Security News

Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks.In a data breach notification filed with the Office of the Maine Attorney General, the company says that the breach impacted 64,472 people.

The FBI is warning of cybercriminals posing as law firms and lawyers that offer cryptocurrency recovery services to victims of investment scams and steal funds and personal information. The FBI says that fraudsters trick victims of the legitimacy of the service by claiming a collaboration with government agencies like the FBI and the Consumer Financial Protection Bureau.

US cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool portal. Essentially, it's used to determine which facilities are deemed high risk under Chemical Facility Anti-Terrorism Standards regulations.

To simplify the password management process and mitigate password-related breaches, organizations leverage enterprise password managers. Here are our picks for the eight best enterprise password managers in 2024.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. Indonesia is working on creating four national data centers to support digital government efforts.

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management...

Researchers at Graz University of Technology were able to spy on users' online activities simply by monitoring fluctuations in the speed of their internet connection. This stealthy approach allows the attacker to reconstruct the victim's online activity, posing a threat to their privacy.

P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. P2PInfect was first documented in July 2023 by Unit 42 researchers, targeting Redis servers using known vulnerabilities.