Digital Forensics & Cyber Security Blog
Digital Forensics & Cyber Security Blog
University of Utah Pays $457,000 to Ransomware Gang
The University of Utah revealed today that it paid a ransomware gang $457,059 in order to avoid having hackers leak student information online. The incident is the latest in a long string of ransomware attacks where criminal groups steal sensitive files from the hacked companies before encrypting their files; and [...]
Beware of Potential Unemployment Insurance Fraud
The U.S. Secret Service reports that impostors using stolen identities have received hundreds of millions of dollars in fraudulent unemployment benefits in states across the country. These sophisticated criminals, often based overseas, file unemployment claims using Social Security numbers and other personally identifiable information belonging to identity theft victims. Because [...]
Workstation Hardening In a Remote Environment
Whether you’re sick and can’t make it to work that day or there’s a pandemic affecting the world, working remotely has become vital for organizations. The importance of securing communications when it comes to remote work is clear, considering that malicious threat actors will take advantage of weak communications and [...]
A 17-year-old critical vulnerability discovered in Windows Server
Security researchers from Check Point Research discovered a critical vulnerability in DNS Server component of Windows Server, which affects every version of Windows Server released in the past 17 years and allows an attacker to fully compromise a system. The vulnerability, identified as CVE-2020-1350 and named SigRed, belongs to remote [...]
Where is that Dongle?
Where is your dongle? That was one of the first questions asked by a student when I was teaching my first FTK training course back in 2001. I had no idea what he was asking. Later I learned we had to have a "security" or dongle to help prevent folks [...]
Snake ransomware poses unique danger to industrial systems
While ransomware continues to be a major threat to enterprise IT environments around the world, a new family of ransomware poses a unique danger to companies with industrial control systems. Snake, also known as Ekans ("snake" spelled backward), follows the classic ransomware formula of encrypting most files on the target [...]
DOD’s Cybersecurity Maturity Model Certification
In January, the U.S. Department of Defense released the Cybersecurity Maturity Model Certification requirements, outlining new cybersecurity stipulations for DOD contractors. There is no deadline for compliance with this new standard, but defense contractors should expect to see its specifications incorporated into new DOD contract bid requirements. Abbreviated CMMC, the [...]
Microsoft fixes Windows Codecs flaws
Microsoft released two out-of-band security patches to address remote code execution vulnerabilities affecting Windows 10 Codecs Library, weeks ahead of the next Patch Tuesday when the company typically releases updates. The first codecs vulnerability, disclosed as CVE-2020-1425, was rated critical. If an attacker successfully exploited the flaw, they "could obtain [...]
Top Five Free Digital Forensics Examiner Tools – June 2020
As we reach the mid-way point of 2020 and the curious, crazy, and covid-19 world we live in - I thought it is time to rank the top five or best "free" tools for digital forensic examiners. For the past 20-years many tools have come and gone in the digital [...]
Recover lost files on Windows 10
Windows File Recovery Currently available for Windows 10 2004 and above. Accidentally deleted an important file? Wiped clean your hard drive? Unsure of what to do with corrupted data? Windows File Recovery can help recover your personal data. For photos, documents, videos and more, Windows File Recovery supports many file [...]