Richard Moulds takes a look behind recent crypto vulnerability headlines - the ability to calculate the private key of an RSA keypair purely by knowing the public key - and asks if they are a prelude to a 'cryptoapocalypse'.
Malwarebytes researchers are warning IT workers seeking love online to beware "CatPhishing" scams which can leave entire companies devastated.
A new BeyondTrust survey has revealed that nearly half of all organisations (49 percent) reuse passwords across multiple systems, despite knowing better, reports Brian Chappell.
Highly destructive, self-learning 'swarmbots' driven by hivenets will be the threat trend for next year said Fortinet global security strategist, Derek Manky, speaking at the vendors International Media Conference in Nice this week.
Collectively downloaded millions of times, 158 fake Android applications containing mobile malware were recently found smuggled into the Google Play Store.
Pawnbroker chain Cash Converters is investigating a data security breach at its UK operations after receiving email threats of data release.
Security researchers have warned that a new phishing campaign is using the DDE feature in Microsoft Office to deliver DNSMessenger malware undetected.
A banking trojan that's been targeting US financial institutions and services since at least September is already as advanced in its capabilities as its predecessors Zeus, Gozi, and Dridex, researchers from IBM have reported.
Cryptocurrency miners are becoming one of the most prolific threats facing everyone, with Check Point Software Technologies naming this type of malicious software in its Ten Most Wanted Malware list for October.
CIOs and security professionals need to ensure that company security policies are established and enforced, whether employees access company sensitive data from home offices, public Wi-Fi networks or hotels says Gerald Beuchelt.
We now see 'weaponisation' of personal data against civilian groups largely indifferent to observation; as we live our lives online, criminal methods get easier, and rewards greater, cyber-crime is getting organised warns Peter Groucutt.
Hackers have been breaking into corporate servers via RDP brute-force attacks and manually infecting them with a new variant of ransomware called LockCrypt.
Another wiper malware posing as a ransomware is targeting German businesses under the guise of fake job applicants inquiring about openings.
Equifax was financially punished for the breach that allowed the personal data of 145.5 million of its customers to be compromised with revenue down 27 percent (£20 million) in the quarter and breach costs of £66.8 million.
While SEO best practices help brands reach the widest possible audiences by garnering more web traffic, these same tactics can also be leveraged to help cyber-criminals reach the most victims.
A new malware uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.
Estonia on Friday blocked the certificates of 760,000 national ID cards in response to a cryptographic vulnerability that researchers have discovered is even more dangerous than originally reported.
The password on its own is not enough to protect an organisation's data, even if you follow best practice says Kevin Timms, adding passwords that are easily entered and remembered are inherently weak and easily compromised.
An attack campaign targeting Android users in Austria has been employing a novel trio of techniques to steal their funds: a credentials phishing web page, malicious banking app overlays, and credit card phishing screens.
Cunning SEO trickery and new variant of Zeus Panda targets international banking customers
Apple iOS 11, Apple has QR scanning functionality enabled by default which Elad Ben-Meir says can effectively make anyone scanning the QR code matrices with Apple devices vulnerable to unknowingly uploading malicious code.
Asian entertainment website Crunchyroll.com is blaming a DNS hijack attack after site visitors in the early morning of 4 November were redirected to a malicious website designed to infect them with malware.
The Queen's offshore accounts, Russian links to President Donald Trump's top administration officials among 13.4 million documents exposed in Paradise Papers. Legal and accounting firms can expect to be increasingly targeted.
A new variant of the banking Trojan, CoreBot, which was mainly active in the summer of 2015, has been spotted by security researchers with the new variant spreading via malicious Office documents.
Group IB, the cyber-security firm that uncovered the BadRabbit ransomware attacks in October, has signed a threat-exchange agreement with INTERPOL.
App stores that once distributed the rootkit malware used by ZNIU, the first malware family to exploit the Dirty COWvulnerability, are now distributing a new iXintpwn/YJSNPI variant.
WannaCry and Cerber has totally dominated the ransomware landscape so far this year comprising almost all the attacks that have taken place, while other big names such as Locky were barely a blip on the radar.
Another misconfigured Amazon server has resulted in the exposure of personal data - this time on 50,000 Australian employees that were left unsecure by a third-party contractor.
News Feature: Interview with ex-GCHQ director Robert Hannigan CMG; tech leaders on the board; terrorists to achieve ability to wreak cyber-chaos in 5 years; DDoS as smokescreen/DDoS Awareness Day; active cyber-defence.
A new bankrobber Trojan has been identified by researchers at Kaspersky Lab, quietly stealing money direct from the banks themselves rather than targeting customers.