Thursday, December 23, 2021

The Chatter Phone Eavesdropping Bug, or Santa's Latest Spy Trick

Ken Munro, founder of the cybersecurity company Pen Test Partners, told TechCrunch that chief among the concerns are that the Chatter does not have a secure pairing process to stop unauthorized phones in Bluetooth range from connecting to it...

First, we switched on the Chatter phone, which activates its Bluetooth connection, paired a phone over Bluetooth, then switched off Bluetooth to simulate someone walking the phone out of range. We then paired another phone with the Chatter without hindrance, allowing us to remotely control the Chatter’s audio.

Mattel, which makes the Chatter phone, said the phone “will time out if no connection is made or once the pairing occurs — it is only discoverable within a narrow window of time and requires physical access to the device.” We left the Chatter on and found the Bluetooth pairing process did not time out after more than an hour.

Then, Munro asked what would happen if we called the phone connected to the Chatter. Sure enough, the Chatter rang — loudly — as expected. Then we called the Chatter again, this time without properly replacing its receiver. With the handset off the hook, the Chatter automatically answered the call, immediately activating the handset’s microphone and allowing us to hear ambient background audio. more

 

 

Wednesday, December 22, 2021

Khashoggi's Wife's Phone Bugged With Spyware Before Killing


The mobile phone of Hanan Elatr, the wife of Saudi dissident and journalist Jamal Khashoggi was reportedly bugged by United Arab Emirates agents.
 

The cell phone of Hanan Elatr was infected several months before he was killed in 2018. 

Jamal Khashoggi was killed in Saudi Arabia’s consulate in Istanbul, reported Sputnik citing The Washington Post. The phone of Elatr was reportedly infected when she was questioned by UAE officials.  more

Coach Banned Over Spying Scandal

Australia - Capitals coach Paul Goriss has been banned after obtaining leaked training footage of the Sydney Uni Flames. video

Fake Italian Gynaecologist Snares 400 Women in Webcam Scam

Italian police Friday searched the house of suspected serial sexual predator believed to have posed as a gynaecologist to persuade dozens of women to undergo vaginal exams via weblink. more

Millions of Android Phones Vulnerable Over ‘Eavesdropping’ Scare

MILLIONS of people around the world have been exposed to snoopers by dodgy microchips loaded into Android smartphones.

According to security experts, vulnerabilities in processors produced by Taiwanese firm MediaTek could have allowed malicious apps to spy on their users.

MediaTek, one of the world's leading chip-makers, last month issued a fix for four bugs disclosed by researchers at cyber firm Check Point.

Its circuitry is found in one in three of the world’s smartphones, including high-end handsets from Xiaomi, Oppo, Realme, Vivo and more.

Check Point detailed the vulnerabilities exposed by its crack team of cyber buffs in a blog post last week. more

 

Tuesday, December 7, 2021

Spy Trick # 712 - The Memory Card Ring (Make Your Own!)

Honus, a former bicycle industry designer turned professional jeweler can teach you how to make your own spy ring.  

This is how spies (and corrupt employees) can sneak file cabinets of documentation out of companies, no matter how good their security is. more  
more spy rings

Secret Message Decoder Ring Great Christmas gift



Thursday, December 2, 2021

A New "Mobile" Phone - Complete with No Apps

Ever wish you had a mobile phone that would really turn heads?
One where you could call your friends, real or imaginary?
One that would look at you with loving eyes? 

Your past is now your future...  



Wednesday, December 1, 2021

FutureWatch: Yet Another World's Smallest Camera


Micro-sized cameras have great potential to spot problems in the human body and enable sensing for super-small robots
, but past approaches captured fuzzy, distorted images with limited fields of view.

Now, researchers at Princeton University and the University of Washington have overcome these obstacles with an ultracompact the size of a coarse grain of salt. The new system can produce crisp, on par with a conventional compound camera lens 500,000 times larger in volume, the researchers reported in a paper published Nov. 29 in Nature Communications... 

Heide (Felix Heide, the study's senior author and an assistant professor of computer science at Princeton) and his colleagues are now working to add more computational abilities to the camera itself. Beyond optimizing image quality, they would like to add capabilities for object detection and other sensing modalities relevant for medicine and robotics.

Heide also envisions using ultracompact imagers to create "surfaces as sensors." "We could turn individual surfaces into cameras that have ultra-high resolution, so you wouldn't need three cameras on the back of your phone anymore, but the whole back of your phone would become one giant camera. We can think of completely different ways to build devices in the future," he said. more

Wednesday, November 24, 2021

Apple Sues Israeli Spyware Maker

Apple sued the NSO Group, the Israeli surveillance company, in federal court on Tuesday, another setback for the beleaguered firm and the unregulated spyware industry.

The lawsuit is the second of its kind — Facebook sued NSO in 2019 for targeting its WhatsApp users — and another consequential move by a private company to curb invasive spyware by governments and the companies that provide their spy tools.

Apple, for the first time, seeks to hold NSO accountable for what it says was the surveillance and targeting of Apple users. more

Tuesday, November 23, 2021

FutureWatch - Spycam Detection using Phone Time-of-Flight Sensors

via theregister.com
"Sriram Sami, Bangjie Sun, and Sean Rui Xiang Tan, from National University of Singapore, and Jun Han from Yonsei University, describe how this might be done in a paper [PDF] titled "LAPD: Hidden Spy Camera Detection using Smartphone Time-of-Flight Sensors"... 

...smartphones are commonplace these days, so adding an app like LAPD is likely to be more convenient than carrying a dedicated bug or signal detector at all times. LAPD's goal is to be accessible, usable, and accurate, and to judge by the results reported in the paper, it hits those marks...

"The 'attackers' have all the power to place hidden cameras anywhere, and the public is, in contrast, generally defenseless," he explained. "That's why we're doing this work, and why we hope hidden camera detection can become more commonplace." Sami said he intends to release the source code for LAPD but has to coordinate that with his colleagues." more

3G Cell Phone Service - The End is Near


All of the major cellphone carriers — AT&T, Verizon and T-Mobile — are planning to shut their older 3G networks in 2022. Like millions of people in the United States who use 3G phones and other 3G devices, you will have to buy a new device if you want to text, make calls or even reach 911...

The shutdown dates start in January 2022 and are spread out throughout the year. more

  • Sprint’s 3G: Jan. 1, 2022
  • AT&T’s 3G: Feb. 22, 2022
  • Sprint’s LTE: June 30, 2022
  • Verizon’s 3G: Dec. 31, 2022
  • T-Mobile’s 2G and 3G: Not yet announced
 Also a bummer for all those folks that are using 2G & 3G cellular bugging devices.

Corporate Security News: Employees Offered $$$ for Planting Ransomware

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer's network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested a suspect in connection with the scheme -- a young man who said he was trying to save up money to help fund a new social network. more

New Holographic Camera Can See Around Corners – Or Inside Your Skull

It sounds like something out of Star Trek: the doctor aims a camera at your chest, and a computer generates a hologram of your heart and blood vessels. She enlarges the image and takes a look at some of your smallest capillaries, each beautifully rendered in sub-millimeter detail. 

But thanks to a team at Northwestern’s McCormick School of Engineering, that may soon be a reality. They’ve created a prototype technology capable of seeing around corners and through everything from fog to the human skull. Their results are published in the journal Nature Communications...

“Our technology will usher in a new wave of imaging capabilities,” he said. “Our current sensor prototypes use visible or infrared light, but the principle is universal and could be extended to other wavelengths. For example, the same method could be applied to radio waves for space exploration or underwater acoustic imaging.”...

“It’s like we can plant a virtual computational camera on every remote surface to see the world from the surface’s perspective,” explained Florian Willomitzer, first author of the study. “This technique turns walls into mirrors.”...

It can be applied to many areas, and we have only scratched the surface,” he added. more

Just think of the benefits to the CIA... 
and eventually the trickle down to corporate espionage types.



 

Monday, November 22, 2021

RedCurl Corporate Espionage Hackers Return

A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis.

"In every attack, the threat actor demonstrates extensive red teaming skills and the ability to bypass traditional antivirus detection using their own custom malware," Group-IB's Ivan Pisarev said. 

Active since at least November 2018, the Russian-speaking RedCurl hacking group has been linked to 30 attacks to date with the goal of corporate cyber espionage and document theft aimed at 14 organizations spanning construction, finance, consulting, retail, insurance, and legal sectors and located in the U.K., Germany, Canada, Norway, Russia, and Ukraine. more

Israel Accuses Defence Minister's Household Staffer of Espionage

In a statement, the Shin Bet security service said the suspect corresponded with the unnamed person over social media. It said he provided photographs taken in the house as proof he had access and proposing installing malware on Gantz's computer.

Tensions run high between Iran and Israel over Tehran's nuclear programme and what Israeli officials describe as its military entrenchment and support of Israel's enemies in the region.

The Shin Bet said the suspect, who performed housekeeping and cleaning tasks in Gantz's residence, was indicted on espionage charges by a court in Lod, a city near Tel Aviv. It said he was arrested after an investigation earlier this month. more

Britney Spears' Attorney Seeking Possible Eavesdropping Evidence

Mathew Rosengart fired off a letter to Tri Star Sports & Entertainment Group earlier this week repeating his demand for them to turn over a bunch of documents. Specifically, he's investigating exactly how Lou Taylor's company ran Britney's life financially and otherwise.

Rosengart's concern goes beyond money, though. He's also keyed in on the allegation Tri Star had a hand in spying on Britney by placing listening devices in her bedroom, as reported in the most recent NY Times documentary about Brit and the conservatorship.

He claims that reporting is more than enough to warrant Britney's desire to comb through any and all Tri Star docs related to the alleged electronic surveillance. more

Philly Cheesey Stakeout Comes Up Dry

 

 

Wiretapping Quote of the Week
Six years of wiretapping and this is what the Feds got? Cue Peggy Lee singing “Is that All There Is?"
~ Tom Cardella

more


 

Monday, November 8, 2021

Corporate Espionage: Executive Chairman Covertly Spycam'ed Meeting with Competitor.

JD Sports Fashion has launched an investigation into who covertly filmed Peter Cowgill, the group’s executive chairman, meeting his opposite number at Footasylum in a possible breach of competition rules. 

Britain’s biggest retailer of trainers is understood to believe that the meeting between Cowgill and Barry Bown, executive chairman of Footasylum, was filmed by a competitor keen to see JD’s £90 million takeover of its smaller rival blocked by the competition watchdog. more

This Week in Spy News

  • German investigators probe riddle of the spy who fell from a window. more

  • Apparent spy campaign targeting defense and other sectors uncovered. more

  • Chinese convicted of spying on US aviation industry. more

  • Beijing says U.S. spying charges against Chinese citizen 'pure fabrication' more

  • (Football) Pat Narduzzi calls former Pitt player Carson Van Lynn ‘a spy’ more

  • Britney Spears' Ex-Manager Denies Bugging Her Bedroom more

  • Muslims Are Suing The FBI For Spying on OC Mosques more

  • 77% of rootkits are used for espionage purposes. more

  • FBI Observer Says China-linked Economic Espionage Cases Jumped By 1300% In Past 10 Years more

  • Parsons Corporation hiring Counterintelligence TSCM Officer/Technical Surveillance more

  • Vickers & Nolan hiring Technical Surveillance Countermeasures (TSCM) Specialist Level II more

  • Utahn working with DEA tried to tip off suspect that phone was bugged, prosecutors say. more

  • Former elementary school principal faces indictment for spycam voyeurism. more

  • Spy cam in washroom of a private school in Karachi. more

  • ‘My phone is eavesdropping on me’: How we are being spied on, but not in the way you imagin. more

  •  Former MI6 Spy Shares Her Secret of Living to 110: Lots of Red Wine more

A Veterans Day Salute to Radio Eavesdroppers & Code Breakers

At age 97, Marjorie Stetson has never told anyone her secret code number — until now.

That's the identity code — 225 — that she typed on every page of her highly classified work for the Canadian Armed Forces during the Second World War.

The retired sergeant's wartime work was so covert, she said, she had to sign 15 separate copies of Canada's Official Secrets Act...

"She was on the front line of the radio war," said military historian David O'Keefe, who studies Second World War code breaking and signals intelligence...

Stetson used a radio receiver to intercept Japanese army and air force communications. She used a special typewriter to transcribe the Japanese codes she heard. Those number-filled documents were sent to code breakers in the U.S. and sometimes England, said O'Keefe — giving the Allies an intelligence edge in the Pacific region. more

Saturday, October 30, 2021

This Month in Spycam News

Australia - A woman who discovered she had been spied on for months by a cybersecurity expert, who was also her friend and housemate, by using a camera hidden in her room had one word that summed up how she felt: humiliated. more

FL - A registered sexual offender was arrested last week after he was accused of using his cellphone to record two students in a restroom at a Duval County high school, authorities said. more 

VT -  A federal judge has cleared at least part of the way for a plea deal involving a former emergency room doctor at the University of Vermont Medical Center, who ... hid a camera in a staff bathroom while working at the Burlington hospital, investigators said. He was later fired. more

Canada - A former New Glasgow doctor who was charged in 2016 for allegedly putting a hidden camera in a staff washroom at the Westside Medical Clinic, has left the profession. more

UT - A Utah man was arrested for voyeurism after an employee in the University Mall said he was recording people in dressing rooms at a clothing store. more 

FL - A University of Central Florida (UCF) student is speaking out, warning others after she said she discovered a spy camera was recording her through her bedroom window. more

CT - A city man with a history of voyeuristic criminal activity was recently arrested for allegedly trying to record a female shopper in a mall changing room earlier this year, according to an arrest warrant. more

WY - Trial Date Set for Sheridan County Man - Kobielusz was arrested in April  for allegedly placing video recording devices in a bedroom and bathroom of his home and using the devices to record three individuals, two minors and one adult, without their consent. more

UK - A man has been jailed for six months for voyeurism after he used a spy camera in his shoelaces and a phone to take video underneath skirts. more

Philippines - Policemen arrested a security guard for allegedly filming a woman while she was taking a shower Sunday evening in San Roque village, Tarlac City. more

WI - A Wisconsin teacher was sentenced to 12 years in federal prison after pleading guilty to one count of attempting to produce child pornography, reports NBC News. David Krutchen, 39, hid cameras in air fresheners on a field trip. more 

FL - A Frontier Airlines pilot has been charged over allegations he recorded a 19-year-old Florida college student with a hidden spy camera hidden in her apartment, university police said. more 

Japan - Kyoto Prefectural Police have launched an initiative to show a non-skippable video ad on YouTube warning that "secret filming is a crime," targeting users who have searched for terms seemingly related to voyeurism. more

MA - Amazon driver in blonde wig filmed naked girls in women's bathroom with pen camera, police say. more

CT - Detectives investigating a child pornography tip discovered photographs of young female students apparently taken without their knowledge by a Rockville High School teacher, arrest records show. more 

IN - Schneider remains on unpaid suspension from the New Albany Police Department. He was arrested in June on charges of voyeurism. Investigators said he used his smartphone to record video of women changing in a dressing room at his Memphis, Indiana, home. more 

Canada - A personal support worker charged with voyeurism at a long-term care home in Guelph/Eramosa is no longer an employee after being accused of taking intimate images of a vulnerable resident. more

Singapore - A South Korean man who had served as an interpreter for the Singapore Police Force (SPF) during the Trump-Kim Summit here in 2018, was caught in February this year using a pinhole camera to take videos of women using a toilet. more 

LA - Man admits to taking 19 upskirt videos in College Drive Walmart more

WA - A former Arlington Christian School teacher who admitted to shooting hundreds of videos of female staff members and students without their permission will not see any more time in jail. more

WY - Lander resident Dudley Irvine pled “not guilty” to a charge of attempted voyeurism at his September 28th arraignment hearing... The charge was originally filed after a gym member reported to the Lander Police Department that she had found a “covert recording device that was plugged into an electrical outlet facing the shower within the women’s locker room.” more 

India - Hinjewadi police have booked a voyeurism case against the chairperson, secretary and treasurer of a housing society in Hinjewadi-Wakad road on charges of voyeurism. The accused have been charged for installing CCTV camera near the bedroom window of the woman resident and recording her private life for almost one month. more

Hong Kong - (new law) People who take non-consensual photographs up a woman’s skirt face up to five years in jail in Hong Kong under a law passed Thursday aimed at tackling voyeurism. more 

Our spycam detection services are being requested more often. Due diligence makes sense to businesses like: hotels, gyms, swimming pools, country clubs, educational institutions, clothing retailers, and all businesses offering private areas to their employees and guests.

We can not guarantee you will never be on the wrong end of a voyeurism law suit. However, we are sure our services will pay for themselves many times over if damages are assessed. Showing due diligence can mitigate damages. 

Businesses must proactively protect the privacy of employees and the visiting public.

Learn more: FREE Security White Paper (No questions asked. Just click to view.)
"Surreptitious Workplace Recording ...and what you can do about it."

Sunday, October 17, 2021

CO Supreme Court - Nonstop Hidden Camera Spying Violated Fourth Amendment

Using a hidden pole camera without a warrant to spy on and record a man’s home for more than three months violated the Fourth Amendment, the Colorado Supreme Court unanimously declared last month. “A camera monitoring all of a person’s backyard activities,” Chief Justice Brian Boatright wrote for the court, “provokes an immediate negative visceral reaction: indiscriminate video surveillance raises the spectre of the Orwellian state.”

With its decision, the Colorado Supreme Court widens a growing split on the constitutionality of long-term pole camera surveillance. The Fifth Circuit U.S. Court of Appeals, as well as the South Dakota Supreme Court, have both ruled against warrantless surveillance, while the Sixth and Seventh have ruled the opposite. more

Fluffer & Nutter - The Peanut Butter Sandwich Spies

A nuclear engineer for the U.S. Navy and his wife have been charged with trying to share some of the United States’ most closely held secrets on submarine technology with another country, according to court documents unsealed on Sunday.

The engineer, Jonathan Toebbe, was accused of trying to sell information on the nuclear propulsion system of Virginia-class attack submarines — the technology at the heart of a recent deal that the United States and Britain struck with Australia...

Over a series of exchanges, the F.B.I. persuaded the sender to leave information at a dead drop in return for cryptocurrency payments. The F.B.I. then observed Mr. Toebbe and his wife, Diana Toebbe, at the location of the drop, in West Virginia.

With Ms. Toebbe acting as a lookout, Mr. Toebbe left an SD card concealed inside half a peanut butter sandwich in a plastic bag, according to the court documents. After the undercover agent retrieved the sandwich, Mr. Toebbe was sent $20,000. more

Entry Level TSCM Tech Job Posting (UK)

Technical Surveillance Counter Measures (TSCM) Engineer
UK Ministry of Defence
Tarrant Rawston, England, United Kingdom

About the job

This role is within the Technical Surveillance Counter Measures (TSCM) team, part of the Spectrum team within Operations, Defence Digital. We are looking for people who will be able to assist with conducting TSCM Assessments which are technical and physical counter surveillance assessments with highly sophisticated equipment for the detection of concealed devices and identification of security vulnerabilities within offices, building infrastructure, furniture and office equipment. This is to reduce the MOD’s exposure to eavesdropping and information exploitation.

Responsibilities

You will be part of a small team conducting TSCM activities to protect, detect and respond to the technical exploitation of the MOD’s facilities by a range of threats including adversaries and insider threats to prevent unwanted exposure to Defence sensitive information.

Key Responsibilities
  • Assist in the scoping and planning tasks as appropriately to conduct the task effectively.
  • As a team member, assist with conducting Technical Surveillance Counter Measures (TSCM) Assessments of areas as tasked.
  • Assist with the completion of reports on tasks that identify the activities undertaken in a timely manner.
  • Manage the equipment holdings of the section, ensuring all equipment is working correctly, calibrated, packed and ready to deploy on trial at short notice.
  • Support the C2 Senior TSCM Engineer in the output of TSCM tasks as appropriate.
This job will involve significant travel away from home, at locations both in the UK and abroad but this is expected to be no more than 2 weeks at a time, and no more than 16 weeks per year.  more
 
PS - This is an unusual and interesting career. Rarely is an entry level position offered. 

PI & Security Director Alert - Camera Smartband for Apple Watch

A dream for professional investigators.
A nightmare for security directors.
The Apple watch band wristcam!

The scoop...
• Apple MFi-Certified Modular Camera Smartband for Apple Watch,
• 42mm-44mm, Black,
• TWO CAMERAS: 8MP + 2MP, 4K Photo, 1080p Video,
2 Microphones (underwater support for water adventures)
• 8GB Storage, WiFi, Bluetooth 5,
• IP68 Water Resistant

"Now you can go without your phone, and use your Apple Watch to capture 4K photo, 1080p video, and even video live chat with the Wristcam App." more

Wednesday, October 6, 2021

LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables

via Cyber Security Labs @ Ben Gurion University

Air-gapped networks are wired with Ethernet cables since wireless connections are strictly prohibited. 

 LANTENNA - a new type of electromagnetic attack allowing adversaries to leak sensitive data from isolated, air-gapped networks. 

Malicious code in air-gapped computers gathers sensitive data and then encodes it over radio waves emanating from the Ethernet cables, using them as antennas. A nearby receiving device can intercept the signals wirelessly, decode the data, and send it to the attacker. 

We discuss the exfiltration techniques, examine the covert channel characteristics, and provide implementation details. Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine. We evaluate the covert channel in different scenarios and present a set of countermeasures. 

Our experiments show that with the LANTENNA attack, data can be exfiltrated from air-gapped computers to a distance of several meters away. more & video

Tuesday, October 5, 2021

Eavesdropping on TSCM Expert Chris Browning

PODCAST - This week we are eavesdropping on TSCM expert Chris Browning. Mr. Browning is a highly skilled and experienced 8-year veteran instructor with the prestigious Research Electronics International (REI)...

Chris Browning is a graduate of the FBI National Academy and spent two decades in law enforcement... He studied TSCM at REI for 4 years and has been an instructor there for the last 8 years. 

Enjoy eavesdropping on TSCM expert Chris Browning and I as we discuss this specialized skill. This episode is sponsored in part by the Investigators Toolbox, the #1 online resource community for private investigators. more

Weird, Unusual & Interesting - Spy News Clickbait

Venice, Italy - The city’s leaders are acquiring the cellphone data of unwitting tourists and using hundreds of surveillance cameras to monitor visitors and prevent crowding. Next summer, they plan to install long-debated gates at key entry points; visitors coming only for the day will have to book ahead and pay a fee to enter. If too many people want to come, some will be turned away. more

Banksy's Spy Booth Brick + NFT Auction Crashes Servers with Overwhelmingly Heavy Web Traffic more

Australia - An ABC News drone took the brunt of the bite force when a saltwater crocodile leapt up and plucked it from mid-air while filming in Darwin. video

Top 9 Surveillance Videos of the Week video  

How Jamie Spears Spied on Britney Spears Through iCloud - A security firm spied on Britney Spears through her iCloud account. Here's how to figure out if someone is doing that to you, and how to stop it. more & more & more & bugsweep

ShadowDragon: Inside the Social Media Surveillance Software That Can Watch Your Every Move - The tool is the product of a growing industry whose work is usually kept from the public and utilized by police. more & more

Florida - New LawCorporate Espionage (HB 1523): Sponsored by Republican Rep. Mike Beltran, the new law creates the crime of “trafficking in trade secrets” and enhances criminal penalties under certain circumstances. If the trafficking of trade secrets benefits a foreign government or company, the offense is now a first-degree felony. more

Florida - Surveillance Drone Assists in Search for Brian Laundrie more 

Security researchers think Amazon's Astro bot isn't safe. more

Thursday, September 23, 2021

Security Director Alert: Check for Spyware When Execs Travel

Smartphone, laptop, etc. device check service for traveling users.  

Detect Pegasus and other 0-click and 1-click spywares. Check before and after executives enter high-risk countries to determine their exposure and perform remediation. Prevent introducing foreign threats to your network. Service is a ZecOps product. more

Reasons You Should Never Connect To Public Wifi

There Are Too Many Risks
Put simply, the risks you take when you connect to Wifi in public places such as libraries, stations, cafes, and shopping malls are often too great to make the benefits worthwhile...

  • Misuse of personal data Distribution of malware
  • Insecure connection
  • Online attacks on business
  • Eavesdropping

Hackers or anyone with a sound knowledge about internet software and applications can eavesdrop on your personal data if they are using the same public Wi-Fi connection as you are...

  • Try not to share your personal data while you are using a personal Wi-Fi connection.
  • Avoid logging in to websites that involve your personal or bank credentials.
  • Try using a VPN (virtual Private Network) service that will help you to encrypt all the data you receive or send.
  • Use 2-Factor authorizations that will make your connection secure and prevent the risk of data loss.” more

Grain of Sand Sky Spies

A new microchip roughly the size of a grain of sand that has the potential to glide across great distances is being touted as a breakthrough for aerial surveillance.

Key points: 

  • The devices are about the size of a grain of sand and can transmit wirelessly
  • Remote sensing technology was originally developed for warfare
  • The researchers hope the technology can be used to help monitor disease spread

Collaborating scientists from institutions including Northwestern University in the United States and Soongsil University in Korea have created what they believe are the world's smallest ever "human-made flying structures", which can be fitted with microchips and sensors and have the capacity to transmit data remotely.

The microchips can be dropped from the sky and potentially used to monitor environmental impacts and the spread of disease.The researchers, who published their findings today in the journal Nature. more

NFL Spying Book in the Works

Spies on the Sidelines - The High Stakes World of NFL Espionage

A NON FICTION BOOK BY KEVIN BRYANT

After the NFL’s Spygate controversy, involving the New England Patriots illicitly recording the defensive signals of the New York Jets in 2007, NFL fans and pundits alike struggled to answer a lingering question: Were the Patriots the only team spying on their opponents or was espionage a commonplace activity in the NFL? 

Everyone had an opinion, but few could offer more than a gut feeling to back up their claims and for good reason...

Well, that was before. Spies on the Sidelines shines a light on the shadowy world of NFL espionage and exposes the full range of collection techniques teams use to spy on their opponents, as well as the defensive countermeasures that are used to defend against these threats. more

Have a Little James Bond in You? Have I Got a Car for You!

ASTON MARTIN DB5 JUNIOR

No Time To Die Edition

From Goldfinger to No Time To Die, Bond has never been far from his Aston Martin DB5. This car has arguably been part of his DNA for over 50 years. Now, an exclusive partnership between Aston Martin, EON Productions and The Little Car Company brings you the Aston Martin DB5 Junior No Time To Die Edition.

Limited production run of 125 vehicles.

Created at 66% scale of the original, with a fully electric powertrain, the DB5 has been reimagined for Bond fans worldwide. As an official Aston Martin model, the No Time To Die edition will pay homage to the rich history of the brand with Silver Birch paintwork, Smiths instruments, and individually numbered chassis plates. Complete with Aston Martin and 007 badging, this car is unmistakably Bond.

The DB5 Junior is designed to offer seating for an adult and child side by side, to allow all generations of Bond fans to share the love of driving. more

Wednesday, September 22, 2021

Pegasus: How The Spyware Invades Phones & What It Does

What is Pegasus?
Is Pegasus a hacking software or spyware? It is pipped as the best version of both worlds that was developed, marketed, and licensed to governments around the world by the Israeli company NSO Group. This is because of the intrusive nature it possesses where it can infect and silent surveillance on billions of phones running either iOS or Android operating systems. 

Pegasus was first discovered in 2016 in a group of mobile devices which were infected via a spear phishing campaign which tricked users into clicking on malicious links which would install the spying software. However, recent versions of the spyware are much more sophisticated and require zero interaction from the victim for delivery and execution.

How it works?
The spyware executes via a zero-click exploit. This means that a victim does not need to interact with the initial delivery vector of the spyware for the malicious code to be executed. The victim receives a message on SMS, WhatsApp, iMessage or any other messaging application. As soon as the message is received the spyware is executed and all traces of the message are deleted. This implies that the user’s device will be infected with the spyware, without the user being aware of even receiving any suspicious message. more



From the Weird File: Drone Strike by a Ravin' Raven

Is it a bird?
Is it a plane?
It's a raven swooping on a drone attempting to make a delivery to a Canberran craving caffeine.

Key points:

  • Drone service Wing temporarily halts its drone deliveries to the Canberra suburb of Harrison
  • The company says it has received reports of birds swooping on objects during nesting season
  • The pause on deliveries will allow bird experts to investigate the behaviour of ravens

A battle for aerial dominance is emerging as nesting season coincides with a surge in demand for drone deliveries during Canberra's lockdown.

Drone delivery service operator Wing has paused flights in the northern suburb of Harrison while bird experts assess the behaviour of local ravens to ensure their welfare is safeguarded. more

Tuesday, September 21, 2021

Spy Tip 592 - How to Eavesdrop More Effectively

Dr Anthony Youn explained that there is a way you can listen into a chat that wasn’t meant for you.

He explained: “Try listening with your right ear and not your left – your right ear is connected to the left side of your brain which processes speech and language.”

His posts on body hacks have gone viral and include a range of tricks and trips.

He also revealed how you can get rid of hiccups. more

BAT S#!T Crazy - Corporate Espionage Gone Wild

In the past week, a spate of reports, including from the BBC and the University of Bath, has detailed how British American Tobacco (BAT) ran a spy ring in SA.

Of course, none of this is new – we’ve been writing about it for aeons now. But because so much time has lapsed since this story initially broke in SA, perhaps a recap is in order.

Years ago, BAT took off the gloves in a bid to claw back market share from competitors who emerged selling the same product, but cheaper. 

BAT’S strategy was simple: disrupt its competitors to the point of making it impossible for them to operate. 

To do this, BAT relied on a security firm — Forensic Security Services (FSS) — to co-ordinate activities, under the guiding hand of British American Tobacco SA’s (BAT SA’s) anti-illicit trade head. But it also used a series of in-place “agents” at its competitors’ businesses even as it co-opted law enforcement agencies and deployed a shared agent with the State Security Agency (SSA): triple agent and honey trap Belinda Walter.

All of this was monitored from BAT’s global headquarters, Globe House in London.

One former employee explained it as follows: “Our primary work description was to spy on competitors and disrupt business operations on behalf of BAT SA, [which] was fully aware that FSS was obtaining information illegally, and these (sic) included obtaining recorded conversations.”  more

BlackBerry Updates SecuSUITE to Secure Phone Calls from Eavesdropping

BlackBerry has announced that its SecuSUITE for Government offering now provides certified end-to-end encryption of all group phone calls and instant messages for governments and enterprises alike.

As a result of the global pandemic, millions of employees are working from home, with many teams turning to group calling methods to ensure business continuity. However, enterprises and government officials around the world are increasingly being targeted by coordinated eavesdropping attacks. SecuSUITE protects these individuals against identity spoofing, metadata harvesting and communications interceptions, which can compromise sensitive discussions and major operations. more  infographic

Peyton Manning - Patriots Locker-Room Bugging Accusation

The New England Patriots’ cheating scandals didn’t stop at Spygate and Deflategate, according to Peyton Manning.

Manning said that he knew the Patriots bugged the visiting locker room at Gillette Stadium with hot mics to eavesdrop on conversations between opposing players.

“Every time I played against New England, I used to talk to my receivers in the showers,” Manning said during ESPN’s “Monday Night Football Manning-cast in Week 2’s matchup between the Green Bay Packers and Detroit Lions.“Don’t talk about a play next to my locker because I know it’s bugged. I know it’s got a hot mic in there... more

Tuesday, September 14, 2021

I've been hacked! Now what?

Check these links for some instant advice and assistance...

https://www.justice.gov/criminal-ccips/reporting-computer-internet-related-or-intellectual-property-crime

https://www.consumer.ftc.gov/articles/how-recover-your-hacked-email-or-social-media-account

https://www.kaspersky.com/resource-center/threats/what-to-do-if-your-email-account-has-been-hacked

https://www.cnet.com/tech/services-and-software/when-you-get-hacked-figuring-out-who-to-call-for-help-can-be-a-puzzle/

https://www.popularmechanics.com/technology/security/a34284848/steps-to-take-if-you-have-been-hacked/

https://support.google.com/accounts/answer/6294825?hl=en

https://www.csoonline.com/article/3617849/15-signs-youve-been-hacked-and-how-to-fight-back.html

FTC Shuts Down Smartphone Spyware App Company

The Federal Trade Commission (“FTC”) reached a settlement with stalkerware app company Support King, LLC d/b/a SpyFone.com and its CEO (collectively “SpyFone”) to resolve allegations that it secretly harvested and shared smartphone owners’ physical location data and information about their phone use and other online activities, and that it exposed smartphones to hacker attacks in violation of the FTC Act.

The complaint alleged that SpyFone’s apps provided real-time access to the data of smartphone owners through a hidden device hack that allowed others, including stalkers and domestic abusers, to track the smartphones on which the apps were installed. In addition, SpyFone’s lax security measures, including storing sensitive information without encryption, exposed consumers to hackers and other cyber threats, including through a 2018 breach of SpyFone’s servers in which the personal information of 2,200 consumers was accessed and stolen.

Under the terms of the proposed consent order, SpyFone will disable its stalkerware apps and destroy all personal information collected through these apps. more

Alert: Apple iOS 14.8 Security Update Spikes Spyware Flaw

 Apple on Monday released security updates for its iPhone, iPad, Apple Watch and Mac computers that close a vulnerability reportedly exploited by invasive spyware built by NSO Group, an Israeli security company. 

The tech giant's security note for iOS 14.8 and iPadOS 14.8 says: "Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." Apple also released WatchOS 7.6.2, MacOS Big Sur 11.6 and a security update for MacOS Catalina to address the vulnerability. 

The fix, earlier reported by The New York Times, stems from research done by The Citizen Lab, a public interest cybersecurity group that found a Saudi activist's phone had been infected with Pegasus, NSO Group's best-known product. According to Citizen Lab, the zero-day zero-click exploit against iMessage, which it nicknamed ForcedEntry, targets Apple's image rendering library and was effective against the company's iPhones, laptops and Apple Watches. more

Monday, September 13, 2021

Urban Drone Detection is Due to Become Easier Thanks to 5G

The Department of Homeland Security (DHS) Small Business Innovation Research (SBIR) Program awarded $750,000 to Texas-based small business Cobalt Solutions Inc. to develop a detection and tracking sensor system that can identify nefarious small unmanned aerial vehicles (UAV) in an urban environment...

Cobalt’s technology increases the number of exploitable drone signatures for detection and tracking,” said Dr. Jeff Randorf, DHS S&T engineering advisor and SBIR topic manager. “As more 5G mmWave transceivers are deployed in city centers, the ability to detect and track drones in complex urban geometries becomes easier, while not contributing to an already crowded radio frequency spectrum.” more

Friday, September 10, 2021

Top 10 5G Security Concerns

5G security is inherently prone to security vulnerabilities. Previous-generation networks relied on centralized hardware-based functions that provided security choke points that were relatively easy to monitor. Endpoints in distributed software-defined (SD) networks like 5G are more difficult to keep an eye on.

While 5G addresses security issues in previous-generation wireless networks, for example with enhanced encryption, anti-tracking, anti-spoofing and network slicing features, security holes cybercriminals could potentially exploit have been identified. Some of the security vulnerabilities detected early on were linked to previous-generation networks loopholes. These included ones that allowed attackers to expose a user's location, downgrade their service to a less secure legacy that was more easily attacked, run up costly wireless bills and track users’ activities. more

Thursday, September 9, 2021

Spy Tech - Facebook and Rayban (Possibly Raybanned in some locales)

The first thing you'll notice about Facebook’s new camera glasses is that they are not called Facebook Glasses — they are called Ray-Ban Stories. This is because they are made in partnership with Ray-Ban (a cool company that no one hates), and Facebook has had a rough couple of years in the public eye. And “Stories” because, you know, Instagram stories and Facebook stories and also Snapchat "story,"

...the real danger here isn’t to your data — it’s the fact that you’re walking around wearing barely perceptible spy glasses, taking videos and photos of anyone you want, likely without them noticing...

If the idea of camera sunglasses seems familiar, perhaps that’s because it sounds like Snapchat Spectacles, which launched in 2016. In what I can only imagine is a loving tribute, Facebook has named its camera sunglasses “Stories” after the other signature product that Facebook/Instagram lifted from Snapchat. more

Tech stuff: "Dual 5MP camera gives your content new depth and dimension. Takes high resolution photos (2592x1944 pixels) and quality video (1184x1184 pixels at 30 frames per second)."

Not as dorky as past creepy-peepies, these glasses may not be recognized as spy glasses at first glance. (Maybe a Buddy Holly or Maurice Moss meets Zuck mash-up instead.) In fact, "Facebook says it's a violation of the Terms of Service to cover up the light that comes on when you're recording." Right, like that's gonna work. Additionally, "Facebook is discussing building facial recognition into its upcoming smart glasses product..." What could possibly go wrong? more

FutureWatch: Laser Through a Keyhole Can Expose Everything in a Room (somewhat)

If you're worried about privacy, it might be time to cover up your front door's peephole.

Being able to see inside a closed room was a skill once reserved for super heroes. But researchers at the Stanford Computational Imaging Lab have expanded on a technique called non-line-of-sight imaging so that just a single point of laser light entering a room can be used to see what physical objects might be inside...

It’s an incredibly clever technique, and one day it could be a very useful technology for devices like autonomous cars that would potentially be able to spot potential hazards hidden around corners long before they’re visible to passengers in a vehicle, improving safety and obstacle avoidance...

The research could one day provide a way for police or the military to assess the risks of entering a room before actually breaking down the door and storming their way inside, using nothing but a small crack in the wall or a gap around a window or doorway.  more

‘Havana Syndrome ’ and the Mystery of the Microwaves

Doctors, scientists, intelligence agents and government officials have all been trying to find out what causes "Havana syndrome" - a mysterious illness that has struck American diplomats and spies. Some call it an act of war, others wonder if it is some new and secret form of surveillance - and some people believe it could even be all in the mind. So who or what is responsible?

It often started with a sound, one that people struggled to describe. "Buzzing", "grinding metal", "piercing squeals", was the best they could manage.   

...Havana syndrome first emerged in Cuba in 2016. The first cases were CIA officers, which meant they were kept secret. But, eventually, word got out and anxiety spread...

Uncovering the truth has now become a top US national security priority - one that an official has described as the most difficult intelligence challenge they have ever faced.  more  history

Wednesday, September 8, 2021

Martian Helicopter - Coincidence or Espionage? You Decide.


China’s National Space Science Center is working on an aerial drone that bears a striking resemblance to NASA’ Ingenuity helicopter, currently on Mars.
It’s got four outstretched wiry legs, two rotors stacked atop each other, and a simplified fuselage. It’s China’s take on NASA’s wildly successful aerial drone.

A press release from China’s National Space Science Center suggests the vehicle, called the “Mars cruise drone,” has passed acceptance and will presumably advance to the next stage of development. Eventually, the Chinese aerial drone could make it to Mars, where it will patrol the landscape and further China’s exploration of the Red Planet. To that end, the Mars cruise drone will be equipped with a spectrometer for performing aerial surveys and for studying the Martian geology. more

Espionage - It Still Happens and it Still Matters

The Director General of Mi5 noted in his annual threat update hostile states seeking to spy on certain governments is as old as the hills. Nevertheless, it still happens, and it still matters. Hostile States utilising someone on the ‘inside’ to acquire privileged information makes their job so much easier.  Recently we have seen media coverage of a security officer at the British Embassy in Berlin arrested on suspicion of acting on behalf of a foreign intelligence agency.    

This blog serves as a reminder that traditional spycraft does exist and importantly provides you with some high-level protective security principles that your organisation should consider.  more