(Modern workplace "spying" began with the time clock back in 1888.)
New numbers show almost every single employer is spying on employees.
From keeping an eye on your internet usage to tracking your car, NBC Charlotte found out how they're doing it and if it's legal.
"It's getting to a point people are realizing they don’t have much privacy in the workplace," said Kevin Murray. more
P.S. Make sure your employees are not spying on you.
Showing posts with label spyware. Show all posts
Showing posts with label spyware. Show all posts
Thursday, November 1, 2018
Saturday, October 6, 2018
Tech-Head Alert: Smartphone Anti-Spyware & Anti-IMSI Catcher Development
We are looking for recommendations of top tier stealthy Spyware Command and Control APKs to place on a testbed of Windows, iOS, Android, Ubuntu handsets and handsets carrying a modded version of the Google Android 7.0 Nougat OS for a test that we wish to conduct to measure the capture rate and automated counter measure response of a mobile adaptive threat defence suite.
We are also looking for a list of non-LE "StingRay" type cellphone-surveillance and cell-site simulators available publicly as part of our testing of our MITM detection, automated counter measures response, and triangulation software suite. more
Saturday, September 22, 2018
Smartphone Spying – All They Need is Your Number and You're Pegged
When an Israeli entrepreneur went into a meeting with the infamous spyware vendor NSO, company representatives asked him if it would be OK for them to demo their powerful and expensive spying software, known as Pegasus, on his own phone.
The entrepreneur, who spoke to Motherboard on condition of anonymity because he was not authorized to talk about the meeting, agreed, but said that NSO would have to target his other iPhone, which he brought with him and had a foreign phone number. He gave NSO that phone number and put the phone on the desk.
After “five or seven minutes,” the contents of his phone’s screen appeared on a large display that was set up in the meeting room, all without him even clicking on a malicious link, he said.
“I see clicking on all kinds of icons: email icon, SMS icon, and other icons,” he told Motherboard. “And suddenly I saw all my messages in there and I saw all the email in there and they were capable to open any information that was on my [iPhone].”
The entrepreneur added that the NSO representatives accessed the microphone and the camera on his iPhone. That demonstration highlighted the power of an increasingly popular product among governments: software for remotely hacking phones in order to access communications and other data from targets. more
UPDATE
Pegasus malware officially a global brand.
NSO Group's Pegasus surveillanceware has been on the market for around two years, and now researchers say the spyware has a global reach that would make most multinational corporations jealous.
CitizenLab reports that its latest analysis of the malware has found it operating in some 45 countries, usually in the hands of governments looking to keep tabs on its citizens. more
The entrepreneur, who spoke to Motherboard on condition of anonymity because he was not authorized to talk about the meeting, agreed, but said that NSO would have to target his other iPhone, which he brought with him and had a foreign phone number. He gave NSO that phone number and put the phone on the desk.
After “five or seven minutes,” the contents of his phone’s screen appeared on a large display that was set up in the meeting room, all without him even clicking on a malicious link, he said.
“I see clicking on all kinds of icons: email icon, SMS icon, and other icons,” he told Motherboard. “And suddenly I saw all my messages in there and I saw all the email in there and they were capable to open any information that was on my [iPhone].” The entrepreneur added that the NSO representatives accessed the microphone and the camera on his iPhone. That demonstration highlighted the power of an increasingly popular product among governments: software for remotely hacking phones in order to access communications and other data from targets. more
UPDATE
Pegasus malware officially a global brand.
NSO Group's Pegasus surveillanceware has been on the market for around two years, and now researchers say the spyware has a global reach that would make most multinational corporations jealous.
CitizenLab reports that its latest analysis of the malware has found it operating in some 45 countries, usually in the hands of governments looking to keep tabs on its citizens. more
Thursday, September 6, 2018
mSpy Goes Platinum - Leaks 2 Million Records
mSpy, a commercial spyware solution designed to help you spy on kids and partners, has leaked over 2 million records including software purchases and iCloud usernames and authentication tokens of devices running mSky.
The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records.
mSpy is a platform that allows parents to see what their children are doing online and, presumably, allow partners to keep tabs on each other. more
This is the second time mSpy has been hacked... that we know of.
mSpy is a platform that allows parents to see what their children are doing online and, presumably, allow partners to keep tabs on each other. more
This is the second time mSpy has been hacked... that we know of.
Wednesday, August 8, 2018
Samsung's Galaxy S7 Alert - Meltdown
Samsung's Galaxy S7 smartphones have a security flaw that could allow hackers to spy on tens of millions of users.
The smartphone, owned by more than 30 million people, contains a compromised microchip which would enable cybercriminals to exploit a flaw called Meltdown.
Meltdown was uncovered earlier this year and only affects chips designed by Intel. It is believed to have existed in devices dating back 20 years, but was disclosed to chip makers Intel, ARM and AMD in 2017.
Potentially, it could allow hackers to bypass the barrier in hardware between applications and a computer’s memory, allowing them to steal passwords. more
Friday, July 6, 2018
Israeli Cyber Warfare Firm Employee Caught Selling Eavesdropping Software...
...which is why we say there is no such thing as a secure 'back door'.
Israel’s cyber warfare giant, NSO’s former employee stole company’s ‘Pegasus’ eavesdropping program software and tried to sell it on the ‘dark web’.
The Pegasus is a classified security tool that can eavesdrop on any person in the world without their knowledge, Globes reported Friday.
The accused is believed to have stolen NSO products and the program worth hundreds of millions of dollars. An indictment filed against the employee last week charged him with security offenses, in addition to theft from his employer. more
Israel’s cyber warfare giant, NSO’s former employee stole company’s ‘Pegasus’ eavesdropping program software and tried to sell it on the ‘dark web’. The Pegasus is a classified security tool that can eavesdrop on any person in the world without their knowledge, Globes reported Friday.
The accused is believed to have stolen NSO products and the program worth hundreds of millions of dollars. An indictment filed against the employee last week charged him with security offenses, in addition to theft from his employer. more
Tuesday, May 22, 2018
How Domestic Abusers Use Smartphones to Spy on Their Partners
There’s more creepy spyware out there than you think — and regulating it is a legal and technological challenge.More and more people who commit violence against their intimate partners are using technology to make their victims’ lives worse...
News media, academic researchers, and victim advocates have long acknowledged the threat of spyware in domestic abuse situations. But our research (conducted with our students) brings to light the ease with which spyware can be deployed by abusers, and the broad scope of software usable as spyware...
Installing powerful spyware is just a few clicks away. Search on the web for “track my girlfriend” and you’ll find plentiful links to software, how-to guides, and forums all aimed at making it easy for abusers to spy on victims. (Protection advice is also available.) All the tools an abuser needs are present on Google and Apple’s app stores; installation is as simple as grabbing the victim’s device, typing the password (possibly stolen), and downloading an app. Many such apps require a fee, but in some cases, you can spy free of charge.
And our research shows that current anti-malware programs most often don’t identify such software as problematic. (ours does) more
Click the "our research" link above for the research paper. ~Kevin
Monday, May 21, 2018
"Secure" Cell Phone Spyware Springs a Leak
At least one server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of accounts of both parents and children.The mobile app, TeenSafe, bills itself as a "secure" monitoring app for iOS and Android, which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed.
Although teen monitoring apps are controversial and privacy-invasive, the company says it doesn't require parents to obtain the consent of their children. more
Wednesday, April 25, 2018
Corporate Espionage: Spying on X-Ray Machines
A mysterious hacking group has been spying on the healthcare sector by going as far to infect computers that control X-ray and MRI machines with malware. Fortunately, sabotage and patient data collection doesn't appear to be a motive behind the hacking. The attackers were probably focused on corporate espionage and studying how the medical software onboard the computers worked, the security firm Symantec said on Monday.
Evidence shows that the hackers were focused on collecting data about the infected computers and their networks. DiMaggio speculates this may have been done to learn how to pirate the medical software onboard. more
Wednesday, April 18, 2018
Senators Demand More Information About DC Mobile Snooping Devices
A bipartisan group of four Senate privacy hawks are demanding the Department of Homeland Security publish more information about the evidence of mobile snooping devices in Washington and surrounding areas.
"The American people have a legitimate interest in understanding the extent to which US telephone networks are vulnerable to surveillance and are being actively exploited by hostile actors," Sens. Ron Wyden, D-Oregon, Cory Gardner, R-Colorado, Ed Markey, D-Massachusetts, and Rand Paul, R-Kentucky, wrote in a letter Wednesday to Christopher Krebs, the top infrastructure and cybersecurity official at the Department of Homeland Security...
"These things have the capability of tracking. So, if you want to pick a person and say, let's see where they go and who they talk to during the day, that might give you just enough intelligence to make some decisions without even doing the eavesdropping," Kevin D. Murray, a counter espionage expert, told CNN in an interview. more
"The American people have a legitimate interest in understanding the extent to which US telephone networks are vulnerable to surveillance and are being actively exploited by hostile actors," Sens. Ron Wyden, D-Oregon, Cory Gardner, R-Colorado, Ed Markey, D-Massachusetts, and Rand Paul, R-Kentucky, wrote in a letter Wednesday to Christopher Krebs, the top infrastructure and cybersecurity official at the Department of Homeland Security..."These things have the capability of tracking. So, if you want to pick a person and say, let's see where they go and who they talk to during the day, that might give you just enough intelligence to make some decisions without even doing the eavesdropping," Kevin D. Murray, a counter espionage expert, told CNN in an interview. more
Monday, April 16, 2018
Business Espionage: RadRAT Hid Behind Windows... for 3 years!
Bucharest-headquartered cybersecurity company Bitdefender has flushed out "RadRAT", a powerful all-in-one toolkit for complex espionage ops that was apparently unnoticed since 2015.This advanced remote access tool -- which offers full control over seized computers was operating since at least 2015, the company said in a statement.
The tool has been used in targeted attacks aimed at exfiltrating information, or monitoring victims in enterprises or large businesses running Windows. more
Monday, March 5, 2018
Court Admits Husband's Illegal Bugging into Evidence
Turkey - A top appeals court decided that evidence collected through illegal bugging could not be used by itself to prove guilt but could be used in conjunction with other evidence in a 2015 case where a man in the Aegean province of Aydın believed his wife was cheating on him and installed a bugging application onto her cell phone.The application turned the cell phone into a recording device. The recordings showed the woman really was cheating on him with a colleague from work. The man immediately filed for divorce, demanding compensation from his wife and the custody of their child. more
An app that can help determine if an Android phone is infected with spyware.
Monday, February 19, 2018
Hacktivists - Hackers Who Hack For Privacy
Another day, another data breach – This time it is Retina-X Studios, a well know spyware developing firm.There are different types of hackers, some hack for profit while some hack for good and then there are hacktivists who do it for the cause...
...the company suffered a security breach in April 2017 revealing that Retina’s software are also used to spy on customers to keep an eye on their partners without their consent which is unlawful...
Retina-X has once again suffered a data breach in which a hacker going by the online handle of Precise Buffalo on Mastodon server has targeted Retina-X and completely erased 1 terabyte of data from its cloud server including photos customers stole from unsuspecting users including kids who installed Retina-X’s Phonesheriff application on their smartphone...
“None of this should be online at all. “Aside from the technical flaws, I really find this category of software disturbing. In the US, it’s mainly targeted to parents,” the hacker said, explaining his motivations for going after Retina-X. “Edward Snowden has said that privacy is what gives you the ability to share with the world who you are on your own terms, and to protect for yourself the parts of you that you’re still experimenting with. I don’t want to live in a world where younger generations grow up without that right,” said the hacker.
This is not the first time when a spyware developer has been hacked. Previously mSpy was compromised when a hacker stole personal data of 400,000 users and leaked it online. more
Friday, February 16, 2018
Sunshine Disinfects Fortune Over iPhone Spyware, or Tobacco Rode... away.
Fifty dollars worth of spy gear just cost this Yale grad a fortune. Brooklyn Heights dad Crocker Coulson forfeited any claim to his estranged wife’s tobacco fortune after he bugged her iPhone with $50 software that allowed him to record confidential meetings with her lawyer and shrink to gain an advantage in their divorce.
Brooklyn Supreme Court Justice Jeffrey Sunshine doled out the “drastic” punishment because of the “unprecedented, contumacious conduct” of the Yale-educated investment consultant. Sunshine added that the punishment was a signal to other divorcing spouses not to violate attorney-client and doctor-patient confidentiality by playing private eye. more
Concerned about your smartphone?
Sunday, December 24, 2017
Espionage Backdoor Installs via Printer-Spoofing Campaign
For many large organizations, emails from corporate printers and scanners are commonplace, and cyber-criminals are finding this vector to be a lucrative host to launch cyber-attacks.
Barracuda Networks has tracked an uptick in attacks through Canon, HP and Epson printer and scanner email attachments of late: Since late November, cyber-criminals have made millions of attempts to infect unsuspecting users by sending impersonated or spoofed emails from these common printer and scanner brands, with attachments that contain malware.
Once unpacked, the malware installs a backdoor on the machine that offers unauthorized access to a victim PC and cyber-espionage capabilities...
Further, indicating a ramsomware-ready aspect, attackers also can change the victim’s wallpaper to display a message of their choice.
Workers should use common sense to avoid the threat:
Barracuda Networks has tracked an uptick in attacks through Canon, HP and Epson printer and scanner email attachments of late: Since late November, cyber-criminals have made millions of attempts to infect unsuspecting users by sending impersonated or spoofed emails from these common printer and scanner brands, with attachments that contain malware.
Once unpacked, the malware installs a backdoor on the machine that offers unauthorized access to a victim PC and cyber-espionage capabilities...
Further, indicating a ramsomware-ready aspect, attackers also can change the victim’s wallpaper to display a message of their choice.
Workers should use common sense to avoid the threat:
- double-check with the sender if one didn’t know a scanned document was coming;
- hovering the mouse over every hyperlink to make sure it’s legitimate;
- and simply not clicking if there’s any doubt whatsoever. more
 |
| Example of a fake email. |
Thursday, August 24, 2017
Google 500+ Spy Apps - Update
Google has removed over 500 apps that included mobile games for teenagers from its Play Store on account of a spyware threat.
The decision came after US-based cyber-security firm Lookout discovered more than 500 apps that could spread spyware on mobile phones, Fortune reported late on Wednesday.
According to Lookout, the apps used certain software that had the ability to covertly siphon people's personal data on their devices without alerting the app makers. more
The decision came after US-based cyber-security firm Lookout discovered more than 500 apps that could spread spyware on mobile phones, Fortune reported late on Wednesday.
According to Lookout, the apps used certain software that had the ability to covertly siphon people's personal data on their devices without alerting the app makers. more
Tuesday, August 22, 2017
Smartphone Replacement Parts as Spies
If cracking your smartphone’s touchscreen wasn’t bad enough, researchers have found out a new security threat that might emerge out following the replacement of your touch screen as it has been found out that the replaced units might contain hardware that could hijack a device.
A paper presented by researchers at Ben-Gurion University of Negev, Israel, at the 2017 Usenix Workshop on Offensive Technologies, shows how smartphone replacement units can be a security risk for the user.
According to the researchers, devices with cracked touchscreens or even other damaged components are prone to security risks as the replaced parts installed by a repair shop might contain additional hardware that can hijack the device and track usage, log keystrokes, install other malicious apps, access files and more. more
A paper presented by researchers at Ben-Gurion University of Negev, Israel, at the 2017 Usenix Workshop on Offensive Technologies, shows how smartphone replacement units can be a security risk for the user.
 |
| Click to enlarge. |
Friday, August 11, 2017
Now Available at Your Favorite Android App Store...
Dubbed SonicSpy, the malware can silently record calls and audio, take photos, make calls, send text messages to numbers specified by the attackers, and monitor calls logs, contacts, and information about wi-fi access points.
In total, SonicSpy can be ordered to remotely perform 73 different commands and its suspected to be the work of malware developers in Iraq. more Antidote: SpyWarn 2.0
Monday, July 17, 2017
Shark Tanked
UK - A former champion boxer has been jailed after bugging his ex-girlfriend's phone during a campaign to 'control' her.
Ronnie 'The Shark' Clark installed spyware on a phone he bought former partner Rebecca Graham and sent her menacing messages, a court heard.
The 32-year-old was jailed for nine months at Teesside Crown Court after he was convicted of the new offence of 'controlling or coercive behaviour'...
He used the phone software to monitor who she was exchanging messages with and threatened to kill a man she was in touch with, The Dundee Courier reported.
A family member of Clark's also messaged Miss Graham telling her 'you know what he's capable of' and 'he's not scared of killing people'. more
Ronnie 'The Shark' Clark installed spyware on a phone he bought former partner Rebecca Graham and sent her menacing messages, a court heard.The 32-year-old was jailed for nine months at Teesside Crown Court after he was convicted of the new offence of 'controlling or coercive behaviour'...
He used the phone software to monitor who she was exchanging messages with and threatened to kill a man she was in touch with, The Dundee Courier reported.
A family member of Clark's also messaged Miss Graham telling her 'you know what he's capable of' and 'he's not scared of killing people'. more
Tuesday, July 11, 2017
Android Malware Steals Data From 40 Apps
A newly uncovered form of Android malware aims to steal data from over 40 popular apps including Facebook, WhatsApp, Skype and Firefox - and the trojan has been actively engaging in in this illicit activity for almost two years.
Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.
The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more
Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more
Subscribe to:
Posts (Atom)