Security Director Alert: Corporate Email Espionage

A cautionary tale...

The strange e-mails arrived in executives' inboxes around the same time that the Australian oil company was negotiating a deal with a Chinese energy company.

The e-mails had the same structure and format as those sent around the company and were baited with text that appeared to refer to a supposed continuing discussion between executives. The messages looked authentic from a nontechnical perspective, just part of normal electronic communication within a company.

But the corporate IT administrator felt something wasn't quite right. Upon closer examination, the administrator found the e-mails, while appearing to come from internal company servers, were actually coming from other domains not authorized to send e-mail for the company.

The e-mails contained a malicious link that would redirect the person who opened it to a website of another energy company whose Web pages had been hacked in order to deliver malicious software designed to steal data. Victims would have no indication they'd been attacked.

It became clear that hackers were on a campaign to find out more about the pending deal... (more)

Awe right, which one of youz wise guys said, "They have phones?!?!"

 In August 2011, Special Operations Technology, Inc. in Annapolis Junction, MD receives a $79.5 million cost-plus-fixed-fee contract modification “to install, operate, and maintain the lawful intercept equipment and support equipment at various locations around Afghanistan.” 

Wiretaps can be used for a wide variety of purposes, of course, and there’s an especially pointed history tied to US wiretaps within combat zones... (more)

Where Are They Now: Anthony Pellicano Speaks

Long before the Murdoch empire’s phone-hacking scandal, Anthony Pellicano was the private eye that stars feared (and used) most. In his first interview since going to prison, he reveals new details on spying for Schwarzenegger, clearing Cruise's name—and why he dumped Michael Jackson. 

...the most explosive find in Pellicano’s office was a trove of thousands of transcripts and encrypted tapes of phone conversations he’d illegally tapped. Pellicano had designed a wiretapping program to intercept calls that he dubbed Telesleuth. Aided by several phone-company workers he employed, he installed taps in telephone junction boxes and at the main switchboard that were then connected via phone lines to the computers in Pellicano’s office and remote laptops...

The disgraced detective still insists that none of his clients knew anything about his wiretapping, in particular the high-powered lawyers, like Fields, who employed him. “I didn’t tell no one about the wiretapping,” he says. “I didn’t trust lawyers: they had an obligation to tell on me.” Still, he adds knowingly, “You can turn a blind eye, but 99 percent of the lawyers out there don’t care how the problem was solved.” (more)

UK Phone-Hacking Scandal Widens - Piers Morgan Under Pressure

Can Piers Morgan survive? It is a question his enemies and fans on both sides of the Atlantic are asking with increasing urgency. The position of the former tabloid editor turned CNN chat show host looks vulnerable as the phone-hacking scandal continues to unfold with fresh revelations almost daily.

But unlike other senior journalists caught up in the scandal, it is not Scotland Yard that has been responsible for turning up the heat on Morgan. Rather, in what his enemies might suggest is proof that there is such a thing as divine retribution, it is Morgan's unchecked vanity. Morgan, who edited the Daily Mirror for nearly a decade until 2004, faces questions over a series of boasts that suggest he was at the very least familiar with the practice of phone hacking.

Morgan admitted in a column for the Daily Mail in 2006 that he had heard a message left by Sir Paul McCartney on the phone of Heather Mills, then his wife, in which the former Beatle sounded "lonely, miserable and desperate". The disclosure has prompted Mills to claim the message could have been heard only by hacking into her phone. (more)

3 out of 10 Android Cell Phone Users Hit By Malware this Year

If... you thought your phone was safe, you, sir, were sorely mistaken. As we speak, your phone could be spying on you, getting access to all your secret passcodes, bank account information, and credit card numbers. The little bastard could even be pilfering money from you behind your back.

Now before you go thinking your phone has turned into Hal from “2001: A Space Odyssey,” it hasn’t. These attacks are the result of malware and spyware that you may have unintentionally invited into your phone when you downloaded an infected app. And a new report released Wednesday by Lookout Mobile Security finds that such malware and spyware is on the rise. One particularly troubling finding: Android users are now twice as likely to encounter malware today than they were six months ago, and three out of ten Android users are likely to encounter a Web-based threat on their device each year.

Interestingly, the report notes that while application-based threats affect both Android and iOS devices, malware and spyware have primarily targeted Android devices. iOS devices are more likely to be hit with commercial spyware apps developed specifically for jailbroken devices.

For Android phones, malware has been increasing at a faster rate than spyware, but spyware still remains the larger threat. In January 2011, 34% of all threats were malware and 66% were spyware. But as of June 2011, malware made up 48% of all threats, compared to spyware’s 52%. (more)

Spybuster Tip: Go iOS. Don't jailbreak.

Software Security Wins when Combating Phone Hacking

The recent events involving the mobile phone hacking actions of News of the World journalists – and quite possibly many others – have highlighted the fact that there are insecurities in the world of mobile telephony.

And with approaching five billion mobiles in circulation – almost at the level of one handset for every person over the age of 10, it is perhaps inevitable that some elements of the services available may be found wanting when it comes to certain aspects of security.

Against this backdrop, much has been made of the fact that cellular phones operate across open radio channels that – with the right equipment in place – they can be subverted.

But this isn’t actually true... (more)

"Yuki 7 and the Gadget Girls" (for your morning coffee break)

 WHO IS YUKI 7? 

"Fashionista and spy girl Yuki 7, along with her team of beautiful secret agents, the Gadget Girls, will excite the world with their gorgeous outfits, amazing gadgets, and fabulous escapades! From their glamorous headquarters outside of Tokyo, this team of spies can crack any case and look stunning while they do it!" (video) (fan club)

Book written by Elizabeth Ito. Includes DVD with "Looks That Kill" and "A Kiss From Tokyo" short films + Special Bonus Features! 72 Pages. Paperback with Acetate Dust Jacket.

 

ABOUT THE CREATOR
Artist Kevin Dart dreamed up the character of Yuki 7 while In London on a business trip in 2008. Yuki and her glamorous, jet-setting lifestyle provided an outlet for Kevin's fascination with the 1960s, retro spy flicks, and powerful female characters. Working in his spare time between freelance illustration gigs, he put together Yuki's first book, "Seductive Espionage: The World of Yuki 7", along with writer Ada Cole and a host of contributions from his close circle of friends around the animaton industry. The book debuted in Summer 2009 along with Yuki's first animated trailer, "A Kiss From Tokyo". Since then, Kevin has continued to expand Yuki's universe and is planning a new series of books and other exciting products.

Kevin currently lives in Pasadena, CA with his wife and works in the local animation industry.

Child ID - A Must-Have App from the FBI

You're shopping at the mall with your children when one of them suddenly disappears. A quick search of the nearby area is unsuccessful. What do you do?

Now there's a free new tool from the FBI that can help.  

Child ID app—the first mobile application created by the FBI—provides a convenient place to electronically store photos and vital information about your children so that it’s literally right at hand if you need it. You can show the pictures and provide physical identifiers such as height and weight to security or police officers on the spot. Using a special tab on the app, you can also quickly and easily e-mail the information to authorities with a few clicks.

The app also includes tips on keeping children safe as well as specific guidance on what to do in those first few crucial hours after a child goes missing. (more)

Can't Touch This - A Tribute to Leon Theremin

Scarborough, UK - Hands Off 2011 is a musical festival featuring Theremin players.

Enthusiasts will congregate in the town for a long weekend of talks, workshops, masterclasses and performances, some of which are open to the public to attend.

The Theremin is an electronic instrument invented in 1919 by Leon Theremin and mastered by Clara Rockmore and is played by the likes of electronic guru Jean Michel Jarre, Led Zeppelin’s Jimmy Page and musical comedian Bill Bailey.

Film buffs will know the sound of the Theremin from movies such as The Day the Earth Stood Still (Hear the original studio recording session!), Spellbound and The Thing.

Recent films scores of note include Ed Wood and The Machinist, both of which feature virtuoso Thereminist Lydia Kavina who is just one of the many experts coming to Scarborough. (more) (video - Hands Off 2011 ) (Theremin's spy history)

I built my first theremin in the early 60's (engineered by Robert Moog) and today use a real Moog made model. This is a very difficult instrument to master. I'm still trying. The folks you see at Hands Off 2011 are incredibly talented.

Leon Theremin plays...

With ISP Taps, Typing "Apple" May Never Yield Fruit Again

Searches made by millions of internet users are being hijacked and redirected by some internet service providers in the US. Patents filed by Paxfire, the company involved in the hijacking, suggest that it may be part of a larger plan to allow ISPs to generate revenue by tracking the sites their customers visit. It may also be illegal.

Reese Richman, a New York law firm that specialises in consumer protection lawsuits, today filed a class action against one of the ISPs and Paxfire, which researchers believe provided the equipment used to hijack and redirect the searches. The suit, filed together with Milberg, another New York firm, alleges that the process violated numerous statutes, including wiretapping laws.

The hijacking seems to target searches for certain well-known brand names only. Users entering the term "apple" into their browser's search bar, for example, would normally get a page of results from their search engine of choice. The ISPs involved in the scheme intercept such requests before they reach a search engine, however. They pass the search to an online marketing company, which directs the user straight to Apple's online retail website. (more) (sing-a-long)

Darwin Nightclub Closed - Proving Man Has Not Evolved

Australia - The Northern Territory's biggest nightclub will be closed for two weeks later this month over what the Licensing Commission has described as "despicable behaviour".

The commission found Darwin's Discovery Nightclub had a security camera in an impromptu dressing room which women used to get changed for wet T-shirt contests.

It says the club breached rules by not placing a sign near the room warning women that they could be filmed.

The commission also found that in January, 40 shots were handed out to 10 women participating in the wet T-shirt competition. (more)

Unevolved women somewhere else on the planet.

ACLU Seeks to Uncover Government Spying on American Cell Phones

In a massive coordinated information-seeking campaign, 34 ACLU affiliates are filing over 375 requests in 31 states across the country with local law enforcement agencies large and small that seek to uncover when, why and how they are using cell phone location data to track Americans. 

"The public has a right to know how and under what circumstances their location information is being accessed by the government – and that is exactly what we hope our information requests will uncover." (more)

"Sometimes I sits and thinks, and sometimes I just sits."

Former Beatle Paul McCartney said after returning from his summer tour he will get in touch with police over his ex-wife’s claim that the couple had been spied on by a British newspaper, according to media reports. 

"I don't think it's great. I do think it is a horrendous violation of privacy, and I do think it's been going on a long time, and I do think more people than we know knew about it. But I think I should just listen and hear what the facts are before I comment," he said.

McCartney ex-wife, Heather Mills, made an allegation during an interview with the BBC that she had been spied on. The allegation implicates the Trinity Mirror PLC group of newspapers and Pier Morgan. She said she "looks forward to receiving Piers Morgan's answer as to how he knew the content of her private voicemail messages." (more) (sing-a-long)

...whereupon his mom spanked his calf.

Shaquille O'Neal has been accused of tracking his wife's car in a new lawsuit. (No, not the one he is wearing.)

The world-famous basketball player is accused of becoming so concerned that his wife Shaunie was meeting up with his mistress Vanessa Lopez that he began 'spying on her'. 

...lawsuit alleges that Shaquille O'Neal planted a tracking device on then-wife Shaunie's car...'On September 25, 2009 O'Neal purchased an Ultimate Bluetooth Mobile Phone Spy, and an Ultimate People Finder Software system...O'Neal had his wife's car wired and hired "Guidepoint," a company to place a GPS tracking system on her car to track her movements and her whereabouts...

The lawsuit continues: 'If the affair came to light, O'Neal knew his mother would be furious. (more)

Hunk, a hunk of burning bucks... for Hackers

As the annual Black Hat hacker conference kicks off here, Microsoft is turning to the hacker community to help mitigate the Windows platform.

The world’s largest software vendor today announced Blue Hat Prize, an academic challenge aimed at generating new ideas for defensive approaches to support computer security. This year, Microsoft is offering $250,000 in cash and prizes to researchers who design a novel one-time mitigation for memory safety vulnerabilities. (more) (sing-a-long)