Inside | Real news, curated by real humans
Inside Security

Inside Security (Mar 12th, 2018)

David’s Take

Our top story today is about the work done by The Citizen Lab in finding a very nasty threat in the Middle East found in Sandvine network routers. Sadly, the vendor has decided to deploy lawyers rather than fix their equipment, and play loose with the facts and criticize the group’s efforts. If you haven’t come across the Lab’s work before, they are a very well-respected Toronto group of researchers that examine Internet censorship and state-wide illegal network monitoring around the world. I urge you to read their report and decide for yourself who’s version of events you would believe.

ERRATA: In my newsletter last week, I mistakenly said that Casey Ellis was CEO of BugCrowd. That hasn’t been true since last August. Ashish Gupta has the job now. My apologies.

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

 Top Story

The folks at Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites have been infected with nation-state malware. Researchers at ESET uncovered a surveillance campaign using a new variant of FinFisher spyware, also known as FinSpy. The campaign was contained in Sandvine-based PacketLogic deep packet inspection appliances. The company criticized the researchers and letters of blame have been exchanged.  – THE CITIZEN LAB

  • Email gray
  • Permalink gray

Beginner’s corner

Here is a primer on what it takes to break encryption, and how to look for implementation flaws such as weak algorithms or server-side vulnerabilities.  -- MALWAREBYTES

  • Email gray
  • Permalink gray

If you are interested in using Docker as your main platform for penetration testing, this post will help you get started in understanding what are containers and the advantages they can provide. – PEN TEST PARTNERS

  • Email gray
  • Permalink gray

It's still easy for hackers to gain Domain Admin access quickly on the average network. Here is an update on some of their methods, which is useful when you are trying to defend yourself and prevent these common mistakes from happening to you. Yes, NTLM exploits are still numerous.  – ADAM TOSCHER @ MEDIUM

  • Email gray
  • Permalink gray

Funding and mergers of the week

Rivetz, a pioneer in trusted computing and embedded cyber security, has acquired the assets of CyberDeadbolt, a Silicon Valley-based cyber security startup utilizing social encryption for the transfer and protection of digital assets.

Bandura Systems raised $3.5M, closing out the remainder of its seed funding round, with Blu and Ron Gula as lead investors. The former CEO of Safenet, Chris Fedde, has become its new CEO. The firm is based in Columbia MD and has a threat awareness platform.

Automox, a provider of patch management and endpoint protection solutions, has received $2M in funding from Blue Note Ventures. The company is based in Boulder and its CEO is Jay Prassi.

Phantom has been acquired by Splunk for $350M. The former is a security orchestration vendor. Splunk of course is a leading machine data analysis platform. Oliver Friedrichs, the CEO of Phantom will report to Haiyan Song, an SVP of Splunk.

McAfee has acquired TunnelBear, a consumer VPN company based in Toronto. They plan on folding it into its SafeConnect product line. Terms weren’t disclosed. McAfee split off from Intel last April.

Netsparker, a web app security scanner, has raised $40M with River Capital as the lead. The London UK-based firm’s CEO is Ferruh Mavituna.  

BioCatch closed on a $30M funding round led by Maverick Ventures. They are based in New York City and Tel Aviv and their CEO is Howard Edelstein. They sell behavioral biometric security solutions.   

  • Email gray
  • Permalink gray

Attacks and vulnerabilities

The password manager vendor Keeper left a server exposed with its installer files available to anyone who wanted to edit and replace them. They were found by Chris Vickery, and fortunately within an hour these files had been secured. -- ZDNET

  • Email gray
  • Permalink gray

New products of the week

Kaspersky Lab is extending its bug bounty program to include rewards of up to $100,000 for the discovery and coordinated disclosure of severe vulnerabilities in Kaspersky Internet Security 2019 (the most recent beta) and Kaspersky Endpoint Security 11 (the most recent beta). HackerOne is running their program.

OPAQ Networks announced the addition of microsegmentation for workstations and other endpoints to its OPAQ Cloud platform to prevent lateral attacks, contain breaches and quarantine infected hosts. The feature will be available now and at no additional cost.

Phicomm has a new home router called the AC 3150 MU-MIMO model K3. It sells for $230 and can detect a wide variety of network devices automatically. It did well in my preliminary speed tests. It can be programmed with an embedded LCD touch screen.

  • Email gray
  • Permalink gray

Just for fun

Many of these sound reasonable. -- XKCD

  • Email gray
  • Permalink gray

 

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

[YOUR LOGO HERE – click for details]
 
   




 

Subscribe to Inside Security

MORE NEWSLETTERS

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

WEEKLY
News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

WEEKLY

SUBSCRIBED!

Share via

A hand-picked selection of products, deals, and ways to save money.

Inside Deals

A hand-picked selection of products, deals, and ways to save money.

TWICE WEEKLY
A hand-picked selection of products, deals, and ways to save money.

Inside Deals

TWICE WEEKLY

SUBSCRIBED!

Share via

For those in the business of buying, selling, and developing real estate.

Inside Real Estate

For those in the business of buying, selling, and developing real estate.

DAILY
For those in the business of buying, selling, and developing real estate.

Inside Real Estate

DAILY

SUBSCRIBED!

Share via

Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

Fascinating, curious and amazing journalism, all in one link.

DAILY
Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

DAILY

SUBSCRIBED!

Share via