Items tagged with backdoor

Over the past few months, we’ve witnessed the Mirai botnet wreak havoc with IoT devices like consumer webcams, DVRs and security cameras. These often budget-minded devices were often equipped with insecure software or employed security countermeasures that were easily overpowered. However, we’re learning today that it isn’t just cheap consumer devices that are susceptible to attacks — even high-end equipment can be compromised if a hacker has enough motivation to dig for exploits. Such is the case with Sony’s professional grade IPELA Engine IP cameras. According to SEC Consult, a backdoor was found... Read more...
It’s another day, and another backdoor Android exploit has been discovered. Last week, we brought you news of a secret backdoor installed on a number of budget Android devices that was beaming personal information (test messages, phone numbers, contacts) to servers in China. Today, we’re learning of another exploit that once again targets low-cost Android smartphones. At the center of the discussion this time around is the Ragentek firmware used on a number of Android smartphones. Researchers from BitSight Technologies discovered two internet domains that were hardwired into the firmware.... Read more...
2016 is going to be remembered for a number of fortunate and unfortunate things, with one topic that falls into the latter category being the debacle of U.S. law enforcement vs. Apple. The FBI and other US federal agencies have made it no secret that they would like to be able to gain access to any smartphone if the need arises - something that anyone who cares even remotely about their privacy shouldn't be okay with. In the months that followed, the FBI somehow managed to break into an iPhone 5C without any help from Apple. And while it's not clear if the agency is able to pull that off on more... Read more...
Microsoft Chief Legal Officer Brad Smith is no fan of the FBI’s efforts to bypass encryption protocols in order to unlock smartphones. Smith’s thoughts on the matter were made even more clear today while speaking at the annual RSA Conference which is held in San Francisco, California. In fact, Smith offered his most blunt criticism of the FBI’s use the courts to get what it wants. “When it comes to security, there is no technology as important as encryption,” said Smith. “Despite the best of intentions, one thing is clear: The path to hell starts at the backdoor. We need to make sure encryption... Read more...
U.S. President Barack Obama is getting a little hot under the collar, and we’re not talking about the speech that Israeli Prime Minister Benjamin Netanyahu gave this morning. Instead, President Obama is troubled over new regulations that are being proposed by the Chinese government, which would affect American tech companies that conduct business within China’s borders. President Obama is fearful that China’s plans — which include allowing the Chinese government to install security backdoors, requiring companies to hand over encryption keys, and keeping user data on Chinese soil — are an assault... Read more...
Chinese OEMs are stepping up their game in the smartphone sector. Companies like Huawei and Xiaomi have bolstered their share of the market, with the latter booting Samsung out of first place in China. One Chinese OEM, however, is looking to expand its presence in the smartphone world while at the same time partaking in nefarious acts. Palo Alto Networks has discovered that Chinese OEM Coolpad has been installing a backdoor called “CoolReaper” on the millions of smartphones that it sells around the globe. Coolpad has taken additional steps to ensure that its CoolReaper backdoor goes undetected... Read more...
A hacker (“Craig”) on a site devoted to embedded device hacking posted a lengthy entry detailing how he, on a whim and armed with boredom and too much Shasta cola, reverse-engineered a firmware update and found a backdoor to certain D-Link routers that allows one to access the devices’ web interface by bypassing authentication. Once you’ve bypassed the authentication process, you can change or access any of the router’s settings. For obvious reasons, this is a serious security problem. This happens if your browser has a certain user agent string. “This is performing... Read more...
While many have dogmatically adhered to the idea that Macs are impervious to malware, some experts have been warning that it was only a matter of time before the Apple systems were hit with significant bugs. Findings like the one from Doctor Web late yesterday confirm that indeed, the malware threat looms large for Mac users. According to Doctor Web, a Russian antivirus vendor, 600,000 Macs were part of the BackDoor.Flashback.39 botnet. (Originally, the company reported the number at 550,000, but a Twitter post later upped it to over 600,000.) The Flashback Trojan isn’t especially new; variants... Read more...
Intuit, maker of Quicken products, started using a "strong encryption" method in 2003, but apparently a backdoor has been found that might compromise passwords: "A Russian firm that provides password-recovery services says it has found a backdoor in the encryption mechanism that Quicken uses to secure password-protected files, a feature that makes millions of users of the personal finance program more vulnerable to government spooks or other highly determined snoops." Luckily the security hole is one that requires a lot of resources to compromise, so it's unlikely that a common script kiddie... Read more...