#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

satellite hacking | Breaking Cybersecurity News | The Hacker News

Russian Hackers Hijack Satellite To Steal Data from Thousands of Hacked Computers

Russian Hackers Hijack Satellite To Steal Data from Thousands of Hacked Computers
Sep 10, 2015
A group of Russian hackers, most notably the Turla APT (Advanced Persistent Threat) is hijacking commercial satellites to hide command-and-control operations, a security firm said today. Turla APT group, which was named after its notorious software Epic Turla , is abusing satellite-based Internet connections in order to: Siphon sensitive data from government, military, diplomatic, research and educational organisations in the United States and Europe. Hide their command-and-control servers from law enforcement agencies. Despite some of its operations were uncovered last year, Turla APT group has been active for close to a decade, while remaining invisible by cleverly hiding from law enforcement agencies and security firms. Now, security researchers from Moscow-based cyber security firm Kaspersky Lab claim to have identified the way Turla APT group succeeded in hiding itself. The researchers said the group disguised itself by using commercial satellite Internet

How a Cell Phone User Can be Secretly Tracked Across the Globe

How a Cell Phone User Can be Secretly Tracked Across the Globe
Sep 17, 2014
Since we are living in an era of Mass surveillance conducted by Government as well as private sector industries, and with the boom in surveillance technology, we should be much worried about our privacy. According to the companies that create surveillance solutions for law enforcement and intelligence agencies, the surveillance tools are only for governments. But, reality is much more disappointing. These surveillance industries are so poorly regulated and exceedingly secretive that their tools can easily make their way into the hands of repressive organizations. Private surveillance vendors sell surveillance tools to governments around the world, that allows cellular networks to collect records about users in an effort to offer substantial cellular service to the agencies. Wherever the user is, it pinpoint the target's location to keep every track of users who own a cellphone — here or abroad. We ourselves give them an open invitation as we all have sensors in our

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

Thousands of High-Risk Vulnerabilities Found in NOAA Satellite System

Thousands of High-Risk Vulnerabilities Found in NOAA Satellite System
Sep 10, 2014
The informational systems that the National Oceanic and Atmospheric Administration (NOAA) run are loaded with several critical vulnerabilities that could leave it vulnerable to cyber attacks. According to the findings of an audit recently conducted by the Department of Commerce's Office of the Inspector General (OIG), the Joint Polar Satellite System's (JPSS) ground system is vulnerable to a large number of high-risk vulnerabilities. The JPSS ground system is used to collect data from several polar-orbiting weather satellites, and distribute the information to users worldwide. This system also provides command, control and data processing for current and future weather satellites. But, the vulnerabilities identified in the system could impair technology controlling the United States' next generation of polar-orbiting environmental satellites. " Our analysis of the JPSS program's assessments of system vulnerabilities found that, since FY 2012, the number of high-ris

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Satellite Communication (SATCOM) Devices Vulnerable to Hackers

Satellite Communication (SATCOM) Devices Vulnerable to Hackers
Apr 18, 2014
The growing threat of cyber-attacks and network hacking has reached the satellite-space sector, posing a growing challenge to the satellite operators. Because the satellite system are the critical components for the Nation to a modern military, they have become an attractive target of cyber attacks . A security firm uncovered a number of critical vulnerabilities, including hardcoded credentials, undocumented and insecure protocols, and backdoors in the widely used satellite communications (SATCOM) terminals, which are often used by the military , government and industrial sectors. By exploiting these vulnerabilities an attacker could intercept, manipulate, block communications, and in some circumstances, could remotely take control of the physical devices used in the mission-critical satellite communication (SATCOM). Once the attacker gained the access of the physical devices used to communicate with satellites orbiting in space, he can completely disrupt military ope

Small satellite terminals (VSAT) are vulnerable to Cyber attack

Small satellite terminals (VSAT) are vulnerable to Cyber attack
Jan 10, 2014
The Military Units that rely on very small aperture terminals (VSATs) for satellite communications in remote areas are vulnerable to cyber attack . Researchers from cyber intelligence company IntelCrawler recently identified nearly 3 million VSATs, many of them in the United States, and found that about 10,000 of them could be easily accessed because of configuration weaknesses. " We have scanned the whole IPv4 address space since 2010 and update the results in our Big Data intelligence database, including details about the satellite operator's network ranges, such as INMARSAT, Asia Broadcast Satellite, VSAT internet iDirect, Satellite HUB Pool, and can see some vulnerabilities, " Researchers have warned that terminals having data transmission rate 4kbps to 16 Mbps used in narrow and broadband data transmission are vulnerable to cyber attack. VSATs are most commonly used to transmit narrowband data such as credit card, polling or RFID data or broadband data for VoIP or

Potential backdoors discovered in US-based components used by French Satellites

Potential backdoors discovered in US-based components used by French Satellites
Jan 07, 2014
United Arab Emirates (UAE) may terminate a $930 Million USD contract with France based companies for the supply of two two military Imaging satellites  due to the discovery of several US produced components in them. Now the deal is in danger because the UAE claims it has discovered backdoors in the  components  which are manufactured in the United States , reported by the Defense News . The contract, sealed in July 2013, includes a ground station, the Pleiades-type satellites (aka Falcon Eye) are due for delivery 2018. The revelation was provided by high-level UAE sources, the companies involved in the business are the prime contractor Airbus Defense and Space, and payload maker Thales Alenia Space. " If this issue is not resolved, the UAE is willing to scrap the whole deal ," he added. UAE authorities suspect the presence of vulnerabilities would " provide a back door to the highly secure data transmitted to the ground station ". An unnamed UAE source has confirmed that the pres
Cybersecurity Resources