Monday, November 29, 2010

WikiLeaks 'surprised' by scale of US espionage

(CNN) -- WikiLeaks, the whistle-blower website sitting on a giant trove of U.S. diplomatic cables, didn't expect the papers to reveal as much espionage as they apparently do, a spokesman said Monday.

"I was surprised at (the) extent of the spying," Kristinn Hrafnsson told CNN.

The leaked papers include what seems to be an order from U.S. Secretary of State Hillary Clinton to American diplomats to engage in intelligence-gathering.

Clinton directed her envoys at embassies around the world to collect information ranging from basic biographical data on diplomats to their frequent flyer and credit card numbers, and even "biometric information on ranking North Korean diplomats."

Typical biometric information includes fingerprints, signatures, and iris recognition data.

The cable, simply signed 'CLINTON', is classified S/NF - or 'Secret/No Foreign' - and was sent to 33 embassies and the U.N. mission offices in New York, Vienna, and Rome.


Monday, November 22, 2010

Turkish eavesdroppers get name right, number wrong

A case of mistaken identity led to the wiretapping for many months of a Turkish construction worker with the same name as a military colonel accused of attempting to stage a coup, daily Hürriyet reported Thursday.

According to the paper, it took the police months to realize it was tapping the phone of the wrong Dursun Çiçek.

Daily Hürriyet called the phone number listed on the first two court orders authorizing surveillance of Col. Dursun Çicek on suspicion of plotting a coup. The paper reported that the man who answered was a construction worker who had no idea that his conversations were being monitored.


Tuesday, November 16, 2010

Five tips for protecting mobile devices
Attacks against information assets — government, corporate, and personal — have been going on for some time. Yet many users and organizations have blatantly ignored recommendations for protecting mobile devices, exposing themselves, their businesses, their customers, and often employees to harm. These devices in the hands of mobile workers are exposed to a variety of threats:
  • Hotel wired networks are often wide open to eavesdropping by cybercriminals or other guests. Jacking into a network frequently equates to sending and receiving information over a single collision domain. This means all packets for a set of rooms, a floor, several floors, or even the entire hotel/motel are seen by all other systems on the network. Unprotected packets are prime targets for capture, analysis, and data extraction.
  • Connecting to unencrypted hotel or other public wireless networks, sending sensitive information out into the ether, is a well-known problem. I won’t beat it to death.
  • Improper configuration of firewalls or the total lack of an end-user device security perimeter, allows anyone, anytime, and anywhere to use public networks to peruse private information on laptops, smartphones, or PDAs.
  • Some unencrypted stolen or lost devices are a treasure chest of information, including passwords, customer and employee information, and user identity data. In large, chaotic venues, it isn’t difficult to lose a laptop or PDA.

This is not a complete list of potential attack vectors, but proper attention to those four issues reduces risk to a reasonable and appropriate level. The following steps are a good start in preventing information or system compromise.


Monday, November 15, 2010

Spies from 19 nations in Norway
19 foreign countries are conducting intelligence against Norway on Norwegian soil, the Norwegian Police Security Service says. Some are here legally, while others pose as diplomats, journalists or business people.

This is the first time the Norwegian Police Security Service (PST) says anything about the extent of foreign espionage in Norway, TV2 reports.

- I think you can say that espionage in Norway is on a higher level than during the Cold War period, head of PST Janne Kristiansen says.

According to PST the 19 nations with intelligence personnel in Norway have various interests. Some are interested in Norwegian technology; others are interested in Norwegian security policy and military installations.


Friday, November 12, 2010

Mobile phones can be turned into mobile bugging devices
According to MWR InfoSecurity, at least two mobile phones that are being sold around the world are capable of being turned into Mobile bugging devices. The company says that most mobile phones are open to immediate cyber attack and network providers are doing little to help.

Recently MWR InfoSecurity alerted users worldwide that the Palm Pre mobile phone could be used as a bugging device without the user’s knowledge, and that phones using the Google Android system could be easily interrogated for passwords. They have now discovered that a HTC phone can be also be compromised and used as a remote bugging device.

“Mobile phone users globally are open to exactly the same risks as a user of a poorly secured desktop computer” said Nils (Principal Information Security Researcher at MWR InfoSecurity). The more we test these phones the more security flaws we are finding. It’s not just the manufacturers that are to blame it is also the mobile network providers who are not doing enough to protect their customers”


Wednesday, November 10, 2010

Santiago’s latest scandal: spy microphones found in the Mayor’s office

SANTIAGO.- The Santiago City Council dismantled an espionage system of several high tech miniature microphones which had been secretly installed in the office of mayor Gilberto Serrulle and other areas.

The Mayor confirmed the finding, but downplayed the case, affirming that he has nothing to hide or fear.

A source quoted y affirms that it was an enemy of Serrulle, who wasn’t identified, who sought to obtain confidential information which could jeopardize the municipal executive.

The scandal is the latest episode in the Santiago City Council, where the previous Mayor, Jose Enrique Sued was charged with misappropriating more than RD$100 million.

DAS wiretap witness murdered

A former official at intelligence agency DAS, who was due to give evidence regarding illegal wiretapping carried out by the agency, was assassinated Thursday afternoon in Medellin, reports Caracol Radio.

David Antonio Ballen Garcia, a former DAS detective who left the agency three years ago, was shot by unknown gunmen on motorcycles while on his way to work, riding in a vehicle in the Patio Bonito area of El Poblado in Medellin. The driver of the vehicle and two other passengers, a woman and another former DAS employee, were injured.

Ballen Garcia appears on a list of witnesses made by the Prosecutor General's Office in the case of illegal wiretapping carried out by DAS against political opponents, journalists and human rights activists. He was allegedly about to supply key information in the case to authorities.


Friday, November 5, 2010

Man in disguise boards international flight

Note: This just in from our friend "Mike" Heads up! Pay attention out there will ya! Grandma was slow, but she was 100! JDL

Atlanta, Georgia (CNN) -- Canadian authorities are investigating an "unbelievable" incident in which a passenger boarded an Air Canada flight disguised as an elderly man, according to a confidential alert obtained by CNN.

The incident occurred on October 29 on Air Canada flight AC018 to Vancouver originating in Hong Kong. An intelligence alert from the Canada Border Services Agency describes the incident as an "unbelievable case of concealment."

"Information was received from Air Canada Corporate Security regarding a possible imposter on a flight originating from Hong Kong," the alert says. "The passenger in question was observed at the beginning of the flight to be an elderly Caucasian male who appeared to have young looking hands. During the flight the subject attended the washroom and emerged an Asian looking male that appeared to be in his early 20s."


Monday, November 1, 2010

Husband accused of tapping wife's PC
A Texas court has ruled that a husband accused of monitoring his wife's computer through a keystroke logger did not violate federal wiretapping laws.

Larry Bagley was sued in June by his wife Rhea Bagley, who accused him of surreptitiously placing audio recording devices in their house as well as a software keystroke logger. The Bagleys are in the process of divorcing.

The complaint in this civil case says that during the divorce proceedings, the husband revealed the existence of the surveillance tech and acknowledged that the "software recorded screenshots of activity on this computer." The husband replied in court documents that "in all conversations, the defendants' children were present and defendant was able to consent to recordation by way of vicarious consent."

U.S. District Judge Lee Rosenthal ruled on October 18 in favor of the husband, saying that the court was required to follow a Fifth Circuit decision saying that the federal wiretap law known as Title III does not apply to marital relationships.

Read more: