2月21日安全热点 - 特斯拉云系统被黑客利用/ COLDROOT RAT

 

资讯类

特斯拉云系统被黑客利用来挖掘加密货币

http://www.zdnet.com/article/tesla-systems-used-by-hackers-to-mine-cryptocurrency/

https://www.bleepingcomputer.com/news/security/tesla-internal-servers-infected-with-cryptocurrency-miner/

 

针对MacOS的跨平台恶意软件Coldroot RAT不能被检测

Coldroot RAT cross-platform malware targets MacOS without being detected

http://www.zdnet.com/article/coldroot-nasty-mac-trojan-went-undetected-for-years/

https://www.bleepingcomputer.com/news/security/coldroot-rat-still-undetectable-despite-being-uploaded-on-github-two-years-ago/

 

关于LockCrypt .1BTC勒索软件变体的讨论

https://www.bleepingcomputer.com/news/security/lockcrypt-1btc-variant-installed-over-hacked-remote-desktop-services/

 

 

技术类

Encryption 101: a malware analyst’s primer

https://blog.malwarebytes.com/threat-analysis/2018/02/encryption-101-malware-analysts-primer/

5分钟教程：通过UART获得root权限

http://konukoii.com/blog/2018/02/16/5-min-tutorial-root-via-uart

 

Analyzing Kelihos SPAM in CapLoader and NetworkMiner

http://www.netresec.com/?page=Blog&month=2018-02&post=Analyzing-Kelihos-SPAM-in-CapLoader-and-NetworkMiner

Malicious Entity Injection (MEI) to do a Laughing Man style attack on X Reality

https://medium.com/@aoighost/malicious-entity-injection-mei-to-do-a-laughing-man-style-attack-on-x-reality-61e93672a81a

通过Windows安装程序文件传播恶意软件

https://isc.sans.edu/forums/diary/Malware+Delivered+via+Windows+Installer+Files/23349

Breaking into iOS 11

https://blog.elcomsoft.com/2018/02/breaking-into-ios-11/

Quantstamp（QSP）分析

https://bitshouts.com/qsp-quantstamp-analysis/

 

DDoS攻击新玩法之WebSocket

http://www.4hou.com/info/news/10425.html

 

针对Android的学习和信息检索的恶意软件检测

https://github.com/dkhuuthe/MADLIRA

Multiverse——静态二进制重写器

https://github.com/utds3lab/multiverse

 

elf-strings读取工具

https://github.com/LloydLabs/elf-strings