On Q Professional Investigations

Apple is closing a security gap that allowed outsiders to pry personal information from locked iPhones without a password, a change that will thwart law enforcement agencies that have been exploiting the vulnerability to collect evidence in criminal investigations.

The loophole will be shut down in a forthcoming update to Apple’s iOS software, which powers iPhones.

Once fixed, iPhones will no longer be vulnerable to intrusion via the Lightning port used both to transfer data and to charge iPhones. The port will still function after the update, but will shut off data an hour after a phone is locked if the correct password isn’t entered.

The current flaw has provided a point of entry for authorities across the U.S. since the FBI paid an unidentified third party in 2016 to unlock an iPhone used by a killer in the San Bernardino, California, mass shooting a few months earlier. The FBI sought outside help after Apple rebuffed the agency’s efforts to make the company create a security backdoor into iPhone technology.

Apple’s refusal to cooperate with the FBI at the time became a political hot potato pitting the rights of its customers against the broader interests of public safety. While waging his successful 2016 campaign, President Donald Trump ripped Apple for denying FBI access to the San Bernardino killer’s locked iPhone.

In a Wednesday statement, Apple framed its decision to tighten iPhone security even further as part of its crusade to protect the highly personal information that its customers store on their phones.

CEO Tim Cook has hailed privacy as a “fundamental” right of people and skewered both Facebook and one of Apple’s biggest rivals, Google, for vacuuming up vast amounts of personal information about users of their free services to sell advertising based on their interests. During Apple’s 2016 battle with the FBI, he called the FBI’s effort to make the company alter its software a “dangerous precedent” in an open letter.

Read More

Seymour, Indiana, in the 1990s was a Midwestern town with rural roots and a comfortable, small-town feel. Parents felt safe letting their children walk to Girl Scout meetings with friends and ride their bikes unchaperoned.

All that changed on January 20, 1999, when a 10-year-old girl waiting for her father after gymnastics practice was abducted and molested. The man who approached her outside a local girl’s club said he had locked the keys in his car and needed someone with slender arms to reach them.

The attack shocked the community, all the more when the suspect fled before he could be apprehended. At the time, no one realized it would take nearly two decades to bring justice to the victim and her family, and a sense of closure to the community—or that an Indiana State Trooper who was born and raised in Seymour, and is now an FBI agent, would play a central role in resolving the case.

On that cold January day, Charley Hollin forced the girl into his car at knifepoint, drove away, and sexually assaulted her. Afterward, he made the girl leave the car naked, and her clothes were thrown out after her. Hollin also mistakenly threw out his own jacket, which contained his day planner.

Todd Prewitt was an Indiana State Police trooper at the time, and although he wasn’t assigned to the investigation, he took a keen interest. The crime had occurred in his district, and Seymour was his hometown. “I didn’t know the victim,” he said, “but I had family friends who sent their kids to that girl’s club.”

The assault itself was tragic, but then justice was not served. Hollin’s identity was known to authorities—and reported by the media—because they had his day planner. But the victim could not positively identify her assailant with full certainty, so authorities were forced to wait for the results of DNA testing before they could arrest Hollin and charge him with the crime. Hollin took that opportunity to flee.

Read More

U.S. border authorities cannot search the cellphones of travelers without having some reason to believe a particular traveler has committed a crime, a federal appeals court ruled Wednesday.

The 4th U.S. Circuit Court of Appeals in Richmond ruled in the case of a Turkish national who was arrested at Dulles International Airport after agents found firearm parts in his luggage.

A lower court judge refused to suppress evidence obtained from a warrantless search of Hamza Kolsuz’s phone.

The 4th Circuit upheld that ruling and found that a forensic search of electronic devices requires “individualized suspicion” of wrongdoing. The court said agents had that suspicion because Kolsuz had made two previous attempts to smuggle weapons parts out of the U.S.

The Fourth Amendment requires law enforcement to obtain warrants based on probable cause. But courts have made an exception for searches at airports and U.S. ports of entry, finding that the government can conduct warrantless border searches to protect national security, prevent transnational crime and enforce immigration and customs laws.

The American Civil Liberties had urged the 4th Circuit to find that the government should be required to obtain a warrant or at least a determination of probable cause that evidence of a crime is contained on electronic devices before agents can search them at airports.

The 4th Circuit said it did not have to reach the question of whether probable cause or a warrant is required. Reasonable suspicion is a lower legal standard.

Claire Gastanaga, the executive director of the ACLU of Virginia, said the group is pleased that the appeals court “recognized correctly that border agents can’t conduct invasive searches on a traveler’s cell phone or other electronic devices just because the person is crossing the border.”

Last year, the ACLU filed a federal lawsuit claiming warrantless border searches are unconstitutional because of the vast amount of private personal and business information stored on electronic devices.

Read More

Palo Alto is turning to technology in hopes of preventing people from attempting to stand in front of or jump in front of trains traveling through the Peninsula city.

The city has installed thermal imaging-equipped video cameras designed to keep an eye out for people standing or hanging around the tracks at four railroad crossings within city limits.

While the video cameras have already been put in place, the city is still conducting rounds of testing before making the cameras fully operational later this month.

Palo Alto has hired a company to watch the camera feeds from an off-site location and call law enforcement if they spot anything unusual. Those monitoring the camera feeds can also speak via a public address system to alert someone on the tracks that help is on the way.

The Peninsula city has been paying security guards to scan the railroad crossings since about 2009 after a number of teenagers committed suicide on the tracks.

Unlike the human eye, the cameras are able to scan for movement roughly 1,000 feet away from where they are located along the tracks. The cameras can also capture movement when its dark, raining or foggy.

“We’re hoping that not only will this provide better monitoring, the ability to see much better down the tracks than the human eye, but also in the long run to provide faster notification to law enforcement and be more cost effective,” Claudia Keith with the city of Palo Alto said.

Read More

“Get down, this is a robbery!” That’s something no bank employee or patron wants to hear. In the past, bank robberies have resulted in thousands, even millions of dollars stolen in cash and gold (although the average yield for a bank robbery in the United States is only about $3,500, according to the FBI).

However, as money has become less physical and more digital, with credit cards and cryptocurrency rapidly replacing cash and coins, bank heists too have evolved from criminals physically breaching the walls of a bank with weapons and physical force, to hackers silently infiltrating the cyber infrastructure and funneling millions into their own accounts.

In one recent heist in Mexico, suspected to be a cyberattack, thieves stole as many as 300 million pesos ($15.4 million) through “phantom orders” to fake accounts, according to Reuters. This week, cybersecurity company Positive Technologies released a report describing how gangs execute sophisticated hacking campaigns against banks by taking advantage of social engineering and flawed security systems. The report also reveals the results of the company’s own penetration tests to show where these institutions may be falling short on protecting their networks and ultimately their funds.

This week I spoke with practice lead for governance, risk and compliance at TrustedSec, Alex Hamerstone, who works closely with large financial institutions doing cyber assessments and developing defense methods based on penetration test results, to gain more insight into bank vulnerabilities and security measures.

Read More

MOBILE, Ala. (WKRG) – The Mobile County Sheriff’s Office and The Attorney General Office of Alabama are forming a partnership to combat Cyber Crimes in the Mobile Area.

According to the sheriff’s office, the purpose of a partnership between the two offices would allow for investigative support when needed for large-scale Cyber Crimes such as; electronic financial crimes that occur from skimming devices on ATM’S, gas pumps and any other devices where credit/debit is used.

“Cybercrime seems like it would be a fairly open and shut case-a cybercriminal commits a crime, law enforcement steps in and catches the bad guy and the case is closed,” says Sheriff Sam Cochran. “Since the method of how they commit these crimes are so complicated, law enforcement usually has to coordinate with government agencies, international partners, and private corporations and that is why this partnership will be such an asset. Our Deputies will be provided the forensic training in order to capture the evidence immediately without compromising the investigation.”

Back in February, the Alabama Attorney General announced the launch of a cybercrime lab with federal and state law enforcement. Marshall announced the initiative with prosecutors and Secret Service, FBI and Homeland Security officials in Montgomery on Wednesday. He says the lab will use cutting-edge tools to investigate cybercrime like online sexual exploitation, human trafficking and data breaches.

View Source

DES PLAINES, Ill. (WLS) — A Des Plaines woman was charged after allegedly contracting a “dark-web” company to murder the wife of a man with whom she had an affair, according to the DuPage County State’s Attorney’s Office.

Tina Jones, 31, was charged with one felony count of solicitation of murder. Judge George Bakalis ordered her held in lieu of $250,000 bond on Wednesday.

On April 12, the Woodridge Police Department received a tip that a woman in Woodridge was the subject of an alleged murder-for-hire plot. In January, Jones paid a dark-web company more than $10,000 via bitcoin to have the woman murdered, according to investigators.

“In January of this year, Tina Jones had gone on this website, Cosa Nostra International,” said DuPage County State’s Attorney Robert Berlin.

Jones, investigators said, had been jilted by a married coworker-turned-lover. They worked together at Loyola Medical Center.

“She went on this website which apparently bills itself as a murder-for-hire type website, and she paid the money assuming that this was going to happen, and had paid over $10,000 to have this woman killed,” Berlin said.

Prosecutors said Jones spelled out very specific orders.

“This woman not only paid over $10,000, but she left specific instructions on the website as to when the woman’s husband would be at work, so they would know when this woman would be alone,” Berlin said. “She left instructions not to hurt the husband and also to make it look like it was an accident.”

Read More

Oak Brook IL April 24 2018 If you park at Oakbrook Center, your car may be part of a candid camera scenario, as security cars drive up and down aisles in lots and garages, using license plate reading technology to check the plate numbers on vehicles.

The license plate recognition system, which has been used since late 2016, helps Oakbrook Center monitor and enforce that shopping center employees are parking in designated areas and leaving the best parking for guests, explained Marissa Ellenby, senior manager of communications for General Growth Properties, the owner/operator of Oakbrook Center.

“Our research has shown us that parking is a top pain point of our shoppers,” Ellenby stated.

But a senior investigative researcher for an organization that defends civil liberties in the digital world says the use of license plate recognition systems raise privacy questions.

“It’s important that businesses respect their customers,” said Dave Maass of the 28-year-old Electronic Frontier Foundation. “People do care when they find out about this; privacy is a major issue.”

Maass said potential privacy concerns over the type of system being used at Oakbrook Center include whether the system is being checked for cyber security, possible use of a third-party server for collected data, whether any stored photos taken may include more than a license plate, how long data is retained, whether notice of system use is posted and who is authorized to access data, including police.

He said that photos taken of license plates could include bumper stickers.

“Sometimes, a bumper sticker indicates someone’s political views, for example,” he said. “Anyone who sees the vehicle could see a bumper sticker, but if you don’t know for sure who might have access to a photo taken of it with a license plate scanner, that could be an issue.”

The issues Maass raised, including the use of third-party servers, how long data is saved, whether data is used for marketing purposes and if the system is audited, were asked of Ellenby via email, but were not answered.

Read More

The cyberwar between the west and Russia has escalated after the UK and the US issued a joint alert accusing Moscow of mounting a “malicious” internet offensive that appeared to be aimed at espionage, stealing intellectual property and laying the foundation for an attack on infrastructure.

Senior security officials in the US and UK held a rare joint conference call to directly blame the Kremlin for targeting government institutions, private sector organisations and infrastructure, and internet providers supporting these sectors.

Rob Joyce, the White House cybersecurity coordinator, set out a range of actions the US could take such as fresh sanctions and indictments as well as retaliating with its own cyber-offensive capabilities. “We are pushing back and we are pushing back hard,” he said.

Joyce stressed the offensive could not be linked to Friday’s raid on Syria. It was not retaliation for the US, UK and French attack as the US and UK had been investigating the cyber-offensive for months. Nor, he said, should the decision to make public the cyber-attack be seen as a response to events in Syria.

Joyce was joined in the call by representatives from the FBI, the US Department of Homeland Security and the UK’s National Cyber Security Centre (NCSC), which is part of the surveillance agency GCHQ.

The US and UK, in a joint statement, said the cyber-attack was aimed not just at the UK and US but globally. “Specifically, these cyber-exploits were directed at network infrastructure devices worldwide such as routers, switches, firewalls, network intrusion detection system,” it said.

“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations.

Read More

The Transportation Security Administration and Amtrak are testing new technology to detect concealed explosives, the TSA said Tuesday.

The equipment, known as “stand off explosive detection technology” can detect an explosive when an individual passes by the device, New York Sen. Chuck Schumer said in a news release. An alarm would go off on the equipment operator’s laptop, triggered by an individual’s “naturally occurring emissions from the human body.”

The tests will be conducted at New York’s Pennsylvania Station in the Amtrak terminal.

Protecting so-called soft targets like railway stations has been a challenge for security officials, who are tasked with ensuring safety but need to balance that with ensuring the smooth movement of hundreds of thousands of travelers.

The TSA’s administrator, David Pekoske, said in November that airport-like security, in which passengers have to line up for personal and carry-on bag screening, was not necessary at rail stations.

“We don’t intend to roll out anything like what we have in the airports,” Pekoske said, adding that random passenger checks and police with canines among other measures are sufficient. “We are satisfied at his point.”

However, in December, a man was injured by a pipe bomb he had attached to his torso with Velcro in a blast that went off at a 42nd Street subway station in Manhattan.

The technology aims to help officials detect concealed suicide vests or other improvised explosives, the TSA said, which is better known for its passenger screening at U.S. airports.

“The use of these devices enables a rail or transit agency to help safeguard against terrorist threats in the mass transit environment,” the TSA said. “TSA is supplying two models of the equipment for the purposes of the pilot.”

The TSA last year started testing the equipment in the Los Angeles transit system.

View Source