TN - A former Nashville police officer/union organizer has been indicted on federal charges in connection with the break-in and illegal surveillance of a Fraternal Order of Police youth camp.
Calvin Edward Hullett was indicted on bribery, misappropriation of union funds and other charges.
Investigators have alleged the hidden cameras were placed at the Wilson County camp in an effort to discredit the FOP by catching officers engaged in some type of misconduct.
Hullett, a national organizer for the Teamsters, is accused of using union funds to purchase the surveillance and recording equipment. (more with video)
Saturday, March 15, 2008
Industrial Espionage in South Korea
Prosecutors were investigating a former LG Electronics technician Thursday for allegedly spying and providing a Chinese firm with South Korea's leading plasma display technology. (more)
7 Security Rules Employees Love to Break
Research from the Ponemon Institute finds that either companies are not setting, or employees are not following, data security procedures in several high-risk areas.
“Data Security Policies Are Not Enforced,” a survey of 893 corporate IT workers, examined the risks associated with storing and transporting sensitive information and looked at how well companies are implementing and enforcing policies to protect against this risk.
1. Copying confidential information onto a USB memory stick.
2. Accessing web-based e-mail accounts from a workplace computer.
3. Losing a portable data-bearing device.
4. Downloading personal software onto a company computer.
5. Sending workplace documents as an attachment in e-mail.
6. Disabling security and firewall settings.
7. Sharing passwords with co-workers.
(more)
“Data Security Policies Are Not Enforced,” a survey of 893 corporate IT workers, examined the risks associated with storing and transporting sensitive information and looked at how well companies are implementing and enforcing policies to protect against this risk.
1. Copying confidential information onto a USB memory stick.
2. Accessing web-based e-mail accounts from a workplace computer.
3. Losing a portable data-bearing device.
4. Downloading personal software onto a company computer.
5. Sending workplace documents as an attachment in e-mail.
6. Disabling security and firewall settings.
7. Sharing passwords with co-workers.
(more)
122 Federal Aviation Administration safety inspector badges have been stolen or lost in the past five years. The credentials are one of the few forms of identification that give complete and unfettered access to airport facilities, including the cockpits of planes in flight. "The FAA badge is probably of all the badges just as dangerous if not more so than any other," aviation expert Denny Kelly said.
Kelly, a former commercial pilot and a private investigator, said the badge can give a person free access to nearly every secure area of an airport.
"The FAA badge allows you not only on one airline, plus getting through security, it allows you to get on any airline, any airplane, anyplace," he said. (more) Photo is not representative of stolen ID.
Juju Security... What "badge" can give someone unfettered access to your business - to plant bugs and steal proprietary information, for example? Can you account for all of yours? Is a security amulet really the best solution? Other solutions... 1 2 3
Update: Possible motive for badge theft uncovered!
Special Offer for FAA Employees only...
Located in the Holiday Inn Airport, 2101 S. Meridian is offering FAA employees a 15% discount on their ALL-YOU CAN EAT Lunch Buffet. Just show your ID badge for discount.
Regular price is $9.95 + tax and includes: 21 item salad bar, soup, 2-3 hot entrees, veggies, rolls, dessert bar and drink. Menu selection varies from Bar-B-Q to Italian to Hors Devours.
Lunch hours are 11 a.m. to 2 p.m. on the dates indicated on the calendar.
Call the Holiday Inn at 685-4000 for more information. (more)
Romper Room Magic Mirror 2008
Tune into live surveillance cameras from around the world. Free computer screen saver turns you into Mr./Ms. Panopticon. (more)
Thursday, March 13, 2008
RFID Cards Hacked
Researchers and students of the Digital Security group of the Radboud University Nijmegen have discovered a serious security flaw in a widely used type of contactless smartcard, also called RFID tag. It concerns the "Mifare Classic" RFID card produced by NXP (formerly Philips Semiconductors). Earlier, German researchers Karsten Nohl en Henryk Plötz pointed out security weaknesses of this cards. Worldwide around 1 billion of these cards have been sold.
This type of card is used for the Dutch 'ov-chipkaart' [the RFID card for public transport throughout the Netherlands] and public transport systems in other countries (for instance the subway in London and Hong Kong). Mifare cards are also widely used as company cards to control access to buildings and facilities. All this means that the flaw has a broad impact. Because some cards can be cloned, it is in principle possible to access buildings and facilities with a stolen identity. This has been demonstrated on an actual system. (more)
This type of card is used for the Dutch 'ov-chipkaart' [the RFID card for public transport throughout the Netherlands] and public transport systems in other countries (for instance the subway in London and Hong Kong). Mifare cards are also widely used as company cards to control access to buildings and facilities. All this means that the flaw has a broad impact. Because some cards can be cloned, it is in principle possible to access buildings and facilities with a stolen identity. This has been demonstrated on an actual system. (more)
"I reprogrammed a car fob, Mr. Cheney. Now I control you."
by Chris Soghoian...
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.
The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field...
By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public. (more)
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.
The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field...
By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public. (more)
Security and Spying With Nanotechnology as Tiny Spy Dust Chips Track Your Movements
Nox Defense has released an invisible perimeter defense technology, which combines high-resolution video pictures and radio frequency identification (RFID) tags, sometimes referred to as "spy chips", to track assets and people in real time. The system allows security officers to see a theft or intrusion as it happens, and track a stolen object even if concealed inside a briefcase, under a jacket, or stuffed inside a sock. The FBI is among early adopters of the Nox Intelligent Perimeter Defense system, though has not released details how it will use the system. (more)
"Let's see you tap your way out of this, honey."
Wiretap agent sued for bigamy...
Philippines - A military agent who claimed taping the conversations of President Arroyo and a former poll official in 2004 is facing a bigamy suit in a Quezon City court.
Arlene Sernal filed a complaint against her husband Vidal Doble, a former technical sergeant in the Intelligence Service of the Armed Forces of the Philippines before the sala of Regional Trial Court Judge Rosa Samson Tatad of Branch 105. (more)
Philippines - A military agent who claimed taping the conversations of President Arroyo and a former poll official in 2004 is facing a bigamy suit in a Quezon City court.
Arlene Sernal filed a complaint against her husband Vidal Doble, a former technical sergeant in the Intelligence Service of the Armed Forces of the Philippines before the sala of Regional Trial Court Judge Rosa Samson Tatad of Branch 105. (more)
Private Investigator Brags About His Bugging
Australia - A Melbourne-based veteran investigator, an old-fashioned human bloodhound who formerly ran the security for one of the local airlines, tells The Sunday Age: "If I wanted to bug your office, you could send 10,000 [de-]buggers in there and they'd never find out. Not unless the bug is live (activated). Otherwise you'd have to physically tear an office or boardroom apart to find it. A smart cookie will be listening across the road … and via a 10-cent capacitor can remotely deactivate the bug until there's something worth listening to." This old-time operator is a $500-a-day man. "Plus expenses." No matter that there may be millions at stake, that's his price.
"I'm cheap," he says. (more) He is also [your thought here].
Tuesday, March 11, 2008
from EnergyBiz Magazine...
"Corporate espionage is big business. According to the FBI, such theft costs all U.S. companies between $24 billion and $100 billion annually. Interestingly, only about 20 percent of those losses are tied to cyber threats while the majority of them are associated with low-tech schemes such as unlawfully entering open offices." (more)
Eavesdropping, and low-tech espionage tricks, precede cyber-threats. They are also the easiest to spot. Discover the eavesdropping and espionage attacks and the cyber-threats die of starvation. The security secret... You have to look, to discover – on a regular basis. Start your schedule of detection audits, today.
"Corporate espionage is big business. According to the FBI, such theft costs all U.S. companies between $24 billion and $100 billion annually. Interestingly, only about 20 percent of those losses are tied to cyber threats while the majority of them are associated with low-tech schemes such as unlawfully entering open offices." (more)
Eavesdropping, and low-tech espionage tricks, precede cyber-threats. They are also the easiest to spot. Discover the eavesdropping and espionage attacks and the cyber-threats die of starvation. The security secret... You have to look, to discover – on a regular basis. Start your schedule of detection audits, today.
School Board Sued for Eavesdropping on Attorney
Attorney Susan Burgess of Brockport is suing the district, the Board of Education and Kevin Ratcliffe, director of Pupil Services, for alleged eavesdropping on a private legal conversation she had Aug. 4, 2006, at a district office with her client, Carmen Coleman of Fairport, regarding Coleman’s son’s educational needs.
The suit further alleges that district officials listened in on the conversation in retaliation for Coleman’s pursuing her son’s legal rights and to gain an advantage in the negotiations. (more)
The suit further alleges that district officials listened in on the conversation in retaliation for Coleman’s pursuing her son’s legal rights and to gain an advantage in the negotiations. (more)
What in the World???
Every minute disaster strikes somewhere in the world.
These sites keep track of it all...
GlobalIncidentMap.com
Havari Information Service - AlertMap
Incident1.com
USDA Active Fire Map
Illegal Alien Activity Tracking System
PetFlight Airport Incident Map
Real-Time Earthquate Map
World Disasters
Disaster Resource Network
These sites keep track of it all...
GlobalIncidentMap.com
Havari Information Service - AlertMap
Incident1.com
USDA Active Fire Map
Illegal Alien Activity Tracking System
PetFlight Airport Incident Map
Real-Time Earthquate Map
World Disasters
Disaster Resource Network
PATS 'SPY' READY TO ROLL TAPE
The former New England Patriots employee who supposedly has tapes of illegal spying by the team may be ready to give them up. (more)
Cracking GSM encryption just got easier
by Michael Kassner...
For all intents and purposes most everyone including the GSMA—an organization representing most of the mobile phone operators—considered and still considers GSM very secure. In reality A5/1, the technology used to encrypt GSM communications has been vulnerable for at least a decade. The sense of security seems to be based on the fact that the original attack venues require a great deal of computing power, time, and therefore money to accomplish the crack. So an organization would have to be particularly motivated to even want to crack GSM traffic. Care to guess who has enough motivation?
It appears that researchers David Hulton and Steve Miller have recently developed techniques to greatly reduce the time and required computing power needed to crack A5/1 encryption. The two researchers have even patented their work personally. The efficient modifications of the original crack open all sorts of doors making it easier for both black and white hat types to decode GSM conversations. (more)
For all intents and purposes most everyone including the GSMA—an organization representing most of the mobile phone operators—considered and still considers GSM very secure. In reality A5/1, the technology used to encrypt GSM communications has been vulnerable for at least a decade. The sense of security seems to be based on the fact that the original attack venues require a great deal of computing power, time, and therefore money to accomplish the crack. So an organization would have to be particularly motivated to even want to crack GSM traffic. Care to guess who has enough motivation?
It appears that researchers David Hulton and Steve Miller have recently developed techniques to greatly reduce the time and required computing power needed to crack A5/1 encryption. The two researchers have even patented their work personally. The efficient modifications of the original crack open all sorts of doors making it easier for both black and white hat types to decode GSM conversations. (more)
Subscribe to:
Posts (Atom)