Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view

Remember that cost-cutting group once led by Elon Musk? Federal employees are still dealing with it A Social Security Administration employee has filed a whistleblower complaint alleging that Donald Trump's DOGE cost-cutting unit has put the records of every single American at risk by duplicating an agency database in an unauthorized cloud environment. …

Class act: Biz only serves 60M people across America, no biggie A leading education software maker has admitted its IT environment was compromised in a cyberattack, with students and teachers' personal data – including some Social Security Numbers and medical info – stolen.…

Agency Awards Contract for Additional Staffing to Cope With Massive Backlog of CVEsThe U.S. National Institute of Standards and Technology announced plans to resume processing new vulnerabilities for the National Vulnerability Database after funding cuts forced the agency to stop tracking common vulnerabilities and exposures in the critical repository.

Bank Info Security 2 years, 3 months ago

US EPA Investigates Alleged Data Breach by Government Hacker

Hacker Claims to Leak Trove of Records Belonging to Environmental Protection AgencyThe U.S. Environmental Protection Agency is investigating claims that a notorious government hacker leaked a trove of contact information from the agency's database of critical infrastructure contractors. A spokesperson said the agency conducted a "preliminary analysis" of the allegedly leaked data.

Security world reacts as NIST does a lot less of oft criticized, 'almost always thankless' work Opinion The United States National Institute of Standards and Technology (NIST) has almost completely stopped adding analysis to Common Vulnerabilities and Exposures (CVEs) listed in the National Vulnerability Database. That means big headaches for anyone using CVEs to maintain their security. …

Bank Info Security 2 years, 3 months ago

US CISA Urges Preventative Actions Against Volt Typhoon

Make Sure You Have Logs, Five Eyes Alliance SaysU.S. and allied cybersecurity agencies again warned the private sector to guard against Chinese state hackers who eschew malware to maintain access in favor of exploiting built-in system functions. Key preventative measures include maintaining a central logging database.

A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network's chief technology officer in Pakistan has been hacked for the past year, and that the entire operation was created by the principals of a Tennessee-based telemarketing firm that has promoted USPS employment websites since 2016.

Krebs on Security 3 years, 7 months ago

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online -- using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.

Krebs on Security 4 years, 3 months ago

RaidForums Gets Raided, Alleged Admin Arrested

The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world's largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums -- 21-year-old Diogo Santos Coelho, of Portugal -- with six criminal counts, including conspiracy, access device fraud and aggravated identity theft.