South Africa - The increased use of unmanned aerial vehicles, or drones, in SA over the last few years has opened local organisations to a significant and evolving scope of threat in areas such as cyber espionage, illegal surveillance, electronic snooping and reconnaissance.
Security experts warn that while drone technology is increasingly being harnessed to carry out a host of commercial tasks faster, safer and more efficiently across industries including agriculture, media, health and defence, it is also increasingly being exploited by criminals as a tool to usher in a new era of physical and IT security threats. more
• Our other Security Scrapbook drone coverage. • Researching anti-drone technology for your corporate security department? Contact us for our free Anti-Drone Research Paper.
A Phoenix-based flight attendant has sued Southwest Airlines for retaliation after she reported two pilots for live streaming secret lavatory video onto an iPad in the cockpit.
Renee Steinaker says...she saw an iPad mounted to the jet’s windshield where she could see the pilot in the restroom. She says the co-pilot then told her that the cameras were a new “top secret security measure” which Steinmaker later determined was not true.
She claims that the pilots also left the aircraft unattended after landing the flight, and “left a loaded firearm unattended in the cockpit” which violates FAA regulations. more
The two pilots, both based near Southwest's Dallas headquarters, have denied the allegations in court documents. So has the airline, which dismissed the incident as an "inappropriate attempt at humor" in a statement. more
"Southwest
Airlines has never placed cameras and never videoed anyone in any
lavatory, and the pilots on Flight 1088 did not video anyone. The
incident, which occurred over two years ago, was a poor attempt at humor
where the pilot took a selfie video from the chest up, fully clothed,
in the lavatory of a completely different airplane months before Flight
1088 and then replayed the exact same selfie video on his iPad when Ms.
Steinaker came into the cockpit." more
Facebook launched a new front in the battle over encryption yesterday by suing the Israeli spyware firm NSO Group for allegedly hacking WhatsApp, its encrypted messaging service, and helping government customers snoop on about 1,400 victims...
The lawsuit marks the first time a messaging service has sued a spyware company for undermining its encryption and it could prompt a slew of suits against companies that have developed encryption workarounds bolstering governments' ability to spy on their citizens. more
Analysis: More organizations are hardening their defenses against electronic surveillance and information theft. WithTSCM information security surveys becoming mainstream attacks will shift toward the defenseless...
Don't let the fancy attire and the Gilded Age setting fool you, there is nasty business afoot in "The Current War."
It's a power struggle, both literal and societal, with Benedict Cumberbatch as inventor Thomas Edison on one side, Michael Shannon as industrialist George Westinghouse on the other, Nicholas Hoult as eccentric visionary Nikola Tesla in the middle and the future of electricity in America hanging in the balance.
In theaters Friday, Oct. 25, the film is a tale of innovation advanced via moral compromise. There are dead animals, corporate espionage, even the invention of the electric chair all deployed in the battle to determine whether Edison's direct current or Westinghouse's alternating current would light up the nation.
It's a story rife with tragedy and squandered potential. more
The doctor accused of corporate espionage and stealing trade secrets from blood giant CSL to further his career and to land a job at rival group Pharming has been sacked from his job.
Dutch pharmaceutical company Pharming announced on Thursday that it had permanently terminated Joseph Chiao's employment.
Dr Chiao had been subject to a US court injunction preventing him from starting work at Pharming in October so that CSL and Pharming could investigate CSL's allegations that Dr Chiao had stolen 1,000,000 documents from CSL. more
A hacker admitted to planting hardware keyloggers on computers belonging to two companies to get unauthorized to their networks and steal proprietary data. He now faces 12 years of prison time.
It appears that the individual was after data relating to an "emerging technology" that both targeted companies were developing.
In February 2017, 45-year old Ankur Agarwal of Montville, New Jersey,trespassed the premises of one of the two tech companies and installed keylogging devices on its computers to capture employee usernames and passwords. He also added his laptop and a hard drive to the company's computer network. more
A new kind of easy to use trojan malware is gaining popularity among cyber criminals, providing them with simple means of stealing credit card data, passwords and cryptocurrency -- and it has already infected hundreds of thousands of Windows users around the world.
Raccoon Stealer first appeared in April this year and has quickly risen to become one of the most talked-about malware services in underground forums.
Researchers at Cybereason have been monitoring Raccoon since it first emerged, and note that while not sophisticated, it is aggressively marketed to potential criminal users, providing them with an easy-to-use back end, along with bulletproof hosting and 24/7 support -- all for $200 a month. more
Researchers at Germany’s SRLabs found two hacking scenarios — eavesdropping and phishing — for both Amazon Alexa
and Google Home/Nest devices. They created eight voice apps (Skills for
Alexa and Actions for Google Home) to demonstrate the hacks that turns
these smart speakers into smart spies. The malicious voice apps created
by SRLabs easily passed through Amazon and Google’s individual screening
processes...
For eavesdropping, the researchers used the same horoscope app for
Amazon’s smart speaker. The app tricks the user into believing that it
has been stopped while it silently listens in the background. more
Google employees have accused their employer of creating a surveillance tool disguised as a calendar extension designed to monitor gatherings of more than 100 people, a signal that those employees may be planning protests or discussing union organizing. Google parent company Alphabet “categorically” denies the accusation.
The accusation, outlined in a memo obtained by Bloomberg News, claims severe unethical conduct from high-ranking Google employees, who they say allegedly ordered a team to develop a Chrome browser extension that would be installed on all employee machines and used primarily to monitor internal employee activity.
Employees are claiming the tool reports anyone who creates a calendar invite and sends it to more than 100 others, alleging that it is an attempt to crackdown on organizing and employee activism. more
SCIF fight shows lawmakers can be their own biggest cybersecurity vulnerability.
About two dozen House Republicans enter a sensitive compartmented information facility (SCIF) where a closed session before the House Intelligence, Foreign Affairs and Oversight committees took place.
A group of House Republicans could have created a field day for Russian and Chinese intelligence agencies when they stormed into a secure Capitol Hill room where their colleagues were taking impeachment testimony yesterday with their cellphones in tow.more
"You're all worthless and weak!" ~Doug Neidermeyer
After a suspicious rise in Russian diplomats visiting the State Department in 1999, the FBI worked with the Diplomatic Security Service to follow mysterious radio frequencies. For more, watch "Declassified" Sunday at 11 p.m. ET/PT. more
Thanks to our Blue Blase Irregular at Big T for spotting this one for us.
The STOP Djvu ransomware encrypts victim's files with Salsa20, and appends one of dozens of extensions to filenames; for example, ".djvu", ".rumba", ".radman", ".gero", etc.
Please note: There are limitations on what files can be decrypted. more
Of course, put all the safeguards in place first so you won't need this tool. ~Kevin
