Archive for ediscovery

July 9 2018, Episode 402, Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Exclusive News, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , , on July 8, 2018 by Habeas Hard Drive

Episode 402 of The CyberJungle is about 23 minutes long.  The interview with Aaron Riley on the latest wave of phishing attacks starts at 14:30. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 402 via the flash player:

Newsmaker Interviews

Aaron Riley on the latest wave of phishing attacks

Our Take on This Week’s News

There’s Even More Bad News About IRS Information Security

Insurance companies sue security firm over Heartland data breach
Will NanoVMs help secure business application data?

Tales from The Dark Web

A massive cache of law enforcement personnel data has leaked

Wrap

Thunderbird gets its EFAIL patch

PLEASE SUPPORT OUR SPONSOR – PFIC: Paraben Forensic Innovations 2018

This 2-day event brings together industry experts on a variety of topics in both lectures and labs. The best part of PFIC is as an attendee you get to attend 100% of the content with the unique rotating format of A and B days. One day you attend all the lectures the next you attend all the labs. Plus see Ira Victor, of the CyberJungle, speak. Register early seats are limited.

 

PFIC 2017,

 

May 29 2018, Episode 401, Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on May 29, 2018 by Habeas Hard Drive

Episode 401 of The CyberJungle is about 32 minutes long.  The interview with Steve Whalen of Sumuri starts at 12:45, and the twin interviews with Jerry Kaner of Ciphertex and Jeff Hedlesky of OpenText, starts at 19:27. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 401 via the flash player:

Newsmaker Interviews

Sumuri CEO Steve Whalen on new MAC forensic tools

High speed forensic imaging and encryption with Jerry Kaner, CEO of Ciphertex and Jeff Hedlesky, Evangelist with OpenText . The link for training.

Our Take on This Week’s News

Stealthy, Destructive Malware Infects Half a Million Router

Big bimmer bummer: Bavaria’s BMW buggies battered by bad bugs
How One Recalled SUV Destroyed $45 Million In Cars, Burned A Massive Ship, And Sparked A Legal Battle Between Ford And BMW
How to turn off bold/italics/underline in HTML mail displayed as plaintext?
Efail or OpenPGP is safer than S/MIME

Tales from The Dark Web

On break due to Enfuse 2018 coverage

Wrap

10th Anniversary content coming in a future episode

PLEASE SUPPORT OUR SPONSOR – PFIC: Paraben Forensic Innovations 2018

This 2-day event brings together industry experts on a variety of topics in both lectures and labs. The best part of PFIC is as an attendee you get to attend 100% of the content with the unique rotating format of A and B days. One day you attend all the lectures the next you attend all the labs. Plus see Ira Victor, of the CyberJungle, speak. Register early seats are limited.

 

PFIC 2017,

 

December 19, 2011 – Episode 242

Posted in Annoucements, Court Cases, criminal forensics, darkweb, ediscovery, Exclusive News, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on December 19, 2011 by Habeas Hard Drive

Episode 242 of The CyberJungle is about 25 minutes long.  You can hear it by clicking on the flash player below. The interview with Sean Morrissey of Katana Forensics begins at about 13min.  You may download the file directly – great for listening on many smartphones. Or, you  may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 242 via the flash player:

Interview

Sean Morrissey of Katana Forensics launches LaternLite iOS Forensics tool this week

Our Take On This Week’s News

Forensic innovator Jonathan Grier has developed tools that use statistical analysis of file access data to reconstruct timelines. According to Mr. Gerier, his method can be used to determine what, if data was exfiltrated from the system. Read more in: Detecting data theft using stochastic forensics.

Excellent work by c|net’s Elinor Mills on the software by CarrierIQ that some have labeled as an illegal “root kit.” Read: Sprint disabling Carrier IQ on phones.

Tales From The Dark Web

Passwords hard coded into industrial control systems – What could possibly go wrong?

Wrap

New job opportunity for those with Photoshop forensics skills? US watchdog bans photoshopping in cosmetics ads. Wow, and I thought all those models had perfect faces and perfect bodies all of the time…

November 29, 2011 – Episode 239

Posted in Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on November 29, 2011 by Habeas Hard Drive

Episode 239  of  The CyberJungle is about 30 minutes long.  You can hear it by clicking on the flash player below. The interview with  Dr. Karen Paullet on being a cyber expert witness begins at about 13min. You may download the file directly – great for listening on many smartphones. Or, you  may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 239 via the flash player:

Interview

Dr. Karen Paullet on being a cyber expert witness

Our Take On This Week’s News

He Said She Said: The battle of the SCADA experts in water pump row

A new, low-cost way to find open wifi connections

How to keep your access point slightly more private

Tales From The Dark Web

Social Engineering used to catch a cybercriminal

Wrap

Pirated software hard drive as art?

November 15, 2011 – Episode 238

Posted in Court Cases, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle with tags , , , on November 15, 2011 by Habeas Hard Drive

Episode 238  of  The CyberJungle is about 21 minutes long.  You can hear it by clicking on the flash player below. The first interview (with Sean Morrissey of Katana Forensics) begins at about 03min. The second interview (with Ryan Washington of AR-Forensics) begins at about 10min. You may download the file directly – great for listening on many smartphones. Or, you  may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 238 via the flash player:

We break from our normal programming schedule. The CyberJungle went to the Paraben Forensics Innovator’s Conference last week. We have special extended coverage with Ryan Washington of AR-Forensics, on so-called “anti-forensics” techniques. And, Sean Morrissey, CEO of Katana Forensics gives us his take on Apple’s moves against a well-respected security researcher.

 

October 3, 2011 – Episode 232

Posted in Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Legislation, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , on October 3, 2011 by Habeas Hard Drive

Episode 232  of  The CyberJungle is about 28 minutes long.  You can hear it by clicking on the flash player below. The interview begins at about 14min. You may download the file directly – great for listening on many smartphones. Or, you  may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 232 via the flash player:

Interview

Attorney Aaron Crews: Bring Your Own Device could be a legal land mine for businesses. Aaron D. Crews is a member of Littler Mendelson’s e-Discovery Practice Group

Our Take On This Week’s News

Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, Much More. Read the story at AndroidPolice.com.

Kindle Fire: the tablet that knows your next move. Jeff Bezos’s announcement of Amazon’s assault on the tablet market comes with an added twist. Read The Guardian story.

Tales From The Dark Web

Malicious QR Codes Pushing Android Malware

Wrap

1977 Star Wars Celica: Have You Seen This Car?

October 24, 2010 – Episode 183

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Legislation, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , on October 23, 2010 by Habeas Hard Drive

Episode 183:

This week’s regular episode of  The Cyberjungle  is 1 hour and 18 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 183 via the flash player:

Interview

Joe Levy, Chief Technical Officer with  Solera Networks, stops by to discuss the Zeus Trojan variant that’s making its way around the IRS offices.  Joe’s  interview is 6 minutes long, and it begins about 25 minutes into Episode 183.

Tales from the Dark Web

If cybercrime were a disease, it would be a pandemic and the whole world would be sick. So says a report from Kroll and The Economist Intelligence Unit

Our Take on This Week’s News

School bus surveillance cams – School buses equipped with traffic cams.  It’s an experiment in a Maryland school district, where officials say the little darlings are in more danger as they alight from the bus than any other time, although no child in Maryland has ever been hit while alighting from a school bus.

Insurance companies view social networkers as burglary risks – Duh.  A survey by an insurance trade group indicates a significant number of Facebook and Twitter post their locations, and it’s worth considering whether to reflect this in their insurance rates.

And while we’re ragging on Facebook – Are gay users of Facebook being outed to advertisers for targeted product marketing? Duh again.

Ten oreos, two handfuls of fritos, a pint of Ben and Jerry’s – Are you aware that when you make use of web tools that allow you to keep track your personal behavior, that information could become discoverable in court? (Diet websites come to mind.)

Participants wanted– A new project to monitor BlackBerry traffic as it is sent from various countries. The results will help researchers and users understand what’s happening to the communications as RIM is pressured to cooperate with repressive governments.

More BlackBerry news –  The how and why of BlackBerry eavesdropping, and why it might not be what you think.

A new tool for good guys,- And bad guys, parents, employers, forensic investigators, and everyone who needs to keep tabs on someone.  ElcomSoft tool cracks web browser passwords.

CyberJungle FAQ

Shockwave Zero-day Attack In the Wild

Fake Microsoft Security Essentials Attack

August 8, 2010 – Episode 160 and 161 from DefCon 18

Posted in Conference Coverage, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , , , , , , , on August 7, 2010 by Habeas Hard Drive

Episode 161 is the this week’s full episode of The CyberJungle, posted immediately below.  Episode 160 is the su root edition for advanced listeners – material that’s too technical for the radio.  The advanced material consists of three conversations  from DefCon 18.  Scroll down to the end of this batch of shownotes to find it.

Episode 161:

This week’s regular episode of  The Cyberjungle  is 1 hour and 12 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 161 via the flash player:

Interview:

Security Researcher Craig Hefner offers an alarming discovery about the consumer grade routers you buy at the big box store.  He’s found major flaws in these router/firewalls.  This interview is about 8 minutes long, and it begins at 59 minutes into Episode 161.  Or you can just listen to the interview by going to our conference notes page.  Also, here are some links to more information about Craig’s work:

Craigs Hefner’s White Paper on this attack

Craigs Hefner’s DefCon18 presentation slides

Craigs Hefner’s Proof-of-Concept code

Tales from the Dark Web:

Our dramatic audio taken at a DefCon 18 press conference, in which the host of the press conference begins (quite out of the blue) to describe his personal relationship with Adrian Lamo, one of the central characters in the Wikileaks incident.  We posted this story, and six minutes of audio featuring cybersecurity researcher and self-described white-hat hacker Chet Uber on the last day of DefCon. In it, Uber discusses how he persuaded Lamo to turn in accused leaker Pfc Bradley Manning.  There is a disputed fact in Uber’s account. Uber said he helped Lamo determine that documents in his possession were classified.  Lamo now denies that he ever had possession of top secret documents.  The facts will come out at Bradley Manning’s trial. No matter who is correct, the sound file offers some interesting insight into how a high-level meeting with federal law enforcement is arranged, and what top secret documents look like. The file is at the bottom of this story, if you want to hear it.

Our Take on This Week’s News:

The National Science Foundation has a porn problem according to Senator Chuck Grassley.  Seems the science guys are passing around porn despite technical measures taken by the agency to block it.  Oh, and there’s one guy who reportedly spends 20 percent of his time looking at porn, at an estimated cost to the taxpayer of $58,000.  So do the math.  This guy makes $290k per year???  WTF!!!

BlackBerry Ban – RIM Coming To Agreement With Middle-Eastern and Asian Nations on Eavesdropping. The question that we are still researching: What about a foreigner that uses BES in one of the nations? Is the traffic routed to one of these local RIM servers, or back to Canada?

Apple remote jailbreak flaw. Major Flaw Uncovered in Apple iPhone/iPad/iPod

Salute to the Wall Street Journal for its series this week on web tracking, cell tracking and other privacy issues.

We stumbled over the Social Engineering contest at DefCon18.   A super fun event to watch, as contestants placed phone calls to major U.S. corporations, and charmed employees into revealing a wide range of information about company operations — everything from the name of the dumpster service to the details of the IT architecture. (We posted a story about it here, describing a call to Apple that yielded a whole lotta info.  Boy, Steve’s gonna be mad. There’s also an audio file with a three-minute explanation of the contest by its organizers, an group called Social-Engineer.  The audio file is located about half-way through the story.)  Read about the Social Engineering organization here.

The annual session on physical lock security is always a hit. (This year there was more than one.)  We attended the presentation by Marc Weber Tobias.  His team demonstrated flaws in five different locks, from the plain-vanilla pin tumbler lock on your back door, to the $200  fingerprint biometric, the electronic RFID military lock and even a personal safe.  You can see the videos here, demonstrating how the locks were breached.

Speaking of physical security — a state agency head in California sent an email message to 175 employees announcing that the lock at the south end of their office building was malfunctioning, and there was no budget to fix it. This column in the Sacramento Bee offers an unintentionally comical account of the way this broken lock was broadly communicated to the world when one of the employees faxed a copy of the email to a state worker newsletter. The info apparently ended up — we’re not sure how — on the desk of the SacBee reporter who wrote the column.  The major point of the story is that California has no money, and even getting approval to fix a broken lock on a state building in a bad neighborhood is a tough uphill climb. But the funny part is how nobody ever stopped to consider that inside this building, where unemployment benefit checks are written, there is a whopping amount of personal information about the citizens of the State Formerly Known as Golden.  Wow… If we were bad guys we’d probably keep an eye on this place even after the lock is fixed, because it might be a really easy target.

Adobe plans emergency patch for critical Reader bug

If we don’t laugh, we’ll probably cry.  For laughs – a national association of perverts has offered an endorsement of body scanning machines in airports.  Now read this and weep – The feds love these machines so much that they’ve decided to deploy them at federal courthouses as well as airports. Where next, the public library?  And yes, they do store images, the feds now admit, after repeated denials that the machines had such capabilities.  Duh.  Did we think they would perform a visual inspection for contraband, and then fail to store the image for evidence during prosecution?

Episode 160 – su root edition:

This is our unedited edition, featuring three interviews straight from DefCon 18.  The audio file is 34 minutes long. This is a special DefCon18 edition featuring interviews with David Bryan on building a network to withstand thousands of hackers, and using low-cost equipment and volunteers. He has lessons for anyone building a network today. Then we have an interview with Chris Drake of Firehost web hosting on web application security. Finally the third interview is with Suhil Ahmed of Airwave Security about his discovery of a flaw in the WPA WiFi security protocol that can reveal confidential information, and has no patch. But, there is a workaround.

You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to su root edition (episode 160)  via the flash player:

July 31, 2010 – Episode 159

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle with tags , , , , , , , , on August 2, 2010 by Habeas Hard Drive

You can hear episode 159 by clicking on the Flash player below, or if your device does not support Flash, you can visit our  listening options page for other ways to receive the show. Episode 159 is one hour and 9 minutes long.

Interviews

Interview #1 – Jeremiah Grossman, CEO of White Hat Security,  discovered an odd security flaw in the Apple Safari Browser. Alas, he tried to notify Apple, only to be rebuffed. He posted the story on his blog, and he decided to go public at Black Hat, and just about the time we finished this interview with him, Apple acknowledged the problem.  Fix pending.  Hear an overview of Jeremiah’s presentation in Episode 159. It’s 11 minutes long, starting about 12 minutes into the show.

Interview #2 – Mickey Boodaei, CEO of security firm Trusteer, has been hard at work on the banking trojan problem, and they’ve got a problem that may help. We discuss it with him in Episode 159. It’s 10 minutes long, starting at 55:00.

Tales from the dark web

Mariposa Botnet facilitator arrested. (You may remember that Panda Security was on top of Mariposa months ago, as we reported in this interview from the RSA Security Conference2010.)

Our take on this week’s news:

Virulent Microsoft link attack affects just about everyone. The prediction is that this one will be big. UPDATE: MICROSOFT ISSUES EMERGENCY PATCH

A really insulting  psychological profile of iPad users. The only thing they left out is that iPad users pull the whiskers off kittens.

Krebs on security writes about the victims of scareware – they end up buying the stuff, and then they’re embarrassed to go to the police. Good piece

Banks have long since stopped moving paper checks from one location to another, preferring the economy of scanning. What if someone broke into the digital repository where they store all those pictures of checks?… Someone did.

June 26, 2010 – Episode 149

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Legislation, Report Security Flaws, The CyberJungle, Vulnerabilities, web server security with tags , , , , , , , , on June 26, 2010 by Habeas Hard Drive

You can listen to Episode 149 by clicking on the flash player below, or go to our listening options page for a list of other ways to receive the show.  Episode 149 is one hour and 15 minutes long.

To listen to Episode 149 via the flash player:

Interviews:

Your employees will use social media whether you like it or not… and our expert says fully20 percent of current business communication is done via social media. So why not take control of the situation, and create ground rules and guidelines, so you’re in charge of how it’s used?  Our interview with Gartner Research Director Andrew Walls is 8 minutes long and starts about 24 minutes into the show. This is an excerpt. We also posted the entire 25-minute interview on our conference notes page, if you’d like to hear it.

In our interview with Ed Rowley of M86 Security, we discuss a new iPhone scam……… The interview starts 61 minutes into the show.

Tales from the Dark Web

Polymorphic attacks are making the lastest drive-by infected web sites mostly invisible to signature-based anti-virus.

Our Take on This Week’s News

iPhone 4 and Motorola Droid X released in the same week.  Guess which phone won the hype war?  The press coverage of the iPhone release centered on the ecstatic throngs of Apple heads waiting all night on the sidewalk outside the stores.  The Android roundup consisted of dry product reviews and analysis of the platform’s future prospects.

Meanwhile smart phone security is a hot topic, and Ira just returned from the Gartner Security and Risk Management Summit, where there was a comprehensive session on the subject.

Speaking of phones… congress is holding hearings on cellphone tracking of citizens by government.

Employers are in denial about the sensitive information that lives on the laptops and smart phones of their employees. Listen to our interview with Kevin Beaver of Principle Logic, who found an interesting gap between perception and reality while he was conducting security audits.  The interview is just over 4 minutes long, taped at the Gartner conference. Look for it on our conference notes page.

Scotland Yard cuffs teens alleged to be participants in the largest English-speaking cybercrime forum in the world.

Lawyers breach medical records during discovery. Anthem spokesperson says, not to worry, the data was only accessible for a short period of time.  Thank goodness!

FBI released information about a new approach to banking attacks with a simultaneous denial of service attack on the account holdder’s phone lines.  Very complicated.

Happy Birthday to George Orwell.  His influence cannot be understated.  He would have been 107 years old on June 25, 201o.