Tag: Cybersecurity

07
Oct
2020
Posted in technology

‘Mercenary’ Hacker Group Runs Rampant in Middle East, Cybersecurity Research Shows | World News

By Raphael Satter and Christopher Bing

WASHINGTON (Reuters) – Saudi diplomats, Sikh separatists and Indian business executives have been among those targeted by a group of hired hackers, according to research published on Wednesday by software firm BlackBerry Corp.

The report https://www.blackberry.com/us/en/company/newsroom/press-releases/2020/blackberry-uncovers-massive-hack-for-hire-group-targeting-governments-businesses-human-rights-groups-and-influential-individuals on the group, known publicly as Bahamut, the name assigned to the mythical sea monster of Arab lore, highlights how cybersecurity researchers are increasingly finding evidence of mercenaries online.

BlackBerry’s vice president of research, Eric Milam, said the diversity of Bahamut’s activities was such that he assumed it was working for a range of different clients.

“There’s too many different things going on across too many different ranges and too many different verticals that it would be a single state,” Milam said ahead of the report’s release.

In June, Reuters reported on how an obscure Indian IT firm called BellTroX https://www.reuters.com/article/idUSKBN23G1GQ offered its hacking services to help clients spy on more than 10,000 email accounts over seven years, including targeting prominent American investors.

BlackBerry – which absorbed antivirus firm Cylance in 2019 – stitched together digital clues left by other researchers over the years to create a picture of a sophisticated group of hackers. BlackBerry also linked the group to mobile phone applications in the Apple and Google app stores. Those apps, which included a fitness tracker and password manager, may have helped the hackers track their targets, the report said.

Apple declined to comment on the record. Two of the apps flagged by Blackberry are no longer in the Apple App Store though. A Google spokesman said all the apps in the Google Play Store mentioned in the report had been removed.

Milam declined to comment on who he thought might be behind Bahamut, but he said he hoped the report would help to sharpen the focus

05
Oct
2020
Posted in technology

Madrona leads $3.9M seed round for cybersecurity compliance startup Strike Graph

Strike Graph co-founders Justin Beals and Brian Bero. (Strike Graph Photo)

Seattle startup Strike Graph raised a $3.9 million seed round led by Madrona Venture Group.

The company, founded less than a year ago and spun out of Madrona Venture Labs, helps companies prepare for the cybersecurity certification process.

Most B2B organizations need to pass cybersecurity audits to ensure their service meets security and privacy standards. Strike Graph says its customers can earn a SOC 2 Type 1 certification in 45 days and save $50,000 in consultant fees thanks to automation and customization features.

The 5-person startup is led by CEO Justin Beals, a veteran of NextStep, Koru, Roundbox Global, and other startups, along with Brian Bero, who previously co-founded Seattle tech stalwart Apptio and recently sold security startup Greytwist to SmartRIA.

The idea for Strike Graph came about after Beals struggled with the SOC 2 process as the CTO of an AI startup getting through procurement. The biggest roadblock to closing deals was the security review process that could take anywhere from six months to two years with one client.

Beals said Strike Graph competes against legacy compliance platforms that have “empty databases” and require outside consultants.

“Some new entrants into the market are overly prescriptive and don’t allow companies flexibility in their security practices,” he added. “Our platform carefully threads the difference so that companies can efficiently adjust Strike Graph to meet their current cybersecurity practices.”

GeekWire previously reported on the company in May. It launched just as the COVID-19 pandemic began in the U.S., though Beals said demand for Strike Graph’s initial pilot offering was high.

“This team is going after a large and significantly growing opportunity to serve a sharp pain point for B2B businesses,” Madrona wrote in a blog post. “Strike Graph defines what we

01
Oct
2020
Posted in technology

Cybersecurity Remains an Investment Priority Despite Overall IT Budget Cuts, Kaspersky Found

According to a new Kaspersky report ‘Investment adjustment: aligning IT budgets with changing security priorities,’ cybersecurity remains a priority for investment among businesses. Its share of IT spending has grown from 23% in 2019 to 26% in 2020 for SMBs, and from 26% to 29% for enterprises. 71% of organizations also expect their cybersecurity budget will increase in the next three years, despite overall IT budgets decreasing in both segments amid the COVID-19 pandemic.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20200930005611/en/

Chart 1: IT security budget as a share of overall IT budget (Graphic: Business Wire)

External conditions and events can influence IT priorities for businesses. As a result of the COVID-19 pandemic, organizations have been forced to adjust plans to meet changing business needs. The report, based on a survey of more than 5,000 IT and cybersecurity practitioners, observes recent IT security economics trends and how they correlate with this year’s events1.

While the overall IT budget has fallen from $1.2m in 2019 to $1.1m in 2020 among SMBs, and from $74.1m to $54.3m for enterprises, the share of IT budget dedicated to IT security continues to grow year-on-year. Decreases in budget are likely due to the consequences of the global coronavirus pandemic, according to Gartner, whose experts also predicted that budgets would decrease earlier this year.

As a result, small and medium businesses allocated $275k to cybersecurity while enterprises invested $14m. According to the survey, the majority of companies are expecting these figures to grow in the next three years by 11% in enterprises and 12% in SMBs, on average. 17% believe it will remain at least the same as this year.

Alternatively, one-in-ten (10%) organizations said they are going to spend less on IT security. Interestingly, the main reason for this

29
Sep
2020
Posted in software

Cybersecurity Software Firm McAfee Files for Nasdaq IPO

(Bloomberg) — Cybersecurity software maker McAfee Corp. has filed to go public, adding to the roster of companies rushing to cash in on a hot market for U.S. initial public offerings.



a sign in front of a building: Signage with logo at the Silicon Valley headquarters of virus removal and cybersecurity company McAfee, Santa Clara, California, August 17, 2017.


© Photographer: Smith Collection/Gado via Getty Images
Signage with logo at the Silicon Valley headquarters of virus removal and cybersecurity company McAfee, Santa Clara, California, August 17, 2017.

The San Jose, California-based company listed the size of the offering as $100 million in a filing Monday with the U.S. Securities and Exchange Commission. The amount is a placeholder that will likely change.

Loading...

Load Error

McAfee’s planned offering is part of a software IPO boom this year. The biggest listing for an operating company on a U.S. exchange is software maker Snowflake Inc., which raised $3.86 billion including so-called greenshoe shares this month.

Software companies account for $12.8 billion of the $102 billion raised this year on U.S. exchanges, according to data compiled by Bloomberg. Shares of those newly public software companies have gained 78% on an weighted average basis, the data show.

Intel, TPG

McAfee was previously a unit of Intel Corp. which bought the software maker in a $7.7 billion deal that closed in 2011.

The chipmaker argued that security was becoming increasingly important to computer users and that integrating security functionality into its processors would add to their value. That high-level justification for the purchase was never translated into practical applications which enhanced Intel’s main business. The unit continued on primarily as a retail software vendor not connected tightly to its parent’s offerings.

In 2016, Intel announced that it had signed a deal to transfer a 51% stake in the business to TPG for $1.1 billion. The transaction valued the spun-off company at $4.2 billion, including debt. TPG and Thoma Bravo are listed as McAfee’s backers in