This news feed is supplied with permission from the Forensic Focus website.To read more on any news snippet click on its headline.
Thousands of the world’s security professionals, mostly of them middle-aged white males, gathered in San Francisco last week for the annual RSA Conference.
Traditionally, it’s the time of year vendors hawk their gear in halls containing a perturbing whiff of ammonia, research announcements provide relief from the festival of commerce, and government mandarins hobnob with corporate types – all with the implied intent to work together to protect people’s data.
Yet 2014’s event was always going to be a bit different. RSA, the security company hosting the event, had to defend itself against criticism over an alleged $10m deal with the National Security Agency (NSA) to include flawed encryption in its products…There was one criticism, amid the understandable ire around the damage done to global privacy, which stood out: that the NSA’s mass spying had perversely made life easier for digital criminals…
Read (The Guardian)Posted: 07 March 2014
What if you were a law enforcement officer with a suspected criminal’s cell phone or laptop, and believed the electronic devices held evidence critical to your case? Or what if, as a parent, you fear your child has been texting the wrong people or visiting websites they shouldn’t?
In the Kerrville area, a possible solution is Bill Aycock’s new business, “VeriFi Laboratories, Inc.,” a digital forensic lab.
It’s related to all the “CSI” television shows that depict law enforcement labs full of computerized equipment that “dumps” cell phone and other information for officers to use to solve cases. Aycock said all that can be done with today’s technology (though not as fast as it seems on the TV shows)…
Read (Hill Country Community Journal)Posted: 07 March 2014
Join this free webinar from Nuix to find out how to deal with large volumes of electronic evidence while balancing business demands including reduced budgets and resources, spiralling case backlogs and ever decreasing timescales.
Date: Thursday March 6, 2014
Time: 4:00pm-5:00pm GMT/11:00am-12:00pm EST
Duration: 45min + Q&A
Presenters: Paul Slater, Director of Forensic Solutions EMEA and Ady Cassidy, Director of Investigation Solution Consultancy – Global
Today, investigators face a constant battle to find the truth in ever larger, more varied and increasingly complex stores of electronic evidence. As the growing volume of data has stretched traditional forensic tools to capacity, it has become more difficult to examine everything in deep forensic detail. To improve the efficiency of investigations we need to more effectively zoom in on critical data from the outset, and then focus the time-consuming deep forensic analysis on this data only. This webinar will share workflows and techniques from the legal world of electronic discovery (eDiscovery), which typically has even larger volumes of digital evidence than found in forensic investigations.
Register now at http://info.nuix.com/InvestigationsMar62014_Registration.htmlPosted: 05 March 2014
Police may soon have a new way to catch pedophiles who distribute child abuse photos anonymously online. The technology could also help law enforcement agencies in other ways, such as identifying smartphone thieves who take pictures with the stolen gadgets and then post their snapshots on the Internet.
Riccardo Satta, scientific project officer of the European Commission Joint Research Centre’s Institute for the Protection and Security of the Citizen, described the work at the Computers, Privacy and Data Protection Conference in Brussels held in January. The key is the ability to spot a unique, unremovable pattern—or signature—that each digital camera imprints on photographs. By comparing the signature from a specific camera with those found in images posted to social media, a forensic investigator would be able to establish that all the images had been taken by the same camera. Additional contextual information pointing to the photographer can help investigators narrow in on the culprit…
Read (Scientific American)Posted: 05 March 2014
Recent breaches tell the story: Organizations are not entirely prepared to respond to such incidents. In this video interview recorded on the expo floor of RSA 2014, Craig Carpenter of AccessData discusses the next generation of incident response, specifically:
• The flaws in today’s incident response strategies;
• How to define next-generation incident response;
• How to assess and improve current incident response capabilities.
In addition to what he’s learned from AccessData’s own customer experiences, Carpenter is armed with new insights from a Ponemon survey.
Carpenter is the Chief Marketing Officer of AccessData, overseeing global marketing strategy and demand generation programs. Prior to joining AccessData, he was VP of Marketing and Business Development at Recommind where he pioneered and popularized predictive coding and predictive information governance into the hottest trends in the e-discovery and GRC markets, respectively. Before joining Recommind, he led the global field and channel marketing at network leaders, Mirapoint and Fortinet…
Read (infoRisk Today)Posted: 04 March 2014
Most investigators are familiar with the capabilities of EnCase® Forensic as a tool for investigation of desktops, servers, and hard drives, but did you know that ever since EnCase Forensic v7 was introduced, it has provided support for smartphone operating systems out-of-the-box? In Version 7.09, the latest release, EnCase improves smartphone acquisition, analysis and reporting capabilities by adding support for iOS 7 devices.
As you likely know, the mobile device market is dominated by iOS and Android devices. Over 90 percent of the world’s smartphone users have an Apple- or Google-powered device. However, even within the majority, there are multiple factors that investigators like you must consider and ultimately deal with, including…Posted: 04 March 2014
Magnet Forensics is pleased to announce that Internet Evidence Finder (IEF) v6.2 has been validated by the United States Defense Cyber Crime Institute (DCCI). DCCI is the research, development and evaluation arm that tests tools tailored to the specific requirements of digital forensic examiners and incident responders. DCCI is a part of the Department of Defense Cyber Crime Center (DC3).
The DCCI report evaluated IEF on 42 different criteria to determine the circumstances under which computer crime investigating agents assigned to Defense Criminal Investigative Organizations (DCIOs) may employ IEF for digital forensic investigation and analysis.Posted: 03 March 2014
AccessData, the leader in incident resolution solutions, today announced the InSight™ Platform, a revolutionary cybersecurity system enabling enterprises to adeptly manage the rapidly accelerating volume of data incidents caused by cyber-attacks, mobile risk, GRC (Governance Risk & Compliance) and eDiscovery requests.
In today’s sophisticated threat landscape, CISOs and IT departments face daunting information security challenges. The detection of critical cyber-attacks takes too long. The overwhelming volume of data and alerts from existing security investments do not provide the context needed for analysts to prioritize incidents. And legacy tools, used to investigate and resolve incidents, are comprised of multiple point products, requiring manual processes and scarce expert talent. As a result, it has become painstakingly difficult and cost prohibitive to detect, respond and mitigate threats quickly and intelligently, with CISOs and IT departments often simply working to get compromised systems back online, without investigating or resolving events so they can be prevented in the future…
Read (Business Wire)Posted: 28 February 2014