Author: azeeadmin

End-to-end encrypted email service ProtonMail has named one of the attackers behind a sustained distributed denial of service attack (DDoS) it suffered earlier this summer. The attack took its email service offline for up to several minute long stretches at a time, even with mitigation measures in place.

It says the UK’s National Crime Agency (NCA) arrested the teenager, George Duke-Cohan, who was a member of a criminal group called Apophis Squad, late last month.

“Earlier this week, the British National Crime Agency announced the arrest of George Duke-Cohan, also known by his aliases“7R1D3N7,”“DoubleParallax,” and, more recently, “optcz1,” it writes in a blog post published today.

“At ProtonMail, we unfortunately have to face off against cyberattacks on a daily basis. Over the course of this summer, no fewer than five separate groups have been conducting attacks against ProtonMail. Duke-Cohan was a key member of Apophis Squad, a criminal group which was involved in cyberattacks against ProtonMail.”

Earlier this week the 19-year-old pled guilty to making hoax bomb threats targeting UK schools.

ProtonMail founder Andy Yen tells TechCrunch it’s not clear what Duke-Cohan or Apophis Squad’s beef might have been with the encrypted email service — and according to its blog members of the group had in fact been users of the encrypted email service themselves — adding that “multiple threat actors were involved”.

“For DDoS specifically, we identified three separate threat actors this summer,” he tells us via email. “We have names/addresses for two of them now, including obviously George from Apophis.”

“Apophis was the least sophisticated threat actor, and from the attack traffic analysis, not related to any of the past or current threat actors we are contending with,” he continues, adding: “ProtonMail unfortunately is a popular target because we are well known as a highly hardened target, and there is a sizeable amount of “bragging rights” that comes with being able to cause us difficulty. This subsequently allows these threat actors to sell their “services” for more money or gain notoriety. Apophis likely falls into this category as they also subsequently took down the FBI’s mail servers.”

The group had also targeted cyber security journalist Brian Krebs’ website with DDoS attacks this year (among other targets), and blogging about the arrest Krebs — who collaborated with ProtonMail in tracking the hackers down — writes: “Unsophisticated but otherwise time-wasting and annoying groups like Apophis Squad are a dime a dozen. But as I like to say, each time my site gets attacked by one of them two things usually happen not long after: Those responsible get arrested, and I get at least one decent story out of it.”

The UK’s NCA seemingly got involved because in addition to DDoSing ProtonMail and Krebs’ website the group had been attacking government agencies in a number of countries.

And, well, bragging via Twitter that they were untouchable to the Feds…

ProntonMail says once law enforcement agencies got involved they filed MLAT requests asking ProtonMail to assist. Not that it would have been able to hand over much user data, given the e2e calibre of its encryption.

On that point Yen elides going into detail when we ask exactly what data it was able to pull from their accounts — saying only: “There is not a lot from ProtonMail actually, because all emails on our system are encrypted. However, there were plenty of clues elsewhere.

“Like with all criminal groups, they left traces across the Internet which our investigative team was able to uncover. This combined with the information we received from trusted sources in the infosec community and the requests from law enforcement, made it possible to connect the dots and make a conclusive identification.”

According to ProtonMail’s blog, it was able to conclusively identify Duke-Cohan as a member of Apophis Squad in the first week of August — and says it informed law enforcement on August 8.

However UK police did not move to immediately arrest Duke-Cohan — so through much of August ProtonMail’s service remained under DDoS attack (though it says it was able to mitigate this thanks to Radware’s counter DDoS efforts).

While still at liberty, Duke-Cohan managed to wreak further havoc — posing in another hoax call as the father of a distressed airline passenger on a United Airlines Flight from London to San Francisco flight, on August 9, claiming it had been hijacked and that there was a bomb on the plane.

ProtonMail says the plane, United Airlines Flight 949, was quarantined upon arrival in San Francisco and “extensively searched”. “This, combined with the fact that Apophis Squad had threatened to send bomb threats to UK schools when school started again in September, made it necessary for British police to take action,” it adds. 

Duke-Cohan was finally arrested on August 31 by officers from the NCA. And this week the U.K. teenager from Watford, near London, pled guilty to the airline and school hoaxes.

ProntonMail suggests further charges are pending — and “possible extradition to the U.S.”.

The two other entities Yen says also targeted ProtonMail for DDoS this summer remain unnamed for now.

But he couches them as “substantially more sophisticated and innovative”, adding that they pose “more grave threats to the internet community”.

“There were some techniques used that had never been seen out in the wild before and were more difficult to contend with. We were fortunate to be defended by Radware, as they were able to adapt to the new threats rapidly. We have confirmed one of these threat actors was financially driven and had been paid to attack ProtonMail,” he says.

“Because of the danger posed by these groups, we will actively work with law enforcement and other infosec professionals to track them down. A big part of this is sharing intelligence,” he adds, praising Krebs for assisting with information that was “instrumental for conclusively identifying the people behind Apophis Squad”.

“Going forward, we will continue to aggressively go after all groups who attack ProtonMail in order to protect our users,” he adds.

British Airways has confirmed a data breach.

The London-based airline, the largest in the UK, did not disclose much about the breach, only that hackers stole customer data from its website, ba.com.

In a statement, BA said that the “personal and financial details” of customers who made bookings on BA’s site or app between August 21 and September 5 were compromised, but travel or passport information was not taken.

A spokesperson told TechCrunch that “around 380,000 card payments” were compromised. BA had more than 45 million passengers last year.

“The breach has been resolved and our website is working normally,” the company said in a statement.

“British Airways is communicating with affected customers and we advise any customers who believe they may have been affected by this incident to contact their banks or credit card providers and follow their recommended advice,” said the statement.

Under the new European GDPR data protections laws, the airline can face fines of up to four percent of its global annual revenue.

GreyOrange, a Singapore-headquartered firm that develops robots for warehouses, has pulled in a $140 million Series C funding round as it targets more expansion and growth.

The company was started in 2011. Today it has five regional offices across the world — covering India, Singapore, Japan, Germany, and the U.S. — three R&D centers and more than 60 ‘installations’ of its tech with retail customers worldwide. Right now, GreyOrange’s two main products are a robot ‘butler’ that moves heavy shelves and installations around warehouses and a robotic ‘sorter’ belt that organizes packages, but the vision is to build something more holistic.

“In three to four years we want to be the first in the world to achieve the goal of operating a fully-autonomous warehouse,” founders Samay Kohli and Akash Gupta told TechCrunch in an interview.

That’s a huge goal, and it puts the company in competition with established firms like Amazon-owned Kiva among others.

This new injection of funding is aimed at setting the trajectory to reach the startup’s lofty target. The round was led by Mithril Capital, a firm created by U.S. investor Peter Thiel and Ajay Royan, with participation from Flipkart co-founder Binny Bansal and existing backers that include Blume Ventures.

The capital takes GreyOrange to $170 million raised from investors that include Mitsubishi and Flipkart .

“Warehousing is completely under-serviced and nothing has really changed,” Kohli and Gupta said. “The stuff you can do now is really just the tip of the iceberg. We’re trying to strengthen our backbone, so the majority of this investment will go into our own supply chain as we really try to take it 5-10X over the next couple of years.”

GreyOrange recently forayed into North America with the opening of a headquarters in Atlanta and plans to launch a research center in Boston. The company is also looking to develop its business in the country, too. It said in a press statement that it is aiming to deploy over 20,000 robots in the next three years.

As the shadow of SoftBank (and its $100 billion fund) looms large over the investment landscape, Sequoia Capital is pushing the upper limits of the checks it’s willing to write to global growth-stage companies up to $1 billion. With a B.

That’s the word from Sequoia’s global managing partner Doug Leone speaking onstage at Disrupt San Francisco.

Thankfully for Leone, the firm has closed all of its U.S. and global funds, to support those unprecedently massive checks.

While the firm hasn’t yet cut a check for a cool billion (Leone joked that he “doesn’t have a pacemaker yet”), the head of one of Silicon Valley’s preeminent investment funds did say that Sequoia has written $400 million checks twice already. Alas, Leone wouldn’t say whether those commitments were made to companies in the U.S. or in what is increasingly becoming Sequoia Capital’s new largest market — China.

Half the firm’s investments are now made in China, which is attracting more and more attention as not only a competitor to Silicon Valley, but a leader in its own right when it comes to global growth and innovation.

Sequoia was one of the early firms that ventured out from Silicon Valley to explore the market in China in the early part of the new millennium. And while Kleiner Perkins, DFJ and other leading firms of the dot-com boom stumbled as they made their way along China’s digital silk road, Sequoia has found incredible success from its base in Beijing (nearly 6,000 miles from its Silicon Valley home).

“We sensed by 2025 it was going to be a globalized world,” Leone said. “We didn’t go to Europe because it was large but not growing. We didn’t go to Vietnam, because it was growing but not large.”

Instead, the firm went to China. To succeed in China, Leone noted, it is critically important to find a local team and let that team make their own decisions. And the Sequoia team found a perfect local partner in Neil Shen — the leader of the firm’s China operations. “If we went to China and made decisions from the U.S., we would fail,” Leone said.

With the help of Shen’s decision-making prowess, it’s no understatement to say that Sequoia Capital has been one of the architects of the current explosion of Chinese entrepreneurial talent. And as parallels are increasingly drawn between the U.S. startup culture and the culture in China, Leone says that they’re “similar in character.” “Both dream about changing the world,” Leone said. The difference? “Chinese founders have half another gear because they’re a little more desperate.”

Whether that desperation comes from the breakneck pace of competition that famed VC Kai-Fu Lee alluded to yesterday at Disrupt, or to an increasingly regulation-happy and controlling Beijing government, is an open question.

As Leone looks to the future of China’s development, he’s thinking that the tight grip that Xi Jinping has placed around the country will begin to loosen and that the Chinese market will open up to foreign competitors (something that entrepreneurs and investors have been hoping would come to pass for several decades… and still has yet to materialize). “Four or five years from now things are going to be a little different,” Leone said. “There’s a lot of pressure now that China is going to be more open over time.”

If Sequoia’s global managing partner is correct, then maybe Silicon Valley startups will see themselves on a more even competitive footing with their domestic counterparts in China.

Yet, even as Leone dreamed his impossible dream of a more open China, he acknowledged the heavy hand that regulators still have over business decisions. It extends from the ways companies list publicly, to the way they have to adhere to provincial- and even district-level government regulations. Indeed, China’s regulators keep the pace of public offerings controlled to try to ensure that local Chinese investors don’t lose money on the stock markets. (That policy has clearly been ineffective, given where the Shanghai Stock Exchange is today.)

“That license [to list publicly] alone is worth $500 million to $1 billion. [The market is] … much more managed and much more to please local investors,” Leone said.

That’s one reason why foreign capital continues to be attractive to Chinese companies. But it’s also why increasingly large rounds are getting raised, whether in China or in the U.S., so companies can stay private longer.

And it’s why Sequoia has been pushed to write its large checks. Indeed, Leone rebuffed any suggestion that SoftBank had really changed the firm’s investment strategy. (Sequoia has “never” lost a deal to SoftBank, Leone insisted.) Rather, market dynamics have changed, along with the need for startup companies to receive what Leone called “friendly” private capital.

“Cisco Systems went public at $300 million pre. Now we’re raising money at $30 billion pre,” Leone said. “We raised an $8 billion fund that’s global in nature to serve the founders throughout the whole journey.”

You may remember how Uber laid out its ambitions to become a multi-modal transportation company back in April with the announcement of Uber Rent, preceded by a $200 million acquisition of bike-share startup JUMP. Now, Uber is making it easier to access those modalities with the addition of Mode Switch, Uber CEO Dara Khosrowshahi announced at TechCrunch Disrupt San Francisco today.

The idea is to further hook people into the Uber app by offering a variety of transportation options, and ultimately have your phone replace your car.

Before, you can see how the options for rentals and bikes were much more hidden in the app.

Uber first partnered with JUMP in January to enable people to book bikes within the Uber app. Then, in July, Uber put some money behind its ambitions to get into scooters when it participated in a $335 million funding round in Lime. As part of the deal, Uber will add Lime’s electric scooters to its app.

Currently, Uber offers JUMP bikes in Austin, Denver, Sacramento, Chicago, New York City, Santa Cruz, Washington, D.C. and San Francisco. Uber has yet to launch scooters, although the company did submit a permit proposal to operate in San Francisco. That application was denied. Instead, Skip and Scoot received permits to operate in the city.

Uber Rent is a platform that taps into Getaround’s existing marketplace of cars that are available for instant rentals. Uber Rent, which will launch in San Francisco later this month, lets people book Getaround cars directly from the Uber app. Once Uber feels solid about the product market fit, it will expand the program nationally. Fun fact: Getaround won Disrupt NYC Battlefield back in 2011.

Uber, however, has yet to integrate public transit, which the company also announced in April. In partnership with Masabi, a mobile ticketing platform for public transit, the plan is to enable people to book and use transit tickets from within the Uber app.

Ultimately, it’s likely that Uber will simply add additional transit options to Mode Switch once it’s ready for launch.

PagerDuty, the popular service that helps businesses monitor their tech stacks, manage incidents and alert engineers when things go sideways, today announced that it has raised a $90 million Series D round at a valuation of $1.3 billion. With this, PagerDuty, which was founded in 2009, has now raised well over $170 million.

The round was led by T. Rowe Price Associates and Wellington Management . Accel, Andreessen Horowitz and Bessemer Venture Partners. Given the leads in this round, chances are that PagerDuty is gearing up for an IPO.

“This capital infusion allows us to continue our investments in innovation that leverages artificial intelligence and machine learning, enabling us to help our customers transform their companies and delight their customers,” said Jennifer Tejada, CEO at PagerDuty in today’s announcement. “From a business standpoint, we can strengthen our investment in and development of our people, our most valuable asset, as we scale our operations globally. We’re well positioned to make the lives of digital workers better by elevating work to the outcomes that matter.”

Currently PagerDuty users include the likes of GE, Capital One, IBM, Spotify and virtually every other software company you’ve ever heard of. In total, over 10,500 enterprises now use the service. While it’s best known for its alerting capabilities, PagerDuty has expanded well beyond that over the years, though it’s still a core part of its service. Earlier this year, for example, the company announced its new AIOps services that aim to help businesses reduce the amount of noisy and unnecessary alerts. I’m sure there’s a lot of engineers who are quite happy about that (and now sleep better).

It’s been a slow year for Apple hardware. The company has traditionally done a good job spreading announcements throughout the calendar, but aside from an iPad event in Chicago and a MacBook refresh a few months back, there’s been little news out of the company. Even this summer’s WWDC was utterly devoid of hardware news.

All that’s about to change at the big show being held next week at Steve Jobs Theater on the company’s new space-age Cupertino campus. Rumors are coming fast and furious, and by all accounts, there’s A LOT to expect, from a slew of new phones, to an updated Apple to some additional news on the iPad front.

Here’s a breakdown of some of what we expect from the big show on September 12.

iPhone XS: This is the big one. In more ways than one. Last year’s 10th anniversary iPhone event found the company intent on pushing the state of the art on iPhone (and bezel) technology. This year, we fully anticipate the arrival of the sequel.

The flagship model will arrive in two sizes — 5.8 and 6.5 inches, referred to as the iPhone XS and iPhone XS Plus (or, possibly, max), respectively. One of the smaller (but compelling) rumors of the bunch is the inclusion of a Lightning to USB-C cable in-box.

Yes, for better or worse, Apple is keeping Lighting around, but the new cable will make it easier to hook up to those new MacBooks and also enable fast charging. The phones will all supposedly be available in gold, as well, which appears to have been hinted at with the invite’s art work.

Cheaper iPhone X: Along with the flagships, Apple is said to be bringing a cheaper version of the X-style phone. After all, the first iPhone X was pretty commonly understood to be cost-prohibitive. The easiest way to drop the cost? Swap the OLED display for LCD, naturally. The phone will reportedly get Face ID as it drops the home button. As for the name? iPhone XC has been somewhat credibly floated.

Apple Watch Series 4: It’s the time of the season. The suggestion of a round face appears to be little more than wishful thinking, but the standard squircle shape has been improved a bit with the addition of an edge-to-edge display, marking the first major hardware redesign in the three years the watch has been kicking around. Along with a 15 percent larger display, battery and heart-rate monitoring are said to be improved, as well.

Etc.

Speaking of wishful thinking, here’s an assorted collection of what else could be on hand:

• HomePod Mini: A smaller version of the company’s premium smart speaker? Siri could certainly use the boost.
• MacBook Air upgrade: The legacy line is certainly due for an update, including a long-awaited Retina display.
• AirPods: Water resistance and improved Siri functionality could be on tap.
• iPad Pro: This one feels like a bit more of a crapshoot, all said, but a new iPhone X-style design is likely coming sooner or later.
• AirPower: A year should be enough time, right?

In a fascinating study by researchers at Cardiff University and MIT, we learn that robots can develop prejudices when working together. The robots, which ran inside a teamwork simulator, expressed prejudice against other robots not on their team. In short, write the researchers, “groups of autonomous machines could demonstrate prejudice by simply identifying, copying and learning this behavior from one another.”

To test the theory, researchers ran a simple game in a simulator. The game involved donating to parties outside or inside the robot’s personal group based on reputation as well as donation strategy. They were able to measure the level of prejudice against outsiders. As the simulation ran, they saw a rise in prejudice against outsiders over time.

The researchers found the prejudice was easy to grow in the simulator, a fact that should give us pause as we give robots more autonomy.

“Our simulations show that prejudice is a powerful force of nature and through evolution, it can easily become incentivised in virtual populations, to the detriment of wider connectivity with others. Protection from prejudicial groups can inadvertently lead to individuals forming further prejudicial groups, resulting in a fractured population. Such widespread prejudice is hard to reverse,” said Cardiff University Professor Roger Whitaker. “It is feasible that autonomous machines with the ability to identify with discrimination and copy others could in future be susceptible to prejudicial phenomena that we see in the human population.”

Interestingly, prejudice fell when there were “more distinct subpopulations being present within a population,” an important consideration in human prejudice as well.

“With a greater number of subpopulations, alliances of non-prejudicial groups can cooperate without being exploited. This also diminishes their status as a minority, reducing the susceptibility to prejudice taking hold. However, this also requires circumstances where agents have a higher disposition towards interacting outside of their group,” Professor Whitaker said.

MasterClass, the website that brings celebrity-taught classes to the public, like tennis lessons from Serena Williams and photography instruction from Annie Leibovitz, has raised $80 million to expand internationally.

The Series D funding, led by IVP, will also be used to bring more celebrities to MasterClass. The company currently offers 39 classes, with plans to hit 50 by the end of the year.

In the last year, MasterClass has added a writing class with Margaret Atwood, a comedy lesson from Judd Apatow and more. Co-founder and CEO David Rogier told TechCrunch this morning that he hopes to bring Elon Musk, LinkedIn founder Reid Hoffman and JK Rowling on board soon.

MasterClass’ sales more than doubled from 2016 to 2017 and are on track to do the same this year. That puts the company on pace to match Udacity and Coursera — a pair of edtech heavyweights — in revenue, according to Rogier, who would not disclose MasterClass’ financials but made the comparison. Udacity has said publicly that it increased revenue to $70 million last year, up from $29 million in 2016. Coursera, for its part, is reportedly “within striking distance of $100 million dollars in annual revenue.”

Udacity was founded in 2011 and garnered a $1 billion valuation in 2015. Coursera, founded in 2012, was valued at $800 million last year. Three-year-old MasterClass declined to disclose a valuation.

To thrust itself ahead of its competitors, MasterClass also recently rolled out a new subscription model that allows customers to pay an annual fee of $180 for access to all MasterClass lessons, which are otherwise $90 each. It’s been a huge success so far, counting for 80% of the company’s revenue.

On top of that, MasterClass released its first-ever mobile app this April. Before that, all the company’s growth came from desktop.

“To our investors, that was a shock and a surprise,” Rogier said. “It’s really rare and amazing that you could drive that amount of growth without being on those platforms.”

San Francisco-based MasterClass previously raised $54.5 million in venture capital funding. Rogier says they ultimately decided to raise again once they had the data to show how impactful their classes were for customers.

“One-fourth of our students say that taking these classes transformed their life,” he said.

MasterClass, the website that brings celebrity-taught classes to the public, like tennis lessons from Serena Williams and photography instruction from Annie Leibovitz, has raised $80 million to expand internationally.

The Series D funding, led by IVP, will also be used to bring more celebrities to MasterClass. The company currently offers 39 classes, with plans to hit 50 by the end of the year.

In the last year, MasterClass has added a writing class with Margaret Atwood, a comedy lesson from Judd Apatow and more. Co-founder and CEO David Rogier told TechCrunch this morning that he hopes to bring Elon Musk, LinkedIn founder Reid Hoffman and JK Rowling on board soon.

MasterClass’ sales more than doubled from 2016 to 2017 and are on track to do the same this year. That puts the company on pace to match Udacity and Coursera — a pair of edtech heavyweights — in revenue, according to Rogier, who would not disclose MasterClass’ financials but made the comparison. Udacity has said publicly that it increased revenue to $70 million last year, up from $29 million in 2016. Coursera, for its part, is reportedly “within striking distance of $100 million dollars in annual revenue.”

Udacity was founded in 2011 and garnered a $1 billion valuation in 2015. Coursera, founded in 2012, was valued at $800 million last year. Three-year-old MasterClass declined to disclose a valuation.

To thrust itself ahead of its competitors, MasterClass also recently rolled out a new subscription model that allows customers to pay an annual fee of $180 for access to all MasterClass lessons, which are otherwise $90 each. It’s been a huge success so far, counting for 80% of the company’s revenue.

On top of that, MasterClass released its first-ever mobile app this April. Before that, all the company’s growth came from desktop.

“To our investors, that was a shock and a surprise,” Rogier said. “It’s really rare and amazing that you could drive that amount of growth without being on those platforms.”

San Francisco-based MasterClass previously raised $54.5 million in venture capital funding. Rogier says they ultimately decided to raise again once they had the data to show how impactful their classes were for customers.

“One-fourth of our students say that taking these classes transformed their life,” he said.