Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

America's Oldest Federal Law Enforcement Agency - The History Of The United States Postal Inspection Service →

August 25, 2020 by Marc Handelman in United States of America, USPSIS, Law Enforcement, Rule Of Law
August 25, 2020 /Marc Handelman
United States of America, USPSIS, Law Enforcement, Rule Of Law

United States Secret Service: New Criminal Nigerian Scam Related To Unemployment In US Due To Pandemic

May 18, 2020 by Marc Handelman in Krebs On Security, Nigerian Scams, USSS, Law Enforcement

New, pernicious criminal acts - emanating from a hotbed of internet-miscreants resident within crime-ridden Nigeria are attacking unemployment systems in multiple US States. Via Brian Kreb's tremendous reporting at Krebs On Security and in his tremendous report targeting the battle waged by the United States Secret Service and other allied law enforcement agencies.

'A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service.' - Via Brian Kreb's reporting at Krebs On Security) with his outstanding news detailing steps underway to combat the scammers. h/t

May 18, 2020 /Marc Handelman
Krebs On Security, Nigerian Scams, USSS, Law Enforcement

Image Courtesy of Wikipedia

Australian Information Commissioner Holds Facebook's Feet To The Barbie...

March 10, 2020 by Marc Handelman in Facebookery, Law, Law Enforcement

via Natasha Lomas - writing at TechCrunch, comes this story of the Australian Information Commissioner filing proceedings targeting Facebook Inc. (NASDAQ: FB) over the Cambridge Analytica data breach outrage. My take: Good on ya, Commissioner!

'Australia’s Privacy Act sets out a provision for a civil penalty of up to $1,700,000 to be levied per contravention — and the national watchdog believes there were 311,074 local Facebook users in the cache of ~86M profiles lifted by Cambridge Analytica . So the potential fine here is circa $529BN. (A very far cry from the £500k Facebook paid in the UK over the same data misuse scandal.)' - via Natasha Lomas at TechCrunch


Updated: 20200310 1631 - Here's David Bisson at The State of Security blog take on the news:

As the Australian Information Commissioner, Angelene Falk has the authority to apply for a civil penalty order alleging that an organization bound to comply with the APPs committed serious and/or repeated violations against s 13G of the Privacy Act 1988. The Federal Court could then respond by issuing a penalty of up to $1,700,000 AUD for each serious and/or repeated violation of privacy."

via h/t

March 10, 2020 /Marc Handelman
Facebookery, Law, Law Enforcement

GPS Tracking Device Removal From Your Vehicle Is Not Thievery

March 02, 2020 by Marc Handelman in Physical Security, Law Enforcement, Information Security, GPS Security, Government

According to this judicial opinion; that is, however read the full story, via Timothy B. Lee, writing at Ars Technica your opinion may be the same, or - of course - it may differ substantially. As always, you be the judge.

March 02, 2020 /Marc Handelman
Physical Security, Law Enforcement, Information Security, GPS Security, Government

Let The Shilling Begin

August 08, 2019 by Marc Handelman in Corruption, Law Enforcement

Bad behavior by Bezos' Amazon and subsidiary Ring is tainting any police investigation at it's most fundamental levels by forcing secret agreements, and endorsments for the company's products. Jeff Bezos', where is your shame?

> THE MEMORANDUM OF UNDERSTANDING >

The memorandum of understanding is pitched as "a solution to the Lakeland Police Department to help reduce crime and assist with investigations in your community." The document, which includes an "Amazon Legal" watermark, was signed by Ring and Lakeland Police Department representatives on December 13, 2018. - via Caroline Haskins, writing at Vice's Motherboard.

August 08, 2019 /Marc Handelman
Corruption, Law Enforcement

Metropolitan London Police: Face Identity Recognition Tests Proven Fatally Flawed

July 12, 2019 by Marc Handelman in Law Enforcement, Testing

Problems have arisen for the London Metropolitan Police face recognition program, and more specifically, for the organization's testing facilities, of same. Via reportage by Matt Burgess, this scenario is particularly troublesome for a law enforcement agency highly dependent upon electronic surveillance of the populace to faciltate informed decisions, forensic output, routing of emergency services, et cetera (as the Met is...). Today's Must Read.

July 12, 2019 /Marc Handelman
Law Enforcement, Testing

The Chicago Five: Heroes All →

January 29, 2019 by Marc Handelman in Law Enforcement, Heroes, Physical Security

"We didn't talk about it, we just kind of did it..."

January 29, 2019 /Marc Handelman
Law Enforcement, Heroes, Physical Security

City of Los Angeles Files Suit Targeting Illicit Data Use By Weather Channel App

January 05, 2019 by Marc Handelman in Law, Law Enforcement, Illicit Data Use

News, via The New York Times reporters Jennifer Valentino-DeVries and Natasha Singer, of a newly filed suit targeting deceptive utilization of user location data by The Weather Channel's phone app. The Weather Channel is an International Business Machines {IBM} {NYSE: IBM} subsidiary). Oops...; and, then there's this.

January 05, 2019 /Marc Handelman
Law, Law Enforcement, Illicit Data Use

SecureWVHack3rCon 2018, Detective Jeremy M. Thompson's 'Mobile Devices And You' →

December 23, 2018 by Marc Handelman in Conferences, Education, Law Enforcement, Information Security, Irongeek, SecureWV/Hack3rCon

Videography Credit: Irongeek (Adrian Crenshaw).

December 23, 2018 /Marc Handelman
Conferences, Education, Law Enforcement, Information Security, Irongeek, SecureWV/Hack3rCon

Questionable Signal Interception Use & Hardware Search Leads Magistrate To Chastise FBI

July 21, 2018 by Marc Handelman in Law Enforcement, Jurisprudence

via the inimitable Cyrus Farivar, writing at Ars Technica, details the recent criticsim of Federal Bureau of Investigation's behavior in inmproper device search (in this case a mobilephone) and a apparently non-standardized practice of signal interception via a Singray devices. Certainly today's MustRead, especially in the event you may be interested in search, seizure and signal interception law you have hit the mother loade!

'The crux of the issue is that, in April 2016, an FBI agent sought and obtained two warrants from an Alameda County Superior Court judge: one to search Artis' phone and another to deploy a stingray to locate Hopkins.' - via Cyrus Farivar, writing at Ars Technica

July 21, 2018 /Marc Handelman
Law Enforcement, Jurisprudence

Vigilanteed →

June 09, 2018 by Marc Handelman in Vigilantes, Law Enforcement, Information Security

via Nicholas Schmidle, writing at The New Yorker Magazine, scrutinizes the antics of a purported 'cyber-vigilante' in a superb lash-up of promises-not-kept, career-ending-office-politics, law-enforcement-foibles, and a pinch of purported 'vigilantism' all applied to the computational realm. Today's MustRead.

June 09, 2018 /Marc Handelman
Vigilantes, Law Enforcement, Information Security

Senatorial Commands: DOJ - Cough It Up →

May 21, 2018 by Marc Handelman in Law Enforcement, Radio Telephony, Cellular Telephony

Behold: The Harris Corporation (NYSE: HRS) StingRay II. It's a great conversation starter - Buy One Today! Perhaps a subpoena would be in order at this point... You guys know how to do that, right?

May 21, 2018 /Marc Handelman
Law Enforcement, Radio Telephony, Cellular Telephony

Battelle’s DroneDefender Antidrone Countermeasure

Miscreant Gang Runs Drone Intercept Targeting FBI Agents

May 08, 2018 by Marc Handelman in US FBI, Law Enforcement, Drones, Drone Countermeasures

via Patrick Tucker, the Technology Editor over at DefenseOne, posted a particularly troubling new piece on May 3rd, detailing an incident in which our Federal Bureau of Investigation agents were attacked by a criminal gang's drone swarm. Obviously, a complicating tactic executed by the gang for law enforcement, and for the victim of that gang - a hostage being held nearby. I am certain that LE is thinking anti-drone countermeasures right about now... Read Patrick's well-wrought article over at DefenseOne.

May 08, 2018 /Marc Handelman
US FBI, Law Enforcement, Drones, Drone Countermeasures

The Grayshift Predicament →

April 27, 2018 by Marc Handelman in Hardware Secrets, Hardware Flaws, Hardware Security, Information Security, Forensication, Forensics, Law Enforcement, Law

I am sure you have all read the news of Grayshift's issues battling extortionists and their ilk. I have, however, not seen any significant commentary regarding the data theft this SNAFU could facilitate.

Here's the thought problem (looking for culpability, specifically): A Law Enforcement agency has taken custody (adhering to standards of Generally Accepted Chain of Custody guidelines) of a suspect's iPhone. Unbeknownst to the trusted Sworn Officers and Forensicators (often, one in the same) examining the device, the Grayshift appliance undergoes an unfortunate successful attack - mounted by external miscreant(s) unknown, and succumbs to the exfiltration of all data on the applicance AND the slurped data on the iPhone.

Subsequent forensication by the Sworn Officers or Forensicators (again, often one in the same - at least in smaller agencies) entrusted with reasonable and prudent Chain of Custody of the device under scrutiny, discover that the Grayshift appliance and the suspect's iPhone have both undergone the indignity of significant data leakage. How does the Agency proceed in the effort to lay charges - or not - and protect the Agency, as well?

Oh, and while they are at it, perhaps they could explain why the device is attached to a forward facing TCP/UDP connection to our beloved Interweb?

April 27, 2018 /Marc Handelman
Hardware Secrets, Hardware Flaws, Hardware Security, Information Security, Forensication, Forensics, Law Enforcement, Law

Krebs on Security: USSS Warns of Chip Card Gambit →

April 06, 2018 by Marc Handelman in KrebsonSecurity.com, USSS, Law Enforcement

Brian Krebs, writing at his eponymous KrebsonSecurity site, details the latest United States Secret Service warning targeting chipped debit, payment and credit cards. Sounds like an old-school mail fraud intercept-remove-replace-remail gambit. Today's Must Read!

April 06, 2018 /Marc Handelman
KrebsonSecurity.com, USSS, Law Enforcement

September - National Preparedness Month →

August 28, 2017 by Marc Handelman in Canines, First Responders, Law Enforcement, Public Safety Personnel, Contingency Planning, Continuity, Disaster Planning, Disaster Preparedness, Disaster Recovery

Folks, September has been designated by FEMA as National Preparedness Month. Around here, at Infosecurity.US, we will be honoring Our First Responders, and Their Canine Partners During National Preparedness Month. And Remember: Don't Wait. Communicate. Make a family emergency plan today. Learn more at Ready.gov.

August 28, 2017 /Marc Handelman
Canines, First Responders, Law Enforcement, Public Safety Personnel, Contingency Planning, Continuity, Disaster Planning, Disaster Preparedness, Disaster Recovery

The Origami Solution →

February 20, 2017 by Marc Handelman in All is Information, Brilliant, Engineers, Law Enforcement, Physical Security, Physical Sciences

Meanwhile - admist all the foo-fa-raw of last weeks' RSAC 2017 - came very good physical security new's of a fascinating kevlar and aluminum origami-based ballistic shield (developed by Engineers at Brigham Young University) that stops .44 calibre magnum slugs. Very good news for law enforcement, and other organizations (think schools, other civilian government organizations, military, businesses)

The design is able to protect multiple people at one time and folds down to a compact shape. Utilizing the Yosimura Origami Crease Pattern, it currently tips the scales at a paltry 55 lbs. (25 kg).

Simply Outstanding.

February 20, 2017 /Marc Handelman
All is Information, Brilliant, Engineers, Law Enforcement, Physical Security, Physical Sciences
Pictured: Los Angeles Police Special Weapons and Tactics Team Members

Pictured: Los Angeles Police Special Weapons and Tactics Team Members

Of Course We Can →

February 07, 2017 by Marc Handelman in All is Information, Information Security, Law Enforcement

Seizing data, that is. However, you will generally not require Special Weapons and Tactics to get the job done...

February 07, 2017 /Marc Handelman
All is Information, Information Security, Law Enforcement

Seventy Percent of Districts' Police Cameras Infected Immediatley Prior to Inauguration →

February 06, 2017 by Marc Handelman in All is Information, Internetwork Security, Information Security, Law Enforcement, Government

Yes, you read it correctly, at least 70% of the District of Columbia's Police surviellance cameras were infected with ransomware immediately prior to the 2017 Inauguration of the President and Vice President of the United States.

The singularly astonishing aspect of this debacle was the Department still managed to keep the streets of Washington, D.C. safe for the throngs of visitors at the 2017 Inauguration. Quite simply, testimony to the hard work of the Department's Officers and Staff.

February 06, 2017 /Marc Handelman
All is Information, Internetwork Security, Information Security, Law Enforcement, Government

LE Seeking DNA

October 19, 2015 by Marc Handelman in Law Enforcement, All is Information

Kashmir Hill, writing for Fusion, reports on law enforcement efforts to garner DNA records from private sector commercial entities (read - Ancestry and 23andMe). Outstanding reportage kudos to Ms. Hill, and Hat Tip to T. Blalock.

October 19, 2015 /Marc Handelman /Source
Law Enforcement, All is Information