Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view
Bank Info Security 3 months, 3 weeks ago

Breach Roundup: Tycoon2FA Phishing Platform Rebounds

Also, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and FranceThis week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim surge.

How to avoid your business being felled by an AI-powered ransomware attack that costs less than a laptop. Passwork KNP Logistics Group, a British transport company from Northamptonshire that’s been around longer than the mass-produced lightbulb, collapsed after a devastating security breach that left more than 700 employees jobless. The 158-year-old firm fell victim to a ransomware attack.…

Bank Info Security 9 months, 1 week ago

Breach Roundup: Insurers Spend Big on Cybersecurity

Also, a Renault Breach, WhatsApp Malware and Qilin Claims Asahi AttackThis week, insurer cybersecurity spending, a Renault breach, a WhatsApp malware campaign in Brazil. Germany skeptical of Chat Control. Two UK teens arrested for ransomware attack. Qilin claimed the attack on Japan's Asahi. Hackers weaponized Nezha. An Invoice data breach exposed personal records.

Domain Controllers Commandeered to Distribute Malware, Warns MicrosoftRansomware hackers are hitting up Active Directory domain controllers to boost privileges within compromised networks, warns Microsoft. Nearly eight out of every 10 human-operated cyberattacks involves a breached domain controller. Securing the servers is a challenge.

Also: VPN Vulnerabilities Attract Hackers, Hackers Use Swiss Mail to Send MalwareThis week, Russia suspected in Balctic Sea cable sabotage, VPNs draw ransomware attackers and Swiss snail mail malware. An AI training company reported a cybertheft of $250,000 and a U.S. space firm reported a breach. Microsoft said it will pay $$$ for AI vulnerabilities and a MFA success story.

Bank Info Security 1 year, 9 months ago

Breach Roundup: How to Spot North Korean IT Workers

Also: Ransomware Surged in 2023, MoneyGram Back in Service After CyberattackThis week, advice on spotting North Korean staff; ransomware attacks rose; MoneyGram back online; FCC fined political operative; CISA warned of water system attacks; Ukraine restricted Telegram use; North Korean hackers used new malware; U.K. arrested alleged hacker; PSNI is in data leak talks.

Bank Info Security 2 years, 5 months ago

Breach Roundup: CIA Hacking Tool Leaker Gets 40 Years

Also: Cloudflare Was Hacked With Stolen Okta TokenThis week, former CIA programmer gets 40-year sentence, zero trust prevents widespread damage, possible ransomware attack in Georgia, alleged hacker detained in Ukraine, USB-spread malware in Italy, LockBit attack on non-bank home mortgage lender, and Ukrainian critical infrastructure disrupted.

Bank Info Security 2 years, 5 months ago

Breach Roundup: Microsoft's Effort to Store EU Data Locally

Also: FBI Warning About Androxgh0st; eBay Pays a $3 Million Fine for CyberstalkingThis week, Microsoft expanded plans to store EU citizens' data locally, shipping-themed phishing spam is a threat, the British Library overcame a ransomware setback, the FBI warned of Androxgh0st malware, Remcos RAT targeted South Korea, and eBay was fined $3 million for a cyberstalking campaign.

Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Infosec in brief The fallout from the exploitation of bugs in Progress Software's MOVEit file transfer software continues, with the US Securities and Exchange Commission (SEC) now investigating the matter, and lots of affected parties seeking compensation. …

Krebs on Security 4 years, 3 months ago

The Original APT: Advanced Persistent Teenagers

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual "smash and grab" attacks we've seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world's biggest corporations on edge.