Thursday, September 23, 2021

Reasons You Should Never Connect To Public Wifi

There Are Too Many Risks
Put simply, the risks you take when you connect to Wifi in public places such as libraries, stations, cafes, and shopping malls are often too great to make the benefits worthwhile...

  • Misuse of personal data Distribution of malware
  • Insecure connection
  • Online attacks on business
  • Eavesdropping

Hackers or anyone with a sound knowledge about internet software and applications can eavesdrop on your personal data if they are using the same public Wi-Fi connection as you are...

  • Try not to share your personal data while you are using a personal Wi-Fi connection.
  • Avoid logging in to websites that involve your personal or bank credentials.
  • Try using a VPN (virtual Private Network) service that will help you to encrypt all the data you receive or send.
  • Use 2-Factor authorizations that will make your connection secure and prevent the risk of data loss.” more

Grain of Sand Sky Spies

A new microchip roughly the size of a grain of sand that has the potential to glide across great distances is being touted as a breakthrough for aerial surveillance.

Key points: 

  • The devices are about the size of a grain of sand and can transmit wirelessly
  • Remote sensing technology was originally developed for warfare
  • The researchers hope the technology can be used to help monitor disease spread

Collaborating scientists from institutions including Northwestern University in the United States and Soongsil University in Korea have created what they believe are the world's smallest ever "human-made flying structures", which can be fitted with microchips and sensors and have the capacity to transmit data remotely.

The microchips can be dropped from the sky and potentially used to monitor environmental impacts and the spread of disease.The researchers, who published their findings today in the journal Nature. more

NFL Spying Book in the Works

Spies on the Sidelines - The High Stakes World of NFL Espionage

A NON FICTION BOOK BY KEVIN BRYANT

After the NFL’s Spygate controversy, involving the New England Patriots illicitly recording the defensive signals of the New York Jets in 2007, NFL fans and pundits alike struggled to answer a lingering question: Were the Patriots the only team spying on their opponents or was espionage a commonplace activity in the NFL? 

Everyone had an opinion, but few could offer more than a gut feeling to back up their claims and for good reason...

Well, that was before. Spies on the Sidelines shines a light on the shadowy world of NFL espionage and exposes the full range of collection techniques teams use to spy on their opponents, as well as the defensive countermeasures that are used to defend against these threats. more

Have a Little James Bond in You? Have I Got a Car for You!

ASTON MARTIN DB5 JUNIOR

No Time To Die Edition

From Goldfinger to No Time To Die, Bond has never been far from his Aston Martin DB5. This car has arguably been part of his DNA for over 50 years. Now, an exclusive partnership between Aston Martin, EON Productions and The Little Car Company brings you the Aston Martin DB5 Junior No Time To Die Edition.

Limited production run of 125 vehicles.

Created at 66% scale of the original, with a fully electric powertrain, the DB5 has been reimagined for Bond fans worldwide. As an official Aston Martin model, the No Time To Die edition will pay homage to the rich history of the brand with Silver Birch paintwork, Smiths instruments, and individually numbered chassis plates. Complete with Aston Martin and 007 badging, this car is unmistakably Bond.

The DB5 Junior is designed to offer seating for an adult and child side by side, to allow all generations of Bond fans to share the love of driving. more

Wednesday, September 22, 2021

Pegasus: How The Spyware Invades Phones & What It Does

What is Pegasus?
Is Pegasus a hacking software or spyware? It is pipped as the best version of both worlds that was developed, marketed, and licensed to governments around the world by the Israeli company NSO Group. This is because of the intrusive nature it possesses where it can infect and silent surveillance on billions of phones running either iOS or Android operating systems. 

Pegasus was first discovered in 2016 in a group of mobile devices which were infected via a spear phishing campaign which tricked users into clicking on malicious links which would install the spying software. However, recent versions of the spyware are much more sophisticated and require zero interaction from the victim for delivery and execution.

How it works?
The spyware executes via a zero-click exploit. This means that a victim does not need to interact with the initial delivery vector of the spyware for the malicious code to be executed. The victim receives a message on SMS, WhatsApp, iMessage or any other messaging application. As soon as the message is received the spyware is executed and all traces of the message are deleted. This implies that the user’s device will be infected with the spyware, without the user being aware of even receiving any suspicious message. more



From the Weird File: Drone Strike by a Ravin' Raven

Is it a bird?
Is it a plane?
It's a raven swooping on a drone attempting to make a delivery to a Canberran craving caffeine.

Key points:

  • Drone service Wing temporarily halts its drone deliveries to the Canberra suburb of Harrison
  • The company says it has received reports of birds swooping on objects during nesting season
  • The pause on deliveries will allow bird experts to investigate the behaviour of ravens

A battle for aerial dominance is emerging as nesting season coincides with a surge in demand for drone deliveries during Canberra's lockdown.

Drone delivery service operator Wing has paused flights in the northern suburb of Harrison while bird experts assess the behaviour of local ravens to ensure their welfare is safeguarded. more

Tuesday, September 21, 2021

Spy Tip 592 - How to Eavesdrop More Effectively

Dr Anthony Youn explained that there is a way you can listen into a chat that wasn’t meant for you.

He explained: “Try listening with your right ear and not your left – your right ear is connected to the left side of your brain which processes speech and language.”

His posts on body hacks have gone viral and include a range of tricks and trips.

He also revealed how you can get rid of hiccups. more

BAT S#!T Crazy - Corporate Espionage Gone Wild

In the past week, a spate of reports, including from the BBC and the University of Bath, has detailed how British American Tobacco (BAT) ran a spy ring in SA.

Of course, none of this is new – we’ve been writing about it for aeons now. But because so much time has lapsed since this story initially broke in SA, perhaps a recap is in order.

Years ago, BAT took off the gloves in a bid to claw back market share from competitors who emerged selling the same product, but cheaper. 

BAT’S strategy was simple: disrupt its competitors to the point of making it impossible for them to operate. 

To do this, BAT relied on a security firm — Forensic Security Services (FSS) — to co-ordinate activities, under the guiding hand of British American Tobacco SA’s (BAT SA’s) anti-illicit trade head. But it also used a series of in-place “agents” at its competitors’ businesses even as it co-opted law enforcement agencies and deployed a shared agent with the State Security Agency (SSA): triple agent and honey trap Belinda Walter.

All of this was monitored from BAT’s global headquarters, Globe House in London.

One former employee explained it as follows: “Our primary work description was to spy on competitors and disrupt business operations on behalf of BAT SA, [which] was fully aware that FSS was obtaining information illegally, and these (sic) included obtaining recorded conversations.”  more

BlackBerry Updates SecuSUITE to Secure Phone Calls from Eavesdropping

BlackBerry has announced that its SecuSUITE for Government offering now provides certified end-to-end encryption of all group phone calls and instant messages for governments and enterprises alike.

As a result of the global pandemic, millions of employees are working from home, with many teams turning to group calling methods to ensure business continuity. However, enterprises and government officials around the world are increasingly being targeted by coordinated eavesdropping attacks. SecuSUITE protects these individuals against identity spoofing, metadata harvesting and communications interceptions, which can compromise sensitive discussions and major operations. more  infographic

Peyton Manning - Patriots Locker-Room Bugging Accusation

The New England Patriots’ cheating scandals didn’t stop at Spygate and Deflategate, according to Peyton Manning.

Manning said that he knew the Patriots bugged the visiting locker room at Gillette Stadium with hot mics to eavesdrop on conversations between opposing players.

“Every time I played against New England, I used to talk to my receivers in the showers,” Manning said during ESPN’s “Monday Night Football Manning-cast in Week 2’s matchup between the Green Bay Packers and Detroit Lions.“Don’t talk about a play next to my locker because I know it’s bugged. I know it’s got a hot mic in there... more

Tuesday, September 14, 2021

I've been hacked! Now what?

Check these links for some instant advice and assistance...

https://www.justice.gov/criminal-ccips/reporting-computer-internet-related-or-intellectual-property-crime

https://www.consumer.ftc.gov/articles/how-recover-your-hacked-email-or-social-media-account

https://www.kaspersky.com/resource-center/threats/what-to-do-if-your-email-account-has-been-hacked

https://www.cnet.com/tech/services-and-software/when-you-get-hacked-figuring-out-who-to-call-for-help-can-be-a-puzzle/

https://www.popularmechanics.com/technology/security/a34284848/steps-to-take-if-you-have-been-hacked/

https://support.google.com/accounts/answer/6294825?hl=en

https://www.csoonline.com/article/3617849/15-signs-youve-been-hacked-and-how-to-fight-back.html

FTC Shuts Down Smartphone Spyware App Company

The Federal Trade Commission (“FTC”) reached a settlement with stalkerware app company Support King, LLC d/b/a SpyFone.com and its CEO (collectively “SpyFone”) to resolve allegations that it secretly harvested and shared smartphone owners’ physical location data and information about their phone use and other online activities, and that it exposed smartphones to hacker attacks in violation of the FTC Act.

The complaint alleged that SpyFone’s apps provided real-time access to the data of smartphone owners through a hidden device hack that allowed others, including stalkers and domestic abusers, to track the smartphones on which the apps were installed. In addition, SpyFone’s lax security measures, including storing sensitive information without encryption, exposed consumers to hackers and other cyber threats, including through a 2018 breach of SpyFone’s servers in which the personal information of 2,200 consumers was accessed and stolen.

Under the terms of the proposed consent order, SpyFone will disable its stalkerware apps and destroy all personal information collected through these apps. more

Alert: Apple iOS 14.8 Security Update Spikes Spyware Flaw

 Apple on Monday released security updates for its iPhone, iPad, Apple Watch and Mac computers that close a vulnerability reportedly exploited by invasive spyware built by NSO Group, an Israeli security company. 

The tech giant's security note for iOS 14.8 and iPadOS 14.8 says: "Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." Apple also released WatchOS 7.6.2, MacOS Big Sur 11.6 and a security update for MacOS Catalina to address the vulnerability. 

The fix, earlier reported by The New York Times, stems from research done by The Citizen Lab, a public interest cybersecurity group that found a Saudi activist's phone had been infected with Pegasus, NSO Group's best-known product. According to Citizen Lab, the zero-day zero-click exploit against iMessage, which it nicknamed ForcedEntry, targets Apple's image rendering library and was effective against the company's iPhones, laptops and Apple Watches. more

Monday, September 13, 2021

Urban Drone Detection is Due to Become Easier Thanks to 5G

The Department of Homeland Security (DHS) Small Business Innovation Research (SBIR) Program awarded $750,000 to Texas-based small business Cobalt Solutions Inc. to develop a detection and tracking sensor system that can identify nefarious small unmanned aerial vehicles (UAV) in an urban environment...

Cobalt’s technology increases the number of exploitable drone signatures for detection and tracking,” said Dr. Jeff Randorf, DHS S&T engineering advisor and SBIR topic manager. “As more 5G mmWave transceivers are deployed in city centers, the ability to detect and track drones in complex urban geometries becomes easier, while not contributing to an already crowded radio frequency spectrum.” more

Friday, September 10, 2021

Top 10 5G Security Concerns

5G security is inherently prone to security vulnerabilities. Previous-generation networks relied on centralized hardware-based functions that provided security choke points that were relatively easy to monitor. Endpoints in distributed software-defined (SD) networks like 5G are more difficult to keep an eye on.

While 5G addresses security issues in previous-generation wireless networks, for example with enhanced encryption, anti-tracking, anti-spoofing and network slicing features, security holes cybercriminals could potentially exploit have been identified. Some of the security vulnerabilities detected early on were linked to previous-generation networks loopholes. These included ones that allowed attackers to expose a user's location, downgrade their service to a less secure legacy that was more easily attacked, run up costly wireless bills and track users’ activities. more