Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view
Bank Info Security 8 months, 3 weeks ago

CISA Flags Highly Exploitable Windows SMB Flaw

NTLM Reflection Attack Strikes AgainA three-month old flaw in a network protocol for file sharing used by Microsoft is under active exploitation, warns the U.S. Cybersecurity and Infrastructure Security Agency. The flaw's exploitation bypasses mitigations Microsoft has built over the years to prevent NTLM reflection attacks.

Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild

ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns Infosec in brief The infamous LockBit ransomware gang has been busy in the ten days since an international law enforcement operation took down many of its systems. But despite its posturing, the gang might have suffered more than it's letting on.…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products

Bank Info Security 2 years, 5 months ago

CISA Directs Agencies to Mitigate Ivanti Zero-Day Exploits

US Agencies Told to Remove Ivanti's Affected Products From Federal NetworksThe U.S. Cybersecurity and Infrastructure Security Agency directed federal agencies to implement mitigation measures for two zero-day exploits that affect Ivanti’s popular VPN products while they await a patch, in what one official described as "a rapidly evolving situation."

Bank Info Security 2 years, 7 months ago

CISA Releases Health Sector Vulnerability Mitigation Guide

Agency Maps its Advice to Other Health Industry Cyber Best Practice ResourcesA new guide from the Cybersecurity and Infrastructure Security Agency aims to help healthcare and public health sector entities get a much tighter grip on managing serious risks posed by the most troublesome types of vulnerabilities threatening the beleaguered industry.

Bank Info Security 2 years, 8 months ago

CISA, FBI Issue New Warning Following Las Vegas Cyberattack

Agencies Release Joint Advisory Urging Organizations to Implement New MitigationsCISA and the FBI released an advisory recommending that critical infrastructure organizations implement a series of recommendations to thwart a unique hacking group known for targeting commercial facilities, as seen in the recent cyberattack targeting MGM Resorts International.