±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 33155
New Yesterday: 2 Visitors: 197

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Page 282

Search on This Topic: News

[ Go to Home | Select a New Topic ]

UK Police forced to turn away e-crime victims

Thursday, April 14, 2005 (13:33:17)
UK Police are having to turn down requests to investigate computer crime from businesses due to a lack of resources, the National Hi-Tech Crime Unit said last week. Mick Deats, deputy head of the unit, said the complex, time-consuming nature of investigations meant the unit could not investigate every case reported. Deats, responding to demands from business groups for greater funding for high-tech crime, as reported in last week's Computer Weekly, said more resources were needed...

More (Computer Crime Research Center)

Ibas buys computer forensics rival Vogon

Wednesday, April 13, 2005 (10:40:37)
Data recovery and computer forensics firm Ibas announced plans Monday to buy its main European competitor, UK-based Vogon International. The deal is based on an "earn-out" model, which specifies a minimum price of £4m ($7.5m) and a maximum of £9m ($17m). Vogon will continue as a separate firm until the end of the year, with the integration with Norway-based Ibas kicking off on 1 January 2006. Vogon is privately-owned, and all the shareholders in the UK company have accepted the deal. The acquisition is conditional on a financial due diligence report...

More (Register)

The two-edged sword: Legal computer forensics and open source

Tuesday, April 12, 2005 (10:19:27)
Ryan Purita of Totally Connected Security is one of the leading computer forensic experts in private practice in Canada. A GNU/Linux enthusiast, Purita often prefers open source tools. However, he frequently uses proprietary ones as well. The proprietary tools, he explains, are "pretty," with better developed GUIs that are easier for clients to understand. Moreover, the precedence for accepting their evidence in court is well established although, increasingly, their open source equivalents are not far behind...

More (IT Manager's Journal)

New, smarter generation of Internet crooks

Monday, April 11, 2005 (12:04:58)
"I work in the fraud dept. for a well known US company, and have access to hundreds of CCs (credit card numbers) on a daily basis. All I'm looking for is an easy way to make some money and stay anonymous ..." Late last year, someone known as "Elric" posted this message on a Web site for hackers and credit card thieves. Cyber crime investigators say deals like the one proposed in Elric's posting are common on a number of similar underground Web sites...

More (SFGate.com)

Police surf in search of criminals

Monday, April 11, 2005 (02:34:41)
Police and prosecutors are awaiting the results of a forensics shakedown of the computer used at work by Richard Salewicz of Noblesville, who was arrested April 1 for soliciting sex over the Internet from an undercover officer. Noblesville (US) Police Department Detective Mike Widner, who netted Salewicz while posing as a 13-year-old girl during a sting operation, said so far no new charges have been filed against Salewicz...

More (The Noblesville Daily Times)

New versions of TSK and Autopsy now available

Saturday, April 09, 2005 (11:33:18)
New versions of both tools are available. Both have minor bug fixes from the new 2.00 TSK features. There is one bug that impacts split image users, so everyone should upgrade TSK. Autopsy also has a new feature that shows the thumbnail of a picture when it is selected in File Mode (patch by Guy Voncken).

TSK 2.01
MD5: e84ed011e7b999abc08174e239ecb474
http://www.sleuthkit.org/sleuthkit/

Autopsy 2.05
MD5: adfbb31ce665cc8efdbf8711bbd97483
http://www.sleuthkit.org/autopsy/

To catch a (digital) thief?

Friday, April 08, 2005 (13:04:50)
Those investigating crime have long understood the value of evidence. In its most literal sense, evidence is "that which demonstrates that a fact is so". By acquiring evidence we build a picture of what happened, how it came to be and, hopefully, who did it. The digital world is no different to the physical world in that every event leaves a trace. This digital evidence can be gathered and pieced together to help develop our understanding of the what, how and who of an incident. Over time, this process has come to be referred to as Computer Forensics...

More (SC Magazine)

Web Browser Forensics, Part 1

Wednesday, April 06, 2005 (17:12:22)
Electronic evidence has often shaped the outcome of high-profile civil law suits and criminal investigations ranging from theft of intellectual property and insider trading that violates SEC regulations to proving employee misconduct resulting in termination of employment under unfavorable circumstances. Critical electronic evidence is often found in the suspect's web browsing history in the form of received emails, sites visited and attempted Internet searches. This two-part article presents the techniques and tools commonly used by computer forensics experts to uncover such evidence, through a fictitious investigation that closely mimics real-world scenarios...

More (SecurityFocus)

Hi-tech crime costs UK plc £2.4bn

Wednesday, April 06, 2005 (12:14:53)
According to a survey for the National Hi-Tech Crime Unit (NHTCU), almost nine out of 10 firms suffered some kind of IT-based crime last year. A major risk was action taken by disgruntled employees, often working with crooks on the outside. Two-thirds of the firms surveyed said they feared that business would be disrupted, not only by the crime but also by the investigation...

More (BBC)

Step-by-Step Incident Response

Tuesday, April 05, 2005 (16:35:53)
When a critical enterprise server is breached, a well thought-out incident response plan will help you contain damage, speed up service restoration, and collect forensic information. If you have reason to believe that a system has been compromised, either by an Intrusion Detection alert or by suspicious activity, the first thing to do is isolate the system before it can do damage. It is most likely dangerous to log into the system and try to do a normal shutdown—the shutdown procedure could have been booby-trapped to cause the system to self-destruct. Likewise, rebooting the system is risky – again, a booby trap could have been inserted. Even logging into the system is unsafe, as trusted programs could have been replaced with malicious Trojans. In fact, a compromised system is never what it seems—a skilled attacker will hide his malware and create the illusion that all is as it should be, when the reality is that the machine is actually a zombie. A compromised machine cannot be trusted at all...

More (Network Computing)