Connect with us

Security

Threat to chrome browser beware of it

A malware known as eFast Browser is deleting your original chrome browser and instead of that it is installing by itself. It will become your default browser and will take you to all unnecessary ads. Not only that it will share your activity log to all third parties.

The researchers at Malwarebytes state that this malware deletes Google Chrome and replaces it by installing itself as your default internet browser. This isn’t the end – the malware makes itself the default program for opening multiple files like html, .jpg, .gif, .pdf and web links.

How to find it:

To spot the eFast browser malware, you need to look in the settings. Malwarebytes writes: “It isn’t until you look in the settings that you spot the “about eFast” entry in the menu (or if you type “chrome://chrome” in the address bar).”

After spotting the eFast browser malware in you PC, all you need to do is go to the installed programs list and uninstall the “eFast 000.110010107” entry.

Gadgets

Intel ships update for newest Spectre-affected chips


Intel has announced that the fix is out for its latest chips affected by Spectre, the memory-leakage flaw affecting practically all computing hardware. The patch is for the Skylake generation (late 2015) and newer, though most users will still have to wait for the code to be implemented by whoever manufactured their computer (specifically, their motherboard).

The various problems presented in January by security researchers have to be addressed by a mix of fixes at the application, OS, kernel and microarchitecture level. This patch is the latter, and it replaces an earlier one that was found to be unstable.

These aren’t superficial tweaks and they’re being made under pressure, so some hiccups are to be expected — but Intel is also a huge company that has had months of warning to get this right, so people may be frustrated by the less-than-optimal way the flaws have been addressed.

As before, there isn’t much you as a user can do except make sure that you are checking frequently to make sure your PC and applications are up to date — in addition, of course, to not running any strange code.

If you’re on an older chipset, like Sandy Bridge, you’ll have to wait a bit longer — your fix is still in beta. You don’t want to be their test machine.


Featured Image: Alice Bevan–McGregor/Flickr UNDER A CC BY 2.0 LICENSE Readmore

Continue Reading

Business

Vectra raises $36M for its AI-based approach to cybersecurity intrusion detection


With the trend of growing cybercrime showing no indication of abating, a startup called Vectra that has built an artificial intelligence-based system called Cognito to detect cyberattacks and mobilise security systems to respond to them has raised $36 million to expand its R&D and business development.

This Series D comes on the back of a strong year for the startup, with 181 percent growth in customer subscriptions between 2016 and 2017, and Vectra’s CEO Hitesh Sheth said he expects the same this year. Typical customers are large enterprises (which is why you don’t see much about pricing on the site) and includes players in the financial, healthcare, government, tech and education sectors. The list the company disclosed to me includes LiveNation/Ticketmaster, Pinterest, Kronos, Tribune Media, Verifone, Agilent, Texas A&M University and DZ Bank in Germany.

This latest round is being led by Atlantic Bridge Capital, with participation from Ireland’s Strategic Investment Fund (ISIF) and Nissho Electronics Corp. Previous investors Khosla Ventures, Accel Partners, IA Ventures, AME Cloud Ventures, DAG Ventures and Wipro Ventures also participated. The company’s total raised to date is $123 million, and while it is not disclosing its valuation, its pre-money valuation of just under $344 million, according to PitchBook, based on its last funding round in March 2016, is likely getting a big boost after the growth it has seen. Also for context, one of its closer competitors, Darktrace, was last valued at $825 million.

Vectra’s growth — and the round that it has raised — underscores one of the bigger challenges in the market at the moment for enterprises and other organizations.

While there are a number of solutions out there for trying to block malicious hackers and their various techniques, and there are systems in place for stopping them when they are found, there is a gap in the market for the moments where cyber criminals evade the best blocks and then proceed to steal data, sometimes for months or more.

The Winter Olympics in Korea, as one recent example, suffered an attack that was only detected after the malicious hackers had already been sucking up data for 120 days.

“One of the issues for enterprises today is that it’s never been more hostile. The operating assumption is that you will get breached,” said Hitesh Sheth, president and CEO of Vectra. His company’s solution, he says, is not to try to change that currently immutable fact, but to drastically shrink the length of an otherwise months-long attack to minutes and hours.  “The only control you really have is what will you do once you are breached.”

Vectra does this using AI. The thinking here is that, if you are working with large enterprises, there are many places, services, apps and end points that need to be assessed for inconsistencies in how they are being queried and used in the network. Systems that are automated and use machine learning to essentially mimic the behavior of security specialists are the best at doing this kind of searching and identification.

Sheth claims that while there are a number of other intrusion and threat detection services out in the market — Darktrace, Cisco’s intrusion detection (built around a number of acquisitions) and RiskIQ being some of them — Vectra is the only one of these that is built on AI algorithms from the ground up. “AI is a bolt-on for most security players, but this is all we do.”

He also says that the other aspect of its service that helps it stand out is its focus on network, rather than end-point, traffic. “If devices are compromised, end point logs are compromised.”

Sheth describes this latest round as its “path to profitability,” where it could be the last one Vectra needs before it tips into the black itself — a big feat for an SaaS service that also has its sights on an IPO longer-term.

“What is a fad in the valley is to raise as much as possible and then some more,” he said. “Investors can win but I’m not sure employees do. You want to rase as much as possible but you need to see how to scale.” He said initially the company wanted to raise between $25 million and $30 million but “interest was super high and it was oversubscribed, so we accommodated investors that we thought would add value.”

The connection with the Irish strategic investment stems out of the fact that Vectra is going to build an R&D center in Dublin. This came first and the investment came second, Sheth said.

The company selected Dublin because it had considered London and Barcelona — there are already three centers in the US, in Austin, Cambridge San Jose — but backed away from the former because of uncertainties around Brexit, and the latter because of political upheaval. Ireland, he believes, will only grow in prominence for its position as the only English-speaking market still fully in the European Union.

“This is an exciting investment for ISIF, which promises significant economic impact for Ireland,” said Fergal McAleavey, head of private equity at ISIF, in a statement. “It is encouraging to see Ireland leverage its emerging expertise in artificial intelligence by attracting businesses such as Vectra that are on the leading edge of technology. With cybersecurity becoming such a critical issue for all organizations, we are confident that Vectra will deliver a strong economic return on our investment while creating high-value R&D employment here in Ireland.”

Meanwhile, company’s growth is what swayed the lead investor.

“We have been impressed by the remarkable growth of Vectra in this fast-moving cybersecurity market,” said Kevin Dillon, managing partner at Atlantic Bridge Capital, in a statement. “The increasing volume, creativity and effectiveness of cyberattacks means that enterprises must adopt AI to automate cybersecurity operations. We look forward to helping the company expand its global enterprise footprint.”
Featured Image: Getty Images Readmore

Continue Reading

Business

Oracle grabs Zenedge as it continues to beef up its cloud security play


Oracle announced yesterday that it intends to acquire Zenedge, a 4-year old hybrid security startup. They didn’t reveal a purchase price.

With Zenedge, Oracle gets a security service to add it to its growing cloud play. In this case, the company has products to protect customers whether in the cloud, on-prem or across hybrid environments.

The company offers a range of services from web application firewalls to distributed denial of service (DDoS) attack mitigation, bot management, API management and malware prevention. In addition, they operate a Security Operations Center (SOC) to help customers monitor their infrastructure against attack. Their software and the SOC help keep watch on over 800,000 websites and networks across the world, according to information supplied by Oracle.

Oracle says it will continue to build out Zenedge’s product offerings. “Oracle plans to continue investing in Zenedge and Oracle’s cloud infrastructure services. We expect this will include more functionality and capabilities at a quicker pace,” Oracle wrote in an FAQ on the deal (.pdf) published on their website.

Oracle’s recent acquisition history. Source: Crunchbase

Just this week Oracle announced that it was expanding its automation capabilities on its Platform as a Service offerings from databases to a range of areas including security. Ray Wang, founder and principal analyst at Constellation Research says the company is a good match as it also uses automation and artificial intelligence in its solution.

“Oracle is beefing up its security offerings in the cloud. They have one of the strongest cyber security platforms,” Wang told TechCrunch. “They also have a ton of automation that fits Oracle’s theme of autonomous,” he added.

Oracle is far behind cloud rivals as it came late to the game. Just this week, the company announced plans to build a dozen data centers around the world over the next two years. They are combining an aggressive acquisition strategy and rapid data center expansion in an effort to catch up with competitors like AWS, Microsoft and Google.

Zenedge launched in 2014 and has raised $13.7 million, a modest amount for a cloud-based security service. Oracle says customers and partners can continue to deal with Zenedge using their existing contacts.
Featured Image: Justin Sullivan/Getty Images Readmore

Continue Reading

Member of The Internet Defense League

Subscribe to our Newsletter

Trending