Author Archives: The Hacker News

There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats.
As a decision-maker for… Continue reading Everyone’s an Expert: How to Empower Your Employees for Cybersecurity Success→

The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed.
“The latest version… Continue reading ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan→

A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia.
“This sentence should serve as a stark warning to all those entrusted w… Continue reading Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia→

Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious “imageless” containers over the past five years, once again underscoring how open-source registries could pave the w… Continue reading Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years→

The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats.
“These guidelines are informed by the whole-of-government effort to assess AI risks across all si… Continue reading U.S. Government Releases New AI Security Guidelines for Critical Infrastructure→

The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024.
“The law, known as the Product Se… Continue reading New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024→

Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year.
The tech giant also said… Continue reading Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023→

A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of net… Continue reading China-Linked ‘Muddling Meerkat’ Hijacks DNS to Map Internet on Global Scale→

It comes as no surprise that today’s cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to m… Continue reading Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM→

A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced.
The … Continue reading New R Programming Vulnerability Exposes Projects to Supply Chain Attacks→