Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

21 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 21 Filtered view
Bank Info Security 4 months, 3 weeks ago

Suspected Chinese Cyberespionage Operation Hits 53 Telecoms

Google Unmasks, Disrupts Group Using Sheets for Command-and-Control PurposesLikely Chinese nation-state hackers used online spreadsheets as infrastructure for hacking campaigns that affected at least 53 telecom operators across 42 countries, Google disclosed Wednesday. Incident responders discovered a backdoor being remotely controlled through Google Sheets.

State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed time Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident almost immediately.…

Also, North Korean Hackers Remotely Wipe Android DevicesThis week, the U.K. government probed Chinese electric buses for a kill switch, APT37 abused Google's Find Hub in South Korea, Conduent said its January hack will cost it more, Hyundai disclosed a breach and Patch Tuesday. OWASP added two new categories to its Top 10 web application vulnerabilities.

Also, Researchers Exploit Tesla Wall Connector Via Charging CableThis week: Chinese Salt Typhoon hackers hit Viasat, researchers hacked a Tesla charger, Sitecore CMS flaws, Krispy Kreme disclosed hacking damage, Archetyp Market taken down. Episource disclosed a ransomware hack and Spain ruled out cyberattack for the April Iberian blackout.

Hackers Targeted a PAN-OS Flaw Days After Its DisclosureA suspected Chinese hacking campaign that began in November is exploiting a vulnerability in Palo Alto firewalls to install a custom malware backdoor for espionage. UNC5325 activity aligns with the Chinese hacking strategy of targeting edge devices.

Bank Info Security 1 year, 7 months ago

No Timeline for Evicting Chinese Hackers from US Networks

Beijing Threat Actor Shifts Tactics in Response to Public DisclosureChinese hackers who penetrated U.S. telecoms likely haven't been fully evicted partially due to shifting tactics made in response to public disclosures, federal officials said Tuesday. Industry and government investigators have revealed in dribs and drabs a campaign of Beijing telecom hacking.

Bank Info Security 1 year, 8 months ago

Sophos Discloses Half Decade of Sustained Chinese Attack

Volt Typhoon, APT31, APT41 Targeted Sophos Edge DevicesFirewall maker Sophos disclosed Thursday a half-decade worth of efforts by multiple nation-state Chinese hacking groups to infiltrate its appliances, calling the admission a wake-up call for the cybersecurity industry. Targeting firewall appliances is a known nation state tactic as hackers

Bank Info Security 2 years, 3 months ago

UK Discloses Chinese Espionage Activities

Deputy Prime Minister Says Violet Typhoon Is Behind Attacks on UK PoliticiansChinese state hackers targeted multiple British politicians, the U.K. government said Monday in a coordinated disclosure of Chinese state hacking activities designed to ramp up international pressure on Beijing. The British government summoned the Chinese ambassador to the Foreign Office.

Bank Info Security 2 years, 5 months ago

Chinese Hackers Penetrated Unclassified Dutch Network

Beijing Used FortiGate Vulnerability to Install TrojanChinese espionage hackers penetrated Dutch military systems in early 2023, using a zero-day exploit in a Fortinet virtual private network to obtain access, Netherlands intelligence agencies disclosed Tuesday. They attributed the hacking to Chinese state actors with high confidence.

The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored threat actor called Volt Typhoon and blunt the impact posed by the hacking campaign

Bank Info Security 2 years, 5 months ago

Ivanti Discloses Additional Zero-Day That Is Being Exploited

Company Starts Patch Rollout for Flaws Exploited by Likely Chinese Intelligence OpCorporate VPN maker Ivanti on Wednesday began a belated patch rollout for zero-day flaws that many cybersecurity firms say paved the way for an espionage hacking operation likely conducted by China. Ivanti also disclosed two more zero-days and told customers that hackers are exploiting one of them.

Bank Info Security 2 years, 6 months ago

Chinese Nation-State Hacker Is Exploiting Cisco Routers

'Volt Typhoon' Could Be Preparing for Renewed Burst of ActivityA Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia. Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019.

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign

The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups

Researchers have disclosed a new offensive framework called Manjusaka that they call a "Chinese sibling of Sliver and Cobalt Strike." "A fully functional version of the command-and-control (C2), written in GoLang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing the likelihood of wider adoption of this

Loading more headlines...