Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

23 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 23 Filtered view
Bank Info Security 3 months, 2 weeks ago

Cloud-Based EHR Vendor Notifies SEC About Hacking Incident

CareCloud: Intruder Accessed Systems for 8 Hours, Still Assessing Extent of BreachElectronic health records vendor CareCloud has notified the U.S. Securities and Exchange Commission of a cyber incident earlier this month that temporarily disrupted the software and accessed one of its EHR environments. The company is assessing whether patient data was accessed or stolen.

Bank Info Security 5 months, 2 weeks ago

Harvard, UPenn Data Leaked in ShinyHunters Shakedown

Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors'Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live phishing" attacks that often attempt to trick IT help desks into giving attackers direct access to a victim's network and cloud-based data.

Bank Info Security 5 months, 2 weeks ago

Harvard, UPenn Data Leaked in ShinyHunters Shakedown

Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors'Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live phishing" attacks that often attempt to trick IT help desks into giving attackers direct access to a victim's network and cloud-based data.

Bank Info Security 7 months, 3 weeks ago

Chinese APT24 Deploys Custom Malware, New Stealthy Tactics

3-Year Espionage Campaign Targeted Taiwanese FirmsChinese nation-state group APT24 targeted multiple Taiwanese companies as part of an espionage operation that went undetected for three years. The hacking group continually updated its malware infrastructure and tactics, enabling it to stay under the radar, Google Cloud said.

Bank Info Security 10 months, 2 weeks ago

Hackers Chase Credentials in Hybrid Cloud Deployments

Financially Motivated Actor Storm-0501 Systematically Probed Victim EnvironmentsAs enterprises go with hybrid cloud developments, so follow hackers, even if it means jumping through extra hoops to get to where the data is stored. Microsoft on Wednesday said it spotted a financially-motivated hacking group probing a hybrid on-premise.

Bank Info Security 11 months, 2 weeks ago

Oracle/Cerner EHR Hack: Breach Reports Still Trickling In

At Least 410,000 Patients Reported Affected, But Likely Even More VictimsMonths after news first broke that a hacking incident compromised legacy patient data hosted by Cerner electronic health record servers that were set to migrate to parent company Oracle's cloud environment, data breach reports related to the hack are still slowly trickling in to regulators. What's taking so long?

China's Hack-For-Hire Scene Disgorges Another LeakThe Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details.

Bank Info Security 1 year, 1 month ago

Salt Typhoon Believed to Be Behind Commvault Data Breach

CISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup PlatformA suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings.

Bank Info Security 1 year, 1 month ago

Scammers Troll DNS Records for Abandoned Cloud Accounts

'Hazy Hawk' Behind a Rash of Domain HijackingsA hacking group with apparent access to a commercial domain name system archiving service is on the hunt for misconfigured records of high-reputation organizations in order to blast links to scammy domains. It checks the CNAME field of DNS records to see if it points to an abandoned cloud service.

Bank Info Security 1 year, 2 months ago

Netgain Technology Pays $1.9M in Data Breach Settlement

Financially Strapped Cloud Services Firm Settles Suit From 2020 Patient Data HackA financially strapped cloud services vendor that experienced a 2020 ransomware attack affecting dozens of healthcare sector clients and hundreds of thousands of patients has agreed to a $1.9 million settlement in proposed class action litigation involving the data theft case.

Bank Info Security 1 year, 2 months ago

Indiana Health System Notifies 263,000 of Oracle Hack

Union Health System Among Many Cerner Legacy Data Clients Affected by BreachAn Indiana health system is among the first healthcare organizations notifying regulators and thousands of people affected by the Oracle hack in January. Attackers compromised legacy patient data hosted by Cerner servers that were set to migrate to Oracle's cloud environment.

Bank Info Security 1 year, 3 months ago

Breach Roundup: Port of Seattle Notifies 90,000 Victims

Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete ServersThis week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider's "King Bob" pleaded guilty, SmokeLoader users busted.

Bank Info Security 1 year, 3 months ago

Oracle Health Responding to Hack of Legacy Cerner EHR Data

Customer Credentials Possibly Compromised at EHR Vendor Acquired by Oracle in 2022Oracle is dealing with a hacking incident involving legacy patient data of Cerner electronic health record customers. Oracle, which acquired Cerner in 2022, is reportedly telling clients the hack involved compromised credentials for systems scheduled to migrate to the cloud.

Bank Info Security 1 year, 7 months ago

Chinese APT Groups Targets European IT Companies

Evidence Mounts for Chinese Hacking 'Quartermaster'A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye."

Bank Info Security 1 year, 8 months ago

Canadian Cops Bust Suspected Hacker Tied to Snowflake Hits

Hacking Suspect Tied to Theft of Data From AT&T, TicketMaster, Santander and OthersCanadian authorities arrested a suspected extortionist tied to the hacking theft of terabytes of data from clients of cloud-based data warehousing platform Snowflake. Charges against the suspect, Alexander Moucka, aka Connor Moucka, have yet to be publicly detailed.

Bank Info Security 1 year, 10 months ago

North Korean Hackers Pivot Away From Public Cloud

Kimsuky, or a Related Group, Deploys XenoRAT VariantA North Korean hacking team hastily pivoted from using publicly available cloud computing storage to its own infrastructure after security researchers unmasked a malware campaign. The group shifted from using cloud service including Google Drive, OneDrive, and Dropbox to systems under its control.

Bank Info Security 2 years, 2 months ago

Microsoft Overhauls Security Practices After Major Breaches

Company Plans to Link Executive Compensation to Achieving Security MilestonesThe executive vice president for Microsoft Security has announced an overhaul of the company's security practices following a series of high-profile cyberattacks that allowed foreign state-sponsored hacking groups to access its internal systems and cloud networks.

Bank Info Security 2 years, 2 months ago

New Report Exposes Iranian Hacking Group's Media Masquerade

Mandiant Says APT42 Members Have Been Posing as Journalists to Steal Troves of DataMembers of the Iranian state hacking group APT42 have been observed posing as journalists from credible news outlets and well-known research institutions as part of a global effort to harvest credentials and hack into victim cloud networks, according to a Mandiant report published Wednesday.

Loading more headlines...