Secret backdoor discovered in Zyxel firewalls and AP controllers

Over 100,000 Zyxel devices are potentially vulnerable to a secret backdoor caused by hardcoded credentials used to update firewall and AP controllers’ firmware. Dutch cybersecurity firm EYE discovered a secret hardcoded administrative account in the latest 4.60 patch 0 firmware. The account could be used to log into vulnerable devices over both SSH and the web interface. Since SSL VPN interface operates on the same port as web interface, Teusink found that many users have allowed port 443 to be accessible on the Internet.

Source: https://www.bleepingcomputer.com/news/security/secret-backdoor-discovered-in-zyxel-firewalls-and-ap-controllers/

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Selling technology to cops, part 2

This Week's TV: Felicia Day Plays a Hacker with a Dungeons and Dragons Tattoo

Certificate Security in the Wild West

Categories

Partners

Just add here your partners image or promo text