Print Centers Leak Information

These behemoth systems do far more than just make copies,
confusing their users, and opening up vulnerabilities to the company. Although copying may be the main business of the machines, they can also scan, fax, send and receive vital company information — all in one place. Essentially, these machines have become a networking hub within the workplace, where each new action or service provides a new opportunity for exploitation wirelessly, by ethernet cable, or by both.

Researchers have recently been investigating access on printer/copiers as a potential opportunity for information leakage or industrial espionage, or even sabotage. In a January 2017 Quocira survey of 200 US and European businesses, more than half reported some data loss through intercepted print jobs (50%), access and loss or theft of printer hard disk data (48%), documents emailed externally (44%), or outright hacking of the printer system to gain company network access (18%). Some hackers have been very clever in attacking these systems. more

Tech-Head Alert: Smartphone Anti-Spyware & Anti-IMSI Catcher Development

We are looking for recommendations of top tier stealthy Spyware Command and Control APKs to place on a testbed of Windows, iOS, Android, Ubuntu handsets and handsets carrying a modded version of the Google Android 7.0 Nougat OS for a test that we wish to conduct to measure the capture rate and automated counter measure response of a mobile adaptive threat defence suite.

We are also looking for a list of non-LE "StingRay" type cellphone-surveillance and cell-site simulators available publicly as part of our testing of our MITM detection, automated counter measures response, and triangulation software suite. more

Resources for Investigators

The Reporters Committee for Freedom of the Press serves the nation’s leading news organizations; thousands of reporters, editors, and media lawyers; and many more who use their online and mobile resources. Private and corporate investigators will find the resources below especially useful.

• General The First Amendment Handbook The News Media & The Law

• Libel and Privacy SLAPP Stick Can We Tape? Photographers Guide to Privacy

• Reporter's Privilege Privilege Compendium Agents of Discovery

• Freedom of Information A Reporter's Guide to Medical Privacy Law Access to Electronic Communications Access to Police Records Federal FOIA Appeals Guide Federal Open Government Guide Open Government Guide Private Eyes Privatization v. The Public's Right to Know Sunshine, Inc. The Lost Stories

• Court access Open Courts Compendium A Reporter's Guide to Military Justice Access to Juror Questionnaires Access to Juvenile Justice Access to Terrorism Proceedings Alternative Dispute Resolution Anonymous Juries Gag Orders Grand Juries Judicial Speech Jury Records and Proceedings Off Base: Military Court Dockets Online Access to Plea Agreements Secret Dockets Secret Juries Warrants & Wiretaps White Paper: Military Dockets

• Newsgathering A Reporter's Field Guide A Reporter's Guide to American Indian Law Homefront Confidential Police, Protesters and the Press

More Than 200 Companies Making Counter-Drone Systems

The ability of unmanned aerial vehicles to fly legally over fences, walls and property lines is disrupting more than just the few industries that use drones commercially. 

As the drone market grows, so does the anti-drone market. The market for products that track, trap or break unmanned aerial vehicles (UAV) is growing alongside the market for drones, much of it driven by fear that UAVs could be weaponized by terrorists or used as platforms for corporate espionage.

This is less far-fetched than it sounds. One tech industry executive told Semiconductor Engineering that he recently found a drone hovering outside his 45th-floor hotel room in Shanghai. He immediately closed his laptop computer.

“There is a laundry list, more than 200 companies, making counter-drone systems of one kind or another, and they do market mitigation capabilities that most people can’t use,” Michael Blades said. “But drones are cheap to get, easy to fly, and are not always easy to see. So if a company is concerned about trade secrets, or even just about the security to know if there’s anyone around taking pictures, they might look into countermeasures.” more

Carvercon 2018 - Washington, DC - November 16

Security Management International (SMI) is pleased to host the inaugural CARVER Target Analysis and Vulnerability Assessment Convention in Washington, D.C. on Friday, November 16th, 2018 from 8am – 5pm. The event will be in Washington D.C. at the Washington Marriott Metro Center with a continental breakfast, lunch, and light fare in the afternoon.

This one-day event will cover a range of topics related to protecting critical infrastructure and key resources, utilizing the CARVER Target Analysis and Vulnerability Assessment Methodology as a foundation for discussion. The latest innovations in assessment technology, recent case studies, and best practices for identifying and minimizing security threats will all be addressed.

Featured speakers include retired CIA officer and the “Godfather of CARVER,” Leo Labaj, former Deputy Director of the FBI, William Esposito, former US National Security Advisor and Supreme Allied Commander, General James Jones, plus many more. more

Have Xfinity? Your Wi-Fi is Scared

"In addition to saying “Help” into your Voice Remote, you can directly ask for what you need.  For example, say “What’s my WiFi password?” and your WiFi network name and password will show up on the tv screen.

Keep exploring your WiFi information and you will find different ways to manage your network, including viewing WiFi usage across devices in your home. You can also do this on-the-go with the Xfinty xFi app." more

Wi-Fi security is important, especially if you are using it in a business environment. ~Kevin

"What, you're still on Facebook?!?!"

Today, Facebook says it recently discovered a security breach affecting nearly 50 million user accounts. more

Yesterday, Facebook confirmed that advertisers were privy to phone numbers given by members of the social network for enhanced security.

A study by two US universities, first reported by news website Gizmodo, found that phone numbers given to Facebook for two-factor authentication were also used to target advertising. more

Recent Criminal Prosecutions for Trade Secret Theft

via Megan Mocho Jeschke, Holland & Knight LLP
Theft of trade secrets typically spurs civil actions against the offender, but theft of trade secrets can also be prosecuted criminally under the Economic Espionage Act, 18 U.S.C. § 1831 et seq. (the “Act”) and other related statutes. Several high-profile arrests, convictions, and indictments have come down in recent months highlighting the Department of Justice’s active enforcement in this area...

The Act makes it a crime to steal trade secrets or obtain trade secrets knowing them to have been stolen. 18 U.S.C. § 1831(a). The Act broadly defines trade secrets to include

all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing

provided that the owner takes “reasonable measures to keep such information secret” and the continued secrecy of the information has actual or potential “independent economic value.” 18 U.S.C. § 1839. Violators can be imprisoned and/or fined. Violators who intend to benefit a foreign government face higher penalties. more

Recent Spycam News

AR - A Northeast Arkansas man accused in a video voyeurism case pleaded guilty Monday. more

CA - Former Rancho Palos Verdes building inspector accused of secretly recording 89 people in City Hall, Starbucks restroom. more

DC - Fifty-two women secretly videotaped by an Orthodox rabbi in Georgetown between 2004 and 2014 as they undressed to immerse in a mikvah, a Jewish ritual bath, will get $25,000 each if a settlement reached between them and four Jewish organizations is approved by a D.C. judge. more

FL - Fort Myers Arthrex employee secretly recorded co-worker using bathroom. more

FL - A man who installs security systems for a living is accused of setting up hidden cameras in a home and recording hundreds of videos of women in the shower. more

Fl - A teacher and girls track coach left Bloomingdale High School in handcuffs on Tuesday after deputies said he admitted to secretly recording students in his fashion design class as they undressed. more
 
KY - A former teacher at Holy Rosary Catholic School in Evansville has pleaded guilty to six charges in a voyeurism case. more

PA - Philadelphia man sentenced to 20 years for secretly recording his girlfriend’s two daughters in bathroom. more

TX - A father suspicious of what was going on at his son's daycare sent the baby rigged with a spycam. His suspicions turned out to be right. more

UT - Salt Lake man charged in changing room voyeurism case. more

VT - There are new allegations against the former Rice Memorial High School teacher charged with secretly taking cellphone photos up students' skirts. more

WA - A Western Washington University employee, who committed suicide this week, had been accused of secretly video-recording two adult basketball players inside a locker room shower. more

WA - A man who videotaped a young girl as she was showering was sentenced to serve 90 days in jail for voyeurism. more

WV - Women's basketball players were photographed secretly in nude by assistant coach/residence hall director. more

Belgium - Every year, police records more acts of voyeurism. In 2016, 366 offenses were recorded, and even 857 in 2017, while in 2014 and 2015, the figures were respectively 108 and 112. more

Canada - Peterborough police have arrested a man on a warrant for several charges including voyeurism involving a woman he once had an intimate relationship with. more

Canada - A British couple vacationing in Toronto were horrified to discover a spy camera hidden in a digital clock at their rental apartment. more

Japan - Kumamoto Prefectural Police have arrested a male civic employee over the alleged illicit filming of a female high school student. more

Singapore - Apart from new laws to tackle the issue of voyeurism, various stakeholders such as malls and security companies should step up efforts to deter the use of hidden cameras in public toilets, said Members of Parliament (MPs) and activists. more   Finding spycams in the workplace.

South Korea - A spycam was discovered in the room for actress Shin Se-kyung and Apink’s Yoon Bo-mi while they were shooting for new variety program “Borderless Food Cart.” more

South Korea - Public toilets an issue of concern in South Korea for thousands of women. more

Corporate Espionage: Employees Solicited to Sell Company Secrets

There's a booming job market for corporate insiders willing to share secret info with cyber criminals.

• Amazon said this week it's investigating whether company insiders have been selling proprietary information to buyers in Asia in order to give them a selling advantage.
• Many companies, especially in big technology, banking and telecom, face heavy incentives overseas for employees to sell internal information or access.
• The problem is so common that in some jurisdictions, criminal enterprises post "job ads" looking for specific insiders to aid in targeted schemes.

"The salaries listed are quite high, sometimes 10 times what the average salary for an average job at a bank would be...They look for people who can tell them how to log in and how to connect to certain accounts" ~Ziv Mador more

Snake Eyes

A Pittsburgh woman is suing Rivers Casino, members of its security staff, her ex-husband, and his lawyer, claiming they used the casino’s video surveillance system to spy on her while she was gambling there last fall...

Clerici then alleges Rivers’ security staff handed the recordings over to her ex-husband’s lawyer, Dennis McCurdy, in compliance with a subpoena the casino should have known was invalid. more

Wiretep Fun Fact: Estonia Beats Sweden and Findland

According to weekly Eesti Ekspress, last year Estonia's security authorities eavesdropped on a total of 4,596 calls made in provider Telia's network.

The same company's Swedish network was accessed by the Swedish authorities 3,822 times. Taking into account the countries' populations as well as Telia's market share, this means that the Estonian state's phone surveillance is ten times that of Sweden, the paper wrote.

Telia also operate a phone network in Finland, where the state listened in on 3,640 calls last year. Taking into account market share and population, this is more than the number recorded in Sweden, but still five times less than in Estonia. more

Business Espionage: You Have a Friend in Philly

If someone is stealing your company's secrets, U.S. Attorney William M. McSwain wants to hear from you...

In the span of a couple weeks, McSwain's office secured two guilty pleas from two scientists who admitted taking part in a conspiracy to siphon cancer drug research from GlaxoSmithKline's Upper Merion offices, destined for a company that had financial backing from the Chinese government...

The pilfering of a company's proprietary work comes down to "economic warfare," McSwain said. "It's simply not fair for this information to be stolen and then for people to lose their jobs because of it." more sing-a-long

Smartphone Spying – All They Need is Your Number and You're Pegged

When an Israeli entrepreneur went into a meeting with the infamous spyware vendor NSO, company representatives asked him if it would be OK for them to demo their powerful and expensive spying software, known as Pegasus, on his own phone.

The entrepreneur, who spoke to Motherboard on condition of anonymity because he was not authorized to talk about the meeting, agreed, but said that NSO would have to target his other iPhone, which he brought with him and had a foreign phone number. He gave NSO that phone number and put the phone on the desk.

After “five or seven minutes,” the contents of his phone’s screen appeared on a large display that was set up in the meeting room, all without him even clicking on a malicious link, he said.

“I see clicking on all kinds of icons: email icon, SMS icon, and other icons,” he told Motherboard. “And suddenly I saw all my messages in there and I saw all the email in there and they were capable to open any information that was on my [iPhone].”

The entrepreneur added that the NSO representatives accessed the microphone and the camera on his iPhone. That demonstration highlighted the power of an increasingly popular product among governments: software for remotely hacking phones in order to access communications and other data from targets. more

UPDATE
Pegasus malware officially a global brand.

NSO Group's Pegasus surveillanceware has been on the market for around two years, and now researchers say the spyware has a global reach that would make most multinational corporations jealous.

CitizenLab reports that its latest analysis of the malware has found it operating in some 45 countries, usually in the hands of governments looking to keep tabs on its citizens. more
 

EU Fears its Brexit Talks Are Being Bugged

The European Union’s Brexit negotiators fear that they are being bugged by the British secret service after the UK obtained sensitive documents “within hours” of them being presented to a meeting of EU officials last month, The Telegraph understands.

A highly placed EU source revealed the security concerns as British negotiators were set to return to Brussels on Thursday to resume Brexit talks.

The two sides remain far apart on the key issues of customs arrangements and Ireland, with Latvia’s foreign minister warning on Wednesday that the risk of a ‘no deal’ outcome was now “50-50”. more