Blumira Resources & Blog

Blumira in the News: January-February 2021 | Blumira

Written by Thu Pham | Feb 12, 2021 3:19:05 PM

It’s been a very busy 2021 so far, and you might have missed where Blumira has been mentioned in the news these days. While not at all an exhaustive list, here’s a few of the more notable recent mentions:

Detroit Free Press

Pandemic Hiring Shift: Some Companies Say New Hires Can Live Anywhere

Blumira more than doubled in size to 30 employees during the pandemic, hiring employees with backgrounds in forensics, along with front- and back-end developers, from as far away as Connecticut, and in Ohio and other parts of Michigan.

“Really, in order to make a best-in-class company, we have to hire best in class,” said Blumira’s Director of Security Mike Behrmann. “And that just means opening up our application pool nationwide.”

Read the article

The Digital Workspace Works Podcast
Top 5 Overlooked Cybersecurity Threats for 2021

Office employees aren’t the only ones who’ve adjusted to remote work—threat actors have too. In this episode, Blumira’s VP of Operations Patrick Garrity and Digital Workspace Works Host/Producer Heather Bicknell discuss the rising security risks within the new world of work and what businesses can do to minimize their risks.

Listen to the podcast

CISO Series Video Chat
Hacking Windows Security

Blumira’s Lead Incident Detection Engineer Amanda Berlin and BraunAbility’s Director of Information Security Arlie Hartman joined David Spark for an hour of critical thinking on securing servers, workstations, and Active Directory.

Watch the video chat

ClickonDetroit
Ann Arbor Cybersecurity Startup Blumira’s Rapid Growth Continues With Hiring Push

Specializing in automated threat detection and response technology, the company saw tremendous growth in 2020 after a $2.6 million funding round enabled the recruitment of top-tier security talent with leadership backgrounds at Duo Security, Groundspeed, Censys, DeepField and the National Security Agency.

With a team of 25, Blumira plans to double its headcount by the end of the year with a focus on hiring additional leadership roles and growing its sales and engineering teams.

…Jim Simpson is the company’s most recent hire and comes with over two decades of experience overseeing the growth of successful security startups. Most recently, he led product management at Duo Security, which was acquired by Cisco in 2018 for $2.35 billion.

Read the article

RSA Conference
Data Privacy—Insights from the Cybersecurity Industry

Mike Behrmann, Director of Security, Blumira
“The media largely overlooked FireEye’s exemplary conduct in the midst of a stock-rattling corporate crisis. FE maintained their integrity by not only responsibly disclosing embarrassing breach details, such as the compromise of all FE offensive tools, but also going the extra mile to help the world detect and remediate subsequent threats by offering hashes of their custom tools along with relevant indicators of compromise. Perfect information security is a myth and therefore cannot earn consumer trust alone. Information security excellence coupled with demonstrable corporate selflessness, the kind FE showed during this crisis, is how you earn consumer trust.”

Read the article

Cybernews
70TB of Parler Users’ Messages, Videos, and Posts Leaked by Security Researchers

First and foremost, the Parler data scrape was not a hack in the conventional sense. According to Matt Warner, CTO at Blumira, a cybersecurity provider of automated threat detection and response technology, recent events could be considered a significant “hacktivism movement.”

“There has not been any proof that Parler itself was “hacked,” but rather, the platform was inherently insecure and was leveraged in a group effort before being taken down,” he explained.

His team estimates that at least 15 offensive parties took part in the data scrape, and hackers collected at least 60 terabytes of data. The breach itself can be attributed to poor engineering and lack of testing on the Parler’s side that allowed a mass collection of archived data.

“This was due to an unprotected API call that was sequentially numbered, therefore allowing any attacker to iterate continuously over the endpoint and take all information available,” Mr. Warner explained.

Read the article