Employees have poor security practices and use completely unsecured private devices for work, putting their organizations at huge risk of cyber-attacks, a new report by WinMagic says. After polling workers in the UK, the report says more than four in ten (42 percent) use private devices for work, accessing corporate data and e-mail accounts.

More than half (52 percent) use private accounts, including enterprise file sharing services (EFSS), which they use to either store or access corporate files. Only a third (34 percent) say they had never done so. Laptops, smartphones and USB devices are the top three personal devices used for work, and Hotmail, Gmail and Dropbox are the top three online services used by employees.

Gamification is increasingly used by business as a means of enhancing the usability of software. But now it seems hackers are exploiting the technique too.

Researchers at threat protection company Forcepoint have uncovered a DDoS package being shared on Turkish hacking forums employing a gamified approach.

Nine in ten NHS trusts still rely on Windows XP, even though Microsoft stopped supporting the platform with new patches and security fixes a year and a half ago.

This information was released by Citrix, and it is based on a Freedom of Information (FoI) request. Out of 63 trusts Citrix reached out to 43 responded, and 90 percent say they still use Windows XP.

Public awareness of data security issues has never been higher. Not only have data breaches made the news but the FBI's battle with Apple has put encryption in the headlines too.

Yet despite the high profile of threats a new survey of IT security professionals from secure browser company Authentic8 shows that businesses aren't taking basic steps to protect themselves.

HP has redesigned the way it protects printers, setting a new industry standard, the company announced in a press release this week.

Its new Secure Managed Print Services (MPS) offer "advanced" security professional services and solutions, as well as expanded core delivery capabilities, which now include a new remote fleet security management service. The company also says it will be pre-configuring its print devices for security.

Phishing has proved to be one of the most profitable techniques for hackers. A new report from cyber security company Imperva reveals that the availability of turnkey services is making it even more effective.

Imperva researchers explored the darknet marketplace to estimate the cost of phishing campaigns and to get a clear picture of the hackers' business model. They discovered phishing-as-a-service (PhaaS) campaigns were easy to buy and low cost.

If there’s one thing you can say with certainty about cyber-security in 2017, it’s that many companies are going to fail because they are simply not doing the right thing. Fundamental flaws still exist.

Until the technical people lift their heads up and see that security and business are different sides of the same coin, we will inevitably see more damaging attacks. When security people learn to speak in the language of business they will begin to understand just where in the organization they need to apply their expertise.

With more of us than ever doing our shopping online over the holiday period we want to feel that we can do so safely.

But a new report from security ratings company SecurityScorecard exposes cyber security vulnerabilities across 48 of the biggest US retailers.

The past year has been a pretty eventful one for many reasons, not least in the area of cyber security which has seen attacks gaining in sophistication and persistence.

If you were expecting 2017 to be an improvement you may be in for a disappointment according to the Information Security Forum (ISF) which is today publishing its outlook for the threats businesses will face in the next year.

Terrorism is a daily threat to our freedoms. It is unfortunate, as we used to be able to go throughout our days without the thought of violence. Now, it dominates the news. Heck, when I am in Penn Station in NYC, I see soldiers with machine guns. Sigh.

Unfortunately, terrorists thrive on the internet too. Using social media and video platforms like YouTube, these evil-doers look to recruit new members while sharing propaganda. Today, Google announces that it is partnering with some major players -- Facebook, Microsoft, and Twitter -- to fight online terrorism with a special database. The partners will look to protect user privacy in the process.

Following the massive attack that took down the servers of the DNS service provider Dyn and a number of high profile websites including Netflix, Twitter, Spotify and Reddit last month, Amazon Web Services (AWS) has announced a new technology to protect sites against distributed denial of service (DDoS) attacks.

The new tool, which is called AWS Shield, was announced at the company's re:Invent developer event in Las Vegas. Amazon's own site was affected by the attack on Dyn and the company has now decided to launch its own DDoS protection service to ensure that its site and those that use AWS are able to withstand future attacks.

Social engineering, as a method of cyber-security attacks, is very popular and quite widespread, according to a new report by cybersecurity firm Agari. It had polled 200 professionals from healthcare, government, financial services and education sectors.

Six in ten (60 percent) of security leaders say their organization either was, or "may have been" a victim of at least one targeted social engineering attack, on the last year alone. Two thirds of those attacks (65 percent) led to employees’ credentials getting compromised.

According to security firm Flashpoint, the latest strain of the Mirai malware responsible for infecting Deutsche Telekom routers has spread to devices in at least 10 countries other than Germany.

The firm has discovered that the new strain of Mirai has infected routers in places like the UK, Brazil, Iran and Thailand. It is still unknown how many devices have been infected in total, but Flashpoint estimates that five million devices could be vulnerable to the malware.

Ransomware is expected to deflate a bit next year, but hackers won’t be resting on their laurels, that’s for sure. Instead, they might just move to dronejacking, for a "variety of criminal or hacktivist purposes".

This is according to McAfee Labs, whose new report, the McAfee Labs 2017 Threats Predictions Report, identifies 14 cyber-security trends to watch in 2017.

Hackers and cyber criminals are often seen as the biggest threat to company IT systems, but a report from behavioral firewall company Preempt shows that insiders, including careless or naive employees, are now viewed as an equally important problem.

The survey carried out for Preempt by Dimensional Research finds that 49 percent of IT security professionals surveyed are more concerned about internal threats than external threats.