#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

software testing | Breaking Cybersecurity News | The Hacker News

Category — software testing
Faulty Firmware Auto-Update Breaks Hundreds of 'Smart Locks'

Faulty Firmware Auto-Update Breaks Hundreds of 'Smart Locks'

Aug 15, 2017
More features, more problems! Today, we are living in a digital age that is creating a digital headache for people by connecting every other unnecessary home appliance to the Internet. Last week, nearly hundreds of Internet-connected locks became inoperable after a faulty software update hit some models. Users of remotely accessible smart locks made by Colorado-based company LockState have taken to social media platforms including Twitter to complain that their $469 Lockstate 6000i locks started to fail from last Monday, leaving the keypad entirely useless. LockState's RemoteLock 6i (6000i) is an Internet-connected smart lock that connects to your home Wi-Fi network for remote control and monitoring as well as firmware updates. LockState is even a partner with Airbnb, allowing Airbnb hosts' to give their guests entry code in order to get into hotel properties without having to share physical keys. However, last week many Airbnb customers were unable to use the bu
Tor Launches Bug Bounty Program — Get Paid for Hacking!

Tor Launches Bug Bounty Program — Get Paid for Hacking!

Jul 20, 2017
With the growing number of cyber attacks and breaches, a significant number of companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Following major companies and organisations, the non-profit group behind Tor Project – the largest online anonymity network that allows people to hide their real identity online – has finally launched a " Bug Bounty Program ." The Tor Project announced on Thursday that it joined hands with HackerOne to start a public bug bounty program to encourage hackers and security researchers to find and privately report vulnerabilities that could compromise the anonymity network. HackerOne is a bug bounty startup that operates bug bounty programs for companies including Yahoo, Twitter, Slack, Dropbox, Uber, General Motors – and even the United States Department of Defense for Hack the Pentagon initiative. Bug bo
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
Expert Insights / Articles Videos
Cybersecurity Resources