Friday, September 28, 2018

"What, you're still on Facebook?!?!"

Today, Facebook says it recently discovered a security breach affecting nearly 50 million user accounts. more

Yesterday, Facebook confirmed that advertisers were privy to phone numbers given by members of the social network for enhanced security.

A study by two US universities, first reported by news website Gizmodo, found that phone numbers given to Facebook for two-factor authentication were also used to target advertising. more

Thursday, September 27, 2018

Recent Criminal Prosecutions for Trade Secret Theft

via Megan Mocho Jeschke, Holland & Knight LLP
Theft of trade secrets typically spurs civil actions against the offender, but theft of trade secrets can also be prosecuted criminally under the Economic Espionage Act, 18 U.S.C. § 1831 et seq. (the “Act”) and other related statutes. Several high-profile arrests, convictions, and indictments have come down in recent months highlighting the Department of Justice’s active enforcement in this area...

The Act makes it a crime to steal trade secrets or obtain trade secrets knowing them to have been stolen. 18 U.S.C. § 1831(a). The Act broadly defines trade secrets to include
all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing
provided that the owner takes “reasonable measures to keep such information secret” and the continued secrecy of the information has actual or potential “independent economic value.” 18 U.S.C. § 1839. Violators can be imprisoned and/or fined. Violators who intend to benefit a foreign government face higher penalties. more

Recent Spycam News

AR - A Northeast Arkansas man accused in a video voyeurism case pleaded guilty Monday. more

CA - Former Rancho Palos Verdes building inspector accused of secretly recording 89 people in City Hall, Starbucks restroom. more

DC - Fifty-two women secretly videotaped by an Orthodox rabbi in Georgetown between 2004 and 2014 as they undressed to immerse in a mikvah, a Jewish ritual bath, will get $25,000 each if a settlement reached between them and four Jewish organizations is approved by a D.C. judge. more

FL - Fort Myers Arthrex employee secretly recorded co-worker using bathroom. more

FL - A man who installs security systems for a living is accused of setting up hidden cameras in a home and recording hundreds of videos of women in the shower. more

Fl - A teacher and girls track coach left Bloomingdale High School in handcuffs on Tuesday after deputies said he admitted to secretly recording students in his fashion design class as they undressed. more
 
KY - A former teacher at Holy Rosary Catholic School in Evansville has pleaded guilty to six charges in a voyeurism case. more

PA - Philadelphia man sentenced to 20 years for secretly recording his girlfriend’s two daughters in bathroom. more

TX - A father suspicious of what was going on at his son's daycare sent the baby rigged with a spycam. His suspicions turned out to be right. more

UT - Salt Lake man charged in changing room voyeurism case. more

VT - There are new allegations against the former Rice Memorial High School teacher charged with secretly taking cellphone photos up students' skirts. more

WA - A Western Washington University employee, who committed suicide this week, had been accused of secretly video-recording two adult basketball players inside a locker room shower. more

WA - A man who videotaped a young girl as she was showering was sentenced to serve 90 days in jail for voyeurism. more

WV - Women's basketball players were photographed secretly in nude by assistant coach/residence hall director. more

Belgium - Every year, police records more acts of voyeurism. In 2016, 366 offenses were recorded, and even 857 in 2017, while in 2014 and 2015, the figures were respectively 108 and 112. more

Canada - Peterborough police have arrested a man on a warrant for several charges including voyeurism involving a woman he once had an intimate relationship with. more

Canada - A British couple vacationing in Toronto were horrified to discover a spy camera hidden in a digital clock at their rental apartment. more

Japan - Kumamoto Prefectural Police have arrested a male civic employee over the alleged illicit filming of a female high school student. more

Singapore - Apart from new laws to tackle the issue of voyeurism, various stakeholders such as malls and security companies should step up efforts to deter the use of hidden cameras in public toilets, said Members of Parliament (MPs) and activists. more   Finding spycams in the workplace.

South Korea - A spycam was discovered in the room for actress Shin Se-kyung and Apink’s Yoon Bo-mi while they were shooting for new variety program “Borderless Food Cart.” more

South Korea - Public toilets an issue of concern in South Korea for thousands of women. more

Monday, September 24, 2018

Corporate Espionage: Employees Solicited to Sell Company Secrets

There's a booming job market for corporate insiders willing to share secret info with cyber criminals.
  • Amazon said this week it's investigating whether company insiders have been selling proprietary information to buyers in Asia in order to give them a selling advantage.
  • Many companies, especially in big technology, banking and telecom, face heavy incentives overseas for employees to sell internal information or access.
  • The problem is so common that in some jurisdictions, criminal enterprises post "job ads" looking for specific insiders to aid in targeted schemes.
"The salaries listed are quite high, sometimes 10 times what the average salary for an average job at a bank would be...They look for people who can tell them how to log in and how to connect to certain accounts" ~Ziv Mador more

Saturday, September 22, 2018

Snake Eyes

A Pittsburgh woman is suing Rivers Casino, members of its security staff, her ex-husband, and his lawyer, claiming they used the casino’s video surveillance system to spy on her while she was gambling there last fall...

Clerici then alleges Rivers’ security staff handed the recordings over to her ex-husband’s lawyer, Dennis McCurdy, in compliance with a subpoena the casino should have known was invalid. more

Wiretep Fun Fact: Estonia Beats Sweden and Findland

According to weekly Eesti Ekspress, last year Estonia's security authorities eavesdropped on a total of 4,596 calls made in provider Telia's network.

The same company's Swedish network was accessed by the Swedish authorities 3,822 times. Taking into account the countries' populations as well as Telia's market share, this means that the Estonian state's phone surveillance is ten times that of Sweden, the paper wrote.

Telia also operate a phone network in Finland, where the state listened in on 3,640 calls last year. Taking into account market share and population, this is more than the number recorded in Sweden, but still five times less than in Estonia. more

Business Espionage: You Have a Friend in Philly

If someone is stealing your company's secrets, U.S. Attorney William M. McSwain wants to hear from you...

In the span of a couple weeks, McSwain's office secured two guilty pleas from two scientists who admitted taking part in a conspiracy to siphon cancer drug research from GlaxoSmithKline's Upper Merion offices, destined for a company that had financial backing from the Chinese government...

The pilfering of a company's proprietary work comes down to "economic warfare," McSwain said. "It's simply not fair for this information to be stolen and then for people to lose their jobs because of it." more sing-a-long

Smartphone Spying – All They Need is Your Number and You're Pegged

When an Israeli entrepreneur went into a meeting with the infamous spyware vendor NSO, company representatives asked him if it would be OK for them to demo their powerful and expensive spying software, known as Pegasus, on his own phone.

The entrepreneur, who spoke to Motherboard on condition of anonymity because he was not authorized to talk about the meeting, agreed, but said that NSO would have to target his other iPhone, which he brought with him and had a foreign phone number. He gave NSO that phone number and put the phone on the desk.

After “five or seven minutes,” the contents of his phone’s screen appeared on a large display that was set up in the meeting room, all without him even clicking on a malicious link, he said.

“I see clicking on all kinds of icons: email icon, SMS icon, and other icons,” he told Motherboard. “And suddenly I saw all my messages in there and I saw all the email in there and they were capable to open any information that was on my [iPhone].”

The entrepreneur added that the NSO representatives accessed the microphone and the camera on his iPhone. That demonstration highlighted the power of an increasingly popular product among governments: software for remotely hacking phones in order to access communications and other data from targets. more

UPDATE
Pegasus malware officially a global brand.


NSO Group's Pegasus surveillanceware has been on the market for around two years, and now researchers say the spyware has a global reach that would make most multinational corporations jealous.

CitizenLab reports that its latest analysis of the malware has found it operating in some 45 countries, usually in the hands of governments looking to keep tabs on its citizens. more
 

EU Fears its Brexit Talks Are Being Bugged

The European Union’s Brexit negotiators fear that they are being bugged by the British secret service after the UK obtained sensitive documents “within hours” of them being presented to a meeting of EU officials last month, The Telegraph understands.

A highly placed EU source revealed the security concerns as British negotiators were set to return to Brussels on Thursday to resume Brexit talks.

The two sides remain far apart on the key issues of customs arrangements and Ireland, with Latvia’s foreign minister warning on Wednesday that the risk of a ‘no deal’ outcome was now “50-50”. more

Thursday, September 20, 2018

Amazing: The World's Tiniest Camera Gets Smaller

Ultra Tiny Camera
Model: MD-B1000(UVC), MO-B1000(CVBS)
1/36" Color CMOS (OVM6948) sensor with 200x200 @30fps resolution and built-in 120-degree wide angle lens. The super tiny size is suitable for medical or industrial products.   Coming soon.... Video Demo

Wednesday, September 19, 2018

Royally Bugged - The CInderella Syndrome

Meghan Markle’s estranged half-sister Samantha Markle is reportedly living in fear, claiming that her house is bugged.

Markle’s status as a British Royal is reportedly wreaking havoc on her paternal family members
, at least according to her half-sister. On Tuesday, Samantha, who recently compared Prince Harry to a hamster, claimed on Twitter that her house is bugged and someone is watching her.

“To the morons sitting in the van running a mobile router to tap my phone, close your zippers, your shrinky dinks are visible," she wrote on her private account, according to Cosmopolitan, making good use of a classic GIF of Joey from Friends.

Although she failed to state who she believes is watching her, she did claim that this is not a one-time occurrence, as her previous home had reportedly been bugged as well. more

Weird: Wiretapper Causes Car Accident After Installation

Ukraine - The staff of the National Anti-Corruption Bureau of Ukraine (NABU) ran over a law enforcement officer and caused a car accident after installation of wiretapping in the building of the Specialized Anti-Corruption Prosecutor's Office (SAPO). Head of SAPO Nazar Kholodnytsky claimed this at the briefing.

It is noted that illegally installed wiretapping by the staff of NABU was discovered in the courtyard of SAPO, today. Also, a car with the personnel of NABU was detected near the administrative building.

‘Suddenly, the special forces of the Anti-Corruption Bureau appeared when the police arrived. The SAPO driver was forcibly taken out from the office car. My understanding is that the NABU employee took his seat, willfully ran the VAN over the personnel of the State Security Administration and the rest of the people. “Pajero” and two other cars were involved in the car accident. The accident is being registered,’ Kholodnytsky noted.

He added that the injured driver of SAPO is in a hospital right now with an initial diagnosis of a broken arm. more

Saturday, September 15, 2018

FutureWatch: Spying on a Computer Screen Via the Microphone

Daniel Genkin of the University of Michigan, Mihir Pattani of the University of Pennsylvania, Roei Schuster of Cornell Tech and Tel Aviv University, and Eran Tromer of Tel Aviv University and Columbia University investigated a potential new avenue of remote surveillance that they have dubbed "Synesthesia": a side-channel attack that can reveal the contents of a remote screen, providing access to potentially sensitive information based solely on "content-dependent acoustic leakage from LCD screens."

The research, supported by the Check Point Institute for Information Security at Tel Aviv University (of which Schuster and Tromer are members) and funded in part by the Defense Advanced Research Projects Agency, examined what amounts to an acoustic form of Van Eck phreaking. While Van Eck phreaking uses radio signal emissions that leak from display connectors, the Synesthesia research leverages "coil whine," the audio emissions from transformers and other electronic components powering a device's LCD display. more

Friday, September 14, 2018

The Cold Boot Attack is Back – Don't Leave Laptops Unattended

Credit: F-Secure
Cybersecurity vendor F-Secure announced today that "nearly all modern computers" are vulnerable to a cold boot attack (via a USB stick) that overrides existing safeguards. This attack can give someone access to laptop firmware and, therefore, encryption keys and other private data...

This vulnerability is particularly worrisome for organizations that regularly handle sensitive information, such as banks or government agencies, because the information gathered from a compromised laptop could let hackers work their way into other systems...

Because the attack requires physical access, it's also hard to know if someone has already discovered and used it. F-Secure characterized the attack as something that a low-level hacker might not discover but that anyone interested in corporate espionage or the like would be very interested in. Organizations have to decide if they want to proceed as if they were affected, which could be costly, or if they'll ignore the issue.

F-Secure advised concerned organizations to require Bitlocker PIN entry when a laptop powers up or restarts, to make sure employees force the laptops to shut down or hibernate instead of going into sleep mode and to keep laptops safe and have a plan for if they go missing. Aside from those steps, however, it's up to the laptop industry to make sure their products aren't susceptible to this modified attack. more

Q.v. USB Stick Warnings

Thursday, September 13, 2018

FutureWatch: The AI Eye of Providence, or Silcon Santa Surveillance

NICE Actimize, a NICE business and the leader in Autonomous Financial Crime Management, is hosting a series of global events to educate financial services organization (FSO) professionals on the challenges of electronic communications (eComms) surveillance and which are designed to demonstrate how its innovative Intelligent eComms Surveillance solution can transform compliance and conduct risk management, while avoiding reputational damage and fines...

Powered by artificial intelligence and automation, NICE Actimize’s Intelligent eComms Surveillance solution is a comprehensive platform for automating employee surveillance and investigations. The solution provides a single platform for monitoring 100 percent communications across all communication channels, including voice, so analysts can easily uncover hidden conduct risks, collusion, and insider trading...

...it supports hundreds of data types and can connect to, ingest and index data from storage vaults containing emails, instant messages, chat room communications, social media threads, text messages and voice calls...

NICE Actimize’s Intelligent eComms Surveillance solution uses Natural Language Understanding (text analytics and linguistics), machine learning and intelligent analytics (all fine-tuned for financial markets) to comprehend the true context of conversations and accurately identify risk...

This systematic approach enables firms to identify suspicious communications with unprecedented accuracy... more

Keep in mind, the financial world had the initial need and means to develop this. Once evolved and rolled-out you can bet it will be customized for other uses. Eventually... click here.  ~Kevin