APAC cloud infrastructure revenue reaches $9B in Q2 with Amazon leading the way

/0 Comments/in /by

When you look at the Asia-Pacific (APAC) regional cloud infrastructure numbers, it would be easy to think that one of the Chinese cloud giants, particularly Alibaba, would be the leader in that geography, but new numbers from Synergy Research show Amazon leading across the region overall, which generated $9 billion in revenue in Q2.

The only exception to Amazon’s dominance was in China, where Alibaba leads the way with Tencent and Baidu coming in second and third, respectively. As Synergy’s John Dinsdale points out, China has its own unique market dynamics, and while Amazon leads in other APAC sub-regions, it remains competitive.

“China is a unique market and remains dominated by local companies, but beyond China there is strong competition between a range of global and local companies. Amazon is the leader in four of the five sub-regions, but it is not the market leader in every country,” he explained in a statement.

APAC Cloud Infrastructure leaders chart from Synergy Research

Image Credits: Synergy Research

The $9 billion in revenue across the region in Q2 represents less than a third of the more than $30 billion generated in the worldwide market in the quarter, but the APAC cloud market is still growing at more than 40% per year. It’s also worth pointing out as a means of comparison that Amazon alone generated more than the entire APAC region, with $10.81 billion in cloud infrastructure revenue in Q2.

While Dinsdale sees room for local vendors to grow, he says that the global nature of the cloud market in general makes it difficult for these players to compete with the largest companies, especially as they try to expand outside their markets.

“The challenge for local players is that in most ways cloud is a truly global market, requiring global presence, leading edge technology, strong brand name and credibility, extremely deep pockets and a long-term focus. For any local cloud companies looking to expand significantly beyond their home market, that is an extremely challenging proposition,” Dinsdale said in a statement.

Even as cloud infrastructure growth slows, revenue rises over $30B for quarter

Perigee infrastructure security solution from former NSA employee moves into public beta

/0 Comments/in /by

Perigee founder Mollie Breen used to work for NSA where she built a security solution to help protect the agency’s critical infrastructure. She spent the last two years at Harvard Business School talking to Chief Information Security Officers (CISOs) and fine-tuning that idea she started at NSA into a commercial product.

Today, the solution that she built moves into public beta and will compete at TechCrunch Disrupt Battlefield with other startups for $100,000 and the Disrupt Cup.

Perigree helps protect things like heating and cooling systems or elevators that may lack patches or true security, yet are connected to the network in a very real way. It learns what normal behavior looks like from an operations system when it interacts with the network, such as what systems it interacts with and which individual employees tend to access it. It can then determine when something seems awry and stop an anomalous activity before it reaches the network. Without a solution like the one Breen has built, these systems would be vulnerable to attack.

Perigee is a cloud-based platform that creates a custom firewall for every device on your network,” Breen told TechCrunch. “It learns each device’s unique behavior, the quirks of its operational environment and how it interacts with other devices to prevent malicious and abnormal usage while providing analytics to boost performance.”

Perigee HVAC fan dashboard view

Image Credits: Perigee

One of the key aspects of her solution is that it doesn’t require an agent, a small piece of software on the device, to make it work. Breen says this is especially important since that approach doesn’t scale across thousands of devices and can also introduce bugs from the agent itself. What’s more, it can use up precious resources on these devices if they can even support a software agent.

“Our sweet spot is that we can protect those thousands of devices by learning those nuances and we can do that really quickly, scaling up to thousands of devices with our generalized model because we take this agentless-based approach,” she said.

By creating these custom firewalls, her company is able to place security in front of the device preventing a hacker from using it as a vehicle to get on the network.

“One thing that makes us fundamentally different from other companies out there is that we sit in front of all of these devices as a shield,” she said. That essentially stops an attack before it reaches the device.

While Breen acknowledges that her approach can add a small bit of latency, it’s a tradeoff that CISOs have told her they are willing to make to protect these kinds of operational systems from possible attacks. Her system is also providing real-time status updates on how these devices are operating, giving them centralized device visibility. If there are issues found, the software recommends corrective action.

It’s still very early for her company, which Breen founded last year. She has raised an undisclosed amount of pre-seed capital. While Perigee is pre-revenue with just one employee, she is looking to add paying customers and begin growing the company as she moves into a wider public beta.

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

/0 Comments/in /by

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.

Image: FBI

Charging documents say the seven men are part of a hacking group known variously as “APT41,” “Barium,” “Winnti,” “Wicked Panda,” and “Wicked Spider.” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell.

APT41’s activities span from the mid-2000s to the present day. Earlier this year, for example, the group was tied to a particularly aggressive malware campaign that exploited recent vulnerabilities in widely-used networking products, including flaws in Cisco and D-Link routers, as well as Citrix and Pulse VPN appliances. Security firm FireEye dubbed that hacking blitz “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.”

The government alleges the group monetized its illicit access by deploying ransomware and “cryptojacking” tools (using compromised systems to mine cryptocurrencies like Bitcoin). In addition, the gang targeted video game companies and their customers in a bid to steal digital items of value that could be resold, such as points, powers and other items that could be used to enhance the game-playing experience.

APT41 was known to hide its malware inside fake resumes that were sent to targets. It also deployed more complex supply chain attacks, in which they would hack a software company and modify the code with malware.

“The victim software firm — unaware of the changes to its product, would subsequently distribute the modified software to its third-party customers, who were thereby defrauded into installing malicious software code on their own computers,” the indictments explain.

While the various charging documents released in this case do not mention it per se, it is clear that members of this group also favored another form of supply chain attacks — hiding their malware inside commercial tools they created and advertised as legitimate security software and PC utilities.

One of the men indicted as part of APT41 — now 35-year-old Tan DaiLin — was the subject of a 2012 KrebsOnSecurity story that sought to shed light on a Chinese antivirus product marketed as Anvisoft. At the time, the product had been “whitelisted” or marked as safe by competing, more established antivirus vendors, although the company seemed unresponsive to user complaints and to questions about its leadership and origins.

Tan DaiLin, a.k.a. “Wicked Rose,” in his younger years. Image: iDefense

Anvisoft claimed to be based in California and Canada, but a search on the company’s brand name turned up trademark registration records that put Anvisoft in the high-tech zone of Chengdu in the Sichuan Province of China.

A review of Anvisoft’s website registration records showed the company’s domain originally was created by Tan DaiLin, an infamous Chinese hacker who went by the aliases “Wicked Rose” and “Withered Rose.” At the time of story, DaiLin was 28 years old.

That story cited a 2007 report (PDF) from iDefense, which detailed DaiLin’s role as the leader of a state-sponsored, four-man hacking team called NCPH (short for Network Crack Program Hacker). According to iDefense, in 2006 the group was responsible for crafting a rootkit that took advantage of a zero-day vulnerability in Microsoft Word, and was used in attacks on “a large DoD entity” within the USA.

“Wicked Rose and the NCPH hacking group are implicated in multiple Office based attacks over a two year period,” the iDefense report stated.

When I first scanned Anvisoft at Virustotal.com back in 2012, none of the antivirus products detected it as suspicious or malicious. But in the days that followed, several antivirus products began flagging it for bundling at least two trojan horse programs designed to steal passwords from various online gaming platforms.

Security analysts and U.S. prosecutors say APT41 operated out of a Chinese enterprise called Chengdu 404 that purported to be a network technology company but which served a legal front for the hacking group’s illegal activities, and that Chengdu 404 used its global network of compromised systems as a kind of dragnet for information that might be useful to the Chinese Communist Party.

Chengdu404’s offices in China. Image: DOJ.

“CHENGDU 404 developed a ‘big data’ product named ‘SonarX,’ which was described…as an ‘Information Risk Assessment System,’” the government’s indictment reads. “SonarX served as an easily searchable repository for social media data that previously had been obtained by CHENGDU 404.”

The group allegedly used SonarX to search for individuals linked to various Hong Kong democracy and independence movements, and snoop on a U.S.-backed media outlet that ran stories examining the Chinese government’s treatment of Uyghur people living in its Xinjian region.

As noted by TechCrunch, after the indictments were filed prosecutors said they obtained warrants to seize websites, domains and servers associated with the group’s operations, effectively shutting them down and hindering their operations.

“The alleged hackers are still believed to be in China, but the allegations serve as a ‘name and shame’ effort employed by the Justice Department in recent years against state-backed cyber attackers,” wrote TechCrunch’s Zack Whittaker.

The C-suite Guide to Cyber Safety | 7 Steps to Securing Your Organization

/0 Comments/in /by

Some cyber attacks, particularly those like the spate of ransomware incidents that seem to be never-ending at present, have some very visible consequences for organizations: outage of customer-facing services, loses in productivity, revenue, and reputation, not to mention the costs of remediation (like, say, paying the ransom), possible data leakages and even regulatory fines. However, it’s not just damage to the organization that such cyber incidents can cause, it can also get personal. Beginning with the famous “Target Breach”, moving on to Home Depot, Sony, the Equifax breach and the Imperva breach, several CEOs have been held responsible and forced to resign after highly damaging cyber incidents.

It might be assumed that the CISO would be the one primarily in the hot seat for such failures, but industry analysts Gartner say that future cyber attacks could result in “personal liability” for 75% of CEOs by 2024. In short, the entire C-suite needs to prepare for the consequences of a successful cyber attack, which can damage both the business and the careers of those tasked with ensuring the organization’s security.

Risk, Regulation and Evolving Threat Actors

Until very recently, companies could have kept cyber incidents and data breaches under the radar and away from the public eye. However, advancements in regulation, public sentiment and the nature of cyber attacks have changed all that.

HIPAA, GDPR, CCPA, NYC DFS and a host of other data breach notification and privacy regulations have made it impossible for companies to legally hide the fact that they have suffered a major cyber incident. Companies and individuals that try to downplay this could be caught and penalized, as was the case with former CISO of Uber who is now charged with obstruction of justice. He allegedly tried to cover up a 2016 hack that compromised the data of millions of users and drivers and present it as a security penetration testing exercise (while allegedly paying the actual hackers to go away).

The nature of attacks has also changed. Modern ransomware attacks are now exfiltrating huge data sets before encrypting and announcing to the world that their victim has been hit. The cyber criminals threaten to publish or sell the stolen data if their ransom demands are not met. In many cases, this means that the public will almost certainly become aware of the incident, at which point it only harms the victim’s reputation further if they continue to deny it or refuse to even make a public comment on it. Moreover, as the public have become increasingly aware of just how much data – and how sensitive it can be – is held about them, there is increasing anger at companies and organizations accused of having lax security practices. Many consumers now indicate that organizations should be held accountable for security negligence: A recent survey found that 35% of UK consumers see the CEO as personally responsible in case of a cyber incident.

It’s no surprise, then, that cases of executives being held personally accountable for such incidents are not hard to find. The CEO of Austrian aerospace parts maker FACC was fired after the company was hit by cyber fraud that cost it some $47 million. The details are murky, but it has the hallmarks of a classic Business Email compromise: someone very senior within FACC, perhaps the CEO, was approached by email from a business partner or vendor and approved a wire transfer directly to the fraudsters. After the transfer was made, it was discovered that the actual partner never approached the company and the money was gone, costing both the CEO and the CFO their jobs.

In other cases, executives have been held accountable because cyber is now considered a fundamental business operation. For example, after the SingHealth data breach, the CEO and 4 other senior managers were fined due to their “collective leadership responsibility”.

Seven Steps to Secure Your Organization

It’s famously been said that “Cyber is hard”, but there is a well-defined path to enterprise security that responsible organizations can follow, limiting both the risk of and the fallout from a security breach.

  1. Assess Your Security Posture – The first step to consider is the status of the organization’s security posture. The C-suite (CIO, CSO, CISO) needs to have a clear and updated understanding of the organization’s security apparatus, including staffing levels, training, systems and procedures, incident response and business continuity. Are you still relying on legacy AV solutions that are easily bypassed by today’s threat actors? Who is tasked with threat hunting, and how often? What does your Incident Response procedure look like today? In the heightened security environment we now face, when threat actors from script kiddies to APTs are able to access and wield sophisticated malware, it is imperative to have a clear understanding of your current security posture.
  1. Conduct a Cyber Risk Assessment – The CEO and C-level executives need to understand the nature of the cyber threats the organization faces. There are plenty of tools available for risk assessment, including using industry benchmarks, government and law enforcement agencies recommendations and threat intelligence feeds. The risk assessment should also include regulatory and commercial risks such as reputation loss due to cyber attack.
Ebook: Understanding Ransomware in the Enterprise
This guide will help you understand, plan for, respond to and protect against this now-prevalent threat. It offers examples, recommendations and advice to ensure you stay unaffected by the constantly evolving ransomware menace.

Read Now

  1. Develop a Business-wide Security Plan –  With a clear understanding of the threats facing your organization and your current security stance, it is possible to assess where the organization fares well and where there is room for improvement. It is vital to have a plan to address these gaps according to the organizations’ risk appetite. The plan should include a modern EDR platform, Incident Response and mitigation capabilities, backup systems and business continuity procedures.
  1. Allocate Sufficient Resources – After formulating and approving a security plan, the appropriate staffing, organizational and financial resources must be allocated. This is critical. A plan that calls for human resources you don’t have and don’t make provision to supply is not so much a plan but wishful thinking. A plan that cannot be implemented because it requires structural changes that the organization is not willing to make is merely a wasted thought experiment. A plan that lacks a fully-worked out and approved budget suggests there was no real will or intent to facilitate change. None of this is going to look good when stakeholders start apportioning blame in post-incident analysis.
  1. Practice Continued Oversight – The implementation of a well-thought out, sufficiently-resourced plan must be accompanied with monitoring and reporting to senior management. A contingency plan that was only partially implemented, not implemented as intended, or that (in practice) was not as “fit for purpose” as it seemed on paper, may be worse than no plan at all. Security executives should also monitor business operations development and how operational changes might impact the security plan. For instance, the sudden shift to working from home has markedly changed the risks organizations face, but how many business have updated their security planning and solutions to take that into consideration?
Cybersecurity for the remote workforce
Every threat. Every device. Every second.

Watch Now

  1. Engage an External Audit – It is advisable to introduce an external audit in order to validate the CISO’s plan and its execution. The benefits here include a non-partisan, objective look at your preparedness and compliance that can not only provide internal confidence that you are doing the right thing, but it can also be a vital part of rapidly rebuilding external confidence after a security breach.
  1. Rinse and Repeat – By the end of the period (fiscal year, calendar year, quarter) it is imperative to assess the success of the plan and decide if to continue with its implementation or make changes. Plenty of organizations thought they had a great plan in place, only to find a threat actor had repeatedly breached their defenses for months on end.

How To Respond When a Cyber Attack Happens

But executives are not only measured by how well they plan and let their people execute. They are also measured by how well they respond to crisis. When a crisis hits, it is best to act according to the predefined plan. If there isn’t one, bring in experts in Incident Response and crisis management as soon as possible.

It is imperative to communicate the situation promptly and openly with the board, employees, customers and the media. Organizations that react quickly, honestly and transparently usually receive the support of all these factions, and the mistakes (if there were any) are often quickly forgiven.

For example, Q&A site Quora suffered a data breach in late 2018, effecting approximately 100 million Quora users. The CEO responded quickly, publishing a very transparent blog post and notifying all users via email of how the breach affected stakeholders. The company then set up a dedicated Q&A site with timely updates to users as the situation unfolded.

Conclusion

Securing your organization against today’s cyber threats is a business imperative. Long gone are the days when management only needed to hire an IT admin to install an off-the-shelf antivirus, erect a firewall around the network perimeter and sit back and think about “more important” things. In today’s world of cloud computing with containerized workloads, a remote workforce, and a dizzying array of unsecured IoT devices jumping on and off your network, combined with the exponential growth and sophistication of cyber attacks and cyber attackers, security is not only the C-suite’s responsibility, it may be their number one priority.

If you’d like to see how the SentinelOne platform can meet your organization’s security needs without stretching your resources, contact us or request a free demo.

The Key Measures of MITRE ATT&CK 2020
SentinelOne’s performance in MITRE ATT&CK 2020 is EDR at its finest

Read More

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

User-generated e-learning site Kahoot acquires Actimo for up to $33M to double down on corporate sector

/0 Comments/in /by

Norwegian company Kahoot originally made its name with a platform that lets educators and students create and share game-based online learning lessons, in the process building up a huge public catalogue of gamified lessons created by its community. Today the startup — now valued at more than $2 billion — is announcing an acquisition to give a boost to another segment of its business: corporate customers.

Kahoot has acquired Danish startup Actimo, which provides a platform for businesses to train and engage with employees. Kahoot said that the purchase is being made with a combination of cash and shares, and works out to a total enterprise value of between $26 million and $33 million for the smaller company, with the sale expected to be completed in October 2020.

It may sound like a modest sum in a tech market where companies are currently and regularly seeing paper valuations in the hundreds of millions at Series A stage, but it also presents a different kind of trajectory both for founders and their investors.

This is actually a strong exit for Actimo, which had raised less than $500,000, according to data from PitchBook. And it puts Actimo under the wing of a company that has been scaling globally fast, finding — like others in the areas of online education and remote working — that the current state of social distancing due to COVID-19 is resulting in a boost to its business.

To give you an idea of the scale and growth of Kahoot, the company says that currently it has over 1 billion “participating players,” on top of some 4.4 billion users in aggregate since first launching the platform in 2013. In the last 12 months, some 200 million games have been played on its platform. In June, when Kahoot announced that it had raised $28 million in funding, it told us that 100 million games had been played.

In light of its growth and the future opportunity — even putting aside the progression of the coronavirus, it looks like remote work and remote learning will at least become a lot more common as a longer-term option — the company has also seen a rise in its valuation. With some of its shares traded on the Merkur Market in Norway, the company currently has a market cap of 18.716 billion Norwegian Krone, which at today’s rates is about $2.08 billion. That figure was $1.4 billion in June.

Kahoot’s targeting of the corporate sector is not new. The company has been building a business in this space for years. It says that in the last 12 months, it logged 2 million sessions across 20 million participating “players” of its corporate training “games,” with some 97% of the Fortune 500 among those users. Customers include the likes of Facebook (for sales training), Oyo (hospitality training and onboarding) and Qualys (for taking polls during a conference), among others.

Critically, while a lot of Kahoot’s audience is in education, it’s corporate that most of the revenues come in —  one reason why it’s keen to grow that segment with more services and users.

The aim with Actimo, Kahoot says, is to build out a product set aimed at helping organisations with company culture — which, with many organisations now going on eight months and counting of entire teams working regularly outside of their physical offices, has grown as a priority.

Keeping a team feeling like a team, and an individual feeling more than a transactional regard for an employer, is not a simple thing in the best of times. Now, as we continue to work physically away from each other, it will take even more tools and efforts to get the balance right.

In that context, Actimo’s solution is just one aspect, but potentially an interesting one: it has built a platform where employees can track the training that they have done or need to do, engage with other co-workers, and provide feedback, and employers can use it to generally track and encourage how employees are engaging across the company and its various efforts. It counts some 200 enterprises, including Circle K, Hi3G and Compass Group, among its customers, and has current ARR of $5 million.

For comparison, Kahoot, in its Q2 financials published in August, reported ARR of $25 million, with invoiced revenue for the quarter at $9.6 million, growing some 317% on the same quarter a year before. The company has also raised some $110 million in private funding from the likes of Microsoft and Disney.

As Kahoot looks to find more than just a transient place in a company’s IT and software fabric — transience of attention always being a risk with anything gaming-based — it makes a lot of sense to pick up Actimo and work on ways of coupling the platform with its other corporate work. You can also imagine a time when it might create a similar kind of dashboard for the educational sector.

“We are excited to welcome the Actimo team to be part of the fast-growing Kahoot! family,” said Kahoot CEO, Eilert Hanoa, in a statement. “This acquisition will further extend Kahoot!’s corporate learning offerings, by providing solutions tailored for the frontline segment, as well as to solidify company culture and engagement among remote and distributed teams in companies of all types and sizes. This continues our expressed ambition to also grow through M&A by adding strategic capabilities that we can leverage across our global platform.”

“We are thrilled to join forces with Kahoot! in our mission to develop next-level solutions that connect remote employees and boost employee engagement and productivity,” said Eske Gunge, CEO at Actimo, in a statement. “Being part of Kahoot! and with our experience from working with innovative and ambitious enterprises across industries, we can together set a new standard for corporate learning and engagement.”

Pure Storage acquires data service platform Portworx for $370M

/0 Comments/in /by

Pure Storage, the public enterprise data storage company, today announced that it has acquired Portworx, a well-funded startup that provides a cloud-native storage and data-management platform based on Kubernetes, for $370 million in cash. This marks Pure Storage’s largest acquisition to date and shows how important this market for multicloud data services has become.

Current Portworx enterprise customers include the likes of Carrefour, Comcast, GE Digital, Kroger, Lufthansa, and T-Mobile. At the core of the service is its ability to help users migrate their data and create backups. It creates a storage layer that allows developers to then access that data, no matter where it resides.

Pure Storage will use Portworx’s technology to expand its hybrid and multicloud services and provide Kubernetes -based data services across clouds.

Image Credits: Portworx

“I’m tremendously proud of what we’ve built at Portworx: An unparalleled data services platform for customers running mission-critical applications in hybrid and multicloud environments,” said Portworx CEO Murli Thirumale. “The traction and growth we see in our business daily shows that containers and Kubernetes are fundamental to the next-generation application architecture and thus competitiveness. We are excited for the accelerated growth and customer impact we will be able to achieve as a part of Pure.”

When the company raised its Series C round last year, Thirumale told me that Portworx had expanded its customer base by over 100% and its bookings increased by 376 from 2018 to 2019.

“As forward-thinking enterprises adopt cloud-native strategies to advance their business, we are thrilled to have the Portworx team and their groundbreaking technology joining us at Pure to expand our success in delivering multicloud data services for Kubernetes,” said Charles Giancarlo, chairman and CEO of Pure Storage. “This acquisition marks a significant milestone in expanding our Modern Data Experience to cover traditional and cloud native applications alike.”

Portworx raises $27M Series C for its cloud-native data management platform

ServiceNow updates its workflow automation platform

/0 Comments/in /by

ServiceNow today announced the latest release of its workflow automation platform. With this, the company is emphasizing a number of new solutions for specific verticals, including for telcos and financial services organizations. This focus on verticals extends the company’s previous efforts to branch out beyond the core IT management capabilities that defined its business during its early years. The company is also adding new features for making companies more resilient in the face of crises, as well as new machine learning-based tools.

Dubbed the “Paris” release, this update also marks one of the first major releases for the company since former SAP CEO Bill McDermott became its president and CEO last November.

“We are in the business of operating on purpose,” McDermott said. “And that purpose is to make the world of work work better for people. And frankly, it’s all about people. That’s all CEOs talk about all around the world. This COVID environment has put the focus on people. In today’s world, how do you get people to achieve missions across the enterprise? […] Businesses are changing how they run to drive customer loyalty and employee engagement.”

Former SAP CEO Bill McDermott taking over as ServiceNow CEO

He argues that at this point, “technology is no longer supporting the business, technology is the business,” but at the same time, the majority of companies aren’t prepared to meet whatever digital disruption comes their way. ServiceNow, of course, wants to position itself as the platform that can help these businesses.

“We are very fortunate at ServiceNow,” CJ Desai, ServiceNow’s chief product officer, said. “We are the critical platform for digital transformation, as our customers are thinking about transforming their companies.”

As far as the actual product updates, ServiceNow is launching a total of six new products. These include new business continuity management features with automated business impact analysis and tools for continuity plan development, as well as new hardware asset management for IT teams and legal service delivery for legal operations teams.

Image Credits: ServiceNow

With specialized solutions for financial services and telco users, the company is also now bringing together some of its existing solutions with more specialized services for these customers. As ServiceNow’s Dave Wright noted, this goes well beyond just putting together existing blocks.

“The first element is actually getting familiar with the business,” he explained. “So the technology, actually building the product, isn’t that hard. That’s relatively quick. But the uniqueness when you look at all of these workflows, it’s the connection of the operations to the customer service side. Telco is a great example. You’ve got the telco network operations side, making sure that all the operational equipment is active. And then you’ve got the business service side with customer service management, looking at how the customers are getting service. Now, the interesting thing is, because we’ve got both things sitting on one platform, we can link those together really easily.”

Image Credits: ServiceNow

On the machine learning side, ServiceNow made six acquisitions in the area in the last four years, Wright noted — and that is now starting to pay off. Specifically, the company is launching its new predictive intelligence workbench with this release. This new service makes it easier for process owners to detect issues, while also suggesting relevant tasks and content to agents, for example, and prioritizing incoming requests automatically. Using unsupervised learning, the system can also identify other kinds of patterns and with a number of pre-built templates, users can build their own solutions, too.

“The ServiceNow advantage has always been one architecture, one data model and one born-in-the-cloud platform that delivers workflows companies need and great experiences employees and customers expect,” said Desai. “The Now Platform Paris release provides smart experiences powered by AI, resilient operations, and the ability to optimize spend. Together, they will provide businesses with the agility they need to help them thrive in the COVID economy.”

Luther.AI is a new AI tool that acts like Google for personal conversations

/0 Comments/in /by

When it comes to pop culture, a company executive or history questions, most of us use Google as a memory crutch to recall information we can’t always keep in our heads, but Google can’t help you remember the name of your client’s spouse or the great idea you came up with at a meeting the other day.

Enter Luther.AI, which purports to be Google for your memory by capturing and transcribing audio recordings, while using AI to deliver the right information from your virtual memory bank in the moment of another online conversation or via search.

The company is releasing an initial browser-based version of their product this week at TechCrunch Disrupt where it’s competing for the $100,000 prize at TechCrunch Disrupt Battlefield.

Luther.AI’s founders say the company is built on the premise that human memory is fallible, and that weakness limits our individual intelligence. The idea behind Luther.AI is to provide a tool to retain, recall and even augment our own brains.

It’s a tall order, but the company’s founders believe it’s possible through the growing power of artificial intelligence and other technologies.

“It’s made possible through a convergence of neuroscience, NLP and blockchain to deliver seamless in-the-moment recall. GPT-3 is built on the memories of the public internet, while Luther is built on the memories of your private self,” company founder and CEO Suman Kanuganti told TechCrunch.

It starts by recording your interactions throughout the day. For starters, that will be online meetings in a browser, as we find ourselves in a time where that is the way we interact most often. Over time though, they envision a high-quality 5G recording device you wear throughout your day at work and capture your interactions.

If that is worrisome to you from a privacy perspective, Luther is building in a few safeguards starting with high-end encryption. Further, you can only save other parties’ parts of a conversation with their explicit permission. “Technologically, we make users the owner of what they are speaking. So for example, if you and I are having a conversation in the physical world unless you provide explicit permission, your memories are not shared from this particular conversation with me,” Kanuganti explained.

Finally, each person owns their own data in Luther and nobody else can access or use these conversations either from Luther or any other individual. They will eventually enforce this ownership using blockchain technology, although Kanuganti says that will be added in a future version of the product.

Luther.ai search results recalling what person said at meeting the other day about customer feedback.

Image Credits: Luther.ai

Kanuganti says the true power of the product won’t be realized with a few individuals using the product inside a company, but in the network effect of having dozens or hundreds of people using it, even though it will have utility even for an individual to help with memory recall, he said.

While they are releasing the browser-based product this week, they will eventually have a stand-alone app, and can also envision other applications taking advantage of the technology in the future via an API where developers can build Luther functionality into other apps.

The company was founded at the beginning of this year by Kanuganti and three co-founders including CTO Sharon Zhang, design director Kristie Kaiser and scientist Marc Ettlinger . It has raised $500,000 and currently has 14 employees including the founders.

Two Russians Charged in $17M Cryptocurrency Phishing Spree

/0 Comments/in /by

U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.


The Justice Department unsealed indictments against Russian nationals Danil Potekhin and Dmitirii Karasavidi, alleging the duo was responsible for a sophisticated phishing and money laundering campaign that resulted in the theft of $16.8 million in cryptocurrencies and fiat money from victims.

Separately, the U.S. Treasury Department announced economic sanctions against Potekhin and Karasavidi, effectively freezing all property and interests of these persons (subject to U.S. jurisdiction) and making it a crime to transact with them.

According to the indictments, the two men set up fake websites that spoofed login pages for the currency exchanges Binance, Gemini and Poloniex. Armed with stolen login credentials, the men allegedly stole more than $10 million from 142 Binance victims, $5.24 million from 158 Poloniex users, and $1.17 million from 42 Gemini customers.

Prosecutors say the men then laundered the stolen funds through an array of intermediary cryptocurrency accounts — including compromised and fictitiously created accounts — on the targeted cryptocurrency exchange platforms. In addition, the two are alleged to have artificially inflated the value of their ill-gotten gains by engaging in cryptocurrency price manipulation using some of the stolen funds.

For example, investigators alleged Potekhin and Karasavidi used compromised Poloniex accounts to place orders to purchase large volumes of “GAS,” the digital currency token used to pay the cost of executing transactions on the NEO blockchain — China’s first open source blockchain platform.

“Using digital crurency in one victim Poloniex account, they placed an order to purchase approximately 8,000 GAS, thereby immediately increasing the market price of GAS from approximately $18 to $2,400,” the indictment explains.

Potekhin and others then converted the artificially inflated GAS in their own fictitious Poloniex accounts into other cryptocurrencies, including Ethereum (ETH) and Bitcoin (BTC). From the complaint:

“Before the Eight Fictitious Poloniex Accounts were frozen, POTEKHIN and others transferred approximately 759 ETH to nine digital currency addresses. Through a sophisticated and layered manner, the ETH from these nine digital currency addresses was sent through multiple intermediary accounts, before ultimately being deposited into a Bitfinex account controlled by Karasavidi.”

The Treasury’s action today lists several of the cryptocurrency accounts thought to have been used by the defendants. Searching on some of those accounts at various cryptocurrency transaction tracking sites points to a number of phishing victims.

“I would like to blow your bitch ass away, if you even had the balls to show yourself,” exclaimed one victim, posting in a comment on the Etherscan lookup service.

One victim said he contemplated suicide after being robbed of his ETH holdings in a 2017 phishing attack. Another said he’d been relieved of funds needed to pay for his 3-year-old daughter’s medical treatment.

“You and your team will leave a trail and will be found,” wrote one victim, using the handle ‘Illfindyou.’ “You’ll only be able to hide behind the facade for a short while. Go steal from whales you piece of shit.”

There is potentially some good news for victims of these phishing attacks. According to the Treasury Department, millions of dollars in virtual currency and U.S. dollars traced to Karasavidi’s account was seized in a forfeiture action by the United States Secret Service.

Whether any of those funds can be returned to victims of this phishing spree remains to be seen. And assuming that does happen, it could take years. In February 2020, KrebsOnSecurity wrote about being contacted by an Internal Revenue Service investigator seeking to return funds seized seven years earlier as part of the governments 2013 seizure of Liberty Reserve, a virtual currency service that acted as a $6 billion hub for the cybercrime world.

Today’s action is the latest indication that the Treasury Department is increasingly willing to use its authority to restrict the financial resources tied to various cybercrime activities. Earlier this month, the agency’s Office of Foreign Asset Control (OFAC) added three Russian nationals and a host of cryptocurrency addresses to its sanctions lists in a case involving efforts by Russian online troll farms to influence the 2018 mid-term elections.

In June, OFAC took action against six Nigerian nationals suspected of stealing $6 million from U.S. businesses and individuals through Business Email Compromise fraud and romance scams.

And in 2019, OFAC sanctioned 17 members allegedly associated with “Evil Corp.,” an Eastern European cybercrime syndicate that has stolen more than $100 million from small businesses via malicious software over the past decade.

A copy of the indictments against Potekhin and Karasavidi is available here (PDF).

Verkada adds environmental sensors to cloud-based building operations toolkit

/0 Comments/in /by

As we go deeper into the pandemic, many buildings sit empty or have limited capacity. During times like these, having visibility into the state of the building can give building operations peace of mind. Today, Verkada, a startup that helps operations manage buildings via the cloud, announced a new set of environmental sensors to give customers even greater insight into building conditions.

The company had previously developed cloud-based video cameras and access control systems. Verkada CEO and co-founder of Filip Kaliszan says today’s announcement is about building on these two earlier products.

“What we do today is cameras and access control — cameras, of course provide the eyes and the view into building in spaces, while access control controls how you get in and out of these spaces,” Kaliszan told TechCrunch. Operations teams can manage these devices from the cloud on any device.

The sensor pack that the company is announcing today layers on a multi-function view into the state of the environment inside a building. “The first product that we’re launching along this environmental sensor line is the SV11, which is a very powerful unit with multiple sensors on board, all of which can be managed in the cloud through our Verkada command platform. The sensors will give customers insight into things like air quality, temperature, humidity, motion and occupancy of the space, as well as the noise level,” he said.

There is a clear strategy behind the company’s product road map. The idea is to give building operations staff a growing picture of what’s going on inside the space. “You can think of all the data being combined with the other aspects of our platform, and then begin delivering a truly integrated building and setting the standard for enterprise building security,” Kaliszan said.

These tools, and the ability to access all the data about a building remotely in the cloud, obviously have even more utility during the pandemic. “I think we’re fortunate that our products can help customers mitigate some of the effects of the pandemic. So we’ve seen a lot of customers use our tools to help them manage through the pandemic, which is great. But when we were originally designing this environmental sensor, the rationale behind it were these core use cases like monitoring server rooms for environmental changes.”

The company, which was founded in 2016, has been doing well. It has 4,200 customers and roughly 400 employees. It is still growing and actively hiring and expects to reach 500 by the end of the year. It has raised $138.9 million, the most recent coming January this year, when it raised an $80 million Series C investment led Felicis Ventures on a $1.6 billion valuation.

Verkada raises $80M at $1.6B to be every building’s security OS