Inside Security - June 25th, 2018 |

Inside Security (Jun 25th, 2018)

Funding news of the week, fake YouTube Fortnite videos, TLBleed discovered, WebAssembly and Meltdown, beware of OpenVPN config files, how mobile cryptominers operate

Subscribe to Inside Security

New blank template
Subscribe | View in browser

There was lots of funding news in the past week, including two big events with CrowdStrike and Cylance, both endpoint protection vendors. Intel is playing badly when it comes to rewarding bug bounty reporters, for a proof-of-concept attack that they claim isn’t worthy of being called a bug. And two posts review how mobile cryptominers and phishers operate, just in case you need reminding. Stay safe out there.

-- David Strom, editor of Inside Security

We’ll start with the endpoint protection vendor CrowdStrike, which has raised $200M in new funding led by General Atlantic and Accel. This brings its valuation to more than $3B. Its CEO is George Kurtz.

Also notable, another endpoint protection vendor Cylance raised a $120M funding round led by Blackstone Tactical Opportunities. It is based in Irvine CA and its CEO is Stuart McClure.

Inky Technology Corporation, an email security company based in Rockville, Maryland, raised a Series A round to invest $5.6M and led by ClearSky Security and Gula Tech Adventures. Its CEO is Dave Baggett.

Intsights raised a $17M C round led by Tola Capital.  The company does threat reconnaissance over the dark web. It is based in NYC and its CEO is Guy Nizan.

Agari raised $40M in a Series E round led by Goldman Sachs Growth Equity. The email protection vendor is based in the Bay Area and its CEO is Ravi Khatod.

Lionguard raised a $1.25M seed round led by Richard Yoo and Jared Slosberg to provide better and more automated documentation and configuration management. It is based in Houston and its CEO is Joe Alapat.

Prevaillion raised a $1.7M seed round led by DataTribe. It has produced an analytics platform for data breaches and is based in the Baltimore area. Its CEO is Karim Hijazi.

Prifender raised a $5M seed round led by Firsttime VC. It has a privacy management system and is based in the Seattle area. Its CEO is Nimrod Luria.

Truepic raised a $8M funding round led by Dowling Capital. It has image authentication software and is based in San Diego, and its CEO is Craig Stack.

Veriff raised a $7.7M A funding round led by Mosaic Ventures. It does online identity verification and is based in Estonia and its CEO is Kaarel Kotkas.

Panaseer raised a $10M A funding round led by Evolution Equity Partners. It is based in London and does entity resolution analytics. Its CEO is Nik Whitfield.  

2. Researcher Matthew Hickey tweeted Friday about a potential way to bypass the PIN entry timeout. Apple disputed his claim, but it seems as if he has found a major vulnerability, even in latest version of iOS 11.3. If a user normally enters ten wrong PINs, the device can be locked for a period of time or erase the phone’s contents.  – ZDNET

3. Malicious actors are finding their victims by posting YouTube videos with links that lead to fake websites for the gaming app Fortnite. One tell: they advertise an Android version, which isn’t yet available. This blog post dissects the scam and how they fool their victims.  – MALWAREBYTES BLOG

4. A new attack called TLBleed has Dutch researchers able to leverage Intel CPU’s security weakness to extract crypto keys from another running program in a series of tests. This isn’t related to the Spectre and Meltdown vulnerabilities and uses Intel’s hyperthreading technology and the CPU cache. TLB stands for translation lookaside buffer. A hacker needs to work very hard for this exploit to suceed, and this has only been tested in lab settings. Intel downplayed the issue and refused to pay a bug bounty to the researchers.  -- THE REGISTER

5. Speaking of Spectre and Meltdown, upcoming additions to the WebAssembly standard may render these attacks useless. The standard is supported by most of the major browser makers and was designed to improve browsing speed from Javascript.   – BLEEPING COMPUTER

6. If you use OpenVPN, heed this cautionary note. Their .ovpn configuration files can carry a risk if it contains the up command, which can allow arbitrary command execution upon connection. These files can be very lengthy, so unless you know how to read them, you should be very wary about what they contain and where you got your config file to begin with. – TENABLE BLOG

7. There are several ways that cryptominers can operate on mobile devices, and this post reviews them all. It includes apps that mine undercover (claiming to be a game or some other innocuous app), through ad fraud and through wallet impersonation attacks. – CHECKPOINT BLOG

8.  A new report from Barracuda looks at the human interactions of various phishing scams. These include getting paid for something, gathering information from a user, downloading malware, or disguising a link. The normal caveats apply. – BARRACUDA BLOG

9. The UK fraud line, Action Fraud, has received hundreds of complaints recently about fake WannaCry emails demanding ransoms. They are “just” ordinary phishing emails. This isn’t the first time Brits have been exposed to such a ruse. Other hackers are asking for ransoms up front before they encrypt your data as some form of a protection racket. – INFOSECURITY MAG (UK)

10. This seems a bit extreme. Algerian authorities have decided to thwart exam cheats by shutting down internet access in the country entirely to stop students beaming answers to each other. Access will be blacked out for 11 one-hour slots between June 20 and June 25. This was a real issue two years ago, and Ethiopia did something similar last year. – NAKED SECURITY

Yup, brilliant tool. -- REDDIT

Copyright ©, All rights reserved.

Our mailing address is:
767 Bryant St. #203
San Francisco, CA 94107

Did someone forward this email to you? Head over to to get your very own free subscription!

You received this email because you subscribed to Inside Security. Click here to unsubscribe from Inside Security list or manage your subscriptions.

Subscribe to Inside Security