Skip to content

Offensive Security Experts

Customizable solutions to educate clients, identify security risks, inform intelligent business decisions, and enable you to reduce your attack surface digitally, physically and socially.

Red Teaming®

A multi-layered attack simulation designed to measure how well a company’s people and networks, applications, and physical security controls can withstand an attack from an adversary.

Penetration Testing

Inspects your network, application, device, and physical security through the eyes of BOTH a malicious actor and an experienced cybersecurity expert.

Social Engineering

Commonly known as “people hacking,” we aim to identify venerabilities by accessing a system, device, or physical premises.

Is You're Company Compliant?

RedTeam Security are the experts in helping you meet your industry’s security compliance standards, from banking to healthcare, retail and beyond.

PCI Penetration Testing

NERC CIP Compliance

HIPAA Penetration Testing

FDIC Penetration Testing

Cryptocurrency Compliance

RedTeam Quoted In CNN Article On AMX Backdoor

Written by
Jeremiah Talamantes in
CNN Money breaking news story

Today, RedTeam Security was asked to provide commentary on a CNN Money breaking news story regarding the discovery of a hidden backdoor within a popular conference calling product built by AMX. AMX manufactures conference calling equipment used by many organizations world wide, including the US Government.

The recently uncovered research shows the company hard-coded backdoor access into its system. AMX created a “secret account” with a permanent username and password, which means a hacker who already sneaked into a computer network could tap into actual meetings, if the hacker knew the backdoor access code.

What’s More:
Analysis of the hard-coded account credentials proved to be merely obfuscated with Base64 encoding — an extremely primitive method for obfuscating information, let alone sensitive data like passwords. Anyone with a computer and a free copy of Olly Dbg has the necessary tools to discover and decode the hard-coded username and password for these systems.

Credits: CNNMoney (New York)
Photo credits: Getty/CNNMoney

10-Point Offensive Security Checklist

Get A Bird's Eye View Of Your Organization's Security Readiness

Services Datasheet

Recent Posts

Featured On

National TV news and media outlets often consult with us for our expertise as a
boutique, high-touch ethical hacking firm highly trained in a narrow field of cyber
security. Please click on any logo below to view the featured story.