Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 25 Filtered view

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Bank Info Security 6 months, 1 week ago

Illinois Notifies 700,000 of Misconfiguration Breach

Mapping Platform Exposed Addresses and Medical Assistance PlansThe Illinois Department of Human Services is notifying more than 700,000 individuals of a breach involving "incorrect privacy settings" left in place for several year that exposed online data pertaining to Medicare, Medicaid and rehabilitation services recipients.

Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flags. Just quiet entry through small gaps — like a misconfigured pipeline, a trusted browser feature,

Bank Info Security 1 year, 3 months ago

Fitness Firm Pays Feds $228K in Misconfiguration Breach

Settlement Is 5th HIPAA Enforcement Action Under HHS's OCR Risk Analysis InitiativeAn Illinois-based firm that provides fitness and wellness plans to clients throughout the U.S. has agreed to pay federal regulators a settlement of nearly $228,000 and implement a corrective action plan following an IT misconfiguration incident caused several breaches in late 2018 and early 2019.

CorrectCare to Settle Lawsuit After 'Inadvertently' Exposing PHI on Web for MonthsA misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.

Loading more headlines...