Category: UNCATEGORIZED

Microsoft has warned Windows users to install an “emergency” out-of-band security patch.

The software giant said in an advisory that a security flaw in some versions of Internet Explorer could allow an attacker to remotely run malicious code on an affected device. A user could be stealthily infected by visiting a malicious web page or by being tricked into clicking on a link in an email.

“An attacker who successfully exploited the vulnerability could take control of an affected system,” said Microsoft.

Microsoft said the vulnerability was under active exploitation, though details of the flaw had not been made public.

More than 7 percent of all browser users are running affected versions of Internet Explorer 9, 10 and 11, according to recent data. All supported versions of Windows are affected, including Windows 7, Windows 8.1 and Windows 10, as well as several Windows Server versions.

Most users can install the patches using Windows Update.

Microsoft also issued a fix for its in-built malware scanner Windows Defender, which if exploited could have triggered a denial-of-service condition resulting in the app failing to work.

The company said no action was required by users to remediate the bug in Windows Defender.

It’s rare but not unheard of for Microsoft to release emergency security patches outside of its typical monthly patching cycle. The company typically releases security fixes in the second week of each month on its so-called Patch Tuesday, but will also release fixes for significant vulnerabilities under active exploitation as soon as they are made available.

Homeland Security warned in its own advisory urging affected users to install the patches.

Boston Dynamics has been teaching its old bots new tricks – Atlas, its humanoid robot that walks on two legs, can now do a surprisingly elegant gymnastics routine, tumbling into a handstand, followed by cartwheels and including a jump twist. This level of athleticism (can a robot express ‘athleticism’?) is incredibly impressive, given that this is a 330 lb robot that could “barely walk” in 2013 when the prototype was first developed.

Atlas’ movement in this routine is at once incredibly human-like, and also something beyond human – especially when it turtles in preparation for its first somersault. This isn’t the first time that Atlas has displayed parkour skills, but Boston Dynamics says that it is using new techniques to make the process of programming these maneuvers much easier, by translating descriptions of the moved involved into motions that the robot can actually manage given its mobility limitations automatically using a newly developed optimization algorithm.

This allows them to create new routines much faster than was possible previously, and it’s able to complete the routine as intended around 80 percent of the time – pretty good odds, even for a human gymnast.

Spotify this morning is rolling out an updated version of its app for artists, across both iOS and Android. The new app includes a refreshed design, as well as new analytics like real-time stats on how many plays a song is currently getting around the world, most notably. Educational materials are also for the first time available through the app’s new Home tab.

Launched two years ago, the Spotify app already offers a way to see real-time listening stats for new releases for the first week they go live. Now it’s expanding its listening stats so artists can see how many people are playing any of their songs right now, and compare that with the song’s all-time streams.

It’s also now easier to track important milestones in the revamped app, Spotify says — like when a song gets added to a playlist or the artist gains new followers.

From the Home tab, Spotify will offer more recommendations on how to best use its tools and promote its Co.Lab events.

Here, artists will be able to read articles, watch videos and presentations, get advice from successful artists, learn about product updates, and more.

The audience analytics and music sections have also gotten a visual refresh, designed to make it easier to see the latest stats related to who’s listening, where, and what similar artists these fans like.

And in a much-needed addition, artists or their managers can now update the artist’s profile in the app, including the ability to pick a new profile photo, rewrite the bio, update playlists and the Artist’s Pick directly from the Artists page in the app.

For those who are managing multiple artists, it’s now easier to switch between profiles.

The update to the Spotify for Artists app is one of the more significant to a arrive since the analytics dashboard moved to mobile back in 2017. And with the standout feature of real-time listening stats for any song at any time, the app is even more of a competitor to Apple’s artist dashboard, which just exited beta last month with the addition of Shazam data.

Spotify says the new app is rolling out this week across both iOS and Android.

Paperspace has always had a firm focus on data science teams building machine models, offering them access to GPUs in the cloud, but the company has had broader ambition beyond providing pure infrastructure, and today it announced a new set of tools to help these teams pass the model off to developers and operations in a smoother way.

Co-founder and CEO Dillon Erb says this an attempt to provide a full tool set for data scientists and developers, beyond providing pure GPU power to test and build the models. “Machine learning teams do a lot of GPU work — and as you know, we’ve been working with GPUs for a number of years now, and that’s one of our specialties. Now what we’re doing is taking a kind of agile methodology approach or CI/CD (continuous integration/continuous delivery) for machine learning, and using that to solve much larger scale [machine learning] problems,” Erb said.

As the company describes it, “The new release introduces GradientCI, the industry’s first comprehensive CI/CD engine for building, training and deploying deep learning models…” Erb says the goal is to provide a way to take the model built on top of Paperspace and put it to work in the company faster. Teams often lose time after the model is built because there is no good way to pass the model onto the DevOps team to use in applications.

“GradientCI lets you do things like set up staging development production environments, and provide a common interface between your data team and your DevOps team. This is about taking software development best practices, and applying that to this relatively new universe of training and deploying machine learning models,” Erb explained.

He says that up until now, there hasn’t been a way to do this, and this has led to the development team doing things like completely rewriting the model in Java or whatever their production environment is to make it work inside their applications. “It’s been a really clunky handoff, and where we do a really good job is adding things like version control and reproducibility and a common kind of syntax, so that the traditional DevOps guys can actually pick up and deploy the machine learning tool stacks without being a deep learning expert,” Erb explained.

Paperspace was founded in 2014, and was a member of the Y Combinator Winter 2015 class. Since then, it has raised $23 million from investors such as Battery Ventures, Intel Capital, SineWave Ventures, Sorenson Capital and Y Combinator, according to Crunchbase. It’s most recent financing was $13 million Series A last year.

PagerDuty, the service that helps everybody from startups to enterprises manage incidents when they inevitably arise, today announced the launch of two new features that both use the company’s machine learning smarts to help teams respond to issues faster and more efficiently.

The first of these services is Intelligent Triage, which is part of the company’s overall Event Intelligence product. The idea here is to ensure that operations teams can solve issues faster. Previously, PageDuty was already able to group alerts by type, but that was based on real-time data and without historical context. With Intelligent Triage, the service can use historical data to match what it knows about previous issues and how they were solved to a current issue, and then smartly group those issues so different teams inside a company don’t get multiple alerts from related issues but instead get actionable data on what is happening and which teams and services are affected.

“The problem we’re solving with Intelligent Triage, is all around ensuring that when one team is brought in to start addressing [an issue], they can now have visibility into other teams around them that may be working on related issues,” PagerDuty SVP of Product Jonathan Rende told me. “So other parts of the business, other parts of the teams now have this kind of broader view.”

Ideally, this will help companies pull together the right people faster and minimize downtime. Indeed, the company argues that for some companies, this new triage tool can bring the average response time down from 80 minutes to 15 minutes.

In addition to Intelligent Triage, PagerDuty is also launching Intelligent Dashboards, which is part of the company’s analytics product. Rende noted that Intelligent Dashboards builds on top of the reports the service already generates to help companies understand the impact that outages and incidents have on their business (and their teams). The dashboards take this a step further by taking all of the real-time data from PagerDuty and adding a recommendation engine on top of that. “We’re not looking at the trending data for all teams and we’re making intelligent recommendations to teams on how they can mature and improve their processes,” he said. “This is really important as teams are trying to be more effective, grow their DevOps practices, but also protects the company’s revenue, protect customer experience and be able to share that with management across the organization.”

The dashboards also feature benchmarks that compare different teams inside an organization, as well as other organizations inside the same vertical.

Like other companies with access to copious amounts of data, PagerDuty, too, is clearly betting on using machine learning to solve some of its customers’ problems. “We’re making use of our data,” Rende said. “We have over 12,000 customers today and we had those customers for going on ten years, so when you look at some of the things around our intelligent dashboards, we’re pulling in that data and leverage it to help organizations mature in their transformation, in their digital journeys.”

In addition to Intelligent Triage and Dashboards, the company also today announced new integrations and partnerships with Zendesk and Salesforce Service Cloud. There’s no AI wizardry here, but instead, the focus is on giving customer service agents access to incident data so when customers call, the customer service teams can be aware of issues and provide updates without having to directly talk to the engineering team that is likely hard at work trying to restore service.

London’s transport regulator, TfL, has given Uber a temporary reprieve to continue operating in the UK capital.

The ride-hailing giant’s current (provisional) licence expires tomorrow but there’s no return to normality for Uber in its most important European city — with TfL issuing just a two-month extension on its private hire vehicle licence — not a full five-year term, as Uber had hoped.

The backstory here is TfL’s decision two years ago to deny Uber’s application to renew its licence — when it raised a range of safety and corporate governance issues.

The then scandal-struck company was nonetheless allowed to continue operating in London during an appeal process.

Uber went on to claim it was making changes to improve its processes and come into compliance with the regulator’s requirements. And in June 2018 a UK court granted it a provisional 15-month licence so it could continue to work on satisfying TfL’s conditions.

But the latest short leash extension puts the company on watch again.

TfL says the extension has the same conditions Uber has been subject to over the past 15 months, as well as some new conditions “to ensure passenger safety” which it says cover ride sharing, appropriate insurance and driver document checks by Uber.

Last year the court attached a number of extra conditions to Uber’s provisional licence to operate, including that the company produce an independently verified assurance report every six months; appoint three non-executive directors to its board; provide at least 28 days notice for changes to its operating model; and maintain arrangements with London’s Met Police for the reporting of passenger complaints that may be criminal — all of which still apply.

The regulator adds that it’s requesting additional material from Uber to inform any future licensing decision — emphasizing that its original concern included culture and governance issues.

“Uber London Limited has been granted a two-month private hire operator licence to allow for scrutiny of additional information that we are requesting ahead of consideration of any potential further licensing application,” a TfL spokesperson said in a statement.

In a statement responding to TfL’s decision, Jamie Heywood, Uber’s regional general manager for Northern & Eastern Europe, sought to put a positive spin on not being knocked back entirely.

“TfL’s recognition of our improved culture and governance reflects the progress we have made in London. We will continue to work closely with TfL and provide any additional requested information,” he said.

“Over the past two years, we’ve launched a range of new safety features in the app, introduced better protections for drivers and our Clean Air Plan is helping to tackle air pollution. We will keep listening, learning and improving to provide the best service while being a trusted partner to London.”

Among the changes Uber claims to have made since the regulator stepped in and slapped down its licence renewal, are a new senior leadership team in the UK; limits to operating hours for drivers, with a log-out required at 10 hours; a 24/7 support centre staffed by trained agents to handle driver and rider safety queries; a free insurance product for drivers and a dedicated forum where they can share feedback; various safety alerts and privacy tweaks; and real-time public transport information shown within the app.

Uber also says it’s an “ambition” that every car on its app in London is fully electric in 2025 — saying it’s raised £50M to put towards helping licensed drivers upgrade to a fully electric vehicle.

There are major question marks about the rising costs of doing business for Uber as regulatory and legal requirements dial up around the world — including in the US.

Earlier this month California passed gig economy workers rights legislation that could see Uber on the hook for wage and benefit protections in its home market. While, in the UK, the company has continued to lose appeals against a successful legal challenge over drivers rights back in 2016.

Uber’s own investor prospectus warned potential shareholders the company may never be profitable.

Back in 2017, Tulip raised a $13 million Series A, with help from NEA, Pitango Venture Capital and a handful of investors who were already on board for its seed round. Now the Somerville, Mass. startup is back with a Series B that’s three times that.

Germany tool maker DMG MORI has joined the ranks for a $39.5 million round along with the aforementioned names and Vertex Ventures. This latest round finds the manufacturing software company looking to grow its presence among small and medium enterprise businesses in Europe, the Middle East, Africa and Asia.

Tulip has gained a fair bit of notice in recent years for its manufacturing app platform that requires no coding. As part of the deal, DMG MORI announced a partnership with the startup that finds it looking to use Tulip’s apps to help automate assembly, training and quality control.

“We are proud of our new alliance. After all, digitization is human-centered. With the no-code platform, employees can autonomously create manufacturing apps,” DMG MORI chairman Christian Thönes said in a release tied to the news. “Tulip is the ideal entry into digitization mainly for our medium-sized customers.”

The partnership also finds Tulip opening an office in Munich, to help support European growth.

Cycode, an Israeli security company that aims to protect enterprises’ source code, today announced that it has raised a $4.6 million seed led by YL Ventures. Among others, Andy Grolnick, the former president and CEO of LogRhythm, Justin Somaini, the former CSO of SAP, and Eyal Gruner, the founder and CEO of Cynet, also participated.

The co-founders, Lior Levy (CEO) and Ronen Slavin (CTO) argue that for most companies, source code protection remains a gap in their security posture. “We’ve seen many different security products and we came to the conclusion that current security controls and tools are just not good enough at security and protecting source code,” Levy told me. He argues that unlike with a lot of other intellectual property, you can’t just put source code in an encrypted database and enforce access roles. Source code, after all, tends to live in a lot of different places, making standard access control techniques much harder to apply.

Cycode co-founders Lior Levy and Ronen Slavin

Cycode then connects to different services where the source code sits, including the likes of GitHub and Bitbucket, and then tries to understand how the organization uses that code. It provides visibility into how was access to the code, how that access is used, and then automatically monitors the movement of the code while it’s looks for any anomalous behavior. The service also scans for leaks of the code across public and dark web sites.

“When Lior and Ronen approached us about this significant security gap and outlined the way many security teams were running blind to this risk, we were immediately compelled to invest in their pioneering solution to resolve it,” said Yoav Leitersdorf, managing partner at YL Ventures, who led the Cycode funding round. “Cycode’s platform is the exact type of product needed to solve this unaddressed and growing problem.”

The company currently has six employees, but as Levy told me, the plan is to use the new funding to expand to 20 employees soon and to open an office in the U.S. that will focus on sales and marketing.

Right now, the company is focusing mostly on large enterprise customers, but Levy tells me that that’s not the only market Cycode is going after, but for its initial customer base, the team is going after these large companies. He did note, though, that for most startups, security is often not the main concern (though maybe it should be?). “We feel that large enterprises feel the pain harder,” Levy said. “First of all, because of the fragmentation of the several source code management systems [they use], and secondly, because they really care about it and they really don’t see any solutions that answers all their needs on the market.”

Cycode is currently in limited availability but the team expects that the service will be generally available in 2020.

Adobe today announced that Fresco (previously also known under its codename Project Gemini), it’s long-awaited next-generation drawing and painting app, is now available on the iPad. If you’re a Creative Cloud subscriber, you should be able to download it right now, but unlike some of Adobe’s other products, Fresco will also come in a free version that has some limitations, but should still give you access to the overall experience of using the app. You’ll also be able to purchase Fresco as a stand-alone app.

As Adobe’s Kyle Webster notes, one of the areas the team really focused on was the variety of brushes that are available in the app, including all of your favorite Photoshop brushes. Given that Webster sold his company KylesBrushes to Adobe in 2017, that doesn’t come as a surprise. Similarly, the fact that Fresco makes good use of the Apple Pencil is very much expected.

The highlight of Fresco, though, is Adobe’s Live Brushes, which can recreate the feeling of painting with oils and watercolors. These brushes — and the way they interact with the virtual paper — are powered by some of the company AI smarts, courtesy of its Sensei platform.

In addition to oil and watercolor, Fresco also features vector brushes. Since Adobe already offers a vector drawing app in the form of Adobe Illustrator, you’ll also be able to use Fresco to create a first draft of your drawing and then take it to Illustrator to finish it up.

The iPad app is out now. Android and Windows users will have to wait a little bit longer.

Fivetran, a startup that helps companies move data from disparate repositories to data warehouses, announced $44 million Series B financing today, less than a year after collecting a $15 million Series A round.

Andreessen Horowitz (A16Z) led the round with participation from existing investors Matrix Partners and CEAS Investments. As part of the deal, Martin Casado from A16Z will join the Fivetran board. Today’s investment brings the total raised to over $59 million, according to Crunchbase.

Company co-founder and CEO George Frasier said they raised a little sooner than expected, but they needed a cash infusion to keep up with the steady growth they have been seeing. He said the company also wanted to get the funding done while the capital markets were still strong. “If we wait four months or six months, the terms are not going to be that much better — and, who knows, there could be a recession. You never know how long the sun shines, and we had interest from some really good firms that we liked, and that’s a big factor too obviously.” he said.

He added that it’s not purely an economic decision. “We’re really happy with where we landed with Martin [Casado] joining the board and Andreessen Horowitz on the cap table, but [the economic outlook] was definitely part of our calculus.”

And Casado is happy to have invested in Fivetran. Writing in a blog post today about the investment, he sees a company that’s solving a big problem in a modern context. “Fivetran is a SaaS service that connects to the critical data sources in an organization, pulls and processes all the data, and then dumps it into a warehouse (e.g., Snowflake, BigQuery or RedShift) for SQL access and further transformations, if needed. If data is the new oil, then Fivetran is the pipes that get it from the source to the refinery,” he wrote.

He said that the company already has over 750 customers and A16Z is included among them. It certainly doesn’t hurt when your lead investor uses your product.

The company was founded in 2012 and has been growing steadily. Last year it 80 employees at the time of its Series A and today it has 175. Frasier expects that to double again over the next year, and it’s all driven by business needs. He says that over the last 12 months revenue has grown 3x.

With 150 connectors today, the company wants to continue to expand its array of data connection tools and cover more data requirements. But he says the connectors are complicated and that will take an investment in more engineering talent. Today’s announcement should help in that regard.