#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

Privacy Breach | Breaking Cybersecurity News | The Hacker News

Beware! Viral Sarahah App Secretly Steals Your Entire Contact List

Beware! Viral Sarahah App Secretly Steals Your Entire Contact List
Aug 28, 2017
Are you also one of those 18 Million users using SARAHAH? You should beware of this app because the anonymous feedback application may not be as private as it really sounds. Sarahah is a newly launched app that has become one of the hottest iPhone and Android apps in the past couple of weeks, allowing its users to sign up to receive anonymised, candid messages from other Sarahah users. However, it turns out that the app silently uploads users' phone contacts to the company's servers for no good reason, spotted by security analyst Zachary Julian. When an Android or iOS user downloads and installs the app for the first time, the app immediately harvests and uploads all phone numbers and email addresses from the user's address book, according to The Intercept . While an app requesting access to the user's phonebook is quite common if the app provides any feature that works with contacts, no such functionality in Sarahah is available right now. "The pri

Hotspot Shield VPN Accused of Spying On Its Users' Web Traffic

Hotspot Shield VPN Accused of Spying On Its Users' Web Traffic
Aug 08, 2017
" Privacy " is a bit of an Internet buzzword nowadays as the business model of the Internet has now shifted towards data collection. Although Virtual Private Network (VPN) is one of the best solutions to protect your privacy and data on the Internet, you should be more vigilant while choosing a VPN service which actually respects your privacy. If you are using popular free virtual private networking service Hotspot Shield , your data could be at a significant risk. A privacy advocacy group has filed a complaint with the Federal Trade Commission (FTC) against virtual private networking provider Hotspot Shield for reportedly violating its own privacy policy of "complete anonymity" promised to its users. The 14-page-long complaint filed Monday morning by the Centre for Democracy and Technology (CDT), a US non-profit advocacy group for digital rights, accused Hotspot Shield of allegedly tracking, intercepting and collecting its customers' data. Develo

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

TalkTalk Hacked; 4 Million Credit Card Profiles may have been Stolen

TalkTalk Hacked; 4 Million Credit Card Profiles may have been Stolen
Oct 23, 2015
TalkTalk , one of the biggest UK-based phone and Internet service provider with more than 4 Million customers, has been hacked again, the company announced late Thursday. TalkTalk is informing its 4 million customers that it has fallen victim to a "significant and sustained cyber attack" and it is possible that sensitive data including bank details have been stolen. In February, TalkTalk suffered a major data breach in which its customer details were stolen and misused by scammers to access additional information as well as steal considerable amount of money. What data might have been Exposed? According to the company, potentially all of its 4 Million customers could be affected by the data breach. However, TalkTalk hasn't specified exactly what kind of data was stolen from its servers, but says that the systems accessed by hackers contained information including: Credit card details and/or bank details Full names Postal addresses Dates

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Web.com Hacked! Credit Card information of 93,000 Customers Compromised

Web.com Hacked! Credit Card information of 93,000 Customers Compromised
Aug 20, 2015
Web.com, a Florida-based web hosting company with up to 3.3 Million customers, has suffered a data breach and may have compromised personal information and credit card data belonging to 93,000 of its clients . The company on Tuesday confirmed that some unknown hackers had breached one of its computer systems on August 13, 2015, and accessed personal information of nearly 93,000 customers. Web.com, with the goal to help small businesses succeed online, uncovered the unauthorized activity as part of its ongoing security monitoring and shutdown process. The stolen information includes: Credit Card information Actual Names associated with the payment cards Residential Addresses No other information belonging to customers, such as Social Security numbers , Verification Codes for the exposed credit cards, was affected by the data breach, according to the company. "The security of our customer information is a high priority for Web.com," Web.com CEO and Chairman David L. Brow

Free Tool Allows Anyone to View Facebook Users' Hidden Friends List

Free Tool Allows Anyone to View Facebook Users' Hidden Friends List
May 08, 2015
Facebook lets you control your every single information posted on the social media site by giving many options to make them private from others, even from your friends. But… There are some personal information on Facebook that you just cannot completely hide — Your friends list are among those, even if there is an option to hide it. The issue resides in the Facebook's mutual-friends feature concept, which has been in controversies in the past, raising privacy concerns. But now, a new Free Chrome extension called " Facebook Friends Mapper " (developed by Alon Kollmann ) can expose a lot more than just mutual friends of the two Facebook users in " just one click ," creating high security and Privacy risks for Facebook users. Generally, Facebook also allows you to set the visibility of your list of Facebook friends to "Only Me" if you want to keep your friends list hidden from other Facebook users as well as your own friends. Howe

Police Using High-Tech Device to See Through Walls Warrantlessly

Police Using High-Tech Device to See Through Walls Warrantlessly
Jan 24, 2015
We are all aware of the mass surveillance conducted by the government agencies on us. From our phone calls, emails to web activities, chats and social network activities, everything has been interrupted by the law enforcements. And now they have crossed every limits by using a new way to spy on you. Guess What? Dozens of US law enforcement agencies are quietly taking advantage of the technology that allows them to effectively "see" through walls of buildings to monitor people's activity . This has once again raised privacy questions. Privacy has become just a word as there's nothing private left, not even our homes. According to a recent report from USA Today , over 50 law enforcement agencies, including Federal Bureau of Investigation (FBI) and U.S. Marshals, have secretly been using the new radars for the past two years, but it came to light just last month during a court hearing in Denver . The device, dubbed Range-R , sends out radio waves that can d

More Celebrity Photos Leaked — Kim Kardashian and Others Targeted

More Celebrity Photos Leaked — Kim Kardashian and Others Targeted
Sep 21, 2014
So far people have not forgotten about the recent celebrity iCloud hacking scandal , a new wave of photographs of celebrities have been leaked in what appears to be the second edition of the massive leak related to the celebrities intimate-images on Internet earlier this month. Among the victims of the most recent leak were reality television star Kim Kardashian , 33, actor Vanessa Hudgens , 25, and U.S. national women's soccer team goalie Hope Solo , 33. Mary-Kate Olsen, Avril Lavigne, Hayden Panettiere, Lake Bell, Leelee Sobieski and former Disney stars Aly and AJ Michalka are other potential victims of this hacking scandal. A video of Aubrey Plaza and previously unreleased photographs of celebrities included in the last leak, such as Oscar-winner Jennifer Lawrence and The Big Bang Theory star Kaley Cuoco , were also released with the recent privacy breach . The leaked Celebrity Photos first appeared Saturday morning on the image-sharing site 4Chan and were also post

Reported Apple iCloud Hack Leaked Hundreds of Celebrity Photos

Reported Apple iCloud Hack Leaked Hundreds of Celebrity Photos
Sep 02, 2014
Now this gonna be the height of Privacy Breach! Images of several high-profile persona including actors, models, singers and presenters have been made available online in a blatant hacking leak linked to the Apple iCloud service. The recent privacy breach appears to be one of the biggest celebrity privacy breaches in history and represents a serious offense and violation of privacy. A hacker allegedly breached Apple's iCloud service and copied the personal photos of at least 100 high-profile stars. WHO IS BEHIND IT The anonymous hacker, using the name Tristan , sparked the scandal on Sunday after dumping a large cache of female celebrities' alleged naked photographs onto the 4chan online forum, an online message board used for sharing pictures. The list of those celebrities allegedly affected, whose photographs are supposedly in this cache, is very long that includes Jenny McCarthy, Rihanna, Kristin Dunst, Kate Upton, the American actress Mary E Winstead , and the
Cybersecurity Resources