Security

Cyral announces $11M Series A to help protect data in cloud

Cyral, an early stage startup that helps protect data stored in cloud repositories, announced an $11 million Series A today. The company also revealed a previous undisclosed $4.1 million angel investment, making the total $15.1 million. The Series A was led by Redpoint Ventures. A.Capital Ventures, Costanoa VC, Firebolt, SV Angel and Trifecta Capital also […]

The US government should stop demanding tech companies compromise on encryption

In a tweet late Tuesday, President Trump criticized Apple for refusing “to unlock phones used by killers, drug dealers and other violent criminal elements.” Trump was specifically referring to a locked iPhone that belonged to a Saudi airman who killed three U.S sailors in an attack on a Florida base in December. It’s only the latest […]

Buttigieg’s CISO resigns, leaving no known cybersecurity chiefs among the 2020 candidates

Presidential candidate Pete Buttigieg has lost his campaign’s chief information security officer, who cited “differences” with the campaign over its security practices. Mick Baccio, who served under the former South Bend mayor’s campaign for the White House, left his position earlier this month. The Wall Street Journal first reported the news. TechCrunch also confirmed Baccio’s […]

Google finally brings its security key feature to iPhones

More than half a year after Google said Android phones could be used as a security key, the feature is coming to iPhones. Google said it’ll bring the feature to iPhones in an effort to give at-risk users, like journalist and politicians, access to additional account and security safeguards, effectively removing the need to use […]

Cloudflare is giving away its security tools to US political campaigns

Network security giant Cloudflare said it will provide its free security tools and services to U.S. political campaigns, as part of its efforts to secure upcoming elections against cyberattacks and election interference. The company said its new Cloudflare for Campaigns offering will include distributed denial-of-service attack mitigation, load balancing for campaign websites, a website firewall, […]

Microsoft and NSA say security bug affects millions of Windows 10 computers

Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10. The vulnerability is found in a decades-old Windows cryptographic component, known as CryptoAPI. The component has a range of functions, one of which allows developers digitally sign their software, proving that the software has not been […]

Instagram tests Direct Messaging on web where encryption fails

Instagram will finally let you chat from your web browser, but the launch contradicts Facebook’s plan for end-to-end encryption in all its messaging apps. Today Instagram began testing Direct Messages on the web for a small percentage of users around the globe, a year after TechCrunch reported it was testing web DMs. When fully rolled […]

Seattle’s ExtraHop expects $100M ARR in 2021, IPO

Hello and welcome back to our regular morning look at private companies, public markets and the gray space in between. Today we’re continuing our series on companies that have reached the $100 million annual recurring revenue (ARR) threshold, or are about to. ExtraHop is the company of the day, a Seattle-based firm that deals with […]

At CES, companies slowly start to realize that privacy matters

Every year, Consumer Electronics Show attendees receive a branded backpack, but this year’s edition was special; made out of transparent plastic, the bag’s contents were visible without the wearer needing to unzip. It isn’t just a fashion decision. Over the years, security has become more intense and cumbersome, but attendees with transparent backpacks didn’t have […]

Amazon has fired an employee for leaking user email addresses and phone numbers

Amazon has fired an employee after it shared user email address and phone number with a third-party “in violation of our policies,” according to an email seen by TechCrunch. The email, which was sent to customers on Friday afternoon, said the employee was “terminated” and the company is supporting law enforcement in their prosecution. “No […]

A billion medical images are exposed online, as doctors ignore warnings

This story was reported in partnership with health news site The Mighty Every day, millions of new medical images containing the personal health information of patients are spilling out onto the internet. Hundreds of hospitals, medical offices and imaging centers are running insecure storage systems, allowing anyone with an internet connection and free-to-download software to […]

Mozilla says a new Firefox security bug is under active attack

Mozilla has warned Firefox users to update their browser to the latest version after security researchers found a vulnerability that hackers were actively exploiting in “targeted attacks” against users. The vulnerability, found by Chinese security company Qihoo 360, was found in Firefox’s just-in-time compiler. The compiler is tasked with speeding up performance of JavaScript to […]

How Ring is rethinking privacy and security

Ring is now a major player when it comes to consumer video doorbells, security cameras — and privacy protection. Amazon acquired the company and promotes its devices heavily on its e-commerce websites. Ring has even become a cultural phenomenon with viral videos being shared on social networks and the RingTV section on the company’s website. […]

As ransomware gets craftier, companies must start thinking creatively

Some say ransomware is in decline. Others say it’s getting craftier. File-encrypting malware, known as ransomware, infects vulnerable computers and scrambles its files, inviting victims to return access to their data once they pay a ransom. Ransomware remains one of the most popular types of malware and is said to be a multi-billion dollar — albeit […]

AvePoint lands $200M investment to expand market for Microsoft cloud governance tools

While Microsoft cloud services such as SharePoint, Microsoft Teams and Office 365 are used widely by large organizations, the products don’t come standard with an enterprise-grade control layer. That’s where AvePoint, a Microsoft independent software (ISV), comes in. Today, the company announced a $200 million Series C investment. The round was led by TPG Sixth […]

Cloudflare acquires stealthy startup S2 Systems, announces Cloudflare for Teams

Cloudflare announced that it has acquired S2 Systems, a browser isolation startup started by former Microsoft execs. The two companies did not reveal the acquisition price. Matthew Prince, co-founder and CEO at Cloudflare, says that this acquisition is part of a new suite of products called Cloudflare for Teams, which has been designed to protect […]

Homeland Security warns businesses to brace for Iranian cyberattacks

Homeland Security is warning U.S. companies to “consider and assess” the possible impacts and threat of a cyberattack on their businesses following heightened tensions with Iran. It’s its first official guidance published the government’s dedicated cyber advisory unit, the Cybersecurity and Infrastructure Security Agency, just days after the killing of a leading Iranian military commander, […]

BigID bags another $50M round as data privacy laws proliferate

Almost exactly 4 months to the day after BigID announced a $50 million Series C, the company was back today with another $50 million round. The Series D came entirely from Tiger Global Management. The company has raised a total of $144 million. What warrants $100 million in interest from investors in just four months […]

2019 was a hot mess for cybersecurity, but 2020 shows promise

It’s no secret that I hate predictions — not least because the security field changes rapidly, making it difficult to know what’s next. But given what we know about the past year, we can make some best-guesses at what’s to come. Ransomware will get worse, and local governments will feel the heat File-encrypting malware that […]

Travelex suspends services after malware attack

Travelex, a major international foreign currency exchange, has confirmed its suspended some services after it was hit by malware on December 31. The London-based company, which operates more than 1,500 stores globally, said it took systems offline to “as a precautionary measure in order to protect data” and to stop the spread of the malware. […]

Here’s where California residents can stop companies selling their data

California’s new privacy law is now in effect, allowing state residents to take better control of the data that’s collected on them — from social networks, banks, credit agencies, and more. There’s just one catch: the companies, many of which lobbied against the law, don’t make it easy. California’s Consumer Privacy Act (CCPA) allows anyone […]

A ton of Ruckus Wireless routers are vulnerable to hackers

A security researcher has found several vulnerabilities in a number of Ruckus Wireless routers, which the networking giant has since patched. Gal Zror told TechCrunch that the vulnerabilities he found lie inside in the web user interface software that runs on the company’s Unleashed line of routers. The flaws can be exploited without needing a […]

Russia starts testing its own internal internet

Russia has begun testing a national internet system that would function as an alternative to the broader web, according to local news reports. Exactly what stage the country has reached is unclear, but certainly the goal of a resilient — and perhaps more easily controlled — internet is being pursued. The internet, of course, is […]

A Twitter app bug was used to match 17 million phone numbers to user accounts

A security researcher said he has matched 17 million phone numbers to Twitter user accounts by exploiting a flaw in Twitter’s Android app. Ibrahim Balic found that it was possible to upload entire lists of generated phone numbers through Twitter’s contacts upload feature. “If you upload your phone number, it fetches user data in return,” […]

No, Spotify, you shouldn’t have sent mysterious USB drives to journalists

Last week, Spotify sent out a number of USB drives to reporters with a note: “Play me.” It’s not uncommon for reporters to to receive USB drives in the post. Companies distribute USB drives all the time, including at tech conferences, often containing promotional materials or large files, such as videos that would otherwise be […]

Plenty of Fish app was leaking users’ hidden names and postal codes

Dating app Plenty of Fish has pushed out a fix for its apps after a security researcher found they were leaking information that users had set to “private” on their profiles. The app was always silently returning users’ first names and Zip postal codes to the app, according to The App Analyst, a mobile expert […]

MasterCard acquires security assessment startup, RiskRecon

MasterCard announced today that it is acquiring RiskRecon, a Salt Lake City startup that uses publicly available data to build security assessments of organizations. The companies did not share the purchase price. It’s become increasingly important for financial services companies like MasterCard to help customers navigate cyber security and RiskRecon will give customers an objective […]

F5 acquires Shape Security for $1B

F5 got an expensive holiday present today, snagging startup Shape Security for approximately $1 billion. What the networking company gets with a shiny red ribbon is a security product that helps stop automated attacks like credential stuffing. In an article earlier this year, Shape CTO Shuman Ghosemajumder explained what the company does: “We’re an enterprise-focused […]

Healthcare startup Lyfebin exposed medical images

Healthcare startup Lyfebin exposed thousands of medical imaging files, such as X-rays, MRI scans, and ultrasounds. The Los Angeles-based healthcare startup allows doctors and medical staff to store medical images in its “secure environment,” per its website, allowing patients and doctors access from anywhere. But the files were found stored in an unprotected Amazon Web […]