health

Jan 15 2021

Capitol Insurrectionists Were Funded in Part By Bitcoin: Chainalysis

Terrorist financing has always been one of the primary concerns about cryptocurrency use worldwide. In the wake of what many have called a terrorist attack on the United States, Bitcoin appears to have played a role.

According to a recent report from blockchain forensics company Chainalysis, donors had helped bankroll the recent riots that shook the United States Capitol last week.

Possible Dead Donor

Chainalysis’s report confirmed that on December 8, a French-based entity had donated 28.15 BTC (about $522,000 at the time) to several addresses linked to far-right internet personalities and activists.

An additional report from Yahoo! News confirmed that many of these activists had been present at the riots on the United States Capitol on January 6.

Yahoo! News reported that of the 22 addresses that got part of the funds included Nick Fuentes, a white nationalist commentator and podcaster. Daily Stormer, a news source with white supremacist links, was also among the recipients, as was Gab – the free speech-based social media platform credited for the rise of hate speech.

Chaunalysis added that the donor appeared to have committed suicide the day after donating.

A suicide note from the donor read that Western civilization is dying, and that he felt like leaving his wealth with specific causes to ensure that his name lives on following his death.

Federal investigators are still looking to track the donor.

Riot Fallout Continues

The January 6 riots had come from supporters of outgoing U.S. President Donald Trump. The supporters had been protesting the results of the November General Elections that saw their preferred candidate lose to President-Elect Joe R. Biden.

Following multiple lawsuits and a substantial lack of proof, the Trump campaign had run out of resources to fight Biden’s win.

Trump supporters eventually gathered in Washington on January 6 – the same day that Congress was set to certify Biden’s win officially.

After hours of protests and the death of five people (and counting), the rioters were eventually cleared, and the repercussions have been swift since.

Biden’s win is now certified, and social media platforms have cracked down on Trump’s accounts. His accounts on social media platforms have been taken down, and several payment processors have blocked donations to anything Trump-related. Apple, Google, and Amazon have also taken down Parler – a conservative-focused social media site.

The report of Bitcoin donations to the cause aren’t exactly surprising. Bitcoin holders have been known to support controversial causes in the past, leveraging the asset’s privacy to keep their identities secret.

Last week, Whale Alert noted that crypto donations had been pouring into the legal defense fund of Julian Assange, the founder of the whistleblower site WikiLeaks. In one transaction, someone sent 8.48 BTC – about $280,000 at the time. Another transaction was worth 4.51 BTC ($125,000).

Assange remains in a U.K. prison and is facing charges of violating the 1917 Espionage Act. District Judge Vanessa Baraister ruled against his extradition to the United States last week, citing health issues.

Capitol Insurrectionists Were Funded in Part By Bitcoin: Chainalysis

Source

Jan 03 2021

Three tips for phone battery health, from the makers of TEVOLT power banks

It might seem like it’s obvious, but your smartphone is only as good as its charge. After all, with a dead or underperforming battery, your state-of-the-art phone is transformed into an expensive paperweight. If your phone loses its charge faster than expected, it can ruin your day. And if your battery no longer performs as well as it used to, it might compel you to spend big money on an entirely new phone.

TEVOLT was created to free you from the endless charging cycle by creating an entirely different way of keeping your phone powered up. TEVOLT is a charging system comprised of two swappable power banks packed with 5,000 mAh each. The power banks attach directly to your phone or case, so you never run out of charge again. While one bank is charging your phone, the other is fully charged waiting for the next swap. And TEVOLT works with any phone — even your mom’s decrepit, outdated model.

There are important steps you can take to extend the life of your phone, and TEVOLT makes it easier to be mindful of your power usage usage. Here are three tips for getting the most out of your battery.

Avoid full cycles (zero-100 percent)

Instead, top up your phone more regularly with partial charges. With TEVOLT attached to the back of your phone, you can easily give your phone little sips of power by turning TEVOLT on and off as needed. Simple click TEVOLT’s button to turn it off.

Stop charging at 80 percent

Ending a charge at 80 percent is better for the battery than topping it all the way up to 100 percent. But it can be hard to cut your charge off in time if you’ve connected your phone to an outlet; you’re likely to walk away and forget about it. But with TEVOLT, you can stop charging as soon as you see the percentage reach 80%.

Avoid overnight charging

This has two advantages. First, it is better for the battery life in the long run. And second, it is much safer for you to avoid overnight charging in case the phone’s battery overheats. You don’t have to think about overnight charging with TEVOLT. You simply wake up, snap the TEVOLT bank on the back of your phone, and go about your productive day!

Doing these simple tips will help you maintain battery health, giving you better battery life day-to-day and a longer battery lifespan overall.

But how can you keep up your new phone charging habits? Think of TEVOLT as your battery health coach. You’ll always have power attached to the back of your phone, allowing you to easily follow these tips and optimize how you get a charge.

Say goodbye to overnight charging and full cycle charging and hello to partial charging. A healthier phone battery awaits.

Want to support TEVOLT? Check out their Indiegogo page to back the campaign.

<!–

Comments are closed

–>

Source

Dec 23 2020

Automate Mobile Application Security Testing from Jenkins

Automate Mobile Application Security Testing from JenkinsAutomate Mobile Application Security Testing from Jenkins

Mobile apps require continuous testing throughout the development process to ensure proper compliance and security measures are in place. If you are using Jenkins continuous integration server in your pipeline, continually testing your mobile app builds is simple with Zimperium’s mobile application security testing platform, zScan.

Here we will describe how you can automate mobile application security testing from your Jenkins implementation and increase your testing cadence to produce better apps while reducing your time to market and the associated manual effort. Every time new code is submitted to Jenkins, zScan will test the compiled app and provide specific details about improving any security gaps in your mobile apps.

In this blog, we provide details on:

Why mobile application security testing remains difficult;
How to automate and configure testing from Jenkins;
Available outputs and optional Jira integrations;
Test Data categorizations; and
How to install in your existing processes

Successful Continuous Mobile App Testing

Today, successful mobile application development organizations utilize a combination of native and cross-platform frameworks. Cross-platform frameworks allow for a single code base without compromising a great user experience. This means features and fixes are rolled out much more frequently than ever before.

Keeping pace requires testing solutions to not only assess these frameworks accurately, but also allow for complete automation. You need mobile specific tools since it’s not just Android and iOS operating systems that are changing; the hybrid frameworks are evolving as well.

“With zScan, we are detecting security vulnerabilities before release – in hours rather than weeks – and then automatically provide our third party developer with a list of fixes.” – Application Security Manager, Global Banking Company

Failing to identify errors in mobile apps correctly can lead to disastrous results. Governing bodies can fine your company for failing to comply with a compliance mandate or, worse, your company could suffer severe brand damage if a mobile app breach became public.

There are several public mobile app breach examples from this year. Some of the more notable breaches from this year include the Walgreens mobile app, BHIM data leak, and several coronavirus contact tracing apps that leaked private user data.

Automated App Testing Using CI/CD Platforms

Automating mobile application security testing in your DevOps toolchain provides your teams the opportunity to test early and test often. Developers continue to commit code in the same fashion when developing new features, bug fixes, and modifications. However, by integrating continuous testing to Jenkins during the development cycle, you identify compliance, security, and privacy risks early when they are less expensive to fix.

If you reduce the number of bugs by testing more often, your overall delivery costs decrease, and throughput increases. Integrating security tools into existing DevOps frameworks allows for more productivity and better quality without forcing developers to unlearn and relearn new processes. Sounds good, right?

zScan Automates Mobile Application Security Testing

Zimperium’s zScan mobile application security testing platform provides security and development teams with privacy, data leakage, compliance violations, and security findings on any iOS or Android application. Zimperium’s proprietary processing engine dissects each mobile application binary directly from Jenkins and provides data on your apps’ resident risks.

Each finding provides developers specific descriptions and remediation instructions. The detailed instructions can integrate into existing ticketing systems like Jira. The platform can be further customized to focus on categories that align with your enterprise or industry.

Incorporating the scan results into your ticketing system allows for further downstream efficiencies. These integrations mean developers can work faster and reduce cycle times for bug fixes and enhancements. Teams can customize and filter findings as tracked, mitigated, confirmed, or fixed to prioritize workflows and deadlines.

How to Configure Your Jenkins Server and zScan

Integrating Zimperium’s mobile application security testing to Jenkins is simple.

Download Jenkins plugin from zScan administration console;
Open Jenkins and navigate to “Manage Plugins;”
Upload zScan plugin to zScan; and
Configure Jenkins

Download the Jenkins plugin provided in your zConsole administration panel.

Navigate to Manage Jenkins and select Manage Plugins.

Click the Advanced tab and in the Upload Plugin section, choose and upload the file zScan-jenkins-plugin.hpi.

Then restart Jenkins.

Jenkins Configuration

In the Configure section of your project, select Add Post-Build Action, and click “Upload Build Artifacts to zScan.”

Available fields in your configuration include:

Zimperium Server URL Endpoint
- This is your root URL to your Zimperium console.
Client ID
- This value is from your Zimperium Console Authorizations. Your Client ID is created after you generate your API Key.
Client Secret
- This client secret is only displayed when you initially generate your API key along with the client identifier value.
Source Files
- This allows you to specify patterns using ANT script. Zimperium provides several possible ANT statement examples that can help you get started.
Excluded Files
- This field provides the ability to specify patterns to exclude files. This field is the opposite of the Source Files field. Similarly, multiple patterns are comma-separated.

Findings, Instances, and Compliance Categories

After you configure Zimperium’s mobile application security testing platform with Jenkins and begin testing, zScan will provide you with security findings and instances. Findings are potential issues discovered in the app analysis. Each of the findings describing each issue is categorized by affecting security, data leakage, and compliance (OWASP, NIAP, NIST, CCPA, GDPR) mandates and recommendations.

Instances are specific locations where the finding is present in your app’s code. A hypothetical finding example in a physical penetration test could be that the doors in your house remain unlocked. If both the front door and back door are unlocked, there are two instances of the finding. Both of the findings may or may not need to be fixed. You can choose to accept one instance, allowing the back door to remain unlocked for a given house (app). Customizable policies can filter findings in future assessments for unlocked doors so you can focus on new findings.

[embedded content]

zScan Helps Reduce Mobile App Risk

To reduce risk and limit fraud, organizations worldwide are testing native and hybrid mobile apps with zScan to identify potential data leakage and security vulnerabilities. Mobile application development teams from the banking, financial services, healthcare, and public sector depend on Zimperium to secure, harden and detect real-time attacks to their apps, no matter the health of their users’ device.

“With zScan, we are detecting security vulnerabilities before release – in hours rather than weeks – and then automatically provide our third-party developer with a list of fixes.” – Application Security Manager, Global Banking Company

Automate Mobile Application Security Testing from Jenkins

Source

Dec 18 2020

British Business Bank Publishes Data on Future Fund

The British Business Bank has published Future Fund data on the 971 companies that have been approved for £975.5 million worth of Convertible Loan Agreements since launch last May. The Future Fund is designed to support early-stage ventures that typically do not have the capacity to borrow money as they generate losses. The UK government created the program so the entrepreneurial class, important for long term growth, was not devastated by the COVID-19 health crisis.

Both Crowdcube and Seedrs have utilized the scheme to help raise capital for early-stage firms by offering convertible securities that receive match funding from the Future Fund.

The British Business Bank reports that there have been 1,432 applications in total since the scheme was launched. The Bank said the data provided was via self-reporting by the companies applying to the Future Fund.

Data by region

The data indicates that 39% of the funding approved for companies, relating to convertible loan agreements worth £384.9m, was for businesses with their headquarters located outside of London.
Of the total amount of £975.5m, 15% is to companies headquartered in the South (South East and South West), 11% in the North (North West, North East and Yorkshire and the Humber), 8% in the East of England, 4% in the Midlands (East Midlands and West Midlands) and 3% in the Devolved Nations (Scotland, Wales and Northern Ireland).
London accounts for 61% of companies, in line with the wider market trends for equity investments.
The British Business Bank’s 2019/20 Small Business Finance Markets report showed that London received 66% of equity investment by value in 2019.

Data by the gender mix of the senior management team

Of the 971 companies that have been approved and received their Convertible Loan Agreements for signature, 78% of funding is to companies with mixed-gender senior management teams. Since the launch of the Future Fund more than 30 venture capital firms and angel groups have become signatories to the Government’s Investing in Women Code, alongside the Future Fund.
As part of its commitment as a signatory to the code, the Future Fund will supply HM Treasury with statistics on founder gender. HM Treasury intends to publish the first annual Investing in Women Code Report in the first quarter of 2021.

Data by ethnicity mix of the senior management team

Black, Asian and minority ethnic (BAME) only and mixed ethnicity management teams account for 63% of funding to companies that have been approved for Convertible Loan Agreements so far, worth £570.4m.

Management Team	No. of convertible loans approved	Value of convertible loans approved
All female team	12	£13.3m
All male team	259	£191.3m
Mixed gender team	660	£727.4m
Chose not to provide data	40	£43.5m
Grand Total	971	£975.5m

Future Fund data by ethnicity of company senior management team (self-reported by applicant)

Management Team	No. of convertible loans approved	Value of convertible loans approved
All BAME team	49	£40.8m
All white team	384	£331.5m
Mixed ethnicity team	460	£529.6m
Chose not to provide data	78	£73.5m
Grand Total	971	£975.5m

Future Fund data by location where company applying to Future Fund is based

	No. of convertible loans approved	Value of convertible loans approved
East Midlands	14	£18.0m
East of England	65	£73.3m
London	558	£590.6m
North East	28	£25.0m
North West	52	£51.8m
Northern Ireland	10	£12.1m
Scotland	17	£6.0m
South East	112	£119.9m
South West	41	£24.8m
Wales	14	£7.0m
West Midlands	30	£20.6m
Yorkshire and the Humber	30	£26.6m
Total	971	£975.5m

Source

Dec 14 2020

European Commission Agrees on €7.5 Billion Budget for Digital Europe: Goal is to improve Europe’s Competitiveness in the Global Digital Economy

The European Commission (EC) has come to an agreement on the €7.5 billion budget for the Digital Europe program. The goal is to “improve Europe’s competitiveness in the global digital economy and achieve technological sovereignty.” The EC said it seeks to support the digital transformation that will “guarantee high-quality public services benefiting citizens and businesses.”

The political agreement was reached today (December 14, 2020) with formal approval by the European Parliament and Council anticipated to take place soon with the program starting in January 2021. The budget will span a time period from 2021 to 2o27.

The plan is wide-ranging touching many different sectors of the European economy. A draft “Orientation” for 2021-2022 was previously published outlining potential goals:

Making Europe a top supercomputing region globally through the acquisition of at least one exascale supercomputer by the end of 2021, upgrading existing supercomputers and extending the use of advanced computing to industry, including SMEs;
Setting up and making accessible Europe-wide data spaces and testing and experimentation facilities for artificial intelligence in the areas of health, environment/climate, mobility, manufacturing and energy;
Enhancing cybersecurity by deploying a pan-European quantum communication infrastructure and supporting the set-up of a certification scheme for cybersecurity products;
Addressing the shortages of digital experts in the EU through dedicated Master’s programmes for artificial intelligence, advanced computing and cybersecurity;
Providing SMEs and public administrations access to the latest digital technologies by setting up a network of Digital Innovation Hubs;
Ensuring a successful digital transformation of health and care services with the EU-wide deployment of innovative and cost-effective data-driven tools and services based on technologies like AI and data analytics;
Making ICT products and services sustainable, by prioritising their energy efficiency as well as climate neutrality, reparability, lifespan and recycling;
Deploying open, interoperable, trustworthy urban digital platforms tailored to communities’ needs, offering easy standardised access to new datasets, and the large scale roll-out of AI- driven services in Smart Energy, Smart Mobility, waste and secondary resource management, industry and (re)manufacturing, healthcare and e-government.

Artificial Intelligence (AI) impacts most sectors of industry including financial services. Other areas of focus overlap with the Fintech realm.

Blockchain is frequently mentioned in the draft. For example:

“Blockchain and distributed ledger technologies (DLT) should be seen as a crosscutting enabling technology that can support the validation of transactions, the development of data spaces and empowerment of citizens, public services and businesses to control and share access to data in a trusted, distributed, secure, transparent and verifiable way.”

The allocation of the budget has been segregated as follows:

€2.2 billion – Super computing
€2.1 billion – Artificial Intelligence (AI)
€1.7 billion – Cybersecurity
€580 million – Advanced Digital Skills
€1.1 billion – Ensuring wide use of digital tech.

The info sheet may be downloaded or viewed below.

Digital Europe Program factsheet 2020 12 14

Source