More than half of senior IT security professionals believe the industry is losing the battle against state-sponsored attacks, according to a survey.
Nearly 200 senior IT security professionals were surveyed by Lieberman Software Corporation at the Black Hat USA 2013 conference in Las Vegas, with 58 per cent of saying they believe the profession is losing the battle against state-sponsored attacks.
And 74 per cent of respondents were not even confident that their own corporate network has not already been breached by a foreign state-sponsored hacker, while 96 per cent believe that the hacking landscape is going to get worse over time. (more)
FutureWatch: Look for a migration of sensitive information away from Internet connectivity, followed by a rise in traditional espionage techniques. This shift will amplify the need for traditional security countermeasures, such as TSCM.
Thursday, September 5, 2013
Tuesday, September 3, 2013
Business Espionage: HTC - Cell Phone Company Takes a Hit
Taiwan -- Investigators stormed into HTC yesterday to investigate some of the company's design staff, who are suspected of stealing trade secrets and defrauding HTC of nearly NT$10 million.
HTC accused three of its senior design professionals of fraud. The suspects were alleged to have set up new businesses on their own. Investigators started interrogating the suspects and searching their homes and offices yesterday afternoon.
The Bureau of Investigations said that it had received a complaint from HTC saying that three senior employees in the design development department were suspected of designing cellphone cases and lying about it being contract work. The suspects allegedly conspired with a manufacturer to issue fake invoices amounting to nearly NT$10 million for performing design work. Upon receiving the money from HTC, the manufacturer allegedly transferred it to the suspects. (more)
 |
| Ironic HTC homepage. |
The Bureau of Investigations said that it had received a complaint from HTC saying that three senior employees in the design development department were suspected of designing cellphone cases and lying about it being contract work. The suspects allegedly conspired with a manufacturer to issue fake invoices amounting to nearly NT$10 million for performing design work. Upon receiving the money from HTC, the manufacturer allegedly transferred it to the suspects. (more)
The Newest Eavesdropping Gadget for PIs and Spies - Also a Security & Safety Tool
When people around you put on headphones or earbuds you begin to speak freely. Big mistake. You may have been lulled into a false sense of security by an eavesdropper using The Fuser.
"The Fuser increases your awareness of the natural sounds around you using its built-in microphone to “mix” the music in your headphones with the outside world, allowing you to enjoy your music while still hearing yourself and others around you talk, laugh, work, play.*
Listen to music at work and still engage with co-workers. Take a road trip and not ignore others in the car. Relax at the beach with your music and still hear the waves crash… The possibilities are endless. (Oh, and by the way) *Fuser can also be used without a music device as a powerful hearing aid." (more)
P.S. This is also an excellent safety device for when you are walking, jogging, bicycling, or in any other situation where you need to be alert to your surroundings.
"The Fuser increases your awareness of the natural sounds around you using its built-in microphone to “mix” the music in your headphones with the outside world, allowing you to enjoy your music while still hearing yourself and others around you talk, laugh, work, play.* Listen to music at work and still engage with co-workers. Take a road trip and not ignore others in the car. Relax at the beach with your music and still hear the waves crash… The possibilities are endless. (Oh, and by the way) *Fuser can also be used without a music device as a powerful hearing aid." (more)
P.S. This is also an excellent safety device for when you are walking, jogging, bicycling, or in any other situation where you need to be alert to your surroundings.
Sunday, September 1, 2013
Industrialists Hit by Cyber Espionage
India - Cyber espionage, the practice of spying to obtain secret information like proprietary or classified details, confidential sales data, turnover, clients' contacts, diplomatic reports and records of military or political nature, have hit city industrialists.
"Cyber espionage is the new trend of cyber crime that is threatening mid-scale and small-scale industries in Ludhiana. Here one could target his business competitors or simply steal other company's details to sell it further in the market. Ludhiana offers them a ready-made market as many start-ups and small scale companies are operational here," said Tanmay Sinha, a cyber expert and an entrepreneur based in Ludhiana.
"In most of the instances, cyber espionage attempts benefit the attacker as these attacks are not random but are well-planned and targeted towards one group. Moreover, these are done by the criminals after studying the history of the target," he added.
Ludhiana police cyber cell has received more than 10 complaints of cyber espionage in the last two months. (more)
"Cyber espionage is the new trend of cyber crime that is threatening mid-scale and small-scale industries in Ludhiana. Here one could target his business competitors or simply steal other company's details to sell it further in the market. Ludhiana offers them a ready-made market as many start-ups and small scale companies are operational here," said Tanmay Sinha, a cyber expert and an entrepreneur based in Ludhiana.
"In most of the instances, cyber espionage attempts benefit the attacker as these attacks are not random but are well-planned and targeted towards one group. Moreover, these are done by the criminals after studying the history of the target," he added.
Ludhiana police cyber cell has received more than 10 complaints of cyber espionage in the last two months. (more)
Smartphone Spy Lens
Why mention this?
Our PI friends need to know, and so you will know what you're up against.
"The Smartphone Spy Lens is a tiny gizmo you attach to your phone to take photos at a 90° angle. You can slyly hold your phone in texting position, while photoing straight ahead!
Periscope around a corner. Snap candid shots of your camera-shy kids. Take a photo of your dinner plate without having to climb up on the table.
Its high quality glass and mirrored interior ensures no photo quality is lost. Attach the included metal ring around your phone's lens and the Spy Lens magnetizes securely onto it.
Since it twists 360° you'll have all the advantages of a camera with a swivel screen. Hold it high and still see what you're shooting. Hold it low without dropping into an army crawl to set your focus.
With the Spy Lens in place you can lay your phone down and still shoot straight ahead. Turning any surface into an impromptu tripod for self ports, group pix and steady videoing." (more)
Our PI friends need to know, and so you will know what you're up against.
"The Smartphone Spy Lens is a tiny gizmo you attach to your phone to take photos at a 90° angle. You can slyly hold your phone in texting position, while photoing straight ahead!
Periscope around a corner. Snap candid shots of your camera-shy kids. Take a photo of your dinner plate without having to climb up on the table.
Its high quality glass and mirrored interior ensures no photo quality is lost. Attach the included metal ring around your phone's lens and the Spy Lens magnetizes securely onto it.
Since it twists 360° you'll have all the advantages of a camera with a swivel screen. Hold it high and still see what you're shooting. Hold it low without dropping into an army crawl to set your focus.
With the Spy Lens in place you can lay your phone down and still shoot straight ahead. Turning any surface into an impromptu tripod for self ports, group pix and steady videoing." (more)
Family doctor who used £60 spycam watch...
UK - ...to film intimate examinations of hundreds of women is banned from profession...
When Bains was arrested at his surgery in Royal Wootton Bassett, Wiltshire, officers discovered 361 video clips filmed on the watch - some as long as 45 minutes.
Around 3,000 potential victims were contacted but the exact number is thought to be ‘close to 300’ - aged between 14 and 51.
A Medical Practitioners Tribunal Service banned Bains from practicing.
The tribunal in Manchester was told that his conviction earlier this year means that his fitness to practice is impaired, and he should be struck off.
In March, Bains appeared at Swindon Crown Court where he admitted 39 counts of sexual assault and voyeurism and asked for a further 65 offences to be taken into consideration.
He is serving a 12 year prison sentence and is not represented at the hearing. (more)
Around 3,000 potential victims were contacted but the exact number is thought to be ‘close to 300’ - aged between 14 and 51.
A Medical Practitioners Tribunal Service banned Bains from practicing.
The tribunal in Manchester was told that his conviction earlier this year means that his fitness to practice is impaired, and he should be struck off.
In March, Bains appeared at Swindon Crown Court where he admitted 39 counts of sexual assault and voyeurism and asked for a further 65 offences to be taken into consideration.
He is serving a 12 year prison sentence and is not represented at the hearing. (more)
Friday, August 30, 2013
Researchers Grow Human Brains in a Lab
A team at the Institute of Molecular Biotechnology of the Austrian Academy of Sciences has succeeded in growing miniature human brains...
The team, led by Dr. Jürgen Knoblich, started by analyzing human stem cells – a cell type that has the capacity to change into any other type of cell found in the body. Specifically, the scientists were interested in discovering what growth conditions are required for such cells to differentiate into various types of brain tissue cells.
Once those conditions had been identified, stem cells were used to create neuroectoderm, a layer of cells which is the “starting material” from which all components of the nervous system (including the brain) are derived...
After spending 15 to 20 days in the reactor, the neuroectoderm fragments had formed into a piece of continuous brain tissue, known as a cerebral organoid. (more)
The team, led by Dr. Jürgen Knoblich, started by analyzing human stem cells – a cell type that has the capacity to change into any other type of cell found in the body. Specifically, the scientists were interested in discovering what growth conditions are required for such cells to differentiate into various types of brain tissue cells.
After spending 15 to 20 days in the reactor, the neuroectoderm fragments had formed into a piece of continuous brain tissue, known as a cerebral organoid. (more)
Snapchat Not So Private and Secure
According to a "Snapchat Security Advisory" published by Australian researchers,
Snapchat names, aliases and phone numbers can be discovered and harvested via the Snapchat Android and iOS API - even if the Snapchat account is private.
Gibson Security discovered a range of disturbing security holes when it reverse-engineered the popular photo and video sharing app, including what it believes to be unsecure encryption practices (two encryption keys across all users) and code for in-app ads.
Gibson Security has informed ZDNet that "The API reversed isn't just used for Android, but iOS too. Both platforms are vulnerable." (more)
Snapchat names, aliases and phone numbers can be discovered and harvested via the Snapchat Android and iOS API - even if the Snapchat account is private.
Gibson Security has informed ZDNet that "The API reversed isn't just used for Android, but iOS too. Both platforms are vulnerable." (more)
FutureWatch: On the Road to The Corporate State
Tech Companies and Government May Soon Go to War Over Surveillance
via Patrick Gray, wired.com...
On the very day the media dropped detailed documents on the NSA’s X-Keyscore collection program, the Facebook engineering team published a blog post stating that all access to Facebook via apps and web browsers was now SSL encrypted. Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook’s post as a middle finger pointed in NSA’s direction...
You want us to execute that warrant for you? Ok, sure, but the user will get a nice big popup warning telling them that their messages are likely being intercepted!
There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!
And it’s only going to get worse for the poor ole G-Men. Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly. (more)
"Knowledge is power." Whoever holds the knowledge, holds the power. (sing-a-long)
via Patrick Gray, wired.com...
On the very day the media dropped detailed documents on the NSA’s X-Keyscore collection program, the Facebook engineering team published a blog post stating that all access to Facebook via apps and web browsers was now SSL encrypted. Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook’s post as a middle finger pointed in NSA’s direction...
 |
| You don't need a Weatherman to know... |
There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!
And it’s only going to get worse for the poor ole G-Men. Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly. (more)
"Knowledge is power." Whoever holds the knowledge, holds the power. (sing-a-long)
Thursday, August 29, 2013
Government and Business Team Up Against Espionage...
Germany - Faced with increasing rates of espionage attempts directed at companies, German government and business leaders have agreed on hammering out a joint protection strategy. Raising awareness is the first objective.
The German government and business organizations agreed on Wednesday that domestic companies needed stronger protection from espionage and cyber crime. They signed a declaration on hammering out a joint defense strategy and pooling resources for the most efficient infrastructure to ward off risks...
The Association of German Chambers of Commerce and Industry (DIHK) added putting an efficient security infrastructure in place should not be viewed by smaller firms as a way of wasting money.
"The costs those firms might incur through espionage and the resulting theft of intellectual property and know-how tend to be much higher than the investment in a good security setup," DIHK President Eric Schweitzer emphasized. (more)
Brilliant! Time for the U.S. to do the same.
The Association of German Chambers of Commerce and Industry (DIHK) added putting an efficient security infrastructure in place should not be viewed by smaller firms as a way of wasting money.
"The costs those firms might incur through espionage and the resulting theft of intellectual property and know-how tend to be much higher than the investment in a good security setup," DIHK President Eric Schweitzer emphasized. (more)
Brilliant! Time for the U.S. to do the same.
Wiretapping Sparks Naked Protest
FEMEN activists shed clothes in front of Ukrainian embassy in Berlin...
Ukraine based feminist movement group, FEMEN has said that they are moving their office out of Ukraine's capital, Kiev after their telephone calls were wiretapped.
A day prior, the police had alleged that a cache of illegal weapons were discovered from their headquarters.
The group is said to be moving out because of security concerns. The FEMEN group has said that the wiretapping incident has made the place impossible to work. (more)
Imagine what would happen if they were really bugged.
A day prior, the police had alleged that a cache of illegal weapons were discovered from their headquarters.
The group is said to be moving out because of security concerns. The FEMEN group has said that the wiretapping incident has made the place impossible to work. (more)
Imagine what would happen if they were really bugged.
Use of phone-tracking technology in shopping centers set to increase
Australia - We are used to cameras watching our every move, but what about having your phone tracked when you go to the shops or the CBD (Central Business District)?
More and more shopping centers and councils around Australia are already doing it - working out where people are going and how they get there.
With the technology you do not get to opt in and you do not have to be connected to a WiFi network.
There are two different approaches to tracking the phones. The Inhouse Group system scans WiFi signals given off by smartphones to pinpoint a customer's location.
Another product from the UK - FootPath by Path Intelligence - intercepts mobile phone network signals.
Neither is able to access any content stored on your phone. (more)
More and more shopping centers and councils around Australia are already doing it - working out where people are going and how they get there.
Photo:
Companies can track phones by scanning for WiFi signals
or by intercepting mobile phone network signals. (ABC News: Simon Brown)
There are two different approaches to tracking the phones. The Inhouse Group system scans WiFi signals given off by smartphones to pinpoint a customer's location.
Another product from the UK - FootPath by Path Intelligence - intercepts mobile phone network signals.
Neither is able to access any content stored on your phone. (more)
Wednesday, August 28, 2013
Millions of Android Users Vulnerable to Security Threats, Say Feds
According to a new document obtained by Public Intelligence, the U.S. Dept. of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are increasingly aware of the threats its law enforcement users and officials face at a federal, state, and local level in using older versions of the Android mobile platform.
According to the roll call release — marked as unclassified but "for official use only," and designed for police, fire, emergency medical services (EMS) and security personnel — upwards of 44 percent of Android users worldwide are still using Android versions 2.3.3 to 2.3.7, which still contain security vulnerabilities fixed in later versions. (more)
Spybusters Tip #492 - The latest version of Android is 4.3. Time to upgrade.
According to the roll call release — marked as unclassified but "for official use only," and designed for police, fire, emergency medical services (EMS) and security personnel — upwards of 44 percent of Android users worldwide are still using Android versions 2.3.3 to 2.3.7, which still contain security vulnerabilities fixed in later versions. (more)
Spybusters Tip #492 - The latest version of Android is 4.3. Time to upgrade.
Tuesday, August 27, 2013
Spybusters Tip #972 - Own a Foscam FI9821W Megapixel IP camera? There is a security update waiting for you!
As mentioned here before, many IP surveillance cameras are vulnerable to hack attacks by outsiders. This firmware update notice from Foscam addresses that.
In order to properly secure your Foscam FI9821W Megapixel IP camera as well as prevent
any potential hardware or software failures, it is highly imperative that you
please update to the latest stable Firmware version.
If you are experienced with configuring your IP cameras please follow the detailed instructions located on our website here (attached hereto for reference as well): http://foscam.us/blog/foscamipcameras/how-to-update-firmware-on-the-fi9821w-v1/
If you would like us to assist you in updating the firmware or have us do it for you remotely, please contact us 24/7 at 1-800-930-0959.
This is an urgent matter that requires immediate action.
Firmware download links:
Mirror 1: https://www.dropbox.com/s/p323grrqkpw0am6/FI9821W-1.1.1.13-20130607.zip
Mirror 2: http://foscam.us/downloads/FI9821W-1.1.1.13-20130607.zip
Mirror 3: http://www.foscam.com/Private/ProductFiles/FI9821W-1.1.1.13-20130607.zip
If you have any questions, please do not hesitate to contact us at Email: sales@foscam.us ' sales@foscam.ca ' sales@foscam.co.uk Phone: US Toll Free: 1-800 930 0949 US/Canada Sales: (+1) 713 893 7869 US/Canada Support: (+1) 713 893 7866 UK Sales/Support: (+44) 203 627 0947
If you are experienced with configuring your IP cameras please follow the detailed instructions located on our website here (attached hereto for reference as well): http://foscam.us/blog/foscamipcameras/how-to-update-firmware-on-the-fi9821w-v1/
If you would like us to assist you in updating the firmware or have us do it for you remotely, please contact us 24/7 at 1-800-930-0959.
This is an urgent matter that requires immediate action.
Firmware download links:
Mirror 1: https://www.dropbox.com/s/p323grrqkpw0am6/FI9821W-1.1.1.13-20130607.zip
Mirror 2: http://foscam.us/downloads/FI9821W-1.1.1.13-20130607.zip
Mirror 3: http://www.foscam.com/Private/ProductFiles/FI9821W-1.1.1.13-20130607.zip
If you have any questions, please do not hesitate to contact us at Email: sales@foscam.us ' sales@foscam.ca ' sales@foscam.co.uk Phone: US Toll Free: 1-800 930 0949 US/Canada Sales: (+1) 713 893 7869 US/Canada Support: (+1) 713 893 7866 UK Sales/Support: (+44) 203 627 0947
Snoop in the Soup - (You Can't Make This S--- Up)
Kenneth Enlow was arrested in July after Ambra Reynolds and her seven-year-old daughter noticed something moving in the septic tank beneath the toilet they were using at White Water Park in Sand Springs, Oklahoma.
When Ms Reynolds took a closer look, she saw Enlow looking up at her from inside the toilet...
Rescue crews pulled Enlow, who was covered in human waste, from the septic tank and cleaned him off with a fire hose.
He pleaded guilty in Tulsa County District Court to a misdemeanor violation of Oklahoma's peeping Tom statute last Thursday. (more)
When Ms Reynolds took a closer look, she saw Enlow looking up at her from inside the toilet...
Rescue crews pulled Enlow, who was covered in human waste, from the septic tank and cleaned him off with a fire hose.
He pleaded guilty in Tulsa County District Court to a misdemeanor violation of Oklahoma's peeping Tom statute last Thursday. (more)
Subscribe to:
Posts (Atom)