Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 25 Filtered view
Bank Info Security 3 months, 3 weeks ago

Cryptohack Roundup: Hacker Mints $24M From Resolv

Also: SEC Drops BitClout Founder Case, BlockFills Files for Chapter 11This week, a hacker minted $24M from Resolv, SEC dropped its case against BitClout founder, BlockFills filed for Chapter 11, Bitrefill linked hack to Lazarus, OpenClaw phishing scam hit devs, global law enforcement crackdown on scams and Balancer Labs to wind down after $128M exploit.

Bank Info Security 7 months, 2 weeks ago

Cryptohack Roundup: Authorities Shutter Cryptomixer

Also: Anthropic Warns of Autonomous AI Exploits on BlockchainThis week, authorities shutter Cryptomixer, Anthropic warns about autonomous AI exploits, U.K. plans ban on crypto political donations, Do Kwon seeks leniency, Lazarus Group suspected in Upbit theft, Balancer's post-exploit plans and Yearn recovers some hacked amount.

Also: CoinMarketCap Attack, BitPro Blames Lazarus for $11M HackThis week, a new malware targeted crypto wallets via photos, CoinMarketCap faced attack, BitoPro blamed Lazarus for heist, Trezor warned of phishing scam, France saw another crypto kidnapping, cops re-arrested teen after second theft, Hacken blamed human error for exploit and Self Chain ousted CEO.

Also: Criminal Charges in France Against Suspected Crypto Millionaire KidnappersThis week, U.S. SEC dropped its civil case against Binance, Zhao; France charged 25 in crypto kidnap plot; Hackers stole $3 million in Force Bridge exploit. A Singapore court rejected Wazirx restructuring plan, and BitMEX thwarted a Lazarus Group hacking attempt.

Bank Info Security 1 year, 9 months ago

Cryptohack Roundup: Delta Prime, Ethena Exploits

Also: US SEC Settles With Prager Metis, Rari CapitalThis week, Delta Prime and Ethena were hacked, Lazarus' funds were frozen, the SEC settled with Prager Metis and Rari Capital, Sam Bankman-Fried sought a new trial, the SEC accused NanoBit and CoinW6 of scams, the CTFC sought to fight pig butchering, and Wormhole integrated World ID and Solana.

Bank Info Security 2 years, 1 month ago

RedTail Cryptomining Malware Exploits PAN-OS Vulnerability

Threat Actors Mirror the Tactics of North Korea's Lazarus GroupCryptomining malware that might be North Korean in origin is targeting edge devices, including a zero-day in Palo Alto Networks' custom operating system that the company hurriedly patched in April. It appears threat actors operate their own mining pools or pool proxies rather than using public ones.

Bank Info Security 2 years, 4 months ago

Lazarus Group Exploits Windows AppLocker Driver Zero-Day

Microsoft Fixed Bug in February That Gave Kernel-Level Access to North Korean APTNorth Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.

Bank Info Security 2 years, 7 months ago

Lazarus Exploits Log4Shell to Deploy Telegram-Based Malware

North Korean Hackers Deploy Novel Malware FamiliesNorth Korean hacking group Lazarus Group is exploiting Log4Shell to target manufacturing, agriculture and physical security sectors, resulting in the deployment of a tailored implant on compromised systems. The attack campaign targeted publicly accessible VMware Horizon servers.

The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts

Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]

The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT

The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...]

Loading more headlines...