Security News
About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.
Microsoft and OpenAI have identified attempts by various state-affiliated threat actors to use large language models to enhance their cyber operations. Just as defenders do, threat actors are leveraging AI to boost their efficiency and continue to explore all the possibilities these technologies can offer.
A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. [...]
This policy from TechRepublic Premium provides information on defining an incident, assigning an incident response team, documenting a plan and conducting a response. DOCUMENT AN INCIDENT RESPONSE PLAN. Draw up a plan for incident response and start by including a detailed list of system/application/device information.
The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider. All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.
Trans-Northern Pipelines has confirmed its internal network was breached in November 2023 and that it's now investigating claims of data theft made by the ALPHV/BlackCat ransomware gang. While ALPHV's claims were not directly mentioned by Dornan when asked by BleepingComputer for confirmation, the ransomware gang says its operators stole 183GB of documents from the company's network.
A passkey is a specific authentication method that can be used as commonly as a password but to provide additional security. This article will define passkey technology, explore how it works and discuss the added security benefits of using a passkey.
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber...
LogMeOnce is a promising password manager that includes useful features like a password health scorecard, a built-in notes menu and a dark web monitor. You can try out LogMeOnce Ultimate for seven days and LogMeOnce Teams or Business for 14 days.
Cybersecurity researchers have found that it's possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems...