Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Infosec in brief If your Windows domain controllers have been crashing since a security update was installed earlier this month, there's no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue.…

Krebs on Security 3 years, 4 months ago

When Low-Tech Hacks Cause High-Impact Breaches

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group.  But it's worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website.

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.