Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view

CRM Data Theft Tied to OAuth Tokens Stolen From Third-Party Market Intelligence AppSalesforce disabled connections to its customer relationship management environment from third-party app Klue Battlecards as a response to a "security incident." Attackers breached Klue's platform, generated OAuth tokens for Salesforce and stole data, now being held to ransom.

iRhythm: Patient Information and 'Proprietary' Data Breached, Held for RansomCardiac monitoring firm iRhythm Technologies has told the U.S. Securities and Exchange Commission that hackers recently stole proprietary data and patient health information from "certain" third-party-hosted business applications, and demanded a ransom. The company did not disclose whether it paid.

Bank Info Security 1 month, 2 weeks ago

Breach Roundup: US Troops Tracked With Cell Phone Data

Also, Kali365 Bypasses MFA, Silent Ransom Group Makes Office CallsThis week, active duty troops tracked, Kali365 bypassed MFA, Australian lawmakers phished on WhatsApp, Silent Ransom escalated IT scams, Lithuania and German hospitals disclosed breaches, pro-Russian infrastructure providers arrested, CISA warned of active LiteSpeed exploitation.

Bank Info Security 7 months, 1 week ago

Ransomware Victim Warning: The Streisand Effect May Apply

Analysis of Seized LockBit Data Suggests Victims Who Pay Enjoy More Media CoverageBad news for any organization that's ever paid a ransom in a bid to avoid their breach coming to light, or for a promise from attackers to delete stolen data, with a study of seized LockBit data finding that victims who paid a ransom were more likely to see the attack get detailed in the media.

Criminals Behind Salesloft Breach Continue to Target Salesforce-Using CustomersCustomer relationship management software giant Salesforce has directly notified customers that it won't be complying with ransom demands issued by the data-stealing crime group ShinyHunters, which continues to pressure Salesforce-using customers who fell victim to the Salesloft breach.

Bank Info Security 9 months, 1 week ago

Discord Vendor Hack Exposes ID Data in Ransom Bid

Proliferating Age Verification Systems a Hacker TargetA vendor breach linked to Discord exposed government ID uploads used in age verification, raising alarms among privacy experts who warn that third-party data collection systems are becoming high-value targets amid rising legislative mandates for online age checks.

Hacker Claims to Have Exploited Flaw in Oracle WebLogic Server, Sold Stolen DataSeychelles Commercial Bank is warning customers that a hacker stole their personal information - but no money - from their accounts after breaching its systems. The hacker involved claims to have stolen and sold two gigabytes of customer data from the bank, which paid no ransom.

Horizon Healthcare RCM Hints at Paying Ransom in Data Theft IncidentHorizon Healthcare RCM is the latest revenue cycle management software vendor to report a health data breach involving ransomware and data theft. The firm's breach notification statement suggests that the company paid a ransom to prevent the disclosure of its stolen information.

Michigan-Based Group Breached in Ransomware Attack for Second Time in Two YearsMcLaren Health has begun notifying more than 743,000 people affected by a ransomware attack last summer. The incident, carried out by cybercriminal gang Inc Ransom, is McLaren's second major health data breach from a ransomware attack in two years.

Bank Info Security 1 year, 1 month ago

Bribery-Led Coinbase Hack Affects 70,000 Crypto Customers

Hacker Demanded $20M Ransom to Delete Stolen Personal, Financial InformationA months-long data breach led to the theft of personal and financial information of nearly 70,000 Coinbase customers. Coinbase said the breach dates back to December and was aided by bribery schemes targeting the company's overseas customer support agents.

Bank Info Security 1 year, 4 months ago

Suspected Data Breach Extortion Hacker Busted in Thailand

Man Accused of Hacking 90 Organizations Globally Under a Variety of AliasesA suspected hacker tied to more than 90 global data breaches has been arrested in Thailand. The Royal Thai Police and the Singapore Police Force said the 39-year-old suspect used a variety of aliases, including Altdos, Desorden, Ghostr and 0mid16B, and attempted to pressure victims into paying a ransom.

Cybercrime History Teaches That Paying a Ransom for Data Deletion is FoolishData breach victim PowerSchool, maker of a widely used K-12 student information system platform, has been attempting to assure schools, and parents and guardians, by saying its attacker has promised to delete the stolen data. What's the old saying about those who fail to learn from history?

Also: Ransomware Hackers Demand BaguettesThis week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.

Attackers Demanding Up to $5 Million to Delete Stolen Data, Investigators ReportAttackers who stole terabytes of data from customers of Snowflake have been not only offering the data for sale on data leak marketplaces but also extorting some of the victims, demanding a ransom of $300,000 to $5 million each, security researchers report.

Bank Info Security 2 years, 1 month ago

Rx Benefits Firm Notifying 2.8 Million of Data Theft Hack

The Breach Notice Raises the Question of Whether Sav-Rx Paid a RansomA Nebraska firm that provides medication benefits management and pharmacy services is notifying more than 2.8 million individuals of an October 2023 hacking incident involving the potential theft of their personal information, including Social Security numbers. Did the company pay a ransom?

Bank Info Security 2 years, 2 months ago

Breach Roundup: REvil Hacker Gets Nearly 14-Year Sentence

Also: Another Ivanti Zero-Day? And FBI Calls for Strengthening DMARC PoliciesThis week, REvil hacker sentenced; ZDI saw possible Ivanti-zero-day; FBI said to strengthen DMARC policies; Okta saw surge in credential stuffing attacks; French hospital refused to pay ransom; JPMorgan, debt collection agency and healthcare company were breached; and ex-NSA employee was sentenced.

Bank Info Security 2 years, 5 months ago

Hackers Try to Extort $50 From Child, 2 Million More at Risk

Oklahoma Integris Health Facing Multiple Lawsuits in 2023 BreachAn Oklahoma-based healthcare system is notifying 2.4 million individuals that their sensitive information was potentially compromised in an exfiltration incident last year. Cybercriminals have been attempting to extort ransom payments directly from some of those affected patients - including kids.