Tag

Backdoor

All articles tagged with #backdoor

technology11 days ago•2 min saved

YellowKey sparks backdoor debate as BitLocker bypass claim surfaces

A security researcher known as Nightmare-Eclipse released YellowKey, a vulnerability they say can bypass BitLocker full-disk encryption, reportedly enabling unrestricted access to protected volumes after copying an FsTx folder to a USB drive or the EFI partition and rebooting into Windows Recovery Environment. The researcher alleges this points to an intentional backdoor in a WinRE component present in Windows 11 and some Server 2022/2025 images (Windows 10 allegedly unaffected), and also introduced a second exploit, GreenPlasma, for privilege escalation. Some third-party researchers reportedly corroborate aspects of YellowKey in public GitHub materials, though full PoC details were not published and Microsoft has not publicly commented. Mitigation suggestions include not relying on a single encryption system and considering alternatives like VeraCrypt. Further details are expected around Patch Tuesday.

via TechSpot|

#backdoor #bitlocker #cybersecurity

security17 days ago•17 min saved

DirtyFrag Drives Linux Privilege Escapes, Ubuntu Offline, and a Wave of Security Breaches

DirtyFrag chains CopyFail and a new RPC flaw to corrupt the Linux page cache, enabling root-level code execution and potential persistence or container escapes with no patches yet; Ubuntu endured a prolonged DDoS outage that knocked update services offline; ShinyHunters breached the education software provider Infrastructure, exposing Canvas student data; other notes include Edge password vault memory exposure and DaemonTools backdoored, with continued TETRA-related activity and Oracle shifting to monthly security updates.

via Hackaday|

#backdoor #breach #linux

technology25 days ago•3 min saved

Stealthy Python RAT Uses Hidden C2 Tunnel to Harvest Browser and Cloud Credentials

Security researchers uncovered DEEP#DOOR, a Python-based backdoor that embeds its payload in a dropper and gains persistence via Startup scripts, Run keys, Scheduled Tasks, and optional WMI subscriptions. It uses a Rust-based tunneling service (bore.pub) for C2 and offers full RAT capabilities—reverse shell, reconnaissance, keylogging, screen/audio capture, webcam access, and credential theft from browsers, cloud services, and Windows Credential Manager—while employing anti-analysis and defense-evasion techniques. Distribution appears phishing-based and targeted, with a modular, fileless design; it could be repurposed by different actors.

via The Hacker News|

#backdoor #cybersecurity #phishing

technology1 month ago•2 min saved

Batch of 108 Chrome extensions steals Google and Telegram data from about 20,000 users

Researchers uncovered a campaign of 108 Chrome extensions that funnel user data to a shared command-and-control backend, stealing Google account credentials via OAuth2, exfiltrating Telegram sessions, stripping security headers, and injecting ads and arbitrary scripts across every page you visit, in a campaign affecting roughly 20,000 installs. The extensions masqueraded as Telegram clients, gaming tools, and video enhancers, making the backdoor hard to spot; users should remove these extensions and log out of Telegram Web immediately.

via The Hacker News|

#backdoor #chrome-extension #data-exfiltration

technology3 months ago•3 min saved

Fake Moltbot VS Code Extension Delivers Stealth Remote-Access Backdoor

Security researchers flagged a fake Moltbot AI coding assistant extension for Visual Studio Code that auto-runs on launch, fetches payloads from malicious domains, and installs a remote-access backdoor (via ScreenConnect) with a DLL sideloading fallback, highlighting broader Moltbot misconfigurations and credential exposure across deployments.

via The Hacker News|

#backdoor #malware #remote-desktop

technology7 months ago•2 min saved

UK government renews push to access Apple user data amid privacy concerns

The UK government is attempting to access encrypted iCloud data by requesting Apple to create a backdoor, raising privacy concerns and marking a second such effort after previous negotiations failed. Apple opposes the move, emphasizing its commitment to user privacy and end-to-end encryption.

via TechCrunch|

#apple #backdoor #encryption

cybersecurity8 months ago•4 min saved

Chinese Hackers Deploy BRICKSTORM Malware to Target U.S. Legal and Tech Sectors

A suspected China-linked cyber espionage group, UNC5221, is using the sophisticated BRICKSTORM backdoor to infiltrate U.S. legal, tech, and SaaS sectors, maintaining long-term stealthy access to steal sensitive information and potentially exploit zero-day vulnerabilities, with ongoing development and active deployment across multiple systems.

via The Hacker News|

#backdoor #brickstorm #china-nexus

cybersecurity8 months ago•2 min saved

Hackers Exploit Zero-Day Flaw in Sitecore for Backdoors and Malware

Threat actors exploited a zero-day vulnerability in legacy Sitecore systems (CVE-2025-53690) involving a ViewState deserialization flaw caused by reused sample ASP.NET machine keys, leading to remote code execution and deployment of reconnaissance malware WeepSteel. The attack involved multi-stage exploits including privilege escalation and persistence techniques. Sitecore recommends immediate replacement and encryption of static machine keys to mitigate the vulnerability.

via BleepingComputer|

#backdoor #cve-2025-53690 #cybersecurity

cybersecurity8 months ago•21 min saved

GhostRedirector: A New China-Aligned Threat Targeting Windows Servers

ESET researchers uncovered GhostRedirector, a China-aligned threat actor that compromised at least 65 Windows servers mainly in Brazil, Thailand, and Vietnam, using custom tools like the passive backdoor Rungan and the malicious IIS module Gamshen to facilitate SEO fraud and maintain persistent access, with activities dating back to at least August 2024.

via WeLiveSecurity|

#backdoor #cybersecurity #ghostredirector

world9 months ago•3 min saved

UK drops 'backdoor' demand for Apple amid US pressure

The UK government has withdrawn its demand for Apple to create a backdoor to access encrypted user data after pressure from the Trump administration, preserving user privacy and security standards.

via CNN|

#apple #backdoor #encryption

technology9 months ago•2 min saved

UK Withdraws Apple Encryption Backdoor Demand Amid U.S. Opposition

The UK government has dropped its plan to force Apple to weaken encryption and include a backdoor, after U.S. civil liberties advocates and government partners pushed back, ensuring American citizens' data protections are maintained.

via The Hacker News|

#apple #backdoor #civil-liberties

technology9 months ago•3 min saved

UK Withdraws Backdoor Demand in Apple Data Dispute

The UK has reportedly dropped its demand for Apple to create a backdoor to iPhone encryption after pressure from the US, marking a victory for Apple and a potential easing of tensions over privacy and security. The move follows a legal challenge by Apple and US diplomatic efforts to protect encryption standards, highlighting ongoing debates over government access to encrypted data.

via theregister.com|

#apple #backdoor #encryption

technology9 months ago•2 min saved

UK drops backdoor demand in Apple encryption dispute

The UK has dropped its demand for Apple to provide backdoor access to encrypted user data, following US diplomatic efforts to protect privacy and civil liberties, and a legal challenge by Apple. This development may lead to the restoration of Apple's Advanced Data Protection service in the UK, but details remain uncertain.

via The Verge|

#apple #backdoor #encryption

world9 months ago•2 min saved

UK Drops Data Access Demands in Apple Privacy Dispute

U.S. spy chief Tulsi Gabbard announced that the UK has agreed to drop its mandate for Apple to create a backdoor to its encrypted data, following months of negotiations, amid concerns over security and privacy.

via CNBC|

#apple #backdoor #encryption

technology9 months ago•2 min saved

Nvidia Affirms AI Chip Security Amid US and China Concerns

Nvidia's security chief has denied the existence of backdoors or kill switches in its GPUs, amid US and Chinese government pressures and proposed legislation that could mandate such security features, highlighting concerns over hardware vulnerabilities and geopolitical implications.

via The Verge|

#ai-chips #backdoor #nvidia