Tech News

Hackers backed by the Iranian government targeted human rights activists, journalists, diplomats and politicians working in the Middle East during an ongoing social engineering and credential phishing campaign, according to Human Rights Watch.

In an analysis published on Monday, Human Rights Watch said it had attributed the espionage campaign to APT42, an Iran-backed hacking group first identified by cybersecurity firm Mandiant in September. Mandiant said APT42 – also referred to as TA453, Phosphorus and Charming Kitten – supports Iran’s Islamic Revolutionary Guard Corps intelligence collection efforts and has launched over 30 confirmed operations against various non-profit, education and government targets globally since 2015.

Human Rights Watch said it first became aware of APT42’s latest espionage campaign after one of its employees received suspicious messages on WhatsApp from someone pretending to work for a think tank based in Lebanon. The advocacy group found that a link included in the message directed the target to a fake login page that captured their email password and multi-factor authentication code.

In its analysis, conducted alongside Amnesty International’s Security Lab, Human Rights Watch identified 18 additional victims who had been targeted as part of the same campaign, and 15 of these targets confirmed that they had received the same WhatsApp messages between September 15 and November 25. On November 23, a second Human Rights Watch staff member received the same WhatsApp messages from the same number that contacted other targets.

For the three people whose accounts were known to be compromised — a correspondent for a major U.S. newspaper, a women’s rights defender based in the Gulf region, and an advocacy consultant for Refugees International based in Lebanon — the attackers gained access to emails, cloud storage drives, contacts and calendars. In at least one case, the attackers also performed a Google Takeout, a service that exports all of an account’s activity and information, including web searches, payments, travel and locations, ads clicked on, YouTube activity, and additional account information.

“Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups,” said Abir Ghattas, information security director at Human Rights Watch. “This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region.”

In light of its investigation, Human Rights Watch is calling on Google to strengthen its Gmail account security warnings to protect better its most at-risk users, including journalists and human rights defenders, after it uncovered “inadequacies” in Google’s security protections.

“Individuals successfully targeted by the phishing attack told Human Rights Watch that they did not realize their Gmail accounts had been compromised or a Google Takeout had been initiated, in part because the security warnings under Google’s account activity do not push or display any permanent notification in a user’s inbox or send a push message to the Gmail app on their phone,” Human Rights Watch said in its analysis.

“Google’s security activity revealed that the attackers accessed the targets’ accounts almost immediately after the compromise, and they maintained access to the accounts until the Human Rights Watch and Amnesty International research team informed them and assisted them in removing the attacker’s connected device.”

Google spokesperson Kimberly Samra told TechCrunch that Google implements protections for high-risk users so their Google accounts are “protected against threats against Google services, or on other platforms as seen in this case.”

“Some of these protections include our Advanced Protection Program (APP) and 2-Step Verification (2SV) auto enrollments,” Samra said. “Google also remains committed to threat collaboration and sharing our ongoing research to raise awareness on bad actors across the industry, as it helps to more quickly respond to attacks and protect online users.”

Iran-backed hackers linked to espionage campaign targeting journalists and activists by Carly Page originally published on TechCrunch

The Discovery+ app is getting one of the most anticipated feature — and frankly, a must-have feature for today’s streaming apps — offline viewing. The company announced Monday that users of the ad-free plan in the U.S. will be able to download content for offline viewing on the service’s iOS and Android apps.

This move comes after the company tested this feature with users in Brazil. Discovery+ mentioned that the service has more than 58,000 episodes — including popular shows “House of Hammer,” “Fixer Upper,” and “90 Day Fiancé” — that are eligible for downloads.

Users with the ad-free plan will see a “Download” button next to the content title. They can also choose the quality of the download and whether to download it over Wi-FI or cellular data.

Discovery+ noted that the downloaded title will live on the device for 30 days in the unplayed state or 48 hours after you hit the play button. Plus, you can renew the title download once you’re online after it expires.

The company is not putting any geo-restriction on the downloaded content. So if you are visiting another country, you can watch it if you are offline. The app will default to the downloads section when a user is offline.

Warner Bros. Discovery is set to merge HBO Max and Discovery+ services into one app next year. But until then, Discovery+ users will get to enjoy this feature that was missing for the longest time. Competitors like YouTube and Netflix have had an offline viewing option for years. While Discovery+ launched just last year, it’s a feature that streaming service users have come to expect.

Discovery+ brings the offline download feature to the US by Ivan Mehta originally published on TechCrunch

Osome is a corporate “super app” that helps business owners with administrative tasks like payroll, accounting and tax reporting. The company announced today it has raised a $25 million Series B from Illuminate Financial, AFG Partners and Winter Capital. This brings Osome’s total raised since it was founded in 2017 to $51 million.

The company says revenues have doubled since its Series A announced in June 2021. It plans to become cash flow positive within the next 12 months, and recently announced a digital banking partnership with Singapore financial service corporation OCBC.

Osome currently serves more than 11,000 business in Singapore (where it is is headquartered), Hong Kong and the United Kingdom. It also offers business incorporation services in Singapore, Hong Kong and the United Kingdom, and integrates with e-commerce platforms like Amazon, eBay, Shopify, Lazada, Etsy and Shopee.

Part of Osome’s new funding will be used to expand its operations in Asia by targeting side hustles and micro-entrepreneurs, in addition to its current customer base of SMEs.

Over the last year, Osome has launched an accounting platform to provide tax and financial reports, expenses and invoice management. It also runs a hybrid accounting service, called the Accounting Factory, that combines machine learning with human accountants and is meant to replace accounting software like Xero and Quickbooks. Machine learning is used to collect, extract and categorize financial data and reconcile it with bank transactions. Then Osome’s accountants look at that information and advise customers. Osome currently has more than 100 accountants and bookkeepers, who are full-time employees.

Other startups that offer corporate services include Sleek, Lanturn and BlueMeg. Osome founder Victor Lysenko said its building a competitive moats by providing a “set-up to scale-up service for businesses.”

“What business owners tell us is that they didn’t startup to do their own bookkeeping,” he said. “We take care of the bookkeeping so they can focus on their business. And we grow with them—our pricing model is based around revenue, not transactions, unlike our competitors.”

Singapore-based corporate services super app Osome raises $25M Series B by Catherine Shu originally published on TechCrunch

There’s a growing market for private cellular networks, or dedicated cell networks configured to support a company’s specific requirements within a confined area (think a warehouse or wind farm). For example, some mining and energy companies have adopted private cellular networks to help facilitate operations that span over significant distances, where the increased range of cellular offers advantages compared to the Wi-Fi alternatives.

A number of major vendors provide private cellular network services, including AT&T and T-Mobile, as do some startups, including Celona, Anterix and Airspan Networks. (Recently, asset management giant BlackRock announced that it’ll deploy a private network at its new headquarters in partnership with Verizon.) But that hasn’t stopped new ventures from cropping up to challenge the incumbents. See Expeto, which is developing a platform that allows corporate customers to extend their private networks via virtually any type of cellular connectivity.

Demonstrating that there’s investor appetite for upstarts in the market, Expeto this week closed a $13 million Series B round led by Sorenson Capital with participation from 5G Open Innovation Lab, Samsung Next and Mistral Venture Partners. Bringing Expeto’s total raised to over $25 million (inclusive of $5 million in debt financing), the proceeds will be put toward product R&D as well as customer and partner acquisition, according to CEO Michael Anderson.

“Large, mission-critical enterprises in sectors like energy, mining and manufacturing need mobile connectivity to support next-gen use cases. But today, mobile operator connectivity is hard to buy, integrate and manage,” Anderson told TechCrunch in an email interview. “If they want connectivity, enterprises have to deal with this mobile network operator (MNO) over here and that MNO over there … Expeto lets enterprises manage mobile connectivity as if it were part of their own network.”

Co-founded in 2015 by Terje Strand, Ryley MacKenzie and Brian Baird, with Anderson coming onboard in 2020, Expeto doesn’t sell cell service. Instead, it offers tools to enable companies to manage multiple private cellular networks, including 3G, 4G and 5G networks, from a single pane of glass. Expeto supports managing network policies in addition to monitoring network usage and performance, and it is designed to work from behind a corporate firewall, in a private or public cloud, at the edge or from a geographically remote site depending on the use case requirements.

“With Expeto, enterprises see just one network — no matter how many mobile network operators or deployment sites they’re managing,” Anderson said. “[They can deliver] mobility for any type of device using just a single SIM [card], maintain network device privileges across different connectivity types and physical sites [and] make real-time, self-service changes to the mobile networks they manage.”

Expeto currently has “more than” 20 customers supporting over 50 private wireless sites, according to Anderson, who wouldn’t reveal revenue figures when asked. He claims that the pandemic has driven “significant demand” for Expeto’s products as companies embrace automation and remote operations, even as some organizations look to reduce costs in the face of economic uncertainty.

To his point, there appears to be high interest among the enterprise in deploying private cell networks. A recent by TECHnalysis Research survey of over 600 IT decision-makers found that nearly three-quarters believe their company will eventually use a private 5G network. A separate reportfrom ABI Research estimates that the market for 5G private networks will reach $47.5 billion in 2030, up from $3.7 billion in 2021.

“Because Expeto’s use cases are associated with meaningful and relevant advances in operational efficiencies and growth initiatives, we have not experienced significant headwinds and we continue to sell on the basis of the savings and efficiencies Expeto’s platform uniquely enables,” Anderson said. “We plan to raise our next round of capital in the second half of 2024. We determined that the best approach to continue our high-growth momentum is a financial structure comprising equity and debt with focus and accountability to deliver differentiated growth, innovation and references from recognized leaders in multiple vertical markets.”

Samsung Next’s Andy Duong argues that Expeto is “uniquely positioned” to scale by leveraging its customer base as a distribution channel. The long-term play could be collaborating with cell providers to sell additional services; Expeto already works with Nokia and Ericsson for their radio access networks, the parts of mobile networks that connect devices like smartphones to the cloud.

“We invested in Expeto because it simplifies enterprise networking over private and public mobile networks,” he added. “While 5G’s network slices can be customized to meet the service-level agreement for emerging connected applications, they also bring additional complexities in network management. This is made easier thanks to Expeto’s cloud-based platform that enables hybrid private mobile networks for enterprise customers.”

Expeto, a startup selling tools to manage private cellular networks, raises $13M by Kyle Wiggers originally published on TechCrunch

There’s a prevailing logic (or you might say hope) in tech that says there is no better time to invent and invest than when the market appears to be in a bad place. With companies like Google and Apple born out of fallow periods, that way of thinking may be understandable — and it is leading to a number of fresh venture funds, pushing capital into the market.

In the latest development, One Peak, a firm out of London that focuses on growth stage rounds in B2B startups across Europe and Israel — is today announcing that it has closed its latest, and biggest-ever fund of $1 billion.

The fund is the third from eight-year-old One Peak. First launched in March of this year, One Peak described the $1 billion ‘hard cap’ as oversubscribed and now the largest focused on B2B software companies in Europe. It plans to use the money to invest between $15 million and $100 million in growth rounds.

One Peak’s portfolio includes the likes of Cymulate, PandaDoc, DataGuard, Paysend, Deepki, Neo4j and Spryker — a list focused on scaling enterprise startups across a range of categories like cybersecurity, e-commerce, and data management and analytics — and the plan is both to continue doubling down on those while also looking for others to join the stable.

David Klein, who co-founded One Peak with Humbert de Liedekerke Beaufort, believes that even with global markets contracting and expected to continue that pattern next year, B2B tech will continue to remain a “recession-proof” category, in his words.

And contrary to its name, One Peak is not alone in that line of thought. Even as we look at how prices for tech stocks are crashing, and anecdotally and verifiably are seeing evidence of investors and startups talking about the lack of activity and pressure on the market, ironically, compared to the rest of the market, investors (and in the case of venture funds, LPs) appear to be putting more of their money into tech, a category they see longer term outperforming the rest of the market.

Beaufort notes that while there is definitely a slowdown in the wider market and the sales cycles in B2B — a category some believe will also be hit, but perhaps in a more delayed way — “Currently we’ve seen no impact on the performance of our companies,” he said.

One Peak’s $1 billion fund III comes amid a number of other VCs raising capital this year both in Europe and further afield. EQT Ventures has closed two different funds in the last couple of months, $2.2 billion for growth-stage investments mostly in Europe and a further $1 billion for early-stage bets. Index Ventures has committed $300 million in the last month specifically to fund new startups in the downturn. Northzone also announced its latest fund, a record $1 billion for the firm, in the last quarter. Atomico is also reportedly raising $1.3 billion in new funds this year, although the close of those has not been confirmed.

Dealroom analysis notes that in all, the first three quarters of 2022 saw VCs in EMEA raise some $24 billion in funds. Meanwhile, PitchBook analysis found that nearly $151 billion was raised by U.S.-based firms in the first three quarters of this year, although it also pointed out that deal-making out of that money was not matching that exuberance.

The message is clear: those looking to make money out of their money may see tech as a relatively safe harbor, but those who hold the purse strings are generally being a lot more cautious how they distribute those funds.

One Peak is following some of that pattern itself.

“We believe multiples are down to 2018 levels,” said Beaufort. Klein added that the highest-growth companies are reasonable investments at 12-13 times the revenue run rate. And he added that the firm recently passed on at least one big deal that’s in the works because the valuation multiple — 20 times the revenue run rate — was just too high.

Still, with a number of B2B startups hatched during more bullish years now looking for their next capital injection, and One Peak’s own portfolio including at least a few startups that haven’t raised in over a year, there appears to be no shortage of targets for aiming its money.

One Peak scales up and closes $1B fund aimed at European and Israeli growth rounds by Ingrid Lunden originally published on TechCrunch

Meet Cubzh, a new free-to-play video game that is all about user-generated content through a cube system. The company has designed a new platform from scratch and wants to empower creators with the ability to create new objects, build worlds and define games rules thanks to a scripting environment.

This summer, the company raised a $3 million seed round led by New Wave with several angels also participating, such as Docker founder Solomon Hykes and Sorare CEO Nicolas Julia.

“It’s a homemade engine. That’s why we have spent a long time in stealth mode making sure it works,” co-founder and CEO Adrien Duermaël told me.

This C/C++ engine runs on PC, macOS, iOS, Android and web browsers. In other words, if you are reading this post, chances are you have a device that can run Cubzh.

What you will play in Cubzh will depend on other users. Essentially, Cubzh is a gaming platform that can power different gaming experiences — a bit like Roblox.

“Players who can’t write scripts will be able to create objects, draw swords and vehicles. Soon, we will add an animation editor. Those who can code will be able to incorporate those objects in their games,” Duermaël said.

As for game development, Cubzh isn’t using a no-code approach. Everything is currently based on Lua scripting. Cubzh takes care of the basics, such as collisions and multiplayer code. The rest is up to the players’ imagination.

Right now, Cubzh is available as an alpha test. The company is thinking about web3 mechanisms as a monetization route. For instance, Cubzh could take a cut on primary and secondary sales of objects. Content creators would earn royalties on their creations based on usage.

But the company hasn’t launched a marketplace just yet. It doesn’t know if there will be a utility token either. Now that the basic features are here, the company will focus on all these upper layer features.

Eventually, Cubzh hopes that it can create a sort of digital version of Lego. And maybe some Minecraft creators will find Cubzh more interesting and move to this new game platform.

Cubzh wants to build the next-generation Minecraft by Romain Dillet originally published on TechCrunch

Google is introducing a “Continuous Scrolling” feature on the desktop so users don’t have to navigate across pages to find the relevant search results for English-language queries in the U.S., expanding a feature the company has offered on mobile for some time.

Notably, users shouldn’t mistake continuous scrolling for infinite scrolling. With continuous scrolling, users can see up to six pages of search results by scrolling down before they see the “More” button to look for further results. On mobile, Google limits continuous scrolling to four pages of search results in one go.

Google has traditionally had a “paged” approach to search results. That means, up until this point, when users scrolled down the search result page and wanted to see more results, they had to click on the page number at the bottom.

The new feature can also provide more visibility to sites that did not rank high enough to be on the first page. People tend to avoid going to the second page and very few brave souls go to pages afterward — hence the joke: the best place to hide something criminally damaging is page 2 of Google search results.

The change comes at a time when many users complain that Google search results are degrading in quality. In response, Google has made a series of changes, including making search results more visual. In September, it also rolled out a feature that surfaced results from Reddit and Quora under a section called “Discussions and forums”.

While a lot of features have a mobile-first design, Google is also working on enhancing desktop search. The company has been testing widget-styled cards on the home screen to give users access to information like weather and stocks at a glance.

Google introduces “Continuous Scrolling” on desktop for Search by Ivan Mehta originally published on TechCrunch

Amazon is inching closer to launching Prime Gaming, its subscription service that offers free access to a number of titles and which ships bundled with Amazon Prime and Video plans, to its members in India, according to the company’s website.

“With Prime Gaming (included with your Prime membership) unlock instant access to tons of exclusive content for your favorite games and a rotating collection of PC games…each and every month,” the company describes on the site.

A support page on Prime Gaming website also mentions India as an operational market for the service, however users who’re currently attempting to access Prime Gaming are being redirected to a blank page.

After some users spotted and began tweeting references of Prime Gaming’s possible launch in India, Amazon quietly removed some of the references late Monday. [H/T Rishi Alwani.]

Prime Gaming is operational in several markets. The service, a revamped version of Twitch Prime, was originally launched in the US in 2016. It offers users a host several other perks including in-game loot at no additional cost and a range of Twitch-focused features.

The company, which has killed a number of its India businesses in recent weeks, did not immediately respond to a request for comment.

Amazon set to launch Prime Gaming in India by Manish Singh originally published on TechCrunch