Box adds automated malware detection to Box Shield security product

With more folks working at home than ever, and many on machines outside the purview of IT and security teams, it’s becoming increasingly imperative to find creative ways to protect them from harm. Today, Box announced it was adding automated malware detection tools to Box Shield, the security product it announced last year.

Aaron Levie, CEO at Box, says that it’s important to find new ways of thinking about security, especially with millions of people suddenly working at home using cloud solutions.

“As people have begun working from home in greater numbers, you’re seeing an increase in malware and phishing attacks. [Bad actors] are starting to spread these security vulnerabilities in a much more aggressive manner, and so we’re launching Box Shield with malware protection built-in with advanced tools and policies around that malware detection,” he said.

The company is taking a three-pronged approach with this solution. For starters, it will let users view a file without actually having to download it first, while indicating if there is a risk associated with it. Next, it will actually prevent users from downloading a file with malware attached. Lastly, it will alert the security team when a file with malware has been uploaded to Box.

The idea is to keep the file from infecting whatever device employees are working on, alerting end users when there is a problem, while letting them see the content of the file gives them all the information they need to know if the file is actually legitimate in the first place.

It’s so much easier right now to be spreading this kind of malicious package with people working from home and sharing files at a far greater rate than ever before. This new feature is designed to give everyone in the loop, from the end user to the IT security team, some confidence that they can know when files are infected or not and keep them from proliferating inside of Box.

Mozilla names long-time chairwoman Mitchell Baker as CEO

Mozilla Corporation announced today that it has chosen long-time chairwoman Mitchell Baker to be CEO, replacing Chris Beard, who announced last August he would be stepping down at the end of the year.

Baker represents a logical choice to lead the company. At a time of great turmoil in the world at large, she brings the stability of someone who has been with Mozilla Corporation since 2003. Writing in a company blog post, she certainly recognized the challenges ahead, navigating the current economic uncertainty and the competitive challenges the company faces with its flagship Firefox browser.

“It’s a time of challenge on many levels, there’s no question about that. Mozilla’s flagship product remains excellent, but the competition is stiff. The increasing vertical integration of internet experience remains a deep challenge. It’s also a time of need, and of opportunity. Increasingly, numbers of people recognize that the internet needs attention,” Baker wrote.

Baker has been acting as interim CEO since December when Beard officially left the company. In a blog post from the board announcing Baker’s official new title, they certainly recognized that it would take someone with her unique combination of skills and experience to guide the company through this next phase.

“Mitchell’s deep understanding of Mozilla’s existing businesses gives her the ability to provide direction and support to drive this important work forward,” they wrote. Adding, “And her leadership style grounded in openness and honesty is helping the organization navigate through the uncertainty that COVID-19 has created for Mozillians at work and at home.”

Mozilla Corporation was founded in 1998 and is best known for its flagship, open-source Firefox browser. The company faces stiff competition in the browser market from Google, Apple and Microsoft.

Talking venture, B2B and thesis-driven investment with Work-Bench’s Jon Lehr

Earlier this week, the Equity crew caught up with Work-Bench investor Jon Lehr to get his take on the current market, and how his firm goes about making investment decisions.

The conversation was a treat, so we cut a piece of it off for everyone to listen to. The full audio and a loose transcript are also available after the jump.

What did Danny and Alex learn while talking to Lehr? A few things, including what Seed II-level investments need these days to be attractive (Hint: It’s not a raw ARR threshold), and what’s going on in SaaS today (deals slowing, but not for select founders; relationships are key to doing deals today), and why being a VC is actually work.

But what stood out the most was how Lehr thinks about finding investment opportunities. While some VCs like to cultivate images of being gut-investors, cutting checks based on first meetings and the like, Lehr told TechCrunch about how he researches the market to find pain-points, and then the startups that might solve those issues.

You can listen to that bit of the chat in the clip below:

Extra Crunch subscribers, the rest of the goodies are below. (A big thanks to Danny for cleaning up the written transcript.)

The audio

HubSpot unveils new content management system aimed at marketers

HubSpot, the Boston-based inbound marketing firm, announced today it is launching a standalone content management system designed to make it easy for marketing personnel to add and update content.

While content management, in a sense, has been core to HubSpot from the beginning — many companies use their blogging platform, for example — the company built this one from the ground up for marketers, says chief marketing officer Kipp Bodnar.

“For me, the marketer owning the website is one of the most thankless jobs you have. There’s a lot of pain associated with it. Your CEO asks you to update a bio or your legal team needs a new terms of service. Everybody’s coming at you from everywhere and the actual management of websites has just a huge amount of pain associated with it,” he said.

Angela DeFranco, the company’s director of product management, says that HubSpot wanted to address that problem with a product designed specifically for the marketing team. “We wanted to build a content management system and a suite of tools that could stand on its own and take away the pain of content management, not only from the marketer but also from the developer and the people that help the site run,” she said.

The product is built on the notion of themes that allow the marketer and developer helping to build the site to get the look and feel they want, while balancing what De Franco calls “the paradox between powerful and easy-to-use.”

It allows developers to use the languages they want to build the site, while taking advantage of the HubSpot CMS’s modular structure. At the same time, the modules give marketers a friendly interface to make frequent changes required in a modern website.

“When you actually get into the editor and you’re dragging in, for example, your event registration theme module, it inherits the styling and the characteristic, the look and feel of that theme overall that the developers had set up and custom built for your team,” she said.

“The theme module is really the crux of how we were able to achieve some of these more complex functionality features and power, while also allowing that with drag-and-drop ease of use to build a full site as a marketer,” DeFranco added.

HubSpot was founded in 2006. It raised over $100 million, according to Crunchbase data, before going public in 2014.

Cloud Foundry Foundation executive director Abby Kearns steps down to pursue a new executive role elsewhere

The Cloud Foundry Foundation (CFF), the home of the Cloud Foundry open-source developer platform, today announced that its executive director Abby Kearns is stepping down from her role to pursue an executive role elsewhere.

If you’ve followed the development of the CFF for a while, it won’t come as a surprise that its current CTO, Chip Childers, is stepping into the executive director role. For the last few years, Kearns and Childers shared duties hosting the foundation’s bi-annual conferences and were essentially the public faces of the organization.

Both Kearns and Childers stepped into their roles in 2016 after CFF founding CEO Sam Ramji departed the organization for a role at Google . Before joining the Cloud Foundry Foundation, Kearns worked on Pivotal Cloud Foundry and spent over eight years as head of product management for integration services at Verizon (which, full disclosure, is also the corporate parent of TechCrunch).

Today, according to its own data, the Linux Foundation-based Cloud Foundry project is used by more than half the Fortune 500 enterprises. And while some use the open-source code to run and manage their own Cloud Foundry platforms, most work with a partner like the now VMware-owned Pivotal.

“I am tremendously proud of Cloud Foundry and of the Foundation we have all built together,” said Kearns in today’s announcement. “Cloud Foundry offers the premier developer experience for the cloud native landscape and has seen massive adoption in the enterprise. It also has one of the strongest, kindest, most diverse communities (and staff) in open source. I leave the organization in the best hands possible. Chip was the first Foundation staff member and has served as CTO for more than four years. There is literally nobody else in the world more qualified for this job.”

During her role as executive director, Kearns helped shepherd the project through a number of changes. The most important of those was surely the rise of Kubernetes and containers in general, which quickly changed the DevOps landscape. Unlike other organizations, the CFF adapted to these changing times and started integrating these new technologies. Over the course of the last two years, the Cloud Foundry community started to deeply integrate these cloud-native technologies into its own platform, despite the fact that the community had already built its own container orchestration system in the past.

As Childers told me last year, though, the point of Cloud Foundry isn’t any specific technology, though. Instead, it’s about the developer experience. Ideally, the developers who use it don’t have to care about the underlying infrastructure and can simply integrate it into their DevOps workflow. With a lot of the recent technical changes behind it,

“We as a Foundation are turning the page to a new chapter; raising the profiles of our technical contributors, highlighting the community’s accomplishments and redefining the Cloud Foundry platform as the best Kubernetes experience for enterprise developers,” said Childers today. “Abby has done a tremendous job leading the Foundation through a period of massive growth and upheaval in the cloud native world. Her leadership was instrumental in building Cloud Foundry as a leading cloud development tool.”

As the CFF also today announced, Paul Fazzone, SVP Tanzu R&D at VMware, has been named Chairman of the Board of Directors, where he replaces Dell EMC global CTO John Roese.

“This next chapter for Cloud Foundry will be a shift forward in focusing on evolving the technology to a Kubernetes-based platform and supporting the diverse set of contributors who will make that outcome possible,” said Fazzone. “In my new role as Chairman of the Board, I look forward to helping guide the Foundation toward its goal of expanding and bolstering the ecosystem, its community and its core of users.”

WorkClout shifts focus to manufacturing performance support and raises $2.3M seed

WorkClout, a graduate of the Y Combinator Winter 2019 cohort, announced today that it has shifted its focus from manufacturing automation to manufacturing performance support and has raised a $2.3 million seed round.

The funding was led by Spider Capital with participation from Y Combinator, Liquid 2, Soma Capital, Pioneer Fund, Mehta Ventures and several individual investors.

When the company launched last year, it was looking at helping customers drive operational efficiency in their processes, but WorkClout founder and CEO Arjun Patel says they were seeing that there was a ceiling in terms of how much efficiency they could squeeze out of work processes using software.

At that point, Patel decided to take a step back and do some research to figure out how WorkClout could best help manufacturing customers with its software-based solutions. After surveying 124 manufacturers, he says that he realized that these companies really needed help training front-line workers, an area he says is called performance support.

“We found that most of the companies were saying that employees are the biggest challenge that they have to face in terms of how to engage them better or how to empower them better, because ultimately they realize people, even if there is automation, are still the driving force for a lot of sectors,” Patel told TechCrunch.

Towards the end of last year, the company built a new tool to help customers train employees for complex front-line tasks. The workers might have a phone or tablet, which shows them how to complete each task, and gives them feedback as they move through a set of tasks. It also enables these workers to communicate with one another and with management about issues they are seeing on the line. Managers can monitor communication and see how workers are doing on a back-end system in the office.

“We gave them the ability to allow employees to capture and share critical information in real time on the factory floor, where the goal is to actually create standardized multimedia and training content for machines, processes and stations, allowing new and existing employees to get better insight into their work, and at the same time, allowing employees to communicate better about problems on the floor and reduce downtime,” he explained.

Patel recognizes that this is a difficult time to pivot, but says he believes it puts the company in a better position to succeed in the long term. He has cut the team from nine to five employees in an effort to run lean for the short term.

He hopes to begin hiring again in the fourth quarter this year or, at the latest, by Q1 next year. He plans to use that time to build out the product and prepare for a big go-to market push whenever the economy begins to rebound.

He sees this money giving him a long runway of 2.5 years with the company’s current burn and revenue rates, and that should give him enough time to wait out the current economic downturn.

Continuous delivery pioneer CircleCI scores $100M Series E

CircleCI, an early adherent to the notion of continuous delivery when it launched in 2011, announced a $100 million Series E investment today. It comes on top of a $56 million round last July.

The round was led by IVP and Sapphire Ventures . Under the terms of the deal, Cack Wilhelm will be joining the CircleCI board. Jai Das from Sapphire will also be joining the board as an observer.

Today’s investment brings the total raised to $215 million, according to the company, with $156 million coming over the last 8 months. The company did not want to discuss its current valuation.

Circle CI CEO Jim Rose says with so much uncertainty because of COVID-19 he welcomes not only the money, but the quality of the firms and people involved in the investment.

“We’re really excited to get both IVP and Sapphire because they’ve seen all of it all the way through public and beyond. Given all of the nuttiness over the last few months obviously having cash on the balance sheet is extremely helpful, but the other part, too is that this a time when you want to have more brains around the table, not fewer. And so being able to get people to help out and just think about the problems that we’re encountering right now is really helpful,” Rose told TechCrunch .

Rose recognizes the huge challenge everyone is facing, but he sees this switch to remote workforces really driving the need for more automation, something his company is in a position to help DevOps teams with.

“What we’ve seen from a DevOps perspective is that this forced migration to remote-only for so many organizations has really driven the urgency for more automation in the DevOps pipeline,” he said.

He said this has led to a huge surge in usage on the platform in recent weeks, and today’s investment will at least partly go towards making sure there are enough resources in place to keep the platform stable whatever comes.

“When we think about money and we think about where we’re investing in the near term, we’re investing a lot in making sure that the platform is stable and available and supporting all of our customers as they go through this. You know this is a difficult time, a difficult transition and we’re trying to make sure that we’re doing everything we can to support our customers through that process,” Rose said.

Many companies at this stage of startup maturity begin to look ahead to an IPO, but Rose isn’t ready to discuss that, especially in the current economic climate. “We’re going to have to get folks to some kind of liquidity at some point, but I think right now our focus is on really investing in the platform and investing in our customers and then we’ll let the market clear out and figure out what the new normal looks like,” he said.

The company would consider making some acquisitions with its base of capital if the right opportunity came along. “We’re always evaluating and always looking around. One of the interesting things about our space is that it’s flooded with new and innovative approaches to point problems. There are a lot of companies that are interesting, so we’re definitely always looking around,” he said.

Microsoft Buys Corp.com So Bad Guys Can’t

In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million. Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe. This week, Microsoft Corp. agreed to buy the domain in a bid to keep it out of the hands of those who might abuse its awesome power.

Wisconsin native Mike O’Connor, who bought corp.com 26 years ago but has done very little with it since, said he hoped Microsoft would buy it because hundreds of thousands of confused Windows PCs are constantly trying to share sensitive data with corp.com. Also, early versions of Windows actually encouraged the adoption of insecure settings that made it more likely Windows computers might try to share sensitive data with corp.com.

From February’s piece:

At issue is a problem known as “namespace collision,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet.

Windows computers on an internal corporate network validate other things on that network using a Microsoft innovation called Active Directory, which is the umbrella term for a broad range of identity-related services in Windows environments. A core part of the way these things find each other involves a Windows feature called “DNS name devolution,” which is a kind of network shorthand that makes it easier to find other computers or servers without having to specify a full, legitimate domain name for those resources.

For instance, if a company runs an internal network with the name internalnetwork.example.com, and an employee on that network wishes to access a shared drive called “drive1,” there’s no need to type “drive1.internalnetwork.example.com” into Windows Explorer; typing “drive1” alone will suffice, and Windows takes care of the rest.

But things can get far trickier with an internal Windows domain that does not map back to a second-level domain the organization actually owns and controls. And unfortunately, in early versions of Windows that supported Active Directory — Windows 2000 Server, for example — the default or example Active Directory path was given as “corp,” and many companies apparently adopted this setting without modifying it to include a domain they controlled.

Compounding things further, some companies then went on to build (and/or assimilate) vast networks of networks on top of this erroneous setting.

Now, none of this was much of a security concern back in the day when it was impractical for employees to lug their bulky desktop computers and monitors outside of the corporate network. But what happens when an employee working at a company with an Active Directory network path called “corp” takes a company laptop to the local Starbucks?

Chances are good that at least some resources on the employee’s laptop will still try to access that internal “corp” domain. And because of the way DNS name devolution works on Windows, that company laptop online via the Starbucks wireless connection is likely to then seek those same resources at “corp.com.”

In practical terms, this means that whoever controls corp.com can passively intercept private communications from hundreds of thousands of computers that end up being taken outside of a corporate environment which uses this “corp” designation for its Active Directory domain.

The story went on to describe how years of testing — some of which was subsidized by grants from the U.S. Department of Homeland Security — showed hundreds of thousands of Windows computers were constantly trying to send this domain information it had no business receiving, including attempts to log in to internal corporate networks and access specific file shares on those networks.

O’Connor told me he was selling the domain after doing basically nothing with it for 26 years because he was getting on in years and didn’t want his kids to inherit this mess. When he put the domain up for sale, I asked if he’d agree to let me know if and when he sold it.

On Monday evening, he wrote to say that Microsoft had agreed to purchase it. O’Connor said he could  not discuss the terms of the deal, nor could he offer further comment beyond acknowledging the sale of corp.com to Microsoft.

In a written statement, Microsoft said it acquired the domain to protect its customers.

“To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names,” the statement reads. “We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the Corp.com domain.”

Over the years, Microsoft has shipped several software updates to help decrease the likelihood of namespace collisions that could create a security problem for companies that still rely on Active Directory domains that do not map to a domain they control.

However, experts say hardly any vulnerable organizations have deployed these fixes for two reasons. First, doing so requires the organization to take down its entire Active Directory network simultaneously for some period of time.

Second, according to Microsoft applying the patch(es) will likely break or at least slow down a number of applications that the affected organization relies upon for day-to-day operations. Faced with either or both of these scenarios, most affected companies probably decided the actual risk of not applying these updates was comparatively low.

It should be noted that while Microsoft’s purchase of corp.com will safeguard companies that built Active Directory infrastructures on top of “corp” or “corp.com,” any company that has tied their internal Active Directory network to a domain they do not control is opening itself to a similar potential security nightmare.

Further reading:

Mitigating the Risk of DNS Namespace Collisions (PDF)

DEFCON 21 – DNS May Be Hazardous to your Health (Robert Stucke)

Mitigating the Risk of Name Collision-Based Man-in-the-Middle Attacks (PDF)

How Will Cybercriminals Take Advantage of AI in the Future?

It’s difficult to predict what can happen in a decade. Looking back to 2009, when the iPhone 3GS dominated the (very new) smartphone market and Google Maps forever changed the way we move, we would be hard pressed to envisage the future we now find ourselves in.

On one hand, we can try to learn from these previous technologies in a bid to make an educated guess as to what’s around the corner. After all, the smart home assistants and rapid streaming services we’re now accustomed to have long been predicted by those clever enough to extrapolate from the past and imagine what that means for the future.

On the other hand, it’s anyone’s guess. Historically, it was believed that computers would get bigger and bigger over time, as this was the trend initially. I’m sure some can remember back when computers were the size of a whole room. Countless engineers, technicians and analysts predicted this over the years, which we now know to be totally false. Instead, computers have miniaturised and multiplied. Now your laptop, television and toaster can all house several computers.

Hello Google

Just as miniature computers have long been sprinkled throughout our homes and workplaces, the past 18 months has seen a similar adoption of AI. From Alexa to Google Home, Nest to smart speakers, you’d struggle to find a home that hasn’t incorporated some form of AI. Beyond our devices, AI recommendation engines are allowing for highly targeted (and creepily precise) advertisments across the web and social media.

Machine learning and other additions are also making AI even more intelligent. This allows AI to monitor anomalies, perform classification on gathered data and predict if a user is about to quit a service, for example.

But with more capabilities comes more code, and with more code comes more bugs. Coupled with the fact that AI is a new technology, which as a rule makes it inherently less secure, it’s easy to see why cybercriminals are taking advantage of this problematic new tool. The question is how they will continue to do so, and on what scale.

Goodbye Transparency

While recent headlines are hardly fear-mongering, it’s easy to predict a time when attackers finally harness the full criminal potential of AI to cause some serious damage. I believe the first case of this will come from audio fakes.

The technology to record, analyse, and emulate a voice already exists, though it has yet to be criminalised on a major scale due to the fact that the software is not publicly available. These things only stay secure for so long, of course, and once one clever hacker finds a way through the fence others will hastily follow.

Once it’s in their hands, there’s no end to how they can leverage it. Imagine a cybercriminal pretending to be you on the phone to your bank, equipped not only with your security details but a perfect replica of your voice to boot. Imagine your managing director or boss calling you in a panic, asking you to transfer valuable company information or complete a fraudulent wire transfer. The list goes on and on.

And it doesn’t stop there; deep fakes, in their most basic form, are already doing the rounds on social media. These clever misuses of AI not only copy your voice, they also have a generated video of you saying these words into a webcam or FaceTime call. Once an attacker has the software to pull this off, watching and profiling you via your webcam to get the information they need is the easy part. In these types of attacks, criminals could reap equal havoc to audio fakes, with the added illusion of being physically present to squash any remaining suspicions.

A Call to Arms

AI shows no signs of slowing down; it’s effective and addictive, which is why we have adopted it with open arms. Clearly, there’s no going back now. As defenders, our next step has to be building the tools, security models and processes to combat the wave of deep fakes and beyond, securing a bright future with AI by our side, not against us.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Paul Cormier takes over as Red Hat CEO, as Jim Whitehurst moves to IBM

When Ginni Rometty indicated that she was stepping down as IBM CEO at the end of January, the company announced that Arvind Krishna would be taking over, while Red Hat CEO Jim Whitehurst would become president. To fill his role, Red Hat announced today that long-time executive Paul Cormier has been named president and CEO.

Cormier would seem to be a logical choice to run Red Hat, having been with the company since 2001. He joined as its VP of engineering and has seen the company grow from a small startup to a multi-billion dollar company.

Cormier spoke about the historical arc he has witnessed in his years at Red Hat. “Looking back to when I joined, we were in a different position and facing different issues, but the spirit was the same. We were on a mission to convince the world that open source was real, safe and enterprise-grade,” Cormier said in an email to employees about his promotion.

Former CEO Whitehurst certainly sees this as a sensible transition. “After working with him closely for more than a decade, I can confidently say that Paul was the natural choice to lead Red Hat. Having been the driving force behind Red Hat’s product strategy for nearly two decades, he’s been intimately involved in setting the company’s direction and uniquely understands how to help customers and partners make the most out of their cloud strategy,” he said in a statement.

In a Q&A with Cormier on the company website, he talked about the kind of changes he expects to see under his leadership in the next five years of the company. “There’s a term that we use today, ‘applications run the business.’ In five years, I see it becoming the case for the majority of enterprises. And with that, the infrastructure underpinning these applications will be even more critical. Management and security are paramount — and this isn’t just one environment. It’s bare metal and hypervisors to public and private clouds. It’s Linux, VMs, containers, microservices and more,” he said.

When IBM bought Red Hat in 2018 for $34 billion, there was widespread speculation that Whitehurst would eventually take over in an executive position there. Now that that has happened, Cormier will step into run Red Hat.

While Red Hat is under the IBM umbrella, it continues to operate as a separate company with its own executive structure, but that vision that Cormier outlined is in line with how it will fit within the IBM family as it tries to make its mark on the shifting cloud and enterprise open source markets.