Welcome to Startups Weekly, a fresh human-first take on this week’s startup news and trends. To get this in your inbox, subscribe here. There’s a clash happening in the early-stage market. In one world, late-stage investors are reacting to tech stonk corrections by clamoring toward the early-stage investment world, forcing seed investors to go even
Month: April 2022
Here’s what you should know about FlowingFrog, LookingFrog and JollyFrog – the three teams making up the TA410 espionage umbrella group In this edition of Week in security, Tony looks at the latest ESET research that: provided a detailed overview of TA410, a cyberespionage umbrella group that targets entities in the government and education sectors
Union Square Ventures (USV), the 19-year-old, New York-based venture firm, has raised $275 million for its eighth early-stage fund and $350 million for its fourth opportunity fund, the firm announced in a blog post yesterday. In sharing news of the two new vehicles, firm partners Andy Weissman and the firm’s general counsel, Samson Mesele, wrote that USV plans to “invest
Organizations of all types and sizes rely on cloud services. With this increased use comes a dark side: a critical dependence on cloud applications and services that may impair business functions if the cloud fails. As more organizations turn toward the cloud, learn about the top provider outages, and discover strategies that will help prevent
A cyber-attack on a hotel reservation system has exposed the personal data of thousands of guests who stayed at upscale Finnish hotels. News of the security incident, which has impacted at least five hotels, was first reported by Finnish news agency MTV on Tuesday. Between February 10 and 14, cyber-attackers exploited a vulnerability to hack
by Paul Ducklin Early in April 2022, news broke that various users of Microsoft’s GitHub platform had suffered unauthorised access to their private source code. GitHib has now updated its incident report to say that it is “in the process of sending the final expected notifications to GitHub.com customers who had either the Heroku or
We’re excited to announce the release of McAfee’s Personal Data Cleanup, a new feature that finds and removes your personal info from data brokers and people search sites. Now, you can feel more confident by removing personal info from data broker sites and keeping it from being collected, sold, and used to: advertise products to you, fill
At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. “Collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military
DoorDash announced today that it’s expanding its gas rewards program for delivery people on its platform. The program enables delivery people using their DasherDirect card to receive 10% cash back on their gas purchases, anywhere in the United States. The company announced the rewards program last month with the goal of offsetting rising gas prices.
Tesla CEO Elon Musk sold around 4.4 million shares of the company on Tuesday, according to regulatory filings published on Thursday. Musk, via Aaron Beckman, his power of attorney, filed a total of five Form 4s with the U.S. Securities and Exchange Commission to cover all 138 individual transactions. The value of the sales in
Deepfake technology is set to be used extensively in organized crime over the coming years, according to new research by Europol. Deepfakes involve the application of artificial intelligence to audio and audio-visual consent “that convincingly shows people saying or doing things they never did, or create personas that never existed in the first place.” Facing Reality?
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. Listen on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.Or simply drop the URL
A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group comprised of three teams dubbed FlowingFrog, LookingFrog and JollyFrog, Slovak cybersecurity firm ESET
ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET. ESET researchers have documented and analyzed TA410 activity going back to 2019. TA410 is a cyberespionage umbrella group loosely linked to
When Maren Bannon and Jennifer Neundorfer first launched their venture capital firm, Jane VC, they wanted to end the practice of “warm intros” in tech. The goal was to back female founders who weren’t based in Silicon Valley, didn’t have rapport with top investors from their Stanford days and were largely being left out from
Ben Franklin once famously said that in this world nothing can be said to be certain, except death and taxes. But that doesn’t make dealing with either particularly natural and easy. Tech is rushing in to fill that gap, and today a Berlin-based startup called Taxfix, which has built a popular mobile assistant to address
Most organizations have suffered a data breach connected with a shortage of skills in the cybersecurity industry, according to new research published today. Fortinet’s 2022 Cybersecurity Skills Gap Report identified multiple risks associated with cybersecurity’s skills gap. Most (80%) organizations surveyed for the report said they had suffered at least one breach they could attribute to a
by Paul Ducklin Even if you’re not a native speaker of English, you’ve probably heard the curious saying, “It’s a bit of a Curate’s Egg”, referring to something about which you’re determined to keep a positive public attitude, even if your immediate private reaction was to be disappointed. The saying has certainly stood the test
So is your smart speaker really listening in on your conversations? That’s the crux of a popular privacy topic. Namely, are we giving up some of our privacy in exchange for the convenience of a smart speaker that does our bidding with the sound of our voice? After all, you’re using it to do everything
Bad actors continuously evolve their tactics and are becoming more sophisticated. Within the past couple of years, we’ve seen supply chain attacks that quickly create widespread damage throughout entire industries. But the attackers aren’t just focusing their efforts on supply chains. For example, businesses are becoming increasingly more reliant on SaaS apps and the cloud
While working as the head of treasury at Braintree, Boris de Souza once discovered a $90 million payment that went “missing” for over two weeks because of poor payments infrastructure. “It was my first week on the job, and I received an email from a client saying ‘I think you shorted us $90 million,’” he
Lightspeed India Partners is looking to raise over $500 million for its fourth fund as one of the most successful venture funds in the country looks to double down on early-stage bets in the world’s second largest internet market and the Southeast Asia region, according to two people familiar with the matter. The firm –
Advanced persistent threat actors have been busy over the past few months, according to Cisco Talos. The security vendor released its Quarterly Trends report Tuesday, which examined incident response trends from engagements in the first quarter of 2022. While ransomware remained the top threat, as it has for the past two years now, Cisco observed
The British Army’s online recruitment portal has been offline for more than a month following a data breach. Officials shut the computerized enrollment system down in the middle of March as a precaution after the personal data of more than 100 army recruits was found being offered for sale on the dark web. An investigation
The threat actor behind the prolific Emotet botnet is testing new attack methods on a small scale before co-opting them into their larger volume malspam campaigns, potentially in response to Microsoft’s move to disable Visual Basic for Applications (VBA) macros by default across its products. Calling the new activity a “departure” from the group’s typical
Leslie Feinzaig Contributor More posts by this contributor Three ways VC firms can construct sustainably diverse portfolios If you follow mainstream tech media, you could be forgiven for thinking that venture capital is a founders’ market today after two years of record round sizes and outcomes. There is some truth to this: VC had its
BEC fraud generated more losses for victims than any other type of cybercrime in 2021. It’s long past time that organizations got a handle on these scams. The old adage of people being the weakest link in security is especially true when it comes to email threats. Here, cybercriminals can arguable generate their biggest “bang-for-buck”
Jack Dorsey, the co-founder of Twitter and current Block Head, has weighed on how he feels about Elon Musk buying Twitter. In a tweet thread that starts out with a link to Radiohead’s “Everything In Its Right Place,” Dorsey said that “in principle, I don’t believe anyone should own or run Twitter. It wants to
Email accounts at a Kansas hospital were compromised for nearly a year in a prolonged data breach affecting more than 52,000 individuals. Emporia-based Newman Regional Health was breached by an unauthorized threat actor last year. In a data security notice on its website, the healthcare provider disclosed that the actor was able to access a limited number of email
by Paul Ducklin We’re sure you’ve heard of the KISS principle: Keep It Simple and Straightforward. In cybersecurity, KISS cuts two ways. KISS improves security when your IT team avoids jargon and makes complex-but-important tasks easier to understand, but it reduces security when crooks steer clear of mistakes that would otherwise give their game away.
- 1
- 2
- 3
- …
- 7
- Next Page »