Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 months, 3 weeks ago

Crypto-Targeting North Koreans Wield Fake Zoom Meetings

Video of Industry Figures Harvested During Meetings and Used to Lure Future VictimsNorth Korean hackers are pretending to be cryptocurrency insiders, in an attempt to trick targets into accepting Calendly calendar invites. The social engineering ruse is designed to infect Windows and macOS systems with crypto stealers, and to harvest video of real-life people for future lures.

Bank Info Security 3 months, 3 weeks ago

Breach Roundup: Tycoon2FA Phishing Platform Rebounds

Also, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and FranceThis week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim surge.

Bank Info Security 5 months, 1 week ago

Fake Out: 0APT Data-Leak Ransomware Group Branded a Scam

Bitcoin Joining Fee for Affiliates and No Proven Victims Cited by ResearchersNewcomer ransomware group 0APT is being branded a "likely scam operation," not least after a list of over 200 supposed victims turned out to be bogus, if not entirely AI-generated - never mind a 1 bitcoin joining fee for would-be affiliates and outdated crypto-locking malware.

Bank Info Security 6 months, 2 weeks ago

2 Cyber Pros Admit to Being BlackCat Ransomware Affiliates

Americans Extorted at Least 5 Firms, Earning $1 Million From a Medical Device MakerTwo American cybersecurity professionals who moonlighted as BlackCat ransomware gang affiliates pleaded guilty to using the crypto-locking malware to extort at least five victims in the United States, including a medical device maker that paid a cryptocurrency ransom worth over $1 million.

Users Download Malware in Bid to Placate MetaA newly surfaced FileFix social engineering campaign puts a new spin on ClickFix attacks by goading users into loading malware under the guise of reporting a wrongful account suspension to social media giant Facebook. Victims likely get sucked into the scam by following a link from a phishing email.

Move Raises Possibility Group Isn't Just Marketing Its Malware to CriminalsUp-and-coming ransomware group Anubis has tweaked its malware to irrevocably wipe victims' data - an unusual tactic from hackers whose typical corrupt bargain is restored data in exchange for extortion money. Why would a ransomware attacker seeking leverage in negotiations ever do this?

Social Engineering Attacks Trick Victims Running Malware-Installation ScriptsAttackers are tapping TikTok to distribute videos, apparently generated using artificial intelligence tools, to trick victims into running scripts that install information-stealing malware, researchers warn. The campaign is the latest in a long line of schemes designed to distribute infostealers.

Bank Info Security 1 year, 1 month ago

Fake AI Tools Lure Users in Year-Long Malware Campaign

Mandiant Says Malware Spread Through Fake AI Video Ads Seen by MillionsOnline scammers are converting excitement over generative artificial intelligence into fraudulent sites that infect victims with malware, says threat intel firm Google Mandiant in a report exposing a year-long campaign to distribute infostealers and backdoors.

Bank Info Security 1 year, 2 months ago

Hackers Hijack NFC for Instant Payment Fraud

Attack Combines Social Engineering and Card Emulation to Execute Real-Time TheftHackers are using Chinese-speaking Android malware-as-a-service SuperCard X to carry out near-field communication relay attacks, siphoning payment card data and executing live point of sale and ATM transactions. Victims receive spoofed SMS or WhatsApp alerts purporting to originate from their bank.

Bank Info Security 1 year, 4 months ago

Cryptohack Roundup: Garantex Operator Arrested

Also: Hackers Use npm Packages, MassJacker Malware and Fake $TrumpThis week, Garantex admin arrested, hackers used npm packages to steal crypto data and deployed MassJacker malware to steal coins, infected victims with $Trump lures. Also, U.S. authorities seized hacked Ripple funds and a California warning about scams.

Bank Info Security 1 year, 4 months ago

Knockout of X Tied to Pro-Palestinian Hacktivists' Botnet

Experts Express Surprise Over Major Social Platform Falling Victim to DDoS AttacksOne of the world's biggest social networks continued to face intermittent outages Tuesday, apparently due to unsophisticated, distributed denial-of-service attacks. Experts said the attacks were traced to malware-infected devices - many based in the U.S. - and pro-Palestinian hacktivists.

Bank Info Security 1 year, 7 months ago

'Horns&Hooves' Malware Campaign Hits Over 1,000 Victims

Russian Threat Actor Delivers NetSupport RAT, BurnsRAT via Fake RequestsA malware campaign targeting Russian retailers and service businesses aims to deploy remote access tools and install infostealer malware. Kaspersky dubbed the campaign "Horns&Hooves," after a fake organization set up by fraudsters in the 1931 Soviet satirical novel "The Little Golden Calf."

Bank Info Security 1 year, 7 months ago

Mysterious Elephant Using Hajj-Themed Bait in Attacks

Group Deploys Upgraded Malware Disguised as Microsoft File on Pilgrimage GoersA South Asian threat actor identified as Mysterious Elephant or APT-K-47 by Knownsec 404 researchers is using a Hajj-themed lure to trick victims into malicious payload disguised as a Windows file. The hacker is using upgraded Asyncshell malware disguised as a Microsoft Compiled HTML Help file.

Bank Info Security 1 year, 9 months ago

TrickMo Trojan Variants Target Device Unlock Codes

New Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility FeaturesA new variant of an Android banking Trojan called TrickMo is tricking victims into providing their phone unlock code, enabling hackers to sustain operations, warn cybersecurity researchers. The malware displays presents a deceptive HTML user interface that mimics the device's actual unlock screen.

Bank Info Security 1 year, 9 months ago

Fake Job Lures Target Employees of Aerospace, Energy Firms

BAE Systems Among Companies in the Sights of North Korean Cyberespionage GroupA North Korean cyberespionage group is posing as job recruiters and targeting aerospace and energy sector employees with lucrative job offers, according to Mandiant. The hackers use email and WhatsApp messages to lure victims into clicking a link that deploys backdoor malware onto their devices.

Hackers Used Dozens of Servers to Distribute Malicious Android AppsLaw enforcement authorities in Singapore, Malaysia, Hong Kong and Taiwan took down a cybercrime ring that used dozens of servers and hundreds of phishing pages across multiple jurisdictions to run a malware-enabled scam operation and steal tens of millions from victims' bank accounts.

Bank Info Security 2 years, 6 months ago

Ransomware Trends: Medusa and Akira Rage; Tortilla Disrupted

Crypto-Malware Trackers Report a Surge in Known Ransomware Victims at End of 2023Ransomware-wielding attackers show no signs of stopping, and experts report December 2023 was the second-worst month on record for known victims. Lately, Akira-wielding attackers have been hitting Finland hard, and Medusa has been behind a rising number of attacks.