#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

computer security conference | Breaking Cybersecurity News | The Hacker News

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Apr 06, 2020
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations. Zoom may never have designed its product beyond enterprise chat initially, but with the app now being used in a myriad number of ways and by regular consumers, the company's full scope of gaffes have come into sharp focus — something it was able to avoid all this time. But if this public scrutiny can make it a more secure product, it can only be a good thing in the long run. A Laundry
ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability

ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability

Aug 13, 2018
Your Mac computer running the Apple's latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that could allow a malicious application installed in the targeted system to virtually "click" objects without any user interaction or consent. To know, how dangerous it can go, Wardle explains : "Via a single click, countless security mechanisms may be completely bypassed. Run untrusted app? Click...allowed. Authorize keychain access? Click...allowed. Load 3rd-party kernel extension? Click...allowed. Authorize outgoing network connection? click ...allowed." Wardle described his research into "synthetic" interactions with a user interface (UI) as "The Mouse is Mightier than the Sword,"
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Two Million Cars Using Wireless Insurance Dongle Vulnerable to Hacking

Two Million Cars Using Wireless Insurance Dongle Vulnerable to Hacking

Jan 21, 2015
2015 will be a year more smarter than 2014 with smarter mobile devices, smarter home appliances, and yes Smarter Automobiles. Nowadays, there are a number of automobiles companies offering vehicles that run on a mostly drive-by-wire system, meaning that a majority of the controls are electronically controlled, from instrument cluster to steering, brakes, and accelerator as well. No doubt these systems makes your driving experience better, but at the same time they also increase the risk of getting hacked. According to a recent research, an electronic dongle used to plugged into the on-board diagnostic port of more than two million cars and trucks contains few security weaknesses that makes them vulnerable to wireless attacks, resulting in taking control of the entire vehicle. Since 2008, US-based Progressive Insurance has used the SnapShot device in more than two million vehicles . The little device monitors and tracks users' driving behavior by collecting vehicle location a
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources