Archive for July 5, 2021

OneFeather Launches Dedicated Indigenous Banking Solutions With OneFeather APP & OneFeather PAY Card

Posted in Commentary with tags on July 5, 2021 by itnerd

The OneFeather APP is a ground-breaking Indigenous innovation offering a dedicated Indigenous banking solution for First Nations Peoples, Métis, and Inuit. Paired with the new contactless OneFeather PAY card and 1FTs (OneFeather Tokens), OneFeather continues to remove the systemic barriers Indigenous Peoples face.

In Canada, 15 per cent of the Indigenous population is not served by a bank. Furthermore, 44 per cent of Indigenous Peoples live on reserve, which makes it difficult for Nation members to access traditional financial institutions and government services.

OneFeather is decolonizing the financial sector by offering a banking solution for Indigenous Peoples in Canada – whether they are on-reserve or off-reserve. The OneFeather APP enables users to link a pre-existing bank account to load their OneFeather PAY card. OneFeather APP is also a banking solution for urban dwellers, such as young adults who have travelled off-reserve to live, work, or attend post-secondary institutions. Cash gifts can be transferred between family members now, while living allowances and tuition will be transferable from Nation bands through the APP in the future.

Creating a OneFeather account in the APP is easy – individuals verify their identity by submitting a selfie and providing additional information through the APP. With verification, users can obtain the OneFeather PAY card – a reloadable payment card which can be used anywhere major credit cards are accepted.

OneFeather PAY card also provides users with an Indigenous-only rewards system by allowing users to collect OneFeather Tokens (1FTs) – which can be collected through more ways than just transactions. Users will eventually be able to exchange 1FTs for a wide range of benefits, including status card renewal service fees and merchandise in a future digital Indigenous marketplace.

1FTs are transferable- Indigenous members can send their 1FTs to their Indigenous friends and family, who can exchange them for the same services and rewards. Everyone, Indigenous and non-Indigenous, can earn 1FTs, however, 1FTs can only be redeemed for and by Indigenous Peoples. Non-Indigenous people can transfer their 1FTs to Indigenous Peoples or donate them back to OneFeather.

The 1FT Rewards program is funded by the OneFeather Box of Treasures Foundation, a non-profit founded by OneFeather to give back to Indigenous communities. Every time a person uses their OneFeather PAY card, they are contributing to the OneFeather Box of Treasures. 

To celebrate the launch of the OneFeather APP, OneFeather is giving back to the Indigenous community. Lewis and OneFeather have committed to helping Maxwell Johnson and his granddaughter, who were arrested by police in a Vancouver Bank of Montreal while attempting to open a bank account in January 2020. In collaboration and funded by Indigenomics Institute and Raven Capital Partners, OneFeather will be gifting Johnson and his granddaughter pre-loaded OneFeather PAY cards and 1FTs for a scholarship and in honour of lived experience.

Additionally, OneFeather is partnering with Empowered Startups to provide seed funding for Indigenous entrepreneurial students and alumni in a pilot project, and giving away pre-loaded cards and 1FTs throughout promotions this summer.

OneFeather has worked in collaboration with BlocPal International Inc. in developing the OneFeather APP. BlocPal provides a “simple, fast, and secure digital transaction platform that allows anyone to transact in their currency or asset of choice.” BlocPal operates in India, Mexico, Canada, the U.S., and parts of Europe. BlocPal already works with over 50,000 retailers and provides services for millions of people.

OneFeather APP will soon be a one-stop shop solution integrating OneFeather’s digital voting solution for First Nations, Métis, and Inuit elections and voting events, supporting Indigenous businesses, and offering online status card services, whereby First Nations members can renew, replace, or apply for their status card.

For more information visit: https://www.onefeather.ca/

Atlas VPN’s Announces New Privacy Feature Which Allows Users To Have Rotating IP Addresses

Posted in Commentary with tags on July 5, 2021 by itnerd

Virtual private network service provider Atlas VPN has introduced a new state-of-the-art privacy feature called SafeSwap that further enhances the anonymity of its users. Atlas VPN is the first and only VPN provider to offer this new type of functionality that allows users to have many rotating IP addresses without having to switch between different VPN servers.  

Unlike regular servers used by other VPN providers that only assign you a single IP address, the SafeSwap servers have a pool of different IP addresses. Once a user connects to one of these servers, their outgoing traffic will be routed via multiple IP addresses that will constantly and automatically switch for their online sessions without any drop in speed.  

This way, it makes it even harder for snoopers, authorities, Internet Service Providers, and advertisers to spy on user’s online activity.

At the moment, the feature is available for Atlas VPN Premium users on Android, iOS, and Windows. Users can choose from three SafeSwap server locations, including Amsterdam, the Netherlands, Singapore, Singapore, and Los Angeles, United States.

However, the company is working on extending its SafeSwap server selection, as well as bringing the feature to macOS in the near future.

For more information, visit: https://atlasvpn.com/blog/meet-safeswap-the-latest-innovation-in-the-vpn-industry

Waze Puts Our Four-Legged Friends On The Map

Posted in Commentary with tags on July 5, 2021 by itnerd

It’s an icebreaker at work and a dealbreaker on a date, but now Waze, the world’s largest community-based traffic and navigation app, is asking its users the age-old question: Are you a cat or a dog person? 

From today for a limited time, drivers can choose between two navigation voices designed to personify our beloved household pets. Users who want to hang out with a dog that’s feeling upbeat, excited, but with a tendency to get distracted or a cat that’s feeling skeptical, irreverent and a little neurotic can now do so by activating this theme!

Drivers hitting the roads for their summer staycations can also change their Waze car icon and hop in the Meow Mobile or Woof Wagon to guide them on their way, and express their pet preference by choosing a Cat or Dog mood to show others on the road how they’re outsmarting traffic. 

To access the new Cat & Dog theme on your mobile device, visit here.

The Cat & Dog theme will be available in English, French and Spanish for a limited time. 

For more information, or to download the Waze app, please visit this link

Kaseya Ransomware Attack Hits 17 Countries Affecting “Thousands”

Posted in Commentary with tags on July 5, 2021 by itnerd

The ransomware attack that is being perpetrated by the REvil gang is now being called “the single biggest global ransomware attack on record,” with thousands of victims in at least 17 different countries breached with ransomware:

A broad array of businesses and public agencies were hit by the latest attack, apparently on all continents, including in financial services, travel and leisure and the public sector — though few large companies, the cybersecurity firm Sophos reported… The Swedish grocery chain Coop said most of its 800 stores would be closed for a second day Sunday because their cash register software supplier was crippled. A Swedish pharmacy chain, gas station chain, the state railway and public broadcaster SVT were also hit. In Germany, an unnamed IT services company told authorities several thousand of its customers were compromised, the news agency dpa reported…

CEO Fred Voccola of the breached software company, Kaseya, estimated the victim number in the low thousands, mostly small businesses like “dental practices, architecture firms, plastic surgery centers, libraries, things like that.” Voccola said in an interview that only between 50-60 of the company’s 37,000 customers were compromised. But 70% were managed service providers who use the company’s hacked VSA software to manage multiple customers. It automates the installation of software and security updates and manages backups and other vital tasks…

Dutch researchers said they alerted Miami-based Kaseya to the breach and said the criminals used a “zero day,” the industry term for a previously unknown security hole in software. Voccola would not confirm that or offer details of the breach — except to say that it was not phishing. “The level of sophistication here was extraordinary,” he said. When the cybersecurity firm Mandiant finishes its investigation, Voccola said he is confident it will show that the criminals didn’t just violate Kaseya code in breaking into his network but also exploited vulnerabilities in third-party software…

Kaseya, which called on customers Friday to shut down their VSA servers immediately, said Sunday it hoped to have a patch in the next few days.

This was bad over the weekend. It is now much worse.

This attack highlights the fact that hackers are ready and waiting to exploit lax security and unpatched vulnerabilities to devastating effect. It also shows the importance of securing not just your own organization, but your supply chain too. Organizations must closely examine their suppliers’ security protocols, and suppliers must hold themselves accountable, ensuring that their customers are defended from the ever-growing barrage of malicious attacks. Otherwise, you get this situation and the fallout related to it.

UPDATE: I got a comment from Max Heinemeyer, Director of Threat Hunting, Darktrace:  

The kind of attack launched against Kaseya this weekend is not new, but it is devastatingly effective. Like the campaign against SolarWinds last year, attackers compromised Kaseya software to initiate a supply chain attack by disguising malicious software (ransomware) as legitimate and implanting it onto endpoints / devices of potentially thousands of businesses.  

As news emerges that REvil are now demanding a total of $70 million in ransomware payment, we can expect the debate to once again focus on the question of whether ransom demands should be met or not. This is inevitable in the immediate aftermath but we must urgently turn our attention to how we stop attacks from evolving into crises and before ransom is demanded.  

These kinds of software supply chain attacks can spread like wildfire and are virtually impossible to detect with traditional security tools because the trusted, but compromised, supplier is already inside.  

The trickle-down effect of this attack will undoubtedly yield more victims than those currently named, and will even impact organizations that have no direct relationship with Kaseya. The broad-ranging impact these attacks have also means they are far more likely to be replicated.  

Our dependence on software is fast becoming a major security weakness. Organizations that are effectively building resilience against fast-moving supply chain attacks are those leveraging self-learning technologies to continually identify malicious activity – even if it originates outside the organization – and respond with proportionate, surgical action.