www.faberbrent.com

Monday, 24 August 2009

Charity offices bugged

Reports coming out of Oklahoma City are claiming police are investigating the alleged bugging in three offices of the $1 billion PA charity Feed the Children.

It is suggested that the bugging may be related to an executive power struggle. NB - In our experience the use of covert devices is rife in employment/labor disputes.

The devices used were professionally installed and discovered by a TSCM specialist.

This is the third time in 12 months that we have come across bugging in a charity environment. If you run a charity or NFP organisation and need advice contact FaberBrent.

Posted by www.faberbrent.com at 09:54 0 comments

Mobile-phone handset complexity - the criminals friend.

In two related stories we have been told that one-in-four Brits own more than one mobile phone and that mobile phone manufacturers are not providing significant co-operation with law enforcement to help with unlocking data from suspected criminals handsets.

Firstly the multiple-mobile syndrome. This is a significant security risk. The ammount of data we now store on our devices is comprehensive (including passwords, account numbers, passport numbers, home addresses, family names, business contacts, childrens schools, client lists, appointments etc). How many of us can say that we fully wipe every old device (both phone and SIM) when we no longer need it? Does your company have a policy for dealing with this? Is it ok for your eployees to have business information on personal mobiles? When your provider upgrades your phone do you give the old one straight back? ....there are many questions to be answered. A final concern on phones is that the more phones you use the higher the risk that you suffer from a 'SpyPhone software' attack.

Secondly we are told that there is not sufficient co-operation in the UK by handset manufacturers to help law enforcement unlock mobile devices to retrieve potential evidence. It does seem a bit redicilious that the UK taxpayer is funding reverse engineering of code that is freely available from the manufacturers. Perhaps a little legislation here may be on order. At a minimum we need to prevent the completly annomious availability of Pay as You Go SIMS and phones.




Posted by www.faberbrent.com at 09:35 0 comments

Monday, 17 August 2009

The security lessons from Britian's largest jewellery robbery

You may be wondering what a £40 million armed raid at a high-end jewelers store in central London has to do with InfoSec?

Well, in the last few days it has been revealed that the robbers were caught on CCTV 2 days before the robbery, outside the shop 'checking things out'.

So what we had here is pre-planning. This is a common part of all theft (including data), whilst their is opportunist crime it is the exception rather than the norm.

Now we are not post-judging this particular situation but there may have been a window for prevention. One possibility may have been that when they pulled up outside the shop two days before the security guard had approached them and asked something like "can I help you?". By the simple act of engaging during the information gathering or 'hostile reconnaissance' stage it may have been enough to deter the attack. Their reaction to the question may have also raised the security guards suspicion and caused him to brief the other staff to be on the look-out for these men.

How does this relate to InfoSec.... Create a positive culture of security understanding and ownership, check your logs proactively, set up rules and identify behaviour 'out of the norm'. Be proactive and follow up anything out-of-place in a timely manner. Engage your end-users, speak to them and encourage a culture of 'eyes and ears'. Help them understand the threats in 'plain English'.

Prevention is always better than reaction.


Posted by www.faberbrent.com at 09:41 1 comments

Labour MP and Dutch VIP's suffer website data leaks found by a Google search

In unconnected incidents there have been two recent cases of unprotected data being exposed by poor website administration.

These are both excellent examples as to why you should employee independent third-party security testing for your website (and all other security systems).

An untested security system is a false sense of security.

Posted by www.faberbrent.com at 09:34 0 comments

Black-hatter shows how to utilise memory in Apple keyboard to create a hardware key-logger

K.Chen at the Black-hat conference this year proved a concept that he could use the spare memory in an apple keyboard to run a rudimentary key-logging script. Whilst this is interesting it is only really a proof of concept.

What is of far more concern is the existing hardware key-logging devices (pictured) that will record 2 years typing for an average user. BTW these are invisible to all available anti-virus and hardware monitoring software and can only be found by a physical search of your keyboards and computers.

This is a risk that costs $70 and can create a very serious exposure. If you are concerned that your computers have never been checked for malicious hardware contact FaberBrent for help.

Posted by www.faberbrent.com at 09:17 0 comments

How to be a Corporate Mole ...and how to spot one

OK, by no means a comprehensive guide but the thing we found interesting is that this kind of role is becoming part of the public landscape.

Published by eHow (along with how to do just about everything in an amateur, half-arsed fashion) ....probably a bit harsh, there is some good stuff in there (we just wouldn't advise risking your job/life on their spying advice).
Posted by www.faberbrent.com at 09:11 0 comments

Monday, 10 August 2009

UK Govt spied on more that one in every seventy eight adults in 2008!

Today Sir Paul Kennedy, the Interception of Communication Commissioner, released his report on the amount of surveillance requests in the UK in 2008. It has been revealed that Councils, Police and other organisations made 504,073 requests to monitor communication "traffic".

The Liberal Democrat home affairs spokesman Chris Huhne said: “The sheer numbers are daunting. It cannot be a justified response to the problems we face in this country that the state is spying on half a million people a year. It beggars belief that it is necessary to spy on one in every 78 adults. The fact that numbers are up a half on two years ago makes a mockery of the Government’s supposed crackdown."

Whilst no-one would object to legitimate law enforcement needs, the scale of this surveillance may lead to opportunities for abuse (as we have seen here).

It is worth noting that the vast majority of these requests are from the police and security services, only a small percentage are from local councils. More discussion on this topic here.

Of course these are the 'legitimate' requests. This does not account for all the operations that require 'rule bending', let alone all the illegitimate and illegal surveillance devices, sold in the tens of thousands in the UK each year. Add on to that spy-ware and trojan viruses monitoring or computers and spy-phone software using your mobile phone as a listening device. Oh, and lets not forget the 3.2M CCTV cameras in the UK, where in most cases no checks are required to monitor them.

If you are concerned about your privacy, both business and personal (and many of us are) contact FaberBrent for help.

Posted by www.faberbrent.com at 08:50 0 comments

Sunday, 9 August 2009

Nine Local Authority workers sacked for illegally accessing records on Govt customer Information System database

Following a Freedom of Information request by Computer Weekly it has been revealed that nine local government employees have been sacked for illegally accessing personal details held on the Customer Information System (CIS) database, part of a linked-up network of systems which constitute the government's planned national identity database.

There are around 200,000 people with access to this database, one may wonder how proper checks and measures can really be implemented. Of course the nine mentioned are the ones that got caught.

Posted by www.faberbrent.com at 14:42 0 comments

UK ID cards - hacking debate rages on - is it just a super-database by stealth?

There has been a heated debate regarding the security of the new (non-compulsory) UK ID cards.

The Daily Mail ran a comprehensive article on how their expert analysed, decrypted, modified and recoded the RFID chip. He was able to change a range of details including 'Entitled to benefits'.

We have always argued that (at best) an ID card proves an innocent person innocent and (at worst) give an illegitimate person instant credibility.

The Home Office have rubbished these reports "This story is rubbish. We are satisfied the personal data on the chip cannot be changed or modified and there is no evidence this has happened," said a spokesperson. A very brave statement in our opinion!

There has been accusations that the Home Office doesn't care about the security of the card as the card itself is not relevant, just a vehicle to build a mass-database. Looking at the apparent ease these cards were cracked this accusation does seem potentially plausible.


Posted by www.faberbrent.com at 14:16 1 comments

Half of UK firms have redundancy plans - why is this a security challenge?

In a new survey by the British Chamber of Commerce reveals that one in two UK companies have planned of potential redundancies in the next 6 months.

Whilst this is probably not a business surprise there is a significant security risk here. Should these plans be leaked there could be serious consequences including union action, share price hits, key staff leaving, drop in customer confidence etc.

There have been many documented incidents of covert surveillance usage in labour disputes and conflicts. One battle-hardened CEO told us that whenever he is dealing with Unions he works on the basis that 'everything is being recorded'.

If you have redundancy contingency plans (in place or being developed) contact FaberBrent to help understand and mitigate some of the potential risks.

Posted by www.faberbrent.com at 13:57 0 comments

Monday, 3 August 2009

How to unshred a document

For the first time a software package is publicly available that is designed to rebuild shredded documents.

If Unshredder proves to be effctive it will, no dubt, soon become a staple of investigators and general snoopers everywhere.

If you need help disposing of your confidential information contact FaberBrent.
Posted by www.faberbrent.com at 14:31 0 comments

Skype - spy vs spy and how the uncrackable service may be dismantled

Skype is currently very hard to intercept and decrypt. This has been a frustration for many security services.

It now appears that the ongoing dispute between Skype's founders may lead to eBay (current owners) redesigning the core technology (due to the IP dispute).

Any reworking of the code will be very welcome news for security services who apparently can't easily decrypt and/or intercept the current version.

Conspiracy stories... please form an orderly queue.


Posted by www.faberbrent.com at 14:23 1 comments

Clampi - the biggest Trojan virus yet?

It is being reported that Clampi may be the biggest and most effective Trojan type virus yet seen.

Thousands of the worlds top businesses have been targeted for deployment and attack.

Joe Stewart (Director of Malware Research with SecureWorks.) has been researching Clampi for 2 years. He said "We weren't all that worried about Storm, and we weren't all that worried about Conficker, this one you need to worry about."


Posted by www.faberbrent.com at 14:14 0 comments

iPhone SMS vulnerability patched in less than 24hrs

In a positive example of exploit exposure Apple have patched the SMS vulnerability (announced at the Defcon conference last week).

Within 24hrs an update was available to fix the problem.

Now when will Apple fix the far larger security vulnerability plaguing the iPhone (in contradiction to their marketing for the current version that supposedly had 'enterprise level' security).

Posted by www.faberbrent.com at 13:57 1 comments

Do you believe everything you read - was MI5's website really hacked?

Last week the Daily Express reported that the MI5 website was hacked and visitor data was stolen. This story seemed a little far fetched and indeed was not very accurate at all.

It turns out that a technical vulnerability was pointed out and duly fixed. The concept that MI5 would keep confidential data at the front-end of their public website should have seemed a bit unlikely, even for the Express.

I wonder when they will print the correction....

Posted by www.faberbrent.com at 13:48 0 comments

Hollywood comes true..again - VideoJak demos hacking and spoofing IP video feeds including cctv and video conferencing

A new tool shown at the Defcon hacker conference in Las Vegas last week has the ability to both intercept Internet video feeds and eject false 'looped' images.

This is another example of Hollywood coming true the attacker can hack, monitor and record a CCTV feed (when nothing is happening), then play this back in a loop to hide the actual live feed (presumably while Tom Cruise is lowered down on a black rope).

This tool also provides the ability to intercept video conferencing.

NB - if you are using any kind of conferencing facility you should be working on the basis that the information can be intercepted. Many of us rely on IP streamed video systems, do you know if your system is still secure? If you need help with securing your business communications contact FaberBrent.

Posted by www.faberbrent.com at 13:35 0 comments

Tuesday, 28 July 2009

David to Delores - MI5 whistleblower transforms into transvestite Jesus incarnate

One of those stories you just couldn't write.

Not strictly on topic but many in the security community read "Defending the Realm", David Shayler's MI5 expose. As with most of these types of books there were plenty of inaccuracies but there were also some accurate information.

David (sorry Delores) is now living in a squat in England and claiming to be the "spirit of Jesus".

You don't have to be mad to work here.......

Posted by www.faberbrent.com at 12:37 0 comments

How to set up a spoof wireless Access Points - if you use wifi you need to know this

Perhaps one for the techies here but a message for all of us.

The video here shows how to set up spoof wireless networks. Basically it means that if you connect to this network (whilst looking for a wireless connection) you may well have all your data stolen, login and passwords compromised and malware delivered to your computer.

All the software being used is available off-the-shelf but requires some technical knowledge to use.

Lesson - do not connect to a wireless network just because it is available! (are all your staff aware of this?)

NB - we provide this link for awareness and education, stealing peoples information is illegal!

Posted by www.faberbrent.com at 12:28 0 comments

The Times publish guide to new scams

The Times have published an interesting guide on some new and upcoming frauds.

Whilst this guide is not in any way exhaustive we think it makes interesting reading for all.

Posted by www.faberbrent.com at 12:25 0 comments

Upto 570,000 credit-card records breached at Network Solutions

Network Solutions, a major Internet hosting and systems company have discovered a major breach of their network security.

Malicious code was installed and credit-card details harvested and exported.

Once again we see that keeping systems secure is a major challenge and having ones data with third-party companies needs the same level of due diligence as your in-house systems.

We will see more details of how this breach occurred as the investigation develops.

Posted by www.faberbrent.com at 12:19 0 comments
Subscribe to: Posts (Atom)