Kolon Industries Inc. admitted conspiring to steal DuPont Co.’s Kevlar trade secrets
as a U.S. judge signed off on its plea agreement and $360 million penalty...
“There’s no doubt this case involves brazen and blatant conduct,” U.S. District Judge Anthony Trenga said before accepting the company’s guilty plea. Trenga said he was particularly troubled by Kolon employees destroying documents after DuPont sued in 2009.
The charges were initially filed against Gyeonggi, South Korea-based Kolon Industries Inc., which split into two public companies in 2010, Kolon Industries and Kolon Corp. The theft of secrets occurred before the split.
Kolon’s guilty plea also covered attempts to steal trade secrets from a second company, Tokyo-based Teijin Ltd. more
Sunday, May 3, 2015
Airbus'ed by Spies
Airbus on Thursday said it would file a criminal complaint against unknown parties after German media reports of the company having been the target of industrial espionage by the U.S. ...
German newspaper Bild reported earlier this week that the National Security Agency spied or sought to spy on Airbus and other companies and that the German government had known about it for several years. more
German newspaper Bild reported earlier this week that the National Security Agency spied or sought to spy on Airbus and other companies and that the German government had known about it for several years. more
Edinburgh Spy Week
Edinburgh Spy Week: Fictions of Espionage will run again in May 2015
with a whole new range of talks, films and events that explore the world
of espionage in literature and film.
Highlights include:
Highlights include:
- May 19th - An Evening with Graham Greene at the National Library of Scotland.
- May 22nd - James Robertson, ‘The Blanket of the Dark: Secrets, Truth and Lies in Real and Imagined Scotland’.
- May 22nd - Publish your own spy fiction! A workshop with Tim Stevens.
- May 23rd - ‘Secrecy and the Modern World’: a day of talks and discussions at the University of Edinburgh. Speakers include Kieron O’ Hara and Charles Cumming.
- Throughout the week: A series of Greene adaptations at the Edinburgh Filmhouse.
Wednesday, April 29, 2015
Who's Behind Those Ray Bans
ACLU - The map below tracks what we know, based on press reports and publicly
available documents, about the use of stingray tracking devices by state
and local police departments.
Following the map is a list of the federal law enforcement agencies known to use the technology throughout the United States. The ACLU has identified 51 agencies in 21 states and the District of Columbia that own stingrays, but because many agencies continue to shroud their purchase and use of stingrays in secrecy, this map dramatically under represents the actual use of stingrays by law enforcement agencies nationwide.
Stingrays, also known as "cell site simulators" or "IMSI catchers," are invasive cell phone surveillance devices that mimic cell phone towers and send out signals to trick cell phones in the area into transmitting their locations and identifying information. When used to track a suspect's cell phone, they also gather information about the phones of countless bystanders who happen to be nearby. Click here for more info on stingrays.
Following the map is a list of the federal law enforcement agencies known to use the technology throughout the United States. The ACLU has identified 51 agencies in 21 states and the District of Columbia that own stingrays, but because many agencies continue to shroud their purchase and use of stingrays in secrecy, this map dramatically under represents the actual use of stingrays by law enforcement agencies nationwide.
Stingrays, also known as "cell site simulators" or "IMSI catchers," are invasive cell phone surveillance devices that mimic cell phone towers and send out signals to trick cell phones in the area into transmitting their locations and identifying information. When used to track a suspect's cell phone, they also gather information about the phones of countless bystanders who happen to be nearby. Click here for more info on stingrays.
It's Just Not Cricket
India
Former Board of Control for Cricket in India (BCCI) chief N Srinivasan allegedly hired the services of a London firm to spy on BCCI officials, The Times of India reports...
According to reports, Srinivasan paid Rs 14 crore of BCCI's money to spy on his fellow board members and asked them to tap their phones and track their e-mails. It is expected that BCCI will investigate this matter further lead by new secretary Anurag Thakur. more "It's just not cricket"
Former Board of Control for Cricket in India (BCCI) chief N Srinivasan allegedly hired the services of a London firm to spy on BCCI officials, The Times of India reports...
According to reports, Srinivasan paid Rs 14 crore of BCCI's money to spy on his fellow board members and asked them to tap their phones and track their e-mails. It is expected that BCCI will investigate this matter further lead by new secretary Anurag Thakur. more "It's just not cricket"
Bugging Concerns Prompt City Hall TSCM Sweep
UK - Council chiefs were forced to pay a specialist security firm to “sweep” for electronic recording devices after an ex-councillor hinted the council house had been bugged...
It is understood the un-named company carried out a sweep of the council house at some stage in the past month, but no such electronic items were found.
A spokesman for Plymouth City Council said: “We received a communication that suggested recording devices may have been installed in the council house.
“Given the highly confidential nature of some of the meetings held in the building, which include those about the safeguarding of vulnerable children, we had a duty to look into it and had the building checked. more
It is understood the un-named company carried out a sweep of the council house at some stage in the past month, but no such electronic items were found.
A spokesman for Plymouth City Council said: “We received a communication that suggested recording devices may have been installed in the council house.
“Given the highly confidential nature of some of the meetings held in the building, which include those about the safeguarding of vulnerable children, we had a duty to look into it and had the building checked. more
Student Uses Keystroke Logger to Change Grades - Fail & Jail
UK - Student uses a keyboard spying device to hack the computer of Birmingham University to up his own grades and has been sentenced for 4 months of jail.
A final year student was found guilty of hacking the university computers to change his marks and to increase his overall final year grades has been sentenced by the court for a 4 months of jail.
Imran Uddin, a 25 year old student of Bio Science, at the University of Birmingham hacked the university computers by using “keyboard spying device”. This device resembles a USB stick and can be purchased from the internet sites for as low as £49. Mr. Uddin had bought these equipments from online website ebay and implanted them on a number of computers in the university where he was studying. more cue the cat
A final year student was found guilty of hacking the university computers to change his marks and to increase his overall final year grades has been sentenced by the court for a 4 months of jail.
Imran Uddin, a 25 year old student of Bio Science, at the University of Birmingham hacked the university computers by using “keyboard spying device”. This device resembles a USB stick and can be purchased from the internet sites for as low as £49. Mr. Uddin had bought these equipments from online website ebay and implanted them on a number of computers in the university where he was studying. more cue the cat
The Rayney Wiretap Trial Continues
Lloyd Rayney phone-tapping trial: Fingerprints on roof manhole match alleged installer of bugging equipment.
Australia - Two fingerprints on a manhole cover* from the home of Lloyd Rayney matched those of the man he is alleged to have paid to install phone-bugging equipment, a police officer has told the District Court in Perth.
Senior Constable Damian Sheridan was testifying at the trial of Mr Rayney on two charges of aiding, abetting or procuring the interception of the landline telephone at his family's home over two periods in 2007, before the death of his wife Corryn. more *The cover plate for an in-wall wiring junction box.
Australia - Two fingerprints on a manhole cover* from the home of Lloyd Rayney matched those of the man he is alleged to have paid to install phone-bugging equipment, a police officer has told the District Court in Perth.
Senior Constable Damian Sheridan was testifying at the trial of Mr Rayney on two charges of aiding, abetting or procuring the interception of the landline telephone at his family's home over two periods in 2007, before the death of his wife Corryn. more *The cover plate for an in-wall wiring junction box.
Monday, April 13, 2015
Beauty Queen Sues In-Laws For Bugging Bedroom
A former Turkish beauty queen has sued her former in-laws for bugging her bedroom with the help of her ex-husband, according to a local media report.
Sinem Sülün, who was crowned Miss Model Turkey in 2005 and was runner-up at Miss Turkey-Universe in 2007, divorced her husband Mustafa Yüksel last month. She was awarded 200,000 Turkish Liras in compensation and 2,500 liras as a monthly alimony after the divorce.
Daily Milliyet reported on April 1 that the divorce case led to a fierce argument between the two sides, after Sülün claimed that her husband and his parents had illegally wiretapped their private conversations by bugging a power socket in their bedroom.
The 5th Criminal Court of Peace recently ruled for the trial of businessman Yüksel and his parents on charges of illegally recording a private conversation, the report said. more
Daily Milliyet reported on April 1 that the divorce case led to a fierce argument between the two sides, after Sülün claimed that her husband and his parents had illegally wiretapped their private conversations by bugging a power socket in their bedroom.
The 5th Criminal Court of Peace recently ruled for the trial of businessman Yüksel and his parents on charges of illegally recording a private conversation, the report said. more
The Wire - Censored to Protect You
HBO's The Wire was lauded for its gritty, realistic portrayal of the drug war in Baltimore, but it seems law enforcement thought the show could be a bit too authentic at times. In a story about cellphone tracking technology, showrunner David Simon tells The Baltimore Sun that "At points, we were asked by law enforcement not to reveal certain vulnerabilities in our plotlines."
Simon, who was once a reporter for the very same paper, explains that the writers once intended to show that criminals using the walkie-talkie-eque, "push-to-talk" feature of Nextel phones could avoid surveillance and wiretaps. According to Simon, the technology "was actually impervious to any interception by law enforcement during a critical window of time." more
Simon, who was once a reporter for the very same paper, explains that the writers once intended to show that criminals using the walkie-talkie-eque, "push-to-talk" feature of Nextel phones could avoid surveillance and wiretaps. According to Simon, the technology "was actually impervious to any interception by law enforcement during a critical window of time." more
Friday, April 10, 2015
Encyclopedia Spytanica
Trying to get a handle on hundreds of sensitive, closely held surveillance programs, a Senate committee is compiling a secret encyclopedia of American intelligence collection. It's part of an effort to improve congressional oversight of the government's sprawling global spying effort.
Sen. Dianne Feinstein launched the review in October 2013, after a leak by former National Security Agency systems administrator Edward Snowden disclosed that the NSA had been eavesdropping on German Chancellor Angela Merkel's cellphone. Four months earlier, Snowden had revealed the existence of other programs that vacuumed up Americans' and foreigners' phone call records and electronic communications.
"We're trying right now to look at every intelligence program," Feinstein told The Associated Press. "There are hundreds of programs we have found ... sprinkled all over. Many people in the departments don't even know (they) are going on." more
Sen. Dianne Feinstein launched the review in October 2013, after a leak by former National Security Agency systems administrator Edward Snowden disclosed that the NSA had been eavesdropping on German Chancellor Angela Merkel's cellphone. Four months earlier, Snowden had revealed the existence of other programs that vacuumed up Americans' and foreigners' phone call records and electronic communications.
"We're trying right now to look at every intelligence program," Feinstein told The Associated Press. "There are hundreds of programs we have found ... sprinkled all over. Many people in the departments don't even know (they) are going on." more
Ex Rigs Live Streaming Bedroom Spycam
WA - A 41-year-old Cheney, Washington, is accused of entering his ex-girlfriend's home and secretly installing a wireless camera in her bedroom to spy on her...
Court records shows the ex-girlfriend called Liberty Lake police in late March when she arrived home and found several items he had given her burned in a backyard fire pit. A few days later, she reported finding a camera hidden in a light fixture above her bed.
Liberty Lake police Chief Brian Asmus says the camera was connected to a wireless device hidden in the attic and was streaming live video. more
Court records shows the ex-girlfriend called Liberty Lake police in late March when she arrived home and found several items he had given her burned in a backyard fire pit. A few days later, she reported finding a camera hidden in a light fixture above her bed.
Liberty Lake police Chief Brian Asmus says the camera was connected to a wireless device hidden in the attic and was streaming live video. more
Monday, April 6, 2015
The World Wrestles with the Spycam Epidemic
India - After Human Resources Development Smriti Irani claims to have detected a CCTV camera facing towards a FabIndia trial* room in Goa, many shops are now being inspected to ensure that no such cameras are found inside changing rooms...
A spy camera can be fitted in the smoke detector, electrical switch and almost in any item usually found in a trial room.
Spy camera retailer Parminder Singh said, "Spy cameras can be fitted even in the fire extinguisher."
But the sophistication of these cameras and the huge variety in which they come in have reached makes it becomes difficult for a common man to detect a hidden camera with a naked eye.
While spy cam detectors are available in the market, their effectiveness is unreliable. more
* In India, a "trial room" is a changing room in a clothing store.
A spy camera can be fitted in the smoke detector, electrical switch and almost in any item usually found in a trial room.
Spy camera retailer Parminder Singh said, "Spy cameras can be fitted even in the fire extinguisher."
But the sophistication of these cameras and the huge variety in which they come in have reached makes it becomes difficult for a common man to detect a hidden camera with a naked eye.
While spy cam detectors are available in the market, their effectiveness is unreliable. more
* In India, a "trial room" is a changing room in a clothing store.
"I'm sorry I called you a spy. Let me buy you a cup of coffee."
A Starbucks executive apologized to a San Francisco man after an employee apparently accused him of being a spy for China.
Daniel Lui posted about the incident on Yelp. According to Lui, he was visiting a Starbucks location in Seattle, Washington when an executive came up to him and accused him of spying in order to open a coffee chain in China. ...the Starbucks executive called to apologize and the company put $50 on Lui’s Starbucks card.
The incident happened before Starbucks launched its controversial Race Together initiative aimed at improving race relations in the U.S. more
Daniel Lui posted about the incident on Yelp. According to Lui, he was visiting a Starbucks location in Seattle, Washington when an executive came up to him and accused him of spying in order to open a coffee chain in China. ...the Starbucks executive called to apologize and the company put $50 on Lui’s Starbucks card.
The incident happened before Starbucks launched its controversial Race Together initiative aimed at improving race relations in the U.S. more
District Officials Bugged Their Mayor’s Computer
Canada - He was ridiculed and dismissed as paranoid for claiming that district employees have installed a surveillance software in his office computer to spy on his online activities. In the end, Richard Atwell, mayor of the District of Saanich in British Columbia, is vindicated and gets to say “I told you so.”
Last week Elizabeth Denham’s, the Information and Privacy Commissioner of B.C., released a report castigating the district for installing monitoring software on employees’ computers with little regard for the people’s privacy rights covered by privacy laws that have been in place for 20 years.
Denham said her staff “observed that the software had been configured to record the activities of District employees, including recording and retaining screenshots of computer activity at 30 second intervals and every keystroke taken on a workstation’s keyboard, and retaining copies of every email sent or received.”
The report 35-page report revealed that the bugging of Atwell’s machine stemmed from concerns of district directors that because of Atwell’s IT background, the new mayor would be able to uncover outstanding security issues in the district’s IT infrastructure. These were issues IT security shortcomings revealed by an IT audit back in May 2014. more
Last week Elizabeth Denham’s, the Information and Privacy Commissioner of B.C., released a report castigating the district for installing monitoring software on employees’ computers with little regard for the people’s privacy rights covered by privacy laws that have been in place for 20 years.
Denham said her staff “observed that the software had been configured to record the activities of District employees, including recording and retaining screenshots of computer activity at 30 second intervals and every keystroke taken on a workstation’s keyboard, and retaining copies of every email sent or received.”
The report 35-page report revealed that the bugging of Atwell’s machine stemmed from concerns of district directors that because of Atwell’s IT background, the new mayor would be able to uncover outstanding security issues in the district’s IT infrastructure. These were issues IT security shortcomings revealed by an IT audit back in May 2014. more
Companies Warned to Sweep for Bugging Devices
SA - Companies should regularly have their boardrooms and communication devices swept for bugging devices, and even consider using the controversial cellphone jammer* for meetings to protect their corporate intelligence, a private investigator has warned.
"It is perfectly normal, good security procedure, says Kyle Condon, managing director of DK Management Consultants.
Following the outrage over the use of a cellphone jamming device in Parliament, and suspended Eskom CEO Tshediso Matona's suggestion in his court papers that an important board meeting was bugged, Condon says such tactics are not limited to governments. more
* The use of a cell phone jammer is illegal in the United States.
"It is perfectly normal, good security procedure, says Kyle Condon, managing director of DK Management Consultants.
Following the outrage over the use of a cellphone jamming device in Parliament, and suspended Eskom CEO Tshediso Matona's suggestion in his court papers that an important board meeting was bugged, Condon says such tactics are not limited to governments. more
* The use of a cell phone jammer is illegal in the United States.
Thursday, March 26, 2015
Air-Gapped Computer Hack
Ben-Gurion University of the Negev (BGU) researchers have discovered a new method to breach air-gapped computer systems called “BitWhisper” which enables two-way communications between adjacent, unconnected PC computers using heat.
The research, conducted by Mordechai Guri, Ph.D. is part of an ongoing focus on air-gap security at the BGU Cyber Security Research Center. Computers and networks are air-gapped when they need to be kept highly secure and isolated from unsecured networks, such as the public Internet or an unsecured local area network. Typically, air-gapped computers are used in financial transactions, mission critical tasks or military applications.
According to the researchers, “The scenario is prevalent in many organizations where there are two computers on a single desk, one connected to the internal network and the other one connected to the Internet. BitWhisper can be used to steal small chunks of data (e.g. passwords) and for command and control." View BitWhisper video demo. more
The research, conducted by Mordechai Guri, Ph.D. is part of an ongoing focus on air-gap security at the BGU Cyber Security Research Center. Computers and networks are air-gapped when they need to be kept highly secure and isolated from unsecured networks, such as the public Internet or an unsecured local area network. Typically, air-gapped computers are used in financial transactions, mission critical tasks or military applications.
According to the researchers, “The scenario is prevalent in many organizations where there are two computers on a single desk, one connected to the internal network and the other one connected to the Internet. BitWhisper can be used to steal small chunks of data (e.g. passwords) and for command and control." View BitWhisper video demo. more
Tuesday, March 24, 2015
"Is there a phone number I can call to see if my phone is tapped?"
I read this on a private detectives' news group this week... "Does anyone remember the phone number which can be called to determine if a phone is bugged? I can't find it now that I have a use for it."
One of the answers this gentleman received, "http://800notes.com/Phone.aspx/1-202-543-9994" I visited the link and had a good laugh reading the posts.
From a non-technical perspective, just looking at it logically, the answer is obviously, NO. If there were a number, everyone would be using it and covert wiretapping would be impossible.
From a technical perspective the answer is obviously, NO. There are a multitude of ways to bug or wiretap phones, many of which do not affect the electrical characteristics of the phone.
1. There was one telephone bugging device called the Telecommand, and its variants Infinity Transmitter and Harmonica Bug. Generally speaking, these were audio room bugs, which could either built into the phone or attached to the line somewhere near the phone. They were activated by a tone sent up the line by the eavesdropper.
2. The phone company, at the time, had test numbers used by their techs. One of these test numbers produced a sweeping tone from low frequency to high frequency. Back in the early 1970's some of the sweep tone numbers were 212-324-0707, 213-615-0003, 213-277-9291, 213-783-0001, 202-560-9944.
Time to put 1 & 2 together...
If your phone or line was bugged by this specific type of eavesdropping device, AND you called the sweep tone test number from your phone, you MIGHT be able to detect that you activated the bug. Most of the professional TSCM telephone testers of this era had sweep tone testers built into them. The party ended when the phone company migrated from analog to digital (SS7) switching beginning in the mid-to-late 1970s.
With digital switching the ringtone the caller hears is not coming from the phone, but rather from the phone company switch. There is no audio path to the phone until it is answered. So, trying to send a tone up the line before the phone is answered is futile. Some versions of the bug tried to overcome this death knell by letting the call be answered, and then sending the tone as the person was hanging up, thus its name, Keepalive.
Tip: If you have eavesdropping and wiretapping questions, please, contact a qualified specialist with a good reputation. There are plenty of us around. ~Kevin
P.S. Another phone number urban legend...
If you think your phone is tapped dial this # to find out: 101073217709889664
An automated voice will then repeat your phone number followed by an "8" then nine "0's" and a number. If the last number is 1, 2, or 3 your phone is NOT tapped if it is larger than 3 then you have a problem.
One of the answers this gentleman received, "http://800notes.com/Phone.aspx/1-202-543-9994" I visited the link and had a good laugh reading the posts.
From a non-technical perspective, just looking at it logically, the answer is obviously, NO. If there were a number, everyone would be using it and covert wiretapping would be impossible.
From a technical perspective the answer is obviously, NO. There are a multitude of ways to bug or wiretap phones, many of which do not affect the electrical characteristics of the phone.
- So, why does this urban legend persist?
- Is there a shred of truth in it?
- When did it start?
1. There was one telephone bugging device called the Telecommand, and its variants Infinity Transmitter and Harmonica Bug. Generally speaking, these were audio room bugs, which could either built into the phone or attached to the line somewhere near the phone. They were activated by a tone sent up the line by the eavesdropper.
2. The phone company, at the time, had test numbers used by their techs. One of these test numbers produced a sweeping tone from low frequency to high frequency. Back in the early 1970's some of the sweep tone numbers were 212-324-0707, 213-615-0003, 213-277-9291, 213-783-0001, 202-560-9944.
Time to put 1 & 2 together...
If your phone or line was bugged by this specific type of eavesdropping device, AND you called the sweep tone test number from your phone, you MIGHT be able to detect that you activated the bug. Most of the professional TSCM telephone testers of this era had sweep tone testers built into them. The party ended when the phone company migrated from analog to digital (SS7) switching beginning in the mid-to-late 1970s.
With digital switching the ringtone the caller hears is not coming from the phone, but rather from the phone company switch. There is no audio path to the phone until it is answered. So, trying to send a tone up the line before the phone is answered is futile. Some versions of the bug tried to overcome this death knell by letting the call be answered, and then sending the tone as the person was hanging up, thus its name, Keepalive.
Tip: If you have eavesdropping and wiretapping questions, please, contact a qualified specialist with a good reputation. There are plenty of us around. ~Kevin
P.S. Another phone number urban legend...
If you think your phone is tapped dial this # to find out: 101073217709889664
An automated voice will then repeat your phone number followed by an "8" then nine "0's" and a number. If the last number is 1, 2, or 3 your phone is NOT tapped if it is larger than 3 then you have a problem.
Monday, March 23, 2015
Union Claims Zoo Eavesdropped - Weasle Dance at 11
CA - Allegations that upper management at the San Francisco Zoo eavesdropped on employees using a radio communication system as a bugging device has union teamsters demanding the zoo uphold their employees' right to privacy.
According to Teamsters Local Union 856 representative Tim Jenkins, the San Francisco Zoo's executive director Tanya Peterson and its vice president of operations Robert Icard both have radios equipped with spyware giving them the capability to listen in on zoo employees' private conversations without their knowledge. more video
Viet Hong Spyware Brains Head to Court
Hanoi prosecutors said they will take seven people of a technology firm to court for developing and selling a mobile application that allowed users to spy on more than 14,000 phones from 2013 to 2014.
Viet Hong Technology Company’s Deputy Director Nguyen Viet Hung and six employees will stand trial on charges of “illegally using information gained from computer, internet and telecommunication networks.”
The crime is punishable by a jail term of up seven years and an additional fine of up to VND200 million (US$9,300).
According to the case file, Hung, 41, hired Le Thanh Lam to write the spying app called “Ptracker”. more
Viet Hong Technology Company’s Deputy Director Nguyen Viet Hung and six employees will stand trial on charges of “illegally using information gained from computer, internet and telecommunication networks.”
The crime is punishable by a jail term of up seven years and an additional fine of up to VND200 million (US$9,300).
According to the case file, Hung, 41, hired Le Thanh Lam to write the spying app called “Ptracker”. more
Florida Working on a Drone Law
FL - A law that would make it illegal to use a drone to spy on your family is moving through the Florida Legislature right now.
Under the proposed law, the government and police would be forbidden from using drones for surveillance, and so would everyday people like your neighbors.
The ban would only apply to private property and only to places where someone has "a reasonable expectation of privacy." more
Under the proposed law, the government and police would be forbidden from using drones for surveillance, and so would everyday people like your neighbors.
The ban would only apply to private property and only to places where someone has "a reasonable expectation of privacy." more
Security Director Alert - Cisco VoIP Phone Eavesdropping Vulnerability
Cisco is warning customers about several vulnerabilities in some of its IP phones that can allow an attacker to listen in on users’ conversations. The bug affects the Cisco SPA 300 and 500 Series IP phones.
Cisco had confirmed the vulnerabilities, which were discovered by Chris Watts, a researcher at Tech Analysis in Australia, and is working on a new version of the firmware to fix the bugs.
“A vulnerability in the firmware of the Cisco Small Business SPA 300 and 500 series IP phones could allow an unauthenticated, remote attacker to listen to the audio stream of an IP phone,” Cisco said in its advisory.
“The vulnerability is due to improper authentication settings in the default configuration. An attacker could exploit this vulnerability by sending a crafted XML request to the affected device. An exploit could allow the attacker to listen to a remote audio stream or make phone calls remotely.”
...The fix for the bug is not yet available, but Cisco said it is preparing one. more
“A vulnerability in the firmware of the Cisco Small Business SPA 300 and 500 series IP phones could allow an unauthenticated, remote attacker to listen to the audio stream of an IP phone,” Cisco said in its advisory.
“The vulnerability is due to improper authentication settings in the default configuration. An attacker could exploit this vulnerability by sending a crafted XML request to the affected device. An exploit could allow the attacker to listen to a remote audio stream or make phone calls remotely.”
...The fix for the bug is not yet available, but Cisco said it is preparing one. more
Labels:
advice,
business,
eavesdropping,
Hack,
telephone,
VoIP,
wiretapping
CSIS Sends 6-year-old Boy Tips on How to Become a Spy
Canada - When six-year-old Jacob St. Jean found out that secret agents weren't just the stuff of stories, he asked his mom, Erin, to help him track down some real spies.
The pair wrote a letter to CSIS, asking if Canada's spy agency would set up a club for kids.
For four months, Jacob checked the mail daily, only to be disappointed...
Then, earlier this week, Jacob received a mysterious package in the mail — and an apology for the delayed response — from the B.C. regional director of CSIS. more
The pair wrote a letter to CSIS, asking if Canada's spy agency would set up a club for kids.
For four months, Jacob checked the mail daily, only to be disappointed...
Then, earlier this week, Jacob received a mysterious package in the mail — and an apology for the delayed response — from the B.C. regional director of CSIS. more
Thursday, March 19, 2015
Security Director Alert - iPhone Password Crack
via... blog.mdsec.co.uk
We recently became aware of a device known as an IP Box that was being used in the phone repair markets to bruteforce the iOS screenlock. This obviously has huge security implications and naturally it was something we wanted to investigate and validate. For as little as £200 we were able to acquire one of these devices and put it to work.
Although we’re still analyzing the device it appears to be relatively simple in that it simulates the PIN entry over the USB connection and sequentially bruteforces every possible PIN combination. That in itself is not unsurprising and has been known for some time. What is surprising however is that this still works even with the “Erase data after 10 attempts” configuration setting enabled. Our initial analysis indicates that the IP Box is able to bypass this restriction by connecting directly to the iPhone’s power source and aggressively cutting the power after each failed PIN attempt, but before the attempt has been synchronized to flash memory. As such, each PIN entry takes approximately 40 seconds, meaning that it would take up to ~111 hours to bruteforce a 4 digit PIN.
...our advice to all is ensure you have a sufficiently complex password applied to your device rather than a PIN. more
We recently became aware of a device known as an IP Box that was being used in the phone repair markets to bruteforce the iOS screenlock. This obviously has huge security implications and naturally it was something we wanted to investigate and validate. For as little as £200 we were able to acquire one of these devices and put it to work.
Although we’re still analyzing the device it appears to be relatively simple in that it simulates the PIN entry over the USB connection and sequentially bruteforces every possible PIN combination. That in itself is not unsurprising and has been known for some time. What is surprising however is that this still works even with the “Erase data after 10 attempts” configuration setting enabled. Our initial analysis indicates that the IP Box is able to bypass this restriction by connecting directly to the iPhone’s power source and aggressively cutting the power after each failed PIN attempt, but before the attempt has been synchronized to flash memory. As such, each PIN entry takes approximately 40 seconds, meaning that it would take up to ~111 hours to bruteforce a 4 digit PIN.
...our advice to all is ensure you have a sufficiently complex password applied to your device rather than a PIN. more
Wednesday, March 18, 2015
NYPD Blue IT
NYC - A rogue auxiliary cop hacked into an NYPD database for confidential information about traffic accidents, then contacted the victims posing as an ambulance-chasing lawyer, federal authorities said Tuesday.
Yehuda Katz devised an elaborate scheme inside the 70th Precinct station house in Flatbush, Brooklyn, where he was not only able to access law enforcement databases from a remote location, but also installed a hidden camera in a cable TV box in the traffic safety office to make sure he wouldn’t be found out...
Investigators found an electronic device connected to the computer had been logging into the NYPD database using the passwords of three cops on their days off.
The surveillance camera had the capability to broadcast a live image of the office to the Internet. Investigators suspect Katz would activate the device from a remote location to make sure no one was using the computer so he could log into the database. more
"Mr. Katz will see you, as soon as you put on this neck brace." |
Investigators found an electronic device connected to the computer had been logging into the NYPD database using the passwords of three cops on their days off.
The surveillance camera had the capability to broadcast a live image of the office to the Internet. Investigators suspect Katz would activate the device from a remote location to make sure no one was using the computer so he could log into the database. more
Monday, March 16, 2015
Canadians Concerned About Bill C-51's Surveillance Powers
Canadians should be “spooked” by the enhanced powers spies are going to get, says a national security expert.
Agents of the Canadian Security Intelligence Service will not just be capable of eavesdropping and opening other people’s mail, according to Reg Whitaker.
The Vancouver Island-based academic and author of The End of Privacy: How Total Surveillance is Becoming a Reality said they’ll be able to do pretty much everything, short of murder, torture, sexual assault, and obstruction of justice.
That’s care of Bill C-51, the federal Liberal party-backed anti-terrorism bill introduced by the Conservatives in Parliament.
“The way that legislation is drawn up, anything,” Whitaker told the Straight in a phone interview. “I mean, it’s open ended. It’s a blank cheque.” more
Agents of the Canadian Security Intelligence Service will not just be capable of eavesdropping and opening other people’s mail, according to Reg Whitaker.
The Vancouver Island-based academic and author of The End of Privacy: How Total Surveillance is Becoming a Reality said they’ll be able to do pretty much everything, short of murder, torture, sexual assault, and obstruction of justice.
That’s care of Bill C-51, the federal Liberal party-backed anti-terrorism bill introduced by the Conservatives in Parliament.
“The way that legislation is drawn up, anything,” Whitaker told the Straight in a phone interview. “I mean, it’s open ended. It’s a blank cheque.” more
Sunday, March 15, 2015
Lawyer Asks Judge to Rule... Wiretapper was a Party to the Calls
NJ - A top official at a New Jersey jail has been convicted of illegal wiretapping.
Hudson County Correctional Facility Deputy Director Kirk Eady was convicted Friday of the only charge he faced.
Authorities say he used a website to intercept and record at least a dozen telephone calls of other employees and another person who were critical of his work performance.
The 46-year-old Eady, of East Brunswick, scheduled to be sentenced on July 8. He faces up to five years in prison and a fine of up to $250,000.
His lawyer has asked a judge to rule that Eady was actually a party to the phone calls and not breaking the law. more
Hudson County Correctional Facility Deputy Director Kirk Eady was convicted Friday of the only charge he faced.
Authorities say he used a website to intercept and record at least a dozen telephone calls of other employees and another person who were critical of his work performance.
The 46-year-old Eady, of East Brunswick, scheduled to be sentenced on July 8. He faces up to five years in prison and a fine of up to $250,000.
His lawyer has asked a judge to rule that Eady was actually a party to the phone calls and not breaking the law. more
BlackBerry's SecuTABLET
BlackBerry is returning to its core expertise in mobile phones — security — as it was known half-a-decade ago.
In its efforts to stage back in the lost ground of mobile market, the Canada-based company said its new high-security tablet based on the Samsung Galaxy Tab S 10.5 would extend its secure mobile services developed in partnership with IBM and Samsung.
Called the SecuTABLET, the device was presented by its Secusmart unit at the CeBIT 2015 in Germany, BlackBerry said the new mobile brings forth once again its core strength on secure connections for government and big businesses, In fact a decade ago, BlackBerry ruled the world of secrecy with its encrypted e-mail message facility that became a headache for many governments used to swooping on big business conglomerates. more
In its efforts to stage back in the lost ground of mobile market, the Canada-based company said its new high-security tablet based on the Samsung Galaxy Tab S 10.5 would extend its secure mobile services developed in partnership with IBM and Samsung.
Called the SecuTABLET, the device was presented by its Secusmart unit at the CeBIT 2015 in Germany, BlackBerry said the new mobile brings forth once again its core strength on secure connections for government and big businesses, In fact a decade ago, BlackBerry ruled the world of secrecy with its encrypted e-mail message facility that became a headache for many governments used to swooping on big business conglomerates. more
He Wiretapped His Way Into Her Heart
AR - A little wiretapping and a less than harmonious conversation with another man were the catalyst for romance in 1986 for Beth Guerin and the office telephone installation tech.
He had certainly noticed her. The really cute girl who was answering phones part time in the doctor's office? Yes, 19-year-old Darrin Adcock had noticed her. He was doing a job for a small telecommunications company in Hot Springs, and he likely would have left without exchanging a word with her had he not made a small mistake first.
"I had my test set and I accidentally clicked onto the line that she was on. And I listened. Maybe I shouldn't have, but I did," Darrin says. "I really didn't mean to do that, but in doing so I heard her talking to her then-boyfriend and realized her and her boyfriend were not getting along and I thought, 'Well, this is kind of neat.'" more
He had certainly noticed her. The really cute girl who was answering phones part time in the doctor's office? Yes, 19-year-old Darrin Adcock had noticed her. He was doing a job for a small telecommunications company in Hot Springs, and he likely would have left without exchanging a word with her had he not made a small mistake first.
"I had my test set and I accidentally clicked onto the line that she was on. And I listened. Maybe I shouldn't have, but I did," Darrin says. "I really didn't mean to do that, but in doing so I heard her talking to her then-boyfriend and realized her and her boyfriend were not getting along and I thought, 'Well, this is kind of neat.'" more
Corporate Espionage: CBI Names PricewaterhouseCoopers as a Suspect
India - The Central Bureau of Investigation on Saturday named consultancy firm PricewaterhouseCoopers as a suspect in the corporate espionage case...
The Delhi Police had earlier last month arrested two more persons - one from the UPSC and the other from the Environment Ministry - broadening its probe into the corporate espionage case.
They were held for leaking sensitive documents to energy consultant Lokesh Sharma.
Around 17 people, including government employees, energy consultants and senior executives of top energy companies, have been arrested so far by the Delhi Police. more
The Delhi Police had earlier last month arrested two more persons - one from the UPSC and the other from the Environment Ministry - broadening its probe into the corporate espionage case.
They were held for leaking sensitive documents to energy consultant Lokesh Sharma.
Around 17 people, including government employees, energy consultants and senior executives of top energy companies, have been arrested so far by the Delhi Police. more
Friday, March 13, 2015
Business Espionage: The Cruffin Caper (and 230 other recipes swiped)
It takes three days to make a cruffin, a muffin-croissant hybrid that is the signature of Ry Stephen, a 28-year-old pastry chef. His shop, Mr Holmes Bakehouse, has been open three months and inspired a wild following, with customers lining up early to buy the ice-cream-cone-shaped cruffins, which reliably sell out before the line is gone...
Now, the tempting sweet may have inspired a crime. Overnight last week, a thief stole the recipe for cruffins, and Mr. Stephen’s 230 other recipes, from binders in the bakery’s kitchen. Nothing else in the store was touched: not money, valuable baking equipment, an iPad or other computers...
Mr. Stephen does not think it was an inside job. He said he trusts his employees and has told them, “You can have any recipe you want, provided you know how to execute it.” Plus a new surveillance system had been installed, but was not yet operational, although the employees did not know that. more
This is a cautionary tale with important points for your business...
1. Secure your proprietary information and business secrets. Keeping them in your "locked" office, on a shelf, where everyone knows where they are, is not adequate.
2. Use top notch security to protect your business secrets. Hire an independent security consultant to assist you with this. Periodically double-check to make sure your security systems are 100% operational.
Expect to see cruffins everywhere, soon.
Now, the tempting sweet may have inspired a crime. Overnight last week, a thief stole the recipe for cruffins, and Mr. Stephen’s 230 other recipes, from binders in the bakery’s kitchen. Nothing else in the store was touched: not money, valuable baking equipment, an iPad or other computers...
Mr. Stephen does not think it was an inside job. He said he trusts his employees and has told them, “You can have any recipe you want, provided you know how to execute it.” Plus a new surveillance system had been installed, but was not yet operational, although the employees did not know that. more
This is a cautionary tale with important points for your business...
1. Secure your proprietary information and business secrets. Keeping them in your "locked" office, on a shelf, where everyone knows where they are, is not adequate.
2. Use top notch security to protect your business secrets. Hire an independent security consultant to assist you with this. Periodically double-check to make sure your security systems are 100% operational.
Expect to see cruffins everywhere, soon.
Tea - the "greatest single act of corporate espionage in history."
The Scottish Spy Who Stole China's Tea Empire
In the mid-19th century, Britain was an almost unchallenged empire. It controlled about a fifth of the world's surface, and yet its weakness had everything to do with tiny leaves soaked in hot water: tea. By 1800, it was easily the most popular drink among Britons.
The problem? All the tea in the world came from China, and Britain couldn't control the quality or the price. So around 1850, a group of British businessmen set out to create a tea industry in a place they did control: India.
For All the Tea In China: How England Stole the World's Favorite Drink and Changed History is writer Sarah Rose's account of the effort to control the tea market, what she calls the "greatest single act of corporate espionage in history." more
Robert Fortune |
The problem? All the tea in the world came from China, and Britain couldn't control the quality or the price. So around 1850, a group of British businessmen set out to create a tea industry in a place they did control: India.
For All the Tea In China: How England Stole the World's Favorite Drink and Changed History is writer Sarah Rose's account of the effort to control the tea market, what she calls the "greatest single act of corporate espionage in history." more
Wednesday, March 11, 2015
Barbie Learns How to Talk. (It only took her 50 years.)
In a recent demonstration of its Internet-connected doll, Hello Barbie, a Mattel spokesperson greeted the souped-up version of the iconic doll by saying, “Welcome to New York, Barbie.”
Thanks to voice-recognition technology, Barbie was able to analyze that remark and give a relevant, conversational response: “I love New York! Don’t you? Tell me, what’s your favorite part about the city? The food, fashion or the sights?”
The company promises that the software will enable the doll “to listen and learn each girl’s preferences and then adapt to those accordingly.”
The interactive doll is slated to hit shelves in the fall, and Mattel is likely hoping it will help revive sinking sales of its flagship brand.
But a children’s privacy advocacy group is calling for the company to cease production of the toy, saying Hello Barbie might more accurately be called "eavesdropping" Barbie. Because the doll works by recording children’s speech with an embedded microphone and then sending that data over the Web, these advocates call the technology “creepy” and say it could leave children vulnerable to stealth advertising tactics. On Wednesday, the Campaign for a Commercial-Free Childhood launched a petition urging Mattel to keep the doll from hitting store shelves. more
"Well, gag me with a spoon!"
The company promises that the software will enable the doll “to listen and learn each girl’s preferences and then adapt to those accordingly.”
The interactive doll is slated to hit shelves in the fall, and Mattel is likely hoping it will help revive sinking sales of its flagship brand.
But a children’s privacy advocacy group is calling for the company to cease production of the toy, saying Hello Barbie might more accurately be called "eavesdropping" Barbie. Because the doll works by recording children’s speech with an embedded microphone and then sending that data over the Web, these advocates call the technology “creepy” and say it could leave children vulnerable to stealth advertising tactics. On Wednesday, the Campaign for a Commercial-Free Childhood launched a petition urging Mattel to keep the doll from hitting store shelves. more
"Well, gag me with a spoon!"
Tuesday, March 10, 2015
Defense Against the Spy - 1967 CIA Training Film
The United States Central Intelligence Agency (CIA) presents a case
study of devices that were used for espionage purposes during the
1960's.
Security Director Alert - Time to Update Your BYOD Policy (You do have one don't you?)
According to Alcatel-Lucent’s Motive Security Labs, around 16 million mobile devices are already infected by malicious software designed to spy on users and steal confidential data.
This form of malware is capable of tracking the phone and its owner’s location, monitoring ingoing and outgoing calls, text messages and emails, as well as tracking web browsers.
Cyber-criminals are now targeting Android devices with infection rates for Android and Windows devices estimated to be split 50/50.
Many multinational firms, however, still employ an unmonitored bring-your-own-device (BYOD) policy. This frequently means key staff are connecting to the corporate communications network via unsecured smartphones. It has also led to a situation where staff access social networking sites and audio/visual entertainment of all kinds, exposing them to a growing number of malware attacks. more
This form of malware is capable of tracking the phone and its owner’s location, monitoring ingoing and outgoing calls, text messages and emails, as well as tracking web browsers.
Cyber-criminals are now targeting Android devices with infection rates for Android and Windows devices estimated to be split 50/50.
Many multinational firms, however, still employ an unmonitored bring-your-own-device (BYOD) policy. This frequently means key staff are connecting to the corporate communications network via unsecured smartphones. It has also led to a situation where staff access social networking sites and audio/visual entertainment of all kinds, exposing them to a growing number of malware attacks. more
Spycams and Wiretaps - Motives for Murder
PA - A man has shot his neighbor eight times - leaving her in critical condition - and taken his own life after accusing her of wiretapping his apartment in a years-long rift.
Steven Outlaw, 51, confronted his downstairs neighbor, 46-year-old Mary Pitts-Devine, in the first-floor hallway of their West Philadelphia building just before 11am on Sunday, WPVI reported.
He shot at her 10 times, hitting her with eight bullets and leaving her in critical condition.
Outlaw then went to his second-floor apartment and shot himself dead, police said.
The shooting came after a simmering argument over whether Pitts-Devine was wiretapping the telephone lines of Outlaw's apartment, Philly.com reported...
He had also written down accusations that she was spying on him with video cameras, according to the channel. more
Steven Outlaw, 51, confronted his downstairs neighbor, 46-year-old Mary Pitts-Devine, in the first-floor hallway of their West Philadelphia building just before 11am on Sunday, WPVI reported.
He shot at her 10 times, hitting her with eight bullets and leaving her in critical condition.
Outlaw then went to his second-floor apartment and shot himself dead, police said.
The shooting came after a simmering argument over whether Pitts-Devine was wiretapping the telephone lines of Outlaw's apartment, Philly.com reported...
He had also written down accusations that she was spying on him with video cameras, according to the channel. more
Friday, March 6, 2015
FutureWatch - FM Bugs Are So Arco - Coming Soon... Bugs with Pluck
For the first time in history, a prototype radio has been created that is claimed to be completely digital, generating high-frequency radio waves purely through the use of integrated circuits and a set of patented algorithms without using conventional analog radio circuits in any way whatsoever. This breakthrough technology promises to vastly improve the wireless communications capabilities of everything from 5G mobile technology to the multitude devices aimed at supporting the Internet of Things.
The significance of this new technology cannot be overstated: Every aspect of radio frequency generation is said to be created using a string of digital bits, and nothing else. There are no analog circuits, no filters, no chokes, none of the traditional circuitry and components expected in a radio transmitter. Consisting of a mere handful of components, including a couple of integrated circuits, an antenna, and not much else, the transmitter – dubbed Pizzicato – promises to change the face of wireless transmission.
Created by Cambridge Consultants, the initial trials of the Pizzicato have been claimed to show that it has fully met all the expectations of its myriad performance requirements. But more than this, the Pizzicato has brought bulky radio circuits down to microprocessor levels, with the promise of even smaller, more efficient uses of the technology in future. more
The significance of this new technology cannot be overstated: Every aspect of radio frequency generation is said to be created using a string of digital bits, and nothing else. There are no analog circuits, no filters, no chokes, none of the traditional circuitry and components expected in a radio transmitter. Consisting of a mere handful of components, including a couple of integrated circuits, an antenna, and not much else, the transmitter – dubbed Pizzicato – promises to change the face of wireless transmission.
Created by Cambridge Consultants, the initial trials of the Pizzicato have been claimed to show that it has fully met all the expectations of its myriad performance requirements. But more than this, the Pizzicato has brought bulky radio circuits down to microprocessor levels, with the promise of even smaller, more efficient uses of the technology in future. more
Tuesday, March 3, 2015
A Short History of Wiretapping
Wiretapping has been around almost since the invention of the telegraph.
Union and Confederate soldiers intercepted one another’s telegraph wires during the Civil War, scraping off a small piece of insulation and splicing their own line to the enemy’s.
Later, private detectives spied for clients. The use of a wiretap in a Connecticut divorce case in the 1880s led that state to ban the practice in 1889. News services stole one another’s articles. The use of a wiretap to convey false cotton prices in London, a plot aimed at stock speculators, set off a panic in New Orleans in 1899.
But in the postwar 19th century, much wiretapping of telegraphs and, later, telephones was carried out by crooks trying to cheat other crooks.
more
Union and Confederate soldiers intercepted one another’s telegraph wires during the Civil War, scraping off a small piece of insulation and splicing their own line to the enemy’s.
Later, private detectives spied for clients. The use of a wiretap in a Connecticut divorce case in the 1880s led that state to ban the practice in 1889. News services stole one another’s articles. The use of a wiretap to convey false cotton prices in London, a plot aimed at stock speculators, set off a panic in New Orleans in 1899.
But in the postwar 19th century, much wiretapping of telegraphs and, later, telephones was carried out by crooks trying to cheat other crooks.
more
Workplace Video Voyeurism - Domino’s Falls This Time
NY - An alleged voyeuristic Domino’s worker was arrested after a young woman noticed something odd in the employee bathroom, according to the Nassau County Police Department.
In the early hours of Tuesday morning, a 20-year-old female employee at the 935 Front Street Domino’s in Uniondale took a break to use the bathroom.
The coat rack inside the facility caught her eye, however — specifically, a cell phone peeking out of a jacket pocket. She notified the manager, and her manager dialed 911. The jacket, according to police, belonged to the woman’s co-worker, 19-year-old Jonathan Parra.
Along with footage of the young woman, an investigation revealed images of a 51-year-old man using the bathroom as well.
Parra faces two counts of unlawful surveillance and will be arraigned Tuesday at First District Court in Hempstead.
more
In the early hours of Tuesday morning, a 20-year-old female employee at the 935 Front Street Domino’s in Uniondale took a break to use the bathroom.
Murray Associates composite photo. |
Along with footage of the young woman, an investigation revealed images of a 51-year-old man using the bathroom as well.
Parra faces two counts of unlawful surveillance and will be arraigned Tuesday at First District Court in Hempstead.
more
Spying With a Drone May Become a Criminal Offense in CO
Colorado lawmakers want to criminalize the use of drones when they’re used to monitor someone without their consent.
The proposal up for a House committee vote Tuesday would make it a crime of first-degree trespassing to take images of someone when they have an expectation of privacy. Drone users could also be charged with harassment if they use the technology to monitor someone’s movements.
“As technology moves forward, our privacy is becoming more dear to us,” said the bill sponsor, Rep. Polly Lawrence, R-Littleton.
Lawrence’s bill is not just about drones, but “any type of electronic surveillance when a person has a reasonable expectation of privacy.”
more
Get your (novelty) drone hunting license here. I have one.
The proposal up for a House committee vote Tuesday would make it a crime of first-degree trespassing to take images of someone when they have an expectation of privacy. Drone users could also be charged with harassment if they use the technology to monitor someone’s movements.
“As technology moves forward, our privacy is becoming more dear to us,” said the bill sponsor, Rep. Polly Lawrence, R-Littleton.
Lawrence’s bill is not just about drones, but “any type of electronic surveillance when a person has a reasonable expectation of privacy.”
more
Get your (novelty) drone hunting license here. I have one.
Yet More Invisibility Eyeglasses
This year, AVG will reveal a set of concept invisibility glasses at Pepcom in Barcelona before Mobile World Congress.
What are invisibility glasses?
Developed by AVG Innovation Labs, the glasses help protect your visual identity in the digital age.
Through a mixture of technology and specialist materials, privacy wearables such as invisibility glasses can make it difficult for cameras or other facial recognition technologies to get a clear view of your identity.
...there are generally two different methods of combating unwanted facial recognition:
Infrared Light
The idea is to place infrared LEDs inserted around the eyes and the nose areas. Since the infrared lights are completely invisible to human eyes, they are only detectable by cameras which are sensitive to the wavelengths of these LEDs. They claim to break face detection when the lights are on.
In this example we show how infrared can be used to avoid Facebook’s facial recognition technology.
Retro-reflective Materials
These specialist materials help maintain your privacy at the moment that the image is actually taken.
PS - This is a proof-of-concept project. Not for sale. However, you can make your own.
Other glasses.
Note: Many cell phone cameras have infrared cutoff filters built into their lenses... and you can bet law enforcement facial recognition systems do too.
What are invisibility glasses?
Developed by AVG Innovation Labs, the glasses help protect your visual identity in the digital age.
Through a mixture of technology and specialist materials, privacy wearables such as invisibility glasses can make it difficult for cameras or other facial recognition technologies to get a clear view of your identity.
...there are generally two different methods of combating unwanted facial recognition:
Infrared Light
The idea is to place infrared LEDs inserted around the eyes and the nose areas. Since the infrared lights are completely invisible to human eyes, they are only detectable by cameras which are sensitive to the wavelengths of these LEDs. They claim to break face detection when the lights are on.
In this example we show how infrared can be used to avoid Facebook’s facial recognition technology.
Retro-reflective Materials
These specialist materials help maintain your privacy at the moment that the image is actually taken.
PS - This is a proof-of-concept project. Not for sale. However, you can make your own.
Note: Many cell phone cameras have infrared cutoff filters built into their lenses... and you can bet law enforcement facial recognition systems do too.
Monday, February 23, 2015
Fink RAT Co-creator Meets Big Daddy Uncle Sam
One of the co-creators of the Blackshades Remote Access Trojan (RAT) that infected more than 500,000 computers has pleaded guilty to charges of hacking.
Alex Yücel, 24, faces up to 10 years in prison for his involvement with the $40 program designed to secretly remotely control victims' computers...
Through his creation and sale of the Blackshades RAT, Alex Yücel enabled anyone, for just $40, to violate the property and privacy of his victims...
According to documents filed in the Manhattan federal court, the Blackshades RAT - which was used to secretly take nude photos of Miss Teen USA - could give an attacker complete control over an infected system...
(more)
Alex Yücel, 24, faces up to 10 years in prison for his involvement with the $40 program designed to secretly remotely control victims' computers...
Through his creation and sale of the Blackshades RAT, Alex Yücel enabled anyone, for just $40, to violate the property and privacy of his victims...
According to documents filed in the Manhattan federal court, the Blackshades RAT - which was used to secretly take nude photos of Miss Teen USA - could give an attacker complete control over an infected system...
(more)
Indian Oil Ministry Investigating Possible Bugging
India - A sticky tape with a micro-insertion found beneath a table in the office of a top bureaucrat in the ministry has raised suspicion over snooping attempts to tap information on sensitive energy related matters, sources told HT.
“We cannot rule out any possibility... the matter has been brought to the notice of the investigative agencies, who will look into the matter,” a top petroleum ministry bureaucrat told HT requesting not to be identified...
A similar incident of a possible bugging of a government office was reported in June 2011 when suspicion surrounded the office of the then finance minister Pranab Mukherjee. The office of the home ministry and the Intelligence Bureau later confirmed that it was just a suspicion and no bugging took place in the office.
(more)
“We cannot rule out any possibility... the matter has been brought to the notice of the investigative agencies, who will look into the matter,” a top petroleum ministry bureaucrat told HT requesting not to be identified...
A similar incident of a possible bugging of a government office was reported in June 2011 when suspicion surrounded the office of the then finance minister Pranab Mukherjee. The office of the home ministry and the Intelligence Bureau later confirmed that it was just a suspicion and no bugging took place in the office.
(more)
Indian Corporate Espionage Scandal Deepens
India - A corporate espionage scandal involving allegations of stolen documents
from India’s government deepened this weekend, following the arrests of
employees at conglomerates controlled by four of the country’s most
prominent tycoons, including billionaire brothers Mukesh and Anil
Ambani.
The arrests mark the first time since the election of Narendra Modi as prime minister last year that police have launched an investigation targeting such high-profile industrial businesses, and are set leave the companies and their wealthy owners facing a lengthy and potentially damaging legal investigations.
(more)
The arrests mark the first time since the election of Narendra Modi as prime minister last year that police have launched an investigation targeting such high-profile industrial businesses, and are set leave the companies and their wealthy owners facing a lengthy and potentially damaging legal investigations.
(more)
C.S.I. yi-yi - DNA Can Be Faked!
In a recent story in The New York Times, Andrew Pollack reports that "scientists in Israel have demonstrated that it is possible to fabricate DNA evidence, undermining the credibility of what has been considered the gold standard of proof in criminal cases.
"The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person."
“You can just engineer a crime scene,” Dan Frumkin, lead author of the paper, which has been published online by the journal Forensic Science International: Genetics, told the Times. “Any biology undergraduate could perform this.”
(more)
"The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person."
“You can just engineer a crime scene,” Dan Frumkin, lead author of the paper, which has been published online by the journal Forensic Science International: Genetics, told the Times. “Any biology undergraduate could perform this.”
(more)
Saturday, February 21, 2015
Smart TVs Are Not The Only Things Eavesdropping On You
When the story broke that certain Sansung television sets were eavesdropping on their owners -- a polite way of saying the sets were spying -- it raised some alarms and forced Samsung to rewrite its privacy policy. But if you think hi-tech TVs are the only things capable of gathering your private information and sharing it with others, think again:
Our smartphones and computers, of course, listen to us when we're making audio and video calls. But the microphones are always there, and there are ways a hacker, government, or clever company can turn those microphones on without our knowledge. Sometimes we turn them on ourselves. If we have an iPhone, the voice-processing system Siri listens to us, but only when we push the iPhone's button. Like Samsung, iPhones with the "Hey Siri" feature enabled listen all the time. So do Android devices with the "OK Google" feature enabled, and so does an Amazon voice-activated system called Echo. Facebook has the ability to turn your smartphone's microphone on when you're using the app.
(more)
This is something my clients don't have to worry about. I give them SpyWarn MicSpike™... free. ~Kevin
Our smartphones and computers, of course, listen to us when we're making audio and video calls. But the microphones are always there, and there are ways a hacker, government, or clever company can turn those microphones on without our knowledge. Sometimes we turn them on ourselves. If we have an iPhone, the voice-processing system Siri listens to us, but only when we push the iPhone's button. Like Samsung, iPhones with the "Hey Siri" feature enabled listen all the time. So do Android devices with the "OK Google" feature enabled, and so does an Amazon voice-activated system called Echo. Facebook has the ability to turn your smartphone's microphone on when you're using the app.
(more)
This is something my clients don't have to worry about. I give them SpyWarn MicSpike™... free. ~Kevin
Friday, February 20, 2015
Spyware Makes Android Phones Play Possum
A particularly devious new Android malware can make calls or take photos even if you shut the device down, according to security research firm AVG.
To achieve this, the malware hijacks the shutting down process — making it appear as though your Android device is shutting down. You see the animation, the screen goes black, but the phone is actually still on.
In this state, the malware can use the phone to send your messages to a third party, record a call or take a photo, essentially turning your phone into a device that spies on you.
AVG, which posted code excerpts showing some of the malware's functionality, names this threat Android/PowerOffHijack.A. According to the company, it infects devices running Android versions below 5.0 and requires root permissions in order to act.
The company spokesperson told us some 10,000 devices were infected so far, mostly in China where the malware was first introduced and offered through the local, official app stores.
(more)
Spywarn™ can detect this.
To achieve this, the malware hijacks the shutting down process — making it appear as though your Android device is shutting down. You see the animation, the screen goes black, but the phone is actually still on.
In this state, the malware can use the phone to send your messages to a third party, record a call or take a photo, essentially turning your phone into a device that spies on you.
AVG, which posted code excerpts showing some of the malware's functionality, names this threat Android/PowerOffHijack.A. According to the company, it infects devices running Android versions below 5.0 and requires root permissions in order to act.
The company spokesperson told us some 10,000 devices were infected so far, mostly in China where the malware was first introduced and offered through the local, official app stores.
(more)
Spywarn™ can detect this.
...and what do you do with electronics returning from International trips?
Officials at the departments of Justice and Homeland Security typically expect employees’ smartphones will be bugged when they travel overseas. So, they are experimenting with various ways to neutralize foreign spy gear.
For years, the FBI has warned government and corporate executives not to use hotel Wi-Fi connections, because of reports that foreign travelers were unknowingly downloading spyware.
When DHS personnel travel, “we understand you go there, you go to Ukraine, you come back, there's a good chance that the BlackBerry or any other device, Androids, iOS, whatever, is probably owned. We get that," said Vincent Sritapan, a cybersecurity division program manager at the DHS Science and Technology Directorate.
To contain the damage, Homeland Security limits what employees can see on their mobile device overseas, and "when it comes back, it's usually quarantined," he added.
(more)
No sure what you should be doing? Call us.
For years, the FBI has warned government and corporate executives not to use hotel Wi-Fi connections, because of reports that foreign travelers were unknowingly downloading spyware.
When DHS personnel travel, “we understand you go there, you go to Ukraine, you come back, there's a good chance that the BlackBerry or any other device, Androids, iOS, whatever, is probably owned. We get that," said Vincent Sritapan, a cybersecurity division program manager at the DHS Science and Technology Directorate.
To contain the damage, Homeland Security limits what employees can see on their mobile device overseas, and "when it comes back, it's usually quarantined," he added.
(more)
No sure what you should be doing? Call us.
Workplace Video Voyeurism: Rabbi Pleades Guilty to 52 Counts
DC - A prominent US rabbi has pleaded guilty to 52 counts of voyeurism after secretly filming women in his congregation's ritual baths.
Barry Freundel, 63, may have recorded as many as 150 women in the changing area at his orthodox synagogue in Washington DC.
Court documents revealed that Freundel set up a recording device
hidden within a digital clock radio in the changing and showering area.
The women were disrobing for the ritual Jewish bath, known as a mikvah.
He has confessed to recording at least 52 nude or partially nude women. Prosecutors say he should be jailed.
They say the actual number of women filmed is likely to have been much higher.
Before his arrest in October 2014, Barry Freundel was a rabbi at the Kesher Israel synagogue in the Georgetown area of the US capital for more than 25 years.
(more)
Barry Freundel, 63, may have recorded as many as 150 women in the changing area at his orthodox synagogue in Washington DC.
Murray Associates case history photo. |
The women were disrobing for the ritual Jewish bath, known as a mikvah.
He has confessed to recording at least 52 nude or partially nude women. Prosecutors say he should be jailed.
They say the actual number of women filmed is likely to have been much higher.
Before his arrest in October 2014, Barry Freundel was a rabbi at the Kesher Israel synagogue in the Georgetown area of the US capital for more than 25 years.
(more)
World's Smallest Voice Recorders
The following is advertising from the manufacturer. It is posted for two reasons.
1. My private investigator and security director readers are interested in investigation tools.
2. My corporate TSCM clients need to know the type of business espionage tools they face.
Smallest sizes, longest
recording time, clearest record sound!
Edic-mini Tiny + А77
This is almost weightless and the smallest recorder in the series, enabling it to conduct recording from built-in rechargeable battery for more than two days. The recorder is perfectly suited for everyday use, recording everyday events and unexpected situations in life.
Technical
characteristics:
-
Dimensions: 29x15x12 mm;
-
Weight: 7 g;
-
Battery life in record mode: up to 55 hours;
-
Power supply: rechargeable battery.
Detailed
description here
Edic-mini
Tiny+ B76
Owing to standard battery as a power supply, B76 is flexible and effective in operation. Due to low power consumption the recorder is able to operate in record mode up to 36 hours. It is perfectly suited both for everyday use and for those who keep the Recorder handy without recording too much.
Technical
characteristics:
-
Dimensions: 31x25x6 mm;
-
Weight: 16 g (without battery);
-
Battery life in record mode: up to 55 hours;
-
Power supply: battery of CR2016 type.
Edic-mini
Tiny 16+ A75
Professional voice recorder Edic-mini Tiny16 + A75 is the thinnest among the recorders of the Tiny16 + series. The main distinctive feature of the that model is 16-bit audio codec enable to reduce digital noise. Built-in Automatic Gain Control (AGC) makes it possible to perfectly record very loud sounds and amplify silent ones. It is a professional recording device designed for high- quality audio recording in complicated acoustic environment and from long distance, up to 15 meters.
Technical
characteristics:
-
Dimensions: 77x27x4 mm;
-
Weight: 12 g (without battery);
-
Battery life in record mode: up to 55 hours;
-
Power supply: rechargeable battery.
Detailed description here
Subscribe to:
Posts (Atom)