Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view

Also, Taiwan Rail Hack, Massive DDoS Attack and Karakurt Jail SentenceThis week, Microsoft Edge exposed passwords, Taiwan police make arrests in high-speed rail hack and a 2.45 billion-request DDoS attack. A Karakurt negotiator jailed, North Korean IT worker scams led to prison terms and France detained a teen over a government data breach. Another Ivanti zero-day.

Bank Info Security 10 months, 3 weeks ago

Nuance Agrees to Pay $8.5M to Settle MOVEit Hack Litigation

Settlement Is Latest Among Scores of Other MOVEit Lawsuits Still PendingNuance Communications, a Microsoft subsidiary, has agreed to pay $8.5 million to settle class action litigation filed after hackers exploited a zero-day flaw in Progress Software's MOVEit file transfer software in 2023, stealing data belonging to more than a dozen of Nuance's healthcare clients.

Bank Info Security 11 months, 3 weeks ago

Microsoft Traces On-Premises SharePoint Exploits to China

But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers WarnMicrosoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.

Bank Info Security 1 year, 2 months ago

Turkish Group Hacks Zero-Day Flaw to Spy on Kurdish Forces

Microsoft Researchers Link Turkish Spy Group to Output Messenger Zero-Day HackA Turkish-linked cyberespionage group known as Marbled Dust exploited a zero-day in the Output Messenger Server Manager application to spy on Kurdish military operations in Iraq. Microsoft reported the hack and called for immediate mitigation to block credential theft and malware delivery.

The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks

Bank Info Security 1 year, 10 months ago

North Korean Hackers Tied to Exploits of Chromium Zero-Day

Cryptocurrency Users Targeted in Latest Campaign Involving FudModule RootkitA hacking group tied to North Korea exploited a zero-day vulnerability in the open source Google Chromium web browser to try and steal cryptocurrency, Microsoft said. The attack campaign is the latest to involve a sophisticated North Korean rootkit called FudModule. Google has fixed the flaw.

Bank Info Security 1 year, 10 months ago

North Korea Exploited Windows Zero-Day to Deploy Fudmodule

Lazarus Espionage Group's Sophisticated Malware Evades Antivirus MonitoringNorth Korea's Lazarus hacking team, which focuses on cryptocurrency theft and espionage, has once again been exploiting a zero-day vulnerability in Microsoft Windows to install antivirus-suppressing malware dubbed Fudmodule to aid its intrusions.

In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of

Loading more headlines...