Tag Archives: forensics

[ISN] Report: Hack of government employee records discovered by product demo

http://arstechnica.com/security/2015/06/report-hack-of-government-employee-records-discovered-by-product-demo/ By Sean Gallagher Ars Technica June 11, 2015 As officials of the Obama administration announced that millions of sensitive records associated with current and past federal employees and contractors had been exposed by a long-running infiltration of the networks and systems of the Office of Personnel Management on June 4, they claimed the breach had been found during a government effort to correct problems with OPM’s security. An OPM statement on the attack said that the agency discovered the breach as it had “undertaken an aggressive effort to update its cybersecurity posture.” And a DHS spokesperson told Ars that “interagency partners” were helping the OPM improve its network monitoring “through which OPM detected new malicious activity affecting its information technology systems and data in April 2015.” Those statements may not be entirely accurate. According to a Wall Street Journal report, the breach was indeed discovered in April. But according to sources who spoke to the WSJ’s Damian Paletta and Siobhan Hughes, it was in fact discovered during a sales demonstration of a network forensics software package called CyFIR by its developer, CyTech Services. “CyTech, trying to show OPM how its cybersecurity product worked, ran a diagnostics study on OPM’s network and discovered malware was embedded on the network,” Paletta and Hughes reported. And, according to federal investigators, that malware may have been in place for over a year. US intelligence agencies have joined the investigation into the breach. But it’s still not even clear what data was accessed by the attackers. Meanwhile, the breach has triggered outrage from unions representing federal employees. In a letter to OPM Director Katherine Archuleta, American Federation of Government Employees president J. David Cox expressed displeasure at the way OPM had handled the breach, calling the 18 months of credit monitoring and $1 million liability insurance OPM is offering federal employees “entirely inadequate, either as compensation or protection from harm.” […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FBI Threat Intelligence Cyber-Analysts Still Marginalized In Agency

http://www.darkreading.com/risk/fbi-threat-intelligence-cyber-analysts-still-marginalized-in-agency/d/d-id/1319618 By Sara Peters Dark Reading 3/25/2015 Despite good progress, 9/11 Review Commission says that analysts could have a greater impact on FBI counter-terrorism activities if they had more domain awareness, forensics capabilities, and were more empowered to question agents. FBI threat intelligence analysts, a position created post-9/11, have proven their worth to counter-terror operations, but their impact has been limited by a lack of domain awareness, insufficient computing technology, and a lack of status within the Bureau, according to a report released today by the FBI 9/11 Review Commission. While the analysts are providing agents with tactical input, they are not yet participating in any strategic way. Part of the intelligence analysts’ job description, as described by FBIAgentEdu.org, is cyber-forensics and cyber-surveillance


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Northrop Grumman Foundation Congratulates Top 28 Teams Advancing to CyberPatriot National Finals Competition

http://www.globenewswire.com/newsarchive/noc/press/pages/news_releases.html?d=10116947 FALLS CHURCH, Va. – Jan. 26, 2015 – The Northrop Grumman Foundation, presenting sponsor for CyberPatriot VII, is proud to congratulate the top 25 high school and three middle school teams advancing to the national finals competition on March 13 in Washington, D.C. CyberPatriot, established by the Air Force Association, is the National Youth Cyber Education Program that’s inspiring students toward careers in cybersecurity and other science, technology, engineering, and mathematics (STEM) disciplines critical to our nation’s future. The program features the National Youth Cyber Defense Competition, cyber camps, and an elementary school education program. This year’s finalists represent schools and other organizations from Alabama, California, Colorado, Florida, Iowa, Louisiana, Massachusetts, Michigan, Missouri, New Jersey, New Mexico, Oklahoma, South Dakota, Texas, Virginia, and Manitoba, Canada. Click here for a complete listing of finalists. “We are so proud of all the students who participated this year and we wish the top 28 finalists all the best as they prepare for the big showdown,” said Sandra Evers-Manly, president of the Northrop Grumman Foundation and vice president of Northrop Grumman Global Corporate Responsibility. “CyberPatriot has proven to be an innovative way to inspire young people to pursue a career in cybersecurity. It is filling the much-needed pipeline of qualified cyber talent and we couldn’t be more pleased with its success. CyberPatriot is a true example of how a hands-on, STEM initiative can make an impact by addressing a national imperative.” A record 2,175 teams, up 40 percent from the previous year, competed this year in a series of online rounds where students were given a set of virtual images that represent operating systems and were tasked with finding vulnerabilities and hardening the system while maintaining critical services. Students competed from across the U.S. and in other parts of the world to be among the top finalists that receive an all-expenses-paid trip to the CyberPatriot National Finals in Washington, D.C. “The need for cyber defenders has never been more relevant, or urgent,” said Diane Miller, director, CyberPatriot Programs, Northrop Grumman. “To address the increasingly complex threat requires diversity of education, experience, and approach to problem solving. CyberPatriot is inspiring our youth at every level and from every pocket of the country to cultivate a cyber workforce with a strong ethical foundation, the requisite technical skills and life skills in communications, leadership and teamwork so important to potential employers. These students are career-ready and poised to take on this national and global challenge.” In its fifth year as presenting sponsor, the Northrop Grumman Foundation and Northrop Grumman Corporation continue to devote time, talent and resources to support CyberPatriot. In addition to the foundation’s financial support, Northrop Grumman awards annual scholarship funds to the top winning teams and contributes employee volunteers and mentors. The company also provides internships to CyberPatriot competitors, as do other industry and government organizations. Northrop Grumman also partnered this year with Cyber Security Challenge UK to bring CyberPatriot to the U.K.. Known as CyberCenturion, this youth cyber defense competition will hold its finals competition on April 17 at Bletchley Park in London. The CyberPatriot VII Teams will compete face-to-face in a one-day event to defend virtual networks and mobile devices from a professional aggressor team. The National Finalists will also face-off in four additional competition components: the Digital Cyber Crime Scene Challenge from the Digital Forensic Consortium, the Cisco Networking Challenge, the Leidos Digital Forensics Challenge, and a Mobile Application Challenge hosted by AT&T. These extra challenges expose teams to new elements and skillsets of the many career opportunities available to them. As a global provider of cybersecurity solutions, Northrop Grumman is committed to grooming tomorrow’s cyber workforce and is engaged in supporting numerous cybersecurity education, training and technology initiatives. For more information on Northrop Grumman in cyber, go to www.northropgrumman.com/cyber. The Northrop Grumman Foundation supports diverse and sustainable programs for students and teachers. These programs create innovative education experiences in science, technology, engineering and mathematics. For more information please visit www.northropgrumman.com/foundation. CONTACT: Marynoele Benson Northrop Grumman Corporation 703-556-1651 marynoele.benson@ngc.com


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Why I Hope Congress Never Watches Blackhat

http://www.wired.com/2015/01/why-i-hope-congress-never-watches-blackhat/ By Kevin Poulsen Threat Level Wired.com 01.16.15 What a strange time. Last week I was literally walking the red carpet at the Hollywood premiere of Michael Mann’s Blackhat, a crime thriller that I had the good fortune to work on as a “hacker adviser” (my actual screen credit). Today, all I’m thinking is, please, God, don’t let anybody in Congress see the film. I’ll explain my anxiety in a minute. First, the movie: Mann, the legendary director of hardboiled crime films like Heat, Collateral, and Miami Vice, always has been a stickler for authenticity, and he brought me into Blackhat as an adviser early on, before it had a title or a lead actor. If you’re wondering how one gets involved in a Michael Mann film, here’s how it works: Mann calls you on the phone. You think, “Why is Michael Mann calling me?” After a phone conversation and an interview in Los Angeles, you’re officially invited on board as a consultant. It turned out Blackhat’s screenwriter had read my cybercrime book Kingpin, and he’d suggested me to Mann. When I showed up for my first consulting meeting, I expected to find a roomful of people crowded around a long conference table. Instead, it was just me and Mann, sitting in his office for five hours at a time. He had questions about malware, hacking, how modern computer intrusions play out. For subsequent meetings, I was given the current iteration of the screenplay (watermarked with my name, lest I leak it to the Pirate Bay), and we went over it line by line, looking at dialogue, discussing tweaks to the hacking and forensics scenes, and working on some of the procedural elements in the plot. Later, Mann brought in a second computer consultant, OkCupid hacker Chris McKinley, to write code for the movie and train leading man Chris Hemsworth in Linux basics, making Hemsworth officially the best-looking human to ever use a command line. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FBI wants you to become a cyber agent

http://www.networkworld.com/article/2863395/security0/fbi-wants-you-to-become-a-cyber-agent.html By Michael Cooney LAYER 8 Network World Jan 5, 2015 With its increased emphasis on Internet crime it might come as small surprise the FBI is now looking to bulk –up its cyber agent workforce. The agency in a job posting that is open until Jan. 20 said it has “many vacancies” for cyber special agents to investigate all manner of cyber crimes from website hacks and data theft to botnets and denial of service attacks. To keep pace with the evolving threat, the Bureau is appealing to experienced and certified cyber experts to consider joining the FBI to apply their well-honed tradecraft as cyber special agents, the agency stated. Key requirements to be a special agent include passing a rigorous background check and fitness test. Agents must be at least 23 and no older than 37. Prospective cyber special agents are expected to meet the same threshold as special agents, but also have a wealth of experience in computers and technology. Preferred backgrounds include computer programming and security, database administration, malware analysis, digital forensics, and even ethical hacking. An extensive list of sought-after backgrounds and certifications can be seen on the job posting, the FBI noted. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Last CFP: ICCICS2014 : Cyber-Crime Investigation and Cyber Security

The International Conference on Cyber-Crime Investigation and Cyber Security (ICCICS2014) November 17-19, 2014 Asia Pacific University of Technology and Innovation (APU), Kuala Lumpur, Malaysia http://sdiwc.net/conferences/2014/iccics2014/ iccics2014@sdiwc.net All registered papers will be included in the publisher’s Digital Library. ============================================================== The conference aims to enable researchers build connections between different digital applications. The event will be held over three days, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures. RESEARCH TOPICS ARE NOT LIMITED TO: – Business Applications of Digital Forensics – Cyber Crime Investigations – Cyber Culture & Cyber Terrorism – Digital Forensic Processes and Workflow Models – Digital Forensics Process & Procedures – Digital Forensics Techniques and Tools – Embedded Device Forensics – Incident Response – Legal, Ethical and Policy Issues Related to Digital Forensics – Mobile / Handheld Device & Multimedia Forensics – Network and Cloud Forensics – Sexual Abuse of Children On Internet – Theoretical Foundations of Digital Forensics – Civil Litigation Support – Cyber Criminal Psychology and Profiling – Digital Forensic Case Studies – Digital Forensics & Law – Digital Forensics Standardization & Accreditation – E-Discovery – Hacking – Information Warfare & Critical Infrastructure Protection – Malware & Botnets – Money Laundering – Online Fraud – Software & Media Piracy – Theories, Techniques and Tools for Extracting, Analyzing and Preserving Digital Evidence Researchers are encouraged to submit their work electronically. All papers will be fully refereed by a minimum of two specialized referees. Before final acceptance, all referees comments must be considered. Best selected papers will be published in one of the following special issues provided that the author do major improvements and extension within the time frame that will be set by the conference and his/her paper is approved by the chief editor: International Journal of New Computer Architectures and their Applications (IJNCAA) International Journal of Digital Information and Wireless Communications (IJDIWC) International Journal of Cyber-Security and Digital Forensics (IJCSDF) International Journal of Digital Crime and Forensics (IJDCF) International Journal of Information and Computer Security (IJICS) PAPER SUBMISSION GUIDELINES: – Researchers are encouraged to submit their work electronically. Full paper must be submitted (Abstracts are not acceptable). – Submitted paper should not exceed 15 pages, including illustrations. All papers must be without page numbers. – Papers should be submitted electronically as pdf format without author(s) name. – Paper submission link: http://sdiwc.net/conferences/2014/iccics2014/openconf/openconf.php IMPORTANT DATES: Submission Deadline: Submission is extended until Oct. 30, 2014 Notification of Acceptance: Nov. 3, 2014 or 4 weeks from the submission date Camera Ready Submission: Nov. 7, 2014 Registration: Nov. 10, 2014 Conference Dates: November 17-19, 2014


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Inside the Homeland Security Investigations Computer Forensics Lab

http://www.nbcphiladelphia.com/news/local/Inside-the-Homeland-Security-Investigations-Computer-Forensics-Lab-278677751.html By Vince Lattanzio nbcphiladelphia.com Oct 9, 2014 Nearly every case Homeland Security Investigations (HSI) opens has some sort of digital evidence to be collected and analyzed. But the work can’t be done by just anyone. The data must be meticulously cared for by agents trained to preserve the integrity of the material, who can also combat suspects’ attempts to erase their digital dealings — even from afar. To address the need locally, HSI built a state-of-the-art computer forensics lab inside its Philadelphia offices to process the growing amount of evidence amassed from computers, smartphones and other mobile devices. “If it involves electronic media and they need to look for evidence of a crime, it comes through us,” said Chris, 44, a Computer Forensic Agent. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Deadline Approaching: InfoSec2014 – Information Security and Cyber Forensics – Malaysia

Forwarded from: jackie (at) sdiwc.info Universiti Sultan Zainal Abidin (UniSZA), Kuala Terengganu, Malaysia October 8-10, 2014 | infosec (at) sdiwc.net http://sdiwc.net/conferences/2014/infosec2014/ All registered papers will be included in the publisher’s Digital Library. ================================================================ The conference aims to enable researchers build connections between different digital applications. The event will be held over three days, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures. TOPICS ARE NOT LIMITED TO: :: Cyber Security :: Distributed and Pervasive Systems Security :: Formal Methods Application in Security :: Incident Handling and Penetration Testing :: Multimedia and Document Security :: Privacy issues :: Secure Software Development, Architecture and Outsourcing :: Security in Cloud Computing :: Security of Web-based Applications and Services :: VOIP, Wireless and Telecommunications Network Security :: Enterprise Systems Security :: Hardware-Based security :: Legal Issues :: Operating Systems and Database Security :: SCADA and Embedded systems security :: Security for Future Networks :: Security in Social Networks :: Security protocols :: Digital Forensic :: Anti-Forensics and Anti-Anti-Forensics Techniques :: Data leakage, Data protection and Database forensics :: Executable Content and Content Filtering :: Forensics of Virtual and Cloud Environments :: Investigation of Insider Attacks :: Malware forensics and Anti-Malware techniques :: New threats and Non-Traditional approaches :: Cyber-Crimes :: Evidentiary Aspects of Digital Forensics :: File System and Memory Analysis Multimedia Forensic :: Information Hiding :: Large-Scale Investigations :: Network Forensics and Traffic Analysis Hardware Vulnerabilities and Device Forensics :: Information Assurance and Security Management :: Business Continuity & Disaster Recovery Planning :: Critical Infrastructure Protection :: Digital Rights Management and Intellectual Property Protection :: Fraud Management :: Laws and Regulations :: Threats, Vulnerabilities, and Risk Management :: Corporate Governance :: Decidability and Complexity :: Economics of Security :: Identity Management :: Security Policies and Trust Management :: Cyber Peacefare and Physical Security :: Authentication and Access Control Systems :: Biometrics standards and standardization :: Electronic Passports, National ID and Smart Card Security :: Social engineering :: Template Protection and Liveliness detection :: Biometrics Applications :: Cyber Peacefare Trends and Approaches :: New theories and algorithms in biometrics :: Surveillance Systems Researchers are encouraged to submit their work electronically. All papers will be fully refereed by a minimum of two specialized referees. Before final acceptance, all referees comments must be considered. PAPER SUBMISSION: http://sdiwc.net/conferences/2014/infosec2014/openconf/openconf.php IMPORTANT DATES: Submission Deadline: September 26, 2014 Notification of Acceptance: 2-4 weeks from the submission date Camera Ready Submission: October 2, 2014 Registration Deadline: October 2, 2014 Conference Dates: October 8-10, 2014 CONTACT: Jackie Blanco | infosec (at) sdiwc.net SDIWC Organization | www.sdiwc.net


Facebooktwittergoogle_plusredditpinterestlinkedinmail