Fintech startup SellersFunding raises $166.5M in equity, credit round to support e-commerce sellers

SellersFunding secured $166.5 million in a combination of Series A equity funding and a credit facility to continue developing its technology and payments platforms for e-commerce businesses.

Northzone led the round and was joined by Endeavor Catalyst and Fasanara. SellersFunding CEO Ricardo Pero did not disclose the funding breakdown, but did say the company previously raised two seed rounds for a total of $40 million in equity and more than $100 million in credit facilities, including one that the company was expanding to $200 million.

SellersFunding, with offices in Florida, New York and London, created a digital platform that delivers financial tools and resources to streamline global commerce for thousands of marketplaces, including working capital, cross-border cash management, tax solutions and business valuation.

Pero got the idea for the company after spending 20 years in the financial industry. He left JP Morgan in 2016 with a drive to start his own company. He was consulting for a friend selling on Amazon who asked him to help make sense of Amazon’s fees and to review the next year’s budget because the friend was struggling to keep up with growth.

“I helped him address the fees issue, but when I went to talk to traditional lenders, I found that they have no clue about e-commerce and the needs of SMEs,” he said.

In addition to being a lending source for businesses selling on these marketplaces, SellersFunding leverages sales data provided by the marketplaces and e-commerce platforms to create sales and cash flow estimates based on the credit limits given to clients so that owners can better understand the fees they are paying and make more informed decisions.

He founded the company in 2017, and today has over 30,000 registered users and is approaching $10 billion in sales volume that is feeding data into SellersFunding’s daily models. The company makes money as both a lender and on fees it charges for payments collected by its customers. Merchants can collect money from marketplaces and pay their suppliers in local or foreign currency.

SellersFunding has consistently grown 300% year over year, Pero said. As such, he intends to use the new funding to scale globally, expand the team, create a marketing budget and look for two small acquisitions in the U.S. and Europe.

The company will continue to invest on the payments side and to promote cross-border payments.

“When I look at the payments landscape, companies are competing on pricing and I don’t think we will ever have a focus there, but instead will compete on customer experience,” Pero added. “Our core business will always be lending and our core investments will be payments and technology, but then we will extend to other services that our clients want.”

With an eye on expanding internationally, it fit to bring on Northzone as a partner, he added. The venture firm is based in Europe and was of a similar vision for thinking globally.

Jeppe Zink, general partner at Northzone, said via email that Pero and his team “are the most experienced in this category” and are building a category leader that is “more experienced and understanding of the lending side than its competitors.”

“We have seen this massive rise in e-shopping, most of the new ones coming from marketplaces like Amazon and Shopify, and if you look at the sellers, thousands are small businesses sourcing their goods which means that they are very important customers,” Zink added. “Normal banks like Barclay can’t check credit. SellersFinding is helping small businesses get this credit, and rightly so. In the same way we thought neobanks won with accounts created when it comes to delivering credit and banking products, they are nowhere to be found yet.”

EverAfter closes $13M to help companies ride off into the sunset with their customers

EverAfter secured $13 million in seed funding to continue developing its no-code customer-facing tool that streamlines onboarding and retention and enables business-to-business clients to embed personalized customer portals within any product.

The Tel Aviv-based company was founded in 2020 by Noa Danon and Tal Shemesh. CEO Danon, who comes from a project management background, said they saw a disconnect between the user and product experience.

The company’s name, EverAfter, comes from the concept that in SaaS companies, someone has to be in charge of the “EverAfter,” with customers, even as the relationship changes, Danon told TechCrunch.

Via its no-code platform, customer success teams are able to build a website in weeks using drop-and-drag widgets like training materials, timelines, task management and meeting summaries, and then configure what each user sees. Then there is a snippet of code that is embedded into the product.

EverAfter also integrates with existing customer relationship management, project management and service ticket tools, while also updating Salesforce and HubSpot directly through an interface.

“It’s like the customer owns a piece of real estate inside the product,” Danon said.

TLV Partners and Vertex Ventures co-led the round and were joined by angel investors Benny Shneider, Zohar Gilon and Amit Gilon.

Yanai Oron, general partner at Vertex Ventures, said he is seeing best-in-breed companies try to solve customer churn or improve the relationship process on their own and failing, which speaks to the complexity of the problem.

Startups in this space are coming online and raising money, but with EverAfter, they are differentiating themselves by not only putting a dashboard on their product, but launching with the capabilities to manage thousands of customers using the product, he added.

“I’ve been tracking the customer success space over the past few years, and it is a growing field with the least sophisticated tools,” Oron said. “During COVID, companies realized it was easier to retain customers rather than get new ones. We are all used to more self-service and wanting to get the answer ourselves, and customers are the same. Companies also started to be more at ease in letting customers develop things on their own and leave R&D departments to do other things.”

Clients include Taboola, AppsFlyer and Verbit, with Verbit reporting its company’s customer success managers save 10 hours a week managing ongoing customer communication by using EverAfter, Danon added. This comes as CallMiner reports that unplanned customer churn costs companies $35.3 billion in the U.S. alone.

EverAfter offers both customer success and partner management software and clients can choose a high-touch service or kits and templates for self-service.

The new funding will enable the company to focus on integration and expansion into additional use cases. Since being founded, EverAfter has grown to 20 employees and 30 customers. The founders also want to utilize the data they are collecting on what works and doesn’t work for each customer.

“There are so many interesting things that happen between companies and customers, from onboarding to business reviews, and we are going to expand on those,” Danon said. “We want to be the first thing companies put inside their product to figure out the relationship between customers and customer success teams and managers.”

 

LinkedIn launches a $25M fund for creators, will test Clubhouse-style audio feature in coming weeks

When LinkedIn first launched Stories format, and later expanded its tools for creators earlier this year, one noticeable detail was that the Microsoft-owned network for professionals hadn’t built any kind of obvious monetization into the program — noticeable, given that creators earn a living on other platforms like Instagram, YouTube and TikTok, and those apps had lured creators, their content and their audiences in part by paying out.

“As we continue to listen to feedback from our members as we consider future opportunities, we’ll also continue to evolve how we create more value for our creators,” is how LinkedIn explained its holding pattern on payouts to me at the time. But that strategy may have backfired for the company — or at least may have played a role in what came next: last month, LinkedIn announced it would be scrapping its Stories format and going back to the proverbial drawing board to work on other short-form video content for the platform.

Now comes the latest iteration in that effort. To bring more creators to the platform, the company today announced that it would be launching a new $25 million creator fund, which initially will be focused around a new Creator Accelerator Program.

It’s coming on the heels of LinkedIn also continuing to work on one of its other new-content experiments: a Clubhouse-style live conversation platform. As we previously reported, LinkedIn began working on this back in March of this year. Now, we are hearing that the feature will make an appearance as part of a broader events strategy for the company very soon.

“We’ll be starting to test audio with a small pilot group in the coming weeks,” said Chris Szeto, senior director of product at LinkedIn, who heads up its audio efforts. “Given the trends in virtual, hybrid events we are also working on making audio part of our overall event strategy rather than a standalone offering, so that we can give people more choice about how they want to run and engage with their audiences.”

Notably, in a blog post announcing the creator fund, LinkedIn also listed a number of creator events coming up. Will the Clubhouse-style feature pop up there? Watch this space. Or maybe… listen up.

In any case, the creator accelerator that LinkedIn is announcing today could help feed into that wider pool of people that LinkedIn is hoping to cultivate on its platform as a more dynamic and lively set of voices to get more people talking and spending time on LinkedIn.

Andrei Santalo, global head of community at LinkedIn, noted in the blog post that the accelerator/incubator will be focused on the whole creator and the many ways that one can engage on LinkedIn.

“Creating content on LinkedIn is about creating opportunity, for yourselves and others,” he writes. “How can your words, videos and conversations make 774+ million professionals better at what they do or help them see the world in new ways?”

The incubator will last for 10 weeks and will take on 100 creators in the U.S. to coach them on building content for LinkedIn. It will also give them chances to network with like-minded individuals (naturally… it is LinkedIn), as well as a $15,000 grant to do their work. The deadline for applying (which you do here) is October 12.

The idea of starting a fund to incentivize creators to build video for a particular platform is definitely not new — and that is one reason why it was overdue for LinkedIn to think about its own approach.

Leading social media platforms like TikTok, Snapchat, Instagram and Facebook and YouTube all have announced hundreds of millions of dollars in payouts in the form of creator funds to bring more original content to their platforms.

You could argue that for mass-market social media sites, it’s important to pay creators because competition is so fierce among them for consumer attention.

But on the other hand, those platforms have appeal for creators because of the potential audience size. At 774 million users, LinkedIn isn’t exactly small, but the kind of content that tends to live on there is so different, and maybe drier — it’s focused on professional development, work and “serious” topics — that perhaps it might need the most financial incentive of all to get creators to bite.

LinkedIn’s bread and butter up to now has been around professional development: people use it to look for work, to get better jobs, to hire people, and to connect with people who might help them get ahead in their professional lives.

But it’s done so in a very prescribed set of formats that do not leave much room for exploring “authenticity” — not in the modern sense of “authentic self”, and not in the more old-school sense of just letting down your guard and being yourself. (Even relatively newer initiatives like its education focus directly play into this bigger framework.)

With authenticity becoming an increasing priority for people — and maybe more so as we have started to blur the lines between work and home because of COVID-19 and the changes that it has forced on us — I can’t help but wonder whether LinkedIn will use this opportunity to rethink, or at least expand the concept of, what it means to spend time on its platform.

Trade promotion management startup Cresicor raises $5.6M to keep tabs on customer spend

Cresicor, a consumer packaged goods trade management platform startup, raised $5.6 million in seed funding to further develop its tools for more accurate data and analytics.

The company, based remotely, focuses on small to midsize CPG companies, providing them with an automated way to manage their trade promotion, a process co-founder and CEO Alexander Whatley said is done primarily manually using spreadsheets.

Here’s what happens in a trade promotion: When a company wants to run a discount on one of their slower-selling items, the company has to spend money to do this — to have displays set up in a store or have that item on a certain shelf. If it works, more people will buy the item at the lower price point. Essentially, a trade promotion is the process of spending money to get more money in the future, Whatley told TechCrunch.

Figuring out all of the trade promotions is a complicated process, Whatley explained. Companies receive data feeds on the promotions from several different places, revenue data from retailers, accounting source data to show how many units were shipped and then maybe data directly from retailers. All of that has to be matched against the promotion.

“No API is bringing this data back to brands, so our software helps to automate and track these manual processes so companies can do analytics to see how the promotions are doing,” he added. “It also helps the finance team understand expenses, including which are valid and those that are not.”

What certain companies spend on trade promotions can represent their second-largest cost behind manufacturing, and companies often end up reinvesting between 20% and 30% of their revenue into trade promotions, Whatley said. This is a big market, representing untapped growth, especially with U.S. CPG sales topping $720 billion in 2020.

“You can see how messy the whole industry is, which is why we have a bright future and huge TAM,” he added. “With this new funding, we can target other parts of the P&L like supply chain and salaries. We also provide analytics for their strategy and where they should be spending it — which store, on which supply. By allocating resources the right way, companies typically see a 10% boost in sales as a result.”

Whatley started the company in 2017 with his brother, Daniel, Stuart Kennedy and Nikki McNeil while a Harvard undergrad. Since raising the funding back in February, the company has grown 2.5x in revenue, while employee headcount grew 4x over the past 12 months to 20.

Costanoa Ventures led the investment and was joined by Torch Capital and a group of angel investors including Fivestars CTO Matt Doka and Hu’s Kitchen CEO Mark Ramadan.

John Cowgill, partner at Costanoa, said though Cresicor raised a seed round, the company was already acquiring brands and capital before releasing a product and grew to almost a Series A company without any outside capital, saying it “blew me away.”

Cresicor is the “perfect example” of a company that Costanoa would get excited about — a vertical software company using data or machine learning to augment a pain point, Cowgill added.

“The CPG industry is in the middle of a rapid change where we see all of these emerging, digital native and mission-driven brands rapidly eating share from incumbents,” he added. “For the next generation of brands to compete, they have to win in trade promotion management. Cresicor’s opportunity to go beyond trade is significant. It is just a starting point to build a company that is the core enabler of great brands.”

The new funding will be used mainly to hire more talent in the areas of engineering and customer success so the company can hit its next benchmarks, Alexander Whatley said. He also intends to use the funding to acquire new brands and on software development. Cresicor boasts a list of customers including Perfect Snacks, Oatly and Hint Water.

The retail industry is valued at $5.5 trillion, and one-fifth of it is CPG, Whatley said. As a result, he has his eye on going after other verticals within CPG, like electronics and pet food, and then expanding into other areas.

“We are also going to work with enterprise companies — we see an opportunity to work with companies like P&G and General Mills, and we also want to build an ecosystem around trade promotion and launch into other profit and loss areas,” Whatley said.

MarginEdge, a restaurant management software company, raises $18M

MarginEdge announced Monday it raised $18 million in Series B funding to give restaurant operators a real-time view into their costs.

Co-founder and CEO Bo Davis founded the company with Roy Phillips and Brian Mills in 2015. Both Davis and Phillips are veterans of the restaurant industry: Davis was previously the founder of conveyor belt sushi restaurant chain Wasabi, while Phillips was an executive at Bloomin Brands.

What they recognized with independent restaurants was that they struggled with workflow like invoices and tracking food costs and were either building internal tools to help them stay on top of things or were still operating with pen and paper or spreadsheets.

“We focused on building something our friends would like,” Davis told TechCrunch. “We spent three years on the product and worked with 20 restaurants to use the software and focus on getting it right instead of rushing to market.”

MarginEdge’s tool is a restaurant management app that works with a business’ point of sale to streamline inventory, cost-tracking, ordering and recipes to eliminate the paperwork. It also captures all invoices, receipts or bills and converts them to line-item details within 24 hours. It is designed for independent restaurant owners that have under 50 units, Davis said.

Since launching its app in 2018, the Virginia-based company is seeing its platform used in over 2,500 restaurants. It raised a Series A in 2019, then an A2 in 2020 and with the latest round, led by Schooner, has raised $25 million in total.

IGC Hospitality, which operates restaurant properties, is not only an investor, but is also a customer, said Jeffrey Brosi, founder and managing partner. The company was using some different technology platforms to manage inventory and sales, but was looking for something to manage its whole inventory process.

“Bo came in and did a presentation, and it was amazing,” Brosi added. “The biggest thing for us is [being] user friendly. MarginEdge also has great customer service. We’ve invested in a few companies in the hospitality industry, and know the pain points and what we want to fix. If it makes sense financially, we will invest. This was one pain point that we didn’t have, and Bo filled that void.”

Like all restaurants over the past 18 months, Davis said the global pandemic caused MarginEdge to step back and evaluate. Despite many restaurants going out of business, he credits his business taking off again to restaurants rethinking their processes.

“We were lucky enough to be in a good position with capital that we could keep our team,” he added. “Revenue decreased for the first time, but we grew 45% even with COVID and as of Q1 was seeing 200% annual growth.”

MarginEdge has over 400 employees and its platform processes 45,000 invoices a week. Davis intends to invest the new funding in building out the leadership team, product development, building new features for the back office and on data science, an area he just received an advanced degree in, he said.

The company is using benchmark data around sales, food costs and labor costs and would like to provide more insights to its customers as it relates to inflation, which affects all of those aspects, and as a result, the menu prices.

“A lot of it is using data to understand menu pricing and what other people are doing so you are not pricing yourself out of the market or operating on margins where you can’t survive,” Davis added. “It will be all about predicting rather than reporting. The two things in the kitchen that are hardest are the startup prep list and the inventory late at night, and we make both easier.”

3 keys to pricing early-stage SaaS products

I’ve met hundreds of founders over the years, and most, particularly early-stage founders, share one common go-to-market gripe: Pricing.

For enterprise software, traditional pricing methods like per-seat models are often easier to figure out for products that are hyperspecific, especially those used by people in essentially the same way, such as Zoom or Slack. However, it’s a different ballgame for startups that offer services or products that are more complex.

Most startups struggle with a per-seat model because their products, unlike Zoom and Slack, are used in a litany of ways. Salesforce, for example, employs regular seat licenses and admin licenses — customers can opt for lower pricing for solutions that have low-usage parts — while other products are priced based on negotiation as part of annual renewals.

You may have a strong champion in a CIO you’re selling to or a very friendly person handling procurement, but it won’t matter if the pricing can’t be easily explained and understood. Complicated or unclear pricing adds more friction.

Early pricing discussions should center around the buyer’s perspective and the value the product creates for them. It’s important for founders to think about the output and the outcome, and a number they can reasonably defend to customers moving forward. Of course, self-evaluation is hard, especially when you’re asking someone else to pay you for something you’ve created.

This process will take time, so here are three tips to smoothen the ride.

Pricing is a journey

Pricing is not a fixed exercise. The enterprise software business involves a lot of intangible aspects, and a software product’s perceived value, quality, and user experience can be highly variable.

The pricing journey is long and, despite what some founders might think, jumping headfirst into customer acquisition isn’t the first stop. Instead, step one is making sure you have a fully fledged product.

If you’re a late-seed or Series A company, you’re focused on landing those first 10-20 customers and racking up some wins to showcase in your investor and board deck. But when you grow your organization to the point where the CEO isn’t the only person selling, you’ll want to have your go-to-market position figured out.

Many startups fall into the trap of thinking: “We need to figure out what pricing looks like, so let’s ask 50 hypothetical customers how much they would pay for a solution like ours.” I don’t agree with this approach, because the product hasn’t been finalized yet. You haven’t figured out product-market fit or product messaging and you want to spend a lot of time and energy on pricing? Sure, revenue is important, but you should focus on finding the path to accruing revenue versus finding a strict pricing model.

The Good, the Bad and the Ugly in Cybersecurity – Week 37

The Good

Cyber grave robbing, sadly, is not a new crime. Identity thieves are known to scour obituaries looking for information that can be used in bank account takeovers. However, after the appalling collapse of Champlain Towers South condo in Surfside, Florida a few months ago, many were shocked by the report that cyber grave robbers were stealing the identities of victims of the Surfside tragedy. The good news this week is that authorities have arrested four individuals in connection with the reported cyber crimes.

Nelson Garcia-Medina’s arrest followed that of his sister and two other individuals. The gang are accused of stealing identities of at least five deceased and two surviving victims of the collapse. Police also said that Medina’s sister was recorded posing as someone who survived the collapse and seeking a replacement credit card.

Source

Law enforcement have been on the trail of the suspects since June and say that their IDs, car registrations and addresses were all fake, describing the gang as “professional crooks”. Searching the premises of the accused, police found credit card-making equipment, blank checks, birth certificates and credit cards in the names of Surfside victims. The gang could face 15 to 30 years in prison if convicted. Local Mayor Charles Burkett said “Today they got what they deserved, and we’re all much happier for it”. The investigation continues as police widen the hunt for other possible co-conspirators and victims.

The Bad

Two weeks ago, we reported on ChaosDB, a critical vulnerability in the Azure cloud platform that allows for remote account takeover of Cosmos DB instances. That flaw was quickly plugged, but this week Microsoft revealed details of another Azure-related flaw that could allow an attacker to execute malicious code on other users’ Azure containers.

Researchers described an attack that could allow a malicious Azure tenant to gain admin privileges over multitenant Kubernetes clusters hosting Azure Container Instances (ACI), Microsoft Azure’s Container-as-a-Service (CaaS) offering. As the researchers described it, the vulnerability could allow one user of a public cloud service to break out of their environment and execute code on environments of other users in the same public cloud service.

Source

While there is no evidence that this attack has been used in the wild, anyone running containers on ACI that were deployed prior to Aug 31, 2021 is advised to revoke privileged credentials and check access logs for suspicious activity. Microsoft patched the flaw prior to publication of the research.

This and the ChaosDB bug are good reminders that despite the effort cloud service providers put into the security of their offerings, enterprises need to ensure they have security tools that can protect Kubernetes and cloud workloads with the same kind of defense-in-depth approach they are used to taking with traditional endpoints.

The Ugly

It has been a particularly ugly week in the world of ransomware, with hits taken by various public sector organizations including health, education, and government. On top of that, SentinelLabs has also seen a worrying new tactic being employed by at least one ransomware operator that could well become a standard approach.

Desert Wells Family Medicine was hit in yet another critical infrastructure attack focusing on health services as long ago as May and is still struggling to get services back online. However, it has only this week come to light that the attacker both stole patient data and corrupted the Arizona clinic’s backup of 35,000 patient records.

Meanwhile, Washington DC’s Howard University cancelled classes, stood down its campus wifi and went into a “heightened security” posture after being hit by a ransomware attack beginning last Friday. The University said on Tuesday that it was in contact with the D.C. city government and the FBI in its attempts to deal with the attack.

The ransomware problem isn’t unique to the U.S., of course. The South African Department of Justice said Monday that it was also victim of an attack that affected its offices and courts around the country. All network-based services remained offline at the time of writing.

In what could be a worrying development for organizations seeking to engage professional help with ransomware attackers, SentinelLabs observed that ransomware operator Ragnar_Locker has threatened to punish victims faster if they use negotiators.

Source: SentinelLabs

While the attempt to convince victims that negotiators are not acting in good faith should be taken with a large pinch of salt, it remains the case that this new scare tactic piles further pressure on victims to accede to the attacker’s demands. Once they have achieved initial access, ransomware gangs have a growing array of tools and techniques with which to leverage payment from victims, along with plenty of incentive. As the old adage goes, an ounce of prevention is worth a pound of cure.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Amagi tunes into $100M for cloud-based video content creation, monetization

Media technology company Amagi announced Friday $100 million to further develop its cloud-based SaaS technology for broadcast and connected televisions.

Accel, Avataar Ventures and Norwest Venture Partners joined existing investor Premji Invest in the funding round, which included buying out stakes held by Emerald Media and Mayfield Fund. Nadathur Holdings continues as an existing investor. The latest round gives Amagi total funding raised to date of $150 million, Baskar Subramanian, co-founder and CEO of Amagi, told TechCrunch.

Bangalore-based Amagi provides cloud broadcast and targeted advertising software so that customers can create content that can be created and monetized to be distributed via broadcast TV and streaming TV platforms like The Roku Channel, Samsung TV Plus and Pluto TV. The company already supports more than 2,000 channels on its platform across over 40 countries.

“Video is a complex technology to manage — there are large files and a lot of computing,” Subramanian said. “What Amagi does is enable a content owner with zero technology knowledge to simplify that complex workflow and scalable infrastructure. We want to make it easy to plug in and start targeting and monetizing advertising.”

As a result, Amagi customers see operational cost savings on average of up to 40% compared to traditional delivery models and their ad impressions grow between five and 10 times.

The new funding comes at a time when the company is experiencing rapid growth. For example, Amagi grew 30 times in the United States alone over the past few years, Subramanian said. Amagi commands an audience of over 2 billion people, and the U.S. is its largest market. The company also sees growth potential in both Latin America and Europe.

In addition, in the last year, revenue grew 136%, while new customer year over year growth was 44%, including NBCUniversal — Subramanian said the Tokyo Olympics were run on Amagi’s platform for NBC, USA Today and ABS-CBN.

As more of a shift happens with video content being developed for connected television experiences, which he said is a $50 billion market, the company plans to use the new funding for sales expansion, R&D to invest in the company’s product pipeline and potential M&A opportunities. The company has not made any acquisitions yet, Subramanian added.

In addition to the broadcast operations in New Delhi, Amagi also has an innovation center in Bangalore and offices in New York, Los Angeles and London.

“Consumer behavior and infrastructure needs have reached a critical mass and new companies are bringing in the next generation of media, and we are a large part of that growth,” Subramanian said. “Sports will come on quicker, while live news and events are going to be one of the biggest growth areas.”

Shekhar Kirani, partner at Accel, said Amagi is taking a unique approach to enterprise SaaS due to that $50 billion industry shift happening in video content, where he sees half of the spend moving to connected television platforms quickly.

Some of the legacy players like Viacom and NBCUniversal created their own streaming platforms, where Netflix and Amazon have also been leading, but not many SaaS companies are enabling the transition, he said.

When Kirani met Subramanian five years ago, Amagi was already well funded, but Kirani was excited about the platform and wanted to help the company scale. He believes the company has a long tailwind because it is saving people time and enabling new content providers to move faster to get their content distributed.

“Amagi is creating a new category and will grow fast,” Kirani added. “They are already growing and doubling each year with phenomenal SaaS metrics because they are helping content providers to connect to any audience.

 

DataRobot CEO Dan Wright coming to TC Sessions: SaaS to discuss role of data in machine learning

Just about every company is sitting on vast amounts of data, which they can use to their advantage if they can just learn how to harness it. Data is actually the fuel for machine learning models, and with the proper tools, businesses can learn to process this data and build models to help them compete in a rapidly changing marketplace, to react more quickly to shifting customer requirements and to find insights faster than any human ever possibly could.

Boston-based DataRobot, a late-stage startup that has built a platform to help companies navigate the machine learning model lifecycle, has been raising money by the bushel over the last several years, including $206 million in September 2019 and another $300 million in July. DataRobot CEO Dan Wright will be joining us on a panel to discuss the role of data in business at TC Sessions: SaaS on October 27th.

The company covers the gamut of the machine learning lifecycle, including preparing data, operationalizing it and finally building APIs to make it useful for the organization as it attempts to build a soup-to-nuts platform. DataRobot’s broad platform approach has appealed to investors.

As we wrote at the time of the $206 million round:

The company has been catching the attention of these investors by offering a machine learning platform aimed at analysts, developers and data scientists to help build predictive models much more quickly than it typically takes using traditional methodologies. Once built, the company provides a way to deliver the model in the form of an API, simplifying deployment.

DataRobot has raised a total of $1 billion on $6.3 billion post valuation, according to PitchBook data, and it’s been putting that money to work to add to its platform of services. Most recently the company acquired Algorithmia, which helps manage machine learning models.

As the pandemic has pushed more business online, companies are always looking for an edge, and one way to achieve that is by taking advantage of AI and machine learning. Wright will be joined on the data panel by Monte Carlo co-founder and CEO Barr Moses and AgentSync co-founder and CTO Jenn Knight to discuss the growing role of data in business operations

In addition to our discussion with Wright, the conference will also include Microsoft’s Jared Spataro, Amplitude’s Olivia Rose, as well as investors Kobie Fuller and Laela Sturdy, among others. We hope you’ll join us. It’s going to be a thought-provoking lineup.

Buy your pass now to save up to $100. We can’t wait to see you in October!

( function() {
var func = function() {
var iframe = document.getElementById(‘wpcom-iframe-7210e537455a08d11092ef6fb981afaf’)
if ( iframe ) {
iframe.onload = function() {
iframe.contentWindow.postMessage( {
‘msg_type’: ‘poll_size’,
‘frame_id’: ‘wpcom-iframe-7210e537455a08d11092ef6fb981afaf’
}, “https://tcprotectedembed.com” );
}
}

// Autosize iframe
var funcSizeResponse = function( e ) {

var origin = document.createElement( ‘a’ );
origin.href = e.origin;

// Verify message origin
if ( ‘tcprotectedembed.com’ !== origin.host )
return;

// Verify message is in a format we expect
if ( ‘object’ !== typeof e.data || undefined === e.data.msg_type )
return;

switch ( e.data.msg_type ) {
case ‘poll_size:response’:
var iframe = document.getElementById( e.data._request.frame_id );

if ( iframe && ” === iframe.width )
iframe.width = ‘100%’;
if ( iframe && ” === iframe.height )
iframe.height = parseInt( e.data.height );

return;
default:
return;
}
}

if ( ‘function’ === typeof window.addEventListener ) {
window.addEventListener( ‘message’, funcSizeResponse, false );
} else if ( ‘function’ === typeof window.attachEvent ) {
window.attachEvent( ‘onmessage’, funcSizeResponse );
}
}
if (document.readyState === ‘complete’) { func.apply(); /* compat for infinite scroll */ }
else if ( document.addEventListener ) { document.addEventListener( ‘DOMContentLoaded’, func, false ); }
else if ( document.attachEvent ) { document.attachEvent( ‘onreadystatechange’, func ); }
} )();

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “Meris,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer.

Cloudflare recently wrote about its attack, which clocked in at 17.2 million bogus requests-per-second. To put that in perspective, Cloudflare serves over 25 million HTTP requests per second on average.

In its Aug. 19 writeup, Cloudflare neglected to assign a name to the botnet behind the attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021.

Qrator says Meris has launched even bigger attacks since: A titanic and ongoing DDoS that hit Russian Internet search giant Yandex last week is estimated to have been launched by roughly 250,000 malware-infected devices globally, sending 21.8 million bogus requests-per-second.

While last night’s Meris attack on this site was far smaller than the recent Cloudflare DDoS, it was far larger than the Mirai DDoS attack in 2016 that held KrebsOnSecurity offline for nearly four days. The traffic deluge from Thursday’s attack on this site was was more than four times what Mirai threw at this site five years ago. This latest attack involved more than two million requests-per-second. By comparison, the 2016 Mirai DDoS generated approximately 450,000 requests-per-second.

According to Qrator, which is working with Yandex on combating the attack, Meris appears to be made up of Internet routers produced by MikroTik. Qrator says the United States is home to the most number of MikroTik routers that are potentially vulnerable to compromise by Meris — with more than 42 percent of the world’s MikroTik systems connected to the Internet (followed by China — 18.9 percent– and a long tail of one- and two-percent countries).

The darker areas indicate larger concentrations of potentially vulnerable MikroTik routers. Qrator says there are about 328,000 MikroTik devices currently responding to requests from the Internet. Image: Qrator.

It’s not immediately clear which security vulnerabilities led to these estimated 250,000 MikroTik routers getting hacked by Meris.

“The spectrum of RouterOS versions we see across this botnet varies from years old to recent,” the company wrote. “The largest share belongs to the version of firmware previous to the current stable one.”

Qrator’s breakdown of Meris-infected MikroTik devices by operating system version.

It’s fitting that Meris would rear its head on the five-year anniversary of the emergence of Mirai, an IoT botnet strain that was engineered to out-compete all other IoT botnet strains at the time. Mirai was extremely successful at crowding out this competition, and quickly grew to infect tens of thousands of IoT devices made by dozens of manufacturers.

And then its co-authors decided to leak the Mirai source code, which led to the proliferation of dozens of Mirai variants, many of which continue to operate today.

The biggest contributor to the IoT botnet problem — a plethora of companies white-labeling IoT devices that were never designed with security in mind and are often shipped to the customer in default-insecure states — hasn’t changed much, mainly because these devices tend to be far cheaper than more secure alternatives.

The good news is that over the past five years, large Internet infrastructure companies like Akamai, Cloudflare and Google (which protects this site with its Project Shield initiative) have heavily invested in ramping up their ability to withstand these outsized attacks [full disclosure: Akamai is an advertiser on this site].

More importantly, the Internet community at large has gotten better at putting their heads together to fight DDoS attacks, by disrupting the infrastructure abused by these enormous IoT botnets, said Richard Clayton, director of Cambridge University’s Cybercrime Centre.

“It would be fair to say we’re currently concerned about a couple of botnets which are larger than we have seen for some time,” Clayton said. “But equally, you never know they may peter out. There are a lot of people who spend their time trying to make sure these things are hard to keep stable. So there are people out there defending us all.”