Information Technology

Microsoft has shared three key steps organizations can take to ensure a ransomware attack doesn’t cripple their entire network in an attempt to extract a multimillion dollar ransom or leak sensitive corporate data on the internet.   

Microsoft developed the three-step advice as part of its feedback to the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST)’s recent call for expert approaches to preventing and recovering from ransomware and other destructive cyberattacks. In brief, the three steps are “prepare, limit, and prevent”, which include: prepare your recovery plan to enable recovery without paying; limit the scope of damage by protecting privileged roles; and make it harder to get in by incrementally removing risks. The steps work on the assumption that attackers will eventually breach a network. It’s part of the so-called Zero Trust strategy that tech vendors and the US government is interested in. “This may seem counterintuitive since most people want to simply prevent an attack and move on,” writes Mark Simos, lead cybersecurity architect in Microsoft’s cybersecurity solutions group.”But the unfortunate truth is that we must assume breach and focus on reliably mitigating the most damage first. This prioritization is critical because of the high likelihood of a worst-case scenario with ransomware.”Microsoft’s three stage plan actually involves a lot of work, but they can be organized under the three parts. 

Under prepare, organizations need to develop a detailed secure backup plan covering the who, what, why and how of it. It also means defining how an organization would limit damage in the worst-case scenario. Restoring systems from backups is easier and cheaper than dealing with attackers and using their decryption tools, it notes. Paying up also doesn’t guarantee recovery. Microsoft also recommends backing up critical dependencies, including identity and access systems such as Microsoft Active Directory, protecting backups, and testing business continuity in a disaster recovery scenario. On limiting the scope of damage, Microsoft encourages end-to-end session security as well as multi-factor authentication for admins; protecting and monitoring identity systems, mitigating lateral traversal (once an attack is inside a network), and rapid threat response. Despite the zero trust ‘assume breach’ mentality, Microsoft of course recommends preventing attackers entering an environment and rapidly removing access before they can steal and encrypt data. Why? It raises the attacker’s costs. “This causes attackers to fail earlier and more often, undermining their profits. While prevention is the preferred outcome, it may not be possible to achieve 100% prevention and rapid response across a real-world organization with a complex multi-platform, multi-cloud estate and distributed IT responsibilities,” Microsoft explains. Finally, Microsoft says that countering the threat of ransomware and creating the ability to recover tech assets needs buy getting buy-in from top execs, such as the board, as well as IT and key security team members.  Microsoft is also trying to update what file encrypting ransomware attacks mean today compared to when they emerged in 2013. Nowadays, it doesn’t just mean encrypting files on a single PC. Today, there are well-developed markets behind ransomware, such as ransomware-as-a-service, marketplaces for buying login credentials, as well as specialized toolkits and affiliate business models to support groups who target organization to steal admin credentials. Large ransoms have existed for the past few years, but the past few months has seen ransomware attackers become more ambitious, including the attacks on Colonial Pipeline and meat packer JBS, which netted the attackers $4.4m and $11m, respectively.   These attacks won’t stop either. The FBI last week warned the US food and agriculture sector about recent attacks by ransomware groups seeking to “disrupt operations, cause financial loss, and negatively impact the food supply chain.” 

The most common techniques to breach a network include phishing, Remote Desktop Protocol (RDP) vulnerabilities, and software flaws, the FBI warned, listing several non-public attacks on the sector.  More

Palo Alto Networks unveiled new security features for its Prisma Cloud product that will give developers and DevOps teams access to container image sandboxing. The tool will also now run a third-party container image in an isolated environment, leveraging machine learning to perform an inspection of processes, file systems and networking activity pre-deployment.  “Today’s announcement delivers a leap in what’s possible for container security, taking our incredible machine learning and applying it to third party, or any, image, regardless of its provenance — enabling customers to run these in a pre-deployment sandbox,” Palo Alto Networks said in a statement. “Automatically, Prisma Cloud analyzes the actual runtime for dynamic threats, learning all the processes that will be run, the network activity for the image, and all filesystem access to build an in-depth model of what the image will do.”The update includes protection for virtual machines on Azure and Google Cloud as well as Windows support, service mesh support and improved API telemetry.In April, the company announced Auto-Detection and Auto-Protection capabilities for standalone VMs running in AWS. That now will be extended to Azure and Google Cloud as well. The company said the tool “reduces the efforts required by DevOps and security teams to manually configure, deploy, and update host security agents.”
Palo Alto Networks
The new Web Application and API Security (WAAS) features have been extended to protect Windows hosts, including Windows Server 2019 LTSC. WAAS also “automatically supports installing on service meshes such as Istio or Linkerd.” 

Palo Alto Networks also announced that it is now a Red Hat Certified Technology Vulnerability Scanner, which they said “verifies our extensive capabilities and strengthens our interoperability with Red Hat.”The announcement included app-embedded defender forensics, which provides protection for new workload types like AWS Fargate, Azure Container Instances, Google Cloud Run and Google Kubernetes Engine Auto-Pilot. Palo Alto Networks unveiled a slate of other improvements. “Now, Host Security capabilities are expanded to cover custom VPCs and even encrypted AMIs. The latest release includes Serverless Auto-Protect v2 and support for Ruby 2.5 and 2.7 in Serverless Defender. Defender, our unified agent, now supports the latest release -2 giving effectively a year of support for each release!” the company explained.”Our deep product integration continues to shine with unified notifications on the SaaS platform and single logic cloud onboarding.” More

The TeamTNT hacking group has upped its game with a set of tools allowing it to indiscriminately target multiple operating systems. 

On Wednesday, cybersecurity researchers from AT&T Alien Labs published a report on a new campaign, dubbed Chimaera, that is thought to have begun on July 25, 2021 — based on command-and-control (C2) server logs — and one that has revealed an increased reliance on open source tools by the threat group.  TeamTNT was first spotted last year and was connected to the installation of cryptocurrency mining malware on vulnerable Docker containers. Trend Micro has also found that the group attempts to steal AWS credentials to propagate on more servers, and Cado Security contributed the more recent discovery of TeamTNT targeting Kubernetes installations. Now, Alien Labs says the group is targeting Windows, AWS, Docker, Kubernetes, and various Linux installations, including Alpine. Despite the short time period, the latest campaign is responsible for “thousands of infections globally,” the researchers say.TeamTNT’s portfolio of open source tools includes the port scanner Masscan, libprocesshider software for executing the TeamTNT bot from memory, 7z for file decompression, the b374k shell php panel for system control, and Lazagne. Lazagne is an open source project that lists browsers including Chrome and Firefox, as well as Wi-Fi, OpenSSH, and various database programs as supported for password retrieval and credential storage. Palo Alto Networks has also discovered that the group is using Peirates, a cloud penetration testing toolset to target cloud-based apps.

“The use of open-source tools like Lazagne allows TeamTNT to stay below the radar for a while, making it more difficult for antivirus companies to detect,” the company says. While now self-armed with the kit necessary to strike a wide variety of operating systems, TeamTNT still focuses on cryptocurrency mining.  Windows systems, for example, are targeted with the Xmrig miner. A service is created and a batch file is added to the startup folder to maintain persistence — whereas a root payload component is used on vulnerable Kubernetes systems.  Alien Labs says that as of August 30, a number of malware samples still have low detection rates.  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Fake Android apps are being deployed on the handsets of Kurds in a surveillance campaign promoted across social media.  

On Tuesday, researchers from ESET said an attack wave conducted by the BladeHawk hacking group is focused on targeting the Kurdish ethnic group through their Android handsets.  Thought to have been active since at least March last year, the campaign is abusing Facebook and using the social media platform as a springboard for the distribution of fake mobile apps.  The researchers have identified six Facebook profiles connected to BladeHawk at the time of writing, all of which have now been taken down. While they were active, these profiles posed as individuals in the technology space and as Kurd supporters in order to share links to the group’s malicious apps.  ESET says that at minimum, the apps — hosted on third-party websites, rather than Google Play — have been downloaded 1,481 times.  BladeHawk’s fake applications were promoted as news services for the Kurdish community. However, they are harboring 888 RAT and SpyNote, two Android-based Remote Access Trojans (RATs) which enable the attackers to spy on their victims. 

SpyNote was only found in one sample, and so it appears that 888 RAT is currently BladeHawk’s main payload. The commercial Trojan, of which a cracked and free version has been made available online since 2019, is able to execute a total of 42 commands once executed on a target device and a connection to the attacker’s command-and-control (C2) server is established.  The Trojan’s functions include taking screenshots and photos; exfiltrating files and sending them to a C2; deleting content, recording audio and monitoring phone calls; intercepting and either stealing or sending SMS messages; scanning contact lists; stealing GPS location data; and the exfiltration of credentials from Facebook, among other functions.  The researchers say that the RAT may also be linked to two other campaigns: a surveillance campaign documented by Zscaler that spreads via a malicious and fake TikTok Pro app, and Kasablanca, threat actors tracked by Cisco Talos who also focus on cyberespionage.  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

While a discussion paper on the Attorney-General’s review of Australia’s Privacy Act 1988 remains outstanding, Facebook has taken the opportunity to bust some so-called myths about the company’s approach to privacy.During a virtual briefing with media on Wednesday, the social media giant’s privacy and policy director Steve Satterfield said the company is on a “perpetual quest” to bust the myth that Facebook sells people’s data to advertisers or other third-parties. “It’s just false,” he said. “We do not sell people’s data. We never have.” In July 2019, the social media giant was hit with a $5 billion fine by the US Federal Trade Commission (FTC) for violating user privacy. The FTC investigation alleged that Facebook repeatedly used “deceptive disclosures and settings to undermine users’ privacy preferences” in violation of its 2012 agreement with the FTC. It was that case that forced Facebook to agree to overhaul its consumer privacy practices. In that same year, Facebook paid a £500,000 fine issued to it by the UK Information Commissioner’s Office after an investigation into the misuse of personal data in political campaigns. Satterfield added another “myth” that still exists in “certain parts of the world” — and unsure whether that includes Australia or not — that should be clarified is Facebook is anti-regulation. 

“That’s actually quite the opposite. We are very vocally pro-regulation, including around privacy,” Satterfield said. He pointed out, for instance, that the company believes a globally consistent approach to privacy regulation is necessary, noting that inconsistency is “both bad from a user’s perspective and it’s also bad from the business perspective”. “It’s really hard to build global services to accommodate the laws of individual cases, or in my case, in [US] states,” Satterfield said, noting that Europe’s General Data Protection Regulation (GDPR) is the “most influential piece of privacy legislation ever created”. The remarks echo Facebook’s submission for the Privacy Act review where it recommended that Australian privacy laws be reformed to make them more aligned with the GDPR. Satterfield also took the opportunity to rattle off a slew of features that Facebook has introduced over the years to ensure that privacy is “built-in” to its products, including allowing Facebook users to easily delete past posts and download copies of their own information to Dropbox or Google Drive. Introducing a Snapchat-like view once photo and view feature on WhatsApp was another one that Satterfield listed. But when asked by ZDNet about why Facebook’s emphasis on privacy considerations have really only surfaced in recent years — and not since the beginning — Satterfield said it was due to a couple of reasons. “Executive level accountability that is something that has happened by virtue of our settlement with the FTC, but it’s also I think more broadly reflective of executive investment in privacy,” he said. “I think it’s always been central … that has evolved in the time that I’ve been here now. We have a privacy board that is made up of product managers and engineers to work on privacy that didn’t exist when I got here. “I would say it’s those two things: It’s executive level investment and accountability — and I include our CEO Mark Zuckerberg — and technical investment in privacy.” Satterfield was brought into Facebook to work on privacy and public policy seven years ago — a decade after Facebook was first established.  Related Coverage More

Microsoft said it has identified a limited number of attacks targeting a remote code execution vulnerability in MSHTML that affects Microsoft Windows.CISA released its own message urging “users and organizations to review Microsoft’s mitigations and workarounds to address CVE-2021-40444, a remote code execution vulnerability in Microsoft Windows.”Microsoft said the vulnerability was first discovered by Rick Cole of the Microsoft Security Response Center, Haifei Li of EXPMON as well as Dhanesh Kizhakkinan, Bryce Abdo and Genwei Jiang of Mandiant. “Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine,” Microsoft explained. “The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.” The Microsoft release notes that their Defender Antivirus and Defender for Endpoint protect against the vulnerability. Anyone who has the tools and uses automatic updates is safe from the vulnerability, while they noted that enterprise customers who manage updates “should select the detection build 1.349.22.0 or newer and deploy it across their environments.” The alerts in Microsoft Defender will show up as “Suspicious Cpl File Execution.”

Microsoft said once its investigation is finished, they will send out a security update in a Patch Tuesday release or in a separate out-of-cycle security update. The release adds that Microsoft Office opens documents from the internet in Protected View or Application Guard for Office by default, both of which prevent the current attack. In terms of mitigations and workarounds, Microsoft suggested disabling the installation of all ActiveX controls in Internet Explorer. “This can be accomplished for all sites by updating the registry. Previously-installed ActiveX controls will continue to run, but do not expose this vulnerability,” the release said. “If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly.” The notice also provide specific instructions on how to disable ActiveX controls on an individual system. Mandiant threat analyst Andrew Thompson noted that “robust detections focused on post-exploitation behavior are a safety net that enables you to detect intrusions involving zero day exploitation.” More

ADT and Ring are both well-known security system providers. But, which offers the best combination of price, performance and protection? While Ring security focuses on advanced wireless technology and DIY setup, ADT Security offers professional monitoring and installation. In our Ring vs ADT review, we’ll break down what matters — from plans to pricing to customer service and ease of installation — to help you find your best-fit security solution.ADTADT provides years of home security experience for peace of mind.Pros:Customizable security packages and equipmentSix-month money-back guaranteeSame-day or next-day service for installation and repairsCons:Requires a security contractCancellation feeLower-than-average BBB customer service ratingsRingRing is a modern alternative for home monitoring for a new generation.Pros:High-performance security equipmentEasy DIY installationLower than average prices for professional monitoring

Cons:The basic plan offers no professional monitoringTechnology isn’t always intuitiveOccasional sensor glitchesMonitoring OptionsMonitoring Prices starting atInstallation Options ADTProfessional monitoring$36.99/monthProfessionalRingProfessional or self-monitored$3/monthDIYPlansADTADT home security offers three plans: Essentials, Total Protection and Premium Protection.ADT Essentials: This is the basic ADT plan. It requires professional installation — an extra $99 — of the basic equipment kit, including a digital keypad, three-door or window sensors, an infrared motion detector and a high-decibel alarm siren. You’ll also get a backup battery, a wireless keychain remote, and a yard sign and window decals. ADT Total Protection: This plan comes with everything offered by the Essentials plan, plus Safewatch Cellguard, which lets you connect your professionally monitored security system to ADT’s response centers without the need for a landline.ADT Premium Protection: The Premium Protection plan offers everything in both the Essentials and Total Protection plans plus ADT Pulse, which lets you connect home security devices with home automation systems and access your security system anywhere, anytime with the ADT Pulse mobile app.RingRing home security offers two paid plans — Basic and Plus — along with one free option.Included free: All Ring devices include four basic features for free: Motion-activated notifications, real-time video with Live View, two-way talk and lifetime theft protection.Ring Basic: Ring Basic gets you video history for 60 days, saving video, sharing, and capturing snapshot. It does not include professional monitoring.Ring Plus: Ring Plus is one of the cheapest professional monitoring options available. Along with all the features of Ring Basic, users also get 24/7 professional monitoring, extended warranties for all of their devices and 10% of select products from Ring.com.Who is it best forADT:ADT Essentials: Best for professional monitoring without breaking the bankADT Total Protection: Best for cellular system protectionADT Premium Protection: Best for mobile system monitoring and smart home automationRing:Ring Basic: Best for easy video captureRing Plus: Best for low-cost professional monitoringContracts and PricingADTADT requires a 36-month contract for all of its plans, and all system installations come with a $99 fee. There is also a cancellation fee for breaking your contract early.Pricing:ADT Essentials: $36.99 per monthADT Total Protection: $42.99 per monthADT Premium Protection: $52.99 per monthRingRing doesn’t require a contract, and all installation is DIY. You can save some cash by getting a yearly subscription, which is only $30/year for Basic and $100/year for Plus.Pricing:Ring Basic: $3 per monthRing Plus: $10 per monthCustomer serviceADTADT has been accredited with the Better Business Bureau since 2013, and the company has been in business for more than 130 years. While it does earn an A+ rating from the BBB, its average customer review score isn’t so glowing at just one star out of five. In addition, the company has had more than 3000 complaints filed against it in the last three years. But it’s not all bad news for ADT — the company ranks second in the J.D. Power 2019 Home Security Satisfaction Study for professionally installed security systems with an overall score of 847 and three power circles out of five.ADT also offers a host of online support options, including live chat and the ability to connect through popular social media platforms, including Facebook, Instagram, and Twitter. Customers can also get in touch by phone 24/7/365.RingRing earns top marks from the J.D. Power Home Security Satisfaction Study for DIY security systems with an overall score of 904 and 5 power circles out of 5. The company is also accredited by the BBB but only earned accreditation this year. Ring does get an A+ rating from the BBB and has a better average customer review score at 1.25 stars out of five, but it’s only been in business for six years.Ring also offers live chat and an in-depth online knowledge base, and the company’s mobile application is well-reviewed for both Android and iOS devices.Ease of installationADTAll ADT installations are done professionally and cost between $99 and $199. If you’re a prequalified customer — which means you’ve passed a soft credit check — the installation fee may be waived. Depending on where you live, ADT may offer same-day installation if you purchase your security system package before 2 p.m., but in most cases, you’ll need to wait until the next day.System configurations can be customized to your needs, and you’ll be provided instructions on how to arm, disarm, and monitor your equipment. ADT also offers a six-month money-back guarantee if you’re not satisfied with your new system.RingRing does not offer professional installation — everything is DIY. The company claims that setup is easy and could take as little as 15 minutes, and for the most part, this is accurate. Many of its sensors and other wireless devices are peel-and-stick, and all system packages include a range extender to ensure all devices connect reliably.Once you’ve found the ideal position for your Ring devices, most are easy to get up and running by simply plugging them in or installing their batteries. The only exception here is the Ring Video Doorbell, which requires removing your existing doorbell and wiring in the new device. Ring does offer video tutorials on its website, but if you’re unsure about wiring your own system, it’s worth contacting a professional electrician. While Ring offers only a 30-day refund policy for their systems, it does offer a one-year warranty on their devices.Further ReadingFAQ

Is Ring better than ADT?

When comparing Ring security vs ADT security, Ring is a great choice if you’re looking for high-quality security tech that’s easy to install yourself.

Is ADT better than Ring?

If professional monitoring and installation backed by one of the nation’s top providers are your priority, opt for ADT.

Is Ring a good security system?

Ring is a good security system if you’re comfortable with technology and don’t mind doing the setup work yourself.

Is ADT a good security system?

ADT is a good security system if you prefer professional help for setup and monitoring.

How much does Ring cost per month?

Self-monitored Ring plans cost just $3 per month, while their professional monitoring plan starts at $10 per month.

How much does ADT cost per month?

The Essentials plan from ADT costs $36.99 per month for professional installation and monitoring. More

Outdoor security lights can deter lurkers and would-be criminals, alert you to unwanted visitors, and simply provide the convenience of a well-lit exterior for nightly trash runs. The best outdoor security lights offer flexible programming with dusk-to-dawn and motion detection modes, adjustable brightness and detection ranges, and limited on-times to give you a customized experience.Here are our top picks for best outdoor security lights summarised:Motion Detection RangeWaterproof RatingWarrantySANSI180 degrees, 50 feetIP-655 yearsLEPOWER180 degrees, 72 feetIP-651 yearRing140 degrees; 30 feetNot Specified1 year*Data accurate as of January 28, 2021

Best overall security light

Amazon

FeaturesOffering LED lights that give off an astounding 6,000 lumens; the SANSI 45W LED Security Light is one of the brightest outdoor security lights on the market. But if that’s too bright, you can use the adjustable knob on the back of the light to dim it.Although the SANSI 45W LED, Security Light’s motion detector can sense movement up to 50 feet away in a 180-degree range, simply turn the Range knob to the left to decrease the distance monitored by the motion detector. You can also set how long you’d like the light to stay on (from 1 to 10 minutes) after it’s triggered in Auto mode, or use one of its other modes to allow it to stay on from dusk to dawn or for up to six hours.The SANSI 45W LED Security Light features six 45-watt bulbs on two adjustable arms that you can configure for use in corners, against walls, or pointing straight down toward the ground. It has an IP65 weather rating, a five-year warranty, a 30-day refund or replacement, and free lifetime tech support. CompatibilityThis outdoor security light doesn’t use Wi-Fi or Z-Wave technology. It’s incompatible with home automation systems.InstallationThe SANSI 45W LED Security Light is a hardwired unit designed for DIY installation. It’s mounted to the wall using the included hard plate.

Best for long-distance detection

Amazon

FeaturesThe LEPOWER 3500LM Motion Sensor Light is the best seller on Amazon for a good reason. It offers the best detection range. The light can be triggered by motion up to 72 feet away with a detection range of 180 degrees. The product features light with up to 3500 LM at a low power of 35W. You can customize your light to last anywhere from 10 seconds to 10 minutes after it’s triggered.The LEPOWER light comes with three different security light heads that you can adjust at different angles to suit your needs. CompatibilityThis outdoor security light isn’t compatible with any mobile apps or smart home automation systems.InstallationThis is a hardwired unit that comes with simple wiring instructions. Although you can install it on your own, call a licensed electrician if you don’t feel safe doing so.

Best for combined security light and camera

Ring

FeaturesIf you’re interested in an outdoor security light with a camera included, then you might want to consider the Ring Floodlight Motion-Activated Camera. The floodlight comes with two-way audio, so you can hear and speak to anyone outside your door. In addition to the motion-activated floodlight, the product also comes with a security siren.Because of the camera feature, the Ring Floodlight Cam monitors your home in 1080HD video with infrared night vision and Live View. It includes privacy features such as audio privacy and customizable privacy zones.CompatibilityBecause it’s a Ring product, the Floodlight Cam can connect to your Alexa device. You’ll receive notifications when motion is detected, allowing you to respond. You can see, hear, and speak to visitors from your phone, tablet, or PC.Homeowners can separately purchase a self-monitored Ring Protect Plan to record video, review what you missed, and share videos and photos. This subscription is compatible with any other Ring products you own.InstallationThe Ring Floodlight Cam requires the hardwired installation to weatherproof electrical boxes. The product is designed for easy DIY installation, though the company partners with OnTech Smart Services to provide professional installation.

Runners UpLeonLite 30W 3-Head Motion Activated LED Outdoor Security LightThe LeonLite is a popular outdoor security camera well-known for its long-distance detection. You adjust the brightness, motion activation sensitivity, and auto timer when you set up your camera. The motion sensor can detect movement up to 70 feet away. The camera has three modes: Auto (motion activated), Dusk to Dawn (only on at night), or On-Time (allows the LeonLite Outdoor Security Light to stay on until you manually switch it off again.Hyperikon LED 200W Motion Sensor LightIf you’re looking for a security light that offers extreme brightness, then Hyperikon might be right for you. It’s an incredibly powerful outdoor LED floodlight with motion detection. This light is extremely adjustable. You can adjust the motion detection, sensitivity, time, positioning, and more. The camera is also fully weatherproof, so you don’t have to worry about keeping it outside. This light is intended for easy DIY installation.Aootek LED Solar LightAootek’s motion-sensor security floodlight comes with a high-efficient solar panel, helping homeowners save energy. Additionally, the motion detector comes with a rechargeable lithium-ion battery. This light comes with ultra-bright lights and wide-angle illumination. The angle can detect motion up to 26 feet away, with a detection angle of 120 degrees. Because of its waterproof rating, these lights can withstand extreme weather conditions, and you won’t have to worry about leaving them outside.How we chose the best outdoor security lightsTo choose the best outdoor security lights, we looked for motion detection capabilities, bright lights, a high weatherproof rating, long warranties, and hardwired installation for maintenance-free performance.

Do motion sensor lights deter crime?

Bright motion sensor lights may startle a criminal or keep them off your property altogether, but it’s wise to pair outdoor security lights with a security system for maximum protection.

How many lumens do I need for a floodlight?

A floodlight with 1,100 lumens is plenty bright, but when in doubt, buy more lumens. You can always dim a too-bright floodlight, but you can’t make a weak floodlight brighter.

What is a good wattage for outdoor lights?

Anywhere between 40 to 75 watts is sufficient for outdoor lights. More