AI Voice Clones are the Hot New Spy Tool

According to the WashingtonPost, in mid-June 2025, attackers successfully contacted five high-level officials using an AI-generated voice clone of Marco Rubio over Signal to try accessing sensitive information. 

They were:

• A U.S. governor. 
• A member of Congress. 
• And THREE foreign ministers. 

…and the perpetrators needed only 15-20 seconds of publicly available audio to create the fake...

Here's what keeps security experts up at night: Voice cloning now costs as little as $1-5 per month and requires only 3 seconds of audio. Testing shows 80% of AI tools successfully clone political voices despite supposed safeguards.

...important question is this: do you have a catch phrase and/or signal to use with your loved ones to confirm it’s them? If you don’t, you should. The question isn't whether AI voice cloning will be used against you—it's when, and whether you'll be ready. more

Travel Security - Hotel Safes & Spybuster Tips

Hotel safes typically have a default master code that can be used to open them, especially if the user code is forgotten or the safe is locked upon arrival. These default codes are often 0000, 9999, or variations like 000000 or 111111. 

Hotel staff should reset this code upon installation, but it's wise to check if it's been changed or to try the default codes before using the safe, especially if you plan on storing valuables.

Check for default codes: 

Common default master codes include 0000, 9999, 1234, 1111, 000000, 111111, and 999999. Some safes require entering # # or * * before entering the master code.

• The hotel is responsible for ensuring the safe is secure and the master code is reset to prevent unauthorized access.
• If the master code is not reset, anyone with knowledge of the default code can potentially access the safe. 
• Some hotels may charge a fee to reset the safe code to a custom PIN number.

For more proof of hotel safe insecurity check here, or view one of the many YouTube videos on the subject.

Spybuster Tips

Here are some solutions to try:
• Portable Travel Safes - Soft or hard lockboxes with steel cable tethers. You hide them elsewhere in the room (e.g., attached to plumbing or heavy furniture). They avoid the hotel supplied safe altogether.
• Tamper-Evident Devices - Security tape, zip ties, or door seals placed over the safe seam or keypad can alert you to tampering. They don’t secure, only monitor.
• Bluetooth Tracker - Hide a Tile, AirTag, or Chipolo inside the safe. It may notify if the safe is opened, and its location if it has been moved.
• Security Cables - Wrap a steel cable lock (not a heavy duty bike or motorcycle cable) through the safe door handle or around the body—but this depends on the safe’s design. These may also be useful for turning your suitcase or backpack into an impromptu security enclosure. 

Q. Why make this information publicly available and teach the bad guys?

A. Unfortunately, this information already appears in multiple YouTube videos, and is a click away in ChatGPT. On a positive note, publicity might force safe manufacturers to create better products, and help protect travelers in the meantime.

Why Every Company Needs a Travel Security Program

In today’s heightened geopolitical climate, business travel is no longer a routine operational necessity — it’s a strategic exposure. Whether you’re operating across six continents or sending one specialist to a trade show abroad, travel carries risk. Corporate espionage, digital surveillance, regional conflicts, and border scrutiny are no longer fringe concerns — they’re frontline considerations.

From global enterprises with sprawling footprints to lean small and midsize firms entering new markets, the reality is clear: If your people cross borders, your business is crossing into risk...

No matter the scale of your company, essential components of a travel security program should include:

• Pre-travel risk assessments.

• Digital hygiene and hardware protocols.

• Cultural and geopolitical briefings: Equip travelers with current situational awareness — legal norms, surveillance practices, and sociopolitical sensitivities.
• Traveler support channels: Offer 24/7 access to assistance for emergencies, device issues, or detainment.
• Documentation and transparency: Publish clear travel policies and make them inclusive. more

Resources:

Travel Security Program Consulting: 

Kevin Coffey https://www.kevincoffey.com/

Technical Counterespionage: 

Kevin D. Murray https://counterespionage.com

AI Would Rather Let People Die Than Shut Down

Major artificial intelligence platforms like ChatGPT, Gemini, Grok, and Claude could be willing to engage in extreme behaviors including blackmail, corporate espionage, and even letting people die to avoid being shut down. Those were the findings of a recent study from San Francisco AI firm Anthropic...

N.B. Singularity caused the Krell's extinction. (1956)

 

The study found that in some cases, AI would resort to “malicious insider behavior” including blackmail and leaking sensitive information to competitors if that was the only way to avoid being replaced or achieve their goal...

This behavior, according to the study, wasn’t unique to Claude. Other major AI models including those from OpenAI, Google, Meta, xAI, and other developers would resort to blackmail or corporate espionage to pursue their goals. more

FutureWatch: Tag, you're it.

Recent Spy News

Mosquito Drone Could Probably Slip Through Windows and Spy Undetected - “Here in my hand is a mosquito-like type of robot. Miniature bionic robots like this one are especially suited to information reconnaissance and special missions* on the battlefield,” Liang Hexiang, a student at the National University of Defence Technology (NUDT), told CCTV while holding up the drone between his fingers. more video *Like spreading an infectious virus or toxin?

A Pennsylvania state court has dismissed the bulk of two lawsuits accusing the Rivers Casino in Pittsburgh of illegally wiretapping a guest to assist her friend's ex-husband in a child custody case, but allowed the plaintiff to proceed with some invasion of privacy claims. more

Privacy Screens Ruin the Fun of Snooping - Lately, the screen protectors have become a common sight in densely populated public areas. They have become particularly popular among people with sensitive professions, like doctors and therapists, who must be cautious about their patients’ personal information when working outside their offices... “You can put that privacy screen over your laptop or your phone and feel a sense of accomplishment,” he said. “Even though in the big picture that may be the least of your worries, it still is somehow psychologically satisfying to do something to protect the value that you hold of the importance of privacy rather than doing nothing at all.” more - phones, computers, laptops

A Torrance man has been charged with felony possession of child pornography and other crimes after he allegedly planted hidden cameras inside a bathroom and changing room at a children’s dance studio in Hermosa Beach, where he worked as a front desk receptionist... a parent discovered a hidden camera in the studio’s changing room. Police subsequently found video cameras hidden in the studio’s bathroom and changing room. more (Learn how to spot spy cams.)

Four-steps to test if your phone is Eavesdropping on You: 
1. Pick a Topic: Choose a topic you’ve never searched for or spoken about near your phone.
2. Speak Aloud: Talk about it near your phone for a few days, using relevant keywords.
3. Act Normally: Continue using your phone as usual—don’t search for the chosen topic online.
4. Watch the Ads: Analyze the ads that appear on your devices. If you notice related ads, your phone may be listening. more

Two Chinese nationals arrested for spying on US Navy personnel and bases

Man arrested for 'spying' for Iran before possible attacks in Germany

Danish national arrested after allegedly spying on Jewish targets for Iran

Israeli couple accused of spying for Iran as authorities uncover multiple espionage plots

Canadian teen jailed in Poland as Russia spy may be freed early, court says

Surge in Afghans driven from Iran in spy hunt after Israel attacks

Iranian authorities make sweeping arrests in wake of war with Israel

Russia Uncovers Ukrainian Spy Ring In Crimea, Arrests 2 For High Treason

Greek citizen detained on espionage charges in occupied Cyprus

Taiwan jails 10 people for spying for China

Mexican drug cartel hacker spied on FBI official's phone to track and kill informants

Mass Federal Layoffs Open New Espionage Opportunities for China

Russia Recruits Ukrainian Teens for Espionage and Sabotage via Telegram

US and Russian spy agencies agree to keep hotline open, Kremlin espionage chief says

Four Cool Spy Cameras for Sale

Vintage Cameras & Lenses | Coeln Cameras

I am very glad to offer my 30 years of experience with vintage cameras to provide my knowledge in the field for valuations and appraisals. Whether you are looking for advice regarding sale or would like to receive an appraisal for a single camera or an entire collection, I am happy to provide my expertise to you.
Yours,
Peter Coeln

Rare watch camera with yellow wrist-strap, Steineck 2.5/12.5mm lens, in very fine and working condition, matching original presentation case, red maker's box, instructions, warranty card - very hard to find so complete.
Steineck 

A.-B.-C Watch Camera
Condition: B+
Year: c.1949

$2,878.21

Small all-metal box camera for 12 exposures on special cassettes, with cloth focal plane shutter - in near mint condition. With film, leather case and original box.
Expo Camera Co., NY
Police Camera
Condition: A/B
Year: c.1920
$1,067.34

6x6mm images on 8mm perforated film for 20 exposures, diamond pattern gold finish, fixed focus lens, 2-speed shutter for instant and bulb exposure, engraved 'OTV' (Osaka Television), in balsa wood box with orig. maker's printed instruction leaflet, film rolls, case. The extremely rare camera was never sold to public, it was a special present for the first Anniversary of Osaka Television.
Suzuki Optical Co.
Camera-Lite B Gold
Condition: B
Year: 1955
$2,878.21

The Watch Camera was manufactured by J. Lancaster & Son of Birmingham, from 1886 to 1900. It was patented on October 4th, 1886, patent no. 12571. It was constructed of engine turned metal with nickel plating. Designed to look like a pocket watch and easily carried in a waistcoat pocket. It was a self erecting camera which expanded six spring-loaded telescoping tubes when opened to form the bellows of the camera. It featured an internal meniscus lens. The offered camera is the later model with drop shutter. Men's model for 1 1/2x2' plates, with original filmholder, the extremely rare camera is in fine original condition.
Lancaster 
Watch Camera Men's Model
Condition: B
Year: 1890
$26,383.61

School Employee Arrested - Allegedly Using Hidden Recorder

A school employee has been arrested in Georgia on charges he made pornographic videos of children using a hidden recording device.

• six counts of computer pornography, 

• 11 counts of unlawful eavesdropping or surveillance, 

• two counts of possession/sale/distribution of eavesdropping devices, 

• 11 counts of surreptitious recording of intimate parts, 

• and five counts of prohibition on nude or sexual explicit electronic transmissions.
(Michael) Brown is listed on the DeKalb County Schools website as a computer technician. more

Android 16 Feature Could Stop Hackers from Spying on Your Phone

If your phone connects to a fake or insecure network, it will pop up a warning, letting you know that something’s not right. It’ll also tell you if the network is trying to pull sensitive details like your phone’s unique ID.

But — and here’s the catch — most current Android phones won’t support this. It needs new hardware. The first phone expected to come with this built-in protection is likely the upcoming Pixel 10, which should launch later this year. more

Sony, JBL and Bose Headphones: Could Let Hackers Spy on You

Security researchers (ERNW) have uncovered three vulnerabilities in a Bluetooth chipset present in dozens of devices from multiple manufacturers... three flaws in the Airoha system on a chip (SoC), apparently “widely used” in True Wireless Stereo (TWS) earbuds.

The SoC is allegedly present in 29 devices from different manufacturers, including a couple of high-profile names: Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel. Speakers, earbuds, headphones, and wireless microphones all seem to be affected. more

‘The Last Spy’ (movie review)

CIA spymaster Peter Sichel died in February 2025, aged 102. He shares his eye-opening life story in The Last Spy...

His final testimony is a substantial interview reflecting on a life that left its mark on some of the key events of the 20th century, including the fight against Nazism, the formation of the CIA, and the Cold War. 

The Last Spy, from director Katharina Otto-Bernstein (Absolute Wilson), uses that interview as the backbone of a fascinating and wide-ranging history lesson that should make it a smart fit for documentary channels following its Munich premiere...

When Sichel attempted to write his memoirs, the CIA returned the manuscript with endless suggested redactions. They argued that if a journalist had written the book it would have been considered mere speculation, but with his name attached it would have become confirmation. The Last Spy affords him the privilege of having the final word. more

When the CIA discourages spymaster Peter Sichel from writing his memoirs and returns a heavily redacted manuscript, the sharp as ever 102-year-old decides it’s time to tell his own story—unredacted.
What he reveals is an extraordinary life lived at the crossroads of Western history and the shadowy world of intelligence. more

Remember Blue Nun wine? 

Yup, that was him too!

CISOs Anticipate Surge in Cyber Attacks Next Three Years

An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security.

The report, “CISO Outlook 2025: Navigating Evolving Domain-Based Threats in an Era of AI and Tightening Regulation,” names cybersquatting, domain and DNS hijacking, and distributed denial-of-service (DDoS) attacks as the top three global cyber threats in 2024. These risks are only projected to escalate, as cybercriminals leverage new techniques and capabilities from AI and other modern technologies to launch more sophisticated attacks. Looking ahead, cybersquatting, domain-based attacks, and ransomware top the list of cybersecurity concerns for CISOs over the next three years. more

Flash: Councillors Put Phones in Kitchen Amid Bugging Claims

UK - Members of a troubled town council have been told to put their phones in the kitchen during meetings because they suspect one of them is bugging their conversations.

The protocol has been introduced at Attleborough Town Council following suspicions that one of the councillors has been secretly recording discussions and leaking details...

The new protocol about phones being left in the kitchen next to the council chamber relates to ‘under the line’ parts of the meetings, where the public can be excluded and confidential matters discussed...

The rule has been introduced by council clerk Sharon Smyth, who claims “confidential information” was leaked following a meeting in April. more

Heineken and Shell Linked to Massive Espionage Scandal in Italy

Dutch beer brewer Heineken and Anglo-Dutch fossil energy company Shell have been linked to a major espionage scandal ongoing in Italy. The Italian company Equalize is accused of stealing and selling tax data and police information on Italian politicians and businessmen, among others, to its customers. Heineken and Shell were among those customers, NRC reports.

On paper, Equalize provides services like business intelligence and reputation management. It conducts research into the reliability of suppliers, the position of competitors, or misconduct by customers’ staff. Under the counter, Equalize also sold confidential data gained from hacking into police systems, the Italian tax authorities’ systems, and the reporting center for suspicious bank transactions, according to the Italian authorities. The company also had informants within Italian government organizations. more

Protecting Electronic Devices When Crossing U.S. Borders

Some general tips:

• Consider leaving your device behind.
• Password-protect your electronic devices with strong passwords
• Back up data before traveling. 
• Remove sensitive data from a device before traveling.
• Remember that “deleted” files can be searched. 
• Log out of cloud accounts 
• Know your rights and legal status. 
• Keep emergency contact information (including for an attorney) on paper to make this information available if a device is seized. 
• If your device is seized, request a receipt (CBP Form 6051D) 
• After a search, be sure to change your passwords.

Bearing in mind this information can mitigate – but not eliminate – privacy risks that travelers face when crossing the border. more

Summer Reading: Philby’s Granddaughter Exposes Espionage’s Best-Kept Secret: Women

The Secret Lives of Women Spies by Charlotte Philby (Author)

Philby’s new book, The Secret Lives of Women Spies, uncovers the hidden stories of female operatives, from Civil War spy Harriet Tubman to Resistance hero Josephine Baker and Soviet spymaster Agent Sonya.

Journalist and author Charlotte Philby writes in The Independent, the representation of women in espionage remains long overdue.

Philby—granddaughter of infamous double agent Kim Philby—offers a personal and poignant look into this evolution. Recounting her travels to Moscow and reflections on her grandfather’s complicated legacy, she notes the glaring absence of women in spy narratives. “Where were all the women?” she asks, recalling the male-centric portrayals of Cold War espionage in books, plays, and films.

Publisher ‏ : ‎ Puffin
Publication date ‏ : ‎ 19 Jun. 2025
Language ‏ : ‎ English
Print length ‏ : ‎ 240 pages
ISBN-10 ‏ : ‎ 0241709431
ISBN-13 ‏ : ‎ 978-0241709436

Britain’s MI6 Spy Agency - First Female Chief

Britain’s real-life spies have finally caught up with James Bond. MI6 has appointed its first female chief.

Prime Minister Keir Starmer announced Sunday that Blaise Metreweli will be the next head of the U.K.’s foreign intelligence agency, and the first woman to hold the post since its founding in 1909. She is currently the MI6 director of technology and innovation — the real-world equivalent of Bond gadget-master Q.

A career intelligence officer, Metreweli, 47, steps from the shadows into the light as the only MI6 employee whose name is made public. She said “I am proud and honored to be asked to lead my Service.” more

Superyachts Are Getting Caught Up in Spy Scandals

Even the rich and powerful may not be safe from the world of international espionage, as recent reports have alleged that countries are using multimillion-dollar superyachts in spy operations. And at least one country, China, has reportedly been spying on the superyacht manufacturers themselves.

How are superyachts connected with spying?

Most notable is Russia, which is reportedly "using its unrivaled underwater warfare capabilities to map, hack and potentially sabotage critical British infrastructure," said The Sunday Times...

This is noteworthy given that many of these oligarchs' yachts have moon pools, which are openings in the bottom of a ship's hull that can be "used covertly to deploy and retrieve deep-sea reconnaissance and diving equipment," said the Times...

Beyond the yachts themselves, Chinese officials may be spying on superyacht manufacturers, in particular luxury shipbuilder Ferretti SpA, according to a Bloomberg report. more

Weird Spy Science: Watch Watches Computer

A new research paper proposes an unusual method of data exfiltration from air-gapped systems using smartwatches.

The concept, created by researchers from Ben-Gurion University, sounds like something out of a spy thriller, but the details reveal just how technically complex and narrowly feasible such an attack would be.

The method, dubbed “SmartAttack,” relies on exploiting the microphone of a compromised smartwatch to receive ultrasonic signals from an infected air-gapped computer.

These ultrasonic transmissions operate between 18 and 22 kHz, just above the range of human hearing, and can carry data such as keystrokes or biometric information at up to 50 bits per second over distances of at least six meters.

For any part of the attack to work, multiple difficult steps must already be accomplished. (Whew!) more

Bugging Devices Found at Italian Yacht Builder Ferretti

The Italian Ferretti Group was the setting for a spy-vs-spy scenario that reportedly included private detectives shadowing an executive of the Italian builder’s primary Chinese investor and recording devices hidden in several offices, according to Bloomberg. 

The discovery of this board-level surveillance has prompted two criminal cases, now in the hands of Italian prosecutors. In April 2024, Xu Xinyu, an executive director at Ferretti SpA, noticed two men in an SUV outside Ferretti’s headquarters in Milan... 

Xu also observed the pair following him while visiting hotels in the city, Bloomberg reported. He hired a counter-surveillance company, which reportedly found a listening device and signal amplifier hidden in his office. Other devices were found in the offices of Ferretti’s Chinese-Italian translator and board secretary.

...the Ferretti Group filed its own complaint... “Ferretti SpA considers itself an aggrieved party, having been wronged by the unlawful and improper installation of surveillance devices within its offices,” the statement said. more

Laptop Microphone Could Be Spying — Through Walls — Even When It’s Off

Your microphone is leaking conversations: 

• Digital microphones in laptops, phones, and smart speakers unintentionally broadcast electromagnetic signals that can be intercepted up to 2 meters away, even through walls.

• The attack is surprisingly accessible: Researchers achieved over 94% accuracy in speech recognition using simple equipment like copper tape antennas, making this vulnerability exploitable by anyone with basic technical knowledge.

• Your “off” microphone might still be listening: Testing revealed that microphones often activate automatically when playing audio or video content, and some remain active even when apps appear muted.  more

Spy Device Can Read Book Text from Nearly a Mile Away

Scientists say they've developed a ludicrously keen-eyed laser device that can read the text in a book from a whopping 0.85 miles away.

As detailed in a new paper published in the journal Physical Review Letters, the team used interferometry, a commonly used technique in the world of astronomy that uses superimposed waves of light to create interference patterns, to develop the spy system.... Put simply, researchers applied a technology that space observatories use to a ground-based laser system to zoom across vast distances — with promising and somewhat creepy results. more

OpenAI's New Threat Report is Full of Spies, Scammers, and Spammers

(via theneurondaily.com)
Ever wonder what spies and scammers are doing with ChatGPT?

It’s not just asking for five-paragraph essays, obviously. 

… Here’s the Top 5 Most Interesting Cases…  
OpenAI just dropped a wild new threat report detailing how threat actors from China, Russia, North Korea, and Iran are using its models for everything from cyberattacks to elaborate schemes, and it reads like a new season of Mr. Robot.

The big takeaway: AI is making bad actors more efficient, but it's also making them sloppier. By using ChatGPT, they’re leaving a massive evidence trail that gives OpenAI an unprecedented look inside their playbooks.

1. North Korean-linked actors faked remote job applications. They automated the creation of credible-looking résumés for IT jobs and even used ChatGPT to research how to bypass security in live video interviews using tools like peer-to-peer VPNs and live-feed injectors. 

2. A Chinese operation ran influence campaigns and wrote its own performance reviews. Dubbed “Sneer Review,” this group generated fake comments on TikTok and X to create the illusion of organic debate. The wildest part? They also used ChatGPT to draft their own internal performance reviews, detailing timelines and account maintenance tasks for the operation.

3. A Russian-speaking hacker built malware with a chatbot. In an operation called “ScopeCreep,” an actor used ChatGPT as a coding assistant to iteratively build and debug Windows malware, which was then hidden inside a popular gaming tool.

4. Another Chinese group fueled U.S. political division. “Uncle Spam” generated polarizing content supporting both sides of divisive topics like tariffs. They also used AI image generators to create logos for fake personas, like a “Veterans for Justice” group critical of the current US administration.

5. A Filipino PR firm spammed social media for politicians. “Operation High Five” used AI to generate thousands of pro-government comments on Facebook and TikTok, even creating the nickname “Princess Fiona” to mock a political opponent.

Why this matters: It’s a glimpse into the future of cyber threats and information warfare. AI lowers the barrier to entry, allowing less-skilled actors to create more sophisticated malware and propaganda. A lone wolf can now operate with the efficiency of a small team. This type of information will also likely be used to discredit or outright ban local open-source AI if we’re not careful to defend them (for their positive uses).

Now get this: The very tool these actors use to scale their operations is also their biggest vulnerability. This report shows that monitoring how models are used is one of the most powerful tools we have to fight back. Every prompt, every code snippet they ask for help with, and every error they try to debug is a breadcrumb. They're essentially telling on themselves, giving researchers a real-time feed of their tactics. For now, the spies using AI are also being spied on by AI.

Any Wall Can be Turned Into a Camera...

...to see around corners!

An ordinary camera could soon take photos of things that are out of sight, thanks to algorithms that interpret how light bounces off a wall.

“Normally, when light bounces off rough surfaces, like walls, it scrambles the scene into a messy blur,” says Wenwen Li at the University of Science and Technology of China, Hefei. “Our goal was to ‘unscramble’ that blur and recover the hidden scene. Think of it like turning a rough wall into a mirror.”

The method involves mapping the geometry and reflectance of the wall surface by taking many images under different lighting conditions, so the researchers could predict how each bump and groove would distort reflected light. Once they had created a digital model of the surface, the team devised equations to reconstruct a hidden image from the scrambled light pattern

Li and her colleagues have successfully demonstrated real-time imaging at 25 frames per second using an ordinary camera, like one found in a smartphone. more

Personnel Officer, "So, What Qualifies You for this National Security Position?"

After a recent grocery store clerk was appointed as an anti-terror chief, it can be revealed that a second young national security official was hired straight from the cash register—with disastrous results.

A U.S. intelligence worker charged with trying to leak state secrets to a foreign spy agency was hired as a 22-year-old with little professional experience outside the cash register at a local grocery store...

His professional experience prior to joining a U.S. national security agency was remarkably similar to that of Thomas Fugate, who has just been appointed to lead terror prevention at the Department of Homeland Security.

A cybersecurity graduate of Florida Polytechnic University, Nathan Vilas Laatsch is the second national security official in two days whom The Daily Beast has revealed to have virtually no professional experience other than working at a grocery store before being hired by a U.S national security agency at the age of 22.

Laatsch, now 28, a computer scientist with “top secret” clearance at the Defense Intelligence Agency (DIA) in Virginia, was hired under the last Trump administration. He was arrested last week, accused of attempting to pass sensitive information to Germany’s Federal Intelligence Service (BND). more

UFB (shakes head and walks away)

FBI: Home Internet Connected Devices Facilitate Criminal Activity

The Federal Bureau of Investigation (FBI) is issuing this Public Service Announcement to warn the public about cyber criminals exploiting Internet of Things (IoT) devices connected to home networks to conduct criminal activity using the BADBOX 2.0 botnet. Cyber criminals gain unauthorized access to home networks through compromised IoT devices, such as TV streaming devices, digital projectors, aftermarket vehicle infotainment systems, digital picture frames and other products. Most of the infected devices were manufactured in China. Cyber criminals gain unauthorized access to home networks by either configuring the product with malicious software prior to the users purchase or infecting the device as it downloads required applications that contain backdoors, usually during the set-up process. Once these compromised IoT devices are connected to home networks, the infected devices are susceptible to becoming part of the BADBOX 2.0 botnet and residential proxy services known to be used for malicious activity.

WHAT IS BADBOX 2.0 BOTNET

BADBOX 2.0 was discovered after the original BADBOX campaign was disrupted in 2024. BADBOX was identified in 2023, and primarily consisted of Android operating system devices that were compromised with backdoor malware prior to purchase. BADBOX 2.0, in addition to compromising devices prior to purchase, can also infect devices by requiring the download of malicious apps from unofficial marketplaces. The BADBOX 2.0 botnet consists of millions of infected devices and maintains numerous backdoors to proxy services that cyber criminal actors exploit by either selling or providing free access to compromised home networks to be used for various criminal activity.

INDICATORS

The public is urged to evaluate IoT devices in their home for any indications of compromise and consider disconnecting suspicious devices from their networks. more

Behold The Amazing "AIR" Key

AIR, a joke acronym for “Anti InfraRed.”

However, just a blast of compressed air can open most card-key access entry doors in commercial buildings. 

Compressed air does this by tricking the internal exit sensor into thinking someone wants to leave. 

Click the link to learn more and actually watch how anyone can B&E without a key. https://counterespionage.com/lock-trick/

P.S. - We creatively labeled these cans for our clients so they can demonstrate the vulnerability to their colleagues. Of course, we also provide them with security solutions to rectify the problem. 

You really should join our client family. It's easy. Just add our TSCM inspections to your security program. 

Corporate Spy v Spy v Spy v Spy, or Spy Cubed

The fight between HR tech startups has heated up another notch this week as Rippling on Thursday filed an 84-page amended complaint in its lawsuit against Deel.

The complaint accuses Deel of targeting, infiltrating, and compromising four other competitors, in addition to Rippling.

The revised complaint doesn’t name all of the four other alleged victims, except cryptocurrency-based tax and payroll compliance company, Toku. Toku is suing its competitor LiquiFi, also alleging corporate espionage and that Deel was involved...

The complaint also says that there are one or more additional victims who are “major competitors of Deel” in the employer of record market. A source familiar with the investigation believes that more witnesses will soon come forward at these other companies to offer details. more

So, A Man Steals A Cherry-Picker...

...while undercover L.A. sheriff’s deputy is using it to remove concealed surveillance cameras!

A man carjacked an L.A. County Sheriff’s Department bucket truck early Wednesday morning while a sheriff’s deputy was precariously positioned high above the ground in the bucket, authorities said....

Two undercover deputies were using the truck to remove concealed cameras when a man jumped into the vehicle, said he had to go to the hospital and began to drive away, law enforcement sources told The Times.

When the carjacking took place, one of the deputies was elevated in the bucket.

The man conducted a takeover of a 2011 Ford F550 utility bucket truck on the corner of Spring and Temple streets around 5 a.m. while two deputies were in the vehicle, according to a department bulletin. A deputy received minor injuries during a struggle with the carjacker and was treated at a hospital, according to a department statement. more

P.S. I'll bet there is at least one very nervous citizen who frequents that part of town.

Supermarket Facial Recognition: "Attention. Miscreant in Asile 5."

The facial recognition system used by New Zealand’s supermarket chain Foodstuffs to prevent retail crime is compliant with privacy rules but questions still remain about bias and negative impacts on Māori and Pacific people, according to the country’s privacy watchdog...

The trial covered 25 supermarkets in which more than 225.9 million faces were scanned ... the system was effective at reducing harmful behavior, especially reducing serious violent incidents...The system only identified people who have engaged in seriously harmful behavior, while people under 18 or deemed vulnerable were not included on the list.

The Privacy Commissioner’s Office is currently working on New Zealand’s first code of practice for regulating biometric data, slated to be released by mid-2025. more

Book: Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup

Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup

by Ross Haleliuk

Reader Review: “Cyber for Builders" offers an essential roadmap for navigating the cybersecurity vendor landscape.

Most cybersecurity books are written for hackers, security leaders and practitioners, and a general audience. 

This book is different as it is intended first and foremost for builders - startup founders, security engineers, marketing and sales teams, product managers, VCs, angel investors, software developers, investor relations and analyst relations professionals, and others who are building the future of cybersecurity. 

Cyber for Builders provides an overview of the cybersecurity industry from entrepreneurial lenses, breaks down the role of a variety of industry players, from investors to channel partners and acquirers, and offers insight into the trends shaping the future of security. 

Moreover, the book is packed with mental models, notes, and advice to help early-stage cybersecurity founders get their ideas off the ground and solve problems faced by young companies around problem discovery, hiring, building products, and fundraising, to name some. more

From the Off-Topic Files

The world's largest freely available fart recording dataset.
This dataset contains over 7500 fart recordings that were collected over a period of 37 months.

Suggested Uses

• Unsupervised signal classification - You can experiment with categorizing farts without any preexisting knowledge of defining characteristics and potentially apply these learnings to other signal types - speech, radar, tv, radio, light, EEG.

• Supervised signal recognition - This dataset could be used to experiment with developing deep learning models capable of recognizing whether a sound is a fart. An interesting property of farts is variable frequencies and inconsistent durations.

• Sound effects creation - This dataset could be used by sound designers or audio engineers as a basis to create new sound effects for movies, video games, or other media. You could also simply use it as a publicly available and free source of farts.

• Education and outreach - Educators and scientists can use this dataset as an approach to better engage their audiences in signal processing and deep learning.

License

• This data is publicly and freely available to use and modify however you would like. There is no license and no limitations for use. I would appreciate being notified of this data being used publicly, purely for my own entertainment. more

Belgium Bugged Football Stadium Box to Spy on Huawei MEP Lobbying

Belgian security agents bugged a corporate box at the RSC Anderlecht football stadium that was being used by Chinese tech giant Huawei to schmooze members of the European Parliament.

They also listened into other conversations involving one of Huawei’s leading lobbyists, including in his car. 

The surveillance operations, confirmed by three people with close knowledge of the investigation, formed part of a wide-ranging probe into allegations of corruption that was first revealed in March. They contributed to the Belgian prosecutor’s decision, reported by POLITICO on Monday, to request that a group of MEPs have their immunities lifted so they can be investigated. more

Dutch Government: More Forms of Espionage to be a Criminal Offence

More than state secrets...
Legislation already exists which makes traditional espionage, such as sharing state secrets, a criminal offence. The problem is that espionage is changing in terms of its manifestations and use.

Espionage targets more than just state secrets. Indeed, foreign governments are also interested in sensitive information which is not a state secret about a particular economic sector, or which is related to political decision-making. Such information can be used to influence political processes, weaken the Dutch economy, or play allies off against each other. 

Espionage may also involve activities other than sharing information, such as stealing high-tech know-how, sabotaging vital infrastructure, exerting an influence on political decision-making, or endangering Dutch citizens with a migration background. more

Türkiye: China Is Spying on Uyghurs Using Fake Cell Towers

Turkish intelligence has dismantled a Chinese espionage network operating on its soil. This network had been conducting surveillance on Uyghur refugees as well as Turkish officials using advanced technology, particularly fake mobile towers.

Earlier this month, Turkish intelligence agents arrested seven suspects and discovered their vehicles outfitted with IMSI-catcher devices. These devices, which emulate genuine base stations, can intercept data, call logs, conversations, and other sensitive information from nearby mobile phones.

Intelligence sources indicate that some members of this espionage ring entered Türkiye as recently as March. However, a report last week disclosed that the network has been operational for the previous five years. more

China’s Spy Agency Warns - Foreigners Posing as Scholars, Tourists or ‘Insincere Lovers’

‘Don’t be fooled by sweet talk,’ ministry says in social media post.

Chinese citizens should be on alert for friendly foreign faces who could be spies – from scholars who do not do research and tourists who do not sightsee, to lovers who only want information, the country’s top spy agency has warned.

In a post on its official social media account on Sunday, the Ministry of State Security said foreign spies might be hiding in plain sight, using various identities to carry out activities that threaten China’s national security.

It highlighted five deceptive identities commonly used by foreign spies: tourists who do not sightsee, scholars who conduct no real research, businesspeople who do not do business, investigation consultants who do not investigate, and “insincere lovers” who exploit relationships to gather information. more

FutureWatch / Spytech: Contact Lenses Allow Seeing in the Dark, Even With Eyes Closed

Neuroscientists and materials scientists have created contact lenses that enable infrared vision in both humans and mice by converting infrared light into visible light. 

Unlike infrared night vision goggles, the contact lenses, described in the journal Cell, do not require a power source—and they enable the wearer to perceive multiple infrared wavelengths. Because they're transparent, users can see both infrared and visible light simultaneously, though infrared vision was enhanced when participants had their eyes closed.

"Our research opens up the potential for noninvasive wearable devices to give people super-vision," says senior author Tian Xue, a neuroscientist at the University of Science and Technology of China. "There are many potential applications right away for this material. For example, flickering infrared light could be used to transmit information in security, rescue, encryption or anti-counterfeiting settings." more

AI Can't Protect It's IP Alone - It Needs TSCM

From her new book, Empire of AI, by journalist Karen Hao.

Sam Altman Asked for a Countersurveillance Audit of OpenAI

Altman himself was paranoid about people leaking information. He privately worried about Neuralink staff, with whom OpenAI continued to share an office, now with more unease after Elon Musk’s departure. Altman worried, too, about Musk, who wielded an extensive security apparatus including personal drivers and bodyguards. 

Keenly aware of the capability difference, Altman at one point secretly commissioned an electronic countersurveillance audit in an attempt to scan the office for any bugs that Musk may have left to spy on OpenAI. more

Got worries about your intellectual property? Get MA.

This Week in Spy News

Vlogger, Jyoti Malhotra

• The corporate espionage fight between Rippling and Deel again has escalated, and this time appears to involve a third HR software "unicorn." more

• Netherlands expands espionage laws to include cyber activities more

• After vlogger arrest, Haryana says more YouTube channels under espionage scanner more & more & more

• Russia’s intelligence services turned Brazil into an assembly line for deep-cover operatives. A team of federal agents from the South American country has been quietly dismantling it. more

• Why seduction is the weapon of choice in spying more

• Corrections sergeant accused of voyeurism - accused of putting a camera inside a shampoo bottle more

• Sen. Steinhardt sounds alarm after spy tech found in Chinese solar inverters more

• Bartender arrested for hidden cameras in restaurant bathroom, home more

• FBI Director Kash Patel Abruptly Closes Internal Watchdog Office Overseeing Surveillance Compliance more

• Researchers warn of China-backed espionage campaign targeting laid-off US workers more

• What China's spies are doing in the U.S., and what happens when they're caught more (CBS 60 Minutes)

• CIA Gadget-Maker Rates 11 Spy Gadgets In Movies And TV video