Security is an ongoing struggle for businesses and many data breaches can be traced back to the use of out of date software.

A new survey from systems management company Adaptiva asked more than 150 IT pros their feelings about their enterprises' security, and found that the majority were concerned about potential vulnerabilities.

Security researchers at Pen Test Partners have discovered a vulnerability in Mitsubishi’s plug-in hybrid electric Outlander that could allow potential car thieves to disable the car’s anti-theft alarms.

The security researchers investigate potential vulnerabilities in connected devices through the use of penetration testing and found that the Outlander’s Wi-Fi module can be accessed by anyone within range of the vehicle by connecting to it with their smartphone.

In the last couple of weeks there have been a huge number of reports from TeamViewer users that their computers have been hijacked. In addition to this, users of the remote access tool have complained of funds being extracted from PayPal and bank accounts. But TeamViewer insists that there has not been a security breach, instead shifting the blame to users.

The company says they are in the habit of reusing the same passwords for a number of apps and services. It suggests that recent high profile security breaches -- such as the password dumps from MySpace and LinkedIn -- have allowed cyber criminals to learn TeamViewer log in credentials. Despite laying the blame firmly at the feet of users, the company is introducing two new measures to help increase security.

During the IOActive IOAsis event in San Francisco, security professionals were asked on their opinion on the state of security among Internet of Things (IoT) devices, and the results are not encouraging.

According to the IOActive Internet of Things Security Survey, based on this poll, almost half (47 percent) of respondents felt less than 10 percent of IoT devices have appropriate security measures. Almost nine out of ten (85 percent) believe less than half of IoT devices are secure.

The football season hasn't begun and training camp isn't even here yet. All we've seen so far is OTAs which just give a small glimpse of what to expect. But the NFL is never far from the news cycle, and now that news involves compromised data from a laptop.

The incident occurred back on April 19th, but the league is just now getting around to making this public. The laptop was stolen from a Washington Redskins trainer's car and contained personal data about players.

A more and more mobile workforce is leaving US businesses vulnerable to increased risk of data breaches and theft of information.

This is highlighted in a survey of executives and small business owners by secure data destruction company Shred-It.

There are lots of services that help you find your lost smartphone, but nothing beats the convenience of a built-in tool like Android Device Manager or Find My iPhone. However, Google might have something that's even better.

Google believes that locating a smartphone should be as simple as a Google search, so the company has introduced a new feature in My Account that lets you do just that. And it works no matter if you have an Android smartphone or iPhone.

In late 2013, news of a massive data breach at Target surfaced. Hackers stole personal and credit card information of nearly 70 million shoppers, and the breach ended up costing Target $162 million and the resignation of the CEO and CIO. While this was one of the largest and most widely publicized data breaches, it’s by no means one of few.

Just recently, LinkedIn came clean about its 2012 data breach – a few days after it was discovered some of the information was being sold online. While LinkedIn originally reported the email and passwords for 6.5 million people were compromised, it just admitted the real number is as high as 117 million accounts. Though LinkedIn advised people to change their passwords when the attack was first made public, it wasn’t until four years later that the company decided to cancel passwords that were affected.

Ransomware is one of the major threats computer users now face, even though recent reports suggest that many people don't actually know what it is.

Delivered via spam or phishing emails that trick users into clicking on malicious links, ransomware renders computer systems, devices or files inaccessible and holds the victim hostage until payment is made, usually in the form of bitcoins.

We reported a few days ago on banks using the SWIFT inter-bank transfer system being hacked, resulting in $81 million being stolen from the Bangladesh Central Bank.

Now Luis Corrons, technical director of PandaLabs, has released more information on other banks affected, with attacks that stretch back more than a year.

Airport security has been a big deal since the September 11, 2001 attacks that took down the World Trade Centers and damaged the Pentagon. But it's often criticized as being a facade of security and not real protection.

How bad is it? A recent investigation uncovered a Somali colonel working as a security guard at Dulles airport right outside the US capitol.

Security firm Trustwave has discovered a zero-day exploit for Windows for sale on an underground Russian hacking forum. A user going by the name BuggiCorp says the vulnerability affects all versions of Microsoft's operating system, from Windows XP and 2000 upwards, including both 32- and 64-bit versions.

The source code for the exploit is offered for upwards of $90,000, and the seller explains that it can be used to elevate the privileges of any software process to SYSTEM level -- the highest there is. Payment is requested in Bitcoin, but while the exploit is considered serious, experts suggest that the asking price is a little high.

Cyber crime is big business and that means the people behind it face many of the same challenges as legitimate organizations.

This includes operational security (OPSEC), a key tactic used by commercial and military organizations to protect privacy and anonymity. Research from cyber situational awareness specialist Digital Shadows reveals that criminals are using OPSEC as a means to an end -- avoiding detection, maintaining availability of their attack infrastructure, and retaining access to environments they have compromised.

Cyber security affects all of us, but it only makes the headlines when it's big companies that are the target of attacks.

Threat intelligence provider Anomali has produced a new study focusing on vulnerabilities in businesses on the UK's FTSE 100 list of the largest companies. Among the findings are that over the last three months, 81 companies in the FTSE 100 had potentially malicious domain registrations against them, enabling cyber criminals to create dummy websites that can be used to trick users into supplying private data.

It’s an open source world. Black Duck and Northbridge’s recent 2016 Future of Open Source Survey found that 78 percent of the over 1300 respondent companies said they run open source software. The number is likely much higher.

Black Duck finds open source software (OSS) in over 95 percent of the applications we analyze for clients. It’s easy to understand why. Open source adds needed functionality while lowering development costs and accelerating time to market. But securing and managing open source code still remains a challenge for many organizations.