Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view
Bank Info Security 2 months, 2 weeks ago

Crypto-Targeting North Koreans Wield Fake Zoom Meetings

Video of Industry Figures Harvested During Meetings and Used to Lure Future VictimsNorth Korean hackers are pretending to be cryptocurrency insiders, in an attempt to trick targets into accepting Calendly calendar invites. The social engineering ruse is designed to infect Windows and macOS systems with crypto stealers, and to harvest video of real-life people for future lures.

Bank Info Security 9 months, 4 weeks ago

FileFix Campaign Uses Facebook Suspension as Bait

Users Download Malware in Bid to Placate MetaA newly surfaced FileFix social engineering campaign puts a new spin on ClickFix attacks by goading users into loading malware under the guise of reporting a wrongful account suspension to social media giant Facebook. Victims likely get sucked into the scam by following a link from a phishing email.

Extortionists Detail Fresh Victims, Although Sensitivity of Stolen Data UnclearExtortionists tied to the Scattered Spider and ShinyHunters hacking collectives have begun naming victims and leaking data via a new, dedicated Telegram channel. Many of the breaches appear to trace to social engineering attacks that gained attackers access to a victim's Salesforce instance.

Telephone-Oriented Attack Delivery Social Engineering Tactic ThrivesThe phishing industry is a never ending font of innovation. Cyber fraudsters are determined to worm their way into your inbox. Recent attacks involve callback phishing, a social engineering tactic designed to break down victims' defenses by spurring them into calling the scammers themselves.

Social Engineering Attacks Trick Victims Running Malware-Installation ScriptsAttackers are tapping TikTok to distribute videos, apparently generated using artificial intelligence tools, to trick victims into running scripts that install information-stealing malware, researchers warn. The campaign is the latest in a long line of schemes designed to distribute infostealers.

Bank Info Security 1 year, 2 months ago

Hackers Hijack NFC for Instant Payment Fraud

Attack Combines Social Engineering and Card Emulation to Execute Real-Time TheftHackers are using Chinese-speaking Android malware-as-a-service SuperCard X to carry out near-field communication relay attacks, siphoning payment card data and executing live point of sale and ATM transactions. Victims receive spoofed SMS or WhatsApp alerts purporting to originate from their bank.

Bank Info Security 1 year, 4 months ago

Russian-Speaking Hackers Goad Users into Installing Havoc

A newly discovered phishing campaign is using social engineering to dupe victims into copying, pasting, and running the Havoc command-and-control framework on their computers, warn researchers from Fortinet. "ClickFix," displays a fake error message and instructions for its supposed resolution.

Bank Info Security 1 year, 4 months ago

Ukrainian Signal Users Fall to Russian Social Engineering

Google Expects Tactics to Spread; Global Targets and Other Services at RiskRussian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal's end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages.

Bank Info Security 1 year, 5 months ago

Cryptohack Roundup: Critical Ethereum Vulnerability

Also: Conviction in £1.5M Fraud, Sentencing in Torture and Theft CaseThis week's stories include a critical Ethereum vulnerability, conviction in a £1.5M fraud, sentencing in a torture and crypto theft case, SEC's new roadmap, Jan crypto stats, Coinbase social engineering victims, and U.S. lawmakers' digital assets working group.

Bank Info Security 1 year, 7 months ago

Black Basta Ransomware Group Retools for Strategic Attacks

Social Engineering Moves Mirror Nation-State Groups' Tactics, Researchers SayThe Black Basta ransomware group has been refining its social engineering tactics to amass more victims despite escalating law enforcement disruptions, together with a shift to more "strategic, long-term planning" that security experts said suggests Russian state ties.

Bank Info Security 2 years, 1 month ago

HHS Warns Health Sector of Business Email Compromise Scams

Agency Spells Out Measures to Avoid Falling Victim to Costly SchemesHealthcare organizations should take steps to avoid falling victim to evolving threats involving costly business email compromise scams and related phishing schemes fueled by social engineering, warned the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center.