Feed on
Posts
Comments

Category Archive for 'Computer Forensics'

Happy new year

It is somewhere between late night and early morning. Family has stopped celebrating, the bottles of champagne are empty and everyone is sleeping. Only the security architect is awake. During the festivities I had a long discussion with a friend of mine of the futility of cybersecurity. How hopeless it is to try to stay […]

Read Full Post »

Last months I encountered a strange situation at a customer. I did a security review and deployed some simple log analytics tool to identify where Domain Admins logged on as we suspected that an intruder was roaming around in the environment. To my customer´s fear we more or less instantly saw that the Administrator account […]

Read Full Post »

Equation group is NSA

One of my most interesting pass times is reading about hacks, especially deep analysis of them. Kaspersky Labs found Equation Group a year back and since then I have followed everything what they have written about this highly skilled group. I have to say that it is with a tiny bit of awe that I […]

Read Full Post »

It´s not often that I conduct computer forensics anymore. There are others that do it a lot better than I do but sometimes my clients want me to have a look at something suspicious when they can´t make head or tail of it. Yesterday was such a day. When driving home a got a call […]

Read Full Post »

Now and then I´m engaged to conduct computer forensics as part of a sensitive and rough investigation. Even if the primary purpose is to find evidence (or prove innocence) you will inevitable get to know the owner of the computer. I sometimes get involved in fraud investigations, CSA (child sex abuse) or intellectual property theft […]

Read Full Post »

Not taking the blame has always been a bit of a sport in some organisations. Some of you may have heard of RACI. In some assignments I have used an alternative named RACI-B where I added a column for Blamed. A perfect tool to use to handle the blame game that always follow a breach. […]

Read Full Post »

Computer forensics is quite fun sometimes and unbelievable boring most of the time. Facing a new problem is of course always interesting and I got the possibility to conduct an investigation on some cloud resources. If it would have been a cloud located in Sweden it would have been a simple matter of travelling to […]

Read Full Post »

I suppose everyone have heard about Echelon, the big information collecting system that is supposed to monitor all communications to and from US (and possible everywhere else). The information mass must be gigantic to handle. But looking at it from a bit smaller perspective Corporate Echelon is starting to happen. Looking at the trends in […]

Read Full Post »

Encrypting the hard drive on a computer has for long been a way to secure the contents of a laptop. Today I saw an video and read a rather disturbing whitepaper here on how to break different encryption schemes like Microsoft Bitlocker, Truecrypt and Applecrypt by simply rebooting the computer with an attached USB drive […]

Read Full Post »

Now and then I am asked to do high profile forensics for customer, institutions or other organisations. One big problem is the internal politics that often moves around the edges of the investigation. It is sometimes in someones interest that an investigation is announced to media making it a lot harder for me to do […]

Read Full Post »

Next »