Wednesday, September 12, 2018

Business Espionage Info-Theft: When they can't hack it, they grab the employees.

Investigators discovered what they believed to be a major infiltration campaign.

Two years before Equifax Inc. stunned the world with the announcement it had been hacked, the credit-reporting company believed it was the victim of another theft...

In the previously undisclosed incident, security officials feared that former employees had removed thousands of pages of proprietary information before leaving and heading to jobs in China. Materials included code for planned new products, human-resources files and manuals...

According to the people familiar with the probe, the investigators, by talking to Equifax employees and examining email accounts and LinkedIn messages sent to them, saw indications that recruiters purporting to represent Ant affiliate Alibaba had offered to triple salaries for certain ethnically Chinese Equifax employees—and provided instructions on specific Equifax information they should bring along if they jumped ship. more

Friday, September 7, 2018

Downer of the Day – Paranoia Is Now a Best Practice

Bust out the tinfoil—the data security crisis is worse than you ever imagined...

he 2010s will be remembered as the first decade in which we, the people, paid for the pleasure of welcoming Big Brother into our lives.

When George Orwell depicted an inescapable surveillance state — telescreens in every room monitoring every move, recording every sound, and reporting it all to the authoritarian leader — in his classic novel 1984, he probably never imagined that in 2018, folks would pay $600 (plus a recurring monthly fee) for the privilege of carrying a telescreen in their pockets. more

Buy yours now.

Thursday, September 6, 2018

Computer Screens Emit Sounds that Reveal Data

Computer scientists from Tel Aviv University, the University of Pennsylvania and the University of Michigan have discovered a computer version of synesthesia that allows them to determine what’s being displayed on a monitor by listening to sounds emitted by the monitor.

As you might suspect, those sounds are very faint and not easily detected by human hearing. But they are there as tiny high-pitched tones produced by a monitor’s power supply in response to the varying demands of the screen display. But special equipment isn’t required to exploit the vulnerability that’s produced by this characteristic of most monitors.

In their paper, which was released on Aug. 21, the scientists showed that those sounds could be recorded using the microphone in a standard consumer webcam, by a smartphone or by a digital assistant such as an Amazon Echo or Google Home device.

Furthermore, this exploit does not require the presence on site of the attacker. They can record the sounds over a remote call, such as one from Google Hangouts. The amount of information that the researchers were able to discern using their method was remarkable... more

mSpy Goes Platinum - Leaks 2 Million Records

mSpy, a commercial spyware solution designed to help you spy on kids and partners, has leaked over 2 million records including software purchases and iCloud usernames and authentication tokens of devices running mSky.

The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records.

mSpy is a platform that allows parents to see what their children are doing online and, presumably, allow partners to keep tabs on each other. more

This is the second time mSpy has been hacked... that we know of.

Neutralizer for Car Infotainment Systems

Privacy4Cars, a mobile app designed to help erase Personally Identifiable Information (PII) from modern vehicles, recently was released as a free download on iOS and Android devices.

The Privacy4Cars app, according to the company, enables consumers and businesses to quickly and efficiently delete personal data retained by modern vehicle infotainment systems. The app was developed by Andrea Amico, an expert in vehicle privacy and cybersecurity.


Privacy4Cars' patent-pending process provides customized, visual step-by-step tutorials to help users quickly erase personal information such as phone numbers, call logs, location history and garage door codes from vehicle infotainment systems. more

Eavesdropping — at the Ian Potter Museum of Art Melbourne

WHAT: Eavesdropping — Tue, 24. July–Sun, 28. October 2018
WHERE: Ian Potter Museum of Art, Melbourne, Australia
ADMISSION: Free

Eaves­drop­ping is a unique col­lab­o­ra­tion between Liquid Archi­tec­ture, Mel­bourne Law School and the Ian Potter Museum of Art, com­pris­ing an exhi­bi­tion, a public pro­gram, series of work­ing groups and tour­ing event which explores the pol­i­tics of lis­ten­ing through work by lead­ing artists, researchers, writ­ers and activists from Aus­tralia and around the world.

EAVES­DROP­PING used to be a crime. Accord­ing to William Black­stone, in his Com­men­taries on the Laws of Eng­land (1769): ​‘eaves­drop­pers, or such as listen under walls or win­dows, or the eaves of a house, to hear­ken after dis­course, and there­upon to frame slan­der­ous and mis­chie­vous tales, are a common nui­sance and pre­sentable at the court-leet.’

Click to enlarge
Two hun­dred and fifty years later, eaves­drop­ping isn’t just legal, it’s ubiq­ui­tous. What was once a minor public order offence has become one of the most impor­tant politico-legal prob­lems of our time, as the Snow­den rev­e­la­tions made abun­dantly clear. Eaves­drop­ping: the ever-increas­ing access to, cap­ture and con­trol of our sonic worlds by state and cor­po­rate inter­ests. But eaves­drop­ping isn’t just about big data, sur­veil­lance and secu­rity... more


Wednesday, September 5, 2018

"New" Theory on the Cuba / China Sonic Headaches

The mystery illness afflicting American diplomats in Cuba and China could be a side effect of bugging or surveillance rather than a sonic weapon attack, according to a US researcher.

Dr Beatrice Golomb, professor of medicine at the University of California San Diego, said the reported symptoms strongly matched the known effects of radio frequency and microwave radiation.

Surveillance is my lead hypothesis, as opposed to something like attacks or weaponry,” said Golomb, whose research will be published in the journal Neural Computation on September 15. more

Security Scrapbook fans already knew this might be a botched spying attempt, and how it worked, back in August 2017. ~Kevin

Drive-by Hackers Can Spy on Millions of Chrome Users Through Their Webcams

Drive-by hackers can spy on millions of Chrome users through their WEBCAMS experts claim, after finding a security glitch in the browser.
  • According to UK cyber-security experts, hackers could attack entire streets.
  • They might be able to steal passwords and activate webcams in an attack.
  • Experts reported the issue to Google earlier this year but was told that it was working fine.

The glitch affects people who have logged onto their router as admin and saved details in their browser. more

Smart Home Technology Being Used by Abusers to Control and Terrorize

Imagine the temperature changing on your thermostat without you doing it, or seeing your lights turn off and on without you touching the switch.

Or your Alexa blaring music in the middle of the night. Or finding hidden cameras placed in your home -- without your knowledge or consent.

These are the sort of things abusive partners and exes can use to try to control their loved ones and if it's happening to you, you need to report it.

"It was awful, absolutely awful," said Aubrey, a Houston woman who spoke with News 6 sister station KPRC about her fiancé secretly watching her in her home. "Everywhere I went, everything I did, he could hear it. He could see it. It was awful."

Aubrey says after she and her fiancé moved in together, she discovered he had installed cameras throughout the house without her knowledge or consent. She said she discovered it by accident while using his cellphone...

"Every time we get an advance in technology, the bad guys seem to take advantage of it," Oviedo police Lt. Travis Cockcroft said.

So what are some things you can do to break free of an abuser's digital trap?
  • Make sure you change your passwords on all of your accounts.
  • Reset your Wi-Fi settings to something only you would know.
  • Educate yourself about what your smart home devices can do.
  • Reset privacy settings.
  • Keep a journal of any peculiar activity with dates and times and description of what happened. 
more and more

Ex-boyfriend Faces Jail - Concealed Hidden Listening Devices in Her Bedroom

An "evasive and dishonest" ex-boyfriend faces jail after spying on his lover by concealing hidden listening devices in her home.

Wayne Bamford, 47, mounted a stalking campaign after being spurned by mother-of-one Joanna Dawson, a court heard.

He hid two secret listening devices in her bedroom in what was described as a "highly sophisticated" covert operation. She found a twin dual adapter plug - which had a hole in it - in her bedroom next to her bedside cabinet.

Experts revealed it was, in fact, a listening device and Bamford was arrested and then bailed by police.

Bamford called the second listening device at least 1,600 times in a bid to hear what was happening in Miss Dawson's house over 15 days from March 1, 2017, to March 16, 2017, the court heard.

But Bamford's surveillance op was foiled after Miss Dawson sought advice... more

The Implications of Recording in the Workplace

Workplace recordings have made headlines in recent weeks. For example, Omarosa Manigault-Newman publicly played a recording of a meeting with her then-boss, White House Chief of Staff John Kelly, to bolster her claim that he threatened her during the meeting.

White House officials quickly fired back that the recording was a breach of protocol and possibly illegal.

Given the controversies in the news, employers might be wondering when recording is legal and what policies they can lawfully implement on recording in the workplace.

Although recordings can be useful to resolve disputed facts about a conversation, surreptitious recording in the workplace can create both legal and business risks for employers. Both employers and employees may violate state and federal wiretap laws by recording without consent. Even with consent, employers should hesitate before taping employees, because pervasive surveillance in the workplace can put workers on edge and damage their morale.

Similarly, employee recording may discomfit employees and customers, and put the employer’s confidential information at risk. Some employers respond to these risks by outright prohibiting recording in the workplace. more

Seoul to Inspect Public Toilets Daily to Tackle 'Spy-Cam Porn' Crisis

South Korea’s capital and largest city, Seoul, is set to begin daily checks for hidden cameras in public toilets in response to growing public outrage over an epidemic of “spy-cam porn”.

South Korea is in the middle of a battle against videos secretly filmed in places such as toilet stalls and changing rooms. Police have said more than 26,000 victims between 2012 and 2016 have been identified, but many cases go unreported...

Record numbers of women have held a monthly protest on the streets of Seoul calling for the government to do more, with last month’s demonstration drawing 70,000 protesters, according to the organizers.

At present, the Seoul government checks each toilet about once a month, and employs only 50 inspectors to monitor more than 20,000 public bathrooms, according to news agency Yonhap. The new plan will call for the 8,000 city workers who maintain and clean the bathrooms to conduct daily checks. more

Monday, August 27, 2018

Pittsburgh Steelers vs. Drone Stealers

In what might be the most 2018 news story ever, head coach Mike Tomlin and the Pittsburgh Steelers have erected a tarp near one of their practice facilities.

Why is this news? Well, said tarp is meant to protect the Steelers from being spied on with drones. more

Why Vienna Is the Spy Capital of the World

via  
A former chief in the Austrian intelligence service once told the Telegraph that more than 7,000 spies operated in Vienna, a city of nearly 1.8 million people. It’s “a nice place for spies to live and bring their families,” he added. Although there are many reasons to visit Vienna for tourists and spies alike, Austria’s famous chocolate cake (sachertorte) and the city’s perfectly preserved Habsburg palaces are not the reason intelligence services still flock to the city.

Austria has some of the most relaxed laws on spying of any country in the world and those laws have not been updated since the Austro-Hungarian empire fell, even with two world wars and the Cold War since then. In fact, the only spying activities that are illegal in the country are the kind that directly target Austria. Vienna also hosts one of four headquarters of the United Nations and is home to about 40 other important international organizations that have delegations from all over the world, including the International Atomic Energy Agency (IAEA), the Organization of Petroleum Exporting Countries (OPEC), and the Organization for Security and Cooperation in Europe (OSCE). With approximately 320 bilateral and multilateral diplomatic representations operating in Vienna, nearly 4,000 diplomats, and more than 6,000 international officials, Vienna is brimming with information foreign intelligence services want to collect.

But it is in wandering the streets of Vienna that you really start to see why the city lives up to its cloak and dagger history. Vienna’s famous coffee houses have played an important role as meeting places for writers, musicians, artists and philosophers throughout history. At Café Central in the heart of Vienna, you can dine on Apfelstrudel in the same place where Leo Trostky and Sigmund Freud sat. You can also take advantage of the seemingly endless coffeehouse chatter to meet your sources under the radar and to mask any clandestine conversations you need to have. more hum-a-long

Apple Smacks Down Facebook's VPN Spying App

Back in 2013, Facebook acquired Israel-based Onavo, a small mobile analytics company that offered a virtual private network (VPN) app called Onavo Protect. In general, VPN apps seek to give users greater privacy and control around their data by routing traffic through a secure network. In this case, Onavo Protect started sending all that user data back to the Facebook mothership...

In its ongoing quest to protect user privacy, Apple just told Facebook to pull Onavo Protect from its App Store. more