Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

277 headlines in this view

Refine the feed

Search across headline titles and summaries.

Showing 20 most recent headlines of 277 Filtered view

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region

Also, phishing's easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK governments about a massive, ongoing Russian campaign exploiting known vulnerabilities should do the trick.…

Cyberspies abusing a backdoor? Groundbreaking Lawmakers are demanding answers about earlier news reports that China's Salt Typhoon cyberspies breached US telecommunications companies Verizon, AT&T, and Lumen Technologies, and hacked their wiretapping systems. They also urge federal regulators to hold these companies accountable for their infosec practices - or lack thereof.…

Also: AI Safety Bill Vetoed, Global Ransomware Response Guide Gets Some RevisionsIn the latest weekly update, ISMG editors discussed the implications of the U.S. investigation into Chinese hackers targeting telecom wiretap systems, the catastrophic risks of AI and the recent veto of an AI safety bill in the U.S., and the latest global ransomware response guidance.

Bank Info Security 1 year, 9 months ago

Rhysida Leaks Nursing Home Data, Demands $1.5M From Axis

Ransomware Gang Could Have Axis Health's Mental Health, Drug Abuse RecordsRansomware gang Rhysida is threatening to dump data on the dark web that belongs to a Colorado provider of mental health, substance abuse and other healthcare services unless it pays nearly $1.5 million. The group is leaking records it claims to have stolen from a Mississippi nursing home.

Agency Says Cookies Could Help Attackers Find Network Assets, VulnerabilitiesUnencrypted cookies tied to a suite of secure gateway technology from F5 are gateways for hackers to reach internal devices on corporate networks, warns the Cybersecurity and Infrastructure Security Agency. BIG-IP uses persistent cookies as a traffic load-balancing convenience.

Bank Info Security 1 year, 9 months ago

Regulating AI Catastophic Risk Isn't Easy

AI, Security Experts Discuss Who Defines the Risks, Mitigation EffortsAn attempt by the California statehouse to tame the potential of artificial intelligence catastrophic risks hit a roadblock when Governor Gavin Newsom vetoed the measure late last month. One obstacle is lack of a widely-accepted definition for "catastrophic" AI risks.

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors

Bank Info Security 1 year, 9 months ago

DOD Unveils Final CMMC Rule for Defense Contractors

New Cybersecurity Maturity Model Certification Rule Paves Way for ImplementationThe Department of Defense is set to implement significant changes to the Cybersecurity Maturity Model Certification program, effective October 15, streamlining compliance for contractors by introducing a tiered system while enhancing security standards.

Loading more headlines...