backdoors | Breaking Cybersecurity News | The Hacker News

Do you own an Android smartphone? You could be one of those 700 Million users whose phone is secretly sending text messages to China every 72 hours. You heard that right. Over 700 Million Android smartphones contain a secret 'backdoor' that surreptitiously sends all your text messages, call log, contact list, location history, and app data to China every 72 hours. Security researchers from Kryptowire discovered the alleged backdoor hidden in the firmware of many budget Android smartphones sold in the United States, which covertly gathers data on phone owners and sends it to a Chinese server without users knowing. First reported on by the New York Times on Tuesday, the backdoored firmware software is developed by China-based company Shanghai AdUps Technology, which claims that its software runs updates for more than 700 Million devices worldwide. Infected Android Smartphone WorldWide Moreover, it is worth noting that AdUps provides its software to much larger ha

OpenX, a leading provider of digital and mobile advertising technology has accordingly served backdoors that are injected into the Code and allows hackers to control over your Web server. German tech site the Heise notified Germany's computer emergency response team (CERT) this week about the OpenX Ad Server (2.8.10) backdoor, allowing an attacker to execute any PHP code via the "eval" function  and could have provided attackers full access to their web sites. The OpenX team has confirmed the breach  and OpenX senior application security engineer Nick Soracco said that two files in the binary distribution of 2.8.10 had been replaced with modified files that contained a remote code execution vulnerability . The attack code is written in PHP but is hidden in a JavaScript file that is part of a video player plugin ( vastServeVideoPlayer ) in the OpenX distribution. This vulnerability only applies to the free downloadable open source product, OpenX Source.

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

US CERT warn about Some Samsung printers, including models the Korean company made for Dell, have a backdoor administrator account coded into their firmware. This hard coded admin account in firmware could enable attackers to change their configuration, read their network information or stored credentials and access sensitive information passed to them by users. Screenshot Even if SNMP is disabled, this " backdoor administrator account " is still active and could be used by an attacker to access the printer. SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices. US-CERT did not provide a list with the exact printer models affected by the issue, but said that, according to Samsung, models released after Oct. 31, 2012, are not vulnerable. As for the Dell model, Samsung builds Dell printers such as the B1160w modeled after Samsung's ML-2165W compact all-in-one printer. It's unclear what other Dell b

Antivirus company Symantec has detected a malicious campaign in which hackers managed to deceive thousands of people allegedly signed by a paid proxy service. They expose that hundreds of thousands of users signing up for a cheap and supposedly legitimate proxy service have ended up downloading malware and being ensnared into a botnet. Three months ago, Symantec researchers started an investigation into a piece of malware called Backdoor.Proxybox that has been known since 2010, but has shown increasing activity recently. " The malware is Backdoor.Proxybox, and our investigation has revealed an entire black hat operation, giving us interesting information on the operation and size of this botnet, and leading us to information that may identify the actual malware author ," Symantec. The service - ProxyBox - supposedly provides access to its entire list of thousands of proxies for only $40 a month, which is obviously too cheap a price for the provider to break eve