#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

sqlite encryption | Breaking Cybersecurity News | The Hacker News

Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

Dec 15, 2018
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ' Magellan ' by Tencent's Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. SQLite is a lightweight, widely used disk-based relational database management system that requires minimal support from operating systems or external libraries, and hence compatible with almost every device, platform, and programming language. SQLite is the most widely deployed database engine in the world today, which is being used by millions of applications with literally billions of deployments, including IoT devices, macOS and Windows apps, including major web browsers, such as Adobe software, Skype and more. Since Chromium-based web browsers—including Google Chrome, Opera, Vivaldi, and
Microsoft Outlook App for Android Devices Stores Emails Unencrypted on File System

Microsoft Outlook App for Android Devices Stores Emails Unencrypted on File System

May 22, 2014
If you have an account with Microsoft's popular free email service Outlook.com, and using Outlook app for Android, then there is a bad news for you. Microsoft's Android app for Outlook.com,  provides users to access their Outlook emails on their Android devices, fails to provide security and encryption. LOOPHOLES DISCOVERED Researchers from ' Include Security ' firm claims to have found multiple vulnerabilities in Microsoft's Outlook app for Android, that leaves users' email data vulnerable to hackers and other malicious third party apps. By default, Email attachments are stored into easily accessible folders on the Android filesystem Email Database ( Body, Subject ) is stored locally in an unencrypted manner App's 'Pin Code' feature doesn't protect or encrypt email data. EMAIL ATTACHMENTS ARE ACCESSIBLE TO ANY OTHER APPS Today almost every applications available at Google Play Store generally ask for  READ_EXTERNAL_STORA
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources