Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Consequences →

May 22, 2018 by Marc Handelman in Le Gouvernement, History of the Internet, Whois, What Could Go Wrong, Must Read

Unintended Consequences... via Alastair Paterson, writing as he often does at SecurityWeek, comes this commom sense post detailing issues with the European Union's General Data Protection Regulations (GDPR) as that regulation interfere's with what-may-seem-like-age-old-internetworking-tools - in this case Whois. Highly recommended and Today's MustRead!

May 22, 2018 /Marc Handelman
Le Gouvernement, History of the Internet, Whois, What Could Go Wrong, Must Read

Trustwave Locates New VOIP Device Backdoor →

March 08, 2017 by Marc Handelman in Believe It Or Not, All is Information, What Could Go Wrong, Information Security, Hardware Security

Meanwhile, in the Infosecurity.US What-Could-Possibly-Go-Wrong Department, comes this El Reg news item detailing a report published by researchers at Trustwave, of an undocumented backdoor account in DBLTek GoIP products. The kicker you ask? DBLTek has so far failed to remediate the issue, and has left the 'door' swinging on it's creaky hinges... Oops.

"Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in the authentication procedure." - via the published Trustwave Report

March 08, 2017 /Marc Handelman
Believe It Or Not, All is Information, What Could Go Wrong, Information Security, Hardware Security