Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 25 Filtered view

Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month after the company disclosed that it had been exploited as a zero-day by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686

PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and that its own failure to completely fix past problems is the cause.…

Bank Info Security 1 year, 6 months ago

Zero-Day Patch Alert: Ivanti Connect Secure Under Attack

Suspected Chinese Attackers Again Tied to Active Exploitation of VPN AppliancesVPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Experts are warning users to immediately update their devices, after factory resetting them to flush any malware attackers may have installed.

Bank Info Security 1 year, 7 months ago

Mitel MiCollab VoIP Software: Zero-Day Vulnerability Alert

No Patch Yet Available for Second Zero Day to Be Recently Found in VoIP SoftwareSecurity researchers warn of a newly discovered zero-day vulnerability in widely used VoIP telephony software, a discovery that comes as the United States struggles to evict Chinese nation-state hackers from telecom networks. The software is the MiCollab software suite from Canada-based Mitel.

Bank Info Security 1 year, 10 months ago

Chinese Nation-State Attackers Tied to Versa Zero-Day Hit

Targeted Versa Software Used by Service Providers to Manage Wide Area NetworksChinese nation-state attackers are actively exploiting a zero-day vulnerability in Versa Director software, used by major internet and managed service providers to deploy, configure and monitor network infrastructure, security experts warn. Versa updated its software last month to patch the flaw.

Bank Info Security 2 years, 4 months ago

Chinese Group Runs Highly Persistent Ivanti 0-Day Exploits

UNC5325 Can Remain in Hacked Devices Despite Factory Reset and PatchesChinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.

Bank Info Security 2 years, 5 months ago

Ivanti Discloses Additional Zero-Day That Is Being Exploited

Company Starts Patch Rollout for Flaws Exploited by Likely Chinese Intelligence OpCorporate VPN maker Ivanti on Wednesday began a belated patch rollout for zero-day flaws that many cybersecurity firms say paved the way for an espionage hacking operation likely conducted by China. Ivanti also disclosed two more zero-days and told customers that hackers are exploiting one of them.

Loading more headlines...