Enlarge (credit: Getty Images) Dozens of legitimate WordPress add-ons downloaded from their original sources have been found backdoored through a supply chain attack, researchers said. The backdoor has been found on “quite a few” sites running the open source content management system. The backdoor gave the particular attackers full administrative control of websites that used […]
Enlarge (credit: Jeremy Brooks / Flickr) Researchers have uncovered a never-before-seen backdoor written from scratch for systems running Windows, macOS, or Linux that remained undetected by virtually all malware scanning engines. Researchers from security firm Intezer said they discovered SysJoker—the name they gave the backdoor—on the Linux-based Webserver of a “leading educational institution.” As the […]
Enlarge (credit: Jeremy Brooks / Flickr) A US federal agency has been hosting a backdoor that can provide total visibility into and complete control over the agency network, and the researchers who discovered it have been unable to engage with the administrators responsible, security firm Avast said on Thursday. Avast didn’t identify the agency other […]
Enlarge (credit: KiwiSDR) A spectrum painted image made using KiwiSDR. (credit: xssfox) KiwiSDR is hardware that uses a software-defined radio to monitor transmissions in a local area and stream them over the Internet. A largely hobbyist base of users do all kinds of cool things with the playing-card-sized devices. A user in, say, Manhattan can […]
Enlarge (credit: Getty Images) As many as 29,000 users of the Passwordstate password manager downloaded a malicious update that extracted data from the app and sent it to an attacker-controlled server, the app maker told customers. In an email, Passwordstate creator Click Studios told customers that bad actors compromised its upgrade mechanism and used it […]
Enlarge (credit: Getty Images) High-performance computer networks, some belonging to the world’s most prominent organizations, are under attack by a newly discovered backdoor that gives hackers the ability to remotely execute commands of their choice, researchers said on Tuesday. Kobalos, as researchers from security firm Eset have named the malware, is a backdoor that runs […]
Enlarge (credit: Zyxel) Hackers are attempting to exploit a recently discovered backdoor built into multiple Zyxel device models that hundreds of thousands of individuals and businesses use as VPNs, firewalls, and wireless access points. The backdoor comes in the form of an undocumented user account with full administrative rights that’s hardcoded into the device firmware, […]
Expand (charge: Xplora) A favorite smartwatch made specifically for kids includes an undocumented backdoor which makes it feasible for a person to remotely catch camera snapshots, wiretap voice calls, and monitor places in real time, a researcher stated. The X4 smartwatch is promoted by Xplora, a Norway-based vendor of watches. The device, which retails for […]