A Spanish security firm that worked for the Ecuadorean embassy in London is being investigated on suspicion it spied on WikiLeaks founder Julian Assange for US secret services.
Spain’s National Court says it is investigating whether David Morales and his Undercover Global SL security agency invaded Assange’s privacy and that of his lawyers by installing hidden microphones and other devices in the embassy.
It said the information gathered appeared to have been passed on to Ecuadorean and US bodies. more
UPDATE - Director of Spanish security company that spied on Julian Assange arrested.
Thursday, October 10, 2019
Cop Dropped for Electronic Eavesdropping - Nothing Further to Report
CA - The Roseville Police Department arrested an officer of Folsom’s police
force Wednesday on suspicion of stalking, electronic eavesdropping and
illegally using monitoring equipment...
The Roseville Police Department said it would not be releasing any further information regarding the investigation. more
Read more here: https://www.sacbee.com/news/local/crime/article235979622.html#storylink=cpy
The Roseville Police Department said it would not be releasing any further information regarding the investigation. more
Read more here: https://www.sacbee.com/news/local/crime/article235979622.html#storylink=cpy
Don't Get Struck by Lightning by Borrowing a Cable
Bad news: A hacker has created a rogue Lightning cable that lets bad guys take over your computer. Worse news: Now it’s being mass-produced.
... from now on, asking a stranger to borrow a Lightning cable, or accepting an offer by a stranger to give you one, is the last thing you’ll want to do if you’re scrupulous about protecting your data.
That’s because a hacker has created the first Lightning cable that, when plugged into your Mac or PC, will allow someone to remotely take over your computer.
Worse, this hacked Lightning cable, called the O.MG Cable, isn’t a bespoke one-off. It’s being mass-produced in factories so anyone can buy and use them to target your data. more
... from now on, asking a stranger to borrow a Lightning cable, or accepting an offer by a stranger to give you one, is the last thing you’ll want to do if you’re scrupulous about protecting your data.
That’s because a hacker has created the first Lightning cable that, when plugged into your Mac or PC, will allow someone to remotely take over your computer.
Worse, this hacked Lightning cable, called the O.MG Cable, isn’t a bespoke one-off. It’s being mass-produced in factories so anyone can buy and use them to target your data. more
Japan Ninja Student - Writes Essay in Invisible Ink - Gets A+
Japanese student of ninja history who handed in a blank paper was given top marks - after her professor realised the essay was written in invisible ink.
Eimi Haga followed the ninja technique of "aburidashi", spending hours soaking and crushing soybeans to make the ink.
The words appeared when her professor heated the paper over his gas stove.
"It is something I learned through a book when I was little," Ms Haga told the BBC. more
Eimi Haga followed the ninja technique of "aburidashi", spending hours soaking and crushing soybeans to make the ink.
The words appeared when her professor heated the paper over his gas stove.
"It is something I learned through a book when I was little," Ms Haga told the BBC. more
Tuesday, October 8, 2019
A Blue Blaze Irregular Asks About RFID Money Detectors
Hi Kevin,
I would love it if you did a report on the RFID in currency and the "detectors" that are used to identify the exact amount of cash in a car, suitcase, etc.
For example, a husband and wife were driving with $14,000 cash to buy a car when an automobile from Homeland Security pulled alongside them for a minute to scan their car. When they realized the car had $14,000 in it, they informed the local law enforcement which then proceeded to pull the car over to confiscate the money. Or the sheriff in Northern California who uses a similar "detector" to pull over people who are bringing cash to Nor Cal to buy cannabis during harvest season. From what I've read, wrapping anything that has the RFID in it with aluminum foil or a Faraday cage-like material is enough to block any signals. I think your readers would find this very interesting.
Thanks Kevin I appreciate it.
FutureWatch: I looked into it and found some interesting articles. It appears the U.S. Treasury department is looking into it. They currently have a Request for Information (RFI) out to develop this technology. Answers due by January, 24, 2020.
Technical papers on this technology include...
Banknote Validation through an Embedded RFID Chip and an NFC-Enabled Smartphone
A Comparison Survey Study on RFID Based Anti-Counterfeiting Systems
RFID banknotes
Apparently, this technology has been explored since at least 2001. I couldn't find that it has been implemented anywhere... yet. It appears it may be coming, however.
Our BBI is correct. RFID readers can be easily blocked by Faraday Cage techniques.
All this reminds me weapons of war; evolutionary stair-step escalation through the ages.
Double FutureWatch: RFID tracking of currency may become a moot point if governments leap-frog into cryptocurrencies.
For example, a husband and wife were driving with $14,000 cash to buy a car when an automobile from Homeland Security pulled alongside them for a minute to scan their car. When they realized the car had $14,000 in it, they informed the local law enforcement which then proceeded to pull the car over to confiscate the money. Or the sheriff in Northern California who uses a similar "detector" to pull over people who are bringing cash to Nor Cal to buy cannabis during harvest season. From what I've read, wrapping anything that has the RFID in it with aluminum foil or a Faraday cage-like material is enough to block any signals. I think your readers would find this very interesting.
Thanks Kevin I appreciate it.
FutureWatch: I looked into it and found some interesting articles. It appears the U.S. Treasury department is looking into it. They currently have a Request for Information (RFI) out to develop this technology. Answers due by January, 24, 2020.
Technical papers on this technology include...
Banknote Validation through an Embedded RFID Chip and an NFC-Enabled Smartphone
A Comparison Survey Study on RFID Based Anti-Counterfeiting Systems
RFID banknotes
Apparently, this technology has been explored since at least 2001. I couldn't find that it has been implemented anywhere... yet. It appears it may be coming, however.
Our BBI is correct. RFID readers can be easily blocked by Faraday Cage techniques.
All this reminds me weapons of war; evolutionary stair-step escalation through the ages.
Double FutureWatch: RFID tracking of currency may become a moot point if governments leap-frog into cryptocurrencies.
Monday, October 7, 2019
Signal Users - Time to Patch
A security flaw in the privacy-focused encrypted messaging service
Signal could enable a threat actor to listen to the audio stream
recorded by the Android device of another Signal user, without their
knowledge...
The attack does not work with Signal video calls.
The issue was discovered last month by a researcher with Google Project Zero. Signal has already released a patch. more
The attack does not work with Signal video calls.
The issue was discovered last month by a researcher with Google Project Zero. Signal has already released a patch. more
GPS Cyberstalking of Girlfriend Brings Indictment for Alleged Mobster
20 supposed wiseguys charged because one was possessive...
Joseph Amato's attempt to surveil his girlfriend by attaching a hidden GPS device to her car led authorities to surveil the alleged mobster, and ultimately to his indictment by a grand jury...
"In November 2016, a GPS tracking device was found on an MTA bus in Staten Island during a routine maintenance inspection: it had been hidden in an oil pan," the government's detention memo states. "In fact, Joseph Amato had purchased the device to place a girlfriend, identified herein as Jane Doe, under close surveillance and used the tracking device in an attempt to maintain control over her."...
...after Jane Doe discovered the GPS tracker on her car and removed it. The detention memo suggests she placed it on an MTA bus to thwart Amato's surveillance. more
Joseph Amato's attempt to surveil his girlfriend by attaching a hidden GPS device to her car led authorities to surveil the alleged mobster, and ultimately to his indictment by a grand jury...
"In November 2016, a GPS tracking device was found on an MTA bus in Staten Island during a routine maintenance inspection: it had been hidden in an oil pan," the government's detention memo states. "In fact, Joseph Amato had purchased the device to place a girlfriend, identified herein as Jane Doe, under close surveillance and used the tracking device in an attempt to maintain control over her."...
...after Jane Doe discovered the GPS tracker on her car and removed it. The detention memo suggests she placed it on an MTA bus to thwart Amato's surveillance. more
Labels:
amateur,
counterespionage,
GPS,
humor,
lawsuit,
surveillance
Women Snooping on Boyfriends Help Topple Dictator Instead
It all started in 2015 with a frantic message from a woman in Sudan who was having cold feet ten days before her wedding. The woman had a nagging feeling her husband-to-be was cheating on her, and she was desperate to find out the truth before she went through with the marriage.
She decided to reach out to her friend Rania Omer, who had won a lottery visa to become a U.S. citizen five years earlier.
Now Omer was 24 and studying at a college in Nebraska, but she still fancied herself an anti-matchmaker among her close-knit community back home in Khartoum. The friend wanted Omer’s help. Would she mind posting a photo of the potential husband to Facebook to see if other women could dig up information on him?
A few hours later, Omer had her answer: one commenter posted to say she was his wife. more
She decided to reach out to her friend Rania Omer, who had won a lottery visa to become a U.S. citizen five years earlier.
Now Omer was 24 and studying at a college in Nebraska, but she still fancied herself an anti-matchmaker among her close-knit community back home in Khartoum. The friend wanted Omer’s help. Would she mind posting a photo of the potential husband to Facebook to see if other women could dig up information on him?
A few hours later, Omer had her answer: one commenter posted to say she was his wife. more
Friday, October 4, 2019
Dissinformation as a Service (DaaS)
While disinformation campaigns are often associated with governments, new research indicates there is a robust, easy-to-navigate market for anyone looking to buy their own propaganda arms.
It is “alarmingly simple and inexpensive” to launch a sophisticated disinformation campaign, analysts from threat-intelligence company Recorded Future concluded after studying the issue. “Disinformation services are highly customizable in scope, costing anywhere from several hundreds of dollars to hundreds of thousands of dollars, or more depending on the client’s needs.”...
“If the ease of this experience is any indication, we predict that disinformation-as-a-service will soon spread from a nation-state tool to one increasingly used by individuals and organizations,” the Recorded Future analysts said. more
As Technical Information Security Consultants, this caught our attention.
The best disinformation always adds in some correct information. The sum is verisimilitude, the ring of truth.
So, where will the best correct information come from? Inside, of course.
Another very good reason to conduct regularly scheduled Technical Information Security surveys at your organization.
It is “alarmingly simple and inexpensive” to launch a sophisticated disinformation campaign, analysts from threat-intelligence company Recorded Future concluded after studying the issue. “Disinformation services are highly customizable in scope, costing anywhere from several hundreds of dollars to hundreds of thousands of dollars, or more depending on the client’s needs.”...
“If the ease of this experience is any indication, we predict that disinformation-as-a-service will soon spread from a nation-state tool to one increasingly used by individuals and organizations,” the Recorded Future analysts said. more
As Technical Information Security Consultants, this caught our attention.
The best disinformation always adds in some correct information. The sum is verisimilitude, the ring of truth.
So, where will the best correct information come from? Inside, of course.
Another very good reason to conduct regularly scheduled Technical Information Security surveys at your organization.
Tuesday, October 1, 2019
U.S. Tour Guide Accused as Spy for China's Security Service
Watch Surveillance Video of Alleged Spy’s ‘Dead Drop’ at Hotel
The U.S. arrested a California man accused of spying for China’s security service while working as a tour guide in the San Francisco area. U.S. agents secretly monitored drop-offs of packages at a hotel in Newark, California, that were traced to Peng, according to the complaint.
China’s Ministry of State Security schemed “to use an American citizen to remove classified security information to the PRC,” U.S. Attorney David Anderson said at a press conference.
Peng’s activities for the company where he worked, U.S. Tour and Travel, “went far beyond innocent sight-seeing,” Anderson said. more
Husband Ordered to Pay Almost $500K After Bugging Wife’s iPhone
The chairman of a performing arts school in Brooklyn has to pay an
almost $500,000 verdict after he installed spying software in his
estranged tobacco-heiress wife’s iPhone...
Jurors ordered Crocker Coulson, Brooklyn Music School chairman, to pay Anne Resnik $200,000 in compensatory damages, $200,000 in punitive damages, and $41,500 in statutory damages—or $100 for each of the 415 days he accessed her phone between 2012 and 2014.
Coulson was also ordered to pay $10,000 to Resnik’s mom, sister, and psychiatrist because he also intercepted their communications by spying on his wife. more
Jurors ordered Crocker Coulson, Brooklyn Music School chairman, to pay Anne Resnik $200,000 in compensatory damages, $200,000 in punitive damages, and $41,500 in statutory damages—or $100 for each of the 415 days he accessed her phone between 2012 and 2014.
Coulson was also ordered to pay $10,000 to Resnik’s mom, sister, and psychiatrist because he also intercepted their communications by spying on his wife. more
Credit Suisse’s C.O.O. Quits Over a Spying Scandal
Chief Operating Officer Pierre-Olivier Bouee, who worked as the CEO’s chief lieutenant at three companies for more than 10 years, stepped down after ordering detectives to shadow former wealth-management head Iqbal Khan to ensure he didn’t poach clients and brokers for his new post at UBS Group AG. The bank said that he acted alone...
Chairman Urs Rohner is seeking to contain a scandal that erupted in Swiss tabloids a week ago and escalated into a threat for the bank’s top leadership after a confrontation in downtown Zurich between Khan and the private detectives sent to spy on him.
Events took on an even more dramatic turn just before the bank’s announcement, when it emerged that a contractor hired by the bank to recruit the investigative agency took his own life. more
Chairman Urs Rohner is seeking to contain a scandal that erupted in Swiss tabloids a week ago and escalated into a threat for the bank’s top leadership after a confrontation in downtown Zurich between Khan and the private detectives sent to spy on him.
Events took on an even more dramatic turn just before the bank’s announcement, when it emerged that a contractor hired by the bank to recruit the investigative agency took his own life. more
Uber’s Next Big Safety Feature... Eavesdropping
Uber users have raised their share safety concerns with the company, and now it seems that a new feature that could help allay some of those concerns is on the way.
Uber is apparently testing a feature that will allow riders to record audio through the app when they feel unsafe during a ride.
There are a lot of details we don’t know about this feature yet, as Uber hasn’t said anything official about it. more
Uber is apparently testing a feature that will allow riders to record audio through the app when they feel unsafe during a ride.
There are a lot of details we don’t know about this feature yet, as Uber hasn’t said anything official about it. more
Legit-Looking iPhone Cable That Hacks
Soon it may be easier to get your hands on a cable that looks just like a legitimate Apple lightning cable, but which actually lets you remotely take over a computer. The security researcher behind the recently developed tool announced over the weekend that the cable has been successfully made in a factory...
MG is the creator of the O.MG Cable. It charges phones and transfers data in the same way an Apple cable does, but it also contains a wireless hotspot that a hacker can connect to. Once they've done that, a hacker can run commands on the computer, potentially rummaging through a victim's files, for instance. more - background
MG is the creator of the O.MG Cable. It charges phones and transfers data in the same way an Apple cable does, but it also contains a wireless hotspot that a hacker can connect to. Once they've done that, a hacker can run commands on the computer, potentially rummaging through a victim's files, for instance. more - background
Tuesday, September 10, 2019
GPS Tracker Bugs Kids... about 600,000 of them.
Serious security flaws in GPS trackers manufactured by a Chinese company have been found to expose location data of nearly 600,000 children and elderly, according to researchers from cybersecurity firm Avast.
The researchers spotted the vulnerabilities in the T8 Mini GPS tracker and nearly 30 other models by the same manufacturer, Shenzhen i365 Tech.
...these devices expose all data sent to the Cloud, including exact real-time GPS coordinates, showed the findings revealed last week.
Further, design flaws can enable unwanted third-parties to spoof the location or access the microphone for eavesdropping.
The researchers estimate that there are about 600,000 of these unprotected trackers in use globally that are using the very generic default password of "123456". more
T8 Mini GPS Tracker Locator |
...these devices expose all data sent to the Cloud, including exact real-time GPS coordinates, showed the findings revealed last week.
Further, design flaws can enable unwanted third-parties to spoof the location or access the microphone for eavesdropping.
The researchers estimate that there are about 600,000 of these unprotected trackers in use globally that are using the very generic default password of "123456". more
Subscribe to:
Posts (Atom)