Monday, July 6, 2020

America’s Cup Buffeted by Fraud and Spying Allegations

New Zealand’s plans to host the 2021 America’s Cup are in disarray amid allegations of fraud, spying and a government decision to suspend funding for the world’s most famous yachting event.

Grant Dalton, managing director of Team New Zealand, has denied claims of fraud and financial mismanagement. He said the team and organisers were the victims of spying and intentional reputational damage by people with questionable motives.

“It is a deliberate, sinister, and highly orchestrated attack which includes anonymous tip-offs, recordings and document leaks. ‘Informants’ orchestrate unfair accusations, bypassing normal processes, and going straight to external authorities,” he said.

Mr Dalton revealed this week the team had sacked a number of employees for leaking confidential information. He said his organisation had been infiltrated by spies. more

US Court Rules Facebook Widgets can be Considered Wiretaps

After a nine-year-long legal battle, a federal appeals court has ruled that Facebook’s practice of collecting data through its widgets could be considered a violation of anti-wiretapping laws.

The social media firm has long defended its actions by quoting the part of the federal Wiretap Act that defines wiretapping as interception of communications. According to a Gizmodo report, in Facebook’s logic, gathering user data isn’t the same as wiretapping without that active interception.

However, a panel of judges on the 9th Circuit Court of Appeals in the US has dismissed this technicality as it was found that the Facebook widget was collecting information from people who didn’t click on it. Such actions, they ruled, count as interception. more

How attackers hack mobile networks...

...and get access to free data, locations, wiretap calls and more.  
A fairly detailed and interesting article for the technically curious.

TikTok - Times Up

This has been a week that TikTok—the Chinese viral video giant that has soared under lockdown—will want to put quickly behind it...

Whether India had always planned to announce its ban on TikTok, along with 58 other Chinese apps, on June 29, or was prompted by the viral response to the iOS security issue is not known. But, as things stand, TikTok has been pulled from the App Store and Play Store in India, its largest market, and has seen similar protests from users in other major markets around the world, including the U.S.

One of the more unusual groups campaigning against TikTok is the newly awakened Anonymous hactivist group... “Delete TikTok now,” the account tweeted, “if you know someone that is using it, explain to them that it is essentially malware operated by the Chinese government running a massive spying operation.more

Calls for Tik Tok to be banned in Australia over Chinese spying fears

Security Director Alert: Why Home Offices Also Need TSCM

Since the coronavirus hit the U.S. in full force in March, spam emails are up 6,000%. This data from the head of IBM’s X-Force Threat Intelligence, Wendi Whitmore... The surge is, in part, connected to the high numbers of people working from home...

Since the lockdowns began, cybersecurity experts began to worry that it would be easier for attackers to compromise security systems. The fear of the pandemic, financial stress, and other distractions at home turned workers into ripe targets for scammers, as stress lowers people’s guard to tactics like phishing.

In the case of workers using VPNs, some experts see them as the perfect way to get a bad actor into a company’s network, likening it to a hypodermic needle. All an attacker needs is a few employees to click on some malware, perhaps from an email or a fake resume and they could be in — and some cyber experts even speculated that attackers might target unsecured Wi-Fi networks. more

Friday, June 26, 2020

Former Police Officer Accused of Spying on Neighbors

MO - A man told police he found a mini video recorder on an outside window ledge of his St. Charles County home... The camera allegedly was pointed into a closet and bathroom inside his home.

When St. Charles County police analyzed the camera and SD card, they found multiple clips showing the man and his wife, both clothed and nude, inside of their home...

According to court documents, more recordings led authorities to believe the camera was resting on John Zlatic’s back porch at one point in time. When police attempted to talk Zlatic, the suspect did not answer his doorbell...

Officers were able to get DNA profiles from a plastic clamp that was used to prop the camera on the window ledge. They then used Zlatic’s former police uniform, which had been given back to the department upon his resignation, to confirm the DNA on the clamp was his, court documents state. more 
Learn how to detect spycams.

Reports: Cybercrimes Surge 400%, Teleworkers Need to Tighten Security another new analysis, IBM warns that teleworkers are especially vulnerable to attack.

“There is a level of apathy and a lack of awareness when it comes to securing the home office environment....they’re seeing double the failure rates on their security tests than they saw pre-COVID,” warns Mathew Newfield, Chief Information Security Officer at Unisys...

This unprecedented remote working explosion amounts to a dramatic game changer for corporate security officers and cyber attackers,” says Patrick Barry, Chief Information Officer at Rebyc Security.”

Corporate cyber security strategies, policies, penetration testing procedures, and technologies need to be reconsidered and reevaluated and, in many cases, revamped.more

This Month in Wiretapping History

 1977 - S. Korea - The foreign ministry delivers a letter of protest to Washington over the wiretapping of the office of President Park Chung-hee by the U.S. Central Intelligence Agency. The agency was investigating an allegation that a South Korean lobbyist paid bribes of up to US$1 million to high-level U.S. politicians at the behest of the South Korean president, who did not get along with his U.S. counterpart, Jimmy Carter. more

Thursday, June 25, 2020

Questions We Get... Are 5G Cell Phone Signals Dangerous?

A. Being a licensed amateur radio operator, the topic hits close to home. Basically, any high strength RF emission can cause damage. Leukemia is the top one for transmitter engineers in the broadcast biz. 

Fortunately... "The intensity of radio waves over distance obeys the inverse-square law, which states that intensity is inversely proportional to the square of the distance from a source. Think of it this way: double the distance, and you get four times less power."

Given the distance cell antennas are away from people the effect is negligible. However, if your office chair sits next to a wall with a cell antenna mounted just on the other side, you might want to change offices. ~Kevin  more

Tuesday, June 23, 2020

How to Detect Hacked Charging Cables

Click to enlarge.
  • They Appear Normal
  • They Blend In
  • They Suck Up Your Data
They are Alien Cables from Hacker Space.

Imagine a charging cable which looks exactly, and I mean exactly, like any stock charging cable. Oh, just one difference. This charging cable has built-in Wi-Fi and can run penetration programs on whatever it is plugged into.

Hacked charging cables exist, in four versions and two colors, white and black, and they sell for $119.99.

Ostensibly, they are, “built for covert field-use by Red Teams.” However, anyone can buy one. We did. 

Determining if the following claims are true is important to protecting our clients.

“It looks like the real thing. It feels like the real thing, down to the millimeter.” Has “features that enhance remote execution, stealth, and forensics evasion.”
Our tests revealed... more

Thursday, June 18, 2020

Believe It, Or Not, or... Laugha While You Can

via The New York Times

A team of scientists hunting dark matter has recorded suspicious pings coming from a vat of liquid xenon underneath a mountain in Italy. 

They are not claiming to have discovered dark matter — or anything, for that matter — yet. But these pings, they say, could be tapping out a new view of the universe. more

This might be old news to some. Cue the music.

Is Your Hotel or AirBnB Spying on You?

Have you ever found a random USB charger in a hotel room and thought “How lucky, someone left their charger and now it’s mine!”?

Have you ever plugged your phone into the USB of an alarm clock and said, “I’m so glad this hotel or guest house made my life easier with this bedside technology!”?

Have you ever looked up at a smoke detector and said, “Thank god that’s there in case of a fire, I’ll be protected!”?

Well, here’s some bad news: all of those items can be, and possibly are, hidden cameras that are watching you, recording you, spying on you, and violating you. And the worst part, these disguised cameras are only sometimes illegal.

Don’t believe us? Do a simple Amazon search and prepare to be frightened by the amount of spying equipment you can get two-day shipping on. There are hidden cameras in wall outlets, clocks, picture frames, clothes hooks, pens, and so much more. more

Learn how to detect covert spy cameras.

Wednesday, June 17, 2020

Privacy Protector – Anonymous Camera for iPhone

 A new camera app has been released for iOS that, unlike basically every other photography app, is designed to hide the photo’s subject rather than highlight them. Called Anonymous Camera, this app works to protect the people captured in a video or photo by blurring or otherwise hiding their faces — or, in cases where it is necessary, by removing their bodies entirely.

There are times when you may need to interview someone or take a picture, but hide someone featured in the content for their sake. This could include interviews with someone who wishes to remain private, protecting whistleblowers, or simply hiding the faces of protesters and activists so that facial recognition technology can’t be used to identify them.

Anonymous Camera is a free app that can perform these actions, as well as entirely removing the subject’s body in cases where they have other identifiers like tattoos. The app is free to download, though there’s also a Pro version priced at $2 that includes watermark-free video recording. more

Why Law Firms Need TSCM More Than Ever

Law firms are still the firm favorites and proverbial jewel in the crown for cyber criminals. 

Hackers for hire can be extremely useful for some people and organizations. Although the report by the University of Toronto revealed that Dark Basin had infact conducted commercial espionage on behalf of clients against opponents involved in high profile public events.

But their work didn’t stop there. They also worked on criminal cases, financial transactions, news stories and advocacy in an attempt to throw doubt on prosecutions. more

TSCM - Technical Surveillance Countermeasures / Bug Sweep / Information Security Audit

Bugged Office with Concealed Cameras by Persons Unknown

Australia - The Labor MP whose office was the scene of an elaborate 60 Minutes surveillance operation that brought down three Victorian Ministers has briefly surfaced to reveal he is co-operating with authorities.

In a stunning political sting that was conducted over months, veteran MP Anthony Byrne’s office was rigged up with broadcast quality concealed cameras by persons unknown.

The factional powerbroker Adem Somyurek was then led into a bugged office, an invitation the sacked minister now regards as an elaborate trap. more

Learn how to detect concealed cameras.