Feeling particularly masochistic? Boy do we have a trick for you. If you’d like to permanently brick (that is, render unusable) your iPhone, just turn back time. It’s not as hard as it sounds — all you have to do is set the date to January 1, 1970. It’s a time when the iPhone didn’t exist, and if you do it, your iPhone won’t exist (in working condition) anymore, either.
So for the rest of us who would like to maintain a functioning mobile device, please, please, avoid this dangerous date. It apparently affects all 64-bit iOS 8 and iOS 9 phones, as well as tablets using Apple’s A7, A8, A8X, A9, and A9X processor. more
Saturday, February 13, 2016
17th-Century Female Spies Smuggled Information Through Eggs and Artichokes
In the 17th century, espionage was more diverse than you might think. Not only did female spies exist, they employed some of the most fascinating techniques in their information gathering.
Forthcoming research into female spies that operated in Europe and England at the time shows that they utilized an ingenious arsenal of tools, such as eggs and artichokes, to smuggle secrets.
While Dr. Nadine Akkerman of Leiden University was examining letters sent by Elizabeth Stuart, Queen of Bohemia during her exile in the Hague, she discovered that some were filled with secret codes...
Akkerman found about 60 such instances of female spies in the 17th century while researching for her upcoming monograph, “Female Spies or 'she-Intelligencers': Towards a Gendered History of Seventeenth-Century Espionage.” British playwright and poet Aphra Behn was one such spy, employed by King Charles to conduct political espionage in Antwerp under the code names "Astrea" and "Agent 160." In collaboration with MIT, Akkerman has produced several mesmerizing videos that recreate some of the ingenious methods used by female spies for their secret correspondences.
Forthcoming research into female spies that operated in Europe and England at the time shows that they utilized an ingenious arsenal of tools, such as eggs and artichokes, to smuggle secrets.
While Dr. Nadine Akkerman of Leiden University was examining letters sent by Elizabeth Stuart, Queen of Bohemia during her exile in the Hague, she discovered that some were filled with secret codes...
Akkerman found about 60 such instances of female spies in the 17th century while researching for her upcoming monograph, “Female Spies or 'she-Intelligencers': Towards a Gendered History of Seventeenth-Century Espionage.” British playwright and poet Aphra Behn was one such spy, employed by King Charles to conduct political espionage in Antwerp under the code names "Astrea" and "Agent 160." In collaboration with MIT, Akkerman has produced several mesmerizing videos that recreate some of the ingenious methods used by female spies for their secret correspondences.
Friday, February 12, 2016
Skype Scalper
A new piece of malware making the rounds intercepts Skype communications and takes custom backdoor software a step forward, according the researchers with Palo Alto Networks, who discovered it. Dubbed T9000, the malware contains a host of cybercriminal bells and whistles.
"Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach," say researchers Josh Grunzweig and Jen Miller-Osborn. "In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications, and specifically target Skype users." more
"Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach," say researchers Josh Grunzweig and Jen Miller-Osborn. "In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications, and specifically target Skype users." more
Three Laptop Thefts - A Coordinated Espionage Attack
South Africa - The DA suspects espionage might be at play in the theft of laptops belonging to members.
KwaZulu-Natal DA MPL Francois Rodgers and another staff member lost their laptops and other equipment in separate theft incidents in Kokstad within a month.
Rodgers said the home of a party staff member was broken into on Saturday, and a laptop, a hard drive and a diary from the staff member’s briefcase were stolen.
“What makes this even more sinister is the fact that in the very same room was another briefcase containing a laptop and tablet, yet nothing else was removed from the home,” he said.
Rodgers said the thieves had gained entry to the house through the back door, while the member and his family were asleep.
He said the Saturday break-in followed a theft out of his own vehicle a month ago.
“The first occurrence was coincidentally on the very same day that three DA councillors resigned and defected to the ANC." more
This is a cautionary tale.
It details some pretty brazen acts of espionage; bush league acts, due to their obviousness. Pros get what they want by entering business locations, after hours, to duplicate drives and scavenge other information. You'll never know they were there, or that you lost anything.
Recommendations:
• Conduct an after-hours information security survey to see what information is left out, unsecured and un-encrypted.
• Check your perimeter security hardware and access procedures. Make sure they haven't decayed over time.
These two items are the most common vulnerabilities we discover during our clients' surveys. ~Kevin
KwaZulu-Natal DA MPL Francois Rodgers and another staff member lost their laptops and other equipment in separate theft incidents in Kokstad within a month.
Rodgers said the home of a party staff member was broken into on Saturday, and a laptop, a hard drive and a diary from the staff member’s briefcase were stolen.
“What makes this even more sinister is the fact that in the very same room was another briefcase containing a laptop and tablet, yet nothing else was removed from the home,” he said.
Rodgers said the thieves had gained entry to the house through the back door, while the member and his family were asleep.
He said the Saturday break-in followed a theft out of his own vehicle a month ago.
“The first occurrence was coincidentally on the very same day that three DA councillors resigned and defected to the ANC." more
This is a cautionary tale.
It details some pretty brazen acts of espionage; bush league acts, due to their obviousness. Pros get what they want by entering business locations, after hours, to duplicate drives and scavenge other information. You'll never know they were there, or that you lost anything.
Recommendations:
• Conduct an after-hours information security survey to see what information is left out, unsecured and un-encrypted.
• Check your perimeter security hardware and access procedures. Make sure they haven't decayed over time.
These two items are the most common vulnerabilities we discover during our clients' surveys. ~Kevin
Physical Security a Growing Threat to Organizations
Physical security is seen as growing concern for business continuity professionals, according to the fifth annual Horizon Scan Report published by the Business Continuity Institute, in association with BSI. Among the ranks of potential threats that organizations face, acts of terrorism gained six places from 10th in 2015 to 4th this year, while security incidents moved from 6th place to 5th place. more
A proper TSCM / Information Security inspection can help in all areas of concern. |
What if Sacha Baron Cohen was the brother of James Bond?
That is essentially the plot of The Brothers Grimsby. Seems harmless enough. But, if we've learned anything from past Cohen comedies (Ali G, Borat, Bruno), it will be anything but wholesome.
The Brothers Grimsby will be in theaters March 11.
The Brothers Grimsby will be in theaters March 11.
Thursday, February 11, 2016
Tests Reveal Windows 10 Spying Is Out Of Control
Back in November Microsoft confirmed Windows 10’s worst kept secret: its extensive telemetry (or ‘spying’ as it has been labelled) cannot be stopped. What no-one realized until now, however, is just how staggering the extent of this tracking really is…
Blowing the lid on it this week is Voat user CheesusCrust whose extensive investigation claims Windows 10 contacts Microsoft to report data thousands of times per day. And the kicker? This happens after choosing a custom Windows 10 installation and disabling all three pages of tracking options which are all enabled by default.
The raw numbers come out as follows: in an eight hour period Windows 10 tried to send data back to 51 different Microsoft IP addresses over 5500 times. After 30 hours of use, Windows 10 expanded that data reporting to 113 non-private IP addresses. Being non-private means there is the potential for hackers to intercept this data.
Taking this a step further, the testing was then repeated on another Windows 10 clean installation again with all data tracking options disabled and third party tool DisableWinTracking was also installed which tries to shut down all hidden Windows 10 data reporting attempts. At the end of the 30 hour period Windows 10 had still managed to phone home with data 2758 times to 30 different IP addresses. more
UPDATE 2/12/16 (Another opinion.) - Windows 10 users who might be in a state of panic after reading an alarmist report claiming the OS is "spying" on PCs with thousands of data transfers a day can rest easy. The report was based on comments from a so-called security expert's comments that have since been deleted. more
Blowing the lid on it this week is Voat user CheesusCrust whose extensive investigation claims Windows 10 contacts Microsoft to report data thousands of times per day. And the kicker? This happens after choosing a custom Windows 10 installation and disabling all three pages of tracking options which are all enabled by default.
The raw numbers come out as follows: in an eight hour period Windows 10 tried to send data back to 51 different Microsoft IP addresses over 5500 times. After 30 hours of use, Windows 10 expanded that data reporting to 113 non-private IP addresses. Being non-private means there is the potential for hackers to intercept this data.
Taking this a step further, the testing was then repeated on another Windows 10 clean installation again with all data tracking options disabled and third party tool DisableWinTracking was also installed which tries to shut down all hidden Windows 10 data reporting attempts. At the end of the 30 hour period Windows 10 had still managed to phone home with data 2758 times to 30 different IP addresses. more
UPDATE 2/12/16 (Another opinion.) - Windows 10 users who might be in a state of panic after reading an alarmist report claiming the OS is "spying" on PCs with thousands of data transfers a day can rest easy. The report was based on comments from a so-called security expert's comments that have since been deleted. more
Spy Shop Sales Soaring Ahead of Valentine’s Day
Valentine's Day is the time of the year when couples all over the country profess their love.
That is, unless you suspect your significant other of cheating. But you don’t have to go on a reality show to find an unfaithful spouse.
“You can actually buy the equipment out right and do it yourself and have that equipment forever,” Spy Guy Allen Walton told NewsFix.
Walton's been selling spy gear for the last seven years, and he says when it comes to this hallmark holiday, his store sees a spike in business. more
That is, unless you suspect your significant other of cheating. But you don’t have to go on a reality show to find an unfaithful spouse.
“You can actually buy the equipment out right and do it yourself and have that equipment forever,” Spy Guy Allen Walton told NewsFix.
Walton's been selling spy gear for the last seven years, and he says when it comes to this hallmark holiday, his store sees a spike in business. more
"Isil help desk. Have you tried turning it off and on again?"
The Islamic State of Iraq and the Levant (Isil) is telling members how to avoid internet surveillance by Western authorities with an online "help desk".
The advice is offered through a channel on encrypted messaging app Telegram, and has about 2,200 members.
The channel is operated by Isil cyber security experts that call themselves the Electronic Horizon Foundation (EHF)... more
The advice is offered through a channel on encrypted messaging app Telegram, and has about 2,200 members.
The channel is operated by Isil cyber security experts that call themselves the Electronic Horizon Foundation (EHF)... more
Business Espionage Alert - Bribing for Passwords
Ireland has a new problem to throw at Apple: hackers are trying to buy company logins from employees. In some cases, employees are being offered upwards of €20,000 (about US$22,245) in efforts to coax out user names and passwords.
An Apple employee told Business Insider, "You'd be surprised how many people get on to us, just random Apple employees. You get emails offering you thousands [of euros] to get a password to get access to Apple."
Hackers are reportedly also targeting Apple employees for company information.
Exactly what hackers expect to accomplish once they have logins isn't clear. They may be trying to conduct industrial espionage (well, duh), dig up personal information, disrupt company plans, or something else entirely. more
You can bet this isn't just happening at Apple. Warn your employees you are on to this, watching for it, and will prosecute disloyal employees. ~Kevin
An Apple employee told Business Insider, "You'd be surprised how many people get on to us, just random Apple employees. You get emails offering you thousands [of euros] to get a password to get access to Apple."
Hackers are reportedly also targeting Apple employees for company information.
Exactly what hackers expect to accomplish once they have logins isn't clear. They may be trying to conduct industrial espionage (well, duh), dig up personal information, disrupt company plans, or something else entirely. more
You can bet this isn't just happening at Apple. Warn your employees you are on to this, watching for it, and will prosecute disloyal employees. ~Kevin
Bugging & Wiretapping History - "The Eavesdroppers"
In July 1956, the Pennsylvania Bar Association Endowment (PBAE) commissioned a comprehensive study of "wiretapping practices, laws, devices, and techniques" in the United States... The man appointed to direct the study was Samuel Dash... The result of Dash's efforts was The Eavesdroppers, a 483-page report co-authored with Knowlton and Schwartz. Rutgers University Press published it as a standalone volume in 1959. The book uncovered a wide range of privacy infringements on the part of state authorities and private citizens, a much bigger story than the PBAE had anticipated...
The eavesdropping threat loomed large during the 1950s and 1960s: in the work of state and local law enforcement agencies, who wiretapped extensively in criminal investigations; in the exploits of private investigators and eavesdropping specialists, who capitalized on technological innovations to expand their industry's reach; and, perhaps most importantly, in the contradictions of state and federal lawmakers, who sent conflicting messages about the legitimacy of eavesdropping practices that had dogged the nation's communications infrastructure for more than a century...
Wiretapping is as old as wired communication. Civil War generals traveled with professional telegraph tappers in the 1860s, law enforcement agencies began planting telephone taps in the 1890s, and corporate communications giants tacitly sanctioned state and federal eavesdropping programs of various sorts for most of the twentieth century. Somewhat surprisingly, this wasn't a drama that played out in the shadows of American life. Police eavesdropping garnered front-page headlines during the 1920s, when the telephone tap emerged as an effective tool in the enforcement of Prohibition laws...
Eavesdropping technologies of various sorts have been around for centuries. Prior to the invention of recorded sound, the vast majority of listening devices were extensions of the built environment. Perhaps nodding to the origins of the practice (listening under the eaves of someone else's home, where rain drops from the roof to the ground), early modern architects designed buildings with structural features that amplified private speech. The Jesuit polymath Athanasius Kircher (1601-1680) devised cone-shaped ventilation ducts for palaces and courts that allowed eavesdroppers to listen to other people's conversations. Catherine de' Medici (1519-1589) is said to have installed similar structures in the Louvre to keep tabs on individuals who might have plotted against her. Architectural listening systems weren't always a product of intentional design. Domes in St. Paul's Cathedral in London and the U.S. Capitol building still serve as inadvertent "whispering galleries," enabling prying ears to hear conversations held on the other side of the room. Archaeologists have discovered acoustical arrangements like these dating back to 3000 B.C.E. Many were used for eavesdropping...
The earliest electronic eavesdropping technologies functioned much like architectural listening systems. When installed in fixed locations—under floorboards and rugs, on walls and windows, inside desks and bookcases—early-twentieth-century devices like the Detectifone, a technological cousin to the more common Dictaphone, proved surprisingly effective...
The devices that we now think of as "bugs" emerged much later. During the late 1940s, electronic innovations made it possible for eavesdroppers to miniaturize listening technologies like the Detectifone. This made them easier to hide. It also freed them from the strictures of the built environment, dramatically expanding their reach. Reports of an American bugging epidemic began circulating in the early 1950s—first, as glimpses of the man-made miracle of electronics miniaturization began to appear in national newspapers, popular magazines, and Hollywood films, and later as congressional subcommittees revealed scandalous tools of the eavesdropping trade on the floor of the United States Senate. more
The eavesdropping threat loomed large during the 1950s and 1960s: in the work of state and local law enforcement agencies, who wiretapped extensively in criminal investigations; in the exploits of private investigators and eavesdropping specialists, who capitalized on technological innovations to expand their industry's reach; and, perhaps most importantly, in the contradictions of state and federal lawmakers, who sent conflicting messages about the legitimacy of eavesdropping practices that had dogged the nation's communications infrastructure for more than a century...
Wiretapping is as old as wired communication. Civil War generals traveled with professional telegraph tappers in the 1860s, law enforcement agencies began planting telephone taps in the 1890s, and corporate communications giants tacitly sanctioned state and federal eavesdropping programs of various sorts for most of the twentieth century. Somewhat surprisingly, this wasn't a drama that played out in the shadows of American life. Police eavesdropping garnered front-page headlines during the 1920s, when the telephone tap emerged as an effective tool in the enforcement of Prohibition laws...
Eavesdropping technologies of various sorts have been around for centuries. Prior to the invention of recorded sound, the vast majority of listening devices were extensions of the built environment. Perhaps nodding to the origins of the practice (listening under the eaves of someone else's home, where rain drops from the roof to the ground), early modern architects designed buildings with structural features that amplified private speech. The Jesuit polymath Athanasius Kircher (1601-1680) devised cone-shaped ventilation ducts for palaces and courts that allowed eavesdroppers to listen to other people's conversations. Catherine de' Medici (1519-1589) is said to have installed similar structures in the Louvre to keep tabs on individuals who might have plotted against her. Architectural listening systems weren't always a product of intentional design. Domes in St. Paul's Cathedral in London and the U.S. Capitol building still serve as inadvertent "whispering galleries," enabling prying ears to hear conversations held on the other side of the room. Archaeologists have discovered acoustical arrangements like these dating back to 3000 B.C.E. Many were used for eavesdropping...
Click to enlarge. |
The devices that we now think of as "bugs" emerged much later. During the late 1940s, electronic innovations made it possible for eavesdroppers to miniaturize listening technologies like the Detectifone. This made them easier to hide. It also freed them from the strictures of the built environment, dramatically expanding their reach. Reports of an American bugging epidemic began circulating in the early 1950s—first, as glimpses of the man-made miracle of electronics miniaturization began to appear in national newspapers, popular magazines, and Hollywood films, and later as congressional subcommittees revealed scandalous tools of the eavesdropping trade on the floor of the United States Senate. more
Tuesday, February 9, 2016
More Eavesdropping Resistant than a Brick S-House
By replacing the limestone and sand
typically used in concrete with a mineral called magnetite, Tuan has shown that the mixture can also shield against electromagnetic waves.
The electromagnetic spectrum includes the radio-frequency waves transmitted and received by cellphones, which Tuan said could make the concrete mixture useful to those concerned about becoming targets of industrial espionage.
Using the magnetite-embedded concrete, researchers have built a small structure in their laboratory that demonstrates the material's shielding capabilities. more
typically used in concrete with a mineral called magnetite, Tuan has shown that the mixture can also shield against electromagnetic waves.
The electromagnetic spectrum includes the radio-frequency waves transmitted and received by cellphones, which Tuan said could make the concrete mixture useful to those concerned about becoming targets of industrial espionage.
Using the magnetite-embedded concrete, researchers have built a small structure in their laboratory that demonstrates the material's shielding capabilities. more
Monday, February 8, 2016
Employee Bugs Boss, or Bad Hair Day Beef
A labor dispute in a city hair salon
became criminal when an employee made an audio recording of her boss, without the boss' knowledge, said Acting Deputy Police Chief Frank Warchol.
The employee, Nichole Brock, 35, of 89 Linden St. Unit B, Exeter, was arrested Monday on a misdemeanor count of wiretapping, police reported. Warchol said the law prohibits recording anyone without consent from all parties being recorded and that Brock's recording was made secretly. He said the underlying dispute was not criminal, but the recording was. more
became criminal when an employee made an audio recording of her boss, without the boss' knowledge, said Acting Deputy Police Chief Frank Warchol.
The employee, Nichole Brock, 35, of 89 Linden St. Unit B, Exeter, was arrested Monday on a misdemeanor count of wiretapping, police reported. Warchol said the law prohibits recording anyone without consent from all parties being recorded and that Brock's recording was made secretly. He said the underlying dispute was not criminal, but the recording was. more
Stealing White - How a corporate spy swiped plans for DuPont’s billion-dollar color formula
“At first, you’re like: Why are they stealing the color white?
I had to Google it to figure out what titanium dioxide even was,” says Dean Chappell, acting section chief of counterespionage for the FBI. “Then you realize there is a strategy to it.”
You can’t even call it spying, adds John Carlin, the assistant attorney general in charge of the U.S. Department of Justice’s national security division. “This is theft. And this—stealing the color white—is a very good example of the problem. It’s not a national security secret. It’s about stealing something you can make a buck off of. It’s part of a strategy to profit off what American ingenuity creates.”
Most trade-secret theft goes unreported. Companies worry that disclosing such incidents will hurt their stock prices, harm relationships with customers, or prompt federal agents to put them under a microscope. Theft of trade secrets also rarely results in criminal charges because the cases are time-consuming and complicated, and it’s often difficult to win a conviction for conspiracy to commit espionage. more
Extra Credit...
I had to Google it to figure out what titanium dioxide even was,” says Dean Chappell, acting section chief of counterespionage for the FBI. “Then you realize there is a strategy to it.”
You can’t even call it spying, adds John Carlin, the assistant attorney general in charge of the U.S. Department of Justice’s national security division. “This is theft. And this—stealing the color white—is a very good example of the problem. It’s not a national security secret. It’s about stealing something you can make a buck off of. It’s part of a strategy to profit off what American ingenuity creates.”
Most trade-secret theft goes unreported. Companies worry that disclosing such incidents will hurt their stock prices, harm relationships with customers, or prompt federal agents to put them under a microscope. Theft of trade secrets also rarely results in criminal charges because the cases are time-consuming and complicated, and it’s often difficult to win a conviction for conspiracy to commit espionage. more
Extra Credit...
This Week in Business Espionage
• XPO Logistics Inc. charges that rival YRC Worldwide Inc. went to illegal extremes as XPO bought Con-way Inc. last year, the WSJ’s Loretta Chao writes, raiding the less-than-truckload carrier for executives and trade secrets on its operations and its customers. YRC won’t comment on the charges... XPO’s allegation of what amounts to corporate espionage comes at a critical time for the company. more
• One of the UK’s largest companies, British American Tobacco (BAT) is facing demands that it be investigated by the US Department of Justice, following allegations that it engaged in widespread bribery of politicians and policymakers in Africa... There are also claims that the company engaged in corporate espionage and the sabotage of competitors in Kenya. more
• Barcelona (soccer team) say they are “oblivious” to allegations of industrial espionage brought against them and former President Sandro Rosell. The Spanish Press reported on Friday that communications group Mediapro had taken Barca and Rosell to court, with its owner Jaume Roures accusing the ex-patron of e-mail theft, divulging business secrets and invading his privacy. more
• If American businesses want to curb the theft of their trade secrets and intellectual property by other countries, they are going to have to do it themselves. The good news for the American private sector is that machine learning (ML) and behavioral analytics, are offering some promise of detecting hackers before they start exfiltrating trade secrets and intellectual property (IP)... The not so good news is that those businesses are not going to be getting much help from the government. more
...and from "The World is a Strange Place" files...
• A U.S. law firm specializing in cross-border matters has opened its first office in China recently, aiming to assist local companies with legal issues against the background of a spate of spying charges against Chinese nationals. The law firm, Alston & Bird, opened its Beijing office on January 27, marking the first overseas branch of the law firm. The firm has served as counsel to a number of Chinese clients, including Tianjin University's Professor Zhang Hao, who was charged in the U.S. with economic espionage and theft of trade secrets. more
• One of the UK’s largest companies, British American Tobacco (BAT) is facing demands that it be investigated by the US Department of Justice, following allegations that it engaged in widespread bribery of politicians and policymakers in Africa... There are also claims that the company engaged in corporate espionage and the sabotage of competitors in Kenya. more
• Barcelona (soccer team) say they are “oblivious” to allegations of industrial espionage brought against them and former President Sandro Rosell. The Spanish Press reported on Friday that communications group Mediapro had taken Barca and Rosell to court, with its owner Jaume Roures accusing the ex-patron of e-mail theft, divulging business secrets and invading his privacy. more
• If American businesses want to curb the theft of their trade secrets and intellectual property by other countries, they are going to have to do it themselves. The good news for the American private sector is that machine learning (ML) and behavioral analytics, are offering some promise of detecting hackers before they start exfiltrating trade secrets and intellectual property (IP)... The not so good news is that those businesses are not going to be getting much help from the government. more
...and from "The World is a Strange Place" files...
• A U.S. law firm specializing in cross-border matters has opened its first office in China recently, aiming to assist local companies with legal issues against the background of a spate of spying charges against Chinese nationals. The law firm, Alston & Bird, opened its Beijing office on January 27, marking the first overseas branch of the law firm. The firm has served as counsel to a number of Chinese clients, including Tianjin University's Professor Zhang Hao, who was charged in the U.S. with economic espionage and theft of trade secrets. more
Subscribe to:
Posts (Atom)