.png){kind=logo}
CYBER THOUGHTS NEWSLETTER
APRIL 2022
This month, in addition to our usual overview, we will also write a bit about where we think the industry is heading and what excites us. So let's dig in.
The early-stage security market seems to be cooling alongside the rest of the venture ecosystem. Great companies are still getting funded, but the market appears less frothy, and many investors feel like Q2 is going to be a good time to deploy capital.
While hanging out with a group of cybersecurity experts and founders, we recently learned that we are in a "renaissance of kernel exploits." Kernel exploits are some of the most powerful since they are flaws in the operating system's core. Apparently, Google has started fuzzing the kernel at scale and publishing the results. This means they feed the kernel garbage data and make it public each time it panics or crashes. This fact, along with powerful new debugging tools written in modern programming languages, makes finding exploits in the kernel easier than ever. Some even think the whole process could be automated. This implies that hacking the internet's core systems will become easier in the upcoming year or two.
We shared a new investment thesis at our annual LP meeting in November that we find very exciting. We believe that the next wave of amazing cybersecurity companies will be built on the cloud and specifically for cloud-native applications. Cloud-native architectures give security applications superpowers. Instead of saving vast amounts of log data like they had to in the past, today, a cloud-native only security application can simply query the application it is protecting via an API to get the crucial data. This isn't known by a majority of CISOs and cybersecurity professionals yet because most of them don't work in cloud-native environments. However, that will change over the next few years, and this idea will become orthodoxy. You heard it here first. If you happen to find any companies that match this profile, please share them with us.
Below are a few of the articles that caught our attention this month. Moreover, we’ve inserted one or two sentences in italics, summarizing each article’s importance. We hope you enjoy and appreciate the material.
WHAT WE'RE READING
Here's a curated list of things we found interesting.
Cybercriminals deliver IRS tax scams and phishing campaigns by mimicking government vendors
Here are some of the phishing scams we saw this year during tax season. Phishing scams are a real problem and they become more sophisticated each year. Cybercriminals are leveraging advanced tactics in their phishing-kits granting them a high delivery success rate of spoofed e-mails which contain malicious attachments right before the end of the 2021 IRS income tax return deadline in the U.S.
Planting Undetectable Backdoors in Machine Learning Models
It is possible to plant undetectable back doors in any deep learning model. This is a proof of concept, but it means that machine learning models will be attacked and subverted in the future. Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier.
Google Bans Apps With Hidden Data- Harvesting Software
Companies pay app developers to insert their software, SDKs, into applications and then use them to harvest personal data. Those free apps people download may be a trojan horse for spyware. Google has yanked dozens of apps from its Google Play store after determining that they include a software element that surreptitiously harvests data. The Panamanian company that wrote the code, Measurement Systems S. de R.L., is linked through corporate records and web registrations to a Virginia defense contractor that does cyber intelligence, network-defense and intelligence- intercept work for U.S.
TRANSACTIONS
Deals that caught our eye.
Devo Acquires Threat Hunting Company Kognos
Acquisition will blend autonomous threat hunting with cloud-native security analytics for automating security tasks. Source: Nico El Nino via Adobe Cloud-native logging and security analytics company Devo Technology has acquired Kognos, a provider of autonomous threat hunting tools.
ABOUT LYTICAL
Lytical Ventures is a New York City-based venture firm investing in Enterprise Intelligence, comprising cybersecurity, data analytics, and artificial intelligence. Lytical’s professionals have decades of experience in direct investing generally and in Corporate Intelligence specifically.