Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

52 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 52 Filtered view

Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia Israeli researchers found a series of flaws in Microsoft's Windows Admin Center (WAC) and suggest this shows hybrid cloud management tools are a two-way attack surface that users don't spend enough time worrying about.…

Countries that banded together to challenge Boeing in the air try to do the same to AWS, Microsoft, and Google on the ground Feature More than half a century ago, a consortium of European aerospace businesses from the UK, France, Germany and Spain joined forces to take on America's Boeing. Fast forward to the 21st century and the countries are applying the same model needs to the world of cloud computing, giving the continent a fighting chance to reduce the digital domination of Big Tech.…

Sharing links take seconds to create, but can last for years Partner Content Seamless collaboration through cloud platforms like Microsoft 365 has radically reshaped the modern workplace. In the span of an hour, you could go from uploading budget proposals to a project channel to live editing a joint presentation with a business partner, all while making lunch plans over Teams. From remote work to video calls, it’s never been easier to connect people, ideas, and information.…

Don't let it happen to you Storm-0501, a financially motivated cybercrime crew, recently broke into a large enterprise's on-premises and cloud environments, ultimately exfiltrating and destroying data within the org's Azure environment. The criminals then contacted the victim via a Microsoft Teams account that they'd also compromised in the attack, demanding a ransom payment for the stolen files.…

From hardware security chips and trusted execution pipelines to open source Root of Trust modules Hot Chips Microsoft is one of the biggest names in cybersecurity, but it has a less-than-stellar track record in the department. Given its reputation, Redmond can't afford to mess around when it comes to securing its cloud customers' data and workloads.…

Regulators around the globe pay attention as results of 21-month cloud probe published Britain's competition regulator says Microsoft and AWS are using their dominance to harm UK cloud customers and proposes to designate both with strategic market status (SMS) to take action against them.…

They're good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft Threat Intelligence.…

Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim Microsoft has named four of the ten people it is suing for allegedly snatching Azure cloud credentials and developing tools to bypass safety guardrails in its generative AI services – ultimately to generate deepfake smut videos of celebrities and others.…

Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.…

Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure.…

No malware crew linked to this latest red-teaming tool yet Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims' IT environments after initial infiltration, utilizing capabilities such as executing Windows commands, stealing files, collecting cloud service account info, and downloading additional malware onto victims' systems.…

Loading more headlines...