Ransomware has already caused businesses real trouble this year and recently, security firms have warned about a sudden surge in junk mail messages containing this kind of malware. It seems that organized criminals are now increasingly targeting businesses, which can offer them bigger returns than going after individuals.

The first wave of ransomware started in 2005 and was called Trojan.Gpcoder. Now the security industry (and many unfortunate users) are discovering new variants almost every day. For example, a strain called Locky, discovered only two weeks ago is now the second most prevalent form. Currently, it asks for three Bitcoins (about £885) as payment for the decryption key.

Every day across the UK, around 1.5 million professionals work from home; and are more productive, happier in their role, and measurably less stressed, perhaps. At the same time, however, they may be increasing the risk to your sensitive business data.

Since the government has recently given all employees the right to request flexible working, the number of home-workers, and the associated information risk, looks set to increase -- just when the stricter EU General Data Protection Regulations (GDPR) are set to come into force.

Potential security vulnerabilities in Microsoft SCCM (System Center Configuration Manager) environments are a concern for 70 percent of IT professionals, according to a new survey, with 65 percent planning to conduct an SCCM security review in the next year.

The results of the study of more than 150 professionals by security company Adaptiva have been released to coincide with its launch, along with Windows Management Experts, of a new security auditing service for SCCM users.

Bitdefender Labs has released BDAntiRansomware, a free tool which keeps your PC safe from some of the most common ransomware threats.

The program "protects against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families", the company explains.

IT budgets for businesses in the US will be mostly spent on security, and mobile devices allowing employees remote working, a new survey has shown.

According to a new survey by Wakefield, 30 percent of US businesses will spend most of their IT budgets on network and data security, and 28 percent will spend it on mobile devices allowing employees to work remotely.

Ransomware is the malware du jour, and each strain seems more vicious than the last. As with any virus variant, there is a game of cat and mouse played out between virus writers and security companies as each battles to outwit the other.

Trying to get ahead of the curve, Bitdefender has released a tool that offers protection against the likes of CTB-Locker, Locky and TeslaCrypt. When it comes to dealing with ransomware the advice, unfortunately, has become a case of either pay up, or revert to data backups. Alternatively, you could try prevention rather than cure, and Bitdefender's 'crypto-ransomware vaccine' could be what you've been looking for.

Yesterday, the FBI announced that it had managed to break into the San Bernardino shooter's iPhone sans help from Apple. The iPhone manufacturer will undoubtedly be pleased that the court case has come to an end without the company having to cave in and assist the agency.

In a statement, Apple said: "From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought". But with the FBI's previous insistence that help from Apple was absolutely essential, some serious questions remain.

The US justice department has announced that it has successfully cracked the iPhone belonging to the San Bernardino shooter, Syed Farook. The FBI was able to unlock the phone without help from Apple, ending the lawsuit that had pitted the FBI against Apple.

In a statement, the Justice Department said: "The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple." It has been thought that Israeli security firm Cellebrite was helping the FBI, but the question now has to be asked about the security of other iPhones and whether law enforcement agencies will use the same technique to access data in the future.

Security teams often spend a lot of their time investigating anomalies and suspicious behavior, leaving them less time to focus on true threats.

Cloud security specialist CloudLock is tackling this problem with research into what it calls a Cloud Threat Funnel. Based on analysis of user behavior patterns it can isolate truly malicious threats from the noise of other potentially suspicious or unusual behaviors.

There are hundreds of thousands of free public Wi-Fi spots throughout the UK. Widespread connectivity and free accessibility are two appealing features that tempt users to open up their devices for on-the-go convenience.

However, uncontrolled access to public Wi-Fi hotspots and robust mobile security often conflict with one another. Cyber-criminals now find it increasingly easy to attack public Wi-Fi networks using Man-in-the-Middle (MitM) techniques which allow the attacker to clearly view all information transmitted across networks.

The number of software vulnerabilities has increased over the last year, but the majority of them are in non-Microsoft products.

This is a key finding of the latest Vulnerability Review from Flexera Software, which in 2015 recorded 6,081 vulnerabilities in 2,484 products from 263 vendors. This compares to 2014's figures of 15,698 vulnerabilities in 3,907 products from 514 vendors.

Crypto-ransomware is the malware du jour, and the likes of TelsaCrypt 4 and KeRanger are just some of the names to hit the headlines recently. One of the latest examples of ransomware, PETYA, is taking a slightly different and more worrying approach -- it not only targets enterprise users, but also encrypts entire hard drives rather than just a selection of files.

PETYA -- also known as RANSOM_PETYA.A -- goes to some lengths to make sure that victims know that their computers are infected, overwriting the MBR (Master Boot Record) to display a ransom note during the boot process. The malware uses a "military grade encryption algorithm" to lock users out of their files, and victims are directed to venture onto the dark web using the Tor browser to make a Bitcoin ransom payment.

The web seems like a dangerous place lately, doesn’t it? We’re constantly hearing about some new piece of malware, or a website that was hacked and defaced, or a new vulnerability in what was once thought to be a secure protocol. I wouldn’t blame you for being paranoid -- after all, to hear the media tell it, your site’s under attack by criminals and ne’erdowells from all sides.

Here’s the thing -- if you’ve taken all the necessary steps to keep your site safe, you actually don’t have a whole lot to worry about. And that’s where we come in. Today, we’re going to talk about some best practices for securing your site, and protecting it against everything from infected clients to ignorant users. Let’s get started.

The loss of trust and confidence of customers is the most damaging consequence of a DDoS (distributed denial of service) attack, a new survey by Corero Network Security says.

In the annual survey, entitled DDoS Impact Survey, losing trust is the most damaging consequence for 50 percent of those surveyed, followed by lost revenue, for 34 percent. The surveyed include IT decision makers (ITDMs), network operators and security experts that were present at the recently held RSA 2016 conference.

Overall bad bot activity is decreasing, but the number of advanced persistent bots is up according to a new report.

The 2016 Bad Bot Landscape Report from Distil Networks reveals that 88 percent of all bad bot traffic has one or more characteristics of an advanced persistent bot, one that's able to mimic human activity and evade detection.