#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

badBIOS | Breaking Cybersecurity News | The Hacker News

BIOS Malware that can remotely destroy any computer, NSA claimed

BIOS Malware that can remotely destroy any computer, NSA claimed

Dec 16, 2013
During a CBS Interview show " 60 Minutes ", The National Security Agency (NSA) officials claimed that China has developed a BIOS based malware that can remotely destroy any computer. Obviously NSA is struggling to repair its image and in an effort to justify their extensive Surveillance programs, The NSA Director General Keith Alexander and Information Assurance Director Debora Plunkett made a number of claims. During that interview NSA officials said that they had foiled a malware attack that could have taken down the U.S. economy. " One of our analysts actually saw that the nation state had the intention to develop and to deliver, to actually use this capability to destroy computers ," Plunkett said. They have mentioned that this malware was distributed via social engineering and targeted emails, although the NSA director mentioned that their researchers worked with computer manufacturers and able to close the respective vulnerability . " This is t
Malware that transfers stolen data using Inaudible Audio signals

Malware that transfers stolen data using Inaudible Audio signals

Dec 03, 2013
If you think that a computer which is not connected to a network, doesn't have any USB sticks attached to it and doesn't accept any kind of electronic connection requests are reasonably safe against hackers and from all the malware, then you are Wrong. Here we have something shocking update that Some German Scientists have developed a proof of concept Malware prototype, could allow a hacker to infect your computers and other digital devices just using  Inaudible Audio signals . The ability to bridge an air gap could be a potent infection vector. Just imagine, a cyber attack using high-frequency sound waves to infect machines, where stolen data also can be transferred back to attacker without a network connection, Sounds very terrifying ? When a few weeks ago, a security researcher Dragos Ruiu claimed malware dubbed badBIOS  allowed infected machines to communicate using sound waves alone, means that the devices are physically disconnected from any networks, including the inter
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources