Enviar pesquisa
Carregar
Embedded linux 악성코드 동향 20150323 v1.0 공개판
•
20 gostaram
•
4,077 visualizações
Minseok(Jacky) Cha
Seguir
인터넷 공유기 중심의 Embedded Linux 악성코드 동향과 임베디드 리눅스와 연관된 IoT 얘기 살짝 Home Router malware
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 79
Baixar agora
Baixar para ler offline
Recomendados
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
Minseok(Jacky) Cha
Tick group @avar2019 20191111 cha minseok_publish
Tick group @avar2019 20191111 cha minseok_publish
Minseok(Jacky) Cha
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Minseok(Jacky) Cha
Next Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and Defense
Luca Simonelli
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...
B.A.
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
CODE BLUE
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Real-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFE
Wasim Halani
Recomendados
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
Minseok(Jacky) Cha
Tick group @avar2019 20191111 cha minseok_publish
Tick group @avar2019 20191111 cha minseok_publish
Minseok(Jacky) Cha
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Minseok(Jacky) Cha
Next Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and Defense
Luca Simonelli
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...
B.A.
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
CODE BLUE
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Real-Time Static Malware Analysis using NepenthesFE
Real-Time Static Malware Analysis using NepenthesFE
Wasim Halani
Now you see me, now you don't: chasing evasive malware - Giovanni Vigna
Now you see me, now you don't: chasing evasive malware - Giovanni Vigna
Lastline, Inc.
Malware in the Wild: Evolving to Evade Detection
Malware in the Wild: Evolving to Evade Detection
Lastline, Inc.
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
Chi En (Ashley) Shen
Full-System Emulation Achieving Successful Automated Dynamic Analysis of Evas...
Full-System Emulation Achieving Successful Automated Dynamic Analysis of Evas...
Lastline, Inc.
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Hacks in Taiwan (HITCON)
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Rahul Mohandas
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CODE BLUE
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014
Greg Foss
Detection Rules Coverage
Detection Rules Coverage
Sunny Neo
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber Security
PRISMA CSI
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill Chain
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
Introduction to Malware - Part 1
Introduction to Malware - Part 1
Lastline, Inc.
Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016
Greg Foss
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
Andrew Morris
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post Exploitation
PRISMA CSI
Setup Your Personal Malware Lab
Setup Your Personal Malware Lab
Digit Oktavianto
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
Greg Foss
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
CODE BLUE
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
John Bambenek
Threat Intelligence Field of Dreams
Threat Intelligence Field of Dreams
Greg Foss
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?
Zoltan Balazs
Mais conteúdo relacionado
Mais procurados
Now you see me, now you don't: chasing evasive malware - Giovanni Vigna
Now you see me, now you don't: chasing evasive malware - Giovanni Vigna
Lastline, Inc.
Malware in the Wild: Evolving to Evade Detection
Malware in the Wild: Evolving to Evade Detection
Lastline, Inc.
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
Chi En (Ashley) Shen
Full-System Emulation Achieving Successful Automated Dynamic Analysis of Evas...
Full-System Emulation Achieving Successful Automated Dynamic Analysis of Evas...
Lastline, Inc.
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Hacks in Taiwan (HITCON)
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Rahul Mohandas
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CODE BLUE
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014
Greg Foss
Detection Rules Coverage
Detection Rules Coverage
Sunny Neo
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber Security
PRISMA CSI
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill Chain
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
Introduction to Malware - Part 1
Introduction to Malware - Part 1
Lastline, Inc.
Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016
Greg Foss
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
Andrew Morris
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post Exploitation
PRISMA CSI
Setup Your Personal Malware Lab
Setup Your Personal Malware Lab
Digit Oktavianto
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
Greg Foss
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
CODE BLUE
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
John Bambenek
Threat Intelligence Field of Dreams
Threat Intelligence Field of Dreams
Greg Foss
Mais procurados
(20)
Now you see me, now you don't: chasing evasive malware - Giovanni Vigna
Now you see me, now you don't: chasing evasive malware - Giovanni Vigna
Malware in the Wild: Evolving to Evade Detection
Malware in the Wild: Evolving to Evade Detection
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
Full-System Emulation Achieving Successful Automated Dynamic Analysis of Evas...
Full-System Emulation Achieving Successful Automated Dynamic Analysis of Evas...
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Detecting Evasive Malware in Sandbox
Detecting Evasive Malware in Sandbox
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014
Detection Rules Coverage
Detection Rules Coverage
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber Security
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill Chain
Introduction to Malware - Part 1
Introduction to Malware - Part 1
Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post Exploitation
Setup Your Personal Malware Lab
Setup Your Personal Malware Lab
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
Threat Intelligence Field of Dreams
Threat Intelligence Field of Dreams
Semelhante a Embedded linux 악성코드 동향 20150323 v1.0 공개판
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?
Zoltan Balazs
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Minseok(Jacky) Cha
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)
Security Weekly
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Maksim Shudrak
The Role of Standards in IoT Security
The Role of Standards in IoT Security
Hannes Tschofenig
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
Amit Serper
Honeypots for Active Defense
Honeypots for Active Defense
Greg Foss
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)
Martin Schütte
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
CODE BLUE
[CON3189] JavaOne 2016 - Introduction to Java ME development for the Raspberr...
[CON3189] JavaOne 2016 - Introduction to Java ME development for the Raspberr...
Kevin Hooke
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
fangjiafu
Web Application Detection with SNORT
Web Application Detection with SNORT
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
44CON Hacking Enterprises
44CON Hacking Enterprises
in.security Ltd.
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
Santhosh Kumar
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Priyanka Aash
" Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on...
PROIDEA
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
veerababu penugonda(Mr-IoT)
Hacking intranet websites
Hacking intranet websites
shehab najjar
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
North Texas Chapter of the ISSA
Semelhante a Embedded linux 악성코드 동향 20150323 v1.0 공개판
(20)
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
The Role of Standards in IoT Security
The Role of Standards in IoT Security
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
Honeypots for Active Defense
Honeypots for Active Defense
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CON3189] JavaOne 2016 - Introduction to Java ME development for the Raspberr...
[CON3189] JavaOne 2016 - Introduction to Java ME development for the Raspberr...
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Web Application Detection with SNORT
Web Application Detection with SNORT
44CON Hacking Enterprises
44CON Hacking Enterprises
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
Breaking Extreme Networks WingOS: How to own millions of devices running on A...
" Breaking Extreme Networks WingOS: How to own millions of devices running on...
" Breaking Extreme Networks WingOS: How to own millions of devices running on...
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
Hacking intranet websites
Hacking intranet websites
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Mais de Minseok(Jacky) Cha
From stealing confidential data to revenue-generating attacks
From stealing confidential data to revenue-generating attacks
Minseok(Jacky) Cha
2017년 3분기 정보보안 소식 20180107 차민석
2017년 3분기 정보보안 소식 20180107 차민석
Minseok(Jacky) Cha
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Minseok(Jacky) Cha
2017년 1분기 정보보안 소식 20170528 차민석_공개판
2017년 1분기 정보보안 소식 20170528 차민석_공개판
Minseok(Jacky) Cha
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
Minseok(Jacky) Cha
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
Minseok(Jacky) Cha
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
Minseok(Jacky) Cha
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
Minseok(Jacky) Cha
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
Minseok(Jacky) Cha
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
Minseok(Jacky) Cha
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
Minseok(Jacky) Cha
Csi cyber season 1 episode 1 차민석 20160113
Csi cyber season 1 episode 1 차민석 20160113
Minseok(Jacky) Cha
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
Minseok(Jacky) Cha
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
Minseok(Jacky) Cha
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
Minseok(Jacky) Cha
2015년 1분기 주요 정보보안 소식 20150512 공개판
2015년 1분기 주요 정보보안 소식 20150512 공개판
Minseok(Jacky) Cha
Mais de Minseok(Jacky) Cha
(16)
From stealing confidential data to revenue-generating attacks
From stealing confidential data to revenue-generating attacks
2017년 3분기 정보보안 소식 20180107 차민석
2017년 3분기 정보보안 소식 20180107 차민석
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
2017년 1분기 정보보안 소식 20170528 차민석_공개판
2017년 1분기 정보보안 소식 20170528 차민석_공개판
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
Csi cyber season 1 episode 1 차민석 20160113
Csi cyber season 1 episode 1 차민석 20160113
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
2015년 1분기 주요 정보보안 소식 20150512 공개판
2015년 1분기 주요 정보보안 소식 20150512 공개판
Último
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Wonjun Hwang
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Zilliz
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Último
(20)
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Embedded linux 악성코드 동향 20150323 v1.0 공개판
1.
(Home Router 중심)
IoT 악성코드 2015.03.20 (V1.0) – 공개용 안랩 시큐리티대응센터(ASEC) 분석팀 차민석 (車珉錫, CHA Minseok, Jacky Cha, mstoned7) 책임 연구원 사실 Home Network Devices 중심 Embedded Linux 악성코드
2.
© AhnLab, Inc.
All rights reserved. 2 :~$apropos • IoT • EmbeddedLinux • Home Network • 주요 EmbeddedLinux악성코드 • Casestudy
3.
© AhnLab, Inc.
All rights reserved. 3 :~$whoami Profile − 차민석 (車珉錫, CHA Minseok, Jacky Cha, mstoned7) − 1988년 1월 7일 : Apple ][+ 복제품으로 컴퓨터 시작 − 1989년 : Brain virus 변형 감염 − 1997년 : AhnLab 입사 − AhnLab 책임 연구원 (Senior Antivirus Researcher) − 시큐리티 대응센터(ASEC) 분석팀에서 악성코드 분석 및 연구 중 - 민간합동 조사단, 사이버보안 전문단 - AVED, AMTSO, vforum 멤버 - Wildlist Reporter
4.
Contents 01 02 03 04 05 06 07 IoT 그리고 Embedded
Linux Home Network 사건 사고 주요 악성코드 Case study 대응 방법과 한계 맺음말 및 전망
5.
01 IoT 그리고 Embedded
Linux
6.
© AhnLab, Inc.
All rights reserved. 6 IoT (Internet of Things) • IoT - 사람과사물,사물과사물간정보를상호소통하는지능형기술및서비스 * Source:http://en.wikipedia.org/wiki/Internet_of_Things
7.
© AhnLab, Inc.
All rights reserved. 7 IoT (Internet of Things) • 활용 분야 - * Source:http://www.kpcb.com/blog/how-kleiner-perkins-invests-in-the-internet-of-things-picking-the-winners
8.
© AhnLab, Inc.
All rights reserved. 8 IoT (Internet of Things) 사생활 침해 훔쳐 보기 정보 유출 개인 정보 유출 데이터 조작 내부/통신 데이터 조작 의료 기기는 큰 문제 악성코드 감염 DDoS 공격 Bitcoin 채굴 등 보안 위협
9.
© AhnLab, Inc.
All rights reserved. IoT (Internet of Things) OS EmbededLinux iOS Windows Contiki Riot mbed Tizen
10.
© AhnLab, Inc.
All rights reserved. 10 IoT (Internet of Things) • Windows10 RaspberryPi2 지원 - * Source:http://www.raspberrypi.org/raspberry-pi-2-on-sale
11.
© AhnLab, Inc.
All rights reserved. 11 Embedded Linux • EmbeddedLinux - * Source:http://en.wikipedia.org/wiki/Linux_on_embedded_systems
12.
02 Home Network
13.
© AhnLab, Inc.
All rights reserved. 13 Home Network • Home Router - 인터넷공유기,Wi-FiRouter,WirelessRouter * Source:http://en.wikipedia.org/wiki/Wireless_router
14.
© AhnLab, Inc.
All rights reserved. 14 Home Network • SOC (System on a chip) - * Source:http://en.wikipedia.org/wiki/System_on_a_chip
15.
© AhnLab, Inc.
All rights reserved. 15 Home Network Home Router • 제품 사양 - MIPS -EmbeddedLinux * Source:http://www.iptime.co.kr&http://www.netcheif.com/Reviews/BR-6478AC/PDF/8197D.pdf
16.
© AhnLab, Inc.
All rights reserved. 16 Home Network Embedded Linux • Busybox - 주요Linux명령어를하나의파일에담음 * Source:http://www.busybox.net/
17.
© AhnLab, Inc.
All rights reserved. 17 Home Network Embedded Linux • Login - 공장출시기본Login/password
18.
© AhnLab, Inc.
All rights reserved. 18 Home Network Embedded Linux • BusyBox -
19.
© AhnLab, Inc.
All rights reserved. 19 Home Network Home Router • cpuinfo -
20.
© AhnLab, Inc.
All rights reserved. 20 Home Network Embedded Linux • Shellshock테스트 - 다행히취약점없음
21.
03 사건 사고
22.
© AhnLab, Inc.
All rights reserved. 22 드라마 속 IoT • 해킹을 통한 살인 - 말기암환자가 자동차,POS,엘리베이터를해킹해살해시도 * Source:CSI NewyorkSeason6Eipsode2(2009)
23.
© AhnLab, Inc.
All rights reserved. 23 설정 변경 • 인터넷 공유기 DNS 주소 변경 - 인터넷공유기보안취약점이용해DNS주소변경해유명사이트접속할때가짜웹사이트유도
24.
© AhnLab, Inc.
All rights reserved. 24 설정 변경 • 인터넷 공유기 DNS 주소 변경 - 인터넷공유기허점이용해악성코드감염시도 * source:http://www.krcert.or.kr/kor/data/secNoticeView.jsp?p_bulletin_writing_sequence=20950
25.
© AhnLab, Inc.
All rights reserved. 25 설정 변경 • 인터넷 공유기 제작 업체 - firmware업데이트권고 * source:http://www.iptime.co.kr/~iptime/bbs/view.php?id=notice&page=2&ffid=&fsid=&dffid=&dfsid=&dftid=&sn1=&divpage=1&dis_comp=&sn=off&ss= on&sc=on&select_arrange=headnum&desc=asc&dis_comp=&ng_value=&x_value=&no=812
26.
© AhnLab, Inc.
All rights reserved. 26 설정 변경 • Sality - Salityvirus가primaryDNS변경하는Rbrute설치 * Source:http://www.welivesecurity.com/2014/04/02/win32sality-newest-component-a-routers-primary-dns-changer-named-win32rbrute29
27.
© AhnLab, Inc.
All rights reserved. 27 자료 변조 • sinology사의 NAS취약점 공격 - DSM4.3-3810orearlier취약점이용해내부보관파일암호화후돈요구ransomware등장 * source:http://www.synology.com/en-us/company/news/article/470
28.
© AhnLab, Inc.
All rights reserved. 28 Backdoor • Netisrouter 내 Backdoor포함 - UDP53413이용 * source:http://www.netiskorea.com/atboard_view.php?grp1=news&grp2=notice&uid=9034
29.
© AhnLab, Inc.
All rights reserved. 29 Backdoor • Netisrouter 내 Backdoor포함 - NetisKorea에서국내제품에는Backdoor존재하지않음공지 * source:http://www.netiskorea.com/atboard_view.php?grp1=news&grp2=notice&uid=9034
30.
© AhnLab, Inc.
All rights reserved. 30 DDoS • 인터넷 장애 발생 - 2014년11월29일오전SK브로드밴드와LG유플러스DNS서버에대한공격발생 * Source:http://www.zdnet.co.kr/news/news_view.asp?artice_id=20141129202907&type=xml
31.
© AhnLab, Inc.
All rights reserved. 31 DDoS • Home Router이용한 DDoS공격 -2014년크리스마스때LizardSquad의Microsoft’sXboxlive,SonyPlayStationNetwork공격 * Source:http://krebsonsecurity.com/2015/01/lizard-stresser-runs-on-hacked-home-routers/
32.
04 주요 악성코드
33.
© AhnLab, Inc.
All rights reserved. Timeline 2009 Aidra Gafgyt (Fgt) Uteltend(Knb, Chuck Norris) 2010 20122008 2013 2014 2015 Darlloz Uteltend(Knb, Chuck Norris 2)Psybot Themoon Moose Baswool 2011 Hydra
34.
© AhnLab, Inc.
All rights reserved. 34 Hydra • Hydra -2011년4월공개된IRCbot -2008년부터undergroundforums에서존재 -D-Link장비취약점이용 * Source:http://baume.id.au/psyb0t/PSYB0T.pdf
35.
© AhnLab, Inc.
All rights reserved. 35 Psybot • Psybot - 2009년1월TerryBaume발견 * Source:http://baume.id.au/psyb0t/PSYB0T.pdf
36.
© AhnLab, Inc.
All rights reserved. 36 Psybot • Psybot - 첫inthewild.DDoS공격에이용 * Source:http://www.dronebl.org/blog/8
37.
© AhnLab, Inc.
All rights reserved. 37 Psybot • Psybot -MIPSLinux악성코드 -UPX로압축
38.
© AhnLab, Inc.
All rights reserved. 38 Uteltend (Chuck Norris, Knb) • ChuckNorrisBotnet -2009년말Czech의Masaryk대학에서발견 -MIPSLinuxIRCbot -TELNETbruteforceattack * Source:http://www.muni.cz/research/projects/4622/web/chuck_norris._botnet
39.
© AhnLab, Inc.
All rights reserved. 39 Uteltend (Chuck Norris, Knb) • ChuckNorrisBotnet -Sourcecode내이탈리아어‘[R]angerKillato:innomediChuckNorris!’존재 -knb-mipsUPX해제하면‘KnbKeepnickbot0.2.2’문자열존재
40.
© AhnLab, Inc.
All rights reserved. 40 Uteltend (Chuck Norris, Knb) • 파일 구성 - 설정파일 - IRCBot+DDoS공격도구 -password
41.
© AhnLab, Inc.
All rights reserved. 41 Uteltend (Chuck Norris, Knb) • 파일 구성 - Kaiten(Tsunami)DDoS공격도구포함
42.
© AhnLab, Inc.
All rights reserved. 42 Aidra (Lightaidra) • 악성 IRCbot - 2012년2월발견.국내에도감염보고 -DDoS공격 * Source:http://www.fitsec.com/blog/index.php/2012/02/19/new-piece-of-malicious-code-infecting-routers-and-iptvs/
43.
© AhnLab, Inc.
All rights reserved. 43 Aidra (Lightaidra) getbinaries.sh ARM MIPS MIPSEL Power PC SuperH script
44.
© AhnLab, Inc.
All rights reserved. 44 Aidra (Lightaidra) • Aidravs Darlloz - 경쟁관계인Darlloz제거기능 추가 * Source:http://now.avg.com/war-of-the-worms/
45.
© AhnLab, Inc.
All rights reserved. 45 Darlloz (Zollard) • Darlloz -2013년10월발견된InternetofThings감염worm -x86,MIPS,ARM,PowerPC감염 -가상화폐채굴기능추가 * source:http://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency
46.
© AhnLab, Inc.
All rights reserved. 46 Darlloz (Zollard) • 감염 -전세계31,000대시스템감염추정 -국내시스템이전체감염중17%차지 * source:http://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency
47.
© AhnLab, Inc.
All rights reserved. Darlloz (Zollard) script armeabi arm Power PC MIPS mipsel x86
48.
© AhnLab, Inc.
All rights reserved. 48 Darlloz (Zollard) • Darlloz -PHP취약점php-cgiInformationDisclosureVulnerability(CVE-2012-1823)이용 -router,set-topboxes암호추측:dreambox,vizxv,stemroot,sysadmin,superuser,1234,12345,1111,smcadmin
49.
© AhnLab, Inc.
All rights reserved. 49 Darlloz (Zollard) • Darlloz - 시스템에맞는cpuminer 다운로드후설치해Mincoins,Dogecoins,Bitcoins등가상화폐채굴
50.
© AhnLab, Inc.
All rights reserved. 50 Themoon • Themoon - 2014년2월13일발견 -LinksysHomerouter취약점이용해감염 * Source:https://isc.sans.edu/diary/Linksys+Worm+%22TheMoon%22+Summary%3A+What+we+know+so+far/17633
51.
© AhnLab, Inc.
All rights reserved. 51 Themoon • Themoon - Strings
52.
© AhnLab, Inc.
All rights reserved. 52 Themoon • Themoon - 포함된PNG이미지
53.
© AhnLab, Inc.
All rights reserved. 53 Gafgyt (Bashlite.SMB, Fgt) • Gafgyt (Bashlite.SMB,Fgt) - TrendMicro에서BusyBox이용한Bashlite로소개 * Source:http://blog.trendmicro.com/trendlabs-security-intelligence/bashlite-affects-devices-running-on-busybox/
54.
© AhnLab, Inc.
All rights reserved. 54 Gafgyt (Bashlite.SMB, Fgt) • Gafgyt (Bashlite.SMB,Fgt) - Dr.Web정보공개 * Source:https://news.drweb.com/show/?i=7092&lng=en
55.
© AhnLab, Inc.
All rights reserved. 55 Gafgyt (Bashlite.SMB, Fgt) • Gafgyt (Bashlite.SMB,Fgt) -이미최소2014년8월부터존재 -2014년11월24일MicrosoftDDoS공격에이용 -2014년말게임사이트DDoS공격한Lizard'sStresser에이용 -2015년1월Sourcecode공개 -Sourcecode공개로다양한변형제작중
56.
© AhnLab, Inc.
All rights reserved. 56 Gafgyt (Bashlite.SMB, Fgt) • 기능 * Source:http://vms.drweb.com/virus/?i=4242198
57.
© AhnLab, Inc.
All rights reserved. 57 Gafgyt (Bashlite.SMB, Fgt) • bin.sh * Source:http://vms.drweb.com/virus/?i=4242198
58.
© AhnLab, Inc.
All rights reserved. 58 Moose • Moose - 최소2014년10월부터활동시작한BitCoin채굴 -ARM,MIPS버전존재 -국내HomeRouter에서도발견
59.
© AhnLab, Inc.
All rights reserved. 59 Baswool • Baswool - 2014년11월국내발견확인 -Bashwoop(Powbot)과유사
60.
© AhnLab, Inc.
All rights reserved. 60 Baswool • 변형 - Virustotal에2014년12월9일최초접수 -주요문자열암호화 * md5:331596b415ce2228e596cda400d8bfd2
61.
05 Case study
62.
06 대응 방법과 한계
63.
© AhnLab, Inc.
All rights reserved. 현재 문제점 Antivirus 프로그램 부재 • Antivirus를 포함한 별다른 보안 프로그램 없음 • 특성상 백신 및 전용 백신 배포 어려움 • 현재 사용자가 직접 설치해 야 함 악성코드 제거 • 수동 제거 해야 함 • 가정 방문해 제거 ! (가가호 호 !) Firmware Update • 사용자가 직접 업데이트 • 얼마나 많은 사람이 Firmware Update 를 ?!
64.
© AhnLab, Inc.
All rights reserved. 64 정부 대책 • 미래부 인터넷 공유기 보안 강화 발표 -2015년6월:인터넷공유기의실시간모니터링시스템구축 -2015년7월:공유기보안업데이트체계구축·운영 * Source:http://www.ddaily.co.kr/news/article.html?no=127945
65.
© AhnLab, Inc.
All rights reserved. 65 정부 대책 • 반응 - * Source:http://www.clien.net/cs2/bbs/board.php?bo_table=news&wr_id=1953579
66.
© AhnLab, Inc.
All rights reserved. 66 정부 대책 • 반응 - * Source:http://cafe.naver.com/malzero
67.
© AhnLab, Inc.
All rights reserved. 67 정부 대책 • 반응 - * Source: http://www.iptime.co.kr/~iptime/bbs/view.php?id=notice&page=1&ffid=&fsid=&dffid=&dfsid=&dftid=&sn1=&divpage=1&dis_comp=&sn=off&ss=on&sc= on&select_arrange=headnum&desc=asc&dis_comp=&ng_value=&x_value=&no=915
68.
© AhnLab, Inc.
All rights reserved. 68 현재 문제점 • 분석가 입장 - EmbededLinuxLinux경험부족 - ARM/MIPSProcessor경험부족 -Hardwaredebugging경험부족 -수많은IoT에대한분석능력필요?!
69.
07 맺음말 및 전망
70.
© AhnLab, Inc.
All rights reserved. 70 Wrap up • 이미 많은 공유기 악성코드 존재 - 2009년부터공격시작되었지만우리는너무몰랐네… • Study! - ARM,MIPS -EmbeddedLinux -Hardwaredebugging등
71.
© AhnLab, Inc.
All rights reserved. 71 MIPS • What the hell?! -생소한명령어 -색다른syscall방식 -아직Hex-raysdecompiler미지원
72.
© AhnLab, Inc.
All rights reserved. 72 Vulnerabilities • Smart Home 분석 -온도조절장치,스마트잠금장치,스마트전구,스마트연기감지기,스마트에너지관리기기,스마트허브등50가 지분석 * Source:http://www.symantec.com/connect/blogs/iot-smart-home-giving-away-keys-your-kingdom
73.
© AhnLab, Inc.
All rights reserved. 73 Vulnerabilities • 계속 발견되는 취약점 - * Source:https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2
74.
© AhnLab, Inc.
All rights reserved. 74 Vulnerabilities • 계속 발견되는 취약점 - * Source:https://beyondbinary.io/advisory/seagate-nas-rce
75.
© AhnLab, Inc.
All rights reserved. 75 현재의 보안 문제 • Not reallya fair fight * source:http://image-store.slidesharecdn.com/81268b95-5c3b-4604-9129-d83ab3dc4600-large.png
76.
© AhnLab, Inc.
All rights reserved. 76 현재의 보안 문제 • 모두가 함께 해야 하는 보안 * source:http://www.security-marathon.be/?p=1786
77.
© AhnLab, Inc.
All rights reserved. 77 Q&A email : minseok.cha@ahnlab.com / mstoned7@gmail.com http://xcoolcat7.tistory.com https://twitter.com/xcoolcat7, https://twitter.com/mstoned7
78.
© AhnLab, Inc.
All rights reserved. 78 Reference • Marta Janus/Kaspersky,‘Headsof the Hydra. Malwarefor Network Devices’, 2011 (http://securelist.com/analysis/36396/heads-of-the-hydra-malware-for-network- devices/?replyto=15081&tree=0) • Marta Janus/Kaspersky,‘Stateof play: network devicesfacingbulls-eye’,2014 (http://securelist.com/blog/research/67794/state-of-play-network-devices-facing-bulls-eye) • 손기종/공유기 공격 사례를 통한 사물인터넷 기기 보안 위협, 2015 • 장영준/Samsung(Personal Communication) • 류소준 (Ryu Sojun)/KISA(Personal Communication) • 신동은 (ShinDongeun)/KISA(PersonalCommunication) • 조인중 (Cho Injoong)/SKBroadband(PersonalCommunication)
79.
D E S
I G N Y O U R S E C U R I T Y
Baixar agora