Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

79 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 79 Filtered view

runZero found 7 flaws in FatFs, a filesystem used in IoT and embedded devices. Bugs can cause memory corruption, crashes, or data leaks via crafted storage. Cybersecurity firm runZero has disclosed seven vulnerabilities in FatFs, a compact open-source library that lets embedded devices read and write FAT and exFAT formatted storage, the same formats used […]

Bank Info Security 6 months, 2 weeks ago

RondoDox Botnet Exploiting Devices With React2Shell Flaw

The Campaign Compromises Open-Source Vulnerability to Hack IoT Devices at ScaleSecurity firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed, open-source React framework across a variety of devices since December. The security firm attributed the campaign to RondoDox.

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure

Insights on the Expanding Threat Landscape from AWS and DeloitteAs geopolitical tensions rise, companies face an expanding threat landscape - particularly through IoT and OT vulnerabilities that leave cloud infrastructures at risk, said PJ Hamlen at Amazon Web Services, and Julie Bernard at Deloitte & Touche LLP.

Phosphorus Cybersecurity's Phillip Wylie on Asset Inventory, Password HygieneOrganizations inadvertently create cybersecurity gaps by trusting connected devices. Threat actors are shifting tactics to exploit IoT vulnerabilities when traditional attack vectors strengthen, said Phillip Wylie, xIoT security evangelist at Phosphorous Cybersecurity.

Bank Info Security 1 year, 2 months ago

A Containment Strategy Can Protect Interconnected Systems

ColorTokens' Rajesh Khazanchi on Securing Convergent IT, OT and IoT SystemsThe rise of insider attacks, OT-IT convergence and vulnerabilities in IoT devices are threats to previously isolated manufacturing systems. Rajesh Khazanchi, CEO at ColorTokens, says an enterprise microsegmentation platform and a containment strategy can protect interconnected IT, OT and IoT systems.

Researchers Uncover Three Vulnerabilities, Urge Firmware UpdateAttackers could chain critical vulnerabilities in industrial network switches to gain remote control to compromise automation systems, IoT devices and surveillance networks. Claroty's Team82 uncovered three flaws in WGS-804HPT switches manufactured by Planet Technology.

Bank Info Security 1 year, 7 months ago

FBI Warns of HiatusRAT Targeting Vulnerable IoT Devices

Malware Targets Vulnerable Web Cameras and DVRs WorldwideHackers are deploying brute force attacks and using unpatched vulnerabilities to target Chinese-manufactured web cameras and DVRs, the FBI is warning. Targets include a range of organizations in Taiwan and at least one U.S. government server.

Loading more headlines...