Thursday, December 29, 2016

Flying Tom's Last Peep

UAE - A 28-year-old man died after falling from a high rise building in Sharjah, in the United Arab Emirates, 
while spying on ladies living in the opposite building. The witness told police that the deceased fell due to imbalance while standing and looking into the rooms of the ladies.

Sharjah Police said that they received a call about the incident at the operation room and soon arrived at the site. The man was found dead in a pool of blood. He was rushed to Al Kuwaiti Hospital and then to forensic laboratory. more

Warsaw Waiter Wiretapping

Poland – A Polish court has sentenced a businessman and two waiters convicted in the illegal wiretapping of top Polish politicians in Warsaw restaurants to prison terms.

The court set a prison sentence of 2½ years to Marek Falenta, the businessman convicted of masterminding the wiretapping, and lesser sentences to two waiters involved. A third waiter must pay a fine.

The release of those tapes sparked a political scandal in 2014 that contributed to the loss of power last year of Civic Platform, the centrist party that governed Poland for eight years. more

Extra credit: Service Included: Four-Star Secrets of an Eavesdropping Waiter

Mobile Security: The InfoWorld Deep Dive

As iPhones, iPads, and Android devices become increasingly standard business equipment, IT organizations struggle on how to manage and secure them, and the data that runs through them.

Click to enlarge.
This guide, available in both PDF and ePub editions, explains the security capabilities inherent to each major mobile platform and where using third-party tools make sense -- and where they don't.

It also walks you through the factors to consider in terms of risk for your corporate data, and outlines a rational way to protect that data without getting tied up in knots.  more

Click to enlarge.

Wednesday, December 21, 2016

Android Phones (700 Million) Have Spying Firmware Pre-installed

The term “mobile phone security” is something of a joke these days, with the number of exploits, bugs, and breaches that are endlessly assaulting us and putting our personal information at risk. So, when security outfit Kryptowire sounded the alarm on Chinese company Adups for using its pre-installed apps to spy on Android users with Blu smartphones, it wasn’t exactly a shock.

Now, however, the impact of Adups alleged spying is growing in magnitude, and it’s dragging other Android device manufacturers into the quagmire.

Adups is a company that facilitates over-the-air updates for mobile devices, so its firmware is pre-installed on lots of devices. However, the firmware does much more than it claims, and has the ability to snoop in areas that it shouldn’t, and without the user ever knowing. That information can then be collected by Adups for whatever purposes it desires.

Trustlook, another digital security firm, dug deeper on what devices utilize Adups and could be used by the Chinese company to scrape your private information, and the list is absolutely massive. Trustlook says that over 700 million Android smartphones have Adups firmware installed that puts the user at risk of having text messages, call histories, and device information collected without their knowledge or consent. more

Recorder Found Hidden in the End of a Flashlight

via John Van de Luijtgaarden

"I was just asked to confirm a finding... Got a message with a bad picture of a round black "thingie" inside the end part of a Mag-Lite.

I immediately recognized this one as the EDIC type 16 recorder (B30 model). It is now to wait for the exact type and how much it has been recording. It's memory capacity can run up to a 300 hours sadly the battery cannot.



A great hiding place for a naughty tool in a strategic place !! The Security main office / control room... Keeping you informed"

Last Minute Holiday Gifts for Your Favorite PI

Ho, ho, ho.

more more button video

Monday, December 19, 2016

Reality Spyware Documentary - Find My Phone

What happens to a smartphone after it's stolen? That was the question that a film student in Amsterdam had in mind when he produced a short documentary about a smartphone thief and their stolen goods. On the surface, it might not sound like the most avant-garde idea out there. But here's what made it interesting: the student procured material for his documentary by spying on the thief using a bugged smartphone.

The student, a certain Anthony van der Meer, intentionally had a phone of his stolen – one that he loaded with software called "Cerberus."

As The Next Web reported, the software gave him access to the device location, its features, and its contents – all of which he could retrieve when he wanted. The software also allowed him to make use of the phone's camera and microphone so he could spy on the thief.


For 2 weeks, that's exactly what der Meer did. He spied on the thief, tracking his moves, which resulted in the documentary posted above called Find My Phone – almost the namesake of the Apple app "Find My iPhone" used to find one's phone or disable it after being stolen. more

Excellent work, Anthony! ~Kevin

Vintage "Spy" Ads

  

Spying Feeds the Monkeys ...in real life

Do Not Feed The Monkeys: Voyeuristic Spying Game Launches In 2017

from the press release...
“We all have a natural tendency to wonder about other people’s lives. Sometimes the best stories are kept secret … all in the name of privacy. It begs the question: Why miss out on life’s best experiences because they’re not your own? We’re trying our hand at an answer with Do Not Feed the Monkeys. Hope you enjoy the ride!” more

There's a New Law in Town - Wiretapper Bounty Hunter

The Seventh Circuit revived wiretap claims against a woman who used an email-autoforwarding program to show that the husband she was divorcing had cheated on her.

In a concurring opinion, U.S. Circuit Judge Richard Posner questioned the usefulness of allowing litigants to use the wiretapping law as a means of concealing misconduct.

“I don’t understand why law should promote dishonesty and deception by protecting an undeserved, a rightly tarnished, reputation,” Posner wrote.

Posner also found it relevant that adultery is illegal in Illinois, where the Epsteins are divorcing.

We might compare Mrs. Epstein to a bounty hunter — a private person who promotes a governmental interest,” he wrote. “She has uncovered criminal conduct hurtful to herself, and deserves compensation, such as a more generous settlement in her divorce proceeding.” more

Security Scrapbook Tip # 519 - Avast Ye Porch Pirates

Shipping companies like FedEx and UPS expect to deliver a record number of packages this holiday season...
Law enforcement officials are concerned that a record number of thieves could be following the trucks and attempting to steal the packages from porches before customers get home...

Hoping to stop "porch pirates" from taking packages, Seattle entrepreneur Michael Grabham invented a Frisbee-sized device called The Package Guard.
When delivery drivers place parcels on top of the $69 device, customers receive an alert via text message, email, or through an app. If a thief tries to remove the packages from the pressure-sensitive pad, a piercing alarm sounds.

The device can also be set up to send electronic alerts to neighbors if a theft is underway, according to the company’s website. more

Thursday, December 8, 2016

TSCM Team Finds "Plug Bug" Eavesdropping Device

Japan - An eavesdropping device was found in a waiting room for conservative members of the Mito Municipal Assembly, local city government officials and other sources told the Mainichi Shimbun on Dec. 7.

Example of a "Plug Bug"
Ibaraki Prefectural Police seized the device and are investigating the case which they suspect could constitute trespassing into the building and violation of the Radio Act.

According to Mito Government officials, it was tipped off about the bug on Dec. 6.

Specialized workers hired by the local government began searching for the device from the evening of Dec. 7 and found it in a waiting room for three assembly members from "Suiseikai" -- a conservative parliamentary group -- on the first floor of the temporary two-story prefabricated assembly building. The bug plugs into an electric outlet. more

The example shown operates like a cell phone, but looks (and also operates) as a USB charger. It is powered 24/7, and may be called from a cell phone anywhere in the world. BTW, it can  also automatically call the eavesdropper when it detects sound. Available on eBay for $14.79. 

Don't you think its time to have your offices and conference rooms checked? ~Kevin

Business Espionage: ThyssenKrupp AG Technical Trade Secrets Stolen

Germany - Technical trade secrets were stolen from the steel production and manufacturing plant design divisions of ThyssenKrupp AG in cyber attacks earlier this year, the German company said on Thursday.

"ThyssenKrupp has become the target of a massive cyber attack," the industrial conglomerate said in a statement.

In breaches discovered by the company's internal security team in April and traced back to February, hackers stole project data from ThyssenKrupp's plant engineering division and from other areas yet to be determined, the company said. more

Most "cyber" attacks are made possible by internal security vulnerabilities. Regular information security audits conducted by independent consultants greatly reduce this risk. ~Kevin

Chatty Kathy's Grandkids May be Criminals

Internet-connected toys pose privacy risks to children, and their parents often aren’t aware, according to advocacy groups for children and consumers.

A complaint filed Tuesday with the Federal Trade Commission alleges that two talking dolls—My Friend Cayla and I-Que Intelligent Robot, both made by Genesis Toys Inc.—collect and use personal information from children in violation of rules prohibiting unfair and deceptive practices.

The complaint was drafted by several groups, including the Campaign for a Commercial Free Childhood, a coalition of groups dedicated to ending child-targeted marketing, and Consumers Union. The groups also filed complaints with data protection, consumer protection and product safety regulators for the European Union, France, the Netherlands, Belgium, Ireland and Norway. more grandma

Monday, December 5, 2016

Pharmacy Bandits Nailed by GPS Cough Syrup

CA - The suspects had no idea that the bottle of cough syrup perched on a shelf at a Tustin pharmacy contained something more than cough relief. 

It wasn’t until the nondescript package was removed from the small Newport Avenue business by burglars that its secret ingredients went to work.

Concealed inside the bottle of cough syrup was a GPS device that began tracking the medicine thieves’ every move, according to police investigators...

Tustin police spokesman Lt. Robert Wright said investigators decided to drop the small piece of technology into a bottle of cough syrup after a half-dozen pharmacy burglaries this year. more