Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

158 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 158 Filtered view

Acting director Nick Andersen said a binding operational directive is en route for agencies, and that more specific discussions need to happen with critical infrastructure owners. The post CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector appeared first on CyberScoop.

Bank Info Security 1 month, 1 week ago

AI Exploit Risks Pushing Healthcare Security Shift

MultiCare Health CISO Jason Elrod on Need for Faster Cyber ResilienceEmerging AI tools can identify and exploit software vulnerabilities within minutes, forcing healthcare organizations to rethink cyber strategies. Jason Elrod, CISO of MultiCare Health System, explains why exploitability management, microsegmentation and AI-driven resilience matter more than ever.

Bank Info Security 1 month, 3 weeks ago

Water, the Soft Underbelly of Critical Infrastructure

Fragmented Governance and Scarce Resources Make America's Water Sector VulnerableAmerica's water utilities are the nation's most cyber-vulnerable critical service sector, but their cybersecurity is overseen and supported by an ill-fitting patchwork of government agencies and most lack the resources to meet the threat they face.

Déjà Vu: Is Mythos in Hands of Bad Actors Akin to Cobalt Strike, Brute Ratel Abuse?Anthropic's Claude Mythos and similarly powerful artificial intelligence tools pose elevated cyber risk to the healthcare sector, warns a new report. Addressing the onslaught of newly discovered bugs will require healthcare organizations to evolve their vulnerability mindsets.

A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel

A China-aligned threat group is exploiting unpatched Microsoft Exchange vulnerabilities to conduct cyberespionage against government and critical infrastructure targets across Asia and beyond.

Bank Info Security 2 months, 2 weeks ago

Researchers Find 38 Flaws in OpenEMR. They've Been Fixed

AI Tool Used to Discover Bugs, Which Included 2 Maximum Severity VulnerabilitiesResearchers at security firm AISLE said they recently identified 38 vulnerabilities, including two maximum-severity zero-day flaws in OpenEMR, an open-source electronic medical record software platform used by about 100,000 healthcare providers globally. OpenEMR has patched the problems.

UPGRADE and DigiSeals Programs at ARPA-H Remain Fully FundedA U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration. Program boosters hope to automate cyber defenses so that hospitals of any size can more quickly patch vulnerabilities.

Bank Info Security 3 months, 3 weeks ago

AI and Medical Device Cybersecurity: The Good and Bad

Is AI Exposing a Growing Vulnerability Risk Mitigation Gap?AI-fueled tools can help to identify medical device vulnerabilities much faster and at a higher volume than more traditional tools. But can device manufacturers and healthcare delivery organizations keep up with prioritizing and addressing a tidal wave of newly discovered flaws?

Bank Info Security 3 months, 4 weeks ago

FDA Issues Recall for Some GE Imaging Products Due to Cyber

Vulnerability Affects Certain Centricity Medical Imaging ProductsThe U.S. Food and Drug Administration has issued a recall notice for certain GE Healthcare Centricity medical imaging products due to a "potential" cybersecurity vulnerability that could allow a hacker to manipulate data or impact availability of the affected products.

Bank Info Security 3 months, 4 weeks ago

Interlock Ransomware Exploited Cisco Firewall Flaw for Weeks

AWS Researchers Find an Interlock Server Laden With ToolsRansomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe.

Bank Info Security 4 months, 3 weeks ago

Hospitals at Risk of BeyondTrust Ransomware Hacks

Critical Vulnerability Could Give Attackers Foothold in Clinical NetworksFederal authorities and industry officials are urging healthcare sector entities to address a critical flaw in BeyondTrust Remote Support and Privileged Remote Access software, which if exploited, could give an attacker a foothold inside a hospital or clinic network.

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.…

Loading more headlines...