Wednesday, November 19, 2014

Fake Cell Tower Survey on Indiegogo

If there's somethin' strange in your neighborhood
Who ya gonna call (cellbusters)
If it's somethin' weird an it don't look good
Who ya gonna call (cellbusters)
(more) (sing-a-long)

Tuesday, November 18, 2014

Your Email is Hacked - Now What?

The State Department has suspended its unclassified email system in response to a suspected hacking attack. 

The unprecedented shutdown on Friday was reportedly applied to give technicians an opportunity to repair possible damage, as well as to apply security improvements. (more) 

But, what if it's your email? You don't have "technicians" to turn to. Techlicious to the rescue...

Step #1: Change your password. 
Step #2: Reclaim your account. 
Step #3: Enable two-factor authentication. 
Step #4: Check your email settings. 
Step #5: Scan your computer for malware. 
Step #6: Find out what else has been compromised. 
Step #7: Humbly beg for forgiveness from your friends. 
Step #8: Prevent it from happening again.

Full details for each step are outlined here.

Dark Hotel - Cleverly Engineered to Conduct Corporate Espionage

A new advanced persistent threat (APT), known as DarkHotel, is now targeting C-level executives of major businesses. 
 
Instead of trying to compromise governments to steal state secrets, Dark Hotel is cleverly engineered to conduct corporate espionage, likely for a foreign state-sponsored group, utilizing poor wireless hotel security - a rather clever technique for when business leaders are staying in hotels... 
 
The attacks have taken aim at business visitors in the United States, Japan, South Korea, India, mainland China, Russia, Germany, Hong Kong and Ireland. (more) (podcast)

Dragnet 2014 - "The IMSI Catcher Caper"

The Wall Street Journal has revealed details of a secret spy program. 

The newspaper says the justice department is collecting data from thousands of cell phones at major airports across the country.

The U.S. Marshals Service operates airplanes with a device (IMSI Catcher) on board that tricks your phone into thinking it is a cell tower.

Phones are programmed to connect automatically to the strongest cell tower signal, which is usually this new device at the airport. When it does, it transmits your unique registration information.

The newspaper says the technology is supposed to locate cell phones linked to criminal suspects, but in the process the government is collecting data on thousands of other people as well. (more)

New App to Detect Fake Cell Phone Towers

This is an Android-based project to detect and avoid fake base stations (IMSI-Catchers) in GSM/UMTS Networks.

Both law enforcement agencies and criminals use IMSI-Catchers, which are false mobile towers acting between the target mobile phone(s) and the service providers real towers. As such it is considered a Man In the Middle (MITM) attack. (more)

From the No Free Lunch Files

An accused perv landlord charged with secretly filming a woman he’d set up in a rent-free Upper West Side pad pleaded not guilty to several felony counts Monday.

Eli Kadoch, 48, was indicted on 10 counts of unlawful surveillance after allegedly setting up spy cameras in the W. 82nd St. apartment of Aksana Kuzmitskaya, where he allegedly watched her in the nude repeatedly for six months beginning in January.

Kuzmitskaya is suing Kadoch and another landlord, Michel Kadoe — who has not been charged criminally — for allegedly taping her most intimate moments after giving her a rent-free apartment while she worked for them as a maid.

Kuzmitskaya says the secret footage included her showering, having sex and using the bathroom. Cameras sent live feeds to Kadoe and Kadoch’s laptops, the lawsuit says. (more)

Monday, November 17, 2014

Kevin's Security Scrapbook - iPhone / iPad App - FREE

Get the latest
"Spy News from New York"
on your iPhone or iPad. 


The layout is beautiful, and the navigation is intuitive and easy. This is the most convenient way to read Kevin's Security Scrapbook.

Download the app onto your device now.

Friday, November 14, 2014

Why the Valet Needs to be Background Checked, or A Cell Phone Key Machine

Your metal key can be duplicated just by snapping a photo of it with a cell phone.

Leaving your keys unsecured is like writing your passwords on post-it notes. If it can be seen, it can be stolen.
  • Have you ever left your keys with a valet or parking garage attendant?
  • Does your administrative assistant leave keys for everything in an open desk?
  • Every loan a key to a friend, even just for a minute?
If so, you may want to re-key your lock. 


from Wired Magazine...
"My neighbor lives on the second floor of a Brooklyn walk-up, so when I came to his front door he tossed me a pair of keys rather than walk down the stairs to let me in. I opened the door, climbed the stairs, and handed his keys back to him. We chatted about our weekends. I drank a glass of water. Then I let him know that I would be back soon to gain unauthorized access to his home.

Less than an hour later, I owned a key to his front door.

What I didn’t tell my neighbor was that I spent about 30 seconds in the stairwell scanning his keys with software that would let me reproduce them with no specialized skills whatsoever."


Yikes! How did he do it?!?!
In this case, Key.Me made a key using the photos he took.


Spybusters Security Tip # 736: Add your keys to your private-parts list. Show them only to those you trust.

Coca-Cola Guards Best-Kept Secret in US But Not 55 Laptops - An Employee Sues

Coca-Cola is facing a potential class-action lawsuit after one of the people whose personal data was on one of a clutch of laptops stolen from the company says he suffered identity theft as a result of the breach.


Laptops thefts are a common occurrence for most large organizations but the circumstances surrounding the loss of 55 laptops over a six-year period from the drinks giant’s Atlanta office and a bottling firm it acquired were always puzzling.

Made public on 24 January this year, it turned out that an employee, Thomas William Rogers III, had allegedly taken the machines without their loss being realized. The machines contained the records of 74,000 people, all current or former employees, including 18,000 revealing social security numbers. (more)


Moral - Encrypt your laptop data.

Update: A Police Commander's Wife, Their Unlicensed PI Business and Spyware...

CA - A Northern California woman has pleaded guilty to wiretapping a police officer and other people and to possessing spyware.

The U.S. Attorney's Office says Monday that in pleading guilty, Kristin Nyunt admitted that from 2010 to 2012 she used spy software she purchased online.

Federal prosecutors say the 40-year-old woman installed the software on cell phones and computers of several people she spied on, including a police officer. (more) (background)

73,012 Unsecured Security Cameras You Can Watch

A site linked to 73,012 unsecured security camera locations in 256 countries – all because they are using default passwords.

from the website...
"Sometimes administrator (possible you too) forgets to set the default password on security surveillance system, online camera or DVR. This site now contains access only to cameras without a password and it is fully legal. Such online cameras are available for all internet users. To browse cameras just select the country or camera type.

This site has been designed in order to show the importance of the security settings. To remove your public camera from this site and make it private the only thing you need to do is to change your camera default password." (more)

Wednesday, November 5, 2014

$92 Million Dollar Surveillance Fence Coming to the US Border...

Don't worry US taxpayers. It's not our fence, we're just the immigrants.

"There's always a way, eh!"
Canada - A massive intelligence-gathering network of RCMP video cameras, radar, ground sensors, thermal radiation detectors and more will be erected along the U.S.-Canada border in Ontario and Quebec by 2018, the Mounties said Tuesday.

The $92-million surveillance web, formally known as the Border Integrity Technology Enhancement Project, will be concentrated in more than 100 “high-risk” cross-border crime zones spanning 700 kilometres of eastern Canada, said Assistant Commissioner Joe Oliver, the RCMP’s head of technical operations.

The network will be linked to a state-of-the-art “geospatial intelligence and automated dispatch centre” that will, among other things, integrate the surveillance data, issue alerts for high-probability targets, issue “instant imagery” to officers on patrol and produce predictive analysis reports. (more)

Weird World Bugging News...

Wait. What!?!?  An eavesdropping organ transplant scandal, 47 wiretapping cops, carte blanche surveillance in the USA, SRG's self-licking surveillance ice cream cone, and a spy shop morphing into a pot shop! Too weird.

Taiwan - Taipei mayoral candidate Sean Lien (連勝文) said yesterday that his opponent Ko Wen-je (柯文哲) should drop out of the election if police are not able to confirm the existence of the alleged eavesdropping devices that Ko's election team claimed they discovered connected to their office phone; Lien added that Ko is only trying to divert attention away from his recent human organ transaction scandal. (more)

Turkey - Malatya Police Department launched an investigation on Wednesday into 47 police officers, who are allegedly affiliated with the Gülen Movement, for unlawful wiretapping charges. According to initial reports, the investigation encompasses the wiretapping of phone conversations during the past four years. (more)

US - A federal regulatory body is discussing a rule change Nov. 5 that would allow the FBI to conduct electronic surveillance of devices wherever they're located. (more)

UK - Security Research Group shares jumped 17% as the electronic surveillance and property services firm accompanied a significant increase in half-year earnings with a bullish full year outlook. Its Specialist Electronics unit, which sells IED detectors to the military and bugging devices to police forces, recorded an operating profit of £274,000, up from £7,000. The division was helped by a £268,000 deal with Australian homeland security services for its ‘SuperBroom’ handheld detectors (ironically, a bug detector). (more)

NV - Medical marijuana businesses are one step closer to opening up shop in the Silver State... MediFarm is closing in on a deal to buy The Spy Shop building in Midtown. (more)

Tuesday, November 4, 2014

Smart Televisions Highly Susceptible to Hacking via Radio Transmission

Researchers discover a massive security flaw in smart TV’s that allow hackers to intercept data broadcasts, insert malicious code, and transform the TV into an antenna that infects all other Internet-connected devices in the household. 

Once the television is infected, it seeks out all other devices connected to the router.

The attacks are untraceable as no source IP address or DNS server is ever presented, instead, hackers perform a classic “man-in-the-middle” attack using radio transmissions. The hijacking, which was discovered by Yossef Oren and Angelos Keromytis from the Network Security Lab at Columbia University, can be accomplished with as little as a $250 antenna. (more) (video)

Rabbi Accused of Planting Mikvah SpyCams... Bails Out

Moving trucks are scheduled to show up at the Georgetown home of Rabbi Barry Freundel, according to signs posted in front of his home on O Street, not far from the Kesher Israel synagogue that provided the house for its longtime religious leader.
 
Freundel was arrested October 14 and charged with six counts of voyeurism for allegedly hiding video cameras in the synagogue’s mikvah, a ritual bath, to record women as they undressed and showered before entering. Police officers were seen carting computers and hard drives out of Freundel’s house on the day of the arrest.

Freundel, 62, pleaded not guilty and was released on his own recognizance, while police and prosecutors investigate videos and forensic evidence. (more) (back story)