Only in Oz so far, but any security-focused individuals might wish to have a look at this to see if it translates to other business and/or POS systems.
This one seems to be just beginning, so best to take no chances I would think.
1 posted on
01/21/2016 7:20:10 PM PST by
Utilizer
To: All
AMX, however,
did not remove the backdoor with the patch.
Instead, the company swapped the superhero user name to 1MB@tMaN, and the account with full administrative privileges, accessible via Secure Shell or a web interface, remained.
(Emphasis intentionally indicated.)
2 posted on
01/21/2016 7:24:13 PM PST by
Utilizer
(Bacon A'kbar! - In world today are only peaceful people, and the muzrims trying to kill them)
To: Utilizer
setUpSubtleUserAccount Geeze! How stupid is it to leave a symbol name like that in the binary? Remember Windows NT and "_NSAKEY"?
3 posted on
01/21/2016 7:27:21 PM PST by
SeeSharp
To: All
Update: It seems some US government agencies (White Hut, Military Services) might have been / are targeted by this problem. More developing...
4 posted on
01/21/2016 7:30:35 PM PST by
Utilizer
(Bacon A'kbar! - In world today are only peaceful people, and the muzrims trying to kill them)
To: Utilizer
Makes you wonder about the vulnerability management security of our nation’s gov’t voting machines...
Democrat leftist hackers and all.
6 posted on
01/21/2016 8:01:51 PM PST by
MarchonDC09122009
(When is our next march on DC? When have we had enough?)
To: Utilizer
9 posted on
01/21/2016 8:48:32 PM PST by
Squeako
(Trump: The Red Kool-Aid to Obama's Blue Kool-Aid. (See home page for Rules For Trumpicals))
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson