A critical flaw found on open-source Jetty HTTP web servers could - if left unpatched - lead to hackers hijacking internet sessions and stealing sensitive data.
Banking Trojan 'Vawtrak' has been spotted in the wild, and it's 'much improved' compared to a year ago.
Less than a week after the discovery of the pre-installed Superfish bloatware on Lenovo laptops, the company's website has been hacked, believed to be by the Lizard Squad.
European SIM card supplier Gemalto, which supplies billions of phone cards and services to operators like Vodafone and Verizon, has confirmed it was "probably" hacked by spies from GCHQ and America's NSA.
The McAfee Labs Threats Report: February 2015 demonstrates how failure to patch is leaving mobile apps exposed to SSL vulnerabilities.
The FBI is offering a US$ 3 million (£1.93 million) reward for information that leads to the arrest of Russian hacker Evgeniy Mikhailovich Bogachev, who is accused of being behind the Gameover Zeus botnet.
The National Crime Agency has led its latest major malware take-down, clubbing together with Europol's European Cybercrime Centre (EC3), private sector and CERT-EU to disrupt the widely-spread Ramnit botnet
Industry reaction to renewed calls for technology backdoors by government agencies has been predictably negative.
Mobile app Telegram's end-to-end encryption security credentials are questioned after researcher accesses plain-text messages.
The European Council is being encouraged to consult with internet companies to find a way around encryption in order to stop terrorists. But, at the same time, the EU Parliament continues to review how NSA's spying impacts upon the privacy of citizens.
There are as many as a dozen variants of the Superfish bloatware found last week on Lenovo laptops, it has been discovered.
A secret division of NSA and GCHQ hackers reportedly hacked into Gemalto's networks, breached the firm's SIM card database and stole private encryption keys from 2010 to 2011, enabling the agencies to monitor a "large portion of the world's cellular communications."
BadUSB malware could be used to manipulate industrial systems, says one security researcher.
Researchers at network threat prevention company FireEye have uncovered a revived iOS Masque Attack, a vulnerability that originally surfaced in November 2014.
McAfee's new 'Hacking the Human Operating System' whitepaper focuses on the use of social engineering to attack home and business users, and finds once again that people are the weakest link.
Lenovo's consumer laptops ran pre-installed adware/malware which could be used to intercept and hijack encrypted SSL/TLS web sessions.
The gradual shift to biometric authentication continues with the news that two UK banks will allow customers to sign-in to their accounts by using Apple iPhone's fingerprint recognition technology.
Just days after the world's "biggest-ever online heist", a new study reveals that bank CEOs are concerned cyber-risks will harm business growth.
A huge spam campaign has been installing the Dyreza banking Trojan on tens of thousands of UK computers, specifically targeting those with accounts at major banks.
Equation Group, the most advanced threat actor yet seen according to Kaspersky, may be the NSA.
The US government and the IT industry continue to lock horns over encryption, despite the US president's plea for greater co-operation between government and vendors.
After stinging criticism from Microsoft and others over how and when it reported zero-day flaws, Google has changed its vulnerability disclosure policy.
The Royal Navy is under an increasing danger of cyber-attack and the government should ramp up training to deal with the threat.
At least one in twenty devices used by the customers of major European banks is riddled with malware, according to new claims from one security company.
In separate developments, a demo hack in Amsterdam shows how to crash a plane, while the US Federal Aviation Administration seeks to improve air cyber-security.
Ukraine has draw up a new state strategy for IT security following wholesale breaches of the government's online presence.
Over one billion records were compromised last year as data breaches became a regular occurrence, especially in the UK, according to a new report.
The UK government is spending £19 million on trialling driverless cars across four major cities, but the news has been met with some caution by experts warning of liability and security issues.
Cyber-spy group exploited two Adobe and Internet Explorer zero-days to infect one of the world's most popular websites, say researchers.
North Korea and Iran are the new players among at least 39 with military cyber-space operations, according to a new report.
As DeepFace facial recognition rolls out on Facebook its still unclear exactly what the privacy implications may be.
The Obama administration is expected to announce a new intelligence agency charged with sharing intel on cyber-attacks, in the wake of high-profile data breaches at Sony and Target.
The European Parliament has reportedly become the latest organisation to block members from using Microsoft's new Outlook apps because of "serious security issues".
Samsung's latest line of internet-connected 'smart' TVs capture conversations through its Voice Recognition software, before sending this information onto third-parties.
Management style and geographic location are key influencers on companies' approach to cyber-insurance, finds new report.
A German motoring organisation has highlighted a weakness in BMW's ConnectedDrive technology, a flaw that could lead to unauthorised users being able to open the vehicles.
The UK's Investigatory Powers Tribunal (IPT) has ruled that the information sharing between the NSA and GCHQ was unlawful up until December 2014.
Experts are speculating that attackers exploited a vulnerability in Anthem's IT system, or obtained credentials via social engineering.
A prolific cyber-espionage group has been actively targeting politicians, journalists, military and other entities by using spyware against Apple iOS devices.
Two new reports chart the increasing complexity and strength of DDoS attacks, which researchers say are now used in wider, more advanced cyber-attacks.
Sony Pictures Entertainment has spent around US$ 15m (£9.87m) on investigating and remediating last year's data breach, which saw hackers steal terabytes of data.
A critical new cross-site scripting (XSS) flaw affecting fully-patched versions of Internet Explorer 11 on Windows 7 and 8 could make users vulnerable to phishing and malvertising attacks, as well as data and log-in credential theft.
Cyber communications are vulnerable to both cyber-attack and kinetic attacks on physical infrastructure, with satellites potentially at risk says new report.
A new National Control Centre of Defence is intended to combat cyber-threats targetting Russia and its governmental websites.
Europol agency EC3 is partnering with Zeus and CryptoLocker threat specialist AnubisNetworks, as it bids to make take-downs more successful.
Troels Oerting, the director of Europol's European Cyber Crime Unit (EC3), has left his post to become Group CISO at Barclays Bank.
A new British army brigade comprising military personnel and civilians will use psychological operations (psyops) and social media to engage in "non-lethal warfare".
An unspecified cyber-espionage group has reportedly used Skype and social media to steal battle plans belonging to opponents of Syrian president Bashar Al-Assad according to a report issued by FireEye.
French smartphone maker Archos was compromised by a SQL injection attack last Christmas, resulting in the leak of up to 100,000 customer details. But fortunately, passwords and credit card details were not stolen.
The European Union has introduced a new scheme to help customers negotiate the security minefield when buying cloud services.
The European Union has indicated that the widely-awaited General Data Protection Regulation (GDPR) will come to fruition before the end of the year.
A leading UK lawyer has said that cyber-insurance can play a part in a business cyber-security strategy, so long as the risks are understood.
Whose afraid of GHOSTs? Disagreement over potential risks of new Linux vulnerability, but layered defence is recommended.
Big Data analysis allows identification of individuals via anonymised data.
Security researchers have discovered a denial-of-service (DoS) vulnerability in Wi-Fi Direct which affects various Android devices. But Google is in no rush to issue a patch.
As news breaks of the UK's first accelerator for cyber-security start-ups, experts say that local firms could take advantage of a worldwide trend - being safe online.
QWERTY module from Snowden linked to Regin, strengthening case for NSA origin.
More than a third of IT security teams are unprepared for the EU's two incoming data protection laws, according to a new study from FireEye.
The UK government has partnered with the IASME consortium and the Give01Day not-for-profit organisation to offer Cyber Essentials certification to UK charities to help them keep safe online.
OpenDaylight's troubles highlight the problems with security in the open source world ahead of Lithium release.
The Estonian president says that international collaboration is vital to fighting back against cyber-criminals.