government

Beam raises $6.4M to help citizens access safety net funds • ZebethMedia

By zebethcontrolPosted on November 17, 2022Posted in beam, government, Government & PolicyNo Comments

Beam, a startup that helps citizens access government financial aid, has raised $6.4 million in Series A funding. The company, previously known as Edquity, helps deliver funds across a wide array of programs, like emergency cash assistance, rental relief and public utility benefits. “We fundamentally work to transmit critical services and resources to those in need,” said David Helene, CEO of Beam. The company’s Series A funding comes as the company said it saw a greater need to provide disadvantaged communities with financial support following the COVID-19 pandemic. Beam said the funds will be used to expand its headcount and further develop its platforms. The round was led by Potencia Ventures, with participation from Spring Point Partners, American Family Insurance Institute for Corporate and Social Impact, Imaginable Futures, Lumina Impact Ventures, Michelson Runway, and Schmidt Futures. Beam, when partnered with governments, operates as the end-to-end cash assistance administration system, which handles applications, ID verification, case decisions, and payments. “Our system has a single system of records,” said Helene. “Our intent is to create the least amount of friction and the most dignity for those that are interacting with applications in the system.” Beam said it allows applicants to receive funds by bank account, a prepaid card, or online services like Zelle to serve communities equitably. Beam says it has helped process over $180 million to about 300,000 households. The company currently has operations in 16 states with 57 governments.

Ring launches pilot program to let local agencies share updates and ‘safety information’ • ZebethMedia

By zebethcontrolPosted on November 15, 2022Posted in Amazon, Apps, government, neighbors, pilot, Ring, Safety, Security, StartupsNo Comments

Ring today announced that local government agencies will be able to have an official presence on the company’s Neighbors app. Beginning with the City of North Port and Pinellas County Government in Florida and the City of Fulton in New York, the new program will allow government organizations to provide safety information through Neighbors, the Amazon-owned company’s neighborhood watch feature that alerts users to nearby alleged crimes and events. “Local government agencies, such as county and municipality governments and their departments, play an important role in public safety,” Ring wrote in a blog post published this afternoon. “This pilot program will enable users in select municipalities to receive more safety information, updates and tips from a broader group of local agencies, all in one place.” Participating local government agencies will have public profiles in Neighbors that users can visit to see their activity and posts. Ring notes that the program won’t enable the agencies to make a “Request for Assistance” on Neighbors, a capability that lets law enforcement ask the public for help with an active investigation. For the time being, that’ll remain reserved to the police departments that’ve partnered with Ring. The new Ring program, while helpful on its face, is unlikely win over consumer advocates who’ve argued the company’s devices are a security threat. As ZebethMedia previously reported, Ring has a history of sharing footage with the government without users’ permission. Between January and July of this year alone, Amazon shared Ring doorbell footage with U.S. authorities 11 times without informing the device owners. Ring has been criticized for working closely with thousands of police departments around the U.S., allowing police to request video doorbell camera footage from homeowners through Neighbors. Ring only began disclosing its connections with law enforcement after the U.S. government sent demands for transparency from the company.

Aiphone door entry systems can be ‘easily’ bypassed thanks to NFC bug • ZebethMedia

By zebethcontrolPosted on November 10, 2022Posted in government, physical security, Security, vulnerabilityNo Comments

A security research firm says it discovered an “easily” exploitable vulnerability in a door entry security system used in government buildings and apartment complexes, but warns that the vulnerability cannot be fixed. Norwegian security company Promon says the bug affects several Aiphone GT models that use NFC technology, often found in contactless credit cards, and allows bad actors to potentially gain access to sensitive facilities by brute-forcing the door entry system’s security code. Door entry systems allow secure access to buildings and residential complexes, but have become increasingly digitized, making them vulnerable to both physical and remote compromise. Aiphone counts both the White House and the U.K. Parliament as customers of the affected systems, according to company brochures seen by ZebethMedia. Promon security researcher Cameron Lowell Palmer said a would-be intruder can use an NFC-capable mobile device to rapidly cycle through every permutation of a four-digit “admin” code used to secure each Aiphone GT door system. Because the system does not limit how many times a code can be tried, Palmer said it takes only minutes to cycle through each of the 10,000 possible four-digit codes used by the door entry system. That code can be punched into the system’s keypad, or transmitted to an NFC tag, allowing bad actors to potentially access restricted areas without having to touch the system at all. In a video shared with ZebethMedia, Palmer built a proof-of concept Android app that allowed him to check every four-digit code on a vulnerable Aiphone door entry system in his test lab. Palmer said the affected Aiphone models do not store logs, allowing a bad actor to bypass the system’s security without leaving a digital trace. Image Credits: Cameron Lowell Palmer / Promon Palmer disclosed the vulnerability to Aiphone in late June 2021. Aiphone told the security company that systems manufactured before December 7, 2021 are affected and cannot be updated, but that systems after this date have a software fix that limits the rate of door entry attempts. It’s not the only bug that Promon discovered in the Aiphone system. Promon also said it discovered that the app used to set up the door entry system offers an unencrypted, plaintext file that contains the administrator code for the system’s back-end portal. Promon said that could allow an intruder to also access the information needed to access restricted areas. Aiphone spokesperson Brad Kemcheff did not respond to requests for comment sent prior to publication. Relatedly, a university student and security researcher earlier this year discovered a “master key” vulnerability in a widely used door entry system built by CBORD, a tech company that provides access control and payment systems to hospitals and university campuses. CBORD fixed the bug after the researcher reported the issue to the company.