Global messaging service WhatsApp, now part of Facebook, has owned up to a security flaw which leaves it open to man-in-the-middle (MiTM) attacks.
A new report confirms what's long been feared - businesses take too long to recognise and react to a data breach.
A proposal by HMRC to release millions of taxpayers' personal data to private firms has whipped up a storm on data privacy.
Privilege controls can work, but cannot cater for all eventualities, says Quocirca analyst Rob Bamforth.
As Hearbleed slows down the internet, experts say that two-factor authentication may the way forward to protect our web sessions.
You could be implicated as a criminal suspect, just by virtue of having that image in the non-criminal file, says the Electronic Frontier Foundation (EFF).
The National Retail Federation in the United States has announced plans to establish the Information Sharing and Analysis Center (ISAC), so that retailers can work together on incoming cyber security threats.
Single step authentication on Galaxy leaves PayPal accounts open to abuse say German researchers.
Organisations run the risk of being left defenceless against attackers unless they upgrade from MS Win 8.1
Bad news is filtered out of communicaiton to the C-suite and 63 percent of IT staff only start talking after a breach has taken place.
Robert Hannigan is to replace Sir Ian Lobban as the director general of the UK's GCHQ.
An unidentified hacker was able to access and exfiltrate almost half a million records on potential cosmetic surgery patients, it has been revealed.
Controls on access to data by both staff and ex-staff are lax, and even when caught, insiders stealing data get away 'scot-free' says new survey.
The Government's reaction to the 'Heartbleed' flaw has been criticised after the Mumsnet parenting site became the UK's first known victim of Heartbleed hackers.
French hard drive manufacturer LaCie has begun notifying customers that their personal information may have been compromised if they bought products between March 2013 and 2014.
An alleged cybercrime gang from Ukraine and Russia - two of whom were extradited from the UK - have been charged with using Zeus malware to steal millions of dollars from victims including the Franciscan Sisters of Chicago order of nuns.
Reports that Germany's national space centre has been infiltrated by cyber spies have emerged just two weeks after the UK's GCHQ was accused of attacking a string of German satellite and aerospace companies.
The National Security Agency (NSA) has dismissed reports that it has been exploiting the Heartbleed vulnerability to carry out internet surveillance.
Critical infrastructure operators are now being alerted to the far reaching impact of a critical OpenSSL flaw, dubbed the "Heartbleed Bug."
Organisations are getting worse at spotting security breaches and attackers still spend two-thirds of a year on corporate networks before being indentified, according to a new Mandiant report.
A startling report from Her Majesty's Inspectorate of Constabulary (HMIC) shows that only three in 43 police forces in England and Wales have a comprehensive plan for dealing with a large-scale cyber attack.
As the latest major security bug prompts cyber-crime and phishing attacks, experts advise on changing passwords and what CISOs can do.
"I do hope the Home Office has properly thought-out contingency plans" says Professor Peter Sommer, data forensics specialist.
Chart-topping paid-for Android security app does absolutely nothing
IDS platform uses expert-led reinforcement of learned behaviour and decision-making
Systems admins are being warned of a "potentially disastrous" security flaw that allows hackers to steal data from millions of websites worldwide without leaving a trace.
Microsoft has officially ended security support for Windows XP but the government and many large organisations plan to pay to protect their XP users.
GCHQ is teaming up with UK universities to offer accredited cyber security masters degrees, and is also reportedly on the verge of appointing a new director.
Mobile banking transactions may be on the rise, but banks may face an uphill struggle to keep them secure from cyber-criminals.
A new and "extremely dangerous" version of the notorious Zeus malware has been discovered that can fool detection systems by hiding behind an apparently legitimate digital signature.
Mobile point-of-sale (MPOS) terminals being used at thousands of retail outlets in the UK and worldwide can be hacked using multiple cyber-attack techniques.
A US government financial agency has warned smaller banks and financial institutions in the US to be aware of the heightened risk of their systems being phished by cyber-criminals.
Routers from Cisco, D-Link, Huawei, TP-Link and ZTE have been identified as vulnerable.
Security researcher Brian Krebs has spotted a Russian-controlled botnet being used to target banks in the Middle East.
Just nine percent of European organisations feel safe from insider threat, according to a new study by Vormetric and Ovum, and that could get worse once the new EU data protection legislation comes into effect.
5.3 million home and office routers worldwide were being used for DNS amplification attacks in February, according to a new study.
"This highlights the fine line between acceptable and unacceptable usage of your information" says Nigel Stanley, CEO of Incoming Thought.
A new report from F-Secure reveals that most companies lack the resources to update legacy applications, with this potentially being a serious security risk.
The US and UK are the biggest targets of CryptoDefense, a major new ransomware campaign that has stolen over £20,000 in its first month - but which has one major design flaw.
Revelations that UK intelligence agency GCHQ hacked into German satellite and communications companies are likely to accelerate the drive among businesses to tighten their control over how they store their sensitive data.
The UK government finally launched its first national computer emergency response team, CERT-UK, in London today.
Last week's reports of Anonymous Ukraine obtaining and leaking seven million credit card details may be erroneous, with the data having apparently been disclosed in older data breaches.
New research from Google reveals that 21 of the world's top 25 news organisations have been targeted by state-sponsored hacking attacks.
A new malware family that could "creep under the radar" of many system administrators has been found infecting Microsoft Word and Excel files.
The continuing rift between IT security professionals and 'the business' has been highlighted by a new study that shows many organisations still attach little value to cyber security - even though they know the threat is growing.
A new report released today claims that the rising level of government surveillance is now driving a third of organisations away from using cloud computing.
Widely reported changes to the next version of Google's Android are starting to make the operation system "look like a professional platform", say analysts.
With Windows XP finally set to go end-of-life next week, Microsoft has made one final call for businesses and consumers to update to a newer version of the operating system.
Legal payout could be significant in a breach whose costs may reach £10.9 billion (US $18 billion).
US President Barack Obama has announced plans to limit the National Security Agency's `catch all' bulk recording of all phone calls within and traversing the US - with one important caveat.
Distributed-denial-of-service attacks are being bigger and more common, with Prolexic saying that these attacks are exceeding 100 Gbps on a regular basis.
A series of advanced cyber attacks have used the lure of news about the disappearance of Malaysia Airlines flight MH370 to infiltrate nation-state and other targets, according to FireEye.
Anonymous Ukraine says that it has information on "more than 800 million credit cards", and has leaked the first million of those with Visa, MasterCard, American Express and Discover accounts onto a public forum.
Further Snowden leaks allege that the NSA targeted Chinese telecom firm Huawei for corporate data.
Microsoft has rushed out a quick fix for a Microsoft Word zero-day flaw that is now being used in cyber-crime attacks.
Cyber attackers now outgun defenders according to a new report out today looking at the multi-billion-dollar cyber criminal black economy and its infrastructure.
The British government will finally launch the much-delayed Computer Emergency Response Team (CERT-UK) next week, according to report, in a bid to protect the country's critical infrastructure.
The opposition Labour party is calling for new laws to be introduced so that businesses are forced to report when they have been hit by a cyber attack.
Today the Open University launches a new Masters qualification in Computing which includes new modules on corporate digital forensics
A new class of security vulnerability that is "highly suspected" to affect all of the almost one billion Android devices in existence has been discovered by a research team from Indiana University and Microsoft.
Mark Jackson, detective superintendent of the recently-established Met Police Cyber Crime Unit, has admitted that London's police are only just finding out how to tackle cyber-crime.
British researchers have tested their invention, the Snoopy drone, over the skies of London.
A stellar panel of infosec experts told a packed audience at SC Congress London on Thursday that security awareness can play an integral role in educating C-suite on threats coming from inside and outside the company.
Bring Your Own Device is making waves in business, but concerns remain on how employees use personal smartphones and tablets, how they're managed and the laws to which companies must adhere.
"The Internet of Things makes it easier for someone to attack someone that you know," says Sarb Sembhi, analyst and director of consulting at Incoming Thought.
The UK's Chancellor of the Exchequer George Osbourne introduced the 2014 Budget yesterday, but those in the infosec industry believe that it didn't do enough to close the cyber security skills gap.
"Data breaches have become a fact of life for most companies," says John Yeo, Trustwave SpiderLabs EMEA director.
Malware may have reached its 25th anniversary last November, but research just published claims that 20 per cent of all malware ever created was coded last year.
"Patching no longer offers complete protection" says Professor John Walker, Nottingham Trent University
Despite the dangers of insider threats, Gartner analysts Tom Scholtz and Ant Allan believe that trusting people can go a long way to improving business security.
The NSA is spending a great deal of money to get large numbers of false positives, says digital forensics specialist professor Peter Sommer.
Systems administrators urged to take the 'tough medicine' and wipe all affected computers
BT is being investigated by the UK's privacy watchdog, the Information Commissioner's Office (ICO), over claims that the user names and passwords of millions of its email customers were exposed to hacking.
Despite numerous commentators stating that it's now a case of 'when' rather than 'if' businesses are hit by a cyber attack, a new study reveals a third of companies have no incident response plans.
A group of pro-Russian, Ukrainian activists have claimed responsibility for carrying out DDoS attacks on various NATO websites.
Staff pay and bank details posted by suspected insider at Morrisons.
Cyber criminals have reached a new low with a Trojan attack based on a hoax email that tells its UK-based victims that they have cancer.
A division of hactivism group Anonymous says that it was behind an attack on the websites of the Russian presidency, the Russian Central Bank and the Foreign Ministry on Friday.
Cyber security can't remain an IT issue. It needs to be addressed and filtered from the C-suite throughout the business, explains Rangu Salgame, CEO of growth ventures at Tata Communications.
Being alert to the danger of outside attacks is one thing, but like charity, security begins at home. Expect the unexpected, warns Geoff Sweeney, CTO of Tier-3.
Members of a cyber crime gang that stole more than £1.25 million from Barclays Bank using a 'KVM' device have been convicted at Southwark Crown Court.
Precautions must be taken to protect your Bitcoin horde, says LogRhythm's Mark Vankempen
Some may say that the lack of a recognised entry qualification for the information security industry is a good thing, for while professionalising ensures a baseline of competence, it can also be a barrier to talent from unexpected quarters.
Former CIA contractor Edward Snowden has alleged that NSA's surveillance is even more widespread than first thought.
"The AV industry has evolved beyond static signature technology" says NSS Labs.
The UK's university admissions service has been selling access to student and parent data to advertisers and mobile phone companies, in exchange for millions of pounds.
The UK Government is stepping up plans for developing the cyber-security sector, with support for students and teachers.
The European Parliament approved a draft law on data protection on Wednesday, but the mooted changes are still to win universal approval from all in the infosec community.
"Cyber-criminals continue to innovate and find vulnerabilities to exploit for their criminal activity" says Lancope CTO Tim Keanini.
"Are we going to continue on the road and just allow the governments to do more and more and more control - more and more surveillance?" - Sir Tim Berners-Lee
Apple's latest mobile operating system, iOS 7.1, was released on Monday, bringing updates for 41 bugs plaguing users.
Users who are unable to stop using embedded versions of Windows XP should at least stop using Internet explorer and even then may have invalidated any cyber insurance that requires patch updates.
Popular messaging service WhatsApp is facing up to another PR disaster after a security researcher found that others could access private chats through downloaded Android apps.
Information security budgets will increase in 2014, with 45 per cent of organisations planning to spend more this year and only 11 per cent cutting back, according to the latest Information Security Study from 451 Research.
Exiled former CIA contractor Edward Snowden talked NSA surveillance and the powers of encryption at the South by South West conference in Texas on Monday.
The Government's Action Fraud helpline has received hundreds of calls in just 24 hours from end users concerned about a new email phishing campaign that purports to come from the Ministry of Justice.
Government mobile phone hacks, viruses, leaks and website defacement are all reportedly underway in Ukraine following the takeover of Crimea.
The bad news keeps getting worse for MtGox. Two weeks on from being forced to close after hackers stole approximately 850,000 Bitcoins (BTC), the currency exchange now faces accusations that it is still holding onto some of the 'stolen' Bitcoins.
Hackers are using "relatively unsophisticated" malware bought on the black market to target vulnerable point-of-sale (POS) systems, according to a new report.