#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Oct 12, 2018
Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruption bugs (buffer overflows, type confusion, or integer overflows) to take over code pointers stored in memory and repurpose existing code in a way that directs control flow of their choice, resulting in a malicious action. Since Android has a lot of mitigation to prevent direct code injection into its kernel, this code reuse method is particularly popular among hackers to gain code execution with the kernel because of the huge number of function pointers it uses. In an attempt to prevent this attack, Google has now added support for LLVM's Control Flow Integrity (CFI) to Android's kernel as a measure for detecting unusual behaviors of attackers trying to interfere or modify the contr
French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

Oct 11, 2018
A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison. On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute controlled substances and conspiracy to launder money in June this year. According to a press release published by the U.S. Department of Justice, Vallerius was an administrator, senior moderator and vendor on Dream Market —one of the largest dark web marketplaces for illegal narcotics and drug paraphernalia. Launched in November 2013, Dream Market began operating on the TOR "dark web" network and was designed to make it easier for people to anonymously buy and sell illegal items and services in exchange for Bitcoin and other peer-to-peer cryptocurrencies. Vallerius initi
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Just Answering A Video Call Could Compromise Your WhatsApp Account

Just Answering A Video Call Could Compromise Your WhatsApp Account

Oct 10, 2018
What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app. The vulnerability is a memory heap overflow issue which is triggered when a user receives a specially crafted malformed RTP packet via a video call request, which results in the corruption error and crashing the WhatsApp mobile app. Since the vulnerability affect RTP (Real-time Transport Protocol) implementation of Whatsapp, the flaw affects Android and iOS apps, but not WhatsApp Web that relies on WebRTC for video calls. Silvanovich also published a proof-of-concept exploit, along with the instructions for reproducing the WhatsApp attack. Although the proof-of-concept published by Silvanovich only triggers memory corruption, another Go
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

Oct 09, 2018
Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products. This month's security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Out of 49 flaws patched this month, 12 are rated as critical, 35 are rated as important, one moderate, and one is low in severity. Three of these vulnerabilities patched by the tech giant are listed as "publicly known" at the time of release, and one flaw is reported as being actively exploited in the wild. Windows Update Patches An Important Flaw Under Active Attack According to the Microsoft advisory , an undisclosed group of attackers is actively exploiting an important elevation of privilege vulnerability (CVE-2018-8453) in Microsoft Windows operating system to take full control over the targete
Adobe Releases Security Patch Updates for 11 Vulnerabilities

Adobe Releases Security Patch Updates for 11 Vulnerabilities

Oct 09, 2018
Adobe has released its monthly security updates to address a total of 11 vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite, of which four are rated critical and rest 7 are important in severity. Adobe has also released updated versions for Flash Player , but surprisingly this month the software received no security patch update. Also, none of the security vulnerabilities patched this month were either publicly disclosed or found being actively exploited in the wild. All four critical vulnerabilities, three classified as a "heap overflow" and one "Use after free," reside in Adobe Digital Editions , an ebook reader software program. Successful exploitation of all the four flaws could allow an attacker to execute arbitrary code on the targeted system in the context of the current user. Besides this, Adobe Digital Editions also received security updates for four important "Out of bounds read" vulnerabilities
From Now On, Only Default Android Apps Can Access Call Log and SMS Data

From Now On, Only Default Android Apps Can Access Call Log and SMS Data

Oct 09, 2018
A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident. Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app. The changes are part of Google's Project Strobe —a "root-and-branch" review of third-party developers access to Google account and Android device data and of its idea around apps' data access. Restricted Call Log and SMS Permissions for Apps Google announced some new changes to the way permissions are approved for Android apps to prevent abuse and potential leakage of sensitive call and text log data by third-party developers. While the apps are only supposed to request permission those are required for functioning properly, any Android app can ask permission to access y
Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Oct 08, 2018
Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. Since Google+ servers do not keep API logs for more than two weeks, the company cannot confirm the number of users impacted by the vulnerability. However, Google assured its users that the company found no evidence that any developer was aware of this bug, or that the profile data was misused by any of the 438 developers that could have had access. "However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,00
New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

Oct 08, 2018
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated as medium in severity but should now be rated critical because the new hacking technique used against vulnerable MikroTik routers allows attackers to remotely execute code on affected devices and gain a root shell. The vulnerability impacts Winbox—a management component for administrators to set up their routers using a Web-based interface—and a Windows GUI application for the RouterOS software used by the MikroTik devices. The vulnerability allows "remote attackers to bypass authentication and read arbitrary files by modifying a request to change one byte related to a Session ID.&qu
Cybersecurity Resources