Skip to main content

Posts

Computer Forensics Resources

  Computer Forensics Resources The 4 Most Important Steps of Computer Forensics Investigation http://www.netconclave.com/blog/the-4-most-important-steps-of-computer-forensics-investigation/ What to Bring on a Computer Forensics Investigation https://www.csoonline.com/article/2120792/investigations-forensics/what-to-bring-on-a-computer-forensics-investigation.html   https://toolcatalog.nist.gov/populated_taxonomy/index.php Forensic Readiness Planning https://www.ncsc.gov.uk/content/files/guidance_files/IG%2018%20-%20Forensic%20Readiness%20Planning%20-%20Issue%201.1%20Oct%202015%20-%20NCSC%20Web.pdf FORENSICS CHECKLIST http://webarchive.nationalarchives.gov.uk/20050302073058/http://www.dti.gov.uk/bestpractice/assets/security/forensics_and_the_law.pdf GOV.UK https://www.gov.uk/government/organisations/department-for-business-energy-and-industrial-strategy Digital Forensics / Incident Response Forms, Policies, and
Read more
Recent posts

Biometrics authentication

https://www3.nhk.or.jp/nhkworld/en/news/20181004_41/ Fujitsu says the new technology identifies people by their unique biological information such as veins in their palms and facial data. Palm authentication technology is already used in automatic teller machines at banks but needs to be supplemented by data provided by a cash card and a pin number. An enormous amount of data is needed to identify people accurately with only the information on the veins in their palms. Therefore, the technology is a limited now. Fujitsu says it has developed a system to boost data processing capability. By combining information on the veins in palms and facial recognition, it will take only a second to identify a million people without using pin numbers. The company says it plans to make it practical within fiscal 2020. An engineer at the Fujitsu Laboratories, Hiroshi Tsuda, says that the technology will be especially helpful in case of a disaster as people can make paymen
Read more

All things Internet - a List of References

Published guidance NCSC’s guidance is aimed at helping UK government departments, agencies, the critical national infrastructure and its supply chains protect their information and systems. It also has relevance for local government and the wider public sector. https://www.ncsc.gov.uk/index/guidance?page=1 ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of expertise for cyber security in Europe. https://www.enisa.europa.eu/topics Expectations for Computer Security Incident Response https://tools.ietf.org/rfc/rfc2350 Internet Security Glossary https://www.ietf.org/rfc/rfc2828.txt   PKCS #10: Certification Request Syntax Specification Version 1.7 https://tools.ietf.org/rfc/rfc2986.txt   Guidelines for Evidence Collection and Archiving https://www.ietf.org/rfc/rfc3227.txt
Read more

Amazon must be missing me - really!

Christmas goods are appearing on shop shelves now and email offers are filling the inbox -but that's not really news. What's news to me is Amazon.com must be missing me as they have sent me email telling me they have products that would interest me - really! You see, being such a big spender (a whopping £90 in just 12 months) on Amazon.co.uk they (Amazon.com) have got this jealousy hang up right before Christmas and sent me SPAM - really! On the otherhand it may be a test - they've been looking at my LinkedIn profile recently and perhaps want to test my information assurance knowledge. So, if you're reading, the email had no obligatory unsubscribe or update preference option and I didn't give Amazon UK permission to share my details. By the way, since I use DuckDuckGo most ads are irrelevant and would I want to import Bluetooth earphones and pay all that shipping - really!
Read more

How To Evade Job-Scam Victimization

A Job seekers Guide to Basic Digital Forensic Investigation using actual Email Phoney Job Invitation Dear Terry, We decided to include you in the list of potential candidates after we reviewed your resume on Jobsite. We decided to offer you the position of TS Associate in our company. This is Part-time home based role and most of the work can be done in a comfort of your own home. We invite you to apply online on our website: http://marfigroup.com/careers/tsa/ Please include your telephone numbers along with your application and our HR staff will be back with you for telephone interview. We hope that our offer will make a positive influence on your potential career change and you will become one of our valued employees. Thank you, Charles Panter HR Department First Glance At first glance nothing alarming stands out and 'Jobsite' does have a copy of my CV.   The mandatory unsubscribe link is there and is managed by 'Constant Contact' which, so far, all seems
Read more

Infosec Blunder by Infosec Specialist (supposedly)

Seven days ago I received 'Infosec Consultant'  job prospect news from **** Recruitment by email, but did not reply;  an Infosec Consultancy wants to contract security consultants. Today I received unsolicited news update direct from ****'s client , which included the email contact details of hundreds of job seekers listed in ****'s data base including the name of ****' staff... oops!  Update: One week on, the same from a Financial Services firm!  Now the question is - who is the more stupid? 1)   Dear Terry, Please accept my apologies on behalf of **** Recruitment for this unfortunate incident. ****  has strict procedures and controls in place for sending out e-shots and electronic mailers to candidates to ensure that incidents of this nature do not occur. The recruitment consultants all receive training on their obligations under the Data Protection Act and are required to use an email maker system that ensures all recipient email addresses are blind
Read more

SOCIAL MEDIA IN RURAL AREA: A COMMUNITY POLICE CASE STUDY

"MyPolice" proprietary social media software product, which was studied in this investigation, has not yet been deployed commercially and appears to be dormant. My conclusion that community-run rather than enterprise-run is the better method to manage this sort of social media tool might be correct, given than MyPolice seems to be dormant. Social_Media_in_Rural_Area.pdf   Abstract: Computer-Mediated Communication (CMC) has evolved from email and simple bulletin boards to live text feeds and elaborate Social Networking Sites (SNS) some of which have gained cult-like status. The pervasiveness of Social Media (SM) within the CMC landscape has inspired social-entrepreneurs and software developers to create civic-centric communication platforms for civic engagement rather than vanity-centric for personal satisfaction.  As the Internet becomes the default communication method by the will of Government the need to be connected to the world by the Ethernet increases. Bu
Read more