17 Jan: Married Couple Go On Trial in Germany Accused of Spying for Russia for 25 years

Married Couple Go On Trial in Germany Accused of Spying for Russia for 25 Years A married couple accused of spying on Germany for 25 years for their Russian paymasters went on trial today in a case that could lead directly to Vladimir Putin's door. Andreas and Heidrun Anschlag began their snooping career in the same city, Dresden, where Putin was posted for the KGB.  The duo are accused of first feeding information about West Germany to the former Soviet Union, then the reunited land to the Russian Republic. The espionage agents for Moscow operated under the radar of the intelligence services sending back their reports to their handlers via a radio code.  'The accused had the task of gathering information about the political and military strategy of the EU and NATO as well as security-relevant political aspects of relations between Germany, the...

04 Jan: Hacking Cisco Phones

Hacking Cisco Phones Just because you are paranoid doesn't mean your phone isn't listening to everything you say... We discuss a set of 0-day kernel vulnerabilities in CNU (Cisco Native Unix), the operating system that powers all Cisco TNP IP phones. We demonstrate the reliable exploitation of all Cisco TNP phones via multiple vulnerabilities found in the CNU kernel. We demonstrate practical covert surveillance using constant, stealthy exfiltration of microphone data via a number of covert channels. We also demonstrate the worm-like propagation of our CNU malware, which can quickly compromise all vulnerable Cisco phones on the network. We discuss the feasibility of our attacks given physical access, internal network access and remote access across the internet. Lastly, we built on last year's presentation by discussing the feasibility of exploiting Cisco phones from compromised HP printers and vice versa.

04 Jan: Economic Espionage Act Extends Protection Against Misappropriation

Economic Espionage Act Extends Protection Against Misappropriation On December 28, 2012, President Obama enacted the Theft of Trade Secrets Clarification Act of 2012. The Act clarifies the scope of Section 1832 of the Economic Espionage Act and attempts to reverse the Second Circuit’s recent decision in U.S. v. Aleynikov. Most significantly, the Act clarifies that the EEA protects wholly internal proprietary information if the information relates to products or services that are used in interstate or foreign commerce.  More here: http://www.jdsupra.com/legalnews/recent-amendment-to-the-economic-espion-84509/

18 Oct: Former Spy Talks Argo

Former Spy Talks Argo NEW YORK -- Antonio “Tony” Mendez is the rarest of creatures: A former spy who has come out of the woodwork. His story is the subject of Ben Affleck’s new film, Argo, tipped to feature in Hollywood’s awards season. Argo is based on one of Mendez’s most remarkable missions, rescuing six Americans from Iran during the height of the 1979 hostage crisis and helping them pose as a Canadian film crew making a fictitious film calledArgo. It follows Mendez’s memoir of the same name, released in September. Mendez, 72, who was named in 1997 one of the CIA’s top 50 officers of its first 50 years, talked to Reuters about Argo the movie, the real CIA operation and current events in the Middle East. Q: Argo the film depicts the 1979 storming of the US embassy and hostage crisis. How do you compare that to...

18 Oct: Meet Flame Espionage Malware Cousin: MiniFlame

Meet Flame Espionage Malware Cousin: MiniFlame Suspected Flame module turns out to be standalone attack code in use since at least 2010, described as targeted cyberweapon for conducting in-depth surveillance and espionage. Ongoing teardowns of the Flame malware and its underlying components have yielded a surprising discovery: a new piece of malware. Security researchers at Kaspersky Lab said that what they previously suspected was an attack module for the Flame malware is instead a standalone piece of attack code, although it can do double duty as a plug-in for both the Flame and Gauss malware. Designed for data theft and for providing attackers with direct access to an infected system, MiniFlame is based on the same architectural platform as Flame, according to Kaspersky Lab. "MiniFlame is a high-precision attack tool," said Alexander Gostev, chief security expert at Kaspersky Lab, in an emailed statement. "Most likely...