#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

network sniffing | Breaking Cybersecurity News | The Hacker News

New Variant of Emotet Banking Malware targets German Users

New Variant of Emotet Banking Malware targets German Users

Jan 07, 2015
A new Spam email campaign making the rounds in Germany are delivering a new variant of a powerful banking malware , a financial threat designed to steal users' online banking credentials, according to security researchers from Microsoft. The malware, identified as Emotet , was first spotted last June by security vendors at Trend Micro. The most standout features of Emotet is its network sniffing ability , which enables it to capture data sent over secured HTTPS connections by hooking into eight network APIs, according to Trend Micro. Microsoft has been monitoring a new variant of Emotet banking malware , Trojan:Win32/Emotet.C , since November last year. This new variant was sent out as part of a spam email campaign that peaked in November. Emotet has been distributed through spam messages, which either contain a link to a website hosting the malware or a PDF document icon that is actually the malware. HeungSoo Kang of Microsoft's Malware Protection Center identifi
Smartwatch Hacked... Data Exchange with Smartphone Not So Secure

Smartwatch Hacked... Data Exchange with Smartphone Not So Secure

Dec 11, 2014
We are living in an era of smart devices that we sync with our smartphones and make our lives very simple and easy, but these smart devices that inter-operates with our phones could leave our important and personal data wide open to hackers and cybercriminals. Security researchers have demonstrated that the data sent between a Smartwatch and an Android smartphone is not too secure and could be a subject to brute force hacks by attackers to intercept and decode users' data, including everything from text messages to Google Hangout chats and Facebook conversations. Well this happens because the bluetooth communication between most Smartwatches and Android devices rely on a six-digit PIN code in order to transfer information between them in a secure manner. Six-digit Pin means approx one million possible keys, which can be easily brute-forced by attackers into exposing entire conversations in plain text. Researchers from the Romania-based security firm Bitdefender ca
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
New Banking Malware with Network Sniffer Spreading Rapidly Worldwide

New Banking Malware with Network Sniffer Spreading Rapidly Worldwide

Jun 28, 2014
The hike in the banking malware this year is no doubt almost double compared to the previous one, and so in the techniques of malware authors. Until now, we have seen banking Trojans affecting devices and steal users' financial credentials in order to run them out of their money. But nowadays, malware authors are adopting more sophisticated techniques in an effort to target as many victims as possible. BANKING MALWARE WITH NETWORK SNIFFING Security researchers from the Anti-virus firm Trend Micro have discovered a new variant of banking malware that not only steals users' information from the device it has infected but, has ability to " sniff " network activity in an effort to compromise the devices of same network users as well. The banking malware, dubbed as EMOTET spreads rapidly through spammed emails that masquerade itself as a bank transfers and shipping invoices. The spammed email comes along with an attached link that users easily click, considering that t
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Cybersecurity Resources