Over the last few weeks you may well have received an email that quotes an old password you once used. It tells you that your account has been hacked, that malware has been placed on your machine to capture data and that you’ve been recorded watching porn.

It then demands that you cough up some Bitcoin -- amounts vary -- to prevent this webcam video from being made public on your social networks.

Businesses need to protect themselves against harmful websites, but recognizing which are dangerous and which are not can be a tricky task.

Cyber defense company Comodo is launching a new version of its cloud-delivered, DNS-based Security-as-a-Service (SaaS) solution that allows enterprises, medium-sized and small businesses, MSPs and channel partners to protect users’ digital presence.

While organizations are increasingly using the public cloud to create new digital experiences for their customers, the average enterprise experiences more than 2,200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances.

This is among the findings of McAfee's latest Cloud Adoption and Risk Report which also finds that 21 percent of data in the cloud can now be classed as 'sensitive', putting the business at risk if it's stolen or leaked.

It’s that time of year where we look for cookies outside of stores. The prices of those sold by Girl Scouts have gone up over the years, but we all continue to buy them. Regardless of whether you like Thin Mints, Samoas or any of the several other brands available, there’s something for you.

Right now, however, the Girl Scouts have more problems to worry about beyond their fundraising campaign. The Orange County, California branch of the organization has warned 2,800 members that their personal data could have been compromised. You can view the letter here.

Risk management specialist Focal Point Data Risk, has released its latest Cyber Balance Sheet Report showing that wider awareness of risks -- including third-party data breaches, ransomware and geopolitical conflicts -- spurs more security dialogue in the boardroom.

However, C-Suite and security leaders still struggle to frame risk in productive decision-making terms and keep an eye on whether companies are operating within an acceptable level of risk.

Moving to digital transformation means that companies frequently have a host of vendors, suppliers, providers, and subsidiaries, all connected to their network or data and each with the potential to publicly expose customer information, intellectual property, or heavily regulated data.

Without continuous insight into these other networks third-party risks can be hard to assess, leaving businesses open to the possibility of data breaches.

A new report from AlienVault, based on findings from vendors' threat reports in its Open Threat Exchange (OTX) platform, reveals more non-Microsoft exploits are in the top 10 list this year.

This is largely due to a rise of server attacks, particularly cryptocurrency-mining botnets that use remote exploits, such as Drupal. The report also sees an IoT exploit make the list for the first time.

With passwords increasingly being seen as insufficient to properly secure access to websites, more and more companies are turning to two-factor authentication.

New research from digital identity management experts Dashlane looks at how some of the biggest consumer websites are protecting their users. It looks at 17 of the UK’s most popular sites and finds only four get top marks for their 2FA offerings.

Implanted brain stimulation devices are used by scientists to explore how memories are created in the brain. New research shows that vulnerabilities mean they could be be targeted in future to steal personal information, alter or erase memories or cause physical harm.

Sound like science fiction? Researchers from Kaspersky Lab and the University of Oxford Functional Neurosurgery Group have used practical and theoretical analysis to explore the very real vulnerabilities that could exist in implanted devices used for deep brain stimulation.

The British Airways breach earlier this year affected around 380,000 customers and resulted in the theft of data including personal and financial details.

The threat research team at Securonix has taken an in-depth look at the breach and the Magecart threat actor behind it, to uncover how it was carried out and offer tips to mitigate and prevent future attacks.

An "incorrect command-line parameter validation" vulnerability in X.Org server makes it possible to escalate privileges as well as overwrite files. The problem affects Linux and BSD distributions using the open source X Window System implementation.

The vulnerability has been present for a couple of years, but has been brought to light by security researcher Narendra Shinde. Unpatched system can be exploited by non-root users if X server is running with elevated privileges.

Google may have pulled out of the Pentagon's $10 billion JEDI cloud project, but Microsoft has no intention of following suit. Company president Brad Smith has used a blog post to defend the decision to bid for military contracts, despite pressure from its employees.

Smith recognizes that there are ethical concerns about getting involved in military projects, particularly when artificial intelligence technology is involved. However, he says: "we believe in the strong defense of the United States and we want the people who defend it to have access to the nation's best technology, including from Microsoft".

According to research from Kaspersky Lab, 86 percent of CISOs believe that breaches are inevitable, but too many are stuck in a vicious circle of risk.

Financially motivated criminal gangs (40 percent) and malicious insider attacks (29 percent) are the biggest risks to their businesses, and these are the threats that are extremely difficult to prevent, either because they are launched by 'professional' cybercriminals or because they are assisted by employees who are expected to be on the right side.

You've no doubt heard of Ring -- there’s near constant ads for it on TV these days, some featuring Shaquille O’Neal.

Ring became famous for its video doorbell that shows you who is outside, without you needing to open the door. The company has since expanded into video security cameras and full security systems, complete with camera, doorbell, sensors and all. Coverage runs you $10 per month, much cheaper than the big names that tend towards $30.

One of the problems with buying an Android phone over an iPhone is the fact that you don't know how long you can expect to receive updates. There has long been criticism of the fact that many Android handsets are quickly abandoned while Apple pushes out iOS updates for a number of years.

We've heard suggestions that Google might start requiring handset manufacturers to provide updates for a minimum period, and now it seems that this has indeed been mandated. A leaked copy of a contract between Google and OEMs shows that there is now a requirement to release security updates -- or face the consequences.