PA - Newswatch 16 has learned state police in Susquehanna County have been investigating a possible case of eavesdropping on their own barracks.
The man they've been investigating was one of the lead network techs at the phone company until recently.
At the Gibson state police barracks in Susquehanna County, all kinds of calls come in and out, and many of the phone conversations relate to active criminal investigations.
Back in September, troopers were investigating an alleged assault at Nathan Grover's home near New Milford. That's when someone told them Grover, 28, a self-proclaimed hacker, was eavesdropping on state police...
There are questions over two suspicious "trouble tickets" found during NEP Telephone's internal investigation. One was a request that didn't come from troopers that could essentially route a phone call made to state police anywhere.
Another was trouble on a phone line registered to a man near Nicholson that somehow was connected to the Gibson barracks account. more
Thursday, January 4, 2018
Wednesday, January 3, 2018
Counterespionage Tip # 022: The Encryption & Password Mistake
An excerpt from the Forever 21 press release last week...
This happens frequently on devices which are introduced after the initial set-up of similar devices. It's similar to the not changing the default password syndrome.
Counterespionage Tip # 022: When installing new devices:
You may be surprised how many devices offer password protection and encryption these days...
Security settings on items in your environment should be checked periodically. A knowledgeable Technical Surveillance Countermeasures (TSCM) team can do this for you. It should be part of their inspection for electronic surveillance devices and information security loopholes.
If you don't have a TSCM team already, or are not sure of their capabilities, give me a call. ~Kevin
...After receiving a report from a third party in mid-October 2017 suggesting there may have been unauthorized access to data from payment cards that were used at certain Forever 21 stores, we immediately began an investigation. We hired leading payment technology and security firms to assist. The investigation determined that the encryption technology on some point-of-sale (POS) devices at some stores was not always on... moreThe setting to enable encryption may never have been set to on. If it was, the setting may not have been password protected, thus allowing the encryption to be turned on and off. Costly mistakes.
This happens frequently on devices which are introduced after the initial set-up of similar devices. It's similar to the not changing the default password syndrome.
Counterespionage Tip # 022: When installing new devices:
- Change the default password.
- Review all the settings. Turn off all the eavesdropper and espionage friendly settings.
- Pay particular attention to security-related settings.
- Enable encryption.
- Change the administrator's password if the device has one.
- Deter physical access to internal memory and components using security tape. Check often for tampering.
Removing an unencrypted printer drive for covert duplication. Murray Associates case history photo. |
- Point-of-sale (POS) devices.
- Wi-Fi Access Points.
- Audio and video teleconferencing equipment.
- Networked print centers.
- Stand-alone printers with Wi-Fi capabilities.
- VoIP telephone systems.
- Interactive white boards.
- Fax machines with memory vaults.
- Computers, tablets, mobile phones.
- Manufacturing equipment.
- Medical devices.
- CCTV cameras and recording systems.
Security settings on items in your environment should be checked periodically. A knowledgeable Technical Surveillance Countermeasures (TSCM) team can do this for you. It should be part of their inspection for electronic surveillance devices and information security loopholes.
If you don't have a TSCM team already, or are not sure of their capabilities, give me a call. ~Kevin
Carl Størmer - 1890's Spy Cam Man
These days, when it's so easy to sneak a hidden photo with your phone, we can forget just how unusual candid photography was during the 19th century.
With technological limitation, our first photographs are mainly seated posed images that somehow give the impression that everyone in the 1800s was elegant and composed. But, thanks to one clever Norwegian student, we have a hidden glimpse of life in the 1890s.
Carl Størmer (1874-1957) was a young student of mathematics when he purchased his first hidden camera. It was so small that the lens fit through the buttonhole in his vest with a cord that led down to his pocket, allowing him to secretly snap away.
In his biography for the Fellows of the Royal Society, he revealed it was actually a secret crush that led him toward photography. “When he was a young man at Oslo University he fell in love with a lady whom he did not know and with whom he was too bashful to become acquainted,” writes his biographer. “Wishing at least to have a picture of her, he decided that this was possible only by taking a photograph of her himself, without her knowing.” more
With technological limitation, our first photographs are mainly seated posed images that somehow give the impression that everyone in the 1800s was elegant and composed. But, thanks to one clever Norwegian student, we have a hidden glimpse of life in the 1890s.
Carl Størmer (1874-1957) was a young student of mathematics when he purchased his first hidden camera. It was so small that the lens fit through the buttonhole in his vest with a cord that led down to his pocket, allowing him to secretly snap away.
In his biography for the Fellows of the Royal Society, he revealed it was actually a secret crush that led him toward photography. “When he was a young man at Oslo University he fell in love with a lady whom he did not know and with whom he was too bashful to become acquainted,” writes his biographer. “Wishing at least to have a picture of her, he decided that this was possible only by taking a photograph of her himself, without her knowing.” more
Tuesday, January 2, 2018
Stop Your Apps from Spying on Your TV Viewing
That innocent-looking mobile game you just downloaded might just have an ulterior motive. Behind the scenes, hundreds of different apps could be using your smartphone's microphone to figure out what you watch on TV, a new report from The New York Times reveals...
Basically, a bunch of apps with innocuous names like "Pocket Bowling 3D" include extra software that's designed to listen for recognizable audio from your TV, including specific shows and commercials...
All of these apps need to get your permission before they can record in the background. So the easiest way is just to deny that permission. However, it's possible that you might approved the request without realising it, or your kid might do it while playing with your phone. In that case, switching it off is pretty easy...
Just head into Settings on your device and check the permissions for the app in question. If the app has microphone access when it doesn't need to (why would a bowling game need to use your microphone?), just toggle that permission off. more
Basically, a bunch of apps with innocuous names like "Pocket Bowling 3D" include extra software that's designed to listen for recognizable audio from your TV, including specific shows and commercials...
All of these apps need to get your permission before they can record in the background. So the easiest way is just to deny that permission. However, it's possible that you might approved the request without realising it, or your kid might do it while playing with your phone. In that case, switching it off is pretty easy...
Just head into Settings on your device and check the permissions for the app in question. If the app has microphone access when it doesn't need to (why would a bowling game need to use your microphone?), just toggle that permission off. more
Labels:
#eavesdropping,
advice,
Android,
App,
cell phone,
cybersecurity,
Hack,
iOS,
microphone,
privacy,
recording,
tracking
Ex-DA Disbarred for Illegal Tapping
The former Brooklyn district attorney convicted of setting up an illegal wiretap on a romantic target and forging judges' signatures to get secure cellphone warrants has been disbarred by a New York appeals panel.
The Dec. 29 order against Tara Frances Lenich comes about nine months after she admitted in New York federal court to using her position as a DA and investigator to illicitly create judicial orders authorizing cellphone intercepts.
One of her targets was reportedly a New York City Police Department detective... more
The Dec. 29 order against Tara Frances Lenich comes about nine months after she admitted in New York federal court to using her position as a DA and investigator to illicitly create judicial orders authorizing cellphone intercepts.
One of her targets was reportedly a New York City Police Department detective... more
Proof 2018 will be a Great Year for TSCM Teams
The cost of eavesdropping, espionage, spying, and general snooping has gone the way of "long-distance" phone bills. For the cost of a visit to Starbucks, a few bucks can make everyone an eavesdropper, and apparently it's happening. Just look at the ad below for an FM wireless bug. China can't produce them fast enough. They are sold out! (more)
But, fear not dear buggers, you can still obtain GSM USB charger plug bugs. Unlike the FM bug, you don't have to be somewhere nearby to listen-in. Just call it from your cell phone, anywhere in the world. (more)
Happy New Year. Be safe... Support your favorite Technical Surveillance Countermeasures team.
Click to enlarge. |
Click to enlarge. |
Labels:
#eavesdropping,
#espionage,
#TSCM,
advice,
cell phone,
product,
spybot,
wireless
Wednesday, December 27, 2017
Norway & Germany Call Time Out on Kiddy Smartwatches
Recently, Germany's Federal Network Agency (FNA) called foul on smartwatches that worked as listening devices — specifically those worn by children between the ages of 5 and 12, and used by parents, in particular, to eavesdrop on their kids while at school.
The German regulating body said that parents would listen in on classes and teachers without consent...
These special watches, work like a baby monitor — allowing someone to tap into the device and listen in to anything happening around it. And people are being asked now to not only keep an eye out for these particular smartwatches — but destroy them, and then send proof back to the FNA....
Germany's not alone in worrying about children's smartwatches. The Norwegian Consumer Council (NCC) had the same type of reaction a full month before the FNA, issuing a report about security concerns around the devices.
The NCC noted that smartwatches — besides acting as listening devices — can also transmit the location of a child — presumably to parents — but have security flaws which could open that information up easily to others. more
Glad they didn't have these forearm ankle bracelets when I was a kid. ~Kevin
"Piss off." |
These special watches, work like a baby monitor — allowing someone to tap into the device and listen in to anything happening around it. And people are being asked now to not only keep an eye out for these particular smartwatches — but destroy them, and then send proof back to the FNA....
Germany's not alone in worrying about children's smartwatches. The Norwegian Consumer Council (NCC) had the same type of reaction a full month before the FNA, issuing a report about security concerns around the devices.
The NCC noted that smartwatches — besides acting as listening devices — can also transmit the location of a child — presumably to parents — but have security flaws which could open that information up easily to others. more
Glad they didn't have these forearm ankle bracelets when I was a kid. ~Kevin
Labels:
#eavesdropping,
advice,
government,
GPS,
privacy,
product,
Ra-parents,
spybot
Revenge Spycam Shooting Gets Shooter Shot
GA - Macon Judicial Circuit District Attorney David Cooke said Thursday a man was sentenced to three years in prison after pleading guilty to burglary and spying on his ex-girlfriend.
Cooke said Blake Herman, 35, of Macon broke into his ex-girlfriend's home on Jones Road and planted a camera in her bedroom as revenge for her breaking up with him.
When Herman returned to his ex-girlfriend's home to remove the camera, her brother caught him and shot him thinking Herman was about to pull a gun.
The camera fell out of Herman's pocket during the ordeal, according to Cooke. more
Cooke said Blake Herman, 35, of Macon broke into his ex-girlfriend's home on Jones Road and planted a camera in her bedroom as revenge for her breaking up with him.
When Herman returned to his ex-girlfriend's home to remove the camera, her brother caught him and shot him thinking Herman was about to pull a gun.
The camera fell out of Herman's pocket during the ordeal, according to Cooke. more
IT Spy Guy Hacks Computer Cameras
MI - A Charlevoix County man from the United Kingdom is in jail and facing more than 40 charges for disturbing, computer-related crimes.
Police say Wayne Tambling got access to several victims’ computers and photographed them naked using the computer’s camera, without them knowing.
“They just noticed some strange things, some coincidences that led them to believe that someone might be spying on them,” Trooper Jeff Mercer, said.
State police say three victims came forward with that eerie feeling...
Tambling works in IT at Wojan Window and Door, the company says they are fully cooperating with police. more
Police say Wayne Tambling got access to several victims’ computers and photographed them naked using the computer’s camera, without them knowing.
“They just noticed some strange things, some coincidences that led them to believe that someone might be spying on them,” Trooper Jeff Mercer, said.
State police say three victims came forward with that eerie feeling...
Tambling works in IT at Wojan Window and Door, the company says they are fully cooperating with police. more
Double Oh Concession
The UK government is going to speed up the way it vets and hires new recruits at its spy agency Government Communications Headquarters, which is responsible for electronic surveillance, after it fell short of hiring targets at the end of the last fiscal year (pdf).
The spy agency has said that it’s losing potential top recruits to huge tech companies because of bumper salaries. GCHQ’s lengthy vetting process, which is backlogged, also doesn’t help...
GCHQ, one of Britain’s three intelligence and security agencies alongside MI5 and MI6, aims to increase headcount by 14% over the next four years to 6,639 people.
This is after it had a shortfall in recruitment of 22% in the fiscal year. The report added that in order to get more recruits through the door, it will have to assign more people to the vetting process. more
GCHQ v TECH |
GCHQ, one of Britain’s three intelligence and security agencies alongside MI5 and MI6, aims to increase headcount by 14% over the next four years to 6,639 people.
This is after it had a shortfall in recruitment of 22% in the fiscal year. The report added that in order to get more recruits through the door, it will have to assign more people to the vetting process. more
Tuesday, December 26, 2017
Seoul Trained Trackers, or Party Police Bugged
South Korea - One maintenance office of a Seoul apartment complex is in hot water after it took its investigation into noise complaints one step too far.
According to residents and security personnel, during a recent five-day period, the maintenance office dispatched security guards to investigate the source of excessive noise among suites on floors 9 through 15 in one building. The guards, deployed from midnight to three in the morning on the apartment corridors, were armed with sound amplifying equipment.
“Throughout the course of the investigation, I ended up listening to the conversations of the residents in each suite, even though I didn’t want to,” one security guard said. “Problems of excessive noise should be resolved through legal and appropriate means, but I think that using a sound amplifier that can result in an invasion of privacy is taking things too far.” more
According to residents and security personnel, during a recent five-day period, the maintenance office dispatched security guards to investigate the source of excessive noise among suites on floors 9 through 15 in one building. The guards, deployed from midnight to three in the morning on the apartment corridors, were armed with sound amplifying equipment.
“Throughout the course of the investigation, I ended up listening to the conversations of the residents in each suite, even though I didn’t want to,” one security guard said. “Problems of excessive noise should be resolved through legal and appropriate means, but I think that using a sound amplifier that can result in an invasion of privacy is taking things too far.” more
Labels:
#eavesdropping,
business,
ethics,
microphone,
privacy,
spybot,
tracking,
weird
Monday, December 25, 2017
Santa Claus is Coming to Town
You'd better watch out,
You'd better not cry,
You'd better not pout;
I'm telling you why.
Santa Claus is tapping
Your phone.
He's bugging your room,
He's reading your mail,
He's keeping a file
And running a tail.
Santa Claus is tapping
Your phone.
He hears you in the bedroom,
Surveills you out of doors,
And if that doesn't get the goods,
Then he'll use provocateurs.
So–you mustn't assume
That you are secure.
On Christmas Eve
He'll kick in your door.
Santa Claus is tapping
Your phone.
Author unknown
Sunday, December 24, 2017
Espionage Backdoor Installs via Printer-Spoofing Campaign
For many large organizations, emails from corporate printers and scanners are commonplace, and cyber-criminals are finding this vector to be a lucrative host to launch cyber-attacks.
Barracuda Networks has tracked an uptick in attacks through Canon, HP and Epson printer and scanner email attachments of late: Since late November, cyber-criminals have made millions of attempts to infect unsuspecting users by sending impersonated or spoofed emails from these common printer and scanner brands, with attachments that contain malware.
Once unpacked, the malware installs a backdoor on the machine that offers unauthorized access to a victim PC and cyber-espionage capabilities...
Further, indicating a ramsomware-ready aspect, attackers also can change the victim’s wallpaper to display a message of their choice.
Workers should use common sense to avoid the threat:
Barracuda Networks has tracked an uptick in attacks through Canon, HP and Epson printer and scanner email attachments of late: Since late November, cyber-criminals have made millions of attempts to infect unsuspecting users by sending impersonated or spoofed emails from these common printer and scanner brands, with attachments that contain malware.
Once unpacked, the malware installs a backdoor on the machine that offers unauthorized access to a victim PC and cyber-espionage capabilities...
Further, indicating a ramsomware-ready aspect, attackers also can change the victim’s wallpaper to display a message of their choice.
Workers should use common sense to avoid the threat:
- double-check with the sender if one didn’t know a scanned document was coming;
- hovering the mouse over every hyperlink to make sure it’s legitimate;
- and simply not clicking if there’s any doubt whatsoever. more
Example of a fake email. |
Fun Spy Facts
Too much training. |
- The first editorial assistant to work on the Oxford English Dictionary was sacked for industrial espionage.
- Secret agents have to be trained to forget their advanced driving courses.
- The French air force have a squad of golden eagles, trained to hunt down drones.
"Hey, kids. Make BIG money in your spare time. Train spies!"
The UAE is recruiting former CIA and US government officials in a bid to create a professional intelligence body modeled on leading Western agencies.
The Gulf state has long relied on Western countries to build up its intelligence infrastructure, but are now paying big bucks to hire former US intelligence employees to build its spying capabilities.
Details of the training were reviewed by Foreign Policy and show daily seminars, scavenger hunts and training exercises in four-to-six man surveillance teams.
The following weeks provide advanced training on creating undercover identities when attending embassy functions and how to groom intelligence assets...
Former CIA and US government officials are drawn to the promise of a lucrative career, with instructor salaries of up to $1,000 a day funding an extravagant lifestyle, Foreign Policy reported. more
The Gulf state has long relied on Western countries to build up its intelligence infrastructure, but are now paying big bucks to hire former US intelligence employees to build its spying capabilities.
Details of the training were reviewed by Foreign Policy and show daily seminars, scavenger hunts and training exercises in four-to-six man surveillance teams.
The following weeks provide advanced training on creating undercover identities when attending embassy functions and how to groom intelligence assets...
Former CIA and US government officials are drawn to the promise of a lucrative career, with instructor salaries of up to $1,000 a day funding an extravagant lifestyle, Foreign Policy reported. more
Subscribe to:
Posts (Atom)