Incident Response Process – CompTIA Security+ SY0-501 – 5.4

Vulnerability Types – CompTIA Security+ SY0-501 – 1.6

New behavioral biometrics FIDO certification, developer tool, customer win revealed

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

digital identity KYC security

Zighra’s behavioral biometrics for decentralized continuous authentication have been certified by the FIDO Alliance, with the company claiming it is the first on-device behavioral biometrics solution confirmed to the FIDO standard.

The combination of AI, biometrics and behavioral analytics provides continuous protection against phishing and fraud in both conventional and zero-trust systems, the company says. The technology is available as a workforce app for secure logical access, and can help organizations comply with GDPR and the California Consumer Privacy Act.

“Now, with FIDO certification, Zighra adds tremendous value to meet the growing contactless-access needs of current and post-COVID work and lifestyles,” says Deepak Dutt, CEO of Zighra. “Our unique, patented solution provides powerful security controls to continuously protect enterprises and users, across devices, all with a seamless experience.”

The USPTO recently granted Zighra a patent for passwordless authentication with its behavioral biometrics.

Incognia launches free Developer Edition

Incognia has made its location-based behavioral biometrics available for free to mobile app developers to help them build its fraud prevention capabilities into fintech and mobile commerce apps.

The Developer Edition of Incognia’s technology provides rapid SDK integration of frictionless fraud prevention, according to the announcement, which works silently in the background to detect compromised devices. The new edition includes thousands of free API requests per month, and mobile apps with larger user bases can move to Incognia’s paid enterprise solution.

“Mobile adoption and contactless payments are fueling the growth of mobile apps that process payments and need fraud detection. Along with growth in mobile app usage is growing demand for frictionless mobile experiences that are also secure. We’re excited to launch our developer offering to allow mobile app developers access to frictionless identity verification and authentication features for mobile users,” comments André Ferraz, founder and CEO of Incognia. “With the free Incognia Developer Edition, companies of any size will be able to…


Safety Certification Giant UL Has Been Hit By Ransomware

UL, which you may know better as Underwriters Laboratories, has overcome countless obstacles in its 127-year run as the world’s leading safety testing authority. Now they’re facing down a true 21st century menace: ransomware.

As reported by Bleeping Computer’s Lawrence Abrams, UL detected suspicious activity on its network last weekend. At-risk systems were shut down as soon as possible to prevent the ransomware from spreading further.

That resulted in interruption to certain services offered by UL including the myUL client portal. As of the time of writing the portal display an outage notification and advises users to call or email UL for assistance.

A statement provided by UL notes that the breach was detected on February 13. A “leading cybersecurity firm” has been brought in to assist UL with its investigation of the incident and law enforcement officials have been notified.

UL Doesn’t Intend To Pay Ransom

At this point it appears that UL wants nothing to do with its ransomers. Staff have been told not to respond to the hackers’ attempts to make contact. UL does not plan to pay the ransom and instead will restore any lost data from backups.

That’s what the FBI advises all ransomware victims to do. There are numerous potential pitfalls for those who do pay.

Even if victims do pay the ransom there’s no guarantee that their attackers will follow through with the promise to restore data — these are criminals, after all.

There’s also the possibility that the hackers will do what they say but ransomware’s decryption routine won’t work as hoped. If that happens, a victim’s files will be permanently destroyed.

Why Do Some Victims Pay?

There are a handful of reasons ransomware victims pay to recover their data. One of the most common are not having a secure, current set of data backups. Another is…