Monthly Archives: June 2010

HTCIA’s 2010 Report on Cyber Crime Investigation

Posted on 26-Jun-2010 by .

The High Tech Crime Investigation Association (HTCIA) has released their 2010 Report on Cyber Crime Investigation. Nothing earth shattering here. Security professionals report: Increase in criminal use of digital technology Lack of dedicated personnel Need for better training at multiple … Continue reading →

Posted in news, security | Tagged htcia, report | Leave a comment

Firefox: Prevent tabnapping

Posted on 24-Jun-2010 by .

There’s a new anti-tabnapping feature in NoScript, the Firefox browser add-on. It’s not exactly straight forward to enable…(from the Security Now podcast) I learned via Twitter from Alejandro, whose twit handle is @microtwit32, that NoScript, the favorite script blocker for … Continue reading →

Posted in news, security | Leave a comment

System7 WordPress 3.0 upgrade

Posted on 22-Jun-2010 by .

The System7 website has been updated to WP 3.0. The automatic upgrade option worked flawlessly. Now, when will Drupal get their act together and realize they need to improve their upgrade procedure? You can read about some of the more … Continue reading →

Posted in news, system7 | Leave a comment

(tool) HTTPS Everywhere

Posted on 21-Jun-2010 by .

There’s a new Firefox add-on, HTTPS Everywhere, jointly developed by Tor and the EFF. If a website has an SSL certificate, the add-on will automatically redirect the user to the page’s https address. The add-on comes loaded with a default … Continue reading →

Posted in news, privacy, security | Tagged firefox, tools | Leave a comment

Malware Analyzers

Posted on 17-Jun-2010 by .

(This article was originally published on June 9, 2009 — new resources added below) Do you ever receive a suspicious file via email or hesitant to download software from a webpage? You can upload the executable to one of the … Continue reading →

Posted in malware | 1 Comment

“Who is blocking WHOIS?”

Posted on 15-Jun-2010 by .

I just read an interesting article Who is blocking Whois. It turns out that ICANN stipulates all registrars must provide WHOIS database access via port 43. Garth Bruen, knujon.com, did a full analysis of all registrars testing their WHOIS database … Continue reading →

Posted in news | Leave a comment

win32 memory capture & analysis cheat sheet

Posted on 14-Jun-2010 by .

A high level overview to perform live memory captures and analysis: capture memory via moonsol’s win32dd parse memory snapshot with mandiant’s memoryze analyze results via audit viewer or analyze using the volatility framework — neatly packaged in SAN’S Sift Workstation

Posted in forensics, malware, microsoft, pentest, security | Tagged ir, tools | Leave a comment

(Tool) FireShark: Aid for web incident response

Posted on 13-Jun-2010 by .

The tool of the day is FireShark, a free web analysis tool. This is great to have in your toolbox for IR. FireShark will generate a mind map of a given webpage — think of it being a graphical representation … Continue reading →

Posted in forensics, news, security | Tagged ir, tools | Leave a comment

Ubuntu can bypass iPhone pin to read data?

Posted on 12-Jun-2010 by .

According to this zdnet article, when plugging your iPod into an Ubuntu machine the device is mounted without ever being prompted for a PIN code. This is working on non jail broken iPhones. I’m surprised the article only names Ubuntu … Continue reading →

Posted in apple, news, privacy, security | Tagged apple, iphone | 1 Comment

DNS Performance & Security…

Posted on 11-Jun-2010 by .

I’ve gotten tired of Road Runner’s DNS redirection/hijacking service which I opt out of yet it keeps coming back. I decided to do some DNS benchmarking, comparing my assigned ISP name servers against publicly provided DNS such as Google. The … Continue reading →

Posted in google, news, security | Tagged dns, tools | Leave a comment