Password security

One overlooked aspect of our advancing technological lives is the importance of passwords.  All of the websites we frequently use, whether to bank or do some social networking, require a password. The concept of a password is simple: supply two things, a UserID to identify who you are, and a password to authenticate that identity [...]

DEFT Linux – Forensic Live CD

One of my favorite “inventions” of the modern computer age is the ability to boot into just about any operating system you’d like with a CD or USB drive.  While Helix3 is an important tool in computer forensics, many other linux-based CD toolkits have multiple problems.  Either a package wouldn’t be tested on certain hardware [...]

Tax Refund Portal Phishing Scam

There are all kinds of phishing scams out there, designed to part you with your money or personal information.  Here’s one example of a phishing scam that claims you are getting a tax refund and just to click on the name of your bank to have it deposited.  Obviously this is just one type of [...]

Celebrity deaths bring malware installations

I first noticed this trend a few days ago on a SANS blog.  Basically, when a celebrity dies or gets in trouble or makes any kind of news, malware distributors spring into action.  Basically, they create a new webpage with some kind of “breaking news” regarding this celebrity.  They are able to manipulate search engines [...]

Digital Evidence: A Brief Analysis

Here’s an interesting take on evidence located on a suspect’s hard drive.  One important piece to note is that there were artifacts from three separate email accounts, all of them which had a slight alteration on a single password.  The fact that permutations of one password were used could indicate that the email accounts all [...]

Design Flaw in Yahoo! Mail

SANS Application Security Blog has an informative article on the flawed security built-in to one of the most popular webmail clients, Yahoo! Mail.  This flaw takes advantage of one of the larger online security holes that exist in most any site that requires a username and password – the password reset mechanism.  A similar “hack” [...]

Computer Forensics

Computer Forensics is a constantly evolving field.  There are many different techniques and methodologies to creating a forensically sound image, depending on the type of media involved.  From computers to smartphones, to SIM cards and Flash drives, there is always data that needs to be extracted in a manner so that the evidence is not [...]

Recent Posts

• Uses of Computer Forensics
• Cellebrite UFED and Cell Phone Forensics
• Google-Motorola acquisition
• Updated the glossary
• Full-Disk Encryption comes to Android
• Information Security – Protecting your business online
• DEFT Linux 6 coming soon
• Digital Copiers as a Forensic Utility
• Cybersecurity Paper from Harvard National Security Journal
• SANS Blog Survey Results

Tags

Android antivirus attorney client privilege Autopsy celebrity Computer Forensics computer security Cyber Crime data recovery DEFT digital evidence disk image drive-by download encryption expectation of privacy facebook firefox Google Guymager hard drive failure law enforcement lawsuit linux Live CD malware mcafee MFT Nessus noscript online banking Ophcrack Password security phishing SANS scam SIM card Sleuthkit social media social networking svchost.exe tax return twitter Webmail workplace yahoo mail

Categories

• Android
• Cell Phone Forensics
• Computer Forensics
• computer security
• Encryption
• Evidence Analysis
• GPS
• Internet Privacy
• iPhone

Archives

• November 2011
• September 2011
• August 2011
• March 2011
• February 2011
• January 2011
• November 2010
• October 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010

Blogroll

• Ediscovery Trends
• SANS Computer Forensics Blog