via Matt Novak
"Back in March, I filed a Freedom of Information request with the FBI asking if the agency had ever wiretapped an Amazon Echo. This week I got a response: “We can neither confirm nor deny...”
We live in a world awash in microphones. They’re in our smartphones, they’re in our computers, and they’re in our TVs. We used to expect that they were only listening when we asked them to listen. But increasingly we’ve invited our internet-connected gadgets to be “always listening.” There’s no better example of this than the Amazon Echo.
In many ways the Echo is a law enforcement dream." (...or any hacker, snoop or spy.) more more
Friday, May 20, 2016
Thursday, May 19, 2016
10 Ways Law Firms Can Make Life Difficult for Hackers
2. Keep backups disconnected from the network and the Internet.
3. Install all patches and updates.
4. Update software – especially when it is no longer supported.
5. Block executable files, compressed archives and unidentified users.
6. If you use cloud storage, make sure your firm controls the encryption key.
7. Make your cybersecurity program meet the needs of potential clients.
8. Have clear, effective restrictions on remote access and mobile devices.
9. Set systems to capture log data, for forensic purposes if a breach occurs.
10. Share threat information. more
These basic tips apply to all hacker-target businesses. ~Kevin
Eavesdropping on the Public in 1919
In 1919 a Chicago Theater bugged the seats...
to find out what the audience was saying about the production they were watching. The hope was that the honest criticism (or praise) they heard would help them make future performances better. more
Click to enlarge. |
Think Video Surveillance is Just for Crime Prevention? Think again...
Sure, surveillance video can be used to “catch the bad guy” and deter incidents. But it can do so much more!
Download the Top 10 Values of Video Surveillance by Pivot3 to see how you could be leveraging your video for strategic business purposes beyond security.
See how video can help you:
Download the Top 10 Values of Video Surveillance by Pivot3 to see how you could be leveraging your video for strategic business purposes beyond security.
See how video can help you:
- Defend against fraudulent liability claims
- Avoid fines from non-compliance
- Improve the value of other business systems to your organization
- And more!
Tuesday, May 17, 2016
CIA Former Agent Trains You to Survive... your wallet is decimated, however.
A new show where you learn CIA spy secrets that could save your life is headed to the Strip — it’s a two-day “Escape and Evasion” presentation hosted by former CIA agent Jason Hanson, who served with the agency for nearly a decade.
“Spy Escape & Evasion” debuts at the “Pin Up” theater in the Stratosphere on Aug. 17 with the first four back-to-back days, with future seminars to be announced.
It’s a $1,499.95 ticket price per person that includes hands-on personal training by Jason and his CIA team of former officers. He also will participate in meet-and-greet sessions, and 30 audience members will dine with him after the lectures and training sessions.
If you’ve ever dreamed of being 007 or wished you possessed the skills to protect yourself from danger like those in the CIA, these shows are for you. Jason’s courses are designed to keep individuals and their families safe from danger.
Here are topics Jason will cover in his fascinating show presented by Red Mercury Entertainment:
• How to escape rope, duct tape, zip ties and handcuffs in 30 seconds or less;
• secrets of situational awareness;
• important everyday carry gear bag;
• how to pick locks, hotwire a car and disappear without a trace;
• how to use social engineering to get almost anything you want;
• what to do when a crisis occurs; technical pen techniques;
• basic counter surveillance techniques;
• and hands-on training. more
...and then there is the Shark Tank $1,997 special.
...and then there is the $37 version.
...and then there is FREE CIA training.
“Spy Escape & Evasion” debuts at the “Pin Up” theater in the Stratosphere on Aug. 17 with the first four back-to-back days, with future seminars to be announced.
It’s a $1,499.95 ticket price per person that includes hands-on personal training by Jason and his CIA team of former officers. He also will participate in meet-and-greet sessions, and 30 audience members will dine with him after the lectures and training sessions.
If you’ve ever dreamed of being 007 or wished you possessed the skills to protect yourself from danger like those in the CIA, these shows are for you. Jason’s courses are designed to keep individuals and their families safe from danger.
Here are topics Jason will cover in his fascinating show presented by Red Mercury Entertainment:
• How to escape rope, duct tape, zip ties and handcuffs in 30 seconds or less;
• secrets of situational awareness;
• important everyday carry gear bag;
• how to pick locks, hotwire a car and disappear without a trace;
• how to use social engineering to get almost anything you want;
• what to do when a crisis occurs; technical pen techniques;
• basic counter surveillance techniques;
• and hands-on training. more
...and then there is the Shark Tank $1,997 special.
...and then there is the $37 version.
...and then there is FREE CIA training.
Spying Using Phone Call Records – Study Says It's Easy
Stanford University researchers used call records to uncover heart problems, marijuana habits of volunteers.
Phone metadata doesn’t reveal what people say, but such records of calls and text messages can help spy agencies, businesses or hackers discover private information about someone’s relationships, shopping interests and even health problems, according to a study published on Monday.
The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Phone metadata doesn’t reveal what people say, but such records of calls and text messages can help spy agencies, businesses or hackers discover private information about someone’s relationships, shopping interests and even health problems, according to a study published on Monday.
The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Intriguing Spy Stories From Internal NSA Reports
In the early months of 2003, the National Security Agency saw demand for its services spike
as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter.
The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.
We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories... more
The NSA does excellent behind-the-scenes work. Since some of their work is now public you can now be thankful and proud. ~Kevin
as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter.
The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.
We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories... more
The NSA does excellent behind-the-scenes work. Since some of their work is now public you can now be thankful and proud. ~Kevin
Monday, May 16, 2016
Philly Cheesy Stake-Out... Outted
The Philadelphia Police Department admitted today that a mysterious
unmarked license plate surveillance truck disguised as a Google Maps
vehicle, which Motherboard first reported on this morning, is its own.
In an emailed statement, a department spokesperson confirmed:
“We have been informed that this unmarked vehicle belongs to the police department; however, the placing of any particular decal on the vehicle was not approved through any chain of command.
With that being said, once this was brought to our attention, it was ordered that the decals be removed immediately.” more
In an emailed statement, a department spokesperson confirmed:
“We have been informed that this unmarked vehicle belongs to the police department; however, the placing of any particular decal on the vehicle was not approved through any chain of command.
With that being said, once this was brought to our attention, it was ordered that the decals be removed immediately.” more
Sunday, May 15, 2016
Spycam Found in Hospital Bathroom
Harris Health Systems is confirming that a hidden camera was found in a staff restroom at Ben Taub General Hospital.
Hospital staff turned the camera over to Houston police.
Harris Health Systems oversees the county's public hospitals, including Ben Taub.
Kese Smith of the Houston Police Department said Thursday that the camera was found concealed inside a fifth floor restroom at the hospital which is used mostly by staff but is also sometimes accessed by the public.
It was not immediately known what kind of camera was found or how long it had been in the staff restroom. more
Hospital staff turned the camera over to Houston police.
Harris Health Systems oversees the county's public hospitals, including Ben Taub.
Kese Smith of the Houston Police Department said Thursday that the camera was found concealed inside a fifth floor restroom at the hospital which is used mostly by staff but is also sometimes accessed by the public.
It was not immediately known what kind of camera was found or how long it had been in the staff restroom. more
Friday, May 13, 2016
2016 - The Smallest Camera in the World
No matter how small, a good TSCM inspection service can find them.
Thursday, May 12, 2016
Alarming Security Defects in SS7, the Global Cellular Network—and How to Fix Them
The global network that transfers calls between mobile phone carriers has security defects that permit hackers and governments to monitor users’ locations and eavesdrop on conversations.
As more reports of these activities surface, carriers are scrambling to protect customers from a few specific types of attacks.
The network, called Signaling System 7, or SS7, is a digital signaling protocol that mobile phone carriers including AT&T, T-Mobile, and Sprint use to send messages to each other about who is a subscriber, where subscribers are located, and how calls should be routed to reach them.
SS7 began as a closed network shared among a few major mobile phone carriers, but grew porous as more carriers joined. Hackers and governments can now gain access by purchasing rights from a carrier (which many are willing to provide for the right price) or infiltrating computers that already have permission. more
One security firm advises:
"...we have two products that represent the world’s first comprehensive solution against
SS7 attacks: ESD Oversight Protect & ESD Oversight Detect. SS7 Network Penetration testing is
also available to carriers around the world who recognize the need to ensure their networks and their
subscribers are protected from the potential damaged these vulnerabilities expose."
Extra Credit — Ghosts in the Network: SS7 and RF Vulnerabilities in Cellular Networks — a presentation given at RSA Conference 2016
Courtesy ESD America |
The network, called Signaling System 7, or SS7, is a digital signaling protocol that mobile phone carriers including AT&T, T-Mobile, and Sprint use to send messages to each other about who is a subscriber, where subscribers are located, and how calls should be routed to reach them.
SS7 began as a closed network shared among a few major mobile phone carriers, but grew porous as more carriers joined. Hackers and governments can now gain access by purchasing rights from a carrier (which many are willing to provide for the right price) or infiltrating computers that already have permission. more
One security firm advises:
"...we have two products that represent the world’s first comprehensive solution against
SS7 attacks: ESD Oversight Protect & ESD Oversight Detect. SS7 Network Penetration testing is
also available to carriers around the world who recognize the need to ensure their networks and their
subscribers are protected from the potential damaged these vulnerabilities expose."
Extra Credit — Ghosts in the Network: SS7 and RF Vulnerabilities in Cellular Networks — a presentation given at RSA Conference 2016
Tuesday, May 10, 2016
Med Students Caught Cheating with Spycams & Smart Watches
A top Thai medical college has caught students using spy cameras linked to smartwatches to cheat during exams in what some social media users have compared to a plot straight out of a Mission: Impossible movie.
Key points:
Three students used glasses with wireless cameras embedded in their frames to transmit images to a group of as yet unnamed people, who then sent the answers to the smartwatches.
Mr Arthit said the trio had paid 800,000 baht ($31,000) each to the tutor group for the equipment and the answers.
"The team did it in real-time," Mr Arthit wrote. more
Key points:
- Thai students caught using spyglasses to send images of exam questions to accomplices
- Accomplices sent answers back to students' smartwatches
- Students paid 800,000 baht ($31,000) for equipment, answers
Three students used glasses with wireless cameras embedded in their frames to transmit images to a group of as yet unnamed people, who then sent the answers to the smartwatches.
Mr Arthit said the trio had paid 800,000 baht ($31,000) each to the tutor group for the equipment and the answers.
"The team did it in real-time," Mr Arthit wrote. more
HOPE Cranks it to Eleven this Summer - Tickets on Sale Now
Hackers On Planet Earth (HOPE) holds their 11th gathering July 22-24 in New York City.
Cory Doctorow is on tap to be their first keynote speaker.
Cory Doctorow (craphound.com) is a science fiction novelist, blogger, and technology activist. He is the co-editor of the popular weblog Boing Boing (boingboing.net), and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines, and websites. (He even wrote an article for 2600 under a different name many years ago!) He is a special consultant to the Electronic Frontier Foundation (eff.org), you know, those superheroes who defend freedom in cyberspace on a daily basis. more
Why "Eleven"? The same reason Tesla auto sound systems peak at Eleven! video
Cory Doctorow is on tap to be their first keynote speaker.
Cory Doctorow (craphound.com) is a science fiction novelist, blogger, and technology activist. He is the co-editor of the popular weblog Boing Boing (boingboing.net), and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines, and websites. (He even wrote an article for 2600 under a different name many years ago!) He is a special consultant to the Electronic Frontier Foundation (eff.org), you know, those superheroes who defend freedom in cyberspace on a daily basis. more
Why "Eleven"? The same reason Tesla auto sound systems peak at Eleven! video
The End of "A Little Bird Told Me"
At Twitter’s behest, US intelligence agencies have lost access to Dataminr, a company that turns social media data into an advanced notification system, according to the Wall Street Journal. While that may sound like a win for privacy, it’s a bit more complicated in practice.
The move leaves government officials without a valuable tool. Somewhat less clear is what sort of stand, if any, Twitter is taking...
“From the government perspective, it’s a good tool, because it gives real-time alerts to things that are happening before anyone really knows what’s going on,” says Aki Peritz, a former CIA counterterrorism expert and current adjunct professor at American University. “We want to allow law enforcement and the intelligence services to know bad things are happening in real time.” more
The move leaves government officials without a valuable tool. Somewhat less clear is what sort of stand, if any, Twitter is taking...
“From the government perspective, it’s a good tool, because it gives real-time alerts to things that are happening before anyone really knows what’s going on,” says Aki Peritz, a former CIA counterterrorism expert and current adjunct professor at American University. “We want to allow law enforcement and the intelligence services to know bad things are happening in real time.” more
Subscribe to:
Posts (Atom)