Wednesday, February 15, 2017

Security Director Alert: Must See Video About Printer Security

My team and I have been giving the IT folks nightmares about this for years. 
Now, you can too!
Watch this... 
~Kevin

At a time when hacking dominates much of the news, HP is turning to Mr. Robot himself to highlight its new security platform designed to protect business printers. The Palo Alto-based company has tapped Christian Slater for a year-long digital series called "The Wolf" in order to draw attention to cybersecurity in the workplace.

"Sheep never realize a wolf's around until it's too late. Then they do exactly what the wolf expects them to do. They run into each other, they fall down—they become dinner. Time to eat," says a spectacled Mr. Slater in the series' 30-second trailer.


The first six-minute episode shows the actor lurking outside offices, sending sheep cartoons to oblivious workers, crashing birthday parties and sending suspicious spa gift certificates via email. At one point, he even howls. more

Tuesday, February 14, 2017

Today Only - "Q" Gadgets from WWII up for Auction

James Bond's gadgets may seem far-fetched, but they do have a basis in fact as an auction in Kent, UK shows.

C & T Auctioneers is running an online auction through February 14 that includes a collection of authentic "Q" gadgets from the Second World War and beyond that were used by spies behind enemy lines and to help Allied POWs escape and evade capture.

During the Second World War, Britain's Special Operations Executive (SOE) was tasked by Prime Minister Winston Churchill to "set Europe ablaze" by dropping agents behind Axis lines to carry out espionage and sabotage as well as coordinating resistance movements. But they didn't go unarmed.

Thanks to Charles Fraser-Smith (Ian Fleming's inspiration for the character Q), SOE agents were equipped with gadgets to help them in their clandestine work. At the C&T auction, five of the eight items on sale were made for the SOE. more

Sunday, February 12, 2017

Your New U.N.C.L.E. — Private Sector Intelligence Firms

UK - Private intelligence companies are part of a booming business in London and the British government complains it is having trouble retaining talented agents who are being drawn by high salaries and more growth opportunities in a blossoming industry estimated to be worth $19 billion.

Yesterday's Intelligence Office Entrance
“Our mission is to fill a gap of knowledge or information in any situation,” said Patrick Grayson, founder and CEO of GPW, a respected mid-sized London intelligence firm. “There’s always something people should or could know in addition to what they do know. Our job is to answer that question. To fill that gap in knowledge.”

With legal firms as their key clients, Gray’s company has set up shop on London’s Chancery Lane in the heart of the city’s legal district, where solicitors and judges dressed in the traditional court garb that includes white wigs and black robes can be seen walking between the courts and their offices in the medieval Inner Temple area...

Today's Intelligence Office Entrance
“Britain has been a very fertile place for information, intelligence gathering, and that has to do with our position in the globe, the British tradition of exploring foreign parts and relying on accurate information to expand its interests,” said Grayson.

Getting that accurate information requires tools that are reminiscent of the movies. Gear commonly used include jamming equipment to ensure that boardroom discussions are not being recorded and bug-searching devices...

Observers say the British government faces a brain drain as agents employed by police forces, the military and civilian intelligence agencies leave their jobs for better paying positions in private sector firms that often bill at rates of more than $1,000 an hour. more

Security Director Alert: Site Seeing In China - Not All Sites Can Be Seen

Traveling to China? 

Need to connect with specific websites?

Check to see if you will be able to connect.

The New York Times is an example of one popular site which is blocked.

Fortunately, GreatFire.org has a work-around for this, and other helpful tips.

Check here for our 20 additional traveler's tips. ~Kevin

Thursday, February 9, 2017

Eavesdrop on Elevators

Did you know that some elevators talk to their bosses?

Yes, machines do have a secret life.
Eavesdrop on one.
Fascinating!

Workplace Eavesdropping - Time to Consider a Recording in the Workplace Policy

PA - A Fayetteville man is accused of secretly recording a conversation regarding a workplace dispute and posting the recording on Facebook.

John Frederick Richards III, 54, is charged with felony intercepting communications and "disclose intercepted communications," according to court documents. more

A Spycam Detection Program & Recording in the Workplace Policy is available here.

P.S. If you are going to break eavesdropping laws,  don't post the evidence on Facebook. ~Kevin

Wednesday, February 8, 2017

FutureWatch: Powerless Bugs or Teslabestiola II (update)

Back in 2013, the Security Scrapbook alerted you to Ambient Backscatter as a developing technology with extreme potential, including electronic surveillance / eavesdropping. 

At that time I said, "Ambient Backscatter research is in its infancy. Imagine the possibilities. Technical espionage could see its biggest advancement since the transistor."

Today, Jeeva Wireless, is developing this technology and is about to come out of stealth mode. 

The technology is so interesting, NASA has posted Federal contract opportunity NND1710133Q, "a sole source contract under the authority FAR 13.106-1(b)(1)(i)."

Here is the update...


"A group of University of Washington engineers has raised capital to develop and commercialize a power-efficient way to generate WiFi transmissions.


Jeeva Wireless just reeled in a $1.2 million round, co-founder Shyamnath Gollakota confirmed with GeekWire. He declined to provide more details about the cash and how Jeeva will use it, as the Seattle startup is still in stealth mode.

The company’s co-founders are the same UW researchers who co-authored a study last year for a Passive Wi-Fi system that can generate WiFi transmissions using 10,000 times less power than conventional methods.

Not even low-power options such as Bluetooth Low Energy and Zigbee can match the system’s energy efficiency, based on the study that earned the UW team a place on MIT Technology Review’s top-ten list of breakthrough technologies in 2016. With the fresh funding, it appears that the company is ready to commercialize its innovation" more

This Month's SpyCam Darwin Award - Shot While Spycaming

NY - An Erie County man has been arrested after spying on his neighbors with his cell phone.

Investigators said David Schindley's phone had more than 50 videos held closely to the windows of bedrooms, bathrooms or other rooms. The videos go back to this past October.

Schindley was taken into custody on Sunday after he was shot by a homeowner on the 500 block of Bald Eagle Drive. Deputies said the homeowner heard a noise and thought Schindley was trying to break into his home.

Schindley was shot in the leg, the homeowner who shot the suspect was not charged. more

Television-Spying Case - Vizio to Pay $2.2 Million

The Federal Trade Commission said Monday that Vizio used 11 million televisions to spy on its customers.

The company agreed to pay $2.2 million to settle a case with the FTC and the New Jersey attorney general’s office after the agencies accused it of secretly collecting — and selling — data about its customers’ locations, demographics and viewing habits.

“Before a company pulls up a chair next to you and starts taking careful notes on everything you watch (and then shares it with its partners), it should ask if that’s O.K. with you,” Kevin McCarthy, an attorney with the FTC’s Division of Privacy and Identity Protection, wrote in a blog post. “Vizio wasn’t doing that, and the FTC stepped in.”

As part of the settlement, Vizio neither confirmed nor denied wrongdoing. more

All Black's Bugging Scandal - Update

Australia - The security guard accused of fabricating the All Blacks hotel bugging scandal that rocked last year’s Bledisloe Cup has vehemently denied any wrongdoing saying: “I don’t know anything about this ­stupid bloody bug.”

Gravel-voiced Adrian Gard, 51... was charged with public mischief after a listening device was unearthed in the All Blacks’ team meeting room at the InterContinental in Double Bay...

Gard, who has 31 years’ experience in the security industry, is at the centre of a bizarre cloak and dagger scandal after a device similar to that used by law enforcement and spying agencies was discovered in a routine sweep of the team’s meeting room in August ahead of the clash with Australia. It was reportedly found in the foam of a chair...

Police will allege the security chief, who has protected the All Blacks for more than 10 years, claimed he “found” the device but investigators do not believe it was stuffed in a chair.

Gard, from Brisbane, will face court next month for the offence which relates to providing police with false information carrying a maximum 12-month sentence. more

Tuesday, February 7, 2017

Sad Story of the Beaten Bean Counter, or Wiretap Whistleblower Wasted

The Ninth Circuit on Monday dealt a final blow to a career prosecutor whose whistleblower lawsuit claimed the nation’s largest telecommunications bilked the federal government for surveillance services for two decades. 

The Ninth Circuit panel affirmed dismissal of prosecutor John Christopher Prather’s whistleblower suit...

He said the reduced labor should have lowered costs, but that the telecoms began charging law enforcement agencies, including the FBI and the Justice Department, fees 10 times higher than they should have been.

Prather, who reviewed the telecoms’ rate sheets and developed surveillance budgets as part of his duties supervising wiretapping activities, grew suspicious, and filed a qui tam action in 2009 under the False Claims Act. more previously in the Security Scrapbook

All Blacks Bugging: Man Charged

A man, understood to be a security consultant for New Zealand's All Blacks rugby team, has been charged over a listening device found in the team's Sydney hotel room during last year's Bledisloe Cup.

The device — described as similar to that used by law enforcement and spy agencies — was found inside a chair during a routine security search of the team's meeting room at the Intercontinental Hotel at Double Bay ahead of a Bledisloe Cup match against Australia last year.

Adrian Gard, 51, is understood to be a consultant for BGI Security which was contracted by the All Blacks during their Bledisloe Cup campaign.

He has been charged with public mischief over the bugging incident. more

Monday, February 6, 2017

Car Wars: Fifty Years of Backstabbing Infighting And Industrial Espionage (book)

Car Wars - An "astonishing...eye-opening chronicle" (Publisher's Weekly) of backstabbing, infighting, and industrial theft and espionage in the world's biggest business. It makes empires; it destroys economies; it shapes history.

Welcome to the world's biggest business--the automobile industry. A hundred years ago there were six highly experimental cars. Today there are close to 400 million cars on the planet: set bumper to bumper on a six-lane highway, they would stretch well over 200,000 miles, more than eight times around the earth.

With hundreds of billions of dollars at stake, is it any wonder that the major car companies wage a relentless war against one another, where (almost) anything goes? Here is the story of all the schemes and deceits, treacheries and shady deals in the battle for the world's car markets since the dawn of the global economy fifty years ago. more

The James Bond Movie Director Who Actually Was A Spy

That James Bond creator Ian Fleming drew literary inspiration from his wartime work in espionage is relatively well known. But the heroic World War Two exploits of the director of Bond films including Goldfinger and Live and Let Die are less well documented. more

Guy Hamilton's daring exploits can be relived on Inside Out South West on BBC One on Monday 6 February at 19:30 BST and on the iPlayer for 30 days thereafter

Security Director Alert - Check the Security of Your Networked Printers

Following recent research that showed many printer models are vulnerable to attacks, a hacker decided to prove the point and forced thousands of publicly exposed printers to spew out rogue messages.

Stackoverflowin claims to be a high-school student from the U.K. who is interested in security research...

The issue of publicly exposed printers is not new and has been exploited before to print rogue and sometimes offensive messages. However, the issue was renewed last week when researchers from Ruhr-University Bochum in Germany published a paper on different attacks against network printers and an assessment of 20 printer models. The researchers also released a Printer Exploitation Toolkit and published a printer hacking wiki.

Users should make sure that their printers can't be accessed through a public Internet Protocol address at all, Stackoverflowin said. However, if they need to do this, they should enforce access rules in their routers and only whitelist certain IP addresses, or set up a virtual private network, he said. more

I occasionally find networked printers are a back door to company networks. The most common issue is unsecured WiFi access. Have your IT department review this post and then double-check the security of the printers. Or, contact me for a complete technical information security inspection (TSCM). ~Kevin