Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

18 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 18 most recent headlines Filtered view

Patching Workflows Built for Weekly Cycles Can't Survive an Era of Hourly ExploitsAI is shrinking the window between vulnerability disclosure and active exploitation from weeks to hours. But remediation workflows haven't kept pace. Security teams need real-time intelligence, unified IT and security operations, and automated remediation to close the gap before attackers do.

Bank Info Security 2 months, 1 week ago

Security Lost The Speed War: Context Is How We Win

AI-Driven Attacks Compress Breakout Times, Forcing Defenders to Rely on Context NowAI has lowered the cost and speed of cyberattacks, enabling adversaries to exploit vulnerabilities within minutes. As breakout times collapse, security teams must respond faster by using context-driven intelligence and automation to detect, prioritize and stop threats in real time.

Bank Info Security 2 months, 1 week ago

NY Fines Delta Dental $2.25M Over 2023 MOVEit Hack

Investigators Find Violations of State Cyber RegulationsNew York fined Delta Dental $2.25 million for the company's response to the mass exploit of a zero-day vulnerability in Progress Software' MOVEit file transfer application. Delta Dental is one of thousands of organizations caught up in the blast radius of an automated 2023 Memorial Day hack.

Equifax CTO Jamil Farshchi on Cybersecurity's Response to Flood of VulnerabilitiesCybersecurity organizations must adapt to machine-speed threats in the age of Anthropic's Claude Mythos, a new AI model that can uncover vulnerabilities and lead to a flood of repaid exploits. Equifax CTO Jamil Farshchi says security programs must be built for scale, automation and quick response.

Bank Info Security 5 months, 3 weeks ago

Securing Banking Enterprises as Non-Human Identities Grow

CISOs Grapple With AI Blind Spots, Excessive Permissions and Governance IssuesMachine identities continue to multiply as organizations push automation, cloud services and AI-driven initiatives deeper into core operations. This rapid growth creates new vulnerabilities, especially when non-human identities lack governance or are completely invisible to security teams.

Cisco Fixes ISE Bug; HPE OneView Under Fire; Exploit Code Drops for n8n FlawThe new year is off to a fresh start on the vulnerability and exploit alert front: Cisco has patched a critical Identity Services Engine; cybersecurity officials warn that an HPE OneView vulnerability is being actively exploited; and proof-of-concept exploits drop for n8n automation software.

Bank Info Security 7 months, 1 week ago

Checkmarx Purchases Tromzo to Boost AI Security Automation

Tromzo Acquisition Adds AI Team and Technology for Automated Security RemediationCheckmarx acquired AI security startup Tromzo to jumpstart its roadmap for agentic application security. The deal gives Checkmarx a ready-built platform and team focused on enterprise-grade triage and remediation agents designed to streamline vulnerability management.

Joint Platform to Offer Human-Led, Automated Application Security in One PlaceBugcrowd acquired Mayhem Security to integrate automated application testing with human-led testing capabilities. The company plans to embed Pittsburgh-based Mayhem's reinforcement learning tech and AI models into its broader platform to speed up vulnerability detection.

Bank Info Security 9 months, 3 weeks ago

Career Spotlight: White Hat Hackers in an Automated World

Pentesting Tools Uncover Vulnerabilities but White Hat Skills Are Still in DemandAutomated pentesting tools offer faster visibility and robust integration with daily security operations, but automation doesn't eliminate the need for humans in the loop. Automation raises the baseline for vulnerability management and changes what white hat hackers need to know to stay relevant.

Bank Info Security 1 year ago

Vibe Hacking Not Yet Possible

AI Models Mostly Fail in Full Track of Vulnerability Research to ExploitThe rise of code-illiterate but AI-enabled script kiddies able to wreak havoc by weaponizing software vulnerabilities into automated exploits, thanks to expert-level assistance from large language models, remains but a future possibility, based on exploit-writing tests of 50 LLMs.

Researchers Uncover Critical Flaws Enable Remote Device TakeoverA ubiquitous industrial power monitoring device contains three critical vulnerabilities in its firmware that could allow attackers to disrupt operations by remotely crashing them or executing unwanted code. The device is the Rockwell Automation PowerMonitor 1000 Remote.

Funding Will Fuel R&D Push Into Automated Remediation and Risk Prioritization ToolsWith code increasingly generated by AI and attackers using AI for exploits, OX Security raised $60 million to scale R&D and help developers prioritize critical vulnerabilities. The company aims to close detection gaps and reduce time-to-remediation in application security.

Researchers Uncover Three Vulnerabilities, Urge Firmware UpdateAttackers could chain critical vulnerabilities in industrial network switches to gain remote control to compromise automation systems, IoT devices and surveillance networks. Claroty's Team82 uncovered three flaws in WGS-804HPT switches manufactured by Planet Technology.

Bank Info Security 1 year, 8 months ago

Schneider Electric Warns of Critical Modicon Flaws

Multiple Critical Vulnerabilities Expose Industrial Control RisksFrench multinational Schneider Electric disclosed critical vulnerabilities in its Modicon M340, Momentum and MC80 programmable automation controllers. The vulnerabilities could allow unauthorized access, data manipulation and system interruptions.

Bank Info Security 1 year, 9 months ago

Rockwell Automation PLC Software Contains RCE Flaw

Attackers Could Shut Down Operations Or Cause Physical DamageA severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.

Bank Info Security 1 year, 10 months ago

Absolute Purchases Syxsense to Tackle Cyber Vulnerabilities

Acquisition Brings Vulnerability Management to Absolute's Cyber Resilience PlatformAbsolute Security has strengthened its platform with the acquisition of Syxsense, adding powerful automated vulnerability management tools to its existing endpoint security capabilities. The move aims to improve security compliance and simplify complex remediation tasks for organizations.

Bank Info Security 2 years, 1 month ago

HHS Funds $50M to Spot, Patch Hospital Vulnerabilities

Research Agency Soliciting 'Upgrade' Project Ideas to Help Boost Healthcare CyberThe highly targeted U.S. hospital sector could get a boost in avoiding cyberattacks with a $50 million investment by a federal research agency aimed at enhancing automation, vulnerability detection and remediation across a variety of devices in healthcare environments.

Bank Info Security 2 years, 2 months ago

Solving the Fractured Data Problem in Exposure Management

Sevco Security's J.J. Guy on Aggregating and Prioritizing VulnerabilitiesEnterprises grapple with a deluge of vulnerabilities, misconfigurations and IT hygiene gaps. An automated exposure management program helps prioritize and remediate risks, fostering collaboration between security and IT teams, says J.J. Guy, CEO, Sevco Security.