Front high energy: a lot of hacker sister stunts and anti-fraud skills, do not believe you see | Home Weekly


First, look at "Bureaucracy 5" to explain the hacking technique

On the weekend, I walked into the cinema with my sister and watched the “Burners 5”. The sister was lethargic. At this time, as a house visitor, even if you don’t understand hacking techniques, because you read this article in advance, you can While explaining the sisters, I guarantee that my sister won't be afraid of it. After watching the movie, she can pick up the little hand and play happily together...

In front of high energy, can not miss the key plot reminder -

1. How was the CIA hacked? The old partner Jayson Parsons of “James Bourne” in order to help him return to normal life, used a U disk at the hacking base of Sackov to open all the hosts of the CIA. The back door of the secret file. This U disk is not an ordinary U disk. It contains malicious software USBee (USB bee). It is like collecting honey between different flowers. USB disk with USBee can be turned into data transmission without any modification. , to collect data from any computer that has physical isolation measures.

2. When Niki Parsenko invaded the CIA at the hacking base in Sackov, a female hacker in the room said loudly: "Using SQL injection to break their database." The female hacker mentioned SQL injection It is one of the common methods used to attack the database. The so-called SQL injection, is to insert SQL commands into the Web form to submit or enter the query string of the domain name or page request, and ultimately to deceive the server to execute malicious SQL commands.

3. When Niki Parsonki was reading the CIA's stealth data while he was copying, Heather Lee quickly used the reverse tracking code to locate the hacking base. Reverse tracking technology refers to IP traceback, which is an effective method used to determine the source address of an IP packet. For anti-hackers, how to trace the initiator of an attack is an important bridge to identify and prevent attacks and pursue accountability. However, anti-tracking technology must be effective when the attack is ongoing. Once the attack is stopped, the anti-tracking technology process will be interrupted.

4. When he was looking for an answer, Jason Born found the right person to Nicky Parsonki and read the U disk data via computer. Heather Lee used only two old mobile phones in the room. Minutes of time connected to the computer that was reading U disk data and quickly deleted all files. The research results of this technology are also from the same team in Israel. The team used a nine-year-old Motorola cell phone to demonstrate this new type of attack. This phone lacks some of the features of modern smartphones, such as WiFi and mobile data connectivity. The team's researchers installed a specific piece of malicious software on the target computer and the mobile phone. Once this particular malware was successfully installed, it could extract the data from the target computer through electromagnetic waves naturally emitted by the computer. There are only three tools needed to implement the above technologies: GSM networks, a common low-end mobile phone, and electromagnetic waves. (Click to read the original Secret: What "hacking" has in the hacking technology)

Second, look at the KO fan sister, the world's most expensive hackers Jeff Moss more cool

If you say that the hacking KO in "Laughing Allure" has captured your heart with his handsome face, superb hacking techniques, and people's cooking skills, then Jeff Moss should be your dish. In addition to being the founder of hacking and two global hacking events, Jeff Moss is a consultant to the US Department of Homeland Security Advisory Committee and chief security officer of ICANN (Internet Name and Number Assignment Authority).

In 2009, Jeff Moss joined the Homeland Security Advisory Committee;

On April 28, 2011, Jeff Moss was appointed chief security officer by ICANN;

In July 2012, Secretary of State Janet Napolitano issued an order, and the Homeland Security Advisory Committee established a network technology task force to respond to the growing demand for cyber security in industry, academia, and government. Jeff Moss is the joint chairman of the task force;

In 2013, Jeff Moss announced his departure from ICANN before the end of 2013;

In 2013, Jeff Moss was appointed Visiting Senior Fellow of the Atlantic Council of the United States Think Tank;

In 2014, Jeff Moss joined the Georgetown University Law School Cyber ​​Security Advisory Committee.

Jeff Moss pulled the wind even filmed, he played himself in a 2012 hacking documentary "Code 2600". In 2013, Jeff Moss also produced DEF CON’s documentary as an executive producer. (Click to read the original text is still screen KO? The world's most expensive hackers Jeff Moss more cool)

Third, Baidu security how to "dead" pseudo base station

When you are on the road, your phone suddenly receives a text message from a strange mobile phone:

Hello brother, I have a difficult family sister, my mother is sick. She wanted to use her first time for the mother's medical expenses, hoping that a good-hearted brother could help her .

You just walked out of the Agricultural Bank of China. The phone received a message from 95599:

Our bank will deduct 1920 yuan from your account today. If you have any questions, please contact: 400XXXXXXX Agricultural Bank of China.

You sit at home and your mobile phone receives a text message from 95588:

Dear ICBC user: Your mobile bank has already fulfilled the cash gift package of RMB 4690. Please log in at http://9558onz.com to collect it.

This information or temptation, or consternation. However, their role is only one: to accelerate your heartbeat through a string of text, and then take the initiative to follow the message prompts and get in touch with each other.



A “professional” who “pursues” has the following two characteristics:

1, can forge any signal code, so that the defrauder is convinced.

2. Fraud messages can be issued on a large scale to ensure that the base of “prey” is large enough.

Pseudo base stations are an excellent choice for them. These devices are often placed in the trunk of the car, or even in people's backpacks, and send these “scam entrances” to nearby mobile phones—scam messages.

How do you know that a mobile phone has entered a pseudo base station?

Here also needs a simple science:

Each base station contains four sets of digital "identity information". The first two groups define the operator's network. The latter two groups define the location of the base station. The location information of each base station can be found based on these four groups of numbers.

Huang Zheng, head of X-Team at Baidu's security lab, said that the current pseudo-base station does not have such a high level of intelligence. It is just a “fool” device. It will not accurately simulate the ID of the real base station. Location information is often random.

As a result, there are the following methods:

If you monitor the cell phone's base station parameters, the last second is still in Haidian, Beijing, and the next second, it will go to Guangzhou, then it is very likely that the cell phone has been "captured" by the pseudo base station.

Use the GPS, Wi-Fi and other signals on the mobile phone to check the location of the base station. If the base station's ID information shows that it should be in Beijing, but the positioning of the mobile phone is clearly in Xi'an, it is very likely that the base station is an illegal "knockoff cargo."

(Click to read the article Baidu security how "dead" pseudo base station?)

Four, deep learning how to identify a cup of urine, oh no, detect malware

You have an incomprehensible enemant who lives with you (this situation is easy to find in the co-tenant army). He puts a bottle of unknown liquid like water on the table.

You came in. Tired, hot and thirsty. You picked up the bottle of liquid. You carefully analyzed the substance, shape, and volume. You used your previous struggle experience to judge again. Then you made the right choice with confidence. Perfectly. Dodged this prank—a bottle of 100% pure urine.

If I place this bottle of water-like thing under a conventional computer vision module, it can easily identify its components. If I owe my hand, I have to grab the bottle and try again. Due to the glorious appearance of the fingers, the traditional computer vision module suddenly cannot be identified. However, if I smartly upgrade the system and add an artificial intelligence module, the so-called deep learning technology, this bottle of liquid can be recognized even if my fingers come out. This is the benefit of deep learning with small changes—even if only part of the data can be read, most of the images are masked and correctly identified.

Network security is similar to image recognition. More than 99% of new threats and malware actually originate from minor "mutations" of previously existing threats and malware. It is said that even the 1% of completely new new threats and malware are just a large number of "mutations" of the existing crisis. However, despite this, even the most cutting-edge network security technologies that use dynamic analysis and traditional machine learning are encountering numerous difficulties in detecting large amounts of new malware. As a result, businesses and organizations are vulnerable to data leakage. , data theft, malware seizure and data corruption.

In true environmental testing of endpoints based on publicly known databases, the detection rates of mobile and APT malware are also significant. For example, deep learning-based solutions have detected and recognized more than 99% of large and slightly modified malicious code. (Click to read the original If deep learning can identify a cup of urine, then it can also be used to identify malware)

V. Secret Secret Spying Model "The Eye of Sauron"

The Eye of Sauron is not just a hacker organization but a top-level spy model platform with sophisticated technology.

The main attack task of Sauron Eye is to obtain encrypted communication information. Attackers use a highly modular, networked spy platform that incorporates a large number of different tools and technologies, and can allow spyware hackers to use the above tools as they wish. The attack strategy used on the platform mainly has the following features:

Customize the implants and infrastructure for each specific target on offense;

Never recycle attack tools;

It is usually a secret and long-term spying on the target network.

From the report of Kaspersky Lab, you can find out the attack tools and techniques used by Sauron Eye's actions are as follows:

Unique digital footprint: Core implants have different file names and sizes, and are tailored to each target - making it difficult to detect because a target infection trace has little value for other targets.

Running in memory: The core implanter uses the upgrade script for legitimate software, which runs in memory in the form of a later program, receives instructions from the attacker, downloads the latest module, or executes commands.

Preferential encrypted communication: Sauron’s eye actively searches for information on very rare custom network encryption software. This kind of server/client software is widely used by many target enterprises for secure communication, language communication, email transmission and document exchange. The attacker is interested in encrypting software components, keys, and configuration files. It also collects the geographical location of servers that relay encrypted information between nodes.

Script-based flexibility: Sauron Eye deploys a series of low-level tools that are carefully crafted with high-level LUA scripts. The use of LUA components in malware is very rare and has previously only occurred in the Flame and Animal Farm attacks.

Bypassing the isolation gate: The Sauron Eye uses a specially-designed USB disk to bypass the isolation gate. These USB flash drives contain hidden space where users save and hide stolen data.

A variety of data theft mechanisms: Sauron Eye deploys multiple ways to steal data, including legitimate channels such as e-mail and DNS, disguising the information stolen by victims as daily traffic. (Click to read original Secret: China's top cyber spy "Sorren Eye")


House guest Letshome

Lei Feng network (search "Lei Feng network" public number concerned) 's industry coverage of the public number.

Focus on pioneering technology and tell the story behind hackers.

L Series Lead Acid Battery

L Series Lead Acid Battery,Custom Valve Regulated Battery,12V 38Ah Battery,12V 65Ah Lead Acid Battery

Wolong Electric Group Zhejiang Dengta Power Source Co.,Ltd , https://www.wldtbattery.com