Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view
Bank Info Security 3 months, 2 weeks ago

Cryptohack Roundup: Charges in Uranium Finance Case

Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply CaseThis week, charges filed in Uranium Finance hack, indictment of Chinese firms in fentanyl supply case, a class action lawsuit against Nvidia, Drift Protocol exploit, KuCoin operational barriers in the United States and a U.K. sanction filed against Xinbi.

Bank Info Security 11 months, 3 weeks ago

Microsoft Traces On-Premises SharePoint Exploits to China

But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers WarnMicrosoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices

Also, Researchers Exploit Tesla Wall Connector Via Charging CableThis week: Chinese Salt Typhoon hackers hit Viasat, researchers hacked a Tesla charger, Sitecore CMS flaws, Krispy Kreme disclosed hacking damage, Archetyp Market taken down. Episource disclosed a ransomware hack and Spain ruled out cyberattack for the April Iberian blackout.

Bank Info Security 1 year, 3 months ago

Chinese Hackers Exploit Unpatched Servers in Taiwan

UAT-5918 Breaches Taiwan's Critical Sectors Using N-Day Flaws for CyberespionageHackers with ties to China-based hacking groups including Volt Typhoon are breaching Taiwan's critical infrastructure by exploiting unpatched web and application servers as entry points for a cyberespionage campaign. Cisco Talos threat hunters identified the new threat actor as UAT-5918.

Bank Info Security 1 year, 4 months ago

Chinese Hackers Exploit Windows Tool to Install Backdoors

Mustang Panda Uses MAVInject to Evade Antivirus DetectionA Chinese state-sponsored hacking group is abusing a legitimate Microsoft tool to evade security and install backdoors on government systems in the Asia-Pacific region. The threat actor uses MAVInject.exe to inject malware into waitfor.exe.

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG FirewallThe U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect's arrest.

Bank Info Security 2 years, 3 months ago

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days

UNC5174 Exploited F5 BIG-IP and ScreenConnect VulnerabilitiesA likely Chinese hacker-for-hire used high-profile vulnerabilities in a campaign targeting a slew of Southeast Asian and U.S. governmental and research organizations, says threat intel firm Mandiant. Rapid exploitation of newly patched flaws has become a hallmark of Chinese threat actors.

Bank Info Security 2 years, 5 months ago

Chinese Hackers Penetrated Unclassified Dutch Network

Beijing Used FortiGate Vulnerability to Install TrojanChinese espionage hackers penetrated Dutch military systems in early 2023, using a zero-day exploit in a Fortinet virtual private network to obtain access, Netherlands intelligence agencies disclosed Tuesday. They attributed the hacking to Chinese state actors with high confidence.

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign

Loading more headlines...