Investment company which takes stakes in tech firms valued at £4mill.




11p to buy.

Hackers paradise good for TERN

SUNDAY MAIL = 23 August 2015
Thousands exposed in massive new data hack: It's not just adulterers outed on web - if YOU own a PC hard drive you are at risk from the 'Google for hackers'
Photographs, medical records and bank statements are all downloadable
Due to glaring security flaws in hard drives used to back up and store data
The website, called Shodan, also has confidential files of a High St law firm
It comes after hackers exposed names of people using Ashley Madison site

Thousands of Britons have been made vulnerable to cyber crime after the secret contents of their computers were exposed on the internet by a vast website dubbed the ‘Google for hackers’.

Family photographs, medical records and bank statements can all be easily downloaded from the site because of glaring security flaws in hard drives used to back up and store personal and business data, a Mail on Sunday investigation has found.
Highly confidential files belonging to a High Street law firm were also freely available on the website, called Shodan, including full details of their clients’ financial affairs, passports and driving licences.

Hack: Thousands have been made vulnerable to cyber crime after the secret contents of their computers were exposed on the internet by a vast website dubbed the ‘Google for hackers’

Hack: Thousands have been made vulnerable to cyber crime after the secret contents of their computers were exposed on the internet by a vast website dubbed the ‘Google for hackers’
Last night, security experts said millions more British companies and internet users are also at risk of being hacked because the US-based Shodan website provides crucial information about their web-connected devices.
Even private servers run by the world’s biggest and most expensive science lab, CERN, can be viewed and potentially tampered with.
The revelations come just days after hackers dumped online the names, email addresses and sexual preferences of millions using affairs website Ashley Madison.

Following our investigation, consumers are being urged to check all PCs and gadgets have the latest software updates and are not relying on easy-to-guess passwords.
Professor Tim Watson, director of the Cyber Security Centre at the University of Warwick, said: ‘What Shodan does is shine a light on some of the more insecure aspects of this new interconnected world.
‘We are buying kit connected by default to the internet, because we love the fact we can use it anywhere. But this comes at a price – we’re buying these features but we’re not buying security.’

Access: The Shodan (logo, left) website, founded by John Matherly (right) gives entry to millions of private computer devices worldwide
The personal files are all publicly visible because the Shodan website trawls the world looking for all open connections to the internet.
It has found details worldwide of more than 100 million computers, smart phones, web cameras and even building control systems like air conditioning units. An estimated 11 million of these are in the UK.

Shodan can identify the rough physical location of each piece of equipment, a unique identifying number known as an IP address, and often what type of software is powering it. This in itself is a boon to hackers because it gives them enough information to carry out a targeted attack, experts say.
‘Shodan is basically a Google for hackers,’ said Henry Dalziel from cyber security training firm Concise Courses.

Shodan also looks for devices that either have no password protection or are guarded by obvious default settings like ‘admin’ or ‘1234’.
It identified a particular problem with external hard drives made by a company called Iomega, since taken over by Lenovo, used by thousands of families to provide extra space for their treasured photo collections or to back-up important documents.

As many as 20,000 of these storage devices worldwide can be viewed on Shodan, 1,600 of them in the UK, simply by searching for the term ‘Iomega’. Most do not have any password protection. In two cases, the MoS spoke to victims whose hard drives were hacked despite setting up unique passwords.
Within minutes of the MoS signing up to the site – which is free to join for a limited number of searches but costs $49 (£31) for full membership – we were able to look at the folders stored on these machines.

Because most files contained the names and addresses of their owners, as well as more confidential information such as medical records and credit card statements, we were able to track them down to warn them of their exposure to cyber fraud and ID theft.
We took care only to look for enough information to allow us to contact the drives’ owners.

A family in Oxfordshire were shocked to find their bank account details, medical documents, insurance information, passwords and photos were available for hackers.
Maxine, 39, and Helen, 43, who are in a civil partnership, were staggered to learn the Iomega hard drive they bought two years ago to keep personal information safe had left them exposed on Shodan, despite a unique password.
The couple, who have a nine-year-old girl and a six-year-old boy, immediately disconnected the drive.

‘I’m more concerned about the fact it’s got our children’s names on it,’ said Maxine. ‘It’s got stuff about how we went about having children and things like that.
‘We felt like we’d made an educated and informed choice. It won’t ever be the same again.’
Father-of-two Hars Member, from West London, said he was considering taking legal action after discovering that his family’s private details were also exposed on Shodan.
Mr Member, 50, who runs an online eBay business selling cosmetic products, unplugged his machine after learning the private details of his wife, son and daughter were vulnerable.

‘Anyone can do anything to me,’ he said. ‘All the family’s details are on there. It’s really scary for me. It’s unbelievable.’
Victims include two tech-savvy women who specifically bought their Iomega Home Media Network hard drive – model number HMND2 – because they believed it was the safest way to store family records.

By searching Shodan for unprotected devices in Glasgow, we discovered a hard drive containing the business files of a solicitors’ firm.Folder titles included ‘cash’, ‘clients’, ‘powers of attorney’ and ‘money laundering’, with the individual files giving full details on everything from house purchases to visa letters and even customers’ passports.

One of the main folders was titled ‘MacKaur documents’ while others gave the names of the two partners and a secretary working for a Scottish law firm called MacRae & Kaur. But it denied its data had been leaked.

The firm’s lawyer said: ‘Those I represent have clarified with their IT support organisation that the computer system they employ, in particular that which deals with the storing of data securely is lawful and in accordance with legal requirements as a law firm practising in Scotland.’

A MoS investigation last year revealed how a website was broadcasting live security camera footage from inside homes, offices and shops across Britain on the internet.
Hard drive manufacturer Lenovo admitted there had been a problem with some of its devices’ folders being available online but said new products no longer have this flaw, while existing customers have been able to download a security update since last year.

A spokesman said: ‘Lenovo addressed these concerns in 2014 whereby new devices did not have this problem and a fix was made available to existing customers.’ But it refused to say if all hard drive owners had been made aware of the security breach.

As well as downloading the latest software updates, the Information Commissioner’s Office, Britain’s data watchdog, urged computer users to check their passwords.
A spokesman said: ‘The first security step anyone should take when getting any new device, is to set a strong password.

‘The default passwords many manufacturers use are freely available online so it’s important to get these simple passwords changed.
‘If the device doesn’t have a password, then as a bare minimum, you should set one up, making sure it’s not one that can be easily guessed.’

Shodan’s American founder John Matherly, 31, defended his site’s service, although he admitted some individuals had been banned for abusing it.
‘I don’t believe in shooting the messenger. Shodan is the right answer to the problem,’ he said.

‘People should be upset that the product they purchased didn’t provide better safeguards to protect their data and prevent it from being leaked on the internet.
‘The way we fix these insecure-by-default devices is by raising awareness so consumers demand change from companies.’

unchanged so far

on a day like today where the Market is down by 3% MMs are not in a hurry to push prices up despite, buyers are well ahead of sellers

But at one point the book will have to be filled again with stock, and the prices will have to move forward in order to encourage sellers

so far I take buyers for 600K v sells of 169K
the last 50K delayed was a buy

17.50p = finished unchanged,
despite the attempts by MMs of shaking the stock, when there was a clear signal of double the buys v sells from 11am till close

the ticker shows at the end
buys 803,312k
sells 400,987K

Market Makers must fill their books at one point, cuz they must be short by now, so the only way is upping the bid tomorrow

RE: double buying today

The same is happening today Tuesday but at least they let the share price go up as I was expecting now 19.25p +1.75p

MAM's chart not showing the right price again

Interesting tweet from Cryptosoft about government enforcing standards -

Https://mobile.twitter.com/CryptosoftLtd/status/636088317147246592

20.50p +3p

Posted Aug. 24, 2015 at 6:04 a.m.
Warning to private data posters: Deleted information never actually goes away

NEW YORK — The Ashley Madison hack is a big reminder to all Web users: If you submit private data online, chances are it will never fully be deleted.
The hackers, who stole the data about a month ago and then posted it online this week, claimed in a statement that part of the reason for the theft was Ashley Madison's fraudulent promise to fully delete users' information if they paid the company a $19 fee.
The website — whose slogan is "Life is short. Have an affair" — is marketed to people looking for extramarital relationships. It purports to have about 39 million members.
The hackers said the company failed to delete the information, even though it collected the fees. Toronto-based Avid Life Media Inc., Ashley Madison's parent company, hasn't commented on the hackers' accusation. A company spokesman didn't respond to multiple emails seeking comment.

It's virtually impossible to exist in modern society without putting at least some personal information online. Many people can't get through a day without using the Internet to shop, pay a bill, or check their credit card balance.
Who is "The King of Infidelity"? CEO of cheating website says he's faithful husband
Touting himself as the "The King of Infidelity," the founder of the adultery site Ashley Madison built his livelihood around the unconventional philosophy that cheating is a natural part of married life — yet he says he is a devoted husband, and his wife of 12 years says she would be devastated if he was unfaithful.

Noel and Amanda Biderman say they do not practice what they preach but simply are smart entrepreneurs seizing an untapped market.
"I am printing money, I don't deny it," Biderman told the New York Daily News in 2014. "That's what happens when you build a taboo-focused business."
Their privately held Toronto holding company, Avid Life Media Inc., grossed $115 million in earnings last year, according to tax documents and figures shared by Biderman with Forbes.
Now divorce lawyers are preparing for a potential bonanza from the site's massive breach that released the information of its subscribers.

It's a problem the Bidermans say they have never had to confront because they are in a monogamous relationship, but they recognize others do not have that and there is money to be made from infidelity.
The couple, who have two children, say there's nothing wrong in running a site that allows married people who want to cheat to connect with others seeking an affair. Users pay a fee each time they send a message to a potential lover.

They turned down a request by The Associated Press to be interviewed for this story but have spent years appearing on TV talk shows and making other media appearances to promote their site.
The company says in a statement the hackers should be judged, not Ashley Madison and its roughly 39 million customers. The hackers have accused the company of filling the site with fake profiles and extorting fees for wiping profiles that were never truly deleted.

The company has said it is working on beefing up its security protocol.
Before you "submit" ...
People have become accustomed to trusting their most precious personal information to companies. But they also need to know that all of that information is being shared more than they would expect, privacy experts say.

Before you hit "submit," stop and think before giving up your personal information to any kind of website, said Michael Kaiser, executive director of the National Cyber Security Alliance, an industry-funded group that educates consumers about cybersecurity.
"Personal information is like money, and you don't just give away your money," Kaiser says. "In the environment we're in right now, you have to value it and think about protecting it everywhere you go on the Internet."

That means taking a look at a website's business to get an idea of how much they value information security and even asking them about their data retention practices. Banks, which deal in financial information, and large retailers, who have a vested interest in getting people to shop online, are probably safer bets than a dating site.
"Ashley Madison actually charges you to remove your information when you remove your account," he says. "That's a big clue about how they feel about your personal information."

People also need to sometimes take a pass on convenience in the name of online security.
Many consumers like it when e-commerce sites have their credit card and other information on file, or when Web browsers automatically fill in forms with their name, address and other details, says Peter Tyrrell, chief operating officer of the data security firm Digital Guardian. Meanwhile, worries about data theft and loss have prompted companies to back up important information in multiple places.

But both practices increase the likelihood that information could be leaked or shared. And it means that even when a person thinks that their information has been permanently deleted, chances are there are still copies floating around somewhere.
"Ashley Madison is a company with a service that's completely predicated on privacy," Tyrrell says, adding that that characteristic sets it apart from many traditional e-commerce sites such as retailers.
"Here the capital, so to speak, isn't a credit card or consumer goods. The capital is personal information that if released could be ruinous personally, and financially too."

Breaches, whether they be at a major retailer such as Target Corp., a health insurance company such as Anthem Inc., or Ashley Madison, have become so common that people should give some serious thought before putting personal information online, says Caleb Barlow, a vice president at IBM's security division.
And while Social Security numbers weren't involved Ashley Madison hack, people should be especially wary of using them as a backup password to access online information, given the potentially disastrous consequences that could result if they're intercepted, he says.
"Why are we using Social Security Numbers for both identification and access?" he questions. "Any data that can never be changed can be used for identity, but should never be used for access."

And no matter how legitimate a company or website may be, people need to be aware that they're rolling the dice every time they hand over personal information.
Scott Vernick, partner and head of the data security and privacy practice at the law firm Fox Rothschild LLP, says consumers have the right to expect a certain level of online security, depending on the industry standards of the company they're dealing with.
"But those expectations have to be muted by the knowledge that they're always taking a risk, whether they're ordering from Amazon Prime or from Ashley Madison," Vernick says.

Read more at http://wraltechwire.com/warning-to-private-data-posters-deleted-information-never-actually-goes-away-/14850164/#KTO3DQfeU7bCQXoE.99

Tweet from our VP Sales Sebastien Roques.

INSIGHT: Security in the Internet of Things age - Makers vs. Operators

Internet of Things (IoT) security is a hot topic among security and risk professionals.
25 August, 2015

Internet of Things (IoT) security is a hot topic among security and risk professionals. It seems as if every "thing" on the market is becoming smarter and more interactive.

As the level of IoT device maturity increases so does the level of risk of data and device compromise. The scary thing is that we really have no idea what IoT devices are in our environment let alone the correct way to secure them.

Http://www.computerworld.co.nz/article/582852/insight-security-internet-things-age-makers-vs-operators/?fp=16&fpid=1

WEEKLY

What makes Cryptosoft unique is its ability to scale and handle encryption tasks as a service process while interfacing seamlessly with the world’s leading key management, security policy and DLP platforms including those from PGP, Symantec and others.

“Our customers already have security infrastructure in place and are loathed to have to rip and replace perfectly adequate tools just to add encryption,” explains Penney, “So we have spent considerable effort in ensuring that Cryptosoft integrates with existing management platforms so encryption becomes an added service without impacting on workflow, security management or audited processes.”

For hosting and cloud service providers encryption offers the potential to allay many of the security concerns expressed by customers. However, traditional monolithic approaches are expensive, have problems scaling and are often difficult to implement in a shared environment.

“We built Cryptosoft with the express goal that it can scale so it has full support for virtual servers and load balancing capability,” explains CTO Carl Bourne. “But it is essential from an operational security standpoint that the critical cryptographic keys are still held by the client and not the service provider – this distinction is vital to meet the security requirement for many organisations and this separation between security policy handling, key management and the underlying encryption engine makes Cryptosoft a unique solution.”

Have dispose of 350k most likely from the ones taken on the placing @ 12p

HARGREAVE HALE LIMITED
DISCRETIONARY CLIENTS
24 AUGUST 2015
6. Date on which issuer notified: 25 AUGUST 2015
7. Threshold(s) that is/are crossed or
reached: vi, vii 11%

before 6,100,000 11%
after 5,750,000 10.426%

The MMs have used the RNS to shake the share price once again after reaching 22p earlier

momentum gone
Looks like the recent momentum is gone today
Plenty of delayed large trades done the job for the MMs
Had reached at 22p the upper Bollinger Band this morning

the momentum is gone today aswell as is now at low of the day 16.75p - 0.75p

hourly chart

Top performer today.

The uptrend continues as it moves to 24p +2.50p

Level 2 of 3 v 1
at spread of 23.50 v 24.50p

Late yesterday news .........

Big piece just on BBC 10 o'clock news about "IoT" and security issues.

--------------------
From the BBC

Lizard Squad hackers attack National Crime Agency site

Hackers have targeted the website of the National Crime Agency (NCA), the department set up to tackle organised crime, in an apparent revenge attack.
A Twitter account linked to the hacking group Lizard Squad appears to have claimed responsibility.

The NCA's site was inaccessible for some time on Tuesday morning.
The attack comes days after six teenagers were arrested by the NCA for using a service known as Lizard Stresser.

The 15 to 18-year-olds are believed to have targeted organisations including a national newspaper, a school, gaming companies and some online retailers.
It appears the NCA website was taken down in a distributed denial of service (DDoS) attack, where websites or servers are flooded with requests for data.

A spokesman for the National Crime Agency said its website was an "attractive target" and attacks are "a fact of life".
He said: "DDoS is a blunt form of attack which takes volume and not skill.

"It isn't a security breach, and it doesn't affect our operational capability.
"At worst, it is a temporary inconvenience to users of our website."
XBox and PlayStation attacks
Lizard Stresser is a tool which allows people to pay a fee to nominate a website they would like to be targeted by a DDoS attack.

It became popular after Lizard Squad took responsibility for several high-profile attacks.
The group claimed to have taken XBox and PlayStation gaming networks offline last Christmas.

Playstation & Xbox Hackings
None of the teenagers in these recent arrests are accused of involvement in those attacks or believed to be members of Lizard Squad.
The National Crime Agency said they are suspected of deploying Lizard Stresser, having bought it using services such as Bitcoin in an attempt to stay anonymous.

The targets haven't been named and it hasn't been confirmed whether the attempted DDoS attacks were successful.
As part of the same operation, officers are visiting around 50 addresses linked to people who are registered on the Lizard Stresser website - but who are not suspected of involvement in attacks.

Zac Mir has a 38p target.

Article on front page of Tech Track 100 in the Sunday Times today has an extract;

"Tech firms are thriving but face a big headache fighting cybercrime"

Within the report it states that 81% of large businesses and 60% of small businesses suffered a cyber attack in the last year.

Now the article goes on to talk about Cybercrime Insurance as if that were the answer but I think that insurance companies will insure but ask companies to have certain products in place.
--------------------

at another place TERN thread..............

CockneyRebel 05 Sep 2015 17:12 1649

terry trousers = Mike740 = Goldfinger

Having deramped so many stocks lately, the ones he's now gone long on he's ramping with his new handle.

The big question is - what asylum did he escape from?

CR

we now know the reason.............


share prophets told to pull their shorts up..

after 3 days of profit taking this afternoon has gone to positive from being down from the start.

double due to not showing the one before
used for a chart then

Is Tern PLC Heading To Zero? - By Motley Fool | Tue, 8th September 2015 - 12:57

Tern (LSE:TERN) invests in established, private software companies that operate in fast growing technology sectors and the company has become one of AIM's hottest stocks over the past few months.

Since the beginning of June Tern's share price has jumped by 170%, outperforming the wider FTSE AIM All-Share and AIM 100 indexes by more than 160%.

However, the company is shrouded in controversy, has a weak balance sheet and is still loss-making. What's more, according to my figures, after the company's recent placing Tern's book value or shareholder equity is around £1.5m, approximately 2.8p per share. So, the company is current trading at a price to book ratio of 7.9 -- a premium valuation for a loss-making company.

That being said, as an investment company, much of Tern's value is tied up in the company's investment portfolio.

Portfolio analysis
Tern's most significant investment is Cryptosoft. The company owns 100% of Cryptosoft, and this one investment accounts for 95% of Tern's potential portfolio return.

Tern's other investments are Flexian, Push Technology and Seal Software. The company owns between 1% and 0.5% of each of these businesses.

At the end of June, Tern valued its investment portfolio at £707k and since reporting this figure, the company has gone on to raise £720k before expenses through a placing of 6m new shares at 12p each. Management has stated that the cash will be used to provide additional finance for the existing portfolio, with the development of Cryptosoft being a top priority.

And according to Tern's press releases, Cryptosoft's product offering is already attracting significant interest. The company claims to be the only supplier with a peer-reviewed, market-proven software security product, for Internet of Things and Machine-to-Machine applications. Moreover, Cryptosoft is in the process of discussing major contract opportunities with potential UK and US customers.

However, Tern's management has warned that it may take several months before the first of these contracts is secured and revenues materialize.

Risky business
Even though Cryptosoft, Tern's largest investment, claims to have a one-of-a-kind product, there's nothing to stop competitors muscling in on the company's target market while it tries to secure contracts. The tech sector is notoriously competitive and firms need to have deep pockets to fend off the competition.

Unfortunately, Tern is strapped for cash. While the company may have just replenished its cash reserves via a placing, £720k before expenses is unlikely to be enough to help Cryptosoft repel larger competitors. With this being the case, I wouldn't rule out additional fundraisings and shareholder dilution in the near-future as Tern ploughs cash into its Cryptosoft subsidiary.

The bottom line
All in all, Tern should be viewed as a binary bet. If the company's Cryptosoft subsidiary makes it to the big time, the sky is the limit for Tern's shares. However, if Cryptosoft can't compete with its larger peers, Tern will struggle to survive