35 posts categorized "Cyber Crime" Feed

A Wi-Fi Router as a Witness Device! (by Daniel Arrugueta)

A Wi-Fi Router as a Witness Device

Note: attached is the full document in .pdf format and is awesome reading for forensic investigators!

Download A WiFi Router as a Witness Device Full Document!

Witnesses often are crucial elements in solving and prosecuting criminal or civil violations.  We now regularly use data that various technologies record. Digital witness devices provide a source of largely unbiased and dependable information to the investigator and prosecutor. However, many often ignore or do not even recognize commonly available electronics as potential witness devices.  One such device is the wireless router found in most homes and businesses.

As with any witness, some sort of vetting and consideration is wise. Reliability, bias, memory, physical abilities, etc., all can be factors that play roles in the use of digital witness devices and the use of their data. Whether you consider data from digital cameras, microphones, cell phones, computers, or Wi-Fi (wireless) routers, you should approach each with an open eye and determine clearly what each actually offers to your investigation. Data typically is reliable; how you interpret and present that data is key to its ultimate usefulness. Criminal radiation

Continue reading "A Wi-Fi Router as a Witness Device! (by Daniel Arrugueta)" »


Would You Rent Out Your Personal Info (by Tony Fortunato)

Think about how much personal information you currently have in your phone’s contacts or address book.

We all have the following in our address books; addresses, phone numbers, birthdays, etc. I remember when cell phones were first introduced and there were constant warnings not to put sensitive information on your phone. Those warnings seem to be far fewer since people rely on their phone’s security features to protect access.  Features from screen locks to the ability to ‘wipe’ your personal and sensitive data if your phone is stolen.

How would you feel if someone had access to the information in your contacts or address book without touching your phone or compromising your cloud account where it may be backed up?

Have I got a story for you…

Last week I was on the road and when picked up my rental car, I noticed something odd.

I tried to pair my phone to the car’s Bluetooth, but couldn’t because the maximum number of devices were already paired. I verified that there were many other devices that were paired. Out of curiosity, I checked the contact list in the car and in between regular entries, saw some fairly personal entries like trading account info, security codes, school login, bank stuff, website login..  yikes!!!

20160911_185520

Continue reading "Would You Rent Out Your Personal Info (by Tony Fortunato)" »


LMTV WTF | Who Protects your Data when Renting a Car (by Tony Fortunato)



YouTube LIVE Event: October 5, 2016 - 9:30 AM PST


WaldoThis week, Tony Fortunato will talk about his rental car data experience.

How much information do you leave behind after your rental?

SCARY!

We are all concerned about protecting our personal information.

Tony FortunatoWe have all heard of various events where servers are hacked, peoples computers or phones get hacked, etc..

In this episode, Tony will discuss various examples where you unknowingly leave your personal, private data in the equipment of other people or companies. Tony recently wrote an article sharing his personal experience with a car rental when he was on the road.


Click to read other LMTV posts by contributors of LoveMyTool »


SCADA/ ICS – Are We Scared Yet? (by Tim -The Oldcommguy®)

Industrial Control Systems / SCADA – Are we scared yet?

What would happen if a hacker took over control of a nuclear power plant and used it for blackmail or destruction?

What devices control refineries and power plants, even our drinking water purification facilities?

SCada, ICS scaryWell these and many other life necessities are run and controlled by SCADA (Supervisory Control and Data Acquisition systems) or ICS (Industrial Control Systems). SCADA and like systems have been around monitoring and controlling our industrial, power and refinery world since the 1960’s.

I actually worked for a SCADA research and monitoring company in that era designing and testing production monitoring tools for the oil industry, from acquisition to refinement requirements but all were Industrial grade level

What is Industrial Grade Level – mainly it is the operating temperature from -40CF to +85C and Military level is -55C to +125C and other factors that would be needed for down hole operations (Drilling), mine operations and even space operations which can include high pressure, shock, mechanical stress, certain types of vibrations, non-vaporizing humidity to near 100%...many different factor for the many different arenas.

Continue reading "SCADA/ ICS – Are We Scared Yet? (by Tim -The Oldcommguy®)" »


LMTV LIVE | SpyGOOSE from Thomason Technologies (with Dave Thomason)



YouTube Live Event: Tuesday, August 30, 2016 - 9:30 AM PST


416939David Thomason, CEO of Thomason Technologies, will be announcing a new product for the passive monitoring of industrial networks. SpyGOOSE is their proprietary software which in the past has been distributed with their industrial IPS, the TTL1000. Today, Dave will discuss the general availability of the stand-alone version of this software.


Click to read other LMTV posts by contributors of LoveMyTool »


A Closer Look at UDP Sessions (by Dr. Jin Qian)

A Closer Look at UDP (User Datagram Protocol) Sessions

For many network and security professionals, analyzing network packets for trouble-shooting and security investigation is a daily routine.  One of the most common actions in the analysis is to “follow” a TCP session: display all the packets belonging to a TCP session.

It's well known that a TCP session consists of all the TCP packets that have the same tuple:  from a client IP and port  to a server IP and port or, conversely, from a server IP and port to a client IP and port.   For a UDP session, many professionals will likely think that the same principle will work for UDP, just as in the case of TCP, but unfortunately, that is not the case.  A UDP session is only defined by the client IP and port.  As a result, packets from the same UDP session can be to/from different server IP and port pairs.

 Super graphic and discussion from https://elguber.wordpress.com/

Some readers may wonder why this communication method for UDP sessions is the way it is. The answer lies in the network programming: when an application needs to communicate using UDP, it will bind to a local IP and port. After the binding, this socket can send to and receive from any server and port pair. In other words, all the packets from/to the local IP and port will be relevant to the same UDP-based application.

With this understanding, let's look at two network scenarios.

 

Continue reading "A Closer Look at UDP Sessions (by Dr. Jin Qian)" »