A Django site.
January 14, 2016

Inside Security News
insecnews
is about »
» Security BSides Athens 2016, Greece

I am pleased to announce that the Information Security Research Group is a proud community supporter of the effort being put into organising the Security BSides Athens 2016 in Greece held on the Saturday, 25 June 2016. More information about the event can be found … Continue reading

July 26, 2010

Inside Security News
insecnews
is about »
» iPad and iTunes file recovery of Smart Recorder Files

This solution is only for Mac’s. Use the following information at your own risk. If you have an iPad (I would imagine it is the same for iPhones) and you have recorded something with Smart Recorder (or Smart Recorder Lite) and … Continue reading

January 4, 2010

Inside Security News
insecnews
is about »
» Decaf COFEE put me to sleep

Decaf[1] is the hackers reply to Microsoft’s COFEE tool set. Once again creating a tool to combat a set of tools as old as Sysinternals is nothing new or surprising. If it did not happen we would have been surprised.

Unfortunately (and thank god) systems are open and when they are closed (-source) people can still reverse-engineer and break them. This is the nature of the system, be that a PC, Apple, hardware, software or a mobile phone.

In other news an Xbox 360 thief was caught when the original user’s account automatically signed in [2]. Proving that with some effort it is possible to track and catch thieves that keep and connect Internet-capable systems. Hear that UK!

Links used:
[1] – http://www.theregister.co.uk/2009/12/14/microsoft_cofee_vs_decaf/
[2] – http://www.theregister.co.uk/2009/12/30/x_box_theft_suspect_racked_down/

December 4, 2009

Inside Security News
insecnews
is about »
» MS COFEE for live comp. forensics

It is all about the COFEE [1] that will keep you awake. In this case, ahead of the game. Microsoft’s COFEE (Computer Online Forensics Evidence Extractor) [1] is out and about, making the rounds on the Internet underground (and overground, “freedom of speech” sites). This is what happens when you try to keep something secret, everyone wants it.

I understand the motives to keep it hush hush, but from what I hear the tool set is compromised of basic programs you can find on a Windows OS and at Microsoft online (old Sysinternals tool set, now part of Microsoft).

Will Anti-forensics kick in and destroy your acquisition? Well to be honest if the tools are the ones you find on a Windows OS, then any rootkit installed on the machine will feed any tool talking to the OS false data anyway. Nothing new there! Once again proving that usual computer forensics still will be required to extrapolate the information.

What about the volatile information lost after a shutdown, that has been captured by this tool set. That is why it is called volatile (it lives for a short period) and good luck in piecing things together after imaging the drive. It will provide valuable information that you would not have otherwise but how will it be proven in court is another matter altogether. It would not be a hard subject if everything was handed to you in a silver-platter-report every time.

[1] – http://wikileaks.org/wiki/Microsoft_COFEE_%28Computer_Online_Forensics_Evidence_Extractor%29_tool_and_documentation%2C_Sep_2009

November 9, 2009

Inside Security News
insecnews
is about »
» iPhone: myPhone on lock-down

…and you thought you were the only person to have the privilege of locking your iPhones screen. Think again. Once again a stunt and proof of concept demonstrates that high tech. mobile devices can be manipulated and possibly locked down by malicious people, leaving the users at their mercy. In some cases even try to get you to part with your money. This was demonstrated with the iPhone ‘Your iPhone’s been hacked’ stunt as reported [1] by Wired.

It appears that jailbroken iPhones have SSH and a default root password (if not changed), allowing full remote access to the phone. It is that easy. The users are lucky that the creator didn’t start locking the devices as we have seen with ransomware (malware that requests ransom to decrypt data or unlock a pc).

I would not be surprised if Apple didn’t try to use this problem to demonstrate to people that jailbreaking the iPhone will mean that you are taking avoidable risks and that you are not being protected to the fullest.

[1] Wired – Hacker holds Dutch iPhones for EUR5 ransom – http://www.wired.co.uk/news/archive/2009-11/04/hacker-holds-dutch-iphones-for-EUR5-ransom.aspx