Inside | Real news, curated by real humans
Inside Security

Inside Security (Mar 12th, 2018)

David’s Take

Our top story today is about the work done by The Citizen Lab in finding a very nasty threat in the Middle East found in Sandvine network routers. Sadly, the vendor has decided to deploy lawyers rather than fix their equipment, and play loose with the facts and criticize the group’s efforts. If you haven’t come across the Lab’s work before, they are a very well-respected Toronto group of researchers that examine Internet censorship and state-wide illegal network monitoring around the world. I urge you to read their report and decide for yourself who’s version of events you would believe.

ERRATA: In my newsletter last week, I mistakenly said that Casey Ellis was CEO of BugCrowd. That hasn’t been true since last August. Ashish Gupta has the job now. My apologies.

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

 Top Story

The folks at Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites have been infected with nation-state malware. Researchers at ESET uncovered a surveillance campaign using a new variant of FinFisher spyware, also known as FinSpy. The campaign was contained in Sandvine-based PacketLogic deep packet inspection appliances. The company criticized the researchers and letters of blame have been exchanged.  – THE CITIZEN LAB

  • Email gray
  • Permalink gray

Beginner’s corner

Here is a primer on what it takes to break encryption, and how to look for implementation flaws such as weak algorithms or server-side vulnerabilities.  -- MALWAREBYTES

  • Email gray
  • Permalink gray

If you are interested in using Docker as your main platform for penetration testing, this post will help you get started in understanding what are containers and the advantages they can provide. – PEN TEST PARTNERS

  • Email gray
  • Permalink gray

It's still easy for hackers to gain Domain Admin access quickly on the average network. Here is an update on some of their methods, which is useful when you are trying to defend yourself and prevent these common mistakes from happening to you. Yes, NTLM exploits are still numerous.  – ADAM TOSCHER @ MEDIUM

  • Email gray
  • Permalink gray

Funding and mergers of the week

Rivetz, a pioneer in trusted computing and embedded cyber security, has acquired the assets of CyberDeadbolt, a Silicon Valley-based cyber security startup utilizing social encryption for the transfer and protection of digital assets.

Bandura Systems raised $3.5M, closing out the remainder of its seed funding round, with Blu and Ron Gula as lead investors. The former CEO of Safenet, Chris Fedde, has become its new CEO. The firm is based in Columbia MD and has a threat awareness platform.

Automox, a provider of patch management and endpoint protection solutions, has received $2M in funding from Blue Note Ventures. The company is based in Boulder and its CEO is Jay Prassi.

Phantom has been acquired by Splunk for $350M. The former is a security orchestration vendor. Splunk of course is a leading machine data analysis platform. Oliver Friedrichs, the CEO of Phantom will report to Haiyan Song, an SVP of Splunk.

McAfee has acquired TunnelBear, a consumer VPN company based in Toronto. They plan on folding it into its SafeConnect product line. Terms weren’t disclosed. McAfee split off from Intel last April.

Netsparker, a web app security scanner, has raised $40M with River Capital as the lead. The London UK-based firm’s CEO is Ferruh Mavituna.  

BioCatch closed on a $30M funding round led by Maverick Ventures. They are based in New York City and Tel Aviv and their CEO is Howard Edelstein. They sell behavioral biometric security solutions.   

  • Email gray
  • Permalink gray

Attacks and vulnerabilities

The password manager vendor Keeper left a server exposed with its installer files available to anyone who wanted to edit and replace them. They were found by Chris Vickery, and fortunately within an hour these files had been secured. -- ZDNET

  • Email gray
  • Permalink gray

New products of the week

Kaspersky Lab is extending its bug bounty program to include rewards of up to $100,000 for the discovery and coordinated disclosure of severe vulnerabilities in Kaspersky Internet Security 2019 (the most recent beta) and Kaspersky Endpoint Security 11 (the most recent beta). HackerOne is running their program.

OPAQ Networks announced the addition of microsegmentation for workstations and other endpoints to its OPAQ Cloud platform to prevent lateral attacks, contain breaches and quarantine infected hosts. The feature will be available now and at no additional cost.

Phicomm has a new home router called the AC 3150 MU-MIMO model K3. It sells for $230 and can detect a wide variety of network devices automatically. It did well in my preliminary speed tests. It can be programmed with an embedded LCD touch screen.

  • Email gray
  • Permalink gray

Just for fun

Many of these sound reasonable. -- XKCD

  • Email gray
  • Permalink gray

Subscribe to Inside Security

MORE NEWSLETTERS

A hand-picked selection of products, deals, and ways to save money.

Inside Deals

A hand-picked selection of products, deals, and ways to save money.

TWICE WEEKLY
A hand-picked selection of products, deals, and ways to save money.

Inside Deals

TWICE WEEKLY

SUBSCRIBED!

Share via

News, people, culture, events and the trends shaping the Bay area

Inside San Francisco

News, people, culture, events and the trends shaping the Bay area

DAILY
News, people, culture, events and the trends shaping the Bay area

Inside San Francisco

DAILY

SUBSCRIBED!

Share via

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

WEEKLY
News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

WEEKLY

SUBSCRIBED!

Share via

The best source of in-depth news and analysis about Amazon

Inside Amazon

The best source of in-depth news and analysis about Amazon

TWICE WEEKLY
The best source of in-depth news and analysis about Amazon

Inside Amazon

TWICE WEEKLY

SUBSCRIBED!

Share via