Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view
Bank Info Security 10 months, 2 weeks ago

Hackers Chase Credentials in Hybrid Cloud Deployments

Financially Motivated Actor Storm-0501 Systematically Probed Victim EnvironmentsAs enterprises go with hybrid cloud developments, so follow hackers, even if it means jumping through extra hoops to get to where the data is stored. Microsoft on Wednesday said it spotted a financially-motivated hacking group probing a hybrid on-premise.

Bank Info Security 1 year, 3 months ago

Breach Roundup: Port of Seattle Notifies 90,000 Victims

Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete ServersThis week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider's "King Bob" pleaded guilty, SmokeLoader users busted.

Bank Info Security 1 year, 7 months ago

Russian APT Hackers Co-Opt Pakistani Infrastructure

FSB Hackers Have Hijacked Others' Command and Control BeforeA Russian state hacking group hijacked the command and control infrastructure of a Pakistan-based espionage network as part of an ongoing intelligence-gathering operation targeting victims in Asia, finds a report from Microsoft and Black Lotus Labs.

In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of

The Register 2 years, 11 months ago

US senator victim-blames Microsoft for Chinese hack

ALSO: China says US hacked it right back, BreachForums users have been pwned, and this week's critical vulns Infosec in brief US senator Ron Wyden (D-OR) thinks it's Microsoft's fault that Chinese hackers broke into Exchange Online, and he wants three separate government agencies to launch investigations and "hold Microsoft responsible for its negligent cyber security practices." …

Microsoft says Cuba ransomware threat actors are hacking their way into victims' networks via Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability also exploited in Play ransomware attacks. [...]

The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems