Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view

FAST16 could be the first cyberweapon, and its effects could be with us today Black Hat Asia Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges.…

Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia Israeli researchers found a series of flaws in Microsoft's Windows Admin Center (WAC) and suggest this shows hybrid cloud management tools are a two-way attack surface that users don't spend enough time worrying about.…

Hello loophole could let a rogue admin, or a pwned one, inject new facial scans Black Hat Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.…

What happens at Black Hat… While trying to escape the Las Vegas heat during Black Hat last month, watchTowr Labs researchers decided to poke around for weaknesses in the WHOIS protocol. They claim to have found a way to undermine certificate authorities, which the world trusts to keep the internet safe by verifying the identity of websites.…

Two rounds of reports and patches may not have completely closed this hole BLACK HAT ASIA Researchers at US/Israeli infosec outfit SafeBreach last Friday discussed flaws in Microsoft and Kaspersky security products that can potentially allow the remote deletion of files. And, they asserted, the hole could remain exploitable – even after both vendors claim to have patched the problem.…

The threat is coming from inside the supply chain Black Hat Asia Threat groups have infected millions of Androids worldwide with malicious firmware before the devices have even been shipped from their manufacturers, according to Trend Micro researchers at Black Hat Asia.…

What could go wrong with leaving firmware open after world's biggest hacker convention talk? Multiple high-severity firmware bugs in HP enterprise computers remain unpatched, some more than a year after Binarly security researchers disclosed the vulnerabilities to HP and then discussed them at the Black Hat security conference last month.…

‘Cooperative mutation’ spots problems that checking scripts alone will miss Black Hat Asia Security researchers have devised a tool that detects flaws in the way apps like Microsoft Word and Adobe Acrobat process JavaScript, and it's proven so effective they've found 134 bugs – 59 of them considered worthy of a fix by vendors, 33 assigned a CVE number, and 17 producing bug bounty payments totaling $22,000.…

Around the time Beijing banned online gambling, RATs started targeting operators say Taiwanese researchers Black Hat Asia To predict the targets of new Chinese malware, keep an eye on new Chinese government policies, a threat intelligence analyst suggested at the Black Hat Asia conference on Thursday.…

'Mischief abroad' is the Middle Kingdom's goal – without the possibility of using Chinese sites to fight back Black Hat Asia The time has come to remove Chinese voices from global social media, according to Samir Saran, president of Delhi-based think tank Observer Research Foundation (ORF), a commissioner of The Global Commission on the Stability of Cyberspace, and a member of Microsoft's Digital Peace Now Initiative.…