Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

UPGRADE and DigiSeals Programs at ARPA-H Remain Fully FundedA U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration. Program boosters hope to automate cyber defenses so that hospitals of any size can more quickly patch vulnerabilities.

Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers WarnA Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear.

Bank Info Security 1 year, 7 months ago

Mitel MiCollab VoIP Software: Zero-Day Vulnerability Alert

No Patch Yet Available for Second Zero Day to Be Recently Found in VoIP SoftwareSecurity researchers warn of a newly discovered zero-day vulnerability in widely used VoIP telephony software, a discovery that comes as the United States struggles to evict Chinese nation-state hackers from telecom networks. The software is the MiCollab software suite from Canada-based Mitel.

Bank Info Security 2 years, 1 month ago

HHS Funds $50M to Spot, Patch Hospital Vulnerabilities

Research Agency Soliciting 'Upgrade' Project Ideas to Help Boost Healthcare CyberThe highly targeted U.S. hospital sector could get a boost in avoiding cyberattacks with a $50 million investment by a federal research agency aimed at enhancing automation, vulnerability detection and remediation across a variety of devices in healthcare environments.

Bank Info Security 2 years, 3 months ago

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days

UNC5174 Exploited F5 BIG-IP and ScreenConnect VulnerabilitiesA likely Chinese hacker-for-hire used high-profile vulnerabilities in a campaign targeting a slew of Southeast Asian and U.S. governmental and research organizations, says threat intel firm Mandiant. Rapid exploitation of newly patched flaws has become a hallmark of Chinese threat actors.

Bank Info Security 2 years, 4 months ago

Breach Roundup: White House Calls for Memory-Safe Languages

Also: Malware Campaign Hits GitHub, Affects Over 100,000 ReposThis week, the Biden administration urged software developers to adopt memory-safe programming languages and moved to restrict Chinese connected cars, a pharma giant was breached, researchers found malicious repos in GitHub, the Phobos RaaS group is targeting the U.S., and Zyxel patched devices.

Bank Info Security 2 years, 5 months ago

Breach Roundup: Zeus Banking Trojan Leader Pleads Guilty

Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.

Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) reported to Microsoft last year