#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: telnet

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Sep 07, 2015
Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an " undocumented Telnet services " with a hard-coded password in Seagate Wireless Hard Drives. The secret Telnet Vulnerability ( CVE-2015-2874 ) with an inbuilt user account (default username and password — "root") allows an attacker to access the device remotely, left users data vulnerable to theft. According to US-CERT (Computer Emergency and Response Team) public advisory, multiple models of Seagate hard drives contain multiple vulnerabilities. Affected devices are: Seagate Wireless Plus Mobile Storage Seagate Wireless Mobile Storage (Wirelessly streaming your tablet and smartphone's data) LaCie FUEL (Wirelessly extending storage for iPads) The violation that an attacker can activate is, they can gain root access to the device and ac
Backdoor found in Chinese Tenda Wireless Routers, allows Root access to Hackers

Backdoor found in Chinese Tenda Wireless Routers, allows Root access to Hackers

Oct 19, 2013
Last week Craig Heffner, specialized on the embedded device hacking exposed a serious backdoor in number of D-Link routers allows unauthorized backdoor access. Recently he published his another researcher, Titled ' From China, With Love ', exposed that D-Link is not only the vendor who puts backdoors in their products. According to him, China based networking device and equipment manufacturer - Tenda Technology  (www.tenda.cn) also added potential backdoors into their Wireless Routers. He unpacked the software framework update and locate the httpd binary an found that the manufacturer is using GoAhead server, which has been substantially modified. These routers are protected with standard Wi-Fi Protected Setup (WPS) and WPA encryption key, but still by sending a UDP packet with a special string , an attacker could take over the router. Routers contain a flaw in the httpd component, as the MfgThread() function spawns a backdoor service that listens fo
More Resources

Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.