Inside | Real news, curated by real humans
Inside Security

Inside Security (Mar 4th, 2019)

Most of you know that this week is the RSA Conference in downtown San Francisco. Most of the show begins tomorrow. This week rather than having daily special items, I will call out some of the highlights. Given that there are nearly a dozen concurrent sessions, it will be hard to not have FOMO throughout the week.

Scroll to the bottom of the newsletter for my picks for Tuesday. You should reserve a seat online and get to sessions early.

-- David Strom

  • Email gray
  • Permalink gray

1. Cobalt Strike is a commonly used pen testing tool for adversary simulations. It has also gained a following among hackers too. Until recently, its software contained a small bug that made it easy for researchers to track malicious command servers. Fox-IT explains how this happened, thanks to a surplus white space in HTTP response headers. If you are using it for legit purposes, you should upgrade to v.3.1.3. Fox-IT has posted a list of servers it has located using the older software here. The team behind Cobalt Strike also has posted several suggestions on how to beef up your own security by not using their default SSL cert here.  

  • Email gray
  • Permalink gray

2. The go-to Wireshark has come out with v.3. It is an open source network protocol analysis software that runs on both Windows and Linux. The upgrade has changed its underlying drivers to make it faster and more accurate, along with new protocols supported.

  • Email gray
  • Permalink gray

3. Online spirits vendor Master of Malt was hit by a breach of its email subscriber list on MailChimp. They quickly sent out warnings to their customers, with a nicely worded notice linked above.

  • Email gray
  • Permalink gray

4. Funding and merger announcements part 1. Given their number, I am splitting them up in two sections for readability. Let’s start with the largest announcements first.

  • Contrast Security tops this week’s list with receiving a $65M D funding round led by Warbug Pincus. It is based in Silicon Valley and offers embedded security tools. Its CEO is Alan Naumann.
  • KnowBe4 has received up to $50M in a private funding round from KKR. The Tampa-based firm has a phishing training service. Last month it acquired the Brazlian phishing simulation vendor El Pescador for R$2M, which is about half a million US$. (Get the name?) Its CEO is Stu Sjouwerman.
  • Tessian received a $42M B funding round led by Sequoia. It is based in London and has an AI breach detection tool. Its CEO is Tim Sadler.  
  • Ionic Security received a $40M E funding round led by JPMorgan Capital. It is based in Atlanta and has a data trust platform. Its CEO is Adam Ghetti.
  • Socure received a $30M C funding round led by Scale Venture Partners. It is based in NYC and its CEO is Tom Thimot. It has digital ID services for fraud prevention.  
  • Bishop Fox received a $25M A funding round led by ForgePoint Capital. It is based in Phoenix and offers offensive security testing. Its CEO is Vincent Liu.
  • SpyCloud received a $21M B funding round led by M12. It is based in Austin and has an account takeover prevention product. Its CEO is Ted Ross.
  • Obsidian Security received a $20M funding round led by Greylock Partners. It is based in the LA area and has security visualization tools. Its CEO is Glenn Chisholm.
  • Email gray
  • Permalink gray

5. Funding and merger announcements part 2.

  • Cequence Security received a $17M B funding round led by Dell Technologies Capital. It is based in Silicon Valley and its CEO is Larry Link. It has an anti-bot tool.
  • Ordr received a $16.5M A funding round led by TenEleven. It is based in Silicon Valley and has a network security tool. Its CEO is Pandian Gnanaprakasam.
  • Mocana received $15M in new funding led by Sway Ventures for its IoT device security platform, TrustCenter. It is based in Silicon Valley and its CEO is William Diotte.
  • Cmd received a $15M B funding round led by GV/Expa. It is based in Vancouver and its CEO is Jake King. It does Linux security.  
  • Stellar Cyber received a $13.2M A funding round led by Valley Capital Partners. It is based in Silicon Valley and has a security analytics tool. Its CEO is Changming Liu.
  • Anitian received a $11M A funding round led by ForgePoint Capital. It is based in Portland, Ore. and has a cloud compliance tool. Its CEO is Andrew Plato.  
  • SecureSky received a $6.5M seed funding round led by private investors. It is based in Omaha and its CEO is Michael Hrabik. It has a cloud-based MDR tool.  
  • Curv received a $6.5M seed funding round led by Team8. It is based in NYC and its CEO is Itay Malinger. IT has a digital asset security product.
  • Medstack received a $2.4M seed funding round led by Telus Ventures. It is based in Toronto and its CEO is Balaji Gopalan. It has a compliance product.
  • Finally, Verizon Communications has acquired ProtectWise, a Colorado-based provider of cloud-based Network Detection and Response tools. No terms were disclosed.
  • Email gray
  • Permalink gray

6. Google's Project Zero has finally disclosed a zero-day vulnerability in Apple macOS software it found last November. Apple hasn’t responded to the bug that is an issue with a copy-on-write bypass of the OS’s XNU kernel code. Hackers could take advantage of this to corrupt a computer’s memory. -- ZDNET

7. A new survey from ISACA has found understaffed cyber teams according to nearly 70 percent of cybersecurity professionals. Nearly a third say it takes six months or more to fill a vacancy at their organization. “Organizations ought to think out-of-the-box to ensure they have the right people, with the right skills, in the right place, at the right time,” the author says. -- ISACA BLOG

8. This is a deep dive into understanding how one Chinese state-sponsored hacking group operates. They are labeled APT40 and researchers show they take advantage of a number of known vulnerabilities to penetrate various government and private networks. -- FIREEYE BLOG

9. Santiago Lopez is the first to have made more than $1M in bug bounties and he is only 19. He has found thousands of bugs on HackerOne and his largest payout was $9,000. -- BLEEPING COMPUTER

10. Kaiser has put together this tool to search for how securely your local hospital treats your data and how it fares on patient safety. You can see the results for St. Louis hospitals below -- not everyone has responded. This post on Ars describes the reasoning behind the survey.

  • Email gray
  • Permalink gray

Always worth attending is the annual cryptographers panel, which this year includes two women, CS Professor Shafi Goldwasser and Tal Rabin from IBM. Also, RSA President Phit Ghai will interview Niloofar Razi Howe, an Iranian women who has had a long VC and infosec career and is known for her TED talk The Gift of Exile. As you can tell from these selections, this year’s keynotes are more numerous and more diverse: Friday’s will include a conversation with actress Tina Fey.  

FBI director Chris Wray will discuss what he is doing to combat cyberthreats. Also, two SANS instructors will demonstrate a live hacking simulation and show how red and blue teams can communicate better.

Another session that looks promising is a discussion of the future of the firewall, including Marcus Ranum who built one of the first prototypes and also the first email server for The White House.

Tomorrow also starts the Early Stage Expo with a reception at 4:45pm. More than 50 startups will have small booths, and this collection is usually worth a couple of hours of your investigation. I have done work for one firm, Secret Double Octopus that has a different way to implement password-less  authentication.

Finally, I have been working with one PR firm, Gregory FCA. Here are their favorite picks for conference sessions

  • Email gray
  • Permalink gray

This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site.

Finally, we note our Managing Editor Kim Lyons (freelancer for the NYTimes and also the editor of Inside Pittsburgh) and Senior Editor Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram). Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).

  • Email gray
  • Permalink gray

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

Vettery’s 2019 Tech Salary Report Is Here. Download Now.

 

 

 

 

[YOUR LOGO HERE – click for details]

Subscribe to Inside Security

MORE NEWSLETTERS

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

DAILY
News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

DAILY

SUBSCRIBED!

Share via

A thoughtful roundup of news and links for developers

Inside Dev

A thoughtful roundup of news and links for developers

DAILY
A thoughtful roundup of news and links for developers

Inside Dev

DAILY

SUBSCRIBED!

Share via

News, people, culture, events and the trends shaping the Bay area

Inside San Francisco

News, people, culture, events and the trends shaping the Bay area

DAILY
News, people, culture, events and the trends shaping the Bay area

Inside San Francisco

DAILY

SUBSCRIBED!

Share via

The present and future of virtual/augmented reality news and technology

Inside VR & AR

The present and future of virtual/augmented reality news and technology

DAILY
The present and future of virtual/augmented reality news and technology

Inside VR & AR

DAILY

SUBSCRIBED!

Share via