Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

Russian-speaking UAT-11795 spreads trojanized Zoom, Webex, and MobaXterm installers to deliver Starland RAT and the WLDR memory-only implant. Cisco Talos researchers published a detailed technical report on July 16 disclosing UAT-11795, a financially motivated, Russian-speaking threat actor that has been running a malware campaign against users in the United States and Europe since at least […]

Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer ArrestedThis week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenage doxer, a Oracle WebLogic flaw was actively exploited.

Bank Info Security 5 months, 1 week ago

Sanctioned Bulletproof Host Tied to DNS Hijacking

Shadow Aeza International Directed Traffic to Malicious AdtechA financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found.

Bank Info Security 8 months, 3 weeks ago

Russia, China Will Weaponize UN Cyber Treaty, FDD Warns

Foundation for Defense of Democracies Warns Against Aligning With New Cyber TreatyThe United Nations' cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms - despite U.S. opposition and mounting civil society alarm, analysts warned Thursday.

Snarfing up config files for 'thousands' of devices…just for giggles, we're sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks and collect information on industrial systems.…

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things

Bank Info Security 1 year, 1 month ago

Researchers: Meta and Yandex Broke Android Privacy

Web-to-App Pipeline Uses Meta Pixel and Yandex MetricaAmerican social media giant Meta and Russian counterpart Yandex each found methods to break through privacy protections enabled by Android users, say academics in newly disclosed research. A Meta spokesperson in a prepared statement said it stopped the tracking "upon becoming aware of the concerns."

Krebs on Security 1 year, 5 months ago

Infrastructure Laundering: Blending in with the Cloud

In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit -- a sprawling network tied to Chinese organized crime gangs and aptly named "Funnull" -- highlights a persistent whac-a-mole problem facing cloud services.

Bank Info Security 2 years, 3 months ago

Russia Tops Global Cybercrime Index, New Study Reveals

Russia, Ukraine, China and US All Top 'First-Ever World Cybercrime Index'A new study published by researchers from the universities of Oxford and New South Wales ranks Russia at the top of a global list of cybercrime hot spots and says Ukraine, China, the United States, Nigeria and Romania are home to a majority of global cybercriminal activity.

Bank Info Security 2 years, 5 months ago

Breach Roundup: EquiLend Faces Cyberattack, Systems Offline

Also: Ivanti Exploitation Continues; Apple Fixes First Zero-Day of 2024This week, U.S. short seller lender EquiLend Holdings was hacked, the Ivanti exploitation continued, Apple addressed the first zero-day of 2024, Ukraine said hackers had hit a Russian research center, Kasseika ransomware evolved, North Korean hackers were active, and Trello experienced a data leak.

The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne

A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran's MuddyWater, new research has found