#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

cyber security software | Breaking Cybersecurity News | The Hacker News

Solution Providers Can Now Add Incident Response to Their Services Portfolio For Free

Solution Providers Can Now Add Incident Response to Their Services Portfolio For Free
Aug 17, 2021
The Incident Response (IR) services market is in accelerated growth due to the rise in cyberattacks that result in breaches. More and more organizations, across all sizes and verticals, choose to outsource IR to 3rd party service providers over handling security incidents in-house. Cynet is now launching a first-of-its-kind offering, enabling any Managed Security Provider (MSP) or Security Integrator (SI) to add Incident Response to its services portfolio, without building an in-house team of incident responders, by using Cynet's IR team and technology at no cost. Managed Service providers interested to add Incident Response to their service portfolio with no investment in people or technology can apply here . As cyber threats grow in sophistication and volume, there is an increasing number of cases in which attackers succeed in compromising the environments they target. This, in turn, fuels a rapidly growing demand for IR technologies and services. Since in most cases

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19
May 21, 2020
The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible cybersecurity. Tools for Collaboration There has been a massive spike in the adoption of Tools for Collaboration as a consequence of COVID-19. Concerns about the coronavirus have caused an enormous increase in remote working, with many organizations requiring or at least encouraging their workers to stay at home—especially when cities, states, and even some entire nations are ultimately into lock down in a bid to spread the stem of the disease. Meanwhile, with millions working from home for many weeks now, there has been a spike in the video conferencing and online collaboration software, many of which are fortunately entirely free, allowing orga

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Latest Kali Linux OS Added Windows-Style Undercover Theme for Hackers

Latest Kali Linux OS Added Windows-Style Undercover Theme for Hackers
Nov 27, 2019
You can relate this: While working on my laptop, I usually prefer sitting at a corner in the room from where no one should be able to easily stare at my screen, and if you're a hacker, you must have more reasons to be paranoid. Let's go undercover: If you're in love with the Kali Linux operating system for hacking and penetration testing, here we have pretty awesome news for you. Offensive Security today released a new and the final version of Kali Linux for 2019 that includes a special theme to transform your Xfce desktop environment into a Windows look-a-like desktop. Dubbed ' Kali Undercover ,' the theme has been designed for those who work in public places or office environments and don't want people to spot that you're working on Kali Linux, an operating system popular among hackers, penetration testers, and cybersecurity researchers. As shown in the demo below, simply enabling "Kali Undercover Mode" from the menu would immediat

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage

Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage
Nov 14, 2019
What could be even worse than getting hacked? It's the "failure to detect intrusions" that always results in huge losses to the organizations. Utah-based technology company InfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 2014 until March 2016. What's ironic is that the company detected the breach only after it received an alert that its servers had reached maximum storage capacity due to a data archive file that the hacker created. InfoTrax Systems is an American company based in Utah that provides backend operations systems to multi-level marketers, which also includes an extensive amount of sensitive data on their users' compensation, inventory, orders, and accounting. The breach reportedly occurred in May 2014 when the hacker exploited vulnerabilities in InfoTrax's server and its client's website to gain remote control over its server, allowing him to gain access t

Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame

Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame
Nov 11, 2019
ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News. With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile phones worldwide. Though neither ZoneAlarm or its parent company Check Point has yet publicly disclosed the security incident, the company quietly sent an alert via email to all affected users over this weekend, The Hacker News learned. The email-based breach notification advised ZoneAlarm forum users to immediately change their forum account passwords, informing them hackers have unauthorizedly gained access to their names, email addresses, hashed passwords, and date of births. Moreover, the company has also clarified that the security incident only affects users registered with the "

Breaches are now commonplace, but Reason Cybersecurity lets users guard their privacy

Breaches are now commonplace, but Reason Cybersecurity lets users guard their privacy
Oct 09, 2019
There has been no shortage of massive security breaches so far this year. Just last July, Capital One disclosed that it was hit by a breach that affected more than 100 million customers. Also recently, researchers came across an unsecured cloud server that contained the names, phone numbers, and financial information of virtually all citizens of Ecuador – around 20 million people . These are just the latest in a long line of security breaches affecting enterprises over the past few years. The Yahoo!, Equifax, and Marriott hacks and Facebook's scandal should still be fresh in people's memories, reminding everyone that even large corporations with budgets for enterprise cybersecurity may not be secure enough to protect customer information. These records are now out there, stored in hackers' data dumps , and are potentially tradable over the Dark Web. The availability of such information online increases a person's risk of being victimized through fraud and iden

CISO Kit — Breach Protection in the Palm of Your Hand

CISO Kit — Breach Protection in the Palm of Your Hand
Sep 11, 2019
CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing the need for constant vigilance. Moreover, CIOs and CISOs are heavily dependent on their team for knowledge and often lack the immediate interaction with the events in real-time. This situation is also far from favorable – after all, who if not the security executive should have the ability to be in-the-know and initiate action at the heart of things? Cynet rises to this challenge with the recently launched Cynet Dashboard application, which provides 24/7 insight into the overall security posture, real-time visibility into newly detected threats, and the ability to take rapid action if the nee

5 Cybersecurity Tools Every Business Needs to Know

5 Cybersecurity Tools Every Business Needs to Know
May 23, 2019
Cybersecurity experts all echo the same thing – cyber attacks are going to get more rampant, and they will continue to pose severe threats against all technology users. Businesses, in particular, have become prime targets for cybercriminals due to the nature of data and information they process and store. 2018 saw a slew of data breaches targeting large enterprises that resulted in the theft of the personal and financial records of millions of customers. Falling victim to cyber attacks can deal with a major financial blow to businesses as the cost of dealing with an attack has risen to $1.1 million on the average. It can even be more devastating for small to medium-sized businesses. 60 percent of these smaller operations close within six months after failing to recover from cyber attacks. But aside from these monetary costs, companies can also lose credibility and their customers' confidence. Needless to say, businesses must improve the protection of their infrastructures

Cynet's Free Incident Response Tool — Stop Active Attacks With Greater Visibility

Cynet's Free Incident Response Tool — Stop Active Attacks With Greater Visibility
May 07, 2019
The saying that there are two types of organizations, those that have gotten breached and those who have but just don't know it yet, has never been more relevant, making the sound incident response a required capability in any organization's security stack. To assist in this critical mission, Cynet is launching a free IR tool offering, applicable to both IR service providers in need of a powerful, free incident response platform , and to organizations that either suspect security incidents and want to get immediate visibility into what happened, or that know they have a breach and need to respond immediately. The Cynet Free IR tool offering for IR providers can be accessed here . The Cynet Free IR tool offering for organizations can be accessed here . Incident response is about getting two things done as fast as possible: accurately knowing breach scope and impact; ensuring that all malicious presence and activity are eliminated. Cynet introduces unmatched speed and effi

NSA Releases GHIDRA Source Code — Free Reverse Engineering Tool

NSA Releases GHIDRA Source Code — Free Reverse Engineering Tool
Apr 04, 2019
Update (4/4/2019) — Great news. NSA today finally released the complete source code for GHIDRA version 9.0.2 which is now available on its Github repository . GHIDRA  is agency's home-grown classified software reverse engineering tool that agency experts have been using internally for over a decade to hunt down security bugs in software and applications. GHIDRA is a Java-based reverse engineering framework that features a graphical user interface (GUI) and has been designed to run on a variety of platforms including Windows, macOS, and Linux. Reverse engineering a program or software involves disassembling, i.e. converting binary instructions into assembly code when its source code is unavailable, helping software engineers, especially malware analysts, understand the functionality of the code and actual design and implementation information. The existence of GHIDRA was first publicly revealed by WikiLeaks in CIA Vault 7 leaks , but the NSA today publicly released t

Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations

Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations
Apr 03, 2019
Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering based on more than 72 hours of data collection and enabling organizations to benchmark their security posture against their industry vertical peers and take actions accordingly. Cynet Free Threat Assessment (available for organizations with 300 endpoints and above) spotlights critical, exposed attack surfaces and provides actionable knowledge of attacks that are currently alive and active in the environment: ➤ Indication of live attacks: active malware, connection to C&C, data exfiltration, access to phishing links, user credential theft attempts and others: ➤ Host and app attack surfaces: unpatched vulnerabilities rated per criticality: ➤ Benchmark comparing

How Endpoint Management Can Keep Workplace IT Secure

How Endpoint Management Can Keep Workplace IT Secure
Apr 01, 2019
Workplaces have become highly connected. Even a small business could have dozens of devices in the form of desktops, mobile devices, routers, and even smart appliances as part of its IT infrastructure. Unfortunately, each of these endpoints can now be a weak link that hackers could exploit. Hackers constantly probe networks for vulnerable endpoints to breach. For example, systems and applications that are configured using recycled user names and passwords can easily be hacked given the availability of leaked credentials online. Password management service LastPass noted that 59% of users use the same password for multiple accounts. Malware and malicious processes may also target workstations. Cybersecurity firm Symantec found a 1,000 percent increase in PowerShell script attacks in 2018. These attacks use cleverly disguised malicious processes that appear legitimate at a cursory glance. This is why IT security career is fast evolving into a huge market. However, because o

Advanced Breach Protection Demystified – Untold Truths On Security Beyond AV

Advanced Breach Protection Demystified – Untold Truths On Security Beyond AV
Mar 28, 2019
Doing business in today's connected world means dealing with a continually evolving threat landscape. With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent. This puts extra onus on security IT teams, who are continuously left scrambling, looking for the best way to protect their organizations against the threats that bypass AV and firewall. Added to this is another challenge in that most organizations are limited in the resources they can invest in security. Many are left reliant on a single product on top of their security stack. Common practice in organizational security circles as they attempt to remain secure is to upgrade endpoint protection with EPP\EDR or a Network Analytic tool. But as we all know, what's common is not necessarily what's best. How can an organization ensure it remains secure, especially with all that is at stake?

Get 4 Essential CyberSecurity Software For Less Than $10 Per Month

Get 4 Essential CyberSecurity Software For Less Than $10 Per Month
Mar 22, 2019
Major data breaches and cyber attacks are occurring at an alarming rate, and if you are still not using a VPN and password manager app, you are seriously out of excuses. Not just VPN software and a password manager, cybersecurity experts also recommend using antivirus and backup solutions to protect your computers and precious data stored on them. Unfortunately, to cover these bases, one would typically have to spend at least $30 per month. However, here we have great news for millions of The Hacker News readers. Cybersecurity companies partnered with THN Deal Store have exclusively launched a new subscription package called — The Vault — that slashes the price for top security apps everyone needs to use. At just $9.99 monthly subscription, you can now get licenses for four award-winning cybersecurity apps: Dashlane Password Manager Panda Antivirus Software Degoo Online Backup — 2TB of Secure Cloud Storage NordVPN — One of the best VPN service providers in 2019
Cybersecurity Resources