There have been many suggestions on how Edward Snowden managed to steal so many top secret documents from the NSA; but the NSA has kept quiet. Now new research claims to know how it was done, and challenges the NSA to deny it.

Trustwave, a Chicago-based firm with a wide range of security offerings and a particular specialism in data protection, has bought privately held New York-based Application Security Inc, a specialist in database security. The acquisition is complete, a…

Today is Waking Shark II day – the day the City of London’s cyber resilience is tested in a day long exercise. Details are scarce (it wouldn’t be a test if they were known) but the war game is expected to concentrate on the ability of banks to maintain…

Researchers have analyzed 11 apparently distinct APT campaigns, and have come to the conclusion that they are not as distinct as previously thought – in short, there’s a malware quartermaster, a Moriarty of cybercrime, serving multiple threat actors.

The PCI Security Standards Council (PCI SSC) has published version 3.0 of the PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) for debit and credit card security, geared to move organizations from mere compli…

In September Der Spiegel published details from Snowden leaks indicating that GCHQ had been behind the hacking of Belgian telcommunications company Belgacom, in an operation codenamed Op Socialist. On Friday it published further details indicating how …

Stuxnet is widely taken to be the harbinger of modern cyberwarfare. It was developed by the US and Israel to target the Iranian nuclear program – but now it appears that it also infected a Russian plant.

In an unprecedented move, the reclusive heads of Britain’s MI5, MI6 and GCHQ spy agencies appear in public before a parliamentary committee, while Al Gore gives a speech in Montreal and Sir Tim Berners-Lee is interviewed by the Guardian – and all are t…

After Brian Krebs gave Adobe a strong hint that it had been breached, the company announced that just short of three million accounts may have been compromised. It later upped this to 38 million – but it now appears that the true figure is around 150 m…

For UK and US businesses, increased complexity stemming from trends like cloud computing and virtualization is driving a need for more automation within the IT network; but reality is lagging the requirement.