Link

Ukraine Authorities Seize Unencrypted Windscribe VPN Servers

Andrew Orr ·

VPN provider Windscribe said its servers were not encrypted, enabling authorities to create decoy servers and snoop on web traffic.

The Ontario, Canada-based company said earlier this month that two servers hosted in Ukraine were seized as part of an investigation into activity that had occurred a year earlier. The servers, which ran the OpenVPN virtual private network software, were also configured to use a setting that was deprecated in 2018 after security research revealed vulnerabilities that could allow adversaries to decrypt data.

Oh come on, VPN servers that weren’t encrypted?

Link

Twitter Tests New ‘Shop Module’ Feature for iOS Users

Andrew Orr ·

Twitter is piloting a new feature on Wednesday called Shop Module. It will let brands add a shopping section at the top of their profiles. The pilot is currently limited to iOS devices for people who use the service in English.

The Shop Module is a dedicated space at the top of a profile where businesses can showcase their products. When people visit a profile with the Shop Module enabled, they can scroll through the carousel of products and tap through on a single product to learn more and purchase — seamlessly in an in-app browser, without having to leave Twitter.

Link

1Password Reveals US$100M Funding Round

Charlotte Henry ·

Password management platform 1Password has revealed it has raised funding worth US$100m. Business is booming thanks to new at-home and hybrid working arrangements, VentureBeat reported.

According to 1Password CEO Jeff Shiner, while multiple factors have aligned to drive demand for password management tools, the single biggest change since its last fundraise has been society’s rapid transition from offices to remote or hybrid working. “Businesses — both large and small — were forced overnight to adopt a remote way of working,” Shiner told VentureBeat. “That switch meant that companies, most of whom were used to a centralized office, suddenly needed to support employees using their own devices, at home on their own potentially insecure networks. With the remote-hybrid shift came a proliferation of SaaS tools to help keep people and teams productive. Many of these tools are brought in to help specific teams solve specific problems, which means that across an organization, there can be hundreds of different software products — all requiring unique logins and access.” Helping workers stay on top of all their login credentials is where 1Password comes into play.

Link

Hackers Increasingly Using Discord to Spread Malware

Andrew Orr ·

Researchers found that hackers are turning to Discord to spread malware, such as password-hijacking and Discord chat bot APIs.

But the greatest percentage of the malware we found have a focus on credential and personal information theft, a wide variety of stealer malware as well as more versatile RATs. The threat actors behind these operations employed social engineering to spread credential-stealing malware, then use the victims’ harvested Discord credentials to target additional Discord users.

Link

Apple Wallet Supports Australian Health Insurance Cards Via HICAPS App

Charlotte Henry ·

Australians are now able to add digital health insurance cards to their Apple Wallet via the Health Industry Claims and Payments Service (HICAPS) app. 9to5Mac has a good explainer of how it all works.

In Australia, when you pay a visit to an Extras provider, the receptionist provides you with a bill and asks if you have health coverage. At that point, you can hand them your HIF membership card and they’ll swipe it through an electronic claiming terminal known as a HICAPS machine. Now, with the Apple Wallet integration, users can just double click the side button on their iPhone with Face ID or double click the Touch ID button to view the health insurance card on the Wallet. Then, they just have to select their health fund membership card from Apple Wallet and hold the iPhone or Apple Watch near the terminal reader.

Link

Oil Producer ‘Wesco’ Uses Excess Natural Gas to Mine Bitcoin

Andrew Orr ·

Utah-based oil company Wesco Operating Co. is using excess gas (natural, not Ethereum) to power a Bitcoin mining operation.

Rather than being “flared,” or burned, to eliminate it, the natural gas is burned to run electrical generators, which in turn power two mobile data centers that process Bitcoin transactions, Wesco representative Steve Degenfelder explained.

The company has connected with a Chicago-based firm, EZ Blockchain, to acquire the two Bitcoin “miners,” portable data processors tied to the Internet.