Friday, April 4, 2025

The Affidavit of a Rippling Employee Caught Spying for Deel Reads Like a Movie

On Wednesday, Rippling publicly released the affidavit of the Rippling employee who testified that he was working as a spy for the HR tech company’s arch rival Deel.

And the account, coupled with Rippling’s lawsuit filed against Deel a couple of weeks ago, reads like a corporate espionage movie script, complete with a sting operation and a smashed phone.

It’s the latest escapade between the two. TechCrunch has documented the most Hollywood-esque parts of the testimony below, but be aware that this is only one side of the story — the side Rippling wants everyone to know, as its PR machine has blasted it out, and CEO Parker Conrad tweet-stormed about it.

To recap: Rippling, a workforce management platform, very publicly announced on March 17 that it was suing Deel over this alleged spying, leveling charges ranging from violation of the RICO racketeering act (often used to prosecute members of the Mafia) to misappropriation of trade secrets and unfair competition. more

This Week in Spy News

Trump fires top boss at NSA, nation's elite spy agency

• Where and Why to Spy? How does the Intelligence Community focus its collection and analysis?

Russia Releases Mysterious Objects In Earth's Orbit, Internet Abuzz With Spy Mission Claims


Secrets, spy tools and a 110-year-old lemon are on show in an exhibition from Britain’s MI5


I Asked AI How to Bug a Room...

I asked AI how to bug this room. It did. 
Then, it tried to take my job! https://lnkd.in/eUCaiCDj



Threat Actors Allegedly Selling SnowDog RAT Malware With Control Panel on Hacker Forums

A new Remote Access Trojan (RAT) dubbed “SnowDog RAT” is malicious software purportedly marketed for $300 per month. It appears to have been specifically developed for corporate espionage and targeted attacks on business environments.

The malware advertisement, discovered on Thursday, April 3, 2025, describes sophisticated capabilities that could threaten organizations worldwide.

According to a ThreatMon post shared on X, the advertisement claims that SnowDog RAT offers an extensive array of intrusion and persistence features that make it particularly dangerous. more

Lawsuit Alleges Pharmacist Hacked Hundreds of Computers to Watch Women Undress

A recently filed class action lawsuit accuses a former pharmacist at the University of Maryland Medical Center of having hacked into hundreds of computers.

Court documents say Matthew Bathula targeted at least 80 of his coworkers, most of whom are women pharmacists, residents, and other medical professionals.

Bathula allegedly accessed their computers using passwords and usernames extracted from UMMC computers and was able to gain access to their personal email, texts, photo libraries, and "private and sensitive electronically stored information."

He also allegedly downloaded partially nude photographs and recordings, photographs, and recordings depicting the women breastfeeding their children.

The complaint states Bathula activated internet-enabled cameras in patient treatment rooms to watch and record his coworkers he knew to be pumping breast milk at work and accessed home security cameras remotely to spy on the women in their homes, recording all of them in multiple stages of undress, in private family interactions, and having intercourse with their husbands.

Bathula accessed at least 400 computers, per court documents, and the active spying went on for at least a decade. more

Spying on Children: Dino, the Stool Pigeon Dinosaur

Dino is a plush toy recommended for children ages 4-9. They play with it. It plays back, as only an AI chatbot can. It answers questions, creates interactive stories, can handle jokes, and even help with math homework. Pretty clever, and only $249.00, if you can get one. Production is currently not mass. 

Cute idea. Innovative, but not totally original. Toy companies have been offering "interactive" dolls for a long time. I am guessing we are all too young to have had a Thomas A. Edison talking doll, introduced in 1887. Zipping into the early 1960's there was Chatty Cathy, by Mattel. Still drawing a blank? How about Furby from the late 1990's. All these toys were "interactive" in that the child made them speak, and these responses were limited.

Welcome to the 21st Century! Interactivity is really here. Dino supposedly can "AI think" and answer. Since I have never seen a Dino in the wild, supposedly will have to do based on the website's claims.

"So, Kevin, how is this Spy News?!?!"

Dino has another talent. It can squeal. Its interactions zap to an app faster than you can say, "You dirty rat." 

  • Tell Dino you raided the cookie jar, your parents will know. 
  • Ask Dino where to hide the [fill in the blank] you stole, they will know. 
  • Tell Dino you hate your parents and are plotting revenge, they will know. 

The gotchas are infinite, kid. Keep your knees loose. (JS)

Friday, March 28, 2025

This Week in Corporate Espionage News

Corporate espionage in Canada: how HR leaders can guard against insider threats

• Deel and Rippling corporate espionage case takes a turn as accused ‘spy’ agrees to cooperate

• US is increasingly vulnerable to espionage threats, analysts warn

• Former Spy: Unstoppable AI-Powered Threats Target All

• Russian espionage group focused on corporate espionage, mainly targeting organizations in the US

• North Korea hackers go after business executives in latest info-stealing scheme

• DOGE Purge Is Boosting China’s Espionage Activities Against U.S.

• '$35 million gone in one call': Deepfake fraud rings are fooling the world's smartest firms: Impersonating CEOs for wire fraud to creating fake hostage videos for extortion

This Week in Spy News

• Putin’s Spy Hunters Grab Ukrainian Informants On Mission To Infiltrate Russian Military

Man Charged with Installing Eavesdropping Device


A Missouri man was charged with installing an eavesdropping device in an Oak Grove home
Wednesday night.

Oak Grove Police told WKDZ that 34-year-old Manual Alvarez was arrested after a camera was found in the headboard of a bed in the home of a woman with whom Alvarez had a child in common.

Alvarez reportedly claimed he put in the camera due to things being stolen and said it was not hidden. more

A Chinese Spy Network is Targeting Former US Officials Laid Off by Musk and Trump

A network of companies linked to a Chinese tech firm has been attempting to recruit recently laid-off U.S. government employees.
This campaign, uncovered by analyst Max Lesser, seeks to exploit the vulnerabilities of federal workers affected by mass layoffs. 

While the companies involved remain obscure, the operation's methods resemble those used in previous Chinese intelligence activities. The U.S. government is aware of the potential risks and is urging former employees to remain cautious about such offers...

Lesser, who shared his findings with Reuters, warned that "the network seeks to exploit the financial vulnerabilities of former federal workers affected by recent mass layoffs." These recruitment efforts closely resemble previous tactics used by Chinese intelligence to obtain valuable information under the guise of employment opportunities.

A Web of Fake FirmsFour companies—RiverMerge Strategies, Wavemax Innovation, and two others—are allegedly part of this recruitment network. Their websites share overlapping designs, are hosted on the same server, and exhibit other digital connections, raising suspicions of a coordinated effort. Lesser’s research, along with Reuters' investigation, found that all four companies’ websites were hosted alongside Smiao Intelligence, an obscure Chinese internet services firm. more

Student: Allegedly Secretly Recording Videos in Girls' Restroom

A now-former student at the Gwinnett School of Math, Science and Technology is facing felony charges after police say he recorded videos inside a girls’ restroom multiple times.

The most recent incident occurred on Feb. 25, but warrants reveal the teen is accused of similar actions at least 13 times since October 2024.

According to a police report, the 17-year-old male student entered the girls’ restroom and took a picture or video of a 17-year-old female student without her consent. Investigators collected the student's cell phone as evidence.

Officials credited a student's vigilance in reporting the incident, which led to swift action by administrators. more

Not So Secure: Drones Can Now Listen to Underwater Messages

Cross-medium eavesdropping technology challenges long-held assumptions about the security of underwater communications.

Researchers from Princeton and MIT have developed a method to intercept underwater communications from the air, challenging long-standing beliefs about the security of underwater transmissions.

The team created a device that uses radar to eavesdrop on underwater acoustic signals, or sonar, by decoding the tiny vibrations those signals produce on the water’s surface. In principle, the technique could also roughly identify the location of an underwater transmitter, the researchers said. more

Cool Spycraft at the Tip of Your Finger

Only $3.18.

This is a Near-Field Communications (NFC) chip. Very small. Very thin. NFC is a short-range wireless technology that enables data exchange between two devices within ~4 cm. The chip contains a small amount of memory, a radio antenna, and a controller. It can be operated in one of two modes. 
  • Passive: No battery, powered by the electromagnetic field from the reader. 
  • Active: Has its own power source and can initiate communication.
How you might want to put your new spy power to work...

1. Covert Information Drops
• Spy embeds NFC tag in a common object (book, card, clothing tag).
• The chip links to a hidden or encrypted file or payload.
• Handler taps the object with a phone to retrieve information without direct contact.

2. Target Tracking
• Spy plants an NFC tag on a person or vehicle.
• The chip contains a unique ID or triggers background logging when scanned by compromised devices.
• Useful in tight surveillance environments.

3. Access Credential Spoofing
• Clone an NFC badge or card to gain unauthorized access.
• With a reader and software, a spy can harvest data and replicate a target’s access card.

4. Payload Delivery
NFC chip programmed to:
• Open malicious URLs.
• Trigger phone actions (e.g., Bluetooth pairing, contact injection).
• Launch scripts on rooted devices or with social engineering.
• Planted in public items (posters, flyers, seats, hotel room items).

5. Dead Drops with Geofencing
• NFC chip triggers a secure drop message only when tapped in a specific location.
• Adds plausible deniability; nothing visible unless in context.

6. Asset Authentication & Deception
• Tag gear or documents with NFC chips claiming authenticity (e.g., fake origin metadata).
• Alternatively, verify real gear during handoff using known chip signatures.

7. Remote Trigger Mechanism
• NFC tag acts as a trigger for another device (e.g., when tapped, it signals a hidden recorder to start transmitting).

From The Security Scrapbook Archives - "The Talking Dog" (joke)

 From The Security Scrapbook Archives - "The Talking Dog"


Monday, March 24, 2025

FutureWatch: Sophisticated & Smart Surveillance Electronics To Become Smaller and Cheaper

Texas Instruments says it has shrunk the size of the smallest microcontroller unit in its industry with a new MCU the size of a black pepper flake.


The MCU packaging is only 1.38 square millimeters in size... TI says the product is aimed at small products including medical wearables, earbuds, stylus pens and electric toothbrushes. The product includes a 12-bit analog-to-digital converter and has 16KB of flash memory and 1KB of SRAM and runs at 24MHz...

TI says the microcontroller costs 20 cents per unit in quantities of 1,000, which means a company could get an army of robot spiders project started for as little as $200.

Vinay Agarwal, vice president and general manager of MSP Microcontrollers at TI: "With the addition of the world's smallest MCU, our MSPM0 MCU portfolio provides unlimited possibilities to enable smarter, more connected experiences in our day-to-day lives."

William Luk, a consultant and technology expert at Quandary Peak Research, said the MCU shrinkage opens up opportunities in areas where miniature devices weren't previously possible.

"One of the important verticals for micro-devices is in healthcare and surgical: smart pills, embedded sensors, or even surgical devices that can reach places like never before," Luk said. more