Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

37 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 37 Filtered view

Also: Zcash Patches Flaw, $32M Humanity Protocol HackThis week, a key player in a $97M laundering scheme got prison time, Humanity Protocol suffered $32M in losses, Zcash patched a flaw, the EU targeted crypto platforms tied to Russia, authorities froze $3.8M in illicit funds and researchers exposed a Trezor chip weakness.

Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer ArrestedThis week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenage doxer, a Oracle WebLogic flaw was actively exploited.

Bank Info Security 3 months, 4 weeks ago

Breach Roundup: Fancy Bear in Schmancy OpSec Failure

Also, Telus Breach, Microsoft Hotpatching, Interpol Malicious IP TakedownThis week, Russian hacker OpSec failure, Interpol helped disrupt 45,000 malicious IPs, the FBI is looking for an ATM jackpotting suspect and Telus disclosed a breach. Windows hotpatching, an FTP exploit, a foiled attack on a nuclear research center and China-linked espionage.

Bank Info Security 6 months, 4 weeks ago

Russian Credential-Harvesting Apes Ukraine Webmail Platform

Widely Used ukr.net Is a Repeat Focus for APT28 Cyberespionage OperationsDon't expect cyber spies to respect distinctions between military and civilian networks, especially in times of war, warn researchers tracking persistent Russian military intelligence credential-harvesting attacks against users of Ukraine's popular, commercial UKR.NET webmail platform.

Misconfigured Customer Network Edge Devices' Under Fire, Warn ResearchersMisconfigured edge devices hosted in the cloud are giving nation-state hackers carte blanche to access Western critical infrastructure, warn threat intelligence experts at Amazon, who tied exploits of AWS customers' device administrator portals to Russia's GRU military intelligence agency.

Bank Info Security 8 months, 1 week ago

Russia's Destructive Wiper Attacks on Ukraine Rise Again

Nation-State Teams Tied to Grain Sector Targeting, Plus More Joined-Up OperationsRussia's nation-state hacking groups have returned to pummeling Ukrainian targets with destructive, wiper malware, including in apparent attempts to disrupt its economically valuable grain sector, alongside the repeat targeting of allied European nations, researchers report.

Bank Info Security 8 months, 1 week ago

Unpatched Windows Flaw a Boon for Nation-State Hackers

Chinese Hackers Target European Diplomats with LNK File FlawChinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant Microsoft says the flaw doesn't merit a patch. Hackers used a flaw already compromised by North Korea and Russia.

Bank Info Security 8 months, 3 weeks ago

Kremlin Shaping Cybercrime Into Deniable Geopolitical Tool

Moscow Crackdowns 'Less About Enforcement and More About Optics,' Say ExpertsChanging forces are reshaping the Russian cybercrime ecosystem, as the Kremlin takes a more direct role in leveraging ransomware and other groups for geopolitical influence, while not hesitating to occasionally burn lower-level players as a diplomatic token gesture, say researchers.

Bank Info Security 8 months, 3 weeks ago

Russia, China Will Weaponize UN Cyber Treaty, FDD Warns

Foundation for Defense of Democracies Warns Against Aligning With New Cyber TreatyThe United Nations' cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms - despite U.S. opposition and mounting civil society alarm, analysts warned Thursday.

Bank Info Security 8 months, 3 weeks ago

Russia's Coldriver Revamps Malware to Evade Detection

Russian Intel Hackers Flexible in Face of DetectionRussia-linked threat group COLDRIVER rapidly replaced its exposed malware with a stealthier PowerShell variant, using fake CAPTCHA prompts and cryptographic key-splitting to evade detection and escalate surveillance on NGOs, dissidents and policy experts, according to new research.

Bank Info Security 8 months, 3 weeks ago

Russian Disinformation Followed Drone Incursion of Poland

Active Measures Teams Rapidly Springboarding From Current Events, Find ResearchersAfter Russian drones violated Polish airspace last month, multiple pro-Kremlin information operations teams sprang into action to advance pro-Moscow narratives that distorted the facts, as part of a hybrid operation designed to destabilize Poland, and NATO support for Ukraine, said experts.

Bank Info Security 9 months, 1 week ago

Clop Attacks Against Oracle E-Business Suite Trace to July

Signs Point to Multiple Exploit Chains, One Including a Zero-Day, Being EmployedData-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun by August and involved multiple attack chains, of which one targeted a zero-day vulnerability, report Google threat researchers.

Bank Info Security 1 year, 1 month ago

Researchers: Meta and Yandex Broke Android Privacy

Web-to-App Pipeline Uses Meta Pixel and Yandex MetricaAmerican social media giant Meta and Russian counterpart Yandex each found methods to break through privacy protections enabled by Android users, say academics in newly disclosed research. A Meta spokesperson in a prepared statement said it stopped the tracking "upon becoming aware of the concerns."

Bank Info Security 1 year, 2 months ago

Russian FSB Hackers Deploy New Lostkeys Malware

Malware Targets Western Officials, NGOs and JournalistsRussian cyber espionage hackers are using a new malware strain dubbed "Lostkeys" in a targeted espionage campaign aimed at Western officials, NGOs and journalists. Google researchers attribute Lostkeys to the threat group Coldriver, an operational unit within the Federal Security Service.

Bank Info Security 1 year, 3 months ago

Medusa Ransomware Brings Its Own Vulnerable Driver

Hackers Use Stolen Certificates to Bypass Endpoint Detection and ResponseA Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, warn researchers. The driver disables endpoint detection and response software by stripping process protections.

Bank Info Security 1 year, 4 months ago

Russian-Speaking Hackers Goad Users into Installing Havoc

A newly discovered phishing campaign is using social engineering to dupe victims into copying, pasting, and running the Havoc command-and-control framework on their computers, warn researchers from Fortinet. "ClickFix," displays a fake error message and instructions for its supposed resolution.

Bank Info Security 1 year, 4 months ago

Ukrainian Signal Users Fall to Russian Social Engineering

Google Expects Tactics to Spread; Global Targets and Other Services at RiskRussian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal's end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages.

Loading more headlines...