Security News
The financial services sector in the U.S. found itself under a barrage of cyberattacks last month, all bent on delivering a powerful backdoor called Minebridge. The term refers to "The manipulation of Office documents where the source code of a macro is made to mismatch the pseudo-code of the document," according to FireEye.
CCTV equipment maker Xiongmai effectively built a poorly hidden, insecure backdoor into potentially millions of surveillance devices, it is claimed. A hardware probester going by the name of Vladislav Yarmak alleged this week that China-based Xiongmai - best known for its wide-open security cameras - left a remote debugging and management tool in its firmware, which is used in network-connected surveillance video recorders.
The China-linked threat group tracked as Winnti was observed using a new variant of the ShadowPad backdoor in recent attacks targeting Hong Kong universities, ESET's security researchers report. One month later, the security researchers discovered a new campaign run by the Chinese hackers, targeting two Hong Kong universities with a new variant of the ShadowPad backdoor, the group's flagship tool.
More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still having an impact on the modern encryption debate. Known as Clipper, the encryption chipset developed and championed by the US government only lasted a few years, from 1993 to 1996.
Apple ditched plans to fully encrypt its iCloud backups two years ago after being pressured by the FBI, it is claimed. Under this plan, Apple would no longer have the key to unlock encrypted data, meaning it would no longer be able provide decrypted backups of its users to the authorities, even under court order.
A threat group targeting the recently disclosed critical vulnerability in Citrix Application Delivery Controller is installing their own backdoor while cleaning up other malware infections and blocking others from exploiting the vulnerability, FireEye has discovered. Tracked as CVE-2019-19781, the vulnerability impacts Citrix ADC and Gateway products.
The cybercriminals behind the TrickBot malware, who are believed to be based in Russia, have been using a new PowerShell backdoor in recent attacks aimed at high-value targets, SentinelLabs revealed on Thursday. Called PowerTrick, the recently discovered backdoor is being deployed, at least in some cases, as a PowerShell task through normal TrickBot infections.
The Russian-speaking cybercriminals behind the TrickBot malware have developed a stealthy backdoor dubbed "PowerTrick," in order to infiltrate high-value targets. The malware operators send the first command, which is to download the main PowerTrick backdoor.
Back in 1998, Tim May warned us of the "Four Horsemen of the Infocalypse": "terrorists, pedophiles, drug dealers, and money launderers." I tended to cast it slightly differently. This is me from...
Idiocy runs amok at multinational cop agency Multinational police agency Interpol is due to say that tech companies deploying strong encryption helps paedophiles – unless they build backdoors for...