Hamas May Be Threat to 8chan, QAnon Online

/0 Comments/in /by

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard’s business with Hamas.

Many of the IP address ranges in in this map of QAnon and 8Chan-related sites — are assigned to VanwaTech. Source: twitter.com/Redrum_of_Crows

Last year’s story examined how a phone call to Oregon-based CNServers was all it took to briefly sideline multiple websites related to 8chan/8kun — a controversial online image board linked to several mass shootings — and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is running a global child sex-trafficking ring and plotting against President Donald Trump.

From that piece:

A large number of 8kun and QAnon-related sites (see map above) are connected to the Web via a single Internet provider in Vancouver, Wash. called VanwaTech (a.k.a. “OrcaTech“). Previous appeals to VanwaTech to disconnect these sites have fallen on deaf ears, as the company’s owner Nick Lim reportedly has been working with 8kun’s administrators to keep the sites online in the name of protecting free speech.

After that story, CNServers and a U.K.-based hosting firm called SpartanHost both cut ties with VanwaTech. Following a brief disconnection, the sites came back online with the help of DDoS-Guard, an Internet company based in Russia. DDoS-Guard is now VanwaTech’s sole connection to the larger Internet.

A review of the several thousand websites hosted by DDoS-Guard is revelatory, as it includes a vast number of phishing sites and domains tied to cybercrime services or forums online.

Replying to requests for comment from a CBSNews reporter following up on my Oct. 2020 story, DDoS-Guard issued a statement saying, “We observe network neutrality and are convinced that any activity not prohibited by law in our country has the right to exist.”

But experts say DDoS-Guard’s business arrangement with a Denver-based publicly traded data center firm could create legal headaches for the latter thanks to the Russian company’s support of Hamas.

In a press release issued in late 2019, DDoS-Guard said its services rely in part on a traffic-scrubbing facility in Los Angeles owned by CoreSite [NYSE:COR], a real estate investment trust which invests in “carrier-neutral data centers and provides colocation and peering services.”

This facilities map published by DDoS-Guard suggests the company’s network actually has at least two points of presence in the United States.

Hamas has long been named by the U.S. Treasury and State departments as a Specially Designated Global Terrorist (SDGT) organization. Under such a designation, any U.S. person or organization that provides money, goods or services to an SDGT entity could face civil and/or criminal prosecution and hefty fines ranging from $250,000 to $1 million per violation.

Sean Buckley, a former Justice Department prosecutor with the law firm Kobre & Kim, said U.S. persons and companies within the United States “are prohibited from any transaction or dealing in property or interests in property blocked pursuant to an entity’s designation as a SDGT, including but not limited to the making or receiving of any contribution of funds, goods, or services to or for the benefit of individuals or entities so designated.”

CoreSite did not respond to multiple requests for comment. But Buckley said companies can incur fines and prosecution for violating SDGT sanctions even when they don’t know that they are doing so.

In 2019, for example, a U.S. based cosmetics company was fined $1 million after investigators determined its eyelash kits were sourcing materials from North Korea, even though the supplier in that case told the cosmetics firm the materials had come from China.

“U.S. persons or companies found to willfully violate these regulations can be subject to criminal penalties under the International Emergency Economic Powers Act,” Buckley said. “However, even in the case that they are unaware they’re violating these regulations, or if the transaction isn’t directly with the sanctioned entity, these companies still run a risk of facing substantial civil and monetary penalties by the Department of Treasury’s Office of Foreign Asset Control if the sanctioned entity stands to benefit from such a transaction.”

DDoS-Guard said its partnership with CoreSite will help its stable of websites load more quickly and reliably for people visiting them from the United States. It is possible that when and if CoreSite decides it’s too risky to continue doing business with DDoS-Guard, sites like those affiliated with Hamas, QAnon and 8Chan may become more difficult to reach.

Meanwhile, DDoS-Guard customer VanwaTech continues to host a slew of sites promoting the conspiracy theory that the U.S. 2020 presidential election was stolen from President Donald Trump via widespread voting fraud and hacked voting machines, including maga[.]host, donaldsarmy[.]us, and donaldwon[.]com.

These sites are being used to help coordinate a protest rally in Washington, D.C. on January 6, 2021, the same day the U.S. Congress is slated to count electoral votes certified by the Electoral College, which in December elected Joseph R. Biden as the 46th president of The United States.

In a tweet late last year, President Trump urged his supporters to attend the Jan. 6 protest, saying the event “will be wild.”

8chan, which has rebranded as 8kun, has been linked to white supremacism, neo-Nazism, antisemitism, multiple mass shootings, and child pornography. The FBI in 2019 identified QAnon as a potential domestic terror threat, noting that some of its followers have been linked to violent incidents motivated by fringe beliefs.

2020 was a record year for Israel’s security startup ecosystem

/0 Comments/in /by
Naama Ben Dov
Contributor

Naama Ben Dov is an associate at YL Ventures who researches new investment opportunities, analyzes investments through thorough due diligence and provides value-add to portfolio companies.

From COVID-19’s curve to election polls, public temperature checks to stimulus checks, 2020 was dominated by numbers — the guiding compass of any self-respecting venture capital investor.

As a VC exclusively focused on investments in Israeli cybersecurity, the numbers that guide us have become some of the most interesting to watch over the course of the past year.

The start of a new year presents the perfect opportunity to reflect on the annual performance of Israel’s cybersecurity ecosystem and prepare for what the next twelve months of innovation will bring. With the global cybersecurity market outperforming this year’s panic-stricken expectations, we carefully combed through the figures to see how Israel’s market, its strongest performer, compared — and predict what it has in store.

The cybersecurity market continues to draw the confidence of investors, who appear to recognize its heightened importance during times of crisis.

The “cyber nation” not only remained strong throughout the pandemic, but even saw a rise in fundraising, especially around application and cloud security, following the emergence of remote workflow security gaps brought on by social distancing. Encouraged by this, investors have demonstrated committed enthusiasm to its growth and M&A landscape.

Emboldened by the sector’s overall strength and new opportunities, today’s Israeli visionaries are developing stronger convictions to build larger companies; many of them, already successful entrepreneurs, are making their own bets in the industry as serial entrepreneurs and angel investors.

The numbers also reveal how investors are increasingly concentrating their funds on larger seed rounds for serial entrepreneurs and the foremost industry trends. More than $2.75 billion was poured into the industry this year to back companies across all stages, a 97% increase from last year’s $1.39 billion. If its long-term slope is any indication, we can only expect it to continue to grow.

However, though they clearly indicate progress, the numbers still make the need for a demographic reset clear. Like the rest of the industry, Israel’s cybersecurity ecosystem must adapt to the pace of change set out by this year’s social movements, and the time has long passed for true diversity and gender representation in cybersecurity leadership.

Seed rounds reveal fascinating shifts

As the market’s biggest leaders garner experience and expertise, the bar for entry to Israel’s cybersecurity startup ecosystem has gradually risen over the years. However, this did not appear to impact this year’s entrepreneurial breakthroughs. 58% of Israel’s newly founded cybersecurity companies received seed rounds this year, totaling 64 seeded companies in 2020 compared with last year’s 61. The total number of newly founded companies increased by 5%, reversing last year’s downward trend.

The amount invested at seed hit an all-time high as average deal size in 2020 increased by 11%, amounting to an average of $5.2 million per deal. This continues an upward trend in average seed rounds, which have surged over the last four years due to sizable year-on-year increases. It also provides further support for a shift toward higher caliber seed rounds with a strategically focused and “all-in” approach. In other words, founders that meet the new bar for entry are raising bigger rounds for more ambitious visions.

YL ventures seed trends 2020

Image Credits: YL Ventures

Where is the money going?

2020 proved an exceptional year for application security and cloud security startups. Perhaps the runaway successes of Snyk and Checkmarx left strong impressions. This year saw an explosive 140% increase in application security company seed investments (such as Enso Security, build.security and CloudEssence), as well as a whopping 200% increase in cloud security seed investments (like Solvo and DoControl), from last year.

The Good, the Bad and the Ugly in Cybersecurity – Week 1

/0 Comments/in /by

The Good

This past week saw cybersecurity end 2020 on a couple of high notes. First, we were delighted to learn that the UK’s National Crime Agency has apprehended 21 individuals in relation to purchasing stolen data from the now defunct online criminal marketplace WeLeakInfo.

The site, which was taken down at the beginning of 2020, had hosted some 12 billion stolen credentials harvested from over 10,000 data breaches. Those arrested were males aged between 18 and 38, suspected of fraud and/or offences against the Computer Misuse Act. Along with the arrests, around $55,000 in Bitcoin was also seized.

Earlier in December, Microsoft shared information about how the recent SolarWinds breach and the nation-state actor thought to be behind it was targeting its Azure/Microsoft 365 customers. Good to hear that this week CISA’s Cloud Forensics team has released an open-source PowerShell tool for incident responders called Sparrow, which helps detect possible compromised accounts. Among other things, the script checks for known IoCs related to SolarWinds, lists Azure AD domains and checks certain API permissions to identify potential malicious activity. The seriousness of this recent APT campaign cannot be underestimated, and CISA’s tool is a welcome addition in the fight to secure enterprises against the consequences of the SolarWinds supply chain attack.

The Bad

We’re all looking forward to better news in 2021, particularly regarding COVID-19 and the continued roll out and development of vaccines, but the lure of easy spoils from organizations focusing on responding to the pandemic continues to be too much to resist for some threat actors. This past week a laboratory in Belgium working on COVID-19 was brought to halt after cyber criminals infected the General Medical Laboratory (ANL) in Antwerp with ransomware.

The AML is a private enterprise handling around 3000 COVID-19 tests daily and ranks as the largest private testing laboratory in the country, handling around 5% of the nation’s cases.

Although similar attacks such as last month’s breach of the European Medicines Agency also targeted data theft, there is as yet no evidence of patient data having been stolen. Details also remain unclear as to which strain of ransomware was involved or what amount the attackers are seeking for the ransom. However, forcing a COVID-19 testing facility into downtime at this stage of the pandemic is already a cost we could all well do without.

The Ugly

Finally this week, another ugly data breach hit the news, this time all the more unsightly as the data exposed belongs to 930,000 US children, teens and college students.

According to reports, GetSchooled, an education charity founded by Viacom and the Bill & Melinda Gates Foundation, exposed the PII (personally identifiable information) of students in a database containing 125 million records with names, addresses, phone numbers, ages, gender, school and graduation details. GetSchooled, however, has stated that the number of leaked records is closer to 250,000, with only 75,000 linked to email addresses that remain active.

It is not known how long the data was exposed for, but there is some concern about the extended timeline. The breach was reported to a UK cyber security company, TurgenSec, by an unidentified third party. The security firm then informed GetSchooled of the issue on November 17th. However, it took until December 21st for the issue to be resolved, and an investigation and review are said to be pending until after the New Year. That timeline has attracted some criticism, and the lack of details regarding the original source that reported the breach is also a worry.

As we’ve seen in the past and noted above in relation to the WeLeakInfo marketplace, this kind of data once exposed can soon end up being dumped in hacker forums or found for sale in darknet market places, where it is traded for use in phishing attacks, identity theft, automated account takeovers, fraud and other criminal activities.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Salesforce has built a deep bench of executive talent via acquisition

/0 Comments/in /by

When Salesforce acquired Quip in 2016 for $750 million, it gained CEO and co-founder Bret Taylor as part of the deal. Taylor has since risen quickly through the ranks of the software giant to become president and COO, second in command behind CEO Marc Benioff. Taylor’s experience shows that startup founders can sometimes play a key role in the companies that acquire them.

Benioff, 56, has been running Salesforce since its founding more than 20 years ago. While he hasn’t given any public hints that he intends to leave anytime soon, if he wanted to step back from the day-to-day running of the company or even job share the role, he has a deep bench of executive talent including many experienced CEOs, who like Taylor came to the company via acquisition.

One way to step back from the enormous responsibility of running Salesforce would be by sharing the role.

He and his wife Lynne have been active in charitable giving and in 2016 signed The Giving Pledge, an initiative from the The Bill and Melinda Gates Foundation, to give a majority of their wealth to philanthropy. One could see him wanting to put more time into pursuing these charitable endeavors just as Gates did 20 years ago. As a means of comparison, Gates founded Microsoft in 1975 and stayed for 25 years until he left in 2000 to run his charitable foundation full time.

Even if this remains purely speculative for the moment, there is a group of people behind him with deep industry experience, who could be well-suited to take over should the time ever come.

Resurrecting the co-CEO role

One way to step back from the enormous responsibility of running Salesforce would be by sharing the role. In fact, for more than a year starting in 2018, Benioff actually shared the top job with Keith Block until his departure last year. When they worked together, the arrangement seemed to work out just fine with Block dealing with many larger customers and helping the software giant reach its $20 billion revenue goal.

Before Block became co-CEO, he had a myriad other high-level titles including co-chairman, president and COO — two of which, by the way, Taylor has today. That was a lot of responsibility for one person inside a company the size of Salesforce, but promoting him to co-CEO from COO gave the company a way to reward his hard work and help keep him from jumping ship (he eventually did anyway).

As Holger Mueller, an analyst at Constellation Research points out, the co-CEO concept has worked out well at major enterprise companies that have tried it in the past, and it helped with continuity. “Salesforce, SAP and Oracle all didn’t miss a beat really with the co-CEO departures,” he said.

If Benioff wanted to go back to the shared responsibility model and take some work off his plate, making Taylor (or someone else) co-CEO would be one way to achieve that. Certainly, Brent Leary, lead analyst at CRM Essentials sees Taylor gaining increasing responsibility as time goes along, giving credence to the idea.

“Ever since Quip was acquired Taylor seemed to be on the fast track, becoming president and chief product officer less than a year-and-a-half after the acquisition, and then two years later being promoted to chief operating officer,” Leary said.

Who else could be in line?

While Taylor isn’t the only person who could step into Benioff’s shoes, he looks like he has the best shot at the moment, especially in light of the $27.7 billion Slack deal he helped deliver earlier this month.

“Taylor being publicly praised by Benioff for playing a significant role in the Slack acquisition, Salesforce’s largest acquisition to date, shows how much he has solidified his place at the highest levels of influence and decision-making in the organization,” Leary pointed out.

But Mueller posits that his rapid promotions could also show something might be lacking with internal options, especially around product. “Taylor is a great, smart guy, but his rise shows more the product organization bench depth challenges that Salesforce has,” he said.

How artificial intelligence will be used in 2021

/0 Comments/in /by

Scale AI CEO Alexandr Wang doesn’t need a crystal ball to see where artificial intelligence will be used in the future. He just looks at his customer list.

The four-year-old startup, which recently hit a valuation of more than $3.5 billion, got its start supplying autonomous vehicle companies with the labeled data needed to train machine learning models to develop and eventually commercialize robotaxis, self-driving trucks and automated bots used in warehouses and on-demand delivery.

The wider adoption of AI across industries has been a bit of a slow burn over the past several years as company founders and executives begin to understand what the technology could do for their businesses.

In 2020, that changed as e-commerce, enterprise automation, government, insurance, real estate and robotics companies turned to Scale’s visual data labeling platform to develop and apply artificial intelligence to their respective businesses. Now, the company is preparing for the customer list to grow and become more varied.

How 2020 shaped up for AI

Scale AI’s customer list has included an array of autonomous vehicle companies including Alphabet, Voyage, nuTonomy, Embark, Nuro and Zoox. While it began to diversify with additions like Airbnb, DoorDash and Pinterest, there were still sectors that had yet to jump on board. That changed in 2020, Wang said.

Scale began to see incredible use cases of AI within the government as well as enterprise automation, according to Wang. Scale AI began working more closely with government agencies this year and added enterprise automation customers like States Title, a residential real estate company.

Wang also saw an increase in uses around conversational AI, in both consumer and enterprise applications as well as growth in e-commerce as companies sought out ways to use AI to provide personalized recommendations for its customers that were on par with Amazon.

Robotics continued to expand as well in 2020, although it spread to use cases beyond robotaxis, autonomous delivery and self-driving trucks, Wang said.

“A lot of the innovations that have happened within the self-driving industry, we’re starting to see trickle out throughout a lot of other robotics problems,” Wang said. “And so it’s been super exciting to see the breadth of AI continue to broaden and serve our ability to support all these use cases.”

The wider adoption of AI across industries has been a bit of a slow burn over the past several years as company founders and executives begin to understand what the technology could do for their businesses, Wang said, adding that advancements in natural language processing of text, improved offerings from cloud companies like AWS, Azure and Google Cloud and greater access to datasets helped sustain this trend.

“We’re finally getting to the point where we can help with computational AI, which has been this thing that’s been pitched for forever,” he said.

That slow burn heated up with the COVID-19 pandemic, said Wang, noting that interest has been particularly strong within government and enterprise automation as these entities looked for ways to operate more efficiently.

“There was this big reckoning,” Wang said of 2020 and the effect that COVID-19 had on traditional business enterprises.

If the future is mostly remote with consumers buying online instead of in-person, companies started to ask, “How do we start building for that?,” according to Wang.

The push for operational efficiency coupled with the capabilities of the technology is only going to accelerate the use of AI for automating processes like mortgage applications or customer loans at banks, Wang said, who noted that outside of the tech world there are industries that still rely on a lot of paper and manual processes.

SentinelOne’s Cybersecurity Predictions 2021 | What Can We Expect After a Year Like This?

/0 Comments/in /by

2020 was anything but ordinary. Here’s a look at what the world was thinking about over the last 12 months, and here’s some highlights of what occurred in cybersecurity, but we’re not going to dwell on the past right now. Instead, let’s take a look at what’s in store for 2021. We asked some of our experts at SentinelOne for their predictions for the coming year. While no one has a crystal ball, this is how they see things unfolding based on what we know today.

Ransomware – We Haven’t Seen Anything Yet

Not only will the ransomware epidemic continue, it will get worse. Attacks will become more sophisticated and attack frequency and associated ransom demands will increase for several reasons.

First, attackers have grown to understand the profile of an easy target, which has proved for now to be municipalities and local government organizations. These targets hold limited resources, are slow to patch, utilize legacy defense solutions and employ yesterday’s technology and best practices in an attempt to solve tomorrow’s problems.

The most effective way to combat a ransomware attack is not to get hit in the first place, which can only be achieved through closing the gap on attacker sophistication and modernizing defenses. Unfortunately, bureaucratic budgeting and procurement processes will make it impossible for government agencies and towns to keep up with today’s attackers. Public sector budgets for the following year are typically allocated by July 1st, which means that public sector organizations will firmly remain 18-24 months behind the security curve. Additional funding to replace outdated legacy systems will not be available in the short-term.

Second, ransomware is a profit-driven business and it’s a bull market. Following Baltimore, where a demand of $76,000 was not met resulting in damages of more than $18M, a trend of municipalities forgoing advice of the FBI to not pay attackers has emerged. This trend will likely continue as cyber insurance, which was once considered a nice-to-have, is now a necessity and paying attackers out under claims is far more appealing than damages totaling eight figures. Morgan Wright, Chief Security Officer at SentinelOne

Ransomware and The Perils of Paying

Read More

Attack Sophistication Will Become the New ‘Normal’

Anyone following the latest discoveries on the SolarWinds attacks understands that this kind of scale and sophistication is here to stay. While the line between nation state actors and financially motivated cybercrime organizations is getting blurry, the tactics being used these days have never been seen before.

Stealing a certificate to sign a malicious update for software widely used by federal and state entities to begin with, making a custom DLL for communications while using existing API calls and domains and remaining stealthy for months…these are TTPs that go beyond what most organizations and security software are currently built to resist.

That means all of us, as defenders, must reconsider how we protect. None of the above TTPs can be detected by traditional monitoring and security tools; to detect these one needs to establish a good baseline, to keep on looking for anomalies, to investigate each one and to make sure each and every endpoint has on-device detection mechanisms that are not dependent on traffic or network discovery. If one leaves an endpoint unprotected, it is likely to become an entry point to the rest of the network. In fact, one can find security solutions that rely on this aspect to detect incoming attempts, also known as the deception market.

The take-away for us as defenders is simple: “eat your vegetables” – meaning, start with the basics, ensure a good baseline and detect anomalies, put in layers of defense that can speak to one another and ensure your endpoints are protected with behavioral-based detection to catch it as it happens. Migo Kedem, Senior Director, Products & Marketing at SentinelOne

SolarWinds SUNBURST Backdoor: Inside the APT Campaign

Read More

Deepfake Is Coming of Age…And We’re Not Ready For It

Back in the far-far past, before The Fall, there was little yibber about a spesh story that many would have missed if they didn’t sivvy for it. It’s all true true, not a yarn I tell you.

Cloud Atlas and pandemic references aside, the story broke in, made a little noise and then seemed to disappear. This telling of the event by Forbes was published 3rd September 2019, almost a lifetime ago by todays standards.

But it is a significant one nonetheless. A UK based CEO was phoned by the German CEO of the parent company, and ordered to transfer €220,000 to the bank account of a Hungarian supplier. Sounds dodgy, right? Well the UK CEO wasn’t concerned because he happened to know the CEO personally, and recognised “the subtle German accent in his boss’s voice—and moreover that it carried the man’s ‘melody’.” The money was duly transferred.

It was only after a second and third subsequent call that the UK CEO became suspicious, picking up on other clues. The criminals had used what researchers believe to be the first instance of AI voice mimicry for fraud, or deepfake.

With us all working from home still for the foreseeable future, and even post pandemic, more likely to work from home for greater parts of the week anyway, this kind of fraud will become more commonplace. People won’t be able to chat to nearby workers, or shoulder tap someone to check if a request is legitimate or not.

The criminals will get better as the deepfake technology becomes cheaper, computers more powerful, and their targets more disenfranchised from their workplace. And so we come to my prediction…

In 2021, I believe we will see the first successful video based deepfake phishing attack, resulting in either significant financial or data loss. I really hope I am wrong, but I think all the pieces are in place.

And that right there is a scarysome yarn we can yibber about until the Next Fall. Thom Langford, Security Advocate at SentinelOne

What is Deepfake? (And Should You Be Worried?)

Read More

The Supply Chain Risk Becomes Real for Everyone

So the FireEye/Solarwinds breach at the end of 2020 is still evolving, but the scope of this supply chain attack is staggering. To add to that, the US DOD CMMC regulations really start to be enforced in 2021. Any company that supplies any product or service to the DOD and all of those company’s subcontractors and suppliers must meet CMMC standards. So expect much more robust controls and focus on cyber security in the supply chain. Chris Bates, CISO at SentinelOne

Here to Stay | May The Remote Workforce Be With You

The shift to a remote workforce in 2020 was one of the single biggest transformations in how people work in the past 100 years. As year compliance and certification audits and CMMC hit in 2021, cyber programs will have to change to really bake in processes in this remote work environment. Items like vulnerability management and visibility on remote internet-only machines will become a mandatory reality for many companies that have struggled to meet these requirements in 2020. Chris Bates, CISO at SentinelOne

A Change in Perspective | Security As Essential Infrastructure

Another prediction for next year is that security will continue to move away from being considered a liability on the business and growth and instead move toward being viewed as essential infrastructure that can ensure the sustainability of the business. Migo Kedem, Senior Director, Products & Marketing at SentinelOne

Judgement Day is Coming for Apple’s Approach to Security

There is a war going on in the Apple ecosystem, though you’d hardly know it from following the usual security feeds. This war revolves around a central philosophical debate in security about which approach is safer, open or closed technology? Apple argues that keeping everybody, including security researchers, out of certain areas of its hardware and software makes the macOS and iOS operating systems safer. Security researchers argue that determined attackers will find a way in anyway, but the closed nature of Apple’s systems means victims may never know they’ve been compromised.

If you’re on the ‘open’ side of the argument, then you’ll be relieved to hear that in the final week of 2020, a court judge ruled against Apple’s attempt to shutdown security research outfit Corellium, although the legal battle will undoubtedly continue into 2021 as Apple seeks to appeal that decision.

Arguably, history also favours the ‘open’ approach as there are countless examples of the failures of ‘security by obscurity’. A couple of examples from 2020: on macOS, Apple’s opaque Notarization system has been bypassed by commodity malware on a number of occasions; on iOS, a researcher wrote a 30,000 word paper earlier this month detailing a zero-click Wifi exploit that could steal user photos. Zero-click? No interaction needed, and the exploit can be triggered over the air.

The $64 million dollar question is: will we see threat actors exploiting macOS and iOS vulnerabilities in the wild during 2021? In my view, given the early state of vulnerability research into macOS Big Sur and unfixable vulnerabilities in a wide range of iOS devices due to checkra1n, 2021 would be an extraordinary year in cybersecurity if we didn’t. Protect your Apple devices in the same way as you would any others. There’s no magic, or security, in obscurity. Phil Stokes, macOS Threat Researcher at SentinelLabs

APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique

Read More

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Happy 11th Birthday, KrebsOnSecurity!

/0 Comments/in /by

Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support!

With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And it’s perhaps fitting that this was also a leap year, piling on an extra day to a solar rotation that most of us probably can’t wait to see in the rearview mirror.

But it was hardly a dull one for computer security news junkies. In almost every category — from epic breaches and ransomware to cybercrime justice and increasingly aggressive phishing and social engineering scams — 2020 was a year that truly went to eleven.

Almost 150 stories here this past year generated nearly 9,000 responses from readers (although about 6 percent of those were on just one story). Thank you all for your thoughtful engagement, wisdom, news tips and support.

I’d like to reprise a note from last year’s anniversary post concerning ads. A good chunk of the loyal readers here are understandably security- and privacy-conscious, and many block advertisements by default — including the ads displayed here.

KrebsOnSecurity does not run third-party ads and has no plans to change that; all of the creatives you see on this site are hosted in-house, are purely image-based, and are vetted first by Yours Truly. Love them or hate ’em, these ads help keep the content at KrebsOnSecurity free to any and all readers. If you’re currently blocking ads here, please consider making an exception for this site.

In case you missed them, some of the most popular feature/enterprise stories on the site this year (in no particular order) included:

The Joys of Owning an ‘OG’ Email Account
Confessions of an ID Theft Kingpin (Part II)
Why and Where You Should Plant Your Flag
Thinking of a Career in Cybersecurity? Read This
Turn on MFA Before Crooks Do it for You
Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion
Who’s Behind the ‘Web Listings’ Mail Scam?
When in Doubt: Hang Up, Look Up, & Call Back
Riding the State Unemployment Fraud Wave
Would You Have Fallen for this Phone Scam?

AI chipmaker Graphcore raises $222M at a $2.77B valuation and puts an IPO in its sights

/0 Comments/in /by

Applications based on artificial intelligence — whether they are systems running autonomous services, platforms being used in drug development or to predict the spread of a virus, traffic management for 5G networks or something else altogether — require an unprecedented amount of computing power to run. And today, one of the big names in the world of designing and building processors fit for the task has closed a major round of funding as it takes its business to the next level.

Graphcore, the Bristol, U.K.-based AI chipmaker, has raised $222 million, a Series E that CEO and co-founder Nigel Toon said in an interview will be used for a couple of key purposes.

First, Graphcore will use the money to continue expanding its technology, based around an architecture it calls “IPU” (intelligence processing unit), which competes against chips from the likes of Nvidia and Intel also optimized for AI applications. And second, Graphcore will use the funding to shore up its finances ahead of a possible public listing.

The funding, Toon said, gives Graphcore $440 million in cash on the balance sheet and a post-money, $2.77 billion valuation to start 2021.

“We’re in a strong position to double down and grow fast and take advantage of the opportunity in front of us,” he added. He said it could be “premature” to describe this Series E as a “pre-IPO” round. “We have enough cash and this puts us in a position to take that next step,” he added. The company has in recent weeks been rumored to be eyeing up a listing not in the U.K. but on Nasdaq in the U.S.

This latest round of funding is coming from a roster of financial investors. Led by the Ontario Teachers’ Pension Plan, it also includes participation from Fidelity International and Schroders, as well as previous investors Baillie Gifford and Draper Esprit. Graphcore has now raised some $710 million to date.

This Series E gives Graphcore a definite step up in its valuation — the company last raised money back in February of this year, a $150 million extension to its Series D that valued the company at $1.95 billion — but all the same, it closes off what Toon described as a “challenging” year for the company (and indeed, the world at large). 

“I view this year as a speed bump,” he said. “It has been challenging and we’ve realigned to speed things up.”

As it has been for many companies, the year came in different parts.

On one side, Graphcore’s hardware and software product development continued apace with ever-faster processors in ever-smaller packages. In July, Graphcore launched the second generation of its flagship chip, the GC200, and a new IPU Machine that runs on it, the M2000, which the company described at the time as the first AI computer to achieve a petaflop of processing power “in the size of a pizza box.”

But on the other side, the building and launch of those products was largely done with a remote workforce, with employees sent to work from home to help slow down the spread of the coronavirus that has gripped the world and rewritten how much of it operates.

Indeed, the industry at large, and how companies are spending and investing during a period of uncertainty, has also likely shifted. Some companies like Amazon, Apple and Google are all getting more serious about their own chipmaking efforts. Others are caught up in a wave of consolidation: Witness Nvidia’s efforts to acquire ARM in a $40 billion deal.  

All of these spell challenges for an upstart like Graphcore. Toon said Graphcore doesn’t have any plans to make acquisitions: Its strategy is based around organic growth.

And, no great surprises here, he is not excited about Nvidia’s acquisition of ARM: “If we’re not careful, things will consolidate too much and that could kill off innovation,” he said. “We have made our position clear to the U.K. government. We don’t think the Nvidia ARM deal is a good thing.” (Somewhat ironic, considering he and Graphcore co-founder Simon Knowles sold a previous startup to none other than Nvidia.)

He also declined to talk about new customers for Graphcore, but he said that there has been interest from financial services companies, and some from the world of healthcare, automotive and internet companies, “large hyperscalers” in his words, that require the kind of technology that Graphcore is building either to run their systems, or to complement processors that they are potentially also building themselves. (Strategic backers of the company include the likes of Microsoft, BMW, Bosch and Dell.)

Graphcore said that the company is shipping its newest products “in production volume” to customers, and Toon said that a couple of big names are likely to be announced in the coming year, one that some believe might actually be calmer overall for the chip industry compared to 2020.

It’s that pull of technology, and specifically the processing demands of the next generation of computing, that investors believe will continue to drive business to Graphcore as the dust settles on this year.

“The market for purpose-built AI processors is expected to be significant in the coming years because of computing megatrends like cloud technology and 5G and increased AI adoption, and we believe Graphcore is poised to be a leader in this space,” said Olivia Steedman, senior managing director, Teachers’ Innovation Platform (TIP) at Ontario Teachers’. “TIP focuses on investing in tech-enabled businesses like Graphcore that are at the forefront of innovation in their sector. We are excited to partner with Nigel and the strong management team to support the company’s continued growth and product development.”

Graphcore, the AI chipmaker, raises another $150M at a $1.95B valuation

VMware files suit against former exec for moving to rival company

/0 Comments/in /by

Earlier this month, when Nutanix announced it was hiring former VMware COO Rajiv Ramaswami as CEO, it looked like a good match. What’s more, it pulled a key player from a market rival. Well, it seems VMware took exception to losing the executive, and filed a lawsuit against him yesterday for breach of contract.

The company is claiming that Ramaswami had inside knowledge of the key plans of his former company and that he should have told them that he was interviewing for a job at a rival organization.

Rajiv Ramaswami failed to honor his fiduciary and contractual obligations to VMware. For at least two months before resigning from the company, at the same time he was working with senior leadership to shape VMware’s key strategic vision and direction, Mr. Ramaswami also was secretly meeting with at least the CEO, CFO, and apparently the entire Board of Directors of Nutanix, Inc. to become Nutanix’s Chief Executive Officer. He joined Nutanix as its CEO only two days after leaving VMware,” the company wrote in a statement.

As you can imagine, Nutanix didn’t agree, countering in a statement of its own that, “VMware’s lawsuit seeks to make interviewing for a new job wrongful. We view VMware’s misguided action as a response to losing a deeply valued and respected member of its leadership team. Mr. Ramaswami and Nutanix have gone above and beyond to be proactive and cooperative with VMware throughout the transition.”

At the time of the hiring, analyst Holger Mueller from Constellation Research noted that the two companies were primary competitors and hiring Ramawami was was a big win for Nutanix. “So hiring Ramaswami brings both an expert for multicloud to the Nutanix helm, as well as weakening a key competitor from a talent perspective,” he told me earlier this month.

Mueller doesn’t see much chance of the suit succeeding. “It’s been a long time since the last lawsuit happened in Silicon Valley [involving] a tech exec jumping ship. Being an ’employment at will’ state, these suits are typically unsuccessful,” he told me this morning.

He added, “The interesting part of the VMware v. Nutanix lawsuit is, does a high-ranking executive interviewing with a competitor equal a break of confidentiality by itself, or does material information have to be breached to reach the point. Traditionally the right to (confidentially) interview has been protected by the courts,” he said.

It’s unclear what the end game would be in this type of legal action, but it does complicate matters for Nutanix as it transitions to a new chief executive. Ramaswami took over from co-founder Dheeraj Pandey, who announced plans to leave the post last summer.

The lawsuit was filed Monday in Superior Court of the State of California, County of Santa Clara.

Nutanix brings in former VMware exec as new CEO

CommonGround raises $19M to rethink online communication

/0 Comments/in /by

CommonGround, a startup developing technology for what its founders describe as “4D collaboration,” is announcing that it has raised $19 million in funding.

This isn’t the first time Amir Bassan-Eskenazi and Ran Oz have launched a startup together — they also founded video networking company BigBand Networks, which won two technology-related Emmy Awards, went public in 2007 and was acquired by Arris Group in 2011. Before that, they worked together at digital compression company Optibase, which Oz co-founded and where Bassan-Eskenazi served as COO.

Although CommonGround is still in stealth mode and doesn’t plan to fully unveil its first product until next year, Bassan-Eskenazi and Oz outlined their vision for me. They acknowledged that video conferencing has improved significantly, but said it still can’t match face-to-face communication.

“Some things you just cannot achieve through a flat video-conferencing-type solution,” Bassan-Eskenazi said. “Those got better over the years, but they never managed to achieve that thing where you walk into a bar … and there’s a group of people talking and you know immediately who is a little taken aback, who is excited, who is kind of ‘eh.’”

CommonGround founders Amir Bassan-Eskenazi and Ran Oz

CommonGround founders Amir Bassan-Eskenazi and Ran Oz. Image Credits: CommonGround

That, essentially, is what Bassan-Eskenazi, Oz and their team are trying to build — online collaboration software that more fully captures the nuances of in-person communication, and actually improves on face-to-face conversations in some ways (hence the 4D moniker). Asked whether this involves combining video conferencing with other collaboration tools, Oz replied, “Think of it as beyond video,” using technology like computer vision and graphics.

Bassan-Eskenazi added that they’ve been working on CommonGround for more than year, so this isn’t just a response to our current stay-at-home environment. And the opportunity should still be massive as offices reopen next year.

“When we started this, it was a problem we thought some of the workforce would understand,” he said. “Now my mother understands it, because it’s how she reads to the grandkids.”

As for the funding, the round was led by Matrix Partners, with participation from Grove Ventures and StageOne Ventures.

“Amir and Ran have a bold vision to reinvent communications,” said Matrix General Partner Patrick Malatack in a statement. “Their technical expertise, combined with a history of successful exits, made for an easy investment decision.”

Will Zoom Apps be the next hot startup platform?