#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Facebook Opens Free Internet to Developers, But won't Support HTTPS Encryption

Facebook Opens Free Internet to Developers, But won't Support HTTPS Encryption

May 05, 2015
After facing much criticism for violation of Net Neutrality, Facebook has opened up its new Internet.org platform to developers for creating their apps and services in India and other countries. Facebook's Internet.org aims at offering free Internet access to " the next 5 billion " impoverished people around the world who currently don't have it. This current move now would potentially allow any website to be accessed for free via the Internet.org service, but only in the case, if the website ditches the encrypted communications (HTTPS), JavaScript, and other important things. Internet for All: Facebook offers free mobile Internet access to people in India , Zambia , Colombia, Tanzania, Kenya, Ghana, Philippines and Indonesia . However, in order to access the free Internet, users must have special Android apps, Internet.org's website, the Opera Mini web browser or Facebook's Android app. Until now, the Internet.org scheme had been
London Railway System Passwords Exposed During TV Documentary

London Railway System Passwords Exposed During TV Documentary

May 02, 2015
The Weakest Link In the Information Security Chain is still – Humans. And this news has ability to prove this fact Right. One of London's busiest railway stations has unwittingly exposed their system credentials during a BBC documentary. The sensitive credentials printed and attached to the top of a station controller's monitor were aired on Wednesday night on BBC. What could be even worse? If you think that the credentials might have been shown off in the documentary for a while or some seconds, then you are still unaware of the limit of their stupidity. The login credentials were visible for about 44 minute in the BBC documentary " Nick and Margaret: The Trouble with Our Trains " on Wednesday night, which featured Nick Hewer and Margaret Mountford – the two business experts, both famous for their supporting role on The Apprentice. The documentary was available on the YouTube , but have now been removed due to security concerns. While
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Mumblehard Malware Targets Linux and FreeBSD Servers

Mumblehard Malware Targets Linux and FreeBSD Servers

May 02, 2015
Thousands of computers and web servers running Linux and FreeBSD operating systems have been infected over past five years with sophisticated malware that turn the machines into spambots. The new Linux malware, discovered by the security researchers from the antivirus provider Eset, has been dubbed " Mumblehard " because it is Muttering spam from your servers , says Eset 23-page long report (PDF) titled "Unboxing Linux/Mumblehard." Researchers have logged more than 8,500 unique IP addresses during the seven months period of research that were hit by Mumblehard Linux malware and found over 3,000 machines joined them in the past three weeks. Mumblehard features two basic components: Backdoor  Spamming daemon  Both written in the Perl programming language and "feature the same custom packer written in assembly language." The backdoor allows hackers to infiltrate into the system and control the command and control servers, and t
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Fastest Operating System for Quantum Computing Developed By Researchers

Fastest Operating System for Quantum Computing Developed By Researchers

May 02, 2015
So far, we just have heard about Quantum computing that could make even complex calculations trivial, but there are no practical Quantum computers exist. However, the dream of Quantum computers could become a reality in coming future. Cambridge Quantum Computing Limited (CQCL) has build a new Fastest Operating System aimed at running the futuristic superfast quantum computers . The new operating system, dubbed  t|kit> , has been featured by CQCL's very own proprietary custom designed high-speed super mechanism, allowing the company to accurately impersonate the working of a quantum processor. " CQCL is at the forefront of developing an operating system that will allow users to harness the joint power of classical super computers alongside quantum computers, " the company said in a press release. " The development of t|ket> is a major milestone ." Quantum Computers — Soon be Reali ty Researchers have been working on significant activities to develop qu
Hacker Finds a Simple Way to Bypass Google Password Alert

Hacker Finds a Simple Way to Bypass Google Password Alert

May 02, 2015
Less than 24 hours after Google launched the new Phishing alert extension Password Alert , a security researcher was able to bypass the feature using deadly simple exploits. On Wednesday, the search engine giant launched a new Password Alert Chrome extension to alert its users whenever they accidentally enter their Google password on a carefully crafted phishing website that aimed at hijacking users' account. However, security expert Paul Moore easily circumvented the technology using just seven lines of simple JavaScript code that kills phishing alerts as soon as they started to appear, defeating Google's new Password Alert extension. Google shortly fixed the issue and released a new update to Password Alert extension that blocked the Moore's exploit. However, Moore discovered another way to block the new version of Password Alert, as well. The first proof of concept exploit by Moore relied on a JavaScript that looks for instances of warning screen every five mil
Cybersecurity Resources