Sunday, January 9, 2022

From Those Wonderful Folks Who Gave Us...

"Gloworm" Eavesdropping and Air-Gaped Computer Hacks

After a long day at work, the modern goldfish no longer has to take public transportation home—it can drive via a fish-operated vehicle (FOV), according to new research published in Behavioural Brain Research.

Documented in a report published in the February 2022 issue of the peer-reviewed journal, researchers at Ben-Gurion University of the Negev in Beersheba, Israel, set out to unpack how well goldfish can navigate terrestrial environments when tasked with the right tools. They created a small camera-equipped fish tank on wheels, which they call an FOV, and put six goldfish in it, one at a time. 

The fish managed to avoid dead ends and correct inaccuracies... Goldfish navigate land very well, it turns out. more 

(Next up, Exocoetidaes in airplanes.) 

Thursday, December 23, 2021

The Chatter Phone Eavesdropping Bug, or Santa's Latest Spy Trick

Ken Munro, founder of the cybersecurity company Pen Test Partners, told TechCrunch that chief among the concerns are that the Chatter does not have a secure pairing process to stop unauthorized phones in Bluetooth range from connecting to it...

First, we switched on the Chatter phone, which activates its Bluetooth connection, paired a phone over Bluetooth, then switched off Bluetooth to simulate someone walking the phone out of range. We then paired another phone with the Chatter without hindrance, allowing us to remotely control the Chatter’s audio.

Mattel, which makes the Chatter phone, said the phone “will time out if no connection is made or once the pairing occurs — it is only discoverable within a narrow window of time and requires physical access to the device.” We left the Chatter on and found the Bluetooth pairing process did not time out after more than an hour.

Then, Munro asked what would happen if we called the phone connected to the Chatter. Sure enough, the Chatter rang — loudly — as expected. Then we called the Chatter again, this time without properly replacing its receiver. With the handset off the hook, the Chatter automatically answered the call, immediately activating the handset’s microphone and allowing us to hear ambient background audio. more

 

 

Wednesday, December 22, 2021

Khashoggi's Wife's Phone Bugged With Spyware Before Killing


The mobile phone of Hanan Elatr, the wife of Saudi dissident and journalist Jamal Khashoggi was reportedly bugged by United Arab Emirates agents.
 

The cell phone of Hanan Elatr was infected several months before he was killed in 2018. 

Jamal Khashoggi was killed in Saudi Arabia’s consulate in Istanbul, reported Sputnik citing The Washington Post. The phone of Elatr was reportedly infected when she was questioned by UAE officials.  more

Coach Banned Over Spying Scandal

Australia - Capitals coach Paul Goriss has been banned after obtaining leaked training footage of the Sydney Uni Flames. video

Fake Italian Gynaecologist Snares 400 Women in Webcam Scam

Italian police Friday searched the house of suspected serial sexual predator believed to have posed as a gynaecologist to persuade dozens of women to undergo vaginal exams via weblink. more

Millions of Android Phones Vulnerable Over ‘Eavesdropping’ Scare

MILLIONS of people around the world have been exposed to snoopers by dodgy microchips loaded into Android smartphones.

According to security experts, vulnerabilities in processors produced by Taiwanese firm MediaTek could have allowed malicious apps to spy on their users.

MediaTek, one of the world's leading chip-makers, last month issued a fix for four bugs disclosed by researchers at cyber firm Check Point.

Its circuitry is found in one in three of the world’s smartphones, including high-end handsets from Xiaomi, Oppo, Realme, Vivo and more.

Check Point detailed the vulnerabilities exposed by its crack team of cyber buffs in a blog post last week. more

 

Tuesday, December 7, 2021

Spy Trick # 712 - The Memory Card Ring (Make Your Own!)

Honus, a former bicycle industry designer turned professional jeweler can teach you how to make your own spy ring.  

This is how spies (and corrupt employees) can sneak file cabinets of documentation out of companies, no matter how good their security is. more  
more spy rings

Secret Message Decoder Ring Great Christmas gift



Thursday, December 2, 2021

A New "Mobile" Phone - Complete with No Apps

Ever wish you had a mobile phone that would really turn heads?
One where you could call your friends, real or imaginary?
One that would look at you with loving eyes? 

Your past is now your future...  



Wednesday, December 1, 2021

FutureWatch: Yet Another World's Smallest Camera


Micro-sized cameras have great potential to spot problems in the human body and enable sensing for super-small robots
, but past approaches captured fuzzy, distorted images with limited fields of view.

Now, researchers at Princeton University and the University of Washington have overcome these obstacles with an ultracompact the size of a coarse grain of salt. The new system can produce crisp, on par with a conventional compound camera lens 500,000 times larger in volume, the researchers reported in a paper published Nov. 29 in Nature Communications... 

Heide (Felix Heide, the study's senior author and an assistant professor of computer science at Princeton) and his colleagues are now working to add more computational abilities to the camera itself. Beyond optimizing image quality, they would like to add capabilities for object detection and other sensing modalities relevant for medicine and robotics.

Heide also envisions using ultracompact imagers to create "surfaces as sensors." "We could turn individual surfaces into cameras that have ultra-high resolution, so you wouldn't need three cameras on the back of your phone anymore, but the whole back of your phone would become one giant camera. We can think of completely different ways to build devices in the future," he said. more

Wednesday, November 24, 2021

Apple Sues Israeli Spyware Maker

Apple sued the NSO Group, the Israeli surveillance company, in federal court on Tuesday, another setback for the beleaguered firm and the unregulated spyware industry.

The lawsuit is the second of its kind — Facebook sued NSO in 2019 for targeting its WhatsApp users — and another consequential move by a private company to curb invasive spyware by governments and the companies that provide their spy tools.

Apple, for the first time, seeks to hold NSO accountable for what it says was the surveillance and targeting of Apple users. more

Tuesday, November 23, 2021

FutureWatch - Spycam Detection using Phone Time-of-Flight Sensors

via theregister.com
"Sriram Sami, Bangjie Sun, and Sean Rui Xiang Tan, from National University of Singapore, and Jun Han from Yonsei University, describe how this might be done in a paper [PDF] titled "LAPD: Hidden Spy Camera Detection using Smartphone Time-of-Flight Sensors"... 

...smartphones are commonplace these days, so adding an app like LAPD is likely to be more convenient than carrying a dedicated bug or signal detector at all times. LAPD's goal is to be accessible, usable, and accurate, and to judge by the results reported in the paper, it hits those marks...

"The 'attackers' have all the power to place hidden cameras anywhere, and the public is, in contrast, generally defenseless," he explained. "That's why we're doing this work, and why we hope hidden camera detection can become more commonplace." Sami said he intends to release the source code for LAPD but has to coordinate that with his colleagues." more

3G Cell Phone Service - The End is Near


All of the major cellphone carriers — AT&T, Verizon and T-Mobile — are planning to shut their older 3G networks in 2022. Like millions of people in the United States who use 3G phones and other 3G devices, you will have to buy a new device if you want to text, make calls or even reach 911...

The shutdown dates start in January 2022 and are spread out throughout the year. more

  • Sprint’s 3G: Jan. 1, 2022
  • AT&T’s 3G: Feb. 22, 2022
  • Sprint’s LTE: June 30, 2022
  • Verizon’s 3G: Dec. 31, 2022
  • T-Mobile’s 2G and 3G: Not yet announced
 Also a bummer for all those folks that are using 2G & 3G cellular bugging devices.

Corporate Security News: Employees Offered $$$ for Planting Ransomware

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer's network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested a suspect in connection with the scheme -- a young man who said he was trying to save up money to help fund a new social network. more

New Holographic Camera Can See Around Corners – Or Inside Your Skull

It sounds like something out of Star Trek: the doctor aims a camera at your chest, and a computer generates a hologram of your heart and blood vessels. She enlarges the image and takes a look at some of your smallest capillaries, each beautifully rendered in sub-millimeter detail. 

But thanks to a team at Northwestern’s McCormick School of Engineering, that may soon be a reality. They’ve created a prototype technology capable of seeing around corners and through everything from fog to the human skull. Their results are published in the journal Nature Communications...

“Our technology will usher in a new wave of imaging capabilities,” he said. “Our current sensor prototypes use visible or infrared light, but the principle is universal and could be extended to other wavelengths. For example, the same method could be applied to radio waves for space exploration or underwater acoustic imaging.”...

“It’s like we can plant a virtual computational camera on every remote surface to see the world from the surface’s perspective,” explained Florian Willomitzer, first author of the study. “This technique turns walls into mirrors.”...

It can be applied to many areas, and we have only scratched the surface,” he added. more

Just think of the benefits to the CIA... 
and eventually the trickle down to corporate espionage types.



 

Monday, November 22, 2021

RedCurl Corporate Espionage Hackers Return

A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis.

"In every attack, the threat actor demonstrates extensive red teaming skills and the ability to bypass traditional antivirus detection using their own custom malware," Group-IB's Ivan Pisarev said. 

Active since at least November 2018, the Russian-speaking RedCurl hacking group has been linked to 30 attacks to date with the goal of corporate cyber espionage and document theft aimed at 14 organizations spanning construction, finance, consulting, retail, insurance, and legal sectors and located in the U.K., Germany, Canada, Norway, Russia, and Ukraine. more