News sent out via mailchimp.
In upstate NY, Geddes town employees complained that they were being eavesdropped on through security cameras that had audio capability. Originally the town supervisor, Manny Falcone, denied that the cameras had any microphones at all, but a work order was produced that indicated that at least one of the cameras did have audio capability, now his secretary faces felony eavesdropping charges.
From The Mainichi, December 8, 2016
According to Mito Municipal Government officials, it was tipped off about the bug on Dec. 6. Specialized workers hired by the local government began searching for the device from the evening of Dec. 7 and found it in a waiting room for three assembly members from “Suiseikai” — a conservative parliamentary group — on the first floor of the temporary two-story prefabricated assembly building. The bug plugs into an electric outlet.
The Mito Municipal Government is still using a temporary office building […]
A Grapevine, TX, car salesman took a customer’s cell phone to obtain information on financing a new vehicle, and the customer later discovered that compromising photos of his wife had been emailed to a swingers website, according to a lawsuit filed Thursday.
A millionaire told police how he secretly bugged his escort girlfriend - and heard her bragging she was going to "do him over" for his money, a murder trial heard today. Property tycoon Peter Morgan, 54, put the listening device in the bungalow home of Georgina Symonds, 25, in the grounds of his castle. Mr Morgan allegedly strangled the mum-of-one with a ligature in January 2016.
Researchers from the Negev Cyber Security Research Center of Ben-Gurion University have presented a paper explaining that the software controlling signals to headphone jacks in many computers can be altered or re-tasked to change the jack from an output to an input, thereby turning the earphones into potential microphones.
Eavesdropping attempts may not always be well thought out, they could be spur of the moment opportunities. A camera recording with audio was found under a chair during a private meeting of MPs. British sportswear company Sports Direct was being paid an unannounced visit by members of the House of Commons' Business Select Committee. The MPs were there to insure that good working practices were being upheld by CEO Mike Ashley and the rest of the company.
News journal Mother Jones has an exclusive report that the Democratic National Committee told the FBI that they may have found evidence their headquarters was bugged. Nov. 4, 2016
…the Democratic Party recently informed the FBI that it had collected evidence suggesting its Washington headquarters had been bugged, according to two Democratic National Committee officials who asked not to be named.
In September, according to these sources, the DNC hired a firm to conduct an electronic sweep of its offices. After Russian hackers had penetrated its email system and those of other Democratic targets, DNC officials believed it was prudent to scrutinize their offices. This examination found nothing unusual.
In late October, after conservative activist James O’Keefe released a new set of hidden-camera videos targeting Democrats, interim party chairwoman Donna Brazile ordered up another sweep. […]
A number of computers at a five-star Geneva hotel that has hosted sensitive talks, including Iranian nuclear negotiations, were found to be infected with malware used for espionage, Swiss prosecutors have revealed. In Vienna, where the Iranian nuclear talks concluded in July 2015, the state prosecutor has launched two separate investigations into possible espionage. A spokesperson for the justice ministry told the Guardian that the two ongoing investigations were launched in June 2015 after bugging devices were discovered at Palais Coburg.
In my previous post I mentioned potential problems with IoT devices, including the possible threat of a hacked Amazon Echo. So today, I have to share this, an Echo hacked by developer Brian Kane. He was able to embed the functions of the Echo into a Big Mouth Billy Bass (usually known for singing “Take Me to the River” or “Don’t Worry, Be Happy”). It was put together as an in-class demonstration on rapid prototyping for his design course at Rhode Island School of Design in the industrial design dept.
It is funny, makes me laugh every time I watch it! But to bring the topic back to TSCM, it is also indication of things that are possible by hardware hacking of the many devices we surround ourselves with every day. Someone with a little electronic skill could install a […]
Most are familiar with the old question, “If a tree falls in the forest, but no one is there to hear it, does it make a sound?” Here is the new one that lawyers are facing: “If a microphone is turned on, but no one is there to hear it, is it still eavesdropping?”
Fear of eavesdropping is helping to spawn lawsuits as so many devices in daily use now come with some sort of microphone built in. An Indianapolis Colts fan has brought a lawsuit against the Colts, their app developer, YinzCam, and LISNR who created the technology used.
The Colts smartphone app uses fairly new technology to help deliver news, information, and ads to their fans. It supposedly can activate the smartphone microphone and be able to detect ultra high frequency sounds, far above the normal range of […]
An engineer has shown how you can sneak a tiny cellphone base station into an innocuous office printer.
The idea is the brainchild of New Zealand’s Julian Oliver, who was inspired by the Stingray cellphone snooping technology now in widespread use by the cops and FBI. He was looking to see how such tech could be hidden and what better to do this in than the humble office.
The printer still does its main job of spewing out documents, but now – using code Oliver developed and published – it also acts as a fake cellphone tower that detects and communicates with nearby phones and sends them SMS messages
https://www.theregister.co.uk/2016/11/02/printer_spy_box/?mt=1478140328427
Earlier this year I wrote about a few different consumer security cameras on the market that pose unique eavesdropping threats (here).
One of the more popular cameras has been the Arlo, sold by Netgear, available at outlets such as Best Buy and Sam’s Club. The Arlo was a replacement for the Netgear VueZone camera and was easy to use as a video device, but it only recorded video, no audio, so it was not able to eavesdrop on conversations (thankfully). It also required an active internet connection for the base unit. This would make it a bit more difficult to install in a corporate environment where the network may have active security in place. We found that Arlo cameras have been discovered being used as covert residential spy devices, but have not seen them used for corporate level eavesdropping espionage yet. The new version makes it a much more significant threat.
Arlo Pro, […]
Celebrity status has it’s downside- gossip. News recently came out in the British tabloids (RadarOnline) that Prince William and Kate Middleton had listening devices found throughout their home.
It seems they can relax. Another popular site, GossipCop.com, which tries to police the tabloids, asserts the claims are all false.
Headlines from RadarOnline
Gossip Cop points out:
According to RadarOnline, Queen Elizabeth has supposedly handpicked her grandson, Prince William, to become the next king when she either abdicates the throne or passes away, despite her son, Prince Charles, being next in line. As a result of this alleged development, the site claims Prince Charles is now trying to dig up dirt on his son that will prevent him from becoming king.
A so-called “source” tells the outlet that security at Prince William and Middleton’s royal residence recently discovered their “phones were tapped and the rooms were bugged,” […]
Even the best eavesdroppers may be nervous or have a lot on their minds. This could cause them to be careless when planting a bug or listening device. This would be true if they were spy-shop amateurs, disgruntled employees, or even state sponsored agents. Failure to clean up well after installing a device could be the clue that gives them away.
Our blog posts have been a bit scarce recently due to a fairly busy schedule. One weekend was well spent attending the 2016 conference of Espionage Research Institute International (ERII), held in yearly in the Washington, DC area.
ERII is made up of a number TSCM and other security professionals who are interested developing their craft and learning more about the threat of espionage, counterintelligence, and countermeasures against eavesdropping and other spy tactics. More information on the organization can be found at www.erii.org. J.D. Leasure and his wife Lisa did an excellent job of putting the program together.
This year’s conference included a number of valuable presentations.
An update on cellular surveillance was given by Jason Dibley, director of QCC Global, UK.
John Minor, fiber optic expert, presented a good look into threats facing fiber networks. Retiring TSCM-er Tim Johnson […]
Security stopped John Kerry to ask if he was carrying a phone with camera "No camera?" as he was entering a meeting with the President of Egypt, Abdel Fattah Saeed Hussein Khalil el-Sisi. The guard appears to continue to ask the next person behind Kerry as well, just doing his job!
Former Lake Station mayor had secretly recorded approximately 425,000 calls between Oct. 12, 2011, and Aug. 13, 2015, and continued the activity even after being released on bond as his federal corruption cases were pending. An audit of your phone system operations can help reveal potential misuse such as this. Almost all telecom systems in use today have features that can allow various forms of eavesdropping to take place.
A sophisticated bugging device has been found in a hotel meeting room ahead of the Bledisloe Cup rugby clash between the Australian teams the All Blacks and the Wallabies, officials confirmed on Saturday.