̸ç, ÇØÄ¿°¡ ¿ø°Ý¿¡¼­ Äڵ带 ½ÇÇàÇÒ ¼ö ÀÖµµ·Ï ÇØÁÖ´Â Ãë¾àÁ¡ÀÌ ¼öÁ¤µÇ¾ú½À´Ï´Ù. Áö³­ ´Þ 14ÀÏ¿¡ ¾îµµºñ°¡ °ø½Ä ÆÐÄ¡¸¦ ³»³õÀº Áö ºÒ°ú 1ÁÖÀÏ ¸¸¿¡ ¶Õ·Á¹ö¸®´Â »çÅ°¡ ÀÖ¾ú´Âµ¥¿ä, ÇÑ ´Þ ¸¸¿¡ ¡®±ä±Þ¡¯ ÆÐÄ¡°¡ ¶Ç ÀÌ·ç¾îÁø °É·Î º¸¾Æ Áö³­ °ø½Ä ÆÐÄ¡·Î ´Ù ´Ù·ê ¼ö ¾ø¾ú´ø ¹®Á¦°¡ ¶Ç ÀÖ¾úÀ½ÀÌ µå·¯³µ½À´Ï´Ù. ¾îµµºñ Ãø¿¡¼­µµ ¡°Áö³­ 10¿ù¿¡ ÀÖ¾ú´ø ÆÐÄ¡¸¦ Á» ´õ º¸¿ÏÇÏ´Â ¼º°ÝÀÇ ÆÐÄ¡¡±¶ó°í ÇÕ´Ï´Ù. Áï °°Àº ¿À·ù¸¦ µÎ ¹ø¿¡ °ÉÃÄ ÇØ°áÇß´Ù´Â °ÍÀÌÁÒ. ÀÌ·¸°Ô ²öÁú±â°Ô ¹®Á¦¸¦ ÇØ°áÇÏ´Â °Ç ¾ÕÀ¸·Î ¡®¾÷µ¥ÀÌÆ®¡¯°¡ Çʼö°¡ µÉ Á¦ÀÛ »ê¾÷ÀÇ Ç¥ÁØÀÌ µÇ¾î¾ß ÇÒ °Í °°½À´Ï´Ù.


3. ·¹±ä ¸Ö¿þ¾î°¡ ÁÖ´Â 8°¡Áö Àǹ®(CU Infosecurity)

http://www.cuinfosecurity.com/regin-espionage-malware-8-key-issues-a-7609


Á¤ºÎ±â°üÀÇ ·¹±ä »ç¿ë, ÇÕ¹ýÀûÀΰ¡?(Threat Post)

http://threatpost.com/experts-question-legality-of-use-of-regin-malware-by-intel-agencies/109566

¾ÆÁ÷µµ ·¹±äÀÇ Åº»ýÁö°¡ ¾îµðÀÎÁö ¹àÇôÁöÁö ¾ÊÀº °¡¿îµ¥ ¿©·¯ °¡Áö ³í¶õ¸¸ È®»êµÇ°í ÀÖ½À´Ï´Ù. ¾îÁ¦ ¹àÇôÁø ¡°±¹°¡°¡ µÚ¸¦ ºÁÁÖ°í ÀÖ´Ù¡±, ¡°¸ð¹ÙÀÏ ³×Æ®¿öÅ©¸¦ ³ë¸®°í ÀÖ´Ù¡±, ¡°°¨Áö°¡ ¸Å¿ì ¾î·Æ´Ù¡± µîÀÇ ÃßÁ¤ ¹× »ç½Ç ¿Ü¿¡ º§±â¿¡ Åë½Å¾÷üÀÎ º§°¡ÄÞ(Belgacom)°ú À¯·´ÀÇȸ°¡ °ø°Ý´çÇÑ µíÀÌ º¸Àδٴ °Í°ú »ç½Ç»ó ÀÏ¹Ý »ç¿ëÀڵ鿡°Ô´Â Å« À§ÇùÀÌ µÇÁö ¾Ê´Â´Ù´Â ÁÖÀåÀÌ Ãß°¡·Î Á¦±âµÇ¾ú½À´Ï´Ù. ¶ÇÇÑ Á¤ºÎ±â°ü¿¡¼­ À̸¦ È°¿ëÇÏ´Â °Í¿¡ ¹ýÀû ±Ù°Å°¡ Àִ°¡¿¡ ´ëÇؼ­µµ ³íÀÇ Áß¿¡ ÀÖ´Ù°í ÇÕ´Ï´Ù. ¹°·Ð ´ëºÎºÐ ºÎÁ¤ÀûÀÎ Æí¿¡ ¼­ÀÖ±ä ÇÑ °Í °°½À´Ï´Ù. ±×·¡µµ ºñ³­ ÀÏ»öÀÌ ¾Æ´Ï¶ó ¡®³íÀÇ¡¯ »óÅ°¡ ÀÌ·ç¾îÁø´Ù´Â °ÍÀÌ ³î¶ø±ä ÇÕ´Ï´Ù. ·¹±ä °ü·Ã ´º½º´Â °è¼ÓÇؼ­ ³ª¿Ã °Í °°½À´Ï´Ù.


4. ±¸±Û, ¾Û½º »ç¿ëÀÚ À§ÇÑ »õ·Î¿î º¸¾È Åø °ø°³(Security Week)

http://www.securityweek.com/google-releases-new-security-tools-apps-users


±¸±Û¸®¶ô½º, ±¸±ÛÀÌ °³¹ßÇÑ »õ·Î¿î ¾Û º¸¾È Åø(The Register)

http://www.theregister.co.uk/2014/11/25/google_employs_security_wizard_for_apps_drops_intel_panels/


±¸±Û ¾Û½º(Google Apps) »ç¿ëÀÚµéÀÇ °èÁ¤À» º¸È£Çϱâ À§ÇØ ±¸±Û¿¡¼­ »õ·Î¿î º¸¾È Åø µÎ °³¸¦ ¼¼»ó¿¡ ³»³õ¾Ò½À´Ï´Ù. Çϳª´Â ¾îÁ¦ÀÚ ±Û·Î¹ú ´º½º Ŭ¸®Çο¡ ¾ð±ÞµÈ ¡®»êŸ¡¯ÀÌ°í ¶Ç ´Ù¸¥ Çϳª´Â µð¹ÙÀ̽ÃÁî ¾Ø ¾×ƼºñƼ(Devices and Activity)¶ó´Â ´ë½Ãº¸µåÀÔ´Ï´Ù. ¾×ƼºñƼ ´ë½Ãº¸µå´Â ÃÖ±Ù 28ÀÏ µ¿¾È ¾î´À ±â±â, ¾î´À À§Ä¡¿¡¼­ °èÁ¤ Á¢¼ÓÀÌ ÀϾ´ÂÁö º¸¿©ÁÖ´Â ±â´ÉÀ» °¡Áö°í ÀÖ°í, ÇöÀç Á¢¼Ó ±â±â¿¡ ´ëÇÑ »ó¼¼ Á¤º¸µµ Ãâ·ÂÇÕ´Ï´Ù. ¶ÇÇÑ º¸¾È °ü·Ã »ç¿ëÀÚ ¼³Á¤À» ¸Å¿ì ½±°Ô Çسõ¾Ò´Ù°í Çϴµ¥, ÀÌ´Â °ð »ç¿ëÀÚ ¸®ºä µîÀ» ÅëÇØ ´õ È®½ÇÈ÷ ¹àÇôÁö°ÚÁÒ. ±¸±ÛÀÌ Á¤¸» ²÷ÀÓ¾øÀÌ º¸¾È °ü·Ã Åø ¹× ¼Ö·ç¼ÇÀ» ³»³õ´Âµ¥, ±¸±Û Á¤µµÀÇ È¸»ç¿¡¼­ ÀÌ·¸°Ô º¸¾È¿¡ ÁýÁßÀ» ÇÒ Á¤µµ¸é ¹º°¡ º¯È­°¡ ÀÖÁö ¾ÊÀ»±î ±â´ë°¡ µÇ±âµµ ÇÏ°í, ±¸±ÛÀÇ ¿µÇâ·ÂÀÌ °ú¿¬ ¾î´À Á¤µµÀÎÁö °¡´ÆÇغ¸°í ½Í±âµµ ÇÕ´Ï´Ù.


5. Å©·¹À̱×Á½ºÆ®, DNS ÇÏÀÌÀçÅ· ´çÇØ(Infosecurity Magazine)

http://www.infosecurity-magazine.com/news/craigslist-dns-hijacker-leads/


Å©·¹À̱×Á½ºÆ® ÇÏÀÌÀçÅ· ´çÇßÀ¸³ª ´Ù½Ã ¼­ºñ½º ½ÃÀÛ(Threat Post)

http://threatpost.com/craigslist-back-online-following-dns-hijack/109559


Å©·¹À̱×Á½ºÆ® »ç¿ëÀÚµé, ¾Ç¼º »çÀÌÆ®·Î ¿ìȸµÅ(The Register)

http://www.theregister.co.uk/2014/11/25/craigslist_pushes_punters_to_youtube_hacker_site/

Å©·¹À̱×Á½ºÆ®´Â °³ÀÎ ±¤°í, ±¸ÀÎ, Åä·Ð µîÀÌ ¹ú¾îÁö´Â ´ëÇü Ä¿¹Â´ÏƼ »çÀÌÆ®ÀÔ´Ï´Ù. Áö³­ ÁÖ¸», ¿ì¸®³ª¶ó ½Ã°¢À¸·Î ¿ù¿äÀÏÂë¿¡ ÇØÅ·ÀÌ ÀÌ·ç¾îÁø °ÍÀ¸·Î º¸À̴µ¥¿ä, °á°úÀûÀ¸·Î´Â »ç¿ëÀÚµéÀ» ÀüÇô ´Ù¸¥ »çÀÌÆ®·Î ¿ìȸ½ÃÅ°´Â µ¥ ¼º°øÇß½À´Ï´Ù. ±×Áß Çϳª°¡ ÇØÄ¿µéÀÇ Ä¿¹Â´ÏƼÀÎ µðÁöÅа»½ºÅÍ(DigitalGanster.com)Àε¥, ¶æÇÏÁö ¾ÊÀº Æ®·¡ÇÈ Áõ°¡ ¶§¹®¿¡ ¼­ºñ½º°¡ ÁߴܵDZ⵵ Çß½À´Ï´Ù. µðÁöÅа»½ºÅÍ´Â Æ®À§ÅÍ °èÁ¤, ºê¸®Æ®´Ï ½ºÇǾîÁî °ø½Ä »çÀÌÆ® µîÀ» ÇØÅ·ÇÑ °ÍÀ¸·Î À¯¸íÇÑ °÷ÀÔ´Ï´Ù. ÀÌ°÷ ¿î¿µÀÚ´Â À̹ø »ç°Ç°ú °ü·ÃÀÌ ¾ø´Ù°í ÁÖÀåÇÏ°í ÀÖ´Â »óÅÂÀÔ´Ï´Ù. Çѱ¹¿¡µµ »ç¿ëÀÚ°¡ ÀÖÀ» °Í °°¾Æ¼­ µ¡ºÙÀ̸é, °è¼ÓÇؼ­ Å©·¹À̱×Á½ºÆ®¿¡ Á¢¼ÓÀÌ ºÒ°¡ÇÑ °æ¿ì DNS ¼­¹ö¿¡ ÀÖ´Â craigslist.org¿Í craigslist.com ¿£Æ®¸®¸¦ Áö¿ì¸é µÈ´Ù°í ÇÕ´Ï´Ù.

[±¹Á¦ºÎ ¹®°¡¿ë ±âÀÚ(globoan@boannews.com)]


<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>

  •  
  • 0
  • ÆäÀ̽ººÏ º¸³»±â Æ®À§ÅÍ º¸³»±â ³×À̹ö ¹êµå º¸³»±â Ä«Ä«¿À ½ºÅ丮 º¸³»±â ³×À̹ö ºí·Î±× º¸³»±â

  • ¡°
  •  SNS¿¡¼­µµ º¸¾È´º½º¸¦ ¹Þ¾Æº¸¼¼¿ä!! 
  • ¡±
¾Æ½ºÆ®·Ð½ÃÅ¥¸®Æ¼ ÆÄ¿öºñÁî 2023³â2¿ù23ÀÏ ½ÃÀÛ ³Ý¾Øµå ÆÄ¿öºñÁî ÁøÇà 2020³â1¿ù8ÀÏ ½ÃÀÛ~2021³â 1¿ù8ÀϱîÁö À§Áîµð¿£¿¡½º 2018
¼³¹®Á¶»ç
³»³â ȸ»ç¿¡ ²À µµÀÔÇÏ°í ½ÍÀº º¸¾È ¼Ö·ç¼Ç ¶Ç´Â Ç÷§ÆûÀº ¹«¾ùÀΰ¡¿ä?
XDR
EDR
AI º¸¾È
Á¦·ÎÆ®·¯½ºÆ®
°ø±Þ¸Á º¸¾È ü°è(SBOM)
Ŭ¶ó¿ìµå º¸¾È ¼Ö·ç¼Ç
±âŸ(´ñ±Û·Î)