10.1 C
London
Monday, October 23, 2017
Home Tags Backdoor

Tag: Backdoor

backdoor is a method, often secret, of bypassing normal authentication in a product, computer system, cryptosystem or algorithm etc. Backdoors are often used for securing unauthorized remote access to a computer, or obtaining access to plaintext in cryptographic systems.

A backdoor may take the form of a hidden part of a program, a separate program (e.g. Back Orifice may subvert the system through a rootkit), or may be a hardware feature. Although normally surreptitiously installed, in some cases backdoors are deliberate and widely known. These kinds of backdoors might have “legitimate” uses such as providing the manufacturer with a way to restore user passwords.

Default passwords can function as backdoors if they are not changed by the user. Some debugging features can also act as backdoors if they are not removed in the release version.

In 1993 the United States government attempted to deploy an encryption system, the Clipper chip, with an explicit backdoor for law enforcement and national security access. The chip was unsuccessful internationally and in business.

Facebook has begun offering broad access to RacerD, a tool intended to tackle the longstanding problem of race conditions in software.RacerD had been available as a prototype, accessible in Facebookrsquo;s open source code base only through a series of backdoor options, said codeveloper Sam Blackshear, a Facebook research scientist. Now, the tool will run by default in Facebookrsquo;s open source Infer static analysis tool for bug detection.
Initially, RacerD is available only for Java code.

But plans call for expanding coverage to other languages, including C++.[ The new Java versions are here! Learn everything you need to know about whatrsquo;s new in Java SE 9 and whatrsquo;s new in Java EE 8. | The big 4 Java IDEs reviewed: See how Eclipse, NetBeans, JDeveloper, and IntelliJ IDEA stack up. | Keep up with hot topics in programming with InfoWorldrsquo;s App Dev Report newsletter. ]With race conditions, overlapping processes trying to access the same data concurrently can cause conflicts in programs.

These concurrency errors can be difficult to debug or even reproduce. “This has really been a hard problemrdquo; in computing for about 50 years, said Peter Orsquo;Hearn, a research scientist on the Infer team and co-author of RacerD.To read this article in full or to leave a comment, please click here
Sophisticated backdoor re-emerges as a RAT more than a decade after its 2004 public release, with updated advanced malicious functionality.
The malware affects Windows 7 and up to Windows 8.1, the researchers confirmed.
In May 2017, Kaspersky Lab researchers discovered a forum post advertising ATM malware that was targeting specific vendor ATMs.

The forum contained a short description of a crimeware kit designed to empty ATMs with the help of a vendor specific API, without interacting with ATM users and their data.

The price of the kit was 5000 USD at the time of research.
While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list – Backdoor.Win32.ATMii.
Two members of Avast's threat intelligence team shared new information about the CCleaner backdoor attack.
The 2017 VirusBulletin conference is upon us and, as in previous years, wersquo;re taking the opportunity to dive into an exciting subject, guided by our experience from doing hands-on APT research.

This year we decided to put our heads together to understand the implications that the esoteric SIGINT practice of fourth-party collection could have on threat intelligence research.
Judge agrees with FBI that national security trumps the public's right to know.
The critical Linux vulnerability is exploited on Android 1 year after coming to light.
Samsung, Asus, Fujitsu, Sony, and Intel among those infected.
Microsoft, Cisco, and VMWare among those infected with additional mystery payload.
The backdoor discovered in Avast's CCleaner targeted top tech companies including Google, Microsoft, Samsung, Sony, VMware, and Cisco.