hacker
Auto Added by WPeMatico
Auto Added by WPeMatico
IT security software company Ivanti has acquired two security companies: Enterprise mobile security firm MobileIron and corporate virtual network provider Pulse Secure.
In a statement on Tuesday, Ivanti said it bought MobileIron for $872 million in stock — with 91% of the shareholders voting in favor of the deal — and acquired Pulse Secure from its parent company Siris Capital Group, but did not disclose the buying price.
The deals have now closed.
Ivanti was founded in 2017 after Clearlake Capital, which owned Heat Software, bought Landesk from private equity firm Thoma Bravo, and merged the two companies to form Ivanti. The combined company, headquartered in Salt Lake City, focuses largely on enterprise IT security, including endpoint, asset and supply chain management. Since its founding, Ivanti went on to acquire several other companies, including U.K.-based Concorde Solutions and RES Software.
If MobileIron and Pulse Secure seem familiar, both companies have faced their fair share of headlines this year after hackers began exploiting vulnerabilities found in their technologies.
Just last month, the U.K. government’s National Cyber Security Center published an alert that warned of a remotely executable bug in MobileIron, patched in June, allowing hackers to break into enterprise networks. U.S. Homeland Security’s cybersecurity advisory unit CISA said that the bug was being actively used by advanced persistent threat (APT) groups, typically associated with state-backed hackers.
Meanwhile, CISA also warned that Pulse Secure was one of several corporate VPN providers with vulnerabilities that have since become a favorite among hackers, particularly ransomware actors, who abuse the bugs to gain access to a network and deploy the file-encrypting ransomware.
Powered by WPeMatico
The election is over, but not without a hitch or two. Some voters in Georgia and Ohio had to use paper ballots after hand sanitizer leaked into voting machines — an unexpected casualty of the pandemic. And a slew of robocalls across a number of swing states urged voters to “stay safe and stay home,” in an effort to disenfranchise voters from going to the polls. With record voter turnout, there’s little evidence to show it worked.
But we saw nothing like the hack-and-leak operations like we did four years ago, which delivered an “October surprise” that derailed the election for Hillary Clinton, despite winning the popular vote by three million votes.
Government officials and cybersecurity firms said there were no significant or damaging cyberattacks during Election Day. One Homeland Security official called it “another Tuesday on the internet,” but conceded there was still cause for concern in the election aftermath.
With the bulk of the votes counted, government officials pointed to the threat of “foreign influence” campaigns — or misinformation — that would try to cast doubt on the election results. In reality, much of the false and misleading claims ended up coming from inside the White House as the Trump administration tried to cling onto power. After being caught out four years ago, the social media giants put into place measures and policies that limited the spread of false news — including Trump’s repeated attempts to claim victory.
Fears that the 2020 election could turn into a national, or even an international security matter did not come to fruition. The U.S. is in a better place than it was four years ago by simply learning the lessons from Russia’s efforts to interfere with the election. Imagine where we could be in another four?
Since you, like us, were glued to the television screens last week, here’s more from the week you might have missed.
Grayshift, the secretive startup behind the U.S. government’s favorite phone unlocking technology, has raised $47 million in fresh funding. The Series A round was led by PeakEquity Partners, and — as first reported by Forbes — is a huge round for a little-known phone forensics firm.
One of only a few photos of the mysterious GrayKey phone unlocking devices. Image Credits: Malwarebytes
Grayshift exploded onto the mobile forensics scene in 2018, months after the company began quietly selling its proprietary GrayKey technology to federal agencies for about $15,000 each. The FBI and other agencies use their purchased GrayKey devices to break into encrypted phones without needing the passcode.
Powered by WPeMatico
A newly discovered bug in a cloud system used to manage SonicWall firewalls could have allowed hackers to break into thousands of corporate networks.
Enterprise firewalls and virtual private network appliances are vital gatekeepers tasked with protecting corporate networks from hackers and cyberattacks while still letting in employees working from home during the pandemic. Even though most offices are empty, hackers frequently look for bugs in critical network gear in order to break into company networks to steal data or plant malware.
Vangelis Stykas, a researcher at security firm Pen Test Partners, found the new bug in SonicWall’s Global Management System (GMS), a web app that lets IT departments remotely configure their SonicWall devices across the network.
But the bug, if exploited, meant any existing user with access to SonicWall’s GMS could create a user account with access to any other company’s network without permission.
From there, the newly created account could remotely manage the SonicWall gear of that company.
In a blog post shared with TechCrunch, Stykas said there were two barriers to entry. Firstly, a would-be attacker would need an existing SonicWall GMS user account. The easiest way — and what Stykas did to independently test the bug — was to buy a SonicWall device.
The second issue was that the would-be attacker would also need to guess a unique seven-digit number associated with another company’s network. But Stykas said that this number appeared to be sequential and could be easily enumerated, one after the other.
Once inside a company’s network, the attacker could deliver ransomware directly to the internal systems of their victims, an increasingly popular tactic for financially driven hackers.
SonicWall confirmed the bug is now fixed. But Stykas criticized the company for taking more than two weeks to patch the vulnerability, which he described as “trivial” to exploit.
“Even car alarm vendors have fixed similar issues inside three days of us reporting,” he wrote.
A SonicWall spokesperson defended the decision to subject the fix to a “full” quality check before it was rolled out, and said it is “not aware” of any exploitation of the vulnerability.
Powered by WPeMatico
Security startups to the rescue.
As we continue to ride out the pandemic, security experts are closely monitoring the surge of coronavirus-related cyber threats. Just this week, Google’s Threat Analysis Group, its elite threat hunting unit, says that while the overall number of threats remains largely the same, opportunistic hackers are retooling their efforts to piggyback on coronavirus.
Some startups are downsizing and laying off staff, but several cybersecurity startups are faring better, thanks to an uptick in demand for security protections. As the world continues to pivot toward working from home, it has blown up key cybersecurity verticals in ways we never expected. To wit, identity startups are needed more than ever to make sure only remote employees are getting access to corporate systems.
Can the startups take on the giants at their own game?
For the third time this year, a payments processor has admitted to a security lapse. First it was Cornerstone, then it was nCourt. This time it’s Paay, a New York-based card payment processor startup that left a database on the internet unprotected and without a password. Worse, the data was storing full, plaintext credit card numbers.
Anyone who knew where to look could have accessed the data. Luckily, a security researcher found it and reported it to TechCrunch. We alerted the company; it quickly took the data offline, but Paay denied that the data stored full credit card numbers. We even sent the co-founder a portion of the data showing card numbers stored in plaintext, but he did not respond to our follow-up.
Powered by WPeMatico
Hackers will soon be able to stress-test the Facebook Portal at the annual Pwn2Own hacking contest, following the introduction of the social media giant’s debut hardware device last year.
Pwn2Own is one of the largest hacking contests in the world, where security researchers descend to find and demonstrate their exploits for vulnerabilities in a range of consumer electronics and technologies, including appliances and automobiles.
It’s not unusual for companies to allow hackers put their products through their paces. Tesla earlier this year entered its new Model 3 sedan into the contest. A pair of researchers later scooped up $375,000 — and the car they hacked — for finding a severe memory randomization bug in the web browser of the car’s infotainment system.
Hackers able to remotely inject and run code on the Facebook Portal can receive up to $60,000, while a non-invasive physical attack or a privilege escalation bug can net $40,000.
Introducing the Facebook Portal is part of a push by Trend Micro’s Zero Day Initiative, which runs the contest, to expand the range of home automation devices available to researchers in attendance. Pwn2Own said researchers will also get a chance to try to hack an Amazon Echo Show 5, a Google Nest Hub Max, an Amazon Cloud Cam and a Nest Cam IQ Indoor.
Facebook said it also would allow hackers to find flaws in the Oculus Quest virtual reality kit.
Pwn2Own Tokyo, set to be held on November 6-7, is expected to dish out more than $750,000 in cash and prizes.
Powered by WPeMatico
IOActive may not be a household name but you almost certainly know its work.
The Seattle-headquartered company has been behind some of the most breathtaking hacks in the past decade. Its researchers have broken into in-flight airplanes from the ground and reverse engineered an ATM to spit out gobs of cash. One of the company’s most revered hackers discovered a way to remotely shock a pacemaker out of rhythm. And remember that now-infamous hack that remotely killed the engine of a Jeep? That was IOActive, too.
If it’s connected, they will bet that they can hack it.
IOActive has made a name for itself with its publicly reported findings, but its bread and butter is helping its corporate customers better understand how they approach security.
Since its founding more than two decades ago, the penetration testing and ethical hacking company now serves customers mostly in the Global 1000 largest companies to help assess and test their security posture.
“You can have the absolute most sophisticated alarm in the entire world, and I guarantee our team can break in,” said Jennifer Steffens, IOActive’s chief executive, in a call with TechCrunch. “But if you left your front door unlocked lock, hackers are going to walk right through”
“Don’t pay us to show you how to break into the alarm before someone learns how to lock the door,” she said.
Powered by WPeMatico
For a cybersecurity company, Bugcrowd relies much more on people than it does on technology.
For as long as humans are writing software, developers and programmers are going to make mistakes, said Casey Ellis, the company’s founder and chief technology officer in an interview TechCrunch from his San Francisco headquarters.
“Cybersecurity is fundamentally a people problem,” he said. “Humans are actually the root of the problem,” he said. And when humans made coding mistakes that turn into bugs or vulnerabilities that be exploited, that’s where Bugcrowd comes in — by trying to mitigate the fallout before they can be maliciously exploited.
Founded in 2011, Bugcrowd is one of the largest bug bounty and vulnerability disclosure companies on the internet today. The company relies on bug finders, hackers, and security researchers to find and privately report security flaws that could damage systems or putting user data at risk.
Bugcrowd acts as an intermediary by passing the bug to the companies to get fixed — potentially helping them to dodge a future security headache like a leak or a breach — in return for payout to the finder.
The greater the vulnerability, the higher the payout.
“The space we’re in is brokering conversations between different groups of people that don’t necessarily have a good history of getting along but desperately need to talk to each other,” said Ellis.
Powered by WPeMatico