#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

How to Hack Millions of Android Phones Using Stagefright Bug, Without Sending MMS

How to Hack Millions of Android Phones Using Stagefright Bug, Without Sending MMS

Aug 01, 2015
Earlier this week, security researchers at Zimperium revealed a high-severity vulnerability in Android platforms that allowed a single multimedia text message to hack 950 Million Android smartphones and tablets. As explained in our previous article, the critical flaw resides in a core Android component called " Stagefright ," a native Android media playback library used by Android to process, record and play multimedia files. To Exploit Stagefright vulnerability, which is actively being exploited in the wild, all an attacker needed is your phone number to send a malicious MMS message and compromise your Android device with no action, no indication required from your side. Hacking Without Knowing Phone Number But, Now you Don't even require the mobile numbers of your victims to infect their devices, a recent research claimed. In the previously known attack scenario, an attacker can exploit Stagefright vulnerability only against his/her known contact n
AntiVirus Firm BitDefender Hacked; Turns Out Stored Passwords Are UnEncrypted

AntiVirus Firm BitDefender Hacked; Turns Out Stored Passwords Are UnEncrypted

Aug 01, 2015
Forget about Financial services and Online shopping websites, but at least we expect from Security Firms and Antivirus vendors to keep our personal and Sensitive data Encrypted and Secured. One of the most popular and much-respected Antivirus and computer security firms 'BitDefender' has recently been hacked and has had a portion of its customer data leaked. The Data Breach in BitDefender is incredibly embarrassing for the security firm, not because the company failed to prevent its customers data from hackers, but because the Security company failed to encrypt its customers' most sensitive data . Now, this is something really not expected from a reputed Security Firm. It appears that the hacker, who uses the online alias DetoxRansome , was able to break into a Bitdefender server that hosted the cloud-based management dashboards for its small and medium-sized business clients, and pilfer usernames and passwords belonged to them. They Forget to Encrypt C
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Windows 10 Wi-Fi Sense Explained: Actual Security Threat You Need to Know

Windows 10 Wi-Fi Sense Explained: Actual Security Threat You Need to Know

Jul 31, 2015
Just one day after Microsoft released its new operating system, over 14 Million Windows users  upgraded their PCs to Windows 10 . Of course, if you are one of the Millions, you should aware of Windows 10's Wi-Fi Sense feature that lets your friends automatically connects to your wireless network without providing the Wi-Fi password. Smells like a horrible Security Risk! It even triggered a firestorm among some security experts, who warned that Wi-Fi Sense is a terrible and dangerous feature and that you should disable it right away. Even some researchers advised Windows 10 users to rename their Wi-Fi access points. Before discussing the risks of Wi-Fi Sense, let's first know how it works. Also Read:  How to Fix 35+ Windows 10 Privacy Issues With Just One Click . How Windows 10 Wi-Fi Sense works? Windows 10 Wi-Fi Sense feature allows you to share your Wi-Fi password with your friends or contacts, as well as lets you automatically connect to networ
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Most Vulnerable Smart Cities to Cyber Attack on Internet of Things (IoT)

Most Vulnerable Smart Cities to Cyber Attack on Internet of Things (IoT)

Jul 31, 2015
Imagine… You drive to work in your Smart-Car connected to the GPS automatically, but a hacker breaks into your car's network, takes control of the steering wheel, crashes you into a tree, and BOOM ! Believe it or not, such cyber attacks on smart devices are becoming reality. Car Hacking was recently demonstrated by a pair of security researchers who controlled a Jeep Cherokee remotely from miles away, which shows a rather severe threat to the growing market of the Internet of Things (IoT) . Internet of Things (IoT) — A technology that connects objects to a network or the Internet, and enables interaction among varied devices such as: Smart Cars Smart TVs Refrigerators Wearables Routers Other embedded computing as well as non-computing devices. Few days back, I had read about Smart Dustbins that are the latest smart objects to become Wi-Fi-enabled. Internet of Things to make Cities Smart or Dumb? Cities around the world are becoming
Hackers Can Remotely Hack Self-Aiming Rifles to Change Its Target

Hackers Can Remotely Hack Self-Aiming Rifles to Change Its Target

Jul 30, 2015
High-tech Sniper Rifles can be remotely hacked to shoot the wrong target – Something really scary and unpredictable. Yes, Hackers can remotely gain access to the $13,000 TrackingPoint sniper rifles that run Linux and Android operating system and have Wi-Fi connections. So then they can either disable the gun or choose a wrong target. A married pair of security researchers have proved that anything connected to the Internet can ultimately be hacked, whether computer systems, cars or… GUNS . According to the duo, the Tracking Point's self-aiming rifle sights, better known as the ShotView targeting system, is vulnerable to WiFi-based attacks that could allow your enemy to redirect bullets to new targets of their choice. Hacking $13,000 Self-aiming Rifles to Shoot wrong target Runa Sandvik and her husband Michael Auger are planning to present their findings on exploiting two of the $13,000 self-aiming rifles at the Black Hat hacking conference . In the hack, the duo demonstrates
Cybersecurity Resources