Plus: Apiiro raises $100M Series B to expand cloud security offering
Part of Network | |
Presented by |
TikTok is making it clear to its European users that some employees have access to their data by announcing new privacy policy changes. The privacy policy update goes into effect on Dec. 2, 2022. More: - This update is going to affect users in the European Union, The U.K, and the EEA.
- According to a company statement, TikTok allows some of its employees to access the data of its European users due to a proven job-related need.
- These employees are monitored under strict security rules, according to the company.
- The employees that have access to this data are located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States.
- Currently, TikTok hosts this data in Singapore and the U.S., but this new update could enable the company to store more data locally.
Zoom Out: - TikTok's privacy issues have been a topic of debate globally. India famously banned the app in 2021.
- Former U.S. President Donald Trump expressed his concerns over the app, stating that a possibility of acquisition by a U.S. company could be in play. Microsoft was mentioned by multiple sources, but the idea did not materialize in the end.
| |
French hacker group Opera1er may have stolen more than $30M from banks in a recent hacking campaign tracked by researchers. The group has mainly targeted banks in Africa. More: - Opera1er used phishing attacks as a threat vector, gaining access by breaching a limited number of employees in the banks or by using stolen SMS server access. Hackers then waited for several months until they stole any money.
- Researchers believe that the group has deployed at least 30 hacking campaigns since 2019.
- While most of the attacks targeted African banks, the threat actor has also deployed hacking campaigns against financial institutions and telecom companies. The group has breached victims in 15 countries in Africa, Latin America, and Asia.
- Opera1er is also tracked as Common Raven, Desktop-Group, and NXSMS.
| |
A message from SECURITY COMPASS This is your show Come and interact with our panel through questions or advice on how we can all improve application security training. What to expect: Earlier this month, Security Compass ran a survey that probed the mind of developers. We’ll discuss our findings with a panel of experts living in the developer and application security training space. What you will learn: -
What developers want from application security training -
Practical advice on leveling up developer security awareness & improving secure coding skills -
How to sustain developer training (with so many changing jobs) -
How to include security teams in developer training Sign up today to join us Live on Tuesday, Nov 9th, 2022 | 11:00 AM EST Come and share your insights and participate in this community discussion which will help inform security, development, hiring and training teams. Sign up now | |
A new spyware that attacks Android devices named SandStrike has been tracked. The unknown threat actor is deploying this spyware via VPN apps. More: - The threat actor is targeting practitioners of a specific religion found in Iran and several Middle East regions.
- These hackers are using social engineering to convince Instagram and Facebook users to click on a link that claims will send them to a VPN page.
- Once they click on the link, the victims are sent to a Telegram channel that has a link. While the link does download a custom-made VPN, it also deploys the SandStrike spyware.
- Researchers believe that this hacking campaign may be related to a sophisticated malware platform dubbed Metatron. Metatron targets telecommunications, internet service providers, and universities in Middle Eastern and African countries.
- This malware is able to bypass security protocols and deploy malware directly into the targeted system without being intercepted.
| |
Apiiro has raised a $100M Series B funding round to expand its cloud security software solution. The company believes its approach of increasing code base visibility and gathering multiple data points is the most innovative in the market and will continue to boost the company's growth. More: - The company stated that its product helps companies not only identify vulnerabilities but helps them prioritize which ones need to be tackled first based on the level of risk they pose for the company and its users.
- Apiiro claims its ARR has grown 400% in Q3 2022.
- The company currently employs 90 employees and has offices in Tel Aviv, New York, and London. The number of staff is set to double by next year.
- This $100M Series B funding round was led by General Catalyst with participation by Greylock and Kleiner Perkins.
| |
Akto has raised a $4.5M Seed funding round to provide companies with API inventory tracking in less than a minute. The company aims to fill a gap in the market, as there has been a 681% YoY increase in API hacking campaigns. More: - Akto’s software product takes less than a minute to deploy. Companies need an automatic inventory of APIs because it can be used to track data leaks and test for possible security flaws that may come up during development.
- The company builds a real-time inventory by using an AI algorithm that mirrors the traffic website has.
- According to company officials, this product will tackle an ever-growing issue for companies.
- Reports show that 30% of all malicious requests in hacking campaigns target shadow APIs. This percentage means more than over 3.6 billion malicious requests attack APIs.
- The API management sector is expected to grow to $13.7B by 2027, up from $4.5B in 2022.
| |
Quick Hits: - Whether you're planning to travel, or just feeling the itch to learn something new, now's the time to start speaking a new language with Babbel. Plus, for a limited time you can get 55% off.*
- Researchers believe that threat actor RomCom has been targeting Ukraine and possibly the U.K. The threat actors' methods are similar to those used by the Industrial Spy and Cuba ransomware groups.
- Cybercrime in Australia is surging, led by criminal gangs that are adopting technology to carry out crimes. Reports show a 13% YoY increase in the number of hacking campaigns reported.
- CISA Director Jen Easterly stated that she has seen positive signs regarding the cooperation between the public and private sectors in cybersecurity. Easterly made the comments in the Center for Strategic and International Studies.
- The National Cyber Security Centre will probe all internet-accessible systems hosted in the country for known vulnerabilities.
- Traditional dog food is packed with harmful filler ingredients. Vet Approved healthy dog food brand "Nom Nom" is offering 50% off a two-week trial to ensure your pup is happy and healthy.*
*This is sponsored content. | |
Upcoming events at Inside: - November 09 - Synthetic data for more efficient, robust and ethical model development - Live AMA with Yashar Behzadi (CEO and Founder of Synthesis AI)* (Register Here)
*This is a sponsored listing. | |
| | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Security Compass delivers best-practice, role-based, accredited eLearning solutions. | |
767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2022 Inside.com | |
|