#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

How to Protect All Your Internet-Connected Home Devices From Hackers

How to Protect All Your Internet-Connected Home Devices From Hackers

Dec 12, 2016
How many Internet-connected devices do you have in your home? I am surrounded by around 25 such devices. It's not just your PC, smartphone, and tablet that are connected to the Internet. Today our homes are filled with tiny computers embedded in everything from security cameras, TVs and refrigerators to thermostat and door locks. However, when it comes to security, people generally ignore to protect all these connected devices and focus on securing their PCs and smartphones with a good antivirus software or a firewall application. What if any of these connected devices, that are poorly configured or insecure by design, get hacked? It would give hackers unauthorized access to your whole network allowing them to compromise other devices connected to the same network, spy on your activities and steal sensitive information by using various sophisticated hacks. There have already been numerous cases of attackers hacking home appliances, industrial control, automotive, medic
Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!

Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!

Dec 12, 2016
If you came across a celebrity sex video on Facebook featuring Jessica Alba or any other celebrity, just avoid clicking it. Another Facebook scam is circulating across the social networking website that attempts to trick Facebook users into clicking on a link for a celebrity sex tape that instead downloads malware onto their computers. Once installed, the malware would force web browsers to display aggressive advertising web pages which include sites with nudity and fake lotteries. The spam campaign was uncovered by researchers at Cyren, who noted that a malicious Google Chrome extension is spreading nude celebrity PDFs through private messages and posts on various Facebook groups. If opened, the PDF file takes victims to a web page with an image containing a play button, tricking users that the PDF may contain a video. Once clicked, the link redirects users of Internet Explorer, Firefox, or Safari to a web page with overly-aggressive popups and advertisements related to
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
President Obama Orders 'Full Review' of Possible Russian hacking in US Election

President Obama Orders 'Full Review' of Possible Russian hacking in US Election

Dec 10, 2016
In his final month in office, President Barack Obama has ordered U.S. intelligence agencies to conduct a "full review" of pre-election cyber attacks against Democratic Party organizations that many believe affected the outcome of the 2016 presidential election. The United States intelligence agencies have attributed those series of cyber-attacks to Russia that shook the US election season. "The President earlier this week instructed the intelligence community to conduct a full review of the pattern of malicious cyber activity related to our presidential election cycle," White House spokesman Eric Schultz told reporters. At an event hosted by the Christian Science Monitor, White House's counterterrorism adviser Lisa Monaco announced that the president had "directed the Intelligence Community to conduct a full review of what happened during the 2016 election process." President is expecting a full report before the end of his term, and Pres
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Stop Using these 2 Easily Hackable Netgear Router Models — US CERT Warns

Stop Using these 2 Easily Hackable Netgear Router Models — US CERT Warns

Dec 10, 2016
Bad news for consumers with Netgear routers: Two popular Netgear routers are vulnerable to a critical security bug that could allow attackers to run malicious code with root privileges. Netgear's R7000 and R6400 routers, running current and latest versions of firmware, are vulnerable to arbitrary command injection attacks, though the number of users affected by the flaw is still unclear. In an advisory published on Friday in Carnegie Mellon University's public vulnerability database (CERT), security researchers said that all an attacker needs to do is trick a victim into visiting a website that contains specially crafted malicious code to exploit the flaw. As soon as the victim lands on the page, the malicious commands would execute automatically with root privileges on affected routers. A working exploit leveraging the vulnerability has also been publicly released so that anyone can carry out attacks against the vulnerable routers. Researchers warned that othe
This Ransomware Unlocks Your Files For Free If You Infect Others

This Ransomware Unlocks Your Files For Free If You Infect Others

Dec 09, 2016
Is your PC infected with Ransomware? Either pay the ransom amount to the attacker or spread the infection further to get the decryption keys. Yes, this new technique has been employed by cyber criminals with the latest round of ransomware threat, dubbed Popcorn Time. Initially discovered by MalwareHunterTeam , the new Popcorn Time Ransomware has been designed to give the victim's a criminal way of getting a free decryption key for their encrypted files and folders. Popcorn Time works similar to other popular ransomware threats, such as the Crysis Ransomware and TeslaCrypt, that encrypt various data stored on the infected computer and ask victims to pay a ransom amount to recover their data. But to get their important files back, Popcorn Time gives victims option to pay a ransom to the cyber criminal or infect two other people and have them pay the ransom to get a free decryption key. What's even worse? The victims are encouraged to pay the ransom of 1 Bitcoin (~$75
Cybersecurity Resources