The investigations ran concurrently and lasted five months, costing $46,009.
Mr Fletcher declined to give further details - and would not reveal the outcome of the investigations "in order to protect the privacy of the persons involved". (more)
Tuesday, March 11, 2014
PI Job Opportunity - Spy Agency Hires PIs to do its Snooping
New Zealand - It might be an organization dedicated to snooping - but the nation's spy agency has still forked out $50,000 to hire private investigators.
Details released under the Official Information Act show that during the past three years the Government Communications Security Bureau has paid contractors to investigate two matters. Director Ian Fletcher said they were "personnel-related issues".
The investigations ran concurrently and lasted five months, costing $46,009.
Mr Fletcher declined to give further details - and would not reveal the outcome of the investigations "in order to protect the privacy of the persons involved". (more)
The investigations ran concurrently and lasted five months, costing $46,009.
Mr Fletcher declined to give further details - and would not reveal the outcome of the investigations "in order to protect the privacy of the persons involved". (more)
Former Soviet Spy Chief Claims Putin Regime is an ‘Intelligence Agency Dictatorship’
The highest ranking defector to flee from the old Soviet bloc has a
message to share about Vladimir Putin — he’s still a KGB agent at heart
and that mindset is heavily influencing his tactics for furthering
Russia’s interests.
Ion Mihai Pacepa was the head of the Romanian communist regime’s
foreign intelligence service before he defected to the West in 1978. Due
to the threats on his life, Pacepa refuses to appear in public, but he
has communicated his message to the co-author of his most recent book ”Disinformation: Former Spy Chief Reveals Secret Strategies for Undermining Freedom, Attacking Religion, and Promoting Terrorism.”...
“About five years ago, Pacepa was warning me about Putin. He’s saying Putin is former KGB, Putin has surrounded himself with KGB people everywhere, it is now in essence an ‘intelligence agency dictatorship’,” Rychlak, a professor at the University of Mississippi School of Law, told TheDC. (more)
“About five years ago, Pacepa was warning me about Putin. He’s saying Putin is former KGB, Putin has surrounded himself with KGB people everywhere, it is now in essence an ‘intelligence agency dictatorship’,” Rychlak, a professor at the University of Mississippi School of Law, told TheDC. (more)
Dendroid Spying RAT Malware Found on Google Play
A new Android malware toolkit called Dendroid is being offered for sale by its creators, and at least one of the malicious APKs created with it has managed to fool Google Play's Bouncer...
The malicious APKs can purportedly intercept, block, and send out SMSes; record ongoing phone calls; take pictures, record video and audio by using the device's camera and microphone; download pictures the device owner has already made, as well as his or her browser history and bookmarks; and extract saved login credentials and passwords for a variety of accounts.
"Dendroid also comes bundled with a universal 'binder application.' This is a point-and-click tool that a customer can use to inject (or bind) Dendroid into any innocent target application that they choose with minimal effort," the researchers added.
"This means that all a wannabee malware author needs in order to start pumping out infected applications is to choose a carrier app, download it and then let Dendroid’s toolkit take care of the rest."
Sold for $300 (in crypto currencies), the toolkit comes with a warranty that the malware created with it will remain undetected.
The researchers have discovered one app created with Dendroid that managed to get included and offered on Google Play by leveraging anti-emulation detection code that fools Google Play's Bouncer, the automated app scanning service that analyzes apps by running them on Google’s cloud infrastructure and simulating how they will run on an Android device. The app has since been removed from the market. (more)
Why this is important...
It means that any jerk with $300 and some computer skills can turn any other app into your worst nightmare. BTW, it can be detected. q.v. SpyWarn™ — coming soon.
The malicious APKs can purportedly intercept, block, and send out SMSes; record ongoing phone calls; take pictures, record video and audio by using the device's camera and microphone; download pictures the device owner has already made, as well as his or her browser history and bookmarks; and extract saved login credentials and passwords for a variety of accounts.
"This means that all a wannabee malware author needs in order to start pumping out infected applications is to choose a carrier app, download it and then let Dendroid’s toolkit take care of the rest."
Sold for $300 (in crypto currencies), the toolkit comes with a warranty that the malware created with it will remain undetected.
The researchers have discovered one app created with Dendroid that managed to get included and offered on Google Play by leveraging anti-emulation detection code that fools Google Play's Bouncer, the automated app scanning service that analyzes apps by running them on Google’s cloud infrastructure and simulating how they will run on an Android device. The app has since been removed from the market. (more)
Why this is important...
It means that any jerk with $300 and some computer skills can turn any other app into your worst nightmare. BTW, it can be detected. q.v. SpyWarn™ — coming soon.
5 Apps for Spying on your Spouse
Americans have good reason to wonder if there is such a thing as privacy anymore. After former National Security Agency contractor Edward Snowden revealed that the U.S. government monitors calls, emails and texts, many people might think twice about what they share online. But that same technology is being used for another purpose: “There are a growing number of apps that will spy on your husband or wife and keep tabs on your kids,” says Theodore Claypoole, privacy attorney and co-author of “Privacy in the Age of Big Data: Recognizing Threats, Defending Your Rights, and Protecting Your Family.”
These apps may raise moral and legal questions too. The most invasive can be downloaded onto a phone and will quietly forward emails, calls and texts.
It’s a criminal offense under the Computer Fraud and Abuse Act of 1965 to access a computer—including modern computers like tablets and smartphones—without authorization. But if ownership of the smartphone in question is under someone else’s name—say, a spouse, a parent or an employer—it’s a legal gray area, Claypoole says. “That raises the question of whether the user has a reasonable expectation of privacy,” he says. “If you own your husband or wife’s smartphone and you’re paying your child’s phone bill, it could be a moral issue rather than a legal one.” (more)
It’s a criminal offense under the Computer Fraud and Abuse Act of 1965 to access a computer—including modern computers like tablets and smartphones—without authorization. But if ownership of the smartphone in question is under someone else’s name—say, a spouse, a parent or an employer—it’s a legal gray area, Claypoole says. “That raises the question of whether the user has a reasonable expectation of privacy,” he says. “If you own your husband or wife’s smartphone and you’re paying your child’s phone bill, it could be a moral issue rather than a legal one.” (more)
Bugging at Riga International Airport Being Investigated
Latvia - The wire-tapping scandal at Riga International airport is being investigated by Security Police. This whole situation has created a great deal of concern for Latvian politicians. During a recent closed meeting of the Saeima National Security Committee, they attempted to determine if there are any recordings of conversations that could compromise officials and sponsors of political parties whose names have surfaced during the investigation...
Even though the actual meeting was closed and information classified, Pietiek managed to uncover that politicians are concerned over the news that Riga airport’s VIP lounge was being monitored as well. Officials often use this are of the airport to meet in an informal environment to discuss matters away from prying eyes. (more)
Even though the actual meeting was closed and information classified, Pietiek managed to uncover that politicians are concerned over the news that Riga airport’s VIP lounge was being monitored as well. Officials often use this are of the airport to meet in an informal environment to discuss matters away from prying eyes. (more)
FutureWatch: Germans Sweep Parliament for Bugs and Tapped Phones
The German parliament building may be soon checked for bugs and eavesdropping landlines to ensure privacy. Berlin is ramping up security amid a scandal over electronic surveillance by the US National Security Agency.
A plan to secure the Bundestag complex was prepared by the Federal Office for Information Security (BSI) and approved by the IuK, the parliamentary commission on information technology and communications, Der Spiegel magazine reported on Monday citing its sources. It is to be presented to MPs later this week.
One of the prime areas of interest for the BSI is posed by supposedly secure rooms, which are meant to be used for negotiations of officials related to confidential matters. The office wants to ensure that they are actually free of bugs, the report says.
They also want to check landlines in the building, because they can be used for remote eavesdropping on the parliament. (more)
The amazing part of the story is that TSCM inspections are apparently not routine.
One of the prime areas of interest for the BSI is posed by supposedly secure rooms, which are meant to be used for negotiations of officials related to confidential matters. The office wants to ensure that they are actually free of bugs, the report says.
They also want to check landlines in the building, because they can be used for remote eavesdropping on the parliament. (more)
The amazing part of the story is that TSCM inspections are apparently not routine.
Sunday, March 9, 2014
Two All Beef Paddies, Special Sauce, Let Us Cheese the Spycam!
Ireland - MCDONALD’S has defended the use of a hidden camera in the bathroom of a Dublin restaurant.
The primitive device, hidden in a smoke alarm in men’s bathroom in its Temple Bar branch, is pointed towards the sink area.
This leaves urinals and cubicles out of view.
A statement from McDonald’s noted that means the camera is “fully compliant with all appropriate legislation and guidelines in this area”.
Data Protection laws state that there are circumstances in which a camera can be installed in a bathroom. (more)
This leaves urinals and cubicles out of view.
A statement from McDonald’s noted that means the camera is “fully compliant with all appropriate legislation and guidelines in this area”.
Data Protection laws state that there are circumstances in which a camera can be installed in a bathroom. (more)
Mobile Malware Sees ‘Exponential’ 614 Percent Growth
Chinese cybercriminals are increasingly targeting mobile users as they develop ever more sophisticated hacking tools, according to new research from security firm Trend Micro.
Its Mobile Cybercriminal Underground Market report revealed that Chinese hackers are using a variety of in-depth malware and malicious code programs to target users both at home and in the West, with mobile malware kits available to buy from as little as 100 yuan (around £10) on the black market.
“The barriers to launching cybercriminal operations are less in number than ever,” the report stated. “Toolkits are becoming more available and cheaper; some are even offered free of charge.” (more)
“The barriers to launching cybercriminal operations are less in number than ever,” the report stated. “Toolkits are becoming more available and cheaper; some are even offered free of charge.” (more)
Thursday, March 6, 2014
Turkish Watergate - First Audio Eavesdropping Tapes - Now Video
Turkey’s Prime Minister Recep Tayyip Erdogan, whose government has been ensnared by a series of anonymously leaked audio tapes of purported corruption, said his administration may face a new threat from covertly recorded video recordings.
“In these incidents, there is not just wiretapping, there is also filming,” Erdogan said in Ankara yesterday, according to state-run Anatolia news agency. “It’s even been stretched to the extreme of filming extramarital affairs, invading a family’s privacy and totally ignoring moral values.”
Speaking to local reporters after the release of audio tapes that the opposition said placed Erdogan at the center of a bribery scheme, the premier lashed out at the tactics. (more)
“In these incidents, there is not just wiretapping, there is also filming,” Erdogan said in Ankara yesterday, according to state-run Anatolia news agency. “It’s even been stretched to the extreme of filming extramarital affairs, invading a family’s privacy and totally ignoring moral values.”
Speaking to local reporters after the release of audio tapes that the opposition said placed Erdogan at the center of a bribery scheme, the premier lashed out at the tactics. (more)
Kuwait Minister Warns on Eavesdropping Device Sales
KUWAIT -- Maximum penalties will be taken against any
telecommunication company trading in eavesdropping devices, warned Minister of
Communications Essa Al-Kanderi on Wednesday. Offenders will be referred to the public prosecution, the minister warned
further, during a debate at the National Assembly. Some MPs charged during the discussions that a number of companies
"possess" listening bugs, in violation of the Constitution and State Laws. (more)
County Jail Official Retires Amid Wiretap Charges
NJ - The deputy director of the Hudson County jail, who is facing federal charges he used a website to illegally wiretap fellow employees, has put in his retirement papers, officials said.
The retirement papers of Kirk Eady, 45, of East Brunswick, are dated retroactively to Feb. 1, Hudson County spokesman Jim Kennelly said.
Eady turned himself in to federal authorities on Feb. 15 after being charged with intentionally intercepting the wire, oral or electronic communications of others, according to a criminal complaint. (more)
The retirement papers of Kirk Eady, 45, of East Brunswick, are dated retroactively to Feb. 1, Hudson County spokesman Jim Kennelly said.
Eady turned himself in to federal authorities on Feb. 15 after being charged with intentionally intercepting the wire, oral or electronic communications of others, according to a criminal complaint. (more)
Update - Rayney Phone Bugging Case
Australia - Former Perth barrister Lloyd Rayney will be making an application to put a permanent hold on charges of bugging his wife's phone, a court has heard. Rayney is accused of intercepting the calls of his wife Corryn in the lead up to her death in 2007. (more)
Previously reported in 2007...
She bootscoots. He taps. What could possibly go wrong?
The Continuing Saga of the Rayney Wiretap
Update - Rayney ‘phone’ man in key talks
Previously reported in 2007...
She bootscoots. He taps. What could possibly go wrong?
The Continuing Saga of the Rayney Wiretap
Update - Rayney ‘phone’ man in key talks
Wednesday, March 5, 2014
Bogus Boris Netflix App
Android phones and tablets from four different manufacturers are arriving with malware “pre-installed” – a bogus version of Netflix which sends password and credit card information to Russia, according to app security specialist Marble Security.
David Jevans, CTO and founder of the company said that he was alerted to the problem by a company testing his product, software to help organizations manage mobile devices, after it repeatedly flagged Netflix as malicious, according to PC World’s report.
Jevans’ team analysed the app, and found that it was bogus, using tools including one that analyzed the app’s network traffic for signs of communication with known malicious servers. Jevans says, “This isn’t the real Netflix. You’ve got one that has been tampered with, and is sending passwords and credit card information to Russia.” (more)
Jevans’ team analysed the app, and found that it was bogus, using tools including one that analyzed the app’s network traffic for signs of communication with known malicious servers. Jevans says, “This isn’t the real Netflix. You’ve got one that has been tampered with, and is sending passwords and credit card information to Russia.” (more)
A Black Eye for Blackphones
Australian law enforcement agencies are increasingly unable to monitor the communications of some of the country's most powerful criminals due to the rising prevalence of uncrackable encrypted phones.
The phones are linked to a series of the underworld killings that rocked Sydney, several senior law enforcement officials told the ABC on condition of anonymity.
The phones are sold by dozens of companies worldwide and have legitimate uses.
But the law enforcement officials say thousands of the phones have been obtained by Australian criminals and they are using them to commit serious crimes, including murder. (more) (video report)
Interesting article, but... one half of my brain is saying wouldn't the LE's want criminals to think these phones are secure? And, once the general public views encryption as a criminal tool, the politicians would be free to pass laws restricting communications encryption so then only the outlaws (and selected others) would use it... kind-of-like gun silencers.
Or, maybe I've been "Snowed-in" over the long winter and have become cynical.
The phones are sold by dozens of companies worldwide and have legitimate uses.
But the law enforcement officials say thousands of the phones have been obtained by Australian criminals and they are using them to commit serious crimes, including murder. (more) (video report)
Interesting article, but... one half of my brain is saying wouldn't the LE's want criminals to think these phones are secure? And, once the general public views encryption as a criminal tool, the politicians would be free to pass laws restricting communications encryption so then only the outlaws (and selected others) would use it... kind-of-like gun silencers.
Or, maybe I've been "Snowed-in" over the long winter and have become cynical.
Tuesday, March 4, 2014
Crypto Bug Leaves Linux, Hundreds of Apps Open to Eavesdropping
Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.
The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates ... indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher.
Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers. (more)
The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates ... indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher.
Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers. (more)
Subscribe to:
Posts (Atom)