Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view
Bank Info Security 7 months, 2 weeks ago

Scattered Lapsus$ Hunters Tied to Targeting of Zendesk Users

Uncovered: Typosquatted Domains Linked to Suspected Ransomware Group CampaignContinuing its targeting of customer data, the cybercrime group Scattered Lapsus$ Hunters appears to be gearing up for large-scale attacks involving typosquatted domains that lead to phishing domains designed to steal Zendesk users' valid credentials, warn security researchers.

Bank Info Security 8 months, 4 weeks ago

Madman Theory Spurs Crazy Scattered Lapsus$ Hunters Playbook

Chaos Theory and Ransomware's Love Child Serves Up Nonstop UnpredictabilityAll is not quiet on the ransomware front. Long the province of Russian criminals, numerous ransomware campaigns now trace to reckless Western teenagers operating under the banner of Scattered Lapsus$ Hunters who wield not just technical and trickster chops, but also a chaos and unpredictability.

Chaos Theory and Ransomware's Love Child Serves Up Nonstop UnpredictabilityAll is not quiet on the ransomware front. Long the province of Russian criminals, numerous ransomware campaigns now trace to reckless Western teenagers operating under the banner of Scattered Lapsus$ Hunters who wield not just technical and trickster chops, but also a chaos and unpredictability.

Chaos Theory and Ransomware's Love Child Serves Up Nonstop UnpredictabilityAll is not quiet on the ransomware front. Long the province of Russian criminals, numerous ransomware campaigns now trace to reckless Western teenagers operating under the banner of Scattered Lapsus$ Spider who wield not just technical and trickster chops, but also a chaos and unpredictability.

Criminals Claim Leak of Customer Data From Six Victims, Including Qantas AirlinesA ransomware group that's been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the rebranded Scattered Lapsus$ Hunters group, after leaking data from six victims, declared its Salesforce customer shakedown over.

Bank Info Security 9 months, 2 weeks ago

Ransomware Group Debuts Salesforce Customer Data Leak Site

Scattered Lapsus$ Hunters Claims 1 Billion Stolen Records, Pressures Victims to PayContinuing its ongoing extortion of Salesforce customers, the Scattered Lapsus$ Hunters ransomware operation has launched a data leak site, claiming to have stolen 1 billion records from hundreds of organizations that integrated Salesforce with the Salesloft Drift AI chatbot.

Recent, Targeted Attacks Suggest Undercut Group's Claimed 'Going Dark' RetirementElements of the notorious ransomware collective lately calling itself Scattered Lapsus$ Hunters appear to be targeting fresh victims, including a U.S. banking organization if not the sector at large, despite a member of the group claiming it would be "going dark" and retiring.

PLUS: China's Great Firewall springs a leak; FBI issues rare 'Flash Alert' of Salesforce attacks; $10m bounty for alleged Russian hacker; and more Infosec In Brief 15 ransomware gangs, including Scattered Spider and Lapsus$, have announced that they are going dark, and say no more attacks will be carried out in their name.…

Bank Info Security 10 months, 1 week ago

Breach Roundup: Scattered Lapsus$ Hunters Behind Jaguar Hack

Also, Disney Pays $10M to Settle Child Privacy Case, Spain Scraps Huawei DealThis week, Jaguar hack, Disney settled a child privacy case, Texas sued PowerSchool and federal prosecutors sued a toy maker. Spain voided a Huawei contract, Pennsylvania AG confirmed a ransomware attack. U.S. immigration enforcement resumed a spyware contract and Baltimore lost $1.5 million to BEC.

Voice-phished their way in, but Switchzilla claims no damage done Cisco disclosed on Wednesday that its corporate network was accessed by cyber-criminals in May after an employee's personal Google account was compromised – an act a ransomware gang named "Yanluowang" has now claimed as its work.…

The Hacker News 4 years, 2 months ago

Everything We Learned From the LAPSUS$ Attacks

In recent months, a cybercriminal gang known as LAPSUS$ has claimed responsibility for a number of high-profile attacks against technology companies, including: T-Mobile (April 23, 2022) Globant  Okta Ubisoft Samsung Nvidia Microsoft Vodafone In addition to these attacks, LAPSUS$ was also able to successfully launch a ransomware attack against the Brazilian Ministry of Health

Krebs on Security 4 years, 3 months ago

The Original APT: Advanced Persistent Teenagers

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual "smash and grab" attacks we've seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world's biggest corporations on edge.