Palo Alto Networks urged companies this week to patch against a newly discovered zero-day vulnerability in one of its widely used security products, after malicious hackers began exploiting the bug to break into corporate networks.
Because the vulnerability allows hackers to gain complete control of an affected firewall over the internet without authentication, Palo Alto gave the bug a maximum severity rating.
The ease with which hackers can remotely exploit the bug puts thousands of companies that rely on the firewalls at risk from intrusions.
Adding another complication, Palo Alto initially suggested disabling telemetry to mitigate the vulnerability, but said this week that disabling telemetry does not prevent exploitation.
Security firm Volexity, which first discovered and reported the vulnerability to Palo Alto, said it found evidence of malicious exploitation going back to March 26, some two weeks before Palo Alto released fixes.
A few years ago, Darren Shimkus, ex-president of Udemy, had a conversation with Dennis Yang about skills building.
Modal provides personalized technical skills training for a company’s staff, offering on-demand coaching and a pedagogical approach that groups users into semi-structured online learning communities.
First, Shimkus says, by honing in on hot trends: data and AI.
“The rise of AI is bringing more visibility to data teams than ever before,” Shimkus said.
“It’s hard in today’s ever-changing workplace landscape to predict what your teams need, meaning most leaders don’t have a reliable way to plan for and improve their team’s skills.
OpenAI CEO Sam Altman has transferred formal control of the eponymously firm’s named corporate venture fund to Ian Cathaway, OpenAI confirmed to TechCrunch.
The Open AI Startup Fund, launched in 2021, was initially set up with Altman as its named controller.
Cathaway joined OpenAI in 2021 and played a key role managing the Startup Fund, leading investments in Ambience Healthcare, Cursor, Harvey, and Speak.
Last year, the fund had $175 million in commitments, and now holds $325 million in gross net asset value, according to an SEC filing.
The Startup Fund has backed at least 16 other startups, according to PitchBook data.
Spain’s Embat, which has raised $16M, plans to compete with Trovata in real-time accountingFor obvious reasons, financial teams can spend a great deal of time on corporate treasury management, accounting and bank reconciliation, so anything that speeds up that process usually garners a lot of interest.
Today Embat, a Spanish fintech which does what they call “real-time treasury management”, has closed a financing round of $16 million Series AS led by Creandum.
Their solution automates accounting and bank reconciliation, and deals with corporate treasury management, centralising collections, payments, and treasury processes, thus saving time, says the startup.
Last year Embat partnered with Google Cloud’s Vertex AI platform in an effort to reduce errors for accounting teams.
Tomás Gil, co-founder and CTO of Embat, said the company has “significantly improved” its accounting and bank reconciliation module and was now applying AI to its platform.
As Techstars retools, some former staffers say it lost focus on what made it successfulWell-known accelerator group Techstars announced a slew of changes to its operations this week, including the shuttering of some of its city-based programs.
And one former Techstars managing director (MD) told TechCrunch that the move away from local fundraising for city-based accelerator programs was an error.
One former managing director (MD) said that having local limited partner investors in Techstars meant that more people in those cities had a stake in its local programs.
The shift away from local capital and more focus on corporate dollars meant that city-based boosters and founders were less central to Techstars’ focus, the MD said.
Still, Techstars faces competition, not just from Y Combinator domestically, but from other accelerator programs in the US and elsewhere around the world.
Veho, a package delivery company, confirmed that it laid off 19% of its employee headcount, or about 65 jobs.
As first reported by The Information, these layoffs came after Veho grew revenue nearly 90% in 2023.
That was after announcing $125 million in Series A funding two months prior, the round that pushed Veho into unicorn territory.
At that time, Veho said it had 910 employees across corporate and warehouse teams and was looking to fill additional positions.
Veho remains optimistic, telling TechCrunch that its capital position “is very strong and we are building on our strong momentum and record peak season in 2023.”
Hackers breached Microsoft to find out what Microsoft knows about themOn Friday, Microsoft disclosed that the hacking group it calls Midnight Blizzard, also known as APT29 — and widely believed to be sponsored by the Russian government — hacked some corporate email accounts, including those of the company’s “senior leadership team and employees in our cybersecurity, legal, and other functions.”Curiously, the hackers didn’t go after customer data or the traditional corporate information they may have normally gone after.
They wanted to know more about themselves, or more specifically, they wanted to know what Microsoft knows about them, according to the company.
“The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself,” the company wrote in a blog post and SEC disclosure.
According to Microsoft, the hackers used a “password spray attack” — essentially brute forcing — against a legacy account, then used that account’s permissions to “to access a very small percentage of Microsoft corporate email accounts.”Microsoft did not disclose how many email accounts were breached, nor exactly what information the hackers accessed or stole.
Microsoft took advantage of news of this hack to talk about how they are going to move forward to make itself more secure.
Database management giant MongoDB says it’s investigating a security incident that has resulted in the exposure of some information about customers.
In an update published on Sunday, MongoDB said does not believe hackers accessed any customer data stored in MongoDB Atlas, the company’s hosted database offering.
For one customer, this included system logs, MongoDB said.
System logs can include information about the running of a database or its underlying system.
MongoDB declined to say how many customers may be affected by the compromise of its corporate systems.
Due to COVID spreading throughout the continent, all airports closed and Portão 3 was founded to help stranded travelers. Their product allowed users to find alternative ways to get where…
Gemba is an enterprise-focused virtual reality (VR) training startup that has raised $18 million in a Series A round of funding. This new influx of capital will be used to…
