Meme editor Kapwing grows 10X, raises $11M

/0 Comments/in /by

Kapwing is a laymen’s Adobe Creative Suite built for what people actually do on the internet: make memes and remix media. Need to resize a video? Add text or subtitles to a video? Trim or crop or loop or frame or rotate or soundtrack or… then you need Kapwing. The free web and mobile tool is built for everyone, not just designers. No software download or tutorials to slog through. Just efficient creativity.

Kapwing Video Editor

In a year since coming out of stealth with 100,000 users, Kapwing has grown 10X, to more than 1 million. Now it going pro, building out its $20/month collaboration tools for social media managers and scrappy teams. But it won’t forget its roots with teens, so it has dropped its pay-$6-to-remove-watermarks tier while keeping its core features free.

Eager to capitalize on the meme and mobile content business, CRV has just led an $11 million Series A round for Kapwing. It’s joined by follow-on cash from Village Global, Sinai and Shasta Ventures, plus new investors Jane VC, Harry Stebbings, Vector and the Xoogler Syndicate. CRV partners “the venture twins” Justine and Olivia Moore actually met Kapwing co-founder and CEO Julia Enthoven while they all worked at The Stanford Daily newspaper in 2012.

“As a team, we love memes. We talk about internet fads almost every day at lunch and pay close attention to digital media trends,” says Enthoven, who started the company with fellow Googler Eric Lu. “One of our cultural tenets is to respect the importance of design, art and culture in the world, and another one is to not take ourselves too seriously.” But it is taking on serious clients.

As Kapwing’s toolset has grown, it has seen paying customers coming from Amazon, Sony, Netflix and Spotify. Now only 13% of what’s made with it are traditional text-plus-media memes. “Kapwing will always be designed for creators first: the students, artists, influencers, entrepreneurs, etc. who define and spread culture,” says Enthoven. “But we make money from the creative professionals, marketers, media teams and office workers who need to create content for work.”

Kapwing Tools

That’s why in addition to plenty of templates for employing the latest trending memes, Kapwing now helps Pro subscribers with permanent hosting, saving throughout the creation process and re-editing after export. Eventually it plans to sell enterprise licenses to let whole companies use Kapwing.

Kapwing Tools 1

Copycats are trying to chip away at its business, but Kapwing will use its new funding to keep up a breakneck pace of development. Pronounced “Ka-Pwing,” like a bullet ricochet, it’s trying to stay ahead of Imgflip, ILoveIMG, Imgur’s on-site tool and more robust apps like Canva.

If you’ve ever been stuck with a landscape video that won’t fit in an Instagram Story, a bunch of clips you want to stitch together or the need to subtitle something for accessibility, you’ll know the frustration of lacking a purpose-built tool. And if you’re on mobile, there are even fewer options. Unlike some software suites you have to install on a desktop, Kapwing works right from a browser.

Trending Memes Kapwing

” ‘Memes’ is such a broad category of media nowadays. It could refer to a compilation like the political singalong videos, animations like Shooting Star memes or a change in music like the AOC Dancing memes,” Enthoven explains. “Although they used to be edgy, memes have become more mainstream . . . Memes popularized new types of multimedia formats and made raw, authentic footage more acceptable on social media.”

As communication continues to shift from text to visual media, design can’t only be the domain of designers. Kapwing empowers anyone to storytell and entertain, whether out of whimsy or professional necessity. If big-name creative software from Adobe or Apple don’t simplify and offer easy paths through common use cases, they’ll see themselves usurped by the tools of the people.

Kapwing is Adobe for the meme generation

Amazon launches Amazon Care, a virtual and in-person healthcare offering for employees

/0 Comments/in /by

Amazon has gone live with Amazon Care, a new pilot healthcare service offering that is initially available to its employees in and around the Seattle area. The Amazon Care offering includes both virtual and in-person care, with telemedicine via app, chat and remote video, as well as follow-up visits and prescription drug delivery in person directly at an employee’s home or office.

First reported by CNBC, Amazon Care grew out of an initiative announced in 2018 with J.P. Morgan and Berkshire Hathaway to make a big change in how they all collectively handle their employee healthcare needs. The companies announced at the time that they were eager to put together a solution that was “free from profit-making incentives and constraints,” which are of course at the heart of private insurance companies that serve corporate clients currently.

Other large companies, like Apple, offer their own on-premise and remotely accessible healthcare services as part of their employee compensation and benefits packages, so Amazon is hardly unique in seeking to scratch this itch. The difference, however, is that Amazon Care is much more external-facing than those offered by its peers in Silicon Valley, with a brand identity and presentation that strongly suggests the company is thinking about more than its own workforce when it comes to a future potential addressable market for Care.

Screen Shot 2019 09 24 at 4.02.46 PM

The Amazon Care logo.

Care’s website also provides a look at the app that Amazon developed for the telemedicine component, which shows the flow for choosing between text chat and video, as well as a summary of care provided through the service, with invoices, diagnosis and treatment plans all available for patient review.

Amazon lists Care as an option for a “first stop,” with the ability to handle things like colds, infections, minor injuries, preventative consultations, lab work, vaccinations, contraceptives and STI testing and general questions. Basically, it sounds like they cover off a lot of what you’d handle at your general practitioner, before being recommended on for any more specialist or advanced medical treatment or expertise.

photo devicerendering.4x 9a453f4c420db36a6d32e73e7e344dec

Rendered screenshots of the Amazon Care app for Amazon employees.

Current eligibility is limited to Amazon’s employees, who are enrolled in the company’s health insurance plan, and who are located in the pilot service geographical area. The service is currently available between 8 AM and 9 PM local time from Monday through Friday, and between 8 AM and 6 PM Saturday through Sunday.

Amazon acquired PillPack last year, an online pharmacy startup, for around $753 million, and that appears to be part of their core value proposition with Amazon Care, too, which features couriered prescribed medications and remotely communicated treatment plans.

Amazon may be limiting this pilot to employees at launch, but the highly-publicized nature of their approach, and the amount of product development that clearly went into developing the initial app, user experience and brand all indicate that it has the broader U.S. market in mind as a potential expansion opportunity down the line. Recent reports also suggest that it’s going to make a play in consumer health with new wearable fitness tracking devices, which could very nicely complement insurance and health care services offered at the enterprise and individual level. Perhaps not coincidentally, Walgreens, CVS and McKesson stock were all trading down today.

Trickbot Update: Brief Analysis of a Recent Trickbot Payload

/0 Comments/in /by

Trickbot, as a malware family, dates back to 2016. In recent months we, and many others in the industry, have been observing something of an “awakening” or resurgence of widespread Trickbot campaigns. Trickbot started life as one of many specialized banking trojans. However, over the years, it has become far more robust. In many ways, Trickbot parallels the evolution of contemporary threats (such as Emotet) via its modular and expandable architecture.

In this write-up, we will focus on a recently intercepted sample of Trickbot, specifically highlighting the threat’s ongoing efforts to evade detection, and we will look at the current suite of modules installed with the analyzed sample(s).

feature image of trickbot brief analysis

Trickbot: Background and Sample Overview

Trickbot is distributed in multiple ways. It is common to see it dropped in tandem with (or, as a later stage, in) Emotet and Ryuk ransomware infections. It can also be distributed via common Exploit Kit, as well as more traditional methods such as email phishing or via drive-by download.

At the time of infection, Trickbot will typically

· Deposit configuration and supporting module data into %appdata%roaming
· Establish persistence (e.g. via a scheduled task)
· Establish secure communications (TLS) with the C2
· Attempt to update/reconfigure relevant modules
· Attempt lateral movement via the “mworm” and “share” modules

Sample Details:

Size 852.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 43e5a4836f8b53e6155ac85ca6311d2e
SHA1 989ea2e24be32348b5d3bb536c41171afdd32d64
SHA256 ddb093214e73a1014ee03924e308267281b9f383ab85ea03c3d98dfeeec38a
Original Filename MSWDAT10.DLL
Compile Time 2019-09-16 23:23:41

This particular sample was downloaded by a malicious Office document (.docm) received via a phishing email.

Following a short built-in delay (approximate 3000ms or so), the sample begins execution with the trojan dropping copies of itself into %ProgramData% and %AppData%.

As with other examples of Trickbot, the %AppData% directory will end up homing all the configuration files and encoded modules for the trojan.

In this sample, we also observe an RSA Crypto routine for decrypting resources in RoamingCryptoRSA for self protection / internal use.

Disabling Windows Defender

The sample manipulates the local policy to alter the behavior of PowerShell and Windows Defender. This specific behavior is not necessarily new to Trickbot. However, it is important to highlight this behavior to remind us of some of the “tricks” that this threat (and others) will use to increase exposure on affected hosts.

cmdline cmd.exe /c powershell Set-MpPreference -DisableIOAVProtection $true
cmdline cmd.exe /c powershell Set-MpPreference -DisableBlockAtFirstSeen $true
cmdline cmd.exe /c powershell Set-MpPreference -DisableIntrusionPreventionSystem $true
cmdline cmd.exe /c powershell Set-MpPreference -DisablePrivacyMode $true
cmdline cmd.exe /c powershell Set-MpPreference -LowThreatDefaultAction 
cmdline cmd.exe /c powershell Set-MpPreference -ModerateThreatDefaultAction 
cmdline cmd.exe /c powershell Set-MpPreference -DisableBehaviorMonitoring $true
cmdline cmd.exe /c sc delete WinDefend
cmdline cmd.exe /c sc stop WinDefend
cmdline cmd.exe /c powershell Set-MpPreference -DisableScriptScanning $true
cmdline cmd.exe /c powershell Set-MpPreference -DisableRealtimeMonitoring $true
cmdline cmd.exe /c powershell Set-MpPreference -SevereThreatDefaultAction 

With PowerShell’s advanced logging features (ScriptBlock logging) we can see these events transpire.

All these commands are executed by powershell.exe via cmd.exe. The purpose of each is to chip away at the protections provided by Windows Defender / native OS controls. Each of these settings are well documented. In essence, they each function as follows:

Setting Function
DisableOAVProtection Toggles scanning of downloaded files and attachments
DisableBlockAtFirstSeen Toggles blocking of new/unknown malware upon the first instance of such
DisableIntrusionPreventionSystem Toggles network exploit prevention
DisablePrivacyMode Toggles display/availability of threat history data to other users
LowThreatDefaultAction Controls behavior on low-level threat detection
ModerateThreatDefaultAction Controls behavior on moderate-level threat detection
DisableBehaviorMonitoring Toggles Windows Defender behavioral monitoring and detection
DisableScriptScanning Toggles scanning of scripts by Windows Defender
DisableRealTimeMonitoring Toggles Windows Defender real-time detection
SevereThreatDefaultAction Controls behavior on severe threat detection

Persistence Mechanisms & Configuration

Trickbot employs multiple persistence mechanisms, including the creation of scheduled tasks. In this particular example, the trojan creates a task which is triggered upon startup and repeats every 11 minutes.


Per typical Trickbot infections, the trojan installs multiple modules and encoded configuration data in %appdata%roaming.


We see, in this example, that we have the following:

Name Function
importDll64 Browser data stealer module
injectDll64 Handles web-injects, including support for several hundred banking/financial sites
mailsearcher64 Recon module parses specific filetypes for “of interest” data
mshareDll64 Lateral movement / enumeration module via LDAP and SMB exploitation. Mshare and mworm modules work in cooperation
mwormDll64 Lateral movement / enumeration module via LDAP and SMB exploitation. Mshare and mworm modules work in cooperation
networkDll64 Recon module queries network specific environmental data
psfin64 Point-of-sale recon module
pwgrab64 Credential theft module (stored browser data)
systeminfo64 Recon module. Provides system-specific information and data to the C2
tabDll64 Credential theft module (mimikatz). Sometimes contains additional lateral movement code.

The SHA checksums for the DLL modules dropped by this sample are listed below:

Name SHA1
importDll64.dll cbd80eb5112a9560fbe7d9ce6fc0258af6415827
injectDll64.dll 452d1bd2c7108429a732f2d6c504a595989a91d8
mailsearcher64.dll 452d1bd2c7108429a732f2d6c504a595989a91d8
mshareDll64.dll 9d545c60a015a42668b33797e0274b8f7e374de9
mwormDll64.dll 1b8088f5ae6118fd948c50bf9269ba4d9ba1a781
networkDll64.dll 374b411a00f513b002902870e216e56186b8c9b8
psfin64.dll de9caa99ca6c4f7892b3b9dfb9c9747bd503d753
pwgrab64.dll 8ad57a9acfd3940f2b044c2ab7777f8d051941f0
systeminfo64.dll b8608d835faa4f5b3fe38e79c0b3a9e6a7f1811f
tabDll64.dll a6c0d73d47945bd6350bf698870aa7189e7085c7

Decoding Trickbot DLL Modules

By decoding the individual modules and their configuration/support files, we can gain further understanding on the data being targeted. The data from decoding the importdll64 module shown below is just a small fraction of the sites listed for interception by this particular module. This sample listed ~25,000 sites for targeting; however, the amount is higher than that due to the use of wildcard characters.

We can also dive into the specific web-injection attacks and targets by exploring the decoded configuration files for injectDLL64. This part of the decoded injectdll64dinj reveals a portion of the trojan’s web injects.

Here were see part of the decoded injectdll64dpost revealing the data exfiltration targets:

Part of the decoded mwormDll64 module:

Decoding the pwgrabDLL64 shows the sample’s password grabbing functionality:

SentinelOne Detection & Mitigation

SentinelOne’s advanced endpoint technology is able to prevent infection and further compromise at all stages of a Trickbot-based attack.

Through the SentinelOne Management console, we can drill deeper to see the specific flow and gather additional details. For example, below we see the Attack Story Line for a directly executed Trickbot payload.


Conclusion

Over the years, Trickbot has continued to evolve and weave itself in and out of the threat landscape. The most recent campaigns have been some of the more prolific and damaging across the history of this threat family. That being said, it can be stopped. Regardless of the delivery method (web drive-by download, phishing email, direct execution), the SentinelOne advanced endpoint solution can prevent infection and block any related malicious actions. If you’re not already protected by SentinelOne, contact us for a free demo and see how we can help autonomously protect your organization from today’s malware threats.

IOCs

PE Hash(s)
D48649f60b0b3e96fb3b077d7af00d1b1a3fefe8
989ea2e24be32348b5d3bb536c41171afdd32d64
9dbd2d9465c2013dc920100feb2112c04103fd5a

Modules
cbd80eb5112a9560fbe7d9ce6fc0258af6415827 importDll64.dll
452d1bd2c7108429a732f2d6c504a595989a91d8 injectDll64.dll
5e71926c1b704b13c42fd38f53aefed933d9c4ce mailsearcher64.dll
9d545c60a015a42668b33797e0274b8f7e374de9 mshareDll64.dll
1b8088f5ae6118fd948c50bf9269ba4d9ba1a781 mwormDll64.dll
374b411a00f513b002902870e216e56186b8c9b8 networkDll64.dll
de9caa99ca6c4f7892b3b9dfb9c9747bd503d753 psfin64.dll
8ad57a9acfd3940f2b044c2ab7777f8d051941f0 pwgrab64.dllTrick
b8608d835faa4f5b3fe38e79c0b3a9e6a7f1811f systeminfo64.dll
a6c0d73d47945bd6350bf698870aa7189e7085c7 tabDll64.dll

Network
212.80.216.142:443
170.238.117.187:8082
186.10.243.70:8082
190.119.180.226:8082
131.161.105.206:8082
103.116.84.44:8082
200.29.106.33:80
103.194.90.242:80
103.87.48.54:80
201.184.137.218:80
103.84.238.3:80
107.172.143.155:443
193.29.56.122:443
192.227.142.155:443
23.94.204.80:443
185.222.202.49:443
104.244.73.115:443

MITRE ATT&CK Trickbot
Application has registered itself to become persistent via scheduled task. MITRE: Persistence {T1084}
Shellcode execution was detected. MITRE: Execution {T1106, T1064}
PowerShell {T1086}
Process Hollowing {T1093}
Exfiltration Over Command and Control Channel {T1041}
Disabling Security Tools {T1089}

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Programmer who took down open-source pieces over Chef ICE contract responds

/0 Comments/in /by

On Friday afternoon Chef CEO Barry Crist and CTO Corey Scobie sat down with TechCrunch to defend their contract with ICE after a firestorm on social media called for them to cut ties with the controversial agency. On Sunday, programmer Seth Vargo, the man who removed his open-source components, which contributed to a partial shutdown of Chef’s commercial business for a time last week, responded.

While the Chef executives stated that the company was in fact the owner, Vargo made it clear he owned those pieces and he had every right to remove them from the repository. “Chef (the company) was including a third-party software package that I owned. It was on my personal repository on GitHub and personal namespace on RubyGems,” he said. He believes that gave him the right to remove them.

Chef CTO Corey Scobie did not agree. “Part of the challenge was that [Vargo] actually didn’t have authorization to remove those assets. And the assets were not his to begin with. They were actually created under a time when that particular individual [Vargo] was an employee of Chef. And so therefore, the assets were Chef’s assets, and not his assets to remove,” he said.

Vargo says that simply isn’t true and Chef misunderstands the licensing terms. “No OSI license or employment agreement requires me to continue to maintain code of my personal account(s). They are conflating code ownership (which they can argue they have) over code stewardship,” Vargo told TechCrunch.

As further proof, Vargo added that he has even included detailed instructions in his will on how to deal with the code he owns when he dies. “I want to make it absolutely clear that I didn’t “hack” into Chef or perform any kind of privilege escalation. The code lived in my personal accounts. Had I died on Thursday, the exact same thing would have happened. My will requests all my social media and code accounts be deleted. If I had deleted my GitHub account, the same thing would have happened,” he explained.

Vargo said that Chef actually was in violation of the open-source license when they restored those open-source pieces without putting his name on it. “Chef actually violated the Apache license by removing my name, which they later restored in response to public pressure,” he said.

Scobie admitted that the company did forget to include Vargo’s name on the code, but added it back as soon as they heard about the problem. “In our haste to restore one of the objects, we inadvertently removed a piece of metadata that identified him as the author. We didn’t do that knowingly. It was absolutely a mistake in the process of trying to restore customers and our global customer base service. And as soon as we were notified of it, we reverted that change on this specific object in question,” he said.

Vargo says, as for why he took down the open-source components, he was taking a moral stand against the contract, which dates back to the Obama administration. He also explained that he attempted to contact Chef via multiple channels before taking action. “First, I didn’t know about the history of the contract. I found out via a tweet from @shanley and subsequently verified via the USA spending website. I sent a letter and asked Chef publicly via Twitter to respond multiple times, and I was met with silence. I wanted to know how and why code in my personal repositories was being used with ICE. After no reply for 72 hours, I decided to take action,” he said.

Since then, Chef’s CEO Barry Crist has made it clear he was honoring the contract, which Vargo felt further justified his actions. “Contrary to Chef’s CEO’s publicly posted response, I do think it is the responsibility of businesses to evaluate how and for what purposes their software is being used, and to follow their moral compass,” he said.

Vargo has a long career helping build development tools and contributing to open source. He currently works for Google Cloud. Previous positions include HashiCorp and Chef.

Chef CEO says he’ll continue to work with ICE in spite of protests

Chef CEO does an about face, says company will not renew ICE contract

/0 Comments/in /by

After stating clearly on Friday that he would honor a $95,000 contract with ICE, CEO Barry Crist must have had a change of heart over the weekend. In a blog post this morning he wrote that the company would not be renewing the contract with ICE after all.

“After deep introspection and dialog within Chef, we will not renew our current contracts with ICE and CBP when they expire over the next year. Chef will fulfill our full obligations under the current contracts,” Crist wrote in the blog post.

He also backed off the seemingly firm position he took on Friday on the matter when he told TechCrunch, “It’s something that we spent a lot of time on, and I want to represent that there are portions of [our company] that do not agree with this, but I as a leader of the company, along with the executive team, made a decision that we would honor the contracts and those relationships that were formed and work with them over time,” he said.

Today, he acknowledged that intense feelings inside the company against the contract led to his decision. The contract began in 2015 under the Obama administration and was aimed at modernizing programming approaches at DHS, but over time as ICE family separation and deportation polices have come under fire, there were calls internally (and later externally) to end the contract. “Policies such as family separation and detention did not yet exist [when we started this contract]. While I and others privately opposed this and various other related policies, we did not take a position despite the recommendation of many of our employees. I apologize for this,” he wrote.

Crist also indicated that the company would be donating the revenue from the contracts to organizations that work with people who have been affected by these policies. It’s a similar approach that Salesforce took when 618 of its employees protested a contract the company has with the Customs and Border Patrol (CBP). In response to the protests, Salesforce pledged $1 million to organizations helping affected families.

After a tweet last week exposed the contract, the protests began on social media, and culminated in programmer Seth Vargo removing pieces of open-source code from the repository in protest of the contract in response. The company sounded firmly committed to fulfilling this contract in spite of the calls for action internally and externally, and the widespread backlash it was facing both inside and outside the company.

Vargo told TechCrunch in an interview that he saw this issue in moral terms, “Contrary to Chef’s CEO’s publicly posted response, I do think it is the responsibility of businesses to evaluate how and for what purposes their software is being used, and to follow their moral compass,” he said. Apparently Crist has come around to this point of view. Vargo chose not to comment on the latest development.

Programmer who took down open source pieces over Chef ICE contract responds

Facebook has acquired Servicefriend, which builds ‘hybrid’ chatbots, for Calibra customer service

/0 Comments/in /by

As Facebook prepares to launch its new cryptocurrency Libra in 2020, it’s putting the pieces in place to help it run. In one of the latest developments, it has acquired Servicefriend, a startup that built bots — chat clients for messaging apps based on artificial intelligence — to help customer service teams, TechCrunch has confirmed.

The news was first reported in Israel, where Servicefriend is based, after one of its investors, Roberto Singler, alerted local publication The Marker about the deal. We reached out to Ido Arad, one of the co-founders of the company, who referred our questions to a team at Facebook. Facebook then confirmed the acquisition with an Apple-like non-specific statement:

“We acquire smaller tech companies from time to time. We don’t always discuss our plans,” a Facebook spokesperson said.

Several people, including Arad, his co-founder Shahar Ben Ami, and at least one other indicate that they now work at Facebook within the Calibra digital wallet group on their LinkedIn profiles. Their jobs at the social network started this month, meaning this acquisition closed in recent weeks. (Several others indicate that they are still at Servicefriend, meaning they too may have likely made the move as well.)

Although Facebook isn’t specifying what they will be working on, the most obvious area will be in building a bot — or more likely, a network of bots — for the customer service layer for the Calibra digital wallet that Facebook is developing.

Facebook’s plan is to build a range of financial services for people to use Calibra to pay out and receive Libra — for example, to send money to contacts, pay bills, top up their phones, buy things and more.

It remains to be seen just how much people will trust Facebook as a provider of all these. So that is where having “human” and accessible customer service experience will be essential.

“We are here for you,” Calibra notes on its welcome page, where it promises 24-7 support in WhatsApp and Messenger for its users.

Screenshot 2019 09 21 at 23.25.18

Servicefriend has worked on Facebook’s platform in the past: specifically it built “hybrid” bots for Messenger for companies to use to complement teams of humans, to better scale their services on messaging platforms. In one Messenger bot that Servicefriend built for Globe Telecom in the Philippines, it noted that the hybrid bot was able to bring the “agent hours” down to under 20 hours for each 1,000 customer interactions.

Bots have been a relatively problematic area for Facebook. The company launched a personal assistant called M in 2015, and then bots that let users talk to businesses in 2016 on Messenger, with quite some fanfare, although the reality was that nothing really worked as well as promised, and in some cases worked significantly worse than whatever services they aimed to replace.

While AI-based assistants such as Alexa have become synonymous with how a computer can carry on a conversation and provide information to humans, the consensus around bots these days is that the most workable way forward is to build services that complement, rather than completely replace, teams.

For Facebook, getting its customer service on Calibra right can help it build and expand its credibility (note: another area where Servicefriend has build services is in using customer service as a marketing channel). Getting it wrong could mean issues not just with customers, but with partners and possibly regulators.

TechCrunch Disrupt offers plenty of options for attendees with an eye on the enterprise

/0 Comments/in /by

We might have just completed a full-day program devoted completely to enterprise at TechCrunch Sessions: Enterprise last week, but it doesn’t mean we plan to sell that subject short at TechCrunch Disrupt next month in San Francisco. In fact, we have something for everyone from startups to established public companies and everything in between along with investors and industry luminaries to discuss all-things enterprise.

SaaS companies have played a major role in enterprise software over the last decade, and we are offering a full line-up of SaaS company executives to provide you with the benefit of their wisdom. How about Salesforce chairman, co-CEO and co-founder Marc Benioff for starters? Benioff will be offering advice on how to build a socially responsible, successful startup.

If you’re interested in how to take your startup public, we’ll have Box CEO Aaron Levie, who led his company to IPO in 2015 and Jennifer Tejada, CEO at PagerDuty, who did the same just this year. The two executives will discuss the trials and tribulations of the IPO process and what happens after you finally go public.

Meanwhile, Slack co-founder and CTO Cal Henderson, another SaaS company that recently IPOed, will be discussing how to build great products with Megan Quinn from Spark Capital, a Slack investor.

Speaking of investors, Neeraj Agrawal, a general partner at Battery Ventures joins us on a panel with Whitney Bouck, COO at HelloSign and Jyoti Bansal, CEO and founder of Harness (as well as former CEO and co-founder at AppDynamics, which was acquired by Cisco in 2017 for $3.7 billion just before it was supposed to IPO). They will be chatting about what it takes to build a billion dollar SaaS business.

Not enough SaaS for you? How about Diya Jolly, Chief Product Officer at Okta discussing how to iterate your product?

If you’re interested in security, we have Dug Song from Duo, whose company was sold to Cisco in 2018 for $2.35 billion, explaining how to develop a secure startup. We will also welcome Nadav Zafrir from Israeli security incubator Team 8 to talk about the intriguing subject of when spies meet security on our main stage.

You probably want to hear from some enterprise company executives too. That’s why we are bringing Frederic Moll, chief development officer for the digital surgery group at Johnson & Johnson to talk about robots, Marillyn A. Hewson, chairman, president and CEO at Lockheed Martin discussing the space industry and Verizon CEO Hans Vestberg going over the opportunity around 5G.

We’ll also have seasoned enterprise investors, Mamoon Hamid from Kleiner Perkins and Michelle McCarthy from Verizon Ventures, acting as judges at the TechCrunch Disrupt Battlefield competition.

If that’s not enough for you, there will also be enterprise startups involved in the Battlefield and Startup Alley. If you love the enterprise, there’s something for everyone. We hope you can make it.

Still need tickets? You can pick those up right here.

( function() {
var func = function() {
var iframe = document.getElementById(‘wpcom-iframe-661cf9b1b8f85f5aae09b8946cafadba’)
if ( iframe ) {
iframe.onload = function() {
iframe.contentWindow.postMessage( {
‘msg_type’: ‘poll_size’,
‘frame_id’: ‘wpcom-iframe-661cf9b1b8f85f5aae09b8946cafadba’
}, “https://tcprotectedembed.com” );
}
}

// Autosize iframe
var funcSizeResponse = function( e ) {

var origin = document.createElement( ‘a’ );
origin.href = e.origin;

// Verify message origin
if ( ‘tcprotectedembed.com’ !== origin.host )
return;

// Verify message is in a format we expect
if ( ‘object’ !== typeof e.data || undefined === e.data.msg_type )
return;

switch ( e.data.msg_type ) {
case ‘poll_size:response’:
var iframe = document.getElementById( e.data._request.frame_id );

if ( iframe && ” === iframe.width )
iframe.width = ‘100%’;
if ( iframe && ” === iframe.height )
iframe.height = parseInt( e.data.height );

return;
default:
return;
}
}

if ( ‘function’ === typeof window.addEventListener ) {
window.addEventListener( ‘message’, funcSizeResponse, false );
} else if ( ‘function’ === typeof window.attachEvent ) {
window.attachEvent( ‘onmessage’, funcSizeResponse );
}
}
if (document.readyState === ‘complete’) { func.apply(); /* compat for infinite scroll */ }
else if ( document.addEventListener ) { document.addEventListener( ‘DOMContentLoaded’, func, false ); }
else if ( document.attachEvent ) { document.attachEvent( ‘onreadystatechange’, func ); }
} )();

Chef CEO says he’ll continue to work with ICE in spite of protests

/0 Comments/in /by

Yesterday, software development tool maker Chef found itself in the middle of a firestorm after a Tweet called them out for doing business with DHS/ICE. Eventually it led to an influential open-source developer removing a couple of key pieces of software from the project, bringing down some parts of Chef’s commercial business.

Chef intends to fulfill its contract with ICE, in spite of calls to cancel it. In a blog post published this morning, Chef CEO Barry Crist defended the decision. “I do not believe that it is appropriate, practical, or within our mission to examine specific government projects with the purpose of selecting which U.S. agencies we should or should not do business.”

He stood by the company’s decision this afternoon in an interview with TechCrunch, while acknowledging that it was a difficult and emotional decision for everyone involved. “For some portion of the community, and some portion of our company, this is a super, super-charged lightning rod, and this has been very difficult. It’s something that we spent a lot of time on, and I want to represent that there are portions of [our company] that do not agree with this, but I as a leader of the company, along with the executive team, made a decision that we would honor the contracts and those relationships that were formed and work with them over time,” he said.

He added, “I think our challenge as leadership right now is how do we collectively navigate through times like this, and through emotionally-charged issues like the ICE contract.”

The deal with ICE, which is a $95,000-a-year contract for software development tools, dates back to the Obama administration when the then DHS CIO wanted to move the department toward more modern agile/DevOps development workflows, according Christ.

He said for people who might think it’s a purely economic decision, the money represents a fraction of the company’s more than $50 million annual revenue (according to Crunchbase data), but he says it’s about a long-term business arrangement with the government that transcends individual administration policies. “It’s not about the $100,000, it’s about decisions we’ve made to engage the government. And I appreciate that not everyone in our world feels the same way or would make that same decision, but that’s the decision that we made as a leadership team,” Crist said.

Shortly after word of Chef’s ICE contract appeared on Twitter, according to a report in The Register, former Chef employee Seth Vargo removed a couple of key pieces of open-source software from the repository, telling The Register that “software engineers have to operate by some kind of moral compass.” This move brought down part of Chef’s commercial software and it took them 24 hours to get those services fully restored, according to Chef CTO Corey Scobie.

Crist says he wants to be clear that his decision does not mean he supports current ICE policies. “I certainly don’t want to be viewed as I’m taking a strong stand in support of ICE. What we’re taking a strong stand on is our consistency with working with our customers, and again, our work with DHS  started in the previous administration on things that we feel very good about,” he said.

The Good, the Bad and the Ugly in Cybersecurity – Week 38

/0 Comments/in /by

Image of The Good, The Bad & The Ugly in CyberSecurity

The Good

“We have to get over our fear of embracing external experts to help us be secure. We are still carrying cybersecurity procedures from the 1990s.” -Will Roper, Assistant Secretary of the Air Force for acquisition

The US Air Force is quickly changing its philosophy (and reaping great rewards by doing so) by inviting hackers to crack core operational systems and weapons platforms. Initial success was established earlier this year when hackers discovered major mission-critical vulnerabilities in the high-profile F-15 Fighter Jet. This was the first time any outside talent was invited to crack into the TADS and other systems of the aircraft.  The immense success of that event, as well as the success it has found in its bug bounty program and Aviation Village at DefCon, brings us to today’s “The Good:” next up is a satellite in orbit, and the ability for hackers to attack the bird or the ground station control systems, in order to uncover vulnerabilities that an otherwise closed development lifecycle simply won’t.  

The Bad

A report by Marsh and Microsoft, the “2019 Global Cyber Risk Perception Survey,” brings mostly Bad News: Of all business risks, cyber risks outrank all others by 20%, with 79% of respondents saying it is their top risk, even over today’s economic uncertainty during a trade war and inverted yield curves. That’s Bad…if cybersecurity solutions were effective, it would not be a top concern.  But worse, the report shows that confidence in three critical areas of “cyber resilience” declined: 18% said they had no confidence in understanding and assessing cyber risks (up from 9% two years ago), and 19% of leaders had no confidence in preventing cyber threats (up 7% from before). Worst of all, 2 out of 10 respondents said they had no confidence in their organization’s ability to respond and recover from cyber events like ransomware, fast-moving worms, sensitive data breaches, etc.

Question: Of the following business threats, please rank the top 5 that are the biggest concerns to your organization:

Of the following business threats, please rank the top 5 that are the biggest concerns to your organization.

Simply put:  Because legacy controls and a focus on ‘resilience’ over prevention have not been working these last 4-5 years (getting worse in fact), the C-suite is more worried than ever about cyber risk to the business, life/safety, brand/reputation, and mission.  

The Ugly

The same folks that sponsored The Bad were broken by themselves: Microsoft. This time we have a Microsoft patch that broke the ability for Microsoft to perform manual or scheduled Microsoft Defender scans on the Microsoft OS.  But more ironic than that? The patch was needed because Microsoft System File Checker (SFC), which had been broken since early this summer, was flagging internal Microsoft Windows PowerShell files within Microsoft Defender as malformed.  Some in the community point out that Microsoft keeps breaking things when they try to fix them…but they are missing the point: Using Microsoft components that depend on Microsoft components to secure Microsoft components is like asking your foot doctor to perform brain surgery using his foot, upon himself.  It’s never been a good idea. It never will be, and the manifestations of this very bad idea will play out in real life indefinitely, and by design. This is not a philosophical conundrum, this is just the entropy of complex, self-referencing, self-authored, self-conflicted software playing out as it must.

 

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Google is investing $3.3B to build clean data centers in Europe

/0 Comments/in /by

Google announced today that it was investing 3 billion euro (approximately $3.3 billion USD) to expand its data center presence in Europe. What’s more, the company pledged the data centers would be environmentally friendly.

This new investment is in addition to the $7 billion the company has invested since 2007 in the EU, but today’s announcement was focused on Google’s commitment to building data centers running on clean energy, as much as the data centers themselves.

In a blog post announcing the new investment, CEO Sundar Pichai, made it clear that the company was focusing on running these data centers on carbon-free fuels, pointing out that he was in Finland today to discuss building sustainable economic development in conjunction with a carbon-free future with prime minister Antti Rinne.

Of the 3 billion Euros, the company plans to spend, it will invest 600 million to expand its presence in Hamina, Finland, which he wrote “serves as a model of sustainability and energy efficiency for all of our data centers.” Further, the company already announced 18 new renewable energy deals earlier this week, which encompass a total of 1,600-megawatts in the US, South America and Europe.

In the blog post, Pichai outlined how the new data center projects in Europe would include some of these previously announced projects:

Today I’m announcing that nearly half of the megawatts produced will be here in Europe, through the launch of 10 renewable energy projects. These agreements will spur the construction of more than 1 billion euros in new energy infrastructure in the EU, ranging from a new offshore wind project in Belgium, to five solar energy projects in Denmark, and two wind energy projects in Sweden. In Finland, we are committing to two new wind energy projects that will more than double our renewable energy capacity in the country, and ensure we continue to match almost all of the electricity consumption at our Finnish data center with local carbon-free sources, even as we grow our operations.

The company is also helping by investing in new skills training, so people can have the tools to be able to handle the new types of jobs these data centers and other high tech jobs will require. The company claims it has previously trained 5 million people in Europe for free in crucial digital skills, and recently opened a Google skills hub in Helsinki.

It’s obviously not a coincidence that company is making an announcement related to clean energy on Global Climate Strike Day, a day when people from around the world are walking out of schools and off their jobs to encourage world leaders and businesses to take action on the climate crisis. Google is attempting to answer the call with these announcements.

Google announces 18 new renewable energy deals