Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

30 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 30 Filtered view

Outsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking violations. The post FBI takes down massive China-based cybercrime network that caused $1.9B in losses appeared first on CyberScoop.

UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Threat Intelligence Group published a detailed report documenting an active extortion campaign carried out by the cybercrime group UNC3753 (aka Luna Moth, Chatty Spider, and […]

Bank Info Security 1 month, 3 weeks ago

Glassworm Group: Software Supply-Chain Attackers Disrupted

Suspected Russian Crime Group Built Resilient Command-and-Control InfrastructureIn a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm cybercrime group, cutting off attackers from victims. The group has wielded a remote access Trojan to repeatedly target developers of widely used open-source software.

Bank Info Security 4 months, 1 week ago

Salesforce Sounds Alarm Over Fresh Data Extortion Campaign

CRM-Obsessed ShinyHunters Gang Exploits Misconfigured Customer Experience PortalsA prolific and noisy cybercrime gang with a penchant for stealing Salesforce customers' data and holding it ransom is taking advantage of misconfigured guest accounts meant to provide public access to services meant to remain private, using a Google scanning tool to identify vulnerable accounts.

Meanwhile, others tried to social-engineer the chatbot itself Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google Threat Intelligence Group.…

Steganography, Mobile Marketing Attribution, Code Obfuscation Deployed for Ad FraudA cybercrime crew using Android mobile apps to conduct advertising fraud took unusual pains to hide its activity, concealing malicious code in downloadable digital images and holding off from infecting the subset of users who organically found their apps through the Google Play store.

Defrauding search with custom malware, Potato-family exploits A new China-aligned cybercrime crew named GhostRedirector has compromised at least 65 Windows servers worldwide - spotted in a June internet scan - using previously undocumented malware to juice gambling sites' rankings in Google search, according to ESET researchers.…

Hacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google SaysA cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime group it tracks as UNC6148.

Krebs on Security 1 year, 3 months ago

China-based SMS Phishing Triad Pivots to Banks

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.

Krebs on Security 1 year, 5 months ago

How Phished Data Turns into Apple & Google Wallets

Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.

Russia, China, Iran and North Korea Tapping Cybercrime Services, Google SaysThe cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as "an accelerant for state-sponsored hacking," collectively posing an increasing risk to Western national security, cybersecurity researchers warn.

Bank Info Security 1 year, 8 months ago

Breach Roundup: CISA Proposes Security for Bulk Data Sales

Also: Payment Card Theft Trends, Internet Archive UpdateThis week, bulk data transfers to China, credit card theft, the Internet Archive still recovering and the Change Healthcare tally is now 100M. Ukraine fought phishers, civil society against the UN cybercrime treaty, TA866 and virtual hard drives spread malware. Google verified Sir Isaac Newton.

Loading more headlines...