#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

IT security | Breaking Cybersecurity News | The Hacker News

Category — IT security
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

Jan 23, 2025 Malware / Enterprise Security
Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic . According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the threat actor in TCP traffic.  "J-magic campaign marks the rare occasion of malware designed specifically for Junos OS, which serves a similar market but relies on a different operating system, a variant of FreeBSD," the company said in a report shared with The Hacker News. Evidence gathered by the company shows that the earliest sample of the backdoor dates back to September 2023, with the activity ongoing between mid-2023 and mid-2024. Semiconductor, energy, manufacturing, and information technology (IT) sectors were the most targeted. Infections have been reported across Europe, Asia, and South America, including Argentine, Armenia, Brazil, Chile, Colombia, Indone...
Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action

Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action

Jan 16, 2025 Certificate Management / Compliance
The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust management? Forget it. It's simply not built for today's fast-paced, hybrid environments. You need a solution that can handle the chaos, not add to it. Introducing DigiCert ONE : a revolutionary platform designed to simplify and automate your entire trust ecosystem. But seeing is believing, right? That's why we're hosting a free webinar to show you DigiCert ONE in action. In this can't-miss event, you'll discover how to: Centralized Control, Simplified Operations: Tired of juggling certificate chaos? Discover how DigiCert ONE makes it easy to manage certificates for devices, users, and workloads—all in one place. Automate and Secure Your Hybrid Environment: Complexity ...
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Jan 20, 2025Data Security / Data Monitoring
Every week seems to bring news of another data breach, and it's no surprise why: securing sensitive data has become harder than ever. And it's not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting stricter and more elaborate.  The problem is that while the data landscape has evolved rapidly, the usual strategies for securing that data are stuck in the past. Gone are the days when data lived in predictable places, with access controlled by a chosen few. Today, practically every department in the business needs to use customer data, and AI adoption means huge datasets, and a constant flux of permissions, use cases, and tools. Security teams are struggling to implement effective strategies for securing sensitive data, and a new crop of tools, called data security platforms, have appear...
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

Jan 14, 2025 SaaS Security / Generative AI
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third-party risk. And, this growing attack surface, much of which is unknown or unmanaged in most orgs, has become an attractive target for attackers. So, why should you prioritize securing your SaaS attack surface in 2025? Here are 4 reasons. ‍ 1. Modern work runs on SaaS. When's the last time you used something other than a cloud-based app to do your work? Can't remember? You're not alone.  Outside of ...
cyber security

2024: A year of identity attacks | Get the new ebook

websitePush SecurityIdentity Security
Identity attacks were the leading cause of breaches in 2024. Learn how tooling and techniques are evolving.
Not Your Old ActiveState: Introducing our End-to-End OS Platform

Not Your Old ActiveState: Introducing our End-to-End OS Platform

Dec 18, 2024 Software Security / DevSecOps
Having been at ActiveState for nearly eight years, I've seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code. ActiveState has been helping enterprises manage open source for over a decade. In the early days, open source was in its infancy. We focused mainly on the developer case, helping to get open source on platforms like Windows. Over time, our focus shifted from helping companies run open source to supporting enterprises managing open source when the community wasn't producing it in the way they needed it. We began managing builds at scale, and supporting enterprises in understanding what open source they're using and if it's compliant and safe. Managing open source at scale in a large organization can be complex. To help companies overcome this and bring structure to their open source DevSecOps practice, we're unveiling our end-to-end platform to help m...
SaaS Budget Planning Guide for IT Professionals

SaaS Budget Planning Guide for IT Professionals

Dec 12, 2024 SaaS Management / Shadow IT
SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year , it's no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect both the bottom line and employee productivity.  In this article, we'll break down this topic that sits at the intersection of finance and IT and walk through what SaaS budget planning is, why it matters, and how you can avoid common SaaS budgeting mistakes. Are you planning Your 2025 Budget? You're likely wasting 25% of your SaaS spend—ready to reclaim it? Start a FREE 14-Day SaaS Management Trial and Save 25% of Your 2025 SaaS Spend. What is SaaS budget planning? SaaS budget planning is the process of creating budget plans for SaaS expenses within an organization. The process typically involves collaboration between finance, IT, and SaaS application owners.  On the surface, ...
The Future of Network Security: Automated Internal and External Pentesting

The Future of Network Security: Automated Internal and External Pentesting

Dec 10, 2024 Vulnerability / Perimeter Security
In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay ahead of attackers with cost-effective, frequent, and thorough security assessments. Strengthen Your Defenses: The Role of Internal and External Pentests  Effective cybersecurity requires addressing threats from both inside and outside your organization. Automated solutions streamline this process, enabling IT teams to implement a holistic and proactive defense strategy. Internal Pentesting: Securing the Core Internal pentesting simulates an attacker operating within your network, exposing vulnerabilities such as insider threats, compromised credentials, or breaches through physical or ...
Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar

Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar

Dec 07, 2024 Enterprise Security / Threat Prevention
Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management (PAM) solutions often fall short, leaving: Blind spots that limit full visibility. Complex deployment processes. Manual account discovery that's time-consuming. Weak enforcement of least privilege access. Gaps that let admins bypass controls. These flaws leave critical vulnerabilities that attackers exploit daily. But it doesn't have to be this way. In our webinar, " Preventing Privilege Escalation: Effective PAS Practices for Today's Threat Landscape , " we'll show you how to secure your privileged accounts and stay ahead of threats. What you'll gain: Close Security Gaps : Learn to find and fix vulnerabilities in your privileged accounts. Actionable Insights : Discover proven PAS strategies ...
The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think

The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think

Nov 18, 2024 DevOps / Identity Security
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak , up from 75% in the previous year's report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone . One of the more troubling aspects of this report is that over 90% of valid secrets found and reported remained valid for more than 5 days. According to the same research, on average, it takes organizations 27 days to remediate leaked credentials. Combine that with the fact that non-human identities outnumber human identities by at least 45:1 , and it is easy to see why many organizations are realizing stopping secrets sprawl means finding a way to deal with this machine identity crisis. Unfortunately, the research also shows that many teams are confused about who owns the security of these identities. It is a perfect storm of risk.  Why Does Rotation Take So L...
Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

Nov 02, 2024 SaaS Security / Identity Security
Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It's a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to move laterally within networks, causing widespread damage. Cybersecurity and IT professionals now face an uphill battle against these sophisticated threats. Traditional security measures are proving insufficient, leaving organizations vulnerable to data breaches, financial losses, and reputational harm. This webinar provides crucial insights and actionable strategies to help safeguard your organization against these evolving threats. Join us to hear from a renowned expert with firsthand experience in cyber defense. Ian Ahl, SVP of P0 Labs and former Head of Advanced Practices at Mandiant, brings extensive experience from responding to hundreds of breaches. He will shar...
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

Nov 01, 2024 SaaS Security / Insider Threat
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many challenges for security teams. Misconfigurations are silent killers, leading to major vulnerabilities. So, how can CISOs reduce the noise? What misconfiguration should security teams focus on first? Here are five major SaaS configuration mistakes that can lead to security breaches. #1 Misconfiguration: HelpDesk Admins Have Excessive Privileges Risk: Help desk teams have access to sensitive account management functions making them prime targets for attackers. Attackers can exploit this by convincing help desk personnel to reset MFA for privileged users, gaining unauthorized access to critical systems. Impact: Compromised help desk accounts can lead to unauthorized changes to admin-...
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

Oct 28, 2024 Vulnerability / Windows Security
A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more," SafeBreach researcher Alon Leviev said in a report shared with The Hacker News. The latest findings build on an earlier analysis that uncovered two privilege escalation flaws in the Windows update process ( CVE-2024-21302 and CVE-2024-38202 ) that could be weaponized to rollback an up-to-date Windows software to an older version containing unpatched security vulnerabilities. The exploit materialized in the form of a tool dubbed Windows Downdate, which, per Leviev, could be used to hijack the Windows Update process to craft fully undetectable, persistent, and irreversible downgrades on...
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

Oct 20, 2024 Insider Threat / Cyber Espionage
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some instances, fraudulent workers demanded ransom payments from their former employers after gaining insider access, a tactic not observed in earlier schemes," Secureworks Counter Threat Unit (CTU) said in an analysis published this week. "In one case, a contractor exfiltrated proprietary data almost immediately after starting employment in mid-2024." The activity, the cybersecurity company added, shares similarities with a threat group it tracks as Nickel Tapestry, which is also known as Famous Chollima and UNC5267 . The fraudulent IT worker scheme, orchestrated with the intent to advance North Korea's strategic and financial interests, refers to an insider threat...
Expert Insights / Articles Videos
Cybersecurity Resources