Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

99 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 99 Filtered view

Vendor Details Mitigations, Promises Patched PAN-OS Software in Coming WeeksPalo Alto Networks warned that a critical vulnerability in the PAN-OS software that runs its firewalls is being actively exploited in the wild by attackers. The vendor detailed temporary mitigations and promised to release updated software to fully patch the flaw later this month.

The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information. The post Microsoft drops its second-largest monthly batch of defects on record appeared first on CyberScoop.

Bank Info Security 3 months, 3 weeks ago

German Police Rouse System Admins From Sleep Over IT Flaw

Police Fanned Out Early Sunday Brandishing an Advisory of a CVSS 10 VulnerabilityPolice officers across Germany roused corporate IT administrators during the early hours of Sunday morning. Their message to bleary-eyed admins was to immediately patch a critical vulnerability in popular product lifecycle management software from U.S. vendor PTC.

Bank Info Security 5 months, 3 weeks ago

Zero-Day Flaw in Cisco Unified Communications Being Targeted

Vendor Ships Emergency Fixes, Warning Flaw Facilitates Full System CompromiseAttackers are targeting a zero-day vulnerability in Cisco's Unified Communications and Webex products that facilitates remote code execution and root-level access to the underlying operating system, risking full system compromise. Cisco has released patches, warning that no workarounds exist.

Bank Info Security 7 months, 3 weeks ago

Hardware Hackers Urge Vendor Engagement for Security Success

Experts Detail Upsides of Bug Bounties and Getting Devices Into Researchers' HandsAs fresh vulnerabilities in hardware keep coming to light, one question remains: What vendors can do to better prevent, identify and eradiate flaws? One shortlist offered by veteran hardware hackers centered on the upsides of engagement, including bug bounty programs.

Bank Info Security 9 months, 1 week ago

Fortra Confirms 'Unauthorized Activity' Hit GoAnywhere MFT

Medusa Ransomware Group Tied to Exploits of Now-Patched Zero-Day VulnerabilityRecent attacks targeting Fortra's GoAnywhere managed file transfer software exploited a "limited" number of customers who set their on-premises installations to have an administrative console publicly exposed to the internet, which the vendor recommends customers never do.

Security Experts Advise Immediate Patching; Zero-Day Attacks Began Last MonthAffiliates of Russian-speaking ransomware operation Medusa began targeting a zero-day vulnerability in widely used Fortra GoAnywhere Managed File Transfer software one week before the vendor issued a security alert, patch and mitigation instructions for the flaw, say security experts.

Loading more headlines...