Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

18 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 18 most recent headlines Filtered view
Bank Info Security 5 months, 2 weeks ago

Social Engineering Hackers Target Okta Single Sign On

ShinyHunters Campaign Uses Voice Phishing to Bypass MFA and Steal Corporate DataSecurity experts warn that "an active and ongoing campaign" being waged by ShinyHunters extortionists has at least 150 organizations in its sights across a range of sectors, with attackers using live voice phishing to bypass multifactor authentication, steal cloud data and hold it to ransom.

Passwords and app-based MFA add hidden costs through lost productivity, frequent resets, and risk of phishing and social engineering attacks. Token explains how wireless biometric, passwordless authentication eliminates credential-based attacks and delivers measurable financial returns by reducing login time across the enterprise. [...]

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface

Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering tactic designed to gain access to victims' emails

CISA and FBI Warn of Iranian Hackers Targeting US Political Campaigns and OfficialsThe Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have issued new guidance to help U.S. political campaigns defend against increasing cyber threats from Iran, recommending stronger multi-factor authentication, phishing-resistant protocols, and vigilance against social engineering.

The Hacker News 2 years, 5 months ago

4 Ways Hackers use Social Engineering to Bypass MFA

When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it's important to remember that MFA isn't foolproof. It can be bypassed, and it often is.  If a password is compromised, there are several options

Bank Info Security 2 years, 6 months ago

Beyond Hacktivism: Akamai CTO on Shifting Threat Landscape

Robert Blumofe on DDoS Attacks, API Security, Zero Trust and FIDO2-MFARobert Blumofe, executive vice president and CTO at Akamai, expects social engineering, phishing, extortion and AI-driven attacks to dominate the threat landscape. He advised enterprises to use FIDO2-based MFA, zero trust, microsegmentation and API security to reduce risks.

Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt to trick them into resetting multi-factor authentication (MFA) for high-privileged users. [...]