Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view

Stolen credentials edge out email tricks for cloud break-ins because they're so easy to get Criminals used stolen credentials more frequently than email phishing to gain access into their victims' IT systems last year, marking the first time that compromised login details claimed the number two spot in Mandiant's list of most common initial infection vectors.…

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims' digital wallets

INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam.  The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor poses as a trusted figure and uses email to

Bank Info Security 2 years, 1 month ago

HHS Warns Health Sector of Business Email Compromise Scams

Agency Spells Out Measures to Avoid Falling Victim to Costly SchemesHealthcare organizations should take steps to avoid falling victim to evolving threats involving costly business email compromise scams and related phishing schemes fueled by social engineering, warned the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center.

Bank Info Security 2 years, 4 months ago

Ransomware Attacks on Critical Infrastructure Are Surging

FBI Says It Received Most Attack Reports From Healthcare, Critical ManufacturingCybercrime reports submitted by victims to the FBI's Internet Crime Complaint Center surged last year, and the total reported losses exceeded $12.5 billion. Investment fraud and business email compromise losses dominated, and ransomware attacks spared almost no critical infrastructure sector.

Internet plod highlight tactics used by cruel Karakurt crime gang Karakurt, a particularly nasty extortion gang that uses "extensive harassment" to pressure victims into handing over millions of dollars in ransom payments after compromising their IT infrastructure, pose a "significant challenge" for network defenders, we're told.…

Krebs on Security 3 years, 4 months ago

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.

Loading more headlines...