Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view
Bank Info Security 1 month, 2 weeks ago

Breach Roundup: US Troops Tracked With Cell Phone Data

Also, Kali365 Bypasses MFA, Silent Ransom Group Makes Office CallsThis week, active duty troops tracked, Kali365 bypassed MFA, Australian lawmakers phished on WhatsApp, Silent Ransom escalated IT scams, Lithuania and German hospitals disclosed breaches, pro-Russian infrastructure providers arrested, CISA warned of active LiteSpeed exploitation.

Bank Info Security 1 month, 3 weeks ago

Breach Roundup: Shai-Hulud Copycat Hits npm

Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug SpamThis week, more incidents than we can list here. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven story. A MENA crackdown.

Bank Info Security 3 months, 3 weeks ago

Breach Roundup: Tycoon2FA Phishing Platform Rebounds

Also, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and FranceThis week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim surge.

Bank Info Security 4 months, 1 week ago

Breach Roundup: Patches and Hacks on Cisco Equipment

Also: Trojanized RedAlert App, Tycoon 2FA Takedown, CyberStrikeAI AttacksThis week, Cisco patches and hacks. Trojanized app targeted Israelis. Bye-bye, Tycoon 2FA. Also bye-bye LeakBase. A LexisNexis breach. Woman sentenced for trafficking Microsoft licenses. Silver Dragon targeted governments. Broadcom patch. A Mississippi medical clinic resumed operations.

Bank Info Security 10 months, 4 weeks ago

NY State Fines Dental Plan Firm $2M in Phishing Breach

Healthplex, Part of UnitedHealth Group, Lacked MFA on Compromised Email AccountNew York State has fined a dental plan administrator owned by UnitedHealth Group $2 million for failing to protect data with multifactor authentication and other issues related to a phishing breach that affected 90,000 people. It's the state's second fine against Healthplex for the same breach.

Bank Info Security 1 year, 2 months ago

Breach Roundup: Cookie Bite Exposes MFA Achilles Heel

Also, Blue Shield Breach Exposes 4.7M, Cyberattack Disrupts City Systems in TexasThis week, Cookie Bite bypasses MFA in Azure Entra ID, Microsoft fixed RDP Freezes, a ransomware attack in Catalonia, Blue Shield exposed data to Google, a cyberattack disrupted city systems in Texas, South Korean telecom breach exposed USIM data and a warning about North Korean IT deepfakes.

Bank Info Security 1 year, 5 months ago

Don't Get Schooled: Lessons From PowerSchool's Big Breach

Why MFA and Data Minimization Remain Key for Preventing Massive Data BreachesWhile PowerSchool's investigation into the massive theft of its customers' data is continuing, clear lessons have already emerged. Count among them the importance of using multi-factor authentication, which could have safeguarded access to PowerSchool's exploited customer support systems.

Also: VPN Vulnerabilities Attract Hackers, Hackers Use Swiss Mail to Send MalwareThis week, Russia suspected in Balctic Sea cable sabotage, VPNs draw ransomware attackers and Swiss snail mail malware. An AI training company reported a cybertheft of $250,000 and a U.S. space firm reported a breach. Microsoft said it will pay $$$ for AI vulnerabilities and a MFA success story.

Also: Ransomware Hackers Demand BaguettesThis week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.

Bank Info Security 1 year, 10 months ago

Breach-Weary Snowflake Moves to MFA, 14-Character Passwords

New Security Measures Follow High-Profile Hacks of Snowflake CustomersData warehousing platform Snowflake rolled out default MFA - as well as a 14-character password minimum - to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, LA Unified School District and Neiman Marcus.

Tokio Marine HCC's Keith Bergin on Cybersecurity Measures for Insurance EligibilityKeith Bergin, vice president of corporate claims at Tokio Marine HCC, explains how cyber insurers evaluate security measures such as MFA and administrative access control, and describes the integration of threat intelligence and pre-breach services to enhance policyholder security.

Also: Critical Infrastructure Security and Fortinet's Latest AcquisitionIn the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.

Bank Info Security 2 years, 2 months ago

Dropbox Sees Breach of Legally Binding E-Signature Service

All Dropbox Sign Users' Emails Stolen, Plus Some MFA and OAuth Tokens, API KeysDropbox said hackers breached its infrastructure and stole swaths of customer data for its legally binding electronic signature service, Dropbox Sign, including names, emails, hashed passwords and authentication tokens. The company has begun forcing password resets and API key rotation.

Bank Info Security 2 years, 4 months ago

Breach at Aussie Telecom Tangerine Affects 232,000 Customers

Customer Accounts Were Secured by MFA, But Contractor's Credentials Exposed DataAustralian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.