#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

telnet | Breaking Cybersecurity News | The Hacker News

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers
Sep 07, 2015
Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an " undocumented Telnet services " with a hard-coded password in Seagate Wireless Hard Drives. The secret Telnet Vulnerability ( CVE-2015-2874 ) with an inbuilt user account (default username and password — "root") allows an attacker to access the device remotely, left users data vulnerable to theft. According to US-CERT (Computer Emergency and Response Team) public advisory, multiple models of Seagate hard drives contain multiple vulnerabilities. Affected devices are: Seagate Wireless Plus Mobile Storage Seagate Wireless Mobile Storage (Wirelessly streaming your tablet and smartphone's data) LaCie FUEL (Wirelessly extending storage for iPads) The violation that an attacker can activate is, they can gain root access to the device and ac

Backdoor found in Chinese Tenda Wireless Routers, allows Root access to Hackers

Backdoor found in Chinese Tenda Wireless Routers, allows Root access to Hackers
Oct 19, 2013
Last week Craig Heffner, specialized on the embedded device hacking exposed a serious backdoor in number of D-Link routers allows unauthorized backdoor access. Recently he published his another researcher, Titled ' From China, With Love ', exposed that D-Link is not only the vendor who puts backdoors in their products. According to him, China based networking device and equipment manufacturer - Tenda Technology  (www.tenda.cn) also added potential backdoors into their Wireless Routers. He unpacked the software framework update and locate the httpd binary an found that the manufacturer is using GoAhead server, which has been substantially modified. These routers are protected with standard Wi-Fi Protected Setup (WPS) and WPA encryption key, but still by sending a UDP packet with a special string , an attacker could take over the router. Routers contain a flaw in the httpd component, as the MfgThread() function spawns a backdoor service that listens fo

external linkTraditional App Security is No Longer Enough

SaaS
websitewww.nonamesecurity.comAPI Security
When it comes to ensuring the security of your APIs, there are four critical capabilities.
Cybersecurity Resources