Microsoft has warned 10,000 victims of state-sponsored hacking


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Microsoft said it has notified close to 10,000 people in the past year that they have been targeted by state-sponsored hackers.

The tech giant said Wednesday that the victims were either targeted or compromised by hackers working for a foreign government. In almost all cases, Microsoft said, enterprise customers were the primary targets — such as businesses and corporations. About one in ten victims are consumer personal accounts, the company said.

Microsoft said its new data, revealed at the Aspen Security Forum in Colorado, demonstrates the “significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics, or achieve other objectives.”

On top of that the company also said it has made 781 notifications of state-sponsored attacks on organizations using its AccountGuard technology, designed for political campaigns, parties and government institutions.

Almost all of the attacks targeted U.S.-based organizations,

Continue reading “Microsoft has warned 10,000 victims of state-sponsored hacking”

Dust Identity secures $10M Series A to identify objects with diamond dust


This post is by Ron Miller from TechCrunch


Click here to view on the original site: Original Post




The idea behind Dust Identity was originally born in an MIT lab where students developed a system of uniquely identifying objects using diamond dust. Since then, the startup has been working to create a commercial application for the advanced technology, and today it announced a $10 million Series A round led by Kleiner Perkins, which also led its $2.3 million seed round last year.

Airbus Ventures and Lockheed Martin Ventures, New Science Ventures, Angular Ventures and Castle Island Ventures also participated in the round. Today’s investment brings the total raised to $12.3 million.

The company has an unusual idea of applying a thin layer of diamond dust to an object with the goal of proving that object has not been tampered with. While using diamond dust may sound expensive, the company told TechCrunch last year at the time of its seed round funding that it uses low-cost industrial

Continue reading “Dust Identity secures $10M Series A to identify objects with diamond dust”

Dust Identity secures $10M Series A to identify objects with diamond dust


This post is by Ron Miller from TechCrunch


Click here to view on the original site: Original Post




The idea behind Dust Identity was originally born in an MIT lab where students developed a system of uniquely identifying objects using diamond dust. Since then, the startup has been working to create a commercial application for the advanced technology, and today it announced a $10 million Series A round led by Kleiner Perkins, which also led its $2.3 million seed round last year.

Airbus Ventures and Lockheed Martin Ventures, New Science Ventures, Angular Ventures and Castle Island Ventures also participated in the round. Today’s investment brings the total raised to $12.3 million.

The company has an unusual idea of applying a thin layer of diamond dust to an object with the goal of proving that object has not been tampered with. While using diamond dust may sound expensive, the company told TechCrunch last year at the time of its seed round funding that it uses low-cost industrial

Continue reading “Dust Identity secures $10M Series A to identify objects with diamond dust”

Snyk brings in new CEO to help lead future expansion


This post is by Ron Miller from TechCrunch


Click here to view on the original site: Original Post




Startup founders typically face a management challenge. They often began their careers in technical engineering jobs, and are thrust into the CEO role when starting a company. Sometimes it makes sense to bring in a more experienced executive to guide a fast-growing startup, and that is what Snyk announced it’s doing today, shifting founder/CEO Guy Podjarny to president and chairman of the board, while bringing in board member and investor Peter McKay as CEO.

Over the past 18 months the company has grown significantly moving from just 18 employees to 150 as its open source software development approach to security has taken hold in the marketplace. McKay is someone who makes sense for the job given he has been involved with the company as an investor since its early days, and has known Podjarny in various roles for 15 years. The two talked about having a good working relationship, something

Continue reading “Snyk brings in new CEO to help lead future expansion”

Snyk brings in new CEO to help lead future expansion


This post is by Ron Miller from TechCrunch


Click here to view on the original site: Original Post




Startup founders typically face a management challenge. They often began their careers in technical engineering jobs, and are thrust into the CEO role when starting a company. Sometimes it makes sense to bring in a more experienced executive to guide a fast-growing startup, and that is what Snyk announced it’s doing today, shifting founder/CEO Guy Podjarny to president and chairman of the board, while bringing in board member and investor Peter McKay as CEO.

Over the past 18 months the company has grown significantly moving from just 18 employees to 150 as its open source software development approach to security has taken hold in the marketplace. McKay is someone who makes sense for the job given he has been involved with the company as an investor since its early days, and has known Podjarny in various roles for 15 years. The two talked about having a good working relationship, something

Continue reading “Snyk brings in new CEO to help lead future expansion”

Snyk brings in new CEO to help lead future expansion


This post is by Ron Miller from TechCrunch


Click here to view on the original site: Original Post




Startup founders typically face a management challenge. They often began their careers in technical engineering jobs, and are thrust into the CEO role when starting a company. Sometimes it makes sense to bring in a more experienced executive to guide a fast-growing startup, and that is what Snyk announced it’s doing today, shifting founder/CEO Guy Podjarny to president and chairman of the board, while bringing in board member and investor Peter McKay as CEO.

Over the past 18 months the company has grown significantly moving from just 18 employees to 150 as its open source software development approach to security has taken hold in the marketplace. McKay is someone who makes sense for the job given he has been involved with the company as an investor since its early days, and has known Podjarny in various roles for 15 years. The two talked about having a good working relationship, something

Continue reading “Snyk brings in new CEO to help lead future expansion”

Snyk brings in new CEO to help lead future expansion


This post is by Ron Miller from TechCrunch


Click here to view on the original site: Original Post




Startup founders typically face a management challenge. They often began their careers in technical engineering jobs, and are thrust into the CEO role when starting a company. Sometimes it makes sense to bring in a more experienced executive to guide a fast-growing startup, and that is what Snyk announced it’s doing today, shifting founder/CEO Guy Podjarny to president and chairman of the board, while bringing in board member and investor Peter McKay as CEO.

Over the past 18 months the company has grown significantly moving from just 18 employees to 150 as its open source software development approach to security has taken hold in the marketplace. McKay is someone who makes sense for the job given he has been involved with the company as an investor since its early days, and has known Podjarny in various roles for 15 years. The two talked about having a good working relationship, something

Continue reading “Snyk brings in new CEO to help lead future expansion”

Another 2.2 million patients affected by AMCA data breach


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Another clinical lab ensnared in the AMCA data breach has come forward.

Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen in the previously-reported breach.

Another 34,500 patients had their credit card or banking information compromised.

The breach was limited to U.S. residents, the company said.

CPL blamed the AMCA, which it and other labs used to process payments for their patients, for not providing more details on the breach when it was disclosed in June.

“At the time of AMCA’s initial notification, AMCA did not provide CPL with enough information for CPL to identify potentially affected patients or confirm the nature of patient information potentially involved in the incident, and CPL’s investigation is on-going,” said the company in a statement.

LabCorp was first hit with 7.7

Continue reading “Another 2.2 million patients affected by AMCA data breach”

Aavgo security lapse exposed hotel bookings


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




A security lapse at a hotel management startup has exposed hotel bookings and guests’ personal information.

The security lapse was resolved Monday after TechCrunch reached out to Aavgo, a hospitality tech company based in San Francisco, which secured a server it had left online without a password.

The server was open for three weeks — long enough for security researcher Daniel Brown to find the database.

He shared his findings exclusively with TechCrunch, then published them.

Aavgo bills itself as a way for hotels to organize their operations by using several connected apps — one for use by guests using tablets installed in their hotel rooms for entertainment, ordering room service and checking out, and another for staff to communicate with each other, file maintenance tickets and manage housekeeping.

Several large hotel chains, including Holiday Inn Express and Zenique Hotels, use Aavgo’s technology in their properties.

The database contained daily

Continue reading “Aavgo security lapse exposed hotel bookings”

Update Your Logitech Wireless Dongle Right Now


This post is by Brendan Hesse from Lifehacker


Click here to view on the original site: Original Post




A few years ago, hackers discovered that they could remotely take control of a PC by exploiting a vulnerability in Logitech wireless dongles. According to The Verge, dongles that Logitech is shipping today are still vulnerable to the same remote access hack—dubbed “MouseJack.”—a list that includes the manufacturer’s…

Read more…

No technical reason to exclude Huawei as 5G supplier, says UK committee


This post is by Natasha Lomas from TechCrunch


Click here to view on the original site: Original Post




A UK parliamentary committee has concluded there are no technical grounds for excluding Chinese network kit vendor Huawei from the country’s 5G networks.

In a letter from the chair of the Science & Technology Committee to the UK’s digital minister Jeremy Wright, the committee says: “We have found no evidence from our work to suggest that the complete exclusion of Huawei from the UK’s telecommunications networks would, from a technical point of view, constitute a proportionate response to the potential security threat posed by foreign suppliers.”

Though the committee does go on to recommend the government mandate the exclusion of Huawei from the core of 5G networks, noting that UK mobile network operators have “mostly” done so already — but on a voluntary basis.

If it places a formal requirement on operators not to use Huawei for core supply the committee urges the government to provide “clear criteria” for

Continue reading “No technical reason to exclude Huawei as 5G supplier, says UK committee”

TrickBot malware learns how to spam, ensnares 250M email addresses


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Old bot, new tricks.

TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.

The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add in new components. In the past few months it’s adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie stealing capabilities, allowing attackers to log in as their victims without needing their passwords.

With these new spamming capabilities, the malware — which researchers are calling “TrickBooster” — sends malicious from a victim’s account then removes the sent messages from

Continue reading “TrickBot malware learns how to spam, ensnares 250M email addresses”

TrickBot malware learns how to spam, ensnares 250M email addresses


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Old bot, new tricks.

TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.

The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add in new components. In the past few months it’s adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie stealing capabilities, allowing attackers to log in as their victims without needing their passwords.

With these new spamming capabilities, the malware — which researchers are calling “TrickBooster” — sends malicious from a victim’s account then removes the sent messages from

Continue reading “TrickBot malware learns how to spam, ensnares 250M email addresses”

TrickBot malware learns how to spam, ensnares 250M email addresses


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Old bot, new tricks.

TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.

The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add in new components. In the past few months it’s adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie stealing capabilities, allowing attackers to log in as their victims without needing their passwords.

With these new spamming capabilities, the malware — which researchers are calling “TrickBooster” — sends malicious from a victim’s account then removes the sent messages from

Continue reading “TrickBot malware learns how to spam, ensnares 250M email addresses”

T-Mobile quietly reported a sharp rise in police demands for cell tower data


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




T-Mobile has reported a small decline in the number of government data requests it receives, according to its latest transparency report, quietly published this week.

The third-largest cell giant in the U.S. reported 459,989 requests during 2018, down by a little over 1 percent on the year earlier. That includes an overall drop in subpoenas, court orders, and pen registers and trap and trace devices used to record the incoming and outgoing callers; however, the number of search warrants issues went up by 27 percent and wiretaps increased by almost 3 percent.

The company rejected 85,201 requests, an increase of 7 percent on the year prior.

But the number of requests for historical call detail records and cell site information, which can be used to infer a subscriber’s location, has risen significantly.

For 2018, the company received 70,224 demands for historical call data, up by more than 9 percent

Screen Shot 2019 07 12 at 1.24.52 PM

Continue reading “T-Mobile quietly reported a sharp rise in police demands for cell tower data”

FEC says political campaigns can now get discounted cybersecurity help


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




In a long awaited decision, the Federal Elections Commission will now allow political campaigns to appoint cybersecurity helpers to protect political campaigns from cyberthreats and malicious attackers.

The FEC, which regulates political campaigns and contributions, was initially poised to block the effort under existing rules that disallow campaigns to receive discounted services for federal candidates because it’s treated as an “in kind donation.”

For now the ruling allows just one firm, Area 1 Security, which brought the case to the FEC, to assist federal campaigns to fight disinformation campaigns and hacking efforts, both of which were prevalent during the 2016 presidential election.

Campaigns had fought in favor of the proposal, fearing a re-run of 2016 in the upcoming presidential and lawmaker elections in 2020.

FBI director Christopher Wray said last in April that the recent disinformation efforts were “a dress rehearsal for the big show in 2020.”

In

Continue reading “FEC says political campaigns can now get discounted cybersecurity help”

‘World’s first Bluetooth hair straighteners’ can be easily hacked


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Here’s a thing that should have never been a thing: Bluetooth-connected hair straighteners.

Glamoriser, a U.K. firm that bills itself as the maker of the “world’s first Bluetooth hair straighteners“, allows users to link the device to an app, which lets the owner set certain heat and style settings. The app can also be used to remotely switch off the straighteners within Bluetooth range.

Big problem, though. These straighteners can be hacked.

Security researchers at Pen Test Partners bought a pair and tested them out. They found that it was easy to send malicious Bluetooth commands within range to remotely control an owner’s straighteners.

The researchers demonstrated that they could send one of several commands over Bluetooth, such as the upper and lower temperature limit of the device — 122°F and 455°F respectively — as well as the shut-down time. Because the straighteners have no authentication, an

Continue reading “‘World’s first Bluetooth hair straighteners’ can be easily hacked”

OneTrust raises $200M at a $1.3B valuation to help organizations navigate online privacy rules


This post is by Ingrid Lunden from TechCrunch


Click here to view on the original site: Original Post




GDPR, and the newer California Consumer Privacy Act, have given a legal bite to ongoing developments in online privacy and data protection: it’s always good practice for companies with an online presence to take measures to safeguard people’s data, but now failing to do so can land them in some serious hot water.

Now — to underscore the urgency and demand in the market — one of the bigger companies helping organizations navigate those rules is announcing a huge round of the funding. OneTrust, which builds tools to help companies navigate data protection and privacy policies both internally and with its customers, has raised $200 million in a Series A round of funding led by Insight that values the company at $1.3 billion.

It’s an outsized round for a Series A, being made at an equally outsized valuation — especially considering that the company is only three years

Continue reading “OneTrust raises $200M at a $1.3B valuation to help organizations navigate online privacy rules”

Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping


This post is by Matthew Panzarino from TechCrunch


Click here to view on the original site: Original Post




Apple has disabled the Apple Watch Walkie Talkie app due to an unspecified vulnerability that could allow a person to listen to another customer’s iPhone without consent, the company told TechCrunch this evening.

Apple has apologized for the bug and for the inconvenience of being unable to use the feature while a fix is made.

The Walkie Talkie app on Apple Watch allows two users who have accepted an invite from each other to receive audio chats via a ‘push to talk’ interface reminiscent of the PTT buttons on older cell phones.

A statement from Apple reads:

We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use

Continue reading “Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping”