Inside | Real news, curated by real humans
Inside Security

Inside Security (Apr 9th, 2018)

David’s Take

Facebook continues to get a lot more scrutiny over its misguided privacy practices and Zuck is in DC this week to testify before Congress and other meetings. Now TechCrunch has discovered that messages from Zuck have been wiped from their senders’ inboxes, chat logs and downloaded files. The company claims it is due to security concerns but will offer an “unsend” feature at some point in the near future.  

Due to an editing error, I messed up the link to my interview in Friday’s newsletter. Here is the correct link and its context:

Ben Rothke is a Principal Security Consultant at the Nettitude Group and is a CISSP, CISM and PCI QSA. He has over 15 years of industry experience in information systems security and privacy. I first met him in Israel on a tour of infosec companies several years ago and he always has something thoughtful and interesting to say. In my latest security insider interview found here, he talks about fighting ransomware, his first misconfigured router, and the rival factions in IT.

If you are looking for an entertaining and informative podcast that originates out of the DC Spy Museum, you might want to subscribe to Spycast. It features interviews with non-fiction and fiction book authors about spycraft and some of the more infamous spy cases of the recent past. It is moderated by the museum’s curatorial staff. I really liked the interview with Howard Blum and the leaking of the post-WWII atomic secrets.

We start an occasional feature called From the Forums today, where I point to some interesting discussions or current trends.

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

Top story: Mobile-based threats

We combine three stories together in our top story slot today on advanced mobile threats. First, researchers have found an active exchange of web-based injectors to gain free Internet access for mobile users by going around captive login portals, such as you might find at a coffee shop or library. These injector files are exchanged via Telegram, which has become a popular hangout for cyber criminals.

Attackers are using data stealers on Android phones to collect information from chat and IM apps, including WeChat, Telegram, Twitter and Facebook Messenger. The malware evades detection and has plenty of other stealthy methods, making it hard for AV software to detect it.  

Finally, after the Russian Supreme Court ruled against Telegram last month and said they had to give up their encryption keys, the relevant state agency has filed a lawsuit (in Russian) to gain access to the keys.  

  • Email gray
  • Permalink gray

Webinar

Dmitri Alperovitch (Crowdstrike’s founder and CTO) gave an hour-long lecture for college students at a NYC-based forum last week and it is well worth a listen, even if you aren’t a noob. The subject was busting the top 10 cybersecurity myths, including the difficulty of attribution, why “I don’t have anything worth stealing” isn’t true, information sharing isn’t the answer, and offensive tactics are harder than you think. – YOU TUBE

  • Email gray
  • Permalink gray

M&A and funding news of the week

Francisco Partners, a San Francisco-based private equity firm focused on technology, will acquire Georgia-based Bomgar, a developer of secure access technology, from Thoma Bravo. Financial terms of the deal were not disclosed. 

Threat X, a Denver-based firm which develops SaaS-based Web application firewall solutions for real-time threat detection and neutralization, has raised $8.2 M in an A funding round led by Grotech Ventures. Its CEO is Brett Settle.

Fyde has obtained a $3M seed funding round led by Draper Nexus. It has an iOS app to defend against phishing and other fraud and is based in Pal Alto. Its CEO is Sinan Eren.

RSA is acquiring Fortscale, which specializes in embedded behavioral analytics. Fortscale is based in Israel and will become part of the RSA NetWitness Platform business. Terms weren’t disclosed.

Meta Networks has raised a $10M seed round led by Vertex Ventures. It is based in Tel Aviv and has a SaaS platform to replace enterprise VPNs. Its CEO is Etay Bogner.

Red Balloon Security has built a new host-based intrusion defense tool. The company raised $21.9M in an A funding round with Bain Capital taking the lead. The firm is based in NYC and its CEO is Ang Cul.

  • Email gray
  • Permalink gray

Attacks

Iran was hit by hackers over the weekend. It was based on a Cisco router vulnerability that was reported two months ago found in the company’s Smart Install utility. Iranian data center screens were showing a US flag along with the hacker’s defacing message. Some 55,000 devices were hit in the US, and about two percent of Iranian routers were affected. (See our forums discussion below for additional comments.)  -- REUTERS

  • Email gray
  • Permalink gray

A critical authentication bypass vulnerability has been discovered in Auth0’s identity platform that could have allowed a malicious attacker to access any portal or application. Auth0 has corrected the error and updated its software for all of its customers before the vulnerability was disclosed by researchers. – THE HACKER NEWS

  • Email gray
  • Permalink gray

Beginner’s Corner

Symantec has an excellent series of tutorials examining specific malware types. The three posts cover worms, Trojans, and network-based attacks. For example, the first post explains the difference among file injections, polymorphic attacks, and stealth viruses.  – SYMANTEC BLOG

  • Email gray
  • Permalink gray

Tools

Be careful when you upload a sample to VirusTotal or other malware scanning services, according to new research. These files could contain private keys and other sensitive data and be distributed quickly around the world to bad actors. There are numerous sobering examples in this post, including uploading private business documents, classified government documents and more. -- THREATPOST

  • Email gray
  • Permalink gray

From the Forums

The Cisco Smart Install vulnerability was discussed on this Reddit forum. Several commenters pointed out that your router doesn’t have to be Internet-facing to be affected.

The ever-amusing Swift on Security takes a trip down memory lane with the Snappy, an early video capture tool.

  • Email gray
  • Permalink gray

Just for fun

By now, we all should be wary of questions like the ones that Krebs highlights in this post. Seemingly innocent, the answers could lead to security breaches. – KREBS ON SECURITY

  • Email gray
  • Permalink gray

 

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

[YOUR LOGO HERE – click for details]
 
   




 

Subscribe to Inside Security

MORE NEWSLETTERS

The news, trends and tech that is reshaping the rapidly changing world of retail

Inside Retail

The news, trends and tech that is reshaping the rapidly changing world of retail

DAILY
The news, trends and tech that is reshaping the rapidly changing world of retail

Inside Retail

DAILY

SUBSCRIBED!

Share via

For those in the business of buying, selling, and developing real estate.

Inside Real Estate

For those in the business of buying, selling, and developing real estate.

DAILY
For those in the business of buying, selling, and developing real estate.

Inside Real Estate

DAILY

SUBSCRIBED!

Share via

Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

Fascinating, curious and amazing journalism, all in one link.

DAILY
Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

DAILY

SUBSCRIBED!

Share via

Essays and musings from Inside.com founder Jason Calacanis

The Jason Calacanis Newsletter

Essays and musings from Inside.com founder Jason Calacanis

WEEKLY
Essays and musings from Inside.com founder Jason Calacanis

The Jason Calacanis Newsletter

WEEKLY

SUBSCRIBED!

Share via