Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 28 Filtered view

Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-DaysThis week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw.

Microsoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to "worldwide cloud abuse." Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian government objectives,

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025

Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights

Bank Info Security 1 year, 8 months ago

Microsoft Warns of Ongoing Russian Intelligence Campaign

Russian SVR Targeting Government, Academia, Defense Organizations GloballyA Russian-state hacking group is posing as Microsoft employees and sending malicious configuration files as email attachments to target organizations across the world. The campaign has the hallmarks of a Midnight Blizzard phishing campaign although its use of an RDP configuration file is novel.

Bank Info Security 1 year, 10 months ago

German Cyber Agency Investigating APT28 Phishing Campaign

Der Spiegel Reports Russian State Hackers Mimicked Kiel InstituteThe German cyber agency is reportedly investigating a phishing campaign tied to Russian state hacking group APT28 that used a bogus website mimicking an influential think tank. The campaign, which ran for months, used variations of the institute's legitimate IfW-Kiel web domain to lure victims.

The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia's Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft

Bank Info Security 2 years, 4 months ago

Russia Announces Arrest of Medibank Hacker Tied to REvil

3 Suspects Charged With Using Sugar Ransomware, Phishing Attacks Against RussiansRussian authorities have reportedly arrested three accused members of the SugarLocker ransomware-as-a-service operation. Their alleged crime? Targeting Russians, although one suspect has also been tied to a massive hack of Australian health insurer Medibank and subsequent data leak.

Bank Info Security 2 years, 6 months ago

Google: Russian FSB Hacking Group Turns to Malware

'Coldriver' Has Been Sending Backdoors Embedded in PDFs Since November 2022A Russian domestic intelligence agency hacking group known for long-lasting logon credential phishing campaigns against Western targets is now deploying malware embedded into PDFs, say security researchers from Google. "Coldriver" is using a family of backdoors Google dubs Spica.

Bank Info Security 2 years, 7 months ago

UK and US Accuse Russian FSB of 'Hack and Leak' Operation

Both Governments Sanction 2 'Star Blizzard' Hackers; US Indicts ThemThe U.K. government accused Russia's domestic intelligence agency of running a yearslong campaign to interfere in British politics. U.S. federal prosecutors unsealed a criminal indictment against two FSB agents, accursing them of phishing campaigns against national security government employees.

The UK National Cyber Security Centre (NCSC) and Microsoft warn that the Russian state-backed actor "Callisto Group" (aka "Seaborgium" or "Star Blizzard") is targeting organizations worldwide with spear-phishing campaigns used to steal account credentials and data. [...]

The Russian state-sponsored hacking collective known as APT29 has been attributed to a new phishing campaign that takes advantage of legitimate cloud services like Google Drive and Dropbox to deliver malicious payloads on compromised systems

Loading more headlines...