Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view

Also, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing TakedownThis week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals.

Bank Info Security 11 months, 2 weeks ago

SharePoint Zero-Days Exploited to Unleash Warlock Ransomware

145 Organizations Compromised by China-Linked Ransomware Hackers and OthersNearly 150 different organizations' on-premises SharePoint servers have been exploited by attackers targeting the zero-day vulnerabilities now tracked as ToolShell, researchers warn. Early attacks have been attributed to China-linked groups, in some cases leading to Warlock ransomware infections.

Also, Spain Arrests Hacker Behind Leaks Targeting Politicians and JournalistsThis week, Chinese sites mimicked brands, Spain arrested data leak hackers, Swiss health nonprofit ransomware attack, ICC probed a cyberattack, UNFI restored systems, a flaw in smart tractors, RomCom RAT. A U.K. man sentenced for locking employer out of network. A WordPress hack installs a Trojan.

Also, O Canada, Oh Brother and More Probable Chinese HackingThis week, ransomware kills, Salt Typhoon hit Canada, Russian backdoors, SAP and Citrix patches, China hackers in the oil and energy sector. Brother printers have an unfixable flaw. Ransomware hit a U.S. dairy cooperative. Hackers in Albania and Oxford. European lawmakers heard cybersecurity advice.

Also, Researchers Exploit Tesla Wall Connector Via Charging CableThis week: Chinese Salt Typhoon hackers hit Viasat, researchers hacked a Tesla charger, Sitecore CMS flaws, Krispy Kreme disclosed hacking damage, Archetyp Market taken down. Episource disclosed a ransomware hack and Spain ruled out cyberattack for the April Iberian blackout.

Bank Info Security 1 year, 3 months ago

ISMG Editors: Ransomware's Stealth vs. Spectacle Tactics

Also: Rapid7's Boardroom Shake-Up, China's Shift Tactical Cyber ShiftIn this week's update, ISMG editors unpacked stealth vs. spectacle in ransomware attacks, Rapid7’s boardroom shake-up led by activist investors, and China's shift from cyber espionage to infrastructure sabotage - driving key shifts in global cybersecurity strategy and resilience.

Bank Info Security 1 year, 4 months ago

DeepSeek-R1 Can Almost Generate Malware

DeepSeek Comes Very Close to Producing a Keylogger and RansomwareSecurity researchers used the Chinese DeepSeek-R1 artificial intelligence reasoning model to come close to developing ransomware variants and keyloggers with evasion capabilities. The model needs prompt engineering and its output requires code editing.

Bank Info Security 1 year, 4 months ago

Breach Roundup: FBI Publishes Ghost Warning

Also: Lee Enterprises Recovering From Ransomware Attack, an Ivanti POCThis week, a FBI warning on Ghost ransomware, Lee Enterprises confirmed its ransomware attack, a proof-of-concept for Ivanti EPM flaws and a cybersecurity flaw in a Xerox machine. Also, a Chinese cyberespionage hacker apparently moonlighted as a ransomware attacker and NioCorp hit by a cyber heist.

Bank Info Security 1 year, 5 months ago

APT Groups Using Ransomware 'Smokescreen' for Espionage

Russian, Iranian and Chinese APTs Among Most Active Ransomware CollaboratorsSecurity researchers are increasingly finding it challenging to attribute cyberattacks due to surging cooperation between nation-state hackers and ransomware groups, especially for espionage purposes. They say it reflects the blurring of the lines between state-directed and criminal activities.

Russia, China, Iran and North Korea Tapping Cybercrime Services, Google SaysThe cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as "an accelerant for state-sponsored hacking," collectively posing an increasing risk to Western national security, cybersecurity researchers warn.

Also: Ransomware Hackers Demand BaguettesThis week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.

Burning Issues Include Russian Hacking, China's Hitting Critical InfrastructureFour years since Trump's last term, the cyber picture looks - in many ways - markedly different. How will the incoming administration tackle Russian disinformation and cyber operations against NATO, rampant Chinese cyber espionage, and cybercriminals and ransomware continuing to disrupt businesses?

Also: AI Safety Bill Vetoed, Global Ransomware Response Guide Gets Some RevisionsIn the latest weekly update, ISMG editors discussed the implications of the U.S. investigation into Chinese hackers targeting telecom wiretap systems, the catastrophic risks of AI and the recent veto of an AI safety bill in the U.S., and the latest global ransomware response guidance.

Also: Chinese Cyberespionage, Defiant Cleveland, and a Spanish Ransomware AttackThis week, ONNX targeted Microsoft 365, Symantec spotted Chinese espionage, AMD may have been breached, Cleveland vowed to defy hackers, Black Basta hit a Spanish firm, Pakistani hackers targeted India, Microsoft said it fixed flaws in Azure, and the U.S. and Indonesia held a cybersecurity exercise.

News Comes on Heels of Treasury Forcing Chinese Investors to Divest BianLian SharesAustralian mining giant Northern Minerals says cybercriminals stole sensitive corporate secrets from its systems not long after the government forced several Chinese investors to divest their shares in the company. The incident did not have a material impact on Northern's operations or systems.

Bank Info Security 2 years, 5 months ago

Breach Roundup: Zeus Banking Trojan Leader Pleads Guilty

Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.

Bank Info Security 2 years, 7 months ago

Breach Roundup: Filipinos Under Fire From 'Mustang Panda'

Also, Kansas Courts Say Ongoing Outage Traces to Attack; Confidential Data StolenThis week's data breach roundup: Chinese-affiliated hackers target the Philippine government; Kansas Courts confirm data theft, officials warn of exploited flaws in Sophos, Oracle and Microsoft software; AutoZone discloses a Clop ransomware attack; Optus' CEO resigns after network outage.

Bank Info Security 2 years, 8 months ago

UK NSCS Highlights Risks to Critical Infrastructure

Agency Underscores Risks From Ransomware, State-Aligned Hacking, China and AIThe risk of critical infrastructure hacking in the United Kingdom likely grew in the last year, says the national cybersecurity agency, citing a slew of high-profile ransomware attacks. Russia's invasion of Ukraine is a main driver of growing risk in cyberspace, the agency says.