Deception technology intended to catch out attackers by deploying decoys that mimic business systems is gaining in popularity. The market for deception is expected to exceed $2 billion by 2021.

Threat defense specialist Acalvio Technology is launching a new product called ShadowPlex which offers the scale and depth of a dynamic deception environment, and integrated intelligence built on a cloud-first infrastructure that makes it easy and cost-effective to deploy.

Continue reading →

We all know someone who’s been in a difficult position following a security breach. They are rushing to assess the damage, while simultaneously repairing website functionality to limit the compromise. It’s a stressful situation, especially if you’ve had to deal with a compromise more than once. Unfortunately for some website owners this is a reality -- shortly after the initial security breach, the website becomes compromised again. It leaves the website owner asking why their website is being targeted and how the website re-infection is happening.

The short answer is that it’s most likely due to unresolved vulnerabilities. While it may seem like you’ve been singled out and targeted by some menacing hackers, most of the time that isn’t the case. The majority of website compromises are preceded by automated campaigns that locate websites vulnerable to a particular exploit the hacker wishes to employ. The bottom line is, you aren’t the target that the hacker is singling-out, it’s the software on your website. There are a couple main culprits for this scenario.

Continue reading →

Technology is ever the equalizer, and this is increasingly true in the realm of home security. For most people, home security means a few good deadbolts and possibly some bars on the window. Whole-home, monitored, wired security systems that cost upwards of $50 a month (not to mention long-term contracts and multiple up-charges for installation and additional features) are an expensive option if all you want to know is if someone is in your backyard or trying to open your front door.

Today, thanks to wireless technology, there are multiple lower-priced options for home monitoring systems, including complete DIY systems that you can install and monitor yourself. However, these still start at around $200. What if you just want some basic, high-tech security that won’t break the bank? Here is a round-up of nine low-cost, high-tech ways you can protect your home, based on your specific security needs, all for under $100.

Continue reading →

Researchers at threat intelligence specialist Recorded Future have uncovered a new strain of ransomware called Karmen that’s designed for use by people with limited technical expertise.

The ransomware-as-service has been developed by Russian and German hackers and is notable for its user-friendly approach. It comes equipped with a dashboard that allows the tracking of computers infected with the virus, including the status of any ransom that’s been paid.

Continue reading →

UK-based businesses of all sizes are being urged to protect themselves against cyber crime after new government statistics showed nearly half of all UK businesses suffered a cyber breach or attack in the past year.

The Cyber Security Breaches Survey 2017 reveals nearly seven out of 10 large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the period being £20,000 and in some cases reaching millions.

Continue reading →

Microsoft is making it easier than ever to sign into a Microsoft account, adding a new authentication option in the Microsoft Authenticator app that lets you approve the sign in attempt using just your Android smartphone or iPhone.

Here's how it works. When you enter your Microsoft account handle you will get a prompt from Microsoft Authenticator to approve or deny the attempt. To take advantage of this option, you need to add your Microsoft account to the app or, if you already did so, turn on the "Enable phone sign-in" option.

Continue reading →

Lloyds Bank customers will soon be able to log into their accounts through fingerprint scanners and facial recognition technology, rather than typing in passwords. According to the bank, it has teamed up with Microsoft to bring the Windows 10 authentication technology to its customers.

The biometric authentication technology, which Microsoft named Windows Hello, uses a combination of infrared technology and advanced software to identify the user in various lighting conditions. It was also emphasized that fraudsters can’t bypass the security measure by using a photograph.

Continue reading →

A high percentage of companies using AWS cloud services have at least one critical security misconfiguration according to a new survey.

Cloud security company Threat Stack has analyzed more than 200 companies using AWS and found a number of well-documented security misconfigurations.

Continue reading →

UK companies are ill-equipped to deal with cyber-attacks, a report by the British Chambers of Commerce (BCC) says. Nearly one in five smaller companies (18 percent) have fallen prey to cybercrime, and the figures are even worse for larger firms.

When looking at companies with more than 100 employees, the number that have been hit by cyber-attacks jumps to a staggering 42 percent. More than three quarters of the firms surveyed by the BCC did not have anti-hacking security measures in place, and most relied on third-party firms to clean up after an attack rather than having in-house solutions.

Continue reading →

Hardly a day goes by without some media coverage that is focused on cyber. Whether is it sensationalist headlines announcing the most recent cyber-attack that has left some unfortunate company red faced and bereft, the outcome of yet another survey generally conducted by an entity selling cyber related goods or services, or the announcement of new regulation and legislation. A front page headline of CITY AM screams CYBER CRIME WIPES £42BN OFF SHARES -- surely there cannot be a board director left who can deny awareness that cyber-crime poses a threat to his or her business.

Having engaged in the cyber debate for more than a decade, it seems we can at last all agree that the foundation stone is now well in place with widespread, if not universal, acceptance that cyber-crime and cyber risk are real and now an ever present challenge to businesses.

Continue reading →

There are not many well-known online services that don't offer two-factor authentication (2FA) nowadays, but Twitter is very late to the party. Well, that might not be strictly true. Twitter recently added support for third-party authenticator apps, but failed to make any sort of song and dance about it.

The change means that it's now possible to make use of the likes of Google Authenticator and Authy with Twitter -- but you'd be forgiven for not having found the option by accident already.

Continue reading →

It shouldn’t come as a surprise that cybercrime is big business, and is growing at an exponential rate. In 2015, UK insurer Lloyd’s of London estimated the cybercrime market at $400 Billion. Today, just two years later, the World Economic Forum estimates that same market to currently be $3 trillion. And the prediction from Cybersecurity Ventures is that it will cost the world in excess of $6 trillion annually by 2021.

The "darknet" -- the part of the Internet that most people have never seen and which lies beyond normal web browsers -- is protected by layers of anonymity, and has become a haven for criminal commerce. Its inaccessibility lends it a certain mystique, but that aura of mystery breeds misunderstanding. At the edge of the unknown, understanding tends to be a scarce commodity and is often replaced with fear, uncertainty, and doubt -- a trio so intertwined they’re better known simply as "FUD."

Continue reading →

In recent years containerization has seen increased popularity thanks to its ability to deliver an agile, flexible environment in which software can be reliably moved from development to testing to live, or from in-house to the cloud.

But the use of containers also throws up new challenges, particularly when it comes to keeping data secure. Container security specialist Twistlock is using this week's DockerCon to launch an updated product with new features, improved performance and a revised user interface.

Continue reading →

Say what you want about Microsoft, but the company stays on top of security. Yeah, it may issue more patches and fixes for Windows compared to some other operating systems, but that doesn't necessarily mean the OS is less secure -- it could mean that the company is simply more proactive and transparent than others. Quite frankly, I'd rather get many patches than be lulled into a false sense of security.

When hacking group "Shadow Brokers" started leaking NSA-discovered exploits, many people were understandably worried. While the leaks would enable operating system makers to issue patches -- thereby making the OS more secure -- it also meant that before the fixes were issued, many computers would be at an increased risk. Luckily, when it comes to the recently leaked Windows exploits, Microsoft was already prepared -- currently supported versions of the operating system are not impacted.

Continue reading →

OK, so, Beaming says UK businesses suffered, on average, 43,000 cyber-attacks in the first quarter of 2017 -- each. If this number sounds way too big, then it would be even more interesting to hear that this is actually seven per= cent lower than what was going on in the same period last year.

Breaking the numbers down, Beaming says each business gets attacked 474 times per day. Almost all of these attacks, 92 percent of them, are targeting Internet of things devices, such as networked security cameras or building control systems, as these IoT devices can be controlled remotely, over the internet.

Continue reading →