Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 years, 6 months ago

Attackers' GitHub Abuse Poses Growing Risk, Researchers Warn

Cybersecurity Researchers Detail Defenses Against Attackers Abusing Cloud ServicesWhile cybercriminals and advanced persistent threat groups have long abused legitimate internet services both to scale and disguise various types of attacks, a new report warns of a growing challenge posed by the illegitimate use of GitHub and offers essential defenses for users.

Trend Micro Research, News and Perspectives 3 years, 6 months ago

Abusing a GitHub Codespaces Feature For Malware Delivery

Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.

We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for easy monetary gain.