When a leading cybersecurity firm discovered it had been hacked last year by a virus widely believed to be used by Israeli spies, it wanted to know who else was on the hit list. It checked millions of computers world-wide and three luxury European hotels popped up. The other hotels the firm tested, thousands in all, were clean.
Researchers at the firm, Kaspersky Lab, weren't sure what to make of the results. Then they realized what the three hotels had in common. Each was targeted before hosting high-stakes negotiations between Iran and world powers over curtailing Tehran's nuclear program. more
Spybuster Tip # 732: Know what else is going on in your hotel before you make the decision to use their Internet service.
Wednesday, June 10, 2015
Tuesday, June 9, 2015
Drones and Counter-Drones
As regular readers know, the Security Scrapbook follows drone development. Our Canadian Blue Blaze Irregular checks in:
Kevin, This is making a big splash in the news today out our way... Despite the relatively short flight time (it can be worked on) this would have been greatly appreciated by many of the people we’ve met. Usually they would have had great fun if it were available in their past life. Another ‘interesting’ toy. All kinds of possibilities. ~WM
And now, the drone antidote...
Kevin, This is making a big splash in the news today out our way... Despite the relatively short flight time (it can be worked on) this would have been greatly appreciated by many of the people we’ve met. Usually they would have had great fun if it were available in their past life. Another ‘interesting’ toy. All kinds of possibilities. ~WM
And now, the drone antidote...
Counterespionage Tip # 529 - Encryption as a Legal Defense
We strongly encourage companies possessing or transmitting personally identifiable information (PII), protected health information (PHI), financial or other sensitive data, including trade secrets, to use encryption. Why? Because, if employed properly, it is both effective and legally defensible.
Why should you use it?
You should use encryption because it gives you legal protection. Few laws specifically require encryption. HIPAA generally doesn’t. State statutes don’t. Nor does the Gramm Leach Bliley Act’s Safeguard’s Rule. Yet if you are not encrypting PII, PHI, or financial data, you are putting yourself at risk. Those laws expect you to take reasonable precautions. And using encryption, and using it properly, is a reasonable precaution when it comes to dealing with sensitive data. HIPAA, for example, provides that encryption should be used where “the entity has determined that the specification is a reasonable and appropriate safeguard in its risk management of the confidentiality, integrity and availability” of the information or else implement an “equivalent alternative measure if reasonable and appropriate,” and document why encryption wasn’t the best choice. more
You should use encryption because it gives you legal protection. Few laws specifically require encryption. HIPAA generally doesn’t. State statutes don’t. Nor does the Gramm Leach Bliley Act’s Safeguard’s Rule. Yet if you are not encrypting PII, PHI, or financial data, you are putting yourself at risk. Those laws expect you to take reasonable precautions. And using encryption, and using it properly, is a reasonable precaution when it comes to dealing with sensitive data. HIPAA, for example, provides that encryption should be used where “the entity has determined that the specification is a reasonable and appropriate safeguard in its risk management of the confidentiality, integrity and availability” of the information or else implement an “equivalent alternative measure if reasonable and appropriate,” and document why encryption wasn’t the best choice. more
The Post-it Note Attack Finally Makes it into an HBO Script
A post-it note with a password written on it, posted on the computer, or somewhere nearby. It's one of the most common information security slip-ups that I see. This icon of stupidity has finally made it into an HBO script (courtesy of Silicon Valley). Even hackers treat this with disdain...
Friday, June 5, 2015
NSA Spy Cam Blocker
That little front facing camera on your laptop or tablet...
can be a window for the world to see you - whether you know it or not! Stop hackers and the NSA with this simple camera blocker. Safe and practical. more
Spy - The Movie
In the mood for a spy movie this weekend?
"Melissa McCarthy made her bones as a scene-stealing supporting player, but her starring vehicles have only occasionally made the most of her comic gifts. Until now, that is: critics say Spy is an inspired, uproarious spoof of espionage thrillers loaded with self-effacing performances and sharp jabs at workplace sexism." more
"Melissa McCarthy made her bones as a scene-stealing supporting player, but her starring vehicles have only occasionally made the most of her comic gifts. Until now, that is: critics say Spy is an inspired, uproarious spoof of espionage thrillers loaded with self-effacing performances and sharp jabs at workplace sexism." more
Let's YTRAP, mate!
A new kind of party craze has many Australians scrambling for invitations.
Crypto parties, where people gather to learn online encryption, are attracting everyone from politicians, to business people, to activists.
Two years after US spy agency contractor Edward Snowden leaked documents from the National Security Agency exposing mass global internet surveillance, there is rapidly growing interest in protecting online activity.
There have been crypto parties in Brazil, Germany and the UK, and more than a dozen have already been held in Australia.
Apps like Wickr, Confide and WhatsApp have taken encryption out of the geek lab and to the masses. more
Two years after US spy agency contractor Edward Snowden leaked documents from the National Security Agency exposing mass global internet surveillance, there is rapidly growing interest in protecting online activity.
There have been crypto parties in Brazil, Germany and the UK, and more than a dozen have already been held in Australia.
Apps like Wickr, Confide and WhatsApp have taken encryption out of the geek lab and to the masses. more
Better grab their car key, too.
...security giant G4S will confiscate smartphones from shareholders and journalists at its AGM in London after activists used them to film their violent removal by security staff at last year’s event.
The blanket ban, which includes staff and board members, comes a year after activists, who bought shares to attend the meeting, staged filmed interventions. The footage later appeared in the UK media.
A spokesman for G4S told the Guardian newspaper: “Last year we had a large number of protesters who were effectively staging demonstrations in the meeting and they were filming it.
“The intention is not to suppress the legitimate free speech of people but it is just simply to maintain some degree of security for our people in the meeting. That is the rationale.” more
A spokesman for G4S told the Guardian newspaper: “Last year we had a large number of protesters who were effectively staging demonstrations in the meeting and they were filming it.
“The intention is not to suppress the legitimate free speech of people but it is just simply to maintain some degree of security for our people in the meeting. That is the rationale.” more
Wednesday, June 3, 2015
Hero4 Minicam Easily Forced into Spycam Servitude by "Criminals"
A security firm has warned it is "too easy" for criminals to take control of GoPro cameras which could then be used to spy on their owners.
Pen Test Partners showed the BBC how it could gain access to a Hero4 camera that appeared to be turned off, to secretly watch or eavesdrop on users, or to view and delete existing videos.
The attack relied on victims setting simple passwords which could be guessed by software within seconds.
GoPro said its security was adequate. more
The attack relied on victims setting simple passwords which could be guessed by software within seconds.
GoPro said its security was adequate. more
Cody Labs - One Smart Espionage-Savvy Company
Pharmaceutical company Cody Laboratories Inc. occupied its new $3.7
million. 11,000-square-foot warehouse Monday after a ribbon-cutting that
drew Gov. Matt Mead and other dignitaries.
James Klessens, CEO of Forward Cody, an economic development agency, said the company is helping Cody keep Wyomingites in Wyoming.
“If you want to see the warehouse you better come yesterday because after today nobody in the general public is going to gain access to that building,” Klessens said. He indicated that as a pharmaceutical company Cody Labs has to worry about corporate espionage and defending trade secrets, making them an enormously private company. more
James Klessens, CEO of Forward Cody, an economic development agency, said the company is helping Cody keep Wyomingites in Wyoming.
“If you want to see the warehouse you better come yesterday because after today nobody in the general public is going to gain access to that building,” Klessens said. He indicated that as a pharmaceutical company Cody Labs has to worry about corporate espionage and defending trade secrets, making them an enormously private company. more
Free Spycam Detection Advice on the Net (Worth exactly what you paid for it.)
How to Detect Hidden Spy Cam in Dressing Room
There are camera which are smaller in size that could capture HD videos and possibly hides its presence from Human eye. So conduct this simple test to check whether you are really "Private" with no hidden cameras monitoring.
Note: There exist some problem with the above test in low signal areas - Entering closed cabin with low mobile signal will further vanish the meagre (sic) signal earlier available, hence result in out of coverage. more
This is total nonsense of course, but sadly, many trusting souls will believe it. If you really need to make sure your "expectation of privacy" areas are free from spy cameras, may I suggest spycamdetection.training.
There are camera which are smaller in size that could capture HD videos and possibly hides its presence from Human eye. So conduct this simple test to check whether you are really "Private" with no hidden cameras monitoring.
- Enter trial room with your mobile phone and ensure mobile signal to make calls.
- Try to make call inside the private room, if there is a "Hidden Camera" you cannot make calls due to interference of fiber optics during signal transfer which blocks mobile callls. (sic)
- Making calls without any interference is the sign of Camera free room.
This is total nonsense of course, but sadly, many trusting souls will believe it. If you really need to make sure your "expectation of privacy" areas are free from spy cameras, may I suggest spycamdetection.training.
Bionic Ear Comes with Wireless Microphone and Control App
Soundhawk is an ear-worn "smart listening system," which the company is very careful to describe as ... well, anything but a hearing aid...
There are two parts: the "scoop" (that's it on the right, above) which is the listening device that you put in your ear, and the "wireless mic," which you can (optionally) place near someone who's talking to you in a noisy environment. The wireless mic can either rest on a table or clip onto something like a shirt or jacket. And you can easily switch between modes using one of the buttons on the earpiece. Using the scoop alone, the audio enhancement is quite good.
...it all connects to your smartphone via Bluetooth Low Energy. The companion app lets you choose among four different listening modes (indoors, outdoors, driving and restaurants), each of which you can customize for brighter or fuller audio, as well as the level of the boost. There's also an output volume control.
There's also the potential for some serious eavesdropping here, if you tuned the settings for that... our closed-door simulations allowed us to understand faint whispers from across a bedroom. The next time you're whispering a secret to a friend, watch out for people wearing Soundhawks in the area. They might be able to hear you. more
Why do I mention it?
So you will know what you're up against.
...it all connects to your smartphone via Bluetooth Low Energy. The companion app lets you choose among four different listening modes (indoors, outdoors, driving and restaurants), each of which you can customize for brighter or fuller audio, as well as the level of the boost. There's also an output volume control.
There's also the potential for some serious eavesdropping here, if you tuned the settings for that... our closed-door simulations allowed us to understand faint whispers from across a bedroom. The next time you're whispering a secret to a friend, watch out for people wearing Soundhawks in the area. They might be able to hear you. more
Why do I mention it?
So you will know what you're up against.
Saturday, May 30, 2015
Antalya Police Tears Down its Office Walls, Paranoid About Bugging
Turkey - The police intelligence unit in Turkey’s primary holiday resort province Antalya has torn down its own walls in a search for a bugging device according to a tip, fueling the debate on government wiretapping.
The search was reported to have been conducted sometime in the past 8 months and apparently had not uncovered any device. The incident is likely to be regarded as indicative of the extent Turkey’s wiretap saga has reached.
Police intelligence forces who were detained and released over eight months ago were once again detained earlier in the week, in one of the latest episodes of the raids to target the police force over illegal wiretapping allegations.
Since the dated December 17, 2013 corruption probe which implicated the government, “illegal wiretapping” cases has resulted in the mass purge of the police force with hundreds of hundreds being imprisoned. Critics have slammed the government for arbitrarily using the allegations as a pretext to politicize the force. more
The search was reported to have been conducted sometime in the past 8 months and apparently had not uncovered any device. The incident is likely to be regarded as indicative of the extent Turkey’s wiretap saga has reached.Police intelligence forces who were detained and released over eight months ago were once again detained earlier in the week, in one of the latest episodes of the raids to target the police force over illegal wiretapping allegations.
Since the dated December 17, 2013 corruption probe which implicated the government, “illegal wiretapping” cases has resulted in the mass purge of the police force with hundreds of hundreds being imprisoned. Critics have slammed the government for arbitrarily using the allegations as a pretext to politicize the force. more
Friday, May 29, 2015
China Didn't Invent Industrial Espionage
The U.S. Justice Department last week charged six Chinese scientists for stealing trade secrets and engaging in industrial espionage on behalf of China.
A separate case, announced Friday, involved the former chairman of the physics department at Temple University, a China-born U.S. citizen who allegedly passed along semiconductor technology while working at an unnamed American company.
Such cases often are held up as evidence of China’s perfidy and unscrupulous dealings in the global economy. But before getting into high dudgeon mode, the U.S., and for that matter, almost every Western nation, might wish to remember their own, no-holds-barred campaigns to swipe industrial secrets.
In fact, one of the first cases involved the theft of industrial secrets from China. In the 17th and 18th centuries, the Chinese alone possessed the ability to produce high-end “hard-paste” porcelain, an expensive material beloved by Europe’s elites. In the 1680s, a French Jesuit, Pere d’Entrecolles, traveled to China, where he saw the kilns and likely read technical works on the subject... more
Such cases often are held up as evidence of China’s perfidy and unscrupulous dealings in the global economy. But before getting into high dudgeon mode, the U.S., and for that matter, almost every Western nation, might wish to remember their own, no-holds-barred campaigns to swipe industrial secrets.
In fact, one of the first cases involved the theft of industrial secrets from China. In the 17th and 18th centuries, the Chinese alone possessed the ability to produce high-end “hard-paste” porcelain, an expensive material beloved by Europe’s elites. In the 1680s, a French Jesuit, Pere d’Entrecolles, traveled to China, where he saw the kilns and likely read technical works on the subject... more
Thursday, May 28, 2015
Business Espionage - Quote of the Week
"Commercial espionage is considered to be on the rise as our dependence on digital data – and technologies in the workplace – becomes more and more severe... We're only seeing the tip of the iceberg at the moment." ~ Dr Dionysios Demetis, Hull University Business School (UK) more
Subscribe to:
Posts (Atom)