#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter

secure smart devices | Breaking Cybersecurity News | The Hacker News

Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild

Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild

Apr 08, 2020
Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ' distributed denial-of-service ' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as routers (from Dasan Zhone, Dlink, and ASUS), video recorders, and thermal cameras, to co-opt them into the botnet. So far, dark_nexus comprises at least 1,372 bots, acting as a reverse proxy, spanning across various locations in China, South Korea, Thailand, Brazil, and Russia. "While it might share some features with previously known IoT botnets, the way some of its modules have been developed makes it significantly more potent and robust," the researchers said . "For example, payloads are compiled for 12 different CPU architectures and dynamically deliver
Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Nov 07, 2019
Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network. In case you don't own one of these, Amazon's Ring Video Doorbell is a smart wireless home security doorbell camera that lets you see, hear and speak to anyone on your property from anywhere in the World. The smart doorbell needs to be connected to your WiFi network, allowing you to remotely access the device from a smartphone app to perform all tasks wirelessly. While setting up the device for the very first time and share your WiFi password with it, you need to enable the configuration mode from the doorbell. Entering into the configuration mode turns on a built-in, unprotected wireless access point, allowing the RING smartphone app installed on your device to automati
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Netgear launches Bug Bounty Program for Hacker; Offering up to $15,000 in Rewards

Netgear launches Bug Bounty Program for Hacker; Offering up to $15,000 in Rewards

Jan 06, 2017
It might be the easiest bug bounty program ever. Netgear launched on Thursday a bug bounty program to offer up to $15,000 in rewards to hackers who will find security flaws in its products. Since criminals have taken aim at a rapidly growing threat surface created by millions of new Internet of things (IoT) devices, it has become crucial to protect routers that contain the keys to the kingdom that connects the outside world to the IP networks that run these connected devices. To combat this issue, Netgear, one of the biggest networking equipment providers in the world, has launched a bug bounty program focusing on its products, particularly routers, wireless security cameras and mesh Wi-Fi systems. Bug bounty programs are cash rewards given by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose for the patch release. Also Read:   How Hackers Hack Bank Acco
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
How to Protect All Your Internet-Connected Home Devices From Hackers

How to Protect All Your Internet-Connected Home Devices From Hackers

Dec 12, 2016
How many Internet-connected devices do you have in your home? I am surrounded by around 25 such devices. It's not just your PC, smartphone, and tablet that are connected to the Internet. Today our homes are filled with tiny computers embedded in everything from security cameras, TVs and refrigerators to thermostat and door locks. However, when it comes to security, people generally ignore to protect all these connected devices and focus on securing their PCs and smartphones with a good antivirus software or a firewall application. What if any of these connected devices, that are poorly configured or insecure by design, get hacked? It would give hackers unauthorized access to your whole network allowing them to compromise other devices connected to the same network, spy on your activities and steal sensitive information by using various sophisticated hacks. There have already been numerous cases of attackers hacking home appliances, industrial control, automotive, medic
Cybersecurity Resources