Friday, February 17, 2017

Security Director Alert: USB Killer Stick II

Remember the USB Killer stick that indiscriminately and immediately fries about 95 percent of devices? (See the Security Scrapbook warning about it from last September.)

Well, now the company has released a new version that is even more lethal! And you can also buy an adapter pack, which lets you kill test devices with USB-C, Micro USB, and Lightning ports.

Further Reading: USB Killer, yours for £50, lets you easily fry almost every device

If you haven't heard of the USB Killer before, it's essentially a USB stick with a bunch of capacitors hidden within. When you plug it into a host device (a smartphone, a PC, an in-car or in-plane entertainment system), those capacitors charge up—and then a split second later, the stick dumps a huge surge of electricity into the host device, at least frying the port, but usually disabling the whole thing...

The new USB Killer V3, which costs about £50/$50, is apparently 1.5 times more powerful than its predecessor, is more lethal (it pumps out eight to 12 surges per second), and is itself more resistant to setups that might cause the USB Killer to fry itself. more

Spybusters Tip #783 - Block your USB ports with a USB lock and security tape. Aside from Killer Stick sabotage, USB ports are virus injection portals.

German Parents told to Destroy Cayla

An official watchdog in Germany has told parents to destroy a talking doll called Cayla because its smart technology can reveal personal data.

The warning was issued by the Federal Network Agency (Bundesnetzagentur), which oversees telecommunications.

Researchers say hackers can use an insecure bluetooth device embedded in the toy to listen and talk to the child playing with it.

Manufacturer Genesis Toys has not yet commented on the German warning. more

Who Was the First Person to Record Sound?

In 1857, Édouard-Léon Scott de Martinville patented a device for recording sound: A person spoke or sang into a barrel, causing a membrane of parchment to vibrate and a pig bristle to record a mark on a moving surface of glass or paper.

This was useful in studying the characteristics of sound, but a century and a half would pass before we had the technology to play back the recordings. In 2008, audio historians recovered Scott’s “phonautograms” from the French patent office and converted his waveforms into digital audio files.


The recording below was made on April 9, 1860. It’s the French folk song “Au clair de la lune,” recorded 28 years before Edison’s first wax cylinder. more

Coals to Newcastle Espionage (not just any coal)

A federal jury on Thursday convicted a Chinese scientist in Kansas of conspiring to steal samples of a variety of genetically engineered rice seeds from a U.S. research facility, the U.S. Justice Department said, the latest attempt at agricultural theft linked to China.

Weiqiang Zhang, 50, a Chinese national living in Manhattan, Kansas, was convicted on three counts, including conspiracy to steal trade secrets and interstate transportation of stolen property, the department said in a statement.

Zhang, who has a doctorate from Louisiana State University, worked as a rice breeder for Kansas-based Ventria Bioscience Inc, which develops genetically programmed rice used in the therapeutic and medical fields.

He stole hundreds of rice seeds produced by Ventria and stored them at his Manhattan residence, the statement said. more

How to tell if Someone is a Spy (infographic)

"One never knows, do one?" ~Fats Waller


Click to enlarge.

Thursday, February 16, 2017

One Expensive GPS Tracker

UK - An “obsessive” dad stalked a woman by placing a tracking device on her car and posted ‘revenge porn’ on Facebook...repeatedly called his victim and turned up at her home and workplace uninvited.

John Wyn Williams, prosecuting, said: “She was advised by the police to check her car and found strapped to the bottom an iPhone used as a tracking device.” more

GPS trackers sell for less than $100. these days. A professional TSCM inspection, priceless. ~Kevin

Fox Sexual Harassment Lawsuit wants to Include Electronic Surveillance

In what were described by National Public Radio’s David Folkenflik as “explosive allegations,” former host Andrea Tantaros claimed Fox News conducted “electronic surveillance” and potentially “violated securities laws by not reporting [lawsuit] settlements to the Securities and Exchange Commission.”

The allegations of surveillance and securities fraud originate from a sexual harassment lawsuit filed in 2016 by Tantaros naming Fox News, Ailes, and on-air personalities Scott Brown and Bill O’Reilly, “alleging retaliation by Ailes after she tried to complain about harassment.” Tantaros has spoken out about the “pervasive … culture of misogyny and sexism” at Fox News, and claimed that she was sexually harassed by Ailes “numerous times.”

Moreover, the allegations of “electronic surveillance” come on the heels of Fox News’ parent company News Corp’s 2011 phone hacking scandal, and reports that Fox News even “hired a private investigator in late 2010 to obtain the personal home- and cell-phone records of” Media Matters’ own Joe Strupp. Now, according to The Washington Post, Tantaros’ lawyer is accusing Fox of electronic surveillance...

In the hearing, Burstein expressed his wish to amend the Tantaros suit by adding racketeering and electronic surveillance charges — a reference to the intelligence unit once operated by Ailes to spy on Fox News talent and critics. The judge told Burstein that he could not so amend the complaint. more

Spy Radio History - The Rhode & Schwarz ESM500A

This receiver was used by the top government surveillance agencies worldwide during the 1990's (CIA, NSA, GCHQ, BND, etc.) Some countries may still be using it today.

Depending upon the installed options, it would have set the purchaser back from $25,000 to $40,000 USD.

ESM series receivers are highly prized by premium receiver collectors, radio museums, and amateur radio / TSCM enthusiasts. It is is considered to be one of the best communications receivers ever made.

More photos and a chance to own it, here.

Ticketmaster Allegedly Hacked Start-up to Steal Trade Secrets

A startup ticketing company alleged in a legal filing that Live Nation Entertainment Inc., the country’s biggest concert promoter, hacked into its computer systems and stole trade secrets.

The allegations, included in an amended antitrust lawsuit that was originally filed by Brooklyn-based Songkick in 2015, are based on information that the company said came to light in the discovery process.

Filed in U.S. District Court in Los Angeles Wednesday, the complaint alleges that Live Nation’s Ticketmaster unit obtained unauthorized access to Songkick’s computers with the help of an executive who has worked at both companies. more

Spybuster Tip #512 — Change all passwords whenever an employee is terminated or quits. ~Kevin

Samsung Warns its "Smart TV" Listens to Every Word

Samsung has confirmed that its "smart TV" sets are listening to customers' every word, and the company is warning customers not to speak about personal information while near the TV sets.

The company revealed that the voice activation feature on its smart TVs will capture all nearby conversations. The TV sets can share the information, including sensitive data, with Samsung as well as third-party services...

Samsung has now issued a new statement clarifying how the voice activation feature works. "If a consumer consents and uses the voice recognition feature, voice data is provided to a third party during a requested voice command search," Samsung said in a statement. "At that time, the voice data is sent to a server, which searches for the requested content then returns the desired content to the TV." more

How to make your smart-ass TV dumb, by making it deaf and blind. ~Kevin

Wednesday, February 15, 2017

Security Director Alert: Must See Video About Printer Security

My team and I have been giving the IT folks nightmares about this for years. 
Now, you can too!
Watch this... 
~Kevin

At a time when hacking dominates much of the news, HP is turning to Mr. Robot himself to highlight its new security platform designed to protect business printers. The Palo Alto-based company has tapped Christian Slater for a year-long digital series called "The Wolf" in order to draw attention to cybersecurity in the workplace.

"Sheep never realize a wolf's around until it's too late. Then they do exactly what the wolf expects them to do. They run into each other, they fall down—they become dinner. Time to eat," says a spectacled Mr. Slater in the series' 30-second trailer.


The first six-minute episode shows the actor lurking outside offices, sending sheep cartoons to oblivious workers, crashing birthday parties and sending suspicious spa gift certificates via email. At one point, he even howls. more

Tuesday, February 14, 2017

Today Only - "Q" Gadgets from WWII up for Auction

James Bond's gadgets may seem far-fetched, but they do have a basis in fact as an auction in Kent, UK shows.

C & T Auctioneers is running an online auction through February 14 that includes a collection of authentic "Q" gadgets from the Second World War and beyond that were used by spies behind enemy lines and to help Allied POWs escape and evade capture.

During the Second World War, Britain's Special Operations Executive (SOE) was tasked by Prime Minister Winston Churchill to "set Europe ablaze" by dropping agents behind Axis lines to carry out espionage and sabotage as well as coordinating resistance movements. But they didn't go unarmed.

Thanks to Charles Fraser-Smith (Ian Fleming's inspiration for the character Q), SOE agents were equipped with gadgets to help them in their clandestine work. At the C&T auction, five of the eight items on sale were made for the SOE. more

Sunday, February 12, 2017

Your New U.N.C.L.E. — Private Sector Intelligence Firms

UK - Private intelligence companies are part of a booming business in London and the British government complains it is having trouble retaining talented agents who are being drawn by high salaries and more growth opportunities in a blossoming industry estimated to be worth $19 billion.

Yesterday's Intelligence Office Entrance
“Our mission is to fill a gap of knowledge or information in any situation,” said Patrick Grayson, founder and CEO of GPW, a respected mid-sized London intelligence firm. “There’s always something people should or could know in addition to what they do know. Our job is to answer that question. To fill that gap in knowledge.”

With legal firms as their key clients, Gray’s company has set up shop on London’s Chancery Lane in the heart of the city’s legal district, where solicitors and judges dressed in the traditional court garb that includes white wigs and black robes can be seen walking between the courts and their offices in the medieval Inner Temple area...

Today's Intelligence Office Entrance
“Britain has been a very fertile place for information, intelligence gathering, and that has to do with our position in the globe, the British tradition of exploring foreign parts and relying on accurate information to expand its interests,” said Grayson.

Getting that accurate information requires tools that are reminiscent of the movies. Gear commonly used include jamming equipment to ensure that boardroom discussions are not being recorded and bug-searching devices...

Observers say the British government faces a brain drain as agents employed by police forces, the military and civilian intelligence agencies leave their jobs for better paying positions in private sector firms that often bill at rates of more than $1,000 an hour. more

Security Director Alert: Site Seeing In China - Not All Sites Can Be Seen

Traveling to China? 

Need to connect with specific websites?

Check to see if you will be able to connect.

The New York Times is an example of one popular site which is blocked.

Fortunately, GreatFire.org has a work-around for this, and other helpful tips.

Check here for our 20 additional traveler's tips. ~Kevin