Worried About SaaS Misconfigurations? Check These 5 Settings Everybody Misses

The Hacker News-- Image credit: Adaptive Shield Enterprises depend on SaaS applications for countless functions, like collaboration, marketing, file sharing, and more. But problematically, they often lack the resources to configure those apps to prevent cyberattacks, data exfiltration, and other risks. Catastrophic and costly data breaches result from SaaS security configuration errors. The Verizon 2020 … Continue reading Worried About SaaS Misconfigurations? Check These 5 Settings Everybody Misses

Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition

The Hacker News-- Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said. "11 … Continue reading Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

The Hacker News-- Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and … Continue reading Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

North Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based Attacks

The Hacker News-- A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors … Continue reading North Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based Attacks

Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies

The Hacker News-- Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months. According to findings published by Check Point Research, the threat actors — believed to … Continue reading Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies

Deception Technology: No Longer Only A Fortune 2000 Solution

The Hacker News-- A cyber-attacker successfully breaks into your environment and begins sneaking around to find something valuable - intellectual property, bank account credentials, company plans, whatever. The attacker makes his way to a certain host on a network node to browse the directories, and suddenly, his connection is cut off. The stolen username and … Continue reading Deception Technology: No Longer Only A Fortune 2000 Solution

If You Don’t Have A SASE Cloud Service, You Don’t Have SASE At All

The Hacker News-- The Secure Access Service Edge (or SASE) has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform.The capabilities that SASE delivers aren't new and … Continue reading If You Don’t Have A SASE Cloud Service, You Don’t Have SASE At All

New Kimsuky Module Makes North Korean Spyware More Powerful

The Hacker News-- A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT — dubbed "Kimsuky" (aka Black Banshee or Thallium) and believed to be active as early as 2012 — has been … Continue reading New Kimsuky Module Makes North Korean Spyware More Powerful

New Chrome Zero-Day Under Active Attacks – Update Your Browser

The Hacker News-- Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users. The zero-day flaw, tracked … Continue reading New Chrome Zero-Day Under Active Attacks – Update Your Browser

How to Protect Yourself From Pwned and Password Reuse Attacks

The Hacker News-- Many businesses are currently looking at how to bolster security across their organization as the pandemic and remote work situation continues to progress towards the end of the year. As organizations continue to implement security measures to protect business-critical data, there is an extremely important area of security that often gets overlooked … Continue reading How to Protect Yourself From Pwned and Password Reuse Attacks