Dear Inside Readers, Head to our homepage after you read this, because Inside.com founder and CEO Jason Calacanis will host a live Q&A today, Friday, March 10, at 3 p.m. PST. Save your seat to receive a reminder, and post your questions ahead of time to get them in the queue. We’ll see you there! —The Inside Team |
| |
BMW Italy has accidentally exposed sensitive client data through a Laravel framework bug. Researchers say that this data may be used to gather information on customers and target them later. More: - According to BMW, hackers could have stolen information such as:
- full names,
- addresses,
- phone numbers,
- email addresses,
- vehicle type,
- location data, etc.
- The .git configuration file, exposed to the public, would have allowed threat actors to find other exploitable vulnerabilities since it contained the .git repository for the site's source code.
- The automaker says this data has been secured but has warned its customers to be careful and not open links that seem suspicious or come from unknown sources.
| |
The Medusa hacker group is demanding a $1M ransom from the Minneapolis Public Schools to delete the data it stole. The threat actor has posted a video as proof. More: - MPS is a public school district in Minnesota and has around 36,370 students that study in about 100 public primary and secondary schools.
- The school district has stated that it does not plan to pay the ransom.
- MPS stated that there is no proof any personal data has been affected and that it has used internal backup tools to return the data.
- The organization warned its students and staff to be careful of phishing attacks and scamming campaigns that may target them in the following weeks.
| |
 A message from SUPERVEST Looking to add alternative investments to your portfolio? Look no further than Supervest. Our revolutionary platform gives you access to thousands of deals that were once only available to the ultra-wealthy. You can invest in just a few clicks and track your portfolio's performance in real-time. Supervest does all of the heavy lifting for you! Here are the steps to get started: - Platform Demo - Get a walkthrough from a Supervest representative
- Sign Up - Fill out an onboarding form and get verified as an accredited investor
- Deposit Funds to the platform
- Get Matched - AI algorithm will match you with opportunities based on the risk profile you filled out
- Start Earning - Fully transparent process will show you the various deals you’ve been matched with and give you access to every deal you’ve invested in
Say goodbye to outdated investment strategies (60/40 💀) and hello to the future of investing with Supervest. Get Started Today
| |
Belgium has banned the use of TikTok on government devices. The ban will last for at least the next six months. More: - The decision, announced by Belgium's federal government, is based on national security concerns.
- TikTok has not made a statement about this decision yet.
- The Belgian government stated that TikTok could be used for digital espionage and that banning the app makes sense.
Zoom Out: - The European Union's three main institutions have all banned the app.
- Denmark also followed suit shortly after.
- In the U.S. and Canada, TikTok bans have begun being implemented since early 2023. Recently, a group of U.S. Senators introduced a bill that would enable the Biden Administration to ban the app.
- Texas banned the app for government officials and universities, and 22 other U.S. states have taken similar measures.
| |
The Xenomorph Android malware has added new capabilities to steal information from over 400 banks, including Chase, Citibank, and American Express. The malware's app has been downloaded over 50,000 times in the Google Play Store. More: - The malware, first tracked in early 2022, has evolved quickly from being able to target a little over 50 banks to now stealing information from more than 400.
- According to researchers, Xenomorph is now among the most dangerous Android malware due to its ability to automate the entire fraud chain.
- What makes it stand out is its ability to hack not only SMS-based authentication but also application-based authentication.
- The malware can target financial institutions such as:
- Chase,
- Citibank,
- American Express,
- ING,
- HSBC,
- Deutsche Bank,
- Wells Fargo,
- Amex,
- Citi,
- BNP,
- UniCredit,
- National Bank of Canada, etc.
- The malware can also breach several popular cryptocurrency wallets such as Binance, Coinbase, Gemini, etc.
- The new Xenomorph variant also includes a cookie stealer.
- The stealer launches a browser window with the URL of a legitimate service with the JavaScript interface enabled, tricking the victim into entering their login details.
- The threat actors then steal the cookie and hijack the victim's web browsing session.
| |
Cado Security has raised a $20M funding round to provide cloud forensics for enterprises. The company is based in London, U.K. More: - Cado Security automates data collection and enables companies to process data at cloud speed.
- The company claims that its platform can process large amounts of data within hours, something that used to take days.
- Since its inception in 2020, the company has raised $31.5M.
- Eurazeo led the funding round, with participation from Ten Eleven Ventures.
- Cado aims to use this funding to expand to new markets, boost its product developments, etc.
| |
Quick Hits: - Demonstrating security and compliance can be time-consuming and expensive. Until you use Vanta. Start a free trial.*
- Cado Security (U.K.), a cloud forensics and incident response platform, has raised a $20M funding round led by Eurazeo, with participation from Ten Eleven Ventures.
- Cubist (New York), a startup that provides Web3 tools that help developers make their apps more secure, has raised a $7M Seed round led by Polychain Capital, with participation from dao5, Amplify Partners, Polygon, Blizzard, and Axelar.
- Blackbaud has agreed to pay $3M to settle a case brought by the Securities and Exchange Commission.
- Over 3 million users of the healthcare platform Cerebral have been sent a notice letting them know their data has been breached.
*This is sponsored content.
| |
Upcoming events at Inside: - March 14 - Inside Startups Coffee Break (Register Here)
- March 15 - Monthly Meditation guided by Nicholas Whitaker (Register Here)
- March 20 - Inside Interview with Rollworks - Clearing the Path to ABM Success: Addressing the Issues Holding You Back (Register Here)
- April 18 - Human Resources Summit'23 (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Looking to add alternative investments to your portfolio? Look no further than Supervest. | |
