#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

best privacy tools | Breaking Cybersecurity News | The Hacker News

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Apr 06, 2020
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations. Zoom may never have designed its product beyond enterprise chat initially, but with the app now being used in a myriad number of ways and by regular consumers, the company's full scope of gaffes have come into sharp focus — something it was able to avoid all this time. But if this public scrutiny can make it a more secure product, it can only be a good thing in the long run. A Laundry
Hotspot Shield VPN Accused of Spying On Its Users' Web Traffic

Hotspot Shield VPN Accused of Spying On Its Users' Web Traffic

Aug 08, 2017
" Privacy " is a bit of an Internet buzzword nowadays as the business model of the Internet has now shifted towards data collection. Although Virtual Private Network (VPN) is one of the best solutions to protect your privacy and data on the Internet, you should be more vigilant while choosing a VPN service which actually respects your privacy. If you are using popular free virtual private networking service Hotspot Shield , your data could be at a significant risk. A privacy advocacy group has filed a complaint with the Federal Trade Commission (FTC) against virtual private networking provider Hotspot Shield for reportedly violating its own privacy policy of "complete anonymity" promised to its users. The 14-page-long complaint filed Monday morning by the Centre for Democracy and Technology (CDT), a US non-profit advocacy group for digital rights, accused Hotspot Shield of allegedly tracking, intercepting and collecting its customers' data. Develo
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software

Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software

Oct 11, 2016
Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services. But it turns out that hackers are taking advantage of this opportunity by creating and distributing fake versions of encryption tools in order to infect as many victims as possible. Kaspersky Lab has revealed an advanced persistent threat (APT) group, nicknamed StrongPity , which has put a lot of efforts in targeting users of software designed for encrypting data and communications. The StrongPity APT group has been using watering-hole attacks, infected installers, and malware for many years to target users of encryption software by compromising legitimate sites or setting up their own malicious copycat sites. Watering hole attacks are designed to lure specific groups of users to their interest-based sites that typically house malicious files or
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Cybersecurity Resources