Popular D-Link Router Riddled with Vulnerabilities
D-Link router model 850L has 10 vulnerabilities that could allow a hacker to gain remote access and control of device, according to researcher. Source: www.threatpost.com
Backdoor
Bugs in Arris Modems Distributed by AT&T Vulnerable to Trivial Attacks
Trivially exploitable vulnerabilities in several Arris home modems, routers and gateways distributed to consumers and small businesses through AT&T’s U-verse service have been discovered. Source: www.threatpost.com
Attackers Backdoor Another Software Update Mechanism
Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad. Source: https://threatpost.com
macOS Fruitfly Backdoor Analysis Renders New Spying Capabilities
This week at Black Hat, Mac malware expert Patrick Wardle will describe how he used a custom-built command and control server to analyze new spying capabilities in a variant of the FruitFly backdoor. Source: https://threatpost.com
New research reveals businesses under threat from employees’ poor cyber security at home, opening the back-door for cyber criminals
Following new research by T-Systems (www.t-systems.co.uk), the corporate IT and cyber security arm of Deutsche Telekom, (one of the world’s largest telecoms companies), is warning businesses and other organisations that when employees work from home, poor domestic cyber security is creating an open back door into their networks for hackers. T-Systems is encouraging businesses to establish comprehensive training and procedures to prevent their security being unexpectedly, but avoidably, compromised…
NSA’s EternalBlue Exploit Ported to Windows 10
Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack. Source: www.threatpost.com
Hikvision Patches Backdoor in IP Cameras
Hikvision recently patched a backdoor in a slew of its cameras that could have made it possible for a remote attacker to gain full admin access to affected devices. Source: https://threatpost.com
Threatpost News Wrap, March 10, 2017
Mike Mimoso and Chris Brook discuss the news of the week including a rash of new IP camera backdoors, James Comey’s talk at Boston College, hacking back vs. active defense, and the DOJ dropping one of its Playpen cases. Download: Threatpost_News_Wrap_March_10_2017.mp3 Music by Chris Gonsalves Source: www.threatpost.com
Dahua Patching Backdoor in DVRs, IP Cameras
A California firm is rushing to patch a backdoor that apparently exists in a host of DVRs, CCTV and IP cameras it manufactures. Engineers with Dahua Technology USA began pushing firmware updates for the issue on Monday, something the company says stems from “a small piece of code.” The company said its security team is continuing to investigate other models it produces and will provide updates for any affected devices as they…
Why WhatsApp’s ‘Backdoor’ Isn’t a Backdoor
Accusations that WhatsApp has a backdoor intended for eavesdropping on user messages is being loudly rebuked by Facebook-owned WhatsApp and Open Whisper Systems, the company that developed the underlying encryption technology for the platform. Dismissal of the published claims by The Guardian are also coming from others in the security and crypto communities who say the allegations are outrageous. “I do not assess the issues with WhatsApp to constitute a backdoor,”…