Domain: trustwave.com
Stories and comments across the archive that link to trustwave.com.
Stories · 4
-
Hidden Backdoor Discovered In Chinese IoT Devices (techradar.com)
"A backdoor has been found in devices made by a Chinese tech firm specializing in VoIP products," reports TechRadar. An anonymous reader quotes their article: Security outfit Trustwave made the discovery of a hidden backdoor in DblTek's devices which was apparently put there to allow the manufacturer access to said hardware -- but of course, it's also open to being exploited by other malicious parties. The backdoor is in the Telnet admin interface of DblTek-branded devices, and potentially allows an attacker to remotely open a shell with root privileges on the target device.
What's perhaps even more worrying is that when Trustwave contacted DblTek regarding the backdoor last autumn -- multiple times -- patched firmware was eventually released at the end of December. However, rather than removing the flaw, the vendor simply made it more difficult to access and exploit. And further correspondence with the Chinese company has apparently fallen on deaf ears.
The firmware with the hole "is present on almost every GSM-to-VoIP device which DblTek makes," and Trustwave "found hundreds of these devices on the net, and many other brands which use the same firmware, so are equally open to exploit." -
Neutrino Exploit Kit Has a New Way To Detect Security Researchers (csoonline.com)
itwbennett writes: [The Neutrino exploit kit] is using passive OS fingerprinting to detect visiting Linux machines, according to Trustwave researchers who found that computers they were using for research couldn't make a connection with servers that delivered Neutrino. Daniel Chechik, senior security researcher at Trustwave's SpiderLabs division wrote that they tried changing IP addresses and Web browsers to avoid whatever was causing the Neutrino server to not respond, but it didn't work. But by fiddling with some data traffic that Trustwave's computers were sending to the Neutrino server, they figured out what was going on. -
Joomla SQL-Injection Flaw Affects Millions of Websites (trustwave.com)
An anonymous reader writes: Joomla has just issued a patch that fixes a SQL-injection vulnerability discovered by a researcher at Trustwave SpiderLabs. The flaw allowed malicious users to extract a browser cookie assigned to a site's administrator, giving them access to restricted parts of the server. The flaw first appeared in Joomla 3.2, released in November, 2013. An estimated 2.8 million websites rely on Joomla. The Joomla team and the researcher who found the flaw recommend an immediate update to version 3.4.5. -
The Latest Security Vulnerability: Your Toilet
NobleSavage writes "We all knew it was just a matter of time. With the rush to put more and more appliances on-line Japanese toilet-maker Satis, one of Japan's largest commode companies, has finally networked the toilet. Just as you would have predicted, the information security company Trustwave Holdings has published an advisory regarding Satis-brand toilets. According to Trustwave, every Satis toilet has the same hard-coded Bluetooth PIN, which means any person using the 'My Satis' [Android] application can control any Satis toilet."