Researchers have discovered a ‘Snapchat’ link that provides many things – mainly advertisement-serving adware – but the one thing it doesn’t deliver is Snapchat itself.

Two researchers have demonstrated that lessons have not been learned from Robin Sage, a fictitious character created on social media in 2009, who went on to collect friends in the FBI and CIA and get job offers from Google and Lockheed Martin.

Mobile malware focused at Google’s Android operating system is proliferating at a prodigious rate. But increasingly, a particularly unsavory brand of malicious adware – dubbed “madware” – has been making significant inroads to Google Play. Volume-wise,…

(ISC)² has announced the recipients of its annual US Government Information Security Leadership Awards (GISLA) program, including the inaugural Lynn F. McNulty Tribute GISLA award, which went to Dr. Ronald “Ron” Ross, senior fellow at the National Inst…

A paper published this week by the Institution of Engineering and Technology (IET) demonstrates that contactless payment card data can be intercepted at more than four times the distance laid down by standards.

Finnish foreign minister Erkki Tuomioja yesterday confirmed reports that the country’s government networks had been breached by hackers. Local TV station MTV3 had earlier claimed that Chinese or Russian agents may have been involved.

Legitimate SMB websites pose a greater cybersecurity threat than pornography sites, says Sian John, security strategist at Symantec.

A flaw impacting Apple iOS-based apps has been discovered that, if exploited, could allow an attacker to hijack the server URL from which mobile applications load their data, replacing the served data with his own content.

The US energy sector experienced the largest number of malware attacks of any industry in the spring and summer of 2012, with the end result being expensive outages at pipelines, oil refineries and drilling platforms. This year, brute-force attacks and…

BSIMM-V is effectively a scorecard that can be used by companies to either measure or improve their existing software development security stance. It is not a ‘standard’ in the regulatory sense; it more a practical description of actual best practices.