Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view
Bank Info Security 4 months, 2 weeks ago

Senate Health Cyber Bill Clears Committee Hurdle

Bipartisan Bill Would Mandate Multifactor Authentication, Pen TestingProposed legislation that's been kicking around Congress for the last few years that aims to help bolster cybersecurity of the healthcare sector cleared a critical hurdle on Thursday. But will the bill gain enough momentum to pass the full Senate, the House and be signed into law?

Wanna know a secret? Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all forms of MFA are created equal, and the one-time passwords orgs send to your phone have holes so big you could drive a truck through them.…

Bank Info Security 1 year, 2 months ago

UK NHS Rolls Out Voluntary Cyber Charter for IT Suppliers

Urges Companies to Regularly Patch Their ProductsThe British National Health Service is prodding suppliers to commit to voluntary cybersecurity measures in a bid to prevent disruptive hacks. Among the proposed measures are regularly patching IT systems, instituting multifactor authentication and requiring IT suppliers to monitor and log their systems to allow prompt incident response.

Bank Info Security 1 year, 3 months ago

Advanced Fined 3 Million Pounds Over 2022 Ransomware Hack

UK ICO Says Advanced's Security Measures 'Fell Seriously Short'A British IT service company must pay a 3.07 million pound fine for a 2022 ransomware hack that exposed medical records of tens of thousands of National Health Service patients. Hackers breached the Advanced system through a user account that did not have multifactor authentication in place.

The changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities.

In case anyone forgot about Change Healthcare American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators. …

Bank Info Security 1 year, 10 months ago

Eliminating the Need for Stored Credentials in Healthcare

Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.

The Register 2 years, 2 months ago

UnitedHealth CEO: 'Decision to pay ransom was mine'

Testifies that Citrix authentication snafu has cost the health giant dearly UnitedHealth CEO Andrew Witty will tell US lawmakers Wednesday the cyber-criminals who hit Change Healthcare with ransomware used stolen credentials to remotely access a Citrix portal that didn't have multi-factor authentication enabled.…

UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled. [...]