Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 28 Filtered view
Bank Info Security 2 months, 3 weeks ago

Medical Device Maker Medtronic Says It's Been Hacked

Cybercrime Gang ShinyHunters Claimed to Steal 9M RecordsMedtronic has told federal authorities that cybercriminals hacked its corporate IT systems, but said the incident did not affect the medical device makers' products, manufacturing or distribution operations. Cybercrime gang ShinyHunters reportedly claimed responsibility for the hack.

Krebs on Security 2 months, 3 weeks ago

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors.

Bank Info Security 6 months, 1 week ago

Orthopedic Practice Pays $500K Settlement to NYS in Hack

2023 Incident Affected More Than 650,000 Patients, EmployeesAn upstate New York orthopedic practice has agreed to pay state regulators a $500,000 settlement and implement stronger security practices following a 2023 hack involving the theft of 650,000 individuals' sensitive information. Cybercrime group INC Ransom reportedly claimed credit for the incident.

Krebs on Security 8 months, 2 weeks ago

Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody

A Ukrainian man indicted in 2012 for conspiring with a prolific hacking group to steal tens of millions of dollars from U.S. businesses was arrested in Italy and is now in custody in the United States, KrebsOnSecurity has learned. Sources close to the investigation say Yuriy Igorevich Rybtsov, a 41-year-old from the Russia-controlled city of Donetsk, Ukraine, was previously referenced in U.S. federal charging documents only by his online handle "MrICQ." According to a 13-year-old indictment filed by prosecutors in Nebraska, MrICQ was a developer for a cybercrime group known as "Jabber Zeus."

Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen DataTwo radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients on the darkweb.

Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen DataTwo radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients on the darkweb.

Cybercrime Group ShinyHunters Advertises 160 Million Stolen RecordsVietnam's central bank is probing a hack attack that breached its credit reporting division, exposing personally identifiable information. The cybercrime group ShinyHunters claimed credit for the breach, advertising on a cybercrime forum 160 million stolen records for $175,000.

AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It's no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how much LLMs lower the bar for ransomware and other financially motivated cybercrime — and provide a glimpse to defenders about what's on the horizon.…

Bank Info Security 10 months, 2 weeks ago

Event Horizon for Vibe Hacking Draws Closer, Anthropic Warns

Cyber Extortion Campaign Automated Efforts to 'Unprecedented' Degree, Says AI GiantArtificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.

Hacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google SaysA cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime group it tracks as UNC6148.

Notorious Site Facilitated Buying and Selling of Breached Databases, Hacking ToolsFrench police have reportedly busted five suspected hackers - "IntelBroker," "ShinyHunters," "Hollow," "Noct" and "Depressed" - tied to the operation of the notorious cybercrime site BreachForums, which facilitated the buying and selling of stolen databases and hacking tools.

Did Marlboro-Chesterfield Pathology Pay Cybercrime Gang Safepay a Ransom?A North Carolina pathology practice is notifying nearly 236,000 patients of a hacking incident discovered in January. Marlboro-Chesterfield Pathology says it "took steps" to ensure the hackers deleted its stolen data. Newcomer ransomware group Safepay is apparently the culprit in the attack.

Bank Info Security 1 year, 1 month ago

M&S Reportedly Hacked Using Third-Party Credentials

Scattered Spider Stole Tata Consulting Services Employee Login Details for HackBritish retailer Marks & Spencer was reportedly compromised by cybercrime group Scattered Spider using stolen employee credentials from a third-party IT company. Citing an unidentified source, Reuters reported hackers used the M&S login credentials of two Tata Consulting Services employees.

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of e-commerce platforms catering to buyers and sellers on both forums.

Bank Info Security 1 year, 7 months ago

Breach Roundup: Vodka Maker Bankrupt After Cyberattack

Also: Trinity Didn't Really Hack the Spanish Tax Agency, Law Firm KYL Reports BreachThis week, a vodka maker in bankruptcy cited its ransomware attack, no ransomware at the Spanish tax agency and cable cuttings in Finland. Data stolen from Japanese shoppers, Chemonics International and law firm KYL. A sweep of Asian cybercrime, trends in the U.K. and ENGlobal ransomware attack.

Loading more headlines...