There is a lack of formal education in cyber-security, says Tom Van de Wiele, principal security consultant, F-Secure
Grandmaster Garry Kasparov says its not the technology but the misuse of it by authoritarian governments that we have to be careful about
A US Defense Intelligence Agency analyst was arrested for supplying top secret national defense information on a foreign country's weapons systems to two journalists
Apple patches vulnerability in iCloud for Windows and iTunes for Windows used by malicious actors to evade antivirus and endpoint detection
Twitter discloses that it gave advertisers access to email addresses and phone numbers that users had supplied for two-factor authentication purposes
A newly published survey reveals that some 68 percent of IT security stakeholders don't know if they've experienced a Pass the Hash (PtH) attack. That isn't necessarily a cause for too much concern.
People need to know the company takes data theft seriously, and if colleagues are to report on suspicious behaviour, they need assurances of confidentiality - usually better achieved via HR than security teams.
California governor Gavin Newsom blocked police from using facial recognition technology in their body cameras
UK & US governments warn Windows, macOS & Linux users to update systems following discovery of multiple advanced persistent threat (APT) groups using a VPN exploit to remotely control computers.
Samy 'mypace' Kamkar credits environment as the most common factor that leads impressionable and talented teenagers to cyber-crime
Microsoft releases latest batch of security updates, fixing 59 vulnerabilities, nine of them critical
Decryptors are now publicly available for a Muhstik and HildaCrypt ransomware programs that recently emerged onto the scene
FBI issues an alert, warning about possible high-impact ransomware attacks targeting US businesses and organisations.
There has been a surge in female applicants for the NCSC's 2019 CyberFirst cyber-security summer courses (held in Cardiff, Belfast, Paisley, Newcastle, Birmingham and London), up 47 percent on 2018.
Data hoarded without any immediate use also could turn toxic for organisations, warn cyber-security experts
Research into DevOps reveals siloed thinking, lack of expertise and correct tools contributing to nearly half of firms not having completed developing their DevOps strategies, leaving companies vulnerable.
Several members-only dark web forums trade a stolen government database featuring the personal information of 92 million Brazilian citizens
Former Yahoo! software engineer pleads guilty of using his access privileges at the company to hack users' accounts and download private images and videos of young women
"All devices will go online regardless of their utility because of the data they can generate": cyber-security guru Mikko Hyppönen
Cyber-attacks tend to have a trickle down effect via a pyramid structure, with the top slot often occupied not by the cliched men in hoodies but by state intelligence organisation
Google's Pixel phone as well as devices from Samsung, Huawei, and Motorola affected by Android zero-day flaw.
Malware marks victims' TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later
Cisco issues a series of security updates, in the process disclosing 29 vulnerabilities, including 16 high-impact ones
Microsoft re-releases security update for a critical remote execution bug in Internet Explorer that has been actively exploited
Cyber-security readiness can have both positive and negative affects on company valuations when assessing acquisition targets. So how do you assess cyber-capability for M&A purposes?
Security firms Malwarebytes and HYAS string together several pieces of evidence that they believe tie Magecart Group 4 to the Cobalt Group
A "double-free" bug in WhatsApp lets attackers exploit it using a malicious GIF to access user content
New feature in Google's password manager will study a person's passwords and then inform them on its strength and whether it has been compromised
Sir Brian Leveson to lead the IPCO, providing independent oversight and authorisation of the use of investigatory powers by intelligence agencies, police forces and other public authorities.
Researchers uncover large Android banking trojan scheme that may have impacted hundreds of millions of Russians
Ghostcat-3PC, a malvertising operation designed to infect online publishers with browser-hijacking malware, launches at least 18 separate infection campaigns in three months
CISA issues advisory, warning of vulnerabilities in several medical IoT devices that could lead to remote code execution
How to go from central planning research under communism to defending global corporations as head of your own successful cyber-security business - plus, what's next?
Cisco Talos finds one malicious actor group using OpenDocument files to bypass a computer's antivirus protection
Shocking new report finds that not only are many major enterprises missing a CISO, but also security strategy roles and data protection mission statements are also absent.
"I feel I am now at war" says General Sir Nick Carter, UK chief of defence staff, as UK ups investement in offensive cyber-capabilities and Nato says ""Cyber-attack on one NATO state is an attack on all"
The one big thing to impact the industry is the use of the MITRE ATT&CK framework. Proactivity will continue to achieve better security which should make cyber-security pros become more confident overall.
Center for Internet Security's Multi-State Information Sharing and Analysis Center (MS-ISAC) urges developers to upgrade to the latest version of PHP
Researchers found that it would take malicious actors about 30 days and just a few thousand dollars to either boost a company's online stature or tear it down
Well-known hacker Gnosticplayers is taking credit for a data breach at the mobile game maker Zynga, claiming he gained access to 218 million user records
A security researcher has discovered what they claim is a "permanent unpatchable bootrom exploit" that affects Apple devices from the iPhone 4s to iPhone X.
Cisco Systems issued a series of security updates on Wednesday last week in the process disclosing 29 vulnerabilities, including 12 high-impact ones.
Cyber-criminals have found a way to use Google Alerts to hook victims into scams or push malware.
The abundance of technology tools gives firms a false sense of confidence in their security posture, finds a Forrester survey
Fileless attacks use legitimate code to infect systems. The malware also uses computer's own LOLBins to infect machines
Whistleblower: White House moved record of call with Ukraine president to separate classified network
Whistleblower states White House officials intervened to 'lockdown' all records of the phone call between the US president and the president of Ukraine
Google and Apple recently removed hundreds of apps from their respective app stores after being informed they were actually fronts for gambling operations
An estimated 16,000 WordPress websites are running a plugin that is vulnerable to unauthenticated plugin option updates
Apple has warned iOS and iPadOS users of a vulnerability that could grant third-party keyboard extensions full access to their devices without permission
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout