#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

RSA hack | Breaking Cybersecurity News | The Hacker News

Security firm Bit9 hacked, Stolen Digital Certs Used To Sign Malware

Security firm Bit9 hacked, Stolen Digital Certs Used To Sign Malware

Feb 09, 2013
Bit9 disclosed Friday that hackers had stolen digital code signing certificates from its network and have utilized it to sign malware. Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms. " As a result, a malicious third party was able to illegally gain temporary access to one of our digital code-signing certificates that they then used to illegitimately sign malware ," Bit9 Chief Executive Patrick Morley said in a blog post . The attackers then sent signed malware to at least three of Bit9's customers, although Bit9 isn't saying which customers were affected or to what extent. " Since we discovered this issue, we have been working closely with all of our customers to ensure they are no longer vulnerable to malware associated with the affected certificate ." and company said it has resolved the issue. It is not the first time that hackers have breached a security firm as part of a
Chinese malware campaign 'Beebus' target US defense industries

Chinese malware campaign 'Beebus' target US defense industries

Feb 06, 2013
A Chinese malware campaign called ' Beebus ' specifically targeting the aerospace and defense industries has been uncovered by FireEye security researchers. Beebus is designed to steal information, and begins its infiltration, as so many attacks do, with spear-phishing emails. Operation Beebus very related to Operation Shady RAT and was first detected in April 2011. The attacks carried out by  spear phishing attack and drive-by downloads as a means of infecting end users. malicious Whitepapers or PDFs were mailed to targets and by using known flaws, malware was able install Trojan backdoors on vulnerable systems. The malware communicates with a remote command and control (CnC) server. FireEye discovered the attacks on some of its customers in the aerospace and defence last March and the Vulnerability in the Windows OS known as DLL search order hijacking was used to drops a DLL called ntshrui.DLL in the C:\Windows directory.  It has modules to capture system information l
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources