Digital Forensics

  • Most Topular Stories

  • "Has the smartphone finally outsmarted us?"

    SANS Digital Forensics and Incident Response Blog
    hmahalik
    24 Feb 2015 | 6:32 pm
    I can honestly say that the most common question I am asked by examiners, investigators, students and even my neighbors is, "which phone is the most secure?" Obviously, the concern behind the question varies. Some want to secure their own device, and others, like myself, want to prove everyone in DFIR wrong by cracking into the toughest and most secure devices.Smartphone security has gotten drastically stronger in 2014. This year, we are expecting even more challenges when examining smartphones. When thinking about the forensic aspects of smartphone security and encryption, we have…
  • How do you "do" analysis?

    Windows Incident Response
    Harlan Carvey
    2 Mar 2015 | 6:36 am
    Everybody remembers "The Matrix", right?  So, you're probably wondering what the image to the right has to do with this article, particularly given the title.  Well, that's easy...this post is about employing various data sources and analysis techniques, and pivoting in order to add context and achieve a greater level of detail in your analysis.  Sticking with just one analysis technique or process, much like simply trying to walk straight through the building lobby to rescue Morpheus, would not have worked.  In order to succeed, Neo and Trinity had to pivot and mutually…
  • Why Would Iran Welcome Western Tech?

    TaoSecurity
    Richard Bejtlich
    2 Mar 2015 | 7:10 pm
    I noticed an AFP story posted by Al Jazeera America titled Iran could allow in Google, other tech companies if they follow rules. It included the following:Iran could allow Internet giants such as Google to operate in the the country if they respect its "cultural" rules, Fars news agency said on Sunday, quoting a senior official."We are not opposed to any of the entities operating in global markets who want to offer services in Iran," Deputy Telecommunications and Information Technology Minister Nasrollah Jahangard reportedly told Fars."We are ready to negotiate with them and if…
  • Forensics key in sexual violence probe - The Standard Digital News (satire) (press release) (registration) (blog)

    digital forensics - Google News
    6 Mar 2015 | 12:04 pm
    Forensics key in sexual violence probeThe Standard Digital News (satire) (press release) (registration) (blog)Forensic scientists have termed cases of sexual violence as endemic, and rallied African governments to establish DNA databases for offenders. “Some of the sexual gender based violence victims are too naive to seek early medical intervention so as to and more »
  • Anatomy of a Credit Card Stealing POS Malware

    Checkmate
    Monika Kachroo
    2 Mar 2015 | 10:13 pm
    INTRODUCTION Point-of-sale (POS) is the place where a retail transaction is completed. It is the point at which a customer makes a payment to the merchant in exchange for goods or services. Majority of retail POS systems also include a debit/credit card reader. POINT-OF-SALE INTRUSIONS What is it? When attackers compromise the computers and servers Read More... The post Anatomy of a Credit Card Stealing POS Malware appeared first on Checkmate.
  • add this feed to my.Alltop

    SANS Digital Forensics and Incident Response Blog

  • "Has the smartphone finally outsmarted us?"

    hmahalik
    24 Feb 2015 | 6:32 pm
    I can honestly say that the most common question I am asked by examiners, investigators, students and even my neighbors is, "which phone is the most secure?" Obviously, the concern behind the question varies. Some want to secure their own device, and others, like myself, want to prove everyone in DFIR wrong by cracking into the toughest and most secure devices.Smartphone security has gotten drastically stronger in 2014. This year, we are expecting even more challenges when examining smartphones. When thinking about the forensic aspects of smartphone security and encryption, we have…
  • "2015 DFIR Monterey Network Forensic Challenge Results"

    Phil Hagen
    7 Feb 2015 | 5:45 pm
    2015-03-04 UPDATE: I've added some thought process/methodology to the answers inline below.Thanks to everyone that submitted or just played along with the SANS DFIR Network Forensic Challenge! We had over 3,000 evidencedownloads, and more than 500 submissions! Per the rules, the winner must have answered four of the six questions correctly. Then, by random selectionamong those submissions, the winner was selected.We're excited to announce thatHenry van Jaarsveld is the winner for this challenge! Congratulations, and we hope you enjoy your SANS OnDemand Course. Great work, Henry!Thanks for all…
  • "What is New in Windows Application Execution?"

    Chad Tilbury
    27 Jan 2015 | 9:06 pm
    One of the great pleasures of performing Windows forensics is there is no shortage of application execution artifacts. Application execution tells us what has run on a system and is often the pivot point that reveals important activity on the system. Why was FTP run on this workstation? Is it normal to see execution of winsvchost.exe? Why was a privacy cleaning tool used for the first time during the system owner's last week of work? While undoubtedly useful, our adversaries are more forensic-aware than ever and often take steps to eliminate application execution artifacts. At CrowdStrike we…
  • "Mastering Malware Analysis Skills - The Power of a Capture-the-Flag Tournament"

    Anuj Soni
    18 Jan 2015 | 10:28 pm
    Here at SANS, we've worked hard to deliver a Reverse Engineering Malware course packed with technical knowledge, hands-on exercises, and our insights from years of experience. Just as attackers and their tools continue to evolve, so has this course to arm participants with relevant skills they can apply immediately. As both an instructor and a practitioner, I believe the most significant addition to this course is a Capture-the-Flag Tournament. I'd like to share why I think this new content is an amazing opportunity for students to develop their malware analysis skills.In my experience,…
  • "Examining Shellcode in a Debugger through Control of the Instruction Pointer"

    Adam Kramer
    29 Dec 2014 | 5:37 pm
    During the examination of malicious files, you might encounter shellcode that will be critical to your understanding of the adversary's intentions or capabilities. One way to examine this malicious code is to execute it using a debugger after setting up the runtime environment to allow the shellcode to achieve its full potential. In such circumstances, it's helpful to take control of the instruction pointer to direct the debugger towards the code you wish to examine.The modern computer has been designed to make life easy for the standard user. It is actually quite difficult to say to the…
 
  • add this feed to my.Alltop

    Windows Incident Response

  • How do you "do" analysis?

    Harlan Carvey
    2 Mar 2015 | 6:36 am
    Everybody remembers "The Matrix", right?  So, you're probably wondering what the image to the right has to do with this article, particularly given the title.  Well, that's easy...this post is about employing various data sources and analysis techniques, and pivoting in order to add context and achieve a greater level of detail in your analysis.  Sticking with just one analysis technique or process, much like simply trying to walk straight through the building lobby to rescue Morpheus, would not have worked.  In order to succeed, Neo and Trinity had to pivot and mutually…
  • Tools

    Harlan Carvey
    11 Feb 2015 | 6:04 am
    Microsoft recently released an update (KB 3004375) that allows certain versions the Windows OS to record command line options, if Process Tracking is enabled, in the Windows Event Log. Microsoft also recently upgraded Sysmon to version 2.0, with some interesting new capabilities.  I really like this tool, and I use it when I'm doing testing in my lab, to provide more detailed information about what's happening on the system. I like to run both of these side-by-side on my testing VMs, to see the difference in what's reported.  I find this to be very valuable, not only in testing, but…
  • A Smattering of Links and Other Stuff

    Harlan Carvey
    9 Jan 2015 | 4:00 am
    RegistryWell, 2014 ended with just one submission for the WRA 2/e Contest.  That's unfortunate, but it doesn't alter my effort in updating the book in any way.  For me, this book will be something to look forward to in 2015, and something I'm pretty excited about, in part because I'll be presenting more information about the analysis processes I've been using, processes that have led to some pretty interesting findings regarding various incidents and malware.In other Registry news, Eric Zimmerman has created an offline Registry parser (in C#) and posted it to GitHub.
  • What It Looks Like: Disassembling A Malicious Document

    Harlan Carvey
    5 Jan 2015 | 5:37 am
    I recently analyzed a malicious document, by opening it on a virtual machine; this was intended to simulate a user opening the document, and the purpose was to determine and document artifacts associated with the system being infected.  This dynamic analysis was based on the original analysis posted by Ronnie from PhishMe.com, using a copy of the document that Ronnie graciously provided.After I had completed the previous analysis, I wanted to take a closer look at the document itself, so I disassembled the document into it's component parts.  After doing so, I looked around on the…
  • What It Looks Like: Malware Infection via a Weaponized Document

    Harlan Carvey
    30 Dec 2014 | 5:59 am
    Okay...I lied.  This is my last blog post of 2014.A couple of weeks ago, Ronnie posted regarding some analysis of a weaponized document to the PhishMe.com blog.  There is some interesting information in the post, but I commented on Twitter that there was very little post-mortem analysis. In response, Ronnie sent me a copy of the document.  So, I dusted off a Windows 7 VM and took a shot at infecting it by opening the document.Analysis Platform32-bit Windows 7 Ultimate SP1, MS Office 2010, with Sysmon installed - VM running in Virtual Box.  As with previous dynamic analysis…
  • add this feed to my.Alltop

    TaoSecurity

  • Why Would Iran Welcome Western Tech?

    Richard Bejtlich
    2 Mar 2015 | 7:10 pm
    I noticed an AFP story posted by Al Jazeera America titled Iran could allow in Google, other tech companies if they follow rules. It included the following:Iran could allow Internet giants such as Google to operate in the the country if they respect its "cultural" rules, Fars news agency said on Sunday, quoting a senior official."We are not opposed to any of the entities operating in global markets who want to offer services in Iran," Deputy Telecommunications and Information Technology Minister Nasrollah Jahangard reportedly told Fars."We are ready to negotiate with them and if…
  • Boards Not Briefed on Strategy?

    Richard Bejtlich
    19 Feb 2015 | 9:43 am
    I'd like to make a quick note on strategy, after reading After high-profile hacks, many companies still nonchalant about cybersecurity in the Christian Science Monitor today. The article says:In a survey commissioned by defense contractor Raytheon of 1,006 chief information officers, chief information security officers, and other technology executives, 78 percent said their boards had not been briefed even once on their organization’s cybersecurity strategy over the past 12 months...The findings are similar to those reported by PricewaterhouseCoopers in its Global State of…
  • Elevating the Discussion on Security Incidents

    Richard Bejtlich
    19 Feb 2015 | 8:20 am
    I am not a fan of the way many media sources cite "statistics" on digital security incidents. I've noted before that any "statistic" using the terms "millions" or "billions" to describe "attacks" is probably worthless.This week, two articles on security incidents caught my attention. First, I'd like to discuss the story at left, published 17 February in The Japan Times, titled Cyberattacks detected in Japan doubled to 25.7 billion in 2014. It included the following:The number of computer attacks on government and other organizations detected in Japan doubled in 2014 from the previous…
  • Five Reasons Digital Security Is Like American Football

    Richard Bejtlich
    14 Feb 2015 | 1:42 pm
    Butler's Interception (left) Made Brady's Touchdowns (right) CountIn Kara Swisher's interview on cyber security with President Obama, he makes the following comment:"As I mentioned in the CEO roundtable, a comment that was made by one of my national security team — this is more like basketball than football in the sense that there’s no clear line between offense and defense. Things are going back and forth all the time,” he said.I understand why someone on the President's national security team would use a basketball analogy; we all know the President is a big hoops fan. In this post I…
  • Learning the Tufte Way to Present Information

    Richard Bejtlich
    14 Feb 2015 | 6:00 am
    Source: The Economist, 31 Jan 2015TaoSecurity Blog readers know I am a fan of Edward Tufte. When I see a diagram that I believe captures the tenets of his philosophy of presenting information, I try to share it with readers.Two weeks ago in its 31 January 2015 edition, The Economist newspaper published Saudi Arabia: Keeping It in the Family. The article discussed the ascension of King Salman to the Saudi crown. The author emphasized the advanced age of Saudi kings since the founding of the monarchy in 1932.To make the point graphically, the article included the graphic at left. It…
 
  • add this feed to my.Alltop

    digital forensics - Google News

  • Forensics key in sexual violence probe - The Standard Digital News (satire) (press release) (registration) (blog)

    6 Mar 2015 | 12:04 pm
    Forensics key in sexual violence probeThe Standard Digital News (satire) (press release) (registration) (blog)Forensic scientists have termed cases of sexual violence as endemic, and rallied African governments to establish DNA databases for offenders. “Some of the sexual gender based violence victims are too naive to seek early medical intervention so as to and more »
  • Police to set up new Cybercrime Command in CID: Iswaran - Channel News Asia

    5 Mar 2015 | 9:27 pm
    Channel News AsiaPolice to set up new Cybercrime Command in CID: IswaranChannel News AsiaThe Cybercrime Command will specialise in cyber-investigations, digital forensics and cybercrime policy, Mr Iswaran said, adding that investigation officers and digital forensic officers specialising in cybercrime will also be deployed at each of the Singapore Budget 2015: Home Affairs Ministry sets up new cybercrime unitThe Straits Timesall 4 news articles »
  • Maximize Your Forensic Accountant's Value - Connecticut Law Tribune

    5 Mar 2015 | 10:33 am
    Maximize Your Forensic Accountant's ValueConnecticut Law TribuneThe forensic accountant has varied skills in analyzing and interpreting financial information, fraud prevention and detection, computer forensics, compilation of evidence, and testimony in a court or before the jury. This diversified skill set, coupled
  • The Emerging Science of Digital Forensics | @CloudExpo [#Cloud] - SYS-CON Media (press release)

    25 Feb 2015 | 6:00 am
    The Emerging Science of Digital Forensics | @CloudExpo [#Cloud]SYS-CON Media (press release)The emerging science of digital forensics and cybercrime investigation has become very important for national security, law enforcement, and information assurance. This convergent science combines law, computer science, finance, telecommunications
  • DOJ R&D Agency Awards Grants For Speedier Digital Forensics - Dark Reading

    23 Feb 2015 | 2:54 pm
    DOJ R&D Agency Awards Grants For Speedier Digital ForensicsDark ReadingMartin Novak, a computer scientist at the DOJ's NIJ, says the goal is to expedite the process of cyberattack and other digital forensics investigations. "There's so much evidence to be examined, and some of the cases are rather complicated," Novak says.
  • add this feed to my.Alltop

    Checkmate

  • Anatomy of a Credit Card Stealing POS Malware

    Monika Kachroo
    2 Mar 2015 | 10:13 pm
    INTRODUCTION Point-of-sale (POS) is the place where a retail transaction is completed. It is the point at which a customer makes a payment to the merchant in exchange for goods or services. Majority of retail POS systems also include a debit/credit card reader. POINT-OF-SALE INTRUSIONS What is it? When attackers compromise the computers and servers Read More... The post Anatomy of a Credit Card Stealing POS Malware appeared first on Checkmate.
  • Cuckoo Sandbox 102: State-of-the-art Malware Analysis

    Sumit Shrivastava
    2 Mar 2015 | 12:55 am
    Introduction Cuckoo Sandbox is an Open Source Automated Malware Analysis system that has been gaining more and more attention in recent years. The fact that Cuckoo is fully open source makes it a very interesting system for those that want to modify its internals, experiment with automated malware analysis, and setup scalable and cheap malware Read More... The post Cuckoo Sandbox 102: State-of-the-art Malware Analysis appeared first on Checkmate.
  • Asus RT-N10 Plus Cross Site Scripting CVE-2015-1437

    Kaustubh Padwad
    16 Feb 2015 | 3:00 am
    Overview ASUS Router RT-N10 Plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the result_of_get_changed_status.asp script. A remote authenticated attacker could exploit this vulnerability using the flag parameter in a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once Read More... The post Asus RT-N10 Plus Cross Site Scripting CVE-2015-1437 appeared first on Checkmate.
  • The Lesser Known XE Attack

    Suleiman Farouk
    17 Nov 2014 | 11:37 pm
    The Meaning XE which stands for XML Entity is a standard for representing sets of data. Meanwhile, Entities are more like shortcuts to standard text or special characters e.g. wherever you see “X” replace it with “Y”. An entity can be declared either internal or external. An internal entity is defined in-line like a macro. Read More... The post The Lesser Known XE Attack appeared first on Checkmate.
  • Shellshock Exploitation: Using BeEF Framework

    Nilesh Sapariya
    28 Oct 2014 | 3:14 am
    In a previous article, we have described the Shellshock vulnerability and in this article we show how to exploit this vulnerability using the BeEF Framework. However, here’s a quick and dirty way to check if you’re vulnerable or not: Type this command:env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” Note: Read More... The post Shellshock Exploitation: Using BeEF Framework appeared first on Checkmate.
 
  • add this feed to my.Alltop

    Forensic Focus

  • Magnet Forensics Expands Support in EMEA

    6 Mar 2015 | 2:30 am
    Waterloo, ON., March 4, 2015 - Magnet Forensics is pleased to introduce Carl Tinker as the new Business Development & Channel Manager for Europe, the Middle East, and Africa (EMEA). Carl joins the Magnet team to provide focused support for our resellers and rapidly expanding customer base in the region. “I’m excited that Carl has joined us to lead our sales and marketing efforts in EMEA. Carl has an excellent track record and reputation within the digital forensics industry,” said Adam Belsher, CEO at Magnet Forensics. “Our business in the EMEA markets has grown quickly in the past 2…
  • Secure View Mobile Forensics and Belkasoft Announce Partnership

    4 Mar 2015 | 3:22 am
    Susteen Inc, and Belkasoft are happy to announce their new partnership. This partnership will allow respective users of both Susteen’s Secure View cell phone forensic software and Belkasoft's computer forensic software to receive discounts on each other's offerings. Both companies offer industry leading tools to law enforcement, military, government and corporate users. This partnership will strengthen the ability for users of both products to manage their forensic cases and increase their forensic capabilities.
  • Oxygen Forensics turns 15!

    3 Mar 2015 | 6:27 am
    We are celebrating our 15th anniversary and want to invite you to be a part of it! We would be more than happy if you share your story with us. We have written a rich history together, and we want to extend an opportunity to you to share your experience with Oxygen Forensics and how it has had a positive influence on your work and how we managed to make this world better and safer together. Special prizes will be awarded to all the storytellers and three the best ones will also get a fully functional Oxygen Forensic Passware Analyst license.
  • Head replacement tools from HddSurgery

    25 Feb 2015 | 4:18 am
    Introduction to head replacement process Head replacement process refers to the process of replacing defective HDD heads with the heads from identical and functional hard disk drive. This process must be performed in order to recover data from disks that have suffered from head crush failure. Process of replacing damaged HDD heads with functional ones is pretty complex task, especially if you consider risk of damaging HDD platters, which may cause permanent data loss. Various methods and techniques were used to perform head replacement process, with different percentage of success and high…
  • Exam Outline For CCFP Digital Forensics Certification Available for Download

    24 Feb 2015 | 11:10 am
    The Certified Cyber Forensics Professional (CCFP) certification is the only global cyber forensics credential that provides a comprehensive validation of a candidate’s knowledge and skills as a digital forensics expert. Developed by (ISC)2, a leader in the information security certification market, CCFP is for those who have been working in the field and would like to take the next step and apply their cyber forensics expertise to a variety of challenges. According to a recent report from the Center for Strategic and International Studies (CSIS), sponsored by security firm McAfee,…
  • add this feed to my.Alltop

    (ISC)2 Blog

  • Cybersecurity Jobs are in High Demand; Got what it Takes?

    (ISC)² Management
    3 Mar 2015 | 9:37 am
    With security attacks dominating news headlines, it’s no secret that global cybersecurity professionals are in high demand. According to the (ISC)² 2013 Global Information Security Workforce Study, two out of three C-level respondents reported security staff shortages. The lack of skilled and qualified information security professionals is having a negative economic impact, with 56% of respondents saying the staffing shortage is causing a huge impact on their organizations. The call to action is clear: We need a global call to arms within academia to develop enough talent to fulfill this…
  • An Appeal to the White House on Behalf of the (ISC)² Membership

    (ISC)² Management
    18 Feb 2015 | 10:17 am
    As the new executive director for (ISC)², one of my most critical goals is to be a global ambassador for our membership. Recently, the U.S. White House proposed reforms to the Computer Fraud and Abuse Act (CFAA) of 1986, which aim to prosecute those who exceed authorized access to online networks. If this proposal is enacted by law, it could make it more difficult for cybersecurity practitioners to perform their jobs to defend their organizations against malicious threats. Many (ISC)² members, with a high degree of professionalism and ethics, use tools that could fall under such prosecution…
  • What is a security expert?

    Sorin Mustaca
    13 Feb 2015 | 3:28 am
    I've been called a "security expert" many times and I've heard many times other people around me called the same. The reason I am writing this article is that I am frustrated by how some security experts are seing and implementing security in their every day jobs. But, let's start with the beginning: What does actually make someone a security expert? Or, when does someone become a security expert? The first thing that comes into my mind is, of course, his or her level of knowledge in this area. The more he knows, the better. I guess that things like certifications in IT…
  • Advice for Parents to Protect Children in an Advancing Cyber World

    (ISC)² Management
    10 Feb 2015 | 10:40 am
    Protecting children from online dangers is no easy task for parents today. There is no shortage of research offering insight into the concerns. In the U.S., Internet filtering software company Covenant Eyes tells us that 54% of girls are friends on social networks with someone they have never met in person: And, 74% of children have been contacted by a stranger online. Another study released today by the U.K. Safer Internet Centre, takes a look at the huge role that technology plays in supporting young people’s friendships, with 55% of the 150 11-to 16-year-olds who participated in their…
  • Comments from (ISC)² Leadership on Health Insurer Anthem's Breach

    (ISC)² Management
    5 Feb 2015 | 10:54 am
    The impact of an identity breach is potentially more dangerous and harmful than that of a credit card breach.  Credit card breaches are quickly mitigated by issuing a new card and account number – a routine process for card-issuing banks. Even with massive credit card breaches, actual credit card fraud is low because banks are so adept at responding. Identity attacks, such as the one on Anthem, will likely have a longer lasting and more devastating impact. The disclosure of Social Security numbers and other data points such as income, employment status and birth dates…
  • add this feed to my.Alltop

    Secure Hunter Anti-Malware » Secure Hunter Blog

  • Dridex Banking Trojan Spreading Via Macros in XML Files Secure Hunter

    shadmin
    6 Mar 2015 | 4:51 pm
    A phishing campaign that spiked this week is pushing the Dridex banking Trojan via malicious macros embedded in XML file attachments. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Dridex Banking Trojan Spreading Via Macros in XML Files Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Mandarin Oriental Confirms Data Breach at U.S., European Hotels Secure Hunter

    shadmin
    6 Mar 2015 | 4:51 am
    The Mandarin Oriental luxury hotel chain is investigating a data breach that affects credit cards used in an “isolated number” of its hotels in the United States and Europe. Company officials said that the attack involved “undetectable” malware on some of its systems and emphasized that only credit card data, and no other personal information, […] Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Mandarin Oriental Confirms Data Breach at U.S., European Hotels Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • New Analytics Tool Defines Language Used By Malicious Domains Secure Hunter

    shadmin
    5 Mar 2015 | 4:53 pm
    OpenDNS went public with a new analytics tool that can be used to detect malicious domains used in APT and cybercrime campaigns. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post New Analytics Tool Defines Language Used By Malicious Domains Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • New POS Malware Uses Mailslots to Avoid Detection Secure Hunter

    shadmin
    4 Mar 2015 | 4:52 am
    A new type of POS malware, LogPOS, is using technology that evades detection by letting the malware inject code while it shuttles stolen credit card numbers to its C+C server. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post New POS Malware Uses Mailslots to Avoid Detection Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Domain Shadowing Latest Angler Exploit Kit Evasion Technique Secure Hunter

    shadmin
    3 Mar 2015 | 4:51 pm
    The Angler Exploit Kit has begun using domain shadowing as a technique to avoid detection and blocking, researchers at Cisco Talos said. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Domain Shadowing Latest Angler Exploit Kit Evasion Technique Secure Hunter appeared first on Secure Hunter Anti-Malware.
 
  • add this feed to my.Alltop

    Elvidence | Computer Forensics

  • The Other Digital Divide

    admin
    6 Mar 2015 | 5:00 am
    We often hear public speakers talk about the digital divide. Usually they mean the sections of society that don’t have access to the Internet and therefore don’t get the best access to products and services via technology or are unable to find the best deals online. But there’s another digital divide too, between people who understand the technology they’re using and those who know just enough to get by. The latter group are able to use computers and mobile devices to carry out their daily tasks, but are likely to panic when something changes or doesn’t work as they expect. Digital…
  • Computer Forensic Services Explained

    admin
    13 Feb 2015 | 7:35 pm
    Elvidence provides a wide range of computer forensic services, ranging from data collection and analysis to computer hacking investigations and expert witness services. Whilst this type of work is often linked to gathering evidence for court cases it can have many other uses too. Here’s a look at some of what we can do for businesses and individuals. Computer Forensics There’s been a significant rise in the amount of computer and internet related crime in recent years. This is hardly surprising as we increasingly rely on computers and the internet to carry out transactions and…
  • The Information Security Challenges We’ll Face in 2015

    admin
    9 Jan 2015 | 8:42 pm
    Last year saw a number of high profile information security incidents. These ranged from targeted attacks on particular businesses, such as Sony, to vulnerabilities like Heartbleed that had the potential to affect a large part of the web. It would be naïve to think that we won’t see similar incidents in 2015. But what are the areas where we’re likely to see information security making the news this year? Insider Threats Whist there’s a popular image of hackers remotely attacking computer systems, often threats to businesses come from insiders who already have legitimate access to…
  • Computer Forensics and eDiscovery, Are They the Same Thing?

    admin
    5 Dec 2014 | 7:21 pm
    As businesses and individuals store more and more of their data in electronic format, whether on computers, mobile devices or in the cloud, the ability to extract and present that information in legal proceedings and disputes becomes more crucial. Most people would see this as Computer Forensics or eDiscovery, and indeed the terms are often used to mean the same thing. But the two aren’t quite the same and it’s important to understand why that’s so. The Main Differences In truth, the processes involved are very similar. Both involve the identification, preservation, collecting,…
  • How to avoid falling victim to BadUSB

    admin
    22 Nov 2014 | 9:34 pm
    One of the information security weaknesses that’s hit the news recently is the ‘BadUSB’ vulnerability. First revealed by researchers last summer, BadUSB allows the controller chips in USB devices to be reprogrammed so that they behave in a malicious way. There are a number of manufacturers of these chips which are used in flash drives and a wide range of other USB devices including external storage, printers and cameras. Depending on who made the chips some can be reprogrammed, some can’t and some only in a particular set of circumstances. The problem is that makers of end-user…
Log in