(More photos here.)
1. Dual cyanide gun: This gun fires a dual cyanide
charge that can kill a person almost instantly. A KGB officer, Bogdan
Stashinsky, assassinated two Ukrainian dissidents who were living in
Germany by hiding the weapon inside a rolled-up newspaper.
2. Dead drop spy bolt: The dead drop spy bolt was
hollow on the inside so that men and women could carry secret messages
safely to others. If someone searched the pockets of these people no one
would expect anything dangerous about a bolt.
3. Decoder lock picks: These lock picks were
generally used for some of the tougher, more sophisticated locks. The
devices proved to be real handy for those breaking into enemy quarters.
4. Lipstick gun: Women were some of the most
successful spies during the war. They were able to carry around this
little 4.5 millimeter single-shot gun in the 1960s. Like the spy bolt,
it seemed harmless and was easy to conceal.
5.Telephone monitoring equipment: Spies
carried this around and hacked into telephone conversations. The
equipment includes a batter, stethoscope and rubber bands.
6. Disappearing ink pen: If someone needed to send a
secret message, they would resort to writing it with the disappearing
ink. That way, if they were caught with the message only a blank piece
of paper would be seen. In order to reveal the hidden message on the
paper, the recipient would’ve needed vinegar and a heat source.
7. Document photographing: If a spy found useful
documents, they would photograph the papers for their records without
actually removing them. The piece of equipment they used had two long
lights on both sides and a cross member the camera screws on to for
straight and steady photos.
8 .Glove pistol: Although the glove pistol was
originally made by the United States Navy, it was eventually copied by
the KGB. You had to push the plunger into the enemy’s body for it to
shoot. The glove is inconspicuous, especially if a jacket covers the
pistol part on top of the glove.
9. Key copying kit: This small kit came in a small,
convenient tin with a brick of clay to be used for copying any key the
soldiers or spies might need.
10. Hollow coin: Spies used hollowed-out coins to
transfer film to others. If stopped, no one would suspect a coin to be
useful in passing information from person to person.
11. Camera hidden in the coat jacket: The person
wearing the jacket would have a little button on the inside of the
pocket to click whenever they needed to take a photo.
12. Pen camera: All the spy needed to do was click
the top of the ball point pen and they would take a photo. Once again,
thanks to the item being so inconspicuous, it was easy to
bring around without looking suspicious.
13. A gun case: A special kind of silver gun case was able to hide a larger gun such as the AK-47.
14. Cufflinks: These 1950s cufflinks had small holes in them for hiding microfilm.
15. Button compass: A majority of spies went
to foreign countries during the time of the Cold War. These compasses
were hidden in the buttons on their jackets in case they got lost or
needed to go in a different direction.
16. Shoe transmitting device: The easiest way to
keep track of spies was a transmitting device on the inside of a shoe
heel. The men’s shoe heel was thick enough to hold all of the necessary
parts of the device.
17.The passive bug:These bugs were planted on the
inside of a large wooden replica of the Great Seal of the United States.
The Great Seal was given by the Soviets to the U.S. Ambassador to the
USSR in 1945. The bug wasn’t discovered until eight years later.
18. Parachuting/civilian shoes: Spies had to
parachute from planes, and they had to wear special boots. But they also
had to blend into the crowd. This resulted in zip-off boot tops on
regular civilian shoes. All the spies would have to do after jumping was
zip off the boot part.
19. Steineck ABC wristwatch camera: The wristwatch
was made in 1949 by the Germans but was used by the KGB for more than
telling time.On the the bottom part of the watch there is a shutter and
buttons for taking photos.
20. Poison dart umbrella: This umbrella was actually
used to kill Bulgarian dissident writer Georgi Markov in London in
1978. Markov was waiting for the bus to take him to work when was
murdered with a sting in the back of his leg. He died three days later
in the hospital of ricin poisoning. His autopsy showed a small hole in
the back of his leg.
Friday, March 4, 2016
Overlooked Espionage - The Sounds of Manufacturing
3D printers have opened up all kinds of possibilities when it comes to turning digital blueprints into real word objects, but might they also enable new ways to pilfer intellectual property?...
While the source code for 3D printed designs can be guarded through encryption and regular means, once the machine is swung into action that sensitive information may be compromised, researchers at the University of California Irvine (UCI) have discovered.
Led by Mohammad Al Faruque, director of the Advanced Integrated Cyber-Physical Systems lab, the team found that placing a smartphone alongside the machine as it printed objects layer-by-layer enabled them to capture the acoustic signals. It says that these recordings contain information about the precise movement of the nozzle, and that information can later be used to reverse engineer the item being printed. more
While the source code for 3D printed designs can be guarded through encryption and regular means, once the machine is swung into action that sensitive information may be compromised, researchers at the University of California Irvine (UCI) have discovered.
Led by Mohammad Al Faruque, director of the Advanced Integrated Cyber-Physical Systems lab, the team found that placing a smartphone alongside the machine as it printed objects layer-by-layer enabled them to capture the acoustic signals. It says that these recordings contain information about the precise movement of the nozzle, and that information can later be used to reverse engineer the item being printed. more
Tuesday, March 1, 2016
McTesla Might be a Good Name
A Chinese company is currently working on an electric supercar to compete directly with the likes of Tesla.
The company, which is called Windbooster Motors, has its sights set on Tesla, the biggest name in the electric car segment. While not much is known about the car they are producing, we have been sent two spy shots of the car as it undergoes development.
From what we can tell, the car appears to be fairly far along in the development process.
Styling wise, the car seems to take a lot of cues from the current crop of cars from McLaren as well as Tesla. (Just coincidence? You decide.) more
The company, which is called Windbooster Motors, has its sights set on Tesla, the biggest name in the electric car segment. While not much is known about the car they are producing, we have been sent two spy shots of the car as it undergoes development.
From what we can tell, the car appears to be fairly far along in the development process.
Styling wise, the car seems to take a lot of cues from the current crop of cars from McLaren as well as Tesla. (Just coincidence? You decide.) more
SeaWorld Admits Employees Spied
SeaWorld admits employees posed as animal activists to spy on critics...
Multiple SeaWorld employees posed as animal-welfare activists so they could spy on critics, the company admitted Thursday.
The acknowledgment comes seven months after People for the Ethical Treatment of Animals accused SeaWorld of spying. The animal-welfare group, which has waged an intense campaign against SeaWorld, went public with evidence that a San Diego employee attended protests and made incendiary comments on social media while posing as an activist.
Reading from a statement while speaking with analysts, Chief Executive Officer Joel Manby said SeaWorld's board of directors has "directed management to end the practice in which certain employees posed as animal-welfare activists. more
Multiple SeaWorld employees posed as animal-welfare activists so they could spy on critics, the company admitted Thursday.
The acknowledgment comes seven months after People for the Ethical Treatment of Animals accused SeaWorld of spying. The animal-welfare group, which has waged an intense campaign against SeaWorld, went public with evidence that a San Diego employee attended protests and made incendiary comments on social media while posing as an activist.
Reading from a statement while speaking with analysts, Chief Executive Officer Joel Manby said SeaWorld's board of directors has "directed management to end the practice in which certain employees posed as animal-welfare activists. more
Corporate Espionage: British American Tobacco Accused in South Africa
Lawyers investigating bribery and corruption allegations against one of the world’s leading tobacco firms have been urged to expand their investigation after fresh international accusations emerged.
British American Tobacco, BAT, has been accused of corporate espionage against rival cigarette makers in South Africa.
According to court documents seen by The Independent on Sunday, two former police officers who went to work for private corporate investigation companies paid cash to South African law enforcement officials to disrupt BAT’s competitors’ business operations.
Mr Hopkins (a BAT whistleblower) said he... ran a corporate spying operation, and conducted “black ops” to put rivals out of business. more
British American Tobacco, BAT, has been accused of corporate espionage against rival cigarette makers in South Africa.
According to court documents seen by The Independent on Sunday, two former police officers who went to work for private corporate investigation companies paid cash to South African law enforcement officials to disrupt BAT’s competitors’ business operations.
Mr Hopkins (a BAT whistleblower) said he... ran a corporate spying operation, and conducted “black ops” to put rivals out of business. more
Looking to Rent a Bedroom Without a Spy Camera?
$850 Room and bath in an Irvine condo without spying camera
In my two bedroom two bathroom brand new luxury condo, you rent a room and bath without any crazy person watching your every move in the name of security.
Also, im not poor so i dont have to charge you a huge deposit to pay for my mortgage and then file bankruptcy and not return your deposit. I dont have to check your credit by illegally getting your social security number. I am not a creepy home owner and will not deny you access to kitchen and laundry.
The only requirement is if you are decent, are respectful and considerate and we meet and find each other acceptable. No age, race, culture requirement but women are preferred. If interested email me so we meet like two adults that we are. You need a room and i need money. (Craigslist)
In my two bedroom two bathroom brand new luxury condo, you rent a room and bath without any crazy person watching your every move in the name of security.
Also, im not poor so i dont have to charge you a huge deposit to pay for my mortgage and then file bankruptcy and not return your deposit. I dont have to check your credit by illegally getting your social security number. I am not a creepy home owner and will not deny you access to kitchen and laundry.
The only requirement is if you are decent, are respectful and considerate and we meet and find each other acceptable. No age, race, culture requirement but women are preferred. If interested email me so we meet like two adults that we are. You need a room and i need money. (Craigslist)
Politician Promises Surveillance Transparency - Guess what happened.
TN - Memphis Mayor Jim Strickland confirmed Monday that the city is using cell phone eavesdropping technology with court approval, but said he couldn't discuss specifics.
Strickland said while campaigning last year that he would be transparent about the city's use of the "cell-site simulator" device known as StingRay, which lets law enforcement gather information from any phones that connect to a cellular network.
But as mayor, he said, he's legally bound to silence by the terms of the city's contract with Florida-based Harris Corporation. more (A Memphis phone call sing-a-long.)
Not Strickland. |
Strickland said while campaigning last year that he would be transparent about the city's use of the "cell-site simulator" device known as StingRay, which lets law enforcement gather information from any phones that connect to a cellular network.
But as mayor, he said, he's legally bound to silence by the terms of the city's contract with Florida-based Harris Corporation. more (A Memphis phone call sing-a-long.)
Wednesday, February 24, 2016
Spycam News - Teachers (2) Resign Following Arrest For Secretly Videotaping Teens
GA - An Alpharetta man and former middle school teacher has been charged with secretly videotaping a teenager inside his home.
Alpharetta police have charged John Link Walsh, 43, with one count of unlawful eavesdropping or surveillance, the agency said on Tuesday...
According to an incident report released by the Alpharetta Department of Public Safety... The teenager said she woke up from sleeping on the sofa and went to take a shower. When she went to her bedroom to get dressed, “she noticed a camera that was hidden on a bookshelf in her room,” according to the report. more
---
UK - A teacher at a top grammar school used a hidden camera to spy on a teenage girl in the shower...
A court heard how the 53-year-old secretly deployed two cameras to film his victim washing and being intimate with her boyfriend...
Liverpool Crown Court heard the girl discovered the first camera, which contained footage of her showering, last year. Neville Biddle, prosecuting, said she confronted Smith, who made a “spurious excuse”, and persuaded his embarrassed victim not to make a complaint.
However, the girl then found another hidden camera - this time in the shape of a pen - which Smith used to film her and her boyfriend... Officers recovered his computer and recording equipment including 22 videos. more
Alpharetta police have charged John Link Walsh, 43, with one count of unlawful eavesdropping or surveillance, the agency said on Tuesday...
According to an incident report released by the Alpharetta Department of Public Safety... The teenager said she woke up from sleeping on the sofa and went to take a shower. When she went to her bedroom to get dressed, “she noticed a camera that was hidden on a bookshelf in her room,” according to the report. more
---
UK - A teacher at a top grammar school used a hidden camera to spy on a teenage girl in the shower...
A court heard how the 53-year-old secretly deployed two cameras to film his victim washing and being intimate with her boyfriend...
Liverpool Crown Court heard the girl discovered the first camera, which contained footage of her showering, last year. Neville Biddle, prosecuting, said she confronted Smith, who made a “spurious excuse”, and persuaded his embarrassed victim not to make a complaint.
However, the girl then found another hidden camera - this time in the shape of a pen - which Smith used to film her and her boyfriend... Officers recovered his computer and recording equipment including 22 videos. more
Spys with Balls - "Life's Good"
LG just unveiled its new G5 smartphone,
and with it a bunch of accessories, including this: the LG Rolling Bot, a ("drunken headless") BB-8-type device that can come equipped with a camera and can be controlled (via the LG G5, of course) from anywhere.
So, basically, a thing for spying, right? Is there anything else that this could be for?
If you are in the market for a smartphone accessory that will make it a lot easier for you to spy on people, check out this spherical robot... but also maybe don't. more
and with it a bunch of accessories, including this: the LG Rolling Bot, a ("drunken headless") BB-8-type device that can come equipped with a camera and can be controlled (via the LG G5, of course) from anywhere.
So, basically, a thing for spying, right? Is there anything else that this could be for?
If you are in the market for a smartphone accessory that will make it a lot easier for you to spy on people, check out this spherical robot... but also maybe don't. more
Business Espionage: A Tale of Two Companies
Recent news that a former BlueScope Steel software development manager has been accused of downloading a trove of company documents over a four-year period before being made redundant, should have board level executives at all organizations concerned.
BlueScope Steel is the latest in a long line of companies to experience a serious data breach as a result of corporate espionage.
In another example in the US, ride sharing service Lyft is suing a former employee for allegedly stealing secret documents before joining rival Uber.
Lyft’s former chief operating officer, Travis VanderZanden allegedly downloaded private financial and product information before leaving the company to become Uber’s vice president of international growth...
more
BlueScope Steel is the latest in a long line of companies to experience a serious data breach as a result of corporate espionage.
In another example in the US, ride sharing service Lyft is suing a former employee for allegedly stealing secret documents before joining rival Uber.
Lyft’s former chief operating officer, Travis VanderZanden allegedly downloaded private financial and product information before leaving the company to become Uber’s vice president of international growth...
more
Star Wars: Episode VIII - Drones to Create No-Spy Zone
Disney and Lucasfilm are reportedly utilizing drones to ensure spying doesn't happen during filming of Star Wars: Episode VIII in Croatia.
Making Star Wars (via MosCroatia) reports there is a Star Wars team that will go to drone warfare with people using drones to get pictures of the set and cast of Episode VIII. And that's on top of apparently 600 guards.
Star Wars: Episode VIII has already begun filming, with the movie premiering December 15, 2017. more
Artist's conception. |
Star Wars: Episode VIII has already begun filming, with the movie premiering December 15, 2017. more
Technical Espionage Tool #423 - Wireless Keyboards & Mice
The wireless link between your mouse and dongle might not be as useful as you think. A new hack shows that the links are often unencrypted and can be used to gain control of your computer.
Security researchers from Bastille Networks have found that non-Bluetooth wireless keyboards manufactured by Logitech, Dell, and Lenovo don’t encrypt communication between the input device and the dongle plugged into a computer’s USB slot. That’s allowed them to create an attack—that they’re calling Mousejack—which injects commands into the dongle.
The team claims the attack can be carried out from up to 300 feet away from the victim’s computer given the right hardware. Once compromised, the hacked dongle allows the team to transmit malicious packets that generate keystrokes.
While that might not sound too useful, remember that one of those packets can hold an awful lot of keystrokes—the equivalent of 1,000 words-per-minute of typing, according to the researchers. That’s enough to install a rootkit capable opening access to your whole computer in under 10 seconds, apparently—which means you might never know your wireless mouse dongle had been hacked. And once that’s done, it’s game over. more
Security researchers from Bastille Networks have found that non-Bluetooth wireless keyboards manufactured by Logitech, Dell, and Lenovo don’t encrypt communication between the input device and the dongle plugged into a computer’s USB slot. That’s allowed them to create an attack—that they’re calling Mousejack—which injects commands into the dongle.
The team claims the attack can be carried out from up to 300 feet away from the victim’s computer given the right hardware. Once compromised, the hacked dongle allows the team to transmit malicious packets that generate keystrokes.
While that might not sound too useful, remember that one of those packets can hold an awful lot of keystrokes—the equivalent of 1,000 words-per-minute of typing, according to the researchers. That’s enough to install a rootkit capable opening access to your whole computer in under 10 seconds, apparently—which means you might never know your wireless mouse dongle had been hacked. And once that’s done, it’s game over. more
Tuesday, February 23, 2016
The Cell Phone with the Infrared Eye
This rough-and-tumble phone's major selling point is a Flir thermal imaging camera,
which can visualize heat as a colorful map, taking measurements from up to 30 meters (100 feet) away. You can use it for a huge number of tasks, from detecting heat loss around windows and doors to identifying overheating circuitry, or just seeing in the dark.
The main target audience is, as with previous Cat-branded phones, people who work in construction and plumbers or electricians. The S60 will be available later this year for $599, which converts to around £425 or AU$835.
In case of emergency
Flir imagines that others, including emergency first responders and outdoor enthusiasts, may also find uses for the phone. If police come across an abandoned car, for example, they can use the thermal imaging camera to determine whether the engine or seats are still warm, or whether there's a body anywhere in the vicinity. more
which can visualize heat as a colorful map, taking measurements from up to 30 meters (100 feet) away. You can use it for a huge number of tasks, from detecting heat loss around windows and doors to identifying overheating circuitry, or just seeing in the dark.
The main target audience is, as with previous Cat-branded phones, people who work in construction and plumbers or electricians. The S60 will be available later this year for $599, which converts to around £425 or AU$835.
In case of emergency
Flir imagines that others, including emergency first responders and outdoor enthusiasts, may also find uses for the phone. If police come across an abandoned car, for example, they can use the thermal imaging camera to determine whether the engine or seats are still warm, or whether there's a body anywhere in the vicinity. more
Friday, February 19, 2016
Business Espionage: GSK Plugs Trade Secret Leaks
The United States Attorney’s Office for the Eastern District of Pennsylvania announced the indictment of five people, including two research scientists at GlaxoSmithKline (“GSK”), on charges of stealing trade secrets from the company, wire fraud in connection with the theft of confidential information, money laundering and conspiracy. While the majority of the charges in the 43-count indictment focus on the role of Yu Xue, described in the indictment as “one of the top protein biochemists in the world, the indictment describes an elaborate scheme to sell the stolen information through companies in China, and to launder the proceeds.
The indictment charges Yu Xue and, to a lesser extent, Lucy Xi, with emailing trade secret and confidential information, including information about biopharmaceutical products under development, GSK research data, and GSK processes regarding the research, development, and manufacturing of biopharmaceutical products, and a business plan for a quality control unit, to their co-conspirators, Tao Li and Yan Mei, who is Lucy Xi’s husband. Yu Xue, Tao Li, and Yan Mei allegedly formed three corporations: Renopharma, Inc., which was incorporated in Delaware; and Nanjing Renopharma, Ltd, and Shanghai Renopharma, Ltd., which were established offshore and operated in China (collectively “Renopharma”), to market and sell the stolen trade secrets and confidential information. According to the indictment, Renopharma advertised that it operated as “a drug research and development company in China with limited U.S. affiliation,” and promoted itself as “‘a leading new drug research and development company, [which] specialized in providing products and services to support drug discovery programs at pharmaceutical and biotech companies.’” As the indictment also noted, the stolen documents contained information which would be especially useful for a start-up biopharmaceutical company such as Renopharma represented itself to be. more
The indictment charges Yu Xue and, to a lesser extent, Lucy Xi, with emailing trade secret and confidential information, including information about biopharmaceutical products under development, GSK research data, and GSK processes regarding the research, development, and manufacturing of biopharmaceutical products, and a business plan for a quality control unit, to their co-conspirators, Tao Li and Yan Mei, who is Lucy Xi’s husband. Yu Xue, Tao Li, and Yan Mei allegedly formed three corporations: Renopharma, Inc., which was incorporated in Delaware; and Nanjing Renopharma, Ltd, and Shanghai Renopharma, Ltd., which were established offshore and operated in China (collectively “Renopharma”), to market and sell the stolen trade secrets and confidential information. According to the indictment, Renopharma advertised that it operated as “a drug research and development company in China with limited U.S. affiliation,” and promoted itself as “‘a leading new drug research and development company, [which] specialized in providing products and services to support drug discovery programs at pharmaceutical and biotech companies.’” As the indictment also noted, the stolen documents contained information which would be especially useful for a start-up biopharmaceutical company such as Renopharma represented itself to be. more
"Take a hard look." or "Hell NO!" - You decide...
A group of 46 U.S. lawmakers urged regulators who investigate deals that could harm national security to take a hard look at a bid by a Chinese company to buy the storied Chicago Stock Exchange...
The 46 signatories were all from the House of Representatives, and most were Republican. They included Rep. Robert Pittenger, a North Carolina Republican on the Financial Services Committee and the Congressional-Executive Commission on China.
Pittenger cited concern that China, which has been accused of corporate espionage, would have access to the data of U.S. companies who use the exchange. more
My vote. |
Pittenger cited concern that China, which has been accused of corporate espionage, would have access to the data of U.S. companies who use the exchange. more
Thursday, February 18, 2016
Security Alert: Your Security Camera May Have Friends You Don't Know About
via Krebs on Security
Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware.
Now imagine that the geek gear you bought doesn’t actually let you block this P2P communication without some serious networking expertise or hardware surgery that few users would attempt...
Turns out, this Focscam camera was one of several newer models the company makes that comes with peer-to-peer networking capabilities baked in. This fact is not exactly spelled out for the user (although some of the models listed do say “P2P” in the product name, others do not).
But the bigger issue with these P2P -based cameras is that while the user interface for the camera has a setting to disable P2P traffic (it is enabled by default), Foscam admits that disabling the P2P option doesn’t actually do anything to stop the device from seeking out other P2P hosts online.
Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware.
The FI9286P, a Foscam camera that includes P2P communication by default. |
Turns out, this Focscam camera was one of several newer models the company makes that comes with peer-to-peer networking capabilities baked in. This fact is not exactly spelled out for the user (although some of the models listed do say “P2P” in the product name, others do not).
But the bigger issue with these P2P -based cameras is that while the user interface for the camera has a setting to disable P2P traffic (it is enabled by default), Foscam admits that disabling the P2P option doesn’t actually do anything to stop the device from seeking out other P2P hosts online.
Personal Security Advisory: SimpliSafe Home Security Alarm Vulnerability
Researchers with the Seattle-based security consulting firm IOActive have released an advisory regarding SimpliSafe's wireless home security systems, claiming that the system doesn't adequately protect its transmissions from being recorded and reused...
A potential intruder would need to leave the device within 100 feet of your home's keypad, then basically press record and wait for you to disarm the system with your code.
At that point, they'd have a record of the data packet that gets transmitted whenever you punch your code in. The packet doesn't tell them what the code actually is, but that doesn't matter -- all they'd need to do is use the device to resend the packet in order to disarm your system.
IOActive's researchers built and tested the device in August of 2015. After confirming that it worked, they say that they attempted to share their findings with SimpliSafe on multiple occasions, but received no reply. more
A potential intruder would need to leave the device within 100 feet of your home's keypad, then basically press record and wait for you to disarm the system with your code.
At that point, they'd have a record of the data packet that gets transmitted whenever you punch your code in. The packet doesn't tell them what the code actually is, but that doesn't matter -- all they'd need to do is use the device to resend the packet in order to disarm your system.
IOActive's researchers built and tested the device in August of 2015. After confirming that it worked, they say that they attempted to share their findings with SimpliSafe on multiple occasions, but received no reply. more
Security Director Alert - 46,000 Internet-accessible Digital Video Recorders (DVRs) Hackable
Hackers can log into DVRs from RaySharp and six other vendors using a six-digit hard-coded root password
Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers.
According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account.
Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development...
RBS researchers found that they contained a routine to check if the user-supplied username was "root" and the password 519070."If these credentials are supplied, full access is granted to the web interface," the RBS researchers said... (Test it on your DVRs. ~Kevin)
RaySharp claims on its website that it ships over 60,000 DVRs globally every month, but what makes things worse is that it's not only RaySharp branded products that are affected.
The Chinese company also creates digital video recorders and firmware for other companies which then sell those devices around the world under their own brands. The RBS researchers confirmed that at least some of the DVR products from König, Swann Communications, COP-USA, KGUARD Security, Defender (a brand of Circus World Displays) and LOREX Technology, a division of FLIR Systems, contain the same hard-coded root password.
And those are only the confirmed ones. more
Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers.
According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account.
Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development...
RBS researchers found that they contained a routine to check if the user-supplied username was "root" and the password 519070."If these credentials are supplied, full access is granted to the web interface," the RBS researchers said... (Test it on your DVRs. ~Kevin)
RaySharp claims on its website that it ships over 60,000 DVRs globally every month, but what makes things worse is that it's not only RaySharp branded products that are affected.
The Chinese company also creates digital video recorders and firmware for other companies which then sell those devices around the world under their own brands. The RBS researchers confirmed that at least some of the DVR products from König, Swann Communications, COP-USA, KGUARD Security, Defender (a brand of Circus World Displays) and LOREX Technology, a division of FLIR Systems, contain the same hard-coded root password.
And those are only the confirmed ones. more
Wednesday, February 17, 2016
Slow News Day in Spiesville
Disorder Convinced This Guy His Cat Was a Spy
You may have heard of Capgras syndrome, an eerie delusion that convinces people their loved ones have been replaced with nefarious clones. This is like that, only eerier: Due to what appeared to be a version of that syndrome, a 71-year-old man became “obsessed” with the idea that his cat had recently been replaced with an impostor cat, sent by the FBI to spy on him. The man’s ordeal was recently reported by the Discover blog Neuroskeptic, drawing from the case study in the journal Neurocase.
The Patient: This man, who is not named, had a history of heavy drinking and head injuries from his ice-hockey days; he had also been diagnosed with bipolar disorder. About six years before the cat-related delusion began, he stopped taking his anti-psychotics and soon became “acutely paranoid." The case-report authors write that he would pass his wife "written notes stating that their house was being monitored, and often mistook persons in parking lots for Federal Bureau of Investigation agents.” more
------
The game, called “Need to Know,” requires players to climb the ranks of the fictional “Department of Liberty,” a government agency seemingly based on the NSA, whose mass surveillance programs Mr. Snowden exposed through leaks in 2013, Newsweek reported.
Players must decide whether to spy on citizens to gain information or leak intel from the department to underground media groups.
The game was developed by Australia-based Monomyth Games. The company hopes to raise $29,000 through crowdfunding to complete the game.
“Electronic surveillance is a huge issue for everyone today, and will only grow more pressing,” the game’s Kickstarter page reads. “Need to Know lets you spy on citizens’ texts, emails, geodata, and much more. How you’ll use this information is where the real excitement (and moral conflict) begins.” more
You may have heard of Capgras syndrome, an eerie delusion that convinces people their loved ones have been replaced with nefarious clones. This is like that, only eerier: Due to what appeared to be a version of that syndrome, a 71-year-old man became “obsessed” with the idea that his cat had recently been replaced with an impostor cat, sent by the FBI to spy on him. The man’s ordeal was recently reported by the Discover blog Neuroskeptic, drawing from the case study in the journal Neurocase.
The Patient: This man, who is not named, had a history of heavy drinking and head injuries from his ice-hockey days; he had also been diagnosed with bipolar disorder. About six years before the cat-related delusion began, he stopped taking his anti-psychotics and soon became “acutely paranoid." The case-report authors write that he would pass his wife "written notes stating that their house was being monitored, and often mistook persons in parking lots for Federal Bureau of Investigation agents.” more
------
Edward Snowden inspires spy video game
A new video game aiming to expose “suffocating privacy invasions” carried out by intelligence agencies has drawn some of its inspiration from controversial National Security Agency whistleblower Edward Snowden.The game, called “Need to Know,” requires players to climb the ranks of the fictional “Department of Liberty,” a government agency seemingly based on the NSA, whose mass surveillance programs Mr. Snowden exposed through leaks in 2013, Newsweek reported.
Players must decide whether to spy on citizens to gain information or leak intel from the department to underground media groups.
The game was developed by Australia-based Monomyth Games. The company hopes to raise $29,000 through crowdfunding to complete the game.
“Electronic surveillance is a huge issue for everyone today, and will only grow more pressing,” the game’s Kickstarter page reads. “Need to Know lets you spy on citizens’ texts, emails, geodata, and much more. How you’ll use this information is where the real excitement (and moral conflict) begins.” more
Canada’s Spy Agency Wants to Hire Shrinks to Study Terrorists
Faced with a foreign fighter problem that has seen dozens of Canadians leave to fight alongside the Islamic State, Canada's main intelligence service is putting together a team of shrinks to help them get to the root causes of radicalization and extremism.
The Canadian Security Intelligence Service (CSIS) is looking to staff up their new "applied psychology section," to help them understand why anyone would join groups like the Islamic State.
The job postings are for research and development psychologists, meaning they'll be asked to "conduct applied research on trends, behaviors and other relevant aspects of ideological extremism.
"Among other things, the members of this small unit are tasked to assist the Service in better understanding radicalization and terrorism," the posting says. more
The Canadian Security Intelligence Service (CSIS) is looking to staff up their new "applied psychology section," to help them understand why anyone would join groups like the Islamic State.
The job postings are for research and development psychologists, meaning they'll be asked to "conduct applied research on trends, behaviors and other relevant aspects of ideological extremism.
"Among other things, the members of this small unit are tasked to assist the Service in better understanding radicalization and terrorism," the posting says. more
Banks are Hiring Former CIA Agents
Some of the world's biggest banks are hiring former spies
to try and prevent the rise of any more so-called "rogue traders" and generally ensure that banks are put on the hook for fewer fines.
According to a report from Bloomberg, banks including HSBC, Deutsche Bank, and JP Morgan have all hired ex-spies from the likes of the UK and US military, the CIA, and GCHQ to watch the activities of bank employees, and try to prevent misconduct. more
to try and prevent the rise of any more so-called "rogue traders" and generally ensure that banks are put on the hook for fewer fines.
According to a report from Bloomberg, banks including HSBC, Deutsche Bank, and JP Morgan have all hired ex-spies from the likes of the UK and US military, the CIA, and GCHQ to watch the activities of bank employees, and try to prevent misconduct. more
Tuesday, February 16, 2016
Slacker Hacker Hi-Jacker ...Poof! Your VoIP Phone is Pwned
Hackers could listen in on you via your VoIP phone, security researchers have warned.
By using a simple exploit taking advantage of weak default passwords, attackers can hack your VoIP phone to make and receive calls, transfer calls without your knowledge and even spy on your in-person conversations.
Security expert Paul Moore discovered the flaw after consulting on the installation of several VoIP phones...
Once infected, the hacker has complete control over the phone, allowing them to block incoming calls, silently call premium-rate numbers, and secretly listen in on a user's conversations. more
from Paul Moore...
Q. What can the attacker do?
A. Virtually anything. Make calls, receive calls, transfer calls (even before it rings), play recordings, upload new firmware and crucially... use the device for covert surveillance.
Need a security evaluation of your VoIP phones? Contact me. ~Kevin
By using a simple exploit taking advantage of weak default passwords, attackers can hack your VoIP phone to make and receive calls, transfer calls without your knowledge and even spy on your in-person conversations.
Security expert Paul Moore discovered the flaw after consulting on the installation of several VoIP phones...
Once infected, the hacker has complete control over the phone, allowing them to block incoming calls, silently call premium-rate numbers, and secretly listen in on a user's conversations. more
from Paul Moore...
Q. What can the attacker do?
A. Virtually anything. Make calls, receive calls, transfer calls (even before it rings), play recordings, upload new firmware and crucially... use the device for covert surveillance.
Need a security evaluation of your VoIP phones? Contact me. ~Kevin
Labels:
advice,
business,
eavesdropping,
Hack,
VoIP,
wiretapping
New Book - Industrial Espionage and Technical Surveillance Counter Measures (TSCM)
Industrial Espionage and Technical Surveillance Counter Measures
Authors:
Iosif Androulidakis, Fragkiskos – Emmanouil Kioupakis
ISBN: 978-3-319-28665-5
This book examines technical aspects of industrial espionage and its impact in modern companies, organizations, and individuals while emphasizing the importance of intellectual property in the information era.
The authors discuss the problem itself and then provide statistics and real world cases. The main contribution provides a detailed discussion of the actual equipment, tools and techniques concerning technical surveillance in the framework of espionage. Moreover, they present the best practices and methods of detection (technical surveillance counter measures) as well as means of intellectual property protection. more
Recommended for corporate security directors. ~Kevin
Authors:
Iosif Androulidakis, Fragkiskos – Emmanouil Kioupakis
ISBN: 978-3-319-28665-5
This book examines technical aspects of industrial espionage and its impact in modern companies, organizations, and individuals while emphasizing the importance of intellectual property in the information era.
The authors discuss the problem itself and then provide statistics and real world cases. The main contribution provides a detailed discussion of the actual equipment, tools and techniques concerning technical surveillance in the framework of espionage. Moreover, they present the best practices and methods of detection (technical surveillance counter measures) as well as means of intellectual property protection. more
Recommended for corporate security directors. ~Kevin
New Law to Prevent Drone Industrial Espionage
TX - With plants and refineries fearful of safety and espionage threats posed by drones, a Southeast Texas congressman wants strict new guidelines for operating un-monitored aircraft near those facilities.
U.S. Rep. Brian Babin has offered two amendments to the Aviation Innovation, Reform and Reauthorization Act to address a mounting security concern and help safeguard chemical facilities, representatives with American Chemistry Council said Friday.
The U.S. House Transportation and Infrastructure Committee unanimously approved the amendments this week.
More than 50 large chemical plants in Jefferson, Orange and Hardin counties risk exposure of trade secrets, though no cases have been reported by law enforcement officials.
The unease is based on a concern that freelancers will take aerial photos at plant sites and try to sell them to competitors, John Durkay, legal counsel for Southeast Texas Plant Managers Forum said previously.
Durkay called the drone business "a tremendous opportunity for industrial espionage," which he said facilities worry about. more with video
U.S. Rep. Brian Babin has offered two amendments to the Aviation Innovation, Reform and Reauthorization Act to address a mounting security concern and help safeguard chemical facilities, representatives with American Chemistry Council said Friday.
The U.S. House Transportation and Infrastructure Committee unanimously approved the amendments this week.
More than 50 large chemical plants in Jefferson, Orange and Hardin counties risk exposure of trade secrets, though no cases have been reported by law enforcement officials.
The unease is based on a concern that freelancers will take aerial photos at plant sites and try to sell them to competitors, John Durkay, legal counsel for Southeast Texas Plant Managers Forum said previously.
Durkay called the drone business "a tremendous opportunity for industrial espionage," which he said facilities worry about. more with video
Have something to hide? Here’s how to make it disappear in Windows...
Perhaps you share a computer, and want to keep some documents under wraps. Maybe there’s a file you want to keep on your computer, but don’t want to see every day. Or maybe, just maybe, you’re worried about keeping a particular file from prying eyes.
If you want to hide something around your house, you’ve got two options. First off, you can hide it somewhere insecure — like under the rug — and hope that no one thinks to look there. Or, secondly, you can lock it up in a safe where people can’t get in without some serious effort. The same is true for your files. You can make them harder to find with obscurity, or you can protect them with encryption. Let’s go over some tips both methods, starting with how to hide your files. more
If you want to hide something around your house, you’ve got two options. First off, you can hide it somewhere insecure — like under the rug — and hope that no one thinks to look there. Or, secondly, you can lock it up in a safe where people can’t get in without some serious effort. The same is true for your files. You can make them harder to find with obscurity, or you can protect them with encryption. Let’s go over some tips both methods, starting with how to hide your files. more
The NSA that Watches the Stars... TMZ
TMZ resembles an intelligence agency as much as a news organization, and
it has turned its domain, Los Angeles, into a city of stool pigeons.
In an e-mail from last year, a photographer reported having four airport sources for the day, including “Harold at Delta, Leon at Baggage service, Fred at hudson news, Lyle at Fruit and nut stand.” A former TMZ cameraman showed me expense reports that he had submitted in 2010, reflecting payments of forty or fifty dollars to various sources: to the counter girl at a Beverly Hills salon, for information on Goldie Hawn; to a valet, for Pete Sampras; to a shopkeeper, for Dwight Howard; and to a waiter, for Hayden Christensen. “Everybody rats everybody else out,” Simon Cardoza, a former cameraman for the site, told me. “That’s the beauty of TMZ.” more
In an e-mail from last year, a photographer reported having four airport sources for the day, including “Harold at Delta, Leon at Baggage service, Fred at hudson news, Lyle at Fruit and nut stand.” A former TMZ cameraman showed me expense reports that he had submitted in 2010, reflecting payments of forty or fifty dollars to various sources: to the counter girl at a Beverly Hills salon, for information on Goldie Hawn; to a valet, for Pete Sampras; to a shopkeeper, for Dwight Howard; and to a waiter, for Hayden Christensen. “Everybody rats everybody else out,” Simon Cardoza, a former cameraman for the site, told me. “That’s the beauty of TMZ.” more
Saturday, February 13, 2016
The Day the iPhone Died
Feeling particularly masochistic? Boy do we have a trick for you. If you’d like to permanently brick (that is, render unusable) your iPhone, just turn back time. It’s not as hard as it sounds — all you have to do is set the date to January 1, 1970. It’s a time when the iPhone didn’t exist, and if you do it, your iPhone won’t exist (in working condition) anymore, either.
So for the rest of us who would like to maintain a functioning mobile device, please, please, avoid this dangerous date. It apparently affects all 64-bit iOS 8 and iOS 9 phones, as well as tablets using Apple’s A7, A8, A8X, A9, and A9X processor. more
So for the rest of us who would like to maintain a functioning mobile device, please, please, avoid this dangerous date. It apparently affects all 64-bit iOS 8 and iOS 9 phones, as well as tablets using Apple’s A7, A8, A8X, A9, and A9X processor. more
17th-Century Female Spies Smuggled Information Through Eggs and Artichokes
In the 17th century, espionage was more diverse than you might think. Not only did female spies exist, they employed some of the most fascinating techniques in their information gathering.
Forthcoming research into female spies that operated in Europe and England at the time shows that they utilized an ingenious arsenal of tools, such as eggs and artichokes, to smuggle secrets.
While Dr. Nadine Akkerman of Leiden University was examining letters sent by Elizabeth Stuart, Queen of Bohemia during her exile in the Hague, she discovered that some were filled with secret codes...
Akkerman found about 60 such instances of female spies in the 17th century while researching for her upcoming monograph, “Female Spies or 'she-Intelligencers': Towards a Gendered History of Seventeenth-Century Espionage.” British playwright and poet Aphra Behn was one such spy, employed by King Charles to conduct political espionage in Antwerp under the code names "Astrea" and "Agent 160." In collaboration with MIT, Akkerman has produced several mesmerizing videos that recreate some of the ingenious methods used by female spies for their secret correspondences.
Forthcoming research into female spies that operated in Europe and England at the time shows that they utilized an ingenious arsenal of tools, such as eggs and artichokes, to smuggle secrets.
While Dr. Nadine Akkerman of Leiden University was examining letters sent by Elizabeth Stuart, Queen of Bohemia during her exile in the Hague, she discovered that some were filled with secret codes...
Akkerman found about 60 such instances of female spies in the 17th century while researching for her upcoming monograph, “Female Spies or 'she-Intelligencers': Towards a Gendered History of Seventeenth-Century Espionage.” British playwright and poet Aphra Behn was one such spy, employed by King Charles to conduct political espionage in Antwerp under the code names "Astrea" and "Agent 160." In collaboration with MIT, Akkerman has produced several mesmerizing videos that recreate some of the ingenious methods used by female spies for their secret correspondences.
Friday, February 12, 2016
Skype Scalper
A new piece of malware making the rounds intercepts Skype communications and takes custom backdoor software a step forward, according the researchers with Palo Alto Networks, who discovered it. Dubbed T9000, the malware contains a host of cybercriminal bells and whistles.
"Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach," say researchers Josh Grunzweig and Jen Miller-Osborn. "In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications, and specifically target Skype users." more
"Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach," say researchers Josh Grunzweig and Jen Miller-Osborn. "In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications, and specifically target Skype users." more
Three Laptop Thefts - A Coordinated Espionage Attack
South Africa - The DA suspects espionage might be at play in the theft of laptops belonging to members.
KwaZulu-Natal DA MPL Francois Rodgers and another staff member lost their laptops and other equipment in separate theft incidents in Kokstad within a month.
Rodgers said the home of a party staff member was broken into on Saturday, and a laptop, a hard drive and a diary from the staff member’s briefcase were stolen.
“What makes this even more sinister is the fact that in the very same room was another briefcase containing a laptop and tablet, yet nothing else was removed from the home,” he said.
Rodgers said the thieves had gained entry to the house through the back door, while the member and his family were asleep.
He said the Saturday break-in followed a theft out of his own vehicle a month ago.
“The first occurrence was coincidentally on the very same day that three DA councillors resigned and defected to the ANC." more
This is a cautionary tale.
It details some pretty brazen acts of espionage; bush league acts, due to their obviousness. Pros get what they want by entering business locations, after hours, to duplicate drives and scavenge other information. You'll never know they were there, or that you lost anything.
Recommendations:
• Conduct an after-hours information security survey to see what information is left out, unsecured and un-encrypted.
• Check your perimeter security hardware and access procedures. Make sure they haven't decayed over time.
These two items are the most common vulnerabilities we discover during our clients' surveys. ~Kevin
KwaZulu-Natal DA MPL Francois Rodgers and another staff member lost their laptops and other equipment in separate theft incidents in Kokstad within a month.
Rodgers said the home of a party staff member was broken into on Saturday, and a laptop, a hard drive and a diary from the staff member’s briefcase were stolen.
“What makes this even more sinister is the fact that in the very same room was another briefcase containing a laptop and tablet, yet nothing else was removed from the home,” he said.
Rodgers said the thieves had gained entry to the house through the back door, while the member and his family were asleep.
He said the Saturday break-in followed a theft out of his own vehicle a month ago.
“The first occurrence was coincidentally on the very same day that three DA councillors resigned and defected to the ANC." more
This is a cautionary tale.
It details some pretty brazen acts of espionage; bush league acts, due to their obviousness. Pros get what they want by entering business locations, after hours, to duplicate drives and scavenge other information. You'll never know they were there, or that you lost anything.
Recommendations:
• Conduct an after-hours information security survey to see what information is left out, unsecured and un-encrypted.
• Check your perimeter security hardware and access procedures. Make sure they haven't decayed over time.
These two items are the most common vulnerabilities we discover during our clients' surveys. ~Kevin
Physical Security a Growing Threat to Organizations
Physical security is seen as growing concern for business continuity professionals, according to the fifth annual Horizon Scan Report published by the Business Continuity Institute, in association with BSI. Among the ranks of potential threats that organizations face, acts of terrorism gained six places from 10th in 2015 to 4th this year, while security incidents moved from 6th place to 5th place. more
A proper TSCM / Information Security inspection can help in all areas of concern. |
What if Sacha Baron Cohen was the brother of James Bond?
That is essentially the plot of The Brothers Grimsby. Seems harmless enough. But, if we've learned anything from past Cohen comedies (Ali G, Borat, Bruno), it will be anything but wholesome.
The Brothers Grimsby will be in theaters March 11.
The Brothers Grimsby will be in theaters March 11.
Thursday, February 11, 2016
Tests Reveal Windows 10 Spying Is Out Of Control
Back in November Microsoft confirmed Windows 10’s worst kept secret: its extensive telemetry (or ‘spying’ as it has been labelled) cannot be stopped. What no-one realized until now, however, is just how staggering the extent of this tracking really is…
Blowing the lid on it this week is Voat user CheesusCrust whose extensive investigation claims Windows 10 contacts Microsoft to report data thousands of times per day. And the kicker? This happens after choosing a custom Windows 10 installation and disabling all three pages of tracking options which are all enabled by default.
The raw numbers come out as follows: in an eight hour period Windows 10 tried to send data back to 51 different Microsoft IP addresses over 5500 times. After 30 hours of use, Windows 10 expanded that data reporting to 113 non-private IP addresses. Being non-private means there is the potential for hackers to intercept this data.
Taking this a step further, the testing was then repeated on another Windows 10 clean installation again with all data tracking options disabled and third party tool DisableWinTracking was also installed which tries to shut down all hidden Windows 10 data reporting attempts. At the end of the 30 hour period Windows 10 had still managed to phone home with data 2758 times to 30 different IP addresses. more
UPDATE 2/12/16 (Another opinion.) - Windows 10 users who might be in a state of panic after reading an alarmist report claiming the OS is "spying" on PCs with thousands of data transfers a day can rest easy. The report was based on comments from a so-called security expert's comments that have since been deleted. more
Blowing the lid on it this week is Voat user CheesusCrust whose extensive investigation claims Windows 10 contacts Microsoft to report data thousands of times per day. And the kicker? This happens after choosing a custom Windows 10 installation and disabling all three pages of tracking options which are all enabled by default.
The raw numbers come out as follows: in an eight hour period Windows 10 tried to send data back to 51 different Microsoft IP addresses over 5500 times. After 30 hours of use, Windows 10 expanded that data reporting to 113 non-private IP addresses. Being non-private means there is the potential for hackers to intercept this data.
Taking this a step further, the testing was then repeated on another Windows 10 clean installation again with all data tracking options disabled and third party tool DisableWinTracking was also installed which tries to shut down all hidden Windows 10 data reporting attempts. At the end of the 30 hour period Windows 10 had still managed to phone home with data 2758 times to 30 different IP addresses. more
UPDATE 2/12/16 (Another opinion.) - Windows 10 users who might be in a state of panic after reading an alarmist report claiming the OS is "spying" on PCs with thousands of data transfers a day can rest easy. The report was based on comments from a so-called security expert's comments that have since been deleted. more
Spy Shop Sales Soaring Ahead of Valentine’s Day
Valentine's Day is the time of the year when couples all over the country profess their love.
That is, unless you suspect your significant other of cheating. But you don’t have to go on a reality show to find an unfaithful spouse.
“You can actually buy the equipment out right and do it yourself and have that equipment forever,” Spy Guy Allen Walton told NewsFix.
Walton's been selling spy gear for the last seven years, and he says when it comes to this hallmark holiday, his store sees a spike in business. more
That is, unless you suspect your significant other of cheating. But you don’t have to go on a reality show to find an unfaithful spouse.
“You can actually buy the equipment out right and do it yourself and have that equipment forever,” Spy Guy Allen Walton told NewsFix.
Walton's been selling spy gear for the last seven years, and he says when it comes to this hallmark holiday, his store sees a spike in business. more
"Isil help desk. Have you tried turning it off and on again?"
The Islamic State of Iraq and the Levant (Isil) is telling members how to avoid internet surveillance by Western authorities with an online "help desk".
The advice is offered through a channel on encrypted messaging app Telegram, and has about 2,200 members.
The channel is operated by Isil cyber security experts that call themselves the Electronic Horizon Foundation (EHF)... more
The advice is offered through a channel on encrypted messaging app Telegram, and has about 2,200 members.
The channel is operated by Isil cyber security experts that call themselves the Electronic Horizon Foundation (EHF)... more
Business Espionage Alert - Bribing for Passwords
Ireland has a new problem to throw at Apple: hackers are trying to buy company logins from employees. In some cases, employees are being offered upwards of €20,000 (about US$22,245) in efforts to coax out user names and passwords.
An Apple employee told Business Insider, "You'd be surprised how many people get on to us, just random Apple employees. You get emails offering you thousands [of euros] to get a password to get access to Apple."
Hackers are reportedly also targeting Apple employees for company information.
Exactly what hackers expect to accomplish once they have logins isn't clear. They may be trying to conduct industrial espionage (well, duh), dig up personal information, disrupt company plans, or something else entirely. more
You can bet this isn't just happening at Apple. Warn your employees you are on to this, watching for it, and will prosecute disloyal employees. ~Kevin
An Apple employee told Business Insider, "You'd be surprised how many people get on to us, just random Apple employees. You get emails offering you thousands [of euros] to get a password to get access to Apple."
Hackers are reportedly also targeting Apple employees for company information.
Exactly what hackers expect to accomplish once they have logins isn't clear. They may be trying to conduct industrial espionage (well, duh), dig up personal information, disrupt company plans, or something else entirely. more
You can bet this isn't just happening at Apple. Warn your employees you are on to this, watching for it, and will prosecute disloyal employees. ~Kevin
Bugging & Wiretapping History - "The Eavesdroppers"
In July 1956, the Pennsylvania Bar Association Endowment (PBAE) commissioned a comprehensive study of "wiretapping practices, laws, devices, and techniques" in the United States... The man appointed to direct the study was Samuel Dash... The result of Dash's efforts was The Eavesdroppers, a 483-page report co-authored with Knowlton and Schwartz. Rutgers University Press published it as a standalone volume in 1959. The book uncovered a wide range of privacy infringements on the part of state authorities and private citizens, a much bigger story than the PBAE had anticipated...
The eavesdropping threat loomed large during the 1950s and 1960s: in the work of state and local law enforcement agencies, who wiretapped extensively in criminal investigations; in the exploits of private investigators and eavesdropping specialists, who capitalized on technological innovations to expand their industry's reach; and, perhaps most importantly, in the contradictions of state and federal lawmakers, who sent conflicting messages about the legitimacy of eavesdropping practices that had dogged the nation's communications infrastructure for more than a century...
Wiretapping is as old as wired communication. Civil War generals traveled with professional telegraph tappers in the 1860s, law enforcement agencies began planting telephone taps in the 1890s, and corporate communications giants tacitly sanctioned state and federal eavesdropping programs of various sorts for most of the twentieth century. Somewhat surprisingly, this wasn't a drama that played out in the shadows of American life. Police eavesdropping garnered front-page headlines during the 1920s, when the telephone tap emerged as an effective tool in the enforcement of Prohibition laws...
Eavesdropping technologies of various sorts have been around for centuries. Prior to the invention of recorded sound, the vast majority of listening devices were extensions of the built environment. Perhaps nodding to the origins of the practice (listening under the eaves of someone else's home, where rain drops from the roof to the ground), early modern architects designed buildings with structural features that amplified private speech. The Jesuit polymath Athanasius Kircher (1601-1680) devised cone-shaped ventilation ducts for palaces and courts that allowed eavesdroppers to listen to other people's conversations. Catherine de' Medici (1519-1589) is said to have installed similar structures in the Louvre to keep tabs on individuals who might have plotted against her. Architectural listening systems weren't always a product of intentional design. Domes in St. Paul's Cathedral in London and the U.S. Capitol building still serve as inadvertent "whispering galleries," enabling prying ears to hear conversations held on the other side of the room. Archaeologists have discovered acoustical arrangements like these dating back to 3000 B.C.E. Many were used for eavesdropping...
The earliest electronic eavesdropping technologies functioned much like architectural listening systems. When installed in fixed locations—under floorboards and rugs, on walls and windows, inside desks and bookcases—early-twentieth-century devices like the Detectifone, a technological cousin to the more common Dictaphone, proved surprisingly effective...
The devices that we now think of as "bugs" emerged much later. During the late 1940s, electronic innovations made it possible for eavesdroppers to miniaturize listening technologies like the Detectifone. This made them easier to hide. It also freed them from the strictures of the built environment, dramatically expanding their reach. Reports of an American bugging epidemic began circulating in the early 1950s—first, as glimpses of the man-made miracle of electronics miniaturization began to appear in national newspapers, popular magazines, and Hollywood films, and later as congressional subcommittees revealed scandalous tools of the eavesdropping trade on the floor of the United States Senate. more
The eavesdropping threat loomed large during the 1950s and 1960s: in the work of state and local law enforcement agencies, who wiretapped extensively in criminal investigations; in the exploits of private investigators and eavesdropping specialists, who capitalized on technological innovations to expand their industry's reach; and, perhaps most importantly, in the contradictions of state and federal lawmakers, who sent conflicting messages about the legitimacy of eavesdropping practices that had dogged the nation's communications infrastructure for more than a century...
Wiretapping is as old as wired communication. Civil War generals traveled with professional telegraph tappers in the 1860s, law enforcement agencies began planting telephone taps in the 1890s, and corporate communications giants tacitly sanctioned state and federal eavesdropping programs of various sorts for most of the twentieth century. Somewhat surprisingly, this wasn't a drama that played out in the shadows of American life. Police eavesdropping garnered front-page headlines during the 1920s, when the telephone tap emerged as an effective tool in the enforcement of Prohibition laws...
Eavesdropping technologies of various sorts have been around for centuries. Prior to the invention of recorded sound, the vast majority of listening devices were extensions of the built environment. Perhaps nodding to the origins of the practice (listening under the eaves of someone else's home, where rain drops from the roof to the ground), early modern architects designed buildings with structural features that amplified private speech. The Jesuit polymath Athanasius Kircher (1601-1680) devised cone-shaped ventilation ducts for palaces and courts that allowed eavesdroppers to listen to other people's conversations. Catherine de' Medici (1519-1589) is said to have installed similar structures in the Louvre to keep tabs on individuals who might have plotted against her. Architectural listening systems weren't always a product of intentional design. Domes in St. Paul's Cathedral in London and the U.S. Capitol building still serve as inadvertent "whispering galleries," enabling prying ears to hear conversations held on the other side of the room. Archaeologists have discovered acoustical arrangements like these dating back to 3000 B.C.E. Many were used for eavesdropping...
Click to enlarge. |
The devices that we now think of as "bugs" emerged much later. During the late 1940s, electronic innovations made it possible for eavesdroppers to miniaturize listening technologies like the Detectifone. This made them easier to hide. It also freed them from the strictures of the built environment, dramatically expanding their reach. Reports of an American bugging epidemic began circulating in the early 1950s—first, as glimpses of the man-made miracle of electronics miniaturization began to appear in national newspapers, popular magazines, and Hollywood films, and later as congressional subcommittees revealed scandalous tools of the eavesdropping trade on the floor of the United States Senate. more
Tuesday, February 9, 2016
More Eavesdropping Resistant than a Brick S-House
By replacing the limestone and sand
typically used in concrete with a mineral called magnetite, Tuan has shown that the mixture can also shield against electromagnetic waves.
The electromagnetic spectrum includes the radio-frequency waves transmitted and received by cellphones, which Tuan said could make the concrete mixture useful to those concerned about becoming targets of industrial espionage.
Using the magnetite-embedded concrete, researchers have built a small structure in their laboratory that demonstrates the material's shielding capabilities. more
typically used in concrete with a mineral called magnetite, Tuan has shown that the mixture can also shield against electromagnetic waves.
The electromagnetic spectrum includes the radio-frequency waves transmitted and received by cellphones, which Tuan said could make the concrete mixture useful to those concerned about becoming targets of industrial espionage.
Using the magnetite-embedded concrete, researchers have built a small structure in their laboratory that demonstrates the material's shielding capabilities. more
Monday, February 8, 2016
Employee Bugs Boss, or Bad Hair Day Beef
A labor dispute in a city hair salon
became criminal when an employee made an audio recording of her boss, without the boss' knowledge, said Acting Deputy Police Chief Frank Warchol.
The employee, Nichole Brock, 35, of 89 Linden St. Unit B, Exeter, was arrested Monday on a misdemeanor count of wiretapping, police reported. Warchol said the law prohibits recording anyone without consent from all parties being recorded and that Brock's recording was made secretly. He said the underlying dispute was not criminal, but the recording was. more
became criminal when an employee made an audio recording of her boss, without the boss' knowledge, said Acting Deputy Police Chief Frank Warchol.
The employee, Nichole Brock, 35, of 89 Linden St. Unit B, Exeter, was arrested Monday on a misdemeanor count of wiretapping, police reported. Warchol said the law prohibits recording anyone without consent from all parties being recorded and that Brock's recording was made secretly. He said the underlying dispute was not criminal, but the recording was. more
Stealing White - How a corporate spy swiped plans for DuPont’s billion-dollar color formula
“At first, you’re like: Why are they stealing the color white?
I had to Google it to figure out what titanium dioxide even was,” says Dean Chappell, acting section chief of counterespionage for the FBI. “Then you realize there is a strategy to it.”
You can’t even call it spying, adds John Carlin, the assistant attorney general in charge of the U.S. Department of Justice’s national security division. “This is theft. And this—stealing the color white—is a very good example of the problem. It’s not a national security secret. It’s about stealing something you can make a buck off of. It’s part of a strategy to profit off what American ingenuity creates.”
Most trade-secret theft goes unreported. Companies worry that disclosing such incidents will hurt their stock prices, harm relationships with customers, or prompt federal agents to put them under a microscope. Theft of trade secrets also rarely results in criminal charges because the cases are time-consuming and complicated, and it’s often difficult to win a conviction for conspiracy to commit espionage. more
Extra Credit...
I had to Google it to figure out what titanium dioxide even was,” says Dean Chappell, acting section chief of counterespionage for the FBI. “Then you realize there is a strategy to it.”
You can’t even call it spying, adds John Carlin, the assistant attorney general in charge of the U.S. Department of Justice’s national security division. “This is theft. And this—stealing the color white—is a very good example of the problem. It’s not a national security secret. It’s about stealing something you can make a buck off of. It’s part of a strategy to profit off what American ingenuity creates.”
Most trade-secret theft goes unreported. Companies worry that disclosing such incidents will hurt their stock prices, harm relationships with customers, or prompt federal agents to put them under a microscope. Theft of trade secrets also rarely results in criminal charges because the cases are time-consuming and complicated, and it’s often difficult to win a conviction for conspiracy to commit espionage. more
Extra Credit...
This Week in Business Espionage
• XPO Logistics Inc. charges that rival YRC Worldwide Inc. went to illegal extremes as XPO bought Con-way Inc. last year, the WSJ’s Loretta Chao writes, raiding the less-than-truckload carrier for executives and trade secrets on its operations and its customers. YRC won’t comment on the charges... XPO’s allegation of what amounts to corporate espionage comes at a critical time for the company. more
• One of the UK’s largest companies, British American Tobacco (BAT) is facing demands that it be investigated by the US Department of Justice, following allegations that it engaged in widespread bribery of politicians and policymakers in Africa... There are also claims that the company engaged in corporate espionage and the sabotage of competitors in Kenya. more
• Barcelona (soccer team) say they are “oblivious” to allegations of industrial espionage brought against them and former President Sandro Rosell. The Spanish Press reported on Friday that communications group Mediapro had taken Barca and Rosell to court, with its owner Jaume Roures accusing the ex-patron of e-mail theft, divulging business secrets and invading his privacy. more
• If American businesses want to curb the theft of their trade secrets and intellectual property by other countries, they are going to have to do it themselves. The good news for the American private sector is that machine learning (ML) and behavioral analytics, are offering some promise of detecting hackers before they start exfiltrating trade secrets and intellectual property (IP)... The not so good news is that those businesses are not going to be getting much help from the government. more
...and from "The World is a Strange Place" files...
• A U.S. law firm specializing in cross-border matters has opened its first office in China recently, aiming to assist local companies with legal issues against the background of a spate of spying charges against Chinese nationals. The law firm, Alston & Bird, opened its Beijing office on January 27, marking the first overseas branch of the law firm. The firm has served as counsel to a number of Chinese clients, including Tianjin University's Professor Zhang Hao, who was charged in the U.S. with economic espionage and theft of trade secrets. more
• One of the UK’s largest companies, British American Tobacco (BAT) is facing demands that it be investigated by the US Department of Justice, following allegations that it engaged in widespread bribery of politicians and policymakers in Africa... There are also claims that the company engaged in corporate espionage and the sabotage of competitors in Kenya. more
• Barcelona (soccer team) say they are “oblivious” to allegations of industrial espionage brought against them and former President Sandro Rosell. The Spanish Press reported on Friday that communications group Mediapro had taken Barca and Rosell to court, with its owner Jaume Roures accusing the ex-patron of e-mail theft, divulging business secrets and invading his privacy. more
• If American businesses want to curb the theft of their trade secrets and intellectual property by other countries, they are going to have to do it themselves. The good news for the American private sector is that machine learning (ML) and behavioral analytics, are offering some promise of detecting hackers before they start exfiltrating trade secrets and intellectual property (IP)... The not so good news is that those businesses are not going to be getting much help from the government. more
...and from "The World is a Strange Place" files...
• A U.S. law firm specializing in cross-border matters has opened its first office in China recently, aiming to assist local companies with legal issues against the background of a spate of spying charges against Chinese nationals. The law firm, Alston & Bird, opened its Beijing office on January 27, marking the first overseas branch of the law firm. The firm has served as counsel to a number of Chinese clients, including Tianjin University's Professor Zhang Hao, who was charged in the U.S. with economic espionage and theft of trade secrets. more
Another Bad Week for Spies
• Saudi Arabia places 27 on trial for spying for Iran more
• Hamas armed wing executes member 'for spying for Israel' more
• North Korea detains American citizen for allegedly spying more
• Iran holding several dual citizens on charges of spying more
• Four arrested 'spies' of postal dept suspended more
• Spy row officer lodges complaint against her superior more
and, to make spy image matters worse...
• Gabriel Kahane Wears Sunglasses Inside to Look Like a Spy and Sings About It on 'The Fiction Issue' more
• Hamas armed wing executes member 'for spying for Israel' more
• North Korea detains American citizen for allegedly spying more
• Iran holding several dual citizens on charges of spying more
• Four arrested 'spies' of postal dept suspended more
• Spy row officer lodges complaint against her superior more
and, to make spy image matters worse...
• Gabriel Kahane Wears Sunglasses Inside to Look Like a Spy and Sings About It on 'The Fiction Issue' more
Friday, February 5, 2016
Thursday, February 4, 2016
15,000+ People Get Paid by Their Eavesdropper
People will turn their smartphones into spying devices for just $5/month
Symphony Advanced Media, founded in 2010, has recruited over 15,000 people to be part of its “panel of media insiders.”
They downloaded an app from Symphony that collects a ton of information from their smartphones, and turns on their microphones every minute for 5-6 seconds to see what they’re watching on their TV or computer. Here’s how Symphony describes on its website what it knows about each individual in its panel:
The data sucked up from panelists’ phones includes where they are; their Internet traffic; their search keywords; which mobile apps they use and for how long; how many calls, emails and texts they send; and, of course, what they’re watching on network or digital TV. In exchange for having everything they do on their phone spied on, panelists are paid $5/month—not in cash, but in the form of points on Perks.com. more
Symphony Advanced Media, founded in 2010, has recruited over 15,000 people to be part of its “panel of media insiders.”
They downloaded an app from Symphony that collects a ton of information from their smartphones, and turns on their microphones every minute for 5-6 seconds to see what they’re watching on their TV or computer. Here’s how Symphony describes on its website what it knows about each individual in its panel:
Click to enlarge. |
Amateur Eavesdroppers in the News This Week
MA - Brianne St. Peter McMahon, 36, was indicted Wednesday by a Plymouth County Grand Jury on charges including wiretapping and misleading a police investigation, according to the office of Plymouth District Attorney Timothy J. Cruz.
In October 2015, McMahon allegedly slipped her cellphone into the pocket of a witness, who was set to appear before a grand jury at Brockton Superior Court, to record the proceedings and interviews related to the murder of 45-year-old Robert McKennacq, according to Cruz’s office.
Later that afternoon, State Police seized the phone from the witness, a friend of McMahon’s who was unaware the device had been placed in her pocket, according to the indictment. more
---
MA - Three employees at Wyman-Gordon company in Grafton, Massachusetts, are facing felony wiretapping charges for setting up a hidden camera with audio to record their coworker inside their workplace, reports CBS Boston. more
---
S. Africa - An electronics expert testified in court on Monday that he planted a “bugging” device in the Pietermaritzburg advocates’ chambers and helped put a GPS tracker on an advocate’s car at the request of KZN advocate Penny Hunt.
Houston Wayne Impey said he had, at Hunt’s request, also removed the CCTV hard drive installed at the advocates’ chambers to copy the footage captured on the system.
Hunt had told him to plant the bugging device in the ceiling of the advocates’ chambers so she could listen to, and record, conversations in her secretary’s office, because she suspected her of leaking confidential information, he said. more
In October 2015, McMahon allegedly slipped her cellphone into the pocket of a witness, who was set to appear before a grand jury at Brockton Superior Court, to record the proceedings and interviews related to the murder of 45-year-old Robert McKennacq, according to Cruz’s office.
Later that afternoon, State Police seized the phone from the witness, a friend of McMahon’s who was unaware the device had been placed in her pocket, according to the indictment. more
---
MA - Three employees at Wyman-Gordon company in Grafton, Massachusetts, are facing felony wiretapping charges for setting up a hidden camera with audio to record their coworker inside their workplace, reports CBS Boston. more
---
S. Africa - An electronics expert testified in court on Monday that he planted a “bugging” device in the Pietermaritzburg advocates’ chambers and helped put a GPS tracker on an advocate’s car at the request of KZN advocate Penny Hunt.
Houston Wayne Impey said he had, at Hunt’s request, also removed the CCTV hard drive installed at the advocates’ chambers to copy the footage captured on the system.
Hunt had told him to plant the bugging device in the ceiling of the advocates’ chambers so she could listen to, and record, conversations in her secretary’s office, because she suspected her of leaking confidential information, he said. more
Monday, February 1, 2016
FutureWatch - Another Step Closer to the Future of Eavesdropping
...a new experiment at the University of Washington may be bringing ESP closer to the realm of reality.
According to University of Washington computational neuroscientist Rajesh Rao and UW Medicine neurosurgeon Jeff Ojemann, the combination of a brain implant and a complex algorithm has given researchers the ability to predict human thoughts with unprecedented speed and accuracy. In fact, the duo says, they’re able to track what we’re thinking as we’re thinking it, bringing us closer to mind reading than ever before...
“We were trying to understand, first, how the human brain perceives objects in the temporal lobe, and second, how one could use a computer to extract and predict what someone is seeing in real time,” explained Rao to the UW NewsBeat. “Clinically, you could think of our result as a proof of concept toward building a communication mechanism for patients who are paralyzed or have had a stroke and are completely locked-in,” he said. more
According to University of Washington computational neuroscientist Rajesh Rao and UW Medicine neurosurgeon Jeff Ojemann, the combination of a brain implant and a complex algorithm has given researchers the ability to predict human thoughts with unprecedented speed and accuracy. In fact, the duo says, they’re able to track what we’re thinking as we’re thinking it, bringing us closer to mind reading than ever before...
“We were trying to understand, first, how the human brain perceives objects in the temporal lobe, and second, how one could use a computer to extract and predict what someone is seeing in real time,” explained Rao to the UW NewsBeat. “Clinically, you could think of our result as a proof of concept toward building a communication mechanism for patients who are paralyzed or have had a stroke and are completely locked-in,” he said. more
FutureWatch - Keep Your Eye on IoT - The Encryption Debate is a Distraction
...products, ranging from “toasters to bedsheets, light bulbs, cameras,
toothbrushes, door locks, cars, watches and other wearables,” will give
the government increasing opportunities to track suspects and in many
cases reconstruct communications and meetings. more
...from "Don’t Panic: Making Progress on the ‘Going Dark’ Debate"
The audio and video sensors on IoT devices will open up numerous avenues for government actors to demand access to real-time and recorded communications.
A ten-year-old case involving an in-automobile concierge system provides an early indication of how this might play out. The system enables the company to remotely monitor and respond to a car’s occupants through a variety of sensors and a cellular connection. At the touch of a button, a driver can speak to a representative who can provide directions or diagnose problems with the car. During the course of an investigation, the FBI sought to use the microphone in a car equipped with such a system to capture conversations taking place in the car’s cabin between two alleged senior members of organized crime.
In 2001, a federal court in Nevada issued ex parte orders that required the company to assist the FBI with the intercept. The company appealed, and though the Ninth Circuit disallowed the interception on other grounds, it left open the possibility of using in-car communication devices for surveillance provided the systems’ safety features are not disabled in the process.
Such assistance might today be demanded from any company capable of recording conversations or other activity at a distance, whether through one’s own smartphone, an Amazon Echo, a baby monitor, an Internet-enabled security camera, or a futuristic “Elf on a Shelf” laden with networked audio and image sensors. more
...from "Don’t Panic: Making Progress on the ‘Going Dark’ Debate"
The audio and video sensors on IoT devices will open up numerous avenues for government actors to demand access to real-time and recorded communications.
A ten-year-old case involving an in-automobile concierge system provides an early indication of how this might play out. The system enables the company to remotely monitor and respond to a car’s occupants through a variety of sensors and a cellular connection. At the touch of a button, a driver can speak to a representative who can provide directions or diagnose problems with the car. During the course of an investigation, the FBI sought to use the microphone in a car equipped with such a system to capture conversations taking place in the car’s cabin between two alleged senior members of organized crime.
In 2001, a federal court in Nevada issued ex parte orders that required the company to assist the FBI with the intercept. The company appealed, and though the Ninth Circuit disallowed the interception on other grounds, it left open the possibility of using in-car communication devices for surveillance provided the systems’ safety features are not disabled in the process.
Such assistance might today be demanded from any company capable of recording conversations or other activity at a distance, whether through one’s own smartphone, an Amazon Echo, a baby monitor, an Internet-enabled security camera, or a futuristic “Elf on a Shelf” laden with networked audio and image sensors. more
Attention Attorneys - Time to Sweep for Electronic Surveillance Devices
With attention growing on the use of shell companies in high-end real estate, an activist organization released a report Sunday night that said several New York real estate lawyers had been caught on camera providing advice on how to move suspect money into the United States.
The report is the result of an undercover investigation carried out in 2014 by Global Witness, a nonprofit activist organization that has been pushing for stricter money-laundering rules.
The lawyers featured in the report include a recent president of the American Bar Association. more video sweep service
The report is the result of an undercover investigation carried out in 2014 by Global Witness, a nonprofit activist organization that has been pushing for stricter money-laundering rules.
The lawyers featured in the report include a recent president of the American Bar Association. more video sweep service
Friday, January 29, 2016
Business Espionage: Corn Spy Pops
Security for Dupont Pioneer’s cornfields in Iowa suspected something when they detected men crawling around in the cornfields, and alerted the FBI two years ago.
Now, one man — Chinese citizen Mo Hailong — has admitted to attempted kernel theft.
Mo was a part of a conspiracy to smuggle U.S. corn from producers Dupont Pioneer and Monsanto in Iowa and ship it to China, where scientists would attempt to replicate the corn’s genetic properties. Prosecutors accused Mo of working with others in the group Kings Nower Seed, a subsidiary of the Beijing Dabeinong Technology Group, the Associated Press reports. more
Now, one man — Chinese citizen Mo Hailong — has admitted to attempted kernel theft.
Mo was a part of a conspiracy to smuggle U.S. corn from producers Dupont Pioneer and Monsanto in Iowa and ship it to China, where scientists would attempt to replicate the corn’s genetic properties. Prosecutors accused Mo of working with others in the group Kings Nower Seed, a subsidiary of the Beijing Dabeinong Technology Group, the Associated Press reports. more
Subscribe to:
Posts (Atom)