Unsecured printers are one of the items on our inspection checklist. Why? Because it is a very common problem. Normally buttoned-up networks put out a hacker welcome mat with just one unsecured printer. ~Kevin
Office printers don’t have to be security threats: with foresight and
maintenance they’re very easily threat-proofed. The problem is that
system administrators rarely give the humble printer (or scanner, or
multifunction printer) much attention.
Hackers haven’t forgotten about printers – not by a long shot.
Last summer, a Russian hacker group penetrated numerous organizations by
first infiltrating unprotected printers, which were connected to the
same network as every other device, and then laddering up to exploit
increasingly sensitive areas.
Furthermore, according to a recent report,
foreign governments can also easily conduct industrial espionage by
targeting this under-the-radar beachhead into the organizational
networks...
Using third parties to continually help identify security risks is a
smart course of action for enterprises that are truly serious about
security measures. more
Sunday, April 19, 2020
Managers: Don’t Rush to Workplace Spyware during Pandemic
A Rutgers organizational psychologist explains ramifications of putting spy software in place.
With millions of employees working remotely due to the coronavirus pandemic, managers—likely new to virtual management—are scrambling to find the best ways to oversee them online.
Computer performance monitoring may interest those looking for “an extra set of eyes,” but workplace surveillance is not that simple, according to John Aiello, an expert in organizational psychology at Rutgers School of Arts and Sciences.“While spy software may relieve the manager’s anxieties, organizations will see an increase in stress on employees and it could decrease productivity,” said Aiello, who has researched the electronic monitoring of workers over the last three decades.
Topics addressed...
How does monitoring software affect productivity?
How does implementing this surveillance affect managers?
Can electronic monitoring be used for “the greater good?”
If employers are thinking about implementing this surveillance, what might be done first?
more
With millions of employees working remotely due to the coronavirus pandemic, managers—likely new to virtual management—are scrambling to find the best ways to oversee them online.
Computer performance monitoring may interest those looking for “an extra set of eyes,” but workplace surveillance is not that simple, according to John Aiello, an expert in organizational psychology at Rutgers School of Arts and Sciences.“While spy software may relieve the manager’s anxieties, organizations will see an increase in stress on employees and it could decrease productivity,” said Aiello, who has researched the electronic monitoring of workers over the last three decades.
Topics addressed...
How does monitoring software affect productivity?
How does implementing this surveillance affect managers?
Can electronic monitoring be used for “the greater good?”
If employers are thinking about implementing this surveillance, what might be done first?
more
Thursday, April 16, 2020
Gad Zoox - Tesla Settles Trade Secret Theft Law Suit
Zoox Inc. said on Tuesday it had settled a lawsuit with Tesla Inc. after admitting that some new hires from the electric carmaker were in possession of certain Tesla documents when they joined the U.S. self-driving car startup.
Tesla lawyers filed a lawsuit in March last year against four former employees and Zoox, alleging the employees stole proprietary information and trade secrets for developing warehousing, logistics and inventory control operations.
Zoox said the settlement required it to pay Tesla an undisclosed amount and undergo an audit to ensure that none of its employees had retained or are using Tesla's confidential information. more
Tesla lawyers filed a lawsuit in March last year against four former employees and Zoox, alleging the employees stole proprietary information and trade secrets for developing warehousing, logistics and inventory control operations.
Zoox said the settlement required it to pay Tesla an undisclosed amount and undergo an audit to ensure that none of its employees had retained or are using Tesla's confidential information. more
Zeroing in on Zoom’s Threat to Financial Services
COVID-19 has induced a significant shift in the way we work. Remote is the new reality.
There may be, however, a tremendous cost to Zoom’s convenience... For many, Zoom has been the answer to staying connected in the workplace.
Simply put, the widespread adoption of Zoom amid a global pandemic might be the security vulnerability of the decade.
In fact, any financial services organization using the service should immediately assume their user credentials are under malicious parties’ control.
In recent weeks, New York Attorney General Letitia James has probed Zoom’s data security strategy, and whether the company’s security protections can keep up with the spike in users. It is also our understanding the FBI, among other federal government agencies, has also prohibited the use of Zoom and WebEx due to security concerns. more
Suit Claims Facebook, LinkedIn Eavesdropped on Zoom Calls
More Zoom news.
There may be, however, a tremendous cost to Zoom’s convenience... For many, Zoom has been the answer to staying connected in the workplace.
Simply put, the widespread adoption of Zoom amid a global pandemic might be the security vulnerability of the decade.
In fact, any financial services organization using the service should immediately assume their user credentials are under malicious parties’ control.
In recent weeks, New York Attorney General Letitia James has probed Zoom’s data security strategy, and whether the company’s security protections can keep up with the spike in users. It is also our understanding the FBI, among other federal government agencies, has also prohibited the use of Zoom and WebEx due to security concerns. more
Suit Claims Facebook, LinkedIn Eavesdropped on Zoom Calls
More Zoom news.
Business Espionage - You Staying in Jail
U.S. District Judge Ronnie Greer Wednesday temporarily stayed – or
postponed – the pretrial release of Xiorong “Shannon” You, a 56-year-old
Chinese-born chemical engineer accused of stealing $17 million in trade
secrets from Eastman Chemical Company and more than $100 million more
while working for Coca-Cola in Atlanta, according to court documents. more
Spycam Story # 834 - Deputy Danner Investigates Rectangular Turd
FL - Citrus County Sheriff’s Office deputies following up on a tip ... led to an investigation and arrest of a Dunnellon man for
video voyeurism, according to a Citrus County Sheriff’s Office arrest
affidavit...
Upon observing the interior of the portable toilet, the deputies could observe a black box-type object floating in the water, the report stated. (a la Caddyshack pool scene)
Deputy Danner was able to safely retrieve the object from the toilet. Deputies noted the item was a portable Brickhouse security camera. They were able to remove the subscriber identity module (SIM) card (more accurately an SD card) located inside the camera.
Deputies observed multiple files on the SIM card and opened one. At the 16:39.48 timestamp mark deputies observed a white male subject wearing a collared white, red, blue and green striped shirt with white/khaki shorts affixing the camera to the inside of the toilet...
Deputies confirmed he was wearing the same clothing found on the file located on the SIM card where he placed the camera in the toilet. more (You can't make this sh-t up. Perp gets the Darwin Award from us for filming himself.)
Upon observing the interior of the portable toilet, the deputies could observe a black box-type object floating in the water, the report stated. (a la Caddyshack pool scene)
Deputy Danner was able to safely retrieve the object from the toilet. Deputies noted the item was a portable Brickhouse security camera. They were able to remove the subscriber identity module (SIM) card (more accurately an SD card) located inside the camera.
Deputies observed multiple files on the SIM card and opened one. At the 16:39.48 timestamp mark deputies observed a white male subject wearing a collared white, red, blue and green striped shirt with white/khaki shorts affixing the camera to the inside of the toilet...
Deputies confirmed he was wearing the same clothing found on the file located on the SIM card where he placed the camera in the toilet. more (You can't make this sh-t up. Perp gets the Darwin Award from us for filming himself.)
Wednesday, April 15, 2020
China May Be Tapped Out
The Trump administration is continuing with actions that cut telecom ties with China, including a new filing from the National Telecommunications and Information Administration that recommends that the Federal Communications Commission revoke China Telecom’s ability to carry international voice traffic between the U.S. and other countries...
China Telecom was authorized in 2007 to operate in the U.S. and it provides a suite of services that include voice, data television and business network services. It also operates a mobile virtual network operator, CTExcel, that targets Chinese Americans and Chinese tourists and students, according to the filing—but times and risks have changed, NTIA has concluded.
It also said that 80% of the DoJ’s economic espionage cases where a foreign entity or government would benefit, have involved China. more
It also said that 80% of the DoJ’s economic espionage cases where a foreign entity or government would benefit, have involved China. more
Attorney Approved - A Strange Reality Hollywood Spy Camera Story
Aaron Kaplan,
the prolific TV producer, has been accused in a lawsuit of installing
cameras in his sister-in-law’s bedroom — with one focused on her closet —
in order to spy on her...
Aaron Kaplan, producer of “The Chi,” “Santa Clarita Diet” and other shows, has been embroiled in a probate fight with his sister-in-law since the death of his brother, Joe, in July 2018.
In a probate filing in February, Aaron Kaplan acknowledged that he arranged for the cameras to be placed in the closet because he worried that Elizabeth Kaplan would break into a safe that held valuables belonging to her late husband’s trust...
According to Elizabeth Kaplan’s lawsuit, two weeks after she returned to the couple’s home in Malibu, she and her mother discovered two cameras in her husband’s closet in the master bedroom. The suit alleges that the second camera was positioned such that it pointed at Elizabeth Kaplan’s closet...
In his probate filing, Aaron Kaplan said he became suspicious soon after his brother’s death, when he heard that Elizabeth’s friends had been seen entering the Malibu house and that artwork had been removed from the walls.
“Based on consultations with his attorney, the Trustee understood that he could — and should — have motion-activated cameras installed in Joe’s personal closet to monitor and protect those assets for the beneficiaries of Joe’s Trust,” Aaron Kaplan’s attorneys wrote.
According to the filing, the cameras captured Elizabeth Kaplan and her mother rifling through Joe Kaplan’s belongings in search of cash. They also allegedly hired a locksmith to try to break into the safe, in spite of instructions from Aaron’s attorney that the contents belonged to the separate trust.
The video also captured Elizabeth discovering $10,000 in cash, counting it out, and pocketing it, according to the filing.
The recordings stopped once Elizabeth and her mother discovered and disabled the cameras. more
Aaron Kaplan, producer of “The Chi,” “Santa Clarita Diet” and other shows, has been embroiled in a probate fight with his sister-in-law since the death of his brother, Joe, in July 2018.
In a probate filing in February, Aaron Kaplan acknowledged that he arranged for the cameras to be placed in the closet because he worried that Elizabeth Kaplan would break into a safe that held valuables belonging to her late husband’s trust...
According to Elizabeth Kaplan’s lawsuit, two weeks after she returned to the couple’s home in Malibu, she and her mother discovered two cameras in her husband’s closet in the master bedroom. The suit alleges that the second camera was positioned such that it pointed at Elizabeth Kaplan’s closet...
In his probate filing, Aaron Kaplan said he became suspicious soon after his brother’s death, when he heard that Elizabeth’s friends had been seen entering the Malibu house and that artwork had been removed from the walls.
“Based on consultations with his attorney, the Trustee understood that he could — and should — have motion-activated cameras installed in Joe’s personal closet to monitor and protect those assets for the beneficiaries of Joe’s Trust,” Aaron Kaplan’s attorneys wrote.
According to the filing, the cameras captured Elizabeth Kaplan and her mother rifling through Joe Kaplan’s belongings in search of cash. They also allegedly hired a locksmith to try to break into the safe, in spite of instructions from Aaron’s attorney that the contents belonged to the separate trust.
The video also captured Elizabeth discovering $10,000 in cash, counting it out, and pocketing it, according to the filing.
The recordings stopped once Elizabeth and her mother discovered and disabled the cameras. more
Daughter Saves Mom from Video Voyeurism
UT - A Kamas man has been charged with multiple offenses after he allegedly hid cameras in the heat vents of a woman’s Summit County residence.
Matthew Ryan Ingoldsby, 48, was arrested on March 31 and is facing charges of:
Matthew Ryan Ingoldsby, 48, was arrested on March 31 and is facing charges of:
- Burglary of a dwelling, a second-degree felony
- Voyeurism by electronic equipment concealed or disguised, a class A misdemeanor
- Stalking, a third-degree felony
- Tampering with a witness, a third-degree felony
Corporate Privacy & Information Security Challenges from Covid-19
This is an excellent information security article written by a respected colleague. ~Kevin
via Charles Patterson - Exec Security
The CoVid-19 response has had serious and often devastating effects on individuals and businesses throughout the world... But there are a number of side-effects from this, many of which affect privacy and information security...
Company offices may be left mostly empty with a skeleton crew, and access being granted to maintenance staff or a few lone employees who may still be carrying out basic operations or some who may have just needed to return to pick up something from their desk to help them work better from home. This means the employees, cleaners, and other staff will be largely unsupervised and may have easy access to areas not normally permitted...
When reviewing your security during this period, here are some very important points to consider:
via Charles Patterson - Exec Security
The CoVid-19 response has had serious and often devastating effects on individuals and businesses throughout the world... But there are a number of side-effects from this, many of which affect privacy and information security...
Company offices may be left mostly empty with a skeleton crew, and access being granted to maintenance staff or a few lone employees who may still be carrying out basic operations or some who may have just needed to return to pick up something from their desk to help them work better from home. This means the employees, cleaners, and other staff will be largely unsupervised and may have easy access to areas not normally permitted...
When reviewing your security during this period, here are some very important points to consider:
- How secure was your facility during the down time?
- Note what areas were weakened, where was less manpower deployed?
- Who continued to have access?
- What types of staff were still given access? Were employees still allowed back in?
- Were any private or classified areas left open and unattended?
- Pay particular attention to board rooms, conference areas, and C-suites. Look for any signs of unauthorized activity.
- What incidents may have occurred during the period?
- Review logs of any security incidents, look for any correlations that could indicate suspicious activity.
- Were there any areas accessed by unauthorized personnel?
- Investigate thoroughly any reports of employees found in unauthorized areas.
- Did any break-ins or vandalism occur?
- Security breaches or other incidents could be used as a cover for actual espionage activity. If a break-in or theft was reported, pay attention to any nearby areas that may have been accessed as well.
Google Searches for "Wiretap" Up 100% in the Past Week
A lot of people have too much time on their hands.
Or, interest in knowing someone else's business is mirroring the uptick in phone calls.
Or, interest in protecting one's business is mirroring the uptick in phone calls.
Or, all of the above.
We'll put this in the You Decide file.
Or, interest in knowing someone else's business is mirroring the uptick in phone calls.
Or, interest in protecting one's business is mirroring the uptick in phone calls.
Or, all of the above.
We'll put this in the You Decide file.
Tuesday, April 14, 2020
500,000 Hacked Zoom Accounts Given Away - Free On The Dark Web
New users have flocked to the Zoom video conferencing platform as businesses, schools, and other organizations look for ways to meet safely during the Coronavirus pandemic. Unfortunately many of those brand new accounts appear to have been secured with old passwords.
The cyber risk assessment experts at Cyble recently discovered a hacker selling stolen Zoom credentials at dirt-cheap prices — and in some cases giving them away for free.
Cyble purchased more than 530,000 on an underground hacking forum for next to nothing. Several of the company’s clients were among the stolen credentials, which also included personal meeting URLs and Zoom host keys. Cyble reached out and confirmed that the credentials were indeed valid.
Password re-use remains a huge security issue for the general public. Fatigued users feel like they can’t remember yet another password so they set up new accounts using an old stand-by.
The problem is that by now all of those old stand-by passwords have been filed away in databases by criminal hackers. They’re actively using them to break into accounts using brute force attacks.
Usernames, email addresses, and passwords have been exposed by the billions over the past several years. Creating a new account on Zoom — or any service, for that matter — is simply not a good idea.
Hackers will come knocking. It’s not a question of if. It’s a question of when. more
Spybuster Tip # 053 - Upgrade all your passwords.
Spybuster Tip # 054 - Don't worry about having to remember all your passwords. Use a password vault.
The cyber risk assessment experts at Cyble recently discovered a hacker selling stolen Zoom credentials at dirt-cheap prices — and in some cases giving them away for free.
Cyble purchased more than 530,000 on an underground hacking forum for next to nothing. Several of the company’s clients were among the stolen credentials, which also included personal meeting URLs and Zoom host keys. Cyble reached out and confirmed that the credentials were indeed valid.
Password re-use remains a huge security issue for the general public. Fatigued users feel like they can’t remember yet another password so they set up new accounts using an old stand-by.
The problem is that by now all of those old stand-by passwords have been filed away in databases by criminal hackers. They’re actively using them to break into accounts using brute force attacks.
Usernames, email addresses, and passwords have been exposed by the billions over the past several years. Creating a new account on Zoom — or any service, for that matter — is simply not a good idea.
Hackers will come knocking. It’s not a question of if. It’s a question of when. more
Spybuster Tip # 053 - Upgrade all your passwords.
Spybuster Tip # 054 - Don't worry about having to remember all your passwords. Use a password vault.
Monday, April 13, 2020
FREE - The Murray Associates "Spycam Detection Training Course"
I've created a special Covid coupon so anyone can take our Spycam Detection in Workplace Expectation of Privacy Areas, absolutely FREE. (Normally $24.99)
The coupon code is our main website address: COUNTERESPIONAGE.COM
This is a one-hour, self-paced video course, with Certificate-of-Completion. More details about the course at spycamdetection.training or Udemy.
Or, jump straight to the start with this coupon encoded link:
https://www.udemy.com/course/spycam-detection/?couponCode=COUNTERESPIONAGE.COM
Feel free to pass along this limited time offer on to anyone you know: co-workers, friends, and family—anyone who does not want to be a victim of video voyeurs.
(Expires 04/16/2020 06:04 AM PDT (GMT -7))
The coupon code is our main website address: COUNTERESPIONAGE.COM
This is a one-hour, self-paced video course, with Certificate-of-Completion. More details about the course at spycamdetection.training or Udemy.
Or, jump straight to the start with this coupon encoded link:
https://www.udemy.com/course/spycam-detection/?couponCode=COUNTERESPIONAGE.COM
Feel free to pass along this limited time offer on to anyone you know: co-workers, friends, and family—anyone who does not want to be a victim of video voyeurs.
(Expires 04/16/2020 06:04 AM PDT (GMT -7))
How Not to be Seen - Evading CCTV Surveillance
It's theoretically possible to become invisible to cameras. But can it catch on?
Right now, you're more than likely spending the vast majority of your time at home. Someday, however, we will all be able to leave the house once again and emerge, blinking, into society to work, travel, eat, play, and congregate in all of humanity's many bustling crowds.
The world, when we eventually enter it again, is waiting for us with millions of digital eyes—cameras, everywhere, owned by governments and private entities alike. Pretty much every state out there has some entity collecting license plate data from millions of cars—parked or on the road—every day. Meanwhile all kinds of cameras—from police to airlines, retailers, and your neighbors' doorbells—are watching you every time you step outside, and unscrupulous parties are offering facial recognition services with any footage they get their hands on.
In short, it's not great out there if you're a person who cares about privacy, and it's likely to keep getting worse. In the long run, pressure on state and federal regulators to enact and enforce laws that can limit the collection and use of such data is likely to be the most efficient way to effect change. But in the shorter term, individuals have a conundrum before them: can you go out and exist in the world without being seen?
Bottom line as of now...
All of the digital simulations run on the cloak worked with 100-percent effectiveness, he added. But in the real world, "the reliability degrades." The tech has room for improvement.
"How good can they get? Right now I think we're still at the prototype stage," he told Ars. "You can produce these things that, when you wear them in some situations, they work. It's just not reliable enough that I would tell people, you know, you can put this on and reliably evade surveillance." more
Right now, you're more than likely spending the vast majority of your time at home. Someday, however, we will all be able to leave the house once again and emerge, blinking, into society to work, travel, eat, play, and congregate in all of humanity's many bustling crowds.
The world, when we eventually enter it again, is waiting for us with millions of digital eyes—cameras, everywhere, owned by governments and private entities alike. Pretty much every state out there has some entity collecting license plate data from millions of cars—parked or on the road—every day. Meanwhile all kinds of cameras—from police to airlines, retailers, and your neighbors' doorbells—are watching you every time you step outside, and unscrupulous parties are offering facial recognition services with any footage they get their hands on.
In short, it's not great out there if you're a person who cares about privacy, and it's likely to keep getting worse. In the long run, pressure on state and federal regulators to enact and enforce laws that can limit the collection and use of such data is likely to be the most efficient way to effect change. But in the shorter term, individuals have a conundrum before them: can you go out and exist in the world without being seen?
Bottom line as of now...
All of the digital simulations run on the cloak worked with 100-percent effectiveness, he added. But in the real world, "the reliability degrades." The tech has room for improvement.
"How good can they get? Right now I think we're still at the prototype stage," he told Ars. "You can produce these things that, when you wear them in some situations, they work. It's just not reliable enough that I would tell people, you know, you can put this on and reliably evade surveillance." more
Thursday, April 9, 2020
Allen Garfield, Character Actor in ‘The Conversation,’ Dies at 80
Allen Garfield, a stocky character actor who lent an intense naturalism to celebrated 1970s films such as “The Conversation” and “Nashville,” died April 7 in Los Angeles. He was 80.
His sister, Lois Goorwitz, said the cause was complications from covid-19. Mr. Garfield had been a resident at the Motion Picture Television Fund Home, the industry retirement facility in Los Angeles where several staffers and some residents have tested positive for the coronavirus.
Mr. Garfield grew up in New Jersey and first set out as a boxer and a sportswriter. While covering sports for the Newark Star-Ledger, he studied acting at night and was eventually accepted by the Actors Studio workshop and studied under Lee Strasberg. more
Subscribe to:
Posts (Atom)