Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 6 most recent headlines Filtered view
Bank Info Security 10 months, 1 week ago

ISMG Editors: The Pentagon, Microsoft and Chinese Workers

Also: Software Supply Chain Risks, Cato's AI Security BuyIn this week's update, four ISMG editors discussed the Pentagon's review of Microsoft's use of Chinese nationals on U.S. military cloud systems, renewed concerns over software supply chain risks and Cato Networks' first-ever acquisition to boost AI security.

PLUS: South Korea signs for massive supercomputer; HCL gets into chipmaking; US tariffs slow APAC tech buying; and more Asia In Brief Chinese company Guoxing Aerospace last launched a dozen satellites, each packing a 744 TOPS of computing power, in the first step towards creating an orbiting constellation of 2,800 such satellites.…

Bank Info Security 1 year, 4 months ago

China's Silk Typhoon Tied to Cloud Service Provider Hacks

Microsoft Sees Cyberespionage Group Lifting API Keys and Credentials for CustomersA prolific cyberespionage group tied to Beijing appears to have increased its targeting of widely used IT tools and service providers. Microsoft said the group's tactics now include stealing API keys and credentials from providers to gain access to providers' downstream customers' infrastructure.

They're good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft Threat Intelligence.…

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents.  "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based

Calls on governments to combat 'playbook' that propelled Huawei to prominence China has a playbook to use IP theft to seize leadership in cloud computing, and other nations should band together to stop that happening, according to Nathaniel C. Fick, the US ambassador-at-large for cyberspace and digital policy.…