#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Wi-Fi HotSpot | Breaking Cybersecurity News | The Hacker News

WikiLeaks Reveals How CIA Malware Tracks Geo-Location of its Targeted

WikiLeaks Reveals How CIA Malware Tracks Geo-Location of its Targeted

Jun 28, 2017
WikiLeaks has just published a new batch of the ongoing Vault 7 leak , and this time the whistleblowing website has unveiled a classified malware for that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system. In short, the malware does it by capturing the IDs of nearby public hotspots and then matching them with the global database of public Wi-Fi hotspots' locations. Dubbed ELSA , the alleged CIA's project consists of two main elements: the processing component (Operator Terminal) and the implant (Windows Target) which is typically being deployed on a target Windows host. Here's How the CIA's ELSA Malware Works The Elsa system first installs the malware on a targeted WiFi-enabled machine using separate CIA exploits to gain persistent access on the device. The malware then uses Wi-Fi hardware of the infected computer to scan nearby visible WiFi access points (AP) and records their ESSID – stands for Extended Service Se
Multiple Backdoors found in D-Link DWR-932 B LTE Router

Multiple Backdoors found in D-Link DWR-932 B LTE Router

Sep 29, 2016
If you own a D-Link wireless router, especially DWR-932 B LTE router , you should get rid of it, rather than wait for a firmware upgrade that never lands soon. D-Link DWR-932B LTE router is allegedly vulnerable to over 20 issues, including backdoor accounts, default credentials, leaky credentials, firmware upgrade vulnerabilities and insecure UPnP (Universal Plug-and-Play) configuration. If successfully exploited, these vulnerabilities could allow attackers to remotely hijack and control your router, as well as network, leaving all connected devices vulnerable to man-in-the-middle and DNS poisoning attacks. Moreover, your hacked router can be easily abused by cybercriminals to launch massive Distributed Denial of Service (DDoS) attacks, as the Internet has recently witnessed record-breaking 1 Tbps DDoS attack that was launched using more than 150,000 hacked Internet-connected smart devices. Security researcher Pierre Kim has discovered  multiple vulnerabilities in the D-Li
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
Facebook to Launch Commercial Express Wi-Fi Service In India

Facebook to Launch Commercial Express Wi-Fi Service In India

Aug 08, 2016
After the failure of Facebook's Free Basics -- an initiative to provide free Internet access -- in India due to the violation of Net Neutrality principles, Facebook has reintroduced its plan to provide Internet access in rural India, but this time: The social networking giant is planning to launch a commercial WiFi service in India. Facebook is testing a WiFi service in rural India, allowing people with no internet connection to buy affordable data packages from their local internet service providers (ISPs) in order to access the Internet via local hotspots. Dubbed Express Wi-Fi , the program is in sync with Mark Zuckerberg's Internet.org -- the platform Facebook used for its Free Basics to bring the Internet to all. India banned Free Basics in the country on net neutrality grounds. Net Neutrality advocates argued that by offering some websites and services for free, people are discouraged from visiting other sites. Now, Facebook has partnered with state-owned
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
iOS 8 Vulnerability Lets Hackers Crash Any iPhone and iPad Within Wi-Fi Range

iOS 8 Vulnerability Lets Hackers Crash Any iPhone and iPad Within Wi-Fi Range

Apr 22, 2015
Security researchers have uncovered a zero-day vulnerability in iOS 8 that could repeatedly crash users' Apple iPhones, iPads and iPods when the devices connect to a malicious wireless hotspot. It's like Denial of Service (DoS) attack on Apple's iOS devices that results in crashing either individual iOS apps or users' entire iPhones. NO iOS ZONE Adi Sharabani and Yair Amit of Mobile security firm Skycure presented their latest research, titled " No iOS Zone ", at the RSA security conference in San Francisco on Tuesday. The duo showed: It is possible for an attacker to create malicious Wi-Fi networks in order to crash nearby users' mobile devices with incredible accuracy. Also, even the "No iOS Zone" attack is capable to make iOS things within the range completely unusable by triggering constant numbers of reboots. It is nothing but a DoS attack… ...that makes the device inaccessible by its users, just like in the ca
Cybersecurity Resources