Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view

Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment

Bank Info Security 1 year, 7 months ago

Vulnerabilities in Azure Data Factory Open Door to Attacks

Azure Data Factory's Apache Airflow Integration Flaw Can Expose Cloud EnvironmentsSecurity researchers say now-resolved vulnerabilities in a Microsoft Azure integration with the Apache Airflow workflow management platform showcase growing sophistication of attackers. Palo Alto Unit 42 researchers said the flaws could allow hackers to deploy malware and steal data.

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances

Bank Info Security 2 years, 5 months ago

FritzFrog Botnet Exploits Log4Shell

Botnet Looks for Vulnerable Internal Network MachinesDelivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector. Log4Shell burst into public awareness in late 2021 when security researchers identified a flaw in the ubiquitous Apache Log4J 2 Java library.

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload

Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. [...]

Loading more headlines...