Wednesday, June 1, 2016

Spy on Any Phone, Anywhere... for a price.

With just a few million dollars and a phone number, you can snoop on any call or text that phone makes – no matter where you are or where the device is located.

That’s the bold claim of Israel’s Ability Inc, which offers its set of bleeding-edge spy tools to governments the world over. And it’s plotting to flog its kit to American cops in the coming months.

Ability’s most startling product, from both technical and price perspectives, is the Unlimited Interception System (ULIN). Launched in November last year, it can cost as much as $20 million, depending on how many targets the customer wants to surveil.

All a ULIN customer requires is the target’s phone number or the IMSI (International Mobile Subscriber Identity), the unique identifier for an individual mobile device. Got those? Then boom – you can spy on a target’s location, calls and texts.

This capability is far more advanced than that of IMSI-catchers (widely known as StingRays), currently used by police departments in the United States. IMSI-catchers can help acquire a target’s IMSI number, as well as snoop on mobiles, but only if the target is within range. more
Posted by at
Labels: , , , , ,

"What are the most important characteristics of a great InfoSec professional in 2016?"

23 Information Security Leaders Reveal the Most Important Traits for InfoSec Pros in 2016

Digital Guardian compiled their responses to create a comprehensive guide outlining the most important characteristics for InfoSec professionals. (My contribution appears below. The additional 22 thoughtful responses appear here.)
---

"The single most important characteristic for successful InfoSec professionals in 2016 is..."

Inquisitiveness.

With this quality, an InfoSec professional will question the status quo, look for loopholes, seek new solutions, follow-up on red flags early on, and look at InfoSec from a holistic viewpoint.

The viewpoint is the most important element. It shapes all other aspects of the job. The inquisitive person will see their job not as an IT defender, but as a defender of information, no matter how it is generated, stored, or transmitted. The great InfoSec professional realizes all the data stored on the computers was available to the adversary long before it ever entered a database.

This holistic outlook takes into account the genesis of information. It may start out as a phone call, which may be wiretapped; a conference room strategy meeting, which can be bugged; unsecured written information left on desks or unlocked file cabinets, which may be easily photographed; information stored on a photocopier hard drive, which can later be reprinted; or on an unsecured Wi-Fi Appearance Point, or wireless printer, whose transmissions may be intercepted. The list of info-vulnerabilities is long.

In recent years, the rush has been to focus on IT security, and rightly so. But, in doing so, the gap between great InfoSec professionals and tunnel-visioned InfoSec managers has become wide and clear. Great InfoSec professionals, being inquisitive, see and handle the big picture. It isn't just computers. The real task is detecting and plugging any method by which information can leak out. Today's great InfoSec professionals defend accordingly. They are much more successful than their colleagues, who only put out fires.  ~Kevin
Posted by at
Labels: ,

Tuesday, May 31, 2016

10 types of spy cameras that could be watching you right now - No. 6 is a surprise

Camera technology has advanced a lot the past few years. They keep getting smaller and smaller, making it possible to conceal them any which way.

Spy cam manufacturers have been creative in producing some of the most cleverly disguised (and tiny) camera/DVR systems, complete with HD video, motion detection, large storage card support and remote controls...

1. USB flash drive spy cameras
These cameras look like your regular USB storage sticks, but think again. They have a hidden camera inside! It’s not unusual these days for someone to be carrying USB sticks around so spotting them can be a bit challenging.

So how can you tell? The camera lens for these USB stick cameras is usually located on the posterior end of the stick, opposite the USB plug. With this form factor, this spy cam will blend seamlessly in an office or classroom.

See all 10 here.
Posted by at
Labels: , ,

Concerns for Energy Espionage Climb

The FBI is warning U.S. energy companies that the oil industry's downturn is increasing their vulnerability to theft of technological secrets.
 
Companies that long have faced the prospect of economic espionage must now be prepared for the possibility that workers who have been laid off could be targeted by foreign entities and competitors wanting to steal intellectual property. 

"FBI investigations indicate economic espionage and trade secret theft against U.S. oil and natural gas companies and institutes are on the rise," according to an unclassified briefing report prepared for the energy industry.

Agents shared the report recently with about 150 energy sector executives, managers and others who gathered behind closed doors at the FBI building... more
Posted by at
Labels: , ,

How Business Espionage Really Works (Hint, it ain't just computers.)

The Dirty Dozen
  1. Trespassing on the property of a competitor.
  2. Secretly observing the activities or properties of others.
  3. Using electronic eavesdropping equipment.
  4. Learning trade secrets by hiring people who work for a competitor.
  5. Hiring a spy to get specific information from an other company.
  6. Planting an undercover operative on someone else’s payroll.
  7. Stealing documents or property (includes electronic documents).
  8. Conducting phone negotiations for a license, franchise, or distributorship in order to gain inside information.
  9. Gaining information by staging a phony market research study or similar interview project.
  10. Bribing. Most forms of bribery are unethical, including those disguised as “gifts”.
  11. Blackmailing.
  12. Extorting. 
From: Best Practice Guidelines in Business Espionage Controls & Countermeasures
  
Posted by at
Labels: , , ,

Trump Campaign Manager Asked if Trump Offices Are Being Bugged - Bizarre Response

Donald Trump’s controversial campaign manager, Corey Lewandowski, appeared on “Fox News Sunday” this week to answer questions about the Republican front-runner’s strategy as the primary season winds down...

...with seconds remaining in the interview, host Chris Wallace asked a question that produced a response no one likely anticipated.

Wallace asked Lewandowski to comment on reports that some Trump associates are suspicious that the campaign’s Trump Tower offices are being bugged. At first the campaign manager ignored the question, but Wallace pressed further.

“Is there any bugging going on at the Trump Tower?” Wallace asked, with 10 seconds remaining in the interview.

“I think that’s a lot of speculation,” Lewandowski began. “I don’t think that’s the case at all — I think we’re very happy with the way that our offices are set up.”

It’s not quite clear what Lewandowski was trying to suggest, and given that there was no time for a follow-up question, the bizarre response was left alone. more
Posted by at
Labels: , ,

Friday, May 27, 2016

The Friendly Maintenance Man's Spycam

Apartment maintenance man Jerry Rowe was a nice, friendly guy who carried around treats for residents' dogs. Residents of the Steeplechase Apartments were surprised Thursday when word spread that Rowe, 65, had been arrested and charged with hiding a camera in the bathrooms of five female tenants. 

...The investigation into Rowe started Wednesday when a woman saw a camera in a vent in the ceiling of her bathroom.  The Friendly Maintenance Man's

She called the Warren Co. Sheriff's Office and deputies said they found images of Rowe placing the camera in the vent on the camera. Lt. John Faine said five women were captured by the camera...

Faine said he believes Rowe had one camera that he moved from one apartment to another. However, he cannot rule out that there may be other cameras at this point in the investigation. more
Posted by at
Labels: , , , ,

Thursday, May 26, 2016

DIY Tip: How to Check Your Wi-Fi for Spies

If you would like to see who (or what) is tapped into your wireless network, you can take a peek with router utilities and mobile apps...

Depending on your interest in technical fiddling, you can see what other devices are connected to your network in several ways. For one, you could log into your wireless router’s administrative page and check its DCHP Client Table (sometimes called the DHCP Client List or Attached Devices, as some router companies use different terms) to see the roster of computers, smartphones, tablets and other gear currently connected to the wireless router...

If that sort of thing seems like way too much work, you can also get a program or app that scans your network for connected devices. Your router maker may have its own app, like Netgear’s Genie, Linkys Connect or Apple’s AirPort Utility for iOS.

You can also find software from other developers that is designed to reveal the devices connected to your wireless network. NirSoft Wireless Network Watcher. Who’s on my WiFi for Windows and the Fing network scanner for Android and iOS are among the options. more

Posted by at
Labels: , , , ,

Russian Election Monitor Sets Trap To Test NTV For Wiretapping

In March 2012, Michael McFaul, then the U.S. ambassador to Russia, famously accused journalists from the state-controlled network NTV of hacking his phone or e-mails to access his schedule after they approached him as he arrived at a private meeting with an opposition activist.

Four years later, those same journalists have been purportedly tripped up in a sting operation by an embattled Russian election-monitoring group seeking to prove that security services are wiretapping its phones and leaking details of its meetings with foreign diplomats to the Kremlin-loyal network.

Golos, an independent election monitor that has documented widespread violations at Russian ballot boxes in recent years, says it has concluded that NTV journalists are surreptitiously obtaining information about its employees’ movements from Russian law enforcement or intelligence agencies.

Using this information, Golos alleges, the journalists are able to track the group’s itinerary and wait for them -- cameras and microphones in hand -- outside embassies and other Moscow venues where they meet foreign diplomats to discuss the country’s elections. more
Posted by at
Labels: , , ,

The 2017 Intelligence Authorization Act

As part of its continuing push for ever greater surveillance powers, the FBI is hoping that a new bill, known as the 2017 Intelligence Authorization Act, will be enacted into law, as the proposed legislation makes it possible for the agency to read emails without a warrant. It’s already been given Senate Intelligence Committee approval and will next be considered by the Senate as a whole....

Essentially, the bill would extend current FBI powers authorized by the Patriot Act, which allows the government to force telecoms companies to hand over phone records on individuals suspected of terrorism and other crimes. Known as a National Security Letter, recipients are not allowed to speak about the FBI investigation either, essentially gagging the companies and individuals involved.

...If enacted, sending such a letter would not require a court order, nor require any oversight from external organizations whatsoever.

That’s the aspect of the bill that lone-Senate Intelligence Committee dissenter, Ron Wyden, highlighted as part of his no vote.

This bill takes a hatchet to important protections for Americans’ liberty,” he said (via CNet). “This bill would mean more government surveillance of Americans, less due process, and less independent oversight of U.S. intelligence agencies.” more
Posted by at
Labels: , ,

Britain's Foreign Secretary Denies Office Cat is a Spy

Britain's foreign secretary Philip Hammond was forced to issue a denial after his own Conservative party colleague claimed the "chief mouser" at the UK's Foreign Office could be a European Union (EU) spy.

Palmerston, a cat that was adopted by the Foreign and Commonwealth Office, had been recently announced as the "chief mouser" to help tackle the problem of mice in the building in central London.

However, as the debate around Britain's membership of the EU heats up in the lead up to the June 23 referendum, a member of the camp in favour of remaining in the economic bloc told the House of Commons yesterday that those in favour of Brexitmay fear Palmerston has not been fully vetted.

 "There is a serious point here. Can I ask my right honourable friend whether Palmerston has been security cleared or not... can I ask him, has he been positively vetted by the security service and scanned for bugs by GCHQ? And can my right honourable Friend assure the House –and the more paranoid element in the Brexiters - that he isn't a long term mole working for the EU Commission," Tory MP Keith Simpson asked Hammond.

The foreign secretary chose to the address the bizarre query, claiming Palmerston's attendance record had been impeccable.

He told MPs: "He is definitely not a mole. I can categorically assure my honourable friend that Palmerston has been regularly vetted." more
Posted by at
Labels: , , ,

Wednesday, May 25, 2016

Survey: Corporate Espionage Rated as a Top Risk - Assessments Become Common

A large number of companies feel the existing security standards, legal, regulatory and compliance frameworks in the industry were not adequate to support corporate security requirements, a survey by PwC India and American Society for Industrial Security (ASIS) said.

The survey revealed that cybercrime and corporate espionage have been rated as two of the most serious threats to organizations in the coming years.

More than half the respondents felt precautionary and preventive measures taken is still not adequate...

The survey also highlighted that about 73 per cent of the respondents felt that the number of security incidents had increased in the past two years and would continue over the next two years.

While five years back physical security assessment was rare and uncommon, today almost 46 per cent of the organizations surveyed conduct a physical security risk assessment once a year, whereas 17 per cent do it monthly. more
Posted by at
Labels: , , ,

New Old News - Official Warning - Wall Wart Eavesdropping Device

(My clients received their warning on January 14, 2015. ~Kevin)

FBI officials are warning private industry partners to be on the lookout for highly stealthy keystroke loggers that surreptitiously sniff passwords and other input typed into wireless keyboards.

The FBI's Private Industry Notification is dated April 29, more than 15 months after whitehat hacker Samy Kamkar released a KeySweeper, a proof-of-concept attack platform that covertly logged and decrypted keystrokes from many Microsoft-branded wireless keyboards and transmitted the data over cellular networks.

To lower the chances the sniffing device might be discovered by a target, Kamkar designed it to look almost identical to USB phone chargers that are nearly ubiquitous in homes and offices.

"If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information," FBI officials wrote in last month's advisory. "Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen." more
Posted by at
Labels: , , , , , , ,

Facebook Has Ears and is Nosey Too

Facebook admits that it “uses your microphone to identify the things you’re listening to or watching, based on the music and TV matches we’re able to identify.”

However, some experts believe that Facebook is not being fully transparent. Once the microphone feature is enabled, Facebook can listen in to your private conversation, even when one is not actively engaging with the app.


The feature listens for particular buzz words, which enable the site to weave the content that appears on news feeds to suit users’ personal interests.

In an NBC report, the feature is tested by Kelli Burns, a professor of Mass Communication at the University of South Florida.

In the experiment, she says aloud with her microphone feature on, “I’m really interested in going on an African safari. I think it’d be wonderful to ride in one of those jeeps.”

When she checked her Facebook newsfeed just 60 seconds later, the first item to appear was a safari story. She then also noticed an advertisement for Jeep vehicles. more
Posted by at
Labels: , , , ,

Holiday Weekend Filmfest - Watch the 10 Best PI Movies (infographic)

A tip of the magnifying glass to Adam Visnic
a licensed private investigator. 
May your next case become a 
classic movie. 

(Enlarge)
Posted by at
Labels: , , ,
Subscribe to: Posts (Atom)