Digital Forensics

  • Most Topular Stories

  • "Monitoring for Delegation Token Theft"

    SANS Digital Forensics and Incident Response Blog
    Mike Pilkington
    30 Mar 2015 | 3:22 am
    Delegation is a powerful feature of Windows authentication which allows one remote system to effectively forward a user's credentials to another remote system. This is sometimes referred to as the "double-hop". This great power does not come without great risk however, as the delegation access tokens used for this purpose can be stolen by attackers and used for lateral movement. As such, it's important to be aware of this ability and to increase monitoring for malicious use of delegation.In order to monitor delegation activity, you need to identify where delegation is occurring.
  • Perspectives on Threat Intel

    Windows Incident Response
    Harlan Carvey
    15 Mar 2015 | 6:25 am
    Source: detect-respond.blogspot.comA while back, I tweeted, saying that "threat intel has it's own order of volatility".  That tweet got one RT and 2 favorites, and at the time, not much of a response beyond that.  Along the way, someone did disagree with me on that, stating that rather than an "order of volatility", threat intel instead has a "shelf life". Thinking about it, I can see where both are true.To begin with, let's consider this "order of volatility"...what am I referring to?  Essentially, what I'm talking about was detailed in 2002, in RFC 3227, Guidelines for…
  • The Attack on GitHub Must Stop

    TaoSecurity
    Richard Bejtlich
    27 Mar 2015 | 4:40 pm
    For many years, private organizations in the West have endured attacks by the Chinese government, its proxies, and other parties. These intruders infiltrated private organizations to steal data. Those not associated with the targeted organizations were generally not directly affected.Today an action by the Chinese government is affecting millions of users around the world. This is unacceptable.You may be aware that an American technology company, GitHub, is suffering a massive distributed denial of service attack, at the time of writing.According to Insight Labs, Internet traffic within China…
  • Forensic Products and Services Market in the US to Grow at a CAGR of 8.61 ... - Digital Journal

    digital forensics - Google News
    31 Mar 2015 | 7:52 am
    Forensic Products and Services Market in the US to Grow at a CAGR of 8.61 Digital JournalMarket Research Reports, Inc. has announced the addition of “Forensics Products and Services Market in the US 2015-2019” research report to their website http://www.MarketResearchReports.com. Lewes, DE -- (ReleaseWire) -- 03/31/2015 -- Report ...and more »
  • Cyber-attacks hit British Airways, GitHub and Slack

    Forensic Focus
    30 Mar 2015 | 6:24 am
    British Airways' air-miles accounts, the coding site GitHub and the work chat service Slack have all been hit in the latest wave of cyber-attacks. The firms have all notified their users of the incidents, which varied in approach and do not appear to be connected. In addition, several Uber users have complained of their accounts being hacked. However, the car pick-up service said it had "found no evidence of a breach". Complaints about points being stolen from the BA's Executive Club scheme date back at least a fortnight. Read More (BBC)
  • add this feed to my.Alltop

    SANS Digital Forensics and Incident Response Blog

  • "Monitoring for Delegation Token Theft"

    Mike Pilkington
    30 Mar 2015 | 3:22 am
    Delegation is a powerful feature of Windows authentication which allows one remote system to effectively forward a user's credentials to another remote system. This is sometimes referred to as the "double-hop". This great power does not come without great risk however, as the delegation access tokens used for this purpose can be stolen by attackers and used for lateral movement. As such, it's important to be aware of this ability and to increase monitoring for malicious use of delegation.In order to monitor delegation activity, you need to identify where delegation is occurring.
  • "Detecting DLL Hijacking on Windows"

    Adam Kramer
    25 Mar 2015 | 3:47 am
    Initially identified fifteen years ago, and clearly articulated by a Microsoft Security Advisory, DLL hijacking is the practice of having a vulnerable application load a malicious library (allowing for the execution of arbitrary code), rather than the legitimate library by placing it at a preferential location as dictated by the Dynamic-Link Library Search Order which is a pre-defined standard on how Microsoft Windows searches for a DLL when the path has not been specified by the developer.Despite published advice on secure development practices to mitigate this threat, being available for…
  • "How Miscreants Hide From Browser Forensics"

    Lenny Zeltser
    23 Mar 2015 | 10:26 pm
    Scammers, intruders and other miscreants often aim to conceal their actions from forensic investigators. When analyzing an IT support scam, I interacted with the person posing as the help desk technician. He brought up a web page on the victim's system to present payment form, so the person would supply contact and credit card details. He did this in a surprising manner, designed to conceal the destination URL.
  • "Just-In-Time VirusTotal Hash Checking"

    Adam Kramer
    18 Mar 2015 | 9:45 pm
    Hardly a day goes by without me hearing the phrase 'Threat Intelligence' being used in the context of big budget enterprise protection, but recently I have been giving some thought to what this means to the home user and small business.Most computers have (or at least, should have!) up-to-date antivirus software installed which provides a certain degree of protection and gives insight on whether a particular file, or set or circumstances, are suspicious according to vendor X (using signatures, reputation lookup and several other methods), but I'm sure there is more that the open source cyber…
  • "Has the smartphone finally outsmarted us?"

    hmahalik
    24 Feb 2015 | 6:32 pm
    I can honestly say that the most common question I am asked by examiners, investigators, students and even my neighbors is, "which phone is the most secure?" Obviously, the concern behind the question varies. Some want to secure their own device, and others, like myself, want to prove everyone in DFIR wrong by cracking into the toughest and most secure devices.Smartphone security has gotten drastically stronger in 2014. This year, we are expecting even more challenges when examining smartphones. When thinking about the forensic aspects of smartphone security and encryption, we have…
 
  • add this feed to my.Alltop

    Windows Incident Response

  • Perspectives on Threat Intel

    Harlan Carvey
    15 Mar 2015 | 6:25 am
    Source: detect-respond.blogspot.comA while back, I tweeted, saying that "threat intel has it's own order of volatility".  That tweet got one RT and 2 favorites, and at the time, not much of a response beyond that.  Along the way, someone did disagree with me on that, stating that rather than an "order of volatility", threat intel instead has a "shelf life". Thinking about it, I can see where both are true.To begin with, let's consider this "order of volatility"...what am I referring to?  Essentially, what I'm talking about was detailed in 2002, in RFC 3227, Guidelines for…
  • Links

    Harlan Carvey
    10 Mar 2015 | 5:53 pm
    Revisiting MacrosKahu Security posted this recent blog article that was pretty interesting.  I thought that the trick that was used was pretty interesting, and yes, "sneaky"...but part of me was wondering what this sort of thing would "look like" within a system image.  What I mean is, if you're tasked with looking at an image of a system that may have been infected via this sort of trick, what would you look for?The first thing that jumps out at me is the warning displayed in Word, in the second figure in the post.  Once the user clicks on the "Enable Content"…
  • How do you "do" analysis?

    Harlan Carvey
    2 Mar 2015 | 6:36 am
    Everybody remembers "The Matrix", right?  So, you're probably wondering what the image to the right has to do with this article, particularly given the title.  Well, that's easy...this post is about employing various data sources and analysis techniques, and pivoting in order to add context and achieve a greater level of detail in your analysis.  Sticking with just one analysis technique or process, much like simply trying to walk straight through the building lobby to rescue Morpheus, would not have worked.  In order to succeed, Neo and Trinity had to pivot and mutually…
  • Tools

    Harlan Carvey
    11 Feb 2015 | 6:04 am
    Microsoft recently released an update (KB 3004375) that allows certain versions the Windows OS to record command line options, if Process Tracking is enabled, in the Windows Event Log. Microsoft also recently upgraded Sysmon to version 2.0, with some interesting new capabilities.  I really like this tool, and I use it when I'm doing testing in my lab, to provide more detailed information about what's happening on the system. I like to run both of these side-by-side on my testing VMs, to see the difference in what's reported.  I find this to be very valuable, not only in testing, but…
  • A Smattering of Links and Other Stuff

    Harlan Carvey
    9 Jan 2015 | 4:00 am
    RegistryWell, 2014 ended with just one submission for the WRA 2/e Contest.  That's unfortunate, but it doesn't alter my effort in updating the book in any way.  For me, this book will be something to look forward to in 2015, and something I'm pretty excited about, in part because I'll be presenting more information about the analysis processes I've been using, processes that have led to some pretty interesting findings regarding various incidents and malware.In other Registry news, Eric Zimmerman has created an offline Registry parser (in C#) and posted it to GitHub.
  • add this feed to my.Alltop

    TaoSecurity

  • The Attack on GitHub Must Stop

    Richard Bejtlich
    27 Mar 2015 | 4:40 pm
    For many years, private organizations in the West have endured attacks by the Chinese government, its proxies, and other parties. These intruders infiltrated private organizations to steal data. Those not associated with the targeted organizations were generally not directly affected.Today an action by the Chinese government is affecting millions of users around the world. This is unacceptable.You may be aware that an American technology company, GitHub, is suffering a massive distributed denial of service attack, at the time of writing.According to Insight Labs, Internet traffic within China…
  • Can Interrogators Teach Digital Security Pros?

    Richard Bejtlich
    24 Mar 2015 | 1:38 pm
    Recently Bloomberg published an article titled The Dark Science of Interrogation. I was fascinated by this article because I graduated from the SERE program at the US Air Force Academy in the summer of 1991, after my freshman year there. SERE teaches how to resist the interrogation methods used against prisoners of war. When I attended the school, the content was based on techniques used by Korea and Vietnam against American POWs in the 1950s-1970s.As I read the article, I realized the subject matter reminded me of another aspect of my professional life.In intelligence, as in the most mundane…
  • Why Would Iran Welcome Western Tech?

    Richard Bejtlich
    2 Mar 2015 | 7:10 pm
    I noticed an AFP story posted by Al Jazeera America titled Iran could allow in Google, other tech companies if they follow rules. It included the following:Iran could allow Internet giants such as Google to operate in the the country if they respect its "cultural" rules, Fars news agency said on Sunday, quoting a senior official."We are not opposed to any of the entities operating in global markets who want to offer services in Iran," Deputy Telecommunications and Information Technology Minister Nasrollah Jahangard reportedly told Fars."We are ready to negotiate with them and if…
  • Boards Not Briefed on Strategy?

    Richard Bejtlich
    19 Feb 2015 | 9:43 am
    I'd like to make a quick note on strategy, after reading After high-profile hacks, many companies still nonchalant about cybersecurity in the Christian Science Monitor today. The article says:In a survey commissioned by defense contractor Raytheon of 1,006 chief information officers, chief information security officers, and other technology executives, 78 percent said their boards had not been briefed even once on their organization’s cybersecurity strategy over the past 12 months...The findings are similar to those reported by PricewaterhouseCoopers in its Global State of…
  • Elevating the Discussion on Security Incidents

    Richard Bejtlich
    19 Feb 2015 | 8:20 am
    I am not a fan of the way many media sources cite "statistics" on digital security incidents. I've noted before that any "statistic" using the terms "millions" or "billions" to describe "attacks" is probably worthless.This week, two articles on security incidents caught my attention. First, I'd like to discuss the story at left, published 17 February in The Japan Times, titled Cyberattacks detected in Japan doubled to 25.7 billion in 2014. It included the following:The number of computer attacks on government and other organizations detected in Japan doubled in 2014 from the previous…
 
  • add this feed to my.Alltop

    digital forensics - Google News

  • Forensic Products and Services Market in the US to Grow at a CAGR of 8.61 ... - Digital Journal

    31 Mar 2015 | 7:52 am
    Forensic Products and Services Market in the US to Grow at a CAGR of 8.61 Digital JournalMarket Research Reports, Inc. has announced the addition of “Forensics Products and Services Market in the US 2015-2019” research report to their website http://www.MarketResearchReports.com. Lewes, DE -- (ReleaseWire) -- 03/31/2015 -- Report ...and more »
  • Forensics Products and Services Market in the US - Digital Forensics is ... - SYS-CON Media (press release)

    30 Mar 2015 | 10:36 am
    Forensics Products and Services Market in the US - Digital Forensics is SYS-CON Media (press release)DALLAS, March 30, 2015 /PRNewswire-iReach/ -- According to a market research report Forensics Products and Services Market in the US 2015-2019 one major trend emerging in this market is the acceptance of digital Forensics. Digital Forensics deal with ...and more »
  • Lab tackles cyber criminals (and infamous Jeremy Clarkson video) - Bucks Herald

    30 Mar 2015 | 3:38 am
    Bucks HeraldLab tackles cyber criminals (and infamous Jeremy Clarkson video)Bucks Herald... is very important in bringing these people to justice.” From the left, Michelle Bowman, senior forensic investigator, Adrian Wood, head of investigations, Keith Cottenden, director, David Lidington MP and Mohammed Shaikh, marketing and communications.
  • Internet Infidelity: How Digital Forensics Find Cheaters - The Economic Voice (blog)

    26 Mar 2015 | 8:15 am
    The Economic Voice (blog)Internet Infidelity: How Digital Forensics Find CheatersThe Economic Voice (blog)You never want to think about it happening to you, but a sad reality is that many spouses cheat on their significant others. According to some research, about 15 to 18 percent of married people have cheated on their spouse at some point while they were ...and more »
  • New ISACA Guide Outlines Seven Key Considerations for Digital Forensics - iTWire

    24 Mar 2015 | 3:54 pm
    Infosecurity MagazineNew ISACA Guide Outlines Seven Key Considerations for Digital ForensicsiTWireSydney, Australia (25 March 2015)—In response to the growing number and impact of cyberattacks, global IT association ISACA has issued a new free guide that outlines a digital forensics process and key steps to consider. In “Overview of Digital ISACA Lays Out Forensics for the Data Breach EraInfosecurity Magazineall 3 news articles »
  • add this feed to my.Alltop

    Forensic Focus

  • Cyber-attacks hit British Airways, GitHub and Slack

    30 Mar 2015 | 6:24 am
    British Airways' air-miles accounts, the coding site GitHub and the work chat service Slack have all been hit in the latest wave of cyber-attacks. The firms have all notified their users of the incidents, which varied in approach and do not appear to be connected. In addition, several Uber users have complained of their accounts being hacked. However, the car pick-up service said it had "found no evidence of a breach". Complaints about points being stolen from the BA's Executive Club scheme date back at least a fortnight. Read More (BBC)
  • Interview with Arnim Eijkhoudt, Researcher & Lecturer, UAS

    29 Mar 2015 | 8:00 am
    Arnim, we caught up with you last year about Uforia. Could you tell us a bit about what's been happening with the project since then? Well, what we had in Amsterdam was more of a proof of concept really, to show what we could do with big data visualisation in the case of forensic investigations and ediscovery. Over the past year or so – I think it's about a year now – we've developed it into something that is close to being actually usable, in the sense that you could use it in production. So it's more or less stable, it works, you can put in random data. Read More
  • Passware Exposes Suspects’ Photo Stream to Computer Forensics

    25 Mar 2015 | 6:15 am
    Passware, Inc., a provider of password recovery, decryption, and electronic evidence discovery software for computer forensics, law enforcement organizations, government agencies, and private investigators, announces version 2 of its flagship encrypted electronic evidence discovery product – Passware Kit Forensic 2015. This new release now acquires suspects’ iPhone and iPad photos without an Apple ID or password, provided there is physical access to the computer with iCloud application installed. According to apple.com, “Your new photos appear automatically on the iOS devices,…
  • Interview with Nikola Radovanović, CEO, HddSurgery

    24 Mar 2015 | 12:08 pm
    Nikola, please tell us about HddSurgery. What first gave you the idea to develop tools for data recovery and computer forensics? I would not call it an idea, it was more a need for such tools. We have data recovery and forensics operations here and we had a problem that we needed to solve. At that time, seven years ago, we tried all the tools that were on the market. To our regret, all the tools that we could buy were bad quality and could not help us in job well or could not help us every time as they are supposed to. It was all up to engineer who is doing data recovery and forensics,…
  • New AccessData UTK® Bundle

    24 Mar 2015 | 11:58 am
    When it comes to incident response, the quick collection and triage of digital devices is crucial to identify where evidence may be contained. This expedites device processing and evidence identification to ultimately reduce case backlogs. AccessData’s Ultimate Toolkit® (UTK®) include FTK, nFIELD and AD Triage to allow you to collect and triage devices on-scene as well as analyze data from different sources faster. Three solutions, three discounted packages.
 
  • add this feed to my.Alltop

    (ISC)2 Blog

  • IT Security essentials for small and medium enterprises

    Sorin Mustaca
    22 Mar 2015 | 2:45 pm
    Since I first published the free eBook "Improve your security" dedicated to end users, I've been asked many times to give advises for small and medium enterprises. At first, I thought that this is a very different topic than what I wrote before. However, after some thinking, I realized, that difference between the behavior of end-users at home and in the office of a small to medium companies, doesn't differ that much. After all, it is no secret that the cyber criminals are where the money are. If the targets are easy to breach, it is even better since this…
  • Comments from (ISC)² Leadership on Premera Blue Cross Breach

    (ISC)² Management
    18 Mar 2015 | 7:17 am
    Those of us within the information security industry have known for some time that the healthcare industry was going to be a prime target for these types of attacks. Unfortunately, we’re likely to continue to see more of these breaches as the healthcare industry scrambles to improve its information security posture. I think we’re all concerned about the broad implications of these breaches regarding potential fraud, identity theft and the other strategies criminals use to monetize healthcare information.-David Shearer, CISSP, PMP, Executive Director, (ISC)² As the hacking assault on…
  • New Online Tool Helps (ISC)² Members Manage Vulnerabilities

    (ISC)² Management
    16 Mar 2015 | 6:30 am
    (ISC)² members now have a new tool to help corral vulnerabilities and published threats found throughout the Internet. Vulnerability Central is powered by Cytenna's tool, ThreatRank, and is the first module of a larger Security Central portal. New modules are scheduled for release throughout the coming years. With this new online tool, system administrators and other information security professionals can: -Check in to see the latest vulnerabilities and threat reports in one place.-Receive early notification of vulnerabilities to be better prepared to respond. -Research and prioritize…
  • Evaluating Cloud Services for Small and Medium Enterprises: The (ISC)² Perspective

    (ISC)² Management
    12 Mar 2015 | 11:15 am
    As a smaller organization, we balance building out more internal and robust IT infrastructure versus utilizing cloud services to fulfill those needs.  More infrastructure also means more personnel and overhead, and we weigh that against cost to determine the value of cloud services to our organization. We then balance whether or not the IT service we are thinking of moving to the cloud is a core or unique service to our business versus merely a commodity. Moving commodity services to the cloud, particularly to those providers with highly evolved and transparent security…
  • Cybersecurity Jobs are in High Demand; Got what it Takes?

    (ISC)² Management
    3 Mar 2015 | 9:37 am
    With security attacks dominating news headlines, it’s no secret that global cybersecurity professionals are in high demand. According to the (ISC)² 2013 Global Information Security Workforce Study, two out of three C-level respondents reported security staff shortages. The lack of skilled and qualified information security professionals is having a negative economic impact, with 56% of respondents saying the staffing shortage is causing a huge impact on their organizations. The call to action is clear: We need a global call to arms within academia to develop enough talent to fulfill this…
  • add this feed to my.Alltop

    Crime Museum » Blog

  • Murder?

    wilson.dejesus
    4 Mar 2015 | 2:00 am
    Murder? Sir William Blackstone, an 18th century English judge, is known for writing Commentaries on the Laws of England. This work was the original foundation for legal education in America and dominated the common law legal system for centuries. Blackstone broke the definition of murder down into five elements: 1. Unlawful 2. killing 3. of a human 4. by another human 5. with malice aforethought. The law was designed to define the various degrees and circumstances of murder in order to provide and achieve justice for all. Even though Blackstone did his best to dissect and define murder, in…
  • Profiles in Crime: Rayful Edmond

    crimemuseum
    5 Feb 2015 | 4:05 pm
    Rayful Edmond: The profile of a Kingpin. Called the John Gotti of Washington, D.C., notorious gangster Rayful Edmond terrorized and awed the Washington metropolitan area in the mid to late 1980’s with his tight control of the crack cocaine trade and accompanying lavish spending sprees. Known for dropping several thousand dollars a night at clubs, Edmond supposedly spent over $400,000 at a single store in the Georgetown neighborhood, whose owner was, coincidentally, convicted of money laundering soon after. Partially thanks to Edmond’s reign as drug lord, Washington, D.C. became known as…
  • Pro Se: Representing Yourself in Court

    crimemuseum
    5 Jan 2015 | 4:00 am
    Pro Se is a legal term that comes from Latin, meaning ‘for oneself’. It essentially means that you are representing yourself in court by choice without the help of an attorney. In the United States’ legal system, every individual is guaranteed, by the sixth amendment, the right to an appointed counsel, and also the right to represent him or herself in court. People may choose to represent themselves in court for a variety of reasons, including: avoiding the expense of hiring a lawyer, for smaller cases, the matter is often simple enough that the individual can take care of it them…
  • Do You Have Your Father’s Nose?

    crimemuseum
    27 Oct 2014 | 2:44 am
    Do you have your father’s nose? There are 29 bones (hyoid included) in the human skull, and for many years anthropologists have been using markers from this area of the body to determine sex, age, race, and to make personal identifications. However, forensic anthropology is a science that is greatly affected by changes and new developments in social morays and folkways. Simply put, what was once socially unacceptable often becomes acceptable, and even encouraged, with time. This fact is abundantly clear when one thinks about the checkered history of the United States. While being a…
  • Human Skulls and Forensic Anthropology

    crimemuseum
    24 Oct 2014 | 5:00 am
    Human skulls and forensic anthropology are changing together. There are 29 bones (hyoid included) in the human skull, and for many years anthropologists have been using markers from this area of the body to determine sex, age, race, and to make personal identifications. However, forensic anthropology is a science that is greatly affected by changes and new developments in social morays and folkways. Simply put, what was once socially unacceptable often becomes acceptable, and even encouraged, with time. Allow your mind to travel back to the 1960s and 1970s, and think about how the idea of…
  • add this feed to my.Alltop

    Secure Hunter Anti-Malware » Secure Hunter Blog

  • Ad Networks Ripe for Abuse Via Malvertising Secure Hunter

    shadmin
    31 Mar 2015 | 5:51 am
    Criminals have found a safe haven abusing legitimate processes, such as real-time bidding, implemented by online advertising networks to move exploits and malware, and build botnets and fraud campaigns. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Ad Networks Ripe for Abuse Via Malvertising Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • DDoS Attack Against GitHub Continues After More Than Four Days Secure Hunter

    shadmin
    30 Mar 2015 | 5:51 pm
    More than four days after it began, the massive DDoS attack on GitHub is still ongoing. The attack has evolved significantly since it started and GitHub officials said they believe that the goal of the operation is to force the site to remove some specific content. In the evening hours of March 25, DDoS attack […] Threatpost | The first stop for security news Secure Hunter Anti -Malware The post DDoS Attack Against GitHub Continues After More Than Four Days Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Google Adds Deceptive Software to Safe Browsing API Secure Hunter

    shadmin
    25 Mar 2015 | 5:51 pm
    Google is continuing to refine its Safe Browsing API and now is giving users warnings about not just malicious software on sites they’re attempting to visit, but also about unwanted software. Google’s Safe Browsing API is designed to help protect users from a variety of threats on pages across the Internet. The functionality is built into […] Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Google Adds Deceptive Software to Safe Browsing API Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Using Heat to Jump Air-Gapped Computers Secure Hunter

    shadmin
    24 Mar 2015 | 5:52 pm
    Researchers claim that when thermal energy from one computer is detected by an adjacent computer it can facilitate the spread of keys and malware. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Using Heat to Jump Air-Gapped Computers Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Latest Dridex Campaign Evades Detection with AutoClose Function Secure Hunter

    shadmin
    20 Mar 2015 | 5:51 pm
    Proofpoint discovered that a recent spate of phishing messages contained macros-based attacks that did not execute until the malicious document was closed. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Latest Dridex Campaign Evades Detection with AutoClose Function Secure Hunter appeared first on Secure Hunter Anti-Malware.
 
  • add this feed to my.Alltop

    Elvidence | Computer Forensics

  • The Other Digital Divide

    admin
    6 Mar 2015 | 5:00 am
    We often hear public speakers talk about the digital divide. Usually they mean the sections of society that don’t have access to the Internet and therefore don’t get the best access to products and services via technology or are unable to find the best deals online. But there’s another digital divide too, between people who understand the technology they’re using and those who know just enough to get by. The latter group are able to use computers and mobile devices to carry out their daily tasks, but are likely to panic when something changes or doesn’t work as they expect. Digital…
  • Computer Forensic Services Explained

    admin
    13 Feb 2015 | 7:35 pm
    Elvidence provides a wide range of computer forensic services, ranging from data collection and analysis to computer hacking investigations and expert witness services. Whilst this type of work is often linked to gathering evidence for court cases it can have many other uses too. Here’s a look at some of what we can do for businesses and individuals. Computer Forensics There’s been a significant rise in the amount of computer and internet related crime in recent years. This is hardly surprising as we increasingly rely on computers and the internet to carry out transactions and…
  • The Information Security Challenges We’ll Face in 2015

    admin
    9 Jan 2015 | 8:42 pm
    Last year saw a number of high profile information security incidents. These ranged from targeted attacks on particular businesses, such as Sony, to vulnerabilities like Heartbleed that had the potential to affect a large part of the web. It would be naïve to think that we won’t see similar incidents in 2015. But what are the areas where we’re likely to see information security making the news this year? Insider Threats Whist there’s a popular image of hackers remotely attacking computer systems, often threats to businesses come from insiders who already have legitimate access to…
  • Computer Forensics and eDiscovery, Are They the Same Thing?

    admin
    5 Dec 2014 | 7:21 pm
    As businesses and individuals store more and more of their data in electronic format, whether on computers, mobile devices or in the cloud, the ability to extract and present that information in legal proceedings and disputes becomes more crucial. Most people would see this as Computer Forensics or eDiscovery, and indeed the terms are often used to mean the same thing. But the two aren’t quite the same and it’s important to understand why that’s so. The Main Differences In truth, the processes involved are very similar. Both involve the identification, preservation, collecting,…
  • How to avoid falling victim to BadUSB

    admin
    22 Nov 2014 | 9:34 pm
    One of the information security weaknesses that’s hit the news recently is the ‘BadUSB’ vulnerability. First revealed by researchers last summer, BadUSB allows the controller chips in USB devices to be reprogrammed so that they behave in a malicious way. There are a number of manufacturers of these chips which are used in flash drives and a wide range of other USB devices including external storage, printers and cameras. Depending on who made the chips some can be reprogrammed, some can’t and some only in a particular set of circumstances. The problem is that makers of end-user…
Log in