Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

70 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 70 Filtered view

Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but coverage.  Enforced through an identity provider (IdP) such as Microsoft Entra ID, Okta, or

Passwords and app-based MFA add hidden costs through lost productivity, frequent resets, and risk of phishing and social engineering attacks. Token explains how wireless biometric, passwordless authentication eliminates credential-based attacks and delivers measurable financial returns by reducing login time across the enterprise. [...]

Wanna know a secret? Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all forms of MFA are created equal, and the one-time passwords orgs send to your phone have holes so big you could drive a truck through them.…

Bank Info Security 9 months, 1 week ago

Hackers Exploit LFI Flaw in File-Sharing Platforms

Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, TriofoxHackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.

Bank Info Security 9 months, 1 week ago

Hackers Exploit LFI Flaw in File-Sharing Platforms

Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, TriofoxHackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.

Bank Info Security 9 months, 2 weeks ago

Gone in 60 Minutes: Akira Defeats MFA for SonicWall SSL VPNs

'Opportunistic, Mass Exploitation' Campaign Surging, Say Cybersecurity ResearchersAttackers wielding Akira ransomware appear to be engaged in an "opportunistic, mass exploitation" of SonicWall SSL VPN servers, even when they're using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers.

Bank Info Security 11 months, 1 week ago

No, Mr. Altman, Passwords Are Not Back in Vogue

OpenAI CEO Says AI Has Beaten Voice Recognition, But Experts DisagreeOpenAI CEO Sam Altman recently claimed that artificial intelligence has "fully defeated most of the ways that people authenticate currently, other than passwords." A host of security experts disagree and point out that passwords got us into this authentication mess to begin with.

Loading more headlines...