Near-empty streets caused by fewer people traveling into city centers can make it difficult for Britain's spies to track suspects, the new head of MI5, the UK's domestic security service, has said.
Friday, October 16, 2020
Covid 19 Affects MI5's Spies Street Surveillance Tactics
Facebook "Bug" Bugged iPhone Camera - Bugged Instagram'er Sues
Facebook has got itself in trouble again as the California-based tech giant has been allegedly sued for spying on Instagram users using the camera on the phone, Bloomberg reported.
According to the lawsuit, which has come following reports from July, the photo-sharing application had been accessing the camera on the iPhone to spy on users even when they weren’t activated.
Facebook has denied the claim and blamed a bug saying that it’s correcting the problem. more
Woman Allegedly Hacked Ex’s Alexa to Scare off New Girlfriend
Double Feature!
An IoT Cautionary Tale...
A Crazy Ex Tale...
A jilted London woman allegedly hacked into her ex-boyfriend’s Amazon Alexa device and used it to scare off his new girlfriend, a report said.
Philippa Copleston-Warren, 45, was accused in a London court of using the virtual assistant to flash the lights inside her former boyfriend’s house on and off and tell his new sweetie to scram after he ended their relationship of two years, The Sun reported.
“The defendant spoke through the Alexa account to tell the complainant’s friend in the property to leave and to take her stuff,” prosecutor Misba Majid told Westminster Magistrates’ Court, according to the newspaper.
“This so distressed the girlfriend, it caused her to cry and she left.”
Copleston-Warren (inset), a management consultant, controlled the device from London, about 130 miles from her businessman ex-beau’s house in Lincolnshire, the paper reported.
She is also accused of hacking her ex’s Facebook account and uploading nude pictures of him. more
Spybuster Tip # 721: Learn how to adjust ALL the features of your digital assistant. This could have been prevented.
In Other News... Japan to Release Radioactive Water Into Sea
Japan is to release treated radioactive water from the destroyed Fukushima nuclear plant into the sea, media reports say.
It follows years of debate over how to dispose of the liquid, which includes water used to cool the power station hit by a massive tsunami in 2011.
Environmental and fishing groups oppose the idea but many scientists say the risk it would pose is low. more
What could possibly go wrong?
Enjoy the weekend, with a good flick.
Monday, October 12, 2020
New Malware Toolset Used for Industrial Espionage
Malware authors are using an advanced toolset for industrial espionage, warned researchers at cybersecurity firm Kaspersky.
...the tool uses “a variety of techniques to evade detection, including hosting its communications with the control server on public cloud services and hiding the main malicious module using steganography.”
...files are disguised to trick employers into downloading them. They contain names related to employees’ contact lists, technical documentation, and medical analysis results to trick employees as part of a common spear-phishing technique...
MontysThree is designed to specifically target Microsoft and Adobe Acrobat documents, Kaspersky said. The malware can enable attackers to capture screenshots and gather information about the victim’s network settings, hostname, etc. more
Espionage Alert: Children's Smartwatch is a Trojan Horse
The X4 smartwatch is marketed by Xplora, a Norway-based seller of children’s watches...
The backdoor is activated by sending an encrypted text message. Harrison Sand, a researcher at Norwegian security company Mnemonic, said that commands exist for surreptitiously reporting the watch’s real-time location, taking a snapshot and sending it to an Xplora server, and making a phone call that transmits all sounds within earshot.
Sand also found that 19 of the apps that come pre-installed on the watch are developed by Qihoo 360, a security company and app maker located in China. more (q.v. our 2017 post & etc.)
Sunday, October 11, 2020
Bugged Turtle Eggs – Good Surveillance Tech
The Wire Inspired a Fake Turtle Egg That Spies on Poachers
Scientists 3D-printed sea turtle eggs and stuffed transmitters inside. When poachers pulled them out of nests, the devices tracked their every move.
In the HBO series The Wire, Baltimore cops Herc and Carver devise an unorthodox way to listen in on a drug dealer named Frog, right on the street: They shove a tiny, $1,250 microphone into a tennis ball, which they then place in a gutter.
Listening in from a building across the street, they watch as Frog picks up the ball and absentmindedly tosses it between his hands, sending thuds and an electric screech into Herc’s headphones. Quickly over it, Frog chucks the ball over their building. Carver rushes after it, only to watch a semi truck crush their very expensive tennis ball.
The Baltimore PD’s failure, though, may still be biologists’ gain. Drawing both from the imaginary surveillance tennis ball and a story arc from Breaking Bad, in which the Drug Enforcement Agency uses GPS to track methylamine barrels, real life researchers have developed the InvestEGGator: a fake sea turtle egg filled with a transmitter in place of an embryo, a clever new way to track where poachers are selling the real deal. moreFriday, October 9, 2020
The FBI Hotel Wi-Fi Security Checklist
The Federal Bureau of Investigation is issuing this announcement to encourage Americans to exercise caution when using hotel wireless networks (Wi-Fi) for telework. FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels.
US hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment. While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks.
Malicious actors can exploit inconsistent or lax hotel Wi-Fi security
and guests’ security complacency to compromise the work and personal
data of hotel guests. Following good cyber security practices can
minimize some of the risks associated with using hotel Wi-Fi for
telework. more
Thursday, October 8, 2020
Mystery Deepens Around Unmanned Spy Boat Washed Up In Scotland
It was identified as a Wave Glider, a type made by U.S. company Liquid Robotics, which is capable of traveling thousands of miles and is used by both the U.S. Navy and Britain’s Royal Navy as well as other government agencies and scientific researchers.
The local Coast Guard have been unable to trace the owner so far, but the craft’s configuration suggests it was on a secret mission...
...the mystery remains over who was operating it, what it was doing — and why they are keeping quiet. more
UPDATE:
What is a Wave Glider and how do they work?
Wave Gliders are unmanned surveillance boats built by the American company Liquid Robotics.
They are used by the British and American navies to monitor the movement of submarines in hostile territories.
The boats tow sensors under water to detect vessels entering or operating in a targeted area and send messages to shore-based operators via satellite.
During a mission to patrol the waters around the Pitcairn Islands, the Wave Glider successfully intercepted and collected data on three vessels whose AIS signatures were unavailable.
A new Wave Glider was released in 2019.
Dave Allen, Chief Executive Officer, Liquid Robotics said at the time: 'Over the years our customers’ missions have grown in complexity and scale, operating in one of the most challenging environments on Earth – the ocean.
'In response we’ve continued to raise the bar for unmanned surface vehicles.
'We’ve
poured 12 years of lessons learned into this newest Wave Glider to
ensure we can meet and exceed our customers’ mission demands.' more
Former Police Officer Jailed for Threats to Release Compromising Images
Australia - A former Portuguese police officer who installed covert cameras in his ex-partner's home and threatened to share compromising photos of her has been sentenced to four years in jail in a Brisbane court...
Prosecutor Alexandra Baker said the man, who had been a police officer in Portugal for 12 years, installed cameras covertly in his ex-partner's home and monitored her through spyware on her phone.
Ms Baker said the cameras made more than 4,500 recordings, including some of the woman in states of undress, and Marques Malagueta had threatened to release sensitive images...
The court heard Marques Malagueta was likely to be deported. more
In Other News...
Electric shocks to the tongue can quiet chronic ringing ears...
Tinnitus—a constant ringing or buzzing in the ears that affects about 15% of people—is difficult to understand and even harder to treat. Now, scientists have shown shocking the tongue—combined with a carefully designed sound program—can reduce symptoms of the disorder, not just while patients are being treated, but up to 1 year later.
It’s “really important” work, says Christopher Cederroth, a neurobiologist at the University of Nottingham, University Park, who was not involved with the study. The finding, he says, joins other research that has shown “bimodal” stimulation—which uses sound alongside some kind of gentle electrical shock—can help the brain discipline misbehaving neurons. more
Wednesday, October 7, 2020
Physical Security's 15 Greatest Hits
When it come to corporate espionage, many tricks are available for getting around your security measures. We can alert you to them. Our counter espionage survey can identify the weak spots in your organization’s physical and information security efforts and make recommendations to remediate them.
The following video demonstrates bypass techniques from physical security professionals Brent White at WeHackPeople.com, and Deviant Ollam, and Rob Pingor of RedTeam Alliance.
Physical security is important to any business or government organization. Even though an organization has taken all the security measures possible, corporate spies know how to bypass many of them.
The first line of defense for any secure building or office is the door. Many of these are controlled by card-key access controlled locks. Exiting is often automated using an IR or infrared door lock release sensor. Unfortunately, many common security measures are simple for spies to circumvent. more
Apple T2 Security Chip Has Unfixable Flaw
On the plus side, however, it also means the vulnerability isn't persistent, so it requires a "hardware insert or other attached component such as a malicious USB-C cable" to work. more
Malicious USB cables are the latest, and arguably the most insidious, threats on the corporate information security landscape. Every USB cable on premises, and those being used elsewhere by employees, needs to be vetted for authenticity. Security directors are enlisting the aid of technical counterespionage consultants to perform this task.
Tuesday, October 6, 2020
The Story of the Murray Associates Logo
The logo does indeed have meaning. It was inspired by my college textbook. I saw the dots as information in motion, and the rings as protection.
- Blue dots are information.
- The red ring is protection.
- The gray ring represents the many unknown forces trying to steal the information.
Simple… and not
inspired by a department store, shooting targets, or a brand of
cigarette. Just my design inspired by a book which taught me a lot.
Another reason the shape is appealing is that circles represent comfort, safety, warmth—exactly how I want to make our clients feel.
The logo seems counter-intuitive for a security firm. It goes against the norm… swords, shields, lightning bolts, birds of prey; symbols seen in most security logos. People forget, strong and harsh symbols are used by governments. They are meant to inspire warriors and intimidate enemies. Clients are not enemies.
The way we use the logo behind the company name is also intentionally symbolic, in a subliminal way. It’s the “rising sun” look; used to invoke that upbeat feeling you get when your problems are solved… sing-a-long ~Kevin D. Murray
Monday, October 5, 2020
Dumb Cyber Attack – Hacker Receives Our Darwin Award
The luxury goods business had installed ten fingerprint scanners so as to restrict access to warehouses in an effort to reduce risk. "Unbeknown to them," Heinemeyer continues, "an attacker began exploiting vulnerabilities in one of the scanners. In perhaps the weirdest hacker move yet, they started deleting authorized fingerprints and uploading their own in the hope of gaining physical access."
The AI brain picked this up because one scanner was behaving
differently than the others, meaning the security team became aware of
the attack within minutes. And, of course, had some pretty conclusive
evidence to provide to law enforcement. more