Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 9 most recent headlines Filtered view

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called "darkworm." The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.

Hacktivists use proxy services from Russia, China for 'billions of designed-for-abuse connection attempts' Cybercrime has skyrocketed since the start of the Iran war, according to Akamai, which reports a 245 percent increase in everything from credential harvesting attempts to automated reconnaissance traffic aimed at banks and other critical businesses.…

Espionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass HitsRussian hackers targeting Ukrainian government agencies and businesses - including a major automotive manufacturer - have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware.

A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps [...]

Also: Belarusian miscreants pivot to browser-in-the-browser attacks A Russian cybercrime gang has lately sent credential-phishing emails to the military of Eastern European countries and a NATO Center of Excellence, according to a Google threat report this week. …

A 23-year-old Russian national has been indicted in the U.S. and added to the Federal Bureau of Investigation's (FBI) Cyber Most Wanted List for his alleged role as the administrator of Marketplace A, a cyber crime forum that sold stolen login credentials, personal information, and credit card data