Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET

Bank Info Security 2 years, 2 months ago

Russian Hackers Exploiting Windows Print Spooler Vuln

Microsoft Warns APT28's GooseEgg Tool Enables Credential TheftRussian military intelligence hackers are using an 18 month-old vulnerability in the Windows print spooler utility to deploy a custom tool that elevates privileges and steals credentials. Microsoft says it's seen post-compromise activities against Ukrainian, European and North American governments.

Putin's pals use 'GooseEgg' malware to launch attacks you can defeat with patches or deletion Russian spies are exploiting a years-old Windows print spooler vulnerability and using a custom tool called GooseEgg to elevate privileges and steal credentials across compromised networks, according to Microsoft Threat Intelligence.…

Bank Info Security 2 years, 4 months ago

Moscow Military Hackers Used Microsoft Outlook Vulnerability

APT28 Used Hacked Ubiquiti Routers for Hashed Password Relay AttacksA campaign by Russian military intelligence to convert Ubiquiti routers into a platform for a global cyberespionage operation began as early as 2022, U.S. and foreign intelligence agencies said. The U.S. disrupted a botnet built by a hacking unit of Russian military's Main Intelligence Directorate.

Bank Info Security 2 years, 7 months ago

Russian GRU Hackers Exploit Critical Patched Vulnerabilities

TA422 Is Targeting Organizations in Europe and North America, Proofpoint SaysA Russian military hacking intelligence group is winning the race to exploit known vulnerabilities before system administrators can apply patches, warns Proofpoint. The firm has seen a spike in activity from TA422, also known as APT28, Fancy Bear and Forest Blizzard.