Welcome to Startups Weekly, a nuanced take on this week’s startup news and trends by Senior Reporter and Equity co-host Natasha Mascarenhas. To get this in your inbox, subscribe here. It’s hard to be proactive after the tide has already shifted. However, that’s what we’re seeing happen in the solo GP world, where investors, hearing
Month: March 2023
As TikTok CEO attempts to placate U.S. lawmakers, it’s time for us all to think about the wealth of personal information that TikTok and other social media giants collect about us TikTok CEO Shou Zi Chew has appeared before the U.S. Congress to give his take on the app’s data security and privacy practices and
In the aftermath of TikTok CEO Shou Zi Chew’s brutal five hour Congressional hearing on Thursday, TikToker and disinformation researcher Abbie Richards summed up what so many creators were thinking: “It’s actually remarkable how much less Congress knows about social media than the average person,” Richards told TechCrunch. Across TikTok, users mocked congresspeople for misunderstanding
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Joint Cyber Defense Collaborative (JCDC) have unveiled a new effort to aid organizations in quickly fixing vulnerabilities targeted by ransomware actors. The Pre-Ransomware Notification Initiative provides businesses with early warnings, enabling them to potentially evict threat actors before they can encrypt data and systems for
by Paul Ducklin Security holes in WordPress plugins that could allow other people to poke around your WordPress site are always bad news. Even if all you’re running is a basic setup that doesn’t have customer accounts and doesn’t collect or process any personal information such as names and email addresses… …it’s worrying enough just
Mar 25, 2023Ravie LakshmananCyber Crime / DDoS Attack In what’s a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. “All of the NCA-run sites, which have so far been accessed by
Here are some of the key moments from the five hours of Shou Zi Chew’s testimony and other interesting news on the data privacy front As the controversy surrounding TikTok continues, the app’s CEO Shou Zi Chew appeared before the U.S. Congress to explain the app’s data privacy and security practices. Here are some of
Budget-minded entrepreneurs and early-stage startup founders take heed — this is no time to procrastinate. We have only 7 days left of early-bird pricing to TechCrunch Early Stage 2023 in Boston on April 20. Don’t wait…the early bird gets the…SAVINGS: Buy a $249 founder pass and save $200 before prices increase on April 1 —
As tech companies large and small shed staff in hopes of better aligning their income statements to a new market reality, it’s clear that cutting costs to delight investors is the new norm. But there are other ways to make the investing public happy, including smashing growth and profitability expectations. The Exchange explores startups, markets
What is three-factor authentication (3FA)? Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors — typically, the knowledge, possession and inherence categories. This type of multifactor authentication (MFA) improves security over single- or two-factor authentication (2FA), as it’s unlikely that an attacker could fake or steal all three
Security experts have warned US taxpayers not to fall for a new phishing campaign using the IRS as a lure to install notorious Trojan Emotet on their machines. Scammers have long used tax filing season as an opportunity to trick consumers, and the latest attempt spotted by Malwarebytes is no different. The phishing emails in
by Paul Ducklin DELETED DATA THAT JUST WON’T GO AWAY The mobile phone bugs that Google kept quiet, just in case. The mysterious case of ATM video uploads. When redacted data springs back to life. No audio player below? Listen directly on Soundcloud. With Paul Ducklin and Chester Wisniewski. Intro and outro music by Edith
Mar 24, 2023Ravie LakshmananDevSecOps / Software Security A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest
Why your organization should consider an MDR solution and five key things to look for in a service offering The threat landscape is evolving at breakneck speed and corporate cyberattack surfaces expand, with many trends and developments kicked into overdrive as a result of the surge in digital transformation investments during and after the COVID-19
Twitter has picked April Fool’s Day, otherwise known as April 1, to start removing legacy blue checkmarks from the platform. Despite the significance of the day Twitter chose, the removal of legacy checkmarks has been anticipated for months now. Musk tweeted in December that the company would remove those checks “in a few months” because
Beam, a five-month-old startup out to more easily help general contractors pay subcontractors and get paid themselves, has raised $4 million in a seed funding round led by Accel. Both the startup’s founder and lead investor previously spent years working at payments giant Stripe. Before starting Beam in October of 2022, Adam Eagle had spent
What is FIDO (Fast Identity Online)? FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a nonprofit organization that seeks to standardize authentication at the client and protocol layers. FIDO specifications support multifactor authentication (MFA) and public key cryptography. Unlike password databases, FIDO
The UK government has published a new strategy designed to boost cyber-resilience in the health and social care sector by 2030, claiming it is key to building a sustainable, patient-centric NHS. The goal is to help the sector’s disparate organizations improve cyber-risk management, data protection and incident response and recovery – driving trust in digital so that new technologies can
by Paul Ducklin Just yesterday, we wrote about a bug in Google Pixel phones, apparently now patched, with potentially dangerous consequences. The bug finders, understandably excited (and concerned) by what they’d found, decided to follow the BWAIN principle for maximum, turning it into a Bug With An Impressive Name: aCropalypse. In case you’re wondering, the
Mar 23, 2023Ravie LakshmananMobile Security / Banking An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. “Nexus appears to be in its early stages of development,” Italian cybersecurity firm Cleafy said in a report published this week. “Nexus provides all the
Proptech company Roofstock has laid off about 27% of its staff today, according to an email sent to employees viewed by TechCrunch. The cuts come just five months after the startup laid off 20% of its workforce. The company’s website states that it has 400+ employees, or “Roofsters” as they’re dubbed, but it is not
The back half of 2023 is expected to unlock the technology IPO market. Whether the public-offering window opens later this year or early in 2024, TechCrunch+ expects to see a few familiar names in the mix from the HR tech space. And perhaps some less familiar names. Regular TechCrunch readers are likely familiar with HR-tech
Security experts have warned of the growing threat from business email compromise (BEC) attacks spoofing victims’ vendors and suppliers, after revealing an audacious attempt to steal tens of millions of dollars. The email in question was sent to an escrow officer at an insurance company, cc’ing in the presumed client, an enterprise in commercial real
by Paul Ducklin Even if you’ve never used one, you probably know what a VCR is (or was). Short for video cassette recorder, it was how we recorded and watched back videos at home in the days when digital video stored on hard disks was the absurdly expensive privilege of huge companies, typically TV stations.
Mar 22, 2023Ravie LakshmananICS/SCADA Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics’ InfraSuite Device Master, a real-time device monitoring software. All versions prior to
While LinkedIn is helpful for displaying people’s educational and professional achievements, there exists a world of self-taught tech talent whose skills are not so easily reflected on the networking site. Rather, their expertise is hidden in the lines of code they write. Aspecta is trying to fill that gap by providing an AI-powered profile builder
Twitter’s ditching of free text-message authentication doesn’t mean that you should forgo using 2FA. Instead, switch to another – and, indeed, better – 2FA option. Starting today, Twitter is disabling SMS-based two-factor authentication (2FA) for all but paying users following a decision that, not unlike other recent moves by the social media giant, has been
Seed Club, a DAO-focused accelerator program, has launched its venture arm out of stealth mode with a $25 million fund, the team shared exclusively with TechCrunch. “Seed Club is a DAO for builders at the intersection of builders and culture with three areas: an accelerator, a community of members and now the venture arm,” said
API use and capabilities have grown significantly over the past decade to improve application development; interaction with services and app features; and integration with applications, services and components of all types. Nowhere is this truer than in the cloud, where API availability and use are the norm rather than the exception. APIs have also become
The UK’s leading cybersecurity agency has launched two new services designed to help the nation’s small businesses to more effectively enhance their cyber-risk management. The National Cyber Security Agency (NCSC) today announced a Cyber Action Plan – a questionnaire for small organizations and individuals/families, which delivers a free personalized security to-do list depending on the answers
- 1
- 2
- 3
- …
- 5
- Next Page »