Plus: India-based Firecompass raises $7M to help companies identify cybersecurity threats
| Part of  Network | |
 Presented by  |
Russian hackers have breached the private email of a British Member of Parliament, according to a statement from the MP himself. The victim, Stewart McDonald, claims no sensitive information was stolen. More: - McDonald stated that his work email account has continuously been a target of Russian hacking campaigns, something that all MPs have experienced.
- The SNP member stated that during a recent spear phishing campaign, Russian hackers managed to breach his private email account as well as the email account of a staff member of his.
- Hackers sent McDonald a false password-protected file that supposedly contained information on the war in Ukraine.
- Once the MP clicked the file, it asked for his login credentials, which he gave.
- After he wrote his login details, the page remained blank.
- McDonald first blamed the blank page issue on technical problems and was only made aware of the breach when he told his staff about the event.
- The MP has reassured the public that no work-related information is held in his private email and that U.K. authorities have confirmed that his new personal email is safe to use.
| |
A security researcher was able to hack Toyota's supplier management system, which allows access to the company's projects, data, surveys, etc. The researcher claims he could log in simply by knowing employees' emails. More: - According to a post from the security researcher, he changed the Javascript code on the login page so that it returned a true command regardless of the credentials that were being entered.
- He gained access to information such as:
- Over 14,000 corporate account details,
- confidential documents,
- projects,
- supplier rankings/comments, etc.
- The stolen data belongs to users in multiple countries, including the U.S.
- Toyota was made aware of the security flaws that led to the white-hat breach on Nov. 3, 2022.
- One of the security bugs was ranked as severe, according to the security researcher.
- These flaws were patched by Toyota shortly after the company was notified about their existence.
| |
 A message from FINGERPRINT High scale applications are enabling teams to tackle their device identity challenges with Fingerprint. Product managers from high-traffic platforms know that recognizing your visitors is now more essential than ever. Whether it is to grow your verified user signups, reduce all types of fraud, or enable an engaging user experience for trusted customers. Top websites & apps like TripleWhale, Booking.com & Dropbox already trust Fingerprint to tackle their device id challenges. With Fingerprint, teams can: - Prevent Fraud: Get access to highly accurate signals to power your data models.
- Improve User Experiences: Increase revenue and conversions through seamless user experiences.
- Understand Your Traffic: Uncover insights about your users by recognizing every visitor’s signal across mobile and web.
Get 20K monthly API calls for free and start identifying. Try Fingerprint Today
| |
CISA has released a decryption tool for victims that were breached by the VMware ransomware. Over 3,800 people were hacked by the ransomware. More: - According to CISA, the decryption tool is a script that does not delete the encrypted files but creates new config files that enable access to the VMs.
- The agency has stated that the script should be carefully analyzed before being deployed since it could negatively impact the system in which it is used.
- VMware has released a statement saying that hackers are using multiple security flaws that affect significantly outdated devices.
- Researchers believe that victims have paid at least $88,000 in ransom to the threat actor behind VMware, even though the actual number is likely higher.
- The company has advised its customers to upgrade to the latest available supported releases of vsphere components.
| |
India-based Firecompass has raised a $7M funding round to help companies identify cybersecurity threats by having its platform constantly look for flaws and then attack them. T-Mobile and Sprint have used the platform. More: - Firecompass offers a platform that constantly scans its clients' digital infrastructure for possible security flaws. Once the platform tracks them, then it uses the red team methodology in order to help them identify and fix the flaws.
- The platform tracks issues such as:
- exposed databases,
- cloud buckets,
- code leaks,
- exposed credentials,
- exposed APIs, etc.
- Silicon Valley-based investor Cervin led the funding round, while Athera Venture Partners also participated.
- The funding will be used to expand across the U.S. and India.
- Firecompass was founded in 2019 and is based in Bengaluru, India.
- The company also has a presence in Boston.
| |
Lineaje, a platform that helps companies keep their software supply chain secure, has raised a $7M Seed funding round. Tenable Ventures led the funding round. More: - Lineaje's security platform authenticates the validity of every software package that a company uses.
- This platform focuses on finding vulnerabilities that may be abused in open-source software products that companies include in their tech stack.
- If a security flaw is tracked, Lineaje sends an alert to the user and gives them directions on how to proceed.
- Dreamit Ventures, Veear Capital, and Belltower Fund Group also participated in the round.
- The company is based in Saratoga, California.
| |
Quick Hits: - Friction is NOT one-size-fits-all. Learn how implementing friction that adapts to your users could boost conversion rates & reduce fraud.*
- Russian threat actor Nodaria is deploying its GO-written Graphiron malware to attack Ukrainian authorities. The malware can deploy keyloggers, take screenshots, steal documents, etc.
- Blockfenders, a startup that aims to help companies share data more securely through the blockchain, has raised a $1.5M Pre-Seed round.
- The U.S. National Institute of Standards and Technology will standardize the Ascon encryption algorithm for lightweight cryptography applications.
- A Russian hacker has pleaded guilty in front of a U.S. court for money laundering charges.
- Check out this demo-on-demand and find out how 4,000+ fast-growing companies got compliant quickly.*
*This is sponsored content.
| |
Upcoming events at Inside: - February 09 - Inside Marketing w/ Pedro Clivati (Growth Hackers) (Register Here)
- February 13 - Inside Marketing Coffee Break (Register Here)
- February 16 - Inside Marketing w/ Kate Chernis (Lately) (Register Here)
- March 01 - Webinar on the changing privacy landscape in the US by Vanta and Osano (Register Here) *
- March 02 - AI Quality Workshop: Driving ML Performance and Trustworthiness (Register Here) *
- April 18 - Human Resources Summit'23 (Register Here)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Fingerprint is the premier device identity platform for high-scale applications. | |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2023 Inside.com | |
| |
