Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

Also: Google Fixes YouTube Vulnerabilities That Could Have Exposed User EmailsThis week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws.

Security Researcher Says Flaw Came From 700 Exposed APIs Belonging to CoxAn independent security researcher discovered a critical flaw in the backend infrastructure of the largest broadband provider in the United States that, if exploited, could have left millions of business customer devices vulnerable to major cyberattacks.

Bank Info Security 2 years, 1 month ago

HHS Funds $50M to Spot, Patch Hospital Vulnerabilities

Research Agency Soliciting 'Upgrade' Project Ideas to Help Boost Healthcare CyberThe highly targeted U.S. hospital sector could get a boost in avoiding cyberattacks with a $50 million investment by a federal research agency aimed at enhancing automation, vulnerability detection and remediation across a variety of devices in healthcare environments.

Bank Info Security 2 years, 2 months ago

Verizon DBIR: Cyber Defenders Are Facing Exploit Fatigue

Experts Warn That Human Failures Have Led to Surge in Successful Zero-Day ExploitsVerizon executives warned that cyber defenders are struggling with fatigue amid a surge in cyberattacks targeting zero-day exploits and other vulnerabilities. It takes most enterprises nearly 55 days on average to mitigate 50% of critical vulnerabilities once patches become available, the DBIR says.

Microsoft has fixed a new Windows RPC CVE-2022-26809 vulnerability that is raising concerns among security researchers due to its potential for widespread, significant cyberattacks once an exploit is developed. Therefore, all organization needs to apply Windows security updates as soon as possible. [...]