Posted on

Decrypted: Apple and Facebook’s privacy feud, Twitter hires Mudge, mysterious zero-days

Trump’s election denialism saw him retaliate in a way that isn’t just putting the remainder of his presidency in jeopardy, it’s already putting the next administration in harm’s way.
In a stunning display of retaliation, Trump fired CISA director Chris Krebs last week after declaring that there was “no evidence that any voting system deleted or lost votes, changed votes or was in any way compromised,” a direct contradiction to the conspiracy-fueled fever dreams of the president who repeatedly claimed, without evidence, that the election had been hijacked by the Democrats. CISA is left distracted by …

Read More

Posted on

Decrypted: Police hack criminal phone network; Randori raises $20M Series A

Last week was, for most Americans, a four-day work week. But a lot still happened in the security world.

The U.S. government’s cybersecurity agencies warned of two critical vulnerabilities — one in Palo Alto’s networking tech and the other in F5’s gear — that foreign, nation state-backed hackers will “likely” exploit these flaws to get access to networks, steal data or spread malware. Plus, the FCC formally declared Chinese tech giants Huawei and ZTE as threats to national security.

Here’s more from the week.


THE BIG PICTURE

How police hacked a massive criminal phone network

Last week’s takedown of EncroChat was, according to police, the “biggest and most significant” law enforcement operation against organized criminals in the history of the U.K. EncroChat sold encrypted phones with custom software akin to how BlackBerry phones used to work; you needed one to talk to other device owners.

But the phone network was used almost exclusively by criminals, allowing their illicit activities to be kept secret and go unimpeded: drug deals, violent attacks, corruption — even murders.

That is, until French police hacked into the network, broke the encryption and uncovered millions of messages, according to Vice, which covered the takedown of the network. The circumstances of the case are unique; police have not taken down a network like this before.

But technical details of the case remain under wraps, likely until criminal trials begin, at which point attorneys for the alleged criminals are likely to rest much of their defense on the means — and legality — in which the hack was carried out.

Read More

Posted on

Recommendations for fintech startups navigating the procurement process

The expanding scope of fintech has been well documented in these digital pages. Payments, investing, financial planning and lending often spring to mind as “classic” fintech startups, but other business models like regtech, compliance, human resources and marketing are on the ascent.

For passionate and talented founders, the tireless pursuit of building innovative technology is critical and fundamental. That said, to be successful in financial services, significant time and effort needs to be dedicated to other business fundamentals: corporate setup, privacy and security. The financial services customer base presents unique challenges for fintech startups as the regulatory and operational requirements for third-party vendor assessment and management are, in comparison to most other industries, brutal. Issues that might go overlooked during the early stages of product design and team-building could turn into obstacles during the sales process.

Understanding the dynamics of the financial services procurement process is essential if you want to negotiate it as quickly and seamlessly as possible. And before diving head-first into the development of your killer fintech app, consider the following questions:

  • Is my technical architecture secure?
  • Who is responsible for cybersecurity in the organization?

Source: TechCrunch