Inside

THE NETWORK OF EMAIL NEWSLETTERS | Premium login

Inside Security

Inside Security (May 16th, 2017)

David’s Take: Nasty journalists

Yesterday’s newsletter had the story of a young British security researcher who saved many IT admins’ jobs by killing off WannaCry instances. He was outed (the term of art is “doxxed”) by the tabloids. Here is a dude who doesn't want the limelight (because he is trying to catch cyber villains) forced into it. A sad moment indeed.

And then there is the story last week about Gizmodo who took it upon themselves as a research project to identify 15 prominent figures on Trump's team. Each was sent phishing emails posing as friends, family members, or associates. The emails contained a fake Google Docs link that didn’t contain malware but would report who opened it. Eight people clicked on the link, but none actually entered any credentials. Ars has some harsh words for this project, and I would tend to agree with them and thank them for pointing this out. Since when did journalists become so nasty with their tech reporting? Shame on all of them.

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

Top Story: WindsorGreen

Confidential information was divulged on an advanced code-breaking machine called WindsorGreen. It had never before been described in public as part of a joint supercomputing initiative administered by NYU, the Department of Defense, and IBM. -- THE INTERCEPT

  • Email gray
  • Permalink gray

M&A & Funding announcements

Karamba Security, a provider of cybersecurity solutions for connected and autonomous vehicles announced $12M B round let by YL Ventures.


Truepic has an image verification app, think of them as a “digital image notary.”  They received a $1.75M seed round with Jeffrey Parker as the lead. They are based in San Diego and Craig Stack is their COO.


Latch is a smart entry system for commercial buildings. The New York company raised a $10M A round with RRE Ventures in the lead. Luke Schoenfelder is their CEO.


Redlock provides cloud infrastructure security. They are raising a $12M round led by Sierra Ventures. They are based in Silicon Valley and Varun Badhwar is their CEO.


Attivo Networks is a threat detection tool that is based in Fremont CA. They are raising a $15M B round led by Omidyar Ventures. Their CEO is Tushar Kothari. 


Vera is a data security vendor raising a $15M round led by Hasso Plattner and based in Silicon Valley. Their CEO is Ajay Arora.


Signal Sciences is a web app protection vendor and they are raising a $15M B round. CRV is the lead. They are based in Venice CA and led by Andrew Peterson.


Polyverse is a polymorphic security vendor based in the Seattle area. They are raising a $2M round. Their CEO is Alex Gounares.


Signifyd has raised a $56M series C round with Bain Capital as the lead. The AI-based ecommerce fraud detection firm is based in Silicon Valley and Rajesh Ramanand is their CEO.


Finally, endpoint security vendor F-Secure has acquired the UK-based Digital Assurance consultancy Terms weren't stated.

  • Email gray
  • Permalink gray

Webinar

Security and DevOps teams alike are asked to enable the business to move faster, more securely, and prove it in the form of compliance audits and completed security questionnaires. Threat Stack, AWS and SessionM representatives will hold a free webinar on making security by design more effective on Tuesday, 5/23 at noon ET. Register here.

  • Email gray
  • Permalink gray

Methods and Tools

When a security consultant travels, what is in her bag? You can find out with this blog post that describes each item and why it is needed by a leading researcher. -- TISIPHONE

  • Email gray
  • Permalink gray

The Docket

When it comes to computer forensics, or for that matter forensics in general, one of the main challenges is to ensure that evidence that is collected is not tampered with. To achieve this, computer forensic experts adhere to a strict protocol and use many specialized hardware and software tools. Here is a post about this chain of custody process. -- SEC-CONSULT BLOG

  • Email gray
  • Permalink gray

Report

The 2017 Secure Access Threat Report found the number of vendors accessing a company’s network has doubled in just one year to 181 per week on average, and that two thirds of the companies surveyed have experienced a data breach as a result of unsecured vendor access. This underscores that vendor access has become a critical security vulnerability—a finding mirrored in a recent NYTimes article that examined how hackers are leveraging vendor chains to obtain intellectual property from celebrities and other entertainment industry groups. -- BOMGAR

  • Email gray
  • Permalink gray

New products

Comodo is now offering a free threat analysis tool to help enterprises figure out what data is being leaked to the dark web. This blog post goes into details on how your data might have ended up online. The analysis is for larger enterprises only. -- COMODO


Trusona for Salesforce provides frictionless access to Salesforce accounts, completely eliminating the need for passwords by using a patented one-tap login technology. You can check out a quick 20 second video about how it works here.  Pricing is $10 per user, per year sold in 10-user packs. There is a free 14 day trial.


FireMon today announced Intelligent Security Management, which helps organizations worldwide centrally manage their on-premises firewalls, is available for cloud and native cloud firewalls. Pricing  is $5,625/year for the base product suite.


Shinobi Defense System currently protects more than 1,000,000 endpoints across 1000 customers in Japan and is now being sold in the US.  DeepWhite is its patented and proven whitelisting technology that prevents all unauthorized actions from running on an endpoint PC. Pricing is $250 per endpoint per year. 


A new version of backup and recovery software that enables a choice of preferred public cloud providers to backup your Windows Servers, with various redundancy levels and backup vault locations. Pricing starts at $279 per user. -- BACKUPASSIST


VeridiumAD 1.2 has new connectors for Citrix products  XenApp, XenDesktop, and NetScaler seamlessly integrates to provide biometric authentication. Pricing starts at $30/user/year. -- VERIDIUM


Avast has a free password vault for Macs now in addition to its Windows, IoS and Android versions. -- AVAST

  • Email gray
  • Permalink gray

Just for fun

Security expert James Kimmel has figured out the source of the WannaCry ransomware and reveals all on this YouTube clip


If you ever wondered who were the real-life people behind some of the more infamous screen villains, this short video is for you. -- YOUTUBE

Email x1 leo
  • Email gray
  • Permalink gray

Subscribe to Inside Security

MORE NEWSLETTERS

Small x2 screen shot 2017 02 01 at 2.23.49 pm

Inside Real Estate

For those in the business of buying, selling, and developing real estate.

TWICE WEEKLY
Small x2 tumblr mfpcr391jj1rqigtoo1 400

Inside Real Estate

TWICE WEEKLY

SUBSCRIBED!

Share via

Small x2 screen shot 2017 03 29 at 11.18.00 pm

The Jason Calacanis Newsletter

Essays and musings from Inside.com founder Jason Calacanis

WEEKLY
Small x2 a7tmd

The Jason Calacanis Newsletter

WEEKLY

SUBSCRIBED!

Share via

Small x2 screen shot 2016 08 22 at 1.39.14 pm

Inside San Francisco

Fascinating news and highlights from around the Bay Area

DAILY
Small x2 mqhbsmc

Inside San Francisco

DAILY

SUBSCRIBED!

Share via

Small x2 screen shot 2016 08 26 at 11.01.00 am

Inside Podcasting

Curating the resurgence of the spoken word

TWICE WEEKLY
Small x2 sbs

Inside Podcasting

TWICE WEEKLY

SUBSCRIBED!

Share via