Salesforce is building new tower in Dublin and adding hundreds of jobs

Salesforce put the finishing touches on a tower in San Francisco last year. In October, it announced Salesforce Tower in Atlanta. Today, it was Dublin’s turn. Everyone gets a tower.

Salesforce first opened an office in Dublin back in 2001, and has since expanded to 1,400 employees. Today’s announcement represents a significant commitment to expand even further, adding 1,500 new jobs over the next five years.

The new tower in Dublin is actually going to be a campus made up of four interconnecting buildings on the River Liffey. It will eventually encompass 430,000 square feet with the first employees expected to move into the new facility sometime in the middle of 2021.

Artist’s rendering of Salesforce Tower Dublin rooftop garden. Picture: Salesforce

Martin Shanahan, who is CEO at IDA Ireland, the state agency responsible for attracting foreign investment in Ireland, called this one of the largest single jobs announcements in the 70-year history of his organization.

As with all things Salesforce, they will do this up big with an “immersive video lobby” and a hospitality space for Salesforce employees, customers and partners. This space, which will be known as the “Ohana Floor,” will also be available for use by nonprofits.They also plan to build paths along the river that will connect the campus to the city center.

Artist’s rendering of Salesforce Tower Dublin lobby. Picture: Salesforce

The company intends to make the project “one of the most sustainable building projects to-date” in Dublin, according to a statement announcing the project. What does that mean? It will, among other things, be a nearly Net Zero Energy building and it will use 100 percent renewable energy, including onsite solar panels.

Finally, as part of the company’s commitment to the local communities in which it operates, it announced a $1 million grant to Educate Together, an education nonprofit. The grant should help the organization expand its mission running equality-based schools. Salesforce has been supporting the group since 2009 with software grants, as well as a program where Salesforce employees volunteer at some of the organization’s schools.

Mac Malware OSX.Dok is Back, Actively Infecting Victims

First discovered in 2017, OSX.Dok is a little more sophisticated than most malware that targets macOS, and we’re not surprised to see it back in 2019. In this post, we take a look at how it works and explain how we discovered that new infections are occurring even as we write.

The story began on Christmas Day, when a new variant of OSX.Dok was signed with a valid Developer ID at 12:48pm on 25th December, 2018. We first spotted it on the 9th January and informed Apple through unofficial channels. Shortly after, the developer’s signature was revoked by the Cupertino company. Nevertheless, as we’ll see in this post, that has not stopped the attackers from continuing to compromise Mac users.

What’s up, Dok?

OSX.Dok is packaged inside a DMG called either DHL_Dokument.dmg or Strichkode DHL Express.dmg and uses the bundle identifier Swisscom.Application.

A screenshot of newly OSX.Dok

The 2017 version of OSX.Dok used a fake Preview icon to disguise an application bundle. The malware apparently targeted mostly European Mac users and was spread via an email phishing campaign that attempted to convince the user there was some problem with their tax returns.

A similar trick is used in the new version, only “Dokument” is now a fake Adobe PDF icon, with the instruction “Click twice on the icon to view the document” in German, presented when the user mounts the DMG. Although we haven’t seen examples of how it is propagated, given the DMG is entitled DHL_Dokument (DHL is a German postal service and international courier company) and contains German text, we’d hazard a guess that it may well be targeting the same groups and using a similar email trick as before.

A screenshot of fake dok app

Barely visible at the bottom of the view is the file name that reveals it’s true nature: ‘Dokument.app’. This is more obvious if the DMG is opened in the Finder’s column or list view:

Screenshot of fake dok ap in column view

A Different Kind of App Store

Double-clicking the Dokument.app launches a variety of tasks and installs a number of applications in the background. From the user’s perspective, the first thing that happens is the entire Desktop is overtaken by a fake “App Store” update splash screen. There’s no way for the user to cancel out or force quit from this view as the application disables the keyboard. Though we don’t often see this technique on macOS, this is not some new technique the hackers have conjured up. Rather, the malware authors have just leveraged the same Apple APIs that games developers use to produce an immersive experience and force players into particular game situations.

Screenshot of fake App Store Updates

In this case, the “game” is to stop the user interfering while the malware installs a variety of other software. There’s so much being installed, in fact, that if you have a Mac with cooling fans you’re likely to hear the fans spin up as the CPU comes under heavy load and internal heat starts to build. The whole installation takes several minutes.

During this time, the keyboard is partially re-enabled to allow the victim to type in authorisation credentials in a pop-up dialog. There’s little point in hitting ‘Cancel’ as the dialog will just reappear repeatedly. The only recourse victims really have at this point is a hard shutdown, followed by starting up in Safe mode to clear our not only the malware but also the persistence agents that have already been installed.

If the victim yields and supplies the password, OSX.Dok proceeds to install a hidden version of tor, and several utilities to enable stealth communication: socat, filan, and procan. The socat utility allows the malware to listen in on ports 5555 and 5588 until a connection comes in. The connection itself is traffic from the localhost, which is redirected to port 5555 by an autoproxy installed by the malware.

A screenshot of setting an autoproxy

The malware writes multiple Apple domain names into the local hosts file so that connections to these get redirected to 127.0.0.1. Once the malware starts capturing the user’s traffic, it then connects to a server on the Dark Net, ltro3fxssy7xsqgz.onion and begins data transfer.

Screenshot of socat processes

With Persistence, and Privilege

Meanwhile, the malicious installer writes several persistence agents. Three are installed in the user’s Library LaunchAgents folder, and one in the local domain’s LaunchDaemons folder:

Screenshot of dok persistence

The LaunchDaemon program argument at /usr/local/bin/JKHFJqTP is a shell script that ensures the autoproxy is set on all interfaces.

As with the earlier versions of OSX.Dok, this one installs a trust certificate in the Keychain. It also writes to the sudoers file to ensure that privileges can be maintained without having to repeatedly ask for a password. The last entry shown below in /etc/sudoers means any user can run any sudo command without being prompted for authentication.

Screenshot of modifying the sudoers file

The European Connection

This version of OSX.Dok is very much a clone of the older version, with the following differences.

  • New developer ID: Anton Ilin (48R325WWDB)
  • New App BundleID: Swisscom.Application
  • New Icon: Adobe PDF (instead of Preview PDF)
  • New Dark Net address: ltro3fxssy7xsqgz.onion

The SentinelOne agent not only detects OSX.Dok and protects SentinelOne customers from this infection but also allowed us to discover that the OSX.Dok’s authors had hardcoded an ftp username and password into the malware.

Screenshot of SentinelOne threat hunting

The console’s “Visibility” feature revealed that the malware uses curl and the ftp protocol to upload a log file from the victim’s machine to the following address (redacted as we believe that the address owner may unknowingly be hosting these files and indeed be a victim of hacking themselves):

ftp://engel-*******:0*******88@ftp.k******a.com/logs/

Screenshot of malware uses ftp

With the login name and password, we were able to access the ftp server and note that logs were still being sent at the time of writing, with 43 logs collected since yesterday. Here’s a partial (and redacted) list of some of the victims log files:

Screenshot of partial list of victims

Summary

OSX.Dok is back. With the ability to completely intercept its victims’ internet traffic, it represents a high risk to macOS users. While the aggressive nature of the install would suggest most users would likely realize something is wrong, given the poor take-up of 3rd party security solutions by Mac users and the weakness of Apple’s built-in protections like XProtect and Gatekeeper, the perpertrators are still clearly gaining wins. As our analysis shows, at least 43 compromises have occurred since yesterday. We are in the process of passing on our findings to the appropriate authorities and will keep you posted of further developments.


Like this article? Follow us on LinkedInTwitter, YouTube or Facebook to see the content we post.

Read more about macOS Security

A Review of Malware affecting macOS in 2018

Mojave’s security “hardening” | User protections could be bypassed

Inside Safari Extensions | Malware’s Golden Key to User Data

The Weakest Link: When Admins Get Phished | MacOS “OSX.Dummy” Malware

AWS launches Backup, a fully managed backup service for AWS

Amazon’s AWS cloud computing service today launched Backup, a new tool that makes it easier for developers on the platform to back up their data from various AWS services and their on-premises apps. Out of the box, the service, which is now available to all developers, lets you set up backup policies for services like Amazon EBS volumes, RDS databases, DynamoDB tables, EFS file systems and AWS Storage Gateway volumes. Support for more services is planned, too. To back up on-premises data, businesses can use the AWS Storage Gateway.

The service allows users to define their various backup policies and retention periods, including the ability to move backups to cold storage (for EFS data) or delete them completely after a certain time. By default, the data is stored in Amazon S3 buckets.

Most of the supported services, except for EFS file systems, already feature the ability to create snapshots. Backup essentially automates that process and creates rules around it, so it’s no surprise that pricing for Backup is the same as for using those snapshot features (with the exception of the file system backup, which will have a per-GB charge). It’s worth noting that you’ll also pay a per-GB fee for restoring data from EFS file systems and DynamoDB backups.

Currently, Backup’s scope is limited to a given AWS region, but the company says that it plans to offer cross-region functionality later this year.

“As the cloud has become the default choice for customers of all sizes, it has attracted two distinct types of builders,” writes Bill Vass, AWS’s VP of Storage, Automation, and Management Services. “Some are tinkerers who want to tweak and fine-tune the full range of AWS services into a desired architecture, and other builders are drawn to the same breadth and depth of functionality in AWS, but are willing to trade some of the service granularity to start at a higher abstraction layer, so they can build even faster. We designed AWS Backup for this second type of builder who has told us that they want one place to go for backups versus having to do it across multiple, individual services.”

Early adopters of AWS Backup are State Street Corporation, Smile Brands and Rackspace, though this is surely a service that will attract its fair share of users as it makes the life of admins quite a bit easier. AWS does have quite a few backup and storage partners, though, who may not be all that excited to see AWS jump into this market, too — though they often offer a wider range of functionality than AWS’s service, including cross-region and offsite backups.

 

Alation announces $50M Series C investment as data catalog biz takes off

Alation, a startup that helps crawl a company’s databases in order to build a data search catalog, announced a $50 million Series C investment today.

The round was led by Sapphire Ventures and Salesforce Ventures. Existing investors Costanoa Ventures, DCVC (Data Collective), Harmony Partners and Icon Ventures also participated. Today’s investment brings the total raised to $82 million, according to Crunchbase data.

The participation of Sapphire Ventures, originally launched by SAP, and Salesforce Ventures, the venture arm of Salesforce, is particularly telling. One of the issues these enterprise software companies face when they go inside large enterprises is helping customer’s access and understand data wherever it lives. It’s one of the reasons that Salesforce bought MuleSoft for $6.5 billion last year.

This is a problem that employees face, as well. It’s simply inefficient to query multiple databases manually, or to even know what databases exist inside a large organization. Alation uses out-of-the-box connectors to connect to common data sources like Oracle, Redshift, Teradata, Spark and Tableau to create a centralized data catalog.

With that catalog in place, employees can search just as they would with any enterprise search engine, with the notable difference that this tool is focused strictly on structured data inside of supported data sources.

The company goes beyond pure matching to find the data an employee is searching for. Company CEO and co-founder Satyen Sangani says they also use a method to analyze usage to display the most likely result. “What differentiates us in particular is that we look at the logs of how people are using that information,” he explained. This is analogous to how Google uses the PageRank algorithm to measure the popularity of a page based on the number of times people link to a page.

Alation catalog page. Screenshot: Alation

It is certainly not alone in the space, with competitors like Alteryx and Informatica, but Alation’s approach seems to be resonating. Sangani reports triple-digit growth four years running. The company has soared from 89 employees at the end of last year to around 200 today. It boasts 100 large enterprise customers in production, including names like BMW, Hilton, American Express and Salesforce (whose investment arm, Salesforce Ventures also helped lead today’s round).

As the company grows rapidly, Sangani says he wants the capital in place to help fuel the increasing interest. The size and scope of his customers means that he will need to hire not just engineers to keep developing the product and building new connectors, but customer support and sales and marketing. In all, he expects to add between 100 and 200 employees in the next year.

He also wants to continue building out partnerships. As an example, Teradata is an authorized reseller, and has helped sell the product in global markets where a startup like Alation might lack the resources to enter.

Based in Redwood City, Calif., the company launched in 2012 and released the first version of the product in 2014. Its most recent round prior to today was a $23 million Series B in 2017.

On-demand workspace platform Breather taps new CEO

Breather’s new CEO Bryan Murphy / Breather Press Kit

Breather, the platform that provides on-demand private workspace, announced today that it has appointed Bryan Murphy as its new CEO.

Before joining Breather, Murphy was the founder and president of direct-to-consumer mattress startup, Tomorrow Sleep. Prior to Tomorrow Sleep, Murphy held posts as an advisor to investment firms and as an executive at eBay after the company acquired his previous company, WHI Solutions — an e-commerce platform for aftermarket auto parts — where Murphy was the co-founder and CEO.

Breather believes Murphy’s extensive background scaling e-commerce and SaaS platforms, as well as his experience working with incumbents across a number of traditional industries, can help it execute through its next stage of global growth.

Murphy is filling the vacancy left by co-founder and former CEO Julien Smith, who stepped down as chief executive this past September, just three months after the company completed its $45 million Series C round, which was led by Menlo Ventures and saw participation from RRE Ventures, Temasek Holdings, Ascendas-Singbridge and Caisse de Depot et Placement du Quebec.

In a past statement on his transition, Smith said: “As I reflect on my strengths and consider what it will take for the company to reach its full potential, I realize bringing on an executive with experience scaling a company through the next level of growth is the best thing for the business.”

Smith, who remains with the company as chairman of the board, believes Murphy more than fits the bill. “Bryan’s record of scaling brands in competitive markets makes him an ideal leader to support this momentum, and I’m excited to see where he takes us next,” Smith said.

In a conversation with TechCrunch, Murphy explained that Breather’s next growth phase will ultimately come down to its ability to continue the global expansion of its network of locations and partner landlords while striking the optimal balance between rental economics and employee utility, productivity and performance. With new spaces and ramped marketing efforts, Murphy and the company expect 2019 to be a big year for Breather — “I think this year, you’re going to start hearing a lot about Breather and it really being in a leadership role for the industry.”

Breather’s workspace at 900 Broadway in New York City is one of 500+ network locations accessible to users.

On Breather’s platform, users are currently able to access a network of more than 500 private workspaces across 10 major cities around the world, which can be booked as meeting space or short-term private office space.

Meeting spaces can be reserved for as little as two hours, while office space can be booked on a month-to-month basis, providing businesses with financial flexibility, private and more spacious alternatives to co-working options, and the ability to easily change offices as they grow. For landlords, Breather allows property owners to generate value from underutilized space by providing a turnkey digital booking system, as well as expertise in the short-term rental space.

Murphy explained to TechCrunch that part of what excited him most about his new role was his belief in Breather’s significant product-market fit and the immense addressable market that he sees for flexible workspaces longer-term. With limited penetration to date, Murphy feels the commercial office space industry is in just the third inning of significant transformation. 

Murphy believes that long-term growth for Breather and other flexible space providers will be driven by a heightened focus on employee flexibility and wellness, a growing number of currently underserved companies whose needs fall between co-working and traditional direct leasing, and the need for landlords to support a wider variety of office space options as workforce demographics and behaviors shift. 

Murphy believes that the ease, flexibility and unlocked value Breather provides puts the platform in a great position to win market share.

“Breather has built a remarkable commercial real estate e-commerce and services platform that offers one-click access to over 500 workspaces around the world,” said Murphy in a press release. “To our customers, having access to workspace that is turnkey, affordable, beautiful, productive and that can flex up and down based on needs is a total game changer.”

To date, Breather has served more than 500,000 customers and has raised more than $120 million in investment.

IBM and Vodafone form cloud, 5G and AI business venture and ink $550M service deal

IBM is one of the world’s biggest system integrators, but to get closer to where enterprises are actually doing their work, it’s been inking partnerships with companies that build devices and run the networks enterprises are using for their IT, and today comes the latest development on that front.

IBM is announcing a new venture with mobile carrier Vodafone, in a deal that will comes in two parts. First, IBM will supply Vodafone’s B2B unit Vodafone Business with managed services in the areas of cloud and hosting. And second, the two will together work on building and delivering solutions in areas like AI, cloud, 5G, IoT and software defined networking to enterprise customers.

The latter part of the deal appears to be a classic JV that will see both sides bringing something to the table — employees from both companies will be moving into a separate office together very soon that will essentially be “neutral” territory. The former part, meanwhile, will see Vodafone paying IBM some $550 million in an eight-year agreement.

That price tag alone is a strong indicator that this deal is a big one for both companies.

The agreement follows along the lines of what IBM inked with Apple several years ago, where the two would work together to develop enterprise solutions that would have been more challenging to do on their own.

Indeed, while IBM does provide systems integration services, it hasn’t moved as deeply into mobile-specific solutions for businesses, even as its other operational units — doing research and other work in AI, cloud, quantum computing and other areas — are making strong headway on specific projects, some of which involve mobile technology. Now that it’s nearly in full possession of RedHat — which it is in the process of buying for $34 billion, a deal that’s now received the approval of RedHat’s shareholders — it will also have open source cloud computing to add to that.

What the Vodafone deal will tap is taking more of those cutting-edge developments that IBM has built and worked on in specific projects, and productise them for a wider audience of businesses and other organisations, which might already be Vodafone customers.

“To deliver multi-cloud strategies in the real world, enterprises need to invest at many levels, ranging from cloud connectivity to cloud governance and management. This new venture between Vodafone and IBM addresses the ‘full stack’ of real-world multi-cloud concerns with a powerful combination of capabilities that should enable customers to deliver multi-cloud strategies in all layers of their organizations,” noted Carla Arend, senior program director for European software at IDC.

The Apple / IBM deal is more than instructive in this case; it will help fuel this new venture. From what I understand, several fruits of that labor will be making their way into the IBM / Vodafone deal, too, which makes sense, considering Vodafone’s position as a mobile carrier and the iPhone making some strong headway into the business market.

“IBM has built industry-leading hybrid cloud, AI and security capabilities underpinned by deep industry expertise,” said IBM Chairman, President and CEO Ginni Rometty in a statement. “Together, IBM and Vodafone will use the power of the hybrid cloud to securely integrate critical business applications, driving business innovation – from agriculture to next- generation retail.”

“Vodafone has successfully established its cloud business to help our customers succeed in a digital world,” said Vodafone CEO Nick Read, in the statement. “This strategic venture with IBM allows us to focus on our strengths in fixed and mobile technologies, whilst leveraging IBM’s expertise in multicloud, AI and services. Through this new venture we’ll accelerate our growth and deepen engagement with our customers while driving radical simplification and efficiency in our business.”

I’ve been told that the first joint “customer engagements” are already happening with an unnamed energy company. Thinking about what kinds of services Vodafone may be providing to end users today — they will cover mobile data and voice connectivity, mobile broadband, IoT and 5G services — this first deal will involve tapping all four, with an emphasis on 5G and IoT.

Former Facebook engineer picks up $15M for AI platform Spell

In 2016, Serkan Piantino packed up his desk at Facebook with hopes to move on to something new. The former director of Engineering for Facebook AI Research had every intention to keep working on AI, but quickly realized a huge issue.

Unless you’re under the umbrella of one of these big tech companies like Facebook, it can be very difficult and incredibly expensive to get your hands on the hardware necessary to run machine learning experiments.

So he built Spell, which today received $15 million in Series A funding led by Eclipse Ventures and Two Sigma Ventures.

Spell is a collaborative platform that lets anyone run machine learning experiments. The company connects clients with the best, newest hardware hosted by Google, AWS and Microsoft Azure and gives them the software interface they need to run, collaborate and build with AI.

“We spent decades getting to a laptop powerful enough to develop a mobile app or a website, but we’re struggling with things we develop in AI that we haven’t struggled with since the 70s,” said Piantino. “Before PCs existed, the computers filled the whole room at a university or NASA and people used terminals to log into a single main frame. It’s why Unix was invented, and that’s kind of what AI needs right now.”

In a meeting with Piantino this week, TechCrunch got a peek at the product. First, Piantino pulled out his MacBook and opened up Terminal. He began to run his own code against MNIST, which is a database of handwritten digits commonly used to train image detection algorithms.

He started the program and then moved over to the Spell platform. While the original program was just getting started, Spell’s cloud computing platform had completed the test in less than a minute.

The advantage here is obvious. Engineers who want to work on AI, either on their own or for a company, have a huge task in front of them. They essentially have to build their own computer, complete with the high-powered GPUs necessary to run their tests.

With Spell, the newest GPUs from Nvidia and Google are virtually available for anyone to run their tests.

Individual users can get on for free, specify the type of GPU they need to compute their experiment and simply let it run. Corporate users, on the other hand, are able to view the runs taking place on Spell and compare experiments, allowing users to collaborate on their projects from within the platform.

Enterprise clients can set up their own cluster, and keep all of their programs private on the Spell platform, rather than running tests on the public cluster.

Spell also offers enterprise customers a “spell hyper” command that offers built-in support for hyperparameter optimization. Folks can track their models and results and deploy them to Kubernetes/Kubeflow in a single click.

But perhaps most importantly, Spell allows an organization to instantly transform their model into an API that can be used more broadly throughout the organization, or used directly within an app or website.

The implications here are huge. Small companies and startups looking to get into AI now have a much lower barrier to entry, whereas large traditional companies can build out their own proprietary machine learning algorithms for use within the organization without an outrageous upfront investment.

Individual users can get on the platform for free, whereas enterprise clients can get started for $99/month per host you use over the course of a month. Piantino explains that Spell charges based on concurrent usage, so if the customer has 10 concurrent things running, the company considers that the “size” of the Spell cluster and charges based on that.

Piantino sees Spell’s model as the key to defensibility. Whereas many cloud platforms try to lock customers in to their entire suite of products, Spell works with any language framework and lets users plug and play on the platforms of their choice by simply commodifying the hardware. In fact, Spell doesn’t even share with clients which cloud cluster (Microsoft Azure, Google or AWS) they’re on.

So, on the one hand the speed of the tests themselves goes up based on access to new hardware, but, because Spell is an agnostic platform, there is also a huge advantage in how quickly one can get set up and start working.

The company plans to use the funding to further grow the team and the product, and Piantino says he has his eye out for top-tier engineering talent, as well as a designer.

773M Password ‘Megabreach’ is Years Old

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it “the largest collection ever of breached data found.” But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of stolen data, and that it is at least two to three years old.

The dump, labeled “Collection #1” and approximately 87GB in size, was first detailed earlier today by Troy Hunt, who operates the HaveIBeenPwned breach notification service. Hunt said the data cache was likely “made up of many different individual data breaches from literally thousands of different sources.”

KrebsOnSecurity sought perspective on this discovery from Alex Holden, CTO of Hold Security, a company that specializes in trawling underground spaces for intelligence about malicious actors and their stolen data dumps. Holden said the data appears to have first been posted to underground forums in October 2018, and that it is just a subset of a much larger tranche of passwords being peddled by a shadowy seller online.

Here’s a screenshot of a subset of that seller’s current offerings, which total almost 1 Terabyte of stolen and hacked passwords:

The 87GB “Collection1” archive is one of but many similar tranches of stolen passwords being sold by a particularly prolific ne’er-do-well in the underground.

As we can see above, Collection #1 offered by this seller is indeed 87GB in size. He also advertises a Telegram username where he can be reached — “Sanixer.” So, naturally, KrebsOnSecurity contacted Sanixer via Telegram to find out more about the origins of Collection #1, which he is presently selling for the bargain price of just $45.

Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his “freshest” offering. Rather, he sort of steered me away from that archive, suggested that — unlike most of his other wares — Collection #1 was at least 2-3 years old. His other password packages, which he said are not all pictured in the above screen shot and total more than 4 terabytes in size, are less than a year old, Sanixer explained.

By way of explaining the provenance of Collection #1, Sanixer said it was a mix of “dumps and leaked bases,” and then he offered an interesting screen shot of his additional collections. Click on the image below and notice the open Web browser tab behind his purloined password trove (which is apparently stored at Mega.nz): Troy Hunt’s published research on this 773 million Collection #1.

Sanixer says Collection #1 was from a mix of sources. A description of those sources can be seen in the directory tree on the left side of this screenshot.

Holden said the habit of collecting large amounts of credentials and posting it online is not new at all, and that the data is far more useful for things like phishing, blackmail and other indirect attacks — as opposed to plundering inboxes. Holden added that his company had already derived 99 percent of the data in Collection #1 from other sources.

“It was popularized several years ago by Russian hackers on various Dark Web forums,” he said. “Because the data is gathered from a number of breaches, typically older data, it does not present a direct danger to the general user community. Its sheer volume is impressive, yet, by account of many hackers the data is not greatly useful.”

A core reason so many accounts get compromised is that far too many people have the nasty habit(s) of choosing poor passwords, re-using passwords and email addresses across multiple sites, and not taking advantage of multi-factor authentication options when they are available.

If this Collection #1 has you spooked, changing your password(s) certainly can’t hurt — unless of course you’re in the habit of re-using passwords. Please don’t do that. As we can see from the offering above, your password is probably worth way more to you than it is to cybercriminals (in the case of Collection #1, just .000002 cents per password).

For most of us, by far the most important passwords are those protecting our email inbox(es). That’s because in nearly all cases, the person who is in control of that email address can reset the password of any services or accounts tied to that email address – merely by requesting a password reset link via email. For more on this dynamic, please see The Value of a Hacked Email Account.

Your email account may be worth far more than you imagine.

And instead of thinking about passwords, consider using unique, lengthy passphrases — collections of words in an order you can remember — when a site allows it. In general, a long, unique passphrase takes for more effort to crack than a short, complex one. Unfortunately, many sites do not let users choose passwords or passphrases that exceed a small number of characters, or they will otherwise allow long passphrases but ignore anything entered after the character limit is reached.

If you are the type of person who likes to re-use passwords, then you definitely need to be using a password manager, which helps you pick and remember strong and unique passwords/passphrases and essentially lets you use the same strong master password/passphrase across all Web sites.

Finally, if you haven’t done so lately, mosey on over to twofactorauth.org and see if you are taking full advantage of multi-factor authentication at sites you trust with your data. The beauty of multi-factor is that even if thieves manage to guess or steal your password just because they hacked some Web site, that password will be useless to them unless they can also compromise that second factor — be it your mobile device or security key.

Infor lands $1.5 billion investment ahead of IPO

Infor, a NYC-based enterprise software company, announced a massive $1.5 billion investment today that could be the precursor to an IPO in the next 12-24 months. One analyst is estimating that the valuation could be at least $60 billion.

The investment is being led by Koch Industries’ investment arm, Koch Equity Development, and Golden Gate Capital. Today’s investment comes on top of a $2 billion+ cash infusion from Koch in 2017, bringing the total raised to at least more than $3.5 billion along with a hefty $6.1 billion in debt. That’s a lot of cash.

In fact, the company plans to use a large portion of today’s investment to pay down part of that debt, including $500 million in senior secured notes due in 2020, which it plans to pay off next month, and $750 million in HoldCo senior contingent cash pay notes due in 2021, which it plans to pay off in May. The thinking is that the company wants to reduce its debt load ahead of its IPO.

“We expect this paydown, in combination with cash flows and estimated IPO proceeds, will provide Infor with leverage levels consistent with other successful IPOs over the past few years,” Infor CFO Kevin Samuelson explained during an investor call today.

The company wouldn’t rule out additional investments before going public, but it was looking firmly toward an IPO. “We’ve spoken for some time about the many advantages that we believe Infor will receive if the company goes public, including improved brand recognition, a broader employee equity program, additional currency for M&A and more financial clarity for our customers and prospects,” Samuelson said.

Infor may be the largest company you never heard of, with more than 17,000 employees and 68,000 customers in more than 100 countries worldwide. All of those customers generated $3 billion in revenue in 2018. That’s a significant presence.

Ray Wang, founder and principal analyst at Constellation Research, told TechCrunch that based on that revenue, he believes the valuation could be in the neighborhood of $60 billion. He based that on $3 billion in revenue, while using Oracle and SAP as similar industry comparisons. These companies have a 20X price/earnings ratio. He adds, that would make it the largest tech IPO ever for a NYC tech company if that comes to pass. Infor would not confirm this number with a spokesperson telling TechCrunch, “We cannot comment on value at this time.”

What does this company do to achieve this size and scope? It’s not unlike many other large enterprise companies, says Wang. It produces cloud software solutions around typical enterprise needs such as CRM, ERP and supply chain asset management.

Daniel Newman, principal analyst at Futurum Research, says that Infor has grown rapidly through a series of acquisitions and an unusual approach to enterprise software. “What makes its approach to enterprise software unique is that rather than building software and then attempting to customize it for the unique [customer] needs, Infor takes an industry-based approach that incorporates both subtle and material capabilities to address specific industry needs that more generic ERP tools aren’t capable of out of the box,” Newman told TechCrunch.

He adds that this difference is attractive to many companies seeking ERP and enterprise asset management tools that are built with their business in mind, rather than completely customizing a software designed for any business in any industry.

As it turns out, Koch isn’t just an investor, it’s an Infor customer. “Koch was a customer of Infor before we became an investor in the company, and Koch Industries’ companies continue to move their most mission critical applications to Infor CloudSuites,” Jim Hannan, executive vice president and CEO for Enterprises at Koch Industries said in a statement.

The company, which was founded way back in 2002, has been shifting to the cloud over the last five years. It reports that more than 70 percent of its revenue is now derived from cloud products, fueled in part by an aggressive acquisition strategy.

HyperScience, the machine learning startup tackling data entry, raises $30 million Series B

HyperScience, the machine learning company that turns human readable data into machine readable data, has today announced the close of a $30 million Series B funding round led by Stripes Group, with participation from existing investors FirstMark Capital and Felicis Ventures, as well as new investors Battery Ventures, Global Founders Capital, TD Ameritrade and QBE.

HyperScience launched out of stealth in 2016 with a suite of enterprise products focused on the healthcare, insurance, finance and government industries. The original products were HSForms (which handled data-entry by converting hand-written forms to digital), HSFreeForm (which did a similar function for hand-written emails or other non-form content) and HSEvaluate (which could parse through complex data on a form to help insurance companies approve or deny claims by pulling out all the relevant info).

Now, the company has combined all three of those products into a single product called HyperScience. The product is meant to help companies and organizations reduce their data-entry backlog and better serve their customers, saving money and resources.

The idea is that many of the forms we use in life or in the workplace are in an arbitrary format. My bank statements don’t look the same as your bank statements, and invoices from your company might look different than invoices from my company.

HyperScience is able to take those forms and pipe them into the system quickly and easily, without help from humans.

Instead of charging by seat, HyperScience charges by documents, as the mere use of HyperScience should mean that fewer humans are actually “using” the product.

The latest round brings HyperScience’s total funding to $50 million, and the company plans to use a good deal of that funding to grow the team.

“We have a product that works and a phenomenally good product market fit,” said CEO Peter Brodsky. “What will determine our success is our ability to build and scale the team.”