Inside | Real news, curated by real humans
Inside Security

Inside Security (Jun 11th, 2018)

Marcus Hutchins, the hacker who turned off Wanna Cry and found himself arrested after attending the Defcon Vegas convention last summer, now faces new charges by a Wisconsin grand jury. They claim he is also behind the malware called Upas Kit. On top of this, the FBI is claiming he lied about his role with the Kronos banking malware kit that he was originally detained on. He has been living and working in the LA area, according to this profile that appeared earlier this year.

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

There has been a lot of merger activity in the past week, with three security firms announcing plans to each acquire one of their channel partners. First, predictive endpoint security provider CounterTack has acquired GoSecure, a managed detection and response specialist and a CounterTack VAR. Neal Creighton will remain CounterTack’s CEO. Terms weren’t disclosed. Next, Qualys is negotiating to buy Second Front Systems, a major government VAR and a Qualys channel partner. If successful, Second Front will operate under Qualys’ federal division as an independent subsidiary. It is far from a done deal, and could face significant channel conflicts with its other resellers. Finally, Intertek has expanded its network assurance and cybersecurity services with the acquisition of NTA Monitor, a 30-member UK-based provider of information security services.

There is other merger activity (that doesn't include buying one of your VARs).  Capgemini is acquiring Leidos Cyber, the commercial cybersecurity arm of the Fortune 500 company Leidos which has more than 30,000 employees all over the world. Terms were not disclosed but the transaction is expected to close by the end of this year.

And Fortinet has acquired Bradford Networks to further bolster access control and IoT security solutions. Terms were not disclosed. Bradford has a NAC security solution that is used by 1,000 customers called Network Sentry and has been in business for 18 years.

  • Email gray
  • Permalink gray

Learn AWS Security Best Practices for Your AWS Cloud

Join us on June 21 for this free webinar where Reliam CTO, Jonathan LaCour, deep dives into the Security pillar of the AWS Well-Architected Framework. In this webinar you’ll learn in-depth, best practices for architecting secure systems on AWS.

Click here to register for this free webinar.

Panorays received $5M in early funding led by Aleph Ventures. The Israeli startup began selling an automated platform to evaluate the security posture and risks of partners in the supply chain. Its CEO is Matan Or-El.

Xain has received a $7.1M seed funding round led by Earlybird Ventures. The company is based in Berlin and has an AI and blockchain-based trusted access control protocol. Its CEO is Felix Hahmann.

DocAuthority has raised a $10M A round led by Raine Ventures. The Israeli firm automatically discovers and accurately identifies unprotected sensitive documents. Its CEO is Steve Abbott.

ICS security vendor Claroty announced today that it has secured $60M funding in a B round led by Temasek. They are based in NYC and led by Amir Zilberstein.

Altr has raised a $15M funding round led by John Stafford. The Austin-based firm has a blockchain enterprise data security solution, and its CEO is David Sikora.

Safetonet raised a $13M A funding round, with West Capital as the lead. The London firm has a platform to protect child identities. And its CEO is Richard Pursey.

  • Email gray
  • Permalink gray

Here is an interview with several members of the Microsoft Red Team, including how they were chosen, what they try to do, and some of their successes at making Windows more secure. They prioritize their targets based on things like what they’ve seen hackers exploit in the wild or which features are relatively untested and sensitive.  -- WIRED

  • Email gray
  • Permalink gray

The Android feature called Debug Bridge allows developers to communicate with a remote device without any authentication. Some phone vendors have been shipping product with an open IP port 5555 that can be exploited. Researchers deployed a honeypot to find a new piece of malware using this exploit that combines Mirai with a cryptominer. Thousands of devices are vulnerable. -- DOUBLEPULSAR

  • Email gray
  • Permalink gray

A Chilean bank was hit last month by criminals who took more than $10M through the SWIFT inter-bank networks. The Banco de Chile reported systems issues, and others reported more than 9,000 computers and 500 servers crashed as a result. Trend Micro published a new report about a new incident in Latin America where hackers deployed a new version of the KillDisk wiper, which analysts suggest is the culprit. -- AHORA NOTICIAS (in Spanish)

  • Email gray
  • Permalink gray

Researchers found a hardcoded SNMP password in Cisco’s Wide Area Application Services that are used for WAN traffic optimization. It is normally hidden from view by device owners and came to light when the researcher was looking elsewhere for vulnerabilities. It allows attackers to escalate from the router’s command line to become the root user. Cisco issued an update and urged users to apply it. If this story sounds familiar, it is: Cisco recently has been plagued with a number of other backdoors in its other software products.  – AARON BLAIR

  • Email gray
  • Permalink gray

Someone can execute a phishing attack with Auth0 with cross-site scripting to inject code and using phishing techniques to steal credentials from authorized users. This is pretty scary considering Auth0’s main purpose is to confirm users’ identities. This post describes the three different subdomains that Auth0 operates, yet all three share common certificates. Therein lies the exploit. Auth0 has been notified and working to prevent this.  – IMPERVA BLOG

  • Email gray
  • Permalink gray

Yes, those programmers are very jumpy. Enter at your own risk. 

  • Email gray
  • Permalink gray

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

Find out why Global Leaders are trusting HackerOne to test and secure their mission-critical applications

 

Find out why Global Leaders are trusting HackerOne to test and secure their mission-critical applications

 

[YOUR LOGO HERE – click for details]

Subscribe to Inside Security

MORE NEWSLETTERS

The news, trends and tech that is reshaping the rapidly changing world of retail

Inside Retail

The news, trends and tech that is reshaping the rapidly changing world of retail

DAILY
The news, trends and tech that is reshaping the rapidly changing world of retail

Inside Retail

DAILY

SUBSCRIBED!

Share via

Electric vehicles, self-driving automobiles, smart cars and the world of 21st century transportation

Inside Automotive

Electric vehicles, self-driving automobiles, smart cars and the world of 21st century transportation

DAILY
Electric vehicles, self-driving automobiles, smart cars and the world of 21st century transportation

Inside Automotive

DAILY

SUBSCRIBED!

Share via

Financial, legislative, agricultural, and all the other most important news about the cannabis industry

Inside Cannabis

Financial, legislative, agricultural, and all the other most important news about the cannabis industry

DAILY
Financial, legislative, agricultural, and all the other most important news about the cannabis industry

Inside Cannabis

DAILY

SUBSCRIBED!

Share via

A concise presentation of the world's most important, interesting news

Inside Daily Brief

A concise presentation of the world's most important, interesting news

DAILY
A concise presentation of the world's most important, interesting news

Inside Daily Brief

DAILY

SUBSCRIBED!

Share via