Apple has been ordered by the US courts to help the FBI gain access to data on an iPhone belonging to San Bernardino gunman Syed Rizwan Farook. Farook and his wife killed 14 people in the California city late last year before being shot dead by police.

The FBI says the phone contains information crucial to the investigation, and needs Apple’s help to unlock it. Data on Apple devices is encrypted by default -- and has been since September 2014 -- which means no one, other than the device owner, can access it. And that includes Apple itself.

We're all aware that sometimes data can be put at risk by third party systems belonging to suppliers. But a new report by security rating company BitSight looks further down the chain at vulnerabilities posed by fourth parties -- the subcontractors of third party vendors.

Changes in the way organizations source their IT have increased their dependency on cloud service providers, web hosting platforms, and other external services. Cyber criminals are recognizing that these outside vendors and subcontractors can often be their best point of entry into many companies.

Some of the latest cyber attacks seek to steal information using man-in-the-browser (MITB) attacks. These represent a dangerous trend because they circumvent even the strongest authentication techniques by hijacking the session after the user has authenticated a bank or other site.

Threat intelligence start up buguroo is looking to combat this with its new online fraud detection solution that can detect hijacked sessions in real time and stop them before any money leaves the bank.

More and more organizations are seeing the benefits of adopting the hybrid cloud, but they don’t want to risk sacrificing the security advantages of more traditional systems.

To help businesses tap into hybrid cloud without sacrificing security, IBM is announcing a new mainframe, the z13s. Building on the mainframe’s world-class performance and security profile, the z13s features new embedded security technologies, enhanced data encryption and tighter integrations with IBM Security solutions.

I recently covered a story in which security firm Imperva said Cryptowall 3.0 was the most successful ransomware of all time, earning its creators $325 million (£225.7m) so far. Now another story about ransomware emerges, and this one comes from another major security firm, Bitdefender.

In its report, the company says almost half (44 percent) of all ransomware victims have paid to get their data back, with 39 percent saying they expect to be attacked again, in the future.

Generally speaking, biometrics refers to the measure or statistical analysis of a person’s physical or biological characteristics. However, increasingly the term is being defined more narrowly, at least in a business context, to refer to biometric security.

Although passwords can be guessed and network vulnerabilities exploited, overcoming biometric security protocols is significantly more challenging. For example, how would a cybercriminal go about duplicating a fingerprint or an iris scan? As a result, the unique aspects that make up our physical features are increasingly being utilized for authentication methods by businesses all over the world.

A new study by security firm Tripwire says IT security experts are very confident they can detect a breach, and that they can detect it quite fast. For automated tools, they do not share the same levels of confidence.

The survey questioned 763 IT professionals in various verticals, including retail, energy, financial services and public sector organizations in the US, about the seven key security controls that need to be in place in order to quickly spot an ongoing hack attack.

For a man so readily associated with words -- and certainly for a wordsmith so enamored with technology -- Twitter seems like something of a natural home for Stephen Fry. Over the years he has amassed hundreds of thousands of followers, but last night he closed his account. Fry's latest exit from Twitter (there have been several over the last few years for numerous reasons) came about because of the backlash he received for making a joke at an award ceremony.

Hosting the BAFTAs (British Academy of Film and Television Arts) on Sunday, he referred to costume designer and award winner (and, indeed, friend) Jenny Beavan as being "dressed as a bag lady". 'Offended' Twitter users attacked Fry in their droves, and he fought a valiant battle, before eventually giving up and terminating his account. It comes just days after Twitter set up a new Trust & Safety Council.

Security experts are warning about a new malware attack that targets Android users. Mazar Bot is delivered via SMS, is able to gain root access to devices, installs software including Tor, and can even go as far as completely wiping a victim's phone.

Mazar Bot was discovered by Heimdal Security whose researchers analyzed a text message that had been found sent to random numbers. The message purports to provide a link to an MMS, but in fact tricks recipients to install the malicious mms.apk -- Mazar Android BOT in disguise.

In today’s mobile-centric world, using mobile phones for Internet banking is standard practice for most people, but do customers know they could be at risk of a new type of scam?

SIM swap fraud, where scammers cancel and re-activate new SIM cards to hack into bank accounts, is reportedly on the rise.

I arrived onsite to suite 102 -- the bank’s corporate headquarters -- around 9:40 am. I was impersonating a local utility worker -- with all the garments like a hardhat, clipboard, obnoxious yellow vest, and some old Timberland work boots. I played the part well.

When I approached the suite I saw a giant glass entrance into the main office of the bank with a secretary minding the entrance and questioning visitors. I also noticed employees were entering and exiting an unmarked door at the end of the hallway -- no cameras to be seen. I proceeded slowly past the main entrance and then ran to catch the secured door as it was closing behind an unsuspecting employee. I was in!

An investigation by the BBC has found that secret groups on Facebook are being used by pedophiles to share images -- and Facebook doesn't seem to be doing much to control such activity.

The BBC reportedly unearthed numerous private groups which were both run by and for men with a sexual interest in children. One group was found to have a convicted pedophile as its administrator. Despite many of the groups and images being reported to Facebook, not all of them were removed, raising the question as to whether Facebook is doing enough to combat pedophilia.

Electronic toys maker VTech has recently been a victim of a cyber-attack, which has seen the data of more than 6.3 million children exposed. The hackers got access to chat logs and photos.

Following the breach, VTech has updated its End User License Agreement, saying the company can’t provide a 100 percent guarantee that it won’t be hacked. It also shifts the responsibility back to the parents:

Adblock Plus has been in the headlines quite a lot recently. Adblocking is certainly popular, but the company needs to strike a balance between keeping users happy, and maintaining a good relationship with advertisers. The Acceptable Ads program is part of this, but at its second #CampDavid session there have been some further ideas about the future of adblocking.

There was talk about what should be viewed as an 'acceptable ad', and an Acceptable Ads Committee will oversee this. But the discussion between Adblock Plus and advertisers brought up an important question: just why do people install adblockers?

Hackers are constantly seeking new ways to attack systems and gain insider access to data. A new survey from IT security company Balabit reveals the 10 most popular hacking methods to help companies understand how to protect themselves.

The survey of almost 500 IT security practitioners reveals that social engineering is the most popular means of attack. Hackers aim to get a 'low level' insider user account by means of phishing and escalate its privileges.