A few interesting items to hit The Cyber Hut intelligence inboxes over the past couple of weeks.
Funding Roundup: Antimatter and Skiff
Skiff a privacy enablement startup focused on the end-to-end encrypted workspace just received a $10.5 million Series A, lead by Sequoia. What do they do? They are focused on creating a completely private decentralised workspace for content, notes and collaboration that is encrypted. They also sit in the Web3 bucket by describing themselves with: “Skiff brings the future of the internet to you. Log in with Metamask or store your data on the InterPlanetary File System (IPFS). Your data belongs to you, so you can capture the value of your work.“
Another startup focused on data security, but from an entirely different angle are Antimatter. They just announced a $12 million, with contributions from leaders at the likes of Okta, Dropbox and Snowflake. Antimatter focus on data sovereignty, with a Kubernetes based secure enclave that is used for secure data processing.
Casino Account Takeover
An interesting article on DarkReading discussing the rise of digital fraud that is hitting casinos. Casinos have clearly been the target for numerous physically based attacks over the years, but are now seemingly looking to integrate cyber security related defences too – namely as the number of online related fraud and ATO attacks rise – in both volume and complexity. It seems sophisticated automated attacks are targeting new customer incentives – such as free small betting deposits such as $10 for a new signup. A scripted process is leveraging this by signing up with fake and synthetic accounts to cash in.
Prompt Bombing Defeating Legacy MFA
Multi-factor authentication should be switched on, full stop. However, in systems where a more “classic” approach is being taken (think one time passwords and push notifications), a smart attack has emerged in order to overcome second factor. Wired had a nice article describing a concept known as “prompt bombing”. The idea is to essentially bomb the recipient with numerous second factor requests, in the hope the end user will just accept one. The adversary targets the victim at an inconvenient time (aka 1am) and the end user through fatigue just succumbs and responds. Alternatively the adversary makes one or two arbitrary requests during the working day in order to see if the user just subconsciously accepts a push request for example. More modern approaches such as FIDO triggered via a local biometric on a mobile device should help reduce this.
Any interesting news or articles? Drop us a line at firstname.lastname@example.org.