Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

29 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 29 Filtered view

Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel

Patch, turn on MFA, and restrict access to trusted networks…or else Affiliates of the Akira ransomware gang are again exploiting a critical SonicWall vulnerability abused last summer, after a suspected zero-day flaw actually turned out to be related to a year-old bug.…

Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication (2FA) codes, and credit card details under certain conditions

Bank Info Security 11 months, 1 week ago

SonicWall Probes Potential Zero-Day After Ransomware Hits

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say ResearchersSonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

Trellix's John Fokker Advises CISOs to Prioritize Patching, MFA, Network VisibilityThreat actors aren't rushing to adopt AI tools to exploit vulnerabilities. "They still prefer a victim with weak passwords, bad MFA, bad patching. It is the easiest way to make money for criminals so they don't have to invest in AI," said John Fokker, head of threat intelligence at Trellix.

AICD's Figueroa on Business-Focused Communication for Authentication ProgressModern phishing tactics now leverage voice, SMS and AI-powered impersonation, yet many Asia-Pacific organizations continue relying on vulnerable single-factor authentication, said Marco Figueroa, senior manager of cyber security, risk and compliance at the Australian Institute of Company Directors.

Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account

Also: VPN Vulnerabilities Attract Hackers, Hackers Use Swiss Mail to Send MalwareThis week, Russia suspected in Balctic Sea cable sabotage, VPNs draw ransomware attackers and Swiss snail mail malware. An AI training company reported a cybertheft of $250,000 and a U.S. space firm reported a breach. Microsoft said it will pay $$$ for AI vulnerabilities and a MFA success story.

Bank Info Security 2 years, 5 months ago

ISMG Editors: What CISOs Should Prepare for in 2024

Joe Sullivan Also Discusses Identity Management, AI, State of Information SharingIn the latest weekly update, Joe Sullivan, CEO of Ukraine Friends, joins three editors at ISMG to discuss the challenges of being a CISO in 2024, growing threats from disinformation, vulnerabilities in MFA, AI's role in cybersecurity, and the obstacles to public-private information sharing.

In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an

Loading more headlines...