Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

29 headlines in this view

Refine the feed

Search across headline titles and summaries.

Showing 20 most recent headlines of 29 Filtered view

Also: Occulus virtual reality apps fail to detail info collection Meta's Facebook subsidiary has been collecting hashed personal data from students seeking US government financial aid, even from those without a Facebook account and those not logged into the student aid website, according to a research study published this week.…

The cybercriminals trash files larger than 2MB, forever losing them to the void Ransomware groups in recent years have ramped up the threats against victims to incentivize them to pay the ransom in return for their stolen and encrypted data. But a new crew is essentially destroying files larger than 2MB, so data in those files is lost even if the ransom is paid.…

Customer data collection and retention requirements also increased, including for crypto operators India's Computer Emergency Response Team (CERT-In) has given many of the nation's IT shops a big job that needs to be done in a hurry: complying with a new set of rules that require organizations to report 20 different types of infosec incidents within six hours of detection, be they a ransomware attack or mere compromise of a social media account.…

At 15.3 million requests per second, the assault was the largest HTTPS blitz on record lasting 15 seconds Cloudflare this month halted a massive distributed denial-of-service (DDoS) attack on a cryptocurrency platform that not only was unusual in its sheer size but also because it was launched over HTTPS and primarily originated from cloud datacenters rather than residential internet service providers (ISPs).…

Multi-layered protection from Huawei curbs ransomware attacks Sponsored Feature The mass pandemic-driven migration to remote working has been a significant threat vector which precipitated a surge in cyberattacks last year. Prominent among these were ransomware attacks, which rose by 92.7 percent year-on-year in 2021, according to consulting firm NCC Group.…

Malicious cyber actors go after 2021's biggest misses, spend less time on the classics Security flaws in Log4j, Microsoft Exchange, and Atlassian's workspace collaboration software were among the bugs most frequently exploited by "malicious cyber actors" in 2021 , according to a joint advisory by the Five Eyes nations' cybersecurity and law enforcement agencies.…

Because digital transformation means transforming security first Sponsored Post The threat of ransomware or nation state attacks might open-up corporate wallets for short-term cyber-security investment but working out how to develop both your security team and your defenses for the long-term calls for a little more sophistication.…

A different type of bug bounty Uncle Sam will dole out up to $10 million for vital information on each of six Russian GRU officers linked to the Kremlin-backed Sandworm gang, who, according to the Feds, have plotted to carry out destructive cyber-attacks against American critical infrastructure.…

State-sponsored Bronze President group launches cyber-espionage malware campaign against notional ally China appears to be entering a raging cyber-espionage battle that's grown in line with Russia's unprovoked attack on Ukraine, deploying advanced malware on the computer systems of Russian officials.…

Our Vectra Masked CISO series tackles some of the biggest issues in security and how to overcome them Advertorial As security professionals, we aren’t known for our levity. True, we’re often fire-fighting serious incidents with potentially profound consequences for the organisation, and our career prospects. But our relationships with others are usually characterised by policing and enforcement rather than engagement and support.…

The Register 27 Apr 2022, 7:15 p.m. CISO

We hope you've patched that 9.8/10 severity bug A team of Iranian cyber-spies dubbed Rocket Kitten, for one, is likely behind attempts to exploit a critical remote-code execution vulnerability in VMware's identity management software, according to endpoint security firm Morphisec.…

Loading more headlines...