Afleveringen
-
HackerNinjaScissors -- With Bret Padres. www.crypsisgroup.com
Today we talk with Lauren Pearce - a member of the IR team and a malware analyst for Los Alamos National Labs. Lauren shares with us her journey to become a malware analyst and talks about the importance of flailing and mentorship.
I have a few free tickets to give out, so let me know if you want free tickets to the 2017 Incident Response Forum on April 4th, 2017, at the Mayflower Hotel in Washington DC.
More info here -> incidentresponseforum.com and use Speak100 for $100 off the ticket price.
Crypsis is hiring talented IR consultants!! Apply on our website: www.crypsisgroup.com
-
New show in the Feed!
HackerNinjaScissors -- With Bret Padres. www.crypsisgroup.com
New CyberSpeak Podcast reboot in the works. In the mean time check out this new show.
In the inaugural show of HackerNinjaScissors, Bret Padres interviews Robert M Lee.
Robert M. Lee is the CEO and Founder of the critical infrastructure cyber security company Dragos where he has a passion for control system traffic analysis, digital forensics, and threat intelligence research. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode’s Influencers, awarded EnergySec’s Cyber Security Professional of the Year (2015), and inducted into Forbes’ 30 under 30 for Enterprise Technology (2016).
Links mentioned in the show:
- dragos.com
- @RobertMLee
- robertmlee.org
- littlebobbycomic.com
- @_LittleBobby
- https://www.amazon.com/Threat-Intelligence-Me-Children-Analysts/dp/1541148819 -
Zijn er afleveringen die ontbreken?
-
CyberSpeak is BACK and we hope to publish a monthly podcast (more if I'm lucky).
This episode on CyberSpeak we briefly discuss possible implications to U.S. forensicators with the release of the Ashley Madison database (hopefully not). We also have a great interview with Yogesh Khatri, an assistant professor at Champlain College and a security researcher about the SRUM or System Resourse Usage Monitor forensic artifact. Website of the week: Has your email been Pwned? Check it out here -> Have I Been Pwned
-
This episode of CyberSpeak we conduct recon on Mark Spencer and his new Windows registry analysis tool Registry Recon. Mark is the President of Arsenal Consulting. This new registry tool could change the way we analyze the Windows registry. No longer will you be satisfied just looking st the current/active registry.
-
Happy 2013! I'm back and going to try to start getting some more shows out for you. This show we talk to James Wiebe, Director of Foensic Business Devleopment at WiebeTech about solid state hard drives, his research and the forensic implications. Email me at cyberspeak at gmail dot com if you have some suggestions for future show topics you want to hear.
-
This episode we discuss running AV and malware detection software on your forensic workstation and have an interview with Corey Harrell and discuss analyzing Volume Shadow Copies.
-
This special episode of CyberSpeak is an interview with Ken Privette with NUIX about their new tool release this morning called Proof Finder. They are releasing 1,000 copies for $100 each of this new tool. Go get a copy before they are all gone at www.prooffinder.com. This special limited edition tool is limited to 10G of data. What does 10G of data look like, Nuix says it is an average of 241,165 Emails or 20333 Documents or 7069 Spreadsheets or 25514 Images. It can ingest all major forensic images (E01, DD, etc)
Listen to the show for more details. 100% of all sales go to charity "Room to Read", an organization that works in collaboration with communities and local governments in developing countries to develop literacy skills and a habit of reading among primary school children, and support girls to complete secondary school with the life skills they’ll need to succeed in school and beyond.
ALERT-Download and install on the computer you want it registered to. Initial installation will lock it to that computer.
-
This week on CyberSpeak I interview Andrew Case, one of the developers of Registry Decoder, a National Institute of Justice sponsored application. Find it at www.registrydecoder.com
-
This week on CyberSpeak, a quick thanks to everyone for pitching in on the ForensicsWiki - I saw over 100 new entries on everything from Sticky notes, mounting images, jump lists to people's BIOS. Jim Emailed asking who the mystery voice was in out CyberSpeak Sweepers - Karl over from CyberCon Security Solutions said wrote in to say he just ran across this site today and thought it might be a great resource for the listeners. It is not focused on Cyber Security but the concepts are the similar to help prepare for trial. LAW 101: LEGAL GUIDE FOR THE FORENSIC EXPERT. Shout out to Charles. Finally, Loren Wrote in and said during the interview, Keith Jones mentioned preparing for court by asking others for their opinions. Are there any ramifications of bringing others into the case like that?
In the News, Google, The Company with the motto - DO NO EVIL - agreed to forfeit $500 million to the U.S. Government for allowing -- and assisting in many case -- online Canadian pharmacies to place AdWords ads targeting customers in the United States resulting in the unlawful importation of controlled and non-controlled prescription drugs into the United States.
This weeks interview is with Chris Pogue, Mr. Sniper Forensics!
Thanks to Dan Website of the week is Workflowy https://workflowy.com/
-
CYBERSPEAK Notes - Aug 21st, 2011
Administrative
I attended a nice Apple Forensic Event this week in Reston VA - Saw a lot of friends and had a good time. Ryan gave a great presentation on Apple forensics. Ryan runs the AppleExaminer.com
Paraben's Forensic Innovation Conference
PFIC is fast approaching and you know, it's becoming one of the the must attend conference each year for digital forensic and eDiscovery professionals. This year, there are seven pre-conference bootcamps that are included in your conference registration fee of $399.00. You can attend any single bootcamp and then the rest of the conference tracks and labs for this rate. This is all being brought to you by our friends over at the Paraben Corporation (Amber Schroader).
You can register by heading over to pfic-conference.com
http://www.forensicswiki.org - We all should go check this site out, sign up for an account and start contributing. This is the way we can all give back to the community. Write a How-To or something to give back to the forensic community.
Listener Email -
Richardo from Navada Concerned about those performing collateral duty of doing digital forensic examinations. Frustrated to read article after article in digital forensic publications that cover the deconstruction of a complicated piece of malware. he would rather have articles that rehashed digital forensic basics and covered free automated/low cost tools that help me do my job efficiently and reliably.
News-
London Police are using Flicker to allow the public to help identify people involved in the looting following riots in London.
http://www.flickr.com/photos/metropolitanpolice/sets/72157627267892973/
http://thenextweb.com/uk/2011/08/09/police-use-flickr-to-identify-london-riot-suspects/
INTERVIEW -
Welcome back to the show Drew Fahey, VP of Products at Blackbag Technologies.
Web Sites of the Week-
http://www.forensicswiki.org
http://t.co/vEmtzCA - A guide to FaceBook Security
KEEP THE EMAILS COMING to [email protected]
-
This week on CyberSpeak, Luby and Jared Save the GMail Planet, Detective Garcia uncovers Fraud on Sesame Street. Congrats to the Secret Service and FBI on a great investigation of a 26 year old Brooklyn man who plead guilty in U.S. District Court in Alexandria, VA for his role in managing a credit card fraud operation that operated throughout the East Coast of the United States. California Prosecutors will not file charges against Gizmodo for its purchase of an iPhone 4 prototype (boo). Interview this week is Keith Jones, Co-Owner and Senior Partner at Jones Dykstra and Associates Inc., about the do's and don'ts of testifying. Tech topic, MoonSol's Dumpit released for FREE. Perfect for imaging RAM on 32 or 64 bit Windows System. It just does not get any easier than this-Check it out. Web pick of the week is http://Infosecupdate.com. KEEP THE EMAILS COMING!
-
Chris Hanesn caught cheating...on his mistress Launch of the CDFS www.cdfs.org, DFirst starts this week and more.
-
A quick show with George Starcher discussing his experience with password cracking using Access Data’s DNA and Amazon’s Elastic Compute Cloud. Check out his video tutorials at https://www.georgestarcher.com/?tag=amazon-ec2. We also discussed his Crowbar tool, https://www.georgestarcher.com/?page_id=256,
Web picks of the weeks are www.threatexpert.com and www.thumbtack.com
-
This week on CyberSpeak, a listener alerted me to my faux pas with the names on the Casey Anthony case, the two that testified about computer forensics were Sandy and Kevin (not Steve) and of all things, I called the Bresident of Access Data Brian Carrier instead of Brian Karney. Sorry guys!
This weeks interview of Josh Goldfoot, an attorney and author of the recent paper titled ”The Physical Computer and the Fourth Amendment” published in the Berkley Journal of Criminal Law. This paper discusses how the forth amendment applies to computer forensics and how we may be hurting ourselves by using certain words and explanations.
Web site of the week is a neat little web browsing and twitter application called A+ that give you your feeds on the left and browser on the right. Click on any twitter message the web page they linked to shoes up in your browser window automatically. Check it out at http://www.aplus-app.com
-
This week (OK, this quarter) on CyberSpeak, FTK 4 coming out using Postgres database rather than Oracle. During listener email we discuss if special language is needed for search warrants when collecting volatile data, imaging RAM or conducting on scene triage. Imaging SSD drives using the WinFE boot disk solution (
http://winfe.wordpress.com) and a shout out to Sandy and Steve for their great testimony in the Casey Anthony trial. Check it out at on Day 24 segment 4-6.
In the news, A computer repairman was arrested for allegedly planting spyware on dozens of computers he fixed and remotely taking hundreds of photos of women in their homes partially clothed or naked. If you see the message "You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor." DONT take your laptop into the shower. Check it out at
http://latimesblogs.latimes.com/lanow/2011/06/computer-repairman-arrested-for-allegedly-taking-hundreds-of-nude-pictures-of-women-remotely.html
I got fooled into readng an article because of a Miss-leading article about Seals using forensic tools on Osama Bin Ladin's compters.
http://www.1105newsletters.com/t.do?id=7979845:3405472
Interview this week is with Mike and Mike about Carbon Black.
An absolutly MUST read article "The Physical Computer and the Fourth Amendment" by Josh Goldfoot. Awesome document that is Brilliantly referenced. It is a long read but a MUST read. We will discuss next week. Read up before next podcast (who thought you would get Home Work from CyberSpeak?).
Website of the week:
Steve Gibson’s password checker – how long would it take to crack your password and the best HTML5 webpage I have seen. Check out this personalized music video staring any address you tell it to. http://TheWildernessDowntown.com
I will be teaching another SANS 408 Forensics-Windows in Depth VLIVE course starting Tuesday August 23rd (Every Tuesday and Thursday Night for 3 hours a night)
DONT FORGET TO USE OUR DISCOUNT CODE OF COINS-OC for 10% off.
But wait, sign up before this week, before June 22, you can get a 16 gig iPad2. The codes are 0526_iPad2BLK (for a black iPad) or 0526_iPad2WHT (for white)
-
Interview with Scott Moulton, leading forensic authority on Solid State Drive Forensics
-
FREE 16Gig IPADs for everyone!!! Have I got a deal for you. Have you experienced a feeling of inadequacy? Feel like you're not in the "In Crowd"? When sitting at a Starbucks, on the metro or just lounging around the house, do you feel like you could be so much more productive but something's missing. Don't despair, SANS is coming to the rescue. That's right, book your SANS 408, 414, 560 Class or ANY 4-5-or 6 Day course offered via ONDEMAND now through February 2, and receive a FREE 16GB WiFi enabled iPad(TM). I am teaching SANS FOR408: Computer Forensic Essentials vLive! course starts March 1 and meets Tue/Thu evenings http://www.sans.org/info/66203.
So what do you call yourself?
A computer/Digital Evidence forensic technician
A computer/Digital Evidence forensic examiner
A computer/Digital Evidence forensic analyst
A computer/Digital Evidence forensic expert
We need to define these terms.
Paraben has released a new version of P2 Commander. Version 1.7 now supports Mac file format as well as vmWare and VirtualPC images. Users will notice an increase in the speed of processing evidence in v1.7. visit www.paraben.com
Mark Wade is a Digital Forensic Analyst with Harris Corporation (Crucial Security Programs), performing digital forensics for a Federal Law Enforcement agency as a government contractor.
permits law enforcement officers, approximately 90 minutes after lawfully arresting a suspect and transporting him to a detention facility, to conduct a warrantless search of the text message folder of a cell phone they take from his person after the arrest. http://www.courtinfo.ca.gov/opinions/documents/S166600.PDF
Web site of the week is www.passpack.com - Free Online password manager for groups
-
Last show for two weeks. I'm traveling to Bangkok and Singapore. See you in 2 weeks. Send me Email.
-
This week we have interview with Kristinn Gudjonsson, developer of Log2TimeLine. Kristinn gives us an update on what is on the road ahead for Log2TimeLine. In Listener Email Joe from Northeast Wisconsin Technical College wrote in to say that blanking the password or even cracking the password is possible without the LiveView LE version. Luby Wrote in to tell how much he enjoyed SANS 508 and learning about SuperTimelines. Luby also explains how open wireless access points can eliminate the threat of Firesheep. We also give Luby a “special ringtone” for his wife’s phone. In News we talk about an iPhone bug and an vulnerability to PayPal’s app that could cost you money. In Legal News, 2 cases send criminals to jail. Tech Topics cover Windows LNK files and the Web Site of the Week is a Qwiki
-
This week on CyberSpeak we have listener email, an interview with Raphael Bousquet, CTO and Co-Founder of ADF Solutions , Web site of the week is a real productivity app called Rescuetime. P.S. Sorry for the slight audio problem, I accidentally turned up my gain knob on my mixer. George did his usual magic to fix it. One, last thing, Rob lee and SANS provided a 50% discount code for LOCAL LAW ENFORCEMENT ONLY, good on any SANS training class. Listen to the show for the code....and no, they do verify so ONLY Local LE can use it.
- Laat meer zien