Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view

Vital Service Providers Need a Plan to Work Through Internet Outages, CISA SaysCritical U.S. infrastructure like water, power and even banking systems will be successfully hacked by enemy cyber warriors in the event of a military confrontation with a peer adversary like Russia or China, officials from the nation's civilian cyber defense agency said.

Bank Info Security 6 months ago

Trump Renominates Sean Plankey to Lead CISA

Former NSC Cyber Adviser Renominated to Lead CISA Amid Ongoing Senate GridlockThe White House has renominated Sean Plankey to head CISA, reviving a stalled bid hindered by Senate holds and demands to release a report on telecom sector threats linked to China, as the agency continues to operate without a permanent director amid rising cyber risks.

Bank Info Security 6 months, 1 week ago

Cyber Retaliation Risks Rise After US-Venezuela Operation

CISA Warns of Retaliatory Cyber Action From Hostile State Actors After VenezuelaFederal cybersecurity officials are warning of a likely uptick in retaliatory cyber activity from China and Russia-linked threat actors after the U.S. military raid in Venezuela, urging infrastructure operators to brace for disruptive probing and attacks.

Bank Info Security 7 months, 1 week ago

Brickstorm Malware Hits US Critical Systems, CISA Warns

Chinese-Linked Malware Campaign Targets Critical Environments With Weak MonitoringU.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure, exploiting VMware environments to exfiltrate credentials and evade detection through encrypted covert channels.

CISA Says Agencies Believed They Patched Cisco Flaws But Had NotThe U.S. cyber defense agency issued new patch guidance after discovering multiple federal agencies failed to properly secure Cisco firewalls, leaving federal networks exposed to exploitation by a suspected Chinese threat actor despite a prior emergency directive.

Bank Info Security 11 months, 1 week ago

Five-Year-Old D-Link Bugs Under Active Exploitation

CISA Lists Flaws as Actively ExploitedHackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Bank Info Security 11 months, 1 week ago

Five-Year-Old D-Link Bugs See Active Exploitation

CISA Lists Flaws as Actively ExploitedHackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Bank Info Security 1 year, 1 month ago

Salt Typhoon Believed to Be Behind Commvault Data Breach

CISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup PlatformA suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings.

Bank Info Security 1 year, 2 months ago

CISA's Acting Director Defends Cuts Amid Growing Turmoil

Top Cyber Official Says CISA Wants to Eliminate Duplication and Increase EfficiencyThe acting director of the Cybersecurity and Infrastructure Security Agency told a House appropriations subcommittee Thursday the nation's cyber defense agency was continuing to improve its ability to respond to growing threats from China despite budget cuts and looming workforce reductions.

Homeland Security Secretary Accuses Cyber Agency of Failing to Stop China HacksU.S. President Donald Trump will "shortly" reveal a "grand cyber plan," Homeland Security Secretary Kristi Noem told lawmakers Tuesday, even as the administration seeks to cut the Cybersecurity and Infrastructure Security Agency budget by $500 million. "CISA’s mission is to hunt and harden," Noem said.

Bank Info Security 1 year, 3 months ago

Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All

CISA Publishes Anatomy of Advanced Ivanti VPN MalwareHackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware "contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler."

House Homeland Security Committee Mulls Response to Volt Typhoon, Future of CISAThe United States needs to respond more aggressively to nation-state hacking, members of Congress heard Wednesday against a backdrop of changes, actual and planned, at the primary federal civilian cyber defense agency. "We need to call them out for this," said Rep. Michael McCaul, R-Texas.

US Cyber Defense Agency Was Not Initially Aware Hackers Were Part of Salt TyphoonThe U.S. federal government's first hint that Chinese hackers penetrated American telecommunications infrastructure came from telemetry on government networks, said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.

Bank Info Security 1 year, 6 months ago

CISA Investigates Chinese Hacking of Treasury Department

US Cyber Defense Agency Confirms Role in Federal Probe Following 'Major Incident'The Cybersecurity and Infrastructure Security Agency is working closely with the Treasury Department in an ongoing investigation to determine the full scale and scope of a Chinese-linked hack targeting key offices tasked with sanctions enforcement, the agency confirmed Monday.

Bank Info Security 1 year, 6 months ago

US CISA Issues Final Cyber Rules for Restricted Bulk Data

Cyber Defense Agency Aims to Bolster Protections Against Chinese IntrusionThe Cybersecurity and Infrastructure Security Agency is issuing final rules to safeguard U.S. sensitive data from potential Chinese intrusions, requiring Americans involved in restricted transactions with Chinese entities to adopt stringent cybersecurity measures.

Bank Info Security 1 year, 6 months ago

US CISA Endorses Encrypted Apps Amid Chinese Telecom Hack

CISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom HackThe Cybersecurity and Infrastructure Security Agency's latest guidance calls on top U.S. political and government officials to adopt stricter mobile security measures in response to the Salt Typhoon hacking campaign, a Chinese espionage effort that has infiltrated major telecom systems.

Bank Info Security 1 year, 8 months ago

Breach Roundup: CISA Proposes Security for Bulk Data Sales

Also: Payment Card Theft Trends, Internet Archive UpdateThis week, bulk data transfers to China, credit card theft, the Internet Archive still recovering and the Change Healthcare tally is now 100M. Ukraine fought phishers, civil society against the UN cybercrime treaty, TA866 and virtual hard drives spread malware. Google verified Sir Isaac Newton.

Bank Info Security 2 years, 5 months ago

Chinese Hackers Preparing 'Destructive Attacks,' CISA Warns

Officials Say Hackers Are Evading Detection on Critical Infrastructure NetworksThe U.S. Cybersecurity and Infrastructure Security Agency urged critical infrastructure owners to patch systems after publishing a warning that Chinese hackers are evading detection and maintaining persistent unauthorized access in U.S. information technology environments.

Bank Info Security 2 years, 5 months ago

Feds Face a Midnight Deadline for Resetting Ivanti Gateways

CISA Says Agencies Must Disconnect and Reset Ivanti VPN Devices by Midnight FridayU.S. federal agencies have until midnight Friday to disconnect Ivanti VPN devices and perform a factory reset before reconnecting them to the network. Fifteen agencies use the gateways, which were hit by likely Chinese hackers in an espionage campaign and are riddled with zero-day vulnerabilities.

Loading more headlines...