SC - The mayor of the town of Lyman has been indicted on charges of wiretapping and misconduct in office.
A statement from the South Carolina Law Enforcement Division sent to local media outlets says Mayor Rodney Turner was indicted Friday by a Spartanburg County grand jury.
The 58-year-old Turner was charged earlier in August. According to the indictment, Turner used electronic devices to intentionally intercept the communications of employees working in and around Lyman Town Hall. more
Saturday, August 22, 2015
Friday, August 21, 2015
He's Back... The Air Gap Computer Hack
Researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center have discovered that virtually any cellphone infected with a malicious code can use GSM phone frequencies to steal critical information from infected “air-gapped” computers.
Air-gapped computers are isolated -- separated both logically and physically from public networks -- ostensibly so they cannot be hacked over the Internet or within company networks.
Led by BGU Ph.D. student Mordechai Guri, the research team discovered how to turn an ordinary air-gapped computer into a cellular transmitting antenna using software that modifies the CPU firmware. GSMem malicious software uses the electromagnetic waves from phones to receive and exfiltrate small bits of data, such as security keys and passwords...
This is the third threat the BGU cyber team has uncovered related to what are supposed to be secure, air-gapped computers. Last year, the researchers created a method called Air-Hopper, which utilizes FM waves for data exfiltration. Another research initiative, BitWhisper, demonstrated a covert bi-directional communication channel between two close-by air-gapped computers using heat to communicate. more
Air-gapped computers are isolated -- separated both logically and physically from public networks -- ostensibly so they cannot be hacked over the Internet or within company networks.
Led by BGU Ph.D. student Mordechai Guri, the research team discovered how to turn an ordinary air-gapped computer into a cellular transmitting antenna using software that modifies the CPU firmware. GSMem malicious software uses the electromagnetic waves from phones to receive and exfiltrate small bits of data, such as security keys and passwords...
This is the third threat the BGU cyber team has uncovered related to what are supposed to be secure, air-gapped computers. Last year, the researchers created a method called Air-Hopper, which utilizes FM waves for data exfiltration. Another research initiative, BitWhisper, demonstrated a covert bi-directional communication channel between two close-by air-gapped computers using heat to communicate. more
Thursday, August 20, 2015
Everything You Believed About Telephone Security is Wrong - The SS7 Scandal
The scary version...
A massive security hole in modern telecommunications is exposing billions of mobile phone users in the world to covert theft of their data, bugging of their voice calls, and geo-tracking of their location from by hackers, fraudsters, rogue governments and unscrupulous commercial operators using hundreds of online portals across the planet.
In a world-first, 60 Minutes has proven the worst nightmares of privacy advocates around the world: that mobile phone calls and data are wide open to interception because of flaws in the architecture of the signalling system – known as SS7 - used to enable mobile phone roaming across telecommunications providers. Despite this concern, the Australian Government’s own Cyber Security Threat Report, published in June, makes no mention of what is probably the biggest threat to this country’s commercial secrets and individual privacy.
60 Minutes’ story shows how German hackers working from Berlin, given legal access to SS7 for the purposes of the demonstration, were able to intercept and record a mobile phone conversation between 60 Minutes reporter Ross Coulthart while he was speaking from Germany to Independent Australian Senator Nick Xenophon in Australia’s Parliament House. As further proof of the hack, Coulthart then made another phone call from London, England, to the Senator in Australia which the Berlin hackers were also able to intercept and record, even though they were in Germany 1000 kilometres distant. The Berlin hackers from SR Labs, who first warned of the vulnerability in SS7 in 2008, were also able to intercept and read the Senator’s SMS’ from Australia to Coulthart in London. The hackers were also then able to geo-track the Senator as he travelled to Japan on official business, mapping his movements around Tokyo and Narita down to the nearest cell tower (within a few hundred metres), and later precisely tracking around the streets of his South Australian home suburb when he returned to Australia.
The demonstration also shows how the key fraud protection relied on by banks to protect banking transactions from fraud – verification by SMS message – is useless against a determined hacker with access to the SS7 portal because they can intercept and use the SMS code before it gets to the bank customer. The same technique can also be used to take over someone’s online email account. The call-forwarding capacity of SS7 also allows any mobile to be forcibly redirected to call hugely expensive premium numbers, the cost of which is then billed to that customer’s account. SS7 also allows any number to be blocked, raising the fearful possibility that the vulnerability could be used by criminals or terrorists to stop a victim from calling police or emergency services. Cellular telephony is also used to remotely manage large industrial equipment, to send instructions to gas, electricity and other utililities and factories over 2G and 3G mobile communications. It is not inconceivable that an SS7 hack could be used to change settings or shut down a power station. more
The counterpoint version...
If you own a mobile phone, “you can be bugged, tracked and hacked from anywhere in the world”. That was the throughline of a particularly problematic story on the 60 Minutes program last night. It’s now being hailed as “the end of privacy” for all Australians, but let me assure you, that moment passed a long time ago.
“How it has been done, has never been shown before”, claimed the 20-minute report which demonstrated how a vulnerability in a global forwarding network can be “hijacked” to listen in on a user’s calls and text messages in real time.
After a lot of teasing and set-up, the report eventually took us to a basement in Germany, where security researcher Luca Melette demonstrated how he could intercept a phone call between the reporter and Australian Senator Nick Xenophon. Luca was able to intercept the call (if we’re to believe that there wasn’t any camera trickery going on), as well as a text message sent between the pair. Big drums. The hack has been reveeeeeeealed. more
A massive security hole in modern telecommunications is exposing billions of mobile phone users in the world to covert theft of their data, bugging of their voice calls, and geo-tracking of their location from by hackers, fraudsters, rogue governments and unscrupulous commercial operators using hundreds of online portals across the planet.
In a world-first, 60 Minutes has proven the worst nightmares of privacy advocates around the world: that mobile phone calls and data are wide open to interception because of flaws in the architecture of the signalling system – known as SS7 - used to enable mobile phone roaming across telecommunications providers. Despite this concern, the Australian Government’s own Cyber Security Threat Report, published in June, makes no mention of what is probably the biggest threat to this country’s commercial secrets and individual privacy.
60 Minutes’ story shows how German hackers working from Berlin, given legal access to SS7 for the purposes of the demonstration, were able to intercept and record a mobile phone conversation between 60 Minutes reporter Ross Coulthart while he was speaking from Germany to Independent Australian Senator Nick Xenophon in Australia’s Parliament House. As further proof of the hack, Coulthart then made another phone call from London, England, to the Senator in Australia which the Berlin hackers were also able to intercept and record, even though they were in Germany 1000 kilometres distant. The Berlin hackers from SR Labs, who first warned of the vulnerability in SS7 in 2008, were also able to intercept and read the Senator’s SMS’ from Australia to Coulthart in London. The hackers were also then able to geo-track the Senator as he travelled to Japan on official business, mapping his movements around Tokyo and Narita down to the nearest cell tower (within a few hundred metres), and later precisely tracking around the streets of his South Australian home suburb when he returned to Australia.
The demonstration also shows how the key fraud protection relied on by banks to protect banking transactions from fraud – verification by SMS message – is useless against a determined hacker with access to the SS7 portal because they can intercept and use the SMS code before it gets to the bank customer. The same technique can also be used to take over someone’s online email account. The call-forwarding capacity of SS7 also allows any mobile to be forcibly redirected to call hugely expensive premium numbers, the cost of which is then billed to that customer’s account. SS7 also allows any number to be blocked, raising the fearful possibility that the vulnerability could be used by criminals or terrorists to stop a victim from calling police or emergency services. Cellular telephony is also used to remotely manage large industrial equipment, to send instructions to gas, electricity and other utililities and factories over 2G and 3G mobile communications. It is not inconceivable that an SS7 hack could be used to change settings or shut down a power station. more
The counterpoint version...
If you own a mobile phone, “you can be bugged, tracked and hacked from anywhere in the world”. That was the throughline of a particularly problematic story on the 60 Minutes program last night. It’s now being hailed as “the end of privacy” for all Australians, but let me assure you, that moment passed a long time ago.
“How it has been done, has never been shown before”, claimed the 20-minute report which demonstrated how a vulnerability in a global forwarding network can be “hijacked” to listen in on a user’s calls and text messages in real time.
After a lot of teasing and set-up, the report eventually took us to a basement in Germany, where security researcher Luca Melette demonstrated how he could intercept a phone call between the reporter and Australian Senator Nick Xenophon. Luca was able to intercept the call (if we’re to believe that there wasn’t any camera trickery going on), as well as a text message sent between the pair. Big drums. The hack has been reveeeeeeealed. more
Wednesday, August 19, 2015
Security Director Alert - NLRB Bans Blanket Confidentiality Policies for Workplace Investigations
It is common practice for employers to prohibit their employees from discussing ongoing workplace investigations.
Many employers believe that this restriction is necessary to ensure the integrity and fairness of investigations involving employee misconduct. As a result, employers often have policies that require confidentiality in all workplace investigations.
According to a 2015 decision by the National Labor Relations Board (NLRB), these policies are illegal. The decision, known as Banner Estrella, states that employers cannot enforce a blanket policy requiring confidentiality during workplace investigations. Because of this decision, many employers will need to update their policies and human resources (HR) practices. more
According to a 2015 decision by the National Labor Relations Board (NLRB), these policies are illegal. The decision, known as Banner Estrella, states that employers cannot enforce a blanket policy requiring confidentiality during workplace investigations. Because of this decision, many employers will need to update their policies and human resources (HR) practices. more
Priest Fleas After Spycam Discovered in Chuch Bathroom
OR - Father Ysrael Bien logged on to a spy-gear website and paid $295 for the hidden camera that was discovered last spring in a Sherwood church bathroom, according to information turned over to police this week.
The camera, designed to look like an electrical outlet, came from the online retailer SpyGuy Security based in Dallas, Texas. Police served a search warrant for transaction records there Monday after the business tipped them off.
A Washington County judge signed a warrant Tuesday for Bien's arrest on misdemeanor charges of invasion of privacy, tampering with evidence and initiating a false report, but police think the priest may not be in the U.S.
They did not find him at his last known address in Sherwood. Another priest there told them that Bien had left the country....
A 15-year-old St. Francis parishioner found the hidden camera affixed to a bathroom wall on April 26. The device looked like a power outlet placed at waist-height near the toilet. Thinking that was odd, the teenager pulled it off the wall and brought it to the priest. more
A Washington County judge signed a warrant Tuesday for Bien's arrest on misdemeanor charges of invasion of privacy, tampering with evidence and initiating a false report, but police think the priest may not be in the U.S.
They did not find him at his last known address in Sherwood. Another priest there told them that Bien had left the country....
A 15-year-old St. Francis parishioner found the hidden camera affixed to a bathroom wall on April 26. The device looked like a power outlet placed at waist-height near the toilet. Thinking that was odd, the teenager pulled it off the wall and brought it to the priest. more
Hamas Claims: We Trapped a Dolphin Spying for Israel
Hamas claimed on Wednesday that the terrorist organization trapped a dolphin that was spying for Israel.
Sources in Gaza say that the dolphin was outfitted with spyware and cameras, Army Radio reports. Israel has not confirmed that it has a dolphin spying on its behalf. more
Sources in Gaza say that the dolphin was outfitted with spyware and cameras, Army Radio reports. Israel has not confirmed that it has a dolphin spying on its behalf. more
Dressing Room SpyCam'er Convicted - Taped over 30 Females
NY - A Victor businessman is slapped with the maximum sentence after illegally videotaping dozens women in and outside his store.
At least nine women spoke directly to Glen Siembor in court today. Calling him a despicable man.
Glen Siembor was sentenced to 5-15 years for video tapping over 30 females anywhere from the ages of 8 to 49...
Siembor was convicted of 33 counts of 2nd degree unlawful surveillance and one count of possession of child pornography.
Many of his videos were taken in his victor shop's dressing room.. With the victims either nude or partially nude stood. more
Glen Siembor was sentenced to 5-15 years for video tapping over 30 females anywhere from the ages of 8 to 49...
Siembor was convicted of 33 counts of 2nd degree unlawful surveillance and one count of possession of child pornography.
Many of his videos were taken in his victor shop's dressing room.. With the victims either nude or partially nude stood. more
Trashnet - Garbage Trucks with License Plate Readers
CA - San Jose may enlist garbage trucks as eyes on the ground for a short-staffed police force.
Equipping trash haulers with license plate readers would turn them into roving scouts for the San Jose Police Department. Already, the trucks travel every city street every single week, covering more ground than a cop car.
Mayor Sam Liccardo proposed the idea with support from council members Raul Peralez—a former policeman—and Johnny Khamis. more
Mayor Sam Liccardo proposed the idea with support from council members Raul Peralez—a former policeman—and Johnny Khamis. more
Freaks Tattoo Owner Charged - Spied on Female Employee with (11) Hidden Cameras
MO - In March 2014, a 21-year-old woman who worked at, and lived in an apartment above, Nu Troost Tattoo (4101 Troost) discovered an intricate system of wires and hidden cameras installed inside her apartment that led down to a computer in the basement of the building. When the police were called, they found 11 hidden video cameras in the apartment. Four had been installed in the tenant's bathroom, including one with a view of the shower and one facing the toilet.
The building and the business were owned by a 47-year-old man named Rodney Sanell, who also owned the three branches of Freaks Tattoo and Piercing: Freaks on Broadway, Freaks on 39th, and Freaks on Noland. The woman told police that Sanell had been in her apartment to install smoke detectors while she was out of town the previous October. She also said Sanell had sexually propositioned her several times — advances she had rebuffed.
As we reported at the time, the discovery shook up the local tattoo community. Some Freaks tattoo artists quit on principle, some had to scramble to find new jobs, and others — who had nothing to do with Sanell's activity — tried to repair the Freaks public image.
Today, Jackson County Prosecutor Jean Peters Baker announced that Sanell will face 42 counts of invasion of privacy for using cameras to "observe victims in states of full or partial nudity without their knowledge," Baker's office says. Five victims — names withheld — are listed in the complaint. more
As we reported at the time, the discovery shook up the local tattoo community. Some Freaks tattoo artists quit on principle, some had to scramble to find new jobs, and others — who had nothing to do with Sanell's activity — tried to repair the Freaks public image.
Today, Jackson County Prosecutor Jean Peters Baker announced that Sanell will face 42 counts of invasion of privacy for using cameras to "observe victims in states of full or partial nudity without their knowledge," Baker's office says. Five victims — names withheld — are listed in the complaint. more
Tapes Released - Eavesdropping on Henry Kissinger's Telephone Conversations
CIA director William Colby’s openness about more odious U.S. intelligence practices did not go over well with Henry Kissinger.
Speaking on the phone with McGeorge Bundy, the National Security Advisor to Presidents John F. Kennedy and Lyndon B. Johnson, Kissinger referred to Colby as a “psychopath.”
[A film by the son of CIA spymaster William Colby has divided the Colby clan]
The two men were chatting about congressional investigations into the CIA activities post-Watergate and worried about leaks and misinformation.
“On top of it you have the pysopath(sic)/running the CIA. You accuse him of a traffic violation and he confesses murder,” Kissinger said in the June 1975 telephone conversation. Colby, Loop fans will recall, was replaced soon after as director of CIA by George H.W. Bush.
That conversation is part of 900 final Kissinger phone transcripts from the Gerald Ford administration released Wednesday by the National Security Archive, which sued the State Department in March to have them released. For history buffs the tapes are precious gold... more
[A film by the son of CIA spymaster William Colby has divided the Colby clan]
The two men were chatting about congressional investigations into the CIA activities post-Watergate and worried about leaks and misinformation.
“On top of it you have the pysopath(sic)/running the CIA. You accuse him of a traffic violation and he confesses murder,” Kissinger said in the June 1975 telephone conversation. Colby, Loop fans will recall, was replaced soon after as director of CIA by George H.W. Bush.
That conversation is part of 900 final Kissinger phone transcripts from the Gerald Ford administration released Wednesday by the National Security Archive, which sued the State Department in March to have them released. For history buffs the tapes are precious gold... more
...thus making future eavesdropping devices infinitely more effective.
Although the ability tends to wane as we get older, the human auditory system is pretty good at filtering out background noise and making a single voice able to be understood above the general hubbub of a crowded room.
But electronic devices, such as smartphones, aren't quite as gifted, which is why getting Siri or Google Now to understand you in crowded environments can be an exercise in futility. But now researchers have developed a prototype sensor that’s not only able to figure out the direction of a particular sound, but can also extract it from background noise.
To create the sensor, scientists at Duke University in Durham, North Carolina used a class of materials known as metamaterials, which boast properties not found in nature, and a signal processing technique known as compressive sensing. The disk-shaped device is made of plastic and doesn't have any electronic or moving parts. Rather, it features a honeycomb-like structure and is split into dozens of slices which each feature a unique pattern of cavities of different depths. It is these cavities that distort the sound waves and give the sensor its unique capabilities. more
But electronic devices, such as smartphones, aren't quite as gifted, which is why getting Siri or Google Now to understand you in crowded environments can be an exercise in futility. But now researchers have developed a prototype sensor that’s not only able to figure out the direction of a particular sound, but can also extract it from background noise.To create the sensor, scientists at Duke University in Durham, North Carolina used a class of materials known as metamaterials, which boast properties not found in nature, and a signal processing technique known as compressive sensing. The disk-shaped device is made of plastic and doesn't have any electronic or moving parts. Rather, it features a honeycomb-like structure and is split into dozens of slices which each feature a unique pattern of cavities of different depths. It is these cavities that distort the sound waves and give the sensor its unique capabilities. more
Sunday, August 16, 2015
See Through Walls by the Glow of Your Wi-Fi
Researchers at University College London (UCL) have devised a system for detecting the Doppler shifts of ubiquitous Wi-Fi and mobile telephone signals to “see” people moving, even behind masonry walls 25 centimeters thick.
Related...
Thursday, August 13, 2015
Secrets: Managing Information Assets in the Age of Cyberespionage
The following is from Jim Pooley’s new book on trade secrets — Secrets: Managing Information Assets in the Age of Cyberespionage.
Bankrupt networking giant Nortel reveals that its key executives’ email passwords were stolen and the company’s network hacked for a decade.
Boeing, hiring away Lockheed employees who bring documents to their new employer, pays $615 million to avoid criminal prosecution, while two of its former managers are indicted.
Apple scrambles to recover a sample of its unreleased new model iPhone that was left by an employee in a bar – a year after the same thing happened in a different bar.
Starwood employees leave to join Hilton, taking with them ideas for a new kind of hotel.
And the owner of Thomas’ English Muffins goes to court to protect its “nooks and crannies” recipe from being used by a competitor.
What do these corporate crises all have in common? Trade secrets. They reflect the enormous value of – and threats to – the most important assets of modern business...
Reading my new book — Secrets: Managing Information Assets in the Age of Cyberespionage — will give you a deeper understanding of how your business differentiates itself from the competition, and how it must work to keep its edge. As an executive or manager or small-business owner you will come away armed to protect and exploit your company’s advantages. As an individual you will have a greater appreciation for what intellectually belongs to you and how to use it to advance your career without being sued. And whatever your interest or line of work, you will have a much better understanding of how information has become the global currency of the 21st century.
Boeing, hiring away Lockheed employees who bring documents to their new employer, pays $615 million to avoid criminal prosecution, while two of its former managers are indicted.
Apple scrambles to recover a sample of its unreleased new model iPhone that was left by an employee in a bar – a year after the same thing happened in a different bar.
Starwood employees leave to join Hilton, taking with them ideas for a new kind of hotel.
And the owner of Thomas’ English Muffins goes to court to protect its “nooks and crannies” recipe from being used by a competitor.
What do these corporate crises all have in common? Trade secrets. They reflect the enormous value of – and threats to – the most important assets of modern business...
Reading my new book — Secrets: Managing Information Assets in the Age of Cyberespionage — will give you a deeper understanding of how your business differentiates itself from the competition, and how it must work to keep its edge. As an executive or manager or small-business owner you will come away armed to protect and exploit your company’s advantages. As an individual you will have a greater appreciation for what intellectually belongs to you and how to use it to advance your career without being sued. And whatever your interest or line of work, you will have a much better understanding of how information has become the global currency of the 21st century.
J. Wallace LaPrade, New York F.B.I. Chief in ’70s, Dies at 89
J. Wallace LaPrade, who oversaw the safe return of several celebrity kidnapping victims and was later fired as the Federal Bureau of Investigation’s
New York chief, accused of not being forthcoming about the bureau’s
role in illegally investigating radical groups in the 1970s, died on
July 31 in Lexington, Va. He was 89. more
(Thank you for giving me what I needed to get through college.)
(Thank you for giving me what I needed to get through college.)
NEW Cyber-Flashing - Thus proving there is a first time for everything.
Police are investigating a "new" crime of cyber-flashing after a commuter received an indecent image on her phone as she traveled to work. The victim received two pictures of an unknown man's (you know what) on her phone via Apple's Airdrop sharing function.
Lorraine Crighton-Smith, 34, said she felt "violated" and reported it to the British Transport Police (BTP). Supt Gill Murray said this particular crime was new to her force and urged people to report any other incidents. more
Lorraine Crighton-Smith, 34, said she felt "violated" and reported it to the British Transport Police (BTP). Supt Gill Murray said this particular crime was new to her force and urged people to report any other incidents. more
Subscribe to:
Posts (Atom)