Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view
Bank Info Security 1 month, 1 week ago

Identity Scams Evolve Into Multi-Stage Attacks

Victims Increasingly Face Multiple Compromises From a Single IncidentIdentity theft scams are increasingly unfolding as coordinated, AI-assisted attack chains that begin with phishing or impersonation escalate into account takeovers, device compromise and broader fraud, according to the Identity Theft Resource Center.

Bank Info Security 2 months, 2 weeks ago

Germany Caught Up in Likely Russian Signal Phishing

Governments Have Long Warned About Kremlin Social Engineering HacksSignal is defending the security of its systems following a series of phishing attacks that took place on the encrypted messaging platform, and that reportedly compromised members of the German government including the president of the country's parliament.

Bank Info Security 7 months, 4 weeks ago

How to Improve Credential Security

Michael Leland of Island on How to Enhance Credential SecurityFrom infostealers to phishing, almost 90% of all data breaches now involve the use of stolen credentials - leading to billions of dollars in losses. Michael Leland of Island opens up on the role of the modern enterprise browser in mitigating these risks created by compromised credentials.

Bank Info Security 9 months, 2 weeks ago

Hour-Long Email Phishing Breach Affects PHI of 150,000

Medication Tech Firm Says Hacking Incident Contained to One Employee Email AccountA Florida firm that offers medication therapy management services to health plans is notifying nearly 150,000 individuals that their information was potentially compromised in a phishing attack affecting one employee's email account for only about an hour. Why do users still fall for phishing scams?

Bank Info Security 10 months, 1 week ago

Hackers Compromise 18 NPM Packages in Supply Chain Attack

Attacker Socially Engineered Developer With Phishing EmailA hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week.

Bank Info Security 10 months, 2 weeks ago

Varonis Acquires SlashNext to Combat Phishing, Email Attacks

Acquisition Targets Business Email Compromise, Impersonation and Spear-PhishingVaronis has acquired SlashNext to strengthen detection of phishing and social engineering attacks. The integration will help prevent identity compromises via email, SMS and collaboration tools while enhancing Miami-based Varonis’ AI-driven data protection.

Bank Info Security 10 months, 4 weeks ago

NY State Fines Dental Plan Firm $2M in Phishing Breach

Healthplex, Part of UnitedHealth Group, Lacked MFA on Compromised Email AccountNew York State has fined a dental plan administrator owned by UnitedHealth Group $2 million for failing to protect data with multifactor authentication and other issues related to a phishing breach that affected 90,000 people. It's the state's second fine against Healthplex for the same breach.

Hypori's Lewandowski on Eliminating Data and Apps From Personal DevicesTraditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.

Hypori's Lewandowski on Eliminating Data and Apps From Personal DevicesTraditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.

Hypori's Lewandowski on Eliminating Data and Apps From Personal DevicesTraditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.

Hypori's Lewandowski on Eliminating Data and Apps From Personal DevicesTraditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.

Hypori's Lewandowski on Eliminating Data and Apps From Personal DevicesTraditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.

Bank Info Security 1 year ago

Securing BYOD Without Sacrificing Privacy

Hypori's Lewandowski on Eliminating Data and Apps From Personal DevicesTraditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.

Bank Info Security 1 year, 3 months ago

Wheelchair Firm Ramps Up Notices to 500,000 for Email Hack

Large Health Data Breach Started With Phishing Lure in Employees' EmailTennessee-based Numotion, one of the largest U.S. providers of wheelchairs and other health-related mobility products is notifying nearly 500,000 people of a 2024 email hacking incident that potentially compromised their personal and health-related information.

Bank Info Security 1 year, 6 months ago

36 Chrome Extensions Compromised in Supply Chain Attack

Developers Listed as Public Contact Points Targeted in Phishing CampaignA supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.

Bank Info Security 1 year, 8 months ago

Hacker Poses as Israeli Security Vendor to Deliver Wiper

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With MalwareCybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.

Bank Info Security 2 years, 1 month ago

HHS Warns Health Sector of Business Email Compromise Scams

Agency Spells Out Measures to Avoid Falling Victim to Costly SchemesHealthcare organizations should take steps to avoid falling victim to evolving threats involving costly business email compromise scams and related phishing schemes fueled by social engineering, warned the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center.

Bank Info Security 2 years, 2 months ago

Breach Roundup: LabHost Phishing-as-a-Service Site Goes Down

Also: Omni Hack Exposed Customer Data; More Ivanti Vulnerabilities Come to LightThis week, police disrupted the LabHost phishing-as-a-service site, customer data compromised in Omni Hotels hack, more Ivanti vulnerabilities found, Moldovan botnet operator faces U.S. charges, Cisco warned of a data breach in Duo and a Spanish Guardia Civil contractor suffered a ransomware attack.

Bank Info Security 2 years, 2 months ago

Breach Roundup: LabHost Goes Down

Also: Omni Hack Exposed Customer Data and More Ivanti VulnerabilitiesThis week, police took down the LabHost phishing-as-a-service site, customer data compromised in Omni Hotels hack, more Ivanti vulnerabilities, a Moldovan botnet operators faces U.S. charges, Cisco warned of data breach in Duo and a Spanish Guardia Civil contractor suffered a ransomware attack.

Bank Info Security 2 years, 5 months ago

Account Takeover Campaign Hits Execs in Microsoft Azure

Attackers Downloaded Files Containing Financial, Security and User InformationA still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have compromised hundreds of user accounts spread across dozens of Microsoft Azure environments.