Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

7 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 7 most recent headlines Filtered view

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Trend Micro Research, News and Perspectives 3 years, 6 months ago

Abusing a GitHub Codespaces Feature For Malware Delivery

Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.

Trend Micro Research, News and Perspectives 3 years, 11 months ago

Better Together: AWS and Trend Micro

This post relays the latest threat detection tool innovation of AWS - Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defense in our fight against a shared adversary.