Apple fixes nasty security bugs, HBO Max suddenly removes content, and a16z endorses the following from Neumann – TechCrunch

Hello hello! We’re back with another edition of Week in Review, the newsletter where we quickly recap the top stories that hit TechCrunch in the last seven days. Do you want it in your inbox? Sign up here.

other things

a16z endorses new from WeWork founder: When a company implodes strong enough to inspire a miniseries, would anyone back the founders again? It doesn’t seem to have deterred a16z, who recently invested his largest paycheck in the following of WeWork founder Adam Neumann.

Black Girls Code founder fired by board: “Kimberly Bryant is officially out of Black Girls Code, eight months after being suspended indefinitely from the organization she founded,” write Natasha Mascarenhas and Dominic-Madori Davis. Bryant filed a lawsuit in response to the termination, alleging “wrongful suspension and conflict of interest.”

Google shuts down IoT Core: Google’s IoT Core is a service intended to help device manufacturers create Internet-connected devices that connect to Google Cloud. This week, Google announced that it will shut it down, giving device makers a year to find another solution.

Apple’s Big Security Mistake: Time to update your Apple devices! This week, the company shipped critical patches that fix two (!) security issues that attackers already seem to be actively exploiting. The bugs involve Safari’s WebKit engine and can give an attacker essentially full access to your device, so really, go update.

HBO Max removing titles: HBO Max is merging with Discovery+, and for some reason this means a bunch of titles are getting off the ground, and fast. I was going to tell everyone to do a speed binge on the amazing “Summer Camp Island” series before it was over, but apparently it was already deleted. Find the full list of defunct/soon-to-defunct titles here.

TC fights stalkerware: In February, TechCrunch’s Zack Whittaker pulled back the curtain on a web of “stalkerware” apps that were meant to silently gobble up private text messages, photos, browsing history, and more. of a victim. This week, Zack released a tool meant to help people. determine if his Android phone, and thus his private data, was affected. We’ll hear more from Zack about this new tool below.

An illustration of a blue illuminated phone with a location pointer above it, against a background of red and blue moving eyes.

Image credits: Bryce Durbin/TechCrunch

audio stuff

What’s going on in the world of TechCrunch podcasts? This week, the Equity team discussed why we should “officially stop comparing Adam Neumann and Elizabeth Holmes,” and Burnsy spoke with Ethena co-founder Roxanne Petraeus and Homebrew’s Hunter Walk about how to “sell the vision, not the business,” on TechCrunch live.

additional things

What’s behind the TC+ paywall? Some really cool stuff! Here’s a taste:

How does venture capital work?: Seems like a basic question, but it’s one we get… a lot. Haje, with the rare overlapping perspective of him as a reporter AND pitch coach AND former venture capital fund manager, breaks it all down as only he can.

Do you plan to use your initial capital as collateral? Good luck: After years of work, he managed to accumulate a ton of capital in the private company he helped build. Can you really use it as collateral for something? Compound’s Max Brenner guides us through the challenges.

Featured Writer: Zack Whittaker

Image credits: high veanne

This week we’re experimenting with a new section where we quickly catch up with a TechCrunch writer to hear a little about them and what they have in mind this week. For the first time? The incredible, inimitable Zack Whittaker.

Who is Zack Whittaker? What do you do on TechCrunch?

Hi, I’m the security editor here, aka TechCrunch’s Bringer of Bad News, and I oversee the security desk. We uncover and report on the big cybersecurity news of the day (hacks, data leaks, nation-state attacks, surveillance, and homeland security) and how it affects you and the broader tech landscape.

If you could snap your fingers and tell everyone one thing about your beat, what would it be?

Think of cybersecurity as an investment for something you hope will never happen, like a personal data breach. Better to get ahead now. Today it’s easier than ever, and it’s never too late to start. Spend a small amount of time on three simple steps that make it much harder for hackers to break into your accounts or steal your data: use a password manager, set up two-factor authentication everywhere you can, and keep your apps and devices up and running. -till the date.

Tell me about this anti-stalkerware tool you released this week

In February, TechCrunch revealed that a network of nearly identical “stalkerware” apps share the same common security bug, which is leaking the private phone data of hundreds of thousands of Android device owners around the world. These malicious apps are installed by someone with access to your phone and are designed to remain hidden, but silently steal data from the victim’s phone, such as messages, photos, call logs, location, and more. Months later, we got a leaked list of all devices compromised by these apps. The data did not contain enough information for us to identify or notify victims, so we created this search tool to allow anyone to check if their device was compromised and how to remove spyware, if it is safe to do so.

Yuck. Okay. So someone grabs your phone, installs one of these sketchy apps while you’re not paying attention, the app mines your private data for the installer to snoop around… all the while, the app is leaking a bunch of data to anyone who knows where to look . . Does it look like the people behind the stalkerware apps have any intention of stopping?

No problem. The Vietnam-based group of developers behind the stalkerware network did their best to keep their identities hidden (but not well enough). The number of compromised devices was growing daily, but without waiting for a fix, we published our research to help alert victims to the dangers of this spyware. No one in civil society should be subjected to this type of invasive surveillance without their knowledge or consent.

Aside from this tool (which is great!), what’s your favorite post you’ve written or something you’ve done with TC?

In the four years I’ve been here? That’s hard! One I still think about often is the inside story of how two British security researchers in their early 20s helped save the internet from the fast-spreading WannaCry ransomware malware in 2017, which spread across the globe, crashing computers. in NHS hospitals, shipping giants and transport hubs, causing billions of dollars in damage. But when one of them found and registered a certain domain name in the malware code, the attack was stopped in its tracks. They found the malware’s kill switch, turning them into “accidental” heroes overnight. But the only thing that stopped another WannaCry outbreak was keeping the kill switch domain alive in your hands, despite bad actors’ efforts to force you offline by overwhelming you with internet traffic. “Be responsible for this thing that is propping up the NHS? Fucking scary,” one of the researchers told me at the time.

Be the first to comment

Leave a Reply

Your email address will not be published.