DFI News

The resource for digital forensic professionals

Subscribe to DFI News All

The Lead

Reporting Examination Results

May 13, 2013 7:10 pm | by John J. Barbara | Articles | Comments

One of the more important facets of digital forensics concerns how to document the findings in a formal report. At first glance, this would seem to be rather straightforward: report what you found. Appearances, however, can be deceiving.

TOPICS:

Feds Tracked Reporter's Movements, Personal Email

May 21, 2013 10:23 am | by Kim Zetter | News | Comments

In an effort to unmask a leaker who fed a reporter classified information about North Korea, FBI...

Chinese Google Breach Accessed Sensitive Data

May 21, 2013 8:35 am | by Ellen Nakashima | News | Comments

Chinese hackers who breached Google’s servers several years ago gained access to a sensitive...

Targeted Information Stealing Attacks in South Asia Use Email, Signed Binaries

May 21, 2013 8:02 am | by Jean-Ian Boutin | Blogs | Comments

In the past few months, we have analyzed a targeted campaign that tries to steal sensitive...

View Sample

SUBSCRIBE TO FREE
DFI News EMAIL NEWSLETTER

Insider Theft of Intellectual Property

May 21, 2013 11:04 am | News | Comments

This is the sixth entry in the Spotlight On series published by the CERT Insider Threat Center. Each entry focuses on a specific area of threat to organizations from their current or former employees, contractors, or business partners and presents analysis based on hundreds of actual insider threat cases cataloged in the CERT insider threat database.

TOPICS:

Find TrueCrypt and BitLocker Encrypted Containers and Images

May 21, 2013 10:55 am | News | Comments

Passware announced that Passware Kit Forensic 12.5 can now recognize hard disk images and containers, such as TrueCrypt, BitLocker, PGP, during a computer scan. For a computer forensic professional this means that no evidence is hidden inside a volume.

TOPICS:

A New Perspective on Siri Forensics

May 21, 2013 8:52 am | by Julie Desautels | Blogs | Comments

Since its release in 2007, the iPhone has been extremely popular. Sales have especially increased within the past three years. With its growing popularity and larger user population, there is a greater chance of coming across a case which involves forensically examining an iPhone.

TOPICS:
Advertisement

Complaint Filed against Snapchat

May 20, 2013 11:47 am | News | Comments

A privacy watchdog group is going after Snapchat for deceiving users about self-destructing messages that don't actually self-destruct. The smartphone app has become popular with young people for sending messages that a few seconds later disappear. The Electronic Privacy Information Center has filed a complaint with the Federal Trade Commission.

TOPICS:

Chinese Hackers Resume US Attacks

May 20, 2013 11:24 am | News | Comments

Three months after hackers working for a cyberunit of China’s People’s Liberation Army went silent amid evidence that they had stolen data from scores of American companies and government agencies, they appear to have resumed their attacks  using different techniques, according to computer industry security experts and American officials.

TOPICS:

Cyber Teams Need to Look for Trouble

May 20, 2013 11:05 am | by William Jackson | News | Comments

Agency cybersecurity teams have not been accepted by IT shops as full partners in the job of supporting agency missions and as a result are falling farther behind in efforts to detect and block threats. Security needs to adopt a more aggressive posture, seeking out threats rather than just detecting them and working with IT departments to follow through on remediation.

TOPICS:

Uncovering Syrian Hackers

May 20, 2013 8:29 am | by Nicole Perlroth | News | Comments

It’s the question of the moment inside the murky realm of cybersecurity: Just who — or what — is the Syrian Electronic Army? The hacking group that calls itself the S.E.A. struck again, this time breaking into the Twitter accounts and blog headlines of The Financial Times.

TOPICS:

MoVP II - 1.4 - New HPAK Address Space

May 17, 2013 4:24 pm | by Editor | Blogs | Comments

Volatility can analyze memory dumps in the "HPAK" archive format, which is proprietary to the Fast Dump (FDPro.exe) acquisition utility. If you're not the person acquiring memory, there's no telling what tool or format will be used for the acquisition … but you still have to find a way to analyze it.

TOPICS:
Advertisement

Ragebooter: 'Legit' DDoS Service, or Fed Backdoor?

May 17, 2013 3:24 pm | by Editor | Blogs | Comments

Recently, I profiled asylumbooter.com, one of several increasingly public DDoS-for-hire services posing as Web site “stress testing” services. Today, we’ll look at ragebooter.net, yet another attack service except for one secret feature which sets it apart from the competition: According the site’s proprietor, ragebooter.net includes a hidden backdoor that lets the FBI monitor customer activity.

TOPICS:

Lawmakers Introduce Bill Requiring Court Order to Seize Phone Records

May 17, 2013 10:23 am | by Kim Zetter | News | Comments

In the wake of the AP scandal, in which federal investigators obtained the phone records of journalists using only a subpoena, four lawmakers have introduced legislation in the House that would prevent federal agencies from seizing any phone records without a court order.

TOPICS:

Romanian Hacker Aims to Protect World's ATMs

May 17, 2013 9:40 am | by Radu Marinas | News | Comments

Valentin Boanta, sitting in his jail cell, proudly explains the device he has invented which, he says, could make the world's ATMs impregnable even to tech-savvy criminals like himself. Boanta, 33, is six months into a five-year sentence for supplying gadgets an organized crime gang used to conceal ATM skimmers, which can copy data from an unsuspecting ATM user's card so a clone can be created.

TOPICS:

Lulzsec Hackers Sentenced

May 16, 2013 4:09 pm | by Peter Bright | News | Comments

The four British Lulzsec hackers — Mustafa "tflow" al-Bassam, Ryan "kayla" Ackroyd, Jake "topiary" Davis, and Ryan "ViraL" Cleary — were sentenced to between 20 and 32 months in jail for crimes committed during Lulzsec's 50 day hacking spree in 2011. The handling of charges of conspiracy to commit fraud brought against all four was also an important issue.

TOPICS:

The Trick to Detecting Poison Ivy RAT and Other Stealthy Malware

May 16, 2013 3:04 pm | by William Jackson | News | Comments

Hackers have become adept at modifying malicious code to avoid detection by signature-based security tools so that even well-known malware such as the Poison Ivy Remote Access Tool can slip past defenses. But even stealthy, well-disguised threats leave tracks that can be discovered through analysis of network traffic.

TOPICS:

The White X

May 16, 2013 2:35 pm | by Editor | Blogs | Comments

A certain engineer retired from his job of 37 years at a very productive factory of a very well-known company. Prior to his departure, he trained three young college graduates with engineering degrees on the ins-and-outs of the factory. Because the retiring engineer did not have a college degree his replacements quickly discounted his admonitions as the ramblings of an "old man."

The Tool Validation 'Myth-odology'

May 16, 2013 2:27 pm | by Editor | Blogs | Comments

What we have seen in the community for some time is that a new tool is announced or mentioned, and members of the community begin clamoring for their copy of that tool. Many times, one of the first questions is, "where can I download a copy of the tool?"

TOPICS:

Pages

Advertisement

Advertisement

Winter/Spring 2013

February 8, 2013 3:10 pm

Advertisement

Advertisement

Responder Pro 2.1

May 16, 2013 8:54 am

NAS Storage

May 14, 2013 5:32 am

RF Pouch Isolates Wireless Car Keys

May 14, 2013 5:16 am

Imaging System

May 13, 2013 7:10 am
View More Product Releases

Advertisement

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading