July 22nd, 2014, Episode 344, Show Notes

Posted in Breach, Conference Coverage, criminal forensics, darkweb, ediscovery, Exclusive, Podcast, Show Notes, The CyberJungle with tags , , , on July 21, 2014 by datasecurityblog

Episode 344 of The CyberJungle is about 30 minutes long. Vere Software CEO Todd Shipley on TOR, starts at about 12min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 344 via the flash player:

Interview

Vere Software CEO Todd Shipley

Our Take on This Week’s News

CryptoLocker+TOR = More attacks

Researchers breach TeslaModelS

Tales from The Dark Web

Wall Street Journal’s Facebook account breached, results not pretty

Wrap

RIP James Garner. See him as Jim Rockford, master social engineer.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

July 11th, 2014, Episode 343, Show Notes

Posted in Breach, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , on July 10, 2014 by datasecurityblog

Episode 343 of The CyberJungle is about 34 minutes long. Carl Wright, of TrapX starts at about 6:50min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 343 via the flash player:

Interview

Carl Wright, of TrapX . Here is a link to the report.

Our Take on This Week’s News

Android re-sets do not wipe data properly.

Tales from The Dark Web

Microsoft Macro attacks are back.

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

July 2, 2014, Episode 342, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on July 1, 2014 by datasecurityblog

Episode 342 of The CyberJungle is about 35 minutes long. Dr. Jason Nieh of Columbia University on Android Security, starts at about 18min;  InfoSec expert or cybercriminal for hire; Microsoft’s intentional collateral damage; Corporate boards wake up to infosec; PayPal chokes another legal business. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 342 via the flash player:

Interview

Android keys to the castle, with Dr. Jason Nieh of Columbia University. Link to the tool mentioned in the segment

Our Take on This Week’s News

Microsoft’s intentional collateral damage

Corporate boards wake up to infosec?

PayPal chokes another legal business?

Tales from The Dark Web

InfoSec expert or cybercriminal for hire?  You decide.

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

June 26, 2014, Episode 341, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on June 25, 2014 by datasecurityblog

Episode 341 of The CyberJungle is about 30 minutes long. Dr. Larry Ponemon, of The Ponemon Institute starts at about 16min, a new twist on WiFi attacks in Tales from the Dark Web, Dropbox Bank Trojans, and Miscrosoft’s new threat sharing initiatives, and the IRS email scandal in The News. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 341 via the flash player:

Interview

Threat Sharing; Dr. Ponemon, the Ponemon Institute. Email mentioned in the segment: research@ponemon.org .

Our Take on This Week’s News

Microsoft launches Interflow, a security and threat information exchange platform

Dropbox+Bank Trojan=Perfect Business User Storm?

Tales from The Dark Web

New WiFi attack

App mentioned in the segment: OperaMax

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

June 12, 2014, Episode 340, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Podcast, Show Notes, The CyberJungle with tags , , , , , , on June 12, 2014 by datasecurityblog

Episode 340 of The CyberJungle is about 35 minutes long. Eric Springer, Bitcoin Vigil Founder starts at about 20min, Chinese Industrial Espionage in Tales from the Dark Web, Dropbox Ransomeware, and the 11th Circuit rules 4th Amendment applies to cellphone location data in The News. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 340 via the flash player:

Interview

Eric Springer, Bitcoin Vigil Founder

Our Take on This Week’s News

Dropbox+Ransomeware=Perfect Business User Storm?

11th Circuit rules 4th Amendment applies to cellphone location data

Tales from The Dark Web

Chinese Industrial Espionage,

PUTTER PANDA RELEASE WAS CALCULATED DECISION, see 5th story down on this Politico page

NIST Supply Chain Risk Management

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

June 3 2014, Episode 339, Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on June 3, 2014 by datasecurityblog

Episode 339 of The CyberJungle is about 30 minutes long. Kelly Hazelton on industrial controls security starts at about 24min, attacks on PHI surge in our Tales from The Dark Web segment, and one the scariest cyber attacks we have ever seen in The News. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 339 via the flash player:

Interview

Kelly Hazelton on industrial controls security

Our Take on This Week’s News

Registry hack updates XP

ChildPorn+CryptoLocker=LegalNightmare

Cybercrime laws used to target legit infosec research?

Tales from The Dark Web

Cybercriminals target PHI

Wrap

Snowden on metadata

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

Cyberattack Puts Child Porn On Your Computer – How Do You Respond?

Posted in criminal forensics, darkweb, Vulnerabilities with tags , , , , , on May 25, 2014 by datasecurityblog

We’re seeing a horrifying variants of the Cryptolocker attack. Recall the “ransomware” that generated big cybercrime profit last year by holding data hostage and demanding money from the rightful owners after locking them out of their own files.

The new attack may target hiring managers who post online job openings. A resume comes in with a malware payload. Managers circulate the news about a promising candidate. The resume gets forwarded among the bosses, and the attack spreads.

The most frightening variant of this family of malware, called Kovter has been seen by adding child porn to the mix. Malware detection company Damballa reports that once this variant attacks a computer system, the sets out to find adult websites that may be sitting in the browser history. If there are none, it implants child porn into the computer, and then freezes a screenshot on the browser as an extortion tool.

While relatively few people have been affected so far, the number of systems impacted by this family of malware has more than doubled over the last month from 7,000 to 15,000, the impact of this attack could be devastating. It’s critical to understand that anyone accused of “storing” child pornography will be faced with a crushing round of legal problems.

Child porn is radioactive, and the law surrounding it is so unforgiving, that no matter what you do, you’re probably in trouble. We are even aware of a forensic expert who was prosecuted because he had images on his computer that were related to a case he was working on.

If child pornography were to suddenly appear on your screen (assuming you didn’t put it there), do not try to delete the files, do not forward them, and do not look to see what else is going on in the computer.

The best course of action is to immediately shut down the computer and take it to your attorney’s office, explain what happened, and request that he or she lock it up. If you’re at work, shut down your computer and go immediately to the HR manager or to your boss, and report the occurrence. Explain that the attack has the potential to spread throughout the organization unless it’s immediately isolated.

The next step will be locating people who understand the both the law, and the range of cyberattacks that may have taken place, then deciding how to approach law enforcement. Assuming you didn’t alter any data on your hard drive, a proper forensic examination of the machine should confirm when the files appeared, and that you do not have a history of browsing for child pornography.

In the workplace scenario, be very alarmed if your employer seems unconcerned, or directs you to turn on your computer and get back to work. If the company has in-house legal counsel, ask to speak with one of the attorneys.

If there’s no in-house lawyer, or if you have a contentious relationship with your employer, you may want to ask your own attorney to contact your employer and request the computer be put in quarantine pending further investigation.

In the worst possible case, a court order might be necessary. The employer might misunderstand the event, or use it as a reason to fire you.

One more problem – your attorney may not have encountered child porn, or may have limited knowledge about how to examine the evidence without getting you into trouble. He or she may need to research the subject first, and that could mean an uncomfortable couple of days for you at work.

Please take this seriously. Cryptolocker also started small, and became a significant danger in a short time. We hope the Kovter attack doesn’t achieve similar reach, but we also hope those who get hit will respond in a way that doesn’t compound their troubles.

By: Ira Victor, GIAC G17799 GCFA GPCI GSEC ISACA CGEIT CRISC

Digital Forensic Analyst, and Host, CyberJungle Radio

———————————————————————————-

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

 

 

 

 

Follow

Get every new post delivered to your Inbox.

Join 1,100 other followers