Sunday, December 18, 2011

'Fake Sheik' appears at UK phone hacking inquiry

UK - The star undercover reporter for the now-defunct News of the World tabloid told Britain's media ethics inquiry Monday that he duped celebrities only to expose criminality, immorality or hypocrisy.

The original "Fake Sheiks"
Mazher Mahmood, who worked for the Rupert Murdoch-owned newspaper for 20 years, said he had not been aware illegal phone hacking was going on until the newspaper's royal reporter, Clive Goodman, was arrested in 2006. Goodman was later jailed for eavesdropping on the mobile phone voice mails of members of the royal family staff.

Mahmood is a controversial figure, nicknamed the "Fake Sheik" after his signature ruse of pretending to be a rich Gulf businessman to trap celebrities, politicians and suspected criminals. (more)

Why Hack a Hotel's Internet Provider?

Google and Intel were logical targets for China-based hackers, given the solid-gold intellectual property data stored in their computers. An attack by cyberspies on iBahn, a provider of Internet services to hotels, takes some explaining.

iBahn provides broadband business and entertainment access to guests of Marriott International and other hotel chains, including multinational companies that hold meetings on site. Breaking into iBahn's networks, according to a senior U.S. intelligence official familiar with the matter, may have let hackers see millions of confidential emails, even encrypted ones, as executives from Dubai to New York reported back on everything from new-product development to merger negotiations.

More worrisome, hackers might have used iBahn's system as a launchpad into corporate networks that are connected to it, using traveling employees to create a backdoor to company secrets, said Nick Percoco, head of Trustwave's SpiderLabs, a security firm...

The networks of at least 760 companies, research universities, Internet service providers and government agencies were hit over the last decade by the same group of China-based cyberspies. (more)

FBI Announces Theft of Trade Secrets Indictment

Tung Pham, 46, formerly of Conshohocken, Pennsylvania, currently residing in California, was charged today by indictment with theft of trade secrets and wire fraud, announced United States Attorney Zane David Memeger. Pham was charged with stealing trade secrets regarding pastes used in the manufacture of solar cells from his former employer. (more)

Here is how it started, back in 2009...
 
The Photovoltaic Materials Business Unit of Heraeus has selected Tung Pham to fill the position of research scientist for the organization. Reporting to Dr. Weiming Zhang, Heraeus' Global PV research and development manager, Pham will work primarily in the North American research and development lab located in West Conshohocken, Pennsylvania.

Pham has an extensive background in developing metallization pastes and thick film conductors for the microelectronics and photovoltaic industries. He has authored numerous technical presentations on materials and the construction of silicon solar cells. Pham earned his bachelor's degree in Engineering from California Polytechnic University.

According to Dr. Zhang, Pham will be working on advancements to Heraeus' current paste platforms and developing the next-generation of PV materials to meet the growing worldwide demand for solar cells. (more)

"Yes, and they have 2-way radios, too!" Dutch parliament gets clued in.

The Netherlands - Eavesdropping software that can be installed from a distance on the computers of suspects is available to the police, justice minister Ivo Opstelten told parliament on Monday evening. (more)

Fun Fact...
The Netherlands sanctions more phone taps per head of population than any other country in the world.

Thursday, December 15, 2011

Pizza Mobster Wiretaps... Himself

MA - A city man has been charged with illegally taping two phone conversations he had with a man who wanted to arrange the robbery of a company in Lawrence, police said.

Charles "Dino" Manjounes, 48, of 94 Keeley St., was arrested Friday at 3:45 p.m. at his work place, Riverside Pizza, 181 Groveland St., and charged with extortion by threat or injury and two counts of unlawful wiretapping...

Manjounes had put an employee of Colony Foods in contact with a person identified merely as "Death," according to Schena's report. "Death'' told the employee the robbery would cost $20,000. When the employee protested, Death said the cost would be $30,000 — and that he would drag him out of his work place and kill him if he failed to pay, the report said. (more)

Nelson Mandela 'spy' cameras confiscated by police


South African police have confiscated cameras they say were illegally filming Nelson Mandela's house in his home village of Qunu in the Eastern Cape.

Police spokesman Vishnu Naidoo told the BBC that two media groups were being investigated.

The cameras were found in a neighbour's house and had been constantly filming the ex-president's residence, he said. (more)

Security Quote of the Day

"The Android platform is where the malware action is. I believe that smart phones are going to become the primary platform of attack for cybercriminals in the coming years." ~ Bruce Schneier, author of the best sellers "Schneier on Security," "Beyond Fear," "Secrets and Lies," and "Applied Cryptography," and an inventor of the Blowfish, Twofish, Threefish, Helix, Phelix, and Skein algorithms.

Industrial Espionage Gang Sends Malicious Emails

A cybercrime gang that primarily targets companies from the chemical industry has launched a new series of attacks that involve malware-laden emails purporting to be from Symantec, the security vendor responsible for exposing its operation earlier this year.

Dubbed the Nitro attacks, the gang's original industrial espionage efforts began sometime in July and lasted until September. The attackers' modus operandi involved sending emails that carried a variant of the Poison Ivy backdoor and were specifically crafted for each targeted company... 

"The same group is still active, still targeting chemical companies, and still using the same social engineering modus operandi," security researchers from Symantec said in a blog post on Monday. (more)

Monday, December 12, 2011

Cell Phone Spyware Scam Accusations

"Ever get the feeling you've been cheated? Now you can find out the truth."

That's a banner on the website for SMS Privato Spy, which advertises smartphone spyware that allows customers to secretly monitor a spouse or co-worker's phone and collect that person's calls, texts and GPS locations.

According to security experts, however, the truth is that customers have been getting nothing for the $50, $75, $100 or $125 they paid for one of Privato Spy's four packages. (more)

Electronic chip in bath soap raises huge stink

India - Expatriate Indian consumers have become suspicious of a brand of bath soap manufactured by a multinational company after consumers back home complained about an electronic chip embedded in the soap.

Reports from India suggest that a bathing soap-related survey being conducted for Britain-based organisations in Beemapalli near Thiruvananthapuram, Kerala, was called off after residents, who had earlier agreed to the survey, panicked...

The survey was being conducted for the stated purpose of finding out the health and hygiene habits of the people living in coastal areas, to which the residents of Beemapalli consented. However, once the realization of an embedded chip in the bathing soap dawned upon the locals, they feared that the soap might 'eavesdrop' on them or even film them in the shower. (more)

The chip was a motion sensor. The survey participants agreed to use the soap for five days and return it, at which point they would be paid money for being part of the survey.

Saturday, December 10, 2011

The Latest Video Enhancement Trick: De-Blurring

About a year ago I looked at work by two video enhancement specialists; Doug Carner, CPP/CHS-III of Forensic Protection and Jim Hoerricks - author of Forensic Photoshop, a comprehensive imaging workflow for forensic professionals

Today, Doug advised me of a trick that every security professional should have up their sleeve, de-blurring. He explained how he de-blurs motion this way...

"Light originates and reflects from objects in very predictable ways. As the camera and object move, they distort the captured image. These distortions can be reversed using a filter that acts like mathematical eye glasses.

For this example, we used the bent light streak seen at the far right of the license plate. The process could have just as easily been applied to the mud flaps or tires."

Wow, major difference!

This got me thinking. How good will this technology become?

Just two months ago, Adobe gave the world a sneak peek.

When you view this video, set it to HD and go full screen. The magic begins about 2 minutes into the clip and continues with several photos being blur corrected.

Unfortunately, this was only a sneak preview. It is not available to the general public in Photoshop yet.

Just to re-cap, here are some of the things Doug can do to enhance your crummy videos...
• High-resolution video and audio extraction or capture
• Adaptive military-grade video jitter stabilization
• Video de-interlace, de-sequence and de-multiplex
• Intelligent temporal noise and artifact suppression
• Fast-Fourier compression and camera age reversal
• Sub-pixel shift fusion over time, space and frequency
• Adjust video brightness, contrast, saturation and size
• Color channel isolation and focus/motion blur correction
• Audio noise suppression and speech amplification
• Video zoom, trim, crop and speed adjustments
• Multiplex to original with event highlight for court exhibit
• Image extraction, cropping, enlarging and printing
  
Want to conduct your own experiments with de-blurring?
Visit the Department of Computer Science and Engineering at The Chinese University of Hong Kong. Play with their GPU Blur Removal Software v2.0 just released last month. (Windows Trial Version)

Friday, December 9, 2011

Business Telephone Systems Still Vulnerable to Toll Fraud

A Compilation of Phreaking Evidence from 2004-2011 - 25 pages .pdf (download)

Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks. They are often mistakenly lumped in with criminal phone hackers. It is also a mistake to think that this was only a 1970's - 1980's phenomena. 
Just in case you thought your business phone system was safe, read on...

• PABX/PBX hacking (phreaking) is common. It's organized crime and big business.

• Telephone systems everywhere are targets and telecommunications bandits know how to gain access to your phone system by reconfiguring it to route their own calls through it.

• Phreakers can hack phone systems, voicemail boxes and PINs in a few seconds to gain illegal access to your extensions.

• Most toll fraud is generated after hours and on holidays when it's least likely to be detected.

• Phreakers can gain the most by routing expensive international calls through private phone systems.

• Terrorist organisations use telecommunications fraud to generate funds by illegally gaining access to private phone systems and then re-selling the service.

• Many businesses leave their phone systems completely unprotected.

You will end up paying the bill after they've hijacked your phone system and extensions to make illegal calls anywhere they choose - often at a huge cost... (more)

Ask your counterespionage consultant to look into this for you. Specifying the correct controls, procedures and security hardware to protect your communications is their specialty. 

Don't have a counterespionage consultant?!?!  Contact me for a referral.

Thursday, December 8, 2011

"I'm Dreaming of a Spy Christmas"

Toy helicopter with a built-in 1.3Mp camera for sneaky aerial snapping.

Specifications:
• Take up to 3 minutes of video (at resolution 640 X 480) or take hundreds of photos (at resolution 1280 X 960).
• 3-Channel control allows flying up and down, forward & backward, left and right
• Stabilized by sophisticated built in gyroscope for the clearest pictures
• Use the remote transmitter button to take the pictures and video
• Plug in computer to download the video and photos
• User friendly Graphic Unit Interface on PC to adjust the photo or video setting.
• Real time capturing to see the effect on screen.
White color LED to indicate photo capturing or video recording.
• Download videos and photos through USB
Charging through transmitter or USB (more)

--------
Fei Lun Full Function Radio Control Spy Video Car

• Audio & Video (with Night Vision Transmitter)
(more)

-------

Using Spy Gadgets: The Definitive Guide to Finding Out Anything About Anyone Using Spy Tools, Spy Gear, Spy Equipment, Spy Cameras, Spy Toys, or a Spy Bug From a Spy Shop
By Dick Peplowski

Are you constantly wondering about certain people and wondering about their real past or present lives? You’ve surely thought, “That guy just seems to have something “off”” as we all have and want to know the truth. So how do you find the truth? Sadly, to find out the real dirt on someone, you’ve had to pay a fortune for a private investigator to get it for you. The good news is that is no longer the case! You can literally become your own Sherlock Holmes and find out all the dirt on people that you want. The best part is that you are going to be learning how to do this through the use of awesome spy tools that you can easily obtain. These will give you the power of Inspector Gadget when it comes to finding out the real dirt on someone. You learn about all the spy tools you could ever want to use plus many more in Dick Peplowski's "Using Spy Gadgets: The Definitive Guide to Finding Out Anything About Anyone Using Spy Tools, Spy Gear, Spy Equipment, Spy Cameras, Spy Toys, or a Spy Bug From a Spy Shop." This is all broken down in an easy to understand and easy to apply system for personal surveillance success. (more)

Wednesday, December 7, 2011

Town Clerk Allegedly Testifies to Electronic Eavesdropping

MI - Augusta Township Clerk Kathy Giszczak allegedly testified in a deposition that she electronically eavesdropped on a conversation between the township's deputy treasurer and supervisor.

That allegation surfaced as part of an Open Meetings Act lawsuit pitting one half of the board against the other half.


Electronic eavesdropping is a felony punishable by up to five years in prison, though no criminal charges have been brought against Giszczak. A hearing on the OMA lawsuit is scheduled for Dec. 13. (more)

Albanian Ex-Spy Chief Disappears

UK - Scotland Yard today issued a nationwide appeal to track down a former Albanian spy chief who is on the run after failing to attend an extradition hearing.

Ilir Kumbaro, 58, was due to appear at Westminster magistrates' court, where he faced being sent back to Albania on charges of kidnapping and torturing three men.

When he failed to show up last Thursday, police checked his home in Forest Hill, other addresses and hospitals. All ports and airports were alerted but there has been no sign of him.

Detectives, who say he may be using his skills as an ex-head of the Albanian secret police to evade capture, suspect he could still be in London, living under a false identity. One of Eastern Europe's most wanted men, he lived on benefits with his wife and one of his two sons on a Fulham council estate for 12 years before he was discovered...

Police say Kumbaro, who is about 5ft 7in, bald and stout, is likely to be with his wife. He speaks English with an Eastern European accent. Anyone who has seen him is asked to call Crimestoppers on 0800 555 111. (more)