#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Best Templates for Posting Cybersecurity Jobs

The Best Templates for Posting Cybersecurity Jobs

Dec 23, 2019
The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage, and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO's top priority. Cynet's Ultimate Cybersecurity Job Posting Templates ( download here ) provide a list of the main responsibilities and skills for typical security positions, built upon research and providing IT and security managers with pre-set template job descriptions so that there is no need to create them from scratch. Because of the fact that there are many different cybersecurity job titles, with much overlap between job descriptions and responsibilities, the creation of the inclusion criteria for these positions required significant review and consideration. Six positions are included in the following job templates, including all integral aspects of the responsibility cycle in product deployment, integration, and operation, p...
Hacker Who Tried to Blackmail Apple for $100,000 Sentenced in London

Hacker Who Tried to Blackmail Apple for $100,000 Sentenced in London

Dec 21, 2019
A 22-year-old man who claimed to have access to over 300 million iCloud accounts and threatened to factory reset all accounts unless Apple pays ransom has pleaded guilty in London for trying to blackmail Apple. In March 2017, Kerem Albayrak from North London claimed to be a spokesman for a hacking group called the " Turkish Crime Family " and in possession of 319 million iCloud accounts. Albayrak gave Apple a deadline until April 7, 2017, to pay up $75,000 in crypto-currency or $100,000 worth of iTunes gift cards in return for deleting the copy of stolen database, the U.K. National Crime Agency said in a statement , calling the blackmailer a "fame-hungry cyber-criminal." However, if the company failed to meet his demands, Albayrak threatened that he would start remotely wiping the victim's Apple devices, factory reset iCloud accounts, and dump the stolen database online. In late March 2017, the NCA's National Cyber Crime Unit arrested Albayrak at...
Hackers Behind GozNym Malware Sentenced for Stealing $100 Million

Hackers Behind GozNym Malware Sentenced for Stealing $100 Million

Dec 21, 2019
Three members of an international organized cybercrime group that was behind a multi-million dollar theft primarily against U.S. businesses and financial institutions have been sentenced to prison, the U.S. Justice Department announced. The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe, between 2015 and 2016, and fraudulently steal nearly $100 million from their banking accounts. In May this year, Europol dismantled the cybercrime network behind GozNym, with the United States issuing charges against a total of ten members of the group, 5 of which were arrested at that time, while five others, including the developer of GozNym, remain at the run. In a federal court in Pittsburgh on Friday, Krasimir Nikolov , one of the group's members, was sentenced to a period of time served after having served over 39 months in prison for his role as an "account takeover specialist" i...
cyber security

Master SaaS AI Risk: Your Complete Governance Playbook

websiteReco AIArtificial Intelligence / SaaS Security
95% use AI, but is it secure? Master SaaS AI governance with standards-aligned frameworks.
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them

Designing Identity for Trust at Scale—With Privacy, AI, and Seamless Logins in Mind

Jul 24, 2025
Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...
Apple Opens Its Invite-Only Bug Bounty Program to All Researchers

Apple Opens Its Invite-Only Bug Bounty Program to All Researchers

Dec 20, 2019
As promised by Apple in August this year, the company today finally opened its bug bounty program to all security researchers, offering monetary rewards to anyone for reporting vulnerabilities in the iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the company. Since its launch three years ago, Apple's bug bounty program was open only for selected security researchers based on invitation and was only rewarded for reporting vulnerabilities in the iOS mobile operating system. However, speaking at a hacking conference in August this year, Ivan Krstić, head of Apple Security Engineering and Architecture at Apple, announced the company's upcoming extended bug bounty program which included three main highlights: an enormous increase in the maximum reward from $200,000 to $1.5 million, accepting bug reports for all of its operating systems and latest hardware, opening the program for all researchers. Now starting from today, all security researchers and hackers are ...
Hackers Stole Customers' Payment Card Details From Over 700 Wawa Stores

Hackers Stole Customers' Payment Card Details From Over 700 Wawa Stores

Dec 20, 2019
Have you stopped at any Wawa convenience store and used your payment card to buy gas or snacks in the last nine months? If yes, your credit and debit card details may have been stolen by cybercriminals. Wawa, the Philadelphia-based gas and convenience store chain, disclosed a data breach incident that may have exposed payment card information of thousands of customers who used their cards at about any of its 850 stores since March 2019. What happened? According to a press release published on the company's website, on 4th March, attackers managed to install malware on its point-of-sale servers used to process customers' payments. By the time it was discovered by the Wawa information security team on 10th December, the malware had already infected in-store payment processing systems at "potentially all Wawa locations." That means attackers were potentially stealing Wawa customers' payment card information until the malware was entirely removed by its ...
Drupal Warns Web Admins to Update CMS Sites to Patch a Critical Flaw

Drupal Warns Web Admins to Update CMS Sites to Patch a Critical Flaw

Dec 19, 2019
If you haven't recently updated your Drupal-based blog or business website to the latest available versions, it's the time. Drupal development team yesterday released important security updates for its widely used open-source content management software that addresses a critical and three "moderately critical" vulnerabilities in its core system. Considering that Drupal-powered websites are among the all-time favorite targets for hackers, the website administrators are highly recommended to install the latest release Drupal 7.69, 8.7.11, or 8.8.1 to prevent remote hackers from compromising web servers. Critical Symlinks Vulnerability in Drupal The only advisory with critical severity includes patches for multiple vulnerabilities in a third-party library, called ' Archive_Tar ,' that Drupal Core uses for creating, listing, extracting, and adding files to tar archives. The vulnerability resides in the way the affected library untar archives with sym...
Top 5 Essential Features of Effective Cybersecurity for Web Apps

Top 5 Essential Features of Effective Cybersecurity for Web Apps

Dec 19, 2019
There's hardly any business nowadays that don't use computers and connect to the Internet. Companies maintain an online presence through their official websites, blogs, and social media pages. People use online services to conduct day to day activities like banking. And of course, there are many businesses that are completely based on the web like online markets, e-Commerce websites and financial services. All of these activities create opportunities for cyber attacks. Various threats can affect websites, online services, API endpoints, and the applications used or provided by businesses. Such devastating attacks include privacy intrusion, DDoS attacks , data breaches, defacements of websites, online store shutdowns, scraping, payment fraud, abuse of online services, and backdoor installations. The 2019 Cost of Cybercrime Study by Accenture reports that there has been a 67% increase in cyber attacks over the last five years. The corresponding increase in financial ter...
Expert Insights Articles Videos
Cybersecurity Resources
//]]>