Thursday, June 19, 2025
CISOs Anticipate Surge in Cyber Attacks Next Three Years
The report, “CISO Outlook 2025: Navigating Evolving Domain-Based Threats in an Era of AI and Tightening Regulation,” names cybersquatting, domain and DNS hijacking, and distributed denial-of-service (DDoS) attacks as the top three global cyber threats in 2024. These risks are only projected to escalate, as cybercriminals leverage new techniques and capabilities from AI and other modern technologies to launch more sophisticated attacks. Looking ahead, cybersquatting, domain-based attacks, and ransomware top the list of cybersecurity concerns for CISOs over the next three years. more
Tuesday, March 12, 2024
2024 TSCM Trend Analysis
TSCM Equipment Market Size, Share, Competitive Landscape and Trend Analysis Report by Type, by Product and by Industry Vertical: Global Opportunity Analysis and Industry Forecast, 2023-2032
These factors result in innovation of highly discreet and capable modern surveillance technologies that are able to evade methods of traditional TSCM to meet new, emerging technical threats. The advanced TSCM equipment market is expected to grow at the highest CAGR." more
Tuesday, May 25, 2021
Study: Are Smartphones Really Eavesdropping on our Conversations?
The study, from Tidio, asked over 1000 people (48.6% males, 49.8% females, and 1.6% declaring as non-binary) about their opinions and experiences, and the results are surprising. more
Sunday, November 29, 2020
Verizon’s 2020 Cyber Espionage Report
Verizon’s 2020 Cyber Espionage Report, the result of a total of 14 years of research into global data breaches and threat actor activity, has come up with some illuminating observations about long-term patterns of cyber spying.
Among the major highlights are that criminal organizations and disgruntled former employees play a trivial role in overall attempts, that the public sector is the preferred target of attackers and that desktops and laptops are far more likely to be breached than phones...
Though there is some market for corporate secrets in the criminal
underworld, the research shows that these figures make up a small amount
of overall cyber espionage incidents: about 4% are from organized
crime, and about 2% are from former employees. An overwhelming 85% come
from state-affiliated groups, with an additional 8% from nation-states. more
Work From Home (WFH) Risks Assessed
The work-from-home (WFH) arrangement appeared to be the safest way for employees and businesses to continue operating during the pandemic, but it also exposes companies to heightened cyber security risks, studies showed...
There is also a perception that getting home security controls or measures or support from their companies is getting expensive...
The study showed that 43 percent of breach victims were small businesses, and 34 percent of data breached involved internal actors. The same survey showed that 15 percent of companies found millions of files open to every employee. ...The study showed that 71 percent of breaches were financially motivated and 25 percent is due to espionage. more
Friday, November 27, 2020
GPS Trackers, Hidden Cameras on the Rise During Pandemic
Domestic violence offenders are increasingly using GPS trackers and surveillance cameras to monitor their victims, with support workers saying technology-based abuse has escalated during the pandemic...
The report, co-authored by researchers from WESNET, Curtin University and the University of New England, surveyed 442 support workers from around the country who specialise in helping victims of family and sexual violence...
In 2020, nearly one in three frontline workers said they saw victims tracked with GPS apps or devices "all the time". Five years ago, only 8 per cent of workers saw that type of abuse that often.
Surveillance camera misuse was seen "all the time" or "often" by 42 per cent of support workers in 2020, up from 16 per cent in 2015. more
Friday, May 15, 2020
NSA Publishes: Survey of Videoconferencing Apps
During a global pandemic or other crisis contingency scenarios, many United States Government (USG) personnel must operate from home while continuing to perform critical national functions and support continuity of government services. With limited access to government furnished equipment (GFE) such as laptops and secure smartphones, the use of (not typically approved) commercial collaboration services on personal devices for limited government official use becomes necessary and unavoidable. survey
Thursday, December 26, 2019
Trend Micro Reveals Security Worries for 2020

In addition, the sheer number of connected assets and infrastructures will open doors to threats, and fake images, videos, or audio will be used to manipulate enterprise business procedures.
This is according to a new report from security firm Trend Micro, titled: “The New Norm: Trend Micro Security Predictions for 2020.”
...of special interest to our clients...
Machine learning and AI will be abused to listen in on connected devices like smart TVs and speakers to snoop on personal and business conversations, which can then provide material for extortion or corporate espionage. moreIOT devices used for espionage, extortion.
Thursday, October 17, 2019
Holy Crap: IT Folks Fear the Internet Connected Toilet
This seems clear from a new survey perpetrated on the part of the hardware security company nCipher...
The surveyors asked 1,800 IT security professionals in 14 countries about vital elements...
Thirty-six percent confessed they were afraid they'd be spied upon by an internet-connected device. The same number feared they'd have money stolen.
Twenty-four percent fear personal embarrassment as unholy information about them would be leaked.
I, though, feel a particular empathy for the 21% who are afraid that pranksters will hack their connected toilets. more
Monday, June 17, 2019
Thursday, September 1, 2016
50% of Email Users Deserve the Problems They Create

A study by researchers at a university in Germany found that about half of the subjects in a recent experiment clicked on links from strangers in e-mails and Facebook messages—even though most of them claimed to be aware of the risks. more
Friday, August 5, 2016
Does dropping malicious USB sticks really work?
Common sense.
I warned about this years ago.
Now, we have empirical evidence!

Research presented this week at BlackHat by Elie Bursztein of Google’s anti-abuse research team shows that the danger is alarmingly real:
- …we dropped nearly 300 USB sticks on the University of Illinois Urbana-Champaign campus and measured who plugged in the drives. And Oh boy how effective that was! Of the drives we dropped, 98% were picked up and for 45% of the drives, someone not only plugged in the drive but also clicked on files.

However, in reality each of the files was actually an HTML file containing an embedded image hosted on the researcher’s server. In this way they were able to track when files were accessed. more
Wednesday, July 27, 2016
Brand-Name Wireless Keyboards Open to Silent Eavesdropping
Bastille Research said the keyboards transmit keystrokes across unencrypted radio signals in the 2.4 GHz band, unlike high-end and Bluetooth protocol keyboards, which transmit data in an encrypted format, making it more difficult for attackers to intercept the scrambled keystrokes.
It means attackers armed with cheap eavesdropping devices can silently intercept what users type at distances of 50 to 100 metres away.
Such interception could reveal users' passwords, credit card numbers, security question replies and other personally sensitive information, Bastille said. Users would have no indication that the traffic between the keyboard and the host computer was intercepted.
Furthermore, attackers could inject keystrokes of their own into the signals, and type directly onto users' computers. Again, the attack would be unnoticeable to users in most cases.
Bastille tested eight keyboards from well-known vendors... more
Longtime Security Scrapbook readers may remember my warnings about this beginning in 2007...
https://spybusters.blogspot.com/2007/12/wireless-keyboard-interception.html
https://spybusters.blogspot.com/2007/12/program-discovers-at-risk-wireless.html
https://spybusters.blogspot.com/2009/01/old-news-still-scary-bugged-keyboards.html
Friday, July 22, 2016
Survey: Do Swiss Spy?

The most popular reason for spying was to check out a neighbour’s plants (28 percent), followed by how they renovate their home (24 percent), and the way in which they behave with their children (18 percent) and partner (13 percent).
Those that do the most spying are in the 15-29 age bracket, while those aged between 60-74 are the least bothered by what their neighbours are up to.
The survey also asked respondents if they felt observed, with 48 percent of young people saying they do, against a national average of 40 percent. more
Thursday, July 7, 2016
Ranking Chart of Mobile Devices Perceived as Most Secure
![]() |
Click to enlarge. |
Wednesday, June 22, 2016
Snooping on Mobile Phones: Prevalence and Trends

We estimated the 1-year prevalence to be 31% in an online participant pool. Weighted to the U.S. population, the data indicates that 1 in 5 adults snooped on at least one other person’s phone, just in the year before the survey was conducted.
We found snooping attacks to be especially prevalent among young people, and among those who are themselves smartphone users. In a follow-up study, we found that, among smartphone users, depth of adoption, like age, also predicts the probability of engaging in snooping attacks.
In particular, the more people use their devices for personal purposes, the more likely they are to snoop on others, possibly because they become aware of the sensitive information that is kept, and how to access it. These findings suggest that, all else remaining equal, the prevalence of snooping attacks may grow, as more people adopt smartphones, and motivate further effort into improving defenses. more
Tuesday, May 31, 2016
How Business Espionage Really Works (Hint, it ain't just computers.)
- Trespassing on the property of a competitor.
- Secretly observing the activities or properties of others.
- Using electronic eavesdropping equipment.
- Learning trade secrets by hiring people who work for a competitor.
- Hiring a spy to get specific information from an other company.
- Planting an undercover operative on someone else’s payroll.
- Stealing documents or property (includes electronic documents).
- Conducting phone negotiations for a license, franchise, or distributorship in order to gain inside information.
- Gaining information by staging a phony market research study or similar interview project.
- Bribing. Most forms of bribery are unethical, including those disguised as “gifts”.
- Blackmailing.
- Extorting.
Wednesday, May 25, 2016
Survey: Corporate Espionage Rated as a Top Risk - Assessments Become Common
The survey revealed that cybercrime and corporate espionage have been rated as two of the most serious threats to organizations in the coming years.

The survey also highlighted that about 73 per cent of the respondents felt that the number of security incidents had increased in the past two years and would continue over the next two years.
While five years back physical security assessment was rare and uncommon, today almost 46 per cent of the organizations surveyed conduct a physical security risk assessment once a year, whereas 17 per cent do it monthly. more
Tuesday, May 17, 2016
Spying Using Phone Call Records – Study Says It's Easy

The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Thursday, April 7, 2016
Proof Almost 50% of People are Computer Security Morons
Using booby-trapped USB flash drives is a classic hacker technique. But how effective is it really? A group of researchers at the University of Illinois decided to find out, dropping 297 USB sticks on the school’s Urbana-Champaign campus last year.
As it turns out, it really works. In a new study, the researchers estimate that at least 48 percent of people will pick up a random USB stick, plug it into their computers, and open files contained in them. Moreover, practically all of the drives (98 percent) were picked up or moved from their original drop location. Very few people said they were concerned about their security. Sixty-eight percent of people said they took no precautions... more