The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees dispersed across regions and departments.  At the same time, the openness of data SaaS platforms can be problematic. A  2023 survey  by the Cloud Security Alliance and Adaptive Shield found that 58% of security incidents over the last two years involved data leakage. Clearly, sharing is good, but data sharing must be put in check. Most SaaS applications have mechanisms to control sharing. These tools are quite effective in ensuring that company resources aren’t open for display on the public web. This article will look at three common data leakage scenarios and recommend best practic...

A security flaw has been disclosed in Kyocera’s  Device Manager  product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the ‘Restrict NTLM: Outgoing NTLM traffic to remote servers’ security policy is not enabled," Trustwave  said . Tracked as  CVE-2023-50916 , Kyocera, in an  advisory  released late last month, described it as a path traversal issue that enables an attacker to intercept and alter a local path pointing to the backup location of the database to a universal naming convention (UNC) path. This, in turn, causes the web application to attempt to authenticate the rogue UNC path, resulting in unauthorized access to clients’ accounts and data theft. Furthermore, depending on the configuration of the environment, it cou...

Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. “These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,” Fortinet FortiGuard Labs researcher Cara Lin  said  in a Monday analysis. This is not the first time pirated software videos on YouTube have emerged as an effective bait for stealer malware. At least since early 2023, similar attack chains have been observed delivering several kinds of stealers, clippers, and crypto miner malware. In doing so, threat actors can leverage the compromised machines for not only information and cryptocurrency theft, but also abuse the resources for illicit mining. In the latest attack sequence documented by Fortinet, users searching for cracked ver...

Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called  Silver RAT  that’s equipped to bypass security software and stealthily launch hidden applications. “The developers operate on multiple hacker forums and social media platforms, showcasing an active and sophisticated presence,” cybersecurity firm Cyfirma  said  in a report published last week. The actors, assessed to be of Syrian origin and linked to the development of another RAT known as S500 RAT, also run a Telegram channel offering various services such as the distribution of cracked RATs, leaked databases, carding activities, and the sale of Facebook and X (formerly Twitter) bots. The social media bots are then utilized by other cyber criminals to promote various illicit services by automatically engaging with and commenting on user content. In-the-wild detections of Silver RAT v1.0 were first observed in November 2023, although the threat actor’s plan...

Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute 1 , “only 59% of organizations say their cybersecurity strategy has changed over the past two years.” This stagnation in strategy adaptation can be traced back to several key issues. Talent Retention Challenges:  The cybersecurity field is rapidly advancing, requiring a skilled and knowledgeable workforce. However, organizations face a critical shortage of such talent, making it difficult to keep strategies agile and relevant. Leadership Focus : Often, the attention of leadership teams is divided across various priorities, and cybersecurity may not be at the forefront. This can result in strategies becoming outdated and less effective. Board Engagement:  Adequate board support is essential for strategy evolution. A lack of comprehensive understanding of cybersecurity issues at the board level can lead to insufficient resources and support for strategic u...

Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particularly firewalls and VPNs, which give attackers direct network access to execute their attacks. In fact,  Gartner  identified attack surface expansion as a major trend to watch. So, it is not surprising that External Attack Surface Management (EASM) is a growing priority for organizations. But traditional castle-and-moat-based security architectures are ineffective at protecting enterprises against today’s sophisticated attacks, which increasingly leverage AI and as-a-service models to maximize speed and damage. Zero trust security is the best way to minimize the attack surface, prevent compromise, eliminate lateral movement, and stop data loss. Register here  and join Apoorva Ravikrishnan, Senio...