Mobile

11/15/2017
12:49 PM
50%
50%

NSA Veterans Land $1.5 Million in Funding for Startup

ReFirm Labs' launches Centrifuge Platform, which aims to automatically detect security vulnerabilities in IoT firmware.

ReFirm Labs, a startup founded by two NSA veterans, announced today it received $1.5 million in seed money from DataTribe, an incubator that helps intelligence agency and government research lab technologists build companies.

ReFirm is launching Centrifuge Platform, which aims to automatically detect security vulnerabilities in firmware embedded in IoT, consumer electronics, and other connected devices.

Although current security tools use source-code analysis to assess the integrity of firmware, that method falls short, Terry Dunlap, ReFirm Labs' CEO and co-founder, said in a statement.

"Manufacturers often have little visibility or control over the firmware of third-party components that are integrated into their devices," says Dunlap in a statement. "ReFirm's Lab's Centrifuge Platform makes it possible to rapidly assess the security posture of a device at any point in the lifecycle chain, identifying backdoor accounts, hard-coded passwords and potential zero-day threats."

Read more about ReFirm here.

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6706
PUBLISHED: 2018-12-12
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.
CVE-2018-6705
PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.
CVE-2018-15717
PUBLISHED: 2018-12-12
Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.
CVE-2018-15718
PUBLISHED: 2018-12-12
Open Dental before version 18.4 transmits the entire user database over the network when a remote unathenticated user accesses the command prompt. This allows the attacker to gain access to usernames, password hashes, privilege levels, and more.
CVE-2018-15719
PUBLISHED: 2018-12-12
Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.