Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.…

Bank Info Security 5 months, 2 weeks ago

HHS Audit Flags Web App Security Gaps at Large Hospital

Experts: Problems Are Frequent Weaknesses Across Healthcare Sector EntitiesSecurity weaknesses in web-facing apps used at a large U.S. hospital could leave the facility's IT systems and sensitive patient information vulnerable to cyberattacks, found federal auditors. Those same problems also haunt many other healthcare entities, experts said.

Former Inspector Reviews Sector's Take on AI, Zero Trust, Vulnerability ManagementSecuring U.S. nuclear infrastructure remains a hot-button topic, especially because it remains an attractive cyberattack target for nation-state adversaries. Former regulatory inspector Mark Rorabaugh, president of InfraShield, details the current state of the sector's cybersecurity posture.

Krebs on Security 1 year, 10 months ago

The Dark Nexus Between Harm Groups and ‘The Com’

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Security Researcher Says Flaw Came From 700 Exposed APIs Belonging to CoxAn independent security researcher discovered a critical flaw in the backend infrastructure of the largest broadband provider in the United States that, if exploited, could have left millions of business customer devices vulnerable to major cyberattacks.

Bank Info Security 2 years, 1 month ago

ISMG Editors: Is SASE Living Up to the Hype in 2024?

Also: Apple Wi-Fi Vulnerabilities; Cyberattack on Ascension HospitalIn the latest weekly update, ISMG editors discussed the current state of Secure Access Service Edge solutions in 2024, vulnerabilities in Apple's Wi-Fi-based positioning system, and the patient safety questions arising after a cyberattack hit a U.S. hospital.

Bank Info Security 2 years, 1 month ago

HHS Funds $50M to Spot, Patch Hospital Vulnerabilities

Research Agency Soliciting 'Upgrade' Project Ideas to Help Boost Healthcare CyberThe highly targeted U.S. hospital sector could get a boost in avoiding cyberattacks with a $50 million investment by a federal research agency aimed at enhancing automation, vulnerability detection and remediation across a variety of devices in healthcare environments.

Bank Info Security 2 years, 2 months ago

Mitre Says Hackers Breached Unclassified R&D Network

Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in CyberattackA nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday.

Bank Info Security 2 years, 3 months ago

DHS Calls Political Campaigns 'Ripe Target' for Cyberattacks

Foreign Adversaries Increasingly See Campaigns as Prime for Hacking, Official SaysThe U.S. Department of Homeland Security's assistant secretary for cyber, infrastructure, risk and resilience is sounding the alarm over hackers targeting political campaigns ahead of the 2024 elections, warning that campaigns could be left vulnerable if they fail to practice basic cyber hygiene.

Bank Info Security 2 years, 5 months ago

Breach Roundup: US Bans AI Robocalls

Also: A Widespread Linux Bootloader VulnerabilityThis week, the U.S. banned AI robocalls, researchers discovered a Linux bootloader flaw, France investigated health sector hackings, the feds offered money for Hive information, Verizon disclosed an insider breach, Germany opened a cybersecurity center, and cyberattack victims reported high costs.

Roughly half of all Android-based mobile phones used by state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities threat actors can leverage to perform cyberattacks. [...]