Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view
Bank Info Security 7 months, 3 weeks ago

Email Hacks Continue to Plague Healthcare Sector

Mindpath Health Settles Claim for $3.5M; Delta Dental Notifies 146,000 of BreachEmail breaches continue to plague the healthcare sector, resulting in data compromises that often affect the sensitive information of scores of patients. Two recent incidents illustrate the risks email breaches pose to patients, and the potential legal fallout for providers.

Bank Info Security 1 year, 6 months ago

Abandoned Online Domains Unlock Services With Google OAuth

Google Says Platforms Shouldn't Use Emails as Unique IdentifiersA security researcher purchased abandoned online domains belonging to failed startups and found he could recreate email addresses and access third party services containing sensitive information collected by the shuttered companies by signing onto the platforms using "Sign in with Google."

Google Says Platforms Shouldn't Use Emails as Unique IdentifiersA security researcher purchased abandoned online domains belonging to failed startups and found he could recreate email addresses and access third party services containing sensitive information collected by the shuttered companies by signing onto the platforms using "Sign in with Google."

Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country

Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2)

While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information

Ukraine's Computer Emergency Response Team (CERT-UA) warned of new phishing attacks aimed at its citizens by leveraging compromised email accounts belonging to three different Indian entities with the goal of compromising their inboxes and stealing sensitive information