This 600+ page tome will help you do it. Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.
(Originally posted in 2013. Back by popular demand.)
Monday, June 6, 2016
NSA's Untangling the Web, A Guide to Internet Research
Want to learn how to search like a spy?
This 600+ page tome will help you do it.
Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.
(Originally posted in 2013. Back by popular demand.)
This 600+ page tome will help you do it. Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.
(Originally posted in 2013. Back by popular demand.)
Business Espionage Alert: Select Your Hotel Carefully
You are a business executive or a member of the government with sensitive data on your laptop computer. You check into a luxury hotel in the United States or in many other countries. Chances are this hotel may be owned by a Chinese company even though it carries a known western brand name. Often such investors get their money directly from the Chinese Government.
You connect your computer to the hotel wifi and you may notice your secure connection can no longer be secure. Ever noticed wanting to send an email using your own domain, and you have to unblock "authentication" to make it work while connected to a hotel network? Did you ever wonder how this could open up your computer data to foreign espionage? You are no longer the only one worrying...
Chinese global investments in tourism, specifically in name brand luxury hotels and resorts is overwhelming. This is the same for Chinese investments in the United States, as it is for Chinese domination in Cuba, South America, India, South East Asia and many African countries...
A review of the Chinese $1.95-billion acquisition of New York's Waldorf-Astoria Hotel in 2014, possibly recognizing that the hotel's role as the official residence of the U.S. ambassador to the United Nations and the frequent lodging for U.S. and foreign dignitaries with business in New York made it a prime target of CFIUS (The Committee on Foreign Investment in the United States). No action by US authorities were taken...
The next time you travel on business, you have sensitive data on your computer that could lead to industrial espionage attacks, or you are a government official with data you don't want to get into Chinese hands, select your hotel carefully. more
You connect your computer to the hotel wifi and you may notice your secure connection can no longer be secure. Ever noticed wanting to send an email using your own domain, and you have to unblock "authentication" to make it work while connected to a hotel network? Did you ever wonder how this could open up your computer data to foreign espionage? You are no longer the only one worrying...
Chinese global investments in tourism, specifically in name brand luxury hotels and resorts is overwhelming. This is the same for Chinese investments in the United States, as it is for Chinese domination in Cuba, South America, India, South East Asia and many African countries...
A review of the Chinese $1.95-billion acquisition of New York's Waldorf-Astoria Hotel in 2014, possibly recognizing that the hotel's role as the official residence of the U.S. ambassador to the United Nations and the frequent lodging for U.S. and foreign dignitaries with business in New York made it a prime target of CFIUS (The Committee on Foreign Investment in the United States). No action by US authorities were taken...The next time you travel on business, you have sensitive data on your computer that could lead to industrial espionage attacks, or you are a government official with data you don't want to get into Chinese hands, select your hotel carefully. more
Russian Hi-Tech Spy Devices Under Attack Over Privacy Fears
New Russian technologies, including phone call interception and a facial recognition app, have stirred a fierce debate about privacy and data monitoring.
Infowatch, a Moscow-based IT security company managed by businesswoman Natalya Kasperskaya, found itself in hot water last month after it revealed it had invented a system that companies can use to intercept employees' mobile phone conversations...
The goal behind phone call interception, Kasperskaya said, is to provide large businesses with a tool to prevent information leaks, including companies whose success depends on protecting corporate secrets. more
Infowatch, a Moscow-based IT security company managed by businesswoman Natalya Kasperskaya, found itself in hot water last month after it revealed it had invented a system that companies can use to intercept employees' mobile phone conversations...
The goal behind phone call interception, Kasperskaya said, is to provide large businesses with a tool to prevent information leaks, including companies whose success depends on protecting corporate secrets. more
34 Officials Pardoned for Wiretapping 20,000 People... now unpardoned.
President Gjorge Ivanov on Monday revoked pardons he had granted to 34 officials implicated in a wire-tapping scandal that has thrown Macedonia into political turmoil, meeting demands from the opposition, the European Union and the United States.
In an EU-brokered deal last year, Macedonia's political parties agreed to hold an early election and that a special prosecutor should investigate allegations that former prime minister Nikola Gruevski and his close allies authorized eavesdropping on more than 20,000 people.
Ivanov's decision in April to pardon 56 officials prosecuted over their involvement in the scandal drew nationwide protests that led to the cancellation of an election set for June 5. more
In an EU-brokered deal last year, Macedonia's political parties agreed to hold an early election and that a special prosecutor should investigate allegations that former prime minister Nikola Gruevski and his close allies authorized eavesdropping on more than 20,000 people.Ivanov's decision in April to pardon 56 officials prosecuted over their involvement in the scandal drew nationwide protests that led to the cancellation of an election set for June 5. more
Thursday, June 2, 2016
Book - "Accidental P.I." by David B. Watts - Very Non-Fiction. Very Good.
Accidental P.I. takes you on a thrill ride following the fifty-year professional career of Private Investigator David Watts, as his life story treats you to these experiences and more. From murder, rioting, gambling and drug raids to sex cases, and fraud, this behind-the-scenes peek at real-life cases shows how investigators get the job done—not like in the movies or on television.
David Watts entered the investigative field as a young New Jersey policeman at the beginning of the turbulent 1960s. His descriptions of the seedier side of the cultural revolution during that era is riveting . . . and you get to go along for the ride! Switching to the private sector, armed with a Super 8 camera, he had the guts to quit law enforcement and start his own business in 1976 and has been at it ever since...
About the Author
David B. Watts, a licensed private investigator for the past four decades, specializes in fraud and business investigations. He and Linda, his wife of 53 years, worked for major law firms and the Fortune 500 in the busy New York to Philadelphia corridor on cases ranging from kickbacks to special security issues. Dave has also worked several murder cases and innumerable insurance fraud matters.
His investigation career began in his twenties as a Plainfield, New Jersey patrolman. He was promoted to detective, then joined the Union County Prosecutor's Office as a County Investigator. These early experiences eventually launched him into a lifetime of investigation work in the private sector. His pursuit of the facts brought him into state and federal courts as well as the board rooms of major corporations. He is respected among his peers and continues to take on special investigations, now in his seventies. more
Dave and I go way back. I am familiar with some of his cases (as he is with some of mine) so I can assure you he shares these experiences accurately. Reading about them brought back some good memories. It also made me realize how much he and his wife Linda accomplished in their career together. Congratulations, Dave & Linda!
Meet Dave - Book Signings
June 12, 2016 – 1 to 3 p.m. Clinton Book Shop, Clinton, NJ
July 10, 2016 – 12 N to 2 p.m. Barnes & Noble, Bridgewater, NJ
David Watts entered the investigative field as a young New Jersey policeman at the beginning of the turbulent 1960s. His descriptions of the seedier side of the cultural revolution during that era is riveting . . . and you get to go along for the ride! Switching to the private sector, armed with a Super 8 camera, he had the guts to quit law enforcement and start his own business in 1976 and has been at it ever since...About the Author
David B. Watts, a licensed private investigator for the past four decades, specializes in fraud and business investigations. He and Linda, his wife of 53 years, worked for major law firms and the Fortune 500 in the busy New York to Philadelphia corridor on cases ranging from kickbacks to special security issues. Dave has also worked several murder cases and innumerable insurance fraud matters.
His investigation career began in his twenties as a Plainfield, New Jersey patrolman. He was promoted to detective, then joined the Union County Prosecutor's Office as a County Investigator. These early experiences eventually launched him into a lifetime of investigation work in the private sector. His pursuit of the facts brought him into state and federal courts as well as the board rooms of major corporations. He is respected among his peers and continues to take on special investigations, now in his seventies. more
Dave and I go way back. I am familiar with some of his cases (as he is with some of mine) so I can assure you he shares these experiences accurately. Reading about them brought back some good memories. It also made me realize how much he and his wife Linda accomplished in their career together. Congratulations, Dave & Linda!
Meet Dave - Book Signings
June 12, 2016 – 1 to 3 p.m. Clinton Book Shop, Clinton, NJ
July 10, 2016 – 12 N to 2 p.m. Barnes & Noble, Bridgewater, NJ
Wednesday, June 1, 2016
Spy on Any Phone, Anywhere... for a price.
With just a few million dollars and a phone number, you can snoop on any call or text that phone makes – no matter where you are or where the device is located.
That’s the bold claim of Israel’s Ability Inc, which offers its set of bleeding-edge spy tools to governments the world over. And it’s plotting to flog its kit to American cops in the coming months.
Ability’s most startling product, from both technical and price perspectives, is the Unlimited Interception System (ULIN). Launched in November last year, it can cost as much as $20 million, depending on how many targets the customer wants to surveil.
All a ULIN customer requires is the target’s phone number or the IMSI (International Mobile Subscriber Identity), the unique identifier for an individual mobile device. Got those? Then boom – you can spy on a target’s location, calls and texts.
This capability is far more advanced than that of IMSI-catchers (widely known as StingRays), currently used by police departments in the United States. IMSI-catchers can help acquire a target’s IMSI number, as well as snoop on mobiles, but only if the target is within range. more
That’s the bold claim of Israel’s Ability Inc, which offers its set of bleeding-edge spy tools to governments the world over. And it’s plotting to flog its kit to American cops in the coming months.
Ability’s most startling product, from both technical and price perspectives, is the Unlimited Interception System (ULIN). Launched in November last year, it can cost as much as $20 million, depending on how many targets the customer wants to surveil.All a ULIN customer requires is the target’s phone number or the IMSI (International Mobile Subscriber Identity), the unique identifier for an individual mobile device. Got those? Then boom – you can spy on a target’s location, calls and texts.
This capability is far more advanced than that of IMSI-catchers (widely known as StingRays), currently used by police departments in the United States. IMSI-catchers can help acquire a target’s IMSI number, as well as snoop on mobiles, but only if the target is within range. more
"What are the most important characteristics of a great InfoSec professional in 2016?"
23 Information Security Leaders Reveal the Most Important Traits for InfoSec Pros in 2016
Digital Guardian compiled their responses to create a comprehensive guide outlining the most important characteristics for InfoSec professionals. (My contribution appears below. The additional 22 thoughtful responses appear here.)
---
"The single most important characteristic for successful InfoSec professionals in 2016 is..."
Inquisitiveness.
With this quality, an InfoSec professional will question the status quo, look for loopholes, seek new solutions, follow-up on red flags early on, and look at InfoSec from a holistic viewpoint.
The viewpoint is the most important element. It shapes all other aspects of the job. The inquisitive person will see their job not as an IT defender, but as a defender of information, no matter how it is generated, stored, or transmitted. The great InfoSec professional realizes all the data stored on the computers was available to the adversary long before it ever entered a database.
This holistic outlook takes into account the genesis of information. It may start out as a phone call, which may be wiretapped; a conference room strategy meeting, which can be bugged; unsecured written information left on desks or unlocked file cabinets, which may be easily photographed; information stored on a photocopier hard drive, which can later be reprinted; or on an unsecured Wi-Fi Appearance Point, or wireless printer, whose transmissions may be intercepted. The list of info-vulnerabilities is long.
In recent years, the rush has been to focus on IT security, and rightly so. But, in doing so, the gap between great InfoSec professionals and tunnel-visioned InfoSec managers has become wide and clear. Great InfoSec professionals, being inquisitive, see and handle the big picture. It isn't just computers. The real task is detecting and plugging any method by which information can leak out. Today's great InfoSec professionals defend accordingly. They are much more successful than their colleagues, who only put out fires. ~Kevin
Digital Guardian compiled their responses to create a comprehensive guide outlining the most important characteristics for InfoSec professionals. (My contribution appears below. The additional 22 thoughtful responses appear here.)
---
"The single most important characteristic for successful InfoSec professionals in 2016 is..." Inquisitiveness.
With this quality, an InfoSec professional will question the status quo, look for loopholes, seek new solutions, follow-up on red flags early on, and look at InfoSec from a holistic viewpoint.
The viewpoint is the most important element. It shapes all other aspects of the job. The inquisitive person will see their job not as an IT defender, but as a defender of information, no matter how it is generated, stored, or transmitted. The great InfoSec professional realizes all the data stored on the computers was available to the adversary long before it ever entered a database.
This holistic outlook takes into account the genesis of information. It may start out as a phone call, which may be wiretapped; a conference room strategy meeting, which can be bugged; unsecured written information left on desks or unlocked file cabinets, which may be easily photographed; information stored on a photocopier hard drive, which can later be reprinted; or on an unsecured Wi-Fi Appearance Point, or wireless printer, whose transmissions may be intercepted. The list of info-vulnerabilities is long.
In recent years, the rush has been to focus on IT security, and rightly so. But, in doing so, the gap between great InfoSec professionals and tunnel-visioned InfoSec managers has become wide and clear. Great InfoSec professionals, being inquisitive, see and handle the big picture. It isn't just computers. The real task is detecting and plugging any method by which information can leak out. Today's great InfoSec professionals defend accordingly. They are much more successful than their colleagues, who only put out fires. ~Kevin
Tuesday, May 31, 2016
10 types of spy cameras that could be watching you right now - No. 6 is a surprise
Camera technology has advanced a lot the past few years. They keep getting smaller and smaller, making it possible to conceal them any which way.
Spy cam manufacturers have been creative in producing some of the most cleverly disguised (and tiny) camera/DVR systems, complete with HD video, motion detection, large storage card support and remote controls...
1. USB flash drive spy cameras
These cameras look like your regular USB storage sticks, but think again. They have a hidden camera inside! It’s not unusual these days for someone to be carrying USB sticks around so spotting them can be a bit challenging.
So how can you tell? The camera lens for these USB stick cameras is usually located on the posterior end of the stick, opposite the USB plug. With this form factor, this spy cam will blend seamlessly in an office or classroom.
See all 10 here.
Spy cam manufacturers have been creative in producing some of the most cleverly disguised (and tiny) camera/DVR systems, complete with HD video, motion detection, large storage card support and remote controls...
1. USB flash drive spy cameras
These cameras look like your regular USB storage sticks, but think again. They have a hidden camera inside! It’s not unusual these days for someone to be carrying USB sticks around so spotting them can be a bit challenging.So how can you tell? The camera lens for these USB stick cameras is usually located on the posterior end of the stick, opposite the USB plug. With this form factor, this spy cam will blend seamlessly in an office or classroom.
See all 10 here.
Concerns for Energy Espionage Climb
The FBI is warning U.S. energy companies that the oil industry's downturn is increasing their vulnerability to theft of technological secrets.
Companies that long have faced the prospect of economic espionage must now be prepared for the possibility that workers who have been laid off could be targeted by foreign entities and competitors wanting to steal intellectual property.
"FBI investigations indicate economic espionage and trade secret theft against U.S. oil and natural gas companies and institutes are on the rise," according to an unclassified briefing report prepared for the energy industry.
Agents shared the report recently with about 150 energy sector executives, managers and others who gathered behind closed doors at the FBI building... more
Companies that long have faced the prospect of economic espionage must now be prepared for the possibility that workers who have been laid off could be targeted by foreign entities and competitors wanting to steal intellectual property. "FBI investigations indicate economic espionage and trade secret theft against U.S. oil and natural gas companies and institutes are on the rise," according to an unclassified briefing report prepared for the energy industry.
Agents shared the report recently with about 150 energy sector executives, managers and others who gathered behind closed doors at the FBI building... more
How Business Espionage Really Works (Hint, it ain't just computers.)
The Dirty Dozen
- Trespassing on the property of a competitor.
- Secretly observing the activities or properties of others.
- Using electronic eavesdropping equipment.
- Learning trade secrets by hiring people who work for a competitor.
- Hiring a spy to get specific information from an other company.
- Planting an undercover operative on someone else’s payroll.
- Stealing documents or property (includes electronic documents).
- Conducting phone negotiations for a license, franchise, or distributorship in order to gain inside information.
- Gaining information by staging a phony market research study or similar interview project.
- Bribing. Most forms of bribery are unethical, including those disguised as “gifts”.
- Blackmailing.
- Extorting.
Trump Campaign Manager Asked if Trump Offices Are Being Bugged - Bizarre Response
Donald Trump’s controversial campaign manager, Corey Lewandowski, appeared on “Fox News Sunday” this week to answer questions about the Republican front-runner’s strategy as the primary season winds down...
...with seconds remaining in the interview, host Chris Wallace asked a question that produced a response no one likely anticipated.
Wallace asked Lewandowski to comment on reports that some Trump associates are suspicious that the campaign’s Trump Tower offices are being bugged. At first the campaign manager ignored the question, but Wallace pressed further.
“Is there any bugging going on at the Trump Tower?” Wallace asked, with 10 seconds remaining in the interview.
“I think that’s a lot of speculation,” Lewandowski began. “I don’t think that’s the case at all — I think we’re very happy with the way that our offices are set up.”
It’s not quite clear what Lewandowski was trying to suggest, and given that there was no time for a follow-up question, the bizarre response was left alone. more
...with seconds remaining in the interview, host Chris Wallace asked a question that produced a response no one likely anticipated.
Wallace asked Lewandowski to comment on reports that some Trump associates are suspicious that the campaign’s Trump Tower offices are being bugged. At first the campaign manager ignored the question, but Wallace pressed further. “Is there any bugging going on at the Trump Tower?” Wallace asked, with 10 seconds remaining in the interview.
“I think that’s a lot of speculation,” Lewandowski began. “I don’t think that’s the case at all — I think we’re very happy with the way that our offices are set up.”
It’s not quite clear what Lewandowski was trying to suggest, and given that there was no time for a follow-up question, the bizarre response was left alone. more
Friday, May 27, 2016
The Friendly Maintenance Man's Spycam
Apartment maintenance man Jerry Rowe was a nice, friendly guy who carried around treats for residents' dogs. Residents of the Steeplechase Apartments were surprised Thursday when word spread that Rowe, 65, had been arrested and charged with hiding a camera in the bathrooms of five female tenants.
...The investigation into Rowe started Wednesday when a woman saw a camera in a vent in the ceiling of her bathroom. The Friendly Maintenance Man's
She called the Warren Co. Sheriff's Office and deputies said they found images of Rowe placing the camera in the vent on the camera. Lt. John Faine said five women were captured by the camera...
Faine said he believes Rowe had one camera that he moved from one apartment to another. However, he cannot rule out that there may be other cameras at this point in the investigation. more
...The investigation into Rowe started Wednesday when a woman saw a camera in a vent in the ceiling of her bathroom. The Friendly Maintenance Man'sShe called the Warren Co. Sheriff's Office and deputies said they found images of Rowe placing the camera in the vent on the camera. Lt. John Faine said five women were captured by the camera...
Faine said he believes Rowe had one camera that he moved from one apartment to another. However, he cannot rule out that there may be other cameras at this point in the investigation. more
Thursday, May 26, 2016
DIY Tip: How to Check Your Wi-Fi for Spies
If you would like to see who (or what) is tapped into your wireless network, you can take a peek with router utilities and mobile apps...
Depending on your interest in technical fiddling, you can see what other devices are connected to your network in several ways. For one, you could log into your wireless router’s administrative page and check its DCHP Client Table (sometimes called the DHCP Client List or Attached Devices, as some router companies use different terms) to see the roster of computers, smartphones, tablets and other gear currently connected to the wireless router...
If that sort of thing seems like way too much work, you can also get a program or app that scans your network for connected devices. Your router maker may have its own app, like Netgear’s Genie, Linkys Connect or Apple’s AirPort Utility for iOS.
You can also find software from other developers that is designed to reveal the devices connected to your wireless network. NirSoft Wireless Network Watcher. Who’s on my WiFi for Windows and the Fing network scanner for Android and iOS are among the options. more
Depending on your interest in technical fiddling, you can see what other devices are connected to your network in several ways. For one, you could log into your wireless router’s administrative page and check its DCHP Client Table (sometimes called the DHCP Client List or Attached Devices, as some router companies use different terms) to see the roster of computers, smartphones, tablets and other gear currently connected to the wireless router...If that sort of thing seems like way too much work, you can also get a program or app that scans your network for connected devices. Your router maker may have its own app, like Netgear’s Genie, Linkys Connect or Apple’s AirPort Utility for iOS.
You can also find software from other developers that is designed to reveal the devices connected to your wireless network. NirSoft Wireless Network Watcher. Who’s on my WiFi for Windows and the Fing network scanner for Android and iOS are among the options. more
Russian Election Monitor Sets Trap To Test NTV For Wiretapping
In March 2012, Michael McFaul, then the U.S. ambassador to Russia, famously accused journalists from the state-controlled network NTV of hacking his phone or e-mails to access his schedule after they approached him as he arrived at a private meeting with an opposition activist.
Four years later, those same journalists have been purportedly tripped up in a sting operation by an embattled Russian election-monitoring group seeking to prove that security services are wiretapping its phones and leaking details of its meetings with foreign diplomats to the Kremlin-loyal network.
Golos, an independent election monitor that has documented widespread violations at Russian ballot boxes in recent years, says it has concluded that NTV journalists are surreptitiously obtaining information about its employees’ movements from Russian law enforcement or intelligence agencies.
Using this information, Golos alleges, the journalists are able to track the group’s itinerary and wait for them -- cameras and microphones in hand -- outside embassies and other Moscow venues where they meet foreign diplomats to discuss the country’s elections. more
Golos, an independent election monitor that has documented widespread violations at Russian ballot boxes in recent years, says it has concluded that NTV journalists are surreptitiously obtaining information about its employees’ movements from Russian law enforcement or intelligence agencies.
Using this information, Golos alleges, the journalists are able to track the group’s itinerary and wait for them -- cameras and microphones in hand -- outside embassies and other Moscow venues where they meet foreign diplomats to discuss the country’s elections. more
The 2017 Intelligence Authorization Act
As part of its continuing push for ever greater surveillance powers, the FBI is hoping that a new bill, known as the 2017 Intelligence Authorization Act, will be enacted into law, as the proposed legislation makes it possible for the agency to read emails without a warrant. It’s already been given Senate Intelligence Committee approval and will next be considered by the Senate as a whole....
Essentially, the bill would extend current FBI powers authorized by the Patriot Act, which allows the government to force telecoms companies to hand over phone records on individuals suspected of terrorism and other crimes. Known as a National Security Letter, recipients are not allowed to speak about the FBI investigation either, essentially gagging the companies and individuals involved.
...If enacted, sending such a letter would not require a court order, nor require any oversight from external organizations whatsoever.
That’s the aspect of the bill that lone-Senate Intelligence Committee dissenter, Ron Wyden, highlighted as part of his no vote.
“This bill takes a hatchet to important protections for Americans’ liberty,” he said (via CNet). “This bill would mean more government surveillance of Americans, less due process, and less independent oversight of U.S. intelligence agencies.” more
Essentially, the bill would extend current FBI powers authorized by the Patriot Act, which allows the government to force telecoms companies to hand over phone records on individuals suspected of terrorism and other crimes. Known as a National Security Letter, recipients are not allowed to speak about the FBI investigation either, essentially gagging the companies and individuals involved.
...If enacted, sending such a letter would not require a court order, nor require any oversight from external organizations whatsoever.
That’s the aspect of the bill that lone-Senate Intelligence Committee dissenter, Ron Wyden, highlighted as part of his no vote.
“This bill takes a hatchet to important protections for Americans’ liberty,” he said (via CNet). “This bill would mean more government surveillance of Americans, less due process, and less independent oversight of U.S. intelligence agencies.” more
Britain's Foreign Secretary Denies Office Cat is a Spy
Britain's foreign secretary Philip Hammond was forced to issue a denial after his own Conservative party colleague claimed the "chief mouser" at the UK's Foreign Office could be a European Union (EU) spy.
Palmerston, a cat that was adopted by the Foreign and Commonwealth Office, had been recently announced as the "chief mouser" to help tackle the problem of mice in the building in central London.
However, as the debate around Britain's membership of the EU heats up in the lead up to the June 23 referendum, a member of the camp in favour of remaining in the economic bloc told the House of Commons yesterday that those in favour of Brexitmay fear Palmerston has not been fully vetted.
"There is a serious point here. Can I ask my right honourable friend whether Palmerston has been security cleared or not... can I ask him, has he been positively vetted by the security service and scanned for bugs by GCHQ? And can my right honourable Friend assure the House –and the more paranoid element in the Brexiters - that he isn't a long term mole working for the EU Commission," Tory MP Keith Simpson asked Hammond.
The foreign secretary chose to the address the bizarre query, claiming Palmerston's attendance record had been impeccable.
He told MPs: "He is definitely not a mole. I can categorically assure my honourable friend that Palmerston has been regularly vetted." more
Palmerston, a cat that was adopted by the Foreign and Commonwealth Office, had been recently announced as the "chief mouser" to help tackle the problem of mice in the building in central London.However, as the debate around Britain's membership of the EU heats up in the lead up to the June 23 referendum, a member of the camp in favour of remaining in the economic bloc told the House of Commons yesterday that those in favour of Brexitmay fear Palmerston has not been fully vetted.
"There is a serious point here. Can I ask my right honourable friend whether Palmerston has been security cleared or not... can I ask him, has he been positively vetted by the security service and scanned for bugs by GCHQ? And can my right honourable Friend assure the House –and the more paranoid element in the Brexiters - that he isn't a long term mole working for the EU Commission," Tory MP Keith Simpson asked Hammond.
The foreign secretary chose to the address the bizarre query, claiming Palmerston's attendance record had been impeccable.
He told MPs: "He is definitely not a mole. I can categorically assure my honourable friend that Palmerston has been regularly vetted." more
Wednesday, May 25, 2016
Survey: Corporate Espionage Rated as a Top Risk - Assessments Become Common
A large number of companies feel the existing security standards, legal, regulatory and compliance frameworks in the industry were not adequate to support corporate security requirements, a survey by PwC India and American Society for Industrial Security (ASIS) said.
The survey revealed that cybercrime and corporate espionage have been rated as two of the most serious threats to organizations in the coming years.
More than half the respondents felt precautionary and preventive measures taken is still not adequate...
The survey also highlighted that about 73 per cent of the respondents felt that the number of security incidents had increased in the past two years and would continue over the next two years.
While five years back physical security assessment was rare and uncommon, today almost 46 per cent of the organizations surveyed conduct a physical security risk assessment once a year, whereas 17 per cent do it monthly. more
The survey revealed that cybercrime and corporate espionage have been rated as two of the most serious threats to organizations in the coming years.
More than half the respondents felt precautionary and preventive measures taken is still not adequate...The survey also highlighted that about 73 per cent of the respondents felt that the number of security incidents had increased in the past two years and would continue over the next two years.
While five years back physical security assessment was rare and uncommon, today almost 46 per cent of the organizations surveyed conduct a physical security risk assessment once a year, whereas 17 per cent do it monthly. more
New Old News - Official Warning - Wall Wart Eavesdropping Device
(My clients received their warning on January 14, 2015. ~Kevin)
FBI officials are warning private industry partners to be on the lookout for highly stealthy keystroke loggers that surreptitiously sniff passwords and other input typed into wireless keyboards.
The FBI's Private Industry Notification is dated April 29, more than 15 months after whitehat hacker Samy Kamkar released a KeySweeper, a proof-of-concept attack platform that covertly logged and decrypted keystrokes from many Microsoft-branded wireless keyboards and transmitted the data over cellular networks.
To lower the chances the sniffing device might be discovered by a target, Kamkar designed it to look almost identical to USB phone chargers that are nearly ubiquitous in homes and offices.
"If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information," FBI officials wrote in last month's advisory. "Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen." more
FBI officials are warning private industry partners to be on the lookout for highly stealthy keystroke loggers that surreptitiously sniff passwords and other input typed into wireless keyboards.
The FBI's Private Industry Notification is dated April 29, more than 15 months after whitehat hacker Samy Kamkar released a KeySweeper, a proof-of-concept attack platform that covertly logged and decrypted keystrokes from many Microsoft-branded wireless keyboards and transmitted the data over cellular networks.
To lower the chances the sniffing device might be discovered by a target, Kamkar designed it to look almost identical to USB phone chargers that are nearly ubiquitous in homes and offices.
"If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information," FBI officials wrote in last month's advisory. "Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen." more
Facebook Has Ears and is Nosey Too
Facebook admits that it “uses your microphone to identify the things you’re listening to or watching, based on the music and TV matches we’re able to identify.”
However, some experts believe that Facebook is not being fully transparent. Once the microphone feature is enabled, Facebook can listen in to your private conversation, even when one is not actively engaging with the app.
The feature listens for particular buzz words, which enable the site to weave the content that appears on news feeds to suit users’ personal interests.
In an NBC report, the feature is tested by Kelli Burns, a professor of Mass Communication at the University of South Florida.
In the experiment, she says aloud with her microphone feature on, “I’m really interested in going on an African safari. I think it’d be wonderful to ride in one of those jeeps.”
When she checked her Facebook newsfeed just 60 seconds later, the first item to appear was a safari story. She then also noticed an advertisement for Jeep vehicles. more
However, some experts believe that Facebook is not being fully transparent. Once the microphone feature is enabled, Facebook can listen in to your private conversation, even when one is not actively engaging with the app.
The feature listens for particular buzz words, which enable the site to weave the content that appears on news feeds to suit users’ personal interests.
In an NBC report, the feature is tested by Kelli Burns, a professor of Mass Communication at the University of South Florida.
In the experiment, she says aloud with her microphone feature on, “I’m really interested in going on an African safari. I think it’d be wonderful to ride in one of those jeeps.”
When she checked her Facebook newsfeed just 60 seconds later, the first item to appear was a safari story. She then also noticed an advertisement for Jeep vehicles. more
Holiday Weekend Filmfest - Watch the 10 Best PI Movies (infographic)
A tip of the magnifying glass to Adam Visnic,
a licensed private investigator.
May your next case become a
Friday, May 20, 2016
"Alexa, can you be used by outsiders for eavesdropping?"
via Matt Novak
"Back in March, I filed a Freedom of Information request with the FBI asking if the agency had ever wiretapped an Amazon Echo. This week I got a response: “We can neither confirm nor deny...”
We live in a world awash in microphones. They’re in our smartphones, they’re in our computers, and they’re in our TVs. We used to expect that they were only listening when we asked them to listen. But increasingly we’ve invited our internet-connected gadgets to be “always listening.” There’s no better example of this than the Amazon Echo.
In many ways the Echo is a law enforcement dream." (...or any hacker, snoop or spy.) more more
"Back in March, I filed a Freedom of Information request with the FBI asking if the agency had ever wiretapped an Amazon Echo. This week I got a response: “We can neither confirm nor deny...”
We live in a world awash in microphones. They’re in our smartphones, they’re in our computers, and they’re in our TVs. We used to expect that they were only listening when we asked them to listen. But increasingly we’ve invited our internet-connected gadgets to be “always listening.” There’s no better example of this than the Amazon Echo.In many ways the Echo is a law enforcement dream." (...or any hacker, snoop or spy.) more more
Thursday, May 19, 2016
10 Ways Law Firms Can Make Life Difficult for Hackers
2. Keep backups disconnected from the network and the Internet.
3. Install all patches and updates.
4. Update software – especially when it is no longer supported.
5. Block executable files, compressed archives and unidentified users.
6. If you use cloud storage, make sure your firm controls the encryption key.
7. Make your cybersecurity program meet the needs of potential clients.
8. Have clear, effective restrictions on remote access and mobile devices.
9. Set systems to capture log data, for forensic purposes if a breach occurs.
10. Share threat information. more
These basic tips apply to all hacker-target businesses. ~Kevin
Eavesdropping on the Public in 1919
In 1919 a Chicago Theater bugged the seats...
to find out what the audience was saying about the production they were watching. The hope was that the honest criticism (or praise) they heard would help them make future performances better. more
 |
| Click to enlarge. |
Think Video Surveillance is Just for Crime Prevention? Think again...
Sure, surveillance video can be used to “catch the bad guy” and deter incidents. But it can do so much more!
Download the Top 10 Values of Video Surveillance by Pivot3 to see how you could be leveraging your video for strategic business purposes beyond security.
See how video can help you:
Download the Top 10 Values of Video Surveillance by Pivot3 to see how you could be leveraging your video for strategic business purposes beyond security.See how video can help you:
- Defend against fraudulent liability claims
- Avoid fines from non-compliance
- Improve the value of other business systems to your organization
- And more!
Tuesday, May 17, 2016
CIA Former Agent Trains You to Survive... your wallet is decimated, however.
A new show where you learn CIA spy secrets that could save your life is headed to the Strip — it’s a two-day “Escape and Evasion” presentation hosted by former CIA agent Jason Hanson, who served with the agency for nearly a decade.
“Spy Escape & Evasion” debuts at the “Pin Up” theater in the Stratosphere on Aug. 17 with the first four back-to-back days, with future seminars to be announced.
It’s a $1,499.95 ticket price per person that includes hands-on personal training by Jason and his CIA team of former officers. He also will participate in meet-and-greet sessions, and 30 audience members will dine with him after the lectures and training sessions.
If you’ve ever dreamed of being 007 or wished you possessed the skills to protect yourself from danger like those in the CIA, these shows are for you. Jason’s courses are designed to keep individuals and their families safe from danger.
Here are topics Jason will cover in his fascinating show presented by Red Mercury Entertainment:
• How to escape rope, duct tape, zip ties and handcuffs in 30 seconds or less;
• secrets of situational awareness;
• important everyday carry gear bag;
• how to pick locks, hotwire a car and disappear without a trace;
• how to use social engineering to get almost anything you want;
• what to do when a crisis occurs; technical pen techniques;
• basic counter surveillance techniques;
• and hands-on training. more
...and then there is the Shark Tank $1,997 special.
...and then there is the $37 version.
...and then there is FREE CIA training.
It’s a $1,499.95 ticket price per person that includes hands-on personal training by Jason and his CIA team of former officers. He also will participate in meet-and-greet sessions, and 30 audience members will dine with him after the lectures and training sessions.
If you’ve ever dreamed of being 007 or wished you possessed the skills to protect yourself from danger like those in the CIA, these shows are for you. Jason’s courses are designed to keep individuals and their families safe from danger.
Here are topics Jason will cover in his fascinating show presented by Red Mercury Entertainment:
• How to escape rope, duct tape, zip ties and handcuffs in 30 seconds or less;
• secrets of situational awareness;
• important everyday carry gear bag;
• how to pick locks, hotwire a car and disappear without a trace;
• how to use social engineering to get almost anything you want;
• what to do when a crisis occurs; technical pen techniques;
• basic counter surveillance techniques;
• and hands-on training. more
...and then there is the Shark Tank $1,997 special.
...and then there is the $37 version.
...and then there is FREE CIA training.
Spying Using Phone Call Records – Study Says It's Easy
Stanford University researchers used call records to uncover heart problems, marijuana habits of volunteers.
Phone metadata doesn’t reveal what people say, but such records of calls and text messages can help spy agencies, businesses or hackers discover private information about someone’s relationships, shopping interests and even health problems, according to a study published on Monday.
The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Phone metadata doesn’t reveal what people say, but such records of calls and text messages can help spy agencies, businesses or hackers discover private information about someone’s relationships, shopping interests and even health problems, according to a study published on Monday.The research published in the journal Proceedings of the National Academy of Sciences showed that scans of call records help create detailed maps of not just the person being investigated, but also the lives of contacts in their phone history. Metadata is the term used for the receipt of a call or a text message included in the history of a phone, and these records are often maintained by a telecom service provider.
"Once a participant was labeled as in a relationship, we found that identifying the participant’s partner was trivial,” according to the researchers. “Our results suggest that, even without human review, a business or agency could draw sensitive inferences from a significant share of telephone records.” more
Intriguing Spy Stories From Internal NSA Reports
In the early months of 2003, the National Security Agency saw demand for its services spike
as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter.
The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.
We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories... more
The NSA does excellent behind-the-scenes work. Since some of their work is now public you can now be thankful and proud. ~Kevin
as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter. The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.
We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories... more
The NSA does excellent behind-the-scenes work. Since some of their work is now public you can now be thankful and proud. ~Kevin
Monday, May 16, 2016
Philly Cheesy Stake-Out... Outted
The Philadelphia Police Department admitted today that a mysterious
unmarked license plate surveillance truck disguised as a Google Maps
vehicle, which Motherboard first reported on this morning, is its own.
In an emailed statement, a department spokesperson confirmed:
“We have been informed that this unmarked vehicle belongs to the police department; however, the placing of any particular decal on the vehicle was not approved through any chain of command.
With that being said, once this was brought to our attention, it was ordered that the decals be removed immediately.” more
In an emailed statement, a department spokesperson confirmed:“We have been informed that this unmarked vehicle belongs to the police department; however, the placing of any particular decal on the vehicle was not approved through any chain of command.
With that being said, once this was brought to our attention, it was ordered that the decals be removed immediately.” more
Sunday, May 15, 2016
Spycam Found in Hospital Bathroom
Harris Health Systems is confirming that a hidden camera was found in a staff restroom at Ben Taub General Hospital.
Hospital staff turned the camera over to Houston police.
Harris Health Systems oversees the county's public hospitals, including Ben Taub.
Kese Smith of the Houston Police Department said Thursday that the camera was found concealed inside a fifth floor restroom at the hospital which is used mostly by staff but is also sometimes accessed by the public.
It was not immediately known what kind of camera was found or how long it had been in the staff restroom. more
Hospital staff turned the camera over to Houston police. Harris Health Systems oversees the county's public hospitals, including Ben Taub.
Kese Smith of the Houston Police Department said Thursday that the camera was found concealed inside a fifth floor restroom at the hospital which is used mostly by staff but is also sometimes accessed by the public.
It was not immediately known what kind of camera was found or how long it had been in the staff restroom. more
Friday, May 13, 2016
2016 - The Smallest Camera in the World
No matter how small, a good TSCM inspection service can find them.
Thursday, May 12, 2016
Alarming Security Defects in SS7, the Global Cellular Network—and How to Fix Them
The global network that transfers calls between mobile phone carriers has security defects that permit hackers and governments to monitor users’ locations and eavesdrop on conversations.
As more reports of these activities surface, carriers are scrambling to protect customers from a few specific types of attacks.
The network, called Signaling System 7, or SS7, is a digital signaling protocol that mobile phone carriers including AT&T, T-Mobile, and Sprint use to send messages to each other about who is a subscriber, where subscribers are located, and how calls should be routed to reach them.
SS7 began as a closed network shared among a few major mobile phone carriers, but grew porous as more carriers joined. Hackers and governments can now gain access by purchasing rights from a carrier (which many are willing to provide for the right price) or infiltrating computers that already have permission. more
One security firm advises:
"...we have two products that represent the world’s first comprehensive solution against
SS7 attacks: ESD Oversight Protect & ESD Oversight Detect. SS7 Network Penetration testing is
also available to carriers around the world who recognize the need to ensure their networks and their
subscribers are protected from the potential damaged these vulnerabilities expose."
Extra Credit — Ghosts in the Network: SS7 and RF Vulnerabilities in Cellular Networks — a presentation given at RSA Conference 2016
 |
| Courtesy ESD America |
The network, called Signaling System 7, or SS7, is a digital signaling protocol that mobile phone carriers including AT&T, T-Mobile, and Sprint use to send messages to each other about who is a subscriber, where subscribers are located, and how calls should be routed to reach them.
SS7 began as a closed network shared among a few major mobile phone carriers, but grew porous as more carriers joined. Hackers and governments can now gain access by purchasing rights from a carrier (which many are willing to provide for the right price) or infiltrating computers that already have permission. more
One security firm advises:
"...we have two products that represent the world’s first comprehensive solution against
SS7 attacks: ESD Oversight Protect & ESD Oversight Detect. SS7 Network Penetration testing is
also available to carriers around the world who recognize the need to ensure their networks and their
subscribers are protected from the potential damaged these vulnerabilities expose."
Extra Credit — Ghosts in the Network: SS7 and RF Vulnerabilities in Cellular Networks — a presentation given at RSA Conference 2016
Tuesday, May 10, 2016
Med Students Caught Cheating with Spycams & Smart Watches
A top Thai medical college has caught students using spy cameras linked to smartwatches to cheat during exams in what some social media users have compared to a plot straight out of a Mission: Impossible movie.
Key points:
Arthit Ourairat, the rector of Rangsit University, posted pictures of the hi-tech cheating equipment on his Facebook page, announcing that the entrance exam in question had been cancelled after the plot was discovered.
Three students used glasses with wireless cameras embedded in their frames to transmit images to a group of as yet unnamed people, who then sent the answers to the smartwatches.
Mr Arthit said the trio had paid 800,000 baht ($31,000) each to the tutor group for the equipment and the answers.
"The team did it in real-time," Mr Arthit wrote. more
Key points:
- Thai students caught using spyglasses to send images of exam questions to accomplices
- Accomplices sent answers back to students' smartwatches
- Students paid 800,000 baht ($31,000) for equipment, answers
Arthit Ourairat, the rector of Rangsit University, posted pictures of the hi-tech cheating equipment on his Facebook page, announcing that the entrance exam in question had been cancelled after the plot was discovered.Three students used glasses with wireless cameras embedded in their frames to transmit images to a group of as yet unnamed people, who then sent the answers to the smartwatches.
Mr Arthit said the trio had paid 800,000 baht ($31,000) each to the tutor group for the equipment and the answers.
"The team did it in real-time," Mr Arthit wrote. more
HOPE Cranks it to Eleven this Summer - Tickets on Sale Now
Hackers On Planet Earth (HOPE) holds their 11th gathering July 22-24 in New York City.
Cory Doctorow is on tap to be their first keynote speaker.
Cory Doctorow (craphound.com) is a science fiction novelist, blogger, and technology activist. He is the co-editor of the popular weblog Boing Boing (boingboing.net), and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines, and websites. (He even wrote an article for 2600 under a different name many years ago!) He is a special consultant to the Electronic Frontier Foundation (eff.org), you know, those superheroes who defend freedom in cyberspace on a daily basis. more
Why "Eleven"? The same reason Tesla auto sound systems peak at Eleven! video
Cory Doctorow is on tap to be their first keynote speaker.
Cory Doctorow (craphound.com) is a science fiction novelist, blogger, and technology activist. He is the co-editor of the popular weblog Boing Boing (boingboing.net), and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines, and websites. (He even wrote an article for 2600 under a different name many years ago!) He is a special consultant to the Electronic Frontier Foundation (eff.org), you know, those superheroes who defend freedom in cyberspace on a daily basis. more
Why "Eleven"? The same reason Tesla auto sound systems peak at Eleven! video
The End of "A Little Bird Told Me"
At Twitter’s behest, US intelligence agencies have lost access to Dataminr, a company that turns social media data into an advanced notification system, according to the Wall Street Journal. While that may sound like a win for privacy, it’s a bit more complicated in practice.
The move leaves government officials without a valuable tool. Somewhat less clear is what sort of stand, if any, Twitter is taking...
“From the government perspective, it’s a good tool, because it gives real-time alerts to things that are happening before anyone really knows what’s going on,” says Aki Peritz, a former CIA counterterrorism expert and current adjunct professor at American University. “We want to allow law enforcement and the intelligence services to know bad things are happening in real time.” more
The move leaves government officials without a valuable tool. Somewhat less clear is what sort of stand, if any, Twitter is taking...“From the government perspective, it’s a good tool, because it gives real-time alerts to things that are happening before anyone really knows what’s going on,” says Aki Peritz, a former CIA counterterrorism expert and current adjunct professor at American University. “We want to allow law enforcement and the intelligence services to know bad things are happening in real time.” more
It's time to make peace with passwords. This free guide will help.
By now we're all well aware of what makes a bad password … it's us.
A glance at SplashData's annual reporting on the world's worst passwords shows just how laughably bad at creating passwords us humans really are. But what's worse, as Steve Ragan's analysis of leaked passwords shows, is that many passwords on the naughty list adhere to the carefully crafted password policies in use in companies today.
How can security leaders do better? For one thing, we can stop blaming users, says Michael Santarcangelo. Instead, we can focus on providing them with technology that makes the job easier.
That's where this guide comes in. more
A glance at SplashData's annual reporting on the world's worst passwords shows just how laughably bad at creating passwords us humans really are. But what's worse, as Steve Ragan's analysis of leaked passwords shows, is that many passwords on the naughty list adhere to the carefully crafted password policies in use in companies today.
How can security leaders do better? For one thing, we can stop blaming users, says Michael Santarcangelo. Instead, we can focus on providing them with technology that makes the job easier.
That's where this guide comes in. more
US Government Study of Spyware - Possible Precursor to New Laws
Why GAO Did This Study
Smartphone tracking apps exist that allow a person to not only surreptitiously track another person’s smartphone location information, but also surreptitiously intercept the smartphone’s communications—such as texts, e-mails, and phone calls. This type of monitoring—without a person’s knowledge or consent—can present serious safety and privacy risks...
The federal government has undertaken educational, enforcement, and legislative efforts to protect individuals from the use of surreptitious tracking apps, but stakeholders differed over whether current federal laws need to be strengthened to combat stalking. Educational efforts by the Department of Justice (DOJ) have included funding for the Stalking Resource Center, which trains law enforcement officers, victim service professionals, policymakers, and researchers on the use of technology in stalking. With regard to enforcement, DOJ has prosecuted a manufacturer and an individual under the federal wiretap statute for the manufacture or use of a surreptitious tracking app.
Some stakeholders believed the federal wiretap statute should be amended to explicitly include the interception of location data and DOJ has proposed amending the statute to allow for the forfeiture of proceeds from the sale of smartphone tracking apps and to make the sale of such apps a predicate offense for money laundering. Stakeholders differed in their opinions on the applicability and strengths of the relevant federal laws and the need for legislative action. Some industry stakeholders were concerned that legislative actions could be overly broad and harm legitimate uses of tracking apps. However, stakeholders generally agreed that location data can be highly personal information and are deserving of privacy protections. more full study
Smartphone tracking apps exist that allow a person to not only surreptitiously track another person’s smartphone location information, but also surreptitiously intercept the smartphone’s communications—such as texts, e-mails, and phone calls. This type of monitoring—without a person’s knowledge or consent—can present serious safety and privacy risks...
The federal government has undertaken educational, enforcement, and legislative efforts to protect individuals from the use of surreptitious tracking apps, but stakeholders differed over whether current federal laws need to be strengthened to combat stalking. Educational efforts by the Department of Justice (DOJ) have included funding for the Stalking Resource Center, which trains law enforcement officers, victim service professionals, policymakers, and researchers on the use of technology in stalking. With regard to enforcement, DOJ has prosecuted a manufacturer and an individual under the federal wiretap statute for the manufacture or use of a surreptitious tracking app. Some stakeholders believed the federal wiretap statute should be amended to explicitly include the interception of location data and DOJ has proposed amending the statute to allow for the forfeiture of proceeds from the sale of smartphone tracking apps and to make the sale of such apps a predicate offense for money laundering. Stakeholders differed in their opinions on the applicability and strengths of the relevant federal laws and the need for legislative action. Some industry stakeholders were concerned that legislative actions could be overly broad and harm legitimate uses of tracking apps. However, stakeholders generally agreed that location data can be highly personal information and are deserving of privacy protections. more full study
Wednesday, April 27, 2016
CBRE Made the Forbes Best Employers List - Partly with Good Infosec
via Forbes, April 19, 2016...
Cone of Silence chairs + a Clear Desk Policy = Security, and a competitive advantage in the eyes of their customers. Smart.
CBRE Group, Inc. is an American commercial real estate company with headquarters in Los Angeles, California. As of its successful 2011 bid to acquire part of ING, CBRE was the world's largest real estate investment manager. Wikipedia
Cone of Silence chairs + a Clear Desk Policy = Security, and a competitive advantage in the eyes of their customers. Smart. CBRE Group, Inc. is an American commercial real estate company with headquarters in Los Angeles, California. As of its successful 2011 bid to acquire part of ING, CBRE was the world's largest real estate investment manager. Wikipedia
Monday, April 25, 2016
Please tell us that You Didn't Sign a "Monitoring Consent Form"
via mobipicker.com...
"We will look at an app called xnspy that is used for spying on Android phones since a lot of businesses are starting to focus on employee productivity during office hours, more and more companies have implemented signing of monitoring consent forms as a part of their hiring process. They then give their employees company-owned smartphones/tablets with a pre-installed monitoring app.
When it comes to tracking and monitoring for use by businesses and for spying on Android phones, we found xnspy to be the torch bearer. It has all the fundamental features that such an app should have, it has a small footprint, it’s discrete, does not use up resources. All these factors count a lot when it comes to monitoring and tracking, it would be a nightmare for the device user if the app slowed down the device and drained the battery.
Xnspy works in the background providing the app user with data such as call records and recordings, text messages from SMS, IM Chats and emails, a complete list of Contacts stored on the device along with a list of all installed apps. Besides these functions the app provides the browsing history and bookmarks of the device user; it also gives the location history of where the device has been.
All of this is made accessible through a web-based dashboard that can be virtually accessed from anywhere in the world. The app user can use a single dashboard to control multiple devices. Xnspy offers two packages a Basic Edition and a Premium Edition." more
"We will look at an app called xnspy that is used for spying on Android phones since a lot of businesses are starting to focus on employee productivity during office hours, more and more companies have implemented signing of monitoring consent forms as a part of their hiring process. They then give their employees company-owned smartphones/tablets with a pre-installed monitoring app.
When it comes to tracking and monitoring for use by businesses and for spying on Android phones, we found xnspy to be the torch bearer. It has all the fundamental features that such an app should have, it has a small footprint, it’s discrete, does not use up resources. All these factors count a lot when it comes to monitoring and tracking, it would be a nightmare for the device user if the app slowed down the device and drained the battery.Xnspy works in the background providing the app user with data such as call records and recordings, text messages from SMS, IM Chats and emails, a complete list of Contacts stored on the device along with a list of all installed apps. Besides these functions the app provides the browsing history and bookmarks of the device user; it also gives the location history of where the device has been.
All of this is made accessible through a web-based dashboard that can be virtually accessed from anywhere in the world. The app user can use a single dashboard to control multiple devices. Xnspy offers two packages a Basic Edition and a Premium Edition." more
Edward Snowden Will Sue Norway
Edward Snowden will sue Norway in an attempt to secure free travel to the country, a Norwegian law firm representing him told Reuters Thursday.
The ex-contractor at the U.S. National Security Agency (NSA) has been invited to Norway to receive an award for his work defending free speech, but his attorneys said he is worried that traveling there would allow the Norwegian government to extradite him to the U.S., where he is wanted on charges of espionage.
The Norwegian branch of the global organization of writers PEN International, which hopes to give Snowden the free speech award, said in a statement that “we will do our utmost to ensure that Snowden may receive the prize in person.” more
The ex-contractor at the U.S. National Security Agency (NSA) has been invited to Norway to receive an award for his work defending free speech, but his attorneys said he is worried that traveling there would allow the Norwegian government to extradite him to the U.S., where he is wanted on charges of espionage.The Norwegian branch of the global organization of writers PEN International, which hopes to give Snowden the free speech award, said in a statement that “we will do our utmost to ensure that Snowden may receive the prize in person.” more
Finally, an American Spy is Honored – Show Us the Money
It took nearly a century to get a woman on the front of the $20 bill, but only about a year for a small New Jersey company to contribute a vital two cents to the effort.
Since April 2015, Montclair-based Mosaic Strategies Group has helped manage a website for Women on 20s to make the country's currency co-ed — one that finally paid off big last week when the U.S. Treasury announced Harriet Tubman would replace Andrew Jackson on the $20 bill.
Gov. Chris Christie...
"As long as the $20 bill still works when I hand it to somebody, I quite frankly don't really care who's on it," Christie said Friday. more
True to its nature, Comedy Central’s Drunk History, shed some light on a lesser-known chapter of Tubman’s life in a September 2015 episode entitled “Spies.”
In one segment, ... a slightly inebriated Crissle West relates Tubman’s less-heralded exploits. “Harriet Tubman does not get her just due,” West explains. “You hear her name and think she led the slaves to freedom. But you most certainly do not know that she was a spy for the Union.” more
Since April 2015, Montclair-based Mosaic Strategies Group has helped manage a website for Women on 20s to make the country's currency co-ed — one that finally paid off big last week when the U.S. Treasury announced Harriet Tubman would replace Andrew Jackson on the $20 bill.
Gov. Chris Christie..."As long as the $20 bill still works when I hand it to somebody, I quite frankly don't really care who's on it," Christie said Friday. more
True to its nature, Comedy Central’s Drunk History, shed some light on a lesser-known chapter of Tubman’s life in a September 2015 episode entitled “Spies.”
In one segment, ... a slightly inebriated Crissle West relates Tubman’s less-heralded exploits. “Harriet Tubman does not get her just due,” West explains. “You hear her name and think she led the slaves to freedom. But you most certainly do not know that she was a spy for the Union.” more
Did Edison Also Invent Corporate Spying?
He's known for the light bulb, recordings, motions pictures and discoveries too numerous to mention. But did Thomas Edison also condone corporate spying on his enemies? Did he help create corporate espionage?
While he may not have invented it ... information from one of his employees can certainly be interpreted that way.
That employee was Joseph F. McCoy, who was hired at 20 years of age to work for the Edison Company. Not much is known about him except some basic details, but as Sloat-Olsen told the story of his jobs over the years, McCoy emerges as a shadowy figure, but influential in numerous ways...
In electric light dealings, companies like American Electric, U.S. Electric Company and Westinghouse were all on Edison's radar, so Sloat-Olsen says McCoy was sent to work at each of those companies, without their knowing he was an Edison employee, to find out about their plans or if they could be bought out. more
While he may not have invented it ... information from one of his employees can certainly be interpreted that way.
 |
| McCoy is on the left. |
In electric light dealings, companies like American Electric, U.S. Electric Company and Westinghouse were all on Edison's radar, so Sloat-Olsen says McCoy was sent to work at each of those companies, without their knowing he was an Edison employee, to find out about their plans or if they could be bought out. more
DIY - Tiny FM Spy Bug for Under $20.
from the creator...
"I wanted to know how small a FM spy bug could be build when manually assembled.
This is what I came up with, it measures about 0.05 square inches and is powered by a single 1.55V silver oxide battery.
Frankly, this is just a fun object, I don`t have a practical use for it.
I`m sure professionally made spy bugs could even be smaller and work at higher frequencies which allows the antenna to be made smaller." more
The complete instructions and Gerber files (for PCB manufacturing) for this FM spy bug are available on Gumroad and Payhip:
https://gum.co/GRouL
https://payhip.com/b/YXVd
"I wanted to know how small a FM spy bug could be build when manually assembled.
This is what I came up with, it measures about 0.05 square inches and is powered by a single 1.55V silver oxide battery.
Frankly, this is just a fun object, I don`t have a practical use for it.
I`m sure professionally made spy bugs could even be smaller and work at higher frequencies which allows the antenna to be made smaller." more
The complete instructions and Gerber files (for PCB manufacturing) for this FM spy bug are available on Gumroad and Payhip:
https://gum.co/GRouL
https://payhip.com/b/YXVd
Thursday, April 21, 2016
Every Goverment Has These Spy Warnings... but love is blind.
via boingboing...
In this Chinese government comic book, women are warned that mysterious foreign strangers who pitch woo at them are secretly Western spies trying to get at their government secrets.
The reader is warned that they could go to jail for 10 years if they are foolish enough to let these Lotharios trick them into revealing state secrets.
It's a charmingly sexist and xenophobic piece of work, with shades of Jack Chick. More interesting is the parallels to the materials that the US Government has produced for their own employees to warn them about the spies who might use breached data from the Office of Personnel Management to chat them up at conferences and trick them out of America's state secrets. more
You can see the full comic here. ~Kevin
In this Chinese government comic book, women are warned that mysterious foreign strangers who pitch woo at them are secretly Western spies trying to get at their government secrets.
The reader is warned that they could go to jail for 10 years if they are foolish enough to let these Lotharios trick them into revealing state secrets. It's a charmingly sexist and xenophobic piece of work, with shades of Jack Chick. More interesting is the parallels to the materials that the US Government has produced for their own employees to warn them about the spies who might use breached data from the Office of Personnel Management to chat them up at conferences and trick them out of America's state secrets. more
You can see the full comic here. ~Kevin
Information Security and Cryptography Seminar - Zurich, Switzerland
Time to make your travel plans...
As a friendly reminder, we are pleased to announce our seminar in Information Security and Cryptography. A full description of the seminar, including a detailed listing of topics covered, is available at www.infsec.ch.
INFORMATION SECURITY AND CRYPTOGRAPHY, FUNDAMENTALS AND APPLICATIONS (June 13-15, 2016)
This seminar provides an in-depth coverage of Information Security and Cryptography. Concepts are explained in a way understandable to a wide audience, as well as mathematical, algorithmic, protocol-specific, and system-oriented aspects.
The topics covered include cryptography and
its foundations, system and network security, PKIs and key management,
authentication and access control, privacy and data protection, and
advanced topics in cryptography.
The seminar takes place in Zurich, Switzerland. The lectures and all course material are in English.
With kind regards,
Ueli Maurer and David Basin
Advanced Technology Group
As a friendly reminder, we are pleased to announce our seminar in Information Security and Cryptography. A full description of the seminar, including a detailed listing of topics covered, is available at www.infsec.ch.
INFORMATION SECURITY AND CRYPTOGRAPHY, FUNDAMENTALS AND APPLICATIONS (June 13-15, 2016)
This seminar provides an in-depth coverage of Information Security and Cryptography. Concepts are explained in a way understandable to a wide audience, as well as mathematical, algorithmic, protocol-specific, and system-oriented aspects.
The topics covered include cryptography and
its foundations, system and network security, PKIs and key management,
authentication and access control, privacy and data protection, and
advanced topics in cryptography.The seminar takes place in Zurich, Switzerland. The lectures and all course material are in English.
With kind regards,
Ueli Maurer and David Basin
Advanced Technology Group
FutureWatch: Your Brain Will Replace Your Fingerprints for ID
Psychologists and engineers at Binghamton University in New York have hit a milestone in the quest to use the unassailable inner workings of your brain as a form of biometric identification. They came up with an electroencephalograph system that proved 100 percent accurate at identifying individuals by the way their brains responded to a series of images.
“It's a big deal going from 97 to 100 percent because we imagine the applications for this technology being for high-security situations,” says Sarah Lazlo, assistant professor of psychology at Binghamton who led the research with electrical engineering professor Zhanpeng Jin.
Perhaps only one other such experiment in the long quest for this ultimate biometric has hit the 100 percent mark, and the Binghamton system has some advantages over even that one. For one it proved itself with less complex equipment and in a larger group, identifying 50 people. But perhaps more importantly this new form of ID can do something fingerprints and retinal scans can’t: It can be “cancelled.” That’s important because hackers have shown that fingerprints can be stolen and faked. more
“It's a big deal going from 97 to 100 percent because we imagine the applications for this technology being for high-security situations,” says Sarah Lazlo, assistant professor of psychology at Binghamton who led the research with electrical engineering professor Zhanpeng Jin. Perhaps only one other such experiment in the long quest for this ultimate biometric has hit the 100 percent mark, and the Binghamton system has some advantages over even that one. For one it proved itself with less complex equipment and in a larger group, identifying 50 people. But perhaps more importantly this new form of ID can do something fingerprints and retinal scans can’t: It can be “cancelled.” That’s important because hackers have shown that fingerprints can be stolen and faked. more
Tuesday, April 19, 2016
"I've got your number," The Telephone Wiretap Hack
A US Congressman has learned first-hand just how vulnerable cellphones are to eavesdropping and geographic tracking after hackers were able to record his calls and monitor his movements using nothing more than the public ten-digit phone number associated with the handset he used.
The stalking of US Representative Ted Lieu's smartphone was carried out with his permission for a piece broadcast Sunday night by 60 Minutes. Karsten Nohl of Germany-based Security Research Labs was able to record any call made to or from the phone and to track its precise location in real-time as the California congressman traveled to various points in the southern part of the state. At one point, 60 minutes played for Lieu a crystal-clear recording Nohl made of one call that discussed data collection practices by the US National Security Agency. While SR Labs had permission to carry out the surveillance, there's nothing stopping malicious hackers from doing the same thing.
The representative said he had two reactions: "First it's really creepy," he said. "And second it makes me angry. They could hear any call. Pretty much anyone has a cell phone. It could be stock trades you want someone to execute. It could be a call with a bank." more
The stalking of US Representative Ted Lieu's smartphone was carried out with his permission for a piece broadcast Sunday night by 60 Minutes. Karsten Nohl of Germany-based Security Research Labs was able to record any call made to or from the phone and to track its precise location in real-time as the California congressman traveled to various points in the southern part of the state. At one point, 60 minutes played for Lieu a crystal-clear recording Nohl made of one call that discussed data collection practices by the US National Security Agency. While SR Labs had permission to carry out the surveillance, there's nothing stopping malicious hackers from doing the same thing.The representative said he had two reactions: "First it's really creepy," he said. "And second it makes me angry. They could hear any call. Pretty much anyone has a cell phone. It could be stock trades you want someone to execute. It could be a call with a bank." more
Why Blackberry is No Apple
BlackBerry appeared Monday, April 18, to acknowledge it helped Canadian federal police crack a Montreal crime syndicate that had been using its messaging system,
while insisting its smartphone security remains impenetrable.
In a blog post, BlackBerry chief executive John Chen reiterated the company's long-held stance "that tech companies as good corporate citizens should comply with reasonable lawful access requests." more
while insisting its smartphone security remains impenetrable. In a blog post, BlackBerry chief executive John Chen reiterated the company's long-held stance "that tech companies as good corporate citizens should comply with reasonable lawful access requests." more
Chinese Spy Sentenced to Death... by China
A Chinese man has been sentenced to death for leaking more than 150,000 classified documents to an unidentified foreign power, state television said on Tuesday, offering unusual details of a kind of case rarely mentioned in public.
The man, a computer technician from Sichuan named as Huang Yu, worked for a government department which handled state secrets, but he was a bad employee and was sacked, the report said. more
The man, a computer technician from Sichuan named as Huang Yu, worked for a government department which handled state secrets, but he was a bad employee and was sacked, the report said. more
Monday, April 18, 2016
Spycam Lawsuit: Employee Known Video Voyeur - Store Manager Did Nothing
A Colorado Springs woman is suing Reebok International, a Reebok Outlet Store, and a teenage store employee over a Peeping Tom incident... Christina Selvig said she caught a glimpse of Austin Kyle Baker looking over the top of the wall into her changing room...
She immediately informed the store manager who did nothing more than take her name and number and promised to get back with her the next day, which didn’t happen.
Selvig wasn’t sitting around waiting for action on the store’s part, she had already informed the police, who also didn’t take her complaint that seriously initially, chalking the incident up to an accident.
...three days later, Baker confessed to spying on Christina, in addition to several more women. An investigation revealed that at least one other employee was aware that Baker was a video voyeur, and continued to allow the behavior.
Law enforcement told her that he had turned over his phone... Forensics came back with footage of her, as well as deleted videos of other women. more
Here comes another big pockets settlement. If your company offers employees, visitors and/or customers "expectation of privacy" areas, you better begin doing your due diligence. Start here.
She immediately informed the store manager who did nothing more than take her name and number and promised to get back with her the next day, which didn’t happen.Selvig wasn’t sitting around waiting for action on the store’s part, she had already informed the police, who also didn’t take her complaint that seriously initially, chalking the incident up to an accident.
...three days later, Baker confessed to spying on Christina, in addition to several more women. An investigation revealed that at least one other employee was aware that Baker was a video voyeur, and continued to allow the behavior.
Law enforcement told her that he had turned over his phone... Forensics came back with footage of her, as well as deleted videos of other women. more
Here comes another big pockets settlement. If your company offers employees, visitors and/or customers "expectation of privacy" areas, you better begin doing your due diligence. Start here.
Subscribe to:
Posts (Atom)