Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

30 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 30 Filtered view

CISA Says Agencies Believed They Patched Cisco Flaws But Had NotThe U.S. cyber defense agency issued new patch guidance after discovering multiple federal agencies failed to properly secure Cisco firewalls, leaving federal networks exposed to exploitation by a suspected Chinese threat actor despite a prior emergency directive.

PLUS: China's Great Firewall springs a leak; FBI issues rare 'Flash Alert' of Salesforce attacks; $10m bounty for alleged Russian hacker; and more Infosec In Brief 15 ransomware gangs, including Scattered Spider and Lapsus$, have announced that they are going dark, and say no more attacks will be carried out in their name.…

Attempts to censor QUIC traffic create chance to block access to offshore DNS resolvers China’s attempts to censor traffic carried using Quick UDP Internet Connections (QUIC) are imperfect and have left the country at risk of attacks that degrade its censorship apparatus, or even cut access to offshore DNS resolvers.…

Also: US Prosecutors Charge Suspected North Korean IT Worker CollaboratorsThis week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of Ross Ulbricht.

Hackers Targeted a PAN-OS Flaw Days After Its DisclosureA suspected Chinese hacking campaign that began in November is exploiting a vulnerability in Palo Alto firewalls to install a custom malware backdoor for espionage. UNC5325 activity aligns with the Chinese hacking strategy of targeting edge devices.

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG FirewallThe U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect's arrest.

The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. [...]

Bank Info Security 1 year, 8 months ago

Sophos Discloses Half Decade of Sustained Chinese Attack

Volt Typhoon, APT31, APT41 Targeted Sophos Edge DevicesFirewall maker Sophos disclosed Thursday a half-decade worth of efforts by multiple nation-state Chinese hacking groups to infiltrate its appliances, calling the admission a wake-up call for the cybersecurity industry. Targeting firewall appliances is a known nation state tactic as hackers

Ground stations are the perfect place for the Great Firewall to block things China finds unpleasant The multiple constellations of broadband-beaming satellites planned by Chinese companies could conceivably run the nation's "Great Firewall" content censorship system, according to think tank The Australian Strategic Policy Institute. And if they do, using the services will be dangerous.…

Loading more headlines...