#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Oopss! HBO Itself Accidentally Leaked 'Game of Thrones' Season 7 Episode 6

Oopss! HBO Itself Accidentally Leaked 'Game of Thrones' Season 7 Episode 6
Aug 16, 2017
HBO doesn't need hackers to leak its widely watched " Game of Thrones " episodes, as it is sufficient enough to leak them by its own. In what seems to be a terrible blunder, HBO Spain appeared to have accidentally broadcast the next episode— Episode 6 —of Game of Thrones season 7 five days before its official premiere. And as expected, the GoT episode 6 quickly began circulating online. HBO has recently been facing trouble from a hacker or group of hackers who claimed to have obtained nearly 1.5 terabytes of information from the entertainment company. Late last month, the unknown hackers dropped upcoming episodes of "Ballers" as well as "Room 104," along with a script of the fourth episode of "Game of Thrones" on the internet. The leak was followed by another dump of a half-gigabyte sample of stolen HBO data, including HBO's emails, employment agreements, and balance sheets, along with the script of the upcoming Game of Thro

Corrupt Federal Agent, Who Stole Bitcoins From Silk Road, Pleads Guilty To Money Laundering

Corrupt Federal Agent, Who Stole Bitcoins From Silk Road, Pleads Guilty To Money Laundering
Aug 16, 2017
A former the United States Secret Service agent who stole hundreds of thousands of dollars worth of Bitcoins during an investigation into then-largest underground marketplace Silk Road has now pleaded guilty to money laundering. Shaun W. Bridges is one of two former US undercover agents who pleaded guilty in 2015 to one count of money laundering and one count of obstruction and was sentenced in December same year to almost six years in prison for stealing over $800,000 in Bitcoin while investigating Silk Road. 35-years-old Bridges, who had been a Special Agent with the U.S. Secret Service for almost 6 years, along with his partner stole money from Silk Road accounts and framed someone else for the laundering, which even led the Silk Road founder Ross Ulbricht to plan a murder. Ulbricht was convicted in February 2015 of running the Silk Road underground black market and is now serving life in prison sentence . According to the Department of Justice, Bridges is believed to

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

8 More Chrome Extensions Hijacked to Target 4.8 Million Users

8 More Chrome Extensions Hijacked to Target 4.8 Million Users
Aug 16, 2017
Google's Chrome web browser Extensions are under attack with a series of developers being hacked within last one month. Almost two weeks ago, we reported how unknown attackers managed to compromise the Chrome Web Store account of a developer team and hijacked Copyfish extension , and then modified it to distribute spam correspondence to users. Just two days after that incident, some unknown attackers then hijacked another popular extension ' Web Developer ' and then updated it to directly inject advertisements into the web browser of over its 1 million users. After Chris Pederick, the creator of 'Web Developer' Chrome extension that offers various web development tools to its users, reported to Proofpoint that his extension had been compromised, the security vendor analysed the issue and found further add-ons in the Chrome Store that had also been altered. According to the latest report published by the researchers at Proofpoint on Monday, the expanded

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Backdoor Found in Popular Server Management Software used by Hundreds of Companies

Backdoor Found in Popular Server Management Software used by Hundreds of Companies
Aug 16, 2017
Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect. Recently, cyber crooks managed to infiltrate the update mechanism for a popular server management software package and altered it to include an advanced backdoor, which lasts for at least 17 days until researchers discovered it. Dubbed ShadowPad , the secret backdoor gave attackers complete control over networks hidden behind legit cryptographically signed software sold by NetSarang —used by hundreds of banks, media firms, energy companies, and pharmaceutical firms, telecommunication providers, transportation and logistics and other industries—for 17 days starting last month. Important Note — If you are using any of the affected product (listed below), we highly recommend you stop using it until you update them. Hacker Injected Backdoor Through Software Update Mechanism

Faulty Firmware Auto-Update Breaks Hundreds of 'Smart Locks'

Faulty Firmware Auto-Update Breaks Hundreds of 'Smart Locks'
Aug 15, 2017
More features, more problems! Today, we are living in a digital age that is creating a digital headache for people by connecting every other unnecessary home appliance to the Internet. Last week, nearly hundreds of Internet-connected locks became inoperable after a faulty software update hit some models. Users of remotely accessible smart locks made by Colorado-based company LockState have taken to social media platforms including Twitter to complain that their $469 Lockstate 6000i locks started to fail from last Monday, leaving the keypad entirely useless. LockState's RemoteLock 6i (6000i) is an Internet-connected smart lock that connects to your home Wi-Fi network for remote control and monitoring as well as firmware updates. LockState is even a partner with Airbnb, allowing Airbnb hosts' to give their guests entry code in order to get into hotel properties without having to share physical keys. However, last week many Airbnb customers were unable to use the bu

Warning: Two Dangerous Ransomware Are Back – Protect Your Computers

Warning: Two Dangerous Ransomware Are Back – Protect Your Computers
Aug 15, 2017
Ransomware has been around for a few years but has become an albatross around everyone's neck—from big businesses and financial institutions to hospitals and individuals worldwide—with cyber criminals making millions of dollars. In just past few months, we saw a scary strain of ransomware attacks including WannaCry , Petya and LeakerLocker , which made chaos worldwide by shutting down hospitals, vehicle manufacturing, telecommunications, banks and many businesses. Before WannaCry and Petya , the infamous Mamba full-disk-encrypting ransomware and the Locky ransomware had made chaos across the world last year, and the bad news is—they are back with their new and more damaging variants than ever before. Diablo6: New Variant of Locky Ransomware First surfaced in early 2016, Locky has been one of the largest distributed ransomware infections, infecting organisations across the globe. By tricking victims into clicking on a malicious attachment, Locky ransomware encrypt
Cybersecurity Resources