#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

vulnerability scan | Breaking Cybersecurity News | The Hacker News

Secunia launches Secunia Vulnerability Intelligence Manager 4.0

Secunia launches Secunia Vulnerability Intelligence Manager 4.0
Oct 30, 2012
78% of vulnerabilities are found in third-party programs. Security teams cannot monitor all of them manually or determine which ones are critical to their organization. Secunia, the leading provider of IT security solutions that enables businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the new version of Secunia's Vulnerability Intelligence Manager, the VIM 4.0. The Secunia VIM 4.0 is the latest evolutionary step in the technology Secunia has developed to help organizations handle vulnerabilities and protect business critical information and assets against potential attacks. Because it covers more than 40,000 software systems and applications, the VIM 4.0 solution provides the most comprehensive intelligence about software vulnerabilities available to organizations, ensuring that all security threats can be dealt with before the IT infrastructure is compromised by cybercriminals . "  We're very happy with

Harvard Carr Center for Human Rights Policy Hacked, Password was "DOG" ?

Harvard Carr Center for Human Rights Policy Hacked, Password was "DOG" ?
Oct 08, 2012
Harvard's Carr Center for Human Rights Policy website ( www.hks.harvard.edu/cchrp/ ) was hacked last week  and then silently fixed by the administrator without giving Reply/Credit to the Whitehat Hacker who reported the vulnerability. The Hack incident was performed in 3 Phases as described below: Phase 1: A Hacker , with nickname " FastFive" posted a few sql injection vulnerable Educational sites on a famous Hacking Forum last week which included the SQLi vulnerable link for the Harvard Carr Center for Human Rights Policy website, as you can see in the list in the above screenshot taken by me. Phase 2 : Almost 100's of Hackers have seen the post from " FastFive " and they got some juicy information for their next targets. One of them named, " Vansh " successfully exploit the Harvard's site and  extracted the database onto his computer. He Found the username and Password from the table and tried to login on the Admin access panel location

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities
Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat

Universal Cross-site scripting vulnerability in Opera browser

Universal Cross-site scripting vulnerability in Opera browser
Oct 05, 2012
A Universal Cross-site scripting vulnerability in Opera browser was disclosed today on a Russian forum rdot.org . The flaw has the ability to be triggered by exploiting flaws inside browsers, instead of leveraging the vulnerabilities against insecure web sites. " Vulnerable versions Opera for Windows, Mac and Linux to 2.12 inclusive (the latest version as of today). On versions prior to 9.50 check is not performed. advise after referring to the following opera when redirecting to a site on data: URL via HTTP -header Location property document.domain has a value in the last redirecting site " The vulnerability actually use the Data URI Scheme in combination with another flaw called " Open Redirection " which happens when an attacker can use the webpage to redirect the user to any URI of his choice. Even one don't have "Open Redirection" flaw in his site, still this XSS can be triggered using various short url services like bit.ly and tinyurl.com.  Here 's a p

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

cyber security
websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.

Millions of DSL modems hacked in Brazil, spread banking malware

Millions of DSL modems hacked in Brazil, spread banking malware
Oct 02, 2012
More than 4.5 million DSL modems have been compromised as part of a sustained hacking campaign in Brazil, with the devices spreading malware and malicious web address redirects. According to the malware analyst at Kaspersky Lab in Brazil, Fabio Assolini. The vulnerability exploited by attackers allowed the use of a script to steal passwords and remotely access the configuration of modems. The attacks was described as " One firmware vulnerability, two malicious scripts, three hardware manufacturers, 35 malicious DNS servers, thousands of compromised ADSL modems, millions of victims. " According to Kaspersky, the Brazilian attackers sought to steal users' banking credentials by redirecting users to false versions of popular sites like Facebook or Google and prompting them to install malware. Some 40 DNS servers were set up outside Brazil too in order to serve forged requests for domain names belonging to Brazilian banks. Nakedsecurity writes,-- The first thing users ma

Cisco CallManager vulnerable to brute force attack

Cisco CallManager vulnerable to brute force attack
Oct 01, 2012
Roberto Suggi Liverani , founder of the OWASP (Open Web Application Security Project) New Zealand chapter discover a vulnerability in Cisco CallManager AKA Unified Communications Manager. It is a software-based call-processing system developed by Cisco Systems. He described on his blog " During a security review, I have found a quick way to perform PIN brute force attack against accounts registered with a Cisco Unified Communications Manager (CallManager). " Researcher target the HTTP GET requests used by CallManager to initiate the login process. :  https://x.x.x.x/ccmpd/pdCheckLogin.do?name=undefined He Demonstrated the idea with Burp Suite (Penetration testing Framework). He showed the html form parameter used for login as shown below: https://x.x.x.x/ccmpd/login.do?sid=_sid_value_&userid=_userid_&pin=_PIN_ The sid token is required to perform the PIN brute force attack. So first get a valid sid token value and then you can brute force  userid and pin usin

Billions of Windows Users Affects with Java Vulnerability

Billions of Windows Users Affects with Java Vulnerability
Sep 25, 2012
Researchers at Security Explorations disclosed a new vulnerability in Java that could provide an attacker with control of a victim's computer. The researchers have confirmed that Java SE 5 – Update 22, Java SE 6 – Update 35, and Java SE 7 Update 7 running on fully patched Windows 7 32-bit operating systems are susceptible to the attack. This Flaw allowing a malicious hackers to gain complete control of a victim's machine through a rigged website. The affected web browsers are Safari 5.1.7, Opera 12.02, Chrome 21.0.1180.89, Firefox 15.0.1, and Internet Explorer 9.0.8112.16421. Though Oracle released a fix for the most critical vulnerabilities reported by Security Explorations on August 30th, the security firm quickly found another flaw in that fix that would allow a hacker to bypass the patch. That bug in Oracle's patch still hasn't been patched, leaving users vulnerable to both the new flaw and the previous attack. " We hope that news about one billion users of Oracle Java SE so

Backdoored PhpMyAdmin distributed at SourceForge site

Backdoored PhpMyAdmin distributed at SourceForge site
Sep 25, 2012
A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code. One of the SourceForge.net mirrors, namely cdnetworks-kr-1, was being used to distribute a modified archive of phpMyAdmin, which includes a backdoor. This backdoor is located in file server_sync.php and allows an attacker to remotely execute PHP code. Another file, js/cross_framing_protection.js, has also been modified. SourceForge.Net is the world's largest open source software development website. A very large impact on the domestic users with this incident. The vulnerability has been cataloged as being a critical one. A screenshot as shown of a system containing a malicious backdoor that was snuck into the open-source phpMyAdmin package. On official website in issue &qu

iPhone 5 and 4 Hacked with same Exploit

iPhone 5 and 4 Hacked with same Exploit
Sep 23, 2012
iPhone 5  is vulnerable to the same attack that successfully breached an iPhone 4S at the mobile Pwn2Own hacker contest held this week at the EUSecWest event in Amsterdam . As we reported that Joost Pol and Daan Keuper won the mobile Pwn2Own contest by compromising a fully patched iPhone 4S device and stealing contacts, browsing history, photos and videos from the phone. The vaunted security of the iPhone (4S) took an epic fail tumble during the event when they was able to build an exploit for a vulnerability in WebKit to beat Apple's code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, which means iPhone 5 is  also vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable. " We specifically chose this one because it was present in iOS 6, which means the new iPhone coming out today will be vulnerable to this attack ," Pol said. The duo won $30,000 for their effor

Oracle Database stealth password cracking vulnerability

Oracle Database stealth password cracking vulnerability
Sep 20, 2012
Oracle suffered with serious vulnerability in the authentication protocol used by some Oracle databases. This Flaw enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user's password. A researcher - Esteban Martinez Fayo, a researcher with AppSec tomorrow will demonstrate a proof-of-concept attack. Martinez Fayo and his team first reported the bugs to Oracle in May 2010. Oracle fixed it in mid-2011 via the 11.2.0.3 patch set, issuing a new version of the protocol. " But they never fixed the current version, so the current 11.1 and 11.2 versions are still vulnerable ," Martinez Fayo says, and Oracle has no plans to fix the flaws for version 11.1. The first step in the authentication process when a client contacts the database server is for the server to send a session key back to the client, along with a salt. The vulnerability enables an attacker to link a specific session key with a specific password hash. Th

Exploit Released for Internet Explorer zero-day attacks : CVE-2012-4969

Exploit Released for Internet Explorer zero-day attacks : CVE-2012-4969
Sep 19, 2012
Microsoft has confirmed reports that a zero-day vulnerability in its Internet Explorer browser is being actively attacked in the wild. Four active exploits of a zero-day vulnerability in the browser exists. Microsoft will push out an out-of-cycle Windows patch to temporarily fix the critical Internet Explorer flaw. Security researcher Eric Romang identified the exploit code on a server used by the "Nitro" hacking group, believed to have exploited the Java zero-day vulnerability reported last month.  Security firm Rapid7 advises that Internet users try a different Web browser. The malware may be linked to an ongoing attack on companies that has been dubbed "Nitro", and was first discovered in October by Symantec. The zero-day in IE 6-9 is a use-after-free memory corruption vulnerability , similar to a buffer overflow, that would enable an attacker to remotely execute code on a compromised machine. The original exploit payload dropped the PoisonIvy remote access Trojan (RAT)

Android 4.0.4 multiple Zero-Day Vulnerabilities

Android 4.0.4 multiple Zero-Day Vulnerabilities
Sep 19, 2012
The Samsung Galaxy S3 can be hacked via NFC, allowing attackers to download all data from the Android smartphone, security researchers demonstrated during the Mobile Pwn2Own contest in Amsterdam. Using a pair of zero day vulnerabilities, a team of security researchers from U.K.-based MWR Labs hacked into a Samsung Galaxy S3 phone running Android 4.0.4 by beaming an exploit via NFC (Near Field Communications). NFC is a technology that allows data to be sent over very short distances. For mobile devices, the protocol allows digital wallet applications to transfer money to pay at the register. While the technology has been slow to take off, despite the adoption by Google for its Wallet payment application, a number of recent high-profile announcements have boosted its adoption. " Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability

WhatsApp vulnerability can be misused for Spreading Malware

WhatsApp vulnerability can be misused for Spreading Malware
Sep 13, 2012
A Cross site scripting (XSS) vulnerability in WhatsApp website reported to The Hacker News by Edgard Chammas. WhatsApp is one of the most famous cross-platform mobile messaging app for iPhone, BlackBerry, Android, Windows Phone and Nokia used to send text, video, images, audio b/w Whatsapp users. Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users. Reported vulnerability exist on payment procedure page as shown in above picture. The Sample code given below to demonstrate the vulnerability. Recently, there has been an increase in web malware and spam activities and such vulnerabilities can be misused by attackers to spread Malwares and rogue applications. Edgard also demonstrate that How this can be used to trick users to download a fake application (Malware - WhatsApp.apk) from o

Plugx RAT targeting government organizations in Japan using spear phishing

Plugx RAT targeting government organizations in Japan using spear phishing
Sep 11, 2012
Roland Dela Paz (Threat Researcher) at TrendMirco reported that last year a Malware Campaign to target specific users in Japan, China, and Taiwan once again on rise using new breed of Remote Access Tool (RAT) called Plugx (also known as Korplug). This new custom made version comes for less recognition and more elusiveness from security researchers. He also mention that last year campaign used the Poison Ivy RAT, but now its Plugx take its place. " Similar to previous Poison Ivy campaigns, it also arrives as an attachment to spear-phished emails either as an archived, bundled file or specially crafted document that exploits a vulnerability in Adobe Acrobat Reader or Microsoft Office. We've also encountered an instance of Plugx aimed at a South Korean Internet company and a U.S. engineering firm ." Roland mentioned . The attached pdf exploits CVE-2010-2883 (with  Plugx  (RAT) payload connects to a command and control (C&C) server named {BLOCKED}eo.flower-show.org. CVE-2

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions
Sep 08, 2012
Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS. The new attack has been given the name CRIME by the researchers.The CRIME attack is based on a weak spot in a special feature in TLS 1.0, but exactly which that feature is has not been revealed by the researchers. They will say that all versions of TLS/SSL including TLS 1.2, on which the BEAST attack did not work are vulnerable. Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using her credentials. HTTPS should prevent this type of session hijacking because it encrypts session cookies while in transit or when stored in the browser. But the new attack, devis

Operation Aurora - Other Zero-Day Attacks targeting finance and Energy

Operation Aurora - Other Zero-Day Attacks targeting finance and Energy
Sep 08, 2012
The infamous Aurora Trojan horse is just one of many attacks launched by the same group of malware authors over the past three years, according to researchers at Symantec. Security researchers with Symantec have issued a report outlining the techniques used by the so-called " Edgewood " hacking platform and the group behind it. The group seemingly has an unlimited supply of zero-day vulnerabilities. The company said that the group is well-funded and armed with more than a half-dozen unpublished security vulnerabilities. " They are definitely shifting their methodology, and there are open questions about why that is ," said Eric Chien, senior technical director for Symantec's security response group. " They may be finding that older techniques are no longer working ." " The number of zero-day exploits used indicates access to a high level of technical capability. "The researchers said that the group appears to favour "watering hole&quo

#Antisec Hackers hack FBI laptop and leak 12 Million Apple Device Records

#Antisec Hackers hack FBI laptop and leak 12 Million Apple Device Records
Sep 04, 2012
The hacker group AntiSec released a file of a million and one UDIDs unique device identifiers which it claims to have hacked it off an FBI computer via a Java vulnerability. UDIDs are unique IDs for iPhone, iPad and iPod Touch devices. They said they obtained the file in March by hacking into the laptop of a Federal Bureau of Investigation agent in the bureau's New York field office. In an unusually lengthy note on Pastebin , a member of AntiSec said the group had culled some personal data such as full names and cell numbers from the published data. Instead, the group said it published enough information such as device type, device ID and Apple Push Notification Service tokens to let users determine whether their devices are on the list. The hackers issued a statement saying: ' During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was

New Ransom malware infecting computers

New Ransom malware infecting computers
Sep 03, 2012
The Metropolitan Police have issued an urgent warning about a new ransom malware that is in circulation. Ransomware (also referred to in some cases as cryptoviruses, cryptotrojans or cryptoworms) comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed. " The "malware" infects personal computers after users have accessed certain websites. *(It should be noted that there are several similar designs currently in circulation) " Ransomware typically propagates like a typical computer worm, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program will then run a payload which will begin to encrypt personal files on the hard drive. More sophisticated ransomware may hybrid-encrypt the victim's plaintext with a random symmetric key and a fixed public key. The malware author is th

Critical buffer overflow vulnerability in Photoshop CS6

Critical buffer overflow vulnerability in Photoshop CS6
Sep 01, 2012
Adobe has released an update for Photoshop CS6 that closes a critical heap-based buffer overflow vulnerability ( CVE-2012-4170 ) in its popular graphics editing program. Both the Mac and Windows versions of Photoshop CS6 (aka Photoshop 13.0) contain a critical vulnerability that could allow an attacker to take control of affected systems. Furthermore, company officials say Adobe is unaware of any attacks against this vulnerability.That said, the Photoshop 13.0.1 update contains 75 other bug fixes, including 31 for problems known to cause crashes, 18 pertaining to 3D features, and 15 for drawing and graphics features. Adobe said that users and administrators can download and install the patch by lunching the "update" tool within the Photoshop help menu.The company credited a pair of Secunia researchers in discovering and reporting the flaw directly. According to a Secunia advisory , the problem is caused by a boundary error in the "Standard MultiPlugin.8BF" modul

security researchers found yet another vulnerability in JAVA after update

security researchers found yet another vulnerability in JAVA after update
Aug 31, 2012
Oracle released an emergency patch on Thursday for previously unknown Java vulnerabilities that cybercriminals had targeted with popular exploit kits within hours after the bugs' existence became public, security researchers found yet another vulnerability that can be exploited to run arbitrary code on systems that have the runtime installed. Security researchers from Poland-based security firm Security Explorations claim to have discovered a vulnerability in the Java 7 security update released Thursday that can be exploited to escape the Java sandbox and execute arbitrary code on the underlying system. While so far the vulnerability has only been found being used against Windows, other platforms such as the Mac OS could potentially be targeted through the same exploit. Security Explorations sent a report about the vulnerability to Oracle on Friday together with a proof-of-concept exploit, Adam Gowdiak, the security company's founder and CEO said Friday via email. The compa

Air Force openly Seeks Offensive Cyber Weapons

Air Force openly Seeks Offensive Cyber Weapons
Aug 31, 2012
The Air Force Life Cycle Management Center posted a broad agency announcement recently, calling on contractors to submit concept papers detailing technological demonstrations of 'cyberspace warfare operations' capabilities.  Air Force is seeking to obtain the abilities to 'destroy, deny, degrade, disrupt, deceive, corrupt, or usurp the adversaries' ability to use the cyberspace domain for his advantage' and capabilities that would allow them to intercept, identify, and locate sources of vulnerability for threat recognition, targeting, and planning, both immediately and for future operations. According to the document the issuing Program Office "is an organisation focused on the development and sustainment of Cyberspace Warfare Attack capabilites that directly support Cyberspace Warfare capabilities of the Air Force." Technologies that can map data and voice networks, provide access to the adversary's information, networks, systems or devices, manip
Cybersecurity Resources