If you've ever expressed concern about the security implications of Amazon Ring connected doorbells; if you've ever voiced privacy concerns about letting Amazon have such a portal into your life... your fears have been justified.

It has just been revealed that a security flaw in the camera-toting devices made it possible for hackers to access customers' Wi-Fi usernames and passwords. With these credentials, it would then be possible to launch a wider privacy-invading attack on households, accessing all manner of data and devices on home networks.

With more and more devices now connecting to the internet, the risk of a security breach from an unsecured piece of kit grows too. But exactly how big is this problem?

Workplace productivity and network security software specialist CurrentWare  has produced an infographic looking at the impact of the IoT on workplace security.

Security firm Trend Micro has revealed details of an inside scam which led to personal details of its customers being exposed.

The security incident dates back to August this year, and the company says that it was made aware of customers being contacted by fake Trend Micro support staff. Following an investigation lasting until the end of October, it was determined that it was a member of staff that had fraudulently gained access to a customer database and sold personal data to a third party.

The healthcare industry has yet to find a cure for cyberattacks. Housing personal health data, all kinds of providers are vulnerable targets of hackers and patient care can be put at great risk.

News of breaches in healthcare computer systems is a regular occurrence. Over 100,000 medical records were recently leaked as a result of a data breach at a Montana hospital. And research this year showed an upsurge in malware attacks on healthcare providers. Phishing messages, a means of malware delivery via email, have been found to come in the form of alerts from the US Centers for Disease Control and Prevention (CDC).

Online fraud increased 30 percent overall in the third quarter of this year and bot-driven account registration fraud is up 70 percent as cybercriminals test stolen credentials in advance of the peak holiday retail season.

These are among the findings of the latest Fraud and Abuse report from Arkose Labs, its analysis of over 1.3 billion transactions spanning account registrations, logins and payments, reveals that one in five account openings were fraudulent.

Users of the Mac and Windows versions of Firefox are being targeted by malicious sites that display a fake warning message and then completely lock up the browser.

Hackers are taking advantage of a bug in Mozilla's web browser to tamper with the software and render it unusable without the need for user interaction. At the moment there is no fix, and the problem is wreaking havoc and causing distress.

With increasing awareness of fraud and identity theft businesses are under pressure to secure their systems and many are turning to solutions like biometrics to do so.

To bring biometric identity-proofing and authentication capabilities within reach of both large and small enterprises, Unisys is launching an SaaS version of its biometric identity management software.

As increasing numbers of businesses shift to cloud and multi-cloud environments, securing systems becomes a much more complex task.

For Microsoft Azure users Trustwave is launching new services to bolster threat monitoring, detection and response natively on the platform.

Critical infrastructure such as water and power supplies is a prime target for hackers, but is often run using aging systems that weren't designed for the internet era.

Remote access specialist Dispel is launching a new Secure Remote Access platform that helps to protect these systems while at the same time allowing remote access for authorized users to carry out essential maintenance.

According to a new survey, 78 percent of respondents are still using unencrypted protocols to transfer some of their files, and only 44 percent are using two-factor authentication when connecting to their file transfer server.

The study for VanDyke Software, conducted by Amplitude Research, interviewed 450 professionals involved in data protection and file transfers and finds that 48 percent of companies are transferring files at least multiple times per day and sometimes 'continuously'.

A survey of over 1,000 IT workers, carried out by technology services provider Probrand reveals that more than one in five (21 percent) don't actually know what constitutes a 'cyberattack'.

Used as a catch-all term, cyberattack can cover everything from a simple phishing email, right across to a large-scale server attack, however, many IT workers have never seen, or don't understand, what the real detail of an attack actually looks like.

Users of Chrome are being urged to update their browsers as Google is rolling out a patch for two serious zero-day vulnerabilities, one of which is already being actively exploited.

The Chrome security team says that both vulnerabilities are use-after-free security issues which can be used to exploit arbitrary code. One vulnerability exists in an audio component of the browser, while the other can be found in the PDFium library. The Windows, macOS and Linux versions of Chrome are all affected.

Attacks on cloud systems often take advantage of misconfigurations, something which can easily go undetected.

Can today's security operations teams use automation and leverage advanced analytics to adapt to the current, cloud-based threat landscape and maintain organizational safety?

Domain name registrar Web.com has revealed that it fell victim to a data breach earlier in the year. Two of the company's subsidiaries, Network Solutions and Register.com were also attacked by the hackers at the same time.

The incidents took place back in late August, but were only discovered a couple of weeks ago. The attackers were able to access personal details of customers, but Web.com does not say how many people are affected -- although it is likely to run into the millions.

As cybercriminals become more sophisticated, spotting phishing emails is increasingly difficult. Even if a user reports something suspicious to the IT security team it can take time to analyze it before others can be warned.

Security automation specialist LogicHub is launching its Autonomous Phishing Triage, which automatically and accurately analyzes and classifies emails with 97 percent accuracy, reducing the number of alerts requiring human analysis by 75 percent or more.