As browsers move away from unsecured HTTP, SSL certification has become an increasingly more public topic. Free services such as Let's Encrypt simplify the process of acquiring certificates, but the likes of Symantec still offer pay-for options if it makes you feel better. Except it shouldn't, as security researcher Hanno Böck recently discovered.

Symantec's researchers have uncovered a potential link between the WannaCry ransomware worm, that hit systems just over a week ago, and code used by the Lazarus Group, the hackers that attacked Sony in 2015 and $81M theft from the Bangladesh Central Bank and are believed to be based in North Korea.

Despite increased awareness of cybercrime and potential ramifications of online attacks, Australians continue to have a cavalier attitude towards online security, according to survey of over 1000 local consumers. This attitude carries over into the workplace and can put businesses at risk.

What's surprising is that those who have suffered a cyberattack in the past often continue to engage in unsafe online practices such as sharing passwords. Here are the full details of the survey.

Virtual private networks (VPNs) have existed for years, both as a legitimate tool for business users to make secure connections to their corporate networks remotely and for consumers to circumvent geo-blocking on overseas content websites like Netflix. People also use VPNs to encrypt their traffic when pirating copyrighted content. Now a major security vendor, Norton By Symantec, is entering the already crowded VPN market with its Norton WiFi Privacy offering for mobiles. Here's how it differs from the other VPN services.

Google had put in additional security measures to make it hard for malware to steal banking information on the Android operating system. But, as we know, cybercriminals are a tenacious bunch and they have found a way to bypass the additional security through Android's accessibility services. Here are the details.

Australia is very popular right now, but with the wrong kind of people. Cybercriminals see Australia as a goldmine and are sending waves of ransomware to our shores to extort victims into handing over money to unencrypt precious files. This is just one of the insights from Symantec's Internet Security Threat Report, which analyses security threats from around the world in 2015. We take a closer look at the findings that directly impact Australia.

Microsoft has already announced it will be blocking files that use digital certificates signed with the SHA-1 algorithm from around June this year. Cybercriminals are adapting fast by making malware that uses multiple digital certificates to avoid being detected. Here's what you need to know.

There's a spam campaign going around that masquerades as an email from credit card company Visa talking about its rewards program. It's a trap and the only rewards you'll get out of it is a ransomware virus. Here's what you need to know.

It was inevitable that cybercriminals would capitalise on the global attention on the Zika virus outbreak. Security vendor Symantec has issued a warning on a malicious spam campaign that lures people into downloading a piece of malware called JS.Downloader by claiming to have additional information on the Zika virus. Here are the details.

When Kristie Green, owner of North Star Scaffolding, saw a traffic infringement notice email come through on the computer she uses to run her small business, she didn't even think twice about clicking it. The computer instantly froze up and then a message appeared on the screen informing her the device has been hijacked and that she needed to pay a $900 ransom to gain access to all her files again. Kristie had been hit by a cryptovirus.

It sometimes seems that every second message coming into my spam trap is a phishing attempt pretending to be from an Australian bank (the spelling "Westpack" is often a giveaway). Yet analysis suggests that Australian banks are a relatively low-priority target for spam mailers.

The computer-security firm Symantec says it may have found some of the most sophisticated malicious software ever made. The cyber-espionage bug, called Regin, has been making attacks for many years without being caught.

As Lifehacker covered in 'The Next Five Years Of IT', the modern data centre is no longer a static environment. To stay competitive, you need an agile data centre which can deploy on-premises, pure cloud or hybrid technologies as the need arises. But what's the best way to effectively manage and deploy those resources? Here's how to control your data across all major platforms and protect against security breaches, loss of data and business downtime.

A recent Gartner study reminds us that with more companies harnessing data for a competitive edge, there are increased challenges to secure information and protect against data breaches or targeted attacks. So how are security vendors responding? In Symantec's case, by going far beyond anti-virus. As one of the largest civilian threat intelligence platform in the world, Symantec has deployed a range of tools to help organisations improve IT security. Here's what you need to know.

Symantec's Melbourne Security Data Centre generates root keys for certificate authorities, a task that can't be undertaken lightly given their vital role in online security. Here's a photo tour of the rarely-seen and highly-secured centre, including the "Ceremony Room" used to generate the new keys.

Technical expertise is obviously vital if you want to work in the security field, but it's not the only requirement. Looking to get ahead? Start by learning a second language (and we don't mean C++).

We tend to imagine hacking as affecting computers and servers, but those systems control many other devices. What would happen if malware infected a server managing the closed circuit television (CCTV) at a prison? That's not a hypothetical -- it actually happened.

Malware isn't always about stealing your personal information or roping you into a botnet. The recent Flashback malware for Mac (which infected more than 600,000 users) used a more subtle method to make money: hijacking the browser so that every search infected users made was redirected through a "pay per click" network, adding up to big bucks for the cyber-criminals. In an added twist, Twitter also played a crucial role in keeping the malware updated.