Ukraine - The staff of the National Anti-Corruption Bureau of Ukraine (NABU) ran over a law enforcement officer and caused a car accident after installation of wiretapping in the building of the Specialized Anti-Corruption Prosecutor's Office (SAPO). Head of SAPO Nazar Kholodnytsky claimed this at the briefing.
It is noted that illegally installed wiretapping by the staff of NABU was discovered in the courtyard of SAPO, today. Also, a car with the personnel of NABU was detected near the administrative building.
‘Suddenly, the special forces of the Anti-Corruption Bureau appeared when the police arrived. The SAPO driver was forcibly taken out from the office car. My understanding is that the NABU employee took his seat, willfully ran the VAN over the personnel of the State Security Administration and the rest of the people. “Pajero” and two other cars were involved in the car accident. The accident is being registered,’ Kholodnytsky noted.
He added that the injured driver of SAPO is in a hospital right now with an initial diagnosis of a broken arm. more
Wednesday, September 19, 2018
Saturday, September 15, 2018
FutureWatch: Spying on a Computer Screen Via the Microphone
Daniel Genkin of the University of Michigan, Mihir Pattani of the
University of Pennsylvania, Roei Schuster of Cornell Tech and Tel Aviv
University, and Eran Tromer of Tel Aviv University and Columbia
University investigated a potential new avenue of remote surveillance
that they have dubbed "Synesthesia":
a side-channel attack that can reveal the contents of a remote screen,
providing access to potentially sensitive information based solely on
"content-dependent acoustic leakage from LCD screens."
The research, supported by the Check Point Institute for Information Security at Tel Aviv University (of which Schuster and Tromer are members) and funded in part by the Defense Advanced Research Projects Agency, examined what amounts to an acoustic form of Van Eck phreaking. While Van Eck phreaking uses radio signal emissions that leak from display connectors, the Synesthesia research leverages "coil whine," the audio emissions from transformers and other electronic components powering a device's LCD display. more
The research, supported by the Check Point Institute for Information Security at Tel Aviv University (of which Schuster and Tromer are members) and funded in part by the Defense Advanced Research Projects Agency, examined what amounts to an acoustic form of Van Eck phreaking. While Van Eck phreaking uses radio signal emissions that leak from display connectors, the Synesthesia research leverages "coil whine," the audio emissions from transformers and other electronic components powering a device's LCD display. more
Friday, September 14, 2018
The Cold Boot Attack is Back – Don't Leave Laptops Unattended
Credit: F-Secure |
This vulnerability is particularly worrisome for organizations that regularly handle sensitive information, such as banks or government agencies, because the information gathered from a compromised laptop could let hackers work their way into other systems...
Because the attack requires physical access, it's also hard to know if someone has already discovered and used it. F-Secure characterized the attack as something that a low-level hacker might not discover but that anyone interested in corporate espionage or the like would be very interested in. Organizations have to decide if they want to proceed as if they were affected, which could be costly, or if they'll ignore the issue.
F-Secure advised concerned organizations to require Bitlocker PIN entry when a laptop powers up or restarts, to make sure employees force the laptops to shut down or hibernate instead of going into sleep mode and to keep laptops safe and have a plan for if they go missing. Aside from those steps, however, it's up to the laptop industry to make sure their products aren't susceptible to this modified attack. more
Q.v. USB Stick Warnings
Thursday, September 13, 2018
FutureWatch: The AI Eye of Providence, or Silcon Santa Surveillance
NICE Actimize, a NICE business and the leader in Autonomous
Financial Crime Management, is hosting a series of global events to
educate financial services organization (FSO) professionals on the
challenges of electronic communications (eComms) surveillance and which
are designed to demonstrate how its innovative Intelligent
eComms Surveillance solution can transform compliance and conduct
risk management, while avoiding reputational damage and fines...
Powered by artificial intelligence and automation, NICE Actimize’s Intelligent eComms Surveillance solution is a comprehensive platform for automating employee surveillance and investigations. The solution provides a single platform for monitoring 100 percent communications across all communication channels, including voice, so analysts can easily uncover hidden conduct risks, collusion, and insider trading...
...it supports hundreds of data types and can connect to, ingest and index data from storage vaults containing emails, instant messages, chat room communications, social media threads, text messages and voice calls...
NICE Actimize’s Intelligent eComms Surveillance solution uses Natural Language Understanding (text analytics and linguistics), machine learning and intelligent analytics (all fine-tuned for financial markets) to comprehend the true context of conversations and accurately identify risk...
This systematic approach enables firms to identify suspicious communications with unprecedented accuracy... more
Keep in mind, the financial world had the initial need and means to develop this. Once evolved and rolled-out you can bet it will be customized for other uses. Eventually... click here. ~Kevin
Powered by artificial intelligence and automation, NICE Actimize’s Intelligent eComms Surveillance solution is a comprehensive platform for automating employee surveillance and investigations. The solution provides a single platform for monitoring 100 percent communications across all communication channels, including voice, so analysts can easily uncover hidden conduct risks, collusion, and insider trading...
...it supports hundreds of data types and can connect to, ingest and index data from storage vaults containing emails, instant messages, chat room communications, social media threads, text messages and voice calls...
NICE Actimize’s Intelligent eComms Surveillance solution uses Natural Language Understanding (text analytics and linguistics), machine learning and intelligent analytics (all fine-tuned for financial markets) to comprehend the true context of conversations and accurately identify risk...
This systematic approach enables firms to identify suspicious communications with unprecedented accuracy... more
Keep in mind, the financial world had the initial need and means to develop this. Once evolved and rolled-out you can bet it will be customized for other uses. Eventually... click here. ~Kevin
Feds Charge 4 State-Owned Companies with Economic Espionage
U.S. Four Chinese state-owned companies were arraigned in federal court in California on charges of economic espionage, prosecutors announced Friday.
Pangang Group Company, Ltd. and three of its subsidiaries allegedly conspired with Chinese nationals Hou Shengdong and Dong Yingjie to acquire stolen or misappropriated trade secrets involving the production technology for chloride-route titanium dioxide, also known as TiO2, from the DuPont company...
TiO2 is commonly used as a white pigment in paints after the use of lead oxide was banned several years ago...It is also used as a pigment in inks, plastics, cosmetics, soap, toothpaste and food.
"DuPont had developed the technology and controlled a significant amount of the world's TiO2 sales," prosecutors said. "The defendants are alleged to have obtained confidential trade secret information including photographs related to TiO2 plant technologies and facilities."
The Pangang companies, along with Hou and Dong, are also accused of paying an Oakland company $27,000,000 between 2006 and 2011 for assistance in obtaining DuPont's trade secrets. more Official Press Release
Pangang Group Company, Ltd. and three of its subsidiaries allegedly conspired with Chinese nationals Hou Shengdong and Dong Yingjie to acquire stolen or misappropriated trade secrets involving the production technology for chloride-route titanium dioxide, also known as TiO2, from the DuPont company...
TiO2 is commonly used as a white pigment in paints after the use of lead oxide was banned several years ago...It is also used as a pigment in inks, plastics, cosmetics, soap, toothpaste and food.
"DuPont had developed the technology and controlled a significant amount of the world's TiO2 sales," prosecutors said. "The defendants are alleged to have obtained confidential trade secret information including photographs related to TiO2 plant technologies and facilities."
The Pangang companies, along with Hou and Dong, are also accused of paying an Oakland company $27,000,000 between 2006 and 2011 for assistance in obtaining DuPont's trade secrets. more Official Press Release
Couple Find Spycam in Vacation Rental Unit
A British couple vacationing in Toronto were horrified to discover a spy camera hidden in a digital clock at their rental apartment.
Dougie Hamilton, 34, from Glasgow, realized that the clock was “connected to a wire like a phone charger”.
He now fears whoever planted the camera at the Airbnb may have recorded clandestine footage of him and his girlfriend.
Hamilton told Scotland’s Daily Record that the property’s host had at least half a dozen other properties for lease on Airbnb, accompanied by numerous reviews.
“I just happened to be facing this clock and was staring at it for about 10 minutes. There was just something in my head that made me feel a bit uneasy.”
A recent video he saw on social media about spy cameras made him increasingly concerned. more
Lesson: Trust your instincts. The thought would never have occurred to you if everything were fine. This applies to all electronic surveillance devices: bugs, taps, smartphone and computer spyware, spy cameras, and corporate espionage. ~Kevin
Dougie Hamilton, 34, from Glasgow, realized that the clock was “connected to a wire like a phone charger”.
He now fears whoever planted the camera at the Airbnb may have recorded clandestine footage of him and his girlfriend.
Hamilton told Scotland’s Daily Record that the property’s host had at least half a dozen other properties for lease on Airbnb, accompanied by numerous reviews.
“I just happened to be facing this clock and was staring at it for about 10 minutes. There was just something in my head that made me feel a bit uneasy.”
A recent video he saw on social media about spy cameras made him increasingly concerned. more
Lesson: Trust your instincts. The thought would never have occurred to you if everything were fine. This applies to all electronic surveillance devices: bugs, taps, smartphone and computer spyware, spy cameras, and corporate espionage. ~Kevin
In other news... (You can't make this stuff up.)
A woman accused of gunning down her chef husband is a self-published
romance writer who once penned an essay titled "How to Murder Your
Husband."
She has also written such titles as "The Wrong Husband," a 2015 novel about a woman who escapes an abusive spouse during a shipwreck in the Mediterranean and falls in love with one of the men sent to find her.
"Divorce is expensive, and do you really want to split your possessions?" she wrote in a section about financial motives. more
Apparently, others have had similar thoughts...
She has also written such titles as "The Wrong Husband," a 2015 novel about a woman who escapes an abusive spouse during a shipwreck in the Mediterranean and falls in love with one of the men sent to find her.
"Divorce is expensive, and do you really want to split your possessions?" she wrote in a section about financial motives. more
Apparently, others have had similar thoughts...
Spycam Conviction — Chalk One Up for the Good Guys
Roger Wallach, 38, of Philadelphia, PA was sentenced today to 240 months in federal prison for manufacturing videos and images of two girls, ages 10 and 11, over a period of three months.
Wallach previously pleaded guilty to nine counts of manufacturing and attempting to manufacture child pornography, and one count of possession of child pornography. As part of his guilty plea, Wallach admitted that he concealed a spy watch in a bathroom and surreptitiously recorded the 10- and 11-year-old girls as they undressed, used the bathroom, and showered. He also used the webcam on his laptop computer to record them undressing and in various states of nudity. All total, he had hundreds of sexually explicit images of both girls that he saved on his cell phone, in his iCloud account, on his laptop, and on the memory of his spy watch.
In addition to the term of imprisonment, the court imposed a 20-year term of supervised release and ordered that the defendant undergo a sex offender evaluation and treatment after his release from federal prison. more
Wallach previously pleaded guilty to nine counts of manufacturing and attempting to manufacture child pornography, and one count of possession of child pornography. As part of his guilty plea, Wallach admitted that he concealed a spy watch in a bathroom and surreptitiously recorded the 10- and 11-year-old girls as they undressed, used the bathroom, and showered. He also used the webcam on his laptop computer to record them undressing and in various states of nudity. All total, he had hundreds of sexually explicit images of both girls that he saved on his cell phone, in his iCloud account, on his laptop, and on the memory of his spy watch.
In addition to the term of imprisonment, the court imposed a 20-year term of supervised release and ordered that the defendant undergo a sex offender evaluation and treatment after his release from federal prison. more
Wednesday, September 12, 2018
Industrial Espionage: The Deafening Sounds of a Rip-Off
Apple designed an iPhone.
Motorola wanted one, too.
Industrial espionage?!?!
You decide.
Welcome to the business zoo.
Motorola wanted one, too.
Industrial espionage?!?!
You decide.
Welcome to the business zoo.
Spybuster Security Tip #748: The Lost Smartphone Recovery Trick
Chances are, if you lose your smartphone the screen will look like this to whoever finds it.
(If your phone is not password protected do that now.)
This presents a problem to the good Samaritan who finds it. They don’t know to whom the phone should be returned.
Sure, you could call the phone and hope they answer, or try using the ‘find my phone feature’, but that takes time and a positive result is iffy.
Solution…
Give the finder a helpful clue as to who you are. Customize your background wallpaper to include some information about you.
Including an email address is a very good start. Now they know how to contact you. If you want to keep your real email address private, create a nondescript google/yahoo/hotmail account just for this purpose.
If your email address also contains a company URL they might be close enough to drop the phone off at the reception desk for you.
Adding an alternate phone number where you can be reached, or adding the old enticing phrase, Reward if Found, are additional options.
It is easy to change wallpapers on smartphones. Just google “[your smartphone manufacturer] change wallpaper” and the directions will pop up.
Creating a customized wallpaper is almost as easy. You can do it with any photoshop type app, or by using a free on-line service.
Resources…
https://mashable.com/2013/08/12/wallpaper-iphone/
https://datarecovery.wondershare.com/best-iphone-wallpaper-maker.html
https://www.makeuseof.com/tag/make-custom-wallpaper-android/
https://www.picmonkey.com/blog/make-your-own-phone-wallpaper
https://www.canva.com/create/wallpapers/
https://spark.adobe.com/make/background-maker/
This presents a problem to the good Samaritan who finds it. They don’t know to whom the phone should be returned.
Sure, you could call the phone and hope they answer, or try using the ‘find my phone feature’, but that takes time and a positive result is iffy.
Solution…
Give the finder a helpful clue as to who you are. Customize your background wallpaper to include some information about you.
Including an email address is a very good start. Now they know how to contact you. If you want to keep your real email address private, create a nondescript google/yahoo/hotmail account just for this purpose.
If your email address also contains a company URL they might be close enough to drop the phone off at the reception desk for you.
Adding an alternate phone number where you can be reached, or adding the old enticing phrase, Reward if Found, are additional options.
It is easy to change wallpapers on smartphones. Just google “[your smartphone manufacturer] change wallpaper” and the directions will pop up.
Creating a customized wallpaper is almost as easy. You can do it with any photoshop type app, or by using a free on-line service.
Resources…
https://mashable.com/2013/08/12/wallpaper-iphone/
https://datarecovery.wondershare.com/best-iphone-wallpaper-maker.html
https://www.makeuseof.com/tag/make-custom-wallpaper-android/
https://www.picmonkey.com/blog/make-your-own-phone-wallpaper
https://www.canva.com/create/wallpapers/
https://spark.adobe.com/make/background-maker/
Business Espionage Info-Theft: When they can't hack it, they grab the employees.
Investigators discovered what they believed to be a major infiltration campaign.
Two years before Equifax Inc. stunned the world with the announcement it had been hacked, the credit-reporting company believed it was the victim of another theft...
In the previously undisclosed incident, security officials feared that former employees had removed thousands of pages of proprietary information before leaving and heading to jobs in China. Materials included code for planned new products, human-resources files and manuals...
According to the people familiar with the probe, the investigators, by talking to Equifax employees and examining email accounts and LinkedIn messages sent to them, saw indications that recruiters purporting to represent Ant affiliate Alibaba had offered to triple salaries for certain ethnically Chinese Equifax employees—and provided instructions on specific Equifax information they should bring along if they jumped ship. more
Two years before Equifax Inc. stunned the world with the announcement it had been hacked, the credit-reporting company believed it was the victim of another theft...
In the previously undisclosed incident, security officials feared that former employees had removed thousands of pages of proprietary information before leaving and heading to jobs in China. Materials included code for planned new products, human-resources files and manuals...
According to the people familiar with the probe, the investigators, by talking to Equifax employees and examining email accounts and LinkedIn messages sent to them, saw indications that recruiters purporting to represent Ant affiliate Alibaba had offered to triple salaries for certain ethnically Chinese Equifax employees—and provided instructions on specific Equifax information they should bring along if they jumped ship. more
Friday, September 7, 2018
Downer of the Day – Paranoia Is Now a Best Practice
Bust out the tinfoil—the data security crisis is worse than you ever imagined...
he 2010s will be remembered as the first decade in which we, the people, paid for the pleasure of welcoming Big Brother into our lives.
When George Orwell depicted an inescapable surveillance state — telescreens in every room monitoring every move, recording every sound, and reporting it all to the authoritarian leader — in his classic novel 1984, he probably never imagined that in 2018, folks would pay $600 (plus a recurring monthly fee) for the privilege of carrying a telescreen in their pockets. more
Buy yours now.
he 2010s will be remembered as the first decade in which we, the people, paid for the pleasure of welcoming Big Brother into our lives.
When George Orwell depicted an inescapable surveillance state — telescreens in every room monitoring every move, recording every sound, and reporting it all to the authoritarian leader — in his classic novel 1984, he probably never imagined that in 2018, folks would pay $600 (plus a recurring monthly fee) for the privilege of carrying a telescreen in their pockets. more
Buy yours now.
Thursday, September 6, 2018
Computer Screens Emit Sounds that Reveal Data
Computer scientists from Tel Aviv University, the University of Pennsylvania and the University of Michigan have discovered a computer version of synesthesia that allows them to determine what’s being displayed on a monitor by listening to sounds emitted by the monitor.
As you might suspect, those sounds are very faint and not easily detected by human hearing. But they are there as tiny high-pitched tones produced by a monitor’s power supply in response to the varying demands of the screen display. But special equipment isn’t required to exploit the vulnerability that’s produced by this characteristic of most monitors.
In their paper, which was released on Aug. 21, the scientists showed that those sounds could be recorded using the microphone in a standard consumer webcam, by a smartphone or by a digital assistant such as an Amazon Echo or Google Home device.
Furthermore, this exploit does not require the presence on site of the attacker. They can record the sounds over a remote call, such as one from Google Hangouts. The amount of information that the researchers were able to discern using their method was remarkable... more
As you might suspect, those sounds are very faint and not easily detected by human hearing. But they are there as tiny high-pitched tones produced by a monitor’s power supply in response to the varying demands of the screen display. But special equipment isn’t required to exploit the vulnerability that’s produced by this characteristic of most monitors.
In their paper, which was released on Aug. 21, the scientists showed that those sounds could be recorded using the microphone in a standard consumer webcam, by a smartphone or by a digital assistant such as an Amazon Echo or Google Home device.
Furthermore, this exploit does not require the presence on site of the attacker. They can record the sounds over a remote call, such as one from Google Hangouts. The amount of information that the researchers were able to discern using their method was remarkable... more
mSpy Goes Platinum - Leaks 2 Million Records
mSpy, a commercial spyware solution designed to help you spy on kids and partners, has leaked over 2 million records including software purchases and iCloud usernames and authentication tokens of devices running mSky.
The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records.
mSpy is a platform that allows parents to see what their children are doing online and, presumably, allow partners to keep tabs on each other. more
This is the second time mSpy has been hacked... that we know of.
The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records.
mSpy is a platform that allows parents to see what their children are doing online and, presumably, allow partners to keep tabs on each other. more
This is the second time mSpy has been hacked... that we know of.
Neutralizer for Car Infotainment Systems
Privacy4Cars, a mobile app designed to help erase Personally Identifiable Information (PII) from modern vehicles, recently was released as a free download on iOS and Android devices.
The Privacy4Cars app, according to the company, enables consumers and businesses to quickly and efficiently delete personal data retained by modern vehicle infotainment systems. The app was developed by Andrea Amico, an expert in vehicle privacy and cybersecurity.
Privacy4Cars' patent-pending process provides customized, visual step-by-step tutorials to help users quickly erase personal information such as phone numbers, call logs, location history and garage door codes from vehicle infotainment systems. more
The Privacy4Cars app, according to the company, enables consumers and businesses to quickly and efficiently delete personal data retained by modern vehicle infotainment systems. The app was developed by Andrea Amico, an expert in vehicle privacy and cybersecurity.
Privacy4Cars' patent-pending process provides customized, visual step-by-step tutorials to help users quickly erase personal information such as phone numbers, call logs, location history and garage door codes from vehicle infotainment systems. more
Subscribe to:
Posts (Atom)