Wednesday, April 29, 2020

Robot 'Spy' Gorilla Records Wild Gorillas Singing and Farting

This is the first time that singing mountain gorillas have been caught on camera.

(Image: © Copyright John Downer Productions)

Mountain gorillas have been caught on camera as they "sing" during their supper, a behavior that has never before been documented on video. Filmmakers captured the astonishing footage of the primate crooners with a little help from a very special camera: a robotic "spy" designed to look like a young gorilla.

The singing apes make their television debut on April 29 in the returning PBS series, "Nature: Spy in the Wild 2."

Like its predecessor, which first aired in 2017, the program documents remarkable up-close glimpses of elusive wildlife behavior, seen through the "eyes" of robots that are uncanny lookalikes of the creatures that they film. more  sing-a-long

'Zoom-bombed' | Salary Cuts Call Eavesdropped on by Rival Company

Staff at national news outlet The Independent were on a ‘confidential and sensitive video’ Zoom call to learn about salary cuts and furloughs when it was ‘zoom-bombed’ by an employee from a rival media organisation. more


Mark Di Stefano, a reporter with the Financial Times, allegedly entered meetings held over the video conferencing app by the Independent and the Evening Standard.

Stefano, according to the Independent, brazenly joined the meeting by using his work email address. This caused Stefano’s name to appear on the call, although his camera remained disabled.

The journalist reportedly joined for 16 seconds before logging out but returned soon after by logging in with his phone number.

Not long after the call, Stefano sent out a series of tweets describing topics that the Independent says were discussed during the staff meeting.

Stefano described information on everything from pay cuts to the outlet’s issues with falling ad revenue. more

Related News...
DHS Reportedly Concerned Zoom May be Vulnerable to Foreign Spies 
The feds are concerned that Zoom’s security flaws could make the popular videoconferencing platform vulnerable to foreign spies, a new report says.

An intelligence analysis from the Department of Homeland Security found that Zoom’s explosive growth and its well-known security problems make it a “target-rich environment” for government spy services and other hackers, ABC News reported Tuesday.

“Any organization currently using — or considering using — Zoom should evaluate the risk of its use,” the department warned in the analysis, which was reportedly distributed to law enforcement agencies around the US. more
...and much more.

"What's in a Name?

...That which we call a rose by any other name would smell as sweet.”

Spies Keep Sneaking Malware Into Google Play

Google's Play Store for Android apps has never had a reputation for the strictest protections from malware. Shady adware and even banking trojans have managed over the years to repeatedly defy Google's security checks.

Now security researchers have found what appears to be a more rare form of Android abuse: state-sponsored spies who repeatedly slipped their targeted hacking tools into the Play Store and onto victims' phones.

At a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the Play Store...

Once Kaspersky had identified the PhantomLance apps, its researchers were able to match their code with older malware used by OceanLotus, which has been active since at least 2013. more

New Spy Podcast

Fresh from playing Peggy Carter in the Marvel Universe, and now preparing for Mission: Impossible 7, Hayley Atwell gets CIA, KGB & Mossad operatives to share their inside stories of real spy missions.

Thursday, April 23, 2020

A Sad Case Highlights Perception of Privacy Loss and Mental Health

WA - A suicidal man who was shot and killed by police officers at a Loves truck stop in Ritzville called police twice to report that his car was bugged and that he was being tracked, according to a release by the Columbia Basin Investigative Team.  more

A Global Recession Will Fuel Cyber-Espionage

While the current pandemic crisis presents businesses with unprecedented economic challenges to their very existence, it has also created a tremendous level of cyber-risks. 

Heightened risks are present not only due to the significant numbers of individuals working from home, increasing the vulnerability landscape, but also because as states fall deeper into recessions, some may resort to cyber-espionage in an attempt to position better their post-pandemic political, economic, and industrial structures.

Regardless of the industry, the intellectual property (IP) of any organization is likely to be a precious target for foreign government-sponsored hackers...

Managing the crisis, in reality, can be much more complex and a nightmare for decision-makers. However, flexible, agile, and governments that are being flexible and adaptable while at the same time prioritizing their cybersecurity measures and counter-espionage efforts are more prone to survive the crisis as well as sustain domestic business operations with minimal loss. more

This Week in Spycam News

UVM Medical Center Doctor Hid Camera in Staff Bathroom
The emergency department doctor and assistant professor is facing several voyeurism charges after hospital security discovered the hidden camera. more

Man faces felony accusation of viewing girl through camera in alarm clock...
When interviewed by police, the girl said she knew the camera was there because of a "dot" on the front of the clock and that camera's presence made her "uncomfortable" and "creeped out." On Valentine's Day, the girl placed a series of heart-shaped stickers on the clock to decorate it, while also blocking the camera's view. more

Former head golf professional classified as Tier I sex offender...
Mohawk Golf & Country Club’s former head golf professional who was charged after a recording device was found in a women’s locker room was classified as a Tier I sex offender today. more

IR Eye of Ra, or The Drone Patrol

Police in Westport, Connecticut, announced this week that they’re testing a so-called “pandemic drone” that can detect when people on the ground have fevers.

The new drone platform will also be used to determine when people are closer than six feet to each other. Police will be able to deliver a verbal warning through the drone’s speaker to anyone not practicing social distancing.



The new drone technology was developed by a company called Draganfly Inc., which has been around since the late 1990s, and uses Westport PD’s existing quadcopter drones with Draganfly’s software. Draganfly worked with a deep-learning company called Vital Intelligence Inc. and researchers from the University of South Australia to develop the new tech, according to a press release. more

Wednesday, April 22, 2020

What 007 is Doing These Days

British Spy Unit Kills 2,000 COVID-19 Scams In Just One Month

Across the world, law enforcement and intelligence agencies are waging a different kind of war on COVID-19, one taking on scammers who’re exploiting fear around the coronavirus.

In the U.K., an arm of the GCHQ intelligence agency, has spent the last month wiping COVID-19 crooks from the web, with the National Cyber Security Centre (NCSC) announcing Monday that it had taken down more than 2,000 scams in a single month. more

Some Landlords Illegally Spying On Tenants’ Stimulus Check Status

While millions are awaiting their payments to help with necessities, landlords are also eager for their tenants to receive stimulus checks, so they can pay rent. Unfortunately, some landlords have not just been waiting patiently...

In order to help Americans to track the status of their stimulus payments, the IRS and Treasury Department launched a new tool, Get My Payment. The tool provides individuals “with the status of your payment, including the date your payment is scheduled to be deposited into your bank account or mailed.”...

In order to check the status of a stimulus payment, one only needs to provide basic information, including name, date of birth, street address, and Social Security Number (SSN) ... This basic information is readily available on the dark web ... it is also readily available to many landlords through the applications that tenants complete when applying to rent a property.
You may want to speak with a lawyer to evaluate options if your landlord checks your payment status on the IRS portal. You may also want to consider filing a police report. more

Monday, April 20, 2020

7 Espionage Tricks to Avoid While Working From Home

Don't get tricked into giving away personal information. 
Why? Because this is what you use for your passwords.
  1. Facebook Quizzes
    Quizzes are all over Facebook:  What does your eye color say about you? What kind of dog are you according to your zodiac sign? (Facebook says these were questions the criminals used.)

  2. 10 Things About You
    As people try to connect during the stay-at-home order, they are answering cut-and-paste questionnaires from their friends. They usually start with something like “Tell me 10 things I don’t know about you” and go on to ask questions like: Who was your first love? ... Here's the problem: those are the exact same questions asked when you forget your password. So, be wary of posting the answers on social media.

  3. Posting Information about Your Passwords
    People are posting all sorts of information about what’s going on at their homes with their children or with their pets. That’s fine, unless they use those same names as their passwords.

  4. Photos of the Home Work Station
    At this point, people are pretty proud of their work from home stations. They have a new webcam, a makeshift desk, and maybe even a good microphone. But posting photos of that home work station might give criminals too much information. Can someone see the screen from a window? Are they giving away the brands and models of their IoT devices (which might or might not have exploitable vulnerabilities)?

  5. Clicking Questionable Links
    There are a lot of questionable links on the internet. Users should be wary of sites they don’t recognize. While this is rudimentary advice, it’s a good reminder that the headline “New Pandemic Cure No One Is Talking About” likely leads to a malicious site.

  6. Be Aware of What’s Public
    Savvy users have changed their Facebook and Instagram profile settings to make them more private. But as soon as you post to a group or comment on someone’s post without strong privacy settings, folks outside your friend's group can see what you’re doing. And, other sites like Twitter and Reddit are not generally private. more 
 Thanks to Jake Milstein, CI Security Inc. for compiling this list.

Sunday, April 19, 2020

10 Best Spy Comedy Films, Ranked (According To IMDb)

There are better things to do other than watch CNN (Covid-19 News) 24/7.
Here are some suggestions. ~Kevin

***** (Personal favorite)

A Few Others
more (amazing, uh?)

"The Warehouse" by Rob Hart (book)

"The Warehouse" by Rob Hart: A thrilling story of corporate espionage at the highest level ... and a powerful cautionary tale about technology, runaway capitalism, and the nightmare world we are making for ourselves” is how Blake Crouch, New York Times (NYT) bestselling author of Dark Matter describes this book. more

"A chilling and all-too-believable portrait of a not-so-far-off future where free will succumbs to big business."--Alafair Burke, New York Times bestselling author of The Better Sister





more

The Machine Never Blinks: A Graphic History of Spying and Surveillance (book)

In The Machine Never Blinks, the story of surveillance is presented from its earliest days, to help you more fully understand today's headlines about every-increasing, constant, and unrelenting monitoring and global data collection.
This book spans surveillance from the Trojan Horse, through 9/11 and to the so-called War on Terror, which enabled the exponential growth of government and corporate intercepts and databases.

It also explains spying as entertainment (reality TV) and convenience (smart speakers). Take a look around... Who's watching you right now? Black & white illustrations. more

Office Printers: The Ticking IT Time Bomb

Unsecured printers are one of the items on our inspection checklist. Why? Because it is a very common problem. Normally buttoned-up networks put out a hacker welcome mat with just one unsecured printer. ~Kevin

Office printers don’t have to be security threats: with foresight and maintenance they’re very easily threat-proofed. The problem is that system administrators rarely give the humble printer (or scanner, or multifunction printer) much attention.

Hackers haven’t forgotten about printers – not by a long shot. Last summer, a Russian hacker group penetrated numerous organizations by first infiltrating unprotected printers, which were connected to the same network as every other device, and then laddering up to exploit increasingly sensitive areas.

Furthermore, according to a recent report, foreign governments can also easily conduct industrial espionage by targeting this under-the-radar beachhead into the organizational networks...

Using third parties to continually help identify security risks is a smart course of action for enterprises that are truly serious about security measures. more

Managers: Don’t Rush to Workplace Spyware during Pandemic

A Rutgers organizational psychologist explains ramifications of putting spy software in place.

With millions of employees working remotely due to the coronavirus pandemic, managers—likely new to virtual management—are scrambling to find the best ways to oversee them online.

Computer performance monitoring may interest those looking for “an extra set of eyes,” but workplace surveillance is not that simple, according to John Aiello, an expert in organizational psychology at Rutgers School of Arts and Sciences.“While spy software may relieve the manager’s anxieties, organizations will see an increase in stress on employees and it could decrease productivity,” said Aiello, who has researched the electronic monitoring of workers over the last three decades.

Topics addressed...
How does monitoring software affect productivity?
How does implementing this surveillance affect managers?
Can electronic monitoring be used for “the greater good?”
If employers are thinking about implementing this surveillance, what might be done first? 
more

Thursday, April 16, 2020

Gad Zoox - Tesla Settles Trade Secret Theft Law Suit

Zoox Inc. said on Tuesday it had settled a lawsuit with Tesla Inc. after admitting that some new hires from the electric carmaker were in possession of certain Tesla documents when they joined the U.S. self-driving car startup.

Tesla lawyers filed a lawsuit in March last year against four former employees and Zoox, alleging the employees stole proprietary information and trade secrets for developing warehousing, logistics and inventory control operations.

Zoox said the settlement required it to pay Tesla an undisclosed amount and undergo an audit to ensure that none of its employees had retained or are using Tesla's confidential information. more

Zeroing in on Zoom’s Threat to Financial Services

COVID-19 has induced a significant shift in the way we work. Remote is the new reality.

There may be, however, a tremendous cost to Zoom’s convenience... For many, Zoom has been the answer to staying connected in the workplace.

Simply put, the widespread adoption of Zoom amid a global pandemic might be the security vulnerability of the decade. 


In fact, any financial services organization using the service should immediately assume their user credentials are under malicious parties’ control.

In recent weeks, New York Attorney General Letitia James has probed Zoom’s data security strategy, and whether the company’s security protections can keep up with the spike in users. It is also our understanding the FBI, among other federal government agencies, has also prohibited the use of Zoom and WebEx due to security concerns. more
Suit Claims Facebook, LinkedIn Eavesdropped on Zoom Calls
More Zoom news.

Business Espionage - You Staying in Jail

U.S. District Judge Ronnie Greer Wednesday temporarily stayed – or postponed – the pretrial release of Xiorong “Shannon” You, a 56-year-old Chinese-born chemical engineer accused of stealing $17 million in trade secrets from Eastman Chemical Company and more than $100 million more while working for Coca-Cola in Atlanta, according to court documents. more

Spycam Story # 834 - Deputy Danner Investigates Rectangular Turd

FL - Citrus County Sheriff’s Office deputies following up on a tip ... led to an investigation and arrest of a Dunnellon man for video voyeurism, according to a Citrus County Sheriff’s Office arrest affidavit...

Upon observing the interior of the portable toilet, the deputies could observe a black box-type object floating in the water, the report stated. (a la Caddyshack pool scene)
Deputy Danner was able to safely retrieve the object from the toilet. Deputies noted the item was a portable Brickhouse security camera. They were able to remove the subscriber identity module (SIM) card (more accurately an SD card) located inside the camera.

Deputies observed multiple files on the SIM card and opened one. At the 16:39.48 timestamp mark deputies observed a white male subject wearing a collared white, red, blue and green striped shirt with white/khaki shorts affixing the camera to the inside of the toilet...

Deputies confirmed he was wearing the same clothing found on the file located on the SIM card where he placed the camera in the toilet. more  (You can't make this sh-t up. Perp gets the Darwin Award from us for filming himself.)

Wednesday, April 15, 2020

China May Be Tapped Out

The Trump administration is continuing with actions that cut telecom ties with China, including a new filing from the National Telecommunications and Information Administration that recommends that the Federal Communications Commission revoke China Telecom’s ability to carry international voice traffic between the U.S. and other countries...

China Telecom was authorized in 2007 to operate in the U.S. and it provides a suite of services that include voice, data television and business network services. It also operates a mobile virtual network operator, CTExcel, that targets Chinese Americans and Chinese tourists and students, according to the filing—but times and risks have changed, NTIA has concluded. 

It also said that 80% of the DoJ’s economic espionage cases where a foreign entity or government would benefit, have involved China. more

Attorney Approved - A Strange Reality Hollywood Spy Camera Story

Aaron Kaplan, the prolific TV producer, has been accused in a lawsuit of installing cameras in his sister-in-law’s bedroom — with one focused on her closet — in order to spy on her...

Aaron Kaplan, producer of “The Chi,” “Santa Clarita Diet” and other shows, has been embroiled in a probate fight with his sister-in-law since the death of his brother, Joe, in July 2018.

In a probate filing in February, Aaron Kaplan acknowledged that he arranged for the cameras to be placed in the closet because he worried that Elizabeth Kaplan would break into a safe that held valuables belonging to her late husband’s trust...

According to Elizabeth Kaplan’s lawsuit, two weeks after she returned to the couple’s home in Malibu, she and her mother discovered two cameras in her husband’s closet in the master bedroom. The suit alleges that the second camera was positioned such that it pointed at Elizabeth Kaplan’s closet...

In his probate filing, Aaron Kaplan said he became suspicious soon after his brother’s death, when he heard that Elizabeth’s friends had been seen entering the Malibu house and that artwork had been removed from the walls. 

Based on consultations with his attorney, the Trustee understood that he could — and should — have motion-activated cameras installed in Joe’s personal closet to monitor and protect those assets for the beneficiaries of Joe’s Trust,” Aaron Kaplan’s attorneys wrote.

According to the filing, the cameras captured Elizabeth Kaplan and her mother rifling through Joe Kaplan’s belongings in search of cash. They also allegedly hired a locksmith to try to break into the safe, in spite of instructions from Aaron’s attorney that the contents belonged to the separate trust.

The video also captured Elizabeth discovering $10,000 in cash, counting it out, and pocketing it, according to the filing.

The recordings stopped once Elizabeth and her mother discovered and disabled the cameras. more

Daughter Saves Mom from Video Voyeurism

UT - A Kamas man has been charged with multiple offenses after he allegedly hid cameras in the heat vents of a woman’s Summit County residence.

Matthew Ryan Ingoldsby, 48, was arrested on March 31 and is facing charges of:
  • Burglary of a dwelling, a second-degree felony
  • Voyeurism by electronic equipment concealed or disguised, a class A misdemeanor
  • Stalking, a third-degree felony
  • Tampering with a witness, a third-degree felony
Ingoldsby admitted to hiding cameras in the woman’s heat vents in order to watch her in her bedroom and bathroom, according to a probable cause statement filed in 3rd District Court in Summit County. The cameras were discovered by the woman’s daughter, who told her mother. more

Corporate Privacy & Information Security Challenges from Covid-19

This is an excellent information security article written by a respected colleague. ~Kevin
via Charles Patterson - Exec Security
The CoVid-19 response has had serious and often devastating effects on individuals and businesses throughout the world... But there are a number of side-effects from this, many of which affect privacy and information security...


Company offices may be left mostly empty with a skeleton crew, and access being granted to maintenance staff or a few lone employees who may still be carrying out basic operations or some who may have just needed to return to pick up something from their desk to help them work better from home.  This means the employees, cleaners, and other staff will be largely unsupervised and may have easy access to areas not normally permitted...

When reviewing your security during this period, here are some very important points to consider:
  • How secure was your facility during the down time?
    • Note what areas were weakened, where was less manpower deployed?
  • Who continued to have access?
    • What types of staff were still given access? Were employees still allowed back in?
  • Were any private or classified areas left open and unattended?
    • Pay particular attention to board rooms, conference areas, and C-suites. Look for any signs of unauthorized activity.
  • What incidents may have occurred during the period? 
    • Review logs of any security incidents, look for any correlations that could indicate suspicious activity.
  • Were there any areas accessed by unauthorized personnel? 
    • Investigate thoroughly any reports of employees found in unauthorized areas.
  • Did any break-ins or vandalism occur?
    • Security breaches or other incidents could be used as a cover for actual espionage activity. If a break-in or theft was reported, pay attention to any nearby areas that may have been accessed as well.
After returning to your offices, pay close attention to anything that has been disturbed, anything that may have been tampered with. Any indication of unauthorized access to offices or secure areas should be investigated thoroughly. Electronic sweeps of critical offices and confidential areas should be scheduled. more

Google Searches for "Wiretap" Up 100% in the Past Week

A lot of people have too much time on their hands.
Or, interest in knowing someone else's business is mirroring the uptick in phone calls.
Or, interest in protecting one's business is mirroring the uptick in phone calls.
Or, all of the above.
We'll put this in the You Decide file.

Tuesday, April 14, 2020

500,000 Hacked Zoom Accounts Given Away - Free On The Dark Web

New users have flocked to the Zoom video conferencing platform as businesses, schools, and other organizations look for ways to meet safely during the Coronavirus pandemic. Unfortunately many of those brand new accounts appear to have been secured with old passwords.

The cyber risk assessment experts at Cyble recently discovered a hacker selling stolen Zoom credentials at dirt-cheap prices — and in some cases giving them away for free.

Cyble purchased more than 530,000 on an underground hacking forum for next to nothing. Several of the company’s clients were among the stolen credentials, which also included personal meeting URLs and Zoom host keys. Cyble reached out and confirmed that the credentials were indeed valid.

Password re-use remains a huge security issue for the general public.
Fatigued users feel like they can’t remember yet another password so they set up new accounts using an old stand-by.

The problem is that by now all of those old stand-by passwords have been filed away in databases by criminal hackers. They’re actively using them to break into accounts using brute force attacks.
Usernames, email addresses, and passwords have been exposed by the billions over the past several years. Creating a new account on Zoom — or any service, for that matter — is simply not a good idea.

Hackers will come knocking. It’s not a question of if. It’s a question of when. more
Spybuster Tip # 053 - Upgrade all your passwords.
Spybuster Tip # 054 - Don't worry about having to remember all your passwords. Use a password vault.

Monday, April 13, 2020

FREE - The Murray Associates "Spycam Detection Training Course"

I've created a special Covid coupon so anyone can take our Spycam Detection in Workplace Expectation of Privacy Areas, absolutely FREE. (Normally $24.99)

The coupon code is our main website address: COUNTERESPIONAGE.COM


This is a one-hour, self-paced video course, with Certificate-of-Completion. More details about the course at spycamdetection.training or Udemy.

Or, jump straight to the start with this coupon encoded link:
https://www.udemy.com/course/spycam-detection/?couponCode=COUNTERESPIONAGE.COM

Feel free to pass along this limited time offer on to anyone you know: co-workers, friends, and family—anyone who does not want to be a victim of video voyeurs.
(Expires 04/16/2020 06:04 AM PDT (GMT -7))

How Not to be Seen - Evading CCTV Surveillance

It's theoretically possible to become invisible to cameras. But can it catch on? 



Right now, you're more than likely spending the vast majority of your time at home. Someday, however, we will all be able to leave the house once again and emerge, blinking, into society to work, travel, eat, play, and congregate in all of humanity's many bustling crowds.

The world, when we eventually enter it again, is waiting for us with millions of digital eyes—cameras, everywhere, owned by governments and private entities alike. Pretty much every state out there has some entity collecting license plate data from millions of cars—parked or on the road—every day. Meanwhile all kinds of cameras—from police to airlines, retailers, and your neighbors' doorbells—are watching you every time you step outside, and unscrupulous parties are offering facial recognition services with any footage they get their hands on.

In short, it's not great out there if you're a person who cares about privacy, and it's likely to keep getting worse. In the long run, pressure on state and federal regulators to enact and enforce laws that can limit the collection and use of such data is likely to be the most efficient way to effect change. But in the shorter term, individuals have a conundrum before them: can you go out and exist in the world without being seen?

Bottom line as of now...
All of the digital simulations run on the cloak worked with 100-percent effectiveness, he added. But in the real world, "the reliability degrades." The tech has room for improvement.

"How good can they get? Right now I think we're still at the prototype stage," he told Ars. "You can produce these things that, when you wear them in some situations, they work. It's just not reliable enough that I would tell people, you know, you can put this on and reliably evade surveillance." more

Thursday, April 9, 2020

Allen Garfield, Character Actor in ‘The Conversation,’ Dies at 80


Allen Garfield, a stocky character actor who lent an intense naturalism to celebrated 1970s films such as “The Conversation” and “Nashville,” died April 7 in Los Angeles. He was 80.

His sister, Lois Goorwitz, said the cause was complications from covid-19. Mr. Garfield had been a resident at the Motion Picture Television Fund Home, the industry retirement facility in Los Angeles where several staffers and some residents have tested positive for the coronavirus.

Mr. Garfield grew up in New Jersey and first set out as a boxer and a sportswriter. While covering sports for the Newark Star-Ledger, he studied acting at night and was eventually accepted by the Actors Studio workshop and studied under Lee Strasberg. more

State-Backed Hackers Using Virus to Increase Spying

State-backed hackers are seizing on the coronavirus pandemic to lead cyber espionage. 

In a rare joint assessment released on Wednesday, Britain’s National Cyber Security Centre — a branch of signals intelligence agency GCHQ — and the US’ Cybersecurity and Infrastructure Security Agency — part of the Department of Homeland Security — highlighted the “growing use” of Covid-19 in state-sponsored cyber attacks.

The frequency and severity of these initiatives is likely to “increase over the coming weeks and months”, the NCSC said. more

By monitoring network activity one can document and quantify this type of spying activity. Other spying methods—bugging, and physical intrusions—are covert, thus undetected. Makes sense these would be on the rise as well. Maybe more so. Something to think about while your offices are empty and vulnerable. ~Kevin

Attorney Warns Business Against Relaxing Security Standards

via Seyfarth Shaw LLP - Jeremy A. Cohen

And, of course, there are bad actors taking advantage of the current situation.

Relaxed security make systems and information far more susceptible to hacking and other data breaches, which often carry mandatory reporting obligations and hefty penalties, and invariably lead to class action lawsuits, not to mention privacy concerns.

Accordingly,  companies should think twice before loosening these security standards. By all accounts, the current COVID-19 crisis will be relatively short-lived (whether that means weeks or months is, of course, unknown), but as the saying goes, once a secret is known, it cannot be unknown.

And when this is all said and done, while courts will likely give some leeway as a result of the emergency situation, if basic safeguards were disregarded, courts may have a hard time concluding that a company undertook reasonable efforts to safeguard its information, as is required in all jurisdictions to merit trade secret protection. more

Wednesday, April 8, 2020

Interesting Article in Food Safety Magazine

In addition to nation-state industrial espionage, companies face a wide range of threats. 

“Hacktivists” launch attacks for ideological, political, or religious reasons, or simply for the challenge.

Criminal organizations attack for profit, trying to extract payment from the victim.

In addition, companies sometimes become victims even if they are not the intended target, such as the notpetya attack, which targeted a software company but had much broader impact, including the food and agriculture industry.

It is important to know that nation states and criminal organizations both do target corporations, and this article will provide solutions on how companies can better protect themselves. more

Spy Satellites Shelter in Place, or “Don’t Stop Me Now" Stopped

The rapid spread of COVID-19 around the globe has delayed the launch of three US intelligence payloads from New Zealand until at least April 23, launch provider Rocket Lab confirmed April 6.

Rocket Lab announced that they were pausing the scheduled March 30 launch of three National Reconnaissance Office payloads following the New Zealand government’s March 23 announcement that the country would enter Alert Level 4. This forced most businesses to close and the government ordered people to stay at home...

Dubbed “Don’t Stop Me Now," the March 30 launch would have been the second NRO mission launch from Rocket Lab’s New Zealand facility. more

The Spy - Pre-Release Trailer

The trailer for an upcoming WWII-set action-drama titled The Spy has been released online through Signature Entertainment. The film will be released on digital in June. more

Tuesday, April 7, 2020

Spy-Hunter Killed in Lebanon

A prominent Hezbollah commander, Muhammad Ali Yunis, was killed by unknown gunmen on Sunday morning in southern Lebanon, Iranian and Lebanese media reported.

The Iranian semi-official Fars news agency reported that the slain commander was “responsible for tracking spies and collaborators.” more

Taiwan Joins Canada & More in Banning Zoom

Taiwan's cabinet has told government agencies to stop using Zoom Video Communications Inc.'s video conferencing app, the latest blow to the company as it battles criticism of its booming platform over privacy and security. more

Malaysia - The National Security Council (NSC) has warned that hackers could be listening to their conversations amid increasing use of video conferencing applications during the movement control order (MCO) period. more

New York City's education department is directing teachers and staff to “move away from using Zoom as soon as possible” for virtual instruction purposes due to cybersecurity concerns, department spokesperson Danielle Filson said on Saturday. more 

Google has banned Zoom from its staffers' devices. Google told its employees last week that it would block Zoom from working on their Google-provided computers and smartphones. This move comes after Taiwan tolds government employees not to use Zoom. Earlier, New York schools told its teachers to "gradually transition" from Zoom to another video-conferencing service. more

Rare World War II Footage Released - British Spy Center

A silent film shows MI6 staff members at a site linked to the code-breaking facility Bletchley Park during World War II.

Like a home movie reel, the silent footage shows young people at candid moments: playing soccer and cricket, sunbathing, smiling and making faces at the camera...

But they were not ordinary office colleagues: They were off-duty secret British communications staffers, linked to code-breakers who decrypted German ciphers and helped the Allies win World War II.

The newly revealed footage features staff members of the MI6 Section VIII — the British spy agency’s communications staff — filmed at a site associated with the famous code-breaking facility Bletchley Park. more

New iPad Pro Prevents Eavesdropping or Spying

Apple beefs up iPad Pro security by disabling the microphone when the case is closed, a feature which was previously reserved for the Mac.

Apple introduced a feature with the 2018 MacBook lineup, allowing the microphone to be disabled whenever the display lid was closed. This measure was put in place to prevent eavesdropping, preventing malicious apps to tap into the microphone to gather extra data about you.

Fast forward to 2020 and the feature has come to the new iPad Pro lineup. The way it works is pretty simple - just close the lid of the case on the iPad Pro, which has to be MFi compliant, and the microphone is physically disconnected to prevent any sort of eavesdropping or malicious code from running if iPadOS is compromised in some way. more

Friday, April 3, 2020

Facebook Tried to Buy Controversial Tool to Spy on iPhone Users, Court Filing Reveals

Over the last few years, Facebook has had a slew of privacy and security blunders and more details about one of them have come to light through a new court filing as the social media company is suing the spyware company NSO Group. It turns out Facebook tried to buy controversial government spyware to monitor iPhone and iPad users.

Reported by Motherboard, when Facebook was starting to build its spyware cloaked in a VPN product, Onavo Protect for iOS and Android, the social media company reached out to the controversial company NSO Group that creates spyware for government agencies...

Apple made Facebook remove Onavo Protect from the App Store in August of 2018.

Then in 2019 Facebook repackaged it as a “Research app” and tried to pay teens to sideload it on their devices.

The Research app was shut down as well and Facebook finally shutdown Onavo completely in February 2019. more

Zoom’s Encryption Is “Not Suited for Secrets” and Has Surprising Links To China, Researchers Discover

Meetings on Zoom, the increasingly popular video conferencing service, are encrypted using an algorithm with serious, well-known weaknesses, and sometimes using keys issued by servers in China, even when meeting participants are all in North America, according to researchers at the University of Toronto.

The researchers also found that Zoom protects video and audio content using a home-grown encryption scheme, that there is a vulnerability in Zoom’s “waiting room” feature, and that Zoom appears to have at least 700 employees in China spread across three subsidiaries. They conclude, in a report for the university’s Citizen Lab — widely followed in information security circles — that Zoom’s service is “not suited for secrets” and that it may be legally obligated to disclose encryption keys to Chinese authorities and “responsive to pressure” from them.
Zoom could not be reached for comment. more


4/15/2020 UPDATE - More top companies ban Zoom following security fears. more

Thursday, April 2, 2020

Think Your Smart Speaker is Spying On You... get Paranoid

(Note: As of this date the manufacturer is only accepting pre-orders. Gauging demand before going into production is not uncommon. The following is just an interesting bit of news; not a product endorsement. Also, it might be an April Fool's prank.) 

Their headline reads, "Blocks smart speakers from listening, while keep them voice-activated. Just say "Paranoid" before your usual commands." more

"How?" ...you may ask.

A. In one of three ways.
  1. The BUTTON model begins with the mute button pressed.  When it hears you say, "Paranoid" it presses again, thus letting your next command to pass through. After your command is finished it re-mutes with another press.
  2. The HOME model (it appears) uses ultrasound to block the speakers microphones. Click here to learn how ultrasound blocking works. The volume needed for this application is very low so it shouldn't be a health risk.
  3. The MAX model requires you sending them your smart speaker so they can physically install their solution. People who use this option are not true paranoids. True privacy paranoids would be afraid the unit might come back, bugged!


Wednesday, April 1, 2020

Guest Wi-Fi Access Comes with Risks for Organizations

Reported this week: A convicted sex offender downloaded indecent child images at a hostel where he was staying after using another resident's wi-fi code. more

In this case, a stolen access code was used to gain access. In many organizations the same guest code is given out to all guests. Sometimes it is even posted. Often it is never changed. Once the password is out, there is no telling who will access the system, or when, or for what purpose.

Downloading illegal images is only one of many guest access risks.

While hiding behind a reputable IP address unauthorized and anonymous "guests" can also conduct: drug transactions, video voyeurism, blackmail, financial scams, hacking, and more. The finger points at the organization's network. They might be legally held responsible. And, these are just the outward facing threats. Guest access can also be a pivot point to internal information theft.

Take this 15 second assessment.
Does your organization...
  • Provide guest Wi-Fi access?
  • Does guest access use the organization's network?
  • Is access unencrypted?
  • Do all guests use the same password?
  • Is the password posted anywhere, as in a conference room?
  • If posted, can it be seen from outside with binoculars or a drone?
  • Has the password remained the same for over a month? 
If you said yes (and/or not sure) three or more times your organization needs a Wi-Fi Security Analysis.

Legal defense is expensive. Reputational damage is hard to quantify. A proactive professsional analysis is easy. Reduce risk and keep profits where they belong, in the bottom line.

The Potato Chip Bag Spy

Back in 2014, the potato chip bag became an audio eavesdropping device...
Want to listen in on a juicy conversation? Researchers from the Massachusetts Institute of Technology, Microsoft, and Adobe have designed an algorithm that can pick up conversation by analyzing the vibrations from speech as they ripple through a potato chip bag, MIT News reports. more

In 2020, the potato chip bag became a visual eavesdropping device too...
Mirrors aren't the only shiny objects that reflect our surroundings. Turns out a humble bag of potato chips can pull off the same trick, as scientists from the University of Washington, Seattle have made it possible to recreate detailed images of the world from reflections in the snack's glossy wrapping.

The scientists took their work a step further by predicting how a room's likeness might appear from different angles, essentially "exploring" the room's reflection in a bag of chips as if they were actually present. This is analogous to a classical problem in computer vision and graphics: view synthesis, or the ability to create a new, synthetic view of a specific subject based on other images, taken at various angles. more

The future?

How Small Can a Video Camera Be?

Currently, one of the smallest we know is 1.66mm in size. It has a built-in high-intensity LED light. If you don't need the light it shrinks to .97mm in diameter.
Specs: Color, 120 degree lens, 200 x 200 @ 30fps resolution