🚨 CISA KEV 1[−]
9 Feb KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors a…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
9 FebWarning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA GatewaysIvanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system.…THEHACKERNEWS.COM
9 Feb KEVFortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active ExploitationFortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "A out-of-bounds write vulnerability …THEHACKERNEWS.COM
9 FebIvanti Publishes Urgent Warning About New VulnerabilityThe software company Ivanti has discovered a new vulnerability, CVE-2024-22024, in its products that allows unauthorized access to restricted resources. Although there is no evidence of exploitation, users are urged to promptly patch their systems.THERECORD.MEDIA
9 FebRaspberry Robin Actors are Buying Exploits for Faster AttacksThe group's access to exploits for vulnerabilities, such as CVE-2023-36802 and CVE-2023-29360, suggests ties to sophisticated developers and the purchase of external 64-bit executables rather than in-house development.THEREGISTER.COM
9 Feb KEVFortinet Warns of New FortiOS Zero-DayFortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild. The post Fortinet Warns of New FortiOS Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
9 FebChinese Hackers Exploiting VMware 0-Day Flaw Since 2021Mandiant and VMware recently uncovered a sophisticated cyber espionage campaign. The attackers, a Chinese group identified as UNC3886, leveraged a known vulnerability in VMware software (CVE-2023-34048) to maintain access to the targeted systems for over a year. This case highlig…GBHACKERS.COM
9 Feb KEVFortinet urges patching N-day bug amid ongoing nation-state exploitationFortinet has advised users to immediately patch an N-day vulnerability in its systems being potentially exploited in the wild to carry out remote code execution (RCE) attacks. Tracked as CVE-2024-21762, the flaw has a “critical†severity rating with a CVSS score of 9.6 and al…CSOONLINE.COM
9 FebJetBrains Releases Security Advisory for TeamCity On-PremisesJetBrains released a security advisory to address a vulnerability (CVE-2024-23917) in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Critical Security Issue …CISA.GOV
9 Feb KEVFortinet Releases Security Advisories for FortiOS and FortiClientEMSFortinet released security updates to address critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313) as well as an access control vulnerability in FortiClientEMS (CVE-2024-45581). A cyber threat actor could exploit these vulnerabilities to take…CISA.GOV
9 FebCisco patches serious flaws in Expressway and ClamAVCisco has fixed three serious cross-site request forgery (CSRF) vulnerabilities in its Expressway Series collaboration gateway and a denial-of-service (DoS) flaw in the ClamAV anti-malware engine. CSRF flaws allow unauthenticated attackers to perform arbitrary actions on vulnerab…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 16[−]
9 FebSecurity Recruiter DirectoryLooking for a qualified candidate or new job? CSO’s security recruiter directory is your one-stop shop. The recruiters listed below can help you find your next chief information security officer (CISO) or VP of security and fill hard-to-hire positions in risk management, security…CSOONLINE.COM
9 FebResumeLooters Steal Millions of Unique Emails from Multiple SitesResumeLooters conducted a major cyber operation, compromising over 65 job search and retail websites across the Asia Pacific region and pilfering more than 2 million user records. The discovery of a new campaign serves as a reminder to secure databases and websites—which can be e…CYWARE.COM
9 FebWazuh in the Cloud Era: Navigating the Challenges of CybersecurityCloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable g…THEHACKERNEWS.COM
9 FebReport: Critical Manufacturing Vulnerabilities Surge 230% in Six MonthsA new report by Nozomi Networks highlighted an increasing threat to operational technology (OT) and Internet of Things (IoT) environments, with 885 new vulnerabilities disclosed in the second half of 2023.INFOSECURITY-MAGAZINE.COM
9 FebFeds Warn Health Sector About Akira Ransomware Again, Amid New AttacksThe Akira ransomware group poses a significant threat to the U.S. healthcare sector and has targeted organizations in multiple industries, using tactics such as spear-phishing and exploiting vulnerabilities in VPN software.HEALTHCAREINFOSECURITY.COM
9 FebChinese Threat Actors Found Spying on Dutch Defense Ministry NetworkChinese state actors used a zero-day exploit in a Fortinet VPN to breach Dutch military systems—in early 2023—to deploy the Coathanger backdoor, revealed intelligence agencies. The malware conceals its activities by intercepting system functions that might expose it. Organization…CYWARE.COM
9 FebHyundai Motor Europe Hit by Black Basta Ransomware AttackHyundai Motor Europe suffered a Black Basta ransomware attack, resulting in the theft of three terabytes of corporate data, impacting various departments including legal, sales, human resources, accounting, IT, and management.BLEEPINGCOMPUTER.COM
9 FebNew Zardoor Backdoor Used in Long-Term Cyber Espionage Operation Targeting an Islamic OrganizationThe threat actor maintained long-term access to the victim's network, evading detection by using living-off-the-land binaries, side-loading backdoors, and leveraging open-source reverse proxy tools like Fast Reverse Proxy (FRP) and Venom.TALOSINTELLIGENCE.COM
9 FebIvanti Patches High-Severity Vulnerability in VPN AppliancesAn XXE flaw in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways could lead to unauthenticated access to resources. The post Ivanti Patches High-Severity Vulnerability in VPN Appliances appeared first on SecurityWeek .SECURITYWEEK.COM
9 FebRansomware Leak Site Reports Rose by 49% in 2023, but There Is Good NewsWhile ransomware groups targeted a wide range of industries for profit, the demise of several groups in 2023 was attributed to increased pressure from law enforcement and cybersecurity organizations.ZDNET.COM
9 FebNew Fortinet RCE Flaw in FortiOS SSL VPN Likely Exploited in AttacksThe vulnerability affects various versions of FortiOS, and the recommended solution includes upgrading to specific versions or migrating to a fixed release to address the flaw.BLEEPINGCOMPUTER.COM
9 FebMultiple Vulnerabilities in FortiOS Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in FortiOS, the most severe of which could allow for remote code execution. FortiOS is Fortinet's operating system used across many Fortinet devices. Successful exploitation of the most severe of these vulnerabilities could allow for …CISECURITY.ORG
9 FebShim Shady and Algorithm Lovers - PSW #816In the Security News: - Shim Shady, Up Shims Creek, whatever you want to call it, there’s a vulnerability affecting pretty much all Linux distributions (and other operating systems as well), when your toothbrush attacks the Internet, or some claim, glibc has some vulnerabilities,…YOUTUBE.COM
9 FebRaspberry Robin Malware Upgrades with Discord Spread and New ExploitsThe operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or…THEHACKERNEWS.COM
9 Feb KEVNew Fortinet RCE bug is actively exploited, CISA confirmsCISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 6[−]
9 FebCISA takes on US state election security issues, deploys inspectorsThe US Cybersecurity and Infrastructure Security Agency is deploying additional election inspectors ahead of this year’s national elections, strengthening a team dedicated to combating electoral interference from a range of bad actors. The new inspectors bring “extensive experien…CSOONLINE.COM
9 FebApple defends parts pairing as Oregon mulls right-to-repair billOregon may soon become the latest state to pass right-to-repair legislation. Last month, Google lent its support in an open letter, calling Senate Bill 1596 “a compelling model for other states to follow.” The bill, sponsored by a sextet of state senators and representatives, was…TECHCRUNCH.COM
9 FebHHS Rule Aligns Substance Disorder Privacy Regs With HIPAAFinal Rule for 42 CFR Part 2 Changes Aims to Improve Patient Care Coordination The Department of Health and Human Services has finalized regulations to better align federal requirements for the confidentiality of substance use disorder records with privacy protections afforded un…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 18[−]
9 FebStealthy Zardoor Backdoor Targets Saudi Islamic Charity OrganizationsAn unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor. Cisco Talos, which discovered the activity in May 2023, said the campaign has likel…THEHACKERNEWS.COM
9 FebResearchers Use Raspberry Pi Pico to Crack BitLocker Under a MinuteBitLocker is a computer program provided by Microsoft that users can use to encrypt their entire volumes, preventing unauthorized access in case of device theft. Many organizations have been using this security feature to prevent data theft, stolen devices leading to intellectual…GBHACKERS.COM
9 FebWeekly Update 386Presently sponsored by: Got Linux? (And Mac and Windows and iOS and Android?) Then Kolide has the device trust solution for you. Click here to watch the demo. Somehow, an hour and a half went by in the blink of an eye this week. The Spoutible incident just has so many interesting…TROYHUNT.COM
9 FebU.S. Offers $10 Million Reward for Information on Hive RansomwareThe United States State Department has recently revealed a $10 million reward for any valuable information that could lead to the detection or whereabouts of the principal members of the Hive ransomware gang. Following that, the State Department has announced a $5 million reward …GBHACKERS.COM
9 FebEmirates NBD Reportedly Involved in a Data BreachThe criminal organization "Wail Crinal 213" claims to have accessed the bank's server and is allegedly selling sensitive customer data, including emails, usernames, account details, and more.SECUREREADING.COM
9 FebUpdate: Anydesk Says Software ‘Safe to Use’ After CyberattackThe cyberattack on AnyDesk's servers in Spain and Portugal did not result in the compromise of user credentials, and the company has taken steps to mitigate the incident.THERECORD.MEDIA
9 FebCalifornia Union Confirms Ransomware Attack Following Claims by LockBitThe Service Employees International Union (SEIU) Local 1000 in California is dealing with network disruptions following a cyber incident, which was claimed by the LockBit ransomware gang last month.THERECORD.MEDIA
9 FebUS Offers $10M Reward for Information on Hive Ransomware LeadersOne year after taking down Hive ransomware, US announces a $10 million reward for information on the group’s key members. The post US Offers $10M Reward for Information on Hive Ransomware Leaders appeared first on SecurityWeek .SECURITYWEEK.COM
9 FebGoogle Settles Google+ API Data Leak Lawsuit for $350MThe shareholders, led by the state of Rhode Island's retirement system, accused Google of concealing the extent of the data breach and failing to notify users about the API flaw.BANKINFOSECURITY.COM
9 FebNew macOS Backdoor Linked to Prominent Ransomware GroupsWritten in Rust, the new RustDoor macOS backdoor appears linked to Black Basta and Alphv/BlackCat ransomware. The post New macOS Backdoor Linked to Prominent Ransomware Groups appeared first on SecurityWeek .SECURITYWEEK.COM
9 FebNew RustDoor macOS malware impersonates Visual Studio updateA new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang. [...]BLEEPINGCOMPUTER.COM
9 FebUncle Sam Sweetens The Pot With $15M Bounty On Hive Ransomware Gang MembersPACKETSTORMSECURITY.COM
9 FebCalculating Materiality for SEC Rule 1.05The U.S. Securities and Exchange Commission (SEC), through a new requirement of Item 1.05 of the 8-K, requires that all regulated companies report significant cybersecurity breaches within four business days of determining that the incident was “material”.KNOWBE4.COM
9 FebThe Cyberlaw Podcast Serious threats, unserious responses - 55 minutessubmitted by ashar to security_cpe 1 points | 0 comments The Cyberlaw Podcast Serious threats, unserious responses It was a week of serious cybersecurity incidents paired with unimpressive responses. As Melanie Teplinsky reminds us, the U.S. government has been agitated for month…INFOSEC.PUB
9 FebNo, Toothbrushes Were Not Used in a Massive DDoS AttackThe widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false . Near as I can tell, a German reporter talking to someone at Fortinet got it wrong , and then everyone else ran with it without reading the German text. It was …SCHNEIER.COM
9 FebFake IDs threaten ID verification services, PANW hits $100B valuation, and other news - ESW #349This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work t…YOUTUBE.COM
9 FebRansomware payments hit a record high in 2023 – Week in security with Tony AnscombeCalled a "watershed year for ransomware", 2023 marked a reversal from the decline in ransomware payments observed in the previous yearWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 17[−]
9 FebISC Stormcast For Friday, February 9th, 2024 https://isc.sans.edu/podcastdetail/8846, (Fri, Feb 9th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
9 FebAndroid XLoader Malware can Now Auto-Execute After InstallationThe XLoader Android malware, operated by the threat actor known as Roaming Mantis, has been found to automatically execute on infected devices without requiring user interaction.BLEEPINGCOMPUTER.COM
9 FebAnyDesk Shares More Information on Recent HackAnyDesk has provided more information on the recent hack, including when the attack started and its impact. The post AnyDesk Shares More Information on Recent Hack appeared first on SecurityWeek .SECURITYWEEK.COM
9 FebJSON Smuggling: A far-fetched intrusion detection evasion techniquesubmitted by L4s to secops 1 points | 0 comments https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f JSON Smuggling: A far-fetched intrusion detection evasion technique::undefinedGRIMMINCK.MEDIUM.COM
9 FebMSIX With Heavily Obfuscated PowerShell Script, (Fri, Feb 9th)A few months ago, we saw waves of MSIX malicious packages&#;x26;#;x5b; 1 &#;x26;#;x5d; dropping malware once installed on victim&#;x26;#;39;s computers. I started to hunt for such files and saw a …ISC.SANS.EDU
9 FebISMG Editors: What CISOs Should Prepare for in 2024Joe Sullivan Also Discusses Identity Management, AI, State of Information Sharing In the latest weekly update, Joe Sullivan, CEO of Ukraine Friends, joins three editors at ISMG to discuss the challenges of being a CISO in 2024, growing threats from disinformation, vulnerabilities…DATABREACHTODAY.CO.UK
9 FebIn Other News: $350 Million Google Settlement, AI-Powered Fraud, Cybersecurity FundingNoteworthy stories that might have slipped under the radar: $350 million Google+ data leak settlement, AI used for fraud, 2023 cybersecurity funding report. The post In Other News: $350 Million Google Settlement, AI-Powered Fraud, Cybersecurity Funding appeared first on SecurityW…SECURITYWEEK.COM
9 FebBrowser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%A new report shows massive increases in browser attacks in the second half of 2023, with over 31,000 threats specifically designed to bypass security solution detection.KNOWBE4.COM
9 FebRoboJoe, SHIM, Fortinet, FaceOff, Simswap, sudo in Windows, Aaran Leyland, and More – SWN #361RoboJoe, SHIM, Fortinet, FaceOff, Simswap, sudo in Windows, Aaran Leyland, and More on this edition of the Security Weekly News. →Watch live here: securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: https://securit…YOUTUBE.COM
9 FebLawmakers Want Clampdown on American VCs Funding Chinese Tech CompaniesA congressional investigation finds that US venture capital firms invested billions in Chinese technology companies in semiconductor, AI and cybersecurity, sectors that are a threat to national security. The post Lawmakers Want Clampdown on American VCs Funding Chinese Tech Compa…SECURITYWEEK.COM
9 FebRoboJoe, SHIM, Fortinet, FaceOff, Simswap, sudo in Windows, Aaran Leyland, and More - SWN #361RoboJoe, SHIM, Fortinet, FaceOff, Simswap, sudo in Windows, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-361YOUTUBE.COM
9 FebInternet-Exposed Water PLCs Are Easy Targets for IranResearchers Find Unprotected Unitronics Devices Here's one reason why Iranian state hackers may have been able to target Israeli-made pressure-monitoring controllers used by American water systems: Nearly 150 of the controllers are exposed to the internet - and some still use the…DATABREACHTODAY.CO.UK
9 FebWhite House Launches First-Ever AI Safety ConsortiumThe National Group Will Develop Guidelines for AI Safety, Security and Red-Teaming Officials said the Artificial Intelligence Safety Institute Consortium will provide a "critical forum" for the public and private sectors as the federal government aims to use input from more than …DATABREACHTODAY.CO.UK
9 FebAs Elections Loom, So Do Adversaries' Influence OperationsUS, UK, South Korea and India Most Targeted for Election Interference, Experts Warn With over 1 billion people across more than 50 countries - including the U.S., the U.K. and India - due to hold elections this year, one open question remains: How can nations combat adversaries w…DATABREACHTODAY.CO.UK
9 FebFriday Squid Blogging: A Penguin Named “Squid”Amusing story about a penguin named “Squid.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here .SCHNEIER.COM
9 FebLarge Language Models Won't Replace HackersUK AI Safety Institute Says LLMs Can't Give Novice Hackers Advanced Capabilities Large language models may boost the capabilities of novice hackers but are of little use to threat actors past their salad days, concludes a British governmental evaluation. "There may be a limited n…DATABREACHTODAY.CO.UK
9 FebAuthorities Take Down Seller of Widely Used RAT Malware2 Men Arrested in Malta, Nigeria for Hawking Malware on Hacking Forums Since 2012 Federal authorities have seized internet domains and arrested two men in Malta and Nigeria who they say served as sales and customer service reps for a dark web business that sold RAT malware to cyb…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
9 FebNew Coyote Trojan Targets 61 Brazilian Banks with Nim-Powered AttackSixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim a…THEHACKERNEWS.COM
9 FebGoogle Will Block Android Users From Installing ‘Unsafe’ Apps in Fraud Protection TestGoogle is collaborating with the Singapore government to roll out a new security feature in Google Play Protect to block the installation of potentially risky side-loaded apps, aiming to protect Android users from malware-enabled scams.ZDNET.COM
9 FebHands-on Review: Myrror Security Code-Aware and Attack-Aware SCAIntroduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date…THEHACKERNEWS.COM
9 FebMoqHao Android Malware Evolves with Auto-Execution CapabilityThreat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new …THEHACKERNEWS.COM
9 FebInternet Storm Center Podcast ("Stormcast") 15th Birthday, (Fri, Feb 9th)Happy Birthday to our daily Podcast. 3,685 episodes, about 410 hours or 17 days of content. I hope you are enjoying it. Please do me a favor and participate in our quick two-question survey to help me improve the podcast. It will remain brief and no-frills. But is there any conte…ISC.SANS.EDU
9 Feb'Coyote' Malware Begins Its Hunt, Preying on 61 Banking AppsBrazilian banking trojans have a history of expanding abroad, and the emergence of new variants like "Coyote" could lead to their evolution into fully fledged initial access trojans and backdoors.DARKREADING.COM
🎙️ PODCASTS 1[−]
9 FebCyber Security Today, Week in Review for week ending Friday, Feb. 9,. 2024This episode features discussion on a deepfake video conference call that tricked an employee into wiring US$25 million to crooks, why the U.S. Federal Trade Commission called the cybersecurity of a company "shoddy," and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 13[−]
9 FebSecurity Compass Announces Acquisition of Kontra from ThriveDXThe acquisition reflects Security Compass's commitment to providing top-tier cybersecurity training solutions and complements its existing offerings, including Application Security Training, SD Elements, and Just-In-Time Training.FINANCE.YAHOO.COM
9 FebMeta Is Being Urged to Crack Down on UK Payment ScamsBanking fraud prevention heads from TSB Bank, Santander, and Revolut testified before a U.K. Parliament committee, highlighting the prevalence of scams on Meta-owned online marketplaces like Facebook Marketplace.BANKINFOSECURITY.COM
9 FebAmericans lost record $10 billion to fraud in 2023, FTC warnsThe U.S. Federal Trade Commission (FTC) says Americans over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. [...]BLEEPINGCOMPUTER.COM
9 FebJuniper Support Portal Exposed Customer Device InfoUntil earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including the exact devices each customer bought, as well as each device's warranty status, service contracts an…KREBSONSECURITY.COM
9 FebUS Insurance Firms Sound Alarm After 66,000 Individuals Impacted by SIM Swap AttackTwo US insurance companies, Washington National Insurance and Bankers Life, have reported that the personal information of around 66,000 individuals may have been stolen by hackers using SIM-swapping attacks.BITDEFENDER.COM
9 FebMicrosoft: Outlook clients not syncing over Exchange ActiveSyncMicrosoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. [...]BLEEPINGCOMPUTER.COM
9 FebCanada to ban the Flipper Zero to stop surge in car theftsThe Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. [...]BLEEPINGCOMPUTER.COM
9 FebWebinar | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing AttacksDATABREACHTODAY.CO.UK
9 Feb‘World’s biggest casino’ app exposed customers’ personal dataThe startup that develops the phone app for casino resort giant WinStar has secured an exposed database that was spilling customers’ private information to the open web. Oklahoma-based WinStar bills itself as the “world’s biggest casino” by square footage.…TECHCRUNCH.COM