• Metacurity
  • Posts
  • Cybersecurity Venture Investments Soared During Q3 2020

Cybersecurity Venture Investments Soared During Q3 2020

Cybercom exposes eight new Russian APT group malware samples, Huawei to dodge sanctions by building chip factory in Shanghai, Data breach at eatigo exposed PII on 2.8M customers, TikTok gets reprieve

DCT Associates has been tracking venture investments in the cybersecurity sector since 2018, recording by date each deal and the corresponding dollar amounts, the specialization of each start-up, the type of funding round (seed, Series A, Series B, Series C, and so forth) along with the individual investors in each round.

As of today, we have a rich database of nearly 500 investments in pure cybersecurity companies since January 1, 2018 that we will make available to our premium subscribers in both PDF report and online searchable database format early next week. We’re happy to share some of the findings of our analysis with our newsletter-only subscribers.

One key finding is that despite a decline in investments that began after Q1 2019 when the total dollar amount of venture investments in cybersecurity reached a peak of nearly $4 billion for the quarter, funding for cybersecurity start-ups almost doubled from Q2 2020 to Q3 2020, increasing from $808 million in Q2 2020 to $1.591 billion in Q3 2020. Year-over-year, Q3 funding in cybersecurity start-ups increased slightly from $1.551 billion to $1.591 billion.

Tomorrow we will share some of the data on the number of deals per quarter since 2018 and the average value of each dea. Later in the week we will reveal which cybersecurity specializations are receiving the most money and who the biggest investors are in the infosec world. Stay tuned.

(Source: DCT Associates, (C) 2020)

CyberCom Exposes Eight New Russian APT Group Malware Samples

US Cyber Command has exposed eight new malware samples developed and deployed by the Russian hacking groups Turla and APT 28, (the latter is better known as Fancy Bear). Six of the samples are for COMRat malware used by Turla, while the other two are for the Zebrocy malware used by APT 28. Cyber Command's Cyber National Mission Force (CNMF) uploaded samples of the new ComRAT and Zebrocy versions on its VirusTotal account. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), working with the FBI’s CyWatch, published two security advisories describing ComRAT and Zebrocy's inner workings. The goal of this exposure is to help defenders and system administrators add detection rules and update protective measures. (Catalin Cimpanu / ZDNet)

Huawei Plans to Dodge U.S. Sanctions by Building Its Own Computer Chip Factory in Shanghai

In a bid to dodge U.S. sanctions, Chinese telecom tech giant Huawei has plans to build a dedicated chip plant in Shanghai that would not use American technology, which Huawei has been banned from purchasing under export control restrictions established by the U.S. Department of Commerce. The U.S. has barred Huawei’s access to American semiconductor technology due to fears that the company poses a supply chain security threat to American organizations. Huawei instead plans to partner with Shanghai IC R&D Center, a chip research company backed by the Shanghai Municipal government. Huawei aims to produce 20nm chips by late 2022, which would allow it to continue making most of its 5G equipment. (Kathrin Hille, Yuan Yang, and Qianer Liu / Financial Times)

Data Breach at Asia’s Top Online Restaurant Reservation Platform Exposed Personal Data from 2.8 Million Customer Accounts

Asia’s number one restaurant reservation platform eatigo sent an email to customers informing them it was the subject of "a data security incident involving unauthorized access to our customer database.” Personal data from potentially 2.8 million eatigo accounts were exposed in the breach, which occurred more than 18 months ago. Among the data exposed were customer names, email addresses, and phone numbers. According to an online forum that sells breached and stolen data, information from 2.8 million eatigo accounts in Singapore, Hong Kong, and Thailand are up for sale. (Channel News Asia)

TikTok Gets a Reprieve as Judge Blocks Forced Slated to Go Into Effect on November 12

US District Judge Wendy Beetlestone blocked a Commerce Department order slated to take effect on November 12 that would have effectively barred ByteDance-owned TikTok from operating in the United States. Beetlestone wrote that the “government’s own descriptions of the national security threat posed by the TikTok app are phrased in the hypothetical.” The Trump administration was trying to force the Chinese company to sell itself in a convoluted gambit that was designed to make the U.S. look strong on security while also providing the administration with leverage in negotiations with China. The Commerce Department said on Sunday it would “vigorously defend” an executive order. (David Shepardson / Reuters)

Other Infosec Developments

  • Armenian hackers claimed in a tweet that they obtained all Azerbaijani government emails and left part of the data publicly available for download to prove the claim. They also produced a video they argue shows proof of the hack. (Cybershafarat).

  •  A flaw in Google Drive is being exploited to send out phishing emails and push notifications from Google that, if opened, could steer victims to malicious websites. The emails and notifications appear to be coming from Google, increasingly the likelihood that victims will click on the malicious links. (James Temperton / Wired)

  • One of the most feared malware threats in cybersecurity, Emotet, is experiencing a slow and steady trend downwards, according to researchers at Malwarebytes Lab. Emotet detections declined from an average of about 800 detections in early August to an average of about 600 detections by mid-October. (Malwarebytes)

  • NSA whistleblower Edward Snowden, currently in exile in Moscow after absconding with files that showed the massive overreach of the NSA’s espionage and data collection efforts, announced that he will seek Russian citizenship to protect his unborn soon. Last week Snowden tweeted that he and wife are expecting a son. (Anton Troianovski / New York Times)