Archive for the ‘backdoors’ Category

Threatpost News Wrap, February 5, 2016

February 5th, 2016
Mike Mimoso and Chris Brook discuss the news of the week including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there's a backdoor in Socat. They also preview next week's Security Analyst Summit in Tenerife, Spain.

Posted in backdoors, Crypto, encryption, cryptography, vulnerabilities, Web Security, IoT, Podcasts, Mike Mimoso, eBay, Security Analyst Summit, Going Dark., Chris Brook, Socat, #TheSAS2016, SAS 2016 | Comments (0)

Crypto flaw was so glaring it may be intentional eavesdropping backdoor

February 2nd, 2016

(credit: Jeremy Brooks )

An open source network utility used by administrators and security professionals contains a cryptographic weakness so severe that it may have been intentionally created to give attackers a surreptitious way to eavesdrop on protected communications, its developer warned Monday.

Socat is a more feature-rich variant of the once widely used Netcat networking service for fixing bugs in network applications and for finding and exploiting security vulnerabilities. One of its features allows data to be transmitted through an encrypted channel to prevent it from being intercepted by people monitoring the traffic. Amazingly, when using the Diffie-Hellman method to establish a cryptographic key, Socat used a non-prime parameter to negotiate the key, an omission that violates one of the most basic cryptographic principles.

The Diffie-Hellman key exchange requires that the value be a prime number, meaning it's only divisible by itself and the number one. Because this crucial and most basic of rules was violated, attackers could calculate the secret key used to encrypt and decrypt the protected communications. What's more, the non-prime value was only 1,024 bits long, a length that researchers recently showed is susceptible to cracking by state-sponsored attackers even when prime numbers are used.

Read 5 remaining paragraphs | Comments

Posted in backdoors, encryption, cryptography, Risk Assessment, Technology Lab, Law & Disorder, Socat | Comments (0)

Where do US presidential candidates stand on privacy and surveillance?

February 2nd, 2016
In the 2016 presidential campaign, cybersecurity, surveillance and privacy haven't received a whole lot of attention. Where do the candidates stand on these important issues?

Posted in backdoors, encryption, privacy, cryptography, Law & order, Jeb Bush, Hillary Clinton, rand paul, mass surveillance, US presidential election, Donald Trump, Bernie Sanders, ben carson, ted cruz, Campaign 2016, Marco Rubio | Comments (0)

Threatpost News Wrap, January 29, 2016

January 29th, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including the latest on the BlackEnergy APT Group, Amazon getting into the SSL certificate game, and government agencies being told to audit their systems for the Juniper backdoor.

Posted in apt, backdoors, malware, privacy, security, podcast, oracle, audit, vulnerabilities, BlackEnergy, Government, trojan, amazon, Web Security, Podcasts, Java, spearphishing, Juniper, SSL certificates | Comments (0)

Fighting human trafficking is the new justification for encryption backdoors (so says California)

January 25th, 2016
A lawmaker has put a call to outlaw encryption by default on mobile phones into a human trafficking bill.

Posted in apple, backdoors, encryption, google, privacy, ios, android, backdoor, data loss, Mobile, Law & order, Security threats, California, bill, jim cooper, AB 1681 | Comments (0)

Exploits, malverts, ransomware, iOS – and Star Wars! [Chet Chat Podcast 228]

January 25th, 2016
Join our experts for the latest episode of our weekly security podcast. From exploits to ransomware and from captive portals to Star Wars...

Posted in apple, backdoors, ios, podcast, cryptography, Technology, Vulnerability, ransomware, chester wisniewski, chet chat, Paul Ducklin, sophos security chet chat, sscc, Malvertising, Cryptowall, Exploit, password, exploit kits, angler, John Shier, captive portal, 123456, 12345678, letmein, online ads | Comments (0)

Secret SSH backdoor in Fortinet hardware found in more products

January 22nd, 2016

A recently identified backdoor in hardware sold by security company Fortinet has been found in several new products, many that were running current software, the company warned this week.

The undocumented account with a hard-coded password came to light last week when attack code exploiting the backdoor was posted online. In response, Fortinet officials said it affected only older versions of Fortinet's FortiOS software. The company went on to say the undocumented method for logging into servers using the secure shell (SSH) protocol was a "remote management" feature that had been removed in July 2014.

In a blog post published this week, Fortinet revised the statement to say the backdoor was still active in several current company products, including some versions of its FortiSwitch, FortiAnalyzer, and FortiCache devices. The company said it made the discovery after conducting a review of its products. Company officials wrote:

Read 1 remaining paragraphs | Comments

Posted in authentication, backdoors, Surveillance, Risk Assessment, Technology Lab | Comments (0)

Phone crypto scheme “facilitates undetectable mass surveillance”

January 20th, 2016

A MIKEY-SAKKE message is sent from the initiator to responder. (credit:

A security scheme that Britain's spy agency is promoting for encrypting phone calls contains a backdoor that can be accessed by anyone in possession of a master key, according to an analysis published Tuesday by a security expert at University College in London.

The MIKEY-SAKKE protocol is a specification based on the Secure Chorus, an encryption standard for voice and video that was developed by the Communications Electronics Security Group, the information security arm of the UK's Government Communications Headquarters. British governmental officials have indicated that they plan to certify voice encryption products only if they implement MIKEY-SAKKE and Secure Chorus.

According to Steven J. Murdoch, a Royal Society University Research Fellow in the Information Security Research Group of University College, MIKEY-SAKKE contains a backdoor that allows communications to be decrypted in bulk. It can be activated by anyone who has access to a master private key that's responsible for generating intermediate private keys. Because the master key is required to create new keys and to update existing ones, network providers must keep the master key permanently available.

Read 3 remaining paragraphs | Comments

Posted in backdoors, encryption, GCHQ, Risk Assessment, Technology Lab, Law & Disorder, government communications headquarters | Comments (0)

BlackBerry says its encryption has not been “cracked” by police

January 19th, 2016
BlackBerry is refuting recent media claims that its encryption was "cracked" in police investigations where data was recovered from encrypted devices.

Posted in backdoors, forensics, PGP, privacy, cryptography, backdoor, Mobile, Law & order, blackberry, encrypted email, Royal Canadian Mounted Police, Netherlands Forensics Institute, PGP BlackBerry | Comments (0)

New York tries to force phone makers to put in crypto backdoors

January 15th, 2016
If it passes, Apple and Google, et al., would have to either hobble encryption or pay $2,500 fines per phone sold in the state.

Posted in apple, backdoors, encryption, google, Microsoft, privacy, Surveillance, ios, android, backdoor, data loss, Mobile, Law & order, Security threats, Windows phone, blackberry, new york, bill | Comments (0)