Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

76 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 76 Filtered view
Bank Info Security 1 month, 2 weeks ago

23andMe Failed to Stop Months-Long Hack, State Alleges

Calif. Lawsuit: Genetics Testing Firm Missed Red Flags Before Massive 2023 BreachHackers in 2023 went undetected for five months in genetics testing firm 23andMe's IT systems, despite multiple unheeded warning signs, alleges California's attorney general in a lawsuit. Hackers in late April 2023 began accessing 23andMe's systems by using compromised credentials.

Bank Info Security 1 month, 2 weeks ago

Connecticut Medicaid Portal Hack Affects Thousands

Attackers Attempted to Reroute Hospital Medicaid ReimbursementsA hack on a Connecticut Medicaid web portal involving compromised credentials of a healthcare provider has affected the payment account and other information for about 22,500 patients. The data theft is the latest breach involving a healthcare related web portal hack. Why does this keep happening?

Fiery Driver Version Didn't Validate Source File, Had Hardcoded CredentialsPrinter servers from major manufactures such as Canon and Sharp could be susceptible to a supply chain hack due to flaws in a driver updater, researchers warn. Cyderes said Wednesday it identified two major security risks in a version of the Fiery Driver Updater.

Bank Info Security 10 months, 2 weeks ago

Hackers Chase Credentials in Hybrid Cloud Deployments

Financially Motivated Actor Storm-0501 Systematically Probed Victim EnvironmentsAs enterprises go with hybrid cloud developments, so follow hackers, even if it means jumping through extra hoops to get to where the data is stored. Microsoft on Wednesday said it spotted a financially-motivated hacking group probing a hybrid on-premise.

Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.  The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It's believed to be active since early 2021, indiscriminately targeting a wide range of sectors, such as retail,

The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks. [...]

Hacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google SaysA cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime group it tracks as UNC6148.

Bank Info Security 1 year, 1 month ago

Salt Typhoon Believed to Be Behind Commvault Data Breach

CISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup PlatformA suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings.

Bank Info Security 1 year, 1 month ago

NATO Countries Targeted By New Russian Espionage Group

'Laundry Bear' Has Been Active Since 2024Dutch intelligence agencies and Microsoft say a novel Russian state intelligence hacking group is likely buying stolen credentials from criminal marketplaces to gain entry to North American and European networks. It has "a specific interest in European Union and NATO member states."

Bank Info Security 1 year, 1 month ago

M&S Reportedly Hacked Using Third-Party Credentials

Scattered Spider Stole Tata Consulting Services Employee Login Details for HackBritish retailer Marks & Spencer was reportedly compromised by cybercrime group Scattered Spider using stolen employee credentials from a third-party IT company. Citing an unidentified source, Reuters reported hackers used the M&S login credentials of two Tata Consulting Services employees.

Bank Info Security 1 year, 2 months ago

Turkish Group Hacks Zero-Day Flaw to Spy on Kurdish Forces

Microsoft Researchers Link Turkish Spy Group to Output Messenger Zero-Day HackA Turkish-linked cyberespionage group known as Marbled Dust exploited a zero-day in the Output Messenger Server Manager application to spy on Kurdish military operations in Iraq. Microsoft reported the hack and called for immediate mitigation to block credential theft and malware delivery.

Bank Info Security 1 year, 2 months ago

Hacker Exploits AI Art Tool to Steal 1.1TB of Disney Data

California Man Pleads Guilty to Two Felony Charges Related to Hacking Employee's PCA California man agreed to plead guilty to hacking a Disney employee's personal computer and stealing over one terabyte of confidential company data. Authorities say the man posted a malicious artificial intelligence art application online and used it to steal an employee's credentials.

Bank Info Security 1 year, 3 months ago

Oracle Health Responding to Hack of Legacy Cerner EHR Data

Customer Credentials Possibly Compromised at EHR Vendor Acquired by Oracle in 2022Oracle is dealing with a hacking incident involving legacy patient data of Cerner electronic health record customers. Oracle, which acquired Cerner in 2022, is reportedly telling clients the hack involved compromised credentials for systems scheduled to migrate to the cloud.

Loading more headlines...