Category: backdoors

Auto Added by WPeMatico

Communications Backdoor in Chinese Power Inverters

Posted on By infossl
backdoors, china, infrastructure, power, Security technology, Uncategorized

This is a weird story: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. […] Over the past nine months, undocumented communication devices, including cellular radios, have … Read More “Communications Backdoor in Chinese Power Inverters” »

More Countries are Demanding Backdoors to Encrypted Apps

Posted on By infossl
backdoors, encryption, france, Security technology, sweden, Uncategorized

Last month, I wrote about the UK forcing Apple to break its Advanced Data Protection encryption in iCloud. More recently, both Sweden and France are contemplating mandating backdoors. Both initiatives are attempting to scare people into supporting backdoors, which are—of course—are terrible idea. Also: “A Feminist Argument Against Weakening Encryption.” Powered by WPeMatico

Thousands of WordPress Websites Infected with Malware

Posted on By infossl
backdoors, malware, Security technology, Uncategorized, web

The malware includes four separate backdoors: Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users. The four … Read More “Thousands of WordPress Websites Infected with Malware” »

An iCloud Backdoor Would Make Our Phones Less Safe

Posted on By infossl
apple, backdoors, encryption, Security technology, uk, Uncategorized

Last month, the UK government demanded that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government … Read More “An iCloud Backdoor Would Make Our Phones Less Safe” »

Australia Threatens to Force Companies to Break Encryption

Posted on By infossl
australia, backdoors, crypto wars, encryption, laws, Security technology, Uncategorized

In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the power to force companies to break their own encryption. The Assistance and Access Act includes key components that outline investigatory powers between government and industry. These components include: Technical Assistance Requests (TARs): TARs are voluntary requests for assistance accessing encrypted … Read More “Australia Threatens to Force Companies to Break Encryption” »

Supply Chain Attack against Courtroom Software

Posted on By infossl
backdoors, courts, Security technology, supply chain, Uncategorized

No word on how this backdoor was installed: A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is … Read More “Supply Chain Attack against Courtroom Software” »

Other Attempts to Take Over Open Source Projects

Posted on By infossl
backdoors, open source, Security technology, social engineering, Uncategorized

After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular … Read More “Other Attempts to Take Over Open Source Projects” »

Backdoor in XZ Utils That Almost Happened

Posted on By infossl
backdoors, cybersecurity, economics of security, hacking, linux, malware, open source, Security technology, social engineering, ssh, Uncategorized

Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the global internet depends on countless obscure pieces … Read More “Backdoor in XZ Utils That Almost Happened” »