Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 15 most recent headlines Filtered view
Bank Info Security 9 months, 2 weeks ago

Gone in 60 Minutes: Akira Defeats MFA for SonicWall SSL VPNs

'Opportunistic, Mass Exploitation' Campaign Surging, Say Cybersecurity ResearchersAttackers wielding Akira ransomware appear to be engaged in an "opportunistic, mass exploitation" of SonicWall SSL VPN servers, even when they're using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers.

Bank Info Security 11 months, 1 week ago

SonicWall Probes Potential Zero-Day After Ransomware Hits

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say ResearchersSonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day' SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…

Also: VPN Vulnerabilities Attract Hackers, Hackers Use Swiss Mail to Send MalwareThis week, Russia suspected in Balctic Sea cable sabotage, VPNs draw ransomware attackers and Swiss snail mail malware. An AI training company reported a cybertheft of $250,000 and a U.S. space firm reported a breach. Microsoft said it will pay $$$ for AI vulnerabilities and a MFA success story.

Also: Ransomware Hackers Demand BaguettesThis week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.

Bank Info Security 2 years, 1 month ago

Australian Regulators Detail Medibank Hack: VPN Lacked MFA

Court Filing: Threat Actor Stole Admin Credentials From IT Service Desk ContractorMedibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.

Also warns of brute force attacks targeting its own VPNs, Check Point, Fortinet, SonicWall and more Cisco is fighting fires on a couple fronts this week after security incidents involving its Duo multi-factor authentication (MFA) service and its remote-access VPN services.…