Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view

Also, YellowKey Bypasses BitLocker, Škoda Breach, Kingdom Market Operator JailedThis week, U.S. lawmakers urged action on AI, a BitLocker exploit. Škoda, Nvidia’s GeForce NOW partner and telehealth firm OpenLoop reported breaches. Patch Tuesday. A dark market operator sentenced and pro-Ukraine and Iranian-linked hacking. Nitrogen ransomware attack on Foxconn.

Bank Info Security 2 months, 3 weeks ago

Breach Roundup: Myanmar Scam Compound Managers Charged

Also, Europol Cracks DDoS Networks, Mythos Finds Bugs, France Portal HitThis week, scam compounds. Attackers exploit flaws pre-disclosure. A crackdown on DDoS-for-hire. No Mythos for CISA, yes for Mozilla. France ID portal breach. Israeli and Venezuelan critical infrastructure targeted. Russian hacking in Ukraine. An Apache flaw. A ransomware negotiator aided BlackCat.

Bank Info Security 3 months, 2 weeks ago

Breach Roundup: Feds Confirm 'Major' Hack of FBI System

Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key ActivityThis week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K.

Bank Info Security 4 months, 4 weeks ago

Hackers Increasingly Prefer Fast and Low-Complexity Attacks

Incident Responders Detail Top Ransomware and Business Email Compromise TacticsThere's no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing "low-complexity entry points, rather than investing in sophisticated exploits," say incident responders.

British Health System Investigates Claim Amid Wave of Enterprise Data TheftsRansomware gang Clop has claimed the United Kingdom's National Health Service among its latest victims. The NHS confirmed that it is listed on a cybercriminal group's dark website, but did not comment on Clop's claims. The hack attack appears tied to Oracle E-Business Suite exploits.

Also, Researchers Exploit Tesla Wall Connector Via Charging CableThis week: Chinese Salt Typhoon hackers hit Viasat, researchers hacked a Tesla charger, Sitecore CMS flaws, Krispy Kreme disclosed hacking damage, Archetyp Market taken down. Episource disclosed a ransomware hack and Spain ruled out cyberattack for the April Iberian blackout.

In what's an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process. Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract

It’s taken months for crims to hack together a working exploit chain Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list.…

Bank Info Security 2 years, 6 months ago

Turkish Hackers Exploit MS SQL Servers to Deliver Ransomware

Financially Motivated Actors Targeting US, EU and LATAM CountriesFinancially motivated Turkish hackers are targeting Microsoft SQL servers in the United States, Europe and Latin America in hacking that ultimately ends with deployment of Mimic ransomware or the sale of access to infected hosts on criminal online markets.

Krebs on Security 4 years, 5 months ago

Wazawaka Goes Waka Waka

In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month's story, we explored clues that led from Wazawaka's multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka's identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became "Orange," the founder of the ransomware-focused Dark Web forum known as "RAMP."