Archive for November 30, 2016

Cybersecurity Firm Proficio raises $12 Million Funding

(pc-Google Images)
Proficio, a Carlsbad-based startup providing cybersecurity protection services for middle market companies, has raised $12 million in an investment round led by Kayne Anderson Capital Advisors. The Los Angeles-based private equity firm provided funding from its Kayne Partners Fund Group, which invests in high-growth technology businesses.

It is the first major capital raise for Proficio, which previously took in about $1 million, said co-founder and President Tim McElwee.

“They haven’t done anything in cyber, and they have been looking to get involved in the cybersecurity space,” said McElwee. “We are excited to be partnering with Kayne Capital as we accelerate the next phase of Proficio’s growth.”

“Proficio is changing the way organizations meet their information technology security and compliance goals by providing the most advanced cybersecurity solutions without the cost and complexity of acquiring sophisticated software or operating a 24x7 security operations center on their own,” said Nate Locke, a Kayne partner who will join Proficio’s board of directors, in a statement.

With the funding, Proficio aims to expand in its current markets of North America and parts of Asia, as well as spread into additional regions such as Europe and other parts of Asia. The company also plans to expand its cybersecurity technology platform, adding new services for advanced analytics, threat intelligence and incident response.

Founded in 2010, Proficio provides managed cybersecurity services on a subscription basis to customers in banking, health care, utilities, credit and consumer businesses.

Locky Ransomware Spreads Through Facebook,LinkedIn

(pc-Google Images)
A new ransomware has spread into social networking sites Facebook and LinkedIn through graphic files and images. The new type of ransomware, Locky, is being distributed by a new attack vector called ImageGate.

Few researchers from CheckPoint says that Locky understands the flaws in the treatment of images by Facebook and LinkedIn and uses it to their advantage by making users download malicious codes through the pictures which eventually hijacks computer exactly when you open them. The ransomware encrypts your files and attackers don’t give the back to the user until a certain amount is paid.

Dikla Barda, Check Point Research team wrote, “The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.”

Check Point added that it will release further details about the vulnerability once the affected websites confirm they have fixed the flaw.

Hackers stole Tesla car using App

A team of hackers in  Norwegian cyber security firm have demonstrated how the cyber-criminals can easily exploit  the security of the Tesla's car by just compromising the car's companion smartphone application.

The cyber security researchers of the firm Promon used a laptop to remotely unlock the Model S's doors, start the electric car and drove away unhindered without using the key. They successfully managed to do so by hacking a car owner's smartphone.

The company published a video that  exposes the vulnerabilities in the Tesla app, which is commonly used by owners to check the battery level and charging status, identify the  location of their car,  for temperature regulation before getting in, and flash the lights to help find the car in a car park.
The app is available for both Android and iOS phones.

The hackers first convince the owner to download a malicious app onto their phone and then create a free and open Wi-Fi hotspot close to a Tesla charging station.

Tom Lysemose Hansen, founder, and CTO at Promon, said: “Keen Security Labs' recent research exploited flaws in the CAN bus systems of Tesla vehicles, enabling them to take control of a limited number of functions of the car. Our test is the first one to use the Tesla app as an entry point, and goes a step further by showing that a compromised app can lead directly to the theft of a car.”

Within few days of the demonstration, Tesla sent a software patch to fix that flaw.

“Our test is the first one to use the Tesla app as an entry point, and goes a step further by showing that a compromised app can lead directly to the theft of a car,” Hansen said.

“By moving away from having a physical car key to unlock the door, Tesla is basically taking the same step as banks and the payment industry. Physical tokens are replaced by ‘mobile tokens,’” Hansen said. “We strongly believe that Tesla and the car industry need to provide a comparable level of security, which is certainly not the case today.”

Irish Law Firms Suffer 50 percent Rise in Cyber Crimes

(pc-Google Images)
A new research has shown that there is 50 percent increase in the cyber-attacks in Irish law firms. Per the study, three out of every ten firms have suffered a cyber-attack in the past 12 months.

The data shows that more than half of the attacks were caused by malware, while 35 percent involved ransomware, a program that blocks access to computer systems until a sum of money (ransom) is paid.

Amárach Research conducted the survey, drawing data from 107 law firms during September and October. Although the names of the firms were not revealed, 13 of the country's top 20 firms, 17 mid-tiers and 77 small firms were involved.

The report states that : "Law firms present a particularly attractive target for cyber criminals. Firms hold sensitive and potentially valuable data about individuals and corporates and may have significant client account balances on hand. Losing client data or funds or having sensitive and confidential information exposed may be the most frightening outcome for a law firm resulting from a cyber-attack."

"Earlier this year it was reported that law firms were the targets of espionage by hackers who tried to obtain merger and acquisition details to facilitate insider trading. Firms acting in this area are likely to remain at risk from both cybercriminals and nation state attacks."

The report described cybercrime as “a clear and present threat to legal practices in Ireland”, warning attacks will occur more frequently.

DOD shakes hand with white hackers

After the huge success of the “Hack the Pentagon”  bug bounty pilot,  organized for the hackers across the country to report and find vulnerabilities in Department of Defense networks in return for huge cash payments, The Department of Defense  has launched two unique initiatives to further strengthen the  cybersecurity of DOD.

The US Department of Defense (DoD) and HackerOne have collaborated officially a  bug bounty program where researchers will have all the freedom to report bugs or flaws they discover in its websites without any fear of prosecution.

 "This policy is a first of its kind for the US Government," HackerOne says. "With DoD's new vulnerability disclosure policy, hackers have clear guidance on how to legally test for and disclose vulnerabilities in DoD's websites outside of bug bounty challenges. This new initiative underscores DoD's commitment to working in partnership with the hacker community to improve security."

The name of the program is  “see something, say something." Defense Secretary Ashton B. Carter said that the program focuses on  improving the  cyber security of the Pentagon’s unclassified, public-facing networks.

“This is a historic moment for hackers and the U.S. government,” said Katie Moussouris, founder of Luta Security and an adviser to the Pentagon on the new policy. “For the first time since hacking became a felony offense over 30 years ago, the Department of Defense has now opened the doors for ongoing vulnerability disclosure from helpful hackers who want to help secure these systems without fear of legal prosecution.”

But the DoD  has issued certain guidelines for the reaseachers.

“Your activities are limited exclusively to –
(1) Testing to detect a vulnerability or identify an indicator related to a vulnerability; or
(2) Sharing with, or receiving from, DoD information about a vulnerability or an indicator related to a vulnerability.”

Here are ten commandments released by the Department of Defense for demonstrating compliance with its policy:

  1. You do no harm and do not exploit any vulnerability beyond the minimal amount of testing required to prove that a vulnerability exists or to identify an indicator related to a vulnerability.
  2. You avoid intentionally accessing the content of any communications, data, or information transiting or stored on DoD information system(s) – except to the extent that the information is directly related to a vulnerability and the access is necessary to prove that the vulnerability exists.
  3. You do not exfiltrate any data under any circumstances.
  4. You do not intentionally compromise the privacy or safety of DoD personnel (e.g. civilian employees or military members), or any third parties.
  5. You do not intentionally compromise the intellectual property or other commercial or financial interests of any DoD personnel or entities, or any third parties.
  6. You do not publicly disclose any details of the vulnerability, indicator of vulnerability, or the content of information rendered available by a vulnerability, except upon receiving explicit written authorization from DoD.
  7. You do not conduct denial of service testing.
  8. You do not conduct social engineering, including spear phishing, of DoD personnel or contractors.
  9. You do not submit a high-volume of low-quality reports.
  10. If at any point you are uncertain whether to continue testing, please engage with our team.