#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

windows software | Breaking Cybersecurity News | The Hacker News

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Apr 06, 2020
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations. Zoom may never have designed its product beyond enterprise chat initially, but with the app now being used in a myriad number of ways and by regular consumers, the company's full scope of gaffes have come into sharp focus — something it was able to avoid all this time. But if this public scrutiny can make it a more secure product, it can only be a good thing in the long run. A Laundry
Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again

Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again

Aug 16, 2019
If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is one of the most popular and open source alternatives to Microsoft Office suite and is available for Windows, Linux and macOS systems. One of the two vulnerabilities, tracked as CVE-2019-9848 , that LibreOffice attempted to patch just last month was a code execution flaw that affected LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice. This flaw allows an attacker to craft a malicious document that can silently execute arbitrary python commands without displaying any warning to a targeted user. Apparently, the patch for this vulnerability was insufficient, as The Hacker News also reported late last month , which allowed two separate secu
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
How to Recover Lost or Deleted Files?

How to Recover Lost or Deleted Files?

Jan 29, 2019
Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same. Unfortunate, right? We've all been there. Just last week I formatted my computer and later found that I didn't have any backup for some recently saved important files. It was an absolute nightmare. We have frequently been asked, "All my files have been encrypted or deleted by malware, what should I do now? Is there any way I can recover them without paying a ransom?" Well, whether you lose your files due to a cyber-attack, ransomware, wiper malware, or even accidentally, fortunately, some data recovery software better your chances of recovering your deleted or lost files. There are many data recovery software available in the market that allows you to recover most of your accidentally deleted files as well as data from damaged or formatted hard drives. However, when we talk about an ea
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
CCleaner Adds Data Collection Feature With No Way to Opt-Out

CCleaner Adds Data Collection Feature With No Way to Opt-Out

Aug 02, 2018
Like many others, do you also believe that the popular system-cleaning tool CCleaner was performing well before Avast acquired the software from Piriform last year? If yes, then pop-up advertisements in the previous CCleaner software version was not the last thing you have to deal with. Avast has released a new version of CCleaner 5.45 that not only always runs in the background, but also collects information about your system without giving you a way to turn the feature off. CCleaner is a popular application, available in both free and premium versions, with over 2 billion downloads that allow users to clean up their Windows, Mac, and mobile devices to optimize and enhance performance. Last year, CCleaner made headlines when it suffered a massive supply-chain malware attack of all times, wherein hackers compromised its servers for over a month and replaced the original version of the software with the malicious one, infecting over 2.3 million users worldwide. CCleaner
CCleaner Attack Timeline—Here's How Hackers Infected 2.3 Million PCs

CCleaner Attack Timeline—Here's How Hackers Infected 2.3 Million PCs

Apr 18, 2018
Last year, the popular system cleanup software CCleaner suffered a massive supply-chain malware attack of all times, wherein hackers compromised the company's servers for more than a month and replaced the original version of the software with the malicious one. The malware attack infected over 2.3 million users who downloaded or updated their CCleaner app between August and September last year from the official website with the backdoored version of the software. Now, it turns out that the hackers managed to infiltrate the company's network almost five months before they first replaced the official CCleaner build with the backdoored version, revealed Avast executive VP and CTO Ondrej Vlcek at the RSA security conference in San Francisco on Tuesday. 6-Months Timeline of CCleaner Supply Chain Attack Vlcek shared a brief timeline of the last year's incident that came out to be the worst nightmare for the company, detailing how and when unknown hackers breached Pi
Warning: CCleaner Hacked to Distribute Malware; Over 2.3 Million Users Infected

Warning: CCleaner Hacked to Distribute Malware; Over 2.3 Million Users Infected

Sep 18, 2017
If you have downloaded or updated CCleaner application on your computer between August 15 and September 12 of this year from its official website, then pay attention—your computer has been compromised. CCleaner is a popular application with over 2 billion downloads, created by Piriform and recently acquired by Avast, that allows users to clean up their system to optimize and enhance performance. Security researchers from Cisco Talos discovered that the download servers used by Avast to let users download the application were compromised by some unknown hackers, who replaced the original version of the software with the malicious one and distributed it to millions of users for around a month. This incident is yet another example of supply chain attack. Earlier this year, update servers of a Ukrainian company called MeDoc were also compromised in the same way to distribute the Petya ransomware , which wreaked havoc worldwide. Avast and Piriform have both confirmed that the W
How EaseUS Partition Master Can Easily Manage Your Hard Disk

How EaseUS Partition Master Can Easily Manage Your Hard Disk

Jan 17, 2017
If you want to get the most out of your computer, you need to get the most out of your hard drive, where all your data is stored. Today hard drives are larger than ever, so it makes sense for you to partition your hard disk to effectively use all of its space and manage all your important information. Partitioning is also useful if you intend to install and use more than one operating system on the same computer. There is a vast business of partition manager software out there, and today we are reviewing one of the most popular partition management tools available in the market: EaseUS Partition Master Professional . EaseUS Partition Master Professional offers you the complete package with capabilities for organizing and resizing your drive, restoring and backing up your information, improving system performance, installing and managing several operating systems on the same computer, along with recovering and cloning data files. Let's dig deep into the capabilities pro
Cybersecurity Resources