Tag Archive for: TechCrunch

Thoma Bravo agrees to acquire digital forensics firm Magnet Forensics for over $1B • TechCrunch

/in


Thoma Bravo, the private equity and growth capital firm, today announced that it would spend $1.8 billion CAD (~$1.34 billion) to acquire Magnet Forensics, a Waterloo-based company making software used by defense forces and businesses to investigate cybersecurity threats.

Magnet Forensics will be purchased by a newly created corporation controlled by Thoma Bravo, Morpheus Purchaser Inc., which will pay Magnet Forensics shareholders a 15% premium over Thursday’s closing price on the Toronto Stock Exchange. Post-buy, Morpheus will be merged with mobile device forensics outfit Grayshift, which Thoma Bravo acquired majority control of last July.

The transaction is expected to close by Q2 2023, subject to shareholder and other customary approvals.

“We look forward to bringing together the complementary capabilities of Magnet and Grayshift to create a leader in the digital forensics and cyber security space,” Thoma Bravo partner Hudson Smith said in a press release. “Digital evidence is an increasingly critical aspect of investigations and the combined company will be well-positioned to further market expansion, accelerate innovation and provide even greater solutions to its customers.”

Launched in 2010, Magnet Forensics develops digital investigation software that acquires, analyzes, reports on and manages evidence from computers, mobile devices, Internet of Things devices and cloud services. The company was founded by Jad Saliba, a Waterloo regional police constable who worked in the police force’s high-tech crimes unit. After incubating Magnet Forensics’ software at the unit, Saliba decided to strike out on his own and sell the tech for a licensing fee, partnering with Jim Balsillie and Adam Belsher, then BlackBerry executives.

Before going public, Magnet Forensics attracted an investment from In-Q-Tel, the nonprofit venture arm of the U.S. intelligence community. The company claims that its software is used by more than 4,000 public and private sector customers — e.g. police forces, intelligence agencies, tax officials, border guards and militaries — in over 100 countries, helping investigators protect assets and guard national security.

Business was booming…

Source…

Google appeals against India’s fine over ‘unfair’ business practices on Android • TechCrunch

/in


Google said on Friday it has appealed against the Indian antitrust body’s order against the firm over alleged anti-competitive practices surrounding Android mobile devices in the key overseas market.

The company has approached the National Company Law Appellate Tribunal (NCLAT), the nation’s appellate tribunal, to appeal against the Competition Commission of India’s October order, in which the watchdog fined Google $162 million.

“We have decided to appeal the CCI’s decision on Android as we believe it presents a major setback for our Indian users and businesses who trust Android’s security features, and potentially raising the cost of mobile devices,” a Google spokesperson said in a statement.

“We look forward to making our case in NCLAT and remain committed to users and partners.”

In October, the CCI, which began investigating Google three and a half years ago, said that it finds Google requiring device manufacturers to pre-install its entire Google Mobile Suite and mandating prominent placement of those apps “imposition of unfair condition on the device manufacturers” and thus was in “contravention of the provisions of Section 4(2)(a)(i) of the Act.”

Days later, the CCI hit Google with another $113 million fine for allegedly abusing the dominant position of its Google Play Store and ordered the firm to allow app developers to use third-party payments processing services for in-app purchases or for purchasing apps.

India is a key overseas market for Google, which has amassed over 500 million users in the South Asian market. The company, which has poured billions in its India business over the past decade, has pledged to invest another $10 billion in the country over the next couple of years.

Source…

Okta confirms another breach after hackers steal source code • TechCrunch

/in


Okta has confirmed that it’s responding to another major security incident after a hacker accessed its source code following a breach of its GitHub repositories.

The identity and authentication giant said in a statement on Wednesday that it was informed by GitHub about “suspicious access” to its code repositories earlier this month. Okta has since concluded that hackers used this malicious access to copy code repositories associated with Workforce Identity Cloud (WIC), the organization’s enterprise-facing security solution.

“As soon as Okta learned of the possible suspicious access, we promptly placed temporary restrictions on access to Okta GitHub repositories and suspended all GitHub integrations with third-party applications,” Okta said in a statement.

When asked by TechCrunch, Okta declined to say how attackers managed to gain access to its private repositories.

Okta says there was no unauthorized access to the Okta service or customer data, and products related to Auth0 — which it acquired in 2021 — are not impacted. “Okta does not rely on the confidentiality of its source code for the security of its services. The Okta service remains fully operational and secure,” Okta said.

The company said that since it was alerted to the breach, it has reviewed recent access to Okta software repositories, reviewed all recent commits to Okta software repositories and rotated GitHub credentials. Okta said it has also notified law enforcement.

Okta did not explicitly say if it has the technical means, such as logs, to detect what, if any, of its own systems were accessed or what other data may have been exfiltrated.

The company’s latest incident was first reported by Bleeping Computer earlier this week, prior to Okta’s announcement.

Earlier this year, Okta was targeted by the now-notorious Lapsus$ extortion group, which gained access to the account of a customer support engineer at Sykes, one of Okta’s third-party service providers, and posted screenshots of Okta’s apps and systems. Okta experienced a second compromise in August this year after it was targeted by another hacking campaign that breached more than 100 organizations, including…

Source…

Microsoft says attackers are hacking energy grids by exploiting decades-old software • TechCrunch

/in


Microsoft has warned that malicious hackers are exploiting a discontinued web server found in common Internet of Things (IoT) devices to target organizations in the energy sector.

In an analysis published on Tuesday, Microsoft researchers said they had discovered a vulnerable open source component in the Boa web server, which is still widely used in a range of routers and security cameras, as well as popular software development kits (SDKs), despite the software’s retirement in 2005. The technology giant identified the component while investigating a suspected Indian electric grid intrusion first detailed by Recorded Future in April, where Chinese state-sponsored attackers used IoT devices to gain a foothold on operational technology (OT) networks, used to monitor and control physical industrial systems.

Microsoft said it has identified one million internet-exposed Boa server components globally over the span of a one-week period, warning that the vulnerable component poses a “supply chain risk that may affect millions of organizations and devices.”

The company added that it continues to see attackers attempting to exploit Boa flaws, which include a high-severity information disclosure bug (CVE-2021-33558) and another arbitrary file access flaw (CVE-2017-9833).

“The known [vulnerabilities] impacting such components can allow an attacker to collect information about network assets before initiating attacks and to gain access to a network undetected by obtaining valid credentials,” Microsoft said, adding that this can allow the attackers to have a “much greater impact” once the attack is initiated.

Microsoft said the most recent attack it observed was the compromise of Tata Power in October. This breach resulted in the Hive ransomware group publishing data stolen from the Indian energy giant, which included sensitive employee information, engineering drawings, financial and banking records, client records and some private keys.

“Microsoft continues to see attackers attempting to exploit Boa vulnerabilities beyond the timeframe of the released report, indicating that it is still targeted as an attack vector,” Microsoft said.

The company has…

Source…