Hidden Video Recorders

All of these items are fully functional digital audio/video recorders with hidden cameras. These kind of devices are being produced in the millions in the Far East and most are available for less than £100. Be aware the threat landscape has shifted and what was once the realm of James Bond is now available on the high street. Checkout Maplin, Ebay or Amazon to see how prolific these devices are.

For a real eye-opener take a look at one of the manufacturers site. click here...

 

Right to privacy broken by a quarter of UK's public databases, says report

Pretty strong stuff but perhaps the first honest appraisal of our major databases. We are at the adolescence stage of our understanding of mass data storage and must maintain vigilance as we learn this process. If you loose your house keys you can always change your door lock. If we loose all our personal information (NI numbers, passport numbers, bank details, date of birth, place of birth, DNA, medical history, children's school info, criminal history etc) it is a bit harder to 'just fit a new lock'.

A quarter of all the largest public-sector database projects, including the ID cards register, are fundamentally flawed and clearly breach Europeandata protection and rights laws, according to a report published today.

Claiming to be the most comprehensive map so far of Britain's "database state", the report says that 11 of the 46 biggest schemes, including the national DNA database and the Contactpoint index of all children in England, should be given a "red light" and immediately scrapped or redesigned. more...

Complaints force Google to remove Street View images

If you haven't seen Google Earth with Street View in action you need to. the amount of information is quite shocking - especially when you are looking at a picture of your own curtains!

Google was forced to remove hundreds of pictures from Street View, its mapping service, within hours of its launch after complaints from people who said that the system breached their privacy. more...

Mobile users at risk of ID theft

This is one of those threats that is only going to get worse. many of us store huge amounts of personal information on our phones and mobile devices. We are humans and we will loose these devices from time to time so a few basic rules are essential.

1. Always have a power-on and key-lock password activated
2. Always have a voicemail password activated
3. Don't save a number or address called 'home'
4. Do not give out your passwords to unsolicited calls
5. Do not leave your phone unattended
6. Back-up your phone data

You might also want to watch out for Spyphone software.

A survey of London commuters suggests that 4.2m Britons store data on their mobiles that could be used in identity theft in the event they are stolen.

Only six in 10 use a password to limit entry into the phones, according to the survey by security firm Credant. more...

U.K. to monitor, store all social-network traffic?

It is always worth remembering that nearly everything we say in the electronic arena (emails, sms messages, IM conversations, Twitter twits, IM conversations, Facebook posts etc.) is stored somewhere. It is nearly always traceable to the user. If you shouldn't say it certainly do not say it electronically.

The U.K. government is considering the mass surveillance and retention of all user communications on social-networking sites, including Facebook, MySpace, and Bebo. more...

Credit card skimming malware targeting ATMs

It seems like such an obvious target it makes me wonder if this is the first time ATM's have been compromised or just the first time it has become public? Ultimately most malicious code is intended to generate revenue for criminals and ATM's are, in essence, computers full of cash!

From time to time, because they know I work for SophosLabs, my friends ask me about different malware types and forward me warnings of alleged malware outbreaks, which often turn out to be just standard hoax emails. more...

UK companies spurn encryption

This survey suggests too many of us are taking the 'head-in-the-sand' approach to data security. If you want some practical, real-world advice contact us.

Fewer than half of UK companies use encryption technology to secure their data, according to a survey.

Despite the lack of encryption, UK IT managers claim their corporate data is safe and almost two-thirds (65 percent) said the data breach at HM Revenue & Customs (HMRC) will not change their IT spending priorities, according to a survey of 140 senior IT staff in UK public and private companies by security software specialist Check Point. more...

Finn creates USB 'finger drive'

More anatomy modification.

A Finnish computer programmer who lost one of his fingers in a motorcycle accident has made himself a prosthetic replacement with a USB drive attached. more...

Two million households now have spy devices in their bins

Following on from an earlier post we see the march of the council powers continue.

Figures released using the Freedom of Information Act show 42 local authorities have installed the 'spy' devices in rubbish containers to record how much residents are throwing away. more...

Bogus bomb, somewhere near you

This scam targets our fear to trick us into clicking onto a dangerous site. Always be aware and check before you click on any unsolicited material. Worth remembering you computer broadcasts your approximate geographical location.

Security labs have discovered a variant of malicious spam that is engineered to report an exploded bomb within the recipient’s vicinity.

The ‘waledac’ variant, containing an apparent link to a Reuters website, shows the geolocation of the explosive as corresponding to the users IP address. more...

Bishop of Manchester silenced by computer virus

Public and communal orginisations have considrable challenge maintaining the balance between accessabliity and security. If you are a public or NFP orginisation and need help contact us.

THE Bishop of Manchester has been forced to take a vow of email silence after his computer was crippled by a virus.

The Rt Rev Nigel McCulloch has been unable to send or receive messages for nearly 10 days, it has emerged. more...

Sentex keypads have a mastercode!

Sentex are a worldwide brand of electronic entry systems. It has been discovered that there is a master code across many of their products allowing anyone to enter who knows the code. This raises the question of other access control systems, have yours been checked and tested?

It has a master key:

 

Here's a fun little tip: You can open most Sentex key pad-access doors by typing in the following code: more...

World Wide Web creator Sir Tim Berners-Lee fell victim to online fraud

Be careful out there - even the man who invented the web can become a victim of on-line fraud. Be sensible and do not click on anything unsolicited.

Sir Tim, who dreamt up the web 20 years ago, said he bought a Christmas present from an online shop. It was only when the present didn't arrive that he realised he had been conned.

He is one of an increasing number of victims of online cyber crime. Around one in four internet users in the UK have fallen victim to online phishing scams that attempt to steal people's financial details while one in six have fallen victim to other types of online fraud. more...

Film-maker turns into 'eyeborg' with camera in eye socket

The stuff of sci-fi films becomes reality. 

NB - there has been a golf-ball sized covert DVR (Digital Video Recorder) on the market for over a year....watch out at the 19th hole.

A film-maker is putting a mini video camera in his prosthetic eye to record a documentary highlighting the issues of privacy and the surveillance society.

Rob Spence, 36, says he will secretly record people for his "Eyeborg" project using a tiny camera, battery and wireless transmitter hidden inside his false eye. more...

Google Docs leaks out private data

The big dilemma. If you store all your data locally you are the single point of failure but on the whole you are in control. If you sent your data to the 'cloud' you are at the mercy of third parties..... still if you want to hide a tree put it in a forest.

The security rating of cloud computing has taken a battering with news that users of Google's online word processing service - Google Docs - may have shared their data with unauthorised users.

A security flaw in the Google Docs software meant that the documents of some users were flagged as collaborative items, allowing third party users of the service to access - and amend - the files. more...

Two men have been convicted for their part in trying to pull off a £229m heist at the Sumitomo Mitsui Bank in London.

This is a classic. By utilising key logger technology they were able to retrieve account numbers, passwords and user info to commit a huge fraud. If your company has assets and information to protect you need to be aware of these threats.

Two men have been convicted for their part in trying to pull off a £229m heist at the Sumitomo Mitsui Bank in London.

In one of the biggest attempted bank thefts in Britain, they used hi-tech equipment to try to steal money from the accounts of big businesses. more...

Google ad service raises privacy fears

Do you know how much information Google has on you. Do you know how much of it is available to others. Do you need help maintaining a balance between on-line presence and personal privacy, contact us.

Google knows more about you than any organisation in human history. It can give you a bird’s eye view of your house, allow friends and family to track your every move through their mobile phones, and through its search engine - knows your likes, dislikes and even your vices. more...

BBC team exposes cyber crime risk

Controversial but enlightening BBC Click documentary on Bot armies and cyber-crime. If you are not familiar with this problem watch and learn - essential viewing. 

Software used to control thousands of home computers has been acquired online by the BBC as part of an investigation into global cyber crime.

The technology programme Click has demonstrated just how at risk PCs are of being taken over by hackers.

Almost 22,000 computers made up Click's network of hijacked machines, which has now been disabled. more...

SEC: Magical stock brokering software was a fraud

If we have learnt anything it is that things that look to good to be true probably are. Have you performed Due Diligence wherever you have significant exposure?

US trade regulators are accusing two California men of orchestrating a multi-million dollar ponzi scheme by convincing clients they owned a special stock option trading computer program with a near-flawless record for choosing winners. more...

Investigation information stored on a USB drive has been lost by Lothian and Borders Police.

Once again a simple failure to employee rules surrounding the use of USB memory sticks. In this case there could be more than information at stake if this data falls into the wrong hands.

Once again - Some basic procedures make a world of difference:

1. Use a Hardware encrypted USB key... something like this
   
2. Don't carry a USB key unless you need to 
   
3. Overwrite delete all data once no longer required

A USB drive is missing from Lothian and Borders Police with details of hundreds of police investigations.

A police spokesman confirmed to IT PRO that Lothian and Borders Police are “unable to locate this ‘memory stick,’ which contains information on vehicle registration marks and other details used for police analysis”. more...