Saturday, March 31, 2018

Saudi Arabia's New Cell Phone Spying Line in the Sand

Saudi law has criminalized the act of spying on your spouse’s mobile phone illegally and has listed this act under cybercrimes. 

Husbands or wives who are caught spying on their spouse’s mobile phone in order to prove dishonest behavior can be imprisoned for up to a year, receive a SR 500,000 ($133,000) fine or receive both forms of punishment.

According to legal sources, the penalty is imposed on people who access their spouse’s mobile phone without their permission. Accessing your spouse’s mobile phone becomes illegal when you crack their mobile phone’s password, according to the law. more

Spycam Detection Training Tip: Be Aware of Holes in Odd Places tip
Click to enlarge.
This case, which happened last night, is a good example of this detection tip paying off...

MA - A custodian at Northampton High School is facing charges after police say he "modified" a girls' bathroom at the school, creating holes in the ceiling so he could take pictures of students.

Michael Kremensky, 22, of Florence, is facing four charges of photographing an unsuspecting nude person, said Police Chief Jody Kasper, in a statement.

Police were called to the school Thursday for a report of suspicious activity involving holes in the ceiling of a girls' bathroom on the first floor.

No other bathrooms or rooms were affected, Kasper said. The activity was "localized to the one bathroom," she said. more
Learn more about spycam detection.

Friday, March 30, 2018

Is Facebook Eavesdropping? A "Scientific" Test & A Possible Explanation

(no spoilers, just teasers)

Testing the long-held belief that Facebook listens to your conversations to advertise stuff...

For years, people have speculated that Facebook and Facebook Messenger use your phone’s microphone to listen to your conversations and send you targeted adverts based on your IRL chats...

To put the rumor to rest, we at the New Statesman engaged in a very scientific test. Each employee had a scripted conversation in front of their phone with Facebook or Messenger open (after changing their settings to ensure that Facebook and Facebook Messenger had access to their microphones)...

Here's what went down... more


Facebook Really Is Spying on You...

A conspiracy theory has spread among Facebook and Instagram users: The company is tapping our microphones to target ads...

“Facebook does not use your phone’s microphone to inform ads or to change what you see in News Feed,” says Facebook.

Yeah, sure, and the government swears it isn’t keeping any pet aliens at Area 51. So I contacted former Facebook employees and various advertising technology experts, who all cited technical and legal reasons audio snooping isn’t possible... more

Drones - China's Self-Licking Ice Cream Cone Industry

Brief Profile Dà-Ji?ng Innovations Science and Technology Co., Ltd, marketed and popularly known as DJI, was established in 2006 by Frank Wang. It has its specialization in aerial photography and videography equipment (unmanned aerial vehicles), gimbals, cameras, and propulsion systems among others. They are one of the market leaders in their segment and continue to gain popularity, especially since the 2010s. In 2015, the Economist named them as being at the forefront of civilian-drone industry. more

Brief Profile
SZMID was established in 2006 by intelligence, security and  telecom professionals with extensive backgrounds in the security sector providing a wide range of high quality security devices & solutions to customers around the world. Our business is mainly focus on detection and jamming areas. more

A lot of folks are gunning for drones...

Peeps - The New Fake Surveillance Cameras

via Boing Boing...
As if the Elf on a Shelf wasn't creepy enough, now they've put Peeps in the faux-surveillance game.

A new book and plush Peep sold together as Peep on a Perch is encouraging parents to start a new "Easter family tradition":
The soft plush Easter Peep included in the set can be perched anywhere throughout the home. Children will be proud to have the Easter Peep watch them being good all day as they get ready for bed without making a fuss, help out around the house, and use good manners. And the more kindness the Easter Peep sees, the happier the Easter Peep gets! PEEPS® fans of all ages will love to make this a new Easter family tradition.

One Amazon reviewer (who gave the product five stars) writes, "The book encourages children to help, share and be kind as the Peep reports directly to the Easter Bunny." No, just no. more

Yet Another World's Smallest Color Video Camera

These folks have been cranking out tiny cameras since 1997. 
Truly amazing...

Scientists Develop Tiny Tooth-Mounted Sensors That Can Track...

...what you eat!

Monitoring in real time what happens in and around our bodies can be invaluable in the context of health care or clinical studies, but not so easy to do. That could soon change thanks to new, miniaturized sensors developed by researchers at the Tufts University School of Engineering that, when mounted directly on a tooth and communicating wirelessly with a mobile device, can transmit information on glucose, salt and alcohol intake...

Tufts engineers sought a more adoptable technology and developed a sensor with a mere 2mm x 2mm footprint that can flexibly conform and bond to the irregular surface of a tooth. In a similar fashion to the way a toll is collected on a highway, the sensors transmit their data wirelessly in response to an incoming radio-frequency signal. more

Just in case you were disappointed that this was not a story about a mysterious tooth implant...

Caught on Surveillance Camera: Homeless Dog Nips Book...

...about abandonment, and gets adopted.
We've all seen some pretty weird surveillance camera footage. This one should make your holiday weekend. more

Friday, March 23, 2018

Extortionography: Group Planted an Intern to Take Covert Video

The American Phoenix Foundation — a now-defunct conservative activist group known for attempting undercover stings of lawmakers and lobbyists — planted an intern in a Texas state lawmaker’s office during the 2013 legislative session in an effort to expose misdeeds, testimony in federal court revealed Thursday.

Shaughn Adeleye, testifying in Houston in the federal fraud case against former U.S. Rep. Steve Stockman, said in court Thursday that he was planted in the office of state Rep. James White to obtain footage of the Hillister Republican engaged in “fraud and abuse” and also in more mundane activities like cursing or failing to tidy his messy car... more

What is Extortionography?

Building Maintenence Man Accused of Hiding Spycams in Office Building Bathrooms

FL - A Largo man has been accused of using video cameras to record multiple women and two men while using the women’s restrooms in an office building, the Pinellas Park Police Department said.

John Phillip Gibbs, 49, of Largo, was charged with 14 counts of video voyeurism, a felony. The investigation is ongoing as police officers continue to identify others who were video recorded. Additional charges are expected, officers said.

The investigation began March 2 when Pinellas Park Police were called to an office building at 12360 66th St. N to investigate a suspicious incident in one of the women’s restrooms inside the building. During the initial investigation officers said they found two separate video recording devices above the ceiling tiles inside two different women’s restrooms...

Detectives said they were able to identify Gibbs from images on the video as being a maintenance worker for the office building.

The building management has notified the 60 different small businesses inside the building where the common restrooms are located. more

Don't become a lawsuit defendant, or a spy camera victim.
Learn how to protect your guests, customers, employees and yourself.

Saturday, March 17, 2018

FutureWatch: Eavesdropping... telepathically

Mary Lou Jepsen believes her technology will be 99.9% cheaper than MRIs (that’s an actual estimate, not a euphemism); radically smaller (the size of a ski cap, not a bedroom); and that its resolution will exceed that of MRIs by a factor of a billion. Yes, that’s an actual “b,” not a typo. And the really cool thing? Her creation might also enable telepathy.

If your mind rebels at the scale of these claims, reread Mary Lou’s credentials, then give an interview with her a listen. You can hear it by searching “After On” in your favorite podcast app...

Here’s where telepathy comes in...

Neurons range from 4 to 100 microns in diameter. This makes them invisible to MRIs, CAT scans, PET scans – pretty much anything other than a scalpel and a microscope. But Mary Lou’s technology could monitor them, if it delivers on its maximum promise. Add some clever machine learning, and the system could closely infer what those neurons are contemplating.

Might all this raise an ethical issue or two? To quote a one-time would-be VP, yooooou betcha! more

Friday, March 16, 2018

Spycam: John E. Lola kinks aim him to The Clink

MA - A former Framingham supermarket employee installed a spy camera in an employee ladies room last year, recording unsuspecting co-workers as they used the toilet, authorities said.

John E. Lola Jr., 47, of Holliston, pleaded not guilty to the charges at his Framingham District Court arraignment on Tuesday.

Lola was a longtime employee at the Stop and Shop on Temple Street. On Nov. 18 of last year, a female employee discovered the camera in a unisex employees-only restroom...

The camera was disguised as an electrical outlet. According to the report, the female employee was suspicious when she saw a new outlet in a stall. When she touched it, the outlet fell to the floor and revealed the camera, which was aimed at the level of someone sitting on a toilet, police wrote.

The small video camera had a disc attached to it. Police got a warrant to view the contents of the disc, which contained 34 videos, mostly about one-minute long each.

"Most were of females using the bathroom, primarily of the private parts are visible," police wrote in the report.

The videos did not show any of the people's faces. However, the video did catch a closeup of the person installing the camera. It appeared the camera was turned on as the man attached the camera to the stall's wall, police wrote in the video. more  The Clink

Note to businesses: This spy camera was found by chance. Lawsuits often follow this type of embarrassing discovery. Periodic inspections for hidden cameras in expectation of privacy areas by trained staff is a nice defense to have.

Wednesday, March 14, 2018

From Those Wonderful Folks Who Killed Air-Gap Security - This Bud Screws You

A research team from Israel’s Ben-Gurion University of the Negev's cybersecurity research center has discovered a new way of data extraction from air-gapped computers via using passive devices like earbuds, earphones, headphones, and speakers.

Now, the same research center has claimed to be able to use computer speakers and headphones to act as microphones and receive data. The devices can be used to send back the signals and make the otherwise safe practice of air-gapping less secure.

As per the new technique [PDF], data is extracted in the form of inaudible ultrasonic sound waves and transmission occurs between two computers installed in the same room while data is shared without using microphones. more

Off-the-shelf Smart Devices Easy to Hack

Off-the-shelf devices that include baby monitors, home security cameras, doorbells, and thermostats were easily co-opted by cyber researchers at Ben-Gurion University of the Negev (BGU). As part of their ongoing research into detecting vulnerabilities of devices and networks expanding in the smart home and Internet of Things (IoT), the researchers disassembled and reverse engineered many common devices and quickly uncovered serious security issues.

"It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices," says Dr. Yossi Oren, a senior lecturer in BGU's Department of Software and Information Systems Engineering and head of the Implementation Security and Side-Channel Attacks Lab at Cyber@BGU. "Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products."

"It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand," says Omer Shwartz, a Ph.D. student and member of Dr. Oren's lab. "Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely." more

Monday, March 12, 2018

Combatting Corporate Espionage -- Warning Signs

by Adam Brown
In the modern age of relatively cheap and ever-evolving technology, corporate espionage is a real threat that could be perpetrated by any employee or other insider at any time. 

The term “corporate espionage” covers many different types of behavior, ordinarily taking the form of a malicious company insider secretly stealing confidential company information, usually for use in a competing business. The insider may be planning on joining an existing competitor, or may be planning on founding a new competing business of their own.

Hiding a bug in a book binding. | Murray Associates TSCM
Hiding a bug in a book binding.
In essence, however, the term refers to any act of spying that is carried out for commercial purposes. Regardless of the form it takes, the wrongdoer will be looking to exploit the time, money, and hard work you have put in to make your business successful for their own malicious purposes.

Corporate espionage comes in many forms, some more sophisticated than others. While there is no foolproof way to spot all transgressions before it is too late, here are some general warning signs to watch for:
  • The employee begins working from home or out of the office more often;
  • You see an increase in after-hours work or unusual office or remote computer access;
  • The employee begins meeting with customers without recording meetings in company systems;
  • The employee knows about business matters they are not directly involved in;*
  • The employee becomes disgruntled or has a sudden change in attitude;
  • Files or other materials are missing from the office with no explanation;
  • The employee unexpectedly resigns without advance notice; and
  • The employee refuses an exit interview or does not want to discuss post-resignation employment plans. While not necessarily indicative of any improper actions, any of these behaviors should be considered “red flags” that merit further investigation or research. more
* Electronic eavesdropping.
Time for a technical surveillance countermeasures (TSCM) inspection.

You may also want to read... Business Espionage: The Employee Competitor… and what to do about it.

What is the Salary for a Female Spy in Australia?

Australia - The anti-corruption watchdog sought special exemption from the Anti-Discrimination Board of NSW to advertise for the $127,627 ($100,440.71 USD) job which requires women to be sent into the field in “covert” spying operations.

“The exemption is required to ensure operational effectiveness and flexibility,”... more ($)

Cameras at Women’s Apparel Shop Hacked

A viral Peeping Tom who hacked into the closed-circuit TV surveillance camera at a women’s bathing suit shop has led to a warning from the Israel Police Cybercrimes Unit that similar systems may be compromised and violate the privacy of unsuspecting persons.

According to police, an unidentified 41-year-old man was arrested on Wednesday after he allegedly used his computer to hack into the CCTV system at a high-end boutique in northern Tel Aviv and recorded customers as they undressed and tried on bathing suits.

While details of the incident remain unclear due to a gag order, police said the suspect subsequently posted the videos to a social media page. more

So, uh, why were there cameras in the changing areas in the first place? Better learn how to spot the cam.

Sunday, March 11, 2018

Has Your Information Been Compromised? Check Here to See

"We build NoSecrets to inform the public that their information is being traded and sold not just on the dark web, but between data brokering companies."

Do data brokers hold information about you that they should not hold, thus putting you at risk?

You can check here.

Friday, March 9, 2018

Pruitt Do It In a SCIF

African Union Bugged by China: Cyber Espionage as Evidence of Strategic Shifts
A number of African leaders have turned to Chinese investment as a viable alternative to Western development aid. The recent allegations of Chinese cyberespionage of the African Union's headquarters might prompt them to reconsider... Although this sort of spycraft is fairly routine, it signals Africa’s growing strategic importance to China. In a world of finite resources, states spy on states that matter to them. more

Russia has found yet another way surreptitiously to influence U.S. public policy: Stealing the identities of real Americans and then using these identities to file fake comments during the comment submission period preceding the formulation of public policies... Researchers, journalists, and public servants have found a wide range of fake comments and stolen identities in the public proceedings of the Labor Department, Consumer Financial Protection Bureau, Federal Energy Regulatory Commission, and Securities and Exchange Commission. more

The impact of a data breach should not be underestimated. A breach can lead to regulatory investigations by a number of agencies, including the Federal Bureau of Investigation, Secret Service, Immigration and Customs Enforcement as well as through enforcement actions by regulators including State Attorneys General, the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC), among many others. more

So, is it any wonder paranoia is forcing SCIF spending...

The Environmental Protection Agency is spending nearly $25,000 to build a soundproof communications booth in Administrator Scott Pruitt’s office, according to media reports.

The Washington Post first reported details of the contract on Tuesday evening, which will cost the government $24,570.

The “privacy booth” will be installed by Oct. 9, so Pruitt can have “a secured communication area in the administrator’s office so secured calls can be received and made,” EPA spokeswoman Liz Bowman told the Post in a statement.

“Federal agencies need to have one of these so that secured communications, not subject to hacking from the outside, can be held,” Bowman continued. “This is something which a number, if not all, cabinet offices have and EPA needs to have updated.” more sing-a-long (for what it's worth)

Wednesday, March 7, 2018

A Very Weird Tale of Corporate Espionage and Murder and More Corporate Espionage

Apotex claims longtime chemist went rogue and stole drug secrets...

Apotex Inc., the generic-drug giant founded by murdered billionaire Barry Sherman, has been waging a year-long court battle against an ex-employee who was fired for allegedly stealing millions of dollars’ worth of pharmaceutical trade secrets from a laboratory computer—in the hopes of launching a rival company in his native Pakistan...

Barry Sherman, 75, and his wife, Honey Sherman, 70, were discovered strangled inside their North York mansion nearly three months ago, the victims of what police have labeled a “targeted” double homicide. Since then, detectives have said little else about the high-profile murders...

News of the lawsuit comes at the same time as Apotex tries to defend itself against similar allegations of corporate espionage. In a court action launched last July in the United States, Sherman’s company is accused of using sex, lies and USB drives to illegally obtain valuable trade secrets from the world’s largest generic drug-maker, Israel’s Teva Pharmaceutical Industries Ltd. As Maclean’s reported last month, a Pennsylvania judge denied Apotex’s attempt to throw out the sensational lawsuit, which accuses a former Teva executive of leaking confidential information to her boyfriend—then-Apotex CEO Jeremy Desai. Desai abruptly resigned in January, six weeks after the Shermans were killed, “to pursue other opportunities.” more

Further insights... Business Espionage: The Employee Competitor… and what to do about it.

Australian Spy Who Revealed Bugging Under 'Effective House Arrest'

The spy who blew the whistle on Australia’s bugging of Timor-Leste’s cabinet room during sensitive oil and gas negotiations is still under “effective house arrest” and has been treated disgracefully by Australia in retaliation for his actions, his lawyer says.

The Australian secret intelligence service agent, known only as Witness K, had his passport seized in 2013 as he prepared to give evidence in The Hague on an Australian bugging operation.

In 2004, Witness K was involved in a covert mission to listen in on the Timor-Leste cabinet aimed at giving Australia the upper hand during negotiations to carve up oil and gas reserves in the Timor Sea, estimated to be worth about $53bn. more

Secret Agent Man & Daughter

Intrigue continues to swirl as the “poisoned spy”, Sergei Skripal, and his daughter, Yulia, remain in intensive care. Counter-terrorism police have taken over the investigation. Boris Johnson has said the possibility of a Russian assassination attempt means UK officials might boycott the World Cup.

This morning, Shaun Walker examines how the Skripal case looks like a warning about the fate awaiting those who collaborate with western intelligence agencies.

And more details are emerging about the life of the former double agent, known in his Salisbury neighborhood as a genial man with a penchant for Polish sausage and lottery scratch cards. more video sing-a-long

Monday, March 5, 2018

Court Admits Husband's Illegal Bugging into Evidence

Turkey - A top appeals court decided that evidence collected through illegal bugging could not be used by itself to prove guilt but could be used in conjunction with other evidence in a 2015 case where a man in the Aegean province of Aydın believed his wife was cheating on him and installed a bugging application onto her cell phone.

The application turned the cell phone into a recording device. The recordings showed the woman really was cheating on him with a colleague from work. The man immediately filed for divorce, demanding compensation from his wife and the custody of their child. more

An app that can help determine if an Android phone is infected with spyware.

10 New Attacks on 4G LTE Discovered

A group of researchers has uncovered ten new attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals.

The attacks exploit design flaws in the communications protocol and unsafe practices employed by the stakeholders and can be used to achieve things like impersonating existing users, spoofing the location of the victim device, delivering fake emergency and warning messages, eavesdropping on SMS communications, and more.

Among the uncovered attacks they consider one particularly worrying: an authentication relay attack that allows an adversary to impersonate an existing user (mobile phone) without possessing any legitimate credentials.

“Through this attack the adversary can poison the location of the victim device in the core networks, thus allowing setting up a false alibi or planting fake evidence during a criminal investigation,” they pointed out. more

Cuba's Sonic Attacks - Possibly a Side-Effect of Spying

Its surveillance tools may have transmitted ultrasonic sounds by mistake...

Remember those 'sonic attacks' against the American and Canadian embassies last summer, making staff queasy and raising all kinds of questions as to what happened? There might have an answer. University of Michigan researchers have theorized that the incidents were really the result of ultrasonic signals from poorly functioning surveillance equipment. While individual ultrasonic signals can't harm people outside of extreme circumstances, multiple signals can clash with each other and produce a sound that's just low enough to be audible.

The scientists tested their hypothesis by replicating the "chirping" from an AP video using two ultrasonic emitters that combined tones, one at 25kHz and another at 180Hz. That produced a similar-sounding 7kHz frequency with ripples of sound at an even 180Hz spacing. The team even built a device that would simulate eavesdropping by playing a song instead of the 180Hz tone. more

Security Scrapbook fans knew this might be a botched spying attempt, and how it worked, last August. ~Kevin