Facebook users warned: You may have downloaded these password-stealing Android and iOS apps

Hundreds of malicious apps available in Google Play and Apple App Store tricked users into giving away their passwords. Here's what to watch out for.

NSA, FBI warning: Beware these 20 software flaws most used by hackers

China-backed hackers like to use these flaws, so you need to make sure they are patched, says FBI, NSA and CISA.

Best Amazon security camera deals of May 2023: Ring and Blink sales

Doing home improvements? Don't pass on security. ZDNET gathered the best deals on Amazon's Ring and Blink security cameras for you to stay safe for less.

This sneaky ransomware attack tries to switch off your security software

Cybersecurity researchers detail how one ransomware gang has started using a new technique to help power extortion attacks.

Cybersecurity leaders are having a hard time keeping companies secure, and there's no easy solution

A new report from Foundry finds staff shortages, budget problems and the growing sophistication of cyberattacks are causing major headaches for security leaders.

Australia moots changes to privacy laws after Optus data breach

Government is revising regulations to allow telcos to temporarily share some of their customers' personal information, such as driver's licence and passport numbers, with financial services institutions to facilitate monitoring and remediation in the event of a data breach.

How to encrypt a folder in MacOS to keep sensitive data from prying eyes

You can achieve folder encryption with a third-party application, but there's also a built-in tool that can do this for you.

Ransomware: This is how half of attacks begin, and this is how you can stop them

Cybersecurity researchers warn that attackers are mostly using two different techniques to break into systems.

Microsoft warns of password attacks against Exchange Online, here's what you need to do

SMTP and IMAP are by far the most common protocols abused by password-spraying attacks.

This sneaky fraud attack looks like an email forwarded by your boss

Business email compromise scammers are getting savvier with their lures - and new attack groups are emerging.

Microsoft: New Exchange Server zero-days already used in attacks, expect more to come

Attackers have already exploited the newly disclosed Microsoft Exchange Server vulnerabilities, so act now.

Optus reveals extent of data breach, but stays mum on how it happened

Of the 9.8 million customers impacted by the data breach, 1.2 million have at least one form of identification number that is valid, says the Singtel-owned Australian operator, adding that it has brought in Deloitte to investigate the breach, including how it occurred.

New Exchange Server zero-day vulnerabilities are being used in cyberattacks: Protect your network now

Microsoft is working on a fix for two zero-day exploits that are being actively exploited in the wild - but temporary fixes are already available.

Microsoft: Hackers are using open source software and fake jobs in phishing attacks

Microsoft details how hackers are using easily available tools and non-existent job offers to trick developers and IT workers.

Want to study for ethical hacking? You can with this $35 certification bundle

Even if you have no tech background whatsoever, this bundle of courses can teach you Python, AWS, and ethical hacking skills.

What the Securing Open Source Software Act does and what it misses

The US government is recognizing the importance of open-source software. But is it ready for what's needed?

How to manage Chrome OS syncing for better portability and security

Here's how to get the most out of Chrome OS Sync for an all-around better experience.

Want to dodge a data breach? Do DevOps and let developers work from home, says Google

Developers are tracking what components are used in software, but most of them don't sign-off on code changes, suggesting a long road ahead for protecting the software supply chain.

Victims of these online crooks lacked a key security feature. Don't make the same mistake

These scammers are gaining access to real accounts that they're using to dupe victims into sending payments. One change could help to stop it.

Singapore firms see 54 cybersecurity incidents daily, struggle to keep up

Threats are evolving so fast 62% of cybersecurity professionals in Singapore find it challenging to keep up, with organisations facing an average of 54 security incidents a day.

Chaos IoT malware taps Go language to harvest Windows, Linux for DDoS attacks

Cybercriminals are using Google's Go programming language to target connected devices.

Russian hackers' lack of success against Ukraine shows that strong cyber defences work, says cybersecurity chief

In the face of the 'most sustained and intensive cyber campaign on record', Ukraine shows that a sound cybersecurity strategy can protect assets in even the most trying circumstances, says NCSC boss.

Australia government wants Optus to pay for data breach

Arguing that the recent data security breach "shouldn't have happened", Australia's Prime Minister wants Optus to pay for the replacement of passports--which details were compromised--and hints the country's cybersecurity laws may be updated to boost customer protection.

Blink has a new floodlight camera and Blink Mini Pan-Tilt mount

Amazon-owned Blink announces a pair of new products, including the Blink Wired Floodlight Camera -- a first for the company.

Amazon's friendly robot helper Astro will now double as a security guard for your business

Today, Amazon announced that its Astro robot will soon function as a security patrol for your business through an integration with Ring.

How to lock active incognito tabs on Android Chrome for more privacy

Here's how to to lock up your Android Chrome incognito tabs behind your password, fingerprint, and facial recognition to increase your mobile privacy.

There's been a big rise in hackers targeting Google Chrome - doing this one thing can help protect you

We enter and store a lot of information in our internet browsers, making them a tempting target for cyber criminals.

Hackers are making DDoS attacks sneakier and harder to protect against

Simple yet effective, DDoS attacks are a major threat to online services – but they aren't unstoppable.

Hackers are testing a destructive new way to make ransomware attacks more effective

Cyber criminals are testing a new method of cyber extortion. It could be very worrying.

SwitchBot Lock: A potential smart lock solution for renters and HOA residents

Want a smart lock but don't want to (or can't) change the outside look of your door? Then this might be the smart lock for you.

How to use Microsoft Authenticator as your password manager

The Microsoft Authenticator app can help you juggle passwords on your mobile device and in the Chrome and Edge desktop browsers.

Bosses spying on you? Here's the most disastrous truth about surveillance software

With remote and hybrid working, many companies have resorted to instant, constant surveillance of their employees. But does it work?

Jit and ZAP: Improving programming security

Simon Bennetts, the founder of the world's famous web app security scanner, OWASP ZAP, has joined the Jit code security company. Both will be the better for it.

Is Amazon about to ruin Alexa answers with ads?

Because nothing is more comforting than a robot in your bedroom or kitchen pitching you to buy more stuff at all times of the day and night.

NSA and CISA: Here's how hackers are going after critical systems, and what you need to do about it

NSA and CISA offer some advice for critical infrastructure operators on how to protect their industrial control systems.

Why MFA matters: These attackers cracked admin accounts then used Exchange to send spam

None of the accounts broken into had MFA enabled, which could have stopped the attack from progressing so fast.

Chainguard releases Wolfi, a Linux 'undistribution'

Chainguard takes a new approach to building a container Linux with all the security you'd need already baked in.

This Windows 11 security feature makes your PC 'very unattractive' to password hackers

Microsoft rolls out a new security feature that should significantly slow down password attacks against Windows devices.

Programming languages: It's time to stop using C and C++ for new projects, says Microsoft Azure CTO

The industry should treat C and C++ languages as "deprecated," says Azure CTO Mark Russinovich.

Optus security breach compromises customers' passport details

Australian operator says it is investigating "unauthorised access" of personal data belonging to its current and former customers, including dates of birth, phone numbers, and passport numbers.

Tile's new QR stickers offer Bluetooth-free tracking for low-tech enthusiasts

Tile's techless stickers are designed to reunite users with their lost stuff while keeping sensitive information safe.

Windows 11 22H2: These are the big new security features

Windows 11's new release brings some new settings to keep attackers at bay. Here's a quick tour.

China-US rift will intensify decoupling in tech, financial systems

"Strategic rivalry" between the two economic powers runs deep and is leading to decoupling in technology, finance, and trade, where the development of technologies such as AI and 5G will "increasingly bifurcate", says Singapore's head of central bank,

Indonesia finally passes personal data protection law

After years of deliberation, the largest Southeast Asian market ratifies personal data protection bill, which will apply to local businesses as well as international corporations that handle data of Indonesian consumers.

Uber blames security breach on Lapsus$, says they bought credentials on the dark web

The hacker apparently gained access to several internal Uber systems after stealing a third-party contractor's credentials and then convinced the contractor to approve a two-factor authentication request.

How to manage SSH connections on MacOS with Termius

Jack Wallen shows you how to easily manage your SSH connections in MacOS with the Termius GUI app.

No browser is perfect. What's a user to do?

Jack Wallen offers up his opinion on the state of the browser wars that have produced less-than-stellar results.

IoT: Europe readies cybersecurity rules for smart devices - with big fines attached

The Europe Commission lays out new rules governing the cybersecurity of all network-connected devices sold in the EU.

This AI system will completely change your experience at sporting events

It is officially football season, which means you may be attending an NFL game soon. If you are, the long, tedious and not always accurate metal detectors may be a thing of the past, thanks to Evolv body scanners.

Starbucks Singapore says customer data illegally accessed in data leak

F&B chain notifies members of its Rewards loyalty programme that customer details, including birthdates, residential addresses, and mobile numbers, have been illegally accessed and it is working with local authorities on the security incident.

Uber security breach 'looks bad', potentially compromising all systems

Hacker is believed to have breached Uber's entire network in a social engineering attack, which one security vendor says is more extensive than the company's 2016 global data breach and access logs potentially altered.

US senator reveals how US Customs has amassed data from Americans' devices

Sen. Ron Wyden is urging the agency to stop the "indiscriminate rifling through Americans' private records."

How to use the handy SSH management tool in Chrome OS

If you regularly secure shell into different servers, Chrome OS now makes it easy to manage those connections.

Microsoft Patch Tuesday: 64 new vulnerabilities, including five critical ones

The critical vulnerabilities impact Microsoft Dynamics 365, Windows Internet Key Exchange (IKE) Protocol Extensions, and Windows TCP/IP.

GPS jammers are being used to hijack trucks and down drones: How to stop them

The problem of GPS jamming has spawned an array of anti-jamming solutions.

The Future of the Web: The good, the bad and the very weird

Here's what to look forward to - and to fear - in the next evolution of the internet.

The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

Innovations including quantum computing, AI and smart cities could bring a range of benefits to everyone - but hackers will also be looking to exploit them.

iOS 15.7: Apple patches new iPhone security flaw, so it's time to update

Even if you don't want iOS 16 yet, updating to iOS 15.7 is still a very good idea.

China says NSA used multiple cybersecurity tools in attacks against Chinese university

National Computer Virus Emergency Response Center releases a report that claims "41 types of cyber weapons" were used by the US National Security Agency in recent attacks against Northwestern Polytechnical University during which a "large amount of sensitive data" was breached.

How to tighten your security in Microsoft Edge

Edge offers several options to help protect you from malicious websites and other online hazards.