HackDig : Dig high-quality web security articles for hacker

Dozens of Sony cameras affected by a secret backdoor

Many Sony cameras could be hijacked by hackers and infected with Mirai-like malware due to the presence of a sort of secret backdoor. Sony has closed a sort of debug backdoor that was spotted in 80 web-connected surveillance cameras. The hardcoded logins in the firmware of the Sony cameras can be exploited to hijack the devices and open the doors to Mirai li
Publish At:2016-12-07 15:45 | Read:1109 | Comments:0 | Tags:Breaking News Hacking backdoors CCTV Mirai Sony Cameras

Got 15 minutes to kill? Why not root your Christmas gift?

By Tao SauvageTP-LINKNC200 and NC220 Cloud IP Cameras, which promise to let consumers “see there,when you can’t be there,” are vulnerable to an OS command injection in the PPPoEusername and password settings. An attacker can leverage this weakness to get aremote shell with root privileges. Thecameras are being marketed for surveillance, ba
Publish At:2016-11-19 20:15 | Read:1157 | Comments:0 | Tags:authentication backdoors cloud firmware analysis firmware ha

Crypto flaw made it easy for attackers to snoop on Juniper customers

As if people didn't already have cause to distrust the security of Juniper products, the networking gear maker just disclosed a vulnerability that allowed attackers to eavesdrop on sensitive communications traveling through customers' virtual private networks.In an advisory posted Wednesday, Juniper officials said they just fixed a bug in the company's Junos
Publish At:2016-07-15 09:45 | Read:1855 | Comments:0 | Tags:Risk Assessment Technology Lab backdoors cryptography encryp

After hiatus, in-the-wild Mac backdoors are suddenly back

After taking a hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was,
Publish At:2016-07-07 00:40 | Read:1464 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

Why Tim Cook is right to call court-ordered iPhone hack a “backdoor”

Tuesday's court order compelling Apple to hack the iPhone belonging to a gunman who killed 14 people and injured 22 others has ignited an acrimonious debate. CEO Tim Cook called the order "chilling" because, he said, it requires company engineers to create the equivalent of a backdoor that could be used against any iPhone. Law enforcement officials, meanwhil
Publish At:2016-02-17 22:55 | Read:1080 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment backdoors Crack

New report contends mandatory crypto backdoors would be futile

An estimated 63 percent of the encryption products available today are developed outside US borders, according to a new report that takes a firm stance against the kinds of mandated backdoors some federal officials have contended are crucial to ensuring national security.The report, prepared by security researchers Bruce Schneier, Kathleen Seidel, and Sarany
Publish At:2016-02-11 22:10 | Read:773 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab backdoors cryp

Crypto flaw was so glaring it may be intentional eavesdropping backdoor

An open source network utility used by administrators and security professionals contains a cryptographic weakness so severe that it may have been intentionally created to give attackers a surreptitious way to eavesdrop on protected communications, its developer warned Monday.Socat is a more feature-rich variant of the once widely used Netcat networking serv
Publish At:2016-02-02 21:10 | Read:1440 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Uncategorized

Phone crypto scheme “facilitates undetectable mass surveillance”

A security scheme that Britain's spy agency is promoting for encrypting phone calls contains a backdoor that can be accessed by anyone in possession of a master key, according to an analysis published Tuesday by a security expert at University College in London.The MIKEY-SAKKE protocol is a specification based on the Secure Chorus, an encryption standard for
Publish At:2016-01-21 01:45 | Read:666 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab backdoors encr

Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears

Less than a month after Juniper Network officials disclosed an unauthorized backdoor in the company's NetScreen line of firewalls, researchers have uncovered highly suspicious code in older software from Juniper competitor Fortinet.Further ReadingJuniper drops NSA-developed code following new backdoor revelationsResearchers contradict Juniper claim that Dual
Publish At:2016-01-12 18:50 | Read:1053 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab backdoors eave

Juniper drops NSA-developed code following new backdoor revelations

Juniper Networks, which last month made the startling announcement its NetScreen line of firewalls contained unauthorized code that can surreptitiously decrypt traffic sent through virtual private networks, said it will remove a National Security Agency-developed function widely suspected of also containing a backdoor for eavesdropping.Further ReadingHow the
Publish At:2016-01-10 12:35 | Read:1032 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab backdoors cryp

Dutch Government Embraces Encryption, Denounces Backdoors

While the “Going Dark” debate over encryption standards rages on here in the ­­United States, government officials in the Netherlands this week released a statement that actually calls for stronger encryption and rejects backdoors entirely.On Monday officials said, citing respect for privacy and confidentiality, they were staunchly opposed to aga
Publish At:2016-01-06 03:20 | Read:1167 | Comments:0 | Tags:Government Privacy Backdoors dutch Encryption Netherlands

Juniper Backdoor Picture Getting Clearer

The NSA’s subversion of encryption standards may have come home to roost.As more eyes examine the Juniper backdoor in ScreenOS, the operating system standing up its NetScreen VPNs, it’s becoming clear that someone backdoored the NSA backdoor in Dual_EC_DRBG, opening the door to passive decryption of any VPN traffic moving through a NetScreen gate
Publish At:2015-12-22 19:45 | Read:875 | Comments:0 | Tags:Vulnerabilities Cryptography Government Encryption vulnerabi

German Government Audits TrueCrypt

TrueCrypt continues to fascinate even though it hasn’t been updated in more than a year and has been cleared of backdoors in more than one extensive audit.The German government’s Federal Office for Information Security (BIS) is the latest to inspect and analyze the security of the abandoned open source disk encryption software and once again, it
Publish At:2015-11-21 04:15 | Read:872 | Comments:0 | Tags:Cryptography Privacy Vulnerabilities Backdoors Crypto Encryp

Nested backdoor affects 600,000 Arris cable modems

A Brazilian security researcher has discovered a nested backdoor affecting nearly 600,000 Arris cable modems. Arris is working to fix it. The Security expert Bernardo Rodrigues (@bernardomr) has discovered the presence of a “backdoor-within-a-backdoor” in roughly 600,000 Arris cable modems. Rodrigues is a vulnerabi
Publish At:2015-11-20 10:50 | Read:932 | Comments:0 | Tags:Breaking News Hacking Arris cable modems backdoors

FBI official: It’s America’s choice whether we want to be spied on

FBI General Counsel James Baker today spoke about how encryption is making it increasingly difficult for law enforcement agencies to conduct surveillance. While the FBI has previously argued in favor of backdoors that let authorities defeat encryption, Baker said the issue must ultimately be decided by the American people.“We are your servants,” Baker said.
Publish At:2015-11-05 06:35 | Read:793 | Comments:0 | Tags:Law & Disorder Risk Assessment backdoors encryption fbi jame

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud