The first of its kind, the SANS Security Awareness Executive Report draws data from the 2018 Security Awareness Report to reveal a detailed analysis of what drives a thriving awareness program. more
Wednesday, January 9, 2019
Security Awareness Report for Executives
The first of its kind, the SANS Security Awareness Executive Report draws data from the 2018 Security Awareness Report to reveal a detailed analysis of what drives a thriving awareness program. more
Who Are You...Online - Become an OSINT Awesome and Find Out
We are going to show you how to research yourself and discover what information is publicly known about you...
You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject.
A good place to start is with search engines such as Google, Bing, or DuckDuckGo. Each of these have indexed different information about you...
Start by typing your name in quotes, but after that expand your search...
Examples include:
“FirstName LastName” > What information can I find online about this person
“Firstname Lastname@” > Find possible email addresses associated with this person
“Firstname lastname” filetype:doc > Any word documents that contain this person’s name
more
sing-a-long
You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject.
Start by typing your name in quotes, but after that expand your search...
Examples include:
“FirstName LastName” > What information can I find online about this person
“Firstname Lastname@” > Find possible email addresses associated with this person
“Firstname lastname” filetype:doc > Any word documents that contain this person’s name
more
sing-a-long
Tuesday, January 8, 2019
Judge Nails Husband for Spyware and Eavesdropping on Wife's Calls ...with her attorney ...twice!
A federal judge has levied sanctions on a tobacco heiress’ estranged husband for destroying evidence related to spyware that he secretly installed on his wife’s phone and used to listen in on her calls, including conversations she had with her attorney. It was the second time that a judge has hit Crocker Coulson, who is locked in a bitter divorce with Anne Resnik in state court, with spoliation sanctions for destroying evidence of bugging Resnik’s phone. more
Last year...
A man locked in bitter divorce proceedings with a tobacco heiress was caught bugging his wife’s phone and listening in to her conversations with her attorney, an infraction that a Brooklyn judge said should cost him any claim on the family’s wealth. more
The Panopticon Express Doesn't Stop Here
The warnings sound like the plot of a Hollywood spy thriller...
The Chinese hide malware in a Metro rail car’s security camera system that allows surveillance of Pentagon or White House officials as they ride the Blue Line — sending images back to Beijing.
Or sensors on the train secretly record the officials’ conversations. Or a flaw in the software that controls the train — inserted during the manufacturing process — allows it to be hacked by foreign agents or terrorists to cause a crash.
Congress, the Pentagon and industry experts have taken the warnings seriously, and now Metro will do the same. more
Panopticon is a type of institutional building and a system of control designed ... in the late 18th century. The scheme of the design is to allow all (pan-) inmates of an institution to be observed (-opticon) by a single watchman without the inmates being able to tell whether or not they are being watched.
The Chinese hide malware in a Metro rail car’s security camera system that allows surveillance of Pentagon or White House officials as they ride the Blue Line — sending images back to Beijing.
Or sensors on the train secretly record the officials’ conversations. Or a flaw in the software that controls the train — inserted during the manufacturing process — allows it to be hacked by foreign agents or terrorists to cause a crash.
Congress, the Pentagon and industry experts have taken the warnings seriously, and now Metro will do the same. more
Panopticon is a type of institutional building and a system of control designed ... in the late 18th century. The scheme of the design is to allow all (pan-) inmates of an institution to be observed (-opticon) by a single watchman without the inmates being able to tell whether or not they are being watched.
The Shady Middlemen Who Sell Your Location... in real time.
If you want to follow someone in realtime, you don't need to shell out to shady data-brokers like Securus (which use a marketing company that exploits a privacy law loophole to obtain phone location data).There are a whole constellation of location data resellers who will do business with anyone, regardless of the notional privacy protections they promise the carriers they'll put in place.
Notably, these resellers do business with bail bondsmen and bounty hunters, who can, for a few dollars, locate any phone on the major carriers' networks.
The carriers were mired in scandal over the Securus affair last year, and pledged to clean up their act (T-Mobile CEO John Legere tweeted "I’ve personally evaluated this issue & have pledged that @tmobile will not sell customer location data to shady middlemen"). They have not. more
Mystery ‘Sonic Attack’ on U.S. Diplomats in Cuba Was Really Crickets
Fake news? You decide.Diplomatic officials may have been targeted with an unknown weapon in Havana. But a recording of one “sonic attack” actually is the singing of a very loud cricket, a new analysis concludes.
In November 2016, American diplomats in Cuba complained of persistent, high-pitched sounds followed by a range of symptoms, including headaches, nausea and hearing loss.
Exams of nearly two dozen of them eventually revealed signs of concussions or other brain injuries, and speculation about the cause turned to weapons that blast sound or microwaves...
On Friday, two scientists presented evidence that those sounds were not so mysterious after all.
They were made by crickets, the researchers concluded. more
Fact: Buddy Holly released chirping crickets in 1957, and died about two years later. Just coincidence? You decide.
Saturday, January 5, 2019
Protecting Trade Secrets in Court Requires Special Security, Like TSCM
Federal prosecutors said a Chinese national employed by an Oklahoma petroleum company has been charged with stealing trade secrets.
Authorities said Hongjin Tan, 35, is accused of stealing trade secrets from his unnamed U.S.-based employer that operates a research facility in the Tulsa area.
An affidavit filed by the FBI alleges that Tan stole trade secrets about an unidentified product worth between $1.4 and $1.8 billion to his employer to benefit a Chinese company where Tan had been offered work. more
Gal Shpantzer, SANS NewsBites news editor notes... "Have you discussed the concept of trade secrets with your legal counsel? Trade secrets are only legally protected if you secure them in a certain manner, above and beyond normal confidential data. www.justice.gov: Reporting Intellectual Property Crime: A Guide for Victims of Copyright Infringement, Trademark Counterfeiting, and Trade Secret Theft (PDF)
TSCM - Technical Surveillance Countermeasures
An affidavit filed by the FBI alleges that Tan stole trade secrets about an unidentified product worth between $1.4 and $1.8 billion to his employer to benefit a Chinese company where Tan had been offered work. more
Gal Shpantzer, SANS NewsBites news editor notes... "Have you discussed the concept of trade secrets with your legal counsel? Trade secrets are only legally protected if you secure them in a certain manner, above and beyond normal confidential data. www.justice.gov: Reporting Intellectual Property Crime: A Guide for Victims of Copyright Infringement, Trademark Counterfeiting, and Trade Secret Theft (PDF)
 |
| Judge: "When did you last check for bugs?" |
Friday, January 4, 2019
If Spies Rip You Off Due to Your Own Gross Negligence
S. Korea - The government decided to increase penalties against those who illegally transfer technology.
Under the currently law, the penalty for committing espionage involving core national technologies is a maximum of 15 years in jail. The government plans to change the duration to at least three years, with no limits...
Regardless
of whether the offense was intentional or the result of gross
negligence, the guilty party will have to pay treble damages, while the
government will seize all gains realized from the illegal transfer. more
...very similar to a cunning plan for the United States, first proposed in 2012.
Under the currently law, the penalty for committing espionage involving core national technologies is a maximum of 15 years in jail. The government plans to change the duration to at least three years, with no limits...
 |
| Information security gross negligence. (Murray Associates case history photo) |
...very similar to a cunning plan for the United States, first proposed in 2012.
Practice Saying, "Yes Master"...like you really mean it!
ROBOTS spying on your social media profiles could stop you from getting your dream job.
Recruitment AI used by companies to pick out applicants scans your posts for signs you might not be right for the role.
Known as DeepSense, the tool assesses your personality based on your online activity – even if you haven't applied for the role and don't know you're being assessed. The language you use, your photos, how often you post and more is merged into a data profile that tells recruiters your interests, teamwork skills, how extroverted or introverted you are, and even your emotional stability. more
Recruitment AI used by companies to pick out applicants scans your posts for signs you might not be right for the role.Known as DeepSense, the tool assesses your personality based on your online activity – even if you haven't applied for the role and don't know you're being assessed. The language you use, your photos, how often you post and more is merged into a data profile that tells recruiters your interests, teamwork skills, how extroverted or introverted you are, and even your emotional stability. more
Interesting Trends in Counterespionage
A new year with new awareness, or just practitioners tuning up their websites?
Security Ponder - How Big is Your Digital Footprint?
2019 may be the year you consider smaller shoes...
Those of us at a certain age grew up in a simpler time. Email was largely unheard of. There was no social media, no Facebook, Twitter or Instagram. There was no e-commerce, no Amazon, Alibaba or Taobao. No online banking. No online dating. Credit card transactions were processed manually. Local businesses accepted personal checks.
In short, there really wasn’t any such thing as a “digital footprint,” where personal information resides virtually, in an electronic ether, potentially available for anyone to see.
But over the last two decades, we’ve moved more and more of our lives into that realm. And almost as soon as we began, people attempted to gain inappropriate access to information of all kinds...
Will we have to change our standards... Time will tell. But there’s no denying our expanding digital footprints are changing the nature of both personal and organizational security.
Monitoring and managing our online personas has become an essential task... more sing-a-long
Those of us at a certain age grew up in a simpler time. Email was largely unheard of. There was no social media, no Facebook, Twitter or Instagram. There was no e-commerce, no Amazon, Alibaba or Taobao. No online banking. No online dating. Credit card transactions were processed manually. Local businesses accepted personal checks.
In short, there really wasn’t any such thing as a “digital footprint,” where personal information resides virtually, in an electronic ether, potentially available for anyone to see. But over the last two decades, we’ve moved more and more of our lives into that realm. And almost as soon as we began, people attempted to gain inappropriate access to information of all kinds...
Will we have to change our standards... Time will tell. But there’s no denying our expanding digital footprints are changing the nature of both personal and organizational security.
Monitoring and managing our online personas has become an essential task... more sing-a-long
Tuesday, January 1, 2019
Happy New Year! It's 1984 ...in 2019
The uniforms allow school officials, teachers, and parents to keep track of the exact times that students leave or enter the school, Lin Zongwu, principal of the No. 11 School of Renhuai in Guizhou Province, told the state-run newspaper Global Times on Dec. 20.
If students skip school without permission, an alarm will be triggered.
If students try to game the system by swapping uniforms, an alarm also will sound, as facial-recognition equipment stationed at the school entrance can match a student’s face with the chip embedded in the uniform. more
FutureWatch: Chips embedded in the students.
Wednesday, December 26, 2018
German Football Club Caught Spying with a Drone
‘We didn‘t do anything illegal!‘
Spy games: German club admit to spying on rivals using drones
German football was stunned at the news that Werder Bremen one of the biggest clubs in the Bundesliga spied on training sessions of rivals Hoffenheim by using drones piloted by club officials...
And remarkably, Werder Bremen has issued a statement taking responsibility for the incident, admitting it was they who arranged for the drone to conduct surveillance of Hoffenheim‘s training session.
An official statement was released, explaining that the drone was piloted by a member of club staff, while the club‘s general manager Frank Bauman made a formal apology and took full responsibility for the incident. more
Spy games: German club admit to spying on rivals using drones
German football was stunned at the news that Werder Bremen one of the biggest clubs in the Bundesliga spied on training sessions of rivals Hoffenheim by using drones piloted by club officials...
And remarkably, Werder Bremen has issued a statement taking responsibility for the incident, admitting it was they who arranged for the drone to conduct surveillance of Hoffenheim‘s training session. An official statement was released, explaining that the drone was piloted by a member of club staff, while the club‘s general manager Frank Bauman made a formal apology and took full responsibility for the incident. more
Spy Book Collection for Kids
Can an undercover nerd become a superstar agent? Ben Ripley sure hopes so—and his life may depend on it!
When Ben Ripley is recruited to the CIA’s Academy of Espionage, it’s a dream come true. But as soon as he gets on campus, Ben finds out that Spy School is way more deadly than debonair. And given his total lack of coordination and failure to grasp even the most basic spying skills, Ben begins to wonder what he’s doing here in the first place.
Luckily, through a series of hilarious misadventures, Ben realizes he could actually become a halfway decent spy…if he can survive all the attempts being made on his life! more
When Ben Ripley is recruited to the CIA’s Academy of Espionage, it’s a dream come true. But as soon as he gets on campus, Ben finds out that Spy School is way more deadly than debonair. And given his total lack of coordination and failure to grasp even the most basic spying skills, Ben begins to wonder what he’s doing here in the first place.
Luckily, through a series of hilarious misadventures, Ben realizes he could actually become a halfway decent spy…if he can survive all the attempts being made on his life! more
FutureWatch: Spy Technology of the Future
An Exciting Future for Spy Technology
1. Real-Time Facial Surveillance That Doesn't Require Clear, Unobstructed Images
2. Tools That Detect Activity Based on a Phone's Characteristics
3. Increased Uses for Artificial Intelligence
4. Technology to Detect Suspicious Body Language
Although it's not possible to know exactly how espionage experts will depend on the things on this list and others, it's evident that technology will help spies achieve their missions. It may also allow them to diversify their responsibilities as tech takes care of past tasks. more
1. Real-Time Facial Surveillance That Doesn't Require Clear, Unobstructed Images
2. Tools That Detect Activity Based on a Phone's Characteristics
3. Increased Uses for Artificial Intelligence
4. Technology to Detect Suspicious Body Language
Although it's not possible to know exactly how espionage experts will depend on the things on this list and others, it's evident that technology will help spies achieve their missions. It may also allow them to diversify their responsibilities as tech takes care of past tasks. more
Subscribe to:
Posts (Atom)