Sunday, April 7, 2019

Polish Millionaire Arrested Over Eavesdropping Scandal

A fugitive Polish "multi-millionaire" at the heart of an eavesdropping scandal... in 2015 has been arrested in Spain, police said Saturday.

Marek Falenta was sentenced to two-and-a-half years in prison in Poland in December 2016 for setting up an eavesdropping system in swanky restaurants in Warsaw that saw waiters record conversations between business-people and politicians.

That led to a major scandal that erupted in 2014 with media publishing extracts of incriminating conversations... more

Friday, April 5, 2019

The Surprising Cost of a GPS Tracking & Cellular Eavesdropping Bug

As described on eBay...

Ultra Mini GF-07 GPS Long Standby Magnetic SOS Tracking Device for Vehicle/Car/Person Location Tracker Locator System Anti-lost Device 

Features:
1. Small size and light weight, easy for carry.


2. Black shell, easy to hide, perfect for tracking vehicles, teens, spouses, elderly persons or assets. With two powerful magnets inside, easy to attach to vehicle firmly, no extra installation need.


3. All you need is a working SIM card (NOT included!) to insert into the device, then you can track and map (with Google Maps) in real-time over the Internet.


4. Dial SIM card number, then you can hear voice around this tracker, with no light and no noise, you can monitoring and spy what's going on around the tracker silently and secretly.


5. Voice Recording Function: Send text message 555 to SIM card number, it will reply a message “Snd” and start recording, SIM card and TF card are not included.


Electronic surveillance devices, like this one, are flooding into the country. Below is just one of the many ads on eBay alone. At these prices (as low as $11.99, and cheaper from the China and Hong Hong listings) they are throwaway items. Set it and forget it. No need to risk retrieving it to recharge the battery. 

Businesses especially need to be concerned. Imagine competitors tracking your sales people, delivery trucks, or your top executives. Learn more about these types of devices and what you can do about them.
Click to enlarge.

Pre-Installed Anti Malware Phone App Does More Harm Than Good

Researchers have discovered multiple vulnerabilities in a pre-installed app on phones made by one of the world’s biggest smartphone vendors that potentially impacted the privacy and security of more than 150 million Android users worldwide.

According to security researchers at Check Point Research, the vulnerabilities were found in an app pre-installed on smartphones made by Xiaomi, the biggest mobile phone manufacturer in China and India, and the fourth biggest by market share in the world.

The app in question was a self-proclaimed security app dubbed “Guard Provider,” which promised to protect Xiaomi users from malware.

Xiaomi said last year it had originally hoped to offer its smartphones and other hardware here in the States in 2019, though those efforts may have been delayed for PR reasons... more

Whew!

Thursday, April 4, 2019

The War Against Smartphone Spyware is On

Eva Galperin says she's learned the signs: the survivors of domestic abuse who come to her describing how their tormentors seem to know everyone they've called, texted, and even what they discussed in their most private conversations...

Galperin has a plan to end that scourge for good—or at least take a serious bite out of the industry.

In a talk she is scheduled to give next week at the Kaspersky Security Analyst Summit in Singapore, Galperin will lay out a list of demands:
  • First, she's calling on the antivirus industry to finally take the threat of stalkerware seriously, after years of negligence and inaction. 
  • She'll also ask Apple to take measures to protect iPhone users from stalkerware, given that the company doesn't allow antivirus apps into its App Store. 
  • Finally, and perhaps most drastically, she says she'll call on state and federal officials to use their prosecutorial powers to indict executives of stalkerware-selling companies on hacking charges.
"It would be nice to see some of these companies shut down," she says. "It would be nice to see some people go to jail." more

Check here if you need a solution for checking your Android phone for spyware.

Wednesday, April 3, 2019

Mar-a-Lago Intruder Caught with USB Stick Loaded with Malware

A Chinese woman carrying a thumb drive loaded with malware was detained at Mar-a-Lago Saturday after trying to gain access to events advertised on Chinese-language social media by Li “Cindy” Yang, the South Florida massage parlor entrepreneur who also ran a business selling access to President Donald Trump and his family.

The woman, Yujing Zhang, has been charged with two federal crimes: making false statements to a federal officer and entering restricted property.
She was carrying four cellphones, one laptop, one external hard drive and a thumb drive, according to court records. In a charging document, a Secret Service agent said a preliminary forensic examination of the thumb drive showed it contained “malicious malware.” The court filing did not provide further details about the nature of the malware. more

See our report on dangerous USB sticks, and what to do about them.
Worried about a person like this entering your premises? Call us.

Monday, April 1, 2019

How to Stop Acoustical Leakage Eavesdropping

Acoustical leakage often occurs even when specific steps are taken to keep conversations private, like closing an office or conference room door. But, as sure as sound wants to migrate, outsiders want to hear...

Aside from structural requirements, walls are built to provide privacy, primarily visual privacy. Little thought is given to privacy from acoustical leakage.

Thin walls and loose fitting doors are the biggest leakers, with open air plenum ceilings and duct work doing their share of leaking as well.

Ideally, acoustical leakage mitigation should be addressed by the architect and installed during the initial construction phase of the building project. Even when they do, a common misconception among contractors is that soundproofing means throwing up another layer of drywall. Wrongo.

Acoustical leakage can be mitigated two ways... more

International Spy Museum is Moving and Expanding

The name isn’t changing, but when International Spy Museum opens in its shiny new home in May, it’s going to be about a lot more than just spies. 

The museum, armed with a 140,000-square-foot new building at 700 L'Enfant Plaza SW, more than 5,000 new artifacts and a whole lot of tech, now aims to be about the full field of intelligence — not just human intelligence, or spying.

Spy will begin selling tickets for the opening, on May 12, in the coming weeks, and will also be rolling out an online trivia game that will give people a chance to win tickets to its opening gala, to be held May 11. more

Man Admits Placing Camera in Friend's Home - Spied for a Year

FL - A 55-year-old Florida man accused of installing a hidden camera in a family friend’s home and watching them on his phone was arrested and charged Wednesday.

Terry Sumner plugged the camera into a wall outlet in the living room of the home sometime last year, according to the Hillsborough County Sheriff’s Office.

The woman discovered the camera March 5 and contacted authorities.

Sumner, of Plant City, admitted to detectives that he placed the camera there and it had been there for about a year.

“Sumner explained that there was a smartphone application on his phone that he would use to watch, listen and record activity in the victim's home through a live feed...” more

Former French Spy Accused in Africa Murder Plot Shot Dead in ‘Professional’ Hit

A former French spy was found dead with several bullet wounds at a rest stop in the Alps near Lake Geneva.  Police said the killing of Daniel Forestier was a “professional job” and he had been shot five times in the head and heart, according to reports. more

Sunday, March 31, 2019

Security Tip: Why it Always Pays to Hire The Best.

Following the revelation that the The National Enquirer had obtained intimate texts and images between Amazon CEO Jeff Bezos and Lauren Sanches, Bezos ordered an investigation into who was behind the data breach.

In a post on The Daily Beast, Bezos’ security consultant Gavin De Becker says that his team of investigators have “concluded with high confidence that the Saudis had access to Bezos’ phone...” more

That Loud Burp You Hear Today is History Repeating Itself

The upstart nation was a den of intellectual piracy. One of its top officials urged his countrymen to steal and copy foreign machinery. Across the ocean, a leading industrial power tried in vain to guard its trade secrets from the brash young rival.

In the late 18th and early 19th centuries, the rogue nation was the United States. The official endorsing thievery was Treasury Secretary Alexander Hamilton. And the main victim was Britain.

How times have changed...

Now, the United States accuses China of the very sort of illicit practices that helped America leapfrog European rivals two centuries ago and emerge as an industrial giant. more

A proposed solution.

Protecting Confidential Information - The Japanese Model

Japan - The government is making every effort to keep information on the new Imperial era name secret until its announcement Monday and officials are even checking plants inside the Prime Minister’s Office for possible bugging devices...

The government will ask members of the expert panel, parliamentary leaders and Cabinet ministers not to bring any recording devices, including smartphones, into the rooms where the new era name will be presented and not to leave there before the announcement.

The government plans to check the belongings of panel members before they enter the Prime Minister’s Office and have government personnel escort them to restrooms so they will not make any contact with outsiders. more

Inside Info Discussed Outside is a Big Deal... killer

Careless talk costs dollars. That’s the lesson from a case heard last week by one of France’s financial regulators.

Lazard Ltd. dealmaker Vincent Le Stradic spent two and a half hours aboard a Eurostar train from London to Paris in 2014 working on a $15 billion takeover bid by Iliad SA for T-Mobile US Inc.

He was oblivious to the fact that the casually dressed man sitting next to him was Alexandre Zaluski, a UBS Group AG banker, who passed the information to a colleague, ultimately resulting in the bank pitching to Iliad to help finance the deal...

It’s an open secret in the media industry that some of the best scoops can be picked up by eavesdropping in lawyers and banker hangouts, from London’s Ye Olde Cheshire Cheese and Michael’s in Midtown Manhattan to Hong Kong’s Captain’s Bar and Mumbai’s Willingdon Sports Club. more

Working on a takeover, merger or acquisition? 
Put an information security consultant on your team.

FutureWatch - Spying on What Drones Spy

Should you worry about drone jacking if your business relies on taking aerial video footage? Probably. For one thing, camera drones are one of the juiciest targets for cybercriminals around. They know that companies using these vehicles tend to install high-quality cameras and accessories, in order to capture the best possible footage. So camera drones are a prime target - if only due to their resale value. 

But the data captured by camera drones could be even more attractive. Security experts have shown that it's relatively simple to steal the login credentials of pilots, providing total awareness of flight paths, footage, and any other data. This can be sold on to third parties, , or just exploited for personal use.

When unedited footage leaks, it can be a huge reputational risk for the company that captured it, as well as a loss of valuable proprietary data. So it makes sense to secure your footage as much as possible, but how can you do so? more

Wednesday, March 27, 2019

This Week in Corporate Espionage

HONDA
Calling corporate espionage a threat to its competitive advantage in the all-terrain vehicle market, Honda of South Carolina is going to court to find out who posted unauthorized photos of its Talon side-by-side vehicles on the Internet...

...photos and detailed, confidential information about the Talon models started showing up on Internet sites hondasxs.com and HondaProKevin.com.

According to Honda’s complaint, someone using the screen name “hondasecrets” posted photos of Talons taken inside the factory. Another using the name “HondaTalon” posted specifications “regarding the horsepower, maximum speed, and measurements, which Honda had not yet released to the public,” the complaint states. more

-----

TESLA
Tesla Inc. accused one of its former engineers of stealing highly confidential autopilot information before bolting to the Tesla of China, Xpeng Motors, eight months after one of Apple Inc.’s ex-employees was charged with taking sensitive robocar secrets to a new job with Xpeng.

Allegations that a second Silicon Valley giant (see below) was betrayed by one of its own workers bound for the same Chinese startup come amid a major U.S. crackdown on Chinese corporate espionage. more

-----

APPLE
A former hardware engineer (Zhang Xiaolang) for Apple’s autonomous vehicle development team who went to work for Xpeng is facing criminal charges brought by the U.S. Justice Department. He has pleaded not guilty...

Zhang told Apple he wanted to be closer to his ailing mother in China just before revealing to his supervisor that he intended to work for Xpeng. Apple grew more suspicious after seeing his increased network activity and visits to the office before he resigned, prosecutors said in a criminal complaint. He was arrested after he passed through the security checkpoint at Silicon Valley’s San Jose International Airport to board a flight to China. more