A new malware was spotted by security researchers at Kaspersky Lab, targeting Facebook users. According to the researchers’ new report, there have been 10,000 victims in two days.

The malware has two stages: firstly, an unsuspecting victim gets a message from a Facebook friend, saying they had mentioned them in a comment. But when the victim clicks to see the comment, they instead download a bunch of malware, including a Chrome add-on which can take over the victim’s Facebook account, once they log back in.

For security reasons, out of the box macOS is configured to only allow software from the App Store and identified developers to be installed. However, there are times when users may also want to run apps from other sources, in which case it is possible to enable a no holds barred setting. But, along with the extra freedom, it also exponentially increases the risk of running into malware.

You may be inclined to believe that you can stay safe by sticking to known download websites, but that is not always the case. Bitdefender has uncovered a new Mac malware, called Backdoor.Mac.Eleanor, that poses as a document converter on what the security company calls "reputable sites". When installed, it gives hackers complete access to your Mac.

Digital device practices among US employees are exposing their employers to increased security risks according to a new study.

Identity management company OneLogin along with Arlington Research surveyed 1022 respondents in the US and found that 13 percent let their colleagues use a device that can access their employer's network. In addition nine percent allow their partners to access such a device, and one percent even permit their children to use it.

Insurance companies have slightly different software needs from other businesses. They need to expand accounts, drive renewals, streamline the new policy acquisition process and manage claims.

Now cloud specialist Vlocity and insurance solution provider Insurity are announcing a partnership that will deliver a cloud solution for insurance businesses.

Here’s another solid proof of what security experts have been buzzing about in the past few years -- that people are the single greatest cyber-security threat to businesses.

This time, proof comes from Transputec and Business Continuity Institute, which have polled 369 business continuity professionals from all over the world into enterprise cyber-security.

To the amazement of some, and the disappointment of others, the FBI today recommended that no charges be brought against Hillary Clinton over her use of a private email server. The presidential hopeful was roundly criticized, however, with James Comey describing her actions as "extremely careless".

The FBI director's remarks came after Clinton took part in a voluntary interview over the weekend, and after the bureau's investigation found that her private email account had indeed been used to send classified and even secret information -- officially a misdemeanour. The FBI's line is that "no reasonable prosecutor would bring such a case".

When we discuss mobile malware we usually look at the technological aspects, specifically how it's designed, how it spreads, what devices it targets, how it affects them after infection, and how it can removed. What we rarely get to talk about is the financial side of things, which in the case of certain types of malware is the primary interest of their creators.

Check Point has published a report on the HummingBad malware campaign, finding that it generates $300,000 a month in fraudulent revenue with a pool of 85 million infected Android devices across the globe at its disposal. In a year attackers are looking at about $3.6 million in revenue, assuming the number of devices does not expand considerably.

New figures reveal a 52 percent rise in young identity fraud victims in the UK. In 2015, just under 24,000 people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.

The figures from fraud prevention service Cifas -- which is calling for better education about fraud and financial crime -- are released alongside a new short video designed to raise awareness of ID fraud among younger age groups.

Starting October 1, all government digital services (GDS) websites will be required to use HTTPS encryption, according to new security guidelines.

All services will additionally have to publish a domain-based message authentication, reporting & conformance (DMARC) policy that will be applicable to their email systems.

A newly revealed vulnerability on Android phones is able to bypass the full disk encryption on over half of devices.

The attack, demonstrated by Israeli security researcher Gal Beniamini, can allow an attacker to break through the levels of trust and privileges that are intended to ensure only legitimate code can access secret material, such as DRM keys or disk encryption keys.

With cyber attacks on the rise, organizations are facing pressure to beef up their security to avoid falling victim to such an attack. However, a recent IT security report from Spiceworks shows that 80 percent of organizations were affected by at least one security incident during 2015.

To compile its report, the company surveyed over 600 IT professionals from the US and UK. Shockingly, Spiceworks discovered that few organizations have either an in-house or third-party cyber security expert on call.

Ransomware has gone mainstream with several high-profile attacks. It essentially locks your data away and demands money to free it – essentially mob protection money. While some tools have been released to aid frantic people in these times, most versions have gone unfixed.

Now AVG, the free antivirus company, has come out with six new tools designed to fight this affliction. Each is for a different form of this malware.

Cisco has announced that it will be acquiring the cloud-based security provider CloudLock for $293 million in cash and equity.

CloudLock makes use of application program interface (API) technology to allow enterprises to apply and monitor the security of documents and other content that is accessible via cloud-based applications. The service works with Office 365, Google Drive, Salesforce applications and thousands of other apps and programs.

German investigative journalists from the c’t magazine said many home security systems come with a huge vulnerability which can put every home using the system at risk.

The vulnerability, however, is nothing fancy in hacking terms -- it’s pretty obvious and straightforward, but frequently overlooked. You see, similar to Internet routers, these home security systems are configured through a browser, and many come with easily crackable passwords like "1234" or "admin1234".

I’ve been trying not to think about Euro 2016 after England’s whimpering exit on Monday night, but new research from mobile security and management firm Wandera has grabbed my attention.

According to analysis of data traffic patterns from enterprise mobile devices, the official UEFA Euro 2016 Fan Guide App is leaking user’s personal information -- including usernames, passwords, addresses and phone numbers -- over unsecure internet connections.