Security

Very Good Security raises $35M in Series B in ‘zero data’ push

Data security startup Very Good Security, has raised $35 million in its latest round of funding. Its Series B, announced Thursday, was led by Goldman Sachs, with participation from existing investors Andreessen Horowitz — which led its $8.5 million Series A round — and Vertex Ventures US. Very Good Security’s offering is simple. Instead of […]

Alexa, where are the legal limits on what Amazon can do with my health data?

The contract between the UK’s National Health Service (NHS) and ecommerce giant Amazon — for a health information licensing partnership involving its Alexa voice AI — has been released following a Freedom of Information request. The government announced the partnership this summer. But the date on the contract, which was published on the gov.uk contracts […]

Millions downloaded dozens of Android apps on Google Play infected with adware

Security researchers have found dozens of Android apps in the Google Play store serving ads to unsuspecting victims as part of a money-making scheme. ESET researchers found 42 apps containing adware, which they say have been downloaded over 8 million times since they first debuted in July 2018. These apps look normal but act sneakily. […]

Early stage privacy startup DataGrail gets boost from Okta partnership

When Okta launched its $50 million Okta Ventures investment fund in April, one of its investments was in an early stage privacy startup called DataGrail. Today, the companies announced a partnership that they hope will help boost DataGrail, while providing Okta customers with a privacy tool option. DataGrail CEO and co-founder Daniel Barber says that […]

British parliament presses Facebook on letting politicians lie in ads

In yet another letter seeking to pry accountability from Facebook, the chair of a British parliamentary committee has pressed the company over its decision to adopt a policy on political ad that supports flagrant lying. In the letter Damian Collins, chair of the DCMS committee, asks the company to explain why it recently took the […]

6 tips founders need to know about securing their startup

If you’ve read anything of mine in the past year, you know just how complicated security can be. Every day it seems there’s a new security lapse, a breach, a hack, or an inadvertent exposure, such as leaving a cloud storage server unprotected without a password. These things happen, but they don’t have to; aecurity […]

NordVPN confirms it was hacked

NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked. The admission comes following rumors that the company had been breached. It first emerged that NordVPN had an expired internal private keys exposed, potentially allowing anyone to spin out their own servers imitating NordVPN. VPN providers are […]

Mercedes-Benz app glitch exposed car owners’ information to other users

Mercedes-Benz car owners have said that the app they used to remotely locate, unlock and start their cars was displaying other people’s account and vehicle information. TechCrunch spoke to two customers who said the Mercedes-Benz’ connected car app was pulling in information from other accounts and not their own, allowing them to see personal information […]

Samsung confirms glaring S10 fingerprint reader flaw, promises fix

Galaxy S10 users should be turn on some alternative security features as Samsung works to address a major flaw with the device’s in-screen fingerprint sensor. The consumer electronics giant noted the issue today after a British user reported the ability to unlock her device with unregistered fingerprints. The flaw was discovered after placing a $3.50 […]

Inside the shutdown of the ‘world’s largest’ child sex abuse website

This morning, the Justice Department announced that it had brought charges against the administrator and hundreds of users of the “world’s largest” child sexual exploitation marketplace on the dark web. For me, it marked the end of a story I’ve wanted to write for two years. In November 2017, I was working for CBS as […]

Foursquare CEO calls on Congress to regulate the location data industry

The chief executive of Foursquare, one of the largest location data platforms on the internet, is calling on lawmakers to pass legislation to better regulate the wider location data industry amid abuses and misuses of consumers’ personal data. It comes in the aftermath of the recent location sharing scandal, which revealed how bounty hunters were […]

Elastic adds endpoint security to its expanding toolset

Elastic acquired Endgame Security in June for $234 million, and as a result of that deal, today the company announced Elastic Endpoint security to help customers secure laptops and servers. It also announced the acquisition has officially closed. Elastic CEO and co-founder Shay Banon says that the company has already been helping threat hunters inside […]

Germany says it won’t ban Huawei or any 5G supplier up front

Germany is resisting US pressure to shut out Chinese tech giant Huawei from its 5G networks — saying it will not ban any supplier for the next-gen mobile networks on an up front basis, per Reuters. “Essentially our approach is as follows: We are not taking a pre-emptive decision to ban any actor, or any company,” […]

Shipping giant Pitney Bowes hit by ransomware

Shipping tech giant Pitney Bowes has confirmed a ransomware incident on its systems. The company said in a statement that its systems were hit by a “malware attack that encrypted information” on its systems, more commonly known as a ransomware attack. “At this time, the company has seen no evidence that customer or employee data […]

Google updates its Titan security keys with USB-C

Google has revealed its latest Titan security key — and it’s now compatible with USB-C devices. The latest Titan key arrives just weeks after its closest market rival Yubico — which also manufactures the Titan security key for Google — released its own USB-C and Lightning compatible key, but almost two years after the release […]

Thoma Bravo makes $3.9 billion offer to acquire security firm Sophos

Sophos announced this morning that private equity firm Thoma Bravo, has agreed to buy the British company for £3.1 billion ($3.9 billion USD). The price is based on $7.40 USD per share and the company indicated that the board of directors will recommend that shareholders accept the offer. Sophos CEO Kris Hagerman, as you would […]

California’s Privacy Act: What you need to know now

This week California’s attorney general, Xavier Becerra, published draft guidance for enforcing the state’s landmark privacy legislation. The draft text of the regulations under the California Consumer Privacy Act (CCPA) will undergo a public consultation period, including a number of public hearings, with submissions open until December 6 this year. The CCPA itself will take […]

Flaw in Cyberoam firewalls exposed corporate networks to hackers

Sophos said it is fixing a vulnerability in its Cyberoam firewall appliances, which a security researcher says can allow an attacker to gain access to a company’s internal network without needing a password. The vulnerability allows an attacker to remotely gain “root” permissions on a vulnerable device, giving them the highest level of access, by […]

Cisco hit by an internal network outage

Not a great start to the day for Cisco employees, many of which are struggling in the face of an internal IT outage. The technology and networking giant confirmed in a tweet it was “aware of some disruption” to its IT systems and is “working” on restoring the network. Worse, the company’s corporate blog also […]

Xage now supports hierarchical blockchains for complex implementations

Xage is working with utilities, energy companies and manufacturers to secure their massive systems, and today it announced some significant updates to deal with the scale and complexity of these customers’ requirements including a new hierarchical blockchain. Xage enables customers to set security policy, then enforce that policy on the blockchain. Company CEO Duncan Greatwood […]

Okta wants to make every user a security ally

End users tend to get a bad rap in the security business because they are often the weakest security link. They fall for phishing schemes, use weak passwords and often unknowingly are the conduit for malicious actors getting into your company’s systems. Okta wants to change that by giving end users information about suspicious activity […]

DHS cyber unit wants to subpoena ISPs to identify vulnerable systems

Homeland Security’s cybersecurity division is pushing to change the law that would allow it to demand information from internet providers that would identify the owners of vulnerable systems, TechCrunch has learned. Sources familiar with the proposal say the Cybersecurity and Infrastructure Security Agency (CISA), founded just under a year ago, wants the new administrative subpoena […]

European risk report flags 5G security challenges

European Union Member States have published a joint risk assessment report into 5G technology which highlights increased security risks that will require a new approach to securing telecoms infrastructure. The EU has so far resisted pressure from the U.S. to boycott Chinese tech giant Huawei as a 5G supplier on national security grounds, with individual […]

Senate report says Russian election interference ‘invariably’ supported Trump, recommends national PSA

A bipartisan Senate investigation into Russian interference in the 2016 election released today definitively implicates the country in online operations designed specifically to get then-candidate Donald Trump elected. The tactics used were "overtly and almost invariably supportive" of his campaign even to the detriment of other Republicans. The report recommends major chances to how disinformation and election interference are handled in this country.

Nadella warns government conference not to betray user trust

Microsoft CEO Satya Nadella, delivering the keynote at the Microsoft Government Leaders Summit in Washington, DC today, had a message for attendees to maintain user trust in their tools technologies above all else. He said it is essential to earn user trust, regardless of your business. “Now, of course, the power law here is all […]

No one could prevent another ‘WannaCry-style’ attack, says DHS official

The U.S. government may not be able to prevent another global cyberattack like WannaCry, a senior cybersecurity official has said. Jeanette Manfra, the assistant director for cybersecurity for Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said on stage at TechCrunch Disrupt SF that the 2017 WannaCry cyberattack, which saw hundreds of thousands of computers […]

How you shouldn’t handle your data breach

So you’ve had a data breach. Don’t worry, it’s not just you. These days it happens to everyone, no matter how large or small your company is. It’s almost inevitable, some might say, and not a case of if but when. A lot is already out of your control. Whether a hacker broke in and […]

Daily Crunch: Facebook faces government pressure over encryption

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here. 1. Facebook is being leaned on by US, UK, Australia to ditch its end-to-end encryption expansion plan U.S. Attorney General William Barr, […]

Microsoft says Iranian hackers targeted 2020 presidential candidate

Microsoft said it has found evidence that hackers associated with Iran have targeted a 2020 presidential candidate. The tech giant’s security and trust chief confirmed the attack in a blog post, but the company would not say which candidate was the target. The threat group, which Microsoft calls Phosphorous — also known as APT 35 […]

The lack of cybersecurity talent is “a national security threat,” says DHS official

One of the most senior officials tasked with protecting U.S. critical infrastructure says that the lack of security professionals in the U.S. is one of the leading threats to national cyber security. Speaking at TechCrunch Disrupt SF, Jeannette Manfra, the assistant director for cybersecurity for the Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said […]

Google rolls out new privacy tools for Maps, YouTube and Assistant

Google today announced a handful of new consumer privacy tools for some of its most-used products, including Google Maps, YouTube, and Google Assistant. The tools are meant to better allow users to control, manage and erase the data Google collects from those who use its services or prevent Google from collecting that data in the […]

Cybersecurity giant Comodo can’t even keep its own website secure

Comodo, which bills itself as a “global leader in cybersecurity solutions,” said its forum was hacked. The admission came in no less than a forum post, which confirmed a hacker exploited a recently disclosed vulnerability in vBulletin, a popular forum software and used by Comodo. The flaw, which requires little skill to exploit, allows an […]