#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

Banking application | Breaking Cybersecurity News | The Hacker News

Category — Banking application
Hacker finds flaws that could let anyone steal $25 Billion from a Bank

Hacker finds flaws that could let anyone steal $25 Billion from a Bank

May 17, 2016
A security researcher could have stolen as much as $25 Billion from one of the India's biggest banks ‒ Thanks to the bank's vulnerable mobile application. Late last year, security researcher Sathya Prakash discovered a number of critical vulnerabilities in the mobile banking application of an undisclosed bank that allowed him to steal money from any or all bank customers with the help of just a few lines of code. Being a white hat hacker, Prakash immediately reached out to the bank and alerted it about the critical issues in its mobile app and helped the bank fix them, instead of taking advantage of the security holes to steal money from the bank that has about 25 Billion USD in Deposits. While analyzing the mobile banking app, Prakash discovered that the app lacks Certificate Pinning , allowing any man-in-the-middle attacker to downgrade SSL connection and capture requests in plain text using fraudulently issued certificates. Also Read:  Best Password Manager — For ...
New Android Banking Trojan targeting Korean users

New Android Banking Trojan targeting Korean users

Oct 24, 2013
A very profitable line for mobile malware developers is Android Banking Trojans, which infect phones and steal passwords and other data when victims log onto their online bank accounts. One recent trend is Android malware that attacks users in specific countries, such as European Countries, Brazil and India.  The Antivirus software maker Malwarebytes noticed that a new threat distributed via file sharing sites and alternative markets in the last few months, targets Korean users. Dubbed as ' Android/Trojan . Bank . Wroba ', malware disguises itself as the Google Play Store app and run as a service in the background to monitor events.  " This enables it to capture incoming SMS, monitor installed apps and communicate with a remote server. " According to the researcher, after installation - malware lookup for existence of targeted Banking applications on the device, remove them and download a malicious version to replace. " The malicious v...
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

Jan 14, 2025SaaS Security / Generative AI
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third-party risk. And, this growing attack surface, much of which is unknown or unmanaged in most orgs, has become an attractive target for attackers. So, why should you prioritize securing your SaaS attack surface in 2025? Here are 4 reasons. ‍ 1. Modern work runs on SaaS. When's the last time you used something other than a cloud-based app to do your work? Can't remember? You're not alone.  Outside of ...
Expert Insights / Articles Videos
Cybersecurity Resources