Wednesday, October 26, 2011

Gang Members Are Coming For Your Info. What's Your Counterespionage Strategy?

The Federal Bureau of Investigation on Friday estimated there are some 1.4 million gang members in the United States and they are turning to white-collar crimes as more lucrative enterprises. 

Gangs like the Bloods and the Crips are engaging in crimes such as identity theft, counterfeiting, selling stolen goods and even bank, credit card and mortgage fraud, said a new FBI gangs threat assessment.

"We've seen it, but we've seen them doing it even more now and we attribute to the fact that the likelihood of being caught is less, the sentences once you are caught are less, and the actual monetary gain is much higher," said Diedre Butler, a unit chief at the National Gang Intelligence Center. (more)

Tuesday, October 25, 2011

Search Engine Encrypts Your Secret Yearnings, Lusts and Thirsts... for Knowledge

Click to enlarge.
Flash - "As of this week, Startpage, by Ixquick, the "world's most private search engine," automatically encrypts ALL searches. Startpage was the first search engine to offer SSL encryption in 2009, and today it again breaks new ground by making SSL encryption the default." (more)

Kevin's Security Scrapbook exclusive! Motion picture footage of the inside of a search engine's encryption kernel.

"Dude, Scientology has an Office of Special Affairs?!?! I didn't know scientists even had affairs!"

The Village Voice is reporting that the Church of Scientology attempted to investigate Parker and Stone after a controversial 2005 episode of “South Park” titled “Trapped in a Closet.” The Emmy-nominated episode, airing on Comedy Central, satirized such figures as Scientology founder L. Ron Hubbard and Scientology member Tom Cruise. 

According to the Voice, former Scientology executive Marty Rathbun “revealed at his blog that in 2006, Scientology's Office of Special Affairs — the church's intelligence and covert operations wing — was actively investigating” Parker and Stone.

The Voice reports Monday: “We have more leaked OSA documents which give some idea of the extent of the spying operation on the ‘South Park’ offices and the people who worked there.” (more)

Chat and...ZAP. Your address book is stolen!

If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message.

In a video posted over the weekend, the security researcher makes the attack look like child's play. Type some JavaScript commands into the user name of a Skype account, use it to send a chat message to someone using the latest version of Skype on an iPhone or iPod touch, and load a small program onto a webserver. Within minutes, you'll have a fully-searchable copy of the victim's address book. (more)

Your Rotund Guard Can Be Replaced by Rotundus, the 3-D RoboEye

Security Director Alert - Imagine replacing multiple guards, at multiple sites with GroundBots... all reporting to your command center. 

Think of the money you could then devote to more worthwhile security needs - intellectual property protection needs - like, ummmm... TSCM!

You don’t need to read instructions to operate an arcade driving game. It’s intuitive. And that’s how easy it is to steer GroundBot in the manual control mode.

But there’s one big difference: when you’re driving GroundBot the landscape you’re moving through is for real. Streamed in real-time, in 2D or 3D. Operators say that it makes you feel you are actually there, sitting in GroundBot, looking out. 

Guardbot is also amphibious and efficient and can run up to 10 km/h (6 mph) - without making a sound. Moreover, it can operate for 8-16 hours depending on mission profile.

This near-reality experience also makes operators more alert to anyone or anything that shouldn’t be there. GroundBot can even be used to find out where an unauthorized person is going. (more) (video) (c.1968 prototype)

Monday, October 24, 2011

FBI Business Espionage Warning - "If you haven't been a victim yet, it's because you have been and you don't know it, or you will be."

Kexue Huang, a scientist and native of China, pleaded guilty last week in a federal court to swiping millions of dollars worth of trade secrets from Dow Chemical Co. and Cargill Inc. for other people doing research in Germany and China.

A federal jury last month ordered South Korea's Kolon Industries to pay DuPont Co. $920 million for stealing trade secrets regarding synthetic fibers used in such products as Kevlar body armor. A former DuPont engineer hired by Kolon, Michael Mitchell of Virginia, was sentenced in March last year to 18 months in prison for theft of trade secrets for passing on key DuPont data to Kolon.

And area technology companies are likely fooling themselves if they think they're not in the cross-hairs of such spy efforts, according to the Federal Bureau of Investigation."If you haven't been a victim yet, it's because you have been and you don't know it, or you will be," Barry W. Couch, a special agent with FBI's Buffalo division, told a conference room full of area optics industry executives last week. "Don't be blindsided."

The FBI has designated espionage, including economic espionage, its second-highest priority, behind only terrorism. (more)

Bug in the Boardroom - Nasdaq

New details have come out from the ongoing investigation into last year's attack on the Nasdaq stock exchange. 

It appears that when attackers breached the Director's Desk Web application, they not only gained access to data stored in the system, but they managed to install a monitoring software that was able to eavesdrop on "scores" of directors' communications

The application was used by board directors to discuss information relating to the company's financial performance and other intellectual property. (more)

Saturday, October 22, 2011

Security Director Alert: Occupy Wall Street would love to have A Bug in Your Boardroom

The Occupy Wall Street movement is expanding. 

Your company is the target. 

Just like animal rights and other business protest movements, intelligence helps fuel their cause. A bug in your boardroom is the ideal intelligence pipeline. (Don't think they haven't thought of doing it. All they need is a sympathetic insider who believes the boss makes too much.)

I addition to your normal preparations (perimeter security, monitoring social media, etc.) electronic countermeasures inspections (TSCM) must be part of your protection mix. Covert electronic eavesdropping, video voyeurism, data thefts and business espionage attacks are vulnerabilities you can not afford to overlook.

If you have a trusted TSCM provider, great, call them in.
If not, please stop by our web site. Learn all about our economical TSCM security solutions.

But, what if you find a bug?
Imagine... 
It's Monday morning. 
In the offices of Mongo Industries a secretary readies the Boardroom for the weekly strategy meeting. The air conditioning has been off all weekend, and just kicked in. Then...THUNK! 

Startled, she stares under the massive table. Her eyes adjust to the dark. A small dark object with gooey strips of masking tape near the Director's chair stares back.


"What should you do?" (click here)

Friday, October 21, 2011

Flash - Adobe Flash Spy Personality Disorder Fixed

Engineers on Thursday patched a hole in Adobe's ubiquitous Flash Player that allowed website operators to silently eavesdrop on visitors' webcam and microphone feeds without permission.  

To be attacked, visitors needed to do no more than visit a malicious website and click on a handful of buttons like the ones in this live demonstration. Without warning, the visitor's camera and microphone were activated and the video and audio intercepted. (more)

Adobe: "We have resolved the issue with a change to the Flash Player Settings Manager SWF file hosted on the Adobe website. No user action or Flash Player product update are required." (more)

Calling all cars: OTL DIY CSI Taps Over Possible Alibi Die Lie - Be on the Louk-out.

PA - State police are looking for a Washington man who is one of four accused of placing a wiretap in the home of a relative because they did not believe his alibi for the murder of a Buffalo Township woman.

Douglas Edward Louk, 42, whose last known address was 843 Broad St., is wanted on wiretapping and conspiracy charges. He is 5 feet 10 inches tall, weighs 210 pounds and has brown hair and blue eyes.

Anyone with information on Louk's whereabouts is asked to call state police at 724-223-5200. (more) (more)

"Dude, werz my dikshunary?" or... My lawyer can spell illegally, can yours?



CA - Billboards along Southern California freeways are urging motorists to contact lawyer Jeffrey Krinsk if they believe they were “Illegaly [sic] wire-tapped by the LA Times” or to “Report LA Times Fraud.” The San Diego attorney represents a man who is suing Times staffer Michael Hiltzik and claims the columnist secretly recorded telephone conversations. (Hiltzik’s accuser is Robert Silverman, an attorney who represents 1-800-GET-THIN, a company that markets Lap-Band weight-loss surgery.) The Times has published a series of articles and columns detailing the deaths of five patients after having Lap-Band surgery at centers affiliated with 1-800-GET-THIN. On Thursday, the paper told staffers in a memo that “we do not engage in wiretapping and fraud as the billboards allege” and that it’s confident that the lawsuit will be tossed. (more)

Cell Phone SpyWare Goes Legit

Realizing that the huge demand for parental monitoring programs for computers could also apply to phones, Dublin-based mobile web service company Associate Mobile has developed MobileMinder - a smartphone application running on a secure and encrypted network that allows parents to monitor their child's location, contacts, call history, photos, and web use. (more)

Edison Remembered

The real Edison lighthouse.
On Oct. 21, 1879, Thomas Edison invented a workable electric light at his laboratory in Menlo Park, N.J. (more) (The other Edison Lighthouse)

Thursday, October 20, 2011

TSCM - Get the Whole Picture of Your Information Security Health

A security program without TSCM is like a photo that only tells part of the story. 

Seen on the USS Midway this week.
• You might misinterpret, 
• you might be left wondering, 
• or maybe you'll just shrug it off with a laugh. 
All leave you weak and vulnerable.

Get the whole picture. Conduct TSCM inspections in your business. Make sure they incorporate a counterespionage survey. Get the whole picture. Know the truth. Feel confident.

Fun Stuff: Release Your Inner Muse, with Animoog

Alert: This app is available at 99 cents for about 25 more days. Then it goes to $29.99... and it's still a bargain.
This week work took me from New York to San Diego and back; about 10 hours on a plane. Animoog kept me captivated for most of my time in the air. The depth of musical creativity that I pulled from this was astounding. Not musically inclined? No problem, neither am I. I barely know a quarter note from a quarterhorse, yet after the first ten minutes I was making music. Beautiful sounds. Hey, the thing even records your songs for you. 

Bonus... The trips seemed like minutes instead of hours.

Have some fun this weekend. Relax. Make music. Regain your soul. You'll be surprised how good you'll feel afterward.

"Animoog is the first professional synthesizer designed for the iPad. Powered by Moog's new Anisotropic Synthesis Engine, Animoog captures the vast sonic vocabulary of Moog synthesizers and applies it to the modern touch surface paradigm, enabling any user to quickly sculpt incredibly fluid and dynamic sounds that live, breathe, and evolve as you play them." (more)