Inside | Real news, curated by real humans
Inside Security

Inside Security (Nov 20th, 2017)

David’s Take

I want to tell you about a white paper and a screencast review I have done on behalf of Inky for a new product called Phish Fence. You can get both items here. Phishing has become the gateway drug for criminals to infect your company with malware, and has become more sophisticated in the last several years with targeted attacks that employ all kinds of obfuscation techniques. Phish Fence displays warning messages as part of your inbox and has both free and paid versions. My review shows you how it works, and my paper puts phishing in the appropriate context and also discusses some of the more noteworthy recent attacks.

It has been a busy week for mergers, new products and funding announcements, we have the details below. Finally, because of Thanksgiving, we will only publish a newsletter today and tomorrow and take the rest of the week off.

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

Top Story: Terdot increases its scope

The Terdot banking Trojan has been re-engineered from its Zeus origins with new techniques such as leveraging open-source tools for spoofing SSL certificates, and a man-in-the-middle proxy to search the user's entire web traffic and social media accounts for information to log and steal. It was first observed in October 2016 and has been seen lately targeting Canadian banking customers. -- BITDEFENDER

  • Email gray
  • Permalink gray

Funding events of the week

ReFirm Labs received a $1.5M funding round led by DataTribe. It is based in Columbia, Maryland and its CEO is Terry Dunlap. ReFirm has developed an IoT firmware validation product.

AtBay received a seed $6M round led by Lightspeed Ventures. The company has a new cyber insurance product. Its CEO is Rotem Iram and it is based in Silicon Valley.

WireWheel has raised a $3.1M seed round led by PSP Growth. It is based in the DC area and has developed privacy management tool. WireWheel's CEO is Justin Antonipallai, who held a high position in the Department of Commerce.

ThreatQuotient raised a $30M C round led by Adams Street Partners and NTT. It is also based in the DC area and has a threat intelligence service. The CEO is John Czupak.

Medigate received $5.35M in seed funding to help protect medical IoT devices. The round was led by YL Ventures. Based in Israel, Medigate's CEO is Jonathan Langer.

  • Email gray
  • Permalink gray

Attacks and vulnerabilities

Criminals are exploiting loyalty rewards programs, mainly in the travel industry. There are now fraudulent services that will book hotels, airline tickets and rental cars across the dark web. They obtain points from compromised user accounts and then use them to purchase these travel services. The criminals make use of brute force login tools. – INTEL FLASHPOINT BLOG

  • Email gray
  • Permalink gray

Mergers of the week

Denver-based Optiv Security acquired two firms last week. They are Conexsys, an MSSP based in Toronto, and Decision Lab, a big data automation and orchestration services vendor based in Columbia Maryland. Terms were not disclosed on either transaction.

Synopsys acquires Black Duck Software, makers of an open source code security analysis tool.  Terms were not disclosed.

The German tire and advanced car components company Continental has acquired the Israeli smart car technology startup Argus Cyber Security for $430M.

NTT has also announced a partnership with CounterTack to jointly sell each other's products and also invested in the endpoint detection company. Terms were not disclosed.

Finally, the company called Root9B Holdings has closed its doors. Brian Krebs has the details on the firm that seemed like a scam from day 1.  

  • Email gray
  • Permalink gray

New products of the week

Check Point SandBlast Mobile version has some new features, including the ability to detect and block zero-day malware infections, block smishing attacks on phones, and a better UI. I reviewed an earlier version for CSO Online here. The price remains $4 per device per month or $8 per user per month for up to 3 devices, with minimum annual contracts.

ImmuniWeb Discovery is a free tool that enables companies to maintain a comprehensive inventory and classification of its external web and mobile applications, as well as its APIs. It provides a continuous and non-intrusive application discovery, leveraging a wide spectrum of reconnaissance and OSINT information gathering techniques.

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy. It checks DNS queries against more than a dozen threat feeds and has systems in place across the world in more than 70 Internet peering points. No personally-identifiable information is collected by the system. IBM, F-Secure, Proofpoint and RiskIQ are some of the partners behind the service.

If you use GitHub and have enabled their relatively new dependency graph feature for your Javascript and Ruby projects, you might want to use an even newer feature that checks for security vulnerabilities in your code and suggests fixes from their community.

  • Email gray
  • Permalink gray

Just for fun

Yeah, that will do it! -- JUOKAZ @ TWITTER

  • Email gray
  • Permalink gray

Many thanks to Inside Security's corporate supporters.  Please go check them out!


Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more


Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more


Find out why Global Leaders are trusting HackerOne to test and secure their mission-critical applications




[YOUR LOGO HERE – click for details]

Subscribe to Inside Security