Security

Auto Added by WPeMatico

Online workspace startup Notion hit by outage, citing DNS issues

Notion, the online workspace startup that was last year valued at over $2 billion, was knocked offline after a DNS outage.

The collaborative online office and document service was not loading as of around 9 a.m. ET on Friday, preventing anyone who relies on the service from accessing their cloud-stored data.

In a since-deleted tweet, Notion asked if “any users have a contact at Name.com,” the web host that Notion relies on for its domain name. In a reply, Name.com said it was “working with the owners of this domain to address this issue as quickly as possible.” Notion replied: “Could you let us know where you’re messaging us to address this?”

The now-partially deleted tweet thread noting the apparent Notion outage. (Image: TechCrunch)

In a statement shortly after its first tweet went out, Notion told TechCrunch: “We’re experiencing a DNS issue, causing the site to not resolve for many users. We are actively looking into this issue, and will update you with more information as we receive it via our status page on Twitter.”

Notion didn’t say specifically what the DNS issue is. Domain name servers, or DNS, is an important part of how the internet works. Every time you go to visit a website, your browser uses a DNS server to convert web addresses to machine-readable IP addresses to locate where a web page is located on the internet. But if a website or its DNS server is not configured correctly, it can cause the website not to load.

It’s not clear exactly who is responsible for this particular DNS issue. When reached, a spokesperson for Name.com did not immediately comment, and Sonic.so, the Somali-based registrar that oversees the .so country-code top level domain on which Notion relies, did not return a request for comment.

We’ll update once we know more.

Read more on TechCrunch:

Powered by WPeMatico

Base Operations raises $2.2 million to modernize physical enterprise security

Typically when we talk about tech and security, the mind naturally jumps to cybersecurity. But equally important, especially for global companies with large, multinational organizations, is physical security — a key function at most medium-to-large enterprises, and yet one that to date, hasn’t really done much to take advantage of recent advances in technology. Enter Base Operations, a startup founded by risk management professional Cory Siskind in 2018. Base Operations just closed their $2.2 million seed funding round and will use the money to capitalize on its recent launch of a street-level threat mapping platform for use in supporting enterprise security operations.

The funding, led by Good Growth Capital and including investors like Magma Partners, First In Capital, Gaingels and First Round Capital founder Howard Morgan, will be used primarily for hiring, as Base Operations looks to continue its team growth after doubling its employe base this past month. It’ll also be put to use extending and improving the company’s product and growing the startup’s global footprint. I talked to Siskind about her company’s plans on the heels of this round, as well as the wider opportunity and how her company is serving the market in a novel way.

“What we do at Base Operations is help companies keep their people in operation secure with ‘Micro Intelligence,’ which is street-level threat assessments that facilitate a variety of routine security tasks in the travel security, real estate and supply chain security buckets,” Siskind explained. “Anything that the chief security officer would be in charge of, but not cyber — so anything that intersects with the physical world.”

Siskind has firsthand experience about the complexity and challenges that enter into enterprise security since she began her career working for global strategic risk consultancy firm Control Risks in Mexico City. Because of her time in the industry, she’s keenly aware of just how far physical and political security operations lag behind their cybersecurity counterparts. It’s an often overlooked aspect of corporate risk management, particularly since in the past it’s been something that most employees at North American companies only ever encounter periodically when their roles involve frequent travel. The events of the past couple of years have changed that, however.

“This was the last bastion of a company that hadn’t been optimized by a SaaS platform, basically, so there was some resistance and some allegiance to legacy players,” Siskind told me. “However, the events of 2020 sort of turned everything on its head, and companies realized that the security department, and what happens in the physical world, is not just about compliance — it’s actually a strategic advantage to invest in those sort of services, because it helps you maintain business continuity.”

The COVID-19 pandemic, increased frequency and severity of natural disasters, and global political unrest all had significant impact on businesses worldwide in 2020, and Siskind says that this has proven a watershed moment in how enterprises consider physical security in their overall risk profile and strategic planning cycles.

“[Companies] have just realized that if you don’t invest [in] how to keep your operations running smoothly in the face of rising catastrophic events, you’re never going to achieve the profits that you need, because it’s too choppy, and you have all sorts of problems,” she said.

Base Operations addresses this problem by taking available data from a range of sources and pulling it together to inform threat profiles. Their technology is all about making sense of the myriad stream of information we encounter daily — taking the wash of news that we sometimes associate with “doom-scrolling” on social media, for instance, and combining it with other sources using machine learning to extrapolate actionable insights.

Those sources of information include “government statistics, social media, local news, data from partnerships, like NGOs and universities,” Siskind said. That data set powers their Micro Intelligence platform, and while the startup’s focus today is on helping enterprises keep people safe, while maintaining their operations, you can easily see how the same information could power everything from planning future geographical expansion, to tailoring product development to address specific markets.

Siskind saw there was a need for this kind of approach to an aspect of business that’s essential, but that has been relatively slow to adopt new technologies. From her vantage point two years ago, however, she couldn’t have anticipated just how urgent the need for better, more scalable enterprise security solutions would arise, and Base Operations now seems perfectly positioned to help with that need.

Powered by WPeMatico

SecuriThings snares $14M Series A to keep edge devices under control

Managing IoT devices in a large organization can be a messy proposition, especially when many of them aren’t even managed directly by IT and often involve integrating with a number of third-party systems. SecuriThings wants to help with a platform of services to bring that all under control, and today the startup announced a $14 million Series A.

Aleph led the round with participation from existing investor Firstime VC and a number of unnamed angels. The company has raised a total of $17 million, according to Crunchbase data.

Roy Dagan, company CEO and co-founder, says that he sees organizations with many different connected devices running on a network, and it’s difficult to manage. “We enable organizations to manage IoT devices securely at scale in a consolidated and cost-efficient manner,” Dagan told me.

This could include devices like security cameras, along with access control systems and building management systems involving thousands — or in some instances, tens of thousands — of devices. “The technology we build, we integrate with management systems, and then we deploy our capabilities which are focused on the edge devices. So that’s how we also find the devices, and then we have these different capabilities running on the edge devices or fetching information from the edge devices,” Dagan explained.

SecuriThings Horizon - Screenshot - Device view

Image Credits: SecuriThings

The company has formed partnerships with a number of key device manufacturers, including Microsoft, Convergint Technologies and Johnson Controls, among others. They work with a range of industries including airports, casinos and large corporate campuses.

Aaron Rosenson, general partner at lead investor Aleph, says the company is solving a big problem managing the myriad devices inside large organizations. “Until SecuriThings came along, there were these massive enterprise software categories of automation, orchestration and observability just waiting to be built for IoT,” Rosenson said in a statement. He says that SecuiThings is pulling that all together for its customers.

The company was founded in 2016 originally with the idea of being an IoT security company, and while they still are involved in securing these devices, their ability to communicate with them gives IT much greater visibility and insight and the ability to update and manage them.

Today, the company has 30 employees, and with the new investment it will be doubling that number by the end of the year. While Dagan didn’t cite specific customer numbers, he did say they have dozens of customers with deal sizes of between five and seven figures.

Powered by WPeMatico

CD Projekt hit by ransomware attack, refuses to pay ransom

Polish video game maker CD Projekt, which makes Cyberpunk 2077 and The Witcher, has confirmed it was hit by a ransomware attack.

In a statement posted to its Twitter account, the company said it will “not give in nor negotiate” with the hackers, saying it has backups in place. “We have already secured our IT infrastructure and begun restoring data,” the company said.

According to the ransom note, the hackers said they would release the company’s stolen source code and other internal files if it did not pay the ransom, since the company would “most likely recover from backups.”

But the company said for now that no personal data was taken. “We are still investigating the incident, however at this time we can confirm that — to our best knowledge — the compromised systems did not contain any personal data of our players or users of our services.”

It’s an increasingly hostile tactic used by ransomware actors: Hackers target high-value businesses and companies with file-encrypting malware and hold the files for a ransom. But since many companies have backups, some ransomware groups threaten to publish the stolen files unless the ransom is paid.

CD Projekt Red did not immediately respond to TechCrunch’s questions, including what kind of ransomware was used to attack its systems.

It’s thought to be the second time in recent years that the company has been hit by ransomware. The game maker confirmed in 2017 that a hack resulted in the compromising of early work related to the Cyberpunk 2077. Weeks following the game’s launch Sony and Microsoft offered gamers refunds, citing bugs and poor performance on older consoles.

Powered by WPeMatico

SentinelOne to acquire high-speed logging startup Scalyr for $155M

SentinelOne, a late-stage security startup that helps customers make sense of security data using AI and machine learning, announced today that it is acquiring high-speed logging startup Scalyr for $155 million in stock and cash.

SentinelOne sorts through oodles of data to help customers understand their security posture, and having a tool that enables engineers to iterate rapidly in the data, and get to the root of the problem, is going to be extremely valuable for them, CEO and co-founder Tomer Weingarten explained. “We thought Scalyr would be just an amazing fit to our continued vision in how we secure data at scale for every enterprise [customer] out there,” he told me.

He said they spent a lot of time shopping for a company that could meet their unique scaling needs and when they came across Scalyr, they saw the potential pretty quickly with a company that has built a real-time data lake. “When we look at the scale of our technology, we obviously scoured the world to find the best data analytics technology out there. We [believe] we found something incredibly special when we found a platform that can ingest data, and make it accessible in real time,” Weingarten explained.

He believes the real time element is a game changer because it enables customers to prevent breaches, rather than just reacting to them. “If you’re thinking about mitigating attacks or reacting to attacks, if you can do that in real time and you can process data in real time, and find the anomalies in real time and then meet them, you’re turning into a system that can actually deflect the attacks and not just see them and react to them,” he explained.

The company sees Scalyr as a product they can integrate into the platform, but also one which will remain a standalone. That means existing customers should be able to continue using Scalyr as before, while benefiting from having a larger company contributing to its R&D.

While SentinelOne is not a public company, it is a pretty substantial private one, having raised over $695 million, according to Crunchbase data. The company’s most recent funding round came last November, a $267 million investment with a $3.1 billion valuation.

As for Scalyr, it was launched in 2011 by Steve Newman, who first built a word processor called Writely and sold it to Google in 2006. It was actually the basis for what became Google Docs. Newman stuck around and started building the infrastructure to scale Google Docs, and he used that experience and knowledge to build Scalyr. The startup raised $27 million along the way, according to Crunchbase data, including a $20 million Series A investment in 2017.

The deal will close this quarter, at which time Scalyr’s 45 employees will join SentinelOne.

Powered by WPeMatico

Container security acquisitions increase as companies accelerate shift to cloud

Last week, another container security startup came off the board when Rapid7 bought Alcide for $50 million. The purchase is part of a broader trend in which larger companies are buying up cloud-native security startups at a rapid clip. But why is there so much M&A action in this space now?

Palo Alto Networks was first to the punch, grabbing Twistlock for $410 million in May 2019. VMware struck a year later, snaring Octarine. Cisco followed with PortShift in October and Red Hat snagged StackRox last month before the Rapid7 response last week.

This is partly because many companies chose to become cloud-native more quickly during the pandemic. This has created a sharper focus on security, but it would be a mistake to attribute the acquisition wave strictly to COVID-19, as companies were shifting in this direction pre-pandemic.

It’s also important to note that security startups that cover a niche like container security often reach market saturation faster than companies with broader coverage because customers often want to consolidate on a single platform, rather than dealing with a fragmented set of vendors and figuring out how to make them all work together.

Containers provide a way to deliver software by breaking down a large application into discrete pieces known as microservices. These are packaged and delivered in containers. Kubernetes provides the orchestration layer, determining when to deliver the container and when to shut it down.

This level of automation presents a security challenge, making sure the containers are configured correctly and not vulnerable to hackers. With myriad switches this isn’t easy, and it’s made even more challenging by the ephemeral nature of the containers themselves.

Yoav Leitersdorf, managing partner at YL Ventures, an Israeli investment firm specializing in security startups, says these challenges are driving interest in container startups from large companies. “The acquisitions we are seeing now are filling gaps in the portfolio of security capabilities offered by the larger companies,” he said.

Powered by WPeMatico

BeyondID grabs $9M Series A to help clients implement cloud identity

BeyondID, a cloud identity consulting firm, announced a $9 million Series A today led by Tercera. It marked the first investment from Tercera, a firm that launched earlier this month with the goal of investing in service startups like Beyond.

The company focuses on helping clients manage security and identity in the cloud, taking aim specifically at Okta customers. In fact, the firm is a platinum partner for Okta. As they describe their goals, they help clients in a variety of areas, including identity and access management, secure app modernization, Zero Trust security, cloud migration and integration services.

CEO and co-founder Arun Shrestha has a deep background in technology, including working with Okta from its early days. Shrestha came on board in 2012 as the head of customer success. When he began, the startup was in early days, with just 50 customers. When he left five years later just before the IPO, it had more than 3,500.

Along the way, he gained a unique level of expertise in the Okta tool set, and he decided to put that to work to help Okta customers implement and maximize Okta usage, especially in companies with complex implementations. He launched BeyondID in 2018 with the intention of focusing on systems integrations and managing a company’s identity in the cloud.

“We believe we are becoming a managed identity service provider, so managing anything identity, anything related to cybersecurity. We’re helping these companies by being a one-stop shop for companies acquiring, deploying and managing identity services,” Shrestha explained.

It seems to be working. The last couple of years the company revenues grew at 300% and as it matures, and the growth rates settle a bit, it’s still expected to grow between 70 and 100% this year. The firm has 250 customers, including FedEx, Major League Baseball, Bain Capital and Biogen.

It currently has 75 employees serving those customers with plans to grow that number in the next year with the help from today’s investment. As Shrestha adds new employees, he sees building a diverse workforce as a crucial goal for his company.

“Diversity is absolutely critical to our long-term sustainable success, and it’s also the right thing to do,” he said. He says that building an organization that promotes women and people of color is a key goal of his as the leader of the company and something he is committed to.

Chris Barbin, who is managing partner and founder at lead investor Tercera, says that he chose BeyondID as the firm’s first investment because he believes identity is central to the notion of digital transformation. As more companies move to the cloud, they need help understanding how security and identity work differently in a cloud context, and he sees BeyondID playing a critical role in helping clients get there.

“BeyondID is in a rapidly growing space and has an impressive customer list that represents nearly every industry. Arun and the leadership team have a strong vision for the firm, deep ties into Okta and they’re incredibly passionate about what they do,” he said.

Powered by WPeMatico

Minneapolis police used geofence warrant at George Floyd protests

Police in Minneapolis obtained a search warrant ordering Google to turn over sets of account data on vandals accused of sparking violence in the wake of the police killing of George Floyd last year, TechCrunch has learned.

The death of Floyd, a Black man killed by a white police officer in May 2020, prompted thousands to peacefully protest across the city. But violence soon erupted, which police say began with a masked man seen in a viral video using an umbrella to smash windows of an auto-parts store in south Minneapolis. The AutoZone store was the first among dozens of buildings across the city set on fire in the days following.

The search warrant compelled Google to provide police with the account data on anyone who was “within the geographical region” of the AutoZone store when the violence began on May 27, two days after Floyd’s death.

These so-called geofence warrants — or reverse-location warrants — are frequently directed at Google in large part because the search and advertising giant collects and stores vast databases of geolocation data on billions of account holders who have “location history” turned on. Geofence warrants allow police to cast a digital dragnet over a crime scene and ask tech companies for records on anyone who entered a geographic area at a particular time. But critics say these warrants are unconstitutional as they also gather the account information on innocent passers-by.

TechCrunch learned of the search warrant from Minneapolis resident Said Abdullahi, who received an email from Google stating that his account information was subject to the warrant, and would be given to the police.

But Abdullahi said he had no part in the violence and was only in the area to video the protests when the violence began at the AutoZone store.

The warrant said police sought “anonymized” account data from Google on any phone or device that was close to the AutoZone store and the parking lot between 5:20pm and 5:40pm (CST) on May 27, where dozens of the people in the area had gathered.

When reached, Minneapolis police spokesperson John Elder, citing an ongoing investigation, would not answer specific questions about the warrant, including for what reason the warrant was issued.

According to a police affidavit, police said the protests had been relatively peaceful until the afternoon of May 27, when a masked umbrella-wielding man began smashing the windows of the AutoZone store, located across the street from a Minneapolis police precinct where hundreds of protesters had gathered. Several videos show protesters confronting the masked man.

Police said they spent significant resources on trying to identify the so-called “Umbrella Man,” who they say was the catalyst for widespread violence across the city.

“This was the first fire that set off a string of fires and looting throughout the precinct and the rest of the city,” the affidavit read. At least two people were killed in the unrest. (Erika Christensen, a Minneapolis police investigator who filed the affidavit, was not made available for an interview.)

Police accuse the Umbrella Man of creating an “atmosphere of hostility and tension” whose sole aim was to “incite violence.” (TechCrunch is not linking to the affidavit as the police would not say if the suspect had been charged with a crime.) The affidavit also links the suspect to a white supremacist group called the Aryan Cowboys, and to an incident weeks later where a Muslim woman was harassed.

Multiple videos of the protests around the time listed on the warrant appear to line up with the window-smashing incident. Other videos of the scene at the time of the warrant show hundreds of other people in the vicinity. Police were positioned on rooftops and used tear gas and rubber bullets to control the crowds.

Law enforcement across the U.S. are increasingly relying on geofence warrants to solve crimes where a suspect is not known. Police have defended the use of these warrants because they can help identify potential suspects who entered a certain geographic region where a crime was committed. The warrants typically ask for “anonymized information,” but allow police to go back and narrow their requests on potential suspects of interest.

When allowed by law, Google notifies account holders of when law enforcement demands access to the user’s data. According to a court filing in 2019, Google said the number of geofence warrants it received went up by 1,500% between 2017 and 2018, and more than 500% between 2018 and 2019, but has yet to provide a specific number of warrants

Google reportedly received over 180 geofence warrants in a single week in 2019. When asked about more recent figures, a Google spokesperson declined to comment on the record.

Read more on TechCrunch

Civil liberties groups have criticized the use of dragnet search warrants. The American Civil Liberties Union said that geofence warrants “circumvent constitutional checks on police surveillance.” One district court in Virginia said geofence warrants violated the constitution because the majority of individuals whose data is collected will have “nothing whatsoever” to do with the crimes under investigation.

Reports in the past year have implicated people whose only connection to a crime is simply being nearby.

NBC News reported the case of one Gainesville, Fla. resident, who was told by Google that his account information would be given to police investigating a burglary. But the resident was able to prove that he had no connection to the burglary, thanks to an app on his phone that tracked his activity.

In 2019, Google gave federal agents investigating several arson attacks in Milwaukee, Wis. close to 1,500 user records in response to geofence warrant, thought to be one of the largest grabs of account data to date.

But lawmakers are beginning to push back. New York state lawmakers introduced a bill last year that would, if passed, ban geofence warrants across the state, citing the risk of police targeting protesters. Rep. Kelly Armstrong (R-ND) grilled Google chief executive Sundar Pichai at a House Judiciary subcommittee hearing last year. “People would be terrified to know that law enforcement could grab general warrants and get everyone’s information everywhere,” said Armstrong.

Abdullahi told TechCrunch that he had several videos documenting the protests on the day and that he has retained a lawyer to try to prevent Google from giving his account information to Minneapolis police.

“Police assumed everybody in that area that day is guilty,” he said. “If one person did something criminal, [the police] should not go after the whole block of people,” he said.


Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents with SecureDrop.

Powered by WPeMatico

Rapid7 acquires Kubernetes security startup Alcide for $50M

Boston-based security operations company Rapid7 has been making moves into the cloud recently, and this morning it announced that it has acquired Kubernetes security startup Alcide for $50 million.

As the world shifts to cloud native using Kubernetes to manage containerized workloads, it’s tricky ensuring that the containers are configured correctly to keep them safe. What’s more, Kubernetes is designed to automate the management of containers, taking humans out of the loop and making it even more imperative that the security protocols are applied in an automated fashion as well.

Brian Johnson, SVP of Cloud Security at Rapid7 says that this requires a specialized kind of security product and that’s why his company is buying Alcide. “Companies operating in the cloud need to be able to identify and respond to risk in real time, and looking at cloud infrastructure or containers independently simply doesn’t provide enough context to truly understand where you are vulnerable,” he explained.

“With the addition of Alcide, we can help organizations obtain comprehensive, unified visibility across their entire cloud infrastructure and cloud-native applications so that they can continue to rapidly innovate while still remaining secure,” he added.

Today’s purchase builds on the company’s acquisition of DivvyCloud last April for $145 million. That’s almost $200 million for the two companies that allow Rapid7 to help protect cloud workloads in a fairly broad way.

It’s also part of an industry trend with a number of Kubernetes security startups coming off the board in the last year as bigger companies look to enhance their container security chops by buying talent and technology. This includes VMware nabbing Octarine last May, Cisco getting PortShift in October and Red Hat buying StackRox last month.

Alcide was founded in 2016 in Tel Aviv, part of the active Israeli security startup scene. It raised about $12 million along the way, according to Crunchbase data.

Powered by WPeMatico

IAC’s Teltech acquired encrypted mobile messaging app Confide

IAC has acquired Confide, the encrypted mobile messaging that once made headlines for its use by White House staffers during the Trump administration. The deal, which closed on Dec. 1, 2020 but was not publicly announced, sees Confide joining Teltech, the makers of spam call-busting app Robokiller, which itself had joined IAC’s Mosaic Group by way of a 2018 acquisition.

Teltech confirmed the Confide acquisition, but declined to share the deal terms. The confidential mobile messaging app had raised just $3.5 million in funding, according to Crunchbase data, and had been valued between $10 to $50 million, as a result. (Pitchbook put the valuation at ~$14 million around the same time.)

According to Teltech, the deal was for the Confide IP and technology, but not the team.

The company believes Confide makes for a good fit among its growing group of mobile communication apps, including Robokiller and its latest app, SwitchUp, which offers users a second phone number for additional privacy and spam blocking purposes. Other Teletech apps include phone call recorder TapeACall and blocked call unmasker TrapCall.

Confide, however, may end up being one of the better-known additions among that group, thanks to being remembered as a favored tool of choice among frustrated Washington Republicans during the Trump years.

But despite the user growth that news had driven, things slowed in the months that followed, when researchers published a report that claimed Confide wasn’t as secure as it had promised. Confide quickly fixed its vulnerabilities but then a month later was facing a class action lawsuit (later dismissed by the plaintiff) over the security issues.

Teltech says it was aware of the security concerns, but it had conversations with the prior Confide team and understands that the earlier issues had been “quickly and effectively remediated.”

While IAC won’t speak to its specific plans for Confide’s future, the app will continue to offer users a safe and secure way to communicate. What it won’t do, though, is try to directly compete with Telegram or other private apps that offer large channels or group chats that support tens of thousands of people at once.

“I think one kind of key differentiators is that Confide is definitely more for one-on-one and smaller group communication, rather than with Signal and Telegram where there’s some larger chat dynamics,” notes Giulia Porter, Teltech’s VP of Marketing. “One thing that makes us a little bit different is just that we’re more personal,” she says.

Despite having hit some bumps in the road over the years, Confide as of the time of the acquisition, still had around 100,000 monthly active users. There’s now a team of around 10 assigned to work on the app, adding needed resources to its further development, and soon, an updated logo and branding.

Confide’s existing desktop and mobile apps will also continue to be available, but later updated with new features as part of Teltech’s efforts.

Investors and IAC alike have declined to talk about deal price, but that may speak for itself.

“With the absolute explosion in privacy over the past several years, Confide, which started as a side project, has become a mission-critical platform for sensitive communication throughout the world,” said Confide co-founder and President Jon Brod, in a statement shared with TechCrunch about Confide’s exit.

“We’re thrilled that IAC shares our passion for secure communication and recognizes the unique business we have built. IAC has a proven track record of providing fast-growing companies with the support to reach their full potential and we are excited to see IAC take Confide to the next level,” he said.

Powered by WPeMatico