#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

network monitoring software | Breaking Cybersecurity News | The Hacker News

Category — network monitoring software
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software

Critical Security Flaws Exposed in Nagios XI Network Monitoring Software

Sep 20, 2023 Network Security / Vulnerability
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on August 4, 2023, They have been  patched  as of September 11, 2023, with the release of version 5.11.2. "Three of these vulnerabilities (CVE-2023-40931, CVE-2023-40933 and CVE-2023-40934) allow users, with various levels of privileges, to access database fields via SQL Injections," Outpost24 researcher Astrid Tedenbrant  said . "The data obtained from these vulnerabilities may be used to further escalate privileges in the product and obtain sensitive user data such as password hashes and API tokens." CVE-2023-40932, on the other hand, relates to a cross-site scripting (XSS) flaw in the Custom Logo component that could be used to read sensiti...
14 Ways to Evade Botnet Malware Attacks On Your Computers

14 Ways to Evade Botnet Malware Attacks On Your Computers

Dec 18, 2019
Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score. Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity . Solutions span a broad spectrum, from training email users to ensuring a VPN kill switch is in place, to adding extensive advanced layers of network protection. To successfully guard against severe threats from hackers, worm viruses to malware, such as botnet attacks, network managers need to use all tools and methods that fit well into a comprehensive cyber defense strategy. Of all the menaces mentioned above to a website owner's peace of mind, botnets arguably present the most unsettling form of security risk. They're not the mere achievements of malicious amateur cybercriminals. They're state...
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Dec 04, 2024Risk Management / Zero Trust
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and poor access management.  Privileged accounts with access to your critical systems and sensitive data are among the most vulnerable elements in cloud setups. When mismanaged, these accounts open the doors to unauthorized access, potential malicious activity, and data breaches. That's why strong privileged access management (PAM) is indispensable. PAM plays an essential role in addressing the security challenges of complex infrastructures by enforcing strict access controls and managing the life cycle of privileged accounts. By employing PAM in hybrid and cloud environments, you're not...
First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

Jun 09, 2017
It's not hard for a well-funded state-sponsored hacking group to break into corporate networks and compromise systems with malware, but what's challenging for them is to keep that backdoor and its communication undetectable from a firewall and other network monitoring applications. However, a cyber-espionage group known as " Platinum ," that is actively targeting governmental organisations, defense institutes, and telecommunication providers since at least 2009, has found a way to hide its malicious activities from host-based protection mechanisms. Microsoft has recently discovered that the cyber-espionage group is now leveraging Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) channel as a file-transfer tool to steal data from the targeted computers without detection. Intel-based chip sets come with an embedded technology, called AMT, which is designed to allow IT administrators to remotely manage and repair PCs, workstations, and serve...
cyber security

Breaking Barriers: Strategies to Unite AppSec and R&D for Success

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Critical Flaws Found in NETGEAR Network Management System

Critical Flaws Found in NETGEAR Network Management System

Feb 05, 2016
Netgear, one of the most popular router manufacturers, has been vulnerable to two different flaws that could allow hackers to compromise your corporate network and connected devices. Reported critical vulnerabilities reside in the Netgear's ProSafe NMS300 Model ( Network Management System ) – a centralized and comprehensive management application for network administrators that enables them to discover, monitor, configure, and report on SNMP-based enterprise-class network devices. SNMP ( Simple Network Management Protocol ) is a network management protocol which facilitates Netgear's ProSafe NMS300 application to gather data from various network devices such as servers, printers, hubs, switches, and routers. Remotely collected data includes CPU load, routing tables, and network traffic statistics. Serious Flaws in Network Management System A joint security dug conducted by Pedro Ribeiro ( Security Researcher of UK Based firm Agile Information ) along ...
Caution! Hackers Can Easily Hijack Popular Baby Monitors to Watch Your Kids

Caution! Hackers Can Easily Hijack Popular Baby Monitors to Watch Your Kids

Sep 04, 2015
Several video baby monitors from six different manufacturers were under scrutiny for in-depth security testing, and the outcome was negative. Yes, they lacked in serving basic security through their devices. At the High Technology Crime Investigation Association (HTCIA) conference on September 2, 2015, a critical security research was made public by Rapid7 after following a disclosure policy. A month ago, The Hacker News (THN) posted about how IoT is making the smart cities vulnerable to the technology. Similarly, this time a highly personal IoT device i.e. ' Baby Monitors ' has been anticipated as a victim of hacking of such devices. According to a 2014 Gartner's report, the IoT space is expected to be crowded with over 25 billion devices in five years, i.e. by 2020. Reportedly, ten vulnerabilities were found in the Baby Monitoring devices and the related vendors were contacted to get their comments on how are they going to address the severe flaws residing ...
Tor — How to Protect Your Digital Environment?

Tor — How to Protect Your Digital Environment?

Mar 17, 2015
Are you aware of everything that your users are accessing from your environment? While most of the time, non-work-related Internet browsing is harmless (looking at pictures of cats, online shopping, social media, etc.) there are some instances where you could be an unknowing and unwilling participant in criminal activity. That is, when users hide that activity via the Tor network , or the Dark Net . The Onion Router , better known as " Tor ", an open source project, launched in 2002, is designed to allow a user to browse the Internet anonymously via a volunteer network of more than 5000 relays. It doesn't share your identifying information like your IP address and physical location with websites or service providers. A user that navigate Internet using Tor , it's quite difficult to trace its activities ensuring his online privacy. There are arguably legitimate uses for this technology, such as providing Internet access in repressively regulated countri...
Chinese Telecom Routes Russian Domestic Internet Traffic through China

Chinese Telecom Routes Russian Domestic Internet Traffic through China

Nov 11, 2014
Russian Internet traffic, including the domestic one, has continuously been re-routed outside the country due to routing errors by China Telecom , which could result in compromising the security of Russian communications. Internet monitoring service Dyn reported Thursday in a blog post that the apparent networking fault is due to the weakness in the Border gateway protocol (BGP) , which forms the underpinning of the Internet's global routing system. The problem started after the BGP peering agreement signed between the China Telecom and top Russian mobile provider Vimpelcom in order to save money on transit operators, so that some of the domestic traffic may carried over the other's network rather than through a more expensive transit operator. Under this deal, Russian domestic traffic was repeatedly being routed to routers operated by China Telecom. Routing Traffic allows law enforcement agencies and hackers with the ability to monitor. " Unlike other routin...
Expert Insights / Articles Videos
Cybersecurity Resources