15.2 C
London
Monday, August 21, 2017
Home Tags Backdoor

Tag: Backdoor

backdoor is a method, often secret, of bypassing normal authentication in a product, computer system, cryptosystem or algorithm etc. Backdoors are often used for securing unauthorized remote access to a computer, or obtaining access to plaintext in cryptographic systems.

A backdoor may take the form of a hidden part of a program, a separate program (e.g. Back Orifice may subvert the system through a rootkit), or may be a hardware feature. Although normally surreptitiously installed, in some cases backdoors are deliberate and widely known. These kinds of backdoors might have “legitimate” uses such as providing the manufacturer with a way to restore user passwords.

Default passwords can function as backdoors if they are not changed by the user. Some debugging features can also act as backdoors if they are not removed in the release version.

In 1993 the United States government attempted to deploy an encryption system, the Clipper chip, with an explicit backdoor for law enforcement and national security access. The chip was unsuccessful internationally and in business.

A newly discovered dropper for the KopiLuwak backdoor suggests that the Turla group is back at it again, Proofpoint says.
“Profexor” turns self in to Ukrainian authorities, assists FBI in DNC hack investigation.
The NetSarang server software is used by hundreds of companies worldwide.
Do you use this suite? If yes: A July 18 update screwed over your security Researchers at Kaspersky Lab have found a well-hidden backdoor in NetSang's server management software.…
ShadowPad backdoor found embedded in a software product used by major organizations around the globe to manage their Linux, Windows, and Unix servers.
Advanced ShadowPad malware lurked in digitally signed products sold by NetSarang.
Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.
In July 2017, during an investigation, suspicious DNS requests were identified in a partnerrsquo;s network.

The source of the queries was a software package produced by NetSarang. Our analysis showed that recent versions of the software had been surreptitiously modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker.

IT threat evolution Q2 2017

The threat from ransomware continues to grow.

Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers.
In May, we saw the biggest ransomware epidemic in history, called WannaCry.
According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world.

APT Trends report Q2 2017

Since 2014, Kaspersky Labrsquo;s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors.