Friday, October 16, 2020

Consumer Reports - All the tools You Need for Online Safety

Keep Your Data Secure With a Personalized Plan

Cut down on data collection and prevent hackers from invading your laptop, tablet and even your phone. Answer a few simple questions to get customized recommendations to help you:
  • Safely backup files
  • Browse online without tracking
  • Avoid phishing scams
  • Prevent identity theft

CR Security Planner is a free, easy-to-use guide to staying safer online. It provides personalized recommendations and expert advice on topics such as keeping social media accounts from being hacked, locking down devices ranging from smartphones to home security cameras, and reducing intrusive tracking by websites.

Consumer Reports is an independent, nonprofit member organization that works with consumers to create more fairness, safety, and transparency in the marketplace. We don’t run third-party ads, and no company will ever exercise influence over our recommendations of products or services.

Even North Korea has Industrial Espionage Problems

North Korean man investigated for industrial espionage...
A North Korean man in his 40s is reportedly under investigation by the Ministry of State Security for turning over internal analyses from his workplace to a Chinese trader, Daily NK has learned.

The internal analyses the man gave to the trader reportedly concerned technology used to develop North Korean-style cosmetics. There is speculation that he will be sent to a political prison camp for espionage. more

Covid 19 Affects MI5's Spies Street Surveillance Tactics

The pandemic has changed the way millions of people work -- and even spies aren't exempt.

Near-empty streets caused by fewer people traveling into city centers can make it difficult for Britain's spies to track suspects, the new head of MI5, the UK's domestic security service, has said.

Ken McCallum told journalists Wednesday that his agents have adjusted the way they work as a result of the coronavirus crisis, after crowds thinned in public spaces. more

Facebook "Bug" Bugged iPhone Camera - Bugged Instagram'er Sues

Facebook has got itself in trouble again as the California-based tech giant has been allegedly sued for spying on Instagram users using the camera on the phone, Bloomberg reported.

According to the lawsuit, which has come following reports from July, the photo-sharing application had been accessing the camera on the iPhone to spy on users even when they weren’t activated.

Facebook has denied the claim and blamed a bug saying that it’s correcting the problem. more

Woman Allegedly Hacked Ex’s Alexa to Scare off New Girlfriend

Double Feature!
An IoT Cautionary Tale...
A Crazy Ex Tale...

A jilted London woman allegedly hacked into her ex-boyfriend’s Amazon Alexa device and used it to scare off his new girlfriend, a report said.

Philippa Copleston-Warren, 45, was accused in a London court of using the virtual assistant to flash the lights inside her former boyfriend’s house on and off and tell his new sweetie to scram after he ended their relationship of two years, The Sun reported.

The defendant spoke through the Alexa account to tell the complainant’s friend in the property to leave and to take her stuff,” prosecutor Misba Majid told Westminster Magistrates’ Court, according to the newspaper.

This so distressed the girlfriend, it caused her to cry and she left.

Copleston-Warren (inset), a management consultant, controlled the device from London, about 130 miles from her businessman ex-beau’s house in Lincolnshire, the paper reported.

She is also accused of hacking her ex’s Facebook account and uploading nude pictures of him. more

Spybuster Tip # 721: Learn how to adjust ALL the features of your digital assistant. This could have been prevented.

In Other News... Japan to Release Radioactive Water Into Sea

Japan is to release treated radioactive water from the destroyed Fukushima nuclear plant into the sea, media reports say.

It follows years of debate over how to dispose of the liquid, which includes water used to cool the power station hit by a massive tsunami in 2011.

Environmental and fishing groups oppose the idea but many scientists say the risk it would pose is low. more

What could possibly go wrong?

Enjoy the weekend, with a good flick.

Monday, October 12, 2020

New Malware Toolset Used for Industrial Espionage

Malware authors are using an advanced toolset for industrial espionage, warned researchers at cybersecurity firm Kaspersky.

...the tool uses “a variety of techniques to evade detection, including hosting its communications with the control server on public cloud services and hiding the main malicious module using steganography.”

...files are disguised to trick employers into downloading them. They contain names related to employees’ contact lists, technical documentation, and medical analysis results to trick employees as part of a common spear-phishing technique...

MontysThree is designed to specifically target Microsoft and Adobe Acrobat documents, Kaspersky said. The malware can enable attackers to capture screenshots and gather information about the victim’s network settings, hostname, etc. more

Espionage Alert: Children's Smartwatch is a Trojan Horse

A popular smartwatch designed exclusively for children contains an undocumented backdoor that makes it possible for someone to remotely capture camera snapshots, wiretap voice calls, and track locations in real time, a researcher said.

The X4 smartwatch is marketed by Xplora, a Norway-based seller of children’s watches...

The backdoor is activated by sending an encrypted text message. Harrison Sand, a researcher at Norwegian security company Mnemonic, said that commands exist for surreptitiously reporting the watch’s real-time location, taking a snapshot and sending it to an Xplora server, and making a phone call that transmits all sounds within earshot. 

Sand also found that 19 of the apps that come pre-installed on the watch are developed by Qihoo 360, a security company and app maker located in China. more  (q.v. our 2017 post  & etc.)

Sunday, October 11, 2020

Bugged Turtle Eggs – Good Surveillance Tech

The Wire Inspired a Fake Turtle Egg That Spies on Poachers 

Scientists 3D-printed sea turtle eggs and stuffed transmitters inside. When poachers pulled them out of nests, the devices tracked their every move.


In the HBO series The Wire, Baltimore cops Herc and Carver devise an unorthodox way to listen in on a drug dealer named Frog, right on the street: They shove a tiny, $1,250 microphone into a tennis ball, which they then place in a gutter. 

Listening in from a building across the street, they watch as Frog picks up the ball and absentmindedly tosses it between his hands, sending thuds and an electric screech into Herc’s headphones. Quickly over it, Frog chucks the ball over their building. Carver rushes after it, only to watch a semi truck crush their very expensive tennis ball.

The Baltimore PD’s failure, though, may still be biologists’ gain. Drawing both from the imaginary surveillance tennis ball and a story arc from Breaking Bad, in which the Drug Enforcement Agency uses GPS to track methylamine barrels, real life researchers have developed the InvestEGGator: a fake sea turtle egg filled with a transmitter in place of an embryo, a clever new way to track where poachers are selling the real deal. more

Friday, October 9, 2020

The FBI Hotel Wi-Fi Security Checklist


The Federal Bureau of Investigation is issuing this announcement to encourage Americans to exercise caution when using hotel wireless networks (Wi-Fi) for telework.
FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels. 

US hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment. While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks. 

Malicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework. more

Thursday, October 8, 2020

Mystery Deepens Around Unmanned Spy Boat Washed Up In Scotland

Last week a small unmanned vessel washed up on the rocky Scottish Isle of Tiree, about a hundred miles from the U.K.’s nuclear submarine base at Faslane.  

It was identified as a Wave Glider, a type made by U.S. company Liquid Robotics, which is capable of traveling thousands of miles and is used by both the U.S. Navy and Britain’s Royal Navy as well as other government agencies and scientific researchers. 

The local Coast Guard have been unable to trace the owner so far, but the craft’s configuration suggests it was on a secret mission...

...the mystery remains over who was operating it, what it was doing — and why they are keeping quiet. more

UPDATE:

What is a Wave Glider and how do they work? 

Wave Gliders are unmanned surveillance boats built by the American company Liquid Robotics.

They are used by the British and American navies to monitor the movement of submarines in hostile territories.

The boats tow sensors under water to detect vessels entering or operating in a targeted area and send messages to shore-based operators via satellite.

During a mission to patrol the waters around the Pitcairn Islands, the Wave Glider successfully intercepted and collected data on three vessels whose AIS signatures were unavailable.

A new Wave Glider was released in 2019.

Dave Allen, Chief Executive Officer, Liquid Robotics said at the time: 'Over the years our customers’ missions have grown in complexity and scale, operating in one of the most challenging environments on Earth – the ocean. 

'In response we’ve continued to raise the bar for unmanned surface vehicles. 

'We’ve poured 12 years of lessons learned into this newest Wave Glider to ensure we can meet and exceed our customers’ mission demands.' more

 

Former Police Officer Jailed for Threats to Release Compromising Images

Australia - A former Portuguese police officer who installed covert cameras in his ex-partner's home and threatened to share compromising photos of her has been sentenced to four years in jail in a Brisbane court...

Prosecutor Alexandra Baker said the man, who had been a police officer in Portugal for 12 years, installed cameras covertly in his ex-partner's home and monitored her through spyware on her phone.

Ms Baker said the cameras made more than 4,500 recordings, including some of the woman in states of undress, and Marques Malagueta had threatened to release sensitive images...

The court heard Marques Malagueta was likely to be deported. more

In Other News...

Electric shocks to the tongue can quiet chronic ringing ears...

Tinnitus—a constant ringing or buzzing in the ears that affects about 15% of people—is difficult to understand and even harder to treat. Now, scientists have shown shocking the tongue—combined with a carefully designed sound program—can reduce symptoms of the disorder, not just while patients are being treated, but up to 1 year later.

It’s “really important” work, says Christopher Cederroth, a neurobiologist at the University of Nottingham, University Park, who was not involved with the study. The finding, he says, joins other research that has shown “bimodal” stimulation—which uses sound alongside some kind of gentle electrical shock—can help the brain discipline misbehaving neurons. more

Wednesday, October 7, 2020

Physical Security's 15 Greatest Hits

When it come to corporate espionage, many tricks are available for getting around your security measures. We can alert you to them. Our counter espionage survey can identify the weak spots in your organization’s physical and information security efforts and make recommendations to remediate them. 

The following video demonstrates bypass techniques from physical security professionals Brent White at WeHackPeople.com, and Deviant Ollam, and Rob Pingor of RedTeam Alliance.

  

Physical security is important to any business or government organization. Even though an organization has taken all the security measures possible, corporate spies know how to bypass many of them.

The first line of defense for any secure building or office is the door. Many of these are controlled by card-key access controlled locks. Exiting is often automated using an IR or infrared door lock release sensor. Unfortunately, many common security measures are simple for spies to circumvent. more