Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

45 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 45 Filtered view

Eset Links Group's Growth to Integrated Endpoint-Killing ToolsEset researchers say the rapidly growing Gentlemen ransomware operation differentiates itself by supplying affiliates with a standardized EDR-killer suite that disables security tools, quickly incorporates newly disclosed vulnerable drivers and helps scale attacks across multiple regions worldwide.

Bank Info Security 3 months, 4 weeks ago

Interlock Ransomware Exploited Cisco Firewall Flaw for Weeks

AWS Researchers Find an Interlock Server Laden With ToolsRansomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe.

Bank Info Security 6 months, 2 weeks ago

75,000 MongoDBs Exposed as Attackers Exploit 'MongoBleed'

Patches Issued for MongoBleed as Ransomware Groups Target Flaw to Steal DataTens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in the software to steal sensitive data, with ransomware groups having joined the fray, researchers warn. MongoDB has issued patches and mitigation advice.

Bank Info Security 9 months, 1 week ago

Clop Attacks Against Oracle E-Business Suite Trace to July

Signs Point to Multiple Exploit Chains, One Including a Zero-Day, Being EmployedData-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun by August and involved multiple attack chains, of which one targeted a zero-day vulnerability, report Google threat researchers.

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year

Bank Info Security 11 months, 1 week ago

On the Rise: Ransomware Victims, Breaches, Infostealers

Researchers See 'Acceleration' in Existing Threats, Ongoing Criminal SuccessCybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.

Bank Info Security 11 months, 1 week ago

SonicWall Probes Potential Zero-Day After Ransomware Hits

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say ResearchersSonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

Bank Info Security 11 months, 2 weeks ago

SharePoint Zero-Days Exploited to Unleash Warlock Ransomware

145 Organizations Compromised by China-Linked Ransomware Hackers and OthersNearly 150 different organizations' on-premises SharePoint servers have been exploited by attackers targeting the zero-day vulnerabilities now tracked as ToolShell, researchers warn. Early attacks have been attributed to China-linked groups, in some cases leading to Warlock ransomware infections.

70% of Ransomware Incidents Trace to Attackers Simply Logging In, Researchers WarnHackers may have a reputation for wizardry, but researchers say two of their top tactics are entirely prosaic: exploiting known vulnerabilities in outdated networking gear to gain initial access, as well as using valid - albeit stolen - employee credentials and just logging in.

In what's an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process. Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract

Bank Info Security 1 year, 3 months ago

Medusa Ransomware Brings Its Own Vulnerable Driver

Hackers Use Stolen Certificates to Bypass Endpoint Detection and ResponseA Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, warn researchers. The driver disables endpoint detection and response software by stripping process protections.

Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according to security researchers who say they've observed the intrusions.…

Loading more headlines...