Zaid Shoorbajee – WindowsTechs.com

Fortanix raises $23 million in funding for cloud security and encryption

Posted on January 30, 2019 by Zaid Shoorbajee

Fortanix, a cloud security company, announced Wednesday that it raised $23 million in a Series B funding round led by Intel Capital with participation from past investors Foundation Capital and Neotribe. The company offers two main platforms that are meant to protect the data clients use and the various keys they need to run their applications. The products are aimed at enterprises that rely on cloud services for their infrastructure and containerization to run their applications. Intel Capital’s director, Sunil Kurkure, is joining the Fortanix’s board of directors as part of the deal. The company’s Self-Defending Key Management Service is designed to protect the sensitive information customers needed to run their systems securely, like cryptographic data, API keys, passwords, tokens and others. The Runtime Encryption platform is meant to protect data while it’s in-use “in untrusted environments such as the public cloud and remote clouds.” “Fortanix uniquely helps protect encryption keys, databases, machine learning algorithms, and containers to help secure organizations’ data […]

The post Fortanix raises $23 million in funding for cloud security and encryption appeared first on CyberScoop.

Continue reading Fortanix raises $23 million in funding for cloud security and encryption→

Discover replaces customer cards following breach at unidentified outside entity

Posted on January 29, 2019 by Zaid Shoorbajee

Some Discover Card users are receiving new payment cards in the mail after a data breach exposed financial information, according to two customer notices submitted to the California attorney general’s office. Discover Financial Services said the breach did not involve its own systems. While the company doesn’t elaborate in the customer notices, a spokesman told CyberScoop it was taking action because of a breach that orignated with a service the company declined to identify. “We are prohibited from naming the merchant, and I can tell you only that the number is small,” Jon Drummond, Discover’s director of media relations, said via email. “It is not something that we ever report.” “This incident was the result of a merchant data compromise, and not the result of any action by Discover or an intrusion of our customer information systems. We re-issued cards out of an abundance of caution for our cardholders,” he said. The two breach […]

The post Discover replaces customer cards following breach at unidentified outside entity appeared first on CyberScoop.

Continue reading Discover replaces customer cards following breach at unidentified outside entity→

Medigate raises $15 million Series A for medical device security

Posted on January 29, 2019 by Zaid Shoorbajee

Medigate, a startup that offers cybersecurity services specific to medical devices, has raised $15 million in Series A funding, the company announced Tuesday. Medigate provides a platform that is meant to identify medical devices on a network, fingerprint them then monitor those devices for suspicious behavior. Mecical devices need specialized security attention that is not satisfied with broader forms of internet of things security, according to Medigate CEO Jonathan Langer. “For medical devices, general IoT security falls short,” Langer told CyberScoop in an email. “The uniqueness of the devices, the sheer volume of different types of devices and the complexity of clinical networks is daunting. The ability to find and secure devices, from MRIs to glucose meters and to alert a hospital of anomalies requires security that understands clinical networks.” The company says the platform considers not just basic indicators like IP addresses, but also context such as the device’s model and purpose. […]

The post Medigate raises $15 million Series A for medical device security appeared first on CyberScoop.

Continue reading Medigate raises $15 million Series A for medical device security→

FireEye: New APT goes after individual targets by hitting telecom, travel companies

Posted on January 29, 2019 by Zaid Shoorbajee

A newly identified threat group linked to Iran is surveilling specific individuals of interest by stealing data primarily from companies in the telecommunications and travel industries, a report from FireEye published Tuesday. FireEye is adding the group to its list of advanced persistent threats as APT39. While not outright saying the group is state-sponsored, researchers said that APT39 appears to be be acting in support of Iranian state interests. That assessment is based on the group’s toolset overlap with other Iran-linked groups like APT33, APT34, Newscaster and Chafer. Still, FireEye says APT39’s apparent objective and its choices of malware variants warrant classifying it as a new group. “APT39’s focus on the telecommunications and travel industries suggests intent to perform monitoring, tracking, or surveillance operations against specific individuals that serve strategic requirements related to Iran’s strategic national priorities,” Cristiana Kittner, FireEye principal analyst of cyber-espionage analysis, told CyberScoop by email. It’s […]

The post FireEye: New APT goes after individual targets by hitting telecom, travel companies appeared first on CyberScoop.

Continue reading FireEye: New APT goes after individual targets by hitting telecom, travel companies→

‘Gold mine’ of customer loan, tax and other records exposed on open server

Posted on January 23, 2019 by Zaid Shoorbajee

A massive store of data that includes loan agreements, payment schedules tax documents and other financial records was openly accessible on a public server until recently, according to security researcher Bob Diachenko and TechCrunch. The data, totaling about 24 million records, was being stored in an unsecured server by Ascension Data and Analytics, a company that sells various technical services to the financial industry, according to Diachenko. The researcher said he worked with TechCrunch reporter Zack Whittaker to track the data to Ascension. Diachenko wrote in a blog post published Wednesday that he notified Ascension after making the discovery on Jan. 10, and that the data was secured by Jan. 15. The report says the 51 gigabytes’ worth of data on the server consisted of individual pages of documents that were submitted by financial institutions for optical character recognition – the conversion of handwriting text into machine-readable text. Some of the documents dated as far back as 2008. Some, not all, […]

The post ‘Gold mine’ of customer loan, tax and other records exposed on open server appeared first on CyberScoop.

Continue reading ‘Gold mine’ of customer loan, tax and other records exposed on open server→

Former WPML employee hacks plugin website to spam customers

Posted on January 21, 2019 by Zaid Shoorbajee

The website of popular WordPress plugin WPML has been restored after being hacked by a former employee, the plugin-maker OnTheGoSystems said Sunday. WPML said the incident caused it to lose client data, forced it to rebuild its server from scratch and prompted it to reset all customers’ passwords. OnTheGoSystems said that the plugin itself was not vulnerable and that payment information had not been exposed. We’re very sorry to report that our WEBSITE got hacked. Looks like an ex-employee backdoor. There is NO exploit in the WPML plugin we doublechecked. Payment information was NOT compromised as we don’t store this information. We strongly advise changing your WPML account password. — WPML (@wpml) January 20, 2019 WPML is a tool that WordPress users can purchase to run their websites in different languages. OnTheGoSystems says that more than 600,000 websites use the plugin. “This hack was not done via an exploit in WordPress, WPML or another plugin, but using this […]

The post Former WPML employee hacks plugin website to spam customers appeared first on CyberScoop.

Continue reading Former WPML employee hacks plugin website to spam customers→

Cryptojacking malware gets past cloud security programs by uninstalling them

Posted on January 17, 2019 by Zaid Shoorbajee

Why break through a barrier if you can just remove it? A piece of cryptojacking malware observed by Palo Alto Networks researchers is equipped to completely uninstall cloud security services from Linux-based servers before carrying out its malicious coin-mining. In a report published Thursday, Palo Alto Networks’ Unit 42 research team said the malware is spread by the cyberthreat group “Rocke,” whose cryptojacking activity was initially documented by Cisco Talos. A Chinese-speaking threat actor, the Rocke group is known for using the computing power of infected Linux-based systems to mine the cryptocurrency Monero. Whereas past versions of the Rocke group’s malware tried to evade detection by disabling only certain aspects of a cloud security service, the new variant simply removes the entire program, according to Palo Alto Networks. The researchers say Rocke added code that can gain administrative access on the infected server and uninstall five different cloud security and monitoring […]

The post Cryptojacking malware gets past cloud security programs by uninstalling them appeared first on CyberScoop.

Continue reading Cryptojacking malware gets past cloud security programs by uninstalling them→

New ‘Magecart’ group used ad plugin to steal payment data from hundreds of websites

Posted on January 16, 2019 by Zaid Shoorbajee

Hundreds of e-commerce websites have been hit with a card-skimming attack that compromised an advertising plugin, according to research from Trend Micro and RiskIQ. It’s the latest in a series of attacks linked to Magecart, an umbrella term for a set of hacking groups that use different methods to steal payment data from websites. Researchers said that while the attack resembled previous Magecart incidents, this one appears to have originated with a relatively new group that RiskIQ dubbed “Magecart Group 12.” Group 12’s attack affected 277 “ticketing, touring, and flight booking services as well as self-hosted shopping cart websites from prominent cosmetic, healthcare, and apparel brands,” according to Trend Micro. The researchers said the group had been a minor player in the past, finding ways to inject its code into individual e-commerce websites. But when the hackers infected a JavaScript library used by the French advertising firm Adverline in 2018, […]

The post New ‘Magecart’ group used ad plugin to steal payment data from hundreds of websites appeared first on CyberScoop.

Continue reading New ‘Magecart’ group used ad plugin to steal payment data from hundreds of websites→

Epic Games login tokens were susceptible to theft, research shows

Posted on January 16, 2019 by Zaid Shoorbajee

Epic Games, best known for the mega-popular video game “Fortnite,” fixed a vulnerability in its web infrastructure that hackers could have abused to access user accounts, as evidenced by a report from cybersecurity firm Check Point published Wednesday. The exploit involves phishing, but victims don’t need to be tricked into handing over credentials for it to work, the report shows. The bug only required that the targets visit a malicious link, where their login tokens could be leaked to the attackers. This type of access could have allowed hackers to see victims’ personal information, listen to their in-game voice chat and purchase V-Bucks — the game’s virtual currency — with other players’ accounts, Check Point said. Researchers said they found two old sub-domains belonging to Epic Games containing vulnerabilities that allowed for a malicious redirect attack. In a technical report, researchers describe how they were able to take control of these domains and use them to […]

The post Epic Games login tokens were susceptible to theft, research shows appeared first on CyberScoop.

Continue reading Epic Games login tokens were susceptible to theft, research shows→

Tesla’s Model 3 is a big target at the next Pwn2Own

Posted on January 14, 2019 by Zaid Shoorbajee

The hacking competition Pwn2Own is adding an automotive category to its March event in Vancouver, and participants will be able to take a crack at one of Tesla’s top models. The additional category is the result of a new partnership with Tesla, according to Japanese cybersecurity company Trend Micro, which runs Pwn2Own via the Zero Day Initiative (ZDI). The contest features live demonstrations of previously unknown security exploits, with hackers winning cash prizes for successfully showing off new zero days. Contestants in the automotive competition will focus on the Tesla Model 3, one of the best-selling luxury cars in the past year, Trend Micro said. In addition to cash prizes, one of the cars is also up for grabs for the “first successful researcher,” ZDI said. “Since 2007, Pwn2Own has become an industry-leading contest that encourages new areas of vulnerability research on today’s most critical platforms,” said Brian Gorenc, Trend Micro senior director of vulnerability research, in […]

The post Tesla’s Model 3 is a big target at the next Pwn2Own appeared first on CyberScoop.

Continue reading Tesla’s Model 3 is a big target at the next Pwn2Own→