Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

29 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 29 Filtered view
Bank Info Security 1 month, 1 week ago

Data Center OT Flaws Could Help Hackers Kill Power and AC

Claroty Warns of Downtime, 'Devastating' Impact of Vulnerabilities in OT SystemsVulnerabilities in backup power devices and heating and cooling control systems widely used in data centers could enable remote cyberattacks and result in costly downtime and "devastating" operational impact, according to new research from OT security firm Claroty.

AI-Developed Attack Tooling Generated 'High-Volume, Noisy Workflows'A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."

Bank Info Security 2 months, 1 week ago

Security Lost The Speed War: Context Is How We Win

AI-Driven Attacks Compress Breakout Times, Forcing Defenders to Rely on Context NowAI has lowered the cost and speed of cyberattacks, enabling adversaries to exploit vulnerabilities within minutes. As breakout times collapse, security teams must respond faster by using context-driven intelligence and automation to detect, prioritize and stop threats in real time.

Bank Info Security 4 months, 4 weeks ago

Cogent Security Gets $42M to Boost AI Vulnerability Defense

Series A Led by Bain Capital Ventures Targets Autonomous Remediation PlatformCogent Security secured $42 million in Series A funding to expand its AI-powered platform. Backed by Bain Capital Ventures, the company plans to triple staff, enhance model accuracy and scale its agent-based architecture to help enterprises automate remediation and counter AI-driven cyberattacks.

Bank Info Security 5 months, 2 weeks ago

HHS Audit Flags Web App Security Gaps at Large Hospital

Experts: Problems Are Frequent Weaknesses Across Healthcare Sector EntitiesSecurity weaknesses in web-facing apps used at a large U.S. hospital could leave the facility's IT systems and sensitive patient information vulnerable to cyberattacks, found federal auditors. Those same problems also haunt many other healthcare entities, experts said.

Bank Info Security 8 months, 3 weeks ago

HHS Watchdog Flags Medicaid IT Security Gaps in Some States

Pen Tests Find States Thwart Basic Attacks But Are Vulnerable to Sophisticated OnesPen testing of 10 Medicaid management and enrollment systems found that while the nine states and one territory implemented "generally effective" security controls to prevent limited cyberattacks, improvements are needed to protect against more sophisticated attacks, said a watchdog agency report.

Swalwell: Sweeping CISA Cuts Leave Nation Vulnerable to Major CyberattacksA top Democratic lawmaker is demanding transparency and calling for the immediate reversal of major workforce cuts at the Cybersecurity and Infrastructure Security Agency, which is only operating with 35% of its total staff amid the ongoing government shutdown and resulting reductions-in-force.

NCSC Chief Says Recent Retailer Hacks Should Be 'Wake-Up Call' for Cyber DefendersThe number of cyberattacks in the United Kingdom surged 50% in the past year, with ransomware continuing to be the top threat. National Cyber Security Centre CEO Richard Horne said recent high-profile hacks at major retailers exposed supply chain vulnerabilities and are a "wake-up call" to defenders.

Bank Info Security 10 months, 3 weeks ago

Russian Hackers Accused in Wave of Water Sector Cyberattacks

Successful Breaches Renew Fears of Operational Vulnerabilities Across Water SectorRussia is suspected of escalating cyberattacks on European water utilities, including attempts to sabotage Polish and Norwegian water facilities and dams, signaling a broader threat to global critical infrastructure as state-backed actors exploit critical OT weaknesses amid global conflict.

Bank Info Security 11 months, 1 week ago

Dutch Prosecutors Recover From Suspected Russian Hack

Dutch Servers Restored Following Moscow Led AttackThe Dutch Public Prosecution Service on Monday began phased restoration of its networks after a cyberattack last month forced the agency to take down its services offline. The agency confirmed that hackers exploited a vulnerability in a Citrix device.

Former Inspector Reviews Sector's Take on AI, Zero Trust, Vulnerability ManagementSecuring U.S. nuclear infrastructure remains a hot-button topic, especially because it remains an attractive cyberattack target for nation-state adversaries. Former regulatory inspector Mark Rorabaugh, president of InfraShield, details the current state of the sector's cybersecurity posture.

Bank Info Security 1 year, 1 month ago

Vulnerability Databases Face Accuracy and Access Gaps

VulnCheck's Garrity on the Uncertainty of the CVE Ecosystem and EUVD's LimitationsFunding shortages and incomplete coverage in critical vulnerability databases are increasing the risk for defenders. Patrick Garrity, security researcher at VulnCheck, discusses how data gaps and scoring confusion hinder response strategies for potential cyberattacks.

Also: Google Fixes YouTube Vulnerabilities That Could Have Exposed User EmailsThis week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws.

Bank Info Security 1 year, 6 months ago

HHS Urges Health Sector to Beef Up OT, IoMT Security

Feds Warn That Connected Devices Are Prey for CyberattackersThe security of medical devices has been getting most of the attention from regulators in recent years, but other devices that make up the medical internet of things and operational technology systems are also vulnerable to cyberattacks, federal authorities warned in a new advisory.

Bank Info Security 1 year, 10 months ago

Breach Roundup: Mexico in Hacker Spotlight

Also: Critical WHOIS Vulnerability Exposes Internet Security Flaw in .mobi DomainsThis week, cyberthreats rising in Mexico; FBI warned of BEC scams; U.K. police arrested hacking suspect; Avis, Slim CD, Medicare and Fortinet disclosed breaches; Highline public schools reopened after cyberattack; a critical flaw was found in WHOIS; and Konni upped attacks on Russia, South Korea.

Critical-Severity Flaws Expose Emerson Devices to CyberattacksMultiple critical vulnerabilities in Emerson Rosemount 370XA gas chromatographs could allow malicious actors to access sensitive data, cause denial-of-service conditions and execute arbitrary commands. Emerson recommends that end users update the firmware on the products.

US Cyber Defense Agency Says Major Cyberattack Result of Vulnerable Ivanti ProductsThe Cybersecurity and Infrastructure Security Agency confirmed Monday that hackers attacked one of its critical tools housing private sector chemical security plans earlier this year after gaining access by exploiting vulnerabilities found in Ivanti products used by the cyber defense agency.

Security Researcher Says Flaw Came From 700 Exposed APIs Belonging to CoxAn independent security researcher discovered a critical flaw in the backend infrastructure of the largest broadband provider in the United States that, if exploited, could have left millions of business customer devices vulnerable to major cyberattacks.

Bank Info Security 2 years, 1 month ago

ISMG Editors: Is SASE Living Up to the Hype in 2024?

Also: Apple Wi-Fi Vulnerabilities; Cyberattack on Ascension HospitalIn the latest weekly update, ISMG editors discussed the current state of Secure Access Service Edge solutions in 2024, vulnerabilities in Apple's Wi-Fi-based positioning system, and the patient safety questions arising after a cyberattack hit a U.S. hospital.

Loading more headlines...