software testing | Breaking Cybersecurity News | The Hacker News

More features, more problems! Today, we are living in a digital age that is creating a digital headache for people by connecting every other unnecessary home appliance to the Internet. Last week, nearly hundreds of Internet-connected locks became inoperable after a faulty software update hit some models. Users of remotely accessible smart locks made by Colorado-based company LockState have taken to social media platforms including Twitter to complain that their $469 Lockstate 6000i locks started to fail from last Monday, leaving the keypad entirely useless. LockState's RemoteLock 6i (6000i) is an Internet-connected smart lock that connects to your home Wi-Fi network for remote control and monitoring as well as firmware updates. LockState is even a partner with Airbnb, allowing Airbnb hosts' to give their guests entry code in order to get into hotel properties without having to share physical keys. However, last week many Airbnb customers were unable to use the bu...

With the growing number of cyber attacks and breaches, a significant number of companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Following major companies and organisations, the non-profit group behind Tor Project – the largest online anonymity network that allows people to hide their real identity online – has finally launched a " Bug Bounty Program ." The Tor Project announced on Thursday that it joined hands with HackerOne to start a public bug bounty program to encourage hackers and security researchers to find and privately report vulnerabilities that could compromise the anonymity network. HackerOne is a bug bounty startup that operates bug bounty programs for companies including Yahoo, Twitter, Slack, Dropbox, Uber, General Motors – and even the United States Department of Defense for Hack the Pentagon initiative. Bug bo...

Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May 2024 XM Cyber report, identity and credential misconfigurations caused 80% of security exposures. Subtle signs of a compromise get lost in the noise, and then multi-stage attacks unfold undetected due to siloed solutions. Think of an account takeover in Entra ID, then privilege escalation in GitHub, along with data exfiltration from Slack. Each seems unrelated when viewed in isolation, but in a connected timeline of events, it's a dangerous breach. Wing Security's SaaS platform is a multi-layered solution that combines posture management with real-time identity threat detection and response. This allows organizations to get a ...