#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

TripAdvisor | Breaking Cybersecurity News | The Hacker News

TripAdvisor's Viator Hit by Massive Data Breach Affecting 1.4 Customers

TripAdvisor's Viator Hit by Massive Data Breach Affecting 1.4 Customers

Sep 24, 2014
TripAdvisor's  Online travel booking and review website  Viator  has reportedly been hit by a massive data breach at its  that may have exposed payment card details and account credentials of its customers, affecting an estimated 1.4 million of its customers. The San Francisco-based Viator, acquired by TripAdvisor – the world's largest travel site – for £122 million ( US$ 200 million ) back in July, admitted late on Friday that the intruders have hacked into some of its customers' payment card accounts and made unauthorized charges. The data breach was discovered in the bookings made through Viator's websites and mobile offerings that could potentially affect payment card data. Viator said that the company has hired forensic experts to figure out the extent of the breach. Meanwhile, the company has begun notifying its affected customers about the security breach as said by the travel outfit in a press release . " On September 2, we were informed by
TripAdvisor travel website infected with Gamarue malware, infect 2% Indian Internet Users

TripAdvisor travel website infected with Gamarue malware, infect 2% Indian Internet Users

Nov 27, 2012
TripAdvisor Inc., a hotel-review website, recently became a victim of the bug, said Trend Micro Inc., an Internet security solutions provider. Many of TripAdvisor's users received spam mail with booking confirmations for hotels they had checked out on the website , 1.89% of Indian Internet Users have already been affected. The email purporting to be in the name of one of the Hotels has a similar theme to its English counterpart as it contains confirmation and details on an alleged booking reservation.  TripAdvisor, which is among India's top five travel brands as per digital market research firm ComScore Inc., globally has 60 million unique monthly visitors and 2.4 million unique users per month in India. Gamarue is a family of malware that may be distributed by exploit kits, spammed emails or other malware, and has been observed stealing information from an affected user. Trend Micro reported that one of their manager received the spam at his personal e-mail address but the addres
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources