Thursday, July 27, 2017

Scary mobile wireless flaw lets hackers track your cellphone's location..


If you're like a lot of people, you've probably worried for many years about other parties spying on you. Maybe it's a weird and persistent feeling that somebody's tracking or watching you each time you make a phone call or go online.

In our modern-day ultra connected world, the snoop could be anyone - advertisers, the government, hackers - with the right equipment, spying is quite a real-world possibility.

In fact, we told you about a device called a StingRay, which is essentially a portable, luggage-sized cellphone tower. Once they have a good idea where you are, snoops can switch to a portable device to track you down, to as precisely as a specific room in a building.

Older cellphones that use 2G connections were extremely vulnerable to Stingrays because of the 2G standard's weak encryption. With the introduction of the newer 3G and 4G LTE standards, the common belief is that this weakness has been remedied with stronger encryption. But is this still true?

Investments In IoT Security Mean Solution Providers Better Be Ready..


As Internet of Things security threats continue to rise, solution providers and vendors say they are starting to see the tide turn when it comes to real investments in IoT security technologies.

The comments come as the Black Hat 2017 conference in Las Vegas highlighted some of the latest threats against IoT devices, including attacks on smart locks, critical infrastructure, cars, smart buildings, industrial robots, radiation monitoring devices and more.

They also come after multiple high-profile IoT attacks in recent months, most notably with the Mirai botnet DDoS attacks launched through IoT devices including webcams, routers and video recorders.

Monday, May 15, 2017

Infrastructure vulnerabilities make surveillance easy..

Weakness in digital communications systems allows security to be bypassed, leaving users at risk of being spied on.



Governments want to spy on their citizens for all sorts of reasons. Some countries do it to help solve crimes or to try to find "terrorists" before they act.
Others do it to find and arrest reporters or dissidents. Some only target individuals, others attempt to spy on everyone all the time.
Many countries spy on the citizens of other countries: for reasons of national security, for advantages in trade negotiations, or to steal intellectual property.
None of this is new. What is new, however, is how easy it has all become. Computers naturally produce data about their activities, which means they're constantly producing surveillance data about us as we interact with them.
Corporations are doing it for their own purposes; collecting and using this data has become the dominant business model of the internet. Increasingly, governments around the world are ensuring that they too have access to the data, either by mandating that the companies give it to them or surreptitiously grabbing their own copy.

Sunday, May 14, 2017

Corporate spying costs billions, can it be stopped?

Hotel giant Hilton wanted to develop an all-new luxury hotel chain called Denizen to satisfy a growing market for high-end accommodations. Its competitor Starwood thought Denizen seemed very similar to its successful W chain. Too similar. And in 2009 Starwood Hotels & Resorts filed a corporate espionage lawsuit against Hilton, claiming two former executives who left to work at Hilton stole, and recruited others to steal, more than 100,000 documents full of sensitive information.
The documents, Starwood said, included trade secrets like a step-by-step guide to creating a new luxury brand from the ground up. Starwood said the name Denizen itself came from a concept Starwood developed for the W chain called the "zen den." In the end, Hilton settled with Starwood for $75 million and had to drop the Denizen brand. Hilton did not admit wrongdoing as part of the settlement, saying in a statement, "Hilton Worldwide regrets the circumstances surrounding the dispute with Starwood Hotels & Resorts Worldwide and is pleased to bring an end to this prolonged litigation."

Monday, April 24, 2017

Top app has been spying on users and lying about it..

Uber, the ride-hailing service, is having a bad year. Last month, a secret Uber program called Greyball was exposed and it revealed how the company uses data collected from its app to evade authorities in areas where the service is resisted by law enforcement or banned.

Greyball was allegedly used in cities like Las Vegas, Boston and Paris, plus in countries like China, Australia and South Korea, to deny service to Uber accounts considered as a threat to the company.

Now, another controversy has surfaced and it involves a tussle with a company that Uber can't afford to irk.

The New York Times reported that in early 2015, Uber CEO Travis Kalanick met with Apple's Tim Cook to discuss specific questionable techniques the Uber app was allegedly employing.

Apple engineers discovered that the app was tracking its users even after it was deleted from iPhones. This practice, called "fingerprinting," violates Apple's privacy guidelines. "Fingerprinting" assigns each iPhone a specific identity via a small piece of code that persists even after the device's data has been wiped.

Tuesday, April 4, 2017

Someone is spying on cellphones in the nation's capital..



A CBC/Radio-Canada investigation has found cellphone trackers at work near Parliament Hill and embassies.

A months-long CBC News/Radio-Canada investigation has revealed that someone is using devices that track and spy on cellphones in the area around Parliament Hill.
The devices are known as IMSI catchers and have been used by Canadian police and security authorities, foreign intelligence and even organized crime.
The devices, sometimes known by the brand name of one model, StingRay, work by mimicking a cellphone tower to interact with nearby phones and read the unique ID associated with the phone — the International Mobile Subscriber Identity, or IMSI.
That number can then be used to track the phone and by extension the phone's user. In some instances, IMSI catchers can even be used to gain access to a phone's text messages and listen in on calls.

Thursday, March 16, 2017

Suspected Hack Attack Snagging Cell Phone Data Across D.C.

Malicious entity could be tracking phones of domestic, foreign officials


An unusual amount of highly suspicious cellphone activity in the Washington, D.C., region is fueling concerns that a rogue entity is surveying the communications of numerous individuals, likely including U.S. government officials and foreign diplomats, according to documents viewed by the Washington Free Beacon and conversations with security insiders.
A large spike in suspicious activity on a major U.S. cellular carrier has raised red flags in the Department of Homeland Security and prompted concerns that cellphones in the region are being tracked. Such activity could allow pernicious actors to clone devices and other mobile equipment used by civilians and government insiders, according to information obtained by the Free Beacon.
It remains unclear who is behind the attacks, but the sophistication and amount of time indicates it could be a foreign nation, sources said.
Mass amounts of location data appear to have been siphoned off by a third party who may have control of entire cell phone towers in the area, according to information obtained by the Free Beacon. This information was compiled by a mass-monitoring program supported by DHS and ESD America and known as ESD Overwatch.
Cell phone information gathered by the program shows major anomalies in the D.C.-area indicating that a third-party is tracking en-masse a large number of cellphones. Such a tactic could be used to clone phones, introduce malware to facilitate spying, and track government phones being used by officials in the area.