Looks Like a Smoke Detector - Hackers Say Audio Bug - Brilliant for Building Security

A pair of hackers found that a vape detector often found in high school bathrooms contained microphones—and security weaknesses that could allow someone to turn it into a secret listening device...

...the Halo 3C goes beyond detecting smoke and vaping—including a distinct feature for discerning THC vaping in particular. It also has a microphone for listening out for “aggression,” gunshots, and keywords such as someone calling for help...

Now, after months of reverse engineering and security testing, Vasquez-Garcia and a fellow hacker he’s partnered with who goes by the pseudonym “Nyx,” have shown that it’s possible to hack one of those Halo 3C gadgets—which they’ve taken to calling by the nickname “snitch puck”—and take full control of it...

At the Defcon hacker conference today, they plan to show that by exploiting just a few relatively simple security vulnerabilities, any hacker on the same network could have hijacked a Halo 3C to turn it into a real-time audio eavesdropping bug, disabled its detection capabilities, created fake alerts for vaping or gunshots, or even played whatever sound or audio they chose out of the device’s speaker.

Motorola said it has since developed a firmware update to address those security flaws that will automatically push to cloud-connected devices by Friday...

“To the credit of the company, the microphones sound great,” says Nyx. “From up on the ceiling, you could totally listen to what somebody was saying, and we’ve made this happen.”

Motorola told the hackers in an email that it has worked on a new firmware update that should fix the vulnerabilities. But the hackers argue that doesn’t, and can’t, address the underlying concern: that a gadget loaded with hidden microphones is installed in schools around the country. Motorola also advertises its Halo sensors for use in public housing—including inside residents’ homes—according to marketing material. more

Hacking issues aside, this is a brilliant device to enhance building security. Here is a video showing one feature. Many additional videos are on YouTube.com.

Hackers Love These 7 Smart Home Devices

Although everyone wants a convenient home, there’s little that’s less convenient than a hacked smart home appliance. When it comes to the best smart home devices, the hard and fast rule is: if it’s connected to Wi-Fi you’re going to need to make sure it's secured because there’s going to be a way to hack it.

The good news is that once you've figured out how to lock down one, it's pretty easy to repeat the process for the rest of them. Here's a list of seven of the most vulnerable smart devices in your home, and the steps you can take to make sure they're more secure than they are right now...

1. Wi-Fi Routers
2. Security Cameras
3. Baby Monitors
4. Smart Speakers
5. Video Doorbells
6. Smart Thermostats
7. Smart Appliances

Counterespionage recommendations from the article are here.

And, do not forget about robot vacuums, refrigerators, washing machines, and anything that can automatically order from Amazon.

Hackers Found Backdoor in High-Security Safes—Opens in Seconds

Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics.

James Rowley and Mark Omo got curious about a scandal in the world of electronic safes...

In the process, they'd find something far bigger: another form of backdoor intended to let authorized locksmiths open not just Liberty Safe devices, but the high-security Securam Prologic locks used in many of Liberty’s safes and those of at least seven other brands. 

More alarmingly, they discovered a way for a hacker to exploit that backdoor—intended to be accessible only with the manufacturer's help—to open a safe on their own in seconds. 

In the midst of their research, they also found another security vulnerability in many newer versions of Securam's locks that would allow a digital safecracker to insert a tool into a hidden port in the lock and instantly obtain a safe’s unlock code. more

BBC Star Recorded by Landlord on Hidden Spy Camera

A BBC actress has told of her horror after discovering her landlord planted a spy cam in her bathroom. The Scots star — who has appeared in prime-time comedies and dramas — found the recording device hidden in a washing basket after taking a shower.

She fled the flat before watching back the footage and finding intimate clips of herself — plus an image of the creep changing the memory card.

“I always used to notice this little black dot in the washing basket across from the shower. I never in a million years thought he’d be spying on me. But given what had happened the night before, I went to have a closer look. My heart just stopped and I burst into tears. There was a green light flashing on the camera. I knew that it was on and I was being recorded.” Cops have launched a probe. more

Somikon Wireless HD Sareview Camera

Security Director FYI: Disclaimr.AI Monitors Security News

Security Intelligence Aggregation

(from website) Disclaimr uses AI to monitor every security source that matters so you're always the first to know, never the last to respond. Sends out a sharp 6AM daily security brief distilled from 500+ sources, so that you never miss a critical update. Coming soon.

Notes: There is a waitlist for the launch. No information about the company behind the project appears on the website. Signup requires answering a few reasonable marketing questions. Previous offerings appear to include "spreadsheet to map" and general newsletter aggregation services.

 

While this is not unusual for startups finding the right markets for themselves, consider using a blind email address until the service is proven to be legitimate and necessary for you.

RIP: Stella Rimington, First Woman to Lead U.K.’s MI5, Dies at 90

Widely regarded as the inspiration for the recast of the James Bond character “M,” she was the first British spy chief to be publicly named and photographed.

Stella Rimington, who battled a fiercely protective old boy’s network to become the first woman to lead MI5, Britain’s domestic intelligence service, and whose tenure as the country’s spymaster was widely seen as an inspiration for James Bond’s first female boss in the movie franchise, died on Sunday. She was 90.

The Security Service announced her death in a statement on Monday without specifying the cause or place of death.

Her cool demeanor and reputation for quiet competence, according to Bond aficionados, helped shape the character of “M” starting with Judi Dench’s portrayal in “GoldenEye” in 1995. (The Bond movies involved a fictional agent of MI6, Britain’s foreign intelligence agency.) more

Weird Science

Scientists Shine a Laser Through a Human Head 

It’s the first step toward an inexpensive new medical imager...

For the most part, anyone who wants to see what’s going on inside someone else’s brain has to make a trade-off when it comes to which tools to use. The electroencephalograph (EEG) is cheap and portable, but it can’t read much past the outer layers of the brain, while the alternative, functional magnetic resonance imaging (fMRI), is expensive and the size of a room, but can go deeper. Now, a research group in Glasgow has come up with a mechanism that could one day provide the depth of fMRI using equipment as affordable and portable as an EEG. The technology will rely on something that previously seemed impossible—shining light all the way through a person’s head. more

Magnetocaloric Refrigerator - Runs on magnets instead of harmful gases.
Very few companies have mastered the science of magnetocalorics sufficiently to develop a commercial refrigerator, but perhaps none have also been successful in making the concept “cool” from a marketing standpoint. Now, though, a young academic spinoff company from Darmstadt, Germany is changing the landscape with its Polaris beverage refrigerator. The company is MagnoTherm Solutions GmbH, a pioneering upstart in sustainable cooling. It recently took part in ChangeNOW in Paris, a global event that unites change-makers from around the world to drive positive transformation for our planet. more

A Stratosphere Cell Tower

Starting next year, Tokyo’s SoftBank Corp. will be beaming a prototype 4G and 5G phone and broadband service from the stratosphere to Japanese end users. Floating 20 kilometers above the Earth, the company’s airship-based mast will be using energy-regeneration tech and newly allocated spectrum. And the tech could ultimately pose a real, competitive threat to satellite-based platforms like Starlink. more

Man Is Controls iPad With His Thoughts

You can officially control an Apple device with your thoughts, as long as you have the Stentrode brain implant made by NYC-based Synchron. First announced in May, the capability connects brain-computer interfaces (BCI) to Apple products through a Bluetooth connection. It works with iOS, iPadOS, and visionOS, so that means iPads, iPhones, and the Vision Pro can recognize a BCI just like a keyboard or mouse. Apple designed it to be a standard connection for all implants, including Elon Musk's Neuralink, but Synchron is the first to offer the capability to its patients. more

Documentary: The Thing (No, not the 1951 & 1982 monster movies. The Russian Spy Thing.)

'The Thing' a captivating short film that uncovers one of history's most astonishing espionage incidents of the 20th Century. The documentary uncovers the amazing story behind the Great American Seal bug. 

John Little of TSCM Consulting tells this complex story of spying, counter spying, genius, betrayal, political wrangling and espionage. 

£15.50 donation supporting The National Museum of Computing.
✓ Full access pass to the documentary
✓ Access to future releases & updates
✓ Stream & watch anytime
✓ Donate to The National Museum of Computing

View it HERE... https://tscmconsulting.co.uk/stream-the-thing

You can live in a spy movie if...

...you’ve got some cash sitting around: 

British underwater jetpack maker CudaJet has done what you’d expect an underwater jetpack maker to do: they made an underwater jetpack.

 The 31-pound hands-free, backpack-like device, which is made to order and starts at ~$31k, will help rich people live out their dolphin dreams — diving 130+ feet down and propelling them forward 7 mph at a time. 

CudaJet says it comes with a controller and that it all takes five minutes to get comfortable with it. more

Weird Spy News: A Son Bugging Dad? (technically speaking)

India - PMK founder leader S Ramadoss on Saturday alleged his son Anbumani spied on him.

Asked whether it would be appropriate to allege that it was Anbumani who had planted a listening device as the police probe was still on, Ramadoss shot back, asking, “Who else could have planted it?"

He alleged it was his son Anbumani who had planted the bugging device at his residence. Ramadoss said complaints had been filed by him with Kiliyanur police (Villupuram district) and the cybercrime wing as well. The bugging device and its parts had been handed over to the police. more

Spies Demise Times Two

...Swedish diplomat found dead.

A veteran Swedish diplomat recently arrested on suspicion of espionage has died days after being released from police custody, his lawyer has revealed. 

Sweden's Sapo security service detained the man, who has not been named, on Sunday and kept him for questioning until Wednesday. He was released the same day, subject to investigation the country's prosecution service has said.

Police told Swedish outlet Svenska Dagbladet they had now opened an investigation into his death, but “there is no suspicion a crime has been committed”. more

Top Somali spy investigating assassination attempt on president killed...
A senior officer with Somalia’s National Intelligence and Security Agency (NISA), who was leading a sensitive investigation into a recent assassination attempt on President Hassan Sheikh Mohamud, has been mysteriously killed in Mogadishu, Caasimada Online news website reported on Saturday. more

Quote of the Week: "Nobody with Sensitive Information is Immune to Espionage"

Australian Security and Intelligence Organisation director-general Mike Burgess said that in the “prevailing threat environment, national security truly is national security – everybody’s business”.

He said foreign intelligence agencies were “aggressively targeting” three key areas: science and technology, particularly advanced technology; public and private sector projects to gain a commercial advantage; and Antarctic research, green technology, critical minerals, and rare earths extraction and processing.
What information are spies taking?

Mr Burgess warned this meant “nobody with sensitive information is immune” and gave examples of recent operations investigated by ASIO. more

The Farmhouse Spy

A simple farmhouse and a mysterious dish set the stage for a real-world spy thriller. When French counterintelligence spotted that setup, they realised someone was tapping into high-value space communications.

The homeowner, Dong H., was no ordinary resident. A former employee of Beijing’s Academy of Science and Technology and president of Stahd Europe—a subsidiary of Emposat, the Chinese communications specialist—she had all the credentials for espionage. Emposat’s failed bid to install a ground station in the Czech Republic underscored how wary governments are of hidden antennas.

French investigators couldn’t prove data theft outright, but they confirmed the dish was finely tuned to CNES frequencies. Instead of a raid, authorities filed legal charges for illegal antenna installation, quietly dismantling the operation. Dong’s rural hideout shows how easy it can be to set up covert surveillance right under everyone’s nose. more

Spycam News: From That Wonderful Country That Brought You the Noodle Splash Guard

A spycam chindogu for you. Still a concept project... 

Noodle Splash Guard

Candidate for Swimming with the Fishes

Mohamed Orahhou, a Norwegian who worked as a security agent at the US embassy in Oslo has been charged with spying for Russia and Iran...

The 27-year-old man is accused of having supplied information on embassy activities... In return, he was paid in euros and bitcoin.

He is accused of having supplied ... the contact details of diplomats, embassy staff and their families. He is also accused of having supplied the diplomatic licence-plate numbers of vehicles used by the embassy.

The charge sheet also alleges he handed over the plans of the embassy, security routines and a list of couriers Norway's intelligence service used. more

Apparently, the dude never heard about his predecessor, Hvaldimir, a white beluga whale famously suspected of being a Russian spy, found dead off the coast of Norway.