Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 28 Filtered view

The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That's the new attack surface, and most organizations are underprepared for it

Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson's service providers has exposed the personal data of more than 15,000 individuals after attackers sweet-talked an employee into handing over access.…

Bank Info Security 7 months, 3 weeks ago

Breach Roundup: Recently Patched Oracle Flaw Under Attack

Also: npm Packages Infiltrated, FBI Issues Fraud Alert, Campbell's Soup Cans CISOThis week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising bank account takeover scams, regulators fined Comcast over a vendor breach, Iberia reported a supplier incident and Campbell's canned its CISO.

Bank Info Security 8 months, 2 weeks ago

Francisco Partners to Buy Apple Security Firm Jamf for $2.2B

Private Equity Firm's $13.05-Per-Share Bid Comes 5 Years After Jamf Went PublicFrancisco Partners agreed to purchase Jamf for $2.2 billion just three months after the Apple management and security vendor laid off 6.4% of its workforce. The $13.05-per-share offer will provide Jamf with greater financial flexibility to accelerate growth and expand through innovation and M&A.

Deal Adds Live Fraud Red Teaming, Adversarial Testing to Neovera's Cyber PortfolioNeovera has acquired Greenway Solutions, a Charlotte-based fraud red-teaming vendor serving top banks, to expand its cyber capabilities. The Washington D.C.-area services provider plans to tailor services for community banks and credit unions using automation and selective testing.

Landmark Admin Compromise Affects More Than a Dozen Insurance and Annuity CarriersLandmark Admin, a third-party vendor that provides administrative services to life insurance and annuity companies, said 1.6 million people are potentially affected by 2024 ransomware and data exfiltration incidents that compromised a wide range of personal, financial and health information.

Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024

Bank Info Security 1 year, 3 months ago

Fraud in Your Inbox: Email Is Still the Weakest Link

At-Bay Cyber Insurance Claims Report Finds 83% of Financial Fraud Starts With EmailFinancial fraud remains the leading driver of cyberinsurance claims, with 83% of cases traced back to email-based attacks. Common tactics used to deceive employees include wiring funds to fraudulent accounts, generative AI-crafted emails, executive and vendor impersonation and BEC scams.

Also: Zero-Days Affect Financial Markets, SailPoint IPO Signals Market TrendsIn this week's update, ISMG editors discussed the latest "Modern Bank Heists" report and the evolving threats to financial institutions, fallout from the U.S. Department of Government Efficiency's AI-driven government shake-up, and what SailPoint's IPO signals for the cybersecurity vendor market.

Bank Info Security 1 year, 7 months ago

Financial Sector Turning to Multi-Cloud Strategies

Report: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and RegulationFinancial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. Although the move enhances flexibility and disaster recovery, challenges remain, from implementation costs to a growing skills gap.

Bank Info Security 1 year, 7 months ago

Financial Sector Turning to Multi-Vendor Cloud Strategies

Report: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and RegulationFinancial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. The move enhances flexibility and disaster recovery, though challenges remain, from implementation costs to a growing skills gap.

CEO Anand Eswaran Talks Investors, Innovation and Data Resilience LeadershipCEO Anand Eswaran explains how Veeam's $2 billion secondary offering strengthens its financial position as the data resilience vendor prepares for an initial public offering. He discusses the company’s commitment to innovation and strategic pacts with Splunk, CrowdStrike and Palo Alto Networks.

Bank Info Security 1 year, 8 months ago

ISMG Summit Highlights Growing Third-Party Vendor Threats

Financial Services Experts Call for Stronger Focus on Third-Party Risk ManagementFinancial services leaders and cybersecurity experts said at Information Security Media Group’s 2024 Financial Services Summit that third-party vendor security risks required the need for proactive, multi-layered security frameworks to combat the growing threat landscape.

Krebs on Security 1 year, 11 months ago

Global Microsoft Meltdown Tied to Bad Crowdstrike Update

A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike's solution needs to be applied manually on a per-machine basis.

InfoSys McCamish Systems Earlier Alerted 57,000 Bank of America Clients of BreachInfosys McCamish Systems, an insurance software product and services vendor, is notifying nearly 6.1 million people of a 2023 ransomware incident that potentially comprised their sensitive data, including Social Security numbers, medical treatment, and financial and biometric information.

Bank Info Security 2 years, 3 months ago

Why Claroty Is Considering Going Public at a $3.5B Valuation

Rubrik Began the IPO Process. Will Cyber-Physical Systems Vendor Claroty Join It?Following Rubrik's announcement that it plans to list on the New York Stock Exchange, another company is considering trying its luck in the public market. Claroty is meeting with underwriters ahead of a possible 2025 IPO that could value the cyber-physical systems security titan at $3.5 billion.

Loading more headlines...