Verification and authentication provider Onfido is launching its Real Identity Platform, which adds a biometric face authenticator as well as new enterprise-grade security tools, including Onfido Private Key Encryption, to its existing identity verification suite.

Onfido Face Authenticate uses 3D Face Liveness Detection AI during user authentication. It's compatible with billions of iOS and Android devices, tablets and PCs.

Continue reading →

Security specialist One Identity is launching its Active Roles and Password Manager products in a software-as-a-service format.

Retaining the full capabilities of One Identity's on-premises solutions, the SaaS offerings are hosted, managed and operated within the One Identity Cloud. There's also a new SaaS-delivered solution, Starling CertAccess, which delivers access request and certification Active Directory (AD) and Azure Active Directory (AAD) in the enterprise.

Continue reading →

Web scraping allows the collection of data from third-party web sources. Data harvesting like this is one of the key pillars of the internet, but while it can be useful it also has the potential for harm.

The Cambridge Analytica scandal of 2016 first brought this type of activity to the wider public's attention but, as of today, there is still no regulatory body to govern its widespread use.

Continue reading →

Ensuring consent for the use of digital assets can be a bit of a nightmare. But a new solution from FotoWare ensures that employee photos are only used with the full consent of the subject, freeing content creators and managers who can quickly review, and refresh consents if usage changes.

FotoWare's Consent Management offers mobile and email based signature collection, along with searching and filtering media based on consent status.

Continue reading →

A favorite tactic of scammers is to invoke the name of a celebrity to get people to fall for their schemes. It's no surprise then that, given his known enthusiasm for cryptocurrencies, Tesla supremo Elon Musk's name often comes up.

Researchers at Bitdefender Antispam Lab have spotted two spam campaigns this month both seeking to cash in on Musk and Tesla's high profile in the cryptocurrency world.

Continue reading →

More than half of companies in India, Austria and the US experienced ransomware attacks in the past year, compared to a global average of 37 percent.

Data from Atlas VPN, based on research by Sophos, shows that out of 300 interviewees from India, 68 percent suffered from a ransomware attack, while 57 out of 100 respondents from Austria did so.

Continue reading →

Conventional encryption methods rely on the exchange of keys. This can leave them vulnerable, particularly when they're used on public cloud services.

One way around this is to use homomorphic encryption, this permits third party service providers to perform some types of operations on a user's data without needing to decrypt it.

Continue reading →

The median attacker dwell time before detection is 11 days or 256 hours, according to data from Sophos. That's time in which they're free to conduct malicious activity, such as lateral movement, reconnaissance, credential dumping, data exfiltration, and more.

The company has released an 'Active Adversary Playbook' detailing attacker behaviors and the tools, techniques and procedures (TTPs) that Sophos' frontline threat hunters and incident responders saw in the wild in 2020.

Continue reading →

Nearly half (49 percent) of US employees create their own tricks and shortcuts for managing logins, leaving business systems open to attack.

A new report from password manager company Dashlane, created in conjunction with Datalands and based on a survey of 1,000 people, identifies four different employee personas, and the potential barriers these employees may cause to security culture.

Continue reading →

As more systems move to the cloud the threat landscape becomes more complex and detecting events that require urgent attention is more difficult.

Many businesses are turning to AI to help and threat detection specialist Vectra AI has released a new report focusing on the top 10 threat detections seen across Microsoft Azure AD and Office 365 environments.

Continue reading →

New research from Akamai Technologies reveals that financial services firms suffered 3.4 billion credential stuffing attacks in 2020, a 45 percent year-on-year increase.

The report also observed nearly 6.3 billion web application attacks in 2020, with more than 736 million targeting financial services -- an increase of 62 percent from 2019. Over the past three years (2018-2020), DDoS attacks against the financial services sector grew by 93 percent.

Continue reading →

A new poll of over 4,000 UK Generation Z teenagers reveals that more plan to pursue studies in creative arts and design subjects rather than science, technology and IT.

The study from social app Yubo finds the most popular subject area for further studies is creative arts and design with nearly 15.4 percent of respondents saying they plan to explore further studies in this area, closely followed by medicine at 14.5 percent.

Continue reading →

Being able to find web vulnerabilities as soon as they emerge, before attackers can exploit them, is critical for organizations wanting to stay on top of web application security.

Saas security specialist Detectify is launching a new stand-alone application security tool that's specifically tailored for ethical hackers, making it easier for them to share their latest findings.

Continue reading →

Aging infrastructure, legacy tools and outdated strategy. Businesses today that have one or more of these issues are quickly realizing that they're not set up for success.

As we start to see signs that the pandemic is getting under control in some places, many companies are finding themselves faced with the reality that they were ill prepared to handle the tumultuous nature of the past 12 months. Those who've struggled to make it this far are realizing it's time for more than just a refresh of their old systems. A new approach is needed.

Continue reading →

A new survey from email service OnMail reveals that 93 percent of Americans think it's important that companies don't track their email, however, 32 percent don't know that leading email providers do it for advertising purposes.

Interestingly this view is remarkably consistent across age groups with 93 percent or more across all groups believing it's important that businesses don’t track the types of email you open.

Continue reading →