Thursday, November 10, 2016

Wiretapping & Electronic Surveillance - The IT Spy Guy v. Estranged Wife

PA - An employee of a midstate county faces charges of spying on his estranged wife.

36-year-old David Randall Maurer - who works for the Dauphin County information technology department - is charged with violating the wiretapping and electronic surveillance act.

State Attorney General Bruce Beemer alleges that Maurer installed spyware monitoring software that captured key strokes, screenshots and websites that his estranged wife visited on her laptop.

He allegedly used the information to log into her private email and Facebook accounts. more

Business Espionage: Bugger Caught in the Act

UK - A camera recording with audio was found under a chair during a private meeting of MPs. 

British sportswear company Sports Direct was being paid an unannounced visit by members of the House of Commons’ Business Select Committee. The MPs were there to insure that good working practices were being upheld by the company.

The MPs gave Sports Direct a one-hour warning before arriving, part of a long-running investigation into conditions at the company. During their visit, they were having a private meeting over lunch to discuss their findings. It was then that Labour MP Anna Turley spotted a staff member hiding a camera in the room where they were meeting. 

Turley says a woman came into the room to bring sandwiches to the MPs, then she crouched down to hide a camera under a chair. “I saw her trying to arrange it to get the best angle so that they could video us up at the board table and listen to what we were saying.” more

The device was identified as a small Go-Pro camera, which records excellent audio as well as video. ~Kevin

Kevin's Security Scrapbook Reaches One Million Pageviews

...actually 1,001,644 as of today.
Thank you!
~Kevin

Friday, November 4, 2016

Bugging Devices Found at Iran Nuclear Talks Hotel, Say Swiss Officials

A number of computers at a five-star Geneva hotel that has hosted sensitive talks, including Iranian nuclear negotiations, were found to be infected with malware used for espionage, Swiss prosecutors have revealed...

The long-running nuclear talks were a magnet for the world’s intelligence agencies as they sought to find out more about the Iranian nuclear programme and the negotiating positions of the six nations involved.

When the talks shifted to a luxury hotel in Vienna, the microwave radiation from the surveillance efforts of competing intelligence agencies was so intense that diplomats had to walk some distance from the venue to use their mobile phones.

The US secretary of state, John Kerry, would take walks with his Iranian counterpart, Mohammad Javad Zarif, in what was seen as a publicity stunt, but which was also a practical means of dodging electronic bugs.

When diplomats attending talks in Lausanne wanted to call their capitals, they would stroll around the grounds of the venue, another five-star hotel, rather than call from their rooms. more

Happy 64th Birthday NSA

The National Security Agency celebrates its 64th birthday today.

The agency was established on Nov. 4, 1952, by President Harry Truman in the wake of World War II.

More information about NSA and its history is available online at nsa.gov.

Thursday, November 3, 2016

IoT - Hackers Get A Bright Idea

The so-called Internet of Things, its proponents argue, offers many benefits...

Now here’s the bad news: Putting a bunch of wirelessly connected devices in one area could prove irresistible to hackers. And it could allow them to spread malicious code through the air, like a flu virus on an airplane.

Researchers report in a paper to be made public on Thursday that they have uncovered a flaw in a wireless technology that is often included in smart home devices like lights, switches, locks, thermostats...

The researchers focused on the Philips Hue smart light bulb and found that the wireless flaw could allow hackers to take control of the light bulbs...

That may not sound like a big deal. But imagine thousands or even hundreds of thousands of internet-connected devices in close proximity. Malware created by hackers could be spread like a pathogen among the devices by compromising just one of them. more

UPDATE
This Virus Automatically Kills Smart Light Bulbs
A group of researchers says they found a way to have a self-replicating worm spread through internet-connected lightbulbs, turning them them off, bricking them, or make them all turn on and off multiple times to disrupt the electric grid. “A single infected lamp with a modified firmware which is plugged-in anywhere in the city can start an explosive chain reaction in which each lamp will infect and replace the firmware in all its neighbors within a range of up to a few hundred meters,” the researchers wrote in the paper. more

Tuesday, November 1, 2016

Business Espionage Trick #763 - The CD VD

A cautionary tale...

Telephone pitch
A senior prosecution source in Tel Aviv told the BBC that Ruth Haephrati was the expert at implanting the trojan into the unknowing victims office computer system.

He said she would contact a senior executive proposing a bogus business deal.

She would start with a telephone pitch, before offering to send more detailed information on a CD.

She stressed that the offer was so commercially sensitive that only the executive should open it.

Once the CD was installed, the trojan was let loose, but the company and the executive were none the wiser.

The Haephratis were jailed earlier this year.

But the techniques the Haephratis used are being adapted by others. more

Friday, October 28, 2016

A Spy's House with a 007 Connection—For Sale

NY - This Long Island estate at 189 Terrace Lane in Upper Brookville
was once owned by English novelist Ian Fleming’s dear friend Ivar Felix C. Bryce — a real-life British spy and, in Fleming’s James Bond books, 007’s best friend, Felix.

The 6,800-square-foot, five-bedroom brick mansion was built in 1917 as a carriage house for the 90-acre Mill River Farm estate. Fully restored, it’s now on the market for $2.99 million. The Bryces bought the estate in 1936 and renamed it Farlands Estate. more

AT&T Requires Police to Hide Hemisphere Phone Spying

AT&T built a powerful phone surveillance tool for police, called Hemisphere. Every day, AT&T adds four billion call records to Hemisphere, making it one of the largest known reservoirs of communications metadata that the government uses to spy on us. Law enforcement officials kept Hemisphere “under the radar” for many years—hidden from courts, legislators, and the general public—until the New York Times exposed the program in 2013...

New documents published by The Daily Beast earlier this week reveal that AT&T required this corrosive secrecy. Specifically, the contract AT&T prepared for police seeking access to Hemisphere provides:
[T]he Government agency agrees not to use the data as evidence in any judicial or administrative proceedings unless there is no other available and admissible probative evidence. The Government Agency shall make every effort to insure that information provided by the Contractor is non-attributable to AT&T if the data is provided to a third-party.
In other words, the first rule of Hemisphere is: you do not talk about Hemisphere. more

Former Rutgers Student Pleads Guilty in Webcam Spying Case

NJ - A former Rutgers University student accused of spying on his gay roommate, who later committed suicide, pleaded guilty Thursday to a reduced charge, ending a long-running case that drew international attention to cyberbullying.

The former student, Dharun Ravi, now 24 years old, streamed video of his roommate, Tyler Clementi, and another man during a sexual encounter in their dorm room in September 2010. Mr. Ravi pleaded guilty in New Jersey’s Superior Court to one felony count of attempted invasion of privacy, the Middlesex County Prosecutor’s Office said. more

"Mr. Bond, you're fired."

Here’s some news that could leave James Bond feeling shaken and stirred: The head of Britain’s top spy agency doesn’t want to hire him.

Alex Younger, the real-life head of M16, the British intelligence agency where the fictional super spy works, tells the British website Black History Month that Bond doesn’t have the qualities he wants for his spies.

“In contrast to James Bond, MI6 officers are not for taking moral shortcuts,” Younger told the website. “In fact, a strong ethical core is one of the first qualities we look for in our staff.”

Although Bond has managed to get through scrapes that would kill many real spies, Younger thinks he’d be weeded out early.

“It’s safe to say that James Bond wouldn’t get through our recruitment process and, whilst we share his qualities of patriotism, energy and tenacity, an intelligence officer in the real MI6 has a high degree of emotional intelligence, values teamwork and always has respect for the law… unlike Mr Bond!” more

Agent Kingfisher Dead - Just Coincidence? - You Decide

Serial protester and spy enthusiast...
who called himself 'Agent Kingfisher' and disrupted a royal James Bond premiere suffers ‘unexplained’ death days after he was caught urinating in the MI5 foyer. more

Iceland's Pirate Party Prepares for Power

The party that could be on the cusp of winning Iceland’s national elections on Saturday didn’t exist four years ago.

Its members are a collection of anarchists, hackers, libertarians and web geeks. It sets policy through online polls – and thinks the government should do the same. It wants to make Iceland “a Switzerland of bits,” free of digital snooping. 

It has offered Edward Snowden a new place to call home. And then there’s the name: in this land of Vikings, the Pirate Party may soon be king...

The Pirates, they say, are less about any specific ideology than they are about a belief that the West’s creaking political systems can be hacked to give citizens a greater say in their democracy. more

Thursday, October 27, 2016

IoT Takes Down the Net — "Wow, didn't see that coming."

If you followed this blog you would have. The topic has been in the Scrapbook for years.

https://s-media-cache-ak0.pinimg.com/originals/1d/63/5d/1d635d655d79ea7ac9f38beeccf7ec73.gifThe IoT insecurity trend has been building for a long time. Few paid attention. When it knocked out the Internet people start taking notice.

Let's review a few of the old posts. Then, imagine a month without the electrical grid.

2009 Video over IP. Convenient, but not secure.
2011 Security Director Alert: Unsecured Webcams Hacked
2011 Man Hacks 100+ Webcams and Makes Blackmail Videos
2011 Scared of SCADA? You will be now...
2012 SpyCam Story #647 - Unintended Exhibitionists
2013 Shodan - The Scary Search Engine
2013 Baby Cam Hackers Can See You, Hear You, and Talk to You... and Your Kids
2013 The Ratters - men who spy on women through their webcams
2013 Spybusters Tip #972 - Own a Foscam camera? There is a security update for you!
2015 Is Your Home Security System Putting You at Risk? ...news at eleven.
2015 Some Top Baby Monitors Lack Basic Security Features
2016 FutureWatch - Keep Your Eye on IoT - The Encryption Debate is a Distraction
2016 Do You Have an IoT in the Workplace Policy? (you need one)
2016 Security Alert: Your Security Camera May Have Friends You Don't Know About
2016 Your New IoT Ding-Dong Can Open Your Wi-Fi... to hackers
2016 Security Director Alert - 46,000 Internet-accessible Video Recorders Hackable
2016 Mom Alerted - Daughters' Bedroom Nanny Cam Streaming on Internet
2016 Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks 

Lawmakers, force the manufacturers of these devices to a higher security standard. ~Kevin

Tuesday, October 25, 2016

O.S.S. Heros Honored ...except by Congress

In February 1945, a small group of personnel assigned to the Office of Strategic Services, the wartime spy agency, scrambled to prepare for a particularly risky mission: inserting a team of agents deep behind Nazi lines with the goal of gleaning crucial enemy information.

For a host of reasons, the proposed operation seemed like a suicide mission. The area targeted for dropping the three-man team into Nazi territory was high in the Austrian Alps, surrounded by towering peaks and flanked by antiaircraft weaponry. Even if the drop went as planned, some of the spies tapped to infiltrate enemy ranks were European-born Jews, increasing the dangers they faced.

After the Royal Air Force refused the dangerous mission, code-named Operation GREENUP, John Billings, then a lieutenant in the U.S. Army Air Corps, was given the job.

Billings and other veterans who made possible some of World War II’s most daring spy missions were among those honored this weekend by the OSS Society
, a group that includes former OSS members and members of the U.S. intelligence, military and Special Operations communities.

In addition to Billings, Gaetano Rossi and Caesar Daraio, two then-sergeants who were part of operational groups made up of Italian American volunteers, were honored with OSS Society awards for their work advancing the Allied cause during World War II. Also honored at this year’s “spy ball” was David Cohen, who served as director of operations at the CIA and as a senior intelligence official with the New York City Police Department, and retired Gen. Norton A. Schwartz, former Air Force chief of staff.


After retiring from the military as a captain, Billings became a commercial pilot. At age 93, he still pilots a Cessna Cutlass. Most of the time he flies “angel flights,” transporting people in need of medical attention.

The OSS Society is advocating passage of a proposed measure that would honor the wartime spies, which so far has not gained required congressional support.
The proposal, which would award living OSS veterans the Medal of Honor, has stalled in the House.*  more

*You can help get this bill passed. It's easy. Click here, see top right corner.

The OSS Society is a 501(c)(3) charitable organization. All donations are tax deductible to the fullest extent of the law. Membership in The OSS Society is available to OSS veterans, their descendants, current and former members of the U.S. intelligence community and U.S. Special Operations Forces, and people who are interested in General Donovan's "unusual experiment" - the Office of Strategic Services.

The OSS Society®
7700 Leesburg Pike, Ste. 324
Falls Church, VA 22043
Phone: 703-356-6667
Email: