#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Intel Active Management Technology | Breaking Cybersecurity News | The Hacker News

First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

Jun 09, 2017
It's not hard for a well-funded state-sponsored hacking group to break into corporate networks and compromise systems with malware, but what's challenging for them is to keep that backdoor and its communication undetectable from a firewall and other network monitoring applications. However, a cyber-espionage group known as " Platinum ," that is actively targeting governmental organisations, defense institutes, and telecommunication providers since at least 2009, has found a way to hide its malicious activities from host-based protection mechanisms. Microsoft has recently discovered that the cyber-espionage group is now leveraging Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) channel as a file-transfer tool to steal data from the targeted computers without detection. Intel-based chip sets come with an embedded technology, called AMT, which is designed to allow IT administrators to remotely manage and repair PCs, workstations, and serve
Explained — How Intel AMT Vulnerability Allows to Hack Computers Remotely

Explained — How Intel AMT Vulnerability Allows to Hack Computers Remotely

May 05, 2017
Earlier this week Intel announced a critical escalation of privilege bug that affects its remote management features shipping with Intel Server chipsets for past 7 years, which, if exploited, would allow a remote attacker to take control of vulnerable PCs, laptops, or servers. The vulnerability, labeled CVE-2017-5689 , affects Intel remote management technologies, including Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) software, versions 6 through 11.6. The flaw was originally discovered by Maksim Malyutin, a member of Embedi research team, in mid-February, who then responsibly disclosed it to the Intel security team. My previous article , published earlier this week, was based on the partial information shared by Maksim to The Hacker News, as the reported Intel AMT vulnerability was highly critical and can be exploited remotely, Embedi held technical details until most sysadmins update their systems with a
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources