Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view

Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers

Bank Info Security 3 months, 2 weeks ago

One-Time Passcodes Are Gateway for Financial Fraud Attacks

Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based VerificationFinancial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes.

Banking Sector Faces Challenges in Meeting March 2026 Compliance DeadlineThe Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected.

Bank Info Security 1 year, 2 months ago

Hackers Hijack NFC for Instant Payment Fraud

Attack Combines Social Engineering and Card Emulation to Execute Real-Time TheftHackers are using Chinese-speaking Android malware-as-a-service SuperCard X to carry out near-field communication relay attacks, siphoning payment card data and executing live point of sale and ATM transactions. Victims receive spoofed SMS or WhatsApp alerts purporting to originate from their bank.

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season

Krebs on Security 4 years, 3 months ago

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book "Spam Nation," was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and facilitated money laundering for Hydra, the largest Russian darknet market. But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia's state security services and the cybercriminal underground.

Trend Micro Research, News and Perspectives 4 years, 5 months ago

SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification

Certain SMS PVA services allow their customers to create disposable user profiles or register multiple accounts on many popular online platforms. These services can be abused by criminals to conduct fraud or other malicious activities.