Zaid Shoorbajee – Page 13 – WindowsTechs.com

CyberMDX gets $10 million investment for medical device security

Posted on July 18, 2018 by Zaid Shoorbajee

As hospitals continue to face cybersecurity issues stemming from vulnerable networks and medical gear, investors are throwing money at companies focused on defending them from hackers. CyberMDX, a New York-based medical cybersecurity startup, announced on Tuesday that it raised $10 million in Series A funding, led by led by Pitango Venture Capital with participation from OurCrowd Qure. The company’s product, MDefend, provides companies with visibility of the medical devices on their networks and looks out for threats and vulnerabilities associated with them. Recent research shows that health care organizations are flooded with vulnerable, unpatched medical devices, many of which are visible on the open web to hackers. Such conditions are part of what made the WannaCry ransomware attack in 2017 so widespread. The virus slowed hospitals globally to a crawl because hackers locked practitioners out of their devices. “The expedited growth of connected medical devices poses exceptional challenges for hospital […]

The post CyberMDX gets $10 million investment for medical device security appeared first on Cyberscoop.

Continue reading CyberMDX gets $10 million investment for medical device security→

EAC reassures lawmaker regarding security of voting systems

Posted on July 18, 2018 by Zaid Shoorbajee

The top federal authority on elections is seeking to reassure a security-focused lawmaker that it is doing everything in its power to provide state election officials with all available resources in order to secure equipment and computer systems. The heads of the Election Assistance Commission were responding to Sen. Ron Wyden, D-Ore., who wrote to the EAC in June asking how the agency is coordinating with them about security amid ongoing concerns over foreign election interference. In the response letter obtained by CyberScoop, EAC commissioners Thomas Hicks and Christy McCormick lay out the many ways the commission works with states on election security, including developing testing requirements and voting machine standards, offering guidance for spending federal grants and informing states about services available from other agencies. Earlier this year, Congress allocated $380 million to be split among the states for the sake of improving the administration of elections under the […]

The post EAC reassures lawmaker regarding security of voting systems appeared first on Cyberscoop.

Continue reading EAC reassures lawmaker regarding security of voting systems→

Verodin raises $21 million Series B round for automated red-teaming

Posted on July 17, 2018 by Zaid Shoorbajee

Verodin, a company that provides automated security testing services, announced on Tuesday that it brought in $21 million for its Series B funding round. Based in McLean, Va., Verodin provides a product called the Security Instrumentation Platform, which continuously tests the security of a customer’s network by acting as an attacker. The platform simulates ways to exploit vulnerabilities and notes how well the customer’s email, cloud and network controls worked. “This capability enables enterprises to quantifiably validate if their controls are actually protecting their business-critical assets, providing resiliency and keeping them safe,” the company said in a press release. Ultimately, the goal is for organizations to determine whether the security services they’re paying for are actually doing their jobs. The funding round was led by TenEleven Ventures and Bessemer Venture Partners with participation from Capital One Growth Ventures, Citi Ventures and Verodin’s past investors. The round brings the company’s total […]

The post Verodin raises $21 million Series B round for automated red-teaming appeared first on Cyberscoop.

Continue reading Verodin raises $21 million Series B round for automated red-teaming→

Former U.S. officials call for transparency in cybersecurity of 2020 Census

Posted on July 16, 2018 by Zaid Shoorbajee

Nearly a dozen former U.S. officials with cybersecurity and intelligence backgrounds are calling on the Census Bureau to be open about how it plans to protect the troves of sensitive information it will collect in the 2020 Census. In a letter released Monday by the Georgetown University Law Center, 11 officials write that Americans deserve to know that the systems and technical protocols the bureau is using will not put collected information at risk. “This is especially important in an age in which new types and sources of cybersecurity threats seem to emerge almost weekly,” the officials say, addressing Commerce Secretary Wilbur Ross and acting Census Bureau Director Ron Jarmin. Signatories on the letter include former White House Cybersecurity Coordinator Michael Daniel, former National Counterterrorism Center Director Matthew Olsen and other Obama administration officials. Cybersecurity is especially pertinent for the upcoming census because it will be the first to allow […]

The post Former U.S. officials call for transparency in cybersecurity of 2020 Census appeared first on Cyberscoop.

Continue reading Former U.S. officials call for transparency in cybersecurity of 2020 Census→

U.S. intelligence chief lays out threats to U.S. infrastructure, efforts to protect it

Posted on July 13, 2018 by Zaid Shoorbajee

The top U.S. intelligence official painted a grim picture on Friday of the many types of cyber threats the U.S. faces across critical infrastructure sectors and highlighted the ways the government is countering them. “These attacks come in different forms. Some are tailored to achieve very tactical goals, while others are implemented for strategic purposes, including the possibility of a crippling cyber attack against our critical infrastructure,” said Director of National Intelligence Dan Coats, speaking at the Hudson Institute, a Washington, D.C. think tank. “But all of these desperate efforts share a common purpose to exploit America’s openness in order to undermine our long-term competitive advantage.” Coats said that U.S.’s digital infrastructure is under constant attack from foreign entities including China, Iran and North Korea, but he singled out Russia as the “most aggressive” one, highlighting the country’s reported efforts to use hacking and information campaigns to influence U.S. elections. The […]

The post U.S. intelligence chief lays out threats to U.S. infrastructure, efforts to protect it appeared first on Cyberscoop.

Continue reading U.S. intelligence chief lays out threats to U.S. infrastructure, efforts to protect it→

South Carolina voters sue state over paperless voting machines

Posted on July 12, 2018 by Zaid Shoorbajee

South Carolina voters are suing their state over its use of paperless voting machines amid worries that they are susceptible to hacking without detection. The complaint filed Tuesday seeks a declaration from the court that South Carolina has violated the plaintiffs’ fundamental right to have their votes counted and prevent the state from continuing to use the machines it currently has in place. The lawsuit largely resembles one that is ongoing in Georgia. With the midterm elections coming up in November, the lawsuit does not outline any short-term alternatives to using the state’s current machines. The plaintiffs in the Georgia lawsuit propose using provisional paper ballots that can be scanned with the machines the state uses for absentee ballots. The plaintiffs are Frank Heindel, a commodities trader and election security advocate, and Phil Leventis, a former senator in the state legislature who opposed the the state’s adoption of the machines […]

The post South Carolina voters sue state over paperless voting machines appeared first on Cyberscoop.

Continue reading South Carolina voters sue state over paperless voting machines→

L3 Technologies acquires two hacking companies

Posted on July 11, 2018 by Zaid Shoorbajee

New York-based L3 Technologies announced on Wednesday that it is acquiring Azimuth Security and Linchpin labs, two cybersecurity companies that specialize in selling exploits to governments. The deal was for a combined price of about $200 million, L3 said. L3 is a contractor that provides communication, electronic, aerospace and sensor systems to military, homeland security and commercial clients. The company said that the acquisitions will strengthen its cybersecurity, intelligence and surveillance capabilities. Based in Australia, Azimuth says on its website that it provides security assessments and penetration testing on software services. Linchpin Labs, also based in Australia with offices in the U.S., the United Kingdom and Canada, describes itself as a “custom software development company” that serves corporate and government clients. According to reporting by Motherboard, Linchpin is Azimuth’s distributor. Run by ex-spies, Linchpin gives Azimuth access to relevant government clients. Together, the companies reportedly provide zero-day exploits to intelligence […]

The post L3 Technologies acquires two hacking companies appeared first on Cyberscoop.

Continue reading L3 Technologies acquires two hacking companies→

Report suggests Ticketmaster breach was broader than initial disclosure

Posted on July 10, 2018 by Zaid Shoorbajee

A payment data breach disclosed by Ticketmaster UK last month was just one effort amid a much wider skimming campaign, according to a report released Tuesday by cybersecurity company RiskIQ. Ticketmaster UK said that it was breached via Inbenta, a third-party customer service chat application it used on its website. According to RiskIQ, the breach was the work of Magecart, a threat group that seeks out insecure code on e-commerce website. The group then modifies or replaces the code in order to steal customers’ payment information. Ticketmaster’s and Inbenta’s initial accounts of the breach differed slightly. The ticketing giant stressed that the compromise happened via a tool provided by Inbenta. While Inbenta acknowledged that the JavaScript code provided to Ticketmaster was the source of the breach, Inbenta claimed the breach occurred because the ticketing company applied the code to its payments page without notifying Inbenta. However, RiskIQ says it observed instances where the Inbenta […]

The post Report suggests Ticketmaster breach was broader than initial disclosure appeared first on Cyberscoop.

Continue reading Report suggests Ticketmaster breach was broader than initial disclosure→

AT&T to acquire AlienVault

Posted on July 10, 2018 by Zaid Shoorbajee

AlienVault, a San Mateo-Calif.-based cybersecurity company, is being acquired by AT&T, the two companies announced on Tuesday. The telecommunications giant looks to add AlienVault’s services and talent to its small business- and enterprise-focused cybersecurity portfolio. AlienVault is best known for two platforms. Its Unified Security Management product provides customers with threat detection and incident response, and the AlienVault Open Threat Exchange provides security researchers with a platform for crowdsourced threat intelligence. In April, AlienVault also launched a free threat-scanning service that leverages data contributed by researchers to its Open Threat Exchange. “We’re thrilled to join forces with AT&T. They bring a robust cybersecurity portfolio with an industry-leading technology ecosystem,” said Barmak Meftah, AlienVault’s president and CEO, in a statement. “This deal accelerates our ability to deliver on the AlienVault mission, which is to democratize threat detection and response to companies of all sizes.” AlienVault was founded in 2007 and has […]

The post AT&T to acquire AlienVault appeared first on Cyberscoop.

Continue reading AT&T to acquire AlienVault→