Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

62 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 62 Filtered view

Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium’s zLabs researchers have published a detailed analysis of Rokarolla, a new Android banking trojan named after its command-and-control infrastructure. It spreads through malicious websites masquerading as TikTok and Chrome, one confirmed distribution point being […]

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem

Flare warns devs are unwittingly publishing production-level secrets Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from over 100 companies, including a Fortune 500 firm and a major bank.…

Bank Info Security 7 months, 3 weeks ago

Data Leaks: Why Are We So Stupid About Free Online Services?

JSON Code 'Beautifiers' Expose Sensitive Data From Banks, Government AgenciesAt what price beauty? Apparently, some developers will paste anything into "JSON beautify" sites, from researchers report recovering authentication keys, database credentials, personally identifiable information for banking customers and much more.

Bank Info Security 10 months, 2 weeks ago

Hackers Grab $130M Using Brazil's Real-Time Payment System

HSBC and Another Firm Hit After Service Provider Breached; Some Funds RecoveredAttackers on Friday used valid credentials for financial technology provider Sinqia to steal $130 million from two financial services firms in Brazil, using the country's real-time payment system Pix. The Brazilian Central Bank moved quickly to freeze the funds and has recovered some of the money.

Bank Info Security 11 months, 2 weeks ago

Coyote Trojan Turns Accessibility Into Attack Surface

Brazil-Targeting Malware Exploits Windows UIA to Evade DetectionA banking Trojan long confined to Brazil has become the first known malware to exploit Microsoft's UI Automation framework to extract credentials, signaling a new tactic that may evade conventional detection. Akamai's findings point to a growing trend of attackers using legitimate system features.

A new variant of the banking trojan 'Coyote' has begun abusing a Windows accessibility feature, Microsoft's UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft. [...]

Loading more headlines...