Wednesday, October 15, 2014

Someone Might Be Spying On Your WebEx Meetings

Cisco has sent a warning to its customers to protect their WebEx meetings after Brian Krebs from KrebsOnSecurity found that almost 50 big players left their online meetings vulnerable and open for all.

Krebs said that he found several organizations did not password protect their WebEx meetings, thus allowing anyone to join and get information about their internal planning. The schedule of these meetings was available through the WebEx Event Center. WebEx is an online conferencing system from Cisco.

These issues were present with audio and video based meetings as well. There are options for companies to password protect their sessions, but many companies do not follow the best practices for online meetings, and thus allow any malicious entity to join the daily conferences and gather details regarding management related topics.

Read more here.

Tuesday, October 14, 2014

Dropbox: We weren’t hacked!

NEW YORK (CNNMoney) — A group of anonymous hackers claims to have stolen nearly 7 million Dropbox username and password combinations. But Dropbox denied that it was hacked.
The hackers have posted several hundred email addresses and passwords so far on Pastebin.com, releasing more logins as they receive more bitcoin donations.
“Your stuff is safe,” Dropbox said in a blog post. “The usernames and passwords … were stolen from unrelated services, not Dropbox.”
It’s not clear which service or services the passwords were stolen from. Some third-party apps allow people to manage their Dropbox files, but a Dropbox spokesman wouldn’t name any potential culprit.
It’s possible that some people used the same login information for Dropbox that they used for the third-party app.

Read more here.

Wednesday, September 24, 2014

FBI Warns of Rise in Disgruntled Employees Stealing Data

 Wall Street Journal (09/23/14) Barrett, Devlin

The FBI said Tuesday that it has seen a spike in the number of disgruntled employees who steal company information, sometimes as part of an effort to extort money from previous employers.
 There have been cases in which individuals used their access to destroy data, steal software, obtain customer data, make unauthorized purchases, and gain a competitive edge at a new job, the FBI said. A common way to steal information, the FBI noted, is to use cloud storage accounts and personal e-mail. Sometimes, terminated employees still have remote access to the company's system.

Organizations that have recently been victimized by data theft have suffered losses of $5,000 to $3 million. The FBI reports that some employees have attempted to extort their employer by restricting access to company Web sites, disabling certain functions in content management systems, or conducting distributed denial-of-service attacks. Companies are advised to quickly end departed employees' access to computer systems, and change administrative passwords after IT personnel quit or are terminated.

Read more here.

Tuesday, September 23, 2014

2014 ERII Conference Debrief

2014 Espionage Research Institute International Counterespionage Conference

The Annual ERII Counterespionage Conference was held on September 12, 13 & 14 in Washington, DC.

TSCM professionals from across the globe met to discuss counter espionage news and events, see demonstrations of new TSCM equipment and network with colleagues.
The ERII Conference experience included presentations by top experts in the fields of Technical Surveillance Countermeasures (TSCM) Counterintelligence/Counterespionage, Cyber Countermeasures, Equipment vendors and more.
This year, our Keynote Speaker was Sandra Grimes, Author of  "Circle of Treason",  A CIA Account of Traitor Aldrich Ames and the Men He Betrayed

Read more here.

Thursday, August 28, 2014

Former Cyber Security Chief in Charge of Obamacare Site Going to Jail for Heinous Online Activities

A former acting director of cyber security with top clearance at the Department of Health and Human Services has been convicted of several child pornography charges, after a yearlong investigation by the FBI.
As reported by the New York Daily News:


Timothy DeFoggi, 56, was found guilty of engaging in a child exploitation enterprise, conspiracy to advertise and distribute child pornography and accessing a computer with intent to view child pornography. He was listed as an employee with top clearance at the HHS up until January 2014, though he was charged and held without bail in May 2013.

But DeFoggi wasn’t only looking at pornographic pictures. It’s far worse than that.

His activities on the site included accessing child pornography and expressing sexual fantasies — including raping and murdering children — in his communication with other site members. DeFoggi even suggested meeting one member in person to fulfill their mutual fantasies to violently rape and murder children,” the Department of Justice said of DeFoggi’s activities.
Read more here.

Tuesday, August 5, 2014

FinFisher spyware docs detail surveillance limitations

A parody Gamma International Twitter account is releasing secret documents that detail FinFisher spyware limitations, spying modules, mobile capabilities, price list and antivirus detection of the malware typically sold to governments.

“Phineas Fisher” aka @GammaGroupPR, a parody Twitter account of the Gamma Group that specializes in FinFisher spyware, certainly knows how to snag attention. Its very first tweet announced, “Here at Gamma International, we've run out of governments to sell to, so we're opening up sales to the general public!”

Then come the links to leaked FinFisher documents stored in Dropbox, including a product brochure featuring FinFisher’s selection of monitoring software and capabilities (pdf), user manual with troubleshooting tips for setting up a FinSpy server, price list, release notes for FinSpy Mobile 4.51, and another document that spells out how well the spyware does on Windows Mobile devices.
WikiLeaks Spy Files first released documents detailing FinFisher in 2011. Citizen Lab research from 2012 showed how the sneaky FinFisher surveillance had gone mobile. The leaked documents via @GammaGroupPR are the newest, with some dated April 2014.

Read more here.

Friday, August 1, 2014

Hackers Tap Into USB Devices, Evade All Known Security Protections

BOSTON (Reuters) - USB devices such as mice, keyboards and thumb-drives can be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher revealed on Thursday.

Karsten Nohl, chief scientist with Berlin's SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.

"You cannot tell where the virus came from. It is almost like a magic trick," said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.
The finding shows that bugs in software used to run tiny electronics components that are invisible to the average computer user can be extremely dangerous when hackers figure out how to exploit them. Security researchers have increasingly turned their attention to uncovering such flaws.