IoT devices can undermine your security. Here are four ways to boost your defences

IoT is an increasingly common part of critical networks and cyber attackers know it. Here's how to avoid becoming a victim of their tactics.

OpenSSL dodges a security bullet

The critical security vulnerability turned out to be two serious vulnerabilities. Still, they need patching ASAP.

Ransomware: Not enough victims are reporting attacks, and that's a problem for everyone

The true impact of ransomware is unclear because some victims aren't disclosing that they've been attacked.

Ransomware is a global problem and getting worse, says US

US government looks at ways of limiting the impact of ransomware across the world.

How to encrypt email in Thunderbird (and why you should)

Here's how to protect your sensitive information from third parties.

FBI and CISA: Here's what you need to know about DDoS attacks

Agencies say guidance will help organisations to understand and respond to DDoS attacks.

This stealthy hacking campaign uses a new trick to deliver its malware

Cyber attackers are using a new technique to hide their malicious activities and compromise victims with trojan malware backdoors.

Bosses say they're serious about cybersecurity. It's time for them to prove it

Business leaders claim that cybersecurity skills are a top priority, but their actions often suggest otherwise.

Why password security may be a really good joke

Is nagging and scaring the best way to get people to treat their passwords with care? Perhaps not.

Microsoft Authenticator gains feature to thwart spam attacks on MFA

And the iOS Authenticator app now uses App Transport Security.

Microsoft: Raspberry Robin USB worm hits nearly 1,000 organizations in the past month

Widely distributed worm evolves into one of the largest currently active malware distribution platforms.

OpenSSL warns of critical security vulnerability with upcoming patch

We don't have the details yet, but we can safely say that come Nov. 1, everyone -- and I mean everyone -- will need to patch OpenSSL 3.x.

Winkeo-C FIDO2, hands on: A reliable and affordable USB-C security key

Add FIDO2 to devices that don't have built-in security hardware. There's a little extra setup work, but the price is competitive.

These cybersecurity vulnerabilities are most popular with hackers right now - have you patched them?

Cybersecurity researchers detail some of the security flaws that are most associated with attacks in recent times. One is years old.

Next Windows 10/11 Patch Tuesday fixes Microsoft's botched vulnerable driver blocklist

Microsoft addresses an issue preventing Windows 10's vulnerable driver blocklist from being updated with new vulnerable drivers.

The 4 best free VPNs for iPhone

A free VPN could work for protecting your iPhone's connection in limited cases. But before you go that route, make sure you understand the risks.

These ransomware victims are making the highest ransom payments

Ransomware gangs want to make the biggest amount of money in the smallest time possible - and that means one industry is a lucrative target.

APAC faces 2.1M shortage in cybersecurity professionals

Asia-Pacific region sees greatest growth in cybersecurity workforce, but still struggles to fill a gap of more than 2.16 million with 60% of organisations reporting a significant shortage in security staff, according to a study released by ISC2.

Cybersecurity teams are reaching their breaking point. We should all be worried

Stress and burnout are having a massive impact on cybersecurity teams, leaving people and businesses more vulnerable than ever.

How to set up two-factor authentication for your Facebook account

Applying two-factor authentication to Facebook is a useful way to protect it from being hacked - here's how to set it up.

Australia seeks stiffer penalty for data breaches amidst spate of security incidents

Government says it will push up maximum fines for serious or repeated data privacy breaches to AU$50 million, up from the current AU$2.22 million, in a move that follows a spate of cybersecurity incidents that compromised customer data, including Medibank.

How to set up SSH key authentication in Linux for more secure logins

Here's how easy it is to add a layer of security to your secure shell logins on Linux.

Criminals are starting to exploit the metaverse, says Interpol. So police are heading there too

An international police organization is using the metaverse and wants to understand how crime could evolve.

FBI warning: This ransomware group is targeting poorly protected VPN servers

Attackers are using VPN servers to gain access, and then SSH and RDP to spread through networks.

What is the dark web? Here's everything to know before you access it

Also called the deep web, this encrypted area of the internet isn't indexed by search engines and requires specific preparation to access. Is it safe or even legal? Strap on your VPN and all will be revealed in this dark web guide.

Battery-draining Android apps with 20 million downloads pulled from the Google Play Store

Cybersecurity researchers at McAfee identity apps which infect users with malware for adware fraud - users are urged to uninstall them as soon as possible.

Singapore champions Asean CERT as region's cyber armour

Now formally established, the Asean Regional Computer Emergency Response Team (CERT) will operate as a virtual centre comprising incident responders from across member states, each sharing information during security incidents that occur in any of the respective nation.

Singapore, Germany to mutually recognise IoT cybersecurity labels

The two countries have signed an agreement to recognise their respective security rating mechanism for a range of consumer products, including smart televisions, smart speakers, health trackers, and home automation hubs.

These are the top passwords hackers use against remote access. Time to change yours?

Here's how to prevent most brute-force attempts on online credentials.

This old malware has been rebuilt with new features to use in ransomware attacks

A 'significant shift' by malware that has existed for more than 15 years demonstrates the changing threat landscape, warn cybersecurity researchers.

FBI warning: Beware of student loan forgiveness scammers

Beware of crooks asking for money or data.

How to enable end-to-end encryption for Facebook Messenger chats

Here's how to enable end-to-end encryption on a per-chat basis with Facebook Messenger.

Singapore wants citizens to arm up, take accountability for personal cyber hygiene

Country's government says Individuals have "a responsibility" to adopt good cybersecurity practices and safeguard devices they use, which risk weakening whole networks if compromised.

Passwords still dominate, and are causing headaches for everyone

While use of passwords is gradually dropping, there are still a lot of them out there to forget.

This latest Firefox update makes it easier to protect your privacy online

The latest Mozilla Firefox release makes it easier for users to access private browsing mode.

Government officials, including Russia, call for dialogue in combating cybersecurity threats

Need for multilateral cooperation and open communications is the shared message amongst senior government officials from across the globe, including Russia and the United States, who have gathered in Singapore to discuss strategies in cyberdefence.

Car theft ring used software to steal hundreds of vehicles without the physical key fob, say police

Organised crime group used fraudulent software to duplicate keys and steal cars, says law enforcement agencies.

Linux dodges serious Wi-Fi security exploits

What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way.

How to use public Wi-Fi safely: 5 things to know before you connect

Heading out soon? Whether you're going to the airport or the coffee shop, these Wi-Fi safety tips can help protect your data from bad actors.

Microsoft warns over unusual ransomware attacks

Microsoft warns of attacks targeting companies in Poland and Ukraine.

Police tricked a ransomware gang into handing over its decryption keys. Here's how they did it

Sting against Deadbolt ransomware group provides victims with a way to get encrypted files back without paying up.

Raising cybersecurity awareness is good for everyone - but it needs to be done better

October is cybersecurity awareness month. But to keep people and networks safe, employees need advice all year round - and it can't be done with fear.

Eufy Edge Security System hands-on: The most advanced security cameras yet?

The Eufy Edge Security system is a near-perfect blend of innovation and pragmatism. Local storage, facial recognition, and the lack of monthly fees will make you rethink your home security.

This flash drive will self-destruct (if you want it to)

Want to feel like James Bond? Check out this easy-to-use encrypted flash drive.

This unusual ransomware attack targets home PCs, so beware

A ransomware campaign is using sneaky techniques to infect individual users with ransomware - and demands thousands for the decryption key.

Singapore identifies AI, IoT as emerging key skillsets, with infrastructure support set for displacement

5G, cloud computing, artificial intelligence, and Internet of Things are amongst industry trends that Singapore believes will drive demand for skillsets over the next three to five years, while roles in infrastructure and operations are at risk of displacement and require reskilling.

Supply chain hacks are on the rise. But most companies aren't prepared

Attacks via suppliers are on the up - but defending against them is hard.

Android security warning: These crooks phone you and trick you into downloading malware

Phishing websites steal your phone number - then a crook calls you to trick you into downloading malware.

What's on your network? These are the devices most at risk of getting hacked

Connected devices are becoming more common at home and in the workplace - but if they're not secured properly, that could leave you vulnerable.

Fortinet warns that critical authentication bypass flaw has been exploited

US federal agencies need to quickly patch this critical Fortinet authentication bypass.

This new Windows features makes password-hacking attacks much harder

Microsoft's Patch Tuesday introduces a new policy that allows admin account lockouts.

The metaverse is coming, and the security threats have already arrived

Even before it arrives, Metaverse cybersecurity challenges need to be addressed -- and quickly.

Microsoft Patch Tuesday: 84 new vulnerabilities

The disclosure includes one vulnerability that has been exploited and one that has been publicly disclosed.

Australia kicks off investigation into Optus data breach

Office of the Australian Information Commissioner's scrutiny will focus on whether the Singtel-owned mobile operator, as well as its subsidiaries, took "reasonable steps" to safeguard data they held from unauthorised access and misuse.

How to enable suspicious message alerts and protect yourself from spam in Android 13

Duck and dodge spam and malicious messages easily by enabling this easy feature in Android 13.

China is using tech to grow its influence, warns UK spy chief

Cheaper technology might seem like a tempting offer, but could leave nations vulnerable to security threats, warns intelligence chief.

Kata Containers 3's marriage of virtual machines and containers continues

Suppose, just suppose, you could combine the speed and flexibility of containers with the security of virtual machines (VM). That's exactly what Kata Containers does.

Google is trying to solve the software supply chain security problem

Vulnerability in the software supply chain is a huge problem. At the Google Cloud Next conference, the tech giant shows how it's aiming to address it.

Google's hackers: Inside the cybersecurity red team that keeps Google safe

By acting like hackers, Google's red team helps to keep the company safe from cyber threats. Here's how.

This 'thermal attack' can read your password from the heat your fingertips leave behind

Researchers detail an attack technique combining thermal imaging and AI - and warn that increased access to innovative technologies will be abused by cyber criminals.