Connect with us

Technology

B2B marketplaces, edtech M&A, breaking into the $1M ARR club – TechCrunch

Published

on


I’ve worked at TechCrunch for a little over a year, but this was one of the hardest weeks on the job so far.

Like many people, I’ve been distracted in recent days. As I write this, I have one eye on my keyboard and another on a TV that sporadically broadcasts election results from battleground states. Despite the background noise, I’m completely impressed with the TechCrunch staff; it takes a great deal of focus and energy to set aside the world’s top news story and concentrate on the work at hand.

Monday feels like a distant memory, so here’s an overview of top Extra Crunch stories from the last five days. These articles are only available to members, but you can use discount code ECFriday to save 20% off a one or two-year subscription. Details here.


B2B marketplaces will be the next billion-dollar e-commerce startups

Marketplaces created for B2B activity are surging in popularity. According to one report, transactions in these venues generated around $680 billion in 2018, but that figure is predicted to reach $3.6 trillion by 2024.

The COVID-19 pandemic is helping startups that innovate in areas like payments, financing, insurance and compliance.

Even so, according to Merritt Hummer, a partner at Bain Capital Ventures, “B2B marketplaces cannot simply remain stagnant, serving as simple transactional platforms.”

The startups that are first to market with innovative “adjacent services will emerge as winners in the next few years,” she advises.

Software companies are reporting a pretty good third quarter

For this morning’s edition of The Exchange, Alex Wilhelm interviewed three executives at cloud and SaaS companies to find out how well Q3 2020 has been treating them:

  • Ping CFO Raj Dani
  • JFrog CEO Shlomi Ben Haim
  • BigCommerce CEO Brent Bellm

As one Twitter commenter noted, Alex doesn’t just talk to the best-known tech execs; he reaches out to a wide range of people, and it shows in the quality of his reporting.

Will new SEC equity crowdfunding rules encourage more founders to pass the hat?

New Regulation Crowdfunding guidelines the SEC released this week allow companies to directly raise up to $5 million each year from individual investors, an increase from the previous limit of $1.07 million.

“Life has gotten easier in other ways as well for founders pursuing this fundraising type and the platforms that seek to simplify it,” reports Lucas Matney, who interviewed Wefunder CEO Nicholas Tommarello.

Funding for seed-stage startups slumped 32% last quarter compared to 2019, so “the tide could be turning” for founders who were reluctant to raise from a giant pool of small dollars, Lucas found.

3 tips for SaaS founders hoping to join the $1 million ARR club

Reaching scale is paramount for software companies, so growth is a top priority.

In a guest post for Extra Crunch, Drift CEO David Cancel explains that too many SaaS and cloud companies waste time trying out a number of solutions before finding the right recipe.

“I can tell you that there absolutely is a repeatable process to building a successful SaaS business,” he says, “one that can reliably guide you to product-market fit and then help you quickly scale.”

Implementing a data-driven approach to guarantee fair, equitable and transparent employee pay

Companies that hope to eliminate longstanding inequities in the workplace can’t just rely on doing what they think is right. Without a data-driven approach, subjective judgments and implicit bias tend to negate good intentions.

Many startups don’t hire full-time HR managers until they’ve reached scale, but this comprehensive post lays out several critical factors for creating — and maintaining — a fair pay model.

4 questions as Airbnb’s IPO looms

News broke this week that Airbnb plans to to raise approximately $3 billion in a public filing that would allow it to reach a valuation in the $30 billion range.

Our expert unicorn wrangler Alex Wilhelm says curious investors should ask themselves the following:

  • Will Airbnb be able to show a near-term path to profitability?
  • How high-quality is Airbnb’s revenue after the pandemic?
  • Is there anything lurking in its recent financings that public investors won’t like?
  • Will Airbnb be able to show year-over-year revenue gains?

Starling Bank founder Anne Boden says new book ‘isn’t a memoir’

“People at the end of their career write memoirs,” Starling Bank founder Anne Boden told TechCrunch’s Steve O’Hear. “I’m at the beginning.”

In Boden’s new book, “Banking On It,” she shares the story of how (and why) she decided to found a challenger bank, eventually parting with colleagues who launched competitor Monzo.

“This is really putting down on paper where we are at the moment,” she said. “It’s been written over several years, and I’m hoping to use this to inspire a generation of entrepreneurs.”

Pandemic’s impact disproportionately reduced VC funding for female founders

Natasha Mascarenhas and Alex Wilhelm collaborated on Monday’s edition of The Exchange to report on how investors became less likely to fund female founders since the beginning of the COVID-19 pandemic.

Drawing on data from multiple sources, Alex and Natasha found that startups led by women and mixed-gender founding teams received 48% less VC funding in Q3 2020 than in Q2, even though overall funding bounced back.

“From fear in late Q1, to a middling Q2, to a boom in Q3,” they wrote. “It was an impressive comeback. For some.”

Booming edtech M&A activity brings consolidation to a fragmented sector

Natasha Mascarenhas has owned TechCrunch’s edtech beat since she came aboard at the start of 2020, just a few months before the pandemic led to widespread school closures.

She’s reported on countless funding rounds and interviewed founders and investors who are active in the space, but she recently spotted a new trend: “M&A activity is buzzier than usual.”

4 takeaways from fintech VC in Q3 2020

Alex Wilhelm shrugged off his Election Day distractions long enough to write a column that comprehensively examined fintech investment activity over the last quarter.

In Q3 2020, “60% of all capital raised by financial technology startups came from just 25 rounds worth $100 million or more,” he reports.

Are these mega-rounds funding “the next crop of unicorns?” It’s too early to say, but it’s clear that pandemic-fueled uncertainty is driving consumers into the arms of companies like Robinhood, Chime, Lemonade and Root.

In 1,316 words, Alex captures the state of play in insurtech, banking, wealth management and payments investing: “Now, we just want to see some ******* IPOs.”

New GV partner Terri Burns has a simple investment thesis: Gen Z

Five years ago, Terri Burns was a product manager at Twitter. Today, she’s the first Black woman — and the youngest person — to be promoted to partner at Google Ventures.

In a Q&A with Natasha Mascarenhas, Burns talked about her plans for the new role, as well as her investment thesis.

“I don’t know what it actually means to build a sustainable business and venture is a really great way to sort of learn that,” said Burns.

GV General Partner MG Siegler talks portfolio management and fundraising 6 months into the COVID-19 pandemic

Are founders and investors really leaving Silicon Valley for greener pastures? Now that investors are limited to virtual interactions, are they being more hands-on with their portfolio companies?

In an Extra Crunch Live chat hosted by Darrell Etherington, GV General Partner MG Siegler talked about how the pandemic is — and is not — shaping the way he does business.

“I do feel like things are operating in a pretty streamlined manner, or as much as they can be at this point,” he said.

“But, you know, there’s always going to be some more wildcards — like we’re a week away, today, from the U.S. election.”

Thank you very much for reading Extra Crunch; I hope you have a great weekend.



Source

Advertisement

SUPPORT THE TIMES CLOCK




Technology

New York follows California mandating zero-emissions vehicles by 2035 • TechCrunch

Published

on


All new passenger cars, pickup trucks and SUVs sold in New York state must be zero emissions by 2035, Governor Kathy Hochul announced Thursday.

“By revving up our clean transportation transition and making major investments to make EVs more accessible, we’re supercharging our fight against climate change,” Hochul tweeted.

To reach the 2035 goal, Hochul said 35% of new cars will need to be zero-emission by 2026 and 68% by 2030. New school buses have until 2027 to meet these standards, with the entire fleets required to be zero-emissions by 2035, according to Hochul.

The new legislation, which will require new cars to be either electric or hydrogen, comes a month after California’s Air Resources board voted to also phase out the sale of new gas-powered cars in the state. New York is the second state to make such a mandate, and signals that others will soon follow.

“We had to wait for California to take a step because there’s some federal requirements that California had to go first — that’s the only time we’re letting them go first,” the governor said in a press conference Thursday, according to The Hill.

Per the 1970 Clean Air Act, California was authorized by Congress to set its own emissions standards for vehicles. Other states are allowed to adopt California’s policies, but they can’t implement their own standards. As a result, California has to lead the way for any state-led enforcements of stricter emissions rules.

The governor also announced Thursday a $10 million investment in the state’s Drive Clean Rebate Program. The program offers New Yorkers a rebate of up to $2,000 for the purchase of over 60 electric car models that, coupled with a federal tax rebate of $7,500, could make the switch to electric significantly more affordable. The state has already issued almost 80,000 rebates and spent more than $92 million on the program, the governor said.

“Adopting this program sends a loud and clear message to carmakers that New Yorkers want electric vehicles,” said Leah Meredith, principal at Advanced Energy Economy, a trade association. “With electric vehicles in high demand but currently in short supply, carmakers are prioritizing the states that speak up, and the Governor’s announcement helps ensure that New Yorkers will have the full range of electric vehicle models to choose from. And by increasing the number of new electric vehicles in New York, this program will also quicken the development of a robust market for used electric vehicles.”

Last week, the New York Power Authority announced its 100th high-speed charger installation in the EVolve NY statewide EV charging network. These charging stations can be found along major travel corridors, like from Buffalo to Albany or from the Adirondacks to Long Island. EVolve NY has committed up to $250 million through 2025 to expand its network of chargers.

New York State will also get $175 million from the infrastructure bill’s $5 billion total allocation for EV charging networks across the country, according to Hochul. The governor said the expansion of widely available charging infrastructure will help increase the sale of EVs in the state.



Source

Continue Reading

Technology

‘Virtual ward’ startup Doccla gets Series A injection as it eyes AI tools • TechCrunch

Published

on


Doccla, a Sweden founded but London-headquartered health tech startup that sells a remote patient monitoring platform to hospitals to run so-called ‘virtual wards’, has closed a £15 million (~$17M) Series A funding round a year after raising a $3.3M seed.

The Series A is led by US VC General Catalyst, with participation from funds managed by healthcare investors KHP Ventures (a collaboration between King’s College London, King’s College Hospital NHS Foundation Trust, and Guy’s and St Thomas’ NHS Foundation Trust). Existing investors Giant Ventures, who led the seed round, and Speedinvest also backed the Series A — which sees Chris Bischoff, MD at General Catalyst, joining the board.

General Catalyst is an investor in US remote care health tech unicorn Cadence which also sells a remote monitoring service, so could be seen as a potential competitor to Doccla. Although the (currently) different target markets (US vs Europe) and specific product presentation — we understand Cadence is focused on populations with chronic disease, while Doccla talks in terms of building virtual wards/’Hospital at Home’ — are, evidently, distinct enough to convince the VC firm there’s value in backing both for growth.

Doccla’s growth trajectory must certainly have helped: The 2019-founded startup only launched its remote patient monitoring service during the pandemic but says it’s now present in a fifth (20%) of all Integrated Care Systems (ICS) in the UK, with patient intake from 20+ hospitals. In total it says it’s monitored 50,000+ patients to date. (NB: ICS are a feature of the UK’s National Health Service (NHS) in England — essentially partnerships between relevant organizations and local authorities with the goal of joining up the planning and delivery of health services across their region.)

The startup’s platform allows clinical staff from hospitals to monitor the vital signs of those under treatment remotely (either continuously or intermittently) — freeing up hospital beds for new patients to be admitted by enabling early discharge via at-home monitoring. That’s important because the NHS suffers from a particular low average number of beds per 1,000 people compared to other OECD EU nations, with just 2.4 beds vs the OECD EU average of 4.6 and Germany’s average of 7.9.

It sells an end-to-end remote patient monitoring service which covers provisioning the devices used for monitoring (including pre-configured smartphones with large fonts to improve accessibility for the visually impaired/frail etc; and wearable medical devices to measure a wide range of physiological parameters); and taking care of software integration, logistics and customer service, and tech support for the elderly and non-digital natives — with its pitch being that it differentiates from competitors by significantly reducing the workload on hospital staff.

Doccla says its current clients include a number of NHS trusts across the UK, including Northampton General Hospital, Cambridgeshire Community Services, and Hertfordshire Community Trust.

On the competition front, it name-checks Huma, Current Health, and Docobo as UK rivals — but co-founder Martin Ratz points to three main areas where he argues it’s serving up something “very different”.

“For starters, we are CQC [Care Quality Commission, aka the independent regulatory body for healthcare providers in England] accredited and therefore can take clinical responsibility for patients, reducing the workload for healthcare personnel,” he tells TechCrunch. “We are device agnostic and are not pushing our own device. Finally, our service layer enables us to deliver market leading patient compliance — exceeding 95% across all pathways.”

The Series A funding injection will be ploughed into further developing its tech stack to support the integration of more medical devices into its patient monitoring platform and electronic healthcare record systems; and for data analytics and AI — to “expand clinical capacity and availability” to meet demand for “virtual hospitals that alleviate pressures on healthcare systems”, as it puts it.

Or, put another way, with both beds and doctors in chronically short supply AI-powered efficiencies are the new, transformative tool to enable already stretched-to-breaking point health services to (safely) stretch even further — or that’s the claim.

“In the future, we will be able to cover additional clinical specialties, with an even more advanced level of care as well as logistical improvements of the service delivery,” suggests Ratz.

Asked what Doccla is using AI for, he confirms it’s working on developing predictive alerts that could help clinicians monitor more patients.

“Doccla will use data insights to develop automation and AI for further improvement of service delivery and clinical outcomes,” he tells us. “This will include various support tools for clinicians, such as predictive alerts.”

There are plenty of safety pitfalls here, given — for example — the bias risks around AI if training data is not representative of the patient population, so how Doccla goes about integrating automated alerts and other AI-powered support tools into its platform without compromising patient safety will certainly be one to watch. (Getting regulatory accreditation on such features will also be less straightforward, with more agencies and oversight bodies in play.)

Still, it looks important that Doccla’s investor roster includes a fund with direct links to a number of NHS Trusts.

Image credits: Doccla

On the question of scalability, especially around patient support — which may require a lot of patient one-to-one interactions with tired and/or frail people who may not be accustomed to using connected technology — Ratz says: “Doccla places significant value on our service layer, as it’s crucial to building and scaling a virtual hospital. In particular, new models of care, especially at the intersection with behavioural change, require it. Doccla’s virtual patient support teams, as well as our clinical teams, are highly efficient and enjoy economies of scale.”

Also on the slate for the Series A: Expansion to new European markets and segments, per Ratz. But he won’t be drawn on where exactly it’s eyeing for new launches. “Doccla’s current focus is the UK where we serve a range of customers and our European expansion will be shaped by upcoming public tenders, notably those in larger markets,” he says, adding: “I can say that we’re already in dialogue with significant operators in several countries.”

The funding will also be used for fuelling the startup’s growth by running virtual clinical trials for the pharmaceutical industry, according to Ratz — presumably with the fully informed consent of any patients who agree to sign up to such trials. (Doccla’s current privacy policy states that it will not share users’ personal data — and further claims to “only collect the data that we need to deliver care safely and effectively”.)

The startup’s platform is able to serve a “very diverse range” of patients, from palliative care to pre- and post-surgery patients, says Ratz — although this type of remote care is clearly not suitable for every type of patient (even if you’re going to start throwing AI into the mix).

“The largest patient groups we work with include COPD [Chronic obstructive pulmonary disease] and heart-related health. The applicability of remote care is exceptional however some patient groups — for example, those who require in-person support such highly acute patients or people with dementia — are less suited for remote monitoring,” he says.

Commenting on the Series A funding in a statement, General Catalyst’s Bischoff added: “The virtualisation of hospital wards is a critical step in efficiently expanding health resources and enabling timely, safe transition of care into the home. Doccla has immense potential and is driving real impact by not only providing a much-needed lifeline for overwhelmed hospitals but also improving patient outcomes through remote monitoring. The founders’ vision to drive more digitally-enabled, decentralised healthcare that combines physical and virtual pathways aligns with General Catalyst’s Health Assurance thesis. Importantly, their partnership approach with NHS Trusts echoes our core values of radical collaboration and responsible innovation — innovation that improves society. At General Catalyst, we support companies that bring about powerful, positive change that endures, and we believe Martin, Dag and the team will do just that.”



Source

Continue Reading

Technology

Battery-swapping SPAC Gogoro secures $345M loan • TechCrunch

Published

on


Taiwanese battery-swapping company Gogoro has signed a $345 million five-year credit facility agreement in order to increase liquidity among uncertain economic conditions.

The loan comes from a group of 10 syndicated banks led by Mega International Commercial Bank Co., according to a regulatory filing.

Gogoro will use the funds to pay off an existing facility, secure energy cells for its batteries, support operations in Taiwan and provide working capital as needed, according to a company spokesperson.

The company will have an option to extend the loan for an additional two years and even get a discount if it continues to meet its carbon reduction goals.

The fresh funds come a month after Gogoro released its second-quarter earnings results, which showed a company that is still growing, but is cautious, given market and macroeconomic conditions. Year-over-year Gogoro managed to increase its revenue by 5.3% to $90.7 million; however, the impact of COVID in Taiwan and China caused Gogoro CEO Horace Luke to revise guidance for the full year from $460 million to $500 million down to $380 million to $410 million.

After reaching mid-September highs of $5.55 per share, Gogoro’s stock took a hit last week, which bearish analysts attribute to declining electric scooter sales in Taiwan and disappointing progress in foreign markets. Gogoro is currently trading at $4.10 on Wednesday after market close.

Earlier this month, Gogoro launched its battery-swapping stations and electric scooters in Israel and selected Singapore’s first EV battery swap pilot.

In November last year, the company launched battery-swapping stations in China, operating under the Huan Huan brand, which is a partnership between Gogoro and electric two-wheeler makers Yadea and DCJ. Gogoro also partnered with Hero MotoCorp to launch a battery-swapping network in India, as well as Hero-branded electric two-wheelers based on Gogoro’s technology. Gogoro previously said it plans to launch its first swapping stations in New Delhi by the end of this year, but the company did not respond to TechCrunch’s request for updated guidance.

Gogoro went public via a merger with a special purpose acquisition company (SPAC) in April. The hype for SPACs is dwindling, with less interest coming from the public markets. Now, a range of EV SPACs are struggling with production issues, inflationary pressures and supply chain bottlenecks that are lowering valuations and throwing up hurdles to liquidity. Recently, Nikola and Lucid Motors, two other EV SPACs, said they’d need to raise more cash to bring their vehicles to market.

Gogoro says the fact it was able to raise its borrowing capacity and secure favorable terms and borrowing rates “in today’s credit-cautious environment” is validation that the company’s partners understand and support Gogoro’s vision and ability to grow.



Source

Continue Reading

Technology

Hacker breaches Fast Company systems to send offensive Apple News notifications • TechCrunch

Published

on


U.S. business publication Fast Company has confirmed that a hacker breached its internal systems to send offensive push notifications to Apple News users. 

In a statement, Fast Company said that a threat actor breached the company’s content management system (CMS) on Tuesday, giving them access to the publication’s Apple News account. The hacker used this access to send two “obscene and racist” push notifications to Apple News subscribers, prompting shocked users to post screenshots on Twitter. It’s not clear how many users received the notifications before they were deleted.

“The messages are vile and are not in line with the content and ethos of Fast Company,” Fast Company said. “We are investigating the situation and have shut down FastCompany.com until the situation has been resolved.”

Apple has also addressed the situation in a tweet, confirming that the website has been hacked and that it has suspended Fast Company’s Apple News account.

Fast Company added that Tuesday’s breach follows an “apparently related hack” of FastCompany.com that occurred on Sunday afternoon, which led to similar language appearing on the site’s homepage and other pages. 

“We shut down the site that afternoon and restored it about two hours later,” the company added. “Fast Company regrets that such abhorrent language appeared on our platforms and in Apple News, and we apologize to anyone who saw it before it was taken down.”

Fast Company didn’t share any details about how it was breached and the company wasn’t immediately available to answer our questions. At the time of writing, the Fast Company website loads a “404 Not Found” page.

However, before the website was taken offline, the hacker responsible for the breach, who identifies as “Thrax”, posted an article labeled as sponsored content that detailed how they were able to infiltrate the publication. The message claims that Fast Company had a “ridiculously easy” default password that was used across a number of accounts, including an administrator. This enabled the attacker to access a bunch of sensitive information, including authentication tokens, Apple News API keys, and Amazon Simple Email Service (SES) tokens, allowing the hacker to send emails using any @fastcompany.com email. 

The attacker, in a separate message to a popular hacking forum posted on Sunday, announced they were releasing a database containing 6,737 Fast Company employee records containing employees’ email addresses, password hashes for some of them, and unpublished drafts, among other information.

This same forum has been at the center of the recent Optus breach, which saw threat actors access an unspecified number of customer names, dates of birth, phone numbers, email addresses, physical addresses and identity documents numbers, including driver’s license and passport numbers. So far, the hacker responsible claims to have released 10,200 records.

The Fast Company hacker, who claims to have previously breached photo-sharing website ClickASnap and a self-proclaimed free-speech social network USA Life, said they weren’t able to access customer records as they were likely stored in a separate database.



Source

Continue Reading

Technology

NASA sings ‘I don’t want to miss a thing’ as DART spacecraft strikes asteroid • TechCrunch

Published

on


To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

At TechCrunch, we love being a conduit for everything that happens in the startup ecosystem. This year, there’s been a lot of layoffs, and we got to thinking, how can we help those who are struggling get back into the saddle? Our events team had a great idea: If you got laid off, we are offering a free Expo Pass to TechCrunch Disrupt, no strings attached. Come along, stay on the pulse of what’s happening out in startup land, and say hi to a bunch of the TechCrunch crew to boot. We’ll see you there! — Christine and Haje

The TechCrunch Top 3

  • Arma-gettin outta here: NASA successfully smashed a satellite into an asteroid, Darrell reports. Cool, cool. Don’t worry, this is just in case real life tries to imitate “Armageddon” or “Deep Impact.”
  • Something else you have to clean: Flatfile estimates that data scientists spend a majority of their work time cleansing data, aka getting it ready for use in predictive analysis. It took in $50 million for its approach to automating this dirty task, Kyle reports.
  • Here’s my recruitment link: Ingrid reports that Calendly, the $3 billion+ scheduling startup, is getting into the recruitment game with its acquisition of Prelude, a startup that automates scheduling around job recruitment.

Startups and VC

If you’re reading this, you almost certainly have a complicated relationship with screens. Every year that passes, they become larger and increasingly present in our lives, Brian writes. Meanwhile, we continue to embrace the technology all while complaining about the hold it has on our lives. The Freewrite Alpha boldly asks: Can a small screen be too small?

We last profiled Cake in April when its line of lubricants, condoms, toys and sexual hygiene products made its debut in Target. The company now has five products in store locations as well as Amazon, Thrive Marketplace and UrbanOutfitters.com. Christine reports that the company’s well-lubricated expansion continues this week, with placement in some major retailers, including new space in CVS stores, as it announces $8 million in new Series A funding.

A few more from across the TechCrunch galaxy:

What can the 2000 dot-com crash teach us about the 2022 tech downturn?

Image Credits: Bob Riha Jr. (opens in a new window) / Getty Images

Many entrepreneurs have been encouraged to believe that smooth storytelling and good social skills are enough to convince investors that things are moving according to plan. They are mistaken.

Instead of instinctively going into survival mode, M13 partner Anna Barber says founders should ask themselves existential questions like, “Why did you start this business? What are the fundamentals? Who are your customers? What problem are you solving?”

“At a time like this, trust is more important than ever,” she said, adding that she tells entrepreneurs to stay in close touch, “particularly around bad news.”

Before problems arise and between regularly scheduled meetings, entrepreneurs should get comfortable with asking for help and advice. Reaching out to share an update or ask questions sends a strong signal that you’re not waiting for someone to give you direction.

“Tell them what you need. This is what we’re here for: to roll up our sleeves and help problem-solve with you. Nobody expects any of this to be smooth sailing,” said Barber.

Three more from the TC+ team:

TechCrunch+ is our membership program that helps founders and startup teams get ahead of the pack. You can sign up here. Use code “DC” for a 15% discount on an annual subscription!

Big Tech Inc.

Who would have thought a Roomba that both vacuums and mops would be such a necessity? Duh, iRobot did, and Brian has the skinny on why it exists.

People are unhappy with the state of Instagram these days, and the OG app is out to bring Instagram back to its glory days with features like realigning the feed to the user’s choice and being ad free, Ivan reports.

And we have five more for you:



Source

Continue Reading

Technology

WhatsApp fixes ‘critical’ security bug that put Android phone data at risk • TechCrunch

Published

on


WhatsApp has published details of a “critical”-rated security vulnerability affecting its Android app that could allow attackers to remotely plant malware on a victim’s smartphone during a video call.

Details of the flaw, tracked as CVE-2022-36934 with an assigned severity rating of 9.8 out of 10, is described by WhatsApp as an integer overflow bug. This happens when an app tries to perform a computational process but has no space in its allotted memory, causing the data to spill out and overwrite other parts of the system’s memory with potentially malicious code.

WhatsApp didn’t share any further details about the bug. But security research firm Malwarebytes said in its own technical analysis that the bug is found in a WhatsApp app component called “Video Call Handler,” which if triggered would allow an attacker to take complete control of a victim’s app.

When reached for comment, WhatsApp did not immediately say if it has evidence of active exploitation or if the vulnerabilities were discovered in-house.

The critical-rated memory vulnerability is similar to a 2019 bug, which WhatsApp ultimately blamed on Israeli spyware maker NSO Group in 2019 for using to target 1,400 victims’ phones, including journalists, human rights defenders, and other civilians. The attack leveraged a bug in WhatsApp’s audio calling feature that allowed the caller to plant spyware on a victim’s device, regardless of whether the call was answered.

WhatsApp also disclosed this week details of another vulnerability, CVE-2022-27492, rated “high” in severity at 7.8 out of 10, which could allow hackers to run malicious code on a victim’s iOS device after sending a malicious video file.

“The manipulation with an unknown input leads to a memory corruption vulnerability,” said Pieter Arntz, an intelligence researcher at Malwarebytes. “To exploit this vulnerability, attackers would have to drop a crafted video file on the user’s WhatsApp messenger and convince the user to play it.”

Both flaws are patched in the latest versions of WhatsApp. Update today.



Source

Continue Reading

Technology

Finally, a Roomba that vacuums and mops • TechCrunch

Published

on


IRobot makes robots that vacuum. IRobot makes robots that mop. Other companies make robots that vacuum and mop. So, why doesn’t iRobot? If you had asked the company that question as recently as a few weeks back, you likely would have gotten a stock answer about not doing something until you can do it right.

Obviously the answer is a bit more nuanced. For one thing, iRobot does make a two-in-one — kind of, sort of, at least. Thing is, it’s A) Only available in Europe and B) Apparently it’s not really up to the company’s own exacting standards when it comes to this sort of thing — something co-founder and CEO Colin Angle admitted in a conversation with TechCrunch last week.

Image Credits: irobot

“The customer is very excited about the convenience of a two-in-one robot, so we needed to build one,” the executive says. “But, being iRobot, we needed to actually build one, as opposed to doing it in a way that doesn’t deliver on the promise. Right now, most two-in-one robots are really one-plus-one.” He includes the aforementioned Roomba in that list.

The other interesting wrinkle in all of this is iRobot’s long history with mopping robots. The Scooba line dates back to 2006. The product was essentially a Roomba that swapped the debris bag for clean and dirty water tanks. It was discontinued after a decade, following iRobot’s acquisition of Evolution Robotics. That company’s Mint robot, which used a pad to clean floors, eventually became Braava.

Image Credits: iRobot

Today, iRobot announced the Roomba Combo j7+, the first Roomba (with that one notable exception) to bring two-in-one mopping and vacuuming to the popular product line. As suggested by the lengthy name, the new offering is based on the same hardware as the standard j7. The “+” refers to the emptying dock, while the “Combo” is a reference to the mopping functionality. Given the naming convention, it seems like the “Combo” feature will be coming to additional entries in the Roomba line, down the road.

The mopping functionality utilizes an arm that lowers a Braava-style pad to the floor and lifts up and lays flush on the top of the robot for safe stowage — and to avoid dragging the mop on the carpet. Among other things, the system’s on-board intelligence is able to distinguish carpeting/rugs from hardwood/tile/linoleum.

Image Credits: iRobot

The robot’s footprint is a bit larger than the standard j7, in part to afford extra space for the water tank. At the moment, the dock is not able to automatically empty the tank, as it does the vacuum bin, though that appears to be something the company is working on.

As you’ve no-doubt guessed, none of this comes cheap. The Combo j7+ goes up for preorder today, priced at $1,099. It starts shipping October 4, and will also be made available without the bin + bundle.



Source

Continue Reading

Trending