The Department of Homeland Security (DHS) has released a Joint Analysis Report (JAR) that details Russian malicious cyber activity, designated as GRIZZLY STEPPE.
This activity by Russian civilian and military intelligence services (RIS) is part of an ongoing campaign of cyber-enabled operations directed at the U.S. Government and private sector entities.
DHS recommends that network administrators review the Security Publication for more information and implement the recommendations provided.
Saturday, December 31, 2016
Thursday, December 29, 2016
Home Invasion? Domestic Violence? Shout "Alexa" (before "help") for Documentation
Can amazon echo be used against you in a court of law? Have you ever wondered if “Alexa” is really spying on you?
Homicide investigators in Arkansas want Amazon to hand over a potential suspect’s “echo” transcripts. Brad Young of Harris-Dowell and Fisher Law Firm says Amazon has so far refused two requests.
“Amazon’s position is, is that the echo only records 60 seconds of information and then writes over if for the next 60 seconds,” Young says. “So, their position is that it would only have 60 seconds of information.”
However, when you ask your Echo a question, it is saved by Amazon as well as by Apple when you query Siri. Young says his legal personal opinion is that there is an expectation of privacy for things that are said – not queried.
“….when you ask Echo ‘Find what’s the best way to dispose of a dead body’ if that were the question, that information is saved,” Young says. “That information is available if it is a query posed to a device.”
Companies say it’s encrypted and no one can access it. Young says this has become a completely new “legal territory.” more additional info
Seriously, Alexa could become an omnipresent digital ear-witness. ~Kevin
Homicide investigators in Arkansas want Amazon to hand over a potential suspect’s “echo” transcripts. Brad Young of Harris-Dowell and Fisher Law Firm says Amazon has so far refused two requests.
“Amazon’s position is, is that the echo only records 60 seconds of information and then writes over if for the next 60 seconds,” Young says. “So, their position is that it would only have 60 seconds of information.”
However, when you ask your Echo a question, it is saved by Amazon as well as by Apple when you query Siri. Young says his legal personal opinion is that there is an expectation of privacy for things that are said – not queried.
“….when you ask Echo ‘Find what’s the best way to dispose of a dead body’ if that were the question, that information is saved,” Young says. “That information is available if it is a query posed to a device.”
Companies say it’s encrypted and no one can access it. Young says this has become a completely new “legal territory.” more additional info
Seriously, Alexa could become an omnipresent digital ear-witness. ~Kevin
Secretary Arrested for Eavesdropping — Now Her Boss Suddenly Leaves
NY - Several town councilors confirm Supervisor Manny Falcone announced a sudden leave of absence at a meeting Wednesday evening...
Councilors say Falcone oversaw the duties performed by his former secretary Ellen Colelli. Colelli was arrested weeks ago, accused of eavesdropping. The felony charge brought by State Police accuses Colelli of listening to town employees by using video surveillance equipment that was installed inside the Geddes town office building... Falcone has not been charged with a crime. more
Councilors say Falcone oversaw the duties performed by his former secretary Ellen Colelli. Colelli was arrested weeks ago, accused of eavesdropping. The felony charge brought by State Police accuses Colelli of listening to town employees by using video surveillance equipment that was installed inside the Geddes town office building... Falcone has not been charged with a crime. more
Flying Tom's Last Peep
UAE - A 28-year-old man died after falling from a high rise building in Sharjah, in the United Arab Emirates,
while spying on ladies living in the opposite building. The witness told police that the deceased fell due to imbalance while standing and looking into the rooms of the ladies.
Sharjah Police said that they received a call about the incident at the operation room and soon arrived at the site. The man was found dead in a pool of blood. He was rushed to Al Kuwaiti Hospital and then to forensic laboratory. more
while spying on ladies living in the opposite building. The witness told police that the deceased fell due to imbalance while standing and looking into the rooms of the ladies.
Sharjah Police said that they received a call about the incident at the operation room and soon arrived at the site. The man was found dead in a pool of blood. He was rushed to Al Kuwaiti Hospital and then to forensic laboratory. more
Warsaw Waiter Wiretapping
Poland – A Polish court has sentenced a businessman and two waiters convicted in the illegal wiretapping of top Polish politicians in Warsaw restaurants to prison terms.
The court set a prison sentence of 2½ years to Marek Falenta, the businessman convicted of masterminding the wiretapping, and lesser sentences to two waiters involved. A third waiter must pay a fine.
The release of those tapes sparked a political scandal in 2014 that contributed to the loss of power last year of Civic Platform, the centrist party that governed Poland for eight years. more
Extra credit: Service Included: Four-Star Secrets of an Eavesdropping Waiter
The court set a prison sentence of 2½ years to Marek Falenta, the businessman convicted of masterminding the wiretapping, and lesser sentences to two waiters involved. A third waiter must pay a fine.
The release of those tapes sparked a political scandal in 2014 that contributed to the loss of power last year of Civic Platform, the centrist party that governed Poland for eight years. more
Extra credit: Service Included: Four-Star Secrets of an Eavesdropping Waiter
Mobile Security: The InfoWorld Deep Dive
As iPhones, iPads, and Android devices become increasingly standard business equipment, IT organizations struggle on how to manage and secure them, and the data that runs through them.
This guide, available in both PDF and ePub editions, explains the security capabilities inherent to each major mobile platform and where using third-party tools make sense -- and where they don't.
It also walks you through the factors to consider in terms of risk for your corporate data, and outlines a rational way to protect that data without getting tied up in knots. more
Click to enlarge. |
It also walks you through the factors to consider in terms of risk for your corporate data, and outlines a rational way to protect that data without getting tied up in knots. more
Click to enlarge. |
Labels:
Android,
cell phone,
counterespionage,
infographic,
iOS,
IT,
privacy,
wireless
Wednesday, December 21, 2016
Android Phones (700 Million) Have Spying Firmware Pre-installed
The term “mobile phone security” is something of a joke these days, with the number of exploits, bugs, and breaches that are endlessly assaulting us and putting our personal information at risk. So, when security outfit Kryptowire sounded the alarm on Chinese company Adups for using its pre-installed apps to spy on Android users with Blu smartphones, it wasn’t exactly a shock.
Now, however, the impact of Adups alleged spying is growing in magnitude, and it’s dragging other Android device manufacturers into the quagmire.
Adups is a company that facilitates over-the-air updates for mobile devices, so its firmware is pre-installed on lots of devices. However, the firmware does much more than it claims, and has the ability to snoop in areas that it shouldn’t, and without the user ever knowing. That information can then be collected by Adups for whatever purposes it desires.
Trustlook, another digital security firm, dug deeper on what devices utilize Adups and could be used by the Chinese company to scrape your private information, and the list is absolutely massive. Trustlook says that over 700 million Android smartphones have Adups firmware installed that puts the user at risk of having text messages, call histories, and device information collected without their knowledge or consent. more
Now, however, the impact of Adups alleged spying is growing in magnitude, and it’s dragging other Android device manufacturers into the quagmire.
Adups is a company that facilitates over-the-air updates for mobile devices, so its firmware is pre-installed on lots of devices. However, the firmware does much more than it claims, and has the ability to snoop in areas that it shouldn’t, and without the user ever knowing. That information can then be collected by Adups for whatever purposes it desires.
Trustlook, another digital security firm, dug deeper on what devices utilize Adups and could be used by the Chinese company to scrape your private information, and the list is absolutely massive. Trustlook says that over 700 million Android smartphones have Adups firmware installed that puts the user at risk of having text messages, call histories, and device information collected without their knowledge or consent. more
Recorder Found Hidden in the End of a Flashlight
via John Van de Luijtgaarden
"I was just asked to confirm a finding... Got a message with a bad picture of a round black "thingie" inside the end part of a Mag-Lite.
I immediately recognized this one as the EDIC type 16 recorder (B30 model). It is now to wait for the exact type and how much it has been recording. It's memory capacity can run up to a 300 hours sadly the battery cannot.
A great hiding place for a naughty tool in a strategic place !! The Security main office / control room... Keeping you informed"
"I was just asked to confirm a finding... Got a message with a bad picture of a round black "thingie" inside the end part of a Mag-Lite.
I immediately recognized this one as the EDIC type 16 recorder (B30 model). It is now to wait for the exact type and how much it has been recording. It's memory capacity can run up to a 300 hours sadly the battery cannot.
A great hiding place for a naughty tool in a strategic place !! The Security main office / control room... Keeping you informed"
Monday, December 19, 2016
Reality Spyware Documentary - Find My Phone
What happens to a smartphone after it's stolen? That was the question that a film student in Amsterdam had in mind when he produced a short documentary about a smartphone thief and their stolen goods. On the surface, it might not sound like the most avant-garde idea out there. But here's what made it interesting: the student procured material for his documentary by spying on the thief using a bugged smartphone.
The student, a certain Anthony van der Meer, intentionally had a phone of his stolen – one that he loaded with software called "Cerberus."
As The Next Web reported, the software gave him access to the device location, its features, and its contents – all of which he could retrieve when he wanted. The software also allowed him to make use of the phone's camera and microphone so he could spy on the thief.
For 2 weeks, that's exactly what der Meer did. He spied on the thief, tracking his moves, which resulted in the documentary posted above called Find My Phone – almost the namesake of the Apple app "Find My iPhone" used to find one's phone or disable it after being stolen. more
Excellent work, Anthony! ~Kevin
The student, a certain Anthony van der Meer, intentionally had a phone of his stolen – one that he loaded with software called "Cerberus."
As The Next Web reported, the software gave him access to the device location, its features, and its contents – all of which he could retrieve when he wanted. The software also allowed him to make use of the phone's camera and microphone so he could spy on the thief.
For 2 weeks, that's exactly what der Meer did. He spied on the thief, tracking his moves, which resulted in the documentary posted above called Find My Phone – almost the namesake of the Apple app "Find My iPhone" used to find one's phone or disable it after being stolen. more
Excellent work, Anthony! ~Kevin
Spying Feeds the Monkeys ...in real life
Do Not Feed The Monkeys: Voyeuristic Spying Game Launches In 2017
from the press release...
“We all have a natural tendency to wonder about other people’s lives. Sometimes the best stories are kept secret … all in the name of privacy. It begs the question: Why miss out on life’s best experiences because they’re not your own? We’re trying our hand at an answer with Do Not Feed the Monkeys. Hope you enjoy the ride!” more
from the press release...
“We all have a natural tendency to wonder about other people’s lives. Sometimes the best stories are kept secret … all in the name of privacy. It begs the question: Why miss out on life’s best experiences because they’re not your own? We’re trying our hand at an answer with Do Not Feed the Monkeys. Hope you enjoy the ride!” more
There's a New Law in Town - Wiretapper Bounty Hunter
The Seventh Circuit revived wiretap claims against a woman who used an
email-autoforwarding program to show that the husband she was divorcing
had cheated on her.
In a concurring opinion, U.S. Circuit Judge Richard Posner questioned the usefulness of allowing litigants to use the wiretapping law as a means of concealing misconduct.
“I don’t understand why law should promote dishonesty and deception by protecting an undeserved, a rightly tarnished, reputation,” Posner wrote.
Posner also found it relevant that adultery is illegal in Illinois, where the Epsteins are divorcing.
“We might compare Mrs. Epstein to a bounty hunter — a private person who promotes a governmental interest,” he wrote. “She has uncovered criminal conduct hurtful to herself, and deserves compensation, such as a more generous settlement in her divorce proceeding.” more
In a concurring opinion, U.S. Circuit Judge Richard Posner questioned the usefulness of allowing litigants to use the wiretapping law as a means of concealing misconduct.
“I don’t understand why law should promote dishonesty and deception by protecting an undeserved, a rightly tarnished, reputation,” Posner wrote.
Posner also found it relevant that adultery is illegal in Illinois, where the Epsteins are divorcing.
“We might compare Mrs. Epstein to a bounty hunter — a private person who promotes a governmental interest,” he wrote. “She has uncovered criminal conduct hurtful to herself, and deserves compensation, such as a more generous settlement in her divorce proceeding.” more
Security Scrapbook Tip # 519 - Avast Ye Porch Pirates
Shipping companies like FedEx and UPS expect to deliver a record number of packages this holiday season...
Law enforcement officials are concerned that a record number of thieves could be following the trucks and attempting to steal the packages from porches before customers get home...
Hoping to stop "porch pirates" from taking packages, Seattle entrepreneur Michael Grabham invented a Frisbee-sized device called The Package Guard.
When delivery drivers place parcels on top of the $69 device, customers receive an alert via text message, email, or through an app. If a thief tries to remove the packages from the pressure-sensitive pad, a piercing alarm sounds.
The device can also be set up to send electronic alerts to neighbors if a theft is underway, according to the company’s website. more
Law enforcement officials are concerned that a record number of thieves could be following the trucks and attempting to steal the packages from porches before customers get home...
Hoping to stop "porch pirates" from taking packages, Seattle entrepreneur Michael Grabham invented a Frisbee-sized device called The Package Guard.
When delivery drivers place parcels on top of the $69 device, customers receive an alert via text message, email, or through an app. If a thief tries to remove the packages from the pressure-sensitive pad, a piercing alarm sounds.
The device can also be set up to send electronic alerts to neighbors if a theft is underway, according to the company’s website. more
Thursday, December 8, 2016
TSCM Team Finds "Plug Bug" Eavesdropping Device
Japan - An eavesdropping device was found in a waiting room for conservative members of the Mito Municipal Assembly, local city government officials and other sources told the Mainichi Shimbun on Dec. 7.
Ibaraki Prefectural Police seized the device and are investigating the case which they suspect could constitute trespassing into the building and violation of the Radio Act.
According to Mito Government officials, it was tipped off about the bug on Dec. 6.
Specialized workers hired by the local government began searching for the device from the evening of Dec. 7 and found it in a waiting room for three assembly members from "Suiseikai" -- a conservative parliamentary group -- on the first floor of the temporary two-story prefabricated assembly building. The bug plugs into an electric outlet. more
The example shown operates like a cell phone, but looks (and also operates) as a USB charger. It is powered 24/7, and may be called from a cell phone anywhere in the world. BTW, it can also automatically call the eavesdropper when it detects sound. Available on eBay for $14.79.
Don't you think its time to have your offices and conference rooms checked? ~Kevin
Example of a "Plug Bug" |
According to Mito Government officials, it was tipped off about the bug on Dec. 6.
Specialized workers hired by the local government began searching for the device from the evening of Dec. 7 and found it in a waiting room for three assembly members from "Suiseikai" -- a conservative parliamentary group -- on the first floor of the temporary two-story prefabricated assembly building. The bug plugs into an electric outlet. more
The example shown operates like a cell phone, but looks (and also operates) as a USB charger. It is powered 24/7, and may be called from a cell phone anywhere in the world. BTW, it can also automatically call the eavesdropper when it detects sound. Available on eBay for $14.79.
Don't you think its time to have your offices and conference rooms checked? ~Kevin
Labels:
#eavesdropping,
#TSCM,
detection,
fiber-optic,
find,
government,
GSM,
wireless
Subscribe to:
Posts (Atom)