FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

5 Ways to Reduce SaaS Security Risks

By The Hacker News — January 3rd 2024 at 10:46
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised
☐ ☆ ✇ The Hacker News

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

By Newsroom — November 13th 2023 at 05:58
Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a long-term espionage campaign," Palo Alto Networks Unit 42 researchers said in a report last week. "The observed activity aligns with geopolitical goals of
☐ ☆ ✇ The Hacker News

Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack

By THN — August 3rd 2023 at 14:20
Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution. The flaw, patched by Citrix last month, carries a CVSS score of 9.8. The 
☐ ☆ ✇ The Hacker News

Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge

By The Hacker News — January 27th 2023 at 22:30
The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task. Understanding the risks that
☐ ☆ ✇ The Hacker News

Researchers Expose Over 80 ShadowPad Malware C2 Servers

By Ravie Lakshmanan — October 27th 2022 at 14:19
As many as 85 command-and-control (C2) servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That's according to VMware's Threat Analysis Unit (TAU), which studied three ShadowPad variants using TCP, UDP, and HTTP(S) protocols for C2 communications. ShadowPad, seen as a successor to PlugX, is a modular
❌