Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view
Bank Info Security 3 months, 2 weeks ago

One-Time Passcodes Are Gateway for Financial Fraud Attacks

Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based VerificationFinancial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes.

Banking Sector Faces Challenges in Meeting March 2026 Compliance DeadlineThe Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected.

Bank Info Security 1 year, 2 months ago

UK Government to Roll Out Passkeys Late This Year

FIDO-Based Authentication to Replace SMS-Based Verification, Says UK NCSCThe U.K. government is set to replace SMS-based verification systems for digital services with passkeys later this year in a bid to shore-up cyber defenses. The authentication initiative is being developed by the U.K. National Cybersecurity Center using FIDO standards.

AICD's Figueroa on Business-Focused Communication for Authentication ProgressModern phishing tactics now leverage voice, SMS and AI-powered impersonation, yet many Asia-Pacific organizations continue relying on vulnerable single-factor authentication, said Marco Figueroa, senior manager of cyber security, risk and compliance at the Australian Institute of Company Directors.

Bank Info Security 2 years, 6 months ago

Top Takeaways From the Hijacking of Mandiant's X Account

All Organizations That Use X Should Review Their Two-Factor Authentication SettingsGoogle Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twitter last year deactivated the account's SMS-based two-factor authentication, leaving it unprotected.