On November 2, 2011Vermont Public Television (VPT) aired “Cyber Shadows”, an episode for there Emerging Science series which is focused on highlighting scientific and technology topics. I had the pleasure of being interviewed for this show and wanted to quickly document it here. Here is the blurb from the VPT Emerging Science website As the popularity of social media grows, so does …
Partition Table Parsing – v.winning
I had a few minutes before a dinner event and I did what most geeks would do. I embarked Melissa Augustines Partition Table challenge. As it turnes out, I won 🙂 I strongly recommend that you try to solve the challenge. With all of the MBR Malware showing back on the horizon it’s important for you to have these skills mastered.
Digital Forensics is a Science was Honored as "Blog of the Week" by DFI News Newsletter
Today I was sitting at my desk grading the “Preservation Report” assignment from my Introduction to Digital Forensic class when an email came in from a former colleague from Protiviti wishing me congratulations. I immediately found myself thinking, “what“? DFI News – October 28, 2011 – Blog of the Week “Digital Forensics is a Science” was honored by DFI News Newsletter as the …
Champlain College Center for Digital Investigation (C3DI) mentioned in Seven Days Newspaper
Seven Days, a Vermont based newspaper highlighted the Champlain College Center for Digital Investigation in this week’s paper. Photo of the Seven Days Article Staff Writer Ken Picard wrote a longer Blog entry on the Center which can be located here or http://7d.blogs.com/blurt/2011/10/champlain-colleges-center-for-digital-investigation-now-open-for-business.html. Full Disclosure – I’m a Co-Director at the C3DI with Mike Wilkinson, another Professor of Digital Forensics at …
Google search results going secure, what does this mean for forensics?
If you run a search on Google.com, your Internet search is likely recorded and logged in several places. Digital forensic examiners leverage this feature in digital forensic exams. Investigators can serve Google with the appropriate legal paperwork to determine a specific users searches while they were logged into Google. The latter is hard to obtain and the former is a standard …
Book Review – Worm
On a recent plane trip back from Las Vegas I read the book titled “Worm” by Mark Bowden. Rather than elaborate on detail surrounding the specific content, I wanted to share with you some quick observations to help you decide whether to read the book or not. I’m still very afraid of Conficker This book is great for experts and …
Cyber Security Evaluation Tool Released by DHS
The Department of Homeland Security has released CSET (Fact Sheet) The Cyber Security Evaluation Tool (CSET) which provides users with a systematic and repeatable approach for assessing the cybersecurity posture of their industrial control system networks. This tool also includes both high-level and detailed questions applicable to all industrial control systems (ICS). CSET was developed under the direction of the Department of Homeland Security (DHS) Control Systems …
Tougher penalties for cyber crime
In light of the recent tweet by Vermont Senator Patrick Leahy (@SenatorLeahy) about how Congress must work together to fight threats to our cybersecurity AND the recent testimony before Senate Judiciary Committee of Associate Deputy Attorney General James Baker and Secret Service Deputy Special Agent in Charge Pablo Martinez there may be some very interesting breakthroughs on the horizon with regard to maximum …
Google offers new data source to digital forensic examiners
Google launched its new offline version of Gmail/Calendar/Docs. This means that examiners might be able to recover a local copy of Gmail artifacts easier. I look forward to see some research on this. Perhaps I can find a student or 10 to do some research in the next few weeks. Here is a direct link to the Offline Google Gmail …
Amazing TED talk on why we do what we do
A colleague, Mike Wilkinson, just shared video that he showed to his Freshmen class today. I invite you all to watch this video which shows Mikko Hypponen giving a great presentation on DFIR. Heck, if you’re a professional in the DFIR arena, this might help remind you why you do what you do. If not, I’m sure there is something …