>

German HR and recruiting platform Personio raises $40M Series B led by Index

German HR and recruiting platform Personio raises M Series B led by Index

Personio, the German HR and recruiting platform, has raised $40 million in a Series B funding. Leading the round is London-based Index Ventures, with participation from existing investors Northzone and Rocket Internet’s Global Founders.

Founded in 2015, Munich-based Personio has set out to build a “HR operating system” for small and medium-sized companies (SMEs) ranging from 10 and 2,000 employees. The cloud-based software is designed to power all of a company’s HR and recruiting processes, either via the product’s own core functionality or through its ability to integrate with third-party software.

“We believe in the benefit of a holistic HR solution that covers the entire employee life-cycle, while its functionalities need to adapt to individual customer requirements and processes,” Personio co-founder and CEO Hanno Renner tells me.

“That being said, we distinguish between the bread-and-butter HR activities which every company needs to do (e.g. recruiting, on boarding, time off management, payroll etc.) and those that are either industry-specific or rather nice-to-haves”.

Examples of the latter include hardware-based time tracking, and employee engagement, respectively. “We focus our efforts on providing a best-in-class experience for what we consider bread-and-butter HR,” adds Renner. “For more specific requirements, we let our customers choose from a growing number of integrated vertical solutions based on their needs. Data will be synced so Personio acts as the system of record for all HR information and information only needs to be entered once”.

In addition to “out of the box” third-party software integrations, Personio’s claim to offer a HR operating system is backed up by the company’s open API, which is designed to cover various use cases where accessing data that is stored in Personio can add further value to customers. This includes building something as simple as a Slack bot using Personio data, to connecting Personio to a company’s data-warehouse or deeper integrations with internal systems.

More broadly, Renner says this holistic approach, coupled with Personio’s workflow automation that aims to cut down on time wasted on repetitive tasks, is not only resonating with HR managers and recruiters who typically use the product for several hours per day, but is also finding use with managers, executives and other employees. The end result is that HR and recruitment processes can become much more distributed across a company.

To that end, Personio says its Series B funding will be used to help the company attempt to become Europe’s leading provider of human resources software for SMEs. It boasts more than 1,000 clients in 35 countries, seeing over 150,000 employees and several hundred thousand applicants currently being managed within Personio.

“We believe that now is the right timing to actively expand into further regions and the funding as well as Index expertise will certainly help making that move successful,” adds the Personio CEO. “Apart from that, we consider ourselves a product-driven company and hence want to continue to strongly invest into building the best product for our customers which will mean significantly growing our product & engineering team and potentially even opening a new office to facilitate hiring”.

German HR and recruiting platform Personio raises M Series B led by Index
Source: TechCrunch

Researcher shows how popular app ES File Explorer exposes Android device data

Researcher shows how popular app ES File Explorer exposes Android device data

Researcher shows how popular app ES File Explorer exposes Android device data

Why is one of the most popular Android apps running a hidden web server in the background?

ES File Explorer claims it has over 500 million downloads under its belt since 2014, making it one of the most used apps to date. It’s simplicity makes it what it is: a simple file explorer that lets you browse through your Android phone or tablet’s file system for files, data, documents and more.

But behind the scenes, the app is running a slimmed-down web server on the device. In doing so, it opens up the entire Android device to a whole host of attacks — including data theft.

Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, found the exposed port last week, and disclosed his findings in several tweets on Wednesday. Prior to tweeting, he showed TechCrunch how the exposed port could be used to silently exfiltrate data from the device.

“All connected devices on the local network can get [data] installed on the device,” he said.

Using a simple script he wrote, Robert demonstrated how he could pull pictures, videos, and app names — or even grab a file from the memory card — from another device on the same network. The script even allows an attacker to remotely launch an app on the victim’s device.

He sent over his script for us to test, and we verified his findings using a spare Android phone. Robert said app versions 4.1.9.5.2 and below have the open port.

“It’s clearly not good,” he said.

A script, developed by security researcher , to obtain data on the same network as an Android device running ES File Explorer. (Image: supplied)

We contacted the makers of ES File Explorer but did not hear back prior to publication. If that changes, we’ll update.

The obvious caveat is that the chances of exploitation are slim, given that this isn’t an attack that anyone on the internet can perform. Any would-be attacker has to be on the same network as the victim. Typically that would mean the same Wi-Fi network. But that also means that any malicious app on any device on the network that knows how to exploit the vulnerability could pull data from a device running ES File Explorer and send it along to another server, so long as it has network permissions.

Of the reasonable explanations, some have suggested that it’s used to stream video to other apps using the HTTP protocol. Others who historically found the same exposed port found it alarming. The app even says it allows you to “manage files on your phone from your computer… when this feature is enabled.”

But most probably don’t realize that the open port leaves them exposed from the moment that they open the app.

Researcher shows how popular app ES File Explorer exposes Android device data
Source: TechCrunch

Hulu unexpectedly releases “Fyre Fraud” days before Netflix’s competing documentary

Hulu unexpectedly releases “Fyre Fraud” days before Netflix’s competing documentary

Not since the literary biopic showdown between “Capote” and “Infamous” has there been such an intense battle for the attention of viewers. This time, the fight is between Hulu and Netflix’s competing documentaries about the disastrous Fyre Festival, a 2017 music festival whose failure led to eight lawsuits and a six-year prison sentence for co-founder Billy McFarland. Hulu unexpectedly released its film, “Fyre Fraud” today, just four days before Netflix’s “Fyre: The Greatest Party That Never Happened” was scheduled to premiere. Both films are helmed by award-winning filmmakers.

Entertainment Today reports that Hulu hopes its documentary, directed by Emmy-nominated, Peabody-winning filmmaking team Jenner Furst and Julia Willoughby Nason “will provide enlightening context ahead of [co-executive producer Elliot] Tebele’s Netflix documentary.”

“Fyre Fraud” contains exclusive interviews with McFarland, who co-founded Fyre with rapper Ja Rule, and people who used to work for Tebele’s marketing agency FuckJerry, one of the festival’s promoters. Some of Tebele’s former employees claim in “Fyre Fraud” that Tebele asked them to cover up early warning signs about the festival.

McFarland was later sentenced six years to jail in for defrauding investors, while Ja Rule is fighting to be removed as a defendant from a $100 million class action lawsuit. Attendees paid thousands of dollars for tickets, expecting a luxury music festival in the Bahamas, but instead found themselves staying in tents, no Internet service, no water, and food like processed cheese sandwiches. Delayed flights made the experience even more nightmarish, as guests were forced to wait hours in the heat for their charter flights back to Miami.

In response, the makers of Netflix’s “Frye,” directed by Chris Smith (whose “American Movie” won the Grand Jury Prize for Documentary at the Sundance Film Festival in 1999), told Entertainment Weekly that even though they worked with Tebele and Jerry Media (a FuckJerry brand), “at no time did they, or any others we worked with, request favorable coverage in our film, which would be against our ethics. We stand behind our film, believe it is an unbiased and illuminating look at what happened, and look forward to sharing it with audiences around the world.”

Smith told Entertainment Weekly earlier this week that McFarland wasn’t included in the documentary because he “wanted to get paid” for appearing and “we didn’t feel comfortable with him benefitting after so many people were hurt as a consequence of his actions.”

TechCrunch has contacted Netflix and Hulu for comment.

Hulu unexpectedly releases “Fyre Fraud” days before Netflix’s competing documentary
Source: TechCrunch