Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Bank Info Security 11 months, 2 weeks ago

Coyote Trojan Turns Accessibility Into Attack Surface

Brazil-Targeting Malware Exploits Windows UIA to Evade DetectionA banking Trojan long confined to Brazil has become the first known malware to exploit Microsoft's UI Automation framework to extract credentials, signaling a new tactic that may evade conventional detection. Akamai's findings point to a growing trend of attackers using legitimate system features.

Bank Info Security 1 year, 1 month ago

Godfather Malware Turns Real Banking Apps Into Spy Tools

New Variant Uses Virtualization to Weaponize Legit Apps, Stealing Data in Real TimeA banking Trojan known for mimicking mobile app login pages has gone to the next level by copying and pasting real mobile banking apps into a virtual environment it creates on infected smartphones, warn researchers. New Godfather malware "marks a significant leap in mobile threat capabilities."

Hackers Bypass MFA to Steal Australians' Banking CredentialsMelbourne-based ANZ Bank will introduce passwordless authentication for digital banking services amid news that hackers have stolen the banking credentials of tens of thousands of Australians. Cybercriminals used infostealer malware to steal the credentials of more than 30,000 Australians.

Bank Info Security 1 year, 2 months ago

Hackers Hijack NFC for Instant Payment Fraud

Attack Combines Social Engineering and Card Emulation to Execute Real-Time TheftHackers are using Chinese-speaking Android malware-as-a-service SuperCard X to carry out near-field communication relay attacks, siphoning payment card data and executing live point of sale and ATM transactions. Victims receive spoofed SMS or WhatsApp alerts purporting to originate from their bank.

Bank Info Security 1 year, 3 months ago

Breach Roundup: A WhatsApp Flaw Ushered in Spyware

Also: France Temporarily Lifts Pavel Durov's Travel Ban Amid Telegram ProbeThis week, Paragon Solutions spread through WhatsApp, France suspended Pavel Durov's travel ban, Vapor malware hit 60M Android users, state-backed hackers exploit a Windows flaw, Western Alliance Bank exposed customers data, Apple fixed a passwords bug, and a sperm bank exposed customer information.

Bank Info Security 1 year, 9 months ago

TrickMo Trojan Variants Target Device Unlock Codes

New Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility FeaturesA new variant of an Android banking Trojan called TrickMo is tricking victims into providing their phone unlock code, enabling hackers to sustain operations, warn cybersecurity researchers. The malware displays presents a deceptive HTML user interface that mimics the device's actual unlock screen.

Hackers Used Dozens of Servers to Distribute Malicious Android AppsLaw enforcement authorities in Singapore, Malaysia, Hong Kong and Taiwan took down a cybercrime ring that used dozens of servers and hundreds of phishing pages across multiple jurisdictions to run a malware-enabled scam operation and steal tens of millions from victims' bank accounts.

New Campaign Targets Over 1,500 Banks WorldwideDespite a law enforcement takedown in January, researchers identified new phishing campaigns spreading the Grandoreiro banking Trojan, indicating its return as a malware-as-a-service tool with better encryption and a better domain name generator, according to IBM X-Force researchers.

Bank Info Security 2 years, 2 months ago

Novel Android Malware Targets South Korean Banking Users

New Malware SoumniBot Exploiting Legitimate Android ProcessA new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.

Bank Info Security 2 years, 2 months ago

Novel Android Malware Targets Korean Banking Users

New Malware SoumniBot Exploiting Legitimate Android ProcessA new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.

Bank Info Security 2 years, 3 months ago

Hackers Update Vultur Banking Malware With Remote Controls

Attackers Can Now Download, Alter and Delete Files - Plus Click, Scroll and SwipeThreat actors are sending SMS texts to trick banking customers into downloading new and improved Vultur banking malware that interacts with infected devices and alters files. Vultur typically misuses legitimate applications, enabling remote access to the VNC server on targeted devices.

Bank Info Security 2 years, 4 months ago

Hackers Hiding Keylogger, RAT Malware in SVG Image Files

New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RATThreat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.

Bank Info Security 2 years, 4 months ago

Dropbox Used in Latest Exploit for Phishing Attacks

Darktrace Warns of Malware Hidden in PDF Stored in DropboxPhishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.

Bank Info Security 2 years, 5 months ago

Banking Trojan Harvests Facial Biometrics for AI Deepfakes

GoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake ScamsA Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face profiles, that attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.

Bank Info Security 2 years, 5 months ago

Breach Roundup: CIA Hacking Tool Leaker Gets 40 Years

Also: Cloudflare Was Hacked With Stolen Okta TokenThis week, former CIA programmer gets 40-year sentence, zero trust prevents widespread damage, possible ransomware attack in Georgia, alleged hacker detained in Ukraine, USB-spread malware in Italy, LockBit attack on non-bank home mortgage lender, and Ukrainian critical infrastructure disrupted.