Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 15 most recent headlines Filtered view

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Bank Info Security 4 months, 4 weeks ago

Massiv Attack: Android Trojan Targets IPTV Users

New Trojan May Soon Be Offered for Sale to Criminal UndergroundSecurity researchers warn of "Massiv," an Android Trojan - disguised as an IPTV app - targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft - and may soon be marketed on criminal underground forums as malware as a service.

Bank Info Security 9 months, 3 weeks ago

North Korea Fake Job Recruiters Up Their Backdoor Game

Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat ActorA gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers.

New Variant Uses Virtualization to Weaponize Legit Apps, Stealing Data in Real TimeA banking Trojan known for mimicking mobile app login pages has gone to the next level by copying and pasting real mobile banking apps into a virtual environment it creates on infected smartphones, warn researchers. New Godfather malware "marks a significant leap in mobile threat capabilities."

Bank Info Security 1 year, 3 months ago

Chinese Hackers Deploy Stealthy Fileless VShell RAT

Malware Hides in Memory, Evades Detection by Endpoint ToolsA Chinese state-backed hacking group tracked as UNC5174 relaunched its operations after a year of silence with a campaign using a memory-only remote access Trojan that evades traditional detection mechanisms, according to new research from cybersecurity firm Sysdig.

Bank Info Security 1 year, 3 months ago

Lazarus Expands NPM Campaign With Trojan Loaders

North Korea's Lazarus Deploys Malicious NPM Packages to Steal DataNorth Korea's Lazarus Group expanded a malicious campaign of uploading malicious code to the JavaScript runtime environment npm repository, publishing 11 packages embedded with Trojan loaders. Researchers identified 11 malicious packages in the repository, a hotspot for supply chain attacks.

Bank Info Security 1 year, 9 months ago

TrickMo Trojan Variants Target Device Unlock Codes

New Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility FeaturesA new variant of an Android banking Trojan called TrickMo is tricking victims into providing their phone unlock code, enabling hackers to sustain operations, warn cybersecurity researchers. The malware displays presents a deceptive HTML user interface that mimics the device's actual unlock screen.

Bitdefender Exposes Unfading Sea Haze's Advanced Cyberespionage TacticsA previously undetected, suspected Chinese-state threat actor has been targeting governments in the South China Sea for years with a remote access Trojan that has been a favorite of Chinese hackers since its creation almost two decades ago, say security researchers from Bitdefender.

New Campaign Targets Over 1,500 Banks WorldwideDespite a law enforcement takedown in January, researchers identified new phishing campaigns spreading the Grandoreiro banking Trojan, indicating its return as a malware-as-a-service tool with better encryption and a better domain name generator, according to IBM X-Force researchers.

Bank Info Security 2 years, 5 months ago

Breach Roundup: Zeus Banking Trojan Leader Pleads Guilty

Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.

Bank Info Security 2 years, 5 months ago

Banking Trojan Harvests Facial Biometrics for AI Deepfakes

GoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake ScamsA Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face profiles, that attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.

Bank Info Security 2 years, 5 months ago

Banking Trojan GoldPickaxe Harvests Facial Biometrics

Both iOS and Android Variants Can Record Face Videos, Used to Create AI DeepfakesA Chinese-speaking cybercrime group codenamed GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can to harvest and steal personal details, including biometric face profiles, which attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.

Bank Info Security 2 years, 5 months ago

More Signs of a Qakbot Resurgence

Qakbot Wouldn't Be the First Trojan to Come Back After a TakedownTakedowns aren't always forever in cyberspace. Months after a U.S. law enforcement operation dismantled the notorious Qakbot botnet, security researchers said signs are pointing to a resurgence. Someone with access to the Qakbot - also known as Qbot - source code is experimenting with new builds.

Bank Info Security 2 years, 7 months ago

'Krasue' Linux RAT Targets Organizations in Thailand

RAT Is Tailored to Exploit Vulnerabilities in Linux Kernel VersionsHackers targeted telecommunications companies in Thailand with a Linux remote access Trojan designed to attack different versions of the open-source kernel, researchers say. Dubbed "Krasue," the malware poses a "severe risk to critical systems and sensitive data," says Group-IB researchers.