Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view
Bank Info Security 6 months, 2 weeks ago

75,000 MongoDBs Exposed as Attackers Exploit 'MongoBleed'

Patches Issued for MongoBleed as Ransomware Groups Target Flaw to Steal DataTens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in the software to steal sensitive data, with ransomware groups having joined the fray, researchers warn. MongoDB has issued patches and mitigation advice.

Bank Info Security 9 months, 1 week ago

Clop Attacks Against Oracle E-Business Suite Trace to July

Signs Point to Multiple Exploit Chains, One Including a Zero-Day, Being EmployedData-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun by August and involved multiple attack chains, of which one targeted a zero-day vulnerability, report Google threat researchers.

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year

Bank Info Security 11 months, 1 week ago

On the Rise: Ransomware Victims, Breaches, Infostealers

Researchers See 'Acceleration' in Existing Threats, Ongoing Criminal SuccessCybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.

In what's an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process. Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract

Bank Info Security 1 year, 7 months ago

Hackers Exploiting Cleo Software Zero-Day

Attackers Target Managed File Transfer Software VulnerabilitiesFile transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files.

Bank Info Security 1 year, 7 months ago

Ransomware Hackers Exploiting Cleo Software Zero-Day

Attackers Target Managed File Transfer Software VulnerabilitiesFile transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files.

Bank Info Security 2 years, 4 months ago

Attackers Rush to Exploit ScreenConnect Vulnerabilities

Ransomware, Info Stealers, Backdoors and CryptojackingHackers are on a tear to exploit unpatched ConnectWise ScreenConnect remote connection software to infect systems with ransomware, info stealers and persistent backdoors. The attacks observed by researchers include ransomware deployments tied to the now-defunct LockBit ransomware operation.