Ethyca raises $4.2M to simplify GDPR compliance

GDPR, the European data privacy regulations, have been in effect for more than a year, but it’s still a challenge for companies to comply. Ethyca, a New York City startup, has created a solution from the ground up to help customers adhere to the regulations, and today it announced a $4.2 million investment led by IA Ventures and Founder Collective.

Table Management, Sinai Ventures, Cheddar founder Jon Steinberg and Moat co-founder Jonah Goodhart also participated.

At its heart, Ethyca is a data platform that helps companies discover sensitive data, then provides a mechanism for customers to see, edit or delete their data from the system. Finally, the solution enables companies to define who can see particular types of data across the organization to control access. All of these components are designed to help companies comply with GDPR regulations.

ethyca enterprise transaction log

Ethyca enterprise transaction log (Screenshot: Ethyca)

Company co-founder Cillian Kieran says that the automation component is key and should greatly reduce the complexity and cost associated with complying with GDPR rules. From his perspective, current solutions that involve either expensive consultants or solutions that require some manual intervention don’t get companies all the way there.

“These solutions don’t actually solve the issue from an infrastructure point of view. I think that’s the distinction. You can go and use the consultants, or you can use a control panel that tells you what you need to do. But ultimately, at some point you’re either going to have to build or deploy code that fixes some issues, or indeed manually manage or remediate those [issues]. Ethyca is designed for that and takes away those risks because it is managing privacy by design at the infrastructure level,” Kieran explained.

If you’re worried about the privacy of providing information like this to a third-party vendor, Kieran says that his company never actually sees the raw data. “We are a suite of tools that sits between business processes. We don’t capture raw data, We don’t see personal information. We find information based on unique identifiers,” he said.

The company has been around for more than a year, but has been spending its first year developing the solution. He sees this investment as validation of the problem his startup is trying to solve. “I think the investment represents the growing awareness fundamentally from both with the investor community, and also in the tech world, that data privacy as a regulatory constraint is real and will compound itself,” he said.

He also points out that GDPR is really just the tip of the privacy regulation iceberg, with laws in Australia, Brazil and Japan, as well as California and other states in the U.S. due to come online next year. He says his solution has been designed to deal with a variety of privacy frameworks beyond GDPR. If that’s so, his company could be in a good position moving forward.

Airbud raises $4 million to add a voice interface to your website

Amazon’s Alexa ushered in a new dawn of user interfaces, bringing voice into the mix as a viable option. Dozens of companies have sprouted because of this, not least of which being Airbud.io.

Airbud allows any company to add a voice interface to its website. The company just closed a $4 million round led by Hanaco Ventures, with participation from ERA and Spider Capital.

Airbud was co-founded by Israel Krush, Uri Valevski and Rom Cohen after the team saw the growth of voice interfaces and wondered how to capitalize on it.

By allowing companies to add voice/chat bot utility to their websites, Airbud hopes to increase retention of end-users on sites and give them easier access to the information they seek. Krush says that Airbud is focusing on websites that you have to be on, rather than the ones you want to be on.

That means Airbud clients are mostly in the healthcare space and travel space, helping end-users find a physician or book a flight using their voice.

Most importantly, Airbud operates on a plug and play system, meaning that clients don’t have to do the usual heavy lifting involved in creating a chat bot. Most of the time, folks who implement chatbots have to build a conversation tree. Airbud uses existing information scraped from the website, paired with an easy plug-and-play system for clients, to automatically build out a knowledge graph and have conversations with end-users.

Airbud charges based on the number of indexed pages and traffic to those pages.

The company plans to use the funding to increase the size of its team from seven to 15.

Nearly a third of US households don’t have a broadband connection

Over the past several years, many have suggested that broadband internet should be regarded as a public utility, like water or gas. Staying connected has become an essential part of nearly every facet of life, but according to a new report, high-speed connections may not be as prevalent here in the States as you may think.

In its new Rural America and Technology study, NPD notes that 31% of U.S. households don’t have broadband (25Mbps downloads and up) internet connections. The number works out to roughly 100 million per the report. That figure, unsurprisingly, is highly concentrated in rural areas — less than one-fifth of that population has a broadband connection.

While broadband was considered something of a luxury in the not so distant past, it’s grown into an increasingly essential aspect of modern existence, from work to health to entertainment. The concentration of access to the technology in urban versus rural areas has been a major aspect in what analysts have referred to as the “digital divide.” Rural areas make up nearly 97% of the total U.S. land.

On the upside, the report suggests that 5G could have a profound impact on those numbers. “The roll out of 5G will have a significant impact in rural America, disrupting the limited broadband carrier market and delivering broadband to many households that have not previously had access,” NPD’s Eddie Hold said in a statement released with the report. “This will inevitably provide an opportunity for manufacturers and retailers to reach new consumers with advanced devices.”

Given the speed and spottiness with which the technology has been rolled out thus far, however, coupled with the high prices of first-generation handsets, it will likely take several years before that comes to pass.

CrunchMatch simplifies networking at TC Sessions: Enterprise 2019

Get ready to experience world-class networking TechCrunch-style at TC Sessions: Enterprise 2019. On September 5, more than 1,000 of the top enterprise software minds and makers, movers and shakers will descend on San Francisco’s Yerba Buena Center for the Arts. It’s a day-long conference featuring distinguished speakers, panel discussions, demos and workshops.

It’s also a prime opportunity to connect and build relationships with enterprise software founders, technologists and investors. Make the most of that opportunity by using CrunchMatch, our free business match-making service.

The automated platform lets you find people based on specific mutual business criteria, goals and interests. It helps you sift through the noise and make the most of your valuable time. After all, connecting with the right people produces better results.

Here’s how CrunchMatch (powered by Brella) works. When CrunchMatch goes live — several weeks before the main event — we’ll email a sign-up link to all ticket holders. You’ll be able to access the platform and create a profile with your specific details — your role (technologist, founder, investor, etc.) and a description of the types of people you want to connect with at the event.

CrunchMatch works its algorithmic magic and suggests meetings, which you can then vet, approve and schedule or decline. It’s an efficient and productive way to network. Take a look at how CrunchMatch helped Yoolox increase distribution.

All that time-saving efficiency will free you up to enjoy more of the presentations and hear from speakers like the renowned founder, investor, AI expert and Stanford professor, Andrew Ng. You won’t want to miss his take on how AI will transform the enterprise world — like nothing else since the cloud and SaaS. And that’s just a taste of what you can expect.

If you haven’t already done so, buy your tickets now and save $100 before the prices go up on August 9. Early-bird tickets cost $249 and student tickets sell for $75. Buy 4+ tickets to get the group rate and save another 20%.

ROI tip: For every ticket you buy to TC Sessions: Enterprise, we’ll register you for a free Expo-only pass to TechCrunch Disrupt SF 2019.

We can’t wait to see you at TC Sessions: Enterprise 2019 in San Francisco on September 5. Join your community, explore the top enterprise trends and companies and make productive connections with the influential people who can help you reach your goals. Buy your ticket today.

Interested in sponsoring TC Sessions: Enterprise? Fill out this form and a member of our sales team will contact you.

The Unsexy Threat to Election Security

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.

California has a civil grand jury system designed to serve as an independent oversight of local government functions, and each county impanels jurors to perform this service annually. On Wednesday, a grand jury from San Mateo County in northern California released a report which envisions the havoc that might be wrought on the election process if malicious hackers were able to hijack social media and/or email accounts and disseminate false voting instructions or phony election results.

“Imagine that a hacker hijacks one of the County’s official social media accounts and uses it to report false results on election night and that local news outlets then redistribute those fraudulent election results to the public,” the report reads.

“Such a scenario could cause great confusion and erode public confidence in our elections, even if the vote itself is actually secure,” the report continues. “Alternatively, imagine that a hacker hijacks the County’s elections website before an election and circulates false voting instructions designed to frustrate the efforts of some voters to participate in the election. In that case, the interference could affect the election outcome, or at least call the results into question.”

In San Mateo County, the office of the Assessor-County Clerk-Recorder and Elections (ACRE) is responsible for carrying out elections and announcing local results. The ACRE sends election information to some 43,000 registered voters who’ve subscribed to receive sample ballots and voter information, and its Web site publishes voter eligibility information along with instructions on how and where to cast ballots.

The report notes that concerns about the security of these channels is hardly theoretical: In 2010, intruders hijacked ACRE’s election results Web page, and in 2016, cyber thieves successfully breached several county employee email accounts in a spear-phishing attack.

In the wake of the 2016 attack, San Mateo County instituted two-factor authentication for its email accounts — requiring each user to log in with a password and a one-time code sent via text message to their mobile device. However, the county uses its own Twitter, Facebook, Instagram and YouTube accounts to share election information, and these accounts are not currently secured by two-factor authentication, the report found.

“The Grand Jury finds that the security protections against hijacking of ACRE’s website, email, and social media accounts are not adequate to protect against the current cyber threats. These vulnerabilities expose the public to potential disinformation by hackers who could hijack an ACRE online communication platform to mislead voters before an election or sow confusion afterward. Public confidence is at stake, even if the vote itself is secure.”

The jury recommended the county take full advantage of the most secure two-factor authentication now offered by all of these social media platforms: The use of a FIDO physical security key, a small hardware device which allows the user to complete the login process simply by inserting the USB device and pressing a button. The key works without the need for any special software drivers [full disclosure: Yubico, a major manufacturer of security keys, is currently an advertiser on this site.]

Additionally, the report urges election officials to migrate away from one-time codes sent via text message, as these can be intercepted via man-in-the-middle (MitM) and SIM-swapping attacks.  MitM attacks use counterfeit login pages to steal credentials and one-time codes.

An unauthorized SIM swap is an increasingly rampant form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target’s phone number and diverting all texts and phone calls to the attacker’s mobile device.

Samy Tarazi is a sergeant with the sheriff’s office in nearby Santa Clara County and a supervisor with the REACT Task Force, a team of law enforcement officers that has been tracking down individuals perpetrating SIM swapping attacks. Tarazi said he fully expects SIM swapping to emerge as a real threat to state and local election workers, as well as to staff and volunteers working for candidates.

“I wouldn’t be surprised if some major candidate or their staff has an email or social media account with tons of important stuff on there [whose password] can be reset with just a text message,” Tarazi told KrebsOnSecurity. “I hope that doesn’t happen, but politicians are regular people who use the same tools we use.”

A copy of the San Mateo County grand jury report is available here (PDF).

7 Ways Hackers Steal Your Passwords

One way or another, passwords are always in the news. They’re either being stolen in data breaches, or mocked for being too simple; derided as pointless, or lamented for being technologically backward. No matter what opinion any of us have on passwords, though, one thing is indisputable: we’re going to be using them today, tomorrow and for the forseeable future. Unlike touch or facial recognition technologies, passwords are used everywhere because they’re cheap to implement and simple to use. For end users, they are as low-tech as security tech ever gets. Of course, that ubiquity and simplicity is precisely what makes passwords attractive to thieves. In this post, we take a look at how hackers steal our passwords and what we can do to stop them.

1. Credential Stuffing

Risk Level: High

It is estimated that tens of millions of accounts are tested daily by hackers using credential stuffing.

What Is It?

Credential stuffing, also known as list cleaning and breach replay, is a means of testing databases or lists of stolen credentials – i.e., passwords and user names – against multiple accounts to see if there’s a match.

How Does It Work?

Sites with poor security are breached on a regular basis, and thieves actively target dumping user credentials from such sites so that they can sell them on the dark net or underground forums. As many users will use the same password across different sites, criminals have a statistically good chance of finding that user janedoe@somesite.net has used the same password on janedoe@anothersite.com. Tools to automate the testing of a list of stolen credentials across multiple sites allow hackers to quickly breach new accounts even on sites that practice good security and password hygiene.

How Can You Stay Safe?

The key to not becoming a victim of credential stuffing is simple: every password for every site should be unique. Of course, that won’t prevent your password being stolen for one account on a site with poor security, but it does mean that any one compromise of your credentials will not affect you anywhere else on the internet. If you’re gasping at the thought of creating and remembering unique passwords for every site you use, see our Tips section near the end of the post.

2. Phishing

Risk Level: High

Over 70% of all cybercrimes begin with a phishing or spear-phishing attack. Hackers love to use phishing techniques to steal user credentials, either for their own use, or more commonly to sell to criminals on the dark net.

What Is It?

Phishing is a social engineering trick which attempts to trick users into supplying their credentials to what they believe is a genuine request from a legitimate site or vendor.

How Does It Work?

Typically, but not always, phishing occurs through emails that either contain fraudulent links to cloned websites or a malicious attachment. Somewhere along the chain of events that begins with the user taking the bait, the fraudsters will present a fake login form to steal the user’s login name and password. Fraudsters will also use some form of interception between a user and a genuine sign-in page, such as a man-in-the-middle attack to steal credentials.

How Can You Stay Safe?

Use 2-factor or multi-factor authentication. Although researchers have developed tricks to overcome these, in the wild cases are yet to be reported. Caution is your number one defense against phishing. Ignore requests to sign in to services from email links, and always go directly to the vendor’s site in your browser. Check emails that contain attachments carefully. The majority of phishing emails contain misspellings or other errors that are not difficult to find if you take a moment to inspect the message carefully.

A fake Spotify phishing subscription confirmation from the app store

3. Password Spraying

Risk Level: High

It’s been estimated that perhaps 16% of attacks on passwords come from password spraying attacks.

What Is It?

Password spraying is a technique that attempts to use a list of commonly used passwords against a user account name, such as 123456, password123, 1qaz2wsx, letmein, batman and others.

How Does It Work?

Somewhat like credential stuffing, the basic idea behind password spraying it to take a list of user accounts and test them against a list of passwords. The difference is that with credential stuffing, the passwords are all known passwords for particular users. Password spraying is more blunt. The fraudster has a list of usernames, but no idea of the actual password. Instead, each username is tested against a list of the most commonly used passwords. This may be the top 5, 10 or 100, depending on how much time and resources the attacker has. Most sites will detect repeated password attempts from the same IP, so the attacker needs to use multiple IPs to extend the number of passwords they can try before being detected.

How Can You Stay Safe?

Ensure your password is not in the list of top 100 most commonly used passwords.

Top 5 popular passwords by year according to SplashData

4. Keylogging

Risk Level: Medium

Keylogging is often a technique used in targeted attacks, in which the hacker either knows the victim (spouse, colleague, relative) or is particularly interested in the victim (corporate or nation state espionage).

What Is It?

Keyloggers record the strokes you type on the keyboard and can be a particularly effective means of obtaining credentials for things like online bank accounts, crypto wallets and other logins with secure forms.

How Does It Work?

Keylogging is more difficult to pull off than Credential Stuffing, Phishing and Password Spraying because it first requires access to, or compromise of, the victim’s machine with keylogging malware. That said, there are lots of publicly available post-exploitation kits that offer attackers off-the-shelf keyloggers, as well as commercial spyware tools supposedly for parental or employee monitoring.

How Can You Stay Safe?

You need to be running a good security solution that can detect keylogging infections and activity. This is one of the few kinds of password theft techniques where the strength or uniqueness of your password really makes no difference. What counts is how well your endpoint is secured against infection, and whether your security software can also detect malicious activity if the malware finds a way past its protection features.

5. Brute Force

Risk Level: Low

Surprisingly not as prevalent as people tend to think, brute forcing passwords is difficult, time-consuming and expensive for criminals.

What Is It?

It’s the kind of thing that security researchers like to write about, or which you might see in TV shows: a hacker runs an algorithm against an encrypted password and in 3…2…1… the algorithm cracks the password and reveals it in plain text.

How Does It Work?

There are plenty of tools like “Aircrack-ng”, “John The Ripper”, and “DaveGrohl” that attempt to brute force passwords. There’s generally two kinds of cracking available. The first is some form of “dictionary” attack – so called because the attacker just tries every word in the dictionary as the password. Programs like those mentioned above can run through and test an entire dictionary in a matter of seconds. The other type of technique is used when the hacker has (through means of a data breach) acquired the hash of the plain-text password. Since these can’t be reversed, the aim is to hash as many plain-text passwords as possible and try to find a match. Rainbow tables exist which list the hashes of common passphrases to speed up this process.

One of the reasons why password cracking is not as viable a technique as some of the others we’ve mentioned is that encrypted passwords typically use a salt. This is some random data used in the encryption process that ensures no two plain-text passwords will produce the same hash. However, mistakes made by site administrators when using or storing salts and passwords can make it possible for some encrypted passwords to be cracked.

How Can You Stay Safe?

The key to staying safe from brute force attacks is to ensure you use passwords of sufficient length. Anything 16 characters or over should be sufficient given current technology, but ideally future-proof yourself by using a passphrase that is as long as the maximum allowed by the service that you’re signing up to. Avoid using any service that doesn’t let you create a password longer than 8 or 10 characters. Worried about how you’d remember a super long password? See the Tips section below.

6. Local Discovery

Risk Level: Low

Mostly a technique that would only be used in a targeted attack, either by a known acquaintance, relative, colleague or law enforcement.

What Is It?

Local discovery occurs when you write down or use your password somewhere where it can be seen in plain text. The attacker finds the password and uses it, often without your knowledge that the password has been leaked.

How Does It Work?

You’ve seen those movies where the cops go through the bad guy’s trash for clues as to what he’s been up to? Yep, dumpster diving is one valid way of gaining a password through local discovery. Do you have a Post-It note on the monitor, or a diary in the desk drawer with your Paypal credentials? There are more covert means of local discovery though, including sniffing bluetooth communications or finding plain text passwords in logs or urls. Shoulder-surfing is not unknown, too. That can be anything from a colleague surreptitiously hanging around behind your desk when you login, to CCTV in coffee shops and other public areas that could capture video of users as they type their login credentials into a website on their laptops.

How Can You Stay Safe?

There’s no need to be paranoid, but do exercise the proper amount of caution. While the risk is low in general, if you make yourself the low-hanging fruit by leaving easily discoverable records of your password lying around, don’t be surprised if someone takes advantage of that.

7. Extortion

Risk Level: Low

Probably lowest on the risk scale, but not unheard of.

What Is It?

Somebody demands you give them your credentials. No subtefuge involved. The deal is you give up your password or they do something you won’t like.

How Does It Work?

Straightforward blackmail technique that depends on the nature of the relationship between the attacker and the target. Someone may demand your password if they have the means to harm or embarrass you if you don’t comply, such as revealing sensitive information, images or videos about you, or threatening the physical safety of yourself or your loved ones. RAT malware that lets hackers spy on you through a web or video cam can expose you to this kind of extortion.

image of remote access trojan malware

How Can You Stay Safe?

As ransomware victims are finding out on an almost daily basis, there’s no rule book for how to deal with extortion demands. It’s a trade off between the value of what they want versus the value of the harm they could do. Be aware that in some jurisdictions and in certain circumstances, giving in to an extortion demand could make you liable to prosecution under the law.

Do Passwords Matter?

Some think not, but yes they do. Strong passwords will protect your from techniques like password spraying and brute force attacks, while unique passwords will protect your from credential stuffing, ensuring that the damage caused by a leak on one site will not negatively impact you elsewhere.

Tips For Creating Strong, Unique Passwords

One of the main reasons why Credential Stuffing and Password Spraying are so successful is because people don’t like creating and remembering complex passwords. The good news – which really shouldn’t be news as it’s been true for quite some time – is that password managers will save you the effort. These are readily available and some browsers even have password suggestions built in. Of course, it’s true that these are not foolproof. They typically rely on a master password that, if compromised, exposes all the eggs in your single basket. However, the chances of being a victim of password theft if you use a password manager are significantly lower compared to if you don’t. We suggest the benefits of password managers hugely outweigh the risks, and we highly recommend them as a basic Security 101 practice.

image of a password manager

Conclusion

Passwords aren’t going away any time soon, and there’s even good arguments to suggest that they shouldn’t. While biometric data, facial and fingerprint scanning all have a role in helping secure access to services, the one over-riding beauty of a password is it’s the “something you know” and not the “something you have”. The latter can be taken away from you, in some cases legally, but the former cannot, so long as you ensure that it’s sufficiently complex, unique and secret. Combine that with two-factor or multi-factor authentication and your chances of suffering data loss through password hacking are both extremely low and – importantly – highly limited. If an insecure site does leak your credentials, you can be confident that it won’t affect you beyond that particular service.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Revolut tweaks business accounts with new pricing structure

Fintech startup Revolut announced changes to its business accounts this week. The good news is that if you were thinking about trying Revolut for your business needs, it’s now cheaper to get started. But there are some limits.

While Revolut is better known for its regular consumer accounts that let you receive, send and spend money all around the world, the company has been offering launched business accounts for a couple of years.

The main advantage of Revolut for Business is that you can hold multiple currencies. If you work with clients or suppliers in other countries, you can exchange money and send it to your partners directly from Revolut’s interface.

The company also lets you issue prepaid corporate cards and track expenses. Revolut for Business also has an API so you can automate payments and connect with third-party services, such as Xero, Slack and Zapier.

None of this is changing today. Revolut is mostly tweaking the pricing structure.

Previously, you had to pay £25 per month to access the service with a £100,000 top-up limit per month. Bigger companies had to pay more to raise that ceiling.

Now, Revolut is moving a bit more toward a software-as-a-service approach. Instead of making you pay more to receive and hold more money, you pay more as your team gets bigger and you use Revolut for Business more intensively.

The basic plan is free with two team members, five free local transfers per month and 0.4% in foreign exchange fees. If you want to add more team members or initiate more transfers, you pay some small fees.

If you were paying £25 before, you can now top up as much money as you want in your Revolut account, but there are some limits when it comes to team members (10), local transfers (100 per month) and international transfers (10 per month, interbank exchange rate up to £10,000).

Once again, going over the limits doesn’t necessarily mean that you need to change to a new plan. You’ll pay £0.20 per extra local transfer, £3 per extra international transfer, etc.

Here’s a full breakdown of the new plans:

Screen Shot 2019 07 24 at 7.35.45 PM

If you’re a freelancer, there’s now a free plan. You’ll pay 0.4% on foreign exchange and £3 per international transfer, but there’s no top-up limit anymore.

Similarly, the old £7 plan for freelancers has been replaced by a new £7 plan that removes the limit on inbound transfers but adds some limits on transfers.

It’s good news if you’re a small customer. But if you vastly exceed the transfer limit in one of the categories, you might pay more than before. With this change, the company wanted to make Revolut for Business more accessible instead of making small customers subsidize bigger customers with high entry pricing.

Existing customers can switch to a new plan starting today. Revolut plans to switch everyone to the new plans on October 1st, 2019.

Revolut for Business 2

Alibaba to help Salesforce localize and sell in China

Salesforce, the 20-year-old leader in customer relationship management (CRM) tools, is making a foray into Asia by working with one of the country’s largest tech firms, Alibaba.

Alibaba will be the exclusive provider of Salesforce to enterprise customers in mainland China, Hong Kong, Macau, and Taiwan, and Salesforce will become the exclusive enterprise CRM software suite sold by Alibaba, the companies announced on Thursday.

The Chinese internet has for years been dominated by consumer-facing services such as Tencent’s WeChat messenger and Alibaba’s Taobao marketplace, but enterprise software is starting to garner strong interest from businesses and investors. Workflow automation startup Laiye, for example, recently closed a $35 million funding round led by Cathay Innovation, a growth-stage fund that believes “enterprise software is about to grow rapidly” in China.

The partners have something to gain from each other. Alibaba does not have a Salesforce equivalent serving the raft of small-and-medium businesses selling through its e-commerce marketplaces or using its cloud computing services, so the alliance with the American cloud behemoth will fill that gap.

On the other hand, Salesforce will gain sales avenues in China through Alibaba, whose cloud infrastructure and data platform will help the American firm “offer localized solutions and better serve its multinational customers,” said Ken Shen, vice president of Alibaba Cloud Intelligence, in a statement.

“More and more of our multinational customers are asking us to support them wherever they do business around the world. That’s why today Salesforce announced a strategic partnership with Alibaba,” said Salesforce in a statement.

Overall, only about 10% of Salesforce revenues in the three months ended April 30 originated from Asia, compared to 20% from Europe and 70% from the Americas.

Besides gaining client acquisition channels, the tie-up also enables Salesforce to store its China-based data at Alibaba Cloud. China requires all overseas companies to work with a domestic firm in processing and storing data sourced from Chinese users.

“The partnership ensures that customers of Salesforce that have operations in the Greater China area will have exclusive access to a locally-hosted version of Salesforce from Alibaba Cloud, who understands local business, culture and regulations,” an Alibaba spokesperson told TechCrunch.

Cloud has been an important growth vertical at Alibaba and nabbing a heavyweight ally will only strengthen its foothold as China’s biggest cloud service provider. Salesforce made some headway in Asia last December when it set up a $100 million fund to invest in Japanese enterprise startups and the latest partnership with Alibaba will see the San Francisco-based firm actually go after customers in Asia.

Neo-Nazi SWATters Target Dozens of Journalists

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire, and has claimed responsibility for dozens of bomb threats and “swatting” incidents, where police are tricked into visiting potentially deadly force on the target’s address.

At issue is a site called the “Doxbin,” which hosts the names, addresses, phone number and often known IP addresses, Social Security numbers, dates of birth and other sensitive information on hundreds of people — and in some cases the personal information of the target’s friends and family.

A significant number of the 400+ entries on the Doxbin are for journalists (32 at last count, including Yours Truly), although the curators of Doxbin have targeted everyone from federal judges to executives at major corporations. In January 2019, the group behind Doxbin claimed responsibility for doxing and swatting a top Facebook executive.

At least two of the journalists listed on the Doxbin have been swatted in the past six months, including Pulitzer prize winning columnist Leonard G. Pitts Jr.

In some cases, as in the entries for reporters from CNN, Politico, ProPublica and Vox, no reason is mentioned for their inclusion. But in many others, the explanation seems connected to stories the journalist has published dealing with race or the anti-fascist (antifa) movement.

“Anti-white race/politics writer,” reads the note next to Pitts’ entry in the Doxbin.

Many of those listed on the site soon find themselves on the receiving end of extended threats and harassment. Carey Holzman, a computer technician who runs a Youtube channel on repairing and modding computers, was swatted in January, at about the same time his personal information showed up on the Doxbin.

More recently, his tormentors started calling his mobile phone at all hours of the night, threatening to hire a hit man to kill him. They even promised to have drugs ordered off the Dark Web and sent to his home, as part of a plan to get him arrested for drug possession.

“They said they were going to send me three grams of cocaine,” Holzman told KrebsOnSecurity.

Sure enough, earlier this month a small vial of white powder arrived via the U.S. Postal Service. Holzman said he didn’t open the vial, but instead handed it over to the local police for testing.

On the bright side, Holzman said, he is now on a first-name basis with some of the local police, which isn’t a bad idea for anyone who is being threatened with swatting attacks.

“When I told one officer who came out to my house that they threatened to send me drugs, he said ‘Okay, well just let me know when the cocaine arrives,’” Holzman recalled. “It was pretty funny because the other responding officer approached us and only caught the last thing his partner said, and suddenly looked at the other officer with deadly seriousness.”

The Doxbin is tied to an open IRC chat channel in which the core members discuss alt-right and racist tropes, doxing and swatting people, and posting videos or audio news recordings of their attacks.

The individual who appears to maintain the Doxbin is a fixture of this IRC channel, and he’s stated that he also was responsible for maintaining SiegeCulture, a white supremacist Web site that glorifies the writings of neo-Nazi James Mason.

Mason’s various written works call on followers to start a violent race war in the United States. Those works have become the de facto bible for the Atomwaffen Division, an extremist group whose members are suspected of having committed multiple murders in the U.S. since 2017.

Courtney Radsch, advocacy director at the nonprofit Committee to Protect Journalists, said lists that single out journalists for harassment unfortunately are not uncommon.

“We saw in the Ukraine, for example, there were lists of journalists compiled that led to harassment and threats against reporters there,” Radsch said. “We saw it in Malta where there were reports that the prime minister was part of a secret Facebook group used to coordinate harassment campaigns against a journalist who was later murdered. And we’ve seen the American government — the Customs and Border Protection — compiling lists of reporters and activists who’ve been singled out for questioning.”

Radsch said when CPJ became aware that the personal information of several journalists were listed on a doxing site, they reached out and provided information on relevant safety resources.

“It does seem that some of these campaigns by extremist groups are being coordinated in secret chat groups or dark web forums, where they can talk about the messaging before they bring it out into the public sphere,” she said.

In some ways, the Doxbin represents a far more extreme version of Exposed[.]su, a site erected briefly in 2013 by a gang of online hoodlums that doxed and swatted celebrities and public figures. The core members of that group were later arrested and charged with various crimes — including numerous swatting attacks.

One of the men in that group — convicted serial swatter and stalker Mir Islam — was arrested last year in the Philippines and charged with murder after he and an associate allegedly dumped the body of a friend in a local river.

Swatting attacks can quickly turn deadly. In March 2019, 26-year-old serial swatter Tyler Barriss was sentenced to 20 years in prison for making a phony emergency call to police in late 2017 that led to the shooting death of an innocent Kansas resident.

My hope is that law enforcement officials can shut down this Doxbin gang before someone else gets killed.

Once Again, SentinelOne Recognized on CRN’s 2019 Emerging Vendors List

As one of the youngest next-generation endpoint security vendors, SentinelOne has well over 2,500 customers, 300% growth year-on-year, 217% YoY growth in ARR, 140% YoY growth in Fortune 500 bookings and 3 of the Fortune 10 sold and deployed over the past 12 months. But we won’t stop there…

We are pleased to announce that CRN® has named SentinelOne to its 2019 Emerging Vendors list in the security category. CRN’s 2019 Emerging Vendors list recognizes new, rapidly growing vendors that are making significant IT channel contributions. It honors groundbreaking vendors that provide sophisticated technology to drive channel growth — and remain committed to ongoing innovation to shape the channel for years to come. 

SentinelOne operates in a rapidly changing environment, where cybercriminals are constantly enhancing their capabilities and are still successfully compromising too many enterprises. To meet these challenges, more and more organizations are realizing traditional solutions cannot cope with such emerging risks. SentinelOne solves this problem for the enterprise by providing next-generation protection to all endpoint types (Windows, macOS, and Linux) and visibility across your assets, including IoT devices, cloud workloads, and servers, which represents a new and lucrative attack vector.

We are experiencing 70%+ proof of concept win rates across all next-gen and legacy AV vendors on a global scale. We also recently announced in June that we raised $120 million in Series D funding led by Insight Partners, with participation from Samsung Venture Investment Corporation, NextEquity, and previous investors, bringing our total funding to more than $230M.

We are continuing to actively defend enterprise attack surfaces using the cloud, allowing enterprises to gain unprecedented visibility across their network with data from each endpoint. The end result is our solution for today and tomorrow’s attacks and rich data visibility that was never possible before – all thanks to the cloud.

This award underscores our overall strategy and focuses on innovation in cybersecurity product development, as well as a strong commitment to delivering disruptive endpoint security offering through a vibrant channel of solution providers. 

The Emerging Vendors list will be featured in the August 2019 issue of CRN Magazine and online at www.CRN.com/EmergingVendors