Tag: backdoor
-
China-Backed Hackers Backdoor US Carrier-Grade Juniper MX Routers
Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called TinyShell. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-hackers-backdoor-carrier-grade-juniper-mx-routers
-
Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor
Cybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks’ routers, attributing the activity to a Chinese espionage group known as UNC3886. The backdoors provided attackers with persistent…
-
China-linked APT UNC3886 targets EoL Juniper routers
Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper NetworksJunos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to…
-
China continues cyberattacks on routers, this time targeting Juniper Networks devices
Researchers said the state-backed group dubbed UNC3886 was behind a campaign to deploy custom backdoors on the company’s Junos OS routers. First seen on therecord.media Jump to article: therecord.media/china-continues-attacks-routers-juniper
-
Juniper MX routers targeted by China-nexus threat group using custom backdoors
The devices have reached end-of-life status and need to be upgraded, as the company has issued in a security advisory. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/juniper-routers-china–hacker-backdoor/742315/
-
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected. First seen on hackread.com Jump to article: hackread.com/chinese-group-unc3886-backdoor-juniper-routers/
-
Mandiant Uncovers Custom Backdoors on EndLife Juniper Routers
China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mandiant-uncovers-custom-backdoors-on-end-of-life-juniper-routers/
-
Lazarus Group Hid Backdoor in Fake npm Packages in Latest Attack
Lazarus Group targets developers with malicious npm packages, stealing credentials, crypto, and installing backdoor. Stay alert to protect your projects. First seen on hackread.com Jump to article: hackread.com/lazarus-group-backdoor-fake-npm-packages-attack/
-
Chinese Cyberespionage Group Tied to Juniper MX Router Hacks
Juniper Networks Urges Immediate Updating and Malware Scans to Block Attackers. Hackers have been infecting outdated Juniper MX routers with backdoor malware as part of an apparent cyberespionage campaign that traces to a Chinese-affiliated hacking team tracked as UNC 3886, warned Google’s Mandiant incident response group. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-cyberespionage-group-tied-to-juniper-mx-router-hacks-a-27696
-
Chinese cyberspies backdoor Juniper routers for stealthy access
Chinese hackers are deploying custom backdoors on Juniper Networks Junos OS MX routers that have reached end-of-life (EoL) and no longer receive security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-cyberspies-backdoor-juniper-routers-for-stealthy-access/
-
Fully Undetected Anubis Malware Enables Hackers to Execute Remote Commands
A recent alert has highlighted the emergence of the AnubisBackdoor, a Python-based backdoor attributed to the Savage Ladybug group, which is reportedly linked to the notorious FIN7 cybercrime gang. This malware is designed to provide remote access, execute commands, and facilitate data exfiltration, all while evading detection by most antivirus solutions. Technical Analysis The AnubisBackdoor…
-
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure.”The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that…
-
Chinese Hackers Implant Backdoor Malware on Juniper Routers
Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-backdoor-malware-juniper/
-
Secret London tribunal to hear appeal in Apple vs government battle over encryption
Campaigners call for High Court hearing to be held in public as tech giant appeals against UK government order to open a backdoor into its encrypted iCloud service First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620363/Secret-London-tribunal-to-hear-appeal-in-Apple-vs-government-battle-over-encryption
-
Downgraded: Alert Over IoT Wireless Chip ‘Backdoor’
Cybersecurity Firm Warns of ‘Hidden Features’ in the Widely Used ESP32 Chip. Researchers have discovered 29 undocumented commands in the Bluetooth implementation of the ESP32 microcontroller – one of the world’s most widely used chips in internet of things devices and industrial IoT devices – that attackers could use to read and modify device memory.…
-
Backdoor in Bluetooth-Chip entdeckt
Der Chip ESP32 kommt in zahlreichen Geräten zum Einsatz. Security-Forscher haben nun eine Sicherheitslücke gefunden.Der von der chinesischen Firma Espressif hergestellte ESP32 ist eine wichtige Komponente für die Wi-Fi- und Bluetooth-Konnektivität im IoT-Bereich (Internet of Things). Der Microchip kommt unter anderem in Smartphones, Computern, intelligenten Schlössern und medizinischen Geräten zum Einsatz. Forscher von Tarlogic Security…
-
Tarlogic Security entdeckt unbekannte Befehle in ESP32-Chip (BlueTooth, WiFi)
Sehr unschöne Geschichte, die Sicherheitsforscher von Tarlogic Security gerade offen gelegt haben. Es gibt einen Satz unbekannter Befehle, die quasi als Backdoor missbraucht werden könnten) in einem populären Chip, der in Millionen Geräten zur Unterstützung von BlueTooth- und WiFi-Verbindungen verbaut … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/10/tarlogic-security-entdeckt-unbekannte-befehle-in-esp32-chip-bluetooth-wifi/
-
UK Cybersecurity Weekly News Roundup 9 March 2025
Tags: android, attack, backdoor, breach, china, cloud, compliance, computer, cyber, cyberattack, cybercrime, cybersecurity, data, espionage, exploit, government, group, hacker, infrastructure, international, malware, microsoft, network, ransomware, regulation, resilience, service, skills, software, theft, update, vulnerabilityWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. Microsoft Engineer’s Transition to Cybersecurity Ankit Masrani, a 36-year-old software engineer, successfully transitioned into a cybersecurity role at Microsoft. With a background in IT and a Master’s degree in computer science, Masrani secured…
-
Undocumented hidden feature found in Espressif ESP32 microchip
Experts discovered an undocumented hidden feature in the ESP32 microchip manufactured by Espressif, which is used in over 1 billion devices. At the RootedCON, researchers at Tarlogic Innovation presented their findings on undocumented commands in the ESP32 microchip designed by the Chinese manufacturer Espressif. The hidden functionality could act as a backdoor, enabling impersonation attacks…
-
Bluetooth-Chip-Backdoor entdeckt: Über 1 Mrd. Geräte betroffen
Eine kritische Bluetooth-Chip Backdoor wurde entdeckt! Die Sicherheitslücke im Bluetooth-Chip ESP32 bedroht über eine Milliarde Geräte. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/bluetooth-chip-backdoor-entdeckt-ueber-1-mrd-geraete-betroffen-311350.html
-
Undocumented backdoor found in Bluetooth chip used by a billion devices
The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented backdoor that could be leveraged for attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/
-
Cybercriminals Allegedly Used a StubHub Backdoor to Steal Taylor Swift Tickets
Plus: The world’s “largest illicit online marketplace” gets hit by regulators, police seize the Garantex crypto exchange, and scammers trick targets by making up ransomware attacks. First seen on wired.com Jump to article: www.wired.com/story/stubhub-backdoor-stolen-taylor-swift-tickets/
-
Malicious backdoor-deploying JavaScript facilitates widespread WordPress site compromise
First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-backdoor-deploying-javascript-facilitates-widespread-wordpress-site-compromise
-
WordPress Sites Compromised by JavaScript Backdoors
First seen on scworld.com Jump to article: www.scworld.com/brief/wordpress-sites-compromised-by-javascript-backdoors
-
Apple withdraws encrypted iCloud storage from UK after government demands ‘backdoor’ access
After the Home Office issued a secret order for Apple to open up a backdoor in its encrypted storage, the tech company has instead chosen to withdraw the service from the UK First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619614/Apple-withdraws-encrypted-iCloud-storage-from-UK-after-government-demands-back-door-access
-
Apple drags UK government to court over ‘backdoor’ order
A first-of-its-kind legal challenge set to be heard this month, per reports First seen on theregister.com Jump to article: www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/
-
Apple Taking Legal Action Against UK Over Backdoor Demands
Apple told TechRepublic it is “gravely disappointed” to remove Advanced Data Protection in the U.K., as it fights government demands for an iCloud backdoor. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/apple-legal-action-uk-backdoor/
-
Apple takes UK government to court over ‘backdoor’ order
A first-of-its-kind legal challenge set to be heard this month, per reports First seen on theregister.com Jump to article: www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/
-
Iranian Hackers Target UAE Firms With Polyglot Files
An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano. The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/iranian-hackers-target-uae-firms-with-polyglot-files/