Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two new reports.
An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) scheme.
A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.
Around a dozen organisations, including at least one financial sector company, have been hit by a new form of hacking where attackers hide stolen corporate data inside video files that they upload to popular sharing sites like YouTube.
Russian hackers are allegedly behind a breach at the US President's office, while Russia's BlackEnergy malware has been used to attack US SCADA system suppliers.
Not-for-profit legal group Lawyers Without Borders says that it has been hit by a cyber-attack emanating from China.
80% of IT professionals expect to see an increase in mobile security incidents in their company in 2015.
The FBI is reported to have raided the house of a second whistle-blower who was leaking sensitive agency documents to the media.
NATO, UK defence attachés and even visitors to Counter Terror Expo and Farnborough Airshow were targeted by 'APT28' Russian state-backed spy group, says FireEye.
The cyber-security skills gap is a 'societal challenge' that must be tackled by everyone, from schools and universities to citizens and businesses, a panel of experts said in London today.
A new survey from Lieberman Software reveals that almost eight in ten IT security professionals believe that perimeter security technologies like firewalls and anti-malware solutions are sufficient in defending against advanced persistent threats (APTs).
A security researcher has discovered a 'bad' Russia-based Tor exit node which was being used to inject malware into downloaded binary files.
A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.
News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.
London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.
A senior malware analyst has slammed the availability of a `password recovery' utility from Freehostia, noting that the software actually uses network admin utilities to take credentials from the users' PC.
One year on from a nation-state APT which 124 systems at telecom operator Belgacom and the firm has detailed the cost and manpower involved in the clean-up operation.
Research just published claims to show that ransomware - in the shape of CryptoWall - is still generating healthy volumes of income for the cyber-criminals behind the code.
Microsoft has unexpectedly withdrawn a key element of its Patch Tuesday operating system refresh after discovering a flaw in an update for Windows 7 and Windows Server 2008.
Microsoft has warned Windows users about a zero-day security issue with malicious PowerPoint documents being emailed to recipients. The software giant is working on a patch for the problem.
US-based security-as-a-service provider Alert Logic opened a Security Operations Centre (SOC) in Cardiff, Wales today in a move that has created almost 130 jobs for local employees.
Google has souped up its two-factor authentication (2FA) login process with the launch of Security Key, a physical USB that only works after verifying the login site is truly a Google website.
The TorrentLocker ransomware has returned with a vengeance and is starting to bring in big money for its operators.
The UK's National Crime Agency is on the hunt for cyber security professionals to "join the fight against some of the world's most significant cyber criminals" on salaries ranging from £24,000 to £52,000.
Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".
Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and third parties.
It's been another week of claims and counterclaims as the US and Chinese governments accuse each other of deviant cyber security practices.
Bank of England Chief Information Security Officer (CISO) Don Randall is to leave his post in the New Year to take up an unspecified supervisory role, with William Brandon set to replace him.
Hard on the heels of the `Sandworm' spy group revealed by iSIGHT Partners earlier in the week, Trend Micro says its has spotted the zero-day vulnerability of the same name being used to target SCADA-based systems.
New research claims to quantify the scale of card fraud in Russian speaking circles. And according to Group-IB's analysis over the last year, that fraud clocks in at a hefty £420 million (US $680 million).
Multi-function printers - a route to bypass air-gapped computer security.
Cyber security and banking experts say that British banks and other financial institutions must share intelligence on threats if they are to beat cyber-criminals and protect critical assets.
The Drupal Association - a non-profit tasked with fostering and supporting the Drupal open-source content management framework coded in PHP - has patched a critical SQL injection vulnerability in version 7.
Research just published claims to show that the UK and Germany are the most targeted areas of Europe when it comes to APTs (Advanced Persistent Attacks).
Android 5.0 - code name L for Lollipop - has been released to hardware vendors this week, with several handset vendors, notably Google and Motorola, planning to push out the updated operating system in the next few days.
A new study from Cyber Streetwise reveals that Britons are using more passwords than a year ago, but warns that most of these are not complex and thus easier to crack.
Two information security consultants believe that the much-publicised insider threat - where a company employee leaks data intentionally or unconsciously - could be countered by building employee loyalty and hiring behavioural psychologists.
Ten cyber-security companies have cooperated to pool intelligence and combat Chinese APT actors.
Systems admins are being warned of a newly discovered 'industry-wide' bug dubbed 'Poodle' that allows attackers to decode encrypted traffic running over the internet.
State hackers try to avoid detection by working Australian business hours - except Chinese public holidays.
A Russian cyber-espionage group has used a dangerous Microsoft Windows zero-day bug - being patched today - to attack targets including NATO, a western European government, a French telecoms firm, Polish energy companies and a US academic organisation.
An anonymous group of hackers claims to have compromised seven million Dropbox accounts, although there is early speculation that this could be a Bitcoin scam or duplicate data coming from an earlier breach.
The CEO of US investment bank JPMorgan says the company will double its spending in cyber-security following a data breach which affected approximately 84 million account holders.
Intimate images of up to 200,000 Snapchat users have been leaked onto the internet after hackers compromised a third-party.
US anti-virus manufacturer Symantec is to split its operations into two publicly traded firms that will focus on security and information management.
A senior Microsoft spokesman says that government surveillance has damaged trust in the cloud and in the company itself, pushing the latter to focus more on data privacy and security.
Adobe has been accused of 'spying' on its users through a new free app that collects their personal credentials and details of the e-books they read, then transmits the data in plain text.
Two of the UK's top cyber crime-fighters have accused financial institutions and other companies of failing to share information about cyber-attacks because of 'mutual suspicion' between police and the private sector.
DDoS attacks: evolution changes the attack vectors
Data breaches - a serious problem over the last decade...
Just when you thought the Shellshock vulnerability issue couldn't get any more complex, a "handful" of Yahoo's servers were apparently infected by malware at the start of the week.
Renowned cryptographer Bruce Schneier took aim at the security industry and poor incident response planning during a typically forthright talk in London yesterday.
Sir Tim Berners-Lee, widely-recognised as the inventor of the World Wide Web, has claimed that the UK's electronic surveillance and oversight body GCHQ is trying to become more transparent on spying.
Automated modem updates crash systems
Qbot: 500,000 reasons to patch/update your system
ATMs: easy cash from the bank, if you know how...
Sir Tim Berners-Lee talked up the importance of web neutrality and how 'rich and trackable' data will be essential in solving issues around online privacy.
The backlash against international cyber-crime strengthened this week with the head of the UK's National Crime Agency (NCA) calling for more powers to 'snoop' on British citizens.
Lawers and accountants are identified as weak liinks in the cyber security chain when it comes to holding high value confidential data without adequate safeguards.
Apple has moved to update its XProtect anti-virus solution for Mac OS X after a research firm discovered a new piece of malware infecting more than 17,000 computers.
The JPMorgan hack is already having a knock-on effect in the UK, with the government and private sector seeking to better protect financial institutions from cyber-criminals.
In a double boost for the UK's cyber security, London's Met Police has launched a new cyber-crime and fraud team called Falcon, while the Government has pumped £2.5 million into protecting the critical national infrastructure from cyber-attacks, with security firm Thales playing a role.
A UK-based insurer has joined banking group JPMorgan in admitting this week that it has been hacked, with 83 million customer accounts compromised on the latter.
A loss of confidence in perimeter defence has led many infosec professionals to question the ability of their organisation to withstand Advanced Persistent Threats (APTs).
The Xen hypervisor - an open source project that forms the basis of a wide range of virtualised servers - has been found to be vulnerable to a new attack vector.
Linux: open source software is highly pervasive making the Shellshock vulnerability potentially more serious than Heartbleed.
Updating of WordPress versions advised to avoid exposure to new vulnerability
While there is now dissatisfaction with web security and calls, led by Sir Tim Berners-Lee, for a Digital Bill of Rights in the UK, commentators do not believe it would be practical.
Third-party vendor route for hackers grants access to US government, Microsoft and games manufacturers.
In the wake of Shellshock, end-users and security managers race to patch web servers and desktops, but may be forgetting vulnerable embedded devices.
Hundreds trapped and exposed by fake 'poisoned' WiFi hotspot.
A new report from Europol's European Cybercrime Centre (EC3) reveals that cybercrime is being increasingly commercialised, and by criminals who use legitimate services to hide their activities.
Two technology start-up companies which are seen as more secure alternatives to Facebook and WhatsApp were hit by distributed denial of service (DDoS) attacks over the weekend.
Phishing for Apples becomes a popular cyber-criminal sport
The Stuxnet worm is still threatening IT systems some three years after its role in damaging Iranian nuclear equipment.
EU vs Google: the data privacy battle continues...
The British government will demand that all its suppliers comply with the five cyber security requirements set out by the Cyber Essentials scheme from October 1.
In the wake of highly publicised major retailer data breaches, consumers and company executives alike demonstrate a substantial lack of confidence in data breach response planning, studies reveal.