Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view
Bank Info Security 1 month, 3 weeks ago

GitHub Tells Self-Hosted Admins to Rotate Keys

Company Pushes Key Rotation After 3,800 Repositories CompromisedHacked code repository GitHub warned administrators of self-hosted git servers to rotate public encryption keys following a May 18 incident involving a poisoned VS Code extension used by an employee. GitHub CISO Alexis Wales in a Tuesday update said the repository is rotating all keys.

Bank Info Security 4 months ago

OpenClaw Exposes Hidden Risks in Agentic AI

Attorney Jonathan Armstrong on Governance, Due Diligence and Shadow AI RiskThe OpenClaw incident highlights how experimental agentic AI tools can create hidden security and compliance risks. Attorney Jonathan Armstrong explains why CISOs must address shadow AI, strengthen oversight of developer experimentation and rethink how they assess AI vendor risk.

Bank Info Security 7 months, 3 weeks ago

Breach Roundup: Recently Patched Oracle Flaw Under Attack

Also: npm Packages Infiltrated, FBI Issues Fraud Alert, Campbell's Soup Cans CISOThis week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising bank account takeover scams, regulators fined Comcast over a vendor breach, Iberia reported a supplier incident and Campbell's canned its CISO.

Bank Info Security 8 months, 2 weeks ago

Building Cyber Resilience Across Canada's Skies

NAV Canada CISO Tom Bornais on Keeping IT and OT Systems RunningWith threats targeting aviation infrastructure, NAV Canada CISO Tom Bornais explained how his team focuses on building resilience rather than chasing perfection. He outlined why internal alignment, incident simulation and supply chain security are critical to defending IT and OT systems.

Bank Info Security 1 year, 1 month ago

The Forgotten Details of Ransomware Response Plans

While healthcare organizations often know in general what they need to do in case they're faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp.

Bank Info Security 1 year, 1 month ago

The Forgotten Details of Ransomware Response Plans

While healthcare organizations often know in general what they need to do in case they're faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp.

Australian Payments Plus' Cody Kieltyka on Using Approaches Beyond QuestionnairesUnderstanding vendor interdependencies is too complex for humans alone, said Cody Kieltyka, CISO at Australian Payments Plus. While questionnaires remain common for supply chain risk management, they need supplementation with dark web monitoring and incident response planning with critical vendors.

Bank Info Security 1 year, 9 months ago

New York State Enacts New Cyber Requirements for Hospitals

Includes 72-Hour Incident Reporting Mandate That Went into Effect on Oct. 2General hospitals in New York State must now report cyber incidents to state regulators within 72 hours under new cybersecurity requirements that went into effect on Oct. 2. The hospitals have until next fall to comply with a long list of other security mandates, including appointing a CISO.

Even the Threat of Disruption Plays Into Attackers' Hands, Says Ian Thornton-TrumpDefenders of operational technology environments should look beyond the technical controls and incident response plans they've put in place. They also need to consider how attackers might undermine confidence in the service itself, says Ian Thornton-Trump, CISO of Cyjax.

Bank Info Security 2 years, 5 months ago

SolarWinds Requests Court Dismiss Regulator's Fraud Case

Calls Securities and Exchange Commission's Cybersecurity Allegations 'Unfounded'Network monitoring software vendor SolarWinds moved to dismiss a federal lawsuit accusing the company and its CISO of securities fraud after they allegedly misstated the efficacy of its cybersecurity controls. Russian intelligence hacked the company in an incident disclosed in 2020.

Bank Info Security 2 years, 7 months ago

NY State Eyes New Cyber Regs for Hospitals; $500M Price Tag

Proposals Require a CISO, Strong Cyber Controls, 2-Hour Incident Reporting WindowNew York State will soon seek public comment on sweeping new cybersecurity regulations for hospitals. The proposed rules would come with $500 million in requested funding to help the providers step up their security investments to comply with the new requirements.