Blog Posts Tagged with "Forensics"


Selling Your Old Smartphone? Not Smart...

July 12, 2012 Added by:Robert Siciliano

I purchased a bunch of used devices off of Craigslist and eBay to see if I could find data on the devices. I found a startling amount of personal data including photos, phone numbers, addresses, emails, text messages and passwords. Even if you wipe and reformat a hard drive, you may still miss something...

Comments  (0)


Network Forensics: Tracking Hackers through Cyberspace

July 11, 2012 Added by:Ben Rothke

With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel. But by page twenty-five, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the business...

Comments  (0)


ICS-CERT: Preserving Forensic Data

June 01, 2012 Added by:Infosec Island Admin

Preserving forensic data is an essential aspect of incident response. The data acquired during the process is critical to containing the intrusion and improving security to defend against the next attack. Network defenders should make note of the following recommendations for retention of essential forensic data...

Comments  (0)


Root Cause Analysis (RCA): A Critical Skill

May 24, 2012 Added by:Rafal Los

Recently at TakeDownCon I brought up a term during my offense keynote that I thought the audience would, and should, be familiar with. Unfortunately, when I asked who was familiar with Root Cause Analysis only a few hands out of the whole room went up. This was a bit distressing...

Comments  (0)


Attribution: Inductive vs. Deductive Reasoning

May 18, 2012 Added by:Infosec Island Admin

In the present day where cyberwar is all the rage, and governments as well as private sector entities are seeking to cash in on the power grab that is mostly information warfare - as the Chinese call it - too many are forgetting a core problem to the picture: Attribution...

Comments  (7)


Security BSides Detroit Announces its June Schedule

May 15, 2012 Added by:Steven Fox, CISSP, QSA

The BSides conference is billed as a un-conference where practitioners go for clear unfiltered view of the industry. The conference features two tracks and thirty-two talks of local and national experts on a variety technical and non-technical subjects...

Comments  (0)


Logging: Opening Pandora's Box - Part 2 - Elation

May 10, 2012 Added by:Rafal Los

Once you get over the anxiety of logging, a wave of elation generally hits. Whether you're getting excited about being able to catch evil-doers in the act, or the capability to notice system failures before they happen logging can save your skin more than you'd think...

Comments  (0)


ICS-CERT: Planning for a Cyber Incident?

May 08, 2012 Added by:Infosec Island Admin

Organizations without an existing incident response capability should consider establishing one. To aid control systems owners and operators, the CSSP has prepared a Recommended Practice: Developing an Industrial Control Systems Cybersecurity Incident Response Capability...

Comments  (0)


Security: Is it Who or What That is Important?

May 04, 2012 Added by:PCI Guru

There is a very active discussion going on in security circles about understanding adversaries and how that impacts security strategy. I have taken a contrarian position in this argument and have stated that, in the scheme of things, I do not believe that you need to waste time understanding your enemy...

Comments  (6)


Air Force Commander Discusses Cyber Operations

April 19, 2012 Added by:Headlines

"My mission focus, [is] just like in any other domain - whether it is ground, sea, air or space - the same is true for cyber: we are responding to orders and guidance that support this nation in its responsibilities and national security efforts around the globe..."

Comments  (0)


European Union Set to Establish Cybercrime Center

April 11, 2012 Added by:Headlines

The European center will warn of major cybercrime threats and weaknesses in online defenses. It will identify organized cyber-criminal networks and will provide operational support in concrete investigations and provide forensic assistance...

Comments  (0)


Seven Problems with Cell Phone Forensics

March 26, 2012 Added by:Bozidar Spirovski

Manufactures don’t always know how to retrieve data stored in new phones, so how do investigators do it? Staying up-to-date is challenging but not impossible. As criminals come up with new ways to abuse them, strangely enough, this can be beneficial for forensics...

Comments  (5)


PCI: When a Breach is Not a Breach

March 08, 2012 Added by:PCI Guru

The lawsuit points out a disconcerting issue with a cardholder data breach: Any incident investigation initiated by the card brands under the PCI standards is going to focus on PCI compliance and not on whether or not the breach actually occurred...

Comments  (0)


Advanced Persistent Threats: The Butler in China Did It

March 05, 2012 Added by:J. Oquendo

Aside from the attack coming from a Philips Electronics' Chinese-based IP block, I am positive that whoever was behind the attack was not an employee. Someone probably compromised a machine at Philips and was using it to attack the PBX I managed. Nothing more, and nothing less...

Comments  (0)


Digital Forensics for Legal Professionals

November 30, 2011 Added by:Ben Rothke

The book provides the reader with a high-level overview of all of the fundamental areas around digital forensics, from how the legal system works, selecting an expert witness, evidence, to storage media, records/logging, call records and more...

Comments  (0)


Memory Forensics: Analyzing a Stuxnet Memory Dump

November 29, 2011 Added by:Dan Dieterle

Take a look at a memory dump from a system with Stuxnet - this code has execute and read write permissions. We could go on and find Stuxnet registry key settings, hidden Dll’s, file objects and numerous other artifacts in this memory sample all with using Volatility...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »