Gregarius » BetaNews.Com » Hidden backdoor discovered in Chinese IoT devices

Canaux

108413 éléments (108413 non lus) dans 10 canaux

Actualités (48730 non lus)

• 01net. Actualités (48730 non lus)

Hoax (65 non lus)

• Top dix quotidien Sophos des canulars (65 non lus)

Logiciels (39066 non lus)

• BetaNews.Com (34382 non lus)
• Presence PC - Actualité Logiciels, jeux vidéos (3551 non lus)
• LeMondeInformatique.fr : Actualités Applications (1133 non lus)

Sécurité (1668 non lus)

• Actualités Sécurité Informatique (406 non lus)
• Les Nouvelles.net : sécurité informatique. (1262 non lus)

Referencement (18884 non lus)

• Secrets2moteurs (11765 non lus)
• Referencement Google WebRankInfo (2255 non lus)
• Abondance (4864 non lus)

BetaNews.Com

• 

  Hidden backdoor discovered in Chinese IoT devices

  Publié: mars 2, 2017, 3:27pm CET par Ian Barker

  Researchers at Trustwave have uncovered a backdoor in IoT devices from a Chinese manufacturer that could leave them open to exploitation. The backdoor is present in almost all devices produced by VoIP specialist DBLTek, and appears to have been purposely built in for use by the vendor. It uses a simple challenge and response mechanism to allow remote access. However, Trustwave's investigation has shown this scheme to be fundamentally flawed in that it is not necessary for a remote user to possess knowledge of any secret or password, besides the challenge itself and knowledge of the protocol/computation used. The issue… [Continue Reading]