Common Security Threats and Protection Measures in Embedded Systems

Common Security Threats and Protection Measures in Embedded Systems

Due to the unique nature of embedded systems, there are many security threats. First, because embedded systems have limited resources, with small RAM and ROM, and limited processing speed, they cannot simultaneously implement multiple security defense measures, making them vulnerable to attacks. Second, the diverse deployment environments of embedded systems, such as industrial production environments, … Read more

Multi-Stage Word Attack Without Macros

Multi-Stage Word Attack Without Macros

Spam publishers are using a new technique to infect users with malware. Although this attack relies on users opening Word documents, it does not require users to allow macro script execution. This new non-macro technique is currently under active development, and researchers at Trustwave SpiderLabs are investigating malware activity. The company states that scammers are … Read more

Linux Threat Hunting: Analysis of the Wild Rootkit ‘Syslogk’

Linux Threat Hunting: Analysis of the Wild Rootkit ‘Syslogk’

Keywords Linux, rootkit, analysis, malware 1. Background Introduction A rootkit is a dangerous type of malware that is difficult to detect once it is implanted in a host. Compared to other types of malware, it is harder to write, so developers often reuse open-source rootkit projects for development. Since rootkit analysis is quite interesting, the … Read more

Your Phone is Exposed! The Hidden Dangers of Public Wi-Fi

Your Phone is Exposed! The Hidden Dangers of Public Wi-Fi

Nowadays, public places such as airports, train stations, and shopping malls commonly offer free Wi-Fi services, allowing users to easily connect to the internet and enjoy a convenient online experience. However, this convenience hides significant security risks that cannot be ignored. It is important to note that if these open networks are exploited by malicious … Read more

RSA Cryptography Inventor: The World Would Be Better Without Cryptocurrency

RSA Cryptography Inventor: The World Would Be Better Without Cryptocurrency

The co-inventor of the RSA encryption algorithm and Turing Award winner, Adi Shamir, stated at the RSA Security Conference in San Francisco that “the world would be better without cryptocurrency.” He pointed out that although the Bitcoin white paper proposed noble ideals, the current cryptocurrency landscape is highly concentrated in a few large exchanges, primarily … Read more

[MalDev-17] Custom Encryption Algorithms and Elliptic Curves

[MalDev-17] Custom Encryption Algorithms and Elliptic Curves

03 – Custom Encryption Algorithms Common hash algorithms such as Caesar, Base64, and MurmurHash have come under scrutiny from security researchers, often being used as features to identify malware. Therefore, it is advisable to use custom or less common algorithms. base58 encryption cmd.exe #include <winsock2.h> #include <string.h> #include <stdio.h> #include <stdlib.h> const char * const … Read more

Linux Security: Easily Scan Your Servers for Rootkits

Linux Security: Easily Scan Your Servers for Rootkits

Open-source tools like Linux Malware Detect and Chkrootkit can alert you to unwanted visitors on your server. Translated from “Linux Security: Scan Your Servers for Rootkits With Ease” by Jack Wallen. Linux is one of the most secure operating systems on the planet. However, nothing is absolutely secure, and if a server is connected to … Read more

A Brief Analysis of Hyperjacking Attacks in Virtualized Environments

A Brief Analysis of Hyperjacking Attacks in Virtualized Environments

In September 2022, security researchers discovered a rare new type of attack method known as Hyperjacking. Attackers deployed an infection implant within VMware virtualization software to control the infected virtual machine systems and evade detection. It is important to emphasize that the danger of this attack lies not in exploiting external remote code execution vulnerabilities, … Read more

Common Security Threats and Protections in Embedded Systems

Common Security Threats and Protections in Embedded Systems

Due to the uniqueness of embedded systems, there are many security threats. Firstly, because embedded systems have limited resources, with small RAM and ROM and limited processing speed, they cannot implement multiple security defense measures simultaneously, making them vulnerable to attacks. Secondly, the diverse deployment environments of embedded systems, such as industrial production environments, medical … Read more

Unpacking Malware: Weak Encryption Algorithms

Unpacking Malware: Weak Encryption Algorithms

A few days ago, I started writing a series of articles about tools and methods for unpacking malware. Each piece of malware or packer is different, and sometimes a universal method cannot be used for unpacking. However, common characteristics can sometimes be found. For example, packers often use weak encryption algorithms, and breaking these algorithms … Read more