Ruxcon Hacker Wanqiao Zhang of Chinese hacking house Qihoo 360 has blown holes in 4G LTE networks by detailing how to intercept and make calls, send text messages and even force phones offline.
The still-live attacks were demonstrated at the Ruxcon hacking confab in Melbourne this weekend, with the demo offering a recording of the hack perpetrated in part on a live network. It exploits fall-back mechanisms designed to ensure continuity of phone services in the event of overloads.
The tested Frequency Division Duplexing LTE network is more popular than TDD-LTE and operates in Britain, the US, and Australia. The competing Time Division Duplexing (TDD) LTE network is more common in Asian countries and in regions where population densities are higher.
Zhang conducted further tests after The Register inquired whether the attacks would work against TDD-LTE and found all LTE networks and devices are affected.
"I asked my colleagues to test TDD-LTE yesterday and it works well, so it really can work against all LTE devices," Zhang says.
"This attack exists [and] it's still reasonable."
...Zhang says the attacks are possible because LTE networks allow users to be handed over to underused base stations in the event of natural disasters to ensure connectivity.
“You can create a denial of service attack against cellphones by forcing phones into fake networks with no services,” Zhang told the conference.
“You can make malicious calls and SMS and … eavesdrop on all voice and data traffic.” more
Monday, October 24, 2016
Sunday, October 23, 2016
Spy Camera News: Seven Cameras Found in One Airbnb
NV - A man is facing criminal charges after eight people were recorded secretly by hidden cameras in his Airbnb vacation rental home in Las Vegas.
Clark County District Court records show that Christopher Gregory Rogers was indicted last week on five counts of capturing an image of the private area of another person, a gross misdemeanor...
According to a declaration prepared by a Las Vegas police detective, a man and his employees needed a place to stay during the annual Consumer Electronics Show and found Rogers’ listing on Airbnb...
On Jan. 4 the renters met with a host, whom police believe is Rogers’ employee. They noticed security cameras in the common areas of the home and were told the private rooms had no cameras, according to the police report.
Five days later, the renters noticed the smoke detector in the master bathroom had a small camera hidden in it. The renters found other hidden cameras in the private areas of the home and notified Las Vegas police.
A total of six hidden spy cameras were found in the bedrooms and a bathroom. The cameras were being fed to a server room, which contained a digital video recording device, according to the report.
An Additional iHome radio contained a small camera that recorded to a flash drive. Some cameras were pointed at the beds, some at a sitting area in the master bedroom and one at the master shower, the report said. more
Learn how to protect yourself from spycams. Visit http://spycamdetection.training
Man Admits Spying on UEA Students in Toilets and Shower
UK - Luke Mallaband, 22, was once in a relationship with one of the women he recorded showering, although she had not consented to being filmed.
Norwich Magistrates Court heard the filming of students at the UEA, and other locations, had been “going on for a number of years”.
Josephine Jones, prosecuting, said a woman using a gender neutral toilet in the UEA library noticed a “white plastic bag on the floor which appeared to have a hole in one corner”.
She had noticed the bag a few days before and opened it to discover a box which also had a hole in it.
“Inside the box she found an iPhone 6 which was recording.”
In total 38 videos had been recorded on an iPhone at various locations, including toilets at the UEA, a bathroom and also at Mary Chapman Court student accommodation at UEA. more
Student Fined for Spying on Women via their Webcams
Student from Munich fined €1,000 for spying on 32 different computers, using their webcams to take photographs, or record their keyboard history. more
Former Director of Enchanted Forest Denies Spying on Women
The former director of the Enchanted Forest lightshow and Pitlochry Festival Theatre has been accused of secretly spying on women and filming them for more than three years. more
Yet Another Spycam Story This Week
UK - Jack Eldred hid a secret camera at his unsuspecting victim's house and filmed her drying herself off with a towel.
Eldred later sent the victim some of the shots on Facebook and threatened to forward them to her boyfriend.
"There is no dispute he made the recordings - they were not only found on his phone, but in one of the videos he can be seen setting up the hidden camera" she said.
In the clip, he was wearing a hoodie as he smiled directly at the camera and gave a thumbs up sign with both hands. more
Clark County District Court records show that Christopher Gregory Rogers was indicted last week on five counts of capturing an image of the private area of another person, a gross misdemeanor...
According to a declaration prepared by a Las Vegas police detective, a man and his employees needed a place to stay during the annual Consumer Electronics Show and found Rogers’ listing on Airbnb...
On Jan. 4 the renters met with a host, whom police believe is Rogers’ employee. They noticed security cameras in the common areas of the home and were told the private rooms had no cameras, according to the police report.
Five days later, the renters noticed the smoke detector in the master bathroom had a small camera hidden in it. The renters found other hidden cameras in the private areas of the home and notified Las Vegas police.
A total of six hidden spy cameras were found in the bedrooms and a bathroom. The cameras were being fed to a server room, which contained a digital video recording device, according to the report.
An Additional iHome radio contained a small camera that recorded to a flash drive. Some cameras were pointed at the beds, some at a sitting area in the master bedroom and one at the master shower, the report said. more
Learn how to protect yourself from spycams. Visit http://spycamdetection.training
Man Admits Spying on UEA Students in Toilets and Shower
UK - Luke Mallaband, 22, was once in a relationship with one of the women he recorded showering, although she had not consented to being filmed.
Norwich Magistrates Court heard the filming of students at the UEA, and other locations, had been “going on for a number of years”.
Josephine Jones, prosecuting, said a woman using a gender neutral toilet in the UEA library noticed a “white plastic bag on the floor which appeared to have a hole in one corner”.
She had noticed the bag a few days before and opened it to discover a box which also had a hole in it.
“Inside the box she found an iPhone 6 which was recording.”
In total 38 videos had been recorded on an iPhone at various locations, including toilets at the UEA, a bathroom and also at Mary Chapman Court student accommodation at UEA. more
Student Fined for Spying on Women via their Webcams
Student from Munich fined €1,000 for spying on 32 different computers, using their webcams to take photographs, or record their keyboard history. more
Former Director of Enchanted Forest Denies Spying on Women
The former director of the Enchanted Forest lightshow and Pitlochry Festival Theatre has been accused of secretly spying on women and filming them for more than three years. more
Yet Another Spycam Story This Week
UK - Jack Eldred hid a secret camera at his unsuspecting victim's house and filmed her drying herself off with a towel.
Eldred later sent the victim some of the shots on Facebook and threatened to forward them to her boyfriend.
"There is no dispute he made the recordings - they were not only found on his phone, but in one of the videos he can be seen setting up the hidden camera" she said.
In the clip, he was wearing a hoodie as he smiled directly at the camera and gave a thumbs up sign with both hands. more
Friday, October 21, 2016
What Do You Call the New Vinyard in Spy Valley? ..."The Must Sea"?
NZ - A Marlborough wine company with an espionage theme is calling on members of the public to help name their new vineyard.
Crowd sourcing names can be a risky business, as the National Environment Research Council in the United Kingdom found out earlier this year...
Although they derived their name from the presence of the communications orbs in the Waihopai Valley, McCone said Spy Valley Wines did not hold any contracts to supply spooks with wine.
"They do occasionally come in their unmarked vans to buy some wine on a Friday afternoon though," he said. more
Crowd sourcing names can be a risky business, as the National Environment Research Council in the United Kingdom found out earlier this year...
Although they derived their name from the presence of the communications orbs in the Waihopai Valley, McCone said Spy Valley Wines did not hold any contracts to supply spooks with wine.
"They do occasionally come in their unmarked vans to buy some wine on a Friday afternoon though," he said. more
Sheriff Arrested - Bugged Ex-girlfriend
TX - The sheriff of Palo Pinto County has turned himself in on felony charges
of spying on his ex-girlfriend.
Ira Mercer is accused of using an electronic device to intercept his former girlfriend's communications. The indictment lists two incidents, one on Jan. 24, 2015 and again on Dec. 10, 2015...
He is not seeking re-election and his term ends at the end of the year. more
Shades of...
Former Lake Co. deputy accused of illegally recording ex-girlfriend
of spying on his ex-girlfriend.
Ira Mercer is accused of using an electronic device to intercept his former girlfriend's communications. The indictment lists two incidents, one on Jan. 24, 2015 and again on Dec. 10, 2015...
He is not seeking re-election and his term ends at the end of the year. more
Shades of...
Former Lake Co. deputy accused of illegally recording ex-girlfriend
DIY NSA ...at home, in your spare time!
Harold Thomas Martin is alleged to have spent more than 20 years collecting data from multiple government agencies, federal prosecutors said.
Court documents say 50 terabytes of data had been seized but it is not clear how much of this was classified...
Mr Martin was employed with Booz Allen Hamilton, the same consulting firm that employed Edward Snowden, who gave documents to journalists exposing NSA surveillance practices...
If the case succeeds, it raises serious questions about NSA security, says Alan Woodward, a computer security expert from Surrey University.
"The only extraordinary thing about this story is the volume of data stolen," he said.
"If someone was taking the data out of the NSA over a very long period of time, regardless of motive, it does raise a few questions about how they were able to do that: if someone is removing data habitually you'd expect that to be spotted." more
My conception photo of his home office. |
Mr Martin was employed with Booz Allen Hamilton, the same consulting firm that employed Edward Snowden, who gave documents to journalists exposing NSA surveillance practices...
If the case succeeds, it raises serious questions about NSA security, says Alan Woodward, a computer security expert from Surrey University.
"The only extraordinary thing about this story is the volume of data stolen," he said.
"If someone was taking the data out of the NSA over a very long period of time, regardless of motive, it does raise a few questions about how they were able to do that: if someone is removing data habitually you'd expect that to be spotted." more
ESCAPE THE NET: A 5-step guide to going MIA online
How do I erase myself from the internet? With growing concerns over online privacy and government surveillance, what was once a seemingly unthinkable question is now becoming more common...
The answer, as you may have guessed, is not so simple. As the saying goes, the internet is forever, and smart, dedicated stalkers will always be able to track you down. But if you're committed — and patient — you can come awfully close to removing your digital footprint. Here's how to do it.
Step 1: Delete your social, shopping and entertainment accounts.
Step 2: Search for yourself and cut any remaining ties.
Step 3: Remove outdated search results.
Step 4: Clear your information from data collection sites.
Step 5: Contact your phone company, unsubscribe from mailing lists and delete your email accounts.
(details on each step here)
Congratulations, you no longer exist online. Right? Well, actually ... you probably still do. It's incredibly hard to fully delete your presence on the internet, but by following these steps, you've come as close as you possibly can.
The answer, as you may have guessed, is not so simple. As the saying goes, the internet is forever, and smart, dedicated stalkers will always be able to track you down. But if you're committed — and patient — you can come awfully close to removing your digital footprint. Here's how to do it.
Step 1: Delete your social, shopping and entertainment accounts.
Step 2: Search for yourself and cut any remaining ties.
Step 3: Remove outdated search results.
Step 4: Clear your information from data collection sites.
Step 5: Contact your phone company, unsubscribe from mailing lists and delete your email accounts.
(details on each step here)
Congratulations, you no longer exist online. Right? Well, actually ... you probably still do. It's incredibly hard to fully delete your presence on the internet, but by following these steps, you've come as close as you possibly can.
Wednesday, October 12, 2016
Business Espionage Alert: Spying is the New Hacking
Increasingly cybercriminals are using spying techniques better associated with intelligence agencies
to identify relevant information about you and your life and turn that around to attack you.
"There are no hackers, they're all gone -- there are only spies," says Eric O'Neill, national security strategist for Carbon Black and a former FBI counter-intelligence operative.
"The new hackers are using traditional espionage techniques and they're blending it with advanced cyber penetrations in order to steal information," he says, adding "just ask the DNC". more
As predicted back in 2013. Help is available. ~Kevin
to identify relevant information about you and your life and turn that around to attack you.
"There are no hackers, they're all gone -- there are only spies," says Eric O'Neill, national security strategist for Carbon Black and a former FBI counter-intelligence operative.
"The new hackers are using traditional espionage techniques and they're blending it with advanced cyber penetrations in order to steal information," he says, adding "just ask the DNC". more
As predicted back in 2013. Help is available. ~Kevin
Smart Watches Banned from Government Meetings
Apple Watch reportedly banned from UK government meetings due to Russian spying fears.
Virtually all connected devices are susceptible to hacking, which is why the UK government banned smartphones from cabinet meetings over fears that they could be used by foreign agents to eavesdrop on sessions. Now, the ban has been extended to cover Apple Watches and similar wearables.
The Telegraph reports that the UK government's biggest concern is that Russian spies could potentially hijack any smart device to discover national secrets. “The Russians are trying to hack everything,” said one source.
There haven't yet been any reported incidents of cybercriminals, Russian or otherwise, using smartwatches to listen in on sensitive government meetings, but the idea isn’t just a case of being overly paranoid. more
Virtually all connected devices are susceptible to hacking, which is why the UK government banned smartphones from cabinet meetings over fears that they could be used by foreign agents to eavesdrop on sessions. Now, the ban has been extended to cover Apple Watches and similar wearables.
The Telegraph reports that the UK government's biggest concern is that Russian spies could potentially hijack any smart device to discover national secrets. “The Russians are trying to hack everything,” said one source.
There haven't yet been any reported incidents of cybercriminals, Russian or otherwise, using smartwatches to listen in on sensitive government meetings, but the idea isn’t just a case of being overly paranoid. more
Beans from Boston Accused of Spying
CT - A borough couple is suing their neighbors in federal court, alleging they have used the windows and porches of their newly enlarged home to “launch a full scale threatening attack” on their neighbors by continuously spying on them.
Dave and Reba Williams also allege that their Water Street neighbors, Randall and Elizabeth Bean and their two adult sons, Christopher and Matthew, may also be disseminating their recordings and photographs electronically and in other ways.
They allege the two Bean sons have undertaken the surveillance in an “deliberate, calculated effort to harass them.''...
The Williamses, who are in their 80s and residents of Greenwich, have a summer home at 24 Water St. that is appraised by the town at $1.7 million. They bought the home in 2007.
The Beans, who live in Boston, have a summer home at 28 Water St. that they bought in 2014 and is appraised by the town at $1.4 million. Both homes are on Stonington Harbor. more
Dave and Reba Williams also allege that their Water Street neighbors, Randall and Elizabeth Bean and their two adult sons, Christopher and Matthew, may also be disseminating their recordings and photographs electronically and in other ways.
They allege the two Bean sons have undertaken the surveillance in an “deliberate, calculated effort to harass them.''...
The Williamses, who are in their 80s and residents of Greenwich, have a summer home at 24 Water St. that is appraised by the town at $1.7 million. They bought the home in 2007.
The Beans, who live in Boston, have a summer home at 28 Water St. that they bought in 2014 and is appraised by the town at $1.4 million. Both homes are on Stonington Harbor. more
Yahoo Email'ers Fed-Up with Hacking and Spying Find Forwarding Door Locked
After back-to-back revelations that hackers had compromised a staggering 500 million Yahoo Mail accounts and that the company had complied with a US government request to open incoming emails for surveillance,
some users are having a hard time switching to any of Yahoo's competitors.
While it remains unclear how many users intend to leave over the privacy concerns and bad publicity, several told the Associated Press that their ability to do so has been hampered since the beginning of the month, when Yahoo disabled its automated email-forwarding option.
Those who had already set up their forwarding are unaffected, but those who wish to begin forwarding messages now are unable. more
some users are having a hard time switching to any of Yahoo's competitors.
While it remains unclear how many users intend to leave over the privacy concerns and bad publicity, several told the Associated Press that their ability to do so has been hampered since the beginning of the month, when Yahoo disabled its automated email-forwarding option.
Those who had already set up their forwarding are unaffected, but those who wish to begin forwarding messages now are unable. more
Monday, October 10, 2016
How to Delete Your Private Conversations from Google
Google could have a record of everything you have said around it for years, and you can listen to it yourself.
The company quietly records many of the conversations that people have around its products.
The feature works as a way of letting people search with their voice, and storing those recordings presumably lets Google improve its language recognition tools as well as the results that it gives to people.
But it also comes with an easy way of listening to and deleting all of the information that it collects. That’s done through a special page that brings together the information that Google has on you.
It’s found by heading to Google’s history page and looking at the long list of recordings. The company has a specific audio page and another for activity on the web, which will show you everywhere Google has a record of you being on the internet. more
The company quietly records many of the conversations that people have around its products.
The feature works as a way of letting people search with their voice, and storing those recordings presumably lets Google improve its language recognition tools as well as the results that it gives to people.
But it also comes with an easy way of listening to and deleting all of the information that it collects. That’s done through a special page that brings together the information that Google has on you.
It’s found by heading to Google’s history page and looking at the long list of recordings. The company has a specific audio page and another for activity on the web, which will show you everywhere Google has a record of you being on the internet. more
Friday, October 7, 2016
Bugged Samovar Leads to Arrest of Russian Officials
Russia's security service arrested three senior officials after recording conversations using a bug hidden in a samovar they had given as a gift of thanks for anti-corruption efforts, it's emerged.
According to the influential Kommersant newspaper, the Federal Security Service (FSB) planted the bug as part of an investigation into senior officials of the Russian Investigations Committee (SKR) who were said to be taking bribes. The samovar - engraved with the letters "FSB" and the organisation's logo - been presented to the head of the Investigations Committee's Internal Security Directorate, Mikhail Maksimenko, and was left sitting in his office, Moscow daily Izvestiya reports.
The three were arrested in July, but details of the bugging operation have only just been revealed as their case comes to court. more
But wait!
There's more!
This isn't the first time a Russian samovar has been accused of being a bug.
Check this out. ~Kevin
According to the influential Kommersant newspaper, the Federal Security Service (FSB) planted the bug as part of an investigation into senior officials of the Russian Investigations Committee (SKR) who were said to be taking bribes. The samovar - engraved with the letters "FSB" and the organisation's logo - been presented to the head of the Investigations Committee's Internal Security Directorate, Mikhail Maksimenko, and was left sitting in his office, Moscow daily Izvestiya reports.
The three were arrested in July, but details of the bugging operation have only just been revealed as their case comes to court. more
But wait!
There's more!
This isn't the first time a Russian samovar has been accused of being a bug.
Check this out. ~Kevin
Wednesday, October 5, 2016
Business Espionage: Houston Fortune 500 Energy Company Invaded Twice
The Federal Bureau of Investigation says it is looking into the theft of intellectual property from a Fortune 500 company in Houston’s energy corridor.
The company has asked to not be identified for security reasons, but the FBI wants to know why the man took several items from the business during its off-hours last year.
The man was caught on camera during the theft and during another burglary attempt at the same company.
According to the FBI, at approximately 3 a.m. on June 25 the burglar gained unauthorized access into the building through a defective door. After spending a couple of hours inside, the man exited with property belonging to the company and its employees.
On Dec. 30, the same man attempted to enter the same Fortune 500 Company. This time, the man was unable to get into the secure area of the building. He stole a security radio from a desk in the lobby on his way out. more
As IT security becomes better, intrusion, theft and the planting of bugging devices will increase. Conduct periodic technical surveillance countermeasures (TSCM) to reduce opportunities and risk. Read the Facilities Management article, How to Handle Counterespionage to learn how. ~Kevin
The company has asked to not be identified for security reasons, but the FBI wants to know why the man took several items from the business during its off-hours last year.
The man was caught on camera during the theft and during another burglary attempt at the same company.
According to the FBI, at approximately 3 a.m. on June 25 the burglar gained unauthorized access into the building through a defective door. After spending a couple of hours inside, the man exited with property belonging to the company and its employees.
On Dec. 30, the same man attempted to enter the same Fortune 500 Company. This time, the man was unable to get into the secure area of the building. He stole a security radio from a desk in the lobby on his way out. more
As IT security becomes better, intrusion, theft and the planting of bugging devices will increase. Conduct periodic technical surveillance countermeasures (TSCM) to reduce opportunities and risk. Read the Facilities Management article, How to Handle Counterespionage to learn how. ~Kevin
Friday, September 30, 2016
Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks
Attackers used an army of hijacked security cameras and video recorders to launch several massive internet attacks last week, prompting fresh concern about the vulnerability of millions of “smart” devicesin homes and businesses connected to the internet.
The assaults raised eyebrows among security experts both for their size and for the machines that made them happen. The attackers used as many as one million Chinese-made security cameras, digital video recorders and other infected devices to generate webpage requests and data that knocked their targets offline, security experts said. It is unclear whether the attackers had access to video feeds from the devices.
more
The assaults raised eyebrows among security experts both for their size and for the machines that made them happen. The attackers used as many as one million Chinese-made security cameras, digital video recorders and other infected devices to generate webpage requests and data that knocked their targets offline, security experts said. It is unclear whether the attackers had access to video feeds from the devices.
Click to enlarge. |
"The Cone of Silence" ...as invented at MIT
Once heralded as an ingenious design strategy for saving money and fostering collaboration, the open-plan office has fallen from grace.
It's increasingly viewed by employees as a stressful, noisy nuisance, but with real estate prices soaring, it's not an easy trend for many companies to reverse. That's why some of the best solutions have been small-scale interventions that reconfigure existing open-plan spaces to fit employees' needs in the moment.
But ask Skylar Tibbits to design a reconfigurable space for your open office and you're going to get a whole different animal. That's what happened after Drew Wenzel, a civil and environmental engineer who is part of the campus development team at Google, met Tibbits and started collaborating with him earlier this year...
The lab's latest project brings its wild material experimentation to the everyday office: a wooden pod that lowers down from the ceiling and expands into a temporary work space. Born out of a conversation Tibbits had with Wenzel and others at Google, the transformable workspace offers a real-world application of the lab's future-focused work. more
Could also be used to secure open-area desks and cubicles from after-hours snoops. ~Kevin
It's increasingly viewed by employees as a stressful, noisy nuisance, but with real estate prices soaring, it's not an easy trend for many companies to reverse. That's why some of the best solutions have been small-scale interventions that reconfigure existing open-plan spaces to fit employees' needs in the moment.
But ask Skylar Tibbits to design a reconfigurable space for your open office and you're going to get a whole different animal. That's what happened after Drew Wenzel, a civil and environmental engineer who is part of the campus development team at Google, met Tibbits and started collaborating with him earlier this year...
The original Cone of Silence. |
Could also be used to secure open-area desks and cubicles from after-hours snoops. ~Kevin
Subscribe to:
Posts (Atom)