Cybersecurity researchers have disclosed a new backdoor program capable of stealing user login credentials, device information and executing arbitrary commands on Linux systems. The malware dropper has been dubbed "Facefish" by Qihoo 360 NETLAB team owing its capabilities to deliver different rootkits at different times and the use of Blowfish cipher to encrypt communications … [Read more...] about Researchers Warn of Facefish Backdoor Spreading Linux Rootkits
backdoor
Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a software supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update mechanism and used it to drop malware on user computers. The breach is said to … [Read more...] about Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
Cisco Secure Workload Immediate Actions in Response to “SUNBURST” Trojan and Backdoor
Background The SUNBURST trojan and backdoor, as dubbed by FireEye researchers, that has compromised multiple U.S. Government systems recently, highlights the complexity and connectedness of the modern enterprise IT environment as a security weakness. Recent reporting makes clear that the adversary took advantage of software complexity to deliver a highly refined attack … [Read more...] about Cisco Secure Workload Immediate Actions in Response to “SUNBURST” Trojan and Backdoor
Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products
Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583 (CVSS score 7.8), affects version 4.60 present in wide-range of Zyxel devices, including Unified … [Read more...] about Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products
New Evidence Suggests SolarWinds’ Codebase Was Hacked to Inject Backdoor
The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates is still underway, but we may be one step closer to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack. A new report published by ReversingLabs today and shared in advance with The Hacker … [Read more...] about New Evidence Suggests SolarWinds’ Codebase Was Hacked to Inject Backdoor
US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA), and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The Washington Post, citing unnamed sources, said the latest attacks were the work of APT29 … [Read more...] about US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor
A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research."To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure," Israeli cybersecurity … [Read more...] about Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor
Critical Bugs and Backdoor Found in GeoVision’s Fingerprint and Card Scanners
GeoVision, a Taiwanese manufacturer of video surveillance systems and IP cameras, recently patched three of the four critical flaws impacting its card and fingerprint scanners that could've potentially allowed attackers to intercept network traffic and stage man-in-the-middle attacks.In a report shared exclusively with The Hacker News, enterprise security firm Acronis said it … [Read more...] about Critical Bugs and Backdoor Found in GeoVision’s Fingerprint and Card Scanners
PhantomLance Android backdoor on Google Play
Last July, our colleagues at Doctor Web detected a Trojan backdoor on Google Play. Such discoveries are not exactly an everyday occurrence, but they’re hardly unheard of — researchers do find Trojans on Google Play, sometimes hundreds at a time. This Trojan, however, was surprisingly sophisticated for malware found on Google Play, so our experts decided to dig deeper. They … [Read more...] about PhantomLance Android backdoor on Google Play
Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers.Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly … [Read more...] about Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers