The Extensible Firmware Interface (EFI) has steadily replaced BIOS in recent years as means of booting and controlling hardware devices.

Mac systems have used EFI since 2006 but an analysis by Duo Labs, the research arm of Duo Security, of more than 73,000 Mac systems finds that in many cases the EFI is not receiving security updates, leaving users vulnerable to attacks.

Just a year after the Mirai malware infected connected devices to create the first IoT botnet, new research from Norton shows that global botnets have continued to grow and spread as a result of unaware users inadvertently infecting others.

According to Norton, the top three countries responsible for hosting the highest number of bots in Europe are Germany at just over eight percent, Italy at 10 percent and Russia at almost 14 percent.

As the cost of dealing with the aftermath of a security breach has risen significantly in the past year alone, new research has revealed that staff training can greatly help reduce the risk of cyber attacks.

A new survey from Accenture found that 55 percent of workers in the UK could not recall ever receiving training regarding cyber threats, meaning many of them are often unsure what to do in order to prevent, identify or respond to a cyber attack.

Poor management of user accounts is leaving organizations open to security and compliance risks according to a new report.

Identity and access management specialist One Identity surveyed over 900 IT security professionals, in conjunction with Dimensional Research, and finds that what should be security best practices -- such as swift removal of access to corporate data and applications, dormant account identification, and role administration -- continue to be a challenge for many enterprises.

In the wake of the recent breach at credit agency Equifax it's only natural that people are keeping a close eye on their bank statements and credit reports.

Of course the bad guys know this too and a new report by Barracuda Networks looks at an email attack that is impersonating a 'secure message' from financial institutions.

A bug has been uncovered in Internet Explorer which makes it possible for websites to view anything that is typed in to the address bar. This means that web addresses and search terms could be accessed by a hacker or malicious website.

The vulnerability was discovered in the very latest version of Internet Explorer, and Microsoft is yet to release a patch for it. Discovered by security researcher Manuel Caballero, the attack can be made completely invisible to a victim.

Equifax chairman and chief executive Richard Smith has stepped down from his leadership role at the credit rating agency following the data breach that affected 143 million US consumers and 400,000 in the UK earlier this month.

Equifax has released a statement in which it said that Smith will vacate the company after working there for more than ten years and that its Asia-Pacific president, Paulino de Rego Barros will now serve as its new chief executive.

British mobile users are putting their personal details at risk by keeping large amounts of information on unsecured mobile devices, new research has warned.

Security firm Bitdefender has revealed a report showing that almost half of users in the UK store their sensitive personal and private information on smartphones that are often neither updated or protected.

In an effort to protect its users from the effects of distributed denial of service (DDoS) attacks, Cloudflare has announced that its customers will receive a new protection tool for free.

The Unmetered Mitigation feature, which will be available for both paying and non-paying users, will receive the new feature intended to protect against all DDoS attacks regardless of their scale. Company CEO Matthew Prince believes that is time for security firms to change the way they treat customers affected by an attack.

The cyber security market doesn't stand still for long and there's a constant arms race between the good and bad guys.

Security company BullGuard is doing its bit to keep up by launching its next-generation anti-malware engine that's capable of detecting the latest zero-day threats. It will be rolled out across a range of BullGuard endpoint protection products.

Threat detection company RiskIQ has released the latest of its quarterly reports into threat trends, this one looking at phishing.

It finds that in the second quarter of 2017 there were 39,320 unique phishing domains, down from 45,025 back in the first quarter. However, there were 316 targeted phishing brands in Q2 -- up 15.7 percent from the 273 brands targeted in Q1.

As part of the European Cyber Security Awareness Month, the first week of October in the UK marks Security Serious Week.

This not-for-profit event set up by Eskenzi PR will present five panel-style webinars for participants from UK businesses on the theme of Bridging the Cyber Skills Gap through Diversity and Creativity.

The second quarter of this year has seen DDoS attacks continue to target IoT networks according to attack protection specialist Nexusguard.

Nexusguard gathers DDoS attack data through botnet scanning, honeypots, ISPs and traffic moving between attackers and their targets, so the data is unbiased by any single set of customers or industries.

A new study shows that companies and government agencies are being overwhelmed by frequent, severe ransomware attacks that have become the number one threat organizations face.

The 2017 Ransomware Report from Crowd Research Partners, commissioned by Cybersecurity Insiders is based on the responses of over 2,200 cybersecurity professionals.

We all know we need to protect our computer systems when they're connected to the internet, but there’s generally less awareness of the threat posed by the latest generation of Internet of Things devices.

Cyber security company Comodo wants to make these devices more secure with the launch of a new IoT Security Platform that will allow device manufacturers and network providers to issue and manage PKI and SSL certificates for private ecosystems.