SecurityDaze: BACKDOOR

Monday, October 14, 2013

BACKDOOR

BACKDOOR DISCOVERED IN D-LINK ROUTERS

Recently Craig Heffner, a vulnerability researcher with Tactical Network Solutions who specializes in wireless and embedded systems, found the vulnerability which is embedded in the D-Link firmware.

Should someone gain access to your router via the backdoor they could change the settings of your router and send you to fake websites which look exactly like the one you were going to (i.e. - Amazon.com). The specific browser string is "xmlset_roodkcableoj28840ybtide" which, when reversed reads "edit by joel backdoor" indicating this was intentional. Read the full article HERE.

'Nuff Said,
Brian

No comments:

Post a Comment

TOP TEN SECURITY TIPS

1. Verify that your wireless router is secured, has a name that does not indicate either your name or the router manufacturer, has WPS disabled, and the admin password is not the default password.

2. Keep your Anti-Virus up-2-date. If you have Symantec Anti-Virus 2011, purchase 2012, and when 2013 comes out, upgrade to it.

3. Quick scan your PC twice a month with Malwarebytes.

4. Update your Adobe Reader/Flash, and Java, directly from their websites. Do not trust the pop-up that says you have updates to install.

5. When a pop-up jumps onto your screen, if you don't know what it is, close it.

6. Outlook users (not Outlook Express), keep your "Viewing Pane" closed.

7. If your PC becomes infected, turn it off until a tech arrives.

8. Keep your data backed up, either via external USB drives, or an online service like Carbonite.

9. Don't be cheap. Free anti-virus software only protects you to a certain point. Symantec Internet 2012 will let you know if a link is good or bad when doing a search. If you consider the cost of the software vs. expensive and time consuming virus/trojan removal, it's a small price to pay.

10. Don't trust your email - too many emails which appear to be legit, are not.