Police Computer Forensics Expert Sandra Osborne Testifies at the Casey Anthony Murder Trial on June 8, 2011 –
Sandra Osborne testifies: MyFoxORLANDO.com
Sandra Osborne testifies: MyFoxORLANDO.com
Sandra Osborne testifies: MyFoxORLANDO.com
Sgt. Kevin Stenger testifies: MyFoxORLANDO.com
http://www.examiner.com/crime-in-national/police-computer-forensics-expert-sandra-osborne-testifies-at-the-casey-anthony-murder-trial-on-june-8-2011-video
Dropbox Reader is a set of Python scripts for forensic investigators. The scripts provide investigators with information about a particular Dropbox user’s account and activities, such as the registration e-mail, Dropbox identifier and most recently changed files.
Dropbox Reader was created by Cybermarshal, the computer forensics wing of ATC-NY.
Here’s a list and description of the tools from the product website:
Lulz Security’s spree of embarrassing hacks continued as the group released hundreds of internal documents belonging to various Arizona law enforcement agencies, including the Arizona Department of Public Safety.
Many of the documents released over BitTorrent are stamped “law enforcement sensitive” and “for official use only,” and the dump of some 700 files contains material from a variety of agencies, including the FBI, the Department of Homeland Security, and the Drug Enforcement Agency.
The Arizona Department of Public Safety has reportedly acknowledged that its computer systems were compromised and the department’s website had been inaccessible for more than eight hours at time of writing. A post on LulzSec’s website, said hackers targeted the agency for its enforcement of a recently enacted Arizona law that makes it a crime for aliens to be in the state without carrying immigration documents and gives police broad power to detain anyone suspected of being in the US illegally.
The Lulz Security hacking group that has claimed attacks on high-profile targets including the CIA and Sony in recent weeks has exclusively told the BBC’s Newsnight programme that it wants to target the “higher ups” who write the rules and “bring them down a few notches”.
Lulzsec has claimed a new scalp – releasing confidential material taken from the Arizona police department.
The anonymous hacking group says they’ve not been knocked off course, or successfully exposed, by rival hackers who claim to have named them online – apparently because they object to their agenda.
This agenda seems to evolved. When they started out, two months ago, they said they were mainly hacking “for laughs”.
In an online Q&A, Whirlpool, the spokesman for Lulzsec, who describes himself as “captain of the Lulz Boat”, agreed that their goals now go beyond that: “Politically motivated ethical hacking is more fulfilling”.
NATO is warning subscribers to its e-Bookshop service that hackers have likely stolen its customer database.
The site is run as a separate service for distributing NATO information and does not contain any classified or secret information.
The bookshop has been closed and all members been warned by email to change their passwords if they are using them for other websites or services.
The email said: “Our examinations show a possible compromise of user information (username, password, address and email address) for people who have ordered publications from the e-Bookshop or subscribed to our email service.
“If you use the same email and password on other web platforms it is highly recommended that you change your passwords.”
Travelodge has told customers who’ve received spam email that the company has not lost their credit card details, which is nice.
The letter said:
Our main priority is to ensure the security of our customers’ data, which is why I wanted to make you aware that a small number of you may have received a spam email via the email address you have registered with us.
Please be assured, we have not sold any customer data and no financial information has been compromised.
All financial data (including credit card information) is compliant with current best practice standards and is audited to PCI (Payment Card Industry) requirements. The safety and security of your personal information is of the utmost importance to us and as a result we are currently conducting a comprehensive investigation into this issue.
We take this to mean that the chain of motels has indeed had its customer database compromised.
Travelodge is investigating its IT systems to discover how customer email addresses have gone astray.
Several other customers have blogged of similar experiences, here’s Shepy’s post on the apparent hack.
Either LulzSec has taken a step down from hacking the US Senate and the CIA to target the motel chain, or Travelodge has been hit by more commercially minded hackers.
I’ve had a few emails recently from people wanting to know more about Digital Forensic/Ethical Hacking degrees. People may be thinking I’m a little biased having invested countless thousands of pounds, man hours and sweat in to the course so far. However, isn’t everyone a little biased…
The term Ethical Hacking comes under many headings, Including Penetration Testing (my favourite), IT Security, Network Security, Security for Enterprise and so on. They all aim to cover the same topics it just depends how the course provider decides to dress the course up to attract people.
I’ve always had a passion for IT Security and Digital Forensics. Some people ask me ‘Should I do a IT security degree?’.
This is not a question anyone can answer other than the individual. The individual needs to have the interest, the passion and the self motivation.
Recently, hackers have been in the limelight for breaking into companies’ servers to steal users’ personal information. Yet Dropbox, which provides online storage, needed no help putting its users’ data at risk: the company has admitted that for several hours on Sunday, an update to its code caused a security glitch that allowed people to log into any Dropbox account by typing in any password at all.
In other words, while hackers have pried open the doors to data stored by Sony, the Senate, and other high-profile organizations, Dropbox, for four hours, left the doors completely unlocked.
Between 1:54pm PT, when the code update that introduced the bug was pushed live, and 5:46pm PT, when the issues was corrected (the flaw was discovered at 5:41pm PT), virtually any Dropbox account was accessible to any other user, making any documents stored on the system potentially visible to strangers.
With all the data breaches in the news lately, it’s hard to know whether you’ve been affected.
You could just change all your passwords after every reported breach – just in case. You could insist on tokens for everything. (Of course, that might raise additional concerns) You could stop using the internet entirely. Or you could do nothing.
Cybercrime happens to other people, right?
Another approach is to keep trawling the internet for exposed password databases, grabbing copies and checking to see if you’re on anyone’s “hit list”. Of course, it doesn’t tell you much if you’re not in one of LulzSec’s or Anonymous’s triumphantly-publicised leaks. But if you are, then you’re facing a clear and present danger.
After LulzSec’s recent spray of 62,000 passwords, Twitter came alive with LulzSec hangers-on announcing the malevolent uses to which they’d quickly put the leaked data – such as sending a large pack of condoms to a random woman using someone else’s money, or trying to break up relationships by posting fake information on Facebook. Very funny.