Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

OSINT, 3D Modeling, Geolocation & Forensic Architecture: Analysis Of The Beirut Port Explosion →

November 19, 2020 by Marc Handelman in OSINT, 3D Modeling, Negligence, Disaster, Forensic Architecture, Geolocation, Forensication

A well-crafted OSINT, 3D Modeling, Geolocation and Forensic Architecture driven analysis of the August 4th, 2020 Explosion at the Port of Beirut, Lebanon. The investigation, and subsequent analysis, film, models and other materials are via Forensic-Architecture and are available on GitHub here. Additionally, examine the organizations' YouTube channel here. h/t

November 19, 2020 /Marc Handelman
OSINT, 3D Modeling, Negligence, Disaster, Forensic Architecture, Geolocation, Forensication

DEF CON 27, Bio Hacking Village, Najla Lindsay's 'Forensic Science And Information Security Lifetime' →

January 09, 2020 by Marc Handelman in Conferences, DEF CON 27, Education, Information Security, Forensication

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn.

January 09, 2020 /Marc Handelman
Conferences, DEF CON 27, Education, Information Security, Forensication

SANS DFIR, Jason Jordaan's 'Understanding The Forensic Science In Digital Forensics' →

October 06, 2019 by Marc Handelman in SANS, SANS DFIR, Forensication, Forensics, Digital Forensics, Forensics Education, Information Security

Thanks to SANS for publishing the SANS DFIR

superlative DFIR videos on their SANS DFIR YouTube Channel

October 06, 2019 /Marc Handelman
SANS, SANS DFIR, Forensication, Forensics, Digital Forensics, Forensics Education, Information Security

Security BSides London 2019, Renzon Cruz' 'Forensicating Windows Artifacts: Investigation Without Event Logs!' →

August 27, 2019 by Marc Handelman in BSides London 2019, Conferences, Information Security, Forensication, Forensics Education

Many thanks to Security BSides London for publishing their outstanding conference videos on YouTube.

August 27, 2019 /Marc Handelman
BSides London 2019, Conferences, Information Security, Forensication, Forensics Education

BSidesNOVA 2019, Track 2, Beth Lancaster's 'Multitasking Host Forensics' →

May 06, 2019 by Marc Handelman in BSides NoVA, Conferences, Education, Information Security, Forensication, Forensics Education

Originally Streamed Live via Alexander Romero

May 06, 2019 /Marc Handelman
BSides NoVA, Conferences, Education, Information Security, Forensication, Forensics Education

BSides Tampa 2019, Joe Gray's 'Social Forensication: A Multidisciplinary Approach To Successful Social Engineering' →

February 13, 2019 by Marc Handelman in BSides Tampa, Conferences, Education, Forensication, Information Security, Irongeek

Videography Credit: Irongeek (Adrian Crenshaw).

February 13, 2019 /Marc Handelman
BSides Tampa, Conferences, Education, Forensication, Information Security, Irongeek

Wanna Dance?

Compromised By Errors: The Sorry Tale Of Flawed Forensic Software

February 04, 2019 by Marc Handelman in Forensication

via Robert N. Charette, writing at the IEEE's Spectrum Magazine, comes this outstanding piece on flawed forensic software, and the implications thereto. Enjoy!

"An in-depth look by the National Academy of Sciences into the state of forensic science in the United States in 2009 showed [PDF] that many “accepted” forensic techniques, such as “those used to infer the source of tool marks or bite marks have never been exposed to stringent scientific scrutiny.”" - Robert N. Charette, writing at the IEEE's Spectrum Magazine

February 04, 2019 /Marc Handelman
Forensication

DerbyCon 2018, Brandon Sherman's 'Cloud Forensics: Putting The Bits Back Together' →

December 13, 2018 by Marc Handelman in Irongeek, Information Security, Forensication

Videography Credit: Irongeek (Adrian Crenshaw).

December 13, 2018 /Marc Handelman
Irongeek, Information Security, Forensication

SANS DFIR Summit 2018, Cindy Murphy's 'Digital Forensics Truths That Turn Out To Be Wrong'

November 24, 2018 by Marc Handelman in DFIR, SANS, Device Security, Forensication, Forensics Education
November 24, 2018 /Marc Handelman
DFIR, SANS, Device Security, Forensication, Forensics Education

BSides NolaCon 2018, Imani Palmer 's 'The Future of Digital Forensics' →

June 26, 2018 by Marc Handelman in BSides, BSides NolaCon, Conferences, Education, Forensication, Security Education, Forensics Education
June 26, 2018 /Marc Handelman
BSides, BSides NolaCon, Conferences, Education, Forensication, Security Education, Forensics Education

Drone Forensics, The Path of NIST →

June 08, 2018 by Marc Handelman in Drones, Drone Countermeasures, Drone Forensics, FISSEA, Forensication, Forensics

...meanwhile, in National Institue of Standards and Technology (NIST) newa, comes a terrific piece on the latest efforts to provide assurance by NIST to the Drone Forensics community, with a compendium of tools and data, not the least of which is a grouping of Computer Forensic Reference Datasets, or CFReDS, of which, encompass digital evidence simulations (all available on a no-fee basis).

'A forensic image is a complete data extraction from a digital device, and NIST maintains a repository of images made from personal computers, mobile phones, tablets, hard drives and other storage media. The images in NIST’s Computer Forensic Reference Datasets, or CFReDS, contain simulated digital evidence and are available to download for free. Recently, NIST opened a new section of CFReDS dedicated to drones, where forensic experts can find images of 14 popular makes and models, a number that is expected to grow to 30 by December 2018.' via the National Institue of Standards and Technology

June 08, 2018 /Marc Handelman
Drones, Drone Countermeasures, Drone Forensics, FISSEA, Forensication, Forensics

The Grayshift Predicament →

April 27, 2018 by Marc Handelman in Hardware Secrets, Hardware Flaws, Hardware Security, Information Security, Forensication, Forensics, Law Enforcement, Law

I am sure you have all read the news of Grayshift's issues battling extortionists and their ilk. I have, however, not seen any significant commentary regarding the data theft this SNAFU could facilitate.

Here's the thought problem (looking for culpability, specifically): A Law Enforcement agency has taken custody (adhering to standards of Generally Accepted Chain of Custody guidelines) of a suspect's iPhone. Unbeknownst to the trusted Sworn Officers and Forensicators (often, one in the same) examining the device, the Grayshift appliance undergoes an unfortunate successful attack - mounted by external miscreant(s) unknown, and succumbs to the exfiltration of all data on the applicance AND the slurped data on the iPhone.

Subsequent forensication by the Sworn Officers or Forensicators (again, often one in the same - at least in smaller agencies) entrusted with reasonable and prudent Chain of Custody of the device under scrutiny, discover that the Grayshift appliance and the suspect's iPhone have both undergone the indignity of significant data leakage. How does the Agency proceed in the effort to lay charges - or not - and protect the Agency, as well?

Oh, and while they are at it, perhaps they could explain why the device is attached to a forward facing TCP/UDP connection to our beloved Interweb?

April 27, 2018 /Marc Handelman
Hardware Secrets, Hardware Flaws, Hardware Security, Information Security, Forensication, Forensics, Law Enforcement, Law

SANS CTI 2017, Sergio Caltagirone's 'Threat Intelligence At Microsoft: A Look Inside' →

March 27, 2017 by Marc Handelman in All is Information, Conferences, Education, Forensication, Threat Intelligence
March 27, 2017 /Marc Handelman
All is Information, Conferences, Education, Forensication, Threat Intelligence

SANS DFIR, Ronnie Tokazowski's Reversing Threat Intelligence - Fun with Strings in Malware →

March 15, 2017 by Marc Handelman in All is Information, Conferences, Education, Information Security, Forensics, Forensication
March 15, 2017 /Marc Handelman
All is Information, Conferences, Education, Information Security, Forensics, Forensication

CTI Summit 2017, Cliff Stoll's Keynote Address - (Still) Stalking the Wily Hacker →

March 12, 2017 by Marc Handelman in All is Information, Conferences, DFIR, SANS, Education, Forensics, Forensication
March 12, 2017 /Marc Handelman
All is Information, Conferences, DFIR, SANS, Education, Forensics, Forensication

Fingered →

January 16, 2017 by Marc Handelman in Accountability, All is Information, Analytics, Application Security, Attribution, Cybersecurity, Fingerprinting, Forensication, Information Security, Web Security

Relatively new fingerprinting techniques were brought to my attention last week (H/T), that (reportedly) focus on the identification of browser users and utilization across multiple application deployments. Enjoy.

January 16, 2017 /Marc Handelman
Accountability, All is Information, Analytics, Application Security, Attribution, Cybersecurity, Fingerprinting, Forensication, Information Security, Web Security

The Rescue

September 07, 2016 by Marc Handelman in All is Information, Computer Science, Forensication

Or, how a South African hardware engineer, Francois Rautenbach, rescued NASA flight computers from the vagaries of the scrap heap, and extracted the bits from ancient hardware. Absolument magnifique!

September 07, 2016 /Marc Handelman
All is Information, Computer Science, Forensication