Australia's intelligence community is proposing the biggest shake-up in more than a decade.
On the wish list is a plan to force telecommunications providers operating in Australia to retain users' phone and internet data for up to two years.
Other plans include allowing security agencies to get more access to social media sites like Facebook, and expanding powers for ASIO agents.
The ideas are in a discussion paper written by the Attorney-General's Department for a parliamentary joint committee looking at reforms to national security legislation. (more) (discussion paper)
Friday, July 13, 2012
Security Alert for Yahoo Voice users.
Hackers posted what appear to be login credentials for more than 453,000 user accounts that they said they retrieved in plaintext from an unidentified service on Yahoo.
To support their claim, the hackers posted what they said were the plaintext credentials for 453,492 Yahoo accounts, more than 2,700 database table or column names, and 298 MySQL variables, all of which they claim to have obtained in the exploit. "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," a brief note at the end of the dump stated. (more)
Check here to see if you are on the list. Use your browser's search tool. If so, it's time to change your password... at every place you use it. ~ Kevin
To support their claim, the hackers posted what they said were the plaintext credentials for 453,492 Yahoo accounts, more than 2,700 database table or column names, and 298 MySQL variables, all of which they claim to have obtained in the exploit. "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," a brief note at the end of the dump stated. (more)
Security Alert for Cisco TelePresence users.
If you rely on Cisco TelePresence products for sensive business communications, you might want to stop what you are doing and pay attention to a new warning that hackers can exploit security flaws to execute arbitrary code, cause a denial-of-service condition, or inject malicious commands.
Cisco released four separate security advisories today to warn of the risks and urge TelePresence users to deploy patches, especially in sensitive business environments. (more)
Advisory 3
Advisory 4
Cisco released four separate security advisories today to warn of the risks and urge TelePresence users to deploy patches, especially in sensitive business environments. (more)
Advisory 3
Advisory 4
Of course...
• Don't set up any teleconferencing system outside of your firewall.
• Don't turn the auto-answer feature on.
• Don't forget to set "mute mic" as a default.
In fact, just shut the whole thing off until you need it.Thursday, July 12, 2012
Post #4000 - Slam Dunked Spycamer Mom Faces Slammer
A sneaky Texas mom, who tried to dig up dirt on her daughters’ high school basketball coach, came away with nothing, but now faces 20 years in prison for wiretapping.
Prosecutors said Wendee Long, 46, a middle-school principal in Fort Worth, had one of her daughters plant a cellphone camera in a girl's locker room during halftime of a game on February 7, the Star-Telegram reported.
Long's two daughters played for Argyle High School, and they had complained that the coach, Skip Townsend, screamed at the players too much, investigators said. (more) (more)
Prosecutors said Wendee Long, 46, a middle-school principal in Fort Worth, had one of her daughters plant a cellphone camera in a girl's locker room during halftime of a game on February 7, the Star-Telegram reported.
Long's two daughters played for Argyle High School, and they had complained that the coach, Skip Townsend, screamed at the players too much, investigators said. (more) (more)
Labels:
amateur,
cell phone,
eavesdropping,
lawsuit,
mores,
privacy,
spycam
Are the Androids Spying on You?
Are some mobile ads on Android devices acting as spies? According to one mobile security firm, the answer is yes.
San Francisco-based Lookout Mobile Security, in a posting Monday on its corporate blog, said that "select ad providers" in free mobile applications are accessing personal information without the user's notification or consent, through the use of "adware." The personal information includes e-mail, phone numbers, and names...
Tip: Lookout Mobile Security is offering a free Ad Network Detector via Google Play. The Detector scans an Android phone and displays the kinds of ads, the ad networks, and the type of information that is being collected, so that a user can decide if a given ad-containing app should remain on the phone. (more)
San Francisco-based Lookout Mobile Security, in a posting Monday on its corporate blog, said that "select ad providers" in free mobile applications are accessing personal information without the user's notification or consent, through the use of "adware." The personal information includes e-mail, phone numbers, and names...
Tip: Lookout Mobile Security is offering a free Ad Network Detector via Google Play. The Detector scans an Android phone and displays the kinds of ads, the ad networks, and the type of information that is being collected, so that a user can decide if a given ad-containing app should remain on the phone. (more)
News of the World - Mr. Big gets tapped.
Britain's Supreme Court took a step toward exposing the names at the heart of Britain's phone hacking scandal Wednesday, ruling that a private investigator convicted of eavesdropping for a Rupert Murdoch-owned tabloid must reveal who ordered him to do it.
Meanwhile, a police investigation into press wrongdoing triggered by the hacking revelations expanded beyond Murdoch's media empire with the arrest of a former reporter from the rival Mirror group.
Private eye Glenn Mulcaire was jailed briefly in 2007 for hacking the voicemail messages of royal aides on behalf of the now-defunct News of the World. (more)
Meanwhile, a police investigation into press wrongdoing triggered by the hacking revelations expanded beyond Murdoch's media empire with the arrest of a former reporter from the rival Mirror group.
Private eye Glenn Mulcaire was jailed briefly in 2007 for hacking the voicemail messages of royal aides on behalf of the now-defunct News of the World. (more)
Wednesday, July 11, 2012
Historical Earthquake Map - Interesting & Sobering
Guess what can trigger your business continuity plan faster than a spy stealing your trade secrets?
Phil's blog has a link to an enlarged version. |
That's right. Mother Nature!
My friend and colleague, Phil Rothstein, Rothstein Associates, Inc., is an expert on keeping businesses running. Today, he posted some astounding historical maps on earthquakes and tornadoes. Have a look.
What!?!? You don't have a business continuity plan! Talk to Phil. Now.
Not All USB Spy Sticks Are Found This Easily
An attempt to infiltrate the corporate systems of Dutch chemical giant DSM by leaving malware-riddled USB sticks in the corporation's car park has failed.
Instead of plugging the discarded drives into a workstation, which would have infected the machine, the worker who first found one of the devices handed it in to DSM's IT department.
Sysadmins subsequently found an unspecified password-stealing keylogger, according to local reports by Elsevier.nl (Google translation here).
The spyware was designed to upload stolen usernames and passwords to a server under the control of hackers. This site was blocked by DSM's sysadmins, effectively thwarting the password-snatching object of the attack, so the company would be protected even should any other workers find and use the infected USB sticks on corporate laptops. It's unclear who was behind the plan, but regular cybercriminals or industrial spies are two strong possibilities. (more)
Instead of plugging the discarded drives into a workstation, which would have infected the machine, the worker who first found one of the devices handed it in to DSM's IT department.
Sysadmins subsequently found an unspecified password-stealing keylogger, according to local reports by Elsevier.nl (Google translation here).
The spyware was designed to upload stolen usernames and passwords to a server under the control of hackers. This site was blocked by DSM's sysadmins, effectively thwarting the password-snatching object of the attack, so the company would be protected even should any other workers find and use the infected USB sticks on corporate laptops. It's unclear who was behind the plan, but regular cybercriminals or industrial spies are two strong possibilities. (more)
Monday, July 9, 2012
Data Diarrhea - Cell Tower Dumps
If you secretly suspected that nifty mobile device in your pocket was spying on you, your paranoia has just been richly rewarded.
As the New York Times reports, a Congressional inquiry into cell phone surveillance reveals that U.S. law enforcement agencies requested data from wireless carriers more than 1.3 million times last year -- or nearly 500 times the number of wiretaps approved over the same period.
That number is way larger than anyone expected. But the actual number of people spied on might be even higher, says the Times:
"Because of incomplete record-keeping, the total number of law enforcement requests last year was almost certainly much higher than the 1.3 million the carriers reported to [Senator] Markey. Also, the total number of people whose customer information was turned over could be several times higher than the number of requests because a single request often involves multiple callers. For instance, when a police agency asks for a cell tower "dump" for data on subscribers who were near a tower during a certain period of time, it may get back hundreds or even thousands of names." (more)
As the New York Times reports, a Congressional inquiry into cell phone surveillance reveals that U.S. law enforcement agencies requested data from wireless carriers more than 1.3 million times last year -- or nearly 500 times the number of wiretaps approved over the same period.
That number is way larger than anyone expected. But the actual number of people spied on might be even higher, says the Times:
"Because of incomplete record-keeping, the total number of law enforcement requests last year was almost certainly much higher than the 1.3 million the carriers reported to [Senator] Markey. Also, the total number of people whose customer information was turned over could be several times higher than the number of requests because a single request often involves multiple callers. For instance, when a police agency asks for a cell tower "dump" for data on subscribers who were near a tower during a certain period of time, it may get back hundreds or even thousands of names." (more)
Labels:
cell phone,
data,
police,
privacy,
statistics,
wiretapping
Wednesday, July 4, 2012
U.S. Wiretap Report 2011 (For the Period January 1 Through December 31, 2011)
The vast majority of law enforcement wiretaps in 2011 were for telephones (including mobiles) and only a tiny percentage included encryption, which in no case prevented officials from obtaining the plain text of the communications.
That's according to the latest annual U.S. Courts report on wiretapping by federal and state government-authorized wiretaps.
Of the 2,189 court-ordered intercepts, 95.6 percent of the 2,189 total were for some type of telephone, whether a plain old one, a cell phone or another type of mobile device. Only four were against some type of electronic device, including a digital pager, fax or computer. Another six were for oral communications (intercepted with a microphone) and 87 were for a combination of more than one intercept type. (more)
That's according to the latest annual U.S. Courts report on wiretapping by federal and state government-authorized wiretaps.
Of the 2,189 court-ordered intercepts, 95.6 percent of the 2,189 total were for some type of telephone, whether a plain old one, a cell phone or another type of mobile device. Only four were against some type of electronic device, including a digital pager, fax or computer. Another six were for oral communications (intercepted with a microphone) and 87 were for a combination of more than one intercept type. (more)
Tuesday, July 3, 2012
Libya Powers Up Old Spy Gear (The Who, you say!)
Libya's caretaker government has quietly reactivated some of the interception equipment that fallen dictator Moammar Gadhafi once used to spy on his opponents.
The surveillance equipment has been used in recent months to track the phone calls and online communications of Gadhafi loyalists, according to two government officials and a security official. Two officials say they have seen dozens of phone or Internet-chat transcripts detailing conversations between Gadhafi supporters. (more) (the gear) (sing-a-long)
In other news... Bull Poops Out
The surveillance equipment has been used in recent months to track the phone calls and online communications of Gadhafi loyalists, according to two government officials and a security official. Two officials say they have seen dozens of phone or Internet-chat transcripts detailing conversations between Gadhafi supporters. (more) (the gear) (sing-a-long)
In other news... Bull Poops Out
French technology company Amesys is offloading its business that sells Internet-interception equipment, a move that comes six months after it became public that Moammar Gadhafi's regime had been using the technology to spy on Libyans.
Bull SA, Amesys's parent company, said Thursday it had "signed an exclusivity agreement with a view to negotiating the sale of the activities" related to its Eagle interception product. Bull declined to identify the buyer. (more)
Bull SA, Amesys's parent company, said Thursday it had "signed an exclusivity agreement with a view to negotiating the sale of the activities" related to its Eagle interception product. Bull declined to identify the buyer. (more)
Monday, July 2, 2012
ä½ å¥½, ä½ å¥½! Is anybody listening?
The Chinese government has “pervasive access” to some 80 percent of the world’s communications, giving it the ability to undertake remote industrial espionage and even sabotage electronically of critical infrastructures in the United States and in other industrialized countries.
The Chinese government and its People’s Liberation Army are acquiring the access through two Chinese companies, Huawei Technologies Co. Ltd and ZTE Corporation, telecommunications experts have told WND.
With this access, the sources say, the Chinese are working on the other 20 percent. The two companies give the Chinese remote electronic “backdoor” access through the equipment they have installed in telecommunications networks in 140 countries. The Chinese companies service 45 of the world’s 50 largest telecom operators. (more)
The Chinese government and its People’s Liberation Army are acquiring the access through two Chinese companies, Huawei Technologies Co. Ltd and ZTE Corporation, telecommunications experts have told WND.
With this access, the sources say, the Chinese are working on the other 20 percent. The two companies give the Chinese remote electronic “backdoor” access through the equipment they have installed in telecommunications networks in 140 countries. The Chinese companies service 45 of the world’s 50 largest telecom operators. (more)
Saturday, June 30, 2012
So, how much can you make as an industrial spy?
Japan - Police have arrested two former employees of a Kawasaki-based machine tool maker on suspicion of duplicating confidential blueprints and smuggling them to a Chinese company.
Industrial espionage: Confidential blueprints from Yoshizuka Seiki Co. in Kawasaki allegedly ended up in the hands of a Chinese company. KYODO
Seiichi Furuya, 48, and Fumiaki Inoue, 57, were taken into custody Wednesday after allegedly copying blueprints belonging to Yoshizuka Seiki Co...
The Chinese company, a major press maker based in Yangzhou, Jiangsu Province, was found to have deposited about ¥42 million ($526,183.91) in Inoue's bank account, some ¥38 million ($476,071.16) of which was credited to an account held by Furuya, the police said.
Industrial espionage: Confidential blueprints from Yoshizuka Seiki Co. in Kawasaki allegedly ended up in the hands of a Chinese company. KYODO
Seiichi Furuya, 48, and Fumiaki Inoue, 57, were taken into custody Wednesday after allegedly copying blueprints belonging to Yoshizuka Seiki Co...
The Chinese company, a major press maker based in Yangzhou, Jiangsu Province, was found to have deposited about ¥42 million ($526,183.91) in Inoue's bank account, some ¥38 million ($476,071.16) of which was credited to an account held by Furuya, the police said.
Spy Satellites - The Next Amazing Generation
A new spy satellite launched into orbit on a secret mission for the
U.S. military Friday (June 29), roaring spaceward atop the world's most
powerful rocket in use today.
The NROL-15 reconnaissance satellite blasted off from a launch pad at
Cape Canaveral Air Force Station in Florida at 9:15 a.m. EDT (1315 GMT)
to begin its classified mission for the National Reconnaissance Office.
It rode a towering Delta 4-Heavy booster
equipped with new RS-68A first stage engines — the most powerful liquid
hydrogen rocket engines ever built, according to their manufactures.
The Ginsu...
The successful launch marked the second space mission in nine days by ULA to orbit a classified payload for the U.S. military. The next ULA launch will be an Atlas 5 rocket slated to loft another NRO spy satellite into orbit in August. (more)
Spy Drones - The Next Amazing Generation
The U.S. Navy has its sight set on this new drone that was recently unveiled by defense company partner Northrop Grumman.
Click to enlarge. |
They've been working on the MQ-C4 Triton over the last several years, and it's now ready for test flights. (more)
Click to enlarge. |
Subscribe to:
Posts (Atom)