#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Nmap | Breaking Cybersecurity News | The Hacker News

IoT/connected Device Discovery and Security Auditing in Corporate Networks

IoT/connected Device Discovery and Security Auditing in Corporate Networks

Feb 07, 2022
Today's enterprise networks are complex environments with different types of wired and wireless devices being connected and disconnected. The current device discovery solutions have been mainly focused on identifying and monitoring servers, workstation PCs, laptops and infrastructure devices such as network firewalls, switches and routers, because the most valuable information assets of organizations are being stored, processed and transferred over those devices, hence making them the prime target of security breaches and intrusions. However, a new trend has been emerging in the past four years,  where attackers have been targeting purpose-built connected devices  such as network printers and video conferencing systems as an entry point and data exfiltration route. These devices cannot be identified properly by the current IT asset discovery solutions for the following main reasons: Proprietary protocols are often used for managing and monitoring such devices that are not know
Insecure Apps that Open Ports Leave Millions of Smartphones at Risk of Hacking

Insecure Apps that Open Ports Leave Millions of Smartphones at Risk of Hacking

Apr 29, 2017
A team of researchers from the University of Michigan discovered that hundreds of applications in Google Play Store have a security hole that could potentially allow hackers to steal data from and even implant malware on millions of Android smartphones. The University of Michigan team says that the actual issue lies within apps that create open ports — a known problem with computers — on smartphones. So, this issue has nothing to do with your device's operating system or the handset; instead, the origin of this so-called backdoor is due to insecure coding practices by various app developers. The team used its custom tool to scan over 100,000 Android applications and found 410 potentially vulnerable applications — many of which have been downloaded between 10 and 50 Million times and at least one app comes pre-installed on Android smartphones. Here I need you to stop and first let's understand exactly what ports do and what are the related threats. Ports can be eit
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
GCHQ's HACIENDA Port Scanning Program Targeting Devices in 27 Countries

GCHQ's HACIENDA Port Scanning Program Targeting Devices in 27 Countries

Aug 16, 2014
Have you ever used Shodan search engine? A publicly available service crawls the Internet looking for connected devices and list their open ports, services running, system information etc. Shodan search engine is majorly used by Hackers, developers, students and anyone else with a sense of curiosity to find Internet-facing vulnerable systems with open ports and insecure mechanisms for authentication and authorization i.e. Servers, Internet-Connected Cameras, Traffic Lights, And SCADA Systems. According to latest revelation from the whistleblower Edward Snowden , British spy agency GCHQ – counterpart of NSA – apparently uses their own port scanning service to target internet-connected systems in at least 27 countries, in an attempt to potentially exploit them. In top-secret documents published by Heise on Friday, the Port-scan is a part of the "Hacienda" program which scans for open ports on all public-facing servers to find out vulnerable applications running on the
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
D-Link Releases Router Firmware Updates for backdoor vulnerability

D-Link Releases Router Firmware Updates for backdoor vulnerability

Dec 02, 2013
In October, A Security researcher ' Craig Heffner ' discovered a backdoor vulnerability ( CVE-2013-6027 ) with certain D-Link routers that allow cyber criminals to alter a router setting without a username or password. Last week, D-Link has released new version of Firmware for various vulnerable router models, that patches the unauthorized administrator access backdoor. Heffner  found that the web interface for some D-Link routers could be accessed if the browser's user agent string is set to xmlset_roodkcableoj28840ybtide . From last month, D-Link was working with Heffner and other security researchers, to find out more about the backdoor and now the Company has released the updates for the following models: DIR-100 DIR-120 DI-524 DI-524UP DI-604UP DI-604+ DI-624S TM-G5240 The company advised users to do not enable the Remote Management feature, since this will allow malicious users to use this exploit from the internet and also warned t
Hackers abusing online Nmap Port Scanning service

Hackers abusing online Nmap Port Scanning service

Dec 28, 2012
Most of you knows the power of Nmap, When used properly, Nmap helps protect your network from invaders. One of the best tool for hackers, penetration testers and Security  researchers. Officially Nmap a desktop tool, can be used as web version but should be under some limitations. When someone does Nmap scan against a target to find out the open ports, enumerating system details and installed services versions, most obvious if  used improperly, Nmap can get you sued, fired, expelled, jailed, or banned by your ISP for scanning a target under hacking attempt. Hacker can be tracked back via the IP address from where one perform the scanning, but what if a web version of Nmap available on a website, where one just need to enter the target IP/website address and that website will do a free scan against your target ? Seems easy and one can use Proxy to access that website and which will do a simple and fast scan for you ! Yes, a service called " ScanPlanner " (htt
Nmap 6.25 released with 85 new NSE scripts

Nmap 6.25 released with 85 new NSE scripts

Dec 03, 2012
After five months NMAP team release latest version of open source utility for network exploration or security auditing - NMAP 6.25 . It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Updates: integration of over 3,000 IPv4 new OS fingerprint submissions, over 1,500 service/version detection fingerprints, and of the latest IPv6 OS submissio
Cybersecurity Resources