Monday, November 4, 2024

Chinese Spooks Hacking US Mobile Users in Real Time

Millions of US mobile users could be vulnerable to Chinese government spooks who are apparently desperate to know when they are picking up their snowflakes from school and where they order their pizza...

The US intelligence community briefed six current or former senior US officials about the attack. The Chinese hackers believed to be linked to Beijing's Ministry of State Security, have infiltrated the private wiretapping and surveillance system that American telecom companies built exclusively for US federal law enforcement agencies.

The US government believes the hackers likely still have access to the system. Since the breach was first detected in August, the US government and the telecom companies involved have said very little publicly, leaving the public to rely on details trickling out through leaks.

The lawful-access system breached by the Salt Typhoon hackers was established by telecom carriers after the terrorist attacks of September 11, 2001. It allows federal law enforcement officials to execute legal warrants for records of Americans' phone activity or to wiretap them in real-time, depending on the warrant.

Many of these cases are authorised under the Foreign Intelligence Surveillance Act (FISA), which investigates foreign spying involving contact with US citizens. The system is also used for legal wiretaps related to domestic crimes. more

Global Surveillance Free-for-All in Mobile Ad Data

Excellent (long) article on services that track and sell your movements. Via Kreb's on Security
Not long ago, the ability to digitally track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a dangerous power that should remain only within the purview of nation states.
But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites.

Delaware-based Atlas Data Privacy Corp. helps its users remove their personal information from the clutches of consumer data brokers, and from people-search services online. Backed by millions of dollars in litigation financing, Atlas so far this year has sued 151 consumer data brokers on behalf of a class that includes more than 20,000 New Jersey law enforcement officers who are signed up for Atlas services...

Babel Street’s LocateX platform also allows customers to track individual mobile users by their Mobile Advertising ID or MAID, a unique, alphanumeric identifier built into all Google Android and Apple mobile devices.

One unique feature of Babel Street is the ability to toggle a “night” mode, which makes it relatively easy to determine within a few meters where a target typically lays their head each night (because their phone is usually not far away). more

Student Finds 'Hacker-like' Approach to Bypass Cell Phone Security

Forensic investigators face significant challenges in securing crucial data from criminals' phones.
University of Amsterdam PhD candidate Aya Fukami has identified hardware vulnerabilities in phones to bypass the security of modern devices, allowing her to extract data from phones in a way that was previously not possible...

"Traditional methods of hacking or scraping data from phones still often yield only encrypted data. Researchers then face great difficulty making that encrypted data usable," Fukami says. "It's a process that also takes a long time and doesn't always result in usable evidence."

To overcome this, Fukami explored ways to bypass vulnerabilities in phone system security. And she succeeded. more

Pakistani Journalist Finds his Car Bugged...

... mocks spy agency's old tech!

The relationship between journalists and state surveillance is as old as the profession itself, though surveillance methods have evolved with advancing technology. In Pakistan, however, veteran journalist Azaz Syed recently revealed that while the government may be keen on surveillance, the technology remains as outdated as the economic challenges facing the nation. 

In a post on social media platform X (formerly Twitter), Syed shared that his mechanic, while installing a new number plate, found a tracking device secretly attached to his vehicle...

Syed poked fun at Pakistan’s intelligence agency for using "old technology." He pointed out that while modern GPS devices are compact and lightweight, the device he encountered was large and cumbersome. Sarcastically, he remarked, “I expect Pakistan’s intelligence agencies to be smart enough so at least I don’t catch your spying devices.” more

Spies Can Eavesdrop on Phone Calls by...

 ... sensing vibrations with radar.

An off-the-shelf millimetre wave sensor can pick out the tiny vibrations made by a smartphone's speaker, enabling an AI model to transcribe the conversation, even at a distance in a noisy room.

Spies can eavesdrop on conversations by using radar to detect tiny vibrations in smartphones and employing artificial intelligence to accurately transcribe them. The trick even works in noisy rooms, as the radar homes in on the phone’s movement and is entirely unaffected by background hubbub.

Millimetre wave sensing is a form of radar that can measure movements of less than 1 mm by transmitting pulses of electromagnetic wave energy and detecting the reflected beams.

Suryoday Basak at Pennsylvania State University and his colleagues used a commercially available sensor operating between 77 and 81 gigahertz to pick up the tiny vibrations in a Samsung Galaxy S20 earpiece speaker playing audio clips. They then converted the signal to audio and passed it through an AI speech recognition model, which transcribed the speechmore$

Former School Counselor Hid Cameras in Boys’ Bathroom

A former counselor at a private school in Riverside County pleaded guilty today to
possessing child sexual abuse material (CSAM) and placing a hidden camera inside bathrooms to film boys using the toilet and showers.

Matthew Daniel Johnson, 34, of Bryan, Texas, pleaded guilty to one count of production of child pornography and one count of possession of child pornography. He was remanded into federal custody after he pleaded guilty...

During the search of his residence, Johnson admitted to law enforcement that he had hidden a pen-shaped recording device in a toilet paper holder inside of a school bathroom, across the hall from his office as a school counselor at La Sierra Academy in Riverside. more

Matt Damon’s Funniest Comedy Flips the Spy Genre on Its Head


Damon gave the single greatest comedic performance of his career in Steven Soderbergh’s dark comedy The Informant!

The Informant! was released during a time in Damon’s career in which he could certainly afford to be a little bit more experimental...

While it’s understandable why he may have wanted to step outside his comfort zone and try something new, The Informant! is a brilliant deconstruction of espionage thrillers that examines the complexity of American masculinity. more trailer
...and it is a true story!

Tuesday, October 22, 2024

Corporate Espionage: Executives Exploiting Their Roles

In a concerning trend across the corporate world, cases of internal misconduct and corporate espionage are becoming increasingly prevalent, posing significant threats to businesses. 

Internal disputes and personal agendas can undermine corporate governance and harm a company’s competitive edge...

Recent events involving senior executives at a Pune-based company, Artur Schade Steel Products India Pvt. Ltd., highlight how internal betrayal and data theft can cause substantial financial damage and disrupt operations. more

Landlord's Son Plants Spycam - Gets Door Lock Code from Building Camera

According to court documents, the man was accused of attempting to, or successfully entering, a woman’s apartment on 64 occasions...
The victim, a woman in her 20s, lived in a one-room apartment owned by the perpetrator's father.

The man tried to break into the apartment by entering random number combinations into the apartment’s electronic lock 26 times. After these failed attempts, he discovered the passcode by watching CCTV footage from the building. He then entered the victim’s home 38 times and installed a spycam to film the victim for sexual purposes...

An appeals court upheld a two-year and six-month prison term, suspended for four years, for a 48-year-old man convicted of illegally breaking into a woman’s apartment numerous times and installing a spy camera for sexual purposes. more

How a Cold War Spy Test Boosts Fitness and Sharpness

A novel training approach could help older adults stay mentally sharp and physically fit even when fatigued, according to a new study.
Researchers at the University of Extremadura in Spain investigated the effects of Brain Endurance Training (BET) on cognitive and physical performance in sedentary older women. The research, led by Jesús Díaz-García and colleagues, compared BET to standard exercise training and a control group over an 8-week period.

One example of BET is the Stroop task, a cognitive test where participants must name the color of a word, while the word itself spells out a different color (e.g., the word "red" printed in blue ink)...

During the Cold War, U.S, intelligence agencies used the Stroop task to identify potential Russian spies by presenting them with a color-word test in Russian, where a native Russian speaker would slow down when encountering incongruent color-word combinations, revealing their ability to read Russian and potentially their true identity as a spy; whereas a non-Russian speaker would not experience the same delay because the words would be meaningless to them. more

Meanwhile, at my local restaurant...

GOP primary loser, and loser’s wife charged with secretly recording political rival...

NJ - Two women, including an unsuccessful candidate for Township Committee and the wife of another unsuccessful candidate, were charged Monday in what could be Readington's version of Watergate.

Jacqueline Hindle, 49, who lost in June's hotly contested Republican primary for two Township Committee seats, and Christina Albrecht, 45, the wife of the other unsuccessful candidate, Ben Smith, have been charged by the Hunterdon County Prosecutor's Office with an alleged scheme to record a private conversation between Mayor Adam Mueller and Deputy Mayor Vincent Panico at The Rail restaurant in Whitehouse Station.

According to a report from Hunterdon County Prosecutor Renee Robeson, Readington Township Police received notification July 8 that an audio recording device was found on the metal fence surrounding the patio at The Rail at Readington.

The two were charged with violating sections of the New Jersey Wiretapping and Electronic Surveillance Control Act. more

Ford Has a Better Idea: Patent In-Vehicle Eavesdropping


There was a time when people had to whisper to avoid being heard by the wrong ears.
Now, in the era of smart devices, we’ve also got to worry about our smartphones listening to our conversations for advertising purposes.

But the eavesdropping situation seems to be reaching new heights with Ford’s recently published patent, which shows “systems and methods” that assist with showing more targeted ads.

The document also discloses that to achieve this goal, the new technology would listen to conversations that take place among people in the vehicle. more

Vodafone Fined €2.25 mil. - Poor Wiretap Security

The National Digital Infrastructure Inspectorate (RDI) has fined Vodafone 2.25 million euros for not properly securing its wiretapping system. 

According to the Dutch regulator, Vodafone’s security of this system, which could contain state secrets or criminal information, did not meet the legal requirements in several areas...

Telecom companies must properly secure the physical space in which their wiretapping system is located, secure access to the system, and prevent information from the system from reaching unauthorized persons.

According to the RDI, Vodafone’s security plan did not meet the requirements. The telecom provider also did not properly screen the personnel who had access to the system. “A large number of them lacked an adequate job description, a signed confidentiality statement, and a certificate of good conduct,” the inspectorate said. The physical security of the system itself was also inadequate, making it vulnerable to unauthorized access, the RDI said. more

Spy Camera Sign Seen in My Travels

 

Hobart, Tasmania

Friday, October 11, 2024

Trade Secrets Audits: Strengthening Your Company’s IP Protection

via Sefarth Shaw, LLP...
In a world where corporate espionage and data breaches are increasingly common, protecting your company’s intellectual property is more vital than ever. 

Recent developments surrounding the FTC’s Non-Compete Ban, currently stalled in litigation, highlight the need for proactive measures. This webinar will help you navigate these regulatory shifts and strengthen your IP protection strategies.

Join Lauren Leipold, Eddy Salcedo, and James Yu for the next installments of Seyfarth Shaw’s 2024 Trade Secrets Webinar Series. This webinar offers crucial insights into enhancing your IP defenses and preparing for future regulatory changes.