Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view
Bank Info Security 3 months, 4 weeks ago

Microsoft Intune MDM Gains Notoriety After Stryker Hack

Properly Configured Mobile Development Management Tools Can't Wipe Personal DataMobile device management software is having a moment of notoriety after Iran-aligned hacking group Handala used Microsoft Intune to wipe the mobile devices of employees at medical device manufacture Stryker. Tens of thousands of personal devices were likely affected.

Bank Info Security 7 months, 2 weeks ago

Kaiser Permanente to Pay Up to $47.5M in Web Tracker Lawsuit

Class Action Litigation Alleges Web Trackers Shared Patient Data With Tech FirmsKaiser Permanente has agreed to pay up to $47.5 million to settle litigation stemming from its use of tracking codes in its websites, patient portals and mobile apps. Claimants alleged the trackers unlawfully shared patients' information with third parties, including Google and Microsoft.

Bank Info Security 1 year, 4 months ago

Lawsuit: Amazon Violates Washington State Health Data Law

Experts Say First Class Action Claim Under State's Privacy Law Won't Be the LastA proposed class action lawsuit alleges that Amazon is unlawfully collecting and tracking mobile users' data - including sensitive geolocation - in violation of Washington's My Health My Data Act. It's the first such lawsuit filed since the data privacy law went into effect last year.

Bank Info Security 1 year, 4 months ago

Lawsuit: Amazon Violated Washington State Health Data Law

Experts Say First Class Action Claim Under State's Privacy Law Won't Be the LastA proposed class action lawsuit alleges that Amazon is unlawfully collecting and tracking mobile users' data - including sensitive geolocation - in violation of Washington State's My Health My Data Act. It's the first such lawsuit filed since the data privacy law went into effect last year.

Healthcare organizations should rethink some of their approach to security, enhancing focus on insider threats, improving cyber awareness training and securing mobile applications and devices, said Ryan Witt, vice president of industry solutions at Proofpoint, discussing findings of a new study.

Bank Info Security 2 years, 2 months ago

Kaiser Permanente Notifying 13.4 Million of Tracker Breach

Incident Involves Health Plans' Prior Use of Online Tech in Websites, Mobile AppsKaiser Foundation Health Plan has reported to regulators a health data breach affecting 13.4 million people stemming from the previous use of web trackers. Aside from reports expected from the Change Healthcare mega hack, the incident is the largest health data breach reported so far in 2024.

Trend Micro Research, News and Perspectives 2 years, 9 months ago

Attacks on 5G Infrastructure From Users’ Devices

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Your smartphone is your daily companion. The chances are that most of our activities rely on them, from ordering food to booking medical appointments. However, the threat landscape always reminds us how vulnerable smartphones can be.  Consider the recent discovery by Oversecured, a security startup. These experts observed the dynamic code loading and its potential dangers. Why is this a problem?

The Hacker News 4 years, 2 months ago

Everything We Learned From the LAPSUS$ Attacks

In recent months, a cybercriminal gang known as LAPSUS$ has claimed responsibility for a number of high-profile attacks against technology companies, including: T-Mobile (April 23, 2022) Globant  Okta Ubisoft Samsung Nvidia Microsoft Vodafone In addition to these attacks, LAPSUS$ was also able to successfully launch a ransomware attack against the Brazilian Ministry of Health