While consumers may be looking to scam retailers as the cost of living crisis deepens, cyber criminals are also on the rampage through the sector, with a range of automated threats – from account takeover, credit card fraud, web scraping, API abuses, Grinch bots and distributed denial of service (DDoS) attacks – all becoming a persistent challenge for the eCommerce industry, threatening online sales and customer satisfaction.

In short, they’re not. But a new Chubb report finds increasing cyber anxiety, as well as people clinging to bad security habits. (Seriously, that ‘keepsake password’ has to go.)

A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers.

For years, Big Tech has insisted that the death of the password is right around the corner. For years, those assurances have been little more than empty promises. The password alternatives—such as pushes, OAUTH single-sign ons, and trusted platform modules—introduced as many usability and security problems as they solved. But now, we’re finally on the cusp of a password alternative that’s actually going to work.

What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way.

The U.S. Federal Communications Commission plans to ban all sales of Huawei and ZTE telecommunications equipment in the United States on national security grounds, news website Axios reported on Thursday, citing sources familiar with the matter.

The US government is recognizing the importance of open-source software. But is it ready for what's needed?

Should you be monitoring your work-from-home employees? Yes, but not for the reasons you might suspect. According to a recent report in the New York Times, eight of the 10 largest private US employers are using software and other technologies to track the productivity of their employees in the office and at home.

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The flaw affects the desktop app for Windows, Mac and Linux built using Microsoft's Electron framework. Microsoft is aware of the issue but said it has no plans for a fix anytime soon, since an exploit would also require network access.

Apple released an emergency security update Thursday, disclosing that there were vulnerabilities for certain iPhone, iPad and Mac products. These vulnerabilities were disclosed in a software update, which the company said should safeguard the products.

SpaceX congratulated a researcher who said he hacked into Starlink using a $25 homemade device as part of the company's bug bounty program.

The Canadian town of St. Marys had its data stolen and held hostage by a ransomware gang.

Apple has announced Lockdown Mode, an "extreme" level of security designed for a "very small number of users who face grave, targeted threats." It will be available this fall when the company rolls out iOS 16, iPadOS 16 and macOS Ventura.

Hi America, this is Brandon from Tutanota. As I’m sure you already know, on June 24, 2022 the Supreme Court of the United States delivered the ruling that the US Constitution does not confer the right to abortion, thus overruling Roe v. Wade and Planned Parenthood v. Casey. As soon as the decision was made public, thirteen states with trigger laws were able to begin enforcing stricter restrictions on abortions.

Are password managers a single point of failure? This is a question that gets asked by many new people to password managers. With all the data breaches happening it’s no wonder people are concerned about using a password manager.

Armed with little more than a computer, hackers are increasingly setting their sights on some of the biggest things that humans can build. Vast container ships and chunky freight planes — essential in today’s global economy — can now be brought to a halt by a new generation of code warriors. “The reality is that an aeroplane or vessel, like any digital system, can be hacked,” David Emm, a principal security researcher at cyber firm Kaspersky, told CNBC.

Nothing has lowered Cybereason’s expectations for growth. Rather, the continuing rise in ransomware attacks has forced its clients to bolster spending on security systems, putting the security software company ahead of schedule when it comes to revenue. But Cybereason is cutting costs anyway, confirming last week that it’s laying off 10 percent of its workforce, or about 100 employees. The reductions follow the dramatic swing in the economy this year and the beating that software stocks have taken on the public market.

Almost nine in 10 organizations that have suffered a ransomware attack would choose to pay the ransom if hit again, according to a new report, compared with two-thirds of those that have not experienced an attack.

Microsoft’s security business is growing faster than any of its main products, and now the company is adding heft to its offerings with three new services designed to help organizations spot and respond to cybersecurity incidents. Microsoft is among the leaders in cloud software and infrastructure, which means its technology is already the backbone for many businesses of all sizes.

Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing attacks and ease the overall password burden on Internet users, but caution that a true passwordless future may still be years away for most websites.