Wednesday, April 3, 2019

Mar-a-Lago Intruder Caught with USB Stick Loaded with Malware

A Chinese woman carrying a thumb drive loaded with malware was detained at Mar-a-Lago Saturday after trying to gain access to events advertised on Chinese-language social media by Li “Cindy” Yang, the South Florida massage parlor entrepreneur who also ran a business selling access to President Donald Trump and his family.

The woman, Yujing Zhang, has been charged with two federal crimes: making false statements to a federal officer and entering restricted property.
She was carrying four cellphones, one laptop, one external hard drive and a thumb drive, according to court records. In a charging document, a Secret Service agent said a preliminary forensic examination of the thumb drive showed it contained “malicious malware.” The court filing did not provide further details about the nature of the malware. more

See our report on dangerous USB sticks, and what to do about them.
Worried about a person like this entering your premises? Call us.
Posted by at
Labels: , , , , , , ,

Monday, April 1, 2019

How to Stop Acoustical Leakage Eavesdropping

Acoustical leakage often occurs even when specific steps are taken to keep conversations private, like closing an office or conference room door. But, as sure as sound wants to migrate, outsiders want to hear...

Aside from structural requirements, walls are built to provide privacy, primarily visual privacy. Little thought is given to privacy from acoustical leakage.

Thin walls and loose fitting doors are the biggest leakers, with open air plenum ceilings and duct work doing their share of leaking as well.

Ideally, acoustical leakage mitigation should be addressed by the architect and installed during the initial construction phase of the building project. Even when they do, a common misconception among contractors is that soundproofing means throwing up another layer of drywall. Wrongo.

Acoustical leakage can be mitigated two ways... more
Posted by at
Labels: , , ,

International Spy Museum is Moving and Expanding

The name isn’t changing, but when International Spy Museum opens in its shiny new home in May, it’s going to be about a lot more than just spies. 

The museum, armed with a 140,000-square-foot new building at 700 L'Enfant Plaza SW, more than 5,000 new artifacts and a whole lot of tech, now aims to be about the full field of intelligence — not just human intelligence, or spying.

Spy will begin selling tickets for the opening, on May 12, in the coming weeks, and will also be rolling out an online trivia game that will give people a chance to win tickets to its opening gala, to be held May 11. more
Posted by at
Labels: , ,

Man Admits Placing Camera in Friend's Home - Spied for a Year

FL - A 55-year-old Florida man accused of installing a hidden camera in a family friend’s home and watching them on his phone was arrested and charged Wednesday.

Terry Sumner plugged the camera into a wall outlet in the living room of the home sometime last year, according to the Hillsborough County Sheriff’s Office.

The woman discovered the camera March 5 and contacted authorities.

Sumner, of Plant City, admitted to detectives that he placed the camera there and it had been there for about a year.

“Sumner explained that there was a smartphone application on his phone that he would use to watch, listen and record activity in the victim's home through a live feed...” more
Posted by at
Labels: , , , , ,

Former French Spy Accused in Africa Murder Plot Shot Dead in ‘Professional’ Hit

A former French spy was found dead with several bullet wounds at a rest stop in the Alps near Lake Geneva.  Police said the killing of Daniel Forestier was a “professional job” and he had been shot five times in the head and heart, according to reports. more
Posted by at
Labels: , ,

Sunday, March 31, 2019

Security Tip: Why it Always Pays to Hire The Best.

Following the revelation that the The National Enquirer had obtained intimate texts and images between Amazon CEO Jeff Bezos and Lauren Sanches, Bezos ordered an investigation into who was behind the data breach.

In a post on The Daily Beast, Bezos’ security consultant Gavin De Becker says that his team of investigators have “concluded with high confidence that the Saudis had access to Bezos’ phone...” more
Posted by at
Labels: , , , , , , ,

That Loud Burp You Hear Today is History Repeating Itself

The upstart nation was a den of intellectual piracy. One of its top officials urged his countrymen to steal and copy foreign machinery. Across the ocean, a leading industrial power tried in vain to guard its trade secrets from the brash young rival.

In the late 18th and early 19th centuries, the rogue nation was the United States. The official endorsing thievery was Treasury Secretary Alexander Hamilton. And the main victim was Britain.

How times have changed...

Now, the United States accuses China of the very sort of illicit practices that helped America leapfrog European rivals two centuries ago and emerge as an industrial giant. more

A proposed solution.
Posted by at
Labels: , ,

Protecting Confidential Information - The Japanese Model

Japan - The government is making every effort to keep information on the new Imperial era name secret until its announcement Monday and officials are even checking plants inside the Prime Minister’s Office for possible bugging devices...

The government will ask members of the expert panel, parliamentary leaders and Cabinet ministers not to bring any recording devices, including smartphones, into the rooms where the new era name will be presented and not to leave there before the announcement.

The government plans to check the belongings of panel members before they enter the Prime Minister’s Office and have government personnel escort them to restrooms so they will not make any contact with outsiders. more
Posted by at
Labels: , , , , ,

Inside Info Discussed Outside is a Big Deal... killer

Careless talk costs dollars. That’s the lesson from a case heard last week by one of France’s financial regulators.

Lazard Ltd. dealmaker Vincent Le Stradic spent two and a half hours aboard a Eurostar train from London to Paris in 2014 working on a $15 billion takeover bid by Iliad SA for T-Mobile US Inc.

He was oblivious to the fact that the casually dressed man sitting next to him was Alexandre Zaluski, a UBS Group AG banker, who passed the information to a colleague, ultimately resulting in the bank pitching to Iliad to help finance the deal...

It’s an open secret in the media industry that some of the best scoops can be picked up by eavesdropping in lawyers and banker hangouts, from London’s Ye Olde Cheshire Cheese and Michael’s in Midtown Manhattan to Hong Kong’s Captain’s Bar and Mumbai’s Willingdon Sports Club. more

Working on a takeover, merger or acquisition? 
Put an information security consultant on your team.
Posted by at
Labels: , , , , ,

FutureWatch - Spying on What Drones Spy

Should you worry about drone jacking if your business relies on taking aerial video footage? Probably. For one thing, camera drones are one of the juiciest targets for cybercriminals around. They know that companies using these vehicles tend to install high-quality cameras and accessories, in order to capture the best possible footage. So camera drones are a prime target - if only due to their resale value. 

But the data captured by camera drones could be even more attractive. Security experts have shown that it's relatively simple to steal the login credentials of pilots, providing total awareness of flight paths, footage, and any other data. This can be sold on to third parties, , or just exploited for personal use.

When unedited footage leaks, it can be a huge reputational risk for the company that captured it, as well as a loss of valuable proprietary data. So it makes sense to secure your footage as much as possible, but how can you do so? more
Posted by at
Labels: , , ,

Wednesday, March 27, 2019

This Week in Corporate Espionage

HONDA
Calling corporate espionage a threat to its competitive advantage in the all-terrain vehicle market, Honda of South Carolina is going to court to find out who posted unauthorized photos of its Talon side-by-side vehicles on the Internet...

...photos and detailed, confidential information about the Talon models started showing up on Internet sites hondasxs.com and HondaProKevin.com.

According to Honda’s complaint, someone using the screen name “hondasecrets” posted photos of Talons taken inside the factory. Another using the name “HondaTalon” posted specifications “regarding the horsepower, maximum speed, and measurements, which Honda had not yet released to the public,” the complaint states. more

-----

TESLA
Tesla Inc. accused one of its former engineers of stealing highly confidential autopilot information before bolting to the Tesla of China, Xpeng Motors, eight months after one of Apple Inc.’s ex-employees was charged with taking sensitive robocar secrets to a new job with Xpeng.

Allegations that a second Silicon Valley giant (see below) was betrayed by one of its own workers bound for the same Chinese startup come amid a major U.S. crackdown on Chinese corporate espionage. more

-----

APPLE
A former hardware engineer (Zhang Xiaolang) for Apple’s autonomous vehicle development team who went to work for Xpeng is facing criminal charges brought by the U.S. Justice Department. He has pleaded not guilty...

Zhang told Apple he wanted to be closer to his ailing mother in China just before revealing to his supervisor that he intended to work for Xpeng. Apple grew more suspicious after seeing his increased network activity and visits to the office before he resigned, prosecutors said in a criminal complaint. He was arrested after he passed through the security checkpoint at Silicon Valley’s San Jose International Airport to board a flight to China. more

Posted by at
Labels: , , , ,

Spybuster Tip #471 - Block People Who Track You via Email

Ugly Email is a Gmail / Firefox plug-in. When a tracker is detected, it shows the icon of an eyeball in the subject line to alert you that a tracker is hidden inside the email.

Blocked trackers include:
  • MailChimp
  • SendGrid
  • Drip
  • Mailgun
  • Streak
  • Bananatag
  • Yesware
  • Postmark
  • Sidekick
  • TinyLetter
  • MixMax
  • MailTrack
  • toutapp
  • Litmus
  • Boomerang
  • ContactMonkey
  • Cirrus Insight
  • Polymail
  • YAMM
  • GetResponse
  • phpList
  • Close.io
  • Constant Contact
  • Marketo
  • Return Path
  • Outreach
  • Intercom
  • Mailjet
  • Nethunt
...and Ulgy Email is soliciting suggestions for other email spies to add to the list. Ugly Email claims it does not store, transfer, transmit or save any of your data.
Posted by at
Labels: , , ,

Student Newspaper Accused of Bugging an On-Campus Apartment


Ireland - A student newspaper accused of “bugging” an on-campus apartment in its investigation into an alleged initiation ceremony has been defended by the National Union of Journalists.

A referendum will be held in Trinity College Dublin in April about whether to strip The University Times of most of the funding it receives from the student’s union over the reporting methods used for a story on the Knights of the Campanile, an all-male sporting society.

The referendum was triggered when 500 students signed a petition calling on the student’s union to reconsider its funding. Reporters left a recording device outside the apartment of Ben Arrowsmith, a student and captain of the society. The paper reported this month that they heard “groaning, gagging and retching... more
Posted by at
Labels: , ,

The Case of The Very Dumb Spycam Man

CA - A detective identified the man charged with filming dozens of cops in a police station restroom by recognizing his shoes, according to newly revealed court documents that allege his spying was more widespread than previously known...

He took note of the distinctive dress shoes in the stall next to him, and later that day, detectives confronted Sergio Nieto, the clerk who was wearing them, according to the documents.


Nieto admitted he’d been filming officers as they used the toilet and said he’d also spied on people in the bathroom of a 24 Hour Fitness at The Promenade at Downey shopping center. more
Posted by at
Labels: , , ,

Corporate Romper Room - Don't Bee a Slack Slacker

More than 10 million people use Slack every day, mostly to communicate with co-workers. The app has gained so much popularity in the five-plus years since its launch that private investors value the company at over $7 billion.

“I love my people, but they never shut up on Slack,” said the CEO of a security company who asked not to be named so he could speak openly about his concerns. “It’s very good for productivity, but the problem is we’re working on security, so we have to be careful about what we say.”

Employees communicate on Slack using “channels” to focus conversations on various topics specific to different departments. It followed corporate chat tools from Microsoft, Google and Cisco as well as a plethora of start-ups, but none gained Slack’s level of adoption or had so much success in pulling workers away from email and into messaging groups. more
Posted by at
Labels: , , ,
Subscribe to: Posts (Atom)