Tunnel Spy Traps Himself: "But it worked for El Chapo."

A man in northern Mexico had to be rescued after he accidentally trapped himself in a hole that he dug so he could spy on his former girlfriend in violation of a court order to stay away from her, authorities said Sunday.

The Sonora state attorney general’s office said the 50-year-old man had spent days digging the hole in Puerto Penasco, a town on the Gulf of California, only to become trapped and require assistance to get out...

The newspaper El Universal said the man dug a tunnel under the woman’s house. It said the woman told police that over the course of a week, she had heard scratching noises but assumed the noise was cats.

But when the sound grew louder, she investigated and found her former partner of 14 years trapped below, the report said. She said she ended the relationship because her partner was very jealous. more

Secret Video Surveillance in Hospital Labor and Delivery Rooms Suit

Early this month, 131 patients (and counting) of a women’s hospital in San Diego, California filed a lawsuit against the hospital after discovering that there was secret video surveillance in three labor and delivery operating rooms, recording medical procedures without patients’ consent.

Patients were recorded during Cesarean sections, birth complications, treatment after miscarriage, hysterectomies and other medical procedures from July of 2012 to July of 2013. Approximately 1,800 patients were recorded during this period. The patients are suing the hospital for invasion of privacy, breach of fiduciary duty, negligence, negligent infliction of emotional distress and unlawful recording of confidential information.

In addition to not informing the patients of the hidden cameras, the lawsuit alleges that the hospital was “grossly negligent” in its storage of the recordings. The lawsuit claims that recordings were stored on employee computers, often without password protection and that the hospital “destroyed at least half the recordings but cannot say when or how it deleted those files and cannot confirm that it took the appropriate steps to ensure the files were not otherwise recoverable.” This is not the first lawsuit against the hospital regarding the hidden cameras. more

FutureWatch - Mind Reading - Thought to Speech

Scientists are reporting that they have developed a virtual prosthetic voice, a system that decodes the brain’s vocal intentions and translates them into mostly understandable speech, with no need to move a muscle, even those in the mouth.

“It’s formidable work, and it moves us up another level toward restoring speech” by decoding brain signals, said Dr. Anthony Ritaccio, a neurologist and neuroscientist at the Mayo Clinic in Jacksonville, Fla., who was not a member of the research group. more

Mind reading is a topic we keep an eye on here, as it's the future of eavesdropping. ~Kevin

Speak Like You Are Being Recorded

Michael Cohen has disavowed responsibility for some of the crimes to which he has pleaded guilty, privately contending in a recent recorded phone call that he hadn’t evaded taxes and that a criminal charge related to his home-equity line of credit was "a lie."

“You would think that you would have folks, you know, stepping up and saying, ‘You know what, this guy’s lost everything,’” Mr. Cohen said during the March 25 call, recorded without Mr. Cohen’s knowledge by the actor and comedian Tom Arnold...

 Mr. Cohen has himself surreptitiously recorded conversations. During a raid of his home, office and hotel room in April 2018, the Federal Bureau of Investigation seized recordings the lawyer made while talking to journalists, political allies, and others, including Mr. Trump. more

Granny Was A Spy

UK - In 1999, an 87-year-old British woman held a press conference in front of her home to announce that for nearly four decades, she’d worked as a spy for the Soviet Union.

In fact, Melita Norwood was the Soviet Union’s longest-serving British spy...

In 1979, she and her husband—who knew about her spying and disapproved—visited Moscow so the Soviet Union could award her the Order of the Red Banner (she accepted the honorary award, but turned down the financial reward).

How did Norwood get away with it for so long? more

The Bose Knows... legally

According to a recent decision from a federal district court in Illinois, Bose Corp. may monitor and collect information about the music and audio files consumers choose to play through its wireless products and transmit that information to third parties without the consumers’ knowledge. 

Such action does not violate the federal Wiretap Act or the Illinois Eavesdropping Statute.

As such, the Court granted Bose’s motion to dismiss the plaintiff’s class action claims. more

How Real Spies Operate, or Watch the Donut Not the Hole

“The most vulnerable targets are not computers, but people. Human intelligence gathering is an art. It’s about taking advantage of people’s vulnerabilities, no matter what they are, to get the information.”

And the arsenal to do so is said to be wide-ranging, from “IP intercept, ISMI catchers, dumpster diving, listening devices (bugs) and informants, to students at universities, Chinese businesses and their employees.” more
Michael Biggs and Larry Johnson quoted in the article.

“Son, go for it...I will kick your (expletive) (expletive).” An Extortionogrphy Win

FL - The president of Wichita’s teacher union has lost his defamation lawsuit against the makers of hidden-camera videos that captured him admitting to threatening a student with physical violence. 

A federal judge in Florida ruled against Steve Wentz, president of United Teachers of Wichita, and in favor of Project Veritas in connection to videos that were secretly recorded at a Florida hotel bar and a Panera restaurant in Kansas. Project Veritas describes its work as non-profit journalism that investigates and exposes corruption.

In the video, Wentz describes an episode with a former student in which he asked the student to stay after class, locked the door and pulled the shades down.

“You want to kick my (expletive)? You really think I’m a (expletive)?” Wentz says in the video. “Son, go for it. I’ll give you the first shot. But be sure to finish what you start because if you don’t, I guarantee you, I will kick your (expletive) (expletive).” more 

Corporate Security Alert:
Extortionography can be as devastating as audio eavesdropping, especially when targeted against private sector businesses. 

Tip: Conduct searches for electronic surveillance devices (Technical Surveillance Countermeasures, aka TSCM) on a regular basis. At the very least, have a written Recording in the Workplace Policy in effect.

James McCord, 93 - RIP

James McCord, a retired CIA employee who was convicted as a conspirator in the Watergate burglary and later linked the 1972 break-in to the White House in revelations that helped end the presidency of Richard Nixon, died June 15, 2017, at his home in Douglassville, Pa. He was 93...

McCord served in the CIA for 19 years, including as security chief at the Langley, Va., headquarters, before his supporting, at times sensational role in the events that precipitated the first resignation of a U.S. president.

He had retired from the spy agency and was privately employed as head of security for the Committee for the Re-Election of the President — commonly called CREEP — when he became entangled in a scheme to burglarize and bug the Democratic national headquarters at the Watergate building in Washington.

McCord had once taught a college course on how to protect buildings from intrusions, and he helped lead the operation. more

David Fechheimer, 76 - RIP

David Fechheimer, a budding flower child of the 1960s and aspiring English professor who was spurred overnight by the fictional gumshoe Sam Spade to switch careers and become one of the nation’s leading private investigators, died on Tuesday in Redwood City, Calif. He was 76...

“I called Pinkerton and asked if they needed someone who had no experience and a beard,” Mr. Fechheimer said. “To my surprise, they said they needed someone with a beard that day. I thought I would do it a couple of weeks as a goof. It looked like fun, being Sam Spade. Pinkerton put me under cover on the docks, and I was hooked. I never went back to school.”

...He later joined the practice of the celebrated private eye Hal Lipset (famous for secreting a microphone in a martini olive) and opened his own office in 1976. more

Spycam Victim Fights Back

Singapore - NUS guy who filmed girl in shower suspended for a semester & asked to write apology letter.

Victim fights back on social media.

Two separate petitions have been started on behalf of a National University of Singapore student, who was a victim of an act of voyeurism while residing on campus housing.

The two petitions — one with 2,502 signatures and the other with 873 signatures (as of April 21, 5.30am) — were started to call for more to be done for the victim, as well as making punishments harsher as a form of deterrence. more

The USB Spycam - Widely Used - Know What it Looks Like

FL - A Titusville man used a hidden recording device to make videos of several people showering and using the bathroom at his home without their consent, according to the Brevard County Sheriff's Office. 

One of the two realized the USB charger in Moist's bathroom was suspicious and recalled using it to charge her phone when she housesat for him in the past. The device was inspected and an SD memory card was found inside, according to arrest reports.  more

Just Like Your Phone - Your Car is Spying on You

If you’re driving a late model car or truck, chances are that the vehicle is mostly computers on wheels, collecting and wirelessly transmitting vast quantities of data to the car manufacturer not just on vehicle performance but personal information, too, such as your weight, the restaurants you visit, your music tastes and places you go.

A car can generate about 25 gigabytes of data every hour and as much as 4,000 gigabytes a day, according to some estimates. The data trove in the hands of car makers could be worth as much as $750 billion by 2030, the consulting firm McKinsey has estimated. But consumer groups, aftermarket repair shops and privacy advocates say the data belongs to the car’s owners and the information should be subject to data privacy laws.

Yet Congress has yet to pass comprehensive federal data privacy legislation. more

Julian Claxton Speaks Out on the Spy Camera Pandemic

Click to enlarge.

A spate of high-profile incidents have showcased just how easy it is for Airbnb hosts to spy on unsuspecting guests.

These cameras are cheap, easy to use and hard for guests to find, says Julian Claxton, managing director of counterespionage organisation, Jayde Consulting. “Depending on how well they’re hidden, it can be very difficult to detect them without professional help,” Mr Claxton told The New Daily.

“The devices are really easy to get. If you type in ‘hidden camera’ into eBay you will get thousands of hits. The new ones, they’re building them into charger packs, into the bases of lamps, clocks, radios – you name it and you can put a camera in it.”

Those hiding cameras in hotels are looking for more specific targets, Mr Claxton says.

“Often it’s not the hotel themselves, it’s a rogue worker who is more interested in a perversion or extortion,” he said.

“For instance, if you work for a major conglomerate and have a dalliance with a man or woman while you’re married, that video can then be used to extort that person.” more | Learn how to detect spy cameras yourself.

Spycam: Firefighter v. Firefighter

US - A former Denver fire lieutenant was charged Thursday with secretly planting a recording device in the changing room used by a female firefighter...

Flesner, who is retired, allegedly placed the recording device in the sleeping room of another firefighter. The lens was facing the changing area, the news release says.

When the device was discovered and reported to superiors, of which he was one, Flesner allegedly tampered with the device. more

I really doubt he did this, but it made me laugh.

The New Zealand Embassy Spycam Case... or, You're-In-Trouble

The jury has seen footage from a covert camera found in a toilet at the New Zealand Embassy in the US, in the trial of top military attache.

A number of videos captured on 27 July were played to the jury this afternoon, the first being a video of the covert camera being set up. more

"It was a black box, probably about an inch, an inch and a half thick and three or four inches long. It appeared to be what I thought was a hard drive." more

Learn how to spot spycams yourself.

The "Yes Master" Bracelet

Children who end up caught in Chicago's policing and justice system are being outfitted with ReliAlert XC3 GPS ankle-cuffs supplied by the Track Group, who use them to log children's movements and to bark orders at them, as well as listening in on them. The children have to wear them 24/7 while on bail awaiting trial.

The company claims that the recording function in the tracking anklets generates a notification every time it is used, but its own technicians have testified under oath that the listening function can be covertly activated. Track Group stores all recordings of its interactions with children indefinitely.  more

"Sooo, what are you wearing Mr. big, strong, Alexa man."

Tens of millions of people use smart speakers and their voice software to play games, find music or trawl for trivia. Millions more are reluctant to invite the devices and their powerful microphones into their homes out of concern that someone might be listening.

Sometimes, someone is.

Amazon.com Inc. employs thousands of people around the world to help improve the Alexa digital assistant powering its line of Echo speakers... more

Idea: Taunt them. "Sooo, what are you wearing Mr. big, strong, Alexa man."

The Steinger, Iscoe & Greene Law Firm Bugging

A fascinating case, still unfolding!
What happened...

While attorney Gary Iscoe — the Iscoe of the decades-old Steinger, Iscoe & Greene personal injury law firm — is gone and two other associates have been fired, the strange goings-on remain shrouded in mystery. “It’s very John Grisham,” said attorney Michael Pike, who is representing the firm in a lawsuit aimed at finding out who the spies were, what they were seeking and why.

Listening devices behind a ceiling tile

When the firm’s finance director found drywall debris on the floor of her office when she came to work on Sept. 10, she asked a maintenance man to pop up a ceiling tile, according to West Palm Beach police who were summoned to investigate two days later. There, hidden in the recesses of the ceiling, the finance director and others discovered wires that were linked to an audio receiver, police said.

...police said they found wires running to cameras, microphones and recording equipment mainly in the firm’s finance, marketing and human resources departments. Some of the wires had been cut and a video recording device was missing.

...it appears whoever installed the devices hurriedly removed the digital recorder once they realized police had been called.

From other authorized cameras at the firm, police said they recovered a video that showed two people, carrying tools and a ladder, entering the office at about 10:30 p.m. on Sept. 9. Employees couldn’t identify one of the intruders, police said. The other person caught on camera was identified by employees as Michael Coronel, a 26-year-old former Marine who had worked as an investigator at the firm for about six months... more | analysis

Quote of the Week

“Boston is a target-rich environment for anyone who is interested in intellectual property.”
–US Assistant Attorney General John Demers  more

From Those Wonderful Folks Who Brought You APT - Manditory Free Pen-Testing

New provisions made to China's Cybersecurity Law gives state agencies the legal authority to remotely conduct penetration testing on any internet-related business operating in China, and even copy and later share any data government officials find on inspected systems...

These new provisions, named "Regulations on Internet Security Supervision and Inspection by Public Security Organs" give the MSP the following new powers:

• Conduct in-person or remote inspections of the network security defenses taken by companies operating in China.
• Check for "prohibited content" banned inside China's border.
• Log security response plans during on-site inspections.
• Copy any user information found on inspected systems during on-site or remote inspections.
• Perform penetration tests to check for vulnerabilities.
• Perform remote inspections without informing companies.
• Share any collected data with other state agencies.
• The right to have two members of the People's Armed Police (PAP) present during on-site inspection to enforce procedures. more

Judd Bank's Tips on How to Spot A Liar

At some point in life, everyone is a victim of a lie. It may include romantic relationships, business transactions, political behavior and/or criminal misrepresentation...  

There are two main techniques in detecting deception without the use of a polygraph instrument. They are observing body language and asking open-ended questions... more

Concise and very educational. ~Kevin

How to Tell if Someone Snoops on Your Computer

Think about all of the personal information stored on your computer -- it's essentially an extension of your whole identity in digital form. You may have all your photos, videos, resumes, contacts, documents and other sensitive information saved on your PC or Mac.

Can you imagine someone snooping around and getting their hands on all that?

But how can you tell if someone was accessing your files and applications without your knowledge? Is someone using your computer behind your back? Thankfully, there are various ways to find out.

Read on and learn these tricks you can use to see if someone is snooping on your PC or Mac... more

Ya Think?

Secretary of State Mike Pompeo suggested Friday that Yujing Zhang, the woman who breached security at President Donald Trump's Mar-a-Lago, Florida club, may have been a Chinese spy. more

Polish Millionaire Arrested Over Eavesdropping Scandal

A fugitive Polish "multi-millionaire" at the heart of an eavesdropping scandal... in 2015 has been arrested in Spain, police said Saturday.

Marek Falenta was sentenced to two-and-a-half years in prison in Poland in December 2016 for setting up an eavesdropping system in swanky restaurants in Warsaw that saw waiters record conversations between business-people and politicians.

That led to a major scandal that erupted in 2014 with media publishing extracts of incriminating conversations... more

The Surprising Cost of a GPS Tracking & Cellular Eavesdropping Bug

As described on eBay...

Ultra Mini GF-07 GPS Long Standby Magnetic SOS Tracking Device for Vehicle/Car/Person Location Tracker Locator System Anti-lost Device 

Features:
1. Small size and light weight, easy for carry.

2. Black shell, easy to hide, perfect for tracking vehicles, teens, spouses, elderly persons or assets. With two powerful magnets inside, easy to attach to vehicle firmly, no extra installation need.

3. All you need is a working SIM card (NOT included!) to insert into the device, then you can track and map (with Google Maps) in real-time over the Internet.

4. Dial SIM card number, then you can hear voice around this tracker, with no light and no noise, you can monitoring and spy what's going on around the tracker silently and secretly.

5. Voice Recording Function: Send text message 555 to SIM card number, it will reply a message “Snd” and start recording, SIM card and TF card are not included.

 

Electronic surveillance devices, like this one, are flooding into the country. Below is just one of the many ads on eBay alone. At these prices (as low as $11.99, and cheaper from the China and Hong Hong listings) they are throwaway items. Set it and forget it. No need to risk retrieving it to recharge the battery. 

Businesses especially need to be concerned. Imagine competitors tracking your sales people, delivery trucks, or your top executives. Learn more about these types of devices and what you can do about them.

Click to enlarge.

Pre-Installed Anti Malware Phone App Does More Harm Than Good

Researchers have discovered multiple vulnerabilities in a pre-installed app on phones made by one of the world’s biggest smartphone vendors that potentially impacted the privacy and security of more than 150 million Android users worldwide.

According to security researchers at Check Point Research, the vulnerabilities were found in an app pre-installed on smartphones made by Xiaomi, the biggest mobile phone manufacturer in China and India, and the fourth biggest by market share in the world.

The app in question was a self-proclaimed security app dubbed “Guard Provider,” which promised to protect Xiaomi users from malware.

Xiaomi said last year it had originally hoped to offer its smartphones and other hardware here in the States in 2019, though those efforts may have been delayed for PR reasons... more

Whew!

The War Against Smartphone Spyware is On

Eva Galperin says she's learned the signs: the survivors of domestic abuse who come to her describing how their tormentors seem to know everyone they've called, texted, and even what they discussed in their most private conversations...

Galperin has a plan to end that scourge for good—or at least take a serious bite out of the industry.

In a talk she is scheduled to give next week at the Kaspersky Security Analyst Summit in Singapore, Galperin will lay out a list of demands:

• First, she's calling on the antivirus industry to finally take the threat of stalkerware seriously, after years of negligence and inaction. 
• She'll also ask Apple to take measures to protect iPhone users from stalkerware, given that the company doesn't allow antivirus apps into its App Store. 
• Finally, and perhaps most drastically, she says she'll call on state and federal officials to use their prosecutorial powers to indict executives of stalkerware-selling companies on hacking charges.

"It would be nice to see some of these companies shut down," she says. "It would be nice to see some people go to jail." more

Check here if you need a solution for checking your Android phone for spyware.

Mar-a-Lago Intruder Caught with USB Stick Loaded with Malware

A Chinese woman carrying a thumb drive loaded with malware was detained at Mar-a-Lago Saturday after trying to gain access to events advertised on Chinese-language social media by Li “Cindy” Yang, the South Florida massage parlor entrepreneur who also ran a business selling access to President Donald Trump and his family.

The woman, Yujing Zhang, has been charged with two federal crimes: making false statements to a federal officer and entering restricted property.

She was carrying four cellphones, one laptop, one external hard drive and a thumb drive, according to court records. In a charging document, a Secret Service agent said a preliminary forensic examination of the thumb drive showed it contained “malicious malware.” The court filing did not provide further details about the nature of the malware. more

See our report on dangerous USB sticks, and what to do about them.
Worried about a person like this entering your premises? Call us.

How to Stop Acoustical Leakage Eavesdropping

Acoustical leakage often occurs even when specific steps are taken to keep conversations private, like closing an office or conference room door. But, as sure as sound wants to migrate, outsiders want to hear...

Aside from structural requirements, walls are built to provide privacy, primarily visual privacy. Little thought is given to privacy from acoustical leakage.

Thin walls and loose fitting doors are the biggest leakers, with open air plenum ceilings and duct work doing their share of leaking as well.

Ideally, acoustical leakage mitigation should be addressed by the architect and installed during the initial construction phase of the building project. Even when they do, a common misconception among contractors is that soundproofing means throwing up another layer of drywall. Wrongo.

Acoustical leakage can be mitigated two ways... more

International Spy Museum is Moving and Expanding

The name isn’t changing, but when International Spy Museum opens in its shiny new home in May, it’s going to be about a lot more than just spies. 

The museum, armed with a 140,000-square-foot new building at 700 L'Enfant Plaza SW, more than 5,000 new artifacts and a whole lot of tech, now aims to be about the full field of intelligence — not just human intelligence, or spying.

Spy will begin selling tickets for the opening, on May 12, in the coming weeks, and will also be rolling out an online trivia game that will give people a chance to win tickets to its opening gala, to be held May 11. more

Man Admits Placing Camera in Friend's Home - Spied for a Year

FL - A 55-year-old Florida man accused of installing a hidden camera in a family friend’s home and watching them on his phone was arrested and charged Wednesday.

Terry Sumner plugged the camera into a wall outlet in the living room of the home sometime last year, according to the Hillsborough County Sheriff’s Office.

The woman discovered the camera March 5 and contacted authorities.

Sumner, of Plant City, admitted to detectives that he placed the camera there and it had been there for about a year.

“Sumner explained that there was a smartphone application on his phone that he would use to watch, listen and record activity in the victim's home through a live feed...” more

Former French Spy Accused in Africa Murder Plot Shot Dead in ‘Professional’ Hit

A former French spy was found dead with several bullet wounds at a rest stop in the Alps near Lake Geneva.  Police said the killing of Daniel Forestier was a “professional job” and he had been shot five times in the head and heart, according to reports. more

Security Tip: Why it Always Pays to Hire The Best.

Following the revelation that the The National Enquirer had obtained intimate texts and images between Amazon CEO Jeff Bezos and Lauren Sanches, Bezos ordered an investigation into who was behind the data breach.

In a post on The Daily Beast, Bezos’ security consultant Gavin De Becker says that his team of investigators have “concluded with high confidence that the Saudis had access to Bezos’ phone...” more

That Loud Burp You Hear Today is History Repeating Itself

The upstart nation was a den of intellectual piracy. One of its top officials urged his countrymen to steal and copy foreign machinery. Across the ocean, a leading industrial power tried in vain to guard its trade secrets from the brash young rival.

In the late 18th and early 19th centuries, the rogue nation was the United States. The official endorsing thievery was Treasury Secretary Alexander Hamilton. And the main victim was Britain.

How times have changed...

Now, the United States accuses China of the very sort of illicit practices that helped America leapfrog European rivals two centuries ago and emerge as an industrial giant. more

A proposed solution.

Protecting Confidential Information - The Japanese Model

Japan - The government is making every effort to keep information on the new Imperial era name secret until its announcement Monday and officials are even checking plants inside the Prime Minister’s Office for possible bugging devices...

The government will ask members of the expert panel, parliamentary leaders and Cabinet ministers not to bring any recording devices, including smartphones, into the rooms where the new era name will be presented and not to leave there before the announcement.

The government plans to check the belongings of panel members before they enter the Prime Minister’s Office and have government personnel escort them to restrooms so they will not make any contact with outsiders. more

Inside Info Discussed Outside is a Big Deal... killer

Careless talk costs dollars. That’s the lesson from a case heard last week by one of France’s financial regulators.

Lazard Ltd. dealmaker Vincent Le Stradic spent two and a half hours aboard a Eurostar train from London to Paris in 2014 working on a $15 billion takeover bid by Iliad SA for T-Mobile US Inc.

He was oblivious to the fact that the casually dressed man sitting next to him was Alexandre Zaluski, a UBS Group AG banker, who passed the information to a colleague, ultimately resulting in the bank pitching to Iliad to help finance the deal...

It’s an open secret in the media industry that some of the best scoops can be picked up by eavesdropping in lawyers and banker hangouts, from London’s Ye Olde Cheshire Cheese and Michael’s in Midtown Manhattan to Hong Kong’s Captain’s Bar and Mumbai’s Willingdon Sports Club. more

Working on a takeover, merger or acquisition? 
Put an information security consultant on your team.

FutureWatch - Spying on What Drones Spy

Should you worry about drone jacking if your business relies on taking aerial video footage? Probably. For one thing, camera drones are one of the juiciest targets for cybercriminals around. They know that companies using these vehicles tend to install high-quality cameras and accessories, in order to capture the best possible footage. So camera drones are a prime target - if only due to their resale value. 

But the data captured by camera drones could be even more attractive. Security experts have shown that it's relatively simple to steal the login credentials of pilots, providing total awareness of flight paths, footage, and any other data. This can be sold on to third parties, , or just exploited for personal use.

When unedited footage leaks, it can be a huge reputational risk for the company that captured it, as well as a loss of valuable proprietary data. So it makes sense to secure your footage as much as possible, but how can you do so? more

This Week in Corporate Espionage

HONDA
Calling corporate espionage a threat to its competitive advantage in the all-terrain vehicle market, Honda of South Carolina is going to court to find out who posted unauthorized photos of its Talon side-by-side vehicles on the Internet...

...photos and detailed, confidential information about the Talon models started showing up on Internet sites hondasxs.com and HondaProKevin.com.

According to Honda’s complaint, someone using the screen name “hondasecrets” posted photos of Talons taken inside the factory. Another using the name “HondaTalon” posted specifications “regarding the horsepower, maximum speed, and measurements, which Honda had not yet released to the public,” the complaint states. more

-----

TESLA
Tesla Inc. accused one of its former engineers of stealing highly confidential autopilot information before bolting to the Tesla of China, Xpeng Motors, eight months after one of Apple Inc.’s ex-employees was charged with taking sensitive robocar secrets to a new job with Xpeng.

Allegations that a second Silicon Valley giant (see below) was betrayed by one of its own workers bound for the same Chinese startup come amid a major U.S. crackdown on Chinese corporate espionage. more

-----

APPLE
A former hardware engineer (Zhang Xiaolang) for Apple’s autonomous vehicle development team who went to work for Xpeng is facing criminal charges brought by the U.S. Justice Department. He has pleaded not guilty...

Zhang told Apple he wanted to be closer to his ailing mother in China just before revealing to his supervisor that he intended to work for Xpeng. Apple grew more suspicious after seeing his increased network activity and visits to the office before he resigned, prosecutors said in a criminal complaint. He was arrested after he passed through the security checkpoint at Silicon Valley’s San Jose International Airport to board a flight to China. more

Spybuster Tip #471 - Block People Who Track You via Email

Ugly Email is a Gmail / Firefox plug-in. When a tracker is detected, it shows the icon of an eyeball in the subject line to alert you that a tracker is hidden inside the email.

Blocked trackers include:

• MailChimp
• SendGrid
• Drip
• Mailgun
• Streak
• Bananatag
• Yesware
• Postmark
• Sidekick
• TinyLetter
• MixMax
• MailTrack
• toutapp
• Litmus
• Boomerang
• ContactMonkey
• Cirrus Insight
• Polymail
• YAMM
• GetResponse
• phpList
• Close.io
• Constant Contact
• Marketo
• Return Path
• Outreach
• Intercom
• Mailjet
• Nethunt

...and Ulgy Email is soliciting suggestions for other email spies to add to the list. Ugly Email claims it does not store, transfer, transmit or save any of your data.

Student Newspaper Accused of Bugging an On-Campus Apartment

Ireland - A student newspaper accused of “bugging” an on-campus apartment in its investigation into an alleged initiation ceremony has been defended by the National Union of Journalists.

A referendum will be held in Trinity College Dublin in April about whether to strip The University Times of most of the funding it receives from the student’s union over the reporting methods used for a story on the Knights of the Campanile, an all-male sporting society.

The referendum was triggered when 500 students signed a petition calling on the student’s union to reconsider its funding. Reporters left a recording device outside the apartment of Ben Arrowsmith, a student and captain of the society. The paper reported this month that they heard “groaning, gagging and retching... more

The Case of The Very Dumb Spycam Man

CA - A detective identified the man charged with filming dozens of cops in a police station restroom by recognizing his shoes, according to newly revealed court documents that allege his spying was more widespread than previously known...

He took note of the distinctive dress shoes in the stall next to him, and later that day, detectives confronted Sergio Nieto, the clerk who was wearing them, according to the documents.

Nieto admitted he’d been filming officers as they used the toilet and said he’d also spied on people in the bathroom of a 24 Hour Fitness at The Promenade at Downey shopping center. more

Corporate Romper Room - Don't Bee a Slack Slacker

More than 10 million people use Slack every day, mostly to communicate with co-workers. The app has gained so much popularity in the five-plus years since its launch that private investors value the company at over $7 billion.

“I love my people, but they never shut up on Slack,” said the CEO of a security company who asked not to be named so he could speak openly about his concerns. “It’s very good for productivity, but the problem is we’re working on security, so we have to be careful about what we say.”

Employees communicate on Slack using “channels” to focus conversations on various topics specific to different departments. It followed corporate chat tools from Microsoft, Google and Cisco as well as a plethora of start-ups, but none gained Slack’s level of adoption or had so much success in pulling workers away from email and into messaging groups. more

Information Security and Cryptography Seminar - June 17-19, 2019

This seminar provides an in-depth coverage of Information Security and Cryptography from both a conceptual and an application-oriented viewpoint. At the same time, the mathematical, algorithmic, protocol-specific, and system-oriented aspects are explained in a way understandable to a wide audience. This includes the foundations needed to understand the different approaches, a critical look at the state-of-the-art, and a perspective on future security technologies.

The material is presented at three different levels. At the highest level, the basic concepts are presented in detail, but abstractly (e.g., as black boxes), without mathematics. No background is required to follow at this level. At an intermediate level, the most important concrete schemes, models, algorithms, and protocols are presented as well as their applications. Here some minimal mathematical and systems background is assumed. At the deepest level, which is not required to understand the higher levels, different special topics, requiring some mathematical background, are discussed.

Lecturers:
Prof. David Basin and Prof. Ueli Maurer
Advanced Technology Group GmbH
Grundgasse 13
9500 Wil
Switzerland
F: +41 (0)44 632 1172

Seminar Location: 
Marriott Courtyard Zurich North
Max-Bill-Platz 19
CH-8050 Zurich
Switzerland
more

Security Director Alert: Check for These Bug-Like Products at Your Location

Attackers can remotely compromise multiple network devices (IP PBX, conferencing gear and IP phones), installing malware and eavesdropping via video and audio functions.

A series of both unauthenticated and authenticated remote code-execution vulnerabilities have been uncovered in a variety of Grandstream products for small to medium-sized businesses, including audio and video conferencing units, IP video phones, routers and IP PBXs.

Attackers can also use the vulnerabilities to gain access to cameras and microphones to turn them into listening devices. “The most notable aspect of the vulnerabilities is what you can do simply by using the programs that get shipped on the device,” Brendan Scarvell, senior security consultant at Trustwave SpiderLabs, told Threatpost in an interview.

“This includes playing audio through the speakers, recording conversations through the microphone, activating cameras and taking photos, installing custom software/malware etc. This is pretty bad for places such boardrooms or executive offices where confidential conversations frequently happen. more

Many common office products have information security vulnerabilities. A Technical Surveillance Countermeasures (TSCM) survey, conducted by a competent consultant, will discover them for you.

College Student Pleads Guilty to Illegal Wiretapping

A Maryland university student has pleaded guilty to illegally wiretapping a congressional staffer and putting the conversation on Facebook Live without consent...

Prosecutors say Burdett, a 21-year-old advocate for Maryland Marijuana Justice, took part in a rally in front of Rep. Andy Harris' office in Salisbury, Maryland, in October. Then he and others met with a member of the congressman's staff in his office.

Harris' staff told the group not to record the meeting, citing office policy, but prosecutors say Burdett recorded and streamed it on Facebook Live without the staffer's consent. more

FutureWatch - Who Really Lives in that Apartment

NY - A Brooklyn landlord intends to install facial recognition technology at the entrance of a roughly 700-unit rent-stabilized complex, raising alarm among tenants and housing rights attorneys about what they say is a far-reaching and egregious form of digital surveillance...

“We don’t want to be tracked,” said Icemae Downes, a longtime tenant. “We are not animals. This is like tagging us through our faces because they can’t implant us with a chip.” more

Korea - Molka Means Spycam - Government Creates a Handbook for Women

The Seoul Metropolitan Government on Monday distributed guidelines on how to respond to spycam crimes for victims and law enforcement officers, amid a growing epidemic of spycam porn in the country. 

Divided into two parts -- for civilians and police officers -- the handbook was designed to raise awareness of what constitutes secondary damage to victims of spycam porn and how police officers and victims can handle such cases, according to the Seoul city government.

For example, the guidelines recommend that victims secure evidence -- such as a hidden camera -- if possible and remember the perpetrator’s appearance. If illegally filmed videos have already been distributed, the advice is to copy the links and obtain screenshots. Then the victims should report the situation to the police and ask the website or social media companies to remove the videos, the handbook says. more

-----

The (K-Pop) scandal magnifies the proliferation of hidden camera porn in South Korea — an issue which drove 22,000 women to the streets last June in the largest women’s demonstration in the nation’s history. Known as molka, meaning “spycam”, hidden camera porn has become an increasingly visible issue in South Korea, as the distribution of footage from secret, tiny cameras — often depicting women in sexual or intimate circumstances without their consent — has grown in recent years. From 2013 to 2017, police estimate nearly 6,000 cases of spycam porn each year. more

Korea - 1,600 hotel guests were secretly filmed...

...on cameras hidden in wall sockets, with footage live-streamed to paying customers!

Two South Korean men have been arrested after allegedly installing spy cameras in dozens of hotel rooms, secretly recording more than 1,600 guests and live-streaming the footage.

The men are accused of installing cameras in electrical sockets, hair dryer holders and digital TV boxes in 30 hotels in ten cities across South Korea, local police said.

They would then broadcast the footage on a website with thousands of members, charging a $44.95 monthly fee. more

Important: Learn how to inspect your hotel room (or any expectation of privacy area) for spy cameras ...and what to do if you find one.
On-line, self-paced, video training for private individuals and business.

Korea - K-pop Sex Scandal Reveals Practice of Sharing Spycam Porn

A sex scandal engulfing South Korea's K-pop industry is drawing attention and criticism to the country's problem with illegal spy cam "porn," says NPR's former Seoul correspondent...

Earlier this month, police questioned K-pop star Jung Joon-young about allegations he secretly filmed himself having sex with women and then shared the footage in private group chats.

"Tiny cameras that can be the size of lipstick containers or lighters are hidden in public places like subway stations, but also in highly private places like dressing rooms and bathrooms," Hu explained.

"The most common kind that's traded online, and shared online, and sometimes profited off of online, is footage of women having sex." more