A new show where you learn CIA spy secrets that could save your life is headed to the Strip — it’s a two-day “Escape and Evasion” presentation hosted by former CIA agent Jason Hanson, who served with the agency for nearly a decade.
“Spy Escape & Evasion” debuts at the “Pin Up” theater in the Stratosphere on Aug. 17 with the first four back-to-back days, with future seminars to be announced.
It’s a $1,499.95 ticket price per person that includes hands-on personal training by Jason and his CIA team of former officers. He also will participate in meet-and-greet sessions, and 30 audience members will dine with him after the lectures and training sessions.
If you’ve ever dreamed of being 007 or wished you possessed the skills to protect yourself from danger like those in the CIA, these shows are for you. Jason’s courses are designed to keep individuals and their families safe from danger.
Here are topics Jason will cover in his fascinating show presented by Red Mercury Entertainment:
• How to escape rope, duct tape, zip ties and handcuffs in 30 seconds or less;
• secrets of situational awareness;
• important everyday carry gear bag;
• how to pick locks, hotwire a car and disappear without a trace;
• how to use social engineering to get almost anything you want;
• what to do when a crisis occurs; technical pen techniques;
• basic counter surveillance techniques;
• and hands-on training. more
...and then there is the Shark Tank $1,997 special.
...and then there is the $37 version.
...and then there is FREE CIA training.
Tuesday, May 17, 2016
Spying Using Phone Call Records – Study Says It's Easy
Stanford University researchers used call records to uncover heart problems, marijuana habits of volunteers.
Phone metadata doesn’t reveal what people say, but such records of calls and text messages can help spy agencies, businesses or hackers discover private information about someone’s relationships, shopping interests and even health problems, according to a study published on Monday.
The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Phone metadata doesn’t reveal what people say, but such records of calls and text messages can help spy agencies, businesses or hackers discover private information about someone’s relationships, shopping interests and even health problems, according to a study published on Monday.
The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Intriguing Spy Stories From Internal NSA Reports
In the early months of 2003, the National Security Agency saw demand for its services spike
as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter.
The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.
We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories... more
The NSA does excellent behind-the-scenes work. Since some of their work is now public you can now be thankful and proud. ~Kevin
as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter.
The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.
We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories... more
The NSA does excellent behind-the-scenes work. Since some of their work is now public you can now be thankful and proud. ~Kevin
Monday, May 16, 2016
Philly Cheesy Stake-Out... Outted
The Philadelphia Police Department admitted today that a mysterious
unmarked license plate surveillance truck disguised as a Google Maps
vehicle, which Motherboard first reported on this morning, is its own.
In an emailed statement, a department spokesperson confirmed:
“We have been informed that this unmarked vehicle belongs to the police department; however, the placing of any particular decal on the vehicle was not approved through any chain of command.
With that being said, once this was brought to our attention, it was ordered that the decals be removed immediately.” more
In an emailed statement, a department spokesperson confirmed:
“We have been informed that this unmarked vehicle belongs to the police department; however, the placing of any particular decal on the vehicle was not approved through any chain of command.
With that being said, once this was brought to our attention, it was ordered that the decals be removed immediately.” more
Sunday, May 15, 2016
Spycam Found in Hospital Bathroom
Harris Health Systems is confirming that a hidden camera was found in a staff restroom at Ben Taub General Hospital.
Hospital staff turned the camera over to Houston police.
Harris Health Systems oversees the county's public hospitals, including Ben Taub.
Kese Smith of the Houston Police Department said Thursday that the camera was found concealed inside a fifth floor restroom at the hospital which is used mostly by staff but is also sometimes accessed by the public.
It was not immediately known what kind of camera was found or how long it had been in the staff restroom. more
Hospital staff turned the camera over to Houston police.
Harris Health Systems oversees the county's public hospitals, including Ben Taub.
Kese Smith of the Houston Police Department said Thursday that the camera was found concealed inside a fifth floor restroom at the hospital which is used mostly by staff but is also sometimes accessed by the public.
It was not immediately known what kind of camera was found or how long it had been in the staff restroom. more
Friday, May 13, 2016
2016 - The Smallest Camera in the World
No matter how small, a good TSCM inspection service can find them.
Thursday, May 12, 2016
Alarming Security Defects in SS7, the Global Cellular Network—and How to Fix Them
The global network that transfers calls between mobile phone carriers has security defects that permit hackers and governments to monitor users’ locations and eavesdrop on conversations.
As more reports of these activities surface, carriers are scrambling to protect customers from a few specific types of attacks.
The network, called Signaling System 7, or SS7, is a digital signaling protocol that mobile phone carriers including AT&T, T-Mobile, and Sprint use to send messages to each other about who is a subscriber, where subscribers are located, and how calls should be routed to reach them.
SS7 began as a closed network shared among a few major mobile phone carriers, but grew porous as more carriers joined. Hackers and governments can now gain access by purchasing rights from a carrier (which many are willing to provide for the right price) or infiltrating computers that already have permission. more
One security firm advises:
"...we have two products that represent the world’s first comprehensive solution against
SS7 attacks: ESD Oversight Protect & ESD Oversight Detect. SS7 Network Penetration testing is
also available to carriers around the world who recognize the need to ensure their networks and their
subscribers are protected from the potential damaged these vulnerabilities expose."
Extra Credit — Ghosts in the Network: SS7 and RF Vulnerabilities in Cellular Networks — a presentation given at RSA Conference 2016
Courtesy ESD America |
The network, called Signaling System 7, or SS7, is a digital signaling protocol that mobile phone carriers including AT&T, T-Mobile, and Sprint use to send messages to each other about who is a subscriber, where subscribers are located, and how calls should be routed to reach them.
SS7 began as a closed network shared among a few major mobile phone carriers, but grew porous as more carriers joined. Hackers and governments can now gain access by purchasing rights from a carrier (which many are willing to provide for the right price) or infiltrating computers that already have permission. more
One security firm advises:
"...we have two products that represent the world’s first comprehensive solution against
SS7 attacks: ESD Oversight Protect & ESD Oversight Detect. SS7 Network Penetration testing is
also available to carriers around the world who recognize the need to ensure their networks and their
subscribers are protected from the potential damaged these vulnerabilities expose."
Extra Credit — Ghosts in the Network: SS7 and RF Vulnerabilities in Cellular Networks — a presentation given at RSA Conference 2016
Tuesday, May 10, 2016
Med Students Caught Cheating with Spycams & Smart Watches
A top Thai medical college has caught students using spy cameras linked to smartwatches to cheat during exams in what some social media users have compared to a plot straight out of a Mission: Impossible movie.
Key points:
Three students used glasses with wireless cameras embedded in their frames to transmit images to a group of as yet unnamed people, who then sent the answers to the smartwatches.
Mr Arthit said the trio had paid 800,000 baht ($31,000) each to the tutor group for the equipment and the answers.
"The team did it in real-time," Mr Arthit wrote. more
Key points:
- Thai students caught using spyglasses to send images of exam questions to accomplices
- Accomplices sent answers back to students' smartwatches
- Students paid 800,000 baht ($31,000) for equipment, answers
Three students used glasses with wireless cameras embedded in their frames to transmit images to a group of as yet unnamed people, who then sent the answers to the smartwatches.
Mr Arthit said the trio had paid 800,000 baht ($31,000) each to the tutor group for the equipment and the answers.
"The team did it in real-time," Mr Arthit wrote. more
HOPE Cranks it to Eleven this Summer - Tickets on Sale Now
Hackers On Planet Earth (HOPE) holds their 11th gathering July 22-24 in New York City.
Cory Doctorow is on tap to be their first keynote speaker.
Cory Doctorow (craphound.com) is a science fiction novelist, blogger, and technology activist. He is the co-editor of the popular weblog Boing Boing (boingboing.net), and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines, and websites. (He even wrote an article for 2600 under a different name many years ago!) He is a special consultant to the Electronic Frontier Foundation (eff.org), you know, those superheroes who defend freedom in cyberspace on a daily basis. more
Why "Eleven"? The same reason Tesla auto sound systems peak at Eleven! video
Cory Doctorow is on tap to be their first keynote speaker.
Cory Doctorow (craphound.com) is a science fiction novelist, blogger, and technology activist. He is the co-editor of the popular weblog Boing Boing (boingboing.net), and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines, and websites. (He even wrote an article for 2600 under a different name many years ago!) He is a special consultant to the Electronic Frontier Foundation (eff.org), you know, those superheroes who defend freedom in cyberspace on a daily basis. more
Why "Eleven"? The same reason Tesla auto sound systems peak at Eleven! video
The End of "A Little Bird Told Me"
At Twitter’s behest, US intelligence agencies have lost access to Dataminr, a company that turns social media data into an advanced notification system, according to the Wall Street Journal. While that may sound like a win for privacy, it’s a bit more complicated in practice.
The move leaves government officials without a valuable tool. Somewhat less clear is what sort of stand, if any, Twitter is taking...
“From the government perspective, it’s a good tool, because it gives real-time alerts to things that are happening before anyone really knows what’s going on,” says Aki Peritz, a former CIA counterterrorism expert and current adjunct professor at American University. “We want to allow law enforcement and the intelligence services to know bad things are happening in real time.” more
The move leaves government officials without a valuable tool. Somewhat less clear is what sort of stand, if any, Twitter is taking...
“From the government perspective, it’s a good tool, because it gives real-time alerts to things that are happening before anyone really knows what’s going on,” says Aki Peritz, a former CIA counterterrorism expert and current adjunct professor at American University. “We want to allow law enforcement and the intelligence services to know bad things are happening in real time.” more
It's time to make peace with passwords. This free guide will help.
By now we're all well aware of what makes a bad password … it's us.
A glance at SplashData's annual reporting on the world's worst passwords shows just how laughably bad at creating passwords us humans really are. But what's worse, as Steve Ragan's analysis of leaked passwords shows, is that many passwords on the naughty list adhere to the carefully crafted password policies in use in companies today.
How can security leaders do better? For one thing, we can stop blaming users, says Michael Santarcangelo. Instead, we can focus on providing them with technology that makes the job easier.
That's where this guide comes in. more
A glance at SplashData's annual reporting on the world's worst passwords shows just how laughably bad at creating passwords us humans really are. But what's worse, as Steve Ragan's analysis of leaked passwords shows, is that many passwords on the naughty list adhere to the carefully crafted password policies in use in companies today.
How can security leaders do better? For one thing, we can stop blaming users, says Michael Santarcangelo. Instead, we can focus on providing them with technology that makes the job easier.
That's where this guide comes in. more
US Government Study of Spyware - Possible Precursor to New Laws
Why GAO Did This Study
Smartphone tracking apps exist that allow a person to not only surreptitiously track another person’s smartphone location information, but also surreptitiously intercept the smartphone’s communications—such as texts, e-mails, and phone calls. This type of monitoring—without a person’s knowledge or consent—can present serious safety and privacy risks...
The federal government has undertaken educational, enforcement, and legislative efforts to protect individuals from the use of surreptitious tracking apps, but stakeholders differed over whether current federal laws need to be strengthened to combat stalking. Educational efforts by the Department of Justice (DOJ) have included funding for the Stalking Resource Center, which trains law enforcement officers, victim service professionals, policymakers, and researchers on the use of technology in stalking. With regard to enforcement, DOJ has prosecuted a manufacturer and an individual under the federal wiretap statute for the manufacture or use of a surreptitious tracking app.
Some stakeholders believed the federal wiretap statute should be amended to explicitly include the interception of location data and DOJ has proposed amending the statute to allow for the forfeiture of proceeds from the sale of smartphone tracking apps and to make the sale of such apps a predicate offense for money laundering. Stakeholders differed in their opinions on the applicability and strengths of the relevant federal laws and the need for legislative action. Some industry stakeholders were concerned that legislative actions could be overly broad and harm legitimate uses of tracking apps. However, stakeholders generally agreed that location data can be highly personal information and are deserving of privacy protections. more full study
Smartphone tracking apps exist that allow a person to not only surreptitiously track another person’s smartphone location information, but also surreptitiously intercept the smartphone’s communications—such as texts, e-mails, and phone calls. This type of monitoring—without a person’s knowledge or consent—can present serious safety and privacy risks...
The federal government has undertaken educational, enforcement, and legislative efforts to protect individuals from the use of surreptitious tracking apps, but stakeholders differed over whether current federal laws need to be strengthened to combat stalking. Educational efforts by the Department of Justice (DOJ) have included funding for the Stalking Resource Center, which trains law enforcement officers, victim service professionals, policymakers, and researchers on the use of technology in stalking. With regard to enforcement, DOJ has prosecuted a manufacturer and an individual under the federal wiretap statute for the manufacture or use of a surreptitious tracking app.
Some stakeholders believed the federal wiretap statute should be amended to explicitly include the interception of location data and DOJ has proposed amending the statute to allow for the forfeiture of proceeds from the sale of smartphone tracking apps and to make the sale of such apps a predicate offense for money laundering. Stakeholders differed in their opinions on the applicability and strengths of the relevant federal laws and the need for legislative action. Some industry stakeholders were concerned that legislative actions could be overly broad and harm legitimate uses of tracking apps. However, stakeholders generally agreed that location data can be highly personal information and are deserving of privacy protections. more full study
Wednesday, April 27, 2016
CBRE Made the Forbes Best Employers List - Partly with Good Infosec
via Forbes, April 19, 2016...
Cone of Silence chairs + a Clear Desk Policy = Security, and a competitive advantage in the eyes of their customers. Smart.
CBRE Group, Inc. is an American commercial real estate company with headquarters in Los Angeles, California. As of its successful 2011 bid to acquire part of ING, CBRE was the world's largest real estate investment manager. Wikipedia
Cone of Silence chairs + a Clear Desk Policy = Security, and a competitive advantage in the eyes of their customers. Smart.
CBRE Group, Inc. is an American commercial real estate company with headquarters in Los Angeles, California. As of its successful 2011 bid to acquire part of ING, CBRE was the world's largest real estate investment manager. Wikipedia
Monday, April 25, 2016
Please tell us that You Didn't Sign a "Monitoring Consent Form"
via mobipicker.com...
"We will look at an app called xnspy that is used for spying on Android phones since a lot of businesses are starting to focus on employee productivity during office hours, more and more companies have implemented signing of monitoring consent forms as a part of their hiring process. They then give their employees company-owned smartphones/tablets with a pre-installed monitoring app.
When it comes to tracking and monitoring for use by businesses and for spying on Android phones, we found xnspy to be the torch bearer. It has all the fundamental features that such an app should have, it has a small footprint, it’s discrete, does not use up resources. All these factors count a lot when it comes to monitoring and tracking, it would be a nightmare for the device user if the app slowed down the device and drained the battery.
Xnspy works in the background providing the app user with data such as call records and recordings, text messages from SMS, IM Chats and emails, a complete list of Contacts stored on the device along with a list of all installed apps. Besides these functions the app provides the browsing history and bookmarks of the device user; it also gives the location history of where the device has been.
All of this is made accessible through a web-based dashboard that can be virtually accessed from anywhere in the world. The app user can use a single dashboard to control multiple devices. Xnspy offers two packages a Basic Edition and a Premium Edition." more
"We will look at an app called xnspy that is used for spying on Android phones since a lot of businesses are starting to focus on employee productivity during office hours, more and more companies have implemented signing of monitoring consent forms as a part of their hiring process. They then give their employees company-owned smartphones/tablets with a pre-installed monitoring app.
When it comes to tracking and monitoring for use by businesses and for spying on Android phones, we found xnspy to be the torch bearer. It has all the fundamental features that such an app should have, it has a small footprint, it’s discrete, does not use up resources. All these factors count a lot when it comes to monitoring and tracking, it would be a nightmare for the device user if the app slowed down the device and drained the battery.
Xnspy works in the background providing the app user with data such as call records and recordings, text messages from SMS, IM Chats and emails, a complete list of Contacts stored on the device along with a list of all installed apps. Besides these functions the app provides the browsing history and bookmarks of the device user; it also gives the location history of where the device has been.
All of this is made accessible through a web-based dashboard that can be virtually accessed from anywhere in the world. The app user can use a single dashboard to control multiple devices. Xnspy offers two packages a Basic Edition and a Premium Edition." more
Subscribe to:
Posts (Atom)