The resource for digital forensic professionals
The Lead
Reporting Examination Results
May 13, 2013 7:10 pm | by John J. Barbara | Articles | Comments
One of the more important facets of digital forensics concerns how to document the findings in a formal report. At first glance, this would seem to be rather straightforward: report what you found. Appearances, however, can be deceiving.
Romanian Hacker Aims to Protect World's ATMs
May 17, 2013 9:40 am | by Radu Marinas | News | Comments
Valentin Boanta, sitting in his jail cell, proudly explains the device he has invented which, he...
Lulzsec Hackers Sentenced
May 16, 2013 4:09 pm | by Peter Bright | News | Comments
The four British Lulzsec hackers — Mustafa "tflow" al-Bassam, Ryan "kayla" Ackroyd, Jake "...
The Trick to Detecting Poison Ivy RAT and Other Stealthy Malware
May 16, 2013 3:04 pm | by William Jackson | News | Comments
Hackers have become adept at modifying malicious code to avoid detection by signature-based...
SUBSCRIBE TO FREE
DFI News EMAIL NEWSLETTER
Lawmakers Introduce Bill Requiring Court Order to Seize Phone Records
May 17, 2013 10:23 am | by Kim Zetter | News | CommentsIn the wake of the AP scandal, in which federal investigators obtained the phone records of journalists using only a subpoena, four lawmakers have introduced legislation in the House that would prevent federal agencies from seizing any phone records without a court order.
The White X
May 16, 2013 2:35 pm | by Editor | Blogs | CommentsA certain engineer retired from his job of 37 years at a very productive factory of a very well-known company. Prior to his departure, he trained three young college graduates with engineering degrees on the ins-and-outs of the factory. Because the retiring engineer did not have a college degree his replacements quickly discounted his admonitions as the ramblings of an "old man."
The Tool Validation 'Myth-odology'
May 16, 2013 2:27 pm | by Editor | Blogs | CommentsWhat we have seen in the community for some time is that a new tool is announced or mentioned, and members of the community begin clamoring for their copy of that tool. Many times, one of the first questions is, "where can I download a copy of the tool?"
Carbon Black Teams with VirusTotal to Improve Malware Detection
May 16, 2013 9:32 am | by Ryan Murphy | News | CommentsCarbon Black and VirusTotal has announced an official partnership to help improve malware detection as part of the Carbon Black Alliance. Well known in the information security world, VirusTotal is a free, online service that analyzes files and URLs, enabling the identification of viruses, worms, trojans and other kinds of malicious content.
Avoid Under-Collection of ESI
May 16, 2013 9:18 am | Articles | CommentsCost concerns often outweigh evidentiary and discovery concerns when it comes to scoping out litigation data collection. Not identifying and producing critical data that may be subject to discovery demands can result in sanctions, including adverse inferences, fines, or even the striking of pleadings.
Saudi Telecom Wants to Listen to Its Customers
May 16, 2013 9:10 am | by Dan Goodin | News | CommentsMobily, a Saudi Arabian telecommunications company with 4.8 million subscribers, is working on a way to intercept encrypted data sent over the Internet by Twitter, Viber and other mobile apps, a security researcher has said. Moxie Marlinspike, the pseudonymous cryptographer, said he learned of the project after receiving an email from company officials.
Responder Pro 2.1
May 16, 2013 8:54 am | Product Releases | CommentsResponder Pro 2.1 detects the latest rootkits, Trojans, zero-days, and malware variants currently undetected by anti-virus, IOCs (indicators of compromise), and other signature-based solutions. Responder 2.1 also provides 64-bit analysis and Unicode support, as well as support for Windows 8 and Windows Server 2012.
Cops Should Get Warrants to Read Your Email, AG Says
May 16, 2013 8:46 am | News | CommentsAttorney General Eric Holder became the White House’s highest ranking official to support sweeping privacy protections requiring the government, for the first time, to get a probable-cause warrant to obtain email and other content stored in the cloud. Holder, who was speaking at a Justice Department oversight hearing, said that warrants are unnecessary for non-criminal investigations.
White House Releases Benghazi Emails
May 16, 2013 8:30 am | by Jeff Mason | News | CommentsThe White House sought to defuse controversy over its handling of last year's killing of four Americans in Benghazi, releasing emails that show how Obama administration officials presented a scrubbed-down version of the attacks to the public.
UserAssist Forensics (Timelines, Interpretation, Testing, & More)
May 15, 2013 3:44 pm | by Editor | Blogs | CommentsBefore I get into the bulk of it all, let me note that UserAssist artifacts are nothing new. I will be covering the practical interpretation of the existence of these artifacts — not their structures. So, as always, I would highly recommend that you take a look at all of the articles referenced at the bottom of this post.
Unbelievable
May 15, 2013 3:30 pm | by Dr. Neal Krawetz | Blogs | CommentsI'm going to have to do some tweaking to the trend detector at FotoForensics. Right now, too many pictures are being flagged as trends. Basically, the number of uploads has dramatically increased and FotoForensics is being used by many of different forums. As a result, we're getting lots of picture variants from a variety of sources.
IC3 2012 Internet Crime Report Released
May 15, 2013 3:24 pm | News | CommentsThe Internet Crime Complaint Center (IC3) has released the 2012 Internet Crime Report — a summary of reported fraudulent activity, including data and statistics. In 2012, the IC3 received and processed 289,874 complaints, averaging more than 24,000 complaints per month. Unverified losses reported to IC3 rose 8.3 percent over the previous year.
LulzSec, Pirates Having Fun
May 15, 2013 11:19 am | by David Wilcock | News | CommentsComputer hackers who considered themselves to be "latter-day pirates" led sophisticated cyber attacks on websites and systems of major institutions including the CIA, Sony, the FBI and Nintendo, a court has heard. Britons Ryan Ackroyd, Jake Davis, Mustafa Al-Bassam and Ryan Cleary were "hactivists" with the LulzSec collective.
US Cyber Command Head General Alexander to Keynote Black Hat USA 2013
May 15, 2013 11:02 am | News | CommentsMajor information security event Black Hat has announced that General Keith Alexander — Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) — will present the Day One keynote address at Black Hat USA 2013 in Las Vegas this July.
Software Spots, Isolates Cyber Attacks
May 15, 2013 10:49 am | by Matt Shipman | News | CommentsResearchers from North Carolina State University have developed a software algorithm that detects and isolates cyber attacks on networked control systems – which are used to coordinate transportation, power and other infrastructure across the United States.
