#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

GSM hacking | Breaking Cybersecurity News | The Hacker News

Researchers Uncover New Attacks Against LTE Network Protocol

Researchers Uncover New Attacks Against LTE Network Protocol

Jun 30, 2018
If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely. A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users' cellular networks, modify the contents of their communications, and even can re-route them to malicious or phishing websites. LTE, or Long Term Evolution, is the latest mobile telephony standard used by billions of people designed to bring many security improvements over the predecessor standard known as Global System for Mobile (GSM) communications. However, multiple security flaws have been discovered over the past few years, allowing attackers to intercept user's communications, spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and knock devices entirely offline. 4G LTE Network Vulnerabilities Now, security researchers
Hackers can spy on your calls and track location, using just your phone number

Hackers can spy on your calls and track location, using just your phone number

Apr 19, 2016
In Brief The famous '60 Minutes' television show shocked some viewers Sunday evening when a team of German hackers demonstrated how they spied on an iPhone used by U.S. Congressman, then recorded his phone calls and tracked his movement through Los Angeles. Hackers leverage a security flaw in SS7 (Signalling System Seven) protocol that allows hackers to track phone locations, listen in on calls and text messages. The global telecom network SS7 is still vulnerable to several security flaws that could let hackers and spy agencies listen to personal phone calls and intercept SMSes on a potentially massive scale, despite the most advanced encryption used by cellular networks. All one need is the target's phone number to track him/her anywhere on the planet and even eavesdrop on the conversations. SS7 or Signalling System Number 7 is a telephony signaling protocol used by more than 800 telecommunication operators around the world to exchange information with one
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Hacking Air-Gapped Computer With A Simple Cell Phone

Hacking Air-Gapped Computer With A Simple Cell Phone

Jul 27, 2015
Wanna Hack an extremely secure Computer? You do not need sophisticated techniques or equipment to do so. To hack an Air-Gapped computer – All you need is a cell phone; even old-fashioned, dumb phones from the past decade will work. Yes, Hacking Air-Gapped Computers is possible using a basic low-end mobile phone. Israeli security researchers have devised a new attack to steal data from a computer that is isolated from the internet and other computers that are connected to external networks, also known as an air-gapped computer. This new hack attack that could steal data from a highly secured computer uses: The GSM network Electromagnetic waves A basic low-end mobile phone The research was conducted by lead security researcher Mordechai Guri, along with Yuval Elovici, Assaf Kachlon, Ofer Hasson, Yisroel Mirsky, and Gabi Kedma – the same researchers who developed a previous attack that used a smartphone to wirelessly extract data from Air-Gapped computers .
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Cybersecurity Resources