Digital Forensics

  • Most Topular Stories

  • "DFIRCON East Advanced Smartphone Forensics Challenge Winner Announced!"

    SANS Digital Forensics and Incident Response Blog
    hmahalik
    8 Oct 2014 | 4:08 am
    Due to the vast amount of responses we got for our Smartphone Forensic Challenge, the winner was just determined. The rules states that the winner must answer 4 of the 6 questions correctly, and the lucky winner answered all 6 questions correctly. Shawna Denson, you are the lucky winner!!!!Thank you to everyone who submitted. FOR585 Advanced Smartphone Forensics is currently being held online virtual training via onDemand, at Network Security 2014 (Las Vegas), and
  • WRF 2/e Contest

    Windows Incident Response
    Harlan Carvey
    23 Oct 2014 | 5:57 am
    I recently posted that Syngress has agreed to publish a second edition of Windows Registry Forensics, and in that post, I mentioned that I wanted to provide those in the community with an opportunity to have input into the content of the book prior to it being published.  I know that it's only been a couple of days since the post was published, but historically, requests like these haven't really panned out.  As such, I wanted to take something of a different approach...at the recommendation of a friend, and stealing a page from the Volatility folks, I'm starting a contest for…
  • I am not suffering from blogger’s block.

    digfor
    30 Sep 2014 | 8:59 pm
    I post rarely on this blog, but not because I am suffering from blogger’s block; on the contrary, I have too many ideas and exciting things to share. Unlike writing about travel or weather however, digital forensic topics require more time to verify, test and research. Work eats up most of my time, so I have not much time left for blogging at the moment.Currently I am contributing to our Computer Forensic Company's blog, where you can always find fresh stuff under the NEWS section.Social Media has finally caught up with me as well, despite my resistance. I recently started using Google+ for…
  • POODLE Advisory

    Checkmate
    Alex Rajan
    20 Oct 2014 | 1:30 am
    What is POODLE? POODLE stands for Padding Oracle On Downgraded Legacy Encryption Vulnerability CVE: CVE-2014-3566 What is the attack? The attack occurs when an attacker is able to downgrade the client to use SSLv3. By simulating a failure during the negotiation process, an attacker can force a browser and a server to renegotiate using an Read More... The post POODLE Advisory appeared first on Checkmate.
  • Forensic Focus Forum Round-Up

    Forensic Focus
    21 Oct 2014 | 7:37 am
    Welcome to this round-up of recent posts to the Forensic Focus forums. Is it legal to travel to China with full disk encryption on a laptop? Forum members discuss recovering deleted emails and OST/PST conversion. An OS HDD seems to contain files but is unreadable; how can it be accessed? Add your thoughts on the forum. A conversation about how data can be validated in forensic investigations, and the coining of the word 'Assumptionware'. Forum members discuss how to virtualise a disk image. How do you restore an iPhone that is stuck in recovery? Chime in on the forum. How much information…
  • add this feed to my.Alltop

    SANS Digital Forensics and Incident Response Blog

  • "DFIRCON East Advanced Smartphone Forensics Challenge Winner Announced!"

    hmahalik
    8 Oct 2014 | 4:08 am
    Due to the vast amount of responses we got for our Smartphone Forensic Challenge, the winner was just determined. The rules states that the winner must answer 4 of the 6 questions correctly, and the lucky winner answered all 6 questions correctly. Shawna Denson, you are the lucky winner!!!!Thank you to everyone who submitted. FOR585 Advanced Smartphone Forensics is currently being held online virtual training via onDemand, at Network Security 2014 (Las Vegas), and
  • "Announcing the GIAC Network Forensic Analyst Certification - GNFA"

    SANS Institute
    6 Oct 2014 | 11:07 pm
    A new security certification focused on the challenging field of network forensicsBETHESDA, MD - October 7, 2014- Global Information Assurance Certification (GIAC) is pleased to announce a new forensics certification, the GIAC Network Forensic Analyst (GNFA). The GNFA validates that professionals who hold this credential are qualified to perform examinations employing network forensic artifact analysis and demonstrate an understanding of the fundamentals of network forensics, normal and abnormal conditions for common network protocols, the process and tools used to examine device and system…
  • "SANS Cyber Threat Intelligence Summit - Call For Papers Now Open"

    SANS Institute
    1 Oct 2014 | 1:56 am
    SANS Cyber Threat Intelligence Summit Call For Papers 2015.Send your submissions to CTISummit@sans.org by 5 pm EST on Friday, October 24, 2014 with the subject"SANS CTI Summit CFP 2015."Dates: Summit Dates: February 2 & 3, 2015Pre?Summit Course Dates: February 4?9, 2015Location:Washington, DC Our 3rd annual Cyber Threat Intelligence (CTI) Summit will once again be held in Washington DC.Summit Co-Chairs:Mike Cloppert and Rick HollandThe goal of this summit will be to equip attendees with knowledge on the tools, methodologies and processes they need to move forward…
  • "TorrentLocker Unlocked"

    sansforensics
    8 Sep 2014 | 9:57 pm
    Guest submission byTaneli Kaivola, Patrik Nisn and Antti Nuopponen of NIXUTorrentLocker is a new breed of ransomware that has been spreading lately. Like CryptoLocker and CryptoWall it encrypts files on a victim's machine and then demands ransom. The victim has to pay to get the decryption software that can decrypt the files.On a recent incident response case we came across a malware program that had all the known characteristics of TorrentLocker. We started to analyze the malware to see if there was a way to get the files decrypted without paying the ransom. It is well known that some…
  • "Super Sunday Funday Forensic Challenge"

    SANS Institute
    4 Sep 2014 | 1:40 am
    The Challenge: Starting September 4, 2014 on the Hacking Exposed Computer Forensics Blog the first forensicimage will be available for download. Your goal is to solve the questionwith the first forensic image and email it to dcowen@g-cpartners.com.The Challenge:The first forensic image is available for download. Your goal is to solve the question with the first forensic image located at:https://mega.co.nz/#!qoxgGYCY!1jM32pncF0wE-TROhaXFI07hZbu5AfZ1BJE-p8tm1moand email the answer to the following questionsto:dcowen@g-cpartners.com.What was used to wipe this drive?What special options were…
 
  • add this feed to my.Alltop

    Windows Incident Response

  • WRF 2/e Contest

    Harlan Carvey
    23 Oct 2014 | 5:57 am
    I recently posted that Syngress has agreed to publish a second edition of Windows Registry Forensics, and in that post, I mentioned that I wanted to provide those in the community with an opportunity to have input into the content of the book prior to it being published.  I know that it's only been a couple of days since the post was published, but historically, requests like these haven't really panned out.  As such, I wanted to take something of a different approach...at the recommendation of a friend, and stealing a page from the Volatility folks, I'm starting a contest for…
  • RegRipper v2.8 is now on GitHub

    Harlan Carvey
    22 Oct 2014 | 12:53 pm
    RegRipper v2.8 is now available on GitHub.From this point forward, this repository should be considered THE repository for RegRipper version 2.8.  If you want a copy of RegRipper, just click the "Download ZIP" button on the right of the browser window, and save the file...doing so, you'll have the latest-and-greatest set of plugins available. If you have any questions, please feel free to contact me.
  • Windows Event Logs

    Harlan Carvey
    21 Oct 2014 | 4:31 am
    Dan recently tweeted:Most complete forensics-focused Event Log write-ups? DFIRI have no idea what that means.  I'm going to assume that what Dan's looking for is information regarding Event Logs records that have been found useful or valuable to forensic analysts, or potentially could be.EVT vs EVTXWindows XP is no longer supported by Microsoft, but there are still XP and 2003 systems out there, and as such, some of us are still going to need to know the difference between Event Logs (XP, 2003), and Windows Event Logs (Vista+). Besides the binary differences in the records and Event Log…
  • Publishing DFIR Books

    Harlan Carvey
    20 Oct 2014 | 5:45 pm
    I recently received notification that Syngress is interesting in publishing a second edition of Windows Registry Forensics.  I submitted my proposed outline, the reviews of which were apparently favorable enough to warrant a second edition. I've blogged before regarding writing DFIR books, and that effort seems to have fizzed a bit.  I wanted to take the opportunity to give another shot and see if I couldn't resurrect this topic, or a portion of it, just a bit.  So, the purpose of this blog post is two-fold: to set expectations of the upcoming edition, as well as offer…
  • Stuff

    Harlan Carvey
    6 Oct 2014 | 6:17 am
    IRHere's a really good...no, I take that back...a great blog post by Sean Mason on "IR muscle memory".  Take the time to give it a read, it'll be worth it, for no other reason than because it's valuable advice.  Incident response cannot be something that you talk about once and never actually do; it needs to be part of muscle memory.  Can you detect an incident, and if so, how does your organization react?  Or, if you receive an external notification of a security incident, how does your organization respond?A couple of quotes from the blog post that I found interesting…
  • add this feed to my.Alltop

    digfor

  • I am not suffering from blogger’s block.

    30 Sep 2014 | 8:59 pm
    I post rarely on this blog, but not because I am suffering from blogger’s block; on the contrary, I have too many ideas and exciting things to share. Unlike writing about travel or weather however, digital forensic topics require more time to verify, test and research. Work eats up most of my time, so I have not much time left for blogging at the moment.Currently I am contributing to our Computer Forensic Company's blog, where you can always find fresh stuff under the NEWS section.Social Media has finally caught up with me as well, despite my resistance. I recently started using Google+ for…
  • Disarming suspicious PDF files on Apple Mac

    20 May 2014 | 9:23 am
    You can't be too careful these days when browsing the Internet. I tend to read a lot of documents in PDF, often emailed to me as attachments or downloaded directly from the net. Even if the document comes from a trusted source, I tend to run in through Didier Stevens's pdfid tool with -d for disarm argument. pdfid.py script is written in Python and disables the automatic actions and scripts in PDF. You can read a brief explanation about how it works here.Most of the time I am online on my beloved MacBook Air. Running the script in command line in the middle of something can be…
  • Distributed Processing Notes

    9 May 2014 | 9:04 pm
    I tested distributed case processing and password cracking today by adding Amazon EC2 instances to the local processing resources. Purpose - tmp improve processing (& decryption) speed with security and budget in mind. I used Amazon "compute optimised" instances "c3.8xlarge", each with 32 Virtual CPU; 60GB RAM; 2 x 320 (SSD) and 10 Gigabit Network. "c3.8xlarge" instance costs around $3 USD per hour. My Internet link was a bottleneck, because it only supports 15.62 Mbps (15615 kbps). I used 'soon to be decommissioned' Free LogMeIN service, participating nodes were setup as…
  • InfoSec To-Do list

    5 May 2014 | 12:43 am
    Chief InfoSec Officer's (CISO) To-Do list as mentioned by E. Cole.
  • Windows Forensic Live CD

    20 Nov 2013 | 3:38 am
    Previously, making Windows based Forensic Live CD was not for everyone, mostly due to the amount of tinkering involved. WinXP and Win7 based Live CD's also have problems with writing a Windows drive signature to write-protected drives.Mini-WinFE project has changed this.  Creating a Forensic Live CD with Mini-WinFE is done in a few mouse-clicks. Windows 8 and 8.1 also appear not to write a drive signature to the wire-protected disk.From my experience Windows 8.1 Enterprise based Live CD has some issues when adding custom programs to it. The Win 8.1 Pro version works perfectly…
 
  • add this feed to my.Alltop

    Checkmate

  • POODLE Advisory

    Alex Rajan
    20 Oct 2014 | 1:30 am
    What is POODLE? POODLE stands for Padding Oracle On Downgraded Legacy Encryption Vulnerability CVE: CVE-2014-3566 What is the attack? The attack occurs when an attacker is able to downgrade the client to use SSLv3. By simulating a failure during the negotiation process, an attacker can force a browser and a server to renegotiate using an Read More... The post POODLE Advisory appeared first on Checkmate.
  • Mitigating the Remote Code Execution in Bash

    Rajesh Deo
    6 Oct 2014 | 3:28 am
    Introduction In the last post we saw how the recent bash vulnerability can be remotely exploited in a variety of ways. How do we defend against this? Below we discuss steps that will help your organization identify vulnerable components and initiate mitigation activities. Steps to identify, test and mitigate vulnerable systems   Make an inventory Read More... The post Mitigating the Remote Code Execution in Bash appeared first on Checkmate.
  • Bourne Again Shell (Bash) Remote Code Execution Vulnerability

    Rajesh Deo
    26 Sep 2014 | 2:35 am
    Introduction A remotely exploitable vulnerability was discovered by Stephane Chazelas of Akamai in the GNU Bash command shell. The vulnerability has been assigned the CVE identifier CVE-2014-6271. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. The issue affects all UNIX and UNIX-like systems such as Linux Read More... The post Bourne Again Shell (Bash) Remote Code Execution Vulnerability appeared first on Checkmate.
  • ATM Application Whitelisting Security Assessment

    Wasim Halani
    22 Sep 2014 | 1:10 am
    During a recent engagement, we were asked to test the security level of an application white-listing solution deployed on the Windows XP ATMs of one of the largest ATM manufacturers in the world. The reason such solutions are in vogue is that Windows XP is no longer supported by Microsoft and no security patches are Read More... The post ATM Application Whitelisting Security Assessment appeared first on Checkmate.
  • Metrics For Your Information Security Solutions

    K K Mookhey
    14 Sep 2014 | 8:58 am
    Recently, on one of the security mailing lists a query was posted as to what metrics should be produced from a Data Leakage Prevention Solution, an Intrusion Prevention System, and from the Firewalls being managed by the security team. Here’s the response I sent in which is being shared for a larger audience: Basically, what management Read More... The post Metrics For Your Information Security Solutions appeared first on Checkmate.
  • add this feed to my.Alltop

    Forensic Focus

  • Forensic Focus Forum Round-Up

    21 Oct 2014 | 7:37 am
    Welcome to this round-up of recent posts to the Forensic Focus forums. Is it legal to travel to China with full disk encryption on a laptop? Forum members discuss recovering deleted emails and OST/PST conversion. An OS HDD seems to contain files but is unreadable; how can it be accessed? Add your thoughts on the forum. A conversation about how data can be validated in forensic investigations, and the coining of the word 'Assumptionware'. Forum members discuss how to virtualise a disk image. How do you restore an iPhone that is stuck in recovery? Chime in on the forum. How much information…
  • Cyber crime: First online murder will happen by end of year, warns US firm

    20 Oct 2014 | 7:23 am
    Governments are ill-prepared to combat the looming threat of "online murder" as cyber criminals exploit internet technology to target victims, the European policing agency warned. In its most alarming assessment of the physical danger posed by online crime, Europol said it expected a rise in "injury and possible deaths" caused by computer attacks on critical safety equipment. Police forensic techniques need to "adapt and grow" to address the dangers posed by the so-called "Internet of Everything" – a new era of technological interconnectedness in which everything from garage doors to…
  • Pro Hackers Petition White House For DMCA And Computer Crime Law Reform

    16 Oct 2014 | 5:43 am
    Whitehat hackers have backed an ambitious White House petition, put together by a noted legal expert, calling for reform of both the Digital Millennium Copyright Act (DMCA) and the Computer Fraud and Abuse Act (CFAA). Their claim is that both statutes have stopped them doing their day job properly, preventing proper research into widely deployed and critical technologies. Rapid7 researcher Jay Radcliffe tells me he was deterred from thorough research into insulin pumps because he was afraid the manufacturers’ armies of lawyers might have sued him using the DMCA. Understandably, Radcliffe, a…
  • Inside the Homeland Security Investigations Computer Forensics Lab

    13 Oct 2014 | 6:54 am
    Nearly every case Homeland Security Investigations (HSI) opens has some sort of digital evidence to be collected and analyzed. But the work can’t be done by just anyone. The data must be meticulously cared for by agents trained to preserve the integrity of the material, who can also combat suspects’ attempts to erase their digital dealings — even from afar. To address the need locally, HSI built a state-of-the-art computer forensics lab inside its Philadelphia offices to process the growing amount of evidence amassed from computers, smartphones and other mobile devices... Read More…
  • Devices being remotely wiped in police custody

    9 Oct 2014 | 6:11 am
    All the data on some of the tablets and phones seized as evidence is being wiped out, remotely, while they are in police custody, the BBC has learned. Cambridgeshire, Derbyshire, Nottingham and Durham police all told BBC News handsets had been remotely "wiped". And Dorset police said this had happened to six of the seized devices it had in custody, within one year. The technology used was designed to allow owners to remove sensitive data from their phones if they are stolen... Read More (BBC)
 
  • add this feed to my.Alltop

    (ISC)2 Blog

  • (ISC)² Credentials and the Absolute Requirement for Experience

    (ISC)² Management
    23 Oct 2014 | 1:41 pm
    By (ISC)² Board Chair Wim Remes and (ISC)² Executive Director Hord TiptonWhen it comes to information security credentials, (ISC) believes in the absolute requirement for experience; and this is a factor that leads to our organization often being referred to as the Gold Standard. We are distinguished amongst certifying bodies because we stress the value of collaboration, experience, and continuous learning to both the (ISC)membership and information security industry at large. And we don’t grandfather. While the value of education is obviously crucial in our field, or really any industry…
  • (ISC)² Releases Set of Cybersecurity Tips for Home Owners

    (ISC)² Management
    21 Oct 2014 | 8:29 am
    To celebrate the 11th annual National Cyber Security Awareness Month (NCSAM), (ISC)² has released its third set of tips by security experts: cybersecurity tips for home owners. “Whatever browser you use, make sure you are using the site evaluation tools available to help identify safe/not-so-safe sites. With this, you get a color-coded rating of the site before you visit. You can also establish secure connections on most sites automatically through add-ons and extensions. Don’t advertise your router address name (SSID).  Set it to hide. Use WPA2 security protocol.  Most all…
  • (ISC)² Global Research Program to Track Cybersecurity Skills Gap and Landscape Now Open

    (ISC)² Management
    20 Oct 2014 | 7:43 am
    In our digitally-driven world, it’s crucial to have a current understanding of the evolving risks and responsibilities that information security professionals face. The (ISC)2 Global Information Security Workforce Study (GISWS) is the only research available that truly offers a detailed picture of how the global cybersecurity professional is changing and driving other business factors. A respected industry benchmark referenced by governments, employers, professionals, and industry stakeholders around the world for more than 10 years, this ongoing research provides much needed insight into…
  • JP Morgan attack highlights how basic failures in software expose major banks to amateur hackers

    (ISC)² Management
    8 Oct 2014 | 8:40 am
    “The revelation that hackers were able to use widely-known vulnerabilities to burrow deep inside JP Morgan’s computer systems-compromising some 76 million household accounts and 7 million small firms- shows that software with very basic flaws is still in widespread use at corporations, providing an easy route for experienced and amateur hackers. What is even more disturbing is that, with so many basic flaws in commonly-used software, this attack may just be a ‘reconnaissance mission’ to prepare the ground for much worse future attacks. We now know the hackers gained a comprehensive…
  • Shellshock Bug Comments from (ISC)² Leadership

    (ISC)² Management
    26 Sep 2014 | 1:17 pm
    “Shellshock will be a test of business resolve to prioritise security. So much of the data breaches that make headlines today can be traced to old or known vulnerabilities that have not been addressed. Now that shell shock has been revealed, and the door has been thrown open, it will be interesting to see if companies take action. It is clear that the potential exposure is significant. Linux underpins the majority of webservers, network routers and Apple’s MAC PCs running OS X. It is not clear, however, whether there has been any loss through successful exploitation of the flaw. I fear…
  • add this feed to my.Alltop

    viaForensics

  • Chicago Tribune Interviews viaForensics CEO and President

    Linnea
    20 Oct 2014 | 8:09 am
    “Some of it’s luck, some of it is intuition, some of it is timing, and a lot of it is hard work… the way I look at it, you get one shot. And this is clearly our shot.” – Andrew Hoog, October 17, 2014 Read the full article
  • Hundreds of thousands of Android devices at risk to default browser vulnerability

    KevinS
    3 Oct 2014 | 11:28 am
    A recently disclosed same-origin policy (SOP) bypass flaw in the Android browser enables attackers to direct a user to a malicious page. That page runs JavaScript that allows them to read data from web pages the user has left open in other browsers. Hundreds of thousands of affected users “It’s a major issue,” Ted Eull, our VP of mobile security services told CSO Online. “Because the browser was included by default on many devices pre-KitKat (version 4.4), there are potentially hundreds of thousands of affected users.” The vulnerability affects many Android users…
  • Tips for Small Businesses to Protect Against a Data Breach

    KevinS
    29 Sep 2014 | 9:54 am
    Protecting Your Business From a Data Breach There have been a number of successful data breaches levied against large businesses recently. These companies include Home Depot, Target, UPS, Michaels, and others. Many smaller businesses are at serious risk as well. Companies that take credit cards as payment – and most today do – are targets for hackers that want a traditionally less secure, and therefore easier, target. Most smaller businesses don’t have the capital to put into computer and mobile security as larger organizations do, putting them at an even greater risk for…
  • viaTalks en español con Pau Oliva: demostración de análisis de aplicaciones móviles utilizando viaLab

    Linnea
    17 Sep 2014 | 1:14 pm
    El jueves 18 de septiembre nuestro ingeniero de seguridad móvil Pau Oliva (@pof) dará una viaTalks a las 11 de la mañana CDT donde se discutirá viaLab y dará una demostración. Regístrese El programa Él describirá viaLab y sus usos. Así, mostrará cómo se puede usar viaLab para analizar una aplicación móvil. Hablará sobre las opciones y explicará y los resultados de un análisis forense con viaLab. Para ver toda la demostración, no dude en inscribirse a esta viaTalks. Si tiene alguna pregunta o comentario para Pau, por favor hágalo a través de un comentario en este blog o a…
  • viaForensics one of “next 10 emerging growth companies”

    Linnea
    15 Sep 2014 | 9:28 am
    “From World Business Chicago: The Oak Park, Ill. company offers a suite of mobile device security products that provide BYOD and mobile app security as well as Android forensics.” -September 11, 2014Read the full article
  • add this feed to my.Alltop

    DFI News All

  • Contact Opposing Counsel After Inadvertent Disclosure

    rwaters
    24 Oct 2014 | 6:53 am
    What happens when a lawyer inadvertently produces an attorney protected by the attorney-client privilege? A Magistrate Judges and District Court Judge orders the receiving party to destroy the inadvertently produced email. Iowa is the home of where John Atanasoff invented the first computer in 1939. It is also the home of Federal Judges who conduct excellent legal analysis of whether an inadvertent production waives the attorney-client privilege over an email.Read more about Contact Opposing Counsel After Inadvertent Disclosure Comments
  • White Hat Hackers Employed to Find Vulnerabilities

    rwaters
    24 Oct 2014 | 6:42 am
    Cyber-crime is big business in the digital age, so a Bay Area security firm has hired a sophisticated group of hackers to break into computer systems. Jay Kaplan heads up Synack in Redwood City, which is recruiting computer experts who have fulltime day jobs to offer them an opportunity to make cash on the side by breaking into systems owned by clients. “These are the good guys,” Kaplan said. “White-hat hackers” deliberately break into computer systems and digital devices to find vulnerabilities before “black-hat hackers” can exploit them.Read more about White Hat Hackers Employed…
  • Carmakers Ignore Hacking Risk

    rwaters
    24 Oct 2014 | 6:37 am
    As high-tech features like adaptive cruise control, automatic braking and automatic parallel parking systems make cars smarter, it's also making them more vulnerable to hackers – a risk that an automotive security researcher says carmakers appear to be ignoring. "There's no culture of security," said Chris Valasek, director of vehicle security research at the computer security consulting firm IOActive, in a keynote speech at the SecTor IT security conference in Toronto this week.Read more about Carmakers Ignore Hacking RiskComments
  • Microsoft PowerPoint as an Attack Vector

    rwaters
    24 Oct 2014 | 6:34 am
    Microsoft is scrambling to issue a Windows update after security researchers discovered a flaw in PowerPoint that hackers are using to seize control of computers. Computer World reports that the security problem affects all of the currently supported releases of Windows. The vulnerability was discovered by three Google employees and two staff of McAfee Security.Read more about Microsoft PowerPoint as an Attack VectorComments
  • Cloud Computing Presents a Unique Forensic Challenge

    23 Oct 2014 | 5:00 pm
    Read more about Cloud Computing Presents a Unique Forensic ChallengeComments
 
  • add this feed to my.Alltop

    Secure Hunter Anti-Malware » Secure Hunter Blog

  • Researcher Finds Tor Exit Node Adding Malware to Binaries Secure Hunter

    shadmin
    24 Oct 2014 | 5:52 pm
    A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services. Josh Pitts of Leviathan […] Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Researcher Finds Tor Exit Node Adding Malware to Binaries Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Malvertising Campaign on Yahoo, AOL, Triggers CryptoWall Infections Secure Hunter

    shadmin
    24 Oct 2014 | 5:50 am
    Attackers have been leveraging the FlashPack Exploit Kit to peddle CryptoWall 2.0 ransomware on unsuspecting visitors to sites like Yahoo, The Atlantic and AOL. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Malvertising Campaign on Yahoo, AOL, Triggers CryptoWall Infections Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • NAT-PMP Protocol Vulnerability Puts 1.2 Million SOHO Routers At Risk Secure Hunter

    shadmin
    23 Oct 2014 | 5:52 pm
    More than 1 million SOHO routers and embedded devices are vulnerable to a serious vulnerability in the NAT-PMP protocol that enables traffic hijacking and denial of service attacks. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post NAT-PMP Protocol Vulnerability Puts 1.2 Million SOHO Routers At Risk Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Attackers Exploiting Windows OLE Zero Day Vulnerability Secure Hunter

    shadmin
    23 Oct 2014 | 5:51 am
    Attackers are using a zero day vulnerability in nearly all supported versions of Windows in a series of targeted attacks. The flaw is in the OLE technology in Windows and can be used for remote code execution is a targeted user opens a rigged Office file. Microsoft is warning customers that there is no patch available […] Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Attackers Exploiting Windows OLE Zero Day Vulnerability Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Exploit For Patched Flash Vulnerability Already In Two Exploit Kits Secure Hunter

    shadmin
    22 Oct 2014 | 5:53 pm
    A week-old Adobe Flash Player vulnerability has already been integrated into the Angler and Fiesta exploit kits, researcher Kafeine discovered. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Exploit For Patched Flash Vulnerability Already In Two Exploit Kits Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • add this feed to my.Alltop

    Elvidence | Computer Forensics

  • When is an Expert Opinion Allowed in Law?

    admin
    23 Oct 2014 | 9:39 pm
    There’s an old joke which says that the definition of ‘expert’ is derived from ‘ex’ – meaning a has been, and ‘spurt’ – meaning a drip under pressure. In the legal world though defining an expert is rather more serious. Similarly an opinion, in most cases, is simply whatever an individual thinks. However, the law likes to deal with facts which means that opinion can be something of a dirty word. Expert opinions are a different matter and are often called on when legal matters deal with specialist areas. Let’s take a more detailed look at when an expert opinion is…
  • Demystifying the eDiscovery Process

    admin
    16 Oct 2014 | 6:46 am
    As a society our increased reliance on computers, smartphones and other electronic gadgets means that more and more of our information is stored in digital form. From a lawyer’s point of view this electronically stored information (ESI) presents a number of challenges in terms of capturing and preserving material relevant to a particular case. What is ESI? Put simply, any device containing electronic storage can be a source of ESI. These can be company servers, desktop or laptop PCs and workstations used by employees, as well as mobile devices such as smartphones and tablets. ESI isn’t…
  • Elvidence Extends Market-leading eDiscovery Platform to the Web

    admin
    8 Oct 2014 | 4:22 pm
    PRESS RELEASE | SYDNEY, NSW (October 9, 2014) — Elvidence , a national forensic technology provider today announced a new secure, web-based eDiscovery offering designed to provide investigators, law firms, small and medium sized businesses (SMBs), with a fast, easy-to-use and cost-effective way to gather and analyse digital evidence. Elvidence can handle the entire eDiscovery lifecycle from processing and early case assessment through to analysis, review and production. All of this is delivered as a secure, web-based software as a service (SaaS) offering. The applications of this service…
  • Dealing With Data Breaches – Why Having a Plan May not be Enough

    admin
    5 Oct 2014 | 11:35 pm
    Data security breaches and hacking seem to make the news on a depressingly regular basis these days. This type of incident can cost a company dear both financially and in terms of the damage caused to its reputation. It’s crucial therefore that any response is effective and timely in order to first contain and then mitigate the effects of a breach or attack. This means having a plan in place to deal with security issues, but planning isn’t always enough. Take the case of retailer Target in the US, it had a security team and then latest tools in place but still managed to get caught out.
  • Data Loss Prevention with eDiscovery

    admin
    3 Oct 2014 | 2:31 am
    Information security is no laughing matter. Several recent incidents clearly demonstrate the damage that an information security breach can cause to a company’s brand and reputation. This article discusses the application of eDiscovery and Computer Forensics methods to help lessen the risk of your data falling into the wrong hands. To address this issue correctly, we must first distinguish the differences between Data Loss Prevention and Data Leak Prevention (DLP). Data loss occurs when data is leaked and falls into the hands of another party (such as a hacker or your competition). On the…
Log in