#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

iPhone Instagram | Breaking Cybersecurity News | The Hacker News

Shocking! Instagram HACKED! Researcher hacked into Instagram Server and Admin Panel

Shocking! Instagram HACKED! Researcher hacked into Instagram Server and Admin Panel

Dec 18, 2015
Ever wonder how to hack Instagram or how to hack a facebook account? Well, someone just did it! But, remember, even responsibly reporting a security vulnerability could end up in taking legal actions against you. An independent security researcher claims he was threatened by Facebook after he responsibly revealed a series of security vulnerabilities and configuration flaws that allowed him to successfully gained access to sensitive data stored on Instagram servers , including: Source Code of Instagram website SSL Certificates and Private Keys for Instagram Keys used to sign authentication cookies Personal details of Instagram Users and Employees Email server credentials Keys for over a half-dozen critical other functions However, instead of paying him a reward, Facebook has threatened to sue the researcher of intentionally withholding flaws and information from its team. Wesley Weinberg , a senior security researcher at Synack, participated in Facebook's b
Instagram Patches flaw that Makes Private Photos Visible

Instagram Patches flaw that Makes Private Photos Visible

Jan 14, 2015
Your Instagram is not as Private as You Think. Millions of private Instagram photos may have been exposed publicly on the web until the company patched a privacy hole this weekend. Instagram team was unaware of a security vulnerability from long time which allowed anyone with access to an image's URL to view the photo, even those shared by users whose accounts are set to "private." In other words, If a private user shares an Instagram post with another service, such as Twitter or Facebook as part of the upload process, that shared photo will remain viewable to the public despite its privacy settings. The flaw was first reported by  David Yanofsky  at Quartz and Instagram acknowledged the issue last week before patching the flaw. In a statement to Quartz, an Instagram representative said: ' If you choose to share a specific piece of content from your account publicly, that link remains public but the account itself is still private, ' The Instagram vulnera
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
iPhone Instagram users vulnerable to hackers

iPhone Instagram users vulnerable to hackers

Dec 03, 2012
Instagram - Facebook's popular photo sharing app for iOS, is currently has a vulnerability that could make your account susceptible to hackers. A security researcher Carlos Reventlov  published on Friday another attack on Facebook's Instagram photo-sharing service that could allow a hacker to seize control of a victim's account. " The Instagram app communicates with the Instagram API via HTTP and HTTPs connections. Highly sensitive activities, such as login and editing profile data, are sent through a secure channel. However, some other request are sent through plain HTTP without a signature, those request could be exploited by an attacker connected to the same LAN of the victim's iPhone. " Vulnerability Details --   The vulnerability is in the 3.1.2 version of Instagram's application, which is  susceptible to "eavesdropping and man in the middle attacks that could lead an evil user to delete photos and download private media without the victim's con
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Cybersecurity Resources