A letter signed by more than 30 major technology companies has been sent to the House Judiciary Committee calling for a number of key changes to be made to NSA surveillance. The letter, signed by the likes of Facebook, Twitter, Google and Mozilla, asks lawmakers to make a number of considerations when reforming Section 702 of the FISA Amendments Act.

The signatories refer to themselves as "U.S.-based companies that provide consumer and business technology, products, and services around the world through the use of electronic data." Their letter is timed to coincide with debate about the reform of Section 702 which is used to justify NSA surveillance programs, and is due to expire at the end of the year. There are calls for increased transparency and controls, as well as the suggestion that surveillance should be reined in.

Although ransomware in some form has been around since 2005, a new survey of 5,000 US consumers reveals that for 57 percent the recent WannaCry attack was their first exposure to how it works.

The study by endpoint security company Carbon Black also shows that seven out of 10 consumers would consider leaving a business if it were hit by ransomware.

Whitelists have traditionally been used as a way of limiting what users can do, but they're time consuming to maintain and keep up to date.

Florida-based Terra Privacy is addressing this with a system where destinations are continually inserted and removed from the whitelist in real-time, in concert with the user's activities.

The dust hasn’t even settled around WannaCry, another ransomware appears. This one was detected by ESET and identified as Win32/Filecoder.AESNI.C.

Security researchers dubbed it XData ransomware. It appears mostly in Ukraine (96 percent of cases). The outbreak seems to have started on May 17, reaching its peak on May 19.

According to Thales' new report almost two thirds (63 percent) of businesses in the UK increased their cyber security spending this year, which is a jump from last year's 54 percent.

However, despite this, 43 percent were breached last year (Thales fails to mention the percentage difference compared to a year earlier, though). More than four fifths (84 percent) still feel vulnerable to threats, with 20 percent feeling "very" or "extremely" vulnerable.

Microsoft is rumored to have acquired Israeli cybersecurity startup Hexadite in a deal worth around $100 million.

The startup was founded in 2014 and its primary focus is identifying cyberattacks through the use of artificial intelligence (AI). By connecting a number of cybersecurity detection systems that are already in place, Hexadite then uses AI to analyze threats automatically as they present themselves.

A new survey of security professionals reveals that 83 percent say colleagues in other departments turn to them to fix personal computer problems.

The study by security management company FireMon shows a further 80 percent say this is taking up more than an hour of their working week, which in a year could equate to more than $88,000.

Biometric authentication may be more convenient than a PIN or password, but it is not as secure as you might be lead to believe. The iris scanner on the Galaxy S8 can be defeated with a photo and contact lens, despite Samsung's claims that it offers "airtight security" and provides "one of the safest ways to keep your phone locked and the contents private."

If this has you worried, Samsung says that it is "difficult for the whole scenario to happen in reality," even though the hack "appears simple." The company believes that having the right tools in the first place can prove to be problematic for anyone attempting to defeat the iris scanner.

A security vulnerability in the popular Samba networking utility could leave unpatched machines open to an attack similar to WannaCry. A single line of code is all that’s needed to exploit the vulnerability, but it is reliant on a number of prerequisites.

The vulnerability has been assigned the ID CVE-2017-7494 and is described as "remote code execution from a writable share" which could allow "malicious clients [to] upload and cause the smbd server to execute a shared library from a writable share." Security researchers say that the flaw is very easy to exploit, and tens of thousands of machines have been found to be running versions of Samba for which a patch does not exist.

Four in ten organizations in the US and Western Europe believe C-level executives are the most at risk of cyber attacks when working outside the office.

That's according to research by iPass, whose Mobile Security Report 2017 says that coffee shops and cafes are the riskiest venues (42 percent), followed by airports (30 percent), hotels (16 percent) exhibition centers (seven percent) and airplanes (four percent).

Security researchers from Check Point have discovered a major vulnerability in popular media players, like VLC, Kodi and Popcorn Time, which leaves users vulnerable to hacker attacks via malicious subtitles. The security firm estimates that the number of potential victims is around 200 million.

Media players give users the option to load subtitles from repositories, which can be tricked by attackers to rank their altered subtitles higher. This leads to those malicious subtitles being recommended to the user. If they are loaded, attackers can gain control over "any device running them." Check Point notes that the "potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more."

Companies have to deal with an increasing number of cyber threats. To allow them to stay in touch with this ever evolving landscape they need up to date intelligence.

With the launch of its Threat Intelligence Portal, Kaspersky Lab is enabling security operation center operators to be able to work more efficiently while facing hundreds and thousands of threat alerts.

If you want to secure your Samsung Galaxy S8, relying on the iris scanner to keep it locked is not the best idea. That's because it can be easily fooled using just a printed photo and a contact lens.

This reinforces the belief that biometric authentication is -- at least for now -- less secure than traditional options, like PINs and passwords, which have the advantage of not being tied to a physical trait that can be easily exploited by hackers, thieves or the authorities.

With thousands of stolen account details available for sale on the web, cyber criminals are turning to new methods using them efficiently to try to break into accounts.

According to a new report by risk analysis specialist Digital Shadows, 'credential stuffing' tools are the latest technique being used to automate attempts at account takeover.

There have been numerous cases recently of travelers being forced to unlock their phones by security staff at airports. If you have all of your passwords for apps and online accounts stored in a password manager, this could mean that vast amounts of personal data become accessible -- but 1Password has a solution.

A new feature called Travel Mode enables users of the app to mark certain passwords and other data as "safe for travel." When the mode is activated, everything else which has not been flagged in this way is temporarily deleted from the device so it cannot be accessed.