Shared electric scooters came onto the scene five years ago with a promising vision of getting people out of cars and onto greener modes of transportation. Yet despite billions in VC money and plenty of hype, the future that micromobility companies promised still hasn’t quite arrived. In cities like Paris, most people aren’t replacing car
Month: December 2022
Fidelity, which was among the group of outside investors that helped Elon Musk finance his $44 billion takeover of Twitter, has slashed the value of its stake in Twitter by 56%. The recalculation comes as Twitter navigates a number of challenges, most the result of chaotic management decisions — including an exodus of advertisers from
When was the last “easy” year for security teams? Certainly not last year. Not this decade or even this century. Every year in recent memory has seen its share of noteworthy and novel cyber attacks. It doesn’t take a crystal ball to predict 2023 will be more of the same. If anything, the pace and
The global political unrest from this year will seep into 2023 with serious ramifications for the security industry, according to Infosecurity Europe’s community of cybersecurity leaders. However, with stricter regulations and developments in Artificial Intelligence (AI) and Machine Learning (ML), CISOs may be in a stronger position to minimise threats next year. The organisers of
by Paul Ducklin It’s the last regular working weekday of 2022 (in the UK and the US, at least), in the unsurprisingly relaxed and vacationistic gap between Christmas and New Year… …so you were probably expecting us to come up either with a Coolest Stories Of The Year In Review listicle, or with a What
Dec 30, 2022Ravie LakshmananBug Bounty / Privacy A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The flaws “allowed an attacker within wireless proximity to install a ‘backdoor’ account on the device,
The first open-source equivalent of OpenAI’s ChatGPT has arrived, but good luck running it on your laptop — or at all. This week, Philip Wang, the developer responsible for reverse-engineering closed-sourced AI systems including Meta’s Make-A-Video, released PaLM + RLHF, a text-generating model that behaves similarly to ChatGPT. The system combines PaLM, a large language
What are some of the key cybersecurity trends and themes that organizations should have on their radars in 2023? As another eventful year comes to a close, it’s time not only to take stock of and reflect on the defining moments of 2022, but especially to look ahead to the challenges that are likely to
In 2014, Prayank Swaroop made a pitch to the storied venture firm Accel, where he worked as an associate, about future marketplaces in India. At the time, Flipkart and Snapdeal were the only two e-commerce startups in India that had shown a semblance of scale. Swaroop made a case that as more Indians come online,
What is credential theft? Credential theft is a type of cybercrime that involves stealing a victim’s proof of identity. Once credential theft has been successful, the attacker will have the same account privileges as the victim. Stealing credentials is the first stage in a credential-based attack. Credential theft allows criminals to reset passwords, lock victims
Geopolitics will continue to have an impact on cybersecurity and the security posture of organizations long into 2023. The impact of global conflicts on cybersecurity was thrust into the spotlight when Russia made moves to invade Ukraine in February 2022. Ukraine’s Western allies were quick to recognize that with this came the threat of Russian-backed
by Paul Ducklin These days, almost every decent app, along with some that are half-decent (as well as a few that aren’t very good at all) will offer you tabbed whateveritis. Even command windows, which used to be just what they said (windows in which one – and only one – command shell was running),
Dec 30, 2022Ravie LakshmananPatch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two-years-old security flaws impacting TIBCO Software’s JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), were addressed by TIBCO in April 2018
The grocery delivery company reportedly suffered a 75% valuation cut compared to its $39B peak Anna Heim 9 hours As much as we like to end the year with some good news, what we are hearing from grocery delivery company Instacart is not exactly that. According to The Information, citing “two people familiar with the
If Twitter isn’t loading fine for you, you’re not alone. Tens of thousands of users are complaining that they are unable to access the Elon Musk-owned social network, seeing scores of strange error messages instead. Some are being greeted with a blank page while others are getting signed out of the service for no apparent
France’s digital privacy regulator, the Commission nationale de l’informatique et des libertés (CNIL), announced on December 22, 2022 it had fined US tech giant Microsoft €60m ($64m), its largest this year, over advertising cookies. The CNIL found that Microsoft’s search engine, Bing, had not set up a system allowing users to refuse cookies as simply
by Paul Ducklin Hot on the heels of the LastPass data breach saga, which first came to light in August 2022, comes news of a Twitter breach, apparently based on a Twitter bug that first made headlines back in the same month. According to a screenshot posted by news site Bleeping Computer, a cybercriminal has
Happy Download Day! (Yes, there’s a day for that.) Today is an excellent day to share downloading best practices to keep all your devices safe from malicious content. It’s tempting to download “free” shows, movies, and video games, but the consequences of doing so can be quite expensive. All it takes is for one malicious
Dec 28, 2022Ravie LakshmananBlockchain / Android Malware Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users’ digital currencies. “With maliciously implanted code, the altered APK led to the leak of user’s private keys and enabled the
The past year has seen no shortage of disruptive cyberattacks – here’s a round-up of some of the worst hacks and breaches that have impacted a variety of targets around the world in 2022 The past year has seen the global economy lurch from one crisis to another. As COVID-19 finally began to recede in
2022 was the kind of year that made us think, “What a time to be alive and reporting on transportation.” This year was absolutely dominated by conversations around the realities of bringing self-driving cars to market, the potential upheaval of the gig worker economy, micromobility dramas and, of course, all things Tesla. We took a
To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here. Greetings, readers. As Haje and Christine told you last week, this week’s Daily Crunch will look a bit different, given they are both taking some time off. But you’ll still get some
Process injection is a technique used to inject malicious code into running processes. Because it evades detection techniques, innocent processes run the malicious injected code, unknowingly infecting the systems. A type of arbitrary code execution, process injection enables attackers to infiltrate systems, access networks and resources, and potentially elevate their privileges. Let’s take a deeper
A prolific botnet that spreads primarily through IoT and web application vulnerabilities has added new exploits and attack capabilities, Microsoft has warned. Zerobot (aka ZeroStresser) is a Go-based botnet sold on the cybercrime underground via a malware-as-a-service model, which makes it relatively easy for its developers to update functionality regularly. Mainly used for distributed denial
by Paul Ducklin Just before the Christmas weekend – in fact, at about the same time that beleaguered password management service LastPass was admitting that, yes, your password vaults were stolen by criminals after all – we noticed a serious-sounding Linux kernel vulnerability that hit the news. The alerts came from Trend Micro’s Zero Day
There are no ifs, ands, or buts about it: A stolen identity creates a mess. Once they have a few key pieces of personally identifiable information (PII), an identity thief can open new credit lines, create convincing new identities, and ruin an innocent person’s good credit. If you suspect you’ve been affected by identity theft,
Dec 27, 2022Ravie LakshmananCyber Attack / Windows Security BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats
Andre Maciel Contributor Andre Maciel is the founder of Volpe Capital. He formerly worked with J.P. Morgan, and was a managing investment partner at SoftBank. Jennifer Queen Contributor Jennifer Queen is the founder of Pina, a PR firm focused on startups and venture capital firms. Latin American venture capital and growth investments through 2018 had
Baidu, the Chinese internet giant that became known for its search engines, is making some big strides in autonomous driving. Starting this week, the public can ride its robotaxis in Wuhan between 7 am and 11 pm without safety drivers behind the wheel. Previously, its unmanned vehicles could only operate from 9 am to 5
A risk assessment matrix is a helpful visual tool to identify risks, threats and vulnerabilities. Disaster recovery teams can use them to categorize threats by likelihood, potential impact, and characteristics such as financial and reputational harm. A risk matrix template can provide a simple yet effective starting point to perform an assessment. Risk assessments can
- 1
- 2
- 3
- …
- 5
- Next Page »