-
Galaxy Report On NFT Rights; What About Web3 to Web2 User Generated Content
For some reason, many people still believe that buying an NFT gives them ownership over intellectual property in original works. The Galaxy Report may have found the culprit of this widespread misconception: intentional misrepresentation. As if you didn’t know that buying an mp3 doesn’t give you IP rights to the song encoded in it. You know it full well, because when you post the song on Twitch, someone will come and take it down, even though you bought the game that included the song. Right! Why would an NFT be any different? Because it is more expensive? Since when buying an expensive painting gives you the right to reproduce that…
-
Bell v. L3d Distributing, 2021 FC 832, Inducement of Copyright Infringement
Inducement of copyright infringement is a novel cause of action recognized for the first time in Bell Canada v. L3d Distributing where the Federal Court awarded a group of media broadcasters over $25M in statutory damages for the streaming of unauthorized content on defendants pre-programmed set-top boxes. In cases of “whack-a-mole” patterns of infringement where an interlocutory injunction is being ignored by a defendant, like in this case the interlocutory injunction was breached over 175 times and resulted in 10 amendments of the statement of claim, inducement is rather obvious and a very welcome cause of action. It is a known pattern (modus operandi) of Canadian copyright infringers to deliberately…
-
Key Ransomware Variants In Canada
Under the new Technology and Cyber-Security Reporting Advisory, financial institutions must report incidents within 24 hours in writing. Here is a list of examples of reportable incidents: Scenario Name Scenario Description Impact Cyber Attack Account takeover botnet campaign is targeting online services using new techniques, current defenses are failing to prevent customer account compromise High volume and velocity of attemptsCurrent controls are failing to block attackCustomers are locked outIndication that customer account(s) or information has been compromised Service Availability & Recovery Technology failure at data center Critical online service is down and alternate recovery option failedExtended disruption to critical business systems and operations Third-Party Breach A material third party is…
-
Bielarus CyberPartisans Mega Attack
-
Summary Judgments in Copyright Claims: The War Has Changed
Courts are progressively moving away from their passive caution in matters of patent or copyright infringement where serial infringers are thriving on the slowness and inefficiency of the justice system to keep infringing in the course of proceedings. One way to curtail the modus operandi of Canadian infringers who rarely have a valid defence as they don’t need it until a case is heard on the merits, is to cut short litigation by several years and issue summary judgments against such infringers. (see ViiV Healthcare Company v. Gilead Sciences Canada, Inc., 2021 FCA 122) For example, in
-
Indica Records Cyber-Phishing Upgraded
I don’t know why the Indica label is so popular among incompetent cyber-criminals. Even Desjardins impersonators are not that persistent, but here we go again. It is important to keep in mind that this can happen to any business. Every website out there can be used as a front to commit phishing and other attacks, with or without cyber-squatting, most of the time without the knowledge and consent of site admins. The less tech-savvy a business, the more vulnerable it is to have its identity used in this way. While dissecting my latest Indica Records incident, I noticed a new approach of fake ID layering to bypass spam filters (not…
-
Mobile Verification Toolkit To Detect Pegasus Spyware In Personal Devices
The human rights organization Amnesty International has developed a utility called MVT (Mobile Verification Toolkit) that allows you to identify the Pegasus malware in your device and its source code is available on GitHub.The MVT utility is compatible with Android and iOS, but there are no ready-made solutions for the quick installation of the application. They need to be compiled for a specific device, which can be done only on a computer with Linux or macOS. The utility saves a backup copy of the data from the smartphone on the computer, scans all data and checks if the device is infected with the Pegasus spyware, and informs the user if…
-
Spyware Tracks Journalists And Activists Via Microsoft
This just in. At least 100 activists, journalists and government dissidents across 10 countries were targeted with spyware produced by Candiru, according to cybersecurity researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance. https://montrealgazette.com/news/world/activists-journalists-targeted-by-israeli-firms-spyware-researchers-say Using a pair of vulnerabilities in Microsoft Corp.’s Windows, cyber operatives operating in Saudi Arabia, Israel, Hungary, Indonesia and elsewhere purchased and installed Candiru’s remote spying software. According to Cristin Goodwin, general manager of Microsoft’s Digital Security Unit, the tool was used in “precision attacks” against targets’ computers, phones, network infrastructure and internet-connected devices,” —————– Being a frequent target of cyber-attacks (like any person in the world who needs to get…
-
France: Vente de vrais certificats vaccinaux sur Snapchat via Amazon
Nous avons déjà rapporté des incidents de vente de QR codes vaccinaux sur le dark net dès le mois d’avril 2021, mais ces incidents comme tout ce qui est “dark web” ne forment qu’une infime partie du traffic mondial d’usurpation de tests de dépistage et de certificats vaccinaux. Depuis ses débuts, l’internet de surface (grace à notamment des protections comme l’article 230, Communication Decency Act ) héberge 95% de la cybercriminalité, et notamment vol d’identité de tout genre, demandes de rançon et traffic humain. Évidemment, l’internet de surface est aussi un terrain propice pour la commercialisation de passeports vaccinaux. Grace à la collaboration indispensable de soignants et autres travailleurs de…
-
Owsianik v. Equifax Canada, 2021 ONSC 4112
One in 6 Ontario class actions allege privacy violations. This dynamic may change following the Divisional Court’s determination in Ohsianik v. Equifax that collectors and guardians of personal data (“Database Defendants”) cannot be liable for intrusion upon seclusion when third parties steal or access that data. Liability is suppressed even where database defendants are alleged to have acted recklessly in the storage of that information such that the information was improperly accessed by a third party. https://www.canlii.org/en/on/onscdc/doc/2021/2021onsc4112/2021onsc4112.pdf