Tag Archives: Backdoor

Australian Cyber Assistance & Access Legislation, The ASS Access Bill 2018…

The Assistance and Access Bill 2018, better known as the Ass Access Bill, is a piece of legislation before the Australian Parliament that proposes to provide a way for the Australian Government to gain access to data that has previously been hidden by encryption. This is intended to provide law enforcement and other agencies a doorway into your private data. The department of Home Affairs have gone to great pains to emphasise that this is not a legislated backdoor to your devices, and they are technically correct. It is probably better described as a side door into your data.

Continue reading Australian Cyber Assistance & Access Legislation, The ASS Access Bill 2018…

The WordPress Plugin Backdoor Supply Chain Attack, Spammers are a Creative Bunch…

Security on the internet has always involved a series of evolving threats, as soon as one threat is blocked a new one pops its ugly head up. Vigilance is key and staying up to date in this game of moving targets is vitally important.

The latest threat to those running a WordPress website is the ‘Plugin Backdoor Supply Chain Attack’. A devious attack that’s fairly low tech but extremely effective. In this particular attack spammers are buying up WordPress Plugins used by 10’s of thousands of sites (hence the supply chain part of the name) and adding backdoor code to the plugin. When any site using the plugin updates to the latest version they have a spam delivery backdoor installed on their site, and unless they remove the plugin this spam delivery system can present some very dodgy content to their visitors.

Continue reading The WordPress Plugin Backdoor Supply Chain Attack, Spammers are a Creative Bunch…