Microsoft: Attackers Exploiting Windows Zero-Day Flaw

Microsoft Corp. warns that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.

According to a security advisory from Redmond, the security hole CVE-2021-40444 affects the “MSHTML” component of Internet Explorer (IE) on Windows 10 and many Windows Server versions. IE been slowly abandoned for more recent Windows browsers like Edge, but the same vulnerable component also is used by Microsoft Office applications for rendering web-based content.

“An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine,” Microsoft wrote. “The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

Microsoft has not yet released a patch for CVE-2021-40444, but says users can mitigate the threat from this flaw by disabling the installation of all ActiveX controls in IE. Microsoft says the vulnerability is currently being used in targeted attacks, although its advisory credits three different entities with reporting the flaw.

On of the researchers credited — EXPMONsaid on Twitter that it had reproduced the attack on the latest Office 2019 / Office 365 on Windows 10.

“The exploit uses logical flaws so the exploitation is perfectly reliable (& dangerous),” EXPMON tweeted.

Windows users could see an official fix for the bug as soon as September 14, when Microsoft is slated to release its monthly “Patch Tuesday” bundle of security updates.

This year has been a tough one for Windows users and so-called “zero day” threats, which refers to vulnerabilities that are not patched by current versions of the software in question, and are being actively exploited to break into vulnerable computers.

Virtually every month in 2021 so far, Microsoft has been forced to respond to zero-day threats targeting huge swaths of its user base. In fact, by my count May was the only month so far this year that Microsoft didn’t release a patch to fix at least one zero-day attack in Windows or supported software.

Many of those zero-days involve older Microsoft technologies or those that have been retired, like IE11; Microsoft officially retired support for Microsoft Office 365 apps and services on IE11 last month. In July, Microsoft rushed out a fix for the Print Nightmare vulnerability that was present in every supported version of Windows, only to see the patch cause problems for a number of Windows users.

On June’s Patch Tuesday, Microsoft addressed six zero-day security holes. And of course in March, hundreds of thousands of organizations running Microsoft Exchange email servers found those systems compromised with backdoors thanks to four zero-day flaws in Exchange.

Introducing the Cyber Chat Podcast with Thom Langford

“Do a podcast” they said. “But not just a regular podcast, they’re boring. Make it really interesting, with charismatic guests, tackling current cyber topics. Easy!”

Easy, indeed.

After production issues, name changes, disappearing guests, cutting compelling content, format changes, regular doses of technical issues and a long gestation period, it’s finally going live. And I couldn’t be more thrilled with the result, wholly because of the wonderful friends and colleagues I was able to chat with for the making of this series. They were so good in fact, that we decided to optimistically rename these six episodes as “Season One” of the CyberChat podcast. Next time, we might even do it with video.

So what is it all about, then? Well, my main goal was to highlight not just the more well-known characters in this industry, but also the folks who are working so very, very hard to create community events, spread awareness and share knowledge for the greater good of the broader infosec community. These are the people that really do make a difference, and I have no doubt that each and every one of you will have learnt something from them at some point in the past, so wide and varied is their experience.

And it was so much fun to do as well. I am at that stage of my life now where if I am not having fun doing something I won’t do it, so to say recording this series was a highlight of my current job would be an understatement. My guests are charming, erudite, intelligent, informed, and above all funny; each conversation was the very definition of a “pub chat”, making each episode an easy but informative listen. The intelligence and infosec knowledge of each of my guests is also without question, and with the exception of Episode 6, I was definitely not the smartest person in the room.

Take a look at what we have in store for you over the coming weeks:

Episode 1 – Brian Honan


It’s one thing to own and run a successful and renowned cybersecurity consultancy, It’s another to also be an internationally acclaimed speaker, author, and founder of Ireland’s Computer Emergency Response Team (CERT). We discuss Brian’s work in the industry, what motivates him, and the importance of supporting initiatives like community infosec events and the Irish CERT.

Episode 2 – Jim Shields


Jim built a reputation making the pioneering infosec sitcom Restricted Intelligence, the award-winning educational infosec series aimed at corporates. It made awareness training engaging, fun, and above all memorable. Is the infosec industry in need of more fun, or do we have quite enough at the moment, thank you very much?

Episode 3 – Rowenna Fielding


Rowenna is a highly regarded privacy professional, known for giving information security nerds a hard time. A champion of people’s personal and human rights, as well as having an encyclopedic knowledge of GDPR and other related topics, she actually manages to balance her huge intellect with being one of the best human beings I know.

Episode 4 – Sandeep Singh and Vandana Verma


Sandeep is one of the co-organizers of BSides Delhi. He is also the co-lead of OWASP Delhi chapter, Community Manager of null community, and actively supports the local and global security community whenever and wherever he is able to.  The award-winning Vandana is Security Solutions Architect at Snyk. She is a Vice-Chair of the OWASP Global Board of Directors, leads diversity initiatives like InfosecGirls and WoSec, and is the founder of InfosecKids. a member of the Black Hat Asia Review Board as well as multiple other international conferences.

Episode 5 – Graham Cluley and Carole Theriault


Graham was at the forefront of anti-virus right from the very beginning, from being Dr Solomon’s right-hand man to becoming the public face of Sophos Security. Carole has 20+ years in the industry, is the founder of Tick Tock Social, a comms consultancy for the tech world, and host on Smashing Security podcast.

Episode 6 – Andrew Agnês & Javvad Malik


Javvad & Andrew are two-thirds of the trio known as host Unknown. One has an ego and the other thinks he doesn’t. Both are well known, established infosec professionals whose reputation often preceded them. We talk about humour in the industry.

There you have it! Season One of CyberChat is speeding its way to you through the tubes and pipes of the internet as you read this. I hope you enjoy listening to it as I did recording it, and above all, learn something from it. I’ll see you again in Season Two!

Stay Secure Folks!

Cyber Chat
Join Thom Langford and Guests


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Ledgy is an equity management tool for European startups

Every startup founder faces the same issue — how do you manage your cap table and equity plans in a transparent and lightweight manner? If you’re based in the U.S., chances are you’re using an equity management solution like Carta. But if you’re not based in the U.S., you don’t have a ton of options.

Ledgy wants to become the ownership management tool for the rest of the world. Based in Switzerland, several well-known European startups are already using Ledgy, such as Wefox, Kry, Bitpanda, Gorillas and Trade Republic.

The company recently closed a $10 million Series A funding round led by Sequoia Capital. Other investors in the round include Xavier Niel, Harry Stebbings, Visionaries Club, UiPath’s Daniel Dines and Front’s Mathilde Collin. Some of Ledgy’s existing investors also invested once again, such as Myke Näf, Paul Sevinç, btov Partners, Creathor Ventures and VI Partners.

A few years ago, when Ledgy co-founder and CEO Yoko Spirig talked with an entrepreneur, the founder showed her how he managed ownership. He opened an Excel spreadsheet and scrolled, scrolled, scrolled… “Each line represented a share. You can imagine how error-prone it is,” she told me.

While the implementation was odd, most companies in Europe are still using Excel spreadsheets to manage ownership. And Ledgy wants to convince those companies that switching to a software solution that has been specifically designed to solve this issue could be beneficial.

“The key has really been to focus on the software infrastructure. What we do is that we have implemented automation workflows that are adaptable depending on countries,” Spirig said. “We’re not focusing on one regulation and we’re really offering the infrastructure layer,” she added.

That’s why Ledgy already supports 32 countries. It has tweaked its product even more specifically for Germany, Austria and Switzerland. There will be more country-specific releases in the near future for startups based in the U.K. and France. 1,500 companies are using Ledgy right now.

When you switch to Ledgy, there are three main advantages. First, like other software-as-a-service products, Ledgy acts as a single source of truth for all stakeholders — the HR team, the finance team, investors, lawyers and employees.

The second selling point is that you can automate some of the most tedious tasks. For instance, Ledgy can automatically generate documents based on templates and different variables. Signed documents are stored on Ledgy. You can export data every quarter or every year for compliance reasons.

Third, it fosters transparency across the company. Employees can check the value of their options. They can see how much their options could be worth if the leadership team is in the process of raising a new round of funding.

With today’s funding round, Ledgy plans to expand into new markets. The company also plans to roll out support for public companies so that some of its existing customers can go public and keep using Ledgy.

Image Credits: Ledgy

Seqera Labs grabs $5.5M to help sequence COVID-19 variants and other complex data problems

Bringing order and understanding to unstructured information located across disparate silos has been one of the more significant breakthroughs of the big data era, and today a European startup that has built a platform to help with this challenge specifically in the area of life sciences — and has, notably, been used by labs to sequence and so far identify two major COVID-19 variants — is announcing some funding to continue building out its tools to a wider set of use cases, and to expand into North America.

Seqera Labs, a Barcelona-based data orchestration and workflow platform tailored to help scientists and engineers order and gain insights from cloud-based genomic data troves, as well as to tackle other life science applications that involve harnessing complex data from multiple locations, has raised $5.5 million in seed funding.

Talis Capital and Speedinvest co-led this round, with participation also from previous backer BoxOne Ventures and a grant from the Chan Zuckerberg Initiative, Mark Zuckerberg and Dr. Priscilla Chan’s effort to back open source software projects for science applications.

Seqera — a portmanteau of “sequence” and “era”, the age of sequencing data, basically — had previously raised less than $1 million, and quietly, it is already generating revenues, with five of the world’s biggest pharmaceutical companies part of its customer base, alongside biotech and other life sciences customers.

Seqera was spun out of the Centre for Genomic Regulation, a biomedical research center based out of Barcelona, where it was built as the commercial application of Nextflow, open source workflow and data orchestration software originally created by the founders of Seqera, Evan Floden and Paolo Di Tommaso, at the CGR.

Floden, Seqera’s CEO, told TechCrunch that he and Di Tommaso were motivated to create Seqera in 2018 after seeing Nextflow gain a lot of traction in the life science community, and subsequently getting a lot of repeat requests for further customization and features. Both Nextflow and Seqera have seen a lot of usage: the Nextflow runtime has been downloaded more than 2 million times, the company said, while Seqera’s commercial cloud offering has now processed more than 5 billion tasks.

The COVID-19 pandemic is a classic example of the acute challenge that Seqera (and by association Nextflow) aims to address in the scientific community. With COVID-19 outbreaks happening globally, each time a test for COVID-19 is processed in a lab, live genetic samples of the virus get collected. Taken together, these millions of tests represent a goldmine of information about the coronavirus and how it is mutating, and when and where it is doing so. For a new virus about which so little is understood and that is still persisting, that’s invaluable data.

So the problem is not if the data exists for better insights (it does); it is that it’s nearly impossible to use more legacy tools to view that data as a holistic body. It’s in too many places, and there is just too much of it, and it’s growing every day (and changing every day), which means that traditional approaches of porting data to a centralized location to run analytics on it just wouldn’t be efficient, and would cost a fortune to execute.

That is where Segera comes in. The company’s technology treats each source of data across different clouds as a salient pipeline which can be merged and analyzed as a single body, without that data ever leaving the boundaries of the infrastructure where it already exists. Customised to focus on genomic troves, scientists can then query that information for more insights. Seqera was central to the discovery of both the Alpha and Delta variants of the virus, and work is still ongoing as COVID-19 continues to hammer the globe.

Seqera is being used in other kinds of medical applications, such as in the realm of so-called “precision medicine.” This is emerging as a very big opportunity in complex fields like oncology: cancer mutates and behaves differently depending on many factors, including genetic differences of the patients themselves, which means that treatments are less effective if they are “one size fits all.”

Increasingly, we are seeing approaches that leverage machine learning and big data analytics to better understand individual cancers and how they develop for different populations, to subsequently create more personalized treatments, and Seqera comes into play as a way to sequence that kind of data.

This also highlights something else notable about the Seqera platform: it is used directly by the people who are analyzing the data — that is, the researchers and scientists themselves, without data specialists necessarily needing to get involved. This was a practical priority for the company, Floden told me, but nonetheless, it’s an interesting detail of how the platform is inadvertently part of that bigger trend of “no-code/low-code” software, designed to make highly technical processes usable by non-technical people.

It’s both the existing opportunity and how Seqera might be applied in the future across other kinds of data that lives in the cloud that makes it an interesting company, and it seems an interesting investment, too.

“Advancements in machine learning, and the proliferation of volumes and types of data, are leading to increasingly more applications of computer science in life sciences and biology,” said Kirill Tasilov, principal at Talis Capital, in a statement. “While this is incredibly exciting from a humanity perspective, it’s also skyrocketing the cost of experiments to sometimes millions of dollars per project as they become computer-heavy and complex to run. Nextflow is already a ubiquitous solution in this space and Seqera is driving those capabilities at an enterprise level – and in doing so, is bringing the entire life sciences industry into the modern age. We’re thrilled to be a part of Seqera’s journey.”

“With the explosion of biological data from cheap, commercial DNA sequencing, there is a pressing need to analyse increasingly growing and complex quantities of data,” added Arnaud Bakker, principal at Speedinvest. “Seqera’s open and cloud-first framework provides an advanced tooling kit allowing organisations to scale complex deployments of data analysis and enable data-driven life sciences solutions.”

Although medicine and life sciences are perhaps Seqera’s most obvious and timely applications today, the framework originally designed for genetics and biology can be applied to any a number of other areas: AI training, image analysis and astronomy are three early use cases, Floden said. Astronomy is perhaps very apt, since it seems that the sky is the limit.

“We think we are in the century of biology,” Floden said. “It’s the center of activity and it’s becoming data-centric, and we are here to build services around that.”

Seqera is not disclosing its valuation with this round.

Virtual meeting platform Vowel raises $13.5M, aims to cure meeting fatigue

Meetings are an inevitable part of the work day, but as workplaces became more distributed over the past 18 months, Vowel CEO Andy Berman says we are steadily moving toward “death by meeting.”

His virtual meeting platform is the latest to receive venture capital funding — $13.5 million — with the goal of making meetings more useful before, during and after.

Vowel is launching a meeting operating system with tools like real-time transcription; integrated agendas, notes and action items; meeting analytics; and searchable, on-demand recordings of meetings. The company has a freemium business model and will also be rolling out a business plan this fall for $16 per user per month. Extra features will include advanced integrations, security and admin controls.

The Series A was led by David Hornik of Lobby Capital, who was joined by existing investors Amity Ventures and Box Group and a group of individual investors, including Calendly CEO Tope Awotona, Intercom co-founder Des Traynor, Slack VP Ethan Eismann, former Yammer executive Viviana Faga, former InVision president David Fraga and Okta co-founder Frederic Kerrest.

Prior to starting Vowel, Berman was one of the founders of baby monitor company Nanit. The company had teams spread out around the world, and communication was tough as a result. In 2018, the company went looking for a tool that would work for synchronous and asynchronous meetings, but there were still a lot of time zones to manage, he said.

Taking a cue from Nanit’s own baby monitors that were streaming video over 17 hours a day, the idea for Vowel was born, and the company began to focus on the hypothesis that distributed work would be prevalent.

“People initially thought we were crazy, but then the pandemic hit, and everyone was learning how to work remotely,” Berman told TechCrunch. “As we now go back to hybrid work, we see this as an opportunity.”

In 2017, Harvard Business Review reported that executives spent 23 hours in meetings each week. Berman now estimates that the average worker spends half of their time each week in meetings.

Vowel is out to bring Slack, Figma and GitHub components to meetings by recording audio and video that can be paused at any time. Users can add notes and see where those notes fall within a real-time transcription that enables people who arrive late or could not make the meeting to catch up easily. After meetings are over, they can be shared, and Vowel has a search function so that users can go back and see where a particular person or topic was discussed.

The new funding will enable the company to grow its team in product, design and engineering. Vowel plans to hire up to 30 new people over the next year. The company recently closed its beta test and has amassed a 10,000-person waitlist. The public launch will happen in the fall, Berman said.

Workplace productivity and office communication tools are not new concepts, but as Berman explained, became increasingly important when homes became offices over the past 18 months.

Competitors took different approaches to solving these problems: focusing on video conferencing or audio or meeting management with plugins. Berman says an area where many have not succeeded yet is integrating meetings into the typical workflow. That’s where Vowel comes in with its “meeting OS,” he added.

“Our goal is to make meetings more inclusive and worthwhile, which includes the prep, the meeting and the follow-up,” Berman said. “We see the future will be about knowledge management, so the difference between what we are doing is ensuring you can catch up quickly and keep that knowledge base. A Garner report said that 75% of workplace meetings will be recorded by 2025, and that is a trend we are reinventing from the ground up.”

David Hornik, founding partner at Lobby Capital, said he became acquainted with Vowel from its existing investor Amity Ventures. Hornik, who sits on the GitLab board, said GitLab was one of the largest distributed companies in the tech space, prior to the pandemic, and saw first-hand the challenge of making distributed teams functionable.

When Hornik heard about Vowel, he said he “jumped quickly” on the opportunity. His firm typically invests in platform businesses that have the capacity to transform business spaces. Many are pure software, like Splunk or GitLab, while others are akin to Bill.com, which transformed how small businesses manage financial operations, he added.

All of those combine into a company, like Vowel, especially given the company’s vision for a meeting OS to transform a meeting space that hadn’t moved forward in decades, he said.

“This was quickly obvious to me because my day is meetings — an eight-Zoom day is a normal day — I just wish I could remember everything,” Hornik said. “Speaking with early customers using the product, when I asked them what they would do if this ever went away, the first thing they said was ‘cry,’ and, because there was no alternative, would return to Zoom or other tools, but it would be a big setback.”

The time Animoto almost brought AWS to its knees

Today, Amazon Web Services is a mainstay in the cloud infrastructure services market, a $60 billion juggernaut of a business. But in 2008, it was still new, working to keep its head above water and handle growing demand for its cloud servers. In fact, 15 years ago last week, the company launched Amazon EC2 in beta. From that point forward, AWS offered startups unlimited compute power, a primary selling point at the time.

EC2 was one of the first real attempts to sell elastic computing at scale — that is, server resources that would scale up as you needed them and go away when you didn’t. As Jeff Bezos said in an early sales presentation to startups back in 2008, “you want to be prepared for lightning to strike, […] because if you’re not that will really generate a big regret. If lightning strikes, and you weren’t ready for it, that’s kind of hard to live with. At the same time you don’t want to prepare your physical infrastructure, to kind of hubris levels either in case that lightning doesn’t strike. So, [AWS] kind of helps with that tough situation.”

An early test of that value proposition occurred when one of their startup customers, Animoto, scaled from 25,000 to 250,000 users in a 4-day period in 2008 shortly after launching the company’s Facebook app at South by Southwest.

At the time, Animoto was an app aimed at consumers that allowed users to upload photos and turn them into a video with a backing music track. While that product may sound tame today, it was state of the art back in those days, and it used up a fair amount of computing resources to build each video. It was an early representation of not only Web 2.0 user-generated content, but also the marriage of mobile computing with the cloud, something we take for granted today.

For Animoto, launched in 2006, choosing AWS was a risky proposition, but the company found trying to run its own infrastructure was even more of a gamble because of the dynamic nature of the demand for its service. To spin up its own servers would have involved huge capital expenditures. Animoto initially went that route before turning its attention to AWS because it was building prior to attracting initial funding, Brad Jefferson, co-founder and CEO at the company explained.

“We started building our own servers, thinking that we had to prove out the concept with something. And as we started to do that and got more traction from a proof-of-concept perspective and started to let certain people use the product, we took a step back, and were like, well it’s easy to prepare for failure, but what we need to prepare for success,” Jefferson told me.

Going with AWS may seem like an easy decision knowing what we know today, but in 2007 the company was really putting its fate in the hands of a mostly unproven concept.

“It’s pretty interesting just to see how far AWS has gone and EC2 has come, but back then it really was a gamble. I mean we were talking to an e-commerce company [about running our infrastructure]. And they’re trying to convince us that they’re going to have these servers and it’s going to be fully dynamic and so it was pretty [risky]. Now in hindsight, it seems obvious but it was a risk for a company like us to bet on them back then,” Jefferson told me.

Animoto had to not only trust that AWS could do what it claimed, but also had to spend six months rearchitecting its software to run on Amazon’s cloud. But as Jefferson crunched the numbers, the choice made sense. At the time, Animoto’s business model was for free for a 30 second video, $5 for a longer clip, or $30 for a year. As he tried to model the level of resources his company would need to make its model work, it got really difficult, so he and his co-founders decided to bet on AWS and hope it worked when and if a surge of usage arrived.

That test came the following year at South by Southwest when the company launched a Facebook app, which led to a surge in demand, in turn pushing the limits of AWS’s capabilities at the time. A couple of weeks after the startup launched its new app, interest exploded and Amazon was left scrambling to find the appropriate resources to keep Animoto up and running.

Dave Brown, who today is Amazon’s VP of EC2 and was an engineer on the team back in 2008, said that “every [Animoto] video would initiate, utilize and terminate a separate EC2 instance. For the prior month they had been using between 50 and 100 instances [per day]. On Tuesday their usage peaked at around 400, Wednesday it was 900, and then 3,400 instances as of Friday morning.” Animoto was able to keep up with the surge of demand, and AWS was able to provide the necessary resources to do so. Its usage eventually peaked at 5000 instances before it settled back down, proving in the process that elastic computing could actually work.

At that point though, Jefferson said his company wasn’t merely trusting EC2’s marketing. It was on the phone regularly with AWS executives making sure their service wouldn’t collapse under this increasing demand. “And the biggest thing was, can you get us more servers, we need more servers. To their credit, I don’t know how they did it — if they took away processing power from their own website or others — but they were able to get us where we needed to be. And then we were able to get through that spike and then sort of things naturally calmed down,” he said.

The story of keeping Animoto online became a main selling point for the company, and Amazon was actually the first company to invest in the startup besides friends and family. It raised a total of $30 million along the way, with its last funding coming in 2011. Today, the company is more of a B2B operation, helping marketing departments easily create videos.

While Jefferson didn’t discuss specifics concerning costs, he pointed out that the price of trying to maintain servers that would sit dormant much of the time was not a tenable approach for his company. Cloud computing turned out to be the perfect model and Jefferson says that his company is still an AWS customer to this day.

While the goal of cloud computing has always been to provide as much computing as you need on demand whenever you need it, this particular set of circumstances put that notion to the test in a big way.

Today the idea of having trouble generating 3,400 instances seems quaint, especially when you consider that Amazon processes 60 million instances every day now, but back then it was a huge challenge and helped show startups that the idea of elastic computing was more than theory.

Quantum Machines plans to expand quantum orchestration platform with $50M investment

Quantum Machines, an Israeli startup that is building the classical hardware and software infrastructure to help run quantum machines, announced a $50 million Series B investment today.

Today’s round was led by Red Dot Capital Partners with help from Exor, Claridge Israel, Samsung NEXT, Valor Equity Partners, Atreides Management, LP, as well as TLV Partners, Battery Ventures, 2i Ventures and other existing investors. The company has now raised approximately $83 million, according to Crunchbase data.

While quantum computing in general is in its early days, Quantum Machines has developed a nice niche by building a hardware and software system, what they call The Quantum Orchestration Platform, that helps run the burgeoning quantum machines, leaving it plenty of room to grow as the industry develops.

Certainly Quantum Machines co-founder and CEO Itamar Sivan, who has been working in quantum his entire career, sees the vast potential of this technology. “Quantum computers have the promise of potentially speeding up very substantially computations that are impossible to complete in reasonable time with classical computers, and this is at the highest level the interest in the field right now. Our vision specifically at Quantum Machines is to make quantum computers ubiquitous and disruptive across all industries,” he said.

To achieve that, the company has created a system that relies on classical computers to power quantum computers as they develop. While the company has designed its own silicon for this purpose, it is important to note that it is not building quantum chips. As Sivan explains, the classical computer has a software and hardware layer, but quantum machines have three layers: “The quantum hardware, which is the heart, and on top of that you have classical hardware […] and then on top of that you have software,” he said.

“We focus on the two latter layers. So classical hardware and the software that drives it. Now at the heart of our hardware is in fact a classical processor. So this is I think one of the most interesting parts of the quantum stack,” he explained.

He says that this interaction between classical computing and quantum computing is one that is fundamental to the technology, and it’s a mix that will last well into the future, possibly forever. What Quantum Machines is building is essentially the classical cloud infrastructure required to run quantum computers.

Quantum Machines founding team.

Quantum Machines founding team: Itamar Sivan, Nissim Ofek, Yonatan Cohen. Photo Credit: Quantum Machines

So far the approach has been working quite well, as Sivan reports that governments, researchers, universities and the hyper scaler operators (which could include companies like Amazon, Netflix and Google, although the company has not said they are customers) are all interested in QM’s technology. While it isn’t discussing specific metrics, the company has customers in 15 countries at the moment and is working with some large entities that it couldn’t name.

The money from this round helps validate what the company is doing, enabling it to continue building out the solution, while also investing heavily in research and development, which is essential as the industry is still in early development and much will change over time.

They have been able to create this solution to this point with just 60 employees, and with the new funding should be able to build out the team in a substantial way in the coming years. He says that when it comes to diversity, he comes from an academic background where this is the norm and he has carried this forth to his company as he hires new people. What’s more, the pandemic has allowed him to hire from anywhere and he says that the company has taken advantage of this opportunity.

“First of all, we’re not hiring just in Israel, we’re hiring globally, and we’re not limited to hiring in specific geographies. We have people [from a number of countries],” he said. He adds, “Diversity for me personally means involving as many people as possible in hiring processes. That is the only way to ensure that there is diversity.”

Even throughout the pandemic, the hardware team has been meeting in person in the office with necessary precautions when it has been allowed, but most employees have continued to work from home, and that is an approach he will continue to take even when it’s safe to return to the office on a regular basis.

“Of course, work in a post-COVID era will include a substantial amount of remote work. […] So even in [our] headquarters, we anticipate allowing people to work remotely [if they wish].

Spain’s Factorial raises $80M at a $530M valuation on the back of strong traction for its ‘Workday for SMBs’

Factorial, a startup out of Barcelona that has built a platform that lets SMBs run human resources functions with the same kind of tools that typically are used by much bigger companies, is today announcing some funding to bulk up its own position: the company has raised $80 million, funding that it will be using to expand its operations geographically — specifically deeper into Latin American markets — and to continue to augment its product with more features.

CEO Jordi Romero, who co-founded the startup with Pau Ramon and Bernat Farrero — said in an interview that Factorial has seen a huge boom of growth in the last 18 months and counts more than anything 75,000 customers across 65 countries, with the average size of each customer in the range of 100 employees, although they can be significantly (single-digit) smaller or potentially up to 1,000 (the “M” of SMB, or SME as it’s often called in Europe).

“We have a generous definition of SME,” Romero said of how the company first started with a target of 10-15 employees but is now working in the size bracket that it is. “But that is the limit. This is the segment that needs the most help. We see other competitors of ours are trying to move into SME and they are screwing up their product by making it too complex. SMEs want solutions that have as much data as possible in one single place. That is unique to the SME.” Customers can include smaller franchises of much larger organizations, too: KFC, Booking.com, and Whisbi are among those that fall into this category for Factorial.

Factorial offers a one-stop shop to manage hiring, onboarding, payroll management, time off, performance management, internal communications and more. Other services such as the actual process of payroll or sourcing candidates, it partners and integrates closely with more localized third parties.

The Series B is being led by Tiger Global, and past investors CRV, Creandum, Point Nine and K Fund also participating, at a valuation we understand from sources close to the deal to be around $530 million post-money. Factorial has raised $100 million to date, including a $16 million Series A round in early 2020, just ahead of the Covid-19 pandemic really taking hold of the world.

That timing turned out to be significant: Factorial, as you might expect of an HR startup, was shaped by Covid-19 in a pretty powerful way.

The pandemic, as we have seen, massively changed how — and where — many of us work. In the world of desk jobs, offices largely disappeared overnight, with people shifting to working at home in compliance with shelter-in-place orders to curb the spread of the virus, and then in many cases staying there even after those were lifted as companies grappled both with balancing the best (and least infectious) way forward and their own employees’ demands for safety and productivity. Front-line workers, meanwhile, faced a completely new set of challenges in doing their jobs, whether it was to minimize exposure to the coronavirus, or dealing with giant volumes of demand for their services. Across both, organizations were facing economics-based contractions, furloughs, and in other cases, hiring pushes, despite being office-less to carry all that out.

All of this had an impact on HR. People who needed to manage others, and those working for organizations, suddenly needed — and were willing to pay for — new kinds of tools to carry out their roles.

But it wasn’t always like this. In the early days, Romero said the company had to quickly adjust to what the market was doing.

“We target HR leaders and they are currently very distracted with furloughs and layoffs right now, so we turned around and focused on how we could provide the best value to them,” Romero said to me during the Series A back in early 2020. Then, Factorial made its product free to use and found new interest from businesses that had never used cloud-based services before but needed to get something quickly up and running to use while working from home (and that cloud migration turned out to be a much bigger trend played out across a number of sectors). Those turning to Factorial had previously kept all their records in local files or at best a “Dropbox folder, but nothing else,” Romero said.

It also provided tools specifically to address the most pressing needs HR people had at the time, such as guidance on how to implement furloughs and layoffs, best practices for communication policies and more. “We had to get creative,” Romero said.

But it wasn’t all simple. “We did suffer at the beginning,” Romero now says. “People were doing furloughs and [frankly] less attention was being paid to software purchasing. People were just surviving. Then gradually, people realized they needed to improve their systems in the cloud, to manage remote people better, and so on.” So after a couple of very slow months, things started to take off, he said.

Factorial’s rise is part of a much, longer-term bigger trend in which the enterprise technology world has at long last started to turn its attention to how to take the tools that originally were built for larger organizations, and right size them for smaller customers.

The metrics are completely different: large enterprises are harder to win as customers, but represent a giant payoff when they do sign up; smaller enterprises represent genuine scale since there are so many of them globally — 400 million, accounting for 95% of all firms worldwide. But so are the product demands, as Romero pointed out previously: SMBs also want powerful tools, but they need to work in a more efficient, and out-of-the-box way.

Factorial is not the only HR startup that has been honing in on this, of course. Among the wider field are PeopleHR, Workday, Infor, ADP, Zenefits, Gusto, IBM, Oracle, SAP and Rippling; and a very close competitor out of Europe, Germany’s Personio, raised $125 million on a $1.7 billion valuation earlier this year, speaking not just to the opportunity but the success it is seeing in it.

But the major fragmentation in the market, the fact that there are so many potential customers, and Factorial’s own rapid traction are three reasons why investors approached the startup, which was not proactively seeking funding when it decided to go ahead with this Series B.

“The HR software market opportunity is very large in Europe, and Factorial is incredibly well positioned to capitalize on it,” said John Curtius, Partner at Tiger Global, in a statement. “Our diligence found a product that delighted customers and a world-class team well-positioned to achieve Factorial’s potential.”

“It is now clear that labor markets around the world have shifted over the past 18 months,” added Reid Christian, general partner at CRV, which led its previous round, which had been CRV’s first investment in Spain. “This has strained employers who need to manage their HR processes and properly serve their employees. Factorial was always architected to support employers across geographies with their HR and payroll needs, and this has only accelerated the demand for their platform. We are excited to continue to support the company through this funding round and the next phase of growth for the business.”

Notably, Romero told me that the fundraising process really evolved between the two rounds, with the first needing him flying around the world to meet people, and the second happening over video links, while he was recovering himself from Covid-19. Given that it was not too long ago that the most ambitious startups in Europe were encouraged to relocate to the U.S. if they wanted to succeed, it seems that it’s not just the world of HR that is rapidly shifting in line with new global conditions.

Fractory raises $9M to rethink the manufacturing supply chain for metalworks

The manufacturing industry took a hard hit from the Covid-19 pandemic, but there are signs of how it is slowly starting to come back into shape — helped in part by new efforts to make factories more responsive to the fluctuations in demand that come with the ups and downs of grappling with the shifting economy, virus outbreaks and more. Today, a businesses that is positioning itself as part of that new guard of flexible custom manufacturing — a startup called Fractory — is announcing a Series A of $9 million (€7.7 million) that underscores the trend.

The funding is being led by OTB Ventures, a leading European investor focussed on early growth, post-product, high-tech start-ups, with existing investors Trind VenturesSuperhero CapitalUnited Angels VCStartup Wise Guys and Verve Ventures also participating.

Founded in Estonia but now based in Manchester, England — historically a strong hub for manufacturing in the country, and close to Fractory’s customers — Fractory has built a platform to make it easier for those that need to get custom metalwork to upload and order it, and for factories to pick up new customers and jobs based on those requests.

Fractory’s Series A will be used to continue expanding its technology, and to bring more partners into its ecosystem.

To date, the company has worked with more than 24,000 customers and hundreds of manufacturers and metal companies, and altogether it has helped crank out more than 2.5 million metal parts.

To be clear, Fractory isn’t a manufacturer itself, nor does it have no plans to get involved in that part of the process. Rather, it is in the business of enterprise software, with a marketplace for those who are able to carry out manufacturing jobs — currently in the area of metalwork — to engage with companies that need metal parts made for them, using intelligent tools to identify what needs to be made and connecting that potential job to the specialist manufacturers that can make it.

The challenge that Fractory is solving is not unlike that faced in a lot of industries that have variable supply and demand, a lot of fragmentation, and generally an inefficient way of sourcing work.

As Martin Vares, Fractory’s founder and MD, described it to me, companies who need metal parts made might have one factory they regularly work with. But if there are any circumstances that might mean that this factory cannot carry out a job, then the customer needs to shop around and find others to do it instead. This can be a time-consuming, and costly process.

“It’s a very fragmented market and there are so many ways to manufacture products, and the connection between those two is complicated,” he said. “In the past, if you wanted to outsource something, it would mean multiple emails to multiple places. But you can’t go to 30 different suppliers like that individually. We make it into a one-stop shop.”

On the other side, factories are always looking for better ways to fill out their roster of work so there is little downtime — factories want to avoid having people paid to work with no work coming in, or machinery that is not being used.

“The average uptime capacity is 50%,” Vares said of the metalwork plants on Fractory’s platform (and in the industry in general). “We have a lot more machines out there than are being used. We really want to solve the issue of leftover capacity and make the market function better and reduce waste. We want to make their factories more efficient and thus sustainable.”

The Fractory approach involves customers — today those customers are typically in construction, or other heavy machinery industries like ship building, aerospace and automotive — uploading CAD files specifying what they need made. These then get sent out to a network of manufacturers to bid for and take on as jobs — a little like a freelance marketplace, but for manufacturing jobs. About 30% of those jobs are then fully automated, while the other 70% might include some involvement from Fractory to help advise customers on their approach, including in the quoting of the work, manufacturing, delivery and more. The plan is to build in more technology to improve the proportion that can be automated, Vares said. That would include further investment in RPA, but also computer vision to better understand what a customer is looking to do, and how best to execute it.

Currently Fractory’s platform can help fill orders for laser cutting and metal folding services, including work like CNC machining, and it’s next looking at industrial additive 3D printing. It will also be looking at other materials like stonework and chip making.

Manufacturing is one of those industries that has in some ways been very slow to modernize, which in a way is not a huge surprise: equipment is heavy and expensive, and generally the maxim of “if it ain’t broke, don’t fix it” applies in this world. That’s why companies that are building more intelligent software to at least run that legacy equipment more efficiently are finding some footing. Xometry, a bigger company out of the U.S. that also has built a bridge between manufacturers and companies that need things custom made, went public earlier this year and now has a market cap of over $3 billion. Others in the same space include Hubs (which is now part of Protolabs) and Qimtek, among others.

One selling point that Fractory has been pushing is that it generally aims to keep manufacturing local to the customer to reduce the logistics component of the work to reduce carbon emissions, although as the company grows it will be interesting to see how and if it adheres to that commitment.

In the meantime, investors believe that Fractory’s approach and fast growth are strong signs that it’s here to stay and make an impact in the industry.

“Fractory has created an enterprise software platform like no other in the manufacturing setting. Its rapid customer adoption is clear demonstrable feedback of the value that Fractory brings to manufacturing supply chains with technology to automate and digitise an ecosystem poised for innovation,” said Marcin Hejka in a statement. “We have invested in a great product and a talented group of software engineers, committed to developing a product and continuing with their formidable track record of rapid international growth

“FudCo” Spam Empire Tied to Pakistani Software Firm

In May 2015, KrebsOnSecurity briefly profiledThe Manipulaters,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. Six years later, a review of the social media postings from this group shows they are prospering, while rather poorly hiding their activities behind a software development firm in Lahore that has secretly enabled an entire generation of spammers and scammers.

The Web site in 2015 for the “Manipulaters Team,” a group of Pakistani hackers behind the dark web identity “Saim Raza,” who sells spam and malware tools and services.

The Manipulaters’ core brand in the underground is a shared cybercriminal identity named “Saim Raza,” who for the past decade across dozens of cybercrime sites and forums has peddled a popular spamming and phishing service variously called “Fudtools,” “Fudpage,” “Fudsender,” etc.

The common acronym in nearly all of Saim Raza’s domains over the years — “FUD” — stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances.

One of several current Fudtools sites run by The Manipulaters.

The current website for Saim Raza’s Fud Tools (above) offers phishing templates or “scam pages” for a variety of popular online sites like Office365 and Dropbox. They also sell “Doc Exploit” products that bundle malicious software with innocuous Microsoft Office documents; “scampage hosting” for phishing sites; a variety of spam blasting tools like HeartSender; and software designed to help spammers route their malicious email through compromised sites, accounts and services in the cloud.

For years leading up to 2015, “admin@manipulaters.com” was the name on the registration records for thousands of scam domains that spoofed some of the world’s top banks and brand names, but particularly Apple and Microsoft. When confronted about this, The Manipulaters founder Madih-ullah Riaz replied, “We do not deliberately host or allow any phishing or any other abusive website. Regarding phishing, whenever we receive complaint, we remove the services immediately. Also we are running business since 2006.”

The IT network of The Manipulaters, circa 2013. Image: Facebook

Two years later, KrebsOnSecurity received an email from Riaz asking to have his name and that of his business partner removed from the 2015 story, saying it had hurt his company’s ability to maintain stable hosting for their stable of domains.

“We run web hosting business and due to your post we got very serious problems especially no data center was accepting us,” Riaz wrote in a May 2017 email. “I can see you post on hard time criminals we are not criminals, at least it was not in our knowledge.”

Riaz said the problem was his company’s billing system erroneously used The Manipulators’ name and contact information instead of its clients in WHOIS registration records. That oversight, he said, caused many researchers to erroneously attribute to them activity that was coming from just a few bad customers.

“We work hard to earn money and it is my request, 2 years of my name in your wonderful article is enough punishment and we learned from our mistakes,” he concluded.

The Manipulaters have indeed learned a few new tricks, but keeping their underground operations air-gapped from their real-life identities is mercifully not one of them.

ZERO OPERATIONAL SECURITY

Phishing domain names registered to The Manipulaters included an address in Karachi, with the phone number 923218912562. That same phone number is shared in the WHOIS records for 4,000+ domains registered through domainprovider[.]work, a domain controlled by The Manipulaters that appears to be a reseller of another domain name provider.

One of Saim Raza’s many ads in the cybercrime underground for his Fudtools service promotes the domain fudpage[.]com, and the WHOIS records for that domain share the same Karachi phone number. Fudpage’s WHOIS records list the contact as “admin@apexgrand.com,” which is another email address used by The Manipulaters to register domains.

As I noted in 2015, The Manipulaters Team used domain name service (DNS) settings from another blatantly fraudulent service called ‘FreshSpamTools[.]eu,’ which was offered by a fellow Pakistani who also conveniently sold phishing toolkits targeting a number of big banks.

The WHOIS records for FreshSpamTools briefly list the email address bilal.waddaich@gmail.com, which corresponds to the email address for a Facebook account of a Bilal “Sunny” Ahmad Warraich (a.k.a. Bilal Waddaich).

Bilal Waddaich’s current Facebook profile photo includes many current and former employees of We Code Solutions.

Warraich’s Facebook profile says he works as an IT support specialist at a software development company in Lahore called We Code Solutions.

The We Code Solutions website.

A review of the hosting records for the company’s website wecodesolutions[.]pk show that over the past three years it has shared a server with just a handful of other domains, including:

-saimraza[.]tools
-fud[.]tools
-heartsender[.]net
-fudspampage[.]com
-fudteam[.]com
-autoshopscript[.]com
-wecodebilling[.]com
-antibotspanel[.]com
-sellonline[.]tools

FUD CO

The profile image atop Warraich’s Facebook page is a group photo of current and former We Code Solutions employees. Helpfully, many of the faces in that photo have been tagged and associated with their respective Facebook profiles.

For example, the Facebook profile of Burhan Ul Haq, a.k.a. “Burhan Shaxx” says he works in human relations and IT support for We Code Solutions. Scanning through Ul Haq’s endless selfies on Facebook, it’s impossible to ignore a series of photos featuring various birthday cakes and the words “Fud Co” written in icing on top.

Burhan Ul Haq’s photos show many Fud Co-themed cakes the We Code Solutions employees enjoyed on the anniversary of the Manipulaters Team.

Yes, from a review of the Facebook postings of We Code Solutions employees, it appears that for at least the last five years this group has celebrated an anniversary every May with a Fud Co cake, non-alcoholic sparkling wine, and a Fud Co party or group dinner. Let’s take a closer look at that delicious cake:

The head of We Code Solutions appears to be a guy named Rameez Shahzad, the older individual at the center of the group photo in Warraich’s Facebook profile. You can tell Shahzad is the boss because he is at the center of virtually every group photo he and other We Code Solutions employees posted to their respective Facebook pages.

We Code Solutions boss Rameez Shahzad (in sunglasses) is in the center of this group photo, which was posted by employee Burhan Ul Haq, pictured just to the right of Shahzad.

Shahzad’s postings on Facebook are even more revelatory: On Aug. 3, 2018, he posted a screenshot of someone logged into a WordPress site under the username Saim Raza — the same identity that’s been pimping Fud Co spam tools for close to a decade now.

“After [a] long time, Mailwizz ready,” Shahzad wrote as a caption to the photo:

We Code Solutions boss Rameez Shahzad posted on Facebook a screenshot of someone logged into a WordPress site with the username Saim Raza, the same cybercriminal identity that has peddled the FudTools spam empire for more than 10 years.

Whoever controlled the Saim Raza cybercriminal identity had a penchant for re-using the same password (“lovertears”) across dozens of Saim Raza email addresses. One of Saim Raza’s favorite email address variations was “game.changer@[pick ISP here]”. Another email address advertised by Saim Raza was “bluebtcus@gmail.com.”

So it was not surprising to see Rameez Shahzad post a screenshot to his Facebook account of his computer desktop, which shows he is logged into a Skype account that begins with the name “game.” and a Gmail account beginning with “bluebtc.”

Image: Scylla Intel

KrebsOnSecurity attempted to reach We Code Solutions via the contact email address on its website — info@wecodesolutions[.]pk — but the message bounced back, saying there was no such address. Similarly, a call to the Lahore phone number listed on the website produced an automated message saying the number is not in service. None of the We Code Solutions employees contacted directly via email or phone responded to requests for comment.

FAIL BY NUMBERS

This open-source research on The Manipulaters and We Code Solutions is damning enough. But the real icing on the Fud Co cake is that sometime in 2019, The Manipulaters failed to renew their core domain name — manipulaters[.]com — the same one tied to so many of the company’s past and current business operations.

That domain was quickly scooped up by Scylla Intel, a cyber intelligence firm that specializes in connecting cybercriminals to their real-life identities. Whoops.

Scylla co-founder Sasha Angus said the messages that flooded their inbox once they set up an email server on that domain quickly filled in many of the details they didn’t already have about The Manipulaters.

“We know the principals, their actual identities, where they are, where they hang out,” Angus said. “I’d say we have several thousand exhibits that we could put into evidence potentially. We have them six ways to Sunday as being the guys behind this Saim Raza spammer identity on the forums.”

Angus said he and a fellow researcher briefed U.S. prosecutors in 2019 about their findings on The Manipulaters, and that investigators expressed interest but also seemed overwhelmed by the volume of evidence that would need to be collected and preserved about this group’s activities.

“I think one of the things the investigators found challenging about this case was not who did what, but just how much bad stuff they’ve done over the years,” Angus said. “With these guys, you keep going down this rabbit hole that never ends because there’s always more, and it’s fairly astonishing. They are prolific. If they had halfway decent operational security, they could have been really successful. But thankfully, they don’t.”