Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 15 most recent headlines Filtered view
Bank Info Security 2 months, 3 weeks ago

Breach Roundup: Myanmar Scam Compound Managers Charged

Also, Europol Cracks DDoS Networks, Mythos Finds Bugs, France Portal HitThis week, scam compounds. Attackers exploit flaws pre-disclosure. A crackdown on DDoS-for-hire. No Mythos for CISA, yes for Mozilla. France ID portal breach. Israeli and Venezuelan critical infrastructure targeted. Russian hacking in Ukraine. An Apache flaw. A ransomware negotiator aided BlackCat.

Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-DaysThis week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw.

Federal Agencies Ordered to Patch or Decommission F5 Devices Amid Imminent RiskAn advanced nation-state threat actor stole sensitive F5 source code and vulnerability data to craft tailored exploits, prompting an emergency directive amid a U.S. government shutdown that has left cyber defenses strained and federal networks at "imminent risk."

Bank Info Security 9 months, 3 weeks ago

Feds Isolate Cisco Firewalls to Defend Against 'Arcane Door'

CISA Issues Emergency Directive After Cisco Exploits Persist After RebootCISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear - malware that survives system reboots and upgrades - forcing agencies to disconnect vulnerable devices by Friday.

Also: Train Hack Risks Outed by CISA Alert; AI Comprehension Issues Won't Go AwayIn this week's update, four ISMG editors discussed the potential global implications of the Seychelles Commercial Bank data breach; the real-world threat of train hacks following an alert about a critical railway vulnerability; and growing concerns around AI's "comprehension problem."

Also: CISA Warns of Unpatched Train Brake VulnerabilityThis week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier.

Bank Info Security 1 year, 1 month ago

Salt Typhoon Believed to Be Behind Commvault Data Breach

CISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup PlatformA suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings.

House Homeland Security Committee Mulls Response to Volt Typhoon, Future of CISAThe United States needs to respond more aggressively to nation-state hacking, members of Congress heard Wednesday against a backdrop of changes, actual and planned, at the primary federal civilian cyber defense agency. "We need to call them out for this," said Rep. Michael McCaul, R-Texas.

Bank Info Security 1 year, 6 months ago

CISA Investigates Chinese Hacking of Treasury Department

US Cyber Defense Agency Confirms Role in Federal Probe Following 'Major Incident'The Cybersecurity and Infrastructure Security Agency is working closely with the Treasury Department in an ongoing investigation to determine the full scale and scope of a Chinese-linked hack targeting key offices tasked with sanctions enforcement, the agency confirmed Monday.

Bank Info Security 1 year, 7 months ago

US CISA Endorses Encrypted Apps Amid Chinese Telecom Hack

CISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom HackThe Cybersecurity and Infrastructure Security Agency's latest guidance calls on top U.S. political and government officials to adopt stricter mobile security measures in response to the Salt Typhoon hacking campaign, a Chinese espionage effort that has infiltrated major telecom systems.

Bank Info Security 2 years, 3 months ago

CISA Warns Russian Microsoft Hackers Targeted Federal Emails

US Cyber Defense Agency Instructs Agencies to Fortify Systems Amid Microsoft BreachThe U.S. Cybersecurity and Infrastructure Security Agency publicly released an emergency directive Thursday requiring impacted federal agencies to take immediate remediation measures amid continued fallout from the Russian state-sponsored hacking of Microsoft that began in late November.

Bank Info Security 2 years, 4 months ago

Ivanti Disputes CISA Findings of Post-Factory Reset Hacking

Gateway Maker Says Technique Won't Succeed in Live Customer EnvironmentCorporate VPN maker Ivanti disputed findings by the U.S. cybersecurity agency that said hackers can establish persistence on rooted appliances through a factory reset but nonetheless released an updated integrity checking tool Tuesday. Ivanti has been in emergency response mode since early January.

FBI and CISA Detail Operation to Prevent Chinese Attacks on Critical InfrastructureThe FBI launched a court-authorized sting operation against a Chinese hacking group known as Volt Typhoon, partnering with the Cybersecurity and Infrastructure Security Agency and a cohort of U.S. cyber agencies to prevent a major attack on the nation’s critical infrastructure sectors.

Bank Info Security 2 years, 7 months ago

US CISA: Secure Israeli-Made Technology From Iranian Hackers

'Cyber Av3ngers' Didn't Tamper With Water Safety, Says Cyber AgencyThe U.S. Cybersecurity and Infrastructure Security Agency encouraged all organizations that use equipment developed by an Israeli technology company called Unitronics to bolster their cyber posture amid the Israel-Hamas war after an Iranian hacking group attacked a Pennsylvania water municipality.

Bank Info Security 2 years, 8 months ago

CISA, FBI Issue New Warning Following Las Vegas Cyberattack

Agencies Release Joint Advisory Urging Organizations to Implement New MitigationsCISA and the FBI released an advisory recommending that critical infrastructure organizations implement a series of recommendations to thwart a unique hacking group known for targeting commercial facilities, as seen in the recent cyberattack targeting MGM Resorts International.