Behavioral biometrics, user authentication and malware detection company BioCatch has announced that it has been granted a patent for a new authentication technology through which devices would actually recognize their users by the way they use them.

The patent has been granted by the US Patent Office. It is called Device, system, and method for detecting user identity based on motor control loop model.

Companies seem to get compromised on a regular basis and, for the most part, it's security holes in their systems. But user error can also be blamed in some cases -- an errant click on an email attachment can unleash all matter of headaches for an IT department.

Such seems to be the case now with Seagate as reports are emerging of a loss of employee data that came via a phishing scam.

Security, and pretty much everything related to security, is the biggest challenge the IT industry is facing nowadays. Those are the results of a new annual research conducted by IT management and innovative security systems provider Shavlik.

The key takeaway point from the report is that 58 percent of IT professionals are more concerned about system security than they were 12 months ago, and we have all the high-profile security breaches that happened recently to thank for that.

Although mobile apps may be tested for security threats present at the time they're developed, they are of course subject to attacks once they’re out in the world.

Security solutions company SEWORKS is launching a new SaaS-based protection for Android called AppSolid, which will give development teams proactive protection and tracking of their apps across their entire lifespan.

Ransomware is a growing problem, with businesses and individuals increasingly having their data encrypted and held to ransom. As with so many forms of malware, it has been PC users that have borne the brunt of attacks, but over the weekend it was Mac owners that were targeted by the KeRanger ransomware.

The malicious software first appeared on Friday and is said to be the first fully-functional example of ransomware aimed at Apple devices. KeRanger was found to be installed alongside the Transmission BitTorrent client, and while Apple has used its Gatekeeper security system to prevent further infections, if you have installed Transmission 2.90 there are steps you need to take to clean up your system.

IT professionals believe their organization's data is more secure in the cloud than in on-premise machines, a new survey by Evolve IP, entitled 2016 Cloud Adoption suggests.

To be more precise, private clouds are the most popular solution, followed by public clouds, followed by on-premise machines. The survey polled more than 1,080 individuals and has unveiled that 91 percent of all organizations have at least one service in the cloud.

In the run-up to the presidential election, few days go by when Donald Trump isn't hitting the headlines for something he's said or done. The bombastic billionaire looks set to become the republican candidate, and his journey towards the White House is littered with offense and controversy, and back in December Anonymous declared war on him.

The loose collective of hackers and activist made its declaration after Trump announced plans to ban Muslims from entering the US. One of the alleged first strikes in Anonymous' war sees the group hacking the businessman's voicemail and leaking the messages. The messages appear to show that Trump had a surprisingly cosy relationship with the more left-leaning section of the media than one might imagine.

While the news about the dispute between Apple and the FBI rages on, security researchers continue to look for other ways into products, not just the iPhone. But as a prominent device it becomes a big target and deserves extra scrutiny.

The security experts from Israel and Australia decided to test out the electromagnetic radiation emitted by devices, in this case using an iPhone. The results were interesting, though they won't help in the case of phones in the custody of law enforcement.

The precise number of websites out there running on WordPress may not be known, but one thing is for sure -- there are a lot of them. Two reasons for the popularity of WordPress are the ease of set up and the availability of a huge range of plugins. One popular plugin, Custom Content Type Manager (CCTM), has just been pulled from the WordPress Plugin Directory after a backdoor was discovered.

The plugin has been installed on thousands of websites, and a recent update -- automatically installed for many users -- included a worrying payload. In the hands of a new developer, Custom Content Type Manager made changes to core WordPress files, ultimately making it possible to steal admin passwords and transmit them in plaintext to a remote server.

Amazon has came out in support of encryption, following Apple's recent legal battles with the US government, saying that it "plays a very, very important role" in protecting customer data.

But you might be surprised to learn that Amazon has also decided to quietly drop support for full disk encryption on its Android-based Kindle Fire tablets. Since it is portraying itself as an encryption and consumer advocate, its decision to go in the opposite direction strikes me as sheer hypocrisy.

For the past couple of weeks the tech news has circled around Apple versus the FBI, after the iPhone maker refused to comply with a court order to unlock a phone used by one of the terrorists in the San Bernardino shootings. That handset may or may not hold data relevant to the case or perhaps reveal plans for future attacks.

We'll possibly never know, given the agency changed the Apple ID and there are claims that even the iPhone maker cannot now get into it. The FBI, for its part, has acknowledged that it made a mistake in changing that ID.

Researchers at threat defense company Skycure have uncovered an Android proof of concept malware that uses accessibility services to allow attackers to spy on and even control a device.

It can monitor all of a victim's activity and allow attackers to read, and possibly compose, corporate emails and documents via the victim's device, as well as elevating their permissions to remotely encrypt or even wipe the device.

While it is true that pretty much every network is vulnerable to a cyber attack, it is also the case that attackers must follow a certain formula of actions to compromise these systems. Industry research has shown that, on average, advanced attacks nest inside organizations for 200 days before discovery. That’s a long time for an attacker to stealthily gather private data, monitor communications and map the network.

However, once we understand the steps of a successful cyber attack from an attacker’s point of view, then it is possible to, at the very least, shorten the amount of time it takes to detect it; or mitigate it entirely.

The security group Rapid7 has released a new report that may prompt some alarm from web users who are heedless when it comes to choosing their online passwords.

Instead of using the passwords that internet users are the most likely to pick, the group took a different route and examined the passwords that cybercriminals are actually trying to use to hack into a number of systems including POS systems, kiosks, and computers.

The Pentagon is to run its own big bounty program, inviting white-hat hackers to test the security of its systems. It is not intended to be a free-for-all, and would-be hackers will be vetted before being given the go-ahead -- although of course there is nothing to stop anyone from trying to breach the defenses if they feel so inclined

The 'Hack the Pentagon' initiative was launched today by Defense Secretary Ash Carter. He said "I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance our national security". It is to be a carefully managed program which will only be open to US citizens, and networks relating to particularly sensitive material and weapons will be off-limits.