#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

protect computer | Breaking Cybersecurity News | The Hacker News

FixMeStick PRO : Best remote malware remediation product

FixMeStick PRO : Best remote malware remediation product

Dec 20, 2012
This week Corey and Marty over at FixMeStick shared the specs of their recently released FixMeStick PRO with me. This Pro is the best remote malware remediation product we've seen. It retails for $299.99 per year, or $209.99 for the first 50 'The Hacker News' readers ( use coupon code  'THNFIX ' for 30% Discount ), and can be used an unlimited number of times on an unlimited number of PCs per year. The price is per year because the FixMeStick contains three anti-virus engines licensed from three anti-virus companies keeping three malware definition databases up to date etc... Finds: Three anti-virus engines working together to find the widest range of infections. Removes: 'Computer on a stick' architecture provides a separate and clean operating system to fix Windows operating systems. Delivers: Highest confidence remediation. Remote Access: Remote access independent of the host operating system, i.e. out-of-band remote management, like a remote access
Detected a malware that steal image files via FTP … Should we be concerned?

Detected a malware that steal image files via FTP … Should we be concerned?

Nov 09, 2012
I have recently found an interesting post of Niranjan Jayanand, a researcher of McAfee and members of Facebook team and customer escalation team. The experts announced that his team has recently detected a Trojan that is able to steal every king of image files form a Windows PC, including a memory dump of the victim machine (.dmp files), and upload them to an FTP server. The activities observed are much suspected, they portend that there is an ongoing attack for cyber espionage or a massive information theft operation by  cyber crime  . This could be just a first stages of the attacks in which information are collected for further and complex initiatives. The stolen image files could be used for blackmailing the victims and demanding a ransom , it's nor first time, let's reminds what happened some months ago when nude pictures of celebrities were stolen. This is not the unique use that I could suppose, images could be also used for other purposes, they could be related to reserved
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Anonymous ransomware spotted in the wild, campaign to Infamous Activists group

Anonymous ransomware spotted in the wild, campaign to Infamous Activists group

Nov 01, 2012
Folks from abuse.ch spotted an interesting piece of ransomware malware currently circulating in the wild. Current release is infecting Windows users. It seems that Cybercrooks are taking advantage of Anonymous Banner, for conducting such malware campaigns and supposed to be another game by opposite parties for discredit/Infamous the name of Anonymous in the eyes of the world. Before twitter user @FawkesSecurity posted a threat to bomb a government building by Anonymous. But later, collective group clear themself by statement, " Anonymous is not a terrorist organization. Anonymous does not use bombs. Anonymous does not condone violence in any way. Anonymous supports justice and universal equal rights. We support peaceful protest ." Ransomware malware restricts access to the computer system that it infects and demands a ransom paid to the creator of the malware in order for the restriction to be removed. Message read " Your computer has been hacked by the Ano
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Detecting Advanced Persistent Threat with Network Traffic Analysis

Detecting Advanced Persistent Threat with Network Traffic Analysis

Oct 27, 2012
A high degree of stealthiness over a prolonged duration of operation in order to do a successful cyber attack can be defined as Advanced Persistent Threat. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached. Today's successful targeted attacks use a combination of social engineering, malware, and backdoor activities. Nart Villeneuve and James Bennett (Senior Threat Researcher) from Trend Mirco provide an  ultimate guide for Detecting (APT) Advanced Persistent Threat activities with Network Traffic Analysis , that can be used to identify malware command-and control (C&C) communications related to these attacks, illustrating how even the most high-profile and successful attacks of the past few years could have been discovered. Paper cover Detecting Remote Access Trojans like The GhostNet, Nitro attack, RSA Breach, Taidoor campaign, Sy
Steam Browser Protocol Vulnerability can allow hackers to hijack PC

Steam Browser Protocol Vulnerability can allow hackers to hijack PC

Oct 16, 2012
Italian security Researchers Luigi Auriemma and Donato Ferrante from ' ReVuln ' reported the flaw in Steam Browser Protocol. Stream the popular online distribution platform with 54 million users. The flaw allow the attacker to write arbitrary text to file and direct victims to external payloads and even the computer can take over. The popular gaming platform uses the steam:// URL protocol in order to run, install and uninstall games, backup files, connect to servers and reach various sections dedicated to customers. It is possible to Safari, Maxthon and Firefox and other browsers based on the Mozilla engine, this quietly Steam URLs to invoke. In report they said that browsers including Firefox and software clients including RealPlayer would execute the external URL handler without warnings and were "a perfect vector to perform silent Steam browser protocol calls". The researchers demonstrated how users on the massive Source game engine, which hosts games like
Cybersecurity Resources