Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view
Bank Info Security 4 months ago

UK Agency Exposed Corporate Executive Data

Directory Traversal Flaw Found in Companies HouseThe British government's company register service temporarily deactivated its online filing service after someone found a serious vulnerability that allowed people to access directors' sensitive personal data and potentially even amend companies' records or file bogus accounts on their behalf.

Also, North Korean Hackers Remotely Wipe Android DevicesThis week, the U.K. government probed Chinese electric buses for a kill switch, APT37 abused Google's Find Hub in South Korea, Conduent said its January hack will cost it more, Hyundai disclosed a breach and Patch Tuesday. OWASP added two new categories to its Top 10 web application vulnerabilities.

NCSC Chief Says Recent Retailer Hacks Should Be 'Wake-Up Call' for Cyber DefendersThe number of cyberattacks in the United Kingdom surged 50% in the past year, with ransomware continuing to be the top threat. National Cyber Security Centre CEO Richard Horne said recent high-profile hacks at major retailers exposed supply chain vulnerabilities and are a "wake-up call" to defenders.

Agency to Collaborate with External Experts on Vulnerability ResearchThe U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program.

Program Director Mike Eftimakis on How to Fix 70% of Memory Safety IssuesA U.K. government-backed, hardware-based security initiative is tackling one of the biggest cybersecurity challenges - memory safety - and hopes to address about 70% of existing vulnerabilities, said Mike Eftimakis, founding director of Capability Hardware Enhanced RISC Instructions Alliance.

Bank Info Security 1 year, 3 months ago

UK Government Previews Cybersecurity Legislation

Government Says Managed Service Providers Need More RegulationThe British government pledged to introduce stricter rules surrounding incident reporting and supply chain vulnerability patching through legislation it previewed in July 2024. The proposed Cyber Security and Resilience Bill will bring under its scope managed service providers.

Code of Practice for Software Vendors Sets Baseline Security ExpectationsA British government proposal to strengthen software supply chain security received positive feedback from vendors who said voluntary best practices could strengthen cyber defenses. The guidelines suggest requiring multifactor authentication for developers and timely vulnerability patching.

Bank Info Security 1 year, 8 months ago

CHERI Alliance Adds to Memory Safety Hardware Coalition

UK Government Agencies, Google Join Group that PromotesTwo British government agencies and computing giant Google joined the CHERI Alliance, a group dedicated to promoting a hardware architecture that prevents buffer overflows and heap use-after-free vulnerabilities. Adoption of the architecture is miniscule.

Bank Info Security 2 years, 2 months ago

UK Government Publishes AI Cybersecurity Guidance

Guidance Is First Step to Global Standard, Says Minister for AIThe U.K. government released voluntary guidance intended to help artificial intelligence developers and vendors protect models from hacking and potential sabotage. Companies should strengthen supply chain security and decrease risks from vulnerable AI systems to customers, such as data loss.

Bank Info Security 2 years, 5 months ago

UK Mulls Rollout of New Software Vulnerability Rules

Voluntary Rules Will Set Baseline Security Requirement for Software Vendors, UsersThe U.K. government is mulling the rollout of a voluntary set of rules urging software vendors to responsibly disclose vulnerabilities in their systems. The measure comes as the government continues to face criticism over poor management of legacy infrastructure.

Bank Info Security 2 years, 6 months ago

Chinese Nation-State Hacker Is Exploiting Cisco Routers

'Volt Typhoon' Could Be Preparing for Renewed Burst of ActivityA Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia. Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019.