Cybercriminals attacks users with 400,000 new malicious files daily: Kaspersky

Kaspersky’s security systems reportedly discovered an average of 400,000 new malicious files distributed every day over the past 10 months, indicating a 5% increase compared to the previous year. The number of certain types of threats also rose, with Kaspersky experts reporting a 181% increase in the proportion of ransomware detected daily. These findings are part of Kaspersky’s annual Security Bulletin, which offers predictions and analytical reports on key shifts within the cybersecurity industry. In total, Kaspersky’s systems detected approximately 122 million malicious files in 2022, 6 million more than in the previous year.

How to respond when a VC asks about your startup’s valuation

There is one trick question that investors almost always ask, and it’s guaranteed to make founders uneasy: “What are your expectations surrounding valuation?”

For most founders, it’s the perennial Goldilocks scenario. Throwing out a number that’s too high might push investors away, while an amount that’s too low might trigger the question, “Why so low? What’s wrong with this business?” and leave shareholder value on the table.

And if it’s just right, most investor’s knee-jerk response goes something like this: “Let’s see how much I can work this founder down to a better price.”

Founders are at a distinct disadvantage in the valuation game. By design, investors play this game far better than most founders ever will — a VC might do multiple deals in a quarter, but a founder might approach markets only once every couple of years.

So, instead of having to throw out specific numbers that will inevitably be challenged, here’s a solution:

Don’t throw out a number

The more you seek to understand your investors’ thoughts on deal-making, the better you’ll be at getting to that deal.

The most confident (and valuable) founder response to the infamous valuation question starts with: “We’re letting the market price this round.”

When delivered correctly, it implies you’re taking offers, you aren’t desperate and you’re confident you’ll close a deal at acceptable terms.

But if that’s all you say, you’re in trouble because it can also be interpreted as “We don’t have a clue” or “We’ll take what we’re given.” After all, you need to give a baseline indication of your expectations if you actually want to close a deal.

Jay Levy, co-founder and managing partner of Zelkova Ventures, explains, “When speaking with VCs, founders should give some indication of their valuation expectations coming into the conversation. It’s important to know that everyone is on the same page, because it would be painful and unfortunate for everyone to advance toward a term sheet only to realize that expectations are misaligned.”

Gather your valuation data points

To substantiate your market-based valuation approach, you have to begin early. Start by pre-pitching the investors for your next round to gather valuation data points and have low-stakes conversations to build in the presumption that “we’re probably too early for you, but in 12-15 months, we’ll most likely be a great fit.” In these chats, always ask how they might approach valuing your company when the time would be right (i.e., in your next round, 12-15 months from now).

How to respond when a VC asks about your startup’s valuation by Ram Iyer originally published on TechCrunch

CommonSpirit Health says patient data was stolen during ransomware attack

Chicago-based medical giant CommonSpirit Health has confirmed that an October ransomware attack exposed the personal data of more than 620,000 patients.

CommonSpirit Health, which operates more than 700 care sites and 142 hospitals in 21 states, first confirmed an “IT security issue” on October 5. At the time, the company declined to comment on the nature of the incident, which interrupted access to electronic health records and delayed patient care in multiple regions, and refused to say whether patient information or health data was compromised.

In a December update, CommonSpirit confirmed that the incident was a ransomware attack. The organization said that threat actors gained access to portions of its network between September 16 and October 3 and, during that time, “may have gained access to certain files, including files that contained personal information” belonging to patients who received care or family members of those who received care at Franciscan Health, a 12-hospital affiliate of CommonSpirit Health.

CommonSpirit notes that while its investigation is ongoing, this data includes names, addresses, phone numbers, dates of birth and unique ID numbers used internally by the organization. The company said that attackers did not access medical record numbers of insurance IDs, and says it has seen no evidence that any personal information has been misused as a result of the attack.

The update doesn’t say how many users were impacted by the data breach. However, as first spotted by Bleeping Computer, the U.S. Department of Health data breach portal – where healthcare organizations are legally obligated to report data breaches impacting over 500 individuals –confirms that threat actors accessed the personal data of 623,774 patients during the CommonSpirit ransomware attack.

“Upon discovering the ransomware attack, CommonSpirit quickly mobilized to protect its systems, contain the incident, begin an investigation, and maintain continuity of care,” the company’s updated notice states. “CommonSpirit notified law enforcement and is supporting their ongoing investigation. Once secured, systems were returned to the network with additional security and monitoring tools.”

The company has not yet attributed the attack to a particular ransomware group, and CommonSpirit spokesperson Chad Burns did not immediately respond to our request for comment. TechCrunch has checked the dark leak websites of several major ransomware groups, but none appear to have yet claimed responsibility for the attack.

At least 15 U.S. health systems operating 61 hospitals across the country have been impacted by ransomware so far in 2022, according to Brett Callow, threat analyst at Emsisoft. In at least 12 of these incidents, sensitive data, including personal health information was compromised.

CommonSpirit Health says patient data was stolen during ransomware attack by Carly Page originally published on TechCrunch

Primer, the UK e-commerce tech startup, has laid off one-third of its staff

Primer, a U.K. startup founded by alums of Braintree and PayPal that provides a drag-and-drop framework for merchants to build online payment stacks, last year raised $50 million at a $425 million valuation from investors like ICONIQ, Accel, Balderton Capital and Seedcamp– a round the came amid a bullish period for e-commerce, with record-levels of buying activity in the midst of the Covid-19 pandemic. This year, that activity has cooled down, and so have things at this e-commerce startup. TechCrunch has learned and confirmed that Primer has cut a big swathe of its staff as part of a restructuring, as it looks to adjust to current market conditions and extend its runway amid what many believe will be a tough year ahead.

Sources tell us that some 85 staff have been let go — around one-third of the company, we understand.

“We can confirm that we did have a reduction in staff,” a spokesperson said. “Like many other firms right now, we have course-corrected heading into the new year given the economic environment and we have taken what we think are appropriate steps to account for the uncertain times ahead.”

The story of what is going on here bears spelling out because the same thing is likely hitting a number of startups (and bigger companies) in the industry.

The long and short of it is that the wider e-commerce market has seen a major drop in activity this year as the peak of the Covid-19 pandemic — or at least the acute response that involved masking, social distancing and staying away from crowded physical spaces — has subsided. That activity was not what many had predicted: many had presumed that after large numbers of people had shifted to buying online, they would “never go back” to the old way of doing things.

That hasn’t played out: people are going back to shopping in stores, but more importantly, the global economy has cooled down, inflation has gone up, and people are spending less. So companies that expanded to meet demand are now retrenching.

That has led to layoffs and restructuring even at some of the very biggest companies in the space that you might have thought would be best equipped to handle economic ups and downs. Amazon, for example, warned in its last quarterly earnings that sales would be lower than originally expected in the critical holiday period. It has been cutting thousands of employees and rationalizing some of its most costly product areas.

You may have recently seen that some of the gloomiest predictions were not borne out during the bellwether Black Friday and subsequent first weekend of holiday sales. But a good part of that activity has been attributed to retailers offering large discounts to spur buying, so margins will be hit longer term.

This is not just playing out at larger end of the retail market: smaller sellers and the many providers of tech to the industry will also be feeling the drop.

Primer’s unique selling point is that it has built a very simple, no-code interface that reduces what is usually a very complicated, fragmented process — building a payments stack and flow around online purchasing, which includes not just the basic transaction but potentially different payment options, adding in loyalty or discount codes, upselling to other products, managing customer information, verifying against fraud and much more — into a set of drag and drop boxes for its customers both to call in more features and visualize how they would work together. It offers integrations for dozens of different services, underscoring just how fragmented the space is.

“We are building out a whole suite in the next year to aid merchants with operations and the observability of the payment stack,” said Paul Anthony, Prime’s co-founder and CEO, in an interview with TechCrunch last year.

However, a source tells us that while the process was seamless to order up, implementing it was not quite as automatic and quick.

“They are signing merchants but getting them live is a long process,” they said. “They do not generate revenue until they are live. Hence, they reduced teams until they solve this bottleneck.”

Given the pressures many startups are seeing with fundraising right now, the first thing to do is not to raise more money to extend runway, but to cut costs to extend what you already have in the bank, and that’s what Primer has done here. Sources tell us that Primer’s aim with this restructuring is to extend its runway to more than two years (which it believes it has done). Its plan now is to continue investing in product with expansions on that front planned for next year.

As in any downturn, there is an argument to be made for more automation in any process to cut down costs and — especially in the case of e-commerce — put more efficient tech in place to speed up and close more sales. But that only stands if the tech is up to the challenge, and if target customers are in a position to invest in improvements themselves. That’s the opportunity but also curse of working in any ecosystem.

Primer’s aim is to come out as one of the helpers (and winners) in that process.

“Given the challenging economic environment, we believe Primer is more valuable to merchants and partners than ever before as they look to increase efficiency within their organisations, lower costs, build greater customer loyalty, and launch in new markets – and do this in a no-code/automated fashion,” the spokesperson said. “While these are always difficult decisions to make, we feel confident this recalibration will not affect the level of service we offer to our current and prospective merchants and partners.”

Primer, the UK e-commerce tech startup, has laid off one-third of its staff by Ingrid Lunden originally published on TechCrunch

Amid growing concerns from third-party developers, Twitter shuts down Toolbox and other projects

Historically, Twitter has had a tumultuous relationship with the third-party developer community. But in the last few years, the company has tried to appease the developer community with projects like a new API release and the ‘Twitter Toolbox’ collection to highlight some of the projects.

However, under Elon Musk’s management, some of these programs are closing down — starting with Twitter Toolbox. According to multiple developers in the know, Twitter sent an email earlier this week saying the Toolbox program is shutting down next week — a copy of which has been seen by TechCrunch.

“Thank you for being part of the Twitter Toolbox pilot program. We’ve made a difficult decision to sunset Twitter Toolbox, effective 12/15/2022,” the email reads.

Twitter debuted the program earlier this year to promote certain apps directly on users’ feeds at a relevant moment. These apps included scheduling and thread maker/reader apps like Typefully, Chirr App, Thread Reader and Buffer; safety tools like Blockparty and Bodyguard; and measurement and analytics tools like silo,Blackmagic.so,Direcon Inc.,FollowerwonkandTweepsmap.

Amir Shevat, Twitter’s head of Product for its developer platform at that time, also told TechCrunch that the social network was also contemplating building an app store for third-party apps.

Twitter tiles pilot shutdown

In August, Twitter announced a test for ’tiles’ — the new version of Twitter cards — that allowed publishers and developers to include customized formats with a tweet. The idea was that when someone posted a URL, a format like an image, text, a video or a button will render automatically — just like Twitter cards.

Today we’re beginning to test Tweet Tiles with @nytimes, @wsj and @guardian. Tweet Tiles will let developers extend the Tweet experience and will pave future innovation for our @TwitterDev developer community https://t.co/LDyExFq4b1 pic.twitter.com/mKeU87jNIv

— Amir Shevat (@ashevat) August 25, 2022

The company is pausing that project as well. According to an email sent to a developer, Twitter might consider revisiting the concept next year.

“We’ve concluded the best path at this time is to pull back from this pilot and pause broader experimentation efforts related to Tweet Tiles. We still believe this product concept can offer value to our users and developers like you. We’ll continue to consider this work as we undergo 2023 planning and may opt to revisit it next year,” the company said in an email.

Twitter Developer Insider program

Last year, Twitter introduced the Developer Insider program last year to gather direct feedback about products and APIs. While the program is not deprecated yet, folks who are part of it haven’t heard from Twitter for a while.

Terence Eden, a developer who was part of the program, said that insiders worked on many projects including labeling useful bots and testing out conversation APIs. He said that the dev team was working on improving the search and expanding OAuth scopes so developers can get better access to certain parts of Twitter.

Eden and another developer, Somraj Saha, told TechCrunch that after Musk took over, activity inside the Developer Insider Slack group slumped as program managers started to leave the company. Saha said the group hasn’t seen updates from Twitter folks since the third week of November. So while there’s no official announcement from Twitter, the program is good as dead in its current avatar.

Future of APIs and developer relations

Days after Musk took over, Twitter canceled its much-anticipated Chirp conference, which was scheduled to take place after almost a decade.

After that, devs have heard nothing or little from the Twitter team. Many tools built around Twitter are already expanding their support for different platforms like LinkedIn and Mastodon. Developers of third-party Twitter clients like Tweetbot and Aviary are developing Mastodon clients to cater to the growing popularity of the network.

Typefully, a Twitter thread-making app backed by Ev Williams, told TechCrunch that it is planning to extend LinkedIn support to its users. The company recently debuted an AI-powered bot that helps you write better threads. It is also planning to improve the bot so that it can make LinkedIn posts better.

Introducing: Vesper

It’s a smart AI writing partner that can:

• Rewrite in different styles
• Give personalized tweet ideas
• Continue writing when you’re stuck
• Give comments to improve your tweets

Try it now → https://t.co/LYP58H7NY3 pic.twitter.com/Wv1qSQaTlG

— Typefully (@typefully) November 17, 2022

Chirr App, another scheduler, recently mentioned that it plans to continue support for Twitter and add features along the way. But it is open to adding connections to more platforms and it’s already working on a Mastodon integration. Bodyguard, a content moderation tool, said that they are looking to add integrations to TikTok and Discord soon. Charles Cohen, the company’s co-founder, also told TechCrunch, that it’s considering scaling back Twitter-related development.

Developers TechCrunch talked with had varied opinions and concerns about Twitter’s developer relations and the future of its API. Most of them — including the ones on Twitter’s developer forum — are currently worried about not having a clear roadmap about the company’s programs related to third-party developers. A lot of them told us that it’s become hard to contact Twitter about development-related queries as the developer relation team has lost a lot of members.

While Musk has emphasized on an engineering-led approach for Twitter, he has been mostly silent about the developer ecosystem. It would be a shame if the company’s work over the past few years to repair the relationship with developers goes to waste.

You can contact this reporter on Signal and WhatsApp at +91 816-951-8403 orim@ivanmehta.comby email.

Amid growing concerns from third-party developers, Twitter shuts down Toolbox and other projects by Ivan Mehta originally published on TechCrunch

Pin It on Pinterest