Mobile Forensics and Cybersecurity

•Download as PPTX, PDF•

3 likes•7,923 views

Mobile device usage has skyrocketed in enterprises and so have the risks. Eric Vanderburg and Trevor Tucker discuss the evidentiary value of mobile forensics, its limitations, and how cybersecurity can ensure the processes, procedures, and controls necessary to protect mobile devices and organizational data. This helps companies and attorneys to be better prepared for investigations and associated legal implications of mobile use in the enterprise.

Technology

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Over 40 certifications
Published author
Licensed private investigator
18 years in cybersecurity
Specializations include:
Risk management
Governance and compliance
Security strategy
GIAC Certified Forensic Examiner
AccessData Certified Examiner
Licensed private investigator
Specializations include:
Forensic analysis
Forensic investigation
Incident response
TREVOR TUCKER
DIGITAL FORENSIC ANALYST
ERIC VANDERBURG
VICE PRESIDENT, CYBERSECURITY

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile Phone Forensics

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Reasons for Phone Collection
Theft of
Intellectual
Property
Divorce
Wrongful
Termination
Sexual
Harassment
Workers
Compensation
Tracking
Location
Traffic
Incidents
Child custody

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Who’s Phone is it?
Company Issued
• Legal rights to phone and
contents
• Easier to access and analyze
• Prevent data loss or destruction
Personal (BYOD)
• May require subpoena
• May lack direct access to phone

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Analysis considerations
Chain of Custody
Forensic Tools
Knowledge/Experience
Detailed Report
Expert Witness

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Preservation Requirements
Physical Access to Mobile Device
Passcode
Backup password for iPhones
Time

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
What Can Be Collected
Contacts & Call Logs Text Messages /
Chats
Voice Mails Emails Geo Tags / Location
Information
Passwords Installed
Applications
Media (Pictures,
Video & Audio)
Internet Activity Social Media

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Reporting
Level of detail
Specific Artifacts
Specific Timeline
Key words
Format
◦PDF
◦HTML
◦Excel

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Information from Providers
Subpoena Required
Location Data from Cell Towers
Additional Call Logs
Billing Records

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile Device Security

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile in the Enterprise
93% have mobile devices connecting to their
corporate networks
67% allow personal devices to connect to
corporate networks
66% say careless employees
greater security risk than cybercriminals
*Statistics from the checkpoint mobile
security survey
93% mobile
devices
Careless
employees
Cyber
criminals

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile risks
Loss or Theft
• Data breach
• Compromised
credentials
Data Leakage
• Mobile phone
cameras
• Email
• Keylogging
• Entry point to the
enterprise
Compromised
Device
• Malicious app
• Jailbroken device
• Hijacked
authenticator
• Camera/mic
monitoring

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Controlling Mobile Risk
Mobile Device
Management
◦Remote wipe
◦Updates
◦Application whitelisting
Policy
◦BYOD
◦Mobile device
◦Acceptable use

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Controlling Mobile Risk
Data mapping / data inventory
Awareness training
Incident response planning
Security monitoring

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Digital forensics and beyond

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Digital
forensics
Computer
forensics
Mobile
forensics
Cloud
forensics
Social Media Email
File Sharing Groupware

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Why Digital Forensics?
Reasons to use Digital Forensics
◦ Internal Company Investigations
◦ Alleged criminal activity
◦ IP Theft Investigations
◦ Civil or Regulatory Preservation
◦ Recovery of Accidentally or Intentionally Deleted Data
◦ Deleted is not necessarily deleted
◦ Recovery from Improper shutdowns

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Digital Forensics Process
Case Assessment & Planning
Maintaining Chain of Custody
Record Evidence Information
Imaging & Data Collection
Analysis
Exports and Reporting
Expert Testimony

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Cybersecurity
Vulnerability
Assessment
Vulnerability
Scanning
Penetration
Testing
Incident
Response
Security
Management
Event
Monitoring
Malware
Protection
Security Awareness
Training
Governance, Risk, &
Compliance (GRC)
Cybersecurity
Assessment
CSO on Demand

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Cybersecurity
Demonstrate security values for stakeholders
and customers
Validate security controls
Meet compliance objectives
Protect sensitive corporate and customer data
Gain peace of mind

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Questions?

This document discusses the nature of computer-based electronic evidence and the devices and considerations involved in digital investigation. It covers topics such as latent evidence stored on computers, fragility of electronic evidence, devices that may contain evidence like computers, networks, and other digital devices. It also summarizes laws and guidelines related to digital investigation in the UK.

computer forensics

shivi123456

Computer forensics involves the preservation, identification, extraction, documentation, and interpretation of computer media for root cause analysis. It is a branch of digital forensic science that applies techniques of computer investigation and analysis. The goal is the discovery, collection, and analysis of digital evidence found on computers and networks to identify the source of security attacks or crimes.

VAPT, Ethical Hacking and Laws in India by prashant mali

Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]

The document discusses vulnerability assessment and penetration testing (VAPT) and related Indian laws. It provides definitions for vulnerability assessment and penetration testing, noting there are no legal definitions. It outlines when penetration testing would be considered illegal, such as without authorization or exceeding the testing scope. The legal provisions for unauthorized penetration testing are discussed, including penalties of up to 3 years imprisonment or Rs. 5 lakhs fine under the IT Act. Case studies are presented and best practices are recommended, such as having a well-defined contract and scope of work to avoid legal issues.

Digital Forensics by William C. Barker (NIST)

AltheimPrivacy

This document discusses digital forensics and the work done by the National Institute of Standards and Technology (NIST) in this area. It provides examples of types of digital evidence, uses of digital forensics techniques, and the phases of performing digital forensics according to NIST's guidelines. It also discusses policies, procedures, maintaining a chain of evidence, NIST's computer forensics tool testing program, the National Software Reference Library, Computer Forensic Reference Data Sets, and some other NIST publications related to digital and mobile device forensics.

Mobile forensics

noorashams

Mobile forensics is a branch of digital forensics that recovers evidence from mobile phones. It is important because mobile phones are ubiquitous and can contain evidence of crimes. Mobile forensics follows steps including preservation of the device, acquisition of data, examination of data, analysis of findings, and reporting results. It is challenging due to various device types and conditions, but techniques like isolating devices and using forensic software can extract hidden or encrypted data for investigations.

Computer forensics

deaneal

Digital Forensic ppt

Suchita Rawat

Digital forensics is a scientific field that involves the identification, collection, examination, and analysis of digital data for use as evidence in court. It has several sub-disciplines including computer forensics, network forensics, mobile device forensics, digital image/video/audio forensics, memory forensics, and cloud forensics. The goal of digital forensics is to recover electronic evidence from computers, networks, mobile devices, and digital media in a forensically sound manner.

This document discusses mobile device forensics. It explains that mobile devices store a variety of personal information, including calls, texts, emails, photos and more. It also outlines the challenges of investigating mobile devices and describes the components of mobile devices like the IMEI, SIM card, and memory. The document provides details on acquiring data from mobile devices, including identifying the device, isolating it to prevent remote wiping, and extracting data from internal memory, SIM cards and external storage.

Cyber Threat Intelligence | Information to Insight

Deep Shankar Yadav

Computer forensic

bhavithd

Computer forensics relates to identifying digital evidence from computer systems, securing and preserving that evidence, analyzing it, and documenting findings. It serves both public and private sectors to provide evidence and prevent criminal computer activity. The process involves identifying sources of digital evidence, preserving it from loss or corruption, analyzing the evidence, and presenting it in legal contexts.

Digital Forensics

Mithileysh Sathiyanarayanan

The document discusses digital forensics, including what it is, types of computer crimes, tools used like FTK and Encase, procedures that must be followed, and examples of cases like Enron and United States vs Ivanov. Digital forensics involves recovering and investigating digital evidence from devices and can be used to find deleted data, track locations, and discover information through tools like forensic software. Proper seizure and collection of evidence must adhere to legal standards like using a write blocker.

Normas de Seguridad de la Información

Jherdy Sotelo Marticorena

El documento presenta un curso sobre seguridad en redes. Explica los objetivos del curso que incluyen desarrollar conceptos y conocimientos sobre gestión de seguridad de la información, diseño e implementación de arquitecturas de seguridad, y gestión de riesgos basada en normas. También cubre los diferentes dominios del curso como gobierno de seguridad, control de accesos, seguridad de red, y continuidad del negocio. Finalmente, introduce conceptos clave de seguridad como amenazas, vulnerabilidades, riesgos

Anti-Forensics: Real world identification, analysis and prevention

Seccuris Inc.

Reliance on forensic investigation of information systems has become a daily requirement for law enforcement and security practitioners around the world. Effective evidence collection and analysis is the foundation of any investigation; identification of suspects, motives and methods demand the acquisition of the largest amount information that evidence can provide us. Anti-Forensics – Real world identification, analysis and prevention will discuss how criminals, attackers, non-enlightened investigators all have the ability to impact the amount useful information we have at our disposal. Michael will show the audience real world scenarios detailing how Anti-forensics tools are used to hide and destroy incriminating evidence, outlining common anti-forensic techniques. This will be followed by discussion of hands-on identification and prevention practices used to raise awareness around current academic research and identify potential solutions for practitioners and law enforcement organizations.

L6 Digital Forensic Investigation Tools.pptx

Bhupeshkumar Nanhe

Digital forensic is defined as the process of preserving, identifying, extracting, and documenting computer evidence for use in a court of law. It involves identifying evidence stored on devices, preserving the data without alteration, analyzing the evidence using forensic tools, and documenting the findings. The key steps of the digital forensic process are identification, preservation, analysis, documentation, and presentation. Common types of digital forensics include disk, network, wireless, database, malware, email, memory, and mobile device forensics. Forensic tools used in the process include those for forensic imaging to make bit-by-bit copies of storage devices and data recovery tools to extract data from damaged sources.

Introducción a la Seguridad de la Información

Jonathan López Torres

Digital forensics

Vidoushi B-Somrah

Digital forensics involves identifying evidence from digital sources using scientific tools and techniques to solve crimes. There are two criteria for evidence admission in court: relevance to the case and use of scientific methods. Errors in evidence gathering can result in meaningless evidence or penalties. The process involves preservation, identification, extraction, documentation, and interpretation of data. Tools like WetStone's Gargoyle and Niels Provos's stegdetect can detect hidden data. The reliability of found data must undergo a Daubert hearing to ensure the tools and methods are viable in court. Professional, ethical, and legal issues must be considered regarding an investigator's role, privacy concerns, and challenges from evolving technologies.

Cloud Forensics

sdavis532

This document summarizes a project on cloud forensics. It discusses cloud computing models like SaaS, PaaS, and IaaS. It describes implementing a private Eucalyptus cloud and testing live forensics via virtual introspection and recovering ephemeral data from previous cloud tenants. It demonstrates recovering data from a physical disk but not from a new virtual instance due to sparse files. The document concludes ephemeral data is not accessible to new tenants in Eucalyptus clouds due to sparse files and zero-filling.

Webinar_Cybersecurity is a shared responsibility presentation

211 Check

Introduction to computer forensic

Online

Computer forensics involves the collection, analysis and presentation of digital evidence for use in legal cases. It combines elements of law, computer science and forensic science. The goal is to identify, collect and analyze digital data in a way that preserves its integrity so it can be used as admissible evidence. This involves understanding storage technologies, file systems, data recovery techniques and tools for acquisition, discovery and analysis of both volatile and persistent data. Computer forensics practitioners must be aware of ethical standards to maintain impartiality and integrity in their investigations.

Norma Iso 27001

Juana Rotted

El documento habla sobre la Norma ISO 27001 sobre la seguridad de la información. Explica que un Sistema de Gestión de Seguridad de la Información (SGSI) sigue los estándares como ISO 27001 para proteger la confidencialidad, integridad y disponibilidad de la información. Los beneficios de ISO 27001 incluyen establecer una metodología clara de gestión de riesgos, reducir pérdidas de información, garantizar el cumplimiento de leyes y dar confianza a los usuarios y empleados.

Overview of the Cyber Kill Chain [TM]

David Sweigert

William F. Crowe presented on the cybersecurity kill chain, which models the stages of a cyber attack based on military doctrine. The model developed by Lockheed Martin includes stages of reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. ISACA and the European Union Agency for Network and Information Security also use similar kill chain models to analyze the process of advanced persistent threats targeting critical systems and data.

Ciberseguridad riesgos y prevención

Conrad Iriarte

Este documento resume los principales riesgos de ciberseguridad a los que se enfrentan las empresas y ofrece consejos sobre cómo prevenir ataques. Explica que el robo de información confidencial, los ataques que afectan la continuidad del negocio y la pérdida de datos debido a virus son las principales amenazas actuales. Recomienda formar a los empleados, mantener los sistemas actualizados y realizar copias de seguridad diarias alojadas de forma externa para minimizar riesgos. Además, ofrece

information security awareness course

Abdul Manaf Vellakodath

Encase Forensic

Megha Sahu

The document discusses EnCase, a digital forensics software. It can recover various types of data from devices including pictures, documents, and entire disk drives. The software includes tools for acquisition, analysis, and reporting. It uses the .E01 file format to store evidence and allows users to search devices for keywords, artifacts, and other digital evidence. The document provides instructions for downloading, installing, and using EnCase to examine digital media and create case files.

Legislación informática

ale-pruneda

Este documento describe la legislación informática y los delitos informáticos en México. Explica que la legislación informática regula el tratamiento de la información a través de leyes y normas. Los delitos informáticos se refieren a conductas que usan computadoras u otros bienes de información para dañar bienes o derechos de personas. Luego enumera varias leyes mexicanas como el Código de Comercio, Código Civil Federal y Ley Federal de Telecomunicaciones, las cuales regulan actividades relacionadas con la informática y el comercio electr

Social Media Forensics

John J. Carney, Esq.

Learning Objectives: 1. Understand how this unique, emergent form of evidence can be used for criminal investigations and civil litigation e-discovery. 2. Discover the DoJ memo to law enforcement uncovered by FOIA stressing why and how to use social media in criminal cases. 3. See social media evidence recovered from smart phones, personal computers, and the cloud. 4. Learn the ethics of social media evidence collection including what you can and cannot do, if you want to keep your license that is.

Cyber Security

BryCunal

Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...

Eric Vanderburg

Cybercrime and Cyber Threats - CBLA - Eric Vanderburg

Eric Vanderburg

What's hot

Mobile Forensics

primeteacher32

Cyber Threat Intelligence | Information to Insight

Deep Shankar Yadav

Computer forensic

bhavithd

Digital Forensics

Mithileysh Sathiyanarayanan

Normas de Seguridad de la Información

Jherdy Sotelo Marticorena

Anti-Forensics: Real world identification, analysis and prevention

Seccuris Inc.

L6 Digital Forensic Investigation Tools.pptx

Bhupeshkumar Nanhe

Introducción a la Seguridad de la Información

Jonathan López Torres

Digital forensics

Vidoushi B-Somrah

Cloud Forensics

sdavis532

Webinar_Cybersecurity is a shared responsibility presentation

211 Check

Introduction to computer forensic

Online

Norma Iso 27001

Juana Rotted

Overview of the Cyber Kill Chain [TM]

David Sweigert

Ciberseguridad riesgos y prevención

Conrad Iriarte

information security awareness course

Abdul Manaf Vellakodath

Encase Forensic

Megha Sahu

Legislación informática

ale-pruneda

Social Media Forensics

John J. Carney, Esq.

Cyber Security

BryCunal

What's hot (20)

Mobile Forensics

Cyber Threat Intelligence | Information to Insight

Computer forensic

Digital Forensics

Normas de Seguridad de la Información

Anti-Forensics: Real world identification, analysis and prevention

L6 Digital Forensic Investigation Tools.pptx

Introducción a la Seguridad de la Información

Digital forensics

Cloud Forensics

Webinar_Cybersecurity is a shared responsibility presentation

Introduction to computer forensic

Norma Iso 27001

Overview of the Cyber Kill Chain [TM]

Ciberseguridad riesgos y prevención

information security awareness course

Encase Forensic

Legislación informática

Social Media Forensics

Cyber Security

Similar to Mobile Forensics and Cybersecurity

Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...

Eric Vanderburg

Cybercrime and Cyber Threats - CBLA - Eric Vanderburg

Eric Vanderburg

Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf

ForgeRock

The document discusses how digital identity is at the center of digital transformation and relationship management. It argues that as more "things" and devices get connected through IoT, managing digital identities for users, services, and devices/things will become essential. It presents ForgeRock's identity platform as a solution for providing end-to-end security, identity, and access management across users, services, devices/things on the edge and in the cloud.

Connected Car: Putting Digital Identity Behind the Wheel

ForgeRock

A modern connected vehicle is no longer just a car with a built-in wireless access point – it is a complex network of multiple interconnected systems from different vendors that are constantly communicating with each other as well as with various external parties, both consumer-facing and industrial. Each connected car is a rolling IoT ecosystem where industrial applications and protocols coexist with consumer-grade apps and services.

Identity Live Paris 2017 | Mike Ellis

ForgeRock

Protecting What Matters Most – Data

Fujitsu Middle East

Cybercrime is about profit and making money. And cybercriminals make money on your data. Whether it’s personally identifiable information, payment or healthcare information, or your intellectual property, your data means money to cybercriminals. Imperva protects cloud applications, websites, web applications, critical databases, files and Big Data repositories from hackers and insider threats—ultimately protecting your data—the one thing that matters most. Haiko Wolberink, AVP Middle East and Africa, Imperva

Bridgera enterprise IoT security

Ron Pascuzzi

Insights success the 10 best performing cyber security solution providers 4th...

Insights success media and technology pvt ltd

No matter where you are, or what time of day it is, always there for you

Company

Bridgera enterprise IoT Software Solutions

Ron Pascuzzi

Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...

Symantec

Preventing ATO in a Post-Equifax Breach World

Guardian Analytics

Although the recent Equifax breach that reportedly compromised 143 million accounts has sent consumers scrambling to protect their assets, financial institutions and corporations are likely to feel the impending effects of this attack as well. It is predicted there will be a surge in social engineering and BEC scams, as the hackers now have a wealth of information needed to impersonate individuals and corporate entities in a variety of contexts. However, the right strategic approach and technology solutions can effectively mitigate the fraud risk. In this webinar, guest speaker Andras Cser, VP, Principal Analyst in Security & Risk from Forrester Research, will provide an expert industry perspective and discuss what financial institutions and corporations can do to protect themselves. You will gain insight into how organizations are raising their defenses, understand the best practices to minimize fraud loss, and learn how advanced analytics solutions can help minimize the risk.

Preventing ATO in a post Equifax breach world

Laurent Pacalin

The document provides an overview of a presentation on preventing account takeover (ATO) in a post-Equifax breach world. It discusses how fraudsters are adapting their techniques, the increasing costs of online and mobile fraud, and recommendations for financial institutions to combat fraud using machine learning, behavioral analytics, and integrating diverse data sources. Specific examples are provided of how behavioral analytics can detect account takeover schemes by identifying deviations from normal user behaviors.

Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness

Symantec

Next Dimension + Cisco Smart Manufacturing

Next Dimension Inc.

Making Security Work—Implementing a Transformational Security Program

CA Technologies

Recent newsworthy data breaches have business and IT leaders asking, “Are we learning from the mistakes of others?” In an ever-increasing threat environment, security leaders face mounting pressures to deliver effective security capabilities that protect business assets while balancing budgets, security risks and regulatory issues. For more information on Security, please visit: http://cainc.to/CAW17-Security

Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...

NetworkCollaborators

This document discusses cybersecurity challenges in Southeast Asia and outlines Cisco's approach to addressing these challenges. It notes that ASEAN countries face rising cyber threats but have low policy preparedness. The cybersecurity landscape is complex and fragmented. Cisco's strategy involves integrating security across networks, endpoints, cloud, and other domains. It aims to provide visibility, detection, prevention and response capabilities through technologies, training programs, and collaborations.

Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence

NowSecure

Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...

NowSecure

Security On The Edge - A New Way To Think About Securing the Internet of Things

ForgeRock

ForgeRock proposes a new approach for IoT security, where identity principles are used to ensure the authenticity of IoT devices and their communications. We call this upcoming technology, ForgeRock Edge Security. Using secure, standards-based tokens and providing comprehensive, policy-based controls for controlling access to data from devices, this is the next generation of IoT edge security. With examples from industrial and automotive IoT environments, learn how this new way of providing security “on the edge” can provide a rock solid layer of security for your IoT deployments.

Similar to Mobile Forensics and Cybersecurity (20)

Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...

Cybercrime and Cyber Threats - CBLA - Eric Vanderburg

Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf

Connected Car: Putting Digital Identity Behind the Wheel

Identity Live Paris 2017 | Mike Ellis

Protecting What Matters Most – Data

Bridgera enterprise IoT security

Insights success the 10 best performing cyber security solution providers 4th...

No matter where you are, or what time of day it is, always there for you

Bridgera enterprise IoT Software Solutions

Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...

Preventing ATO in a Post-Equifax Breach World

Preventing ATO in a post Equifax breach world

Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness

Next Dimension + Cisco Smart Manufacturing

Making Security Work—Implementing a Transformational Security Program

Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...

Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence

Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...

Security On The Edge - A New Way To Think About Securing the Internet of Things

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium

Eric Vanderburg

Modern Security the way Equifax Should Have

Eric Vanderburg

2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...

Eric Vanderburg

The document discusses security challenges with the Internet of Things (IoT). It notes that while IoT usage is growing, security has not kept pace, leaving many devices vulnerable to attacks. Common threats discussed are distributed denial of service attacks using compromised IoT devices, ransomware targeting IoT, surveillance through insecure cameras and assistants, backdoors in device firmware, data breaches exposing private information, and botnets of hijacked IoT devices used to launch attacks. The document advocates for securing IoT through built-in security practices, segmentation, access control, patching, and disabling unused functions.

Ransomware: 2016's Greatest Malware Threat

Eric Vanderburg

Emerging Technologies: Japan’s Position

Eric Vanderburg

This document discusses Japan's position regarding emerging technologies such as information technology, the human genome project, and nanotechnology. It notes that while Japan was an early leader in concepts like a fiber optic network and human genome mapping, it failed to maintain leads in these areas due to lack of sustained governmental support and inconsistent funding. Currently, Japan is a top investor in nanotechnology but has fewer startups than the US; maintaining leadership will depend on supporting infrastructure and applying its materials expertise to drive more products to market.

Principles of technology management

Eric Vanderburg

This document discusses principles of technology management. It defines technology management as leveraging technology components to maximize economic gains by managing challenges posed by emerging technologies from research to commercialization. It notes competitiveness is key. It also discusses methods of acquiring technology, such as internal R&D, technological learning, and alliances. Factors that determine international competitiveness include a country's technology trajectory, barriers to entry, pace of innovation, macroeconomic environment, and Porter's Diamond model relating to firm strategy, demand conditions, supporting industries, and factor conditions.

Japanese railway technology

Eric Vanderburg

Japanese railway technology dates back to the Meiji Era when Japan sought foreign technology from Britain and Germany. A key milestone was the 1964 development of the Tokaido Shinkansen, which became the fastest train in the world at 200km/h and helped transform Japan's railway system. Before the Shinkansen, 60 trains carried 60,000 passengers daily between Tokyo and Osaka, but now 285 trains carry 360,000 passengers daily with significant time savings and economic benefits. The Shinkansen system prioritizes speed, safety, reliability, and large transport capacity through features like elevated tracks, automated stopping controls, and rigorous maintenance practices.

Evaluating japanese technological competitiveness

Eric Vanderburg

This document analyzes Japan's technological competitiveness. It finds that while Japan faces economic challenges, it remains competitive in niche markets and product innovation. Japan spends a high percentage of its GDP on research and development, focusing on applied research and incremental improvements. This approach, along with strong industrial clusters and a commitment to quality, has allowed Japan to capture significant global market shares in various niche technology areas.

Japanese current and future technology management challenges

Eric Vanderburg

This document discusses Japan's current and future technology management challenges across various sectors. It outlines Japan's large-scale projects and research in areas like nuclear energy, space development, aviation, marine development, life sciences, and computer sciences. While Japan has had some successes, it also faces ongoing challenges with safety, cost, and developing breakthrough technologies to solve major problems. The document concludes by noting that Japan has established public and private business incubators, but the results have not been very encouraging so far.

Technology management in Japan: Robotics

Eric Vanderburg

This document provides an overview of robotics management in Japan. It discusses the history of robots beginning with Isaac Asimov coining the term "robotics" in 1942 and establishing three laws of robotics. Japan became a leader in robotics through manga influences and the growth of its robot industry in the 1970s. Today, Japan produces and uses more industrial robots than any other country, with major robotics firms like Sony, Honda, and Toyota. The document outlines various uses for robots and recent innovations from Japanese researchers. It predicts continued growth in markets like domestic robots and notes Japan's strategies to maintain leadership through constant innovation.

Incident response table top exercises

Eric Vanderburg

An unauthorized individual accessed private confidential data on an FTP server, triggering an incident response. The response team needed to determine how the data was accessed, scope the incident, and identify impacted stakeholders. They then took steps to contain the incident by blocking IP addresses, shutting down the FTP server, changing credentials, and moving servers. The team also restored data from backups and requested clients resend information. Post-incident activities included meetings with management and IT to prevent future occurrences through measures like shortening timeouts, adding alerts and encryption, and restricting FTP server access.

The Prescription for Protection - Avoid Treatment Errors To The Malware Problem

Eric Vanderburg

Malware is an ailment many companies suffer from but the prescription for protection is simpler than you think. In this presentation, Vanderburg and Salamakha apply the five rights for avoiding drug errors to the malware problem at the Advanced Persistent Threats Summit. 1) Right client – Authentication 2) Right route – Gaps and strategies 3) Right drug – Security controls 4) Right dose – Security/business balance 5) Right time – Staying up to date. Stay healthy, stay safe.

Cloud Storage and Security: Solving Compliance Challenges

Eric Vanderburg

This document discusses challenges and best practices for cloud storage and security. It begins by introducing the panelists and outlining the topics to be discussed, which include realities and pain points of cloud storage, how and where cloud security could be compromised, navigating legal and regulatory compliance, and recommendations for deploying the right cloud storage strategy. Key points made include that sensitive data is often stored in the cloud without visibility, cloud breaches and unauthorized access are concerns, and regulations like GDPR and ISO 27001 provide security standards to consider. The document emphasizes knowing cloud vendors, evaluating costs and benefits, and establishing secure data management practices throughout the data lifecycle.

Hacktivism: Motivations, Tactics and Threats

Eric Vanderburg

This document summarizes a presentation on hacktivism given by Eric Vanderburg. It defines hacktivism as hacking to promote a political, religious, or social ideology. It discusses how technology and anonymity on the internet have enabled hacktivist groups like Anonymous and LulzSec to conduct cyberattacks. Common hacktivist tactics discussed include DDoS attacks, website defacement, negative SEO, doxxing, and information disclosure. The document advises organizations to assess their culture and risks from hacktivism through background checks, social engineering tests, and limiting social media use.

Correct the most common web development security mistakes - Eric Vanderburg

Eric Vanderburg

The document discusses common web development security mistakes and how to correct them. It covers security misconfiguration, unrestricted URL access, unvalidated redirects and forwards, direct object references, insecure storage of sensitive data, and insufficient transport layer protection. Mistakes in these areas can allow attackers to access unauthorized data and functionality. The document provides techniques to protect against these risks, such as verifying system configurations, restricting access by URL and role, validating redirect targets, encrypting sensitive data storage and transmissions, and more.

Deconstructing website attacks - Eric Vanderburg

Eric Vanderburg

The document discusses various types of website attacks such as injection attacks, cross-site scripting, session management attacks, and object reference attacks. It provides details on the nature of each attack, their potential impacts, and techniques for protecting against them. Some key points are that the average breach costs $214 per record and $7.2 million per incident, while the US is increasing cybersecurity funding by 35% to $548 million. Injection attacks can allow access to entire databases or operating systems if not properly protected against with input validation and encoding. Cross-site scripting can steal user data or install malware if raw user input is reflected in outputs. The document recommends output encoding and validating all user input to prevent attacks.

Countering malware threats - Eric Vanderburg

Eric Vanderburg

Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...

Eric Vanderburg

Untangled Conference - November 8, 2014 - Security Awareness

Eric Vanderburg

Physical security primer - JURINNOV - Eric Vanderburg

Eric Vanderburg

This document provides an overview of physical security strategies and controls. It discusses four key strategies: territoriality, natural surveillance, activity support, and access control. Various physical security controls are described, including locks, biometrics, lighting, alarms, closed-circuit television, fences, barriers, patrols, and interior safeguards. The goals of a physical security system are to provide the necessary level of protection through balancing security needs with operational and aesthetic concerns.

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium

Modern Security the way Equifax Should Have

2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...

Ransomware: 2016's Greatest Malware Threat

Emerging Technologies: Japan’s Position

Principles of technology management

Japanese railway technology

Evaluating japanese technological competitiveness

Japanese current and future technology management challenges

Technology management in Japan: Robotics

Incident response table top exercises

The Prescription for Protection - Avoid Treatment Errors To The Malware Problem

Cloud Storage and Security: Solving Compliance Challenges

Hacktivism: Motivations, Tactics and Threats

Correct the most common web development security mistakes - Eric Vanderburg

Deconstructing website attacks - Eric Vanderburg

Countering malware threats - Eric Vanderburg

Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...

Untangled Conference - November 8, 2014 - Security Awareness

Physical security primer - JURINNOV - Eric Vanderburg

Recently uploaded

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Mind map of terminologies used in context of Generative AI

Kumud Singh

Full-RAG: A modern architecture for hyper-personalization

Zilliz

Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.

20240607 QFM018 Elixir Reading List May 2024

Matthew Sinclair

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI

Vladimir Iglovikov, Ph.D.

Presented by Vladimir Iglovikov: - https://www.linkedin.com/in/iglovikov/ - https://x.com/viglovikov - https://www.instagram.com/ternaus/ This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation. Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners. This case study covers various aspects, including: People: The contributors and community that have supported Albumentations. Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions. Challenges: The hurdles in monetizing open-source projects and measuring user engagement. Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration. Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community. Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations. Mental Health: Maintaining balance and not feeling pressured by user demands. Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth. Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects. Explore more about Albumentations and join the community at: GitHub: https://github.com/albumentations-team/albumentations Website: https://albumentations.ai/ LinkedIn: https://www.linkedin.com/company/100504475 Twitter: https://x.com/albumentations

20240605 QFM017 Machine Intelligence Reading List May 2024

Matthew Sinclair

20240609 QFM020 Irresponsible AI Reading List May 2024

Matthew Sinclair

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

SOFTTECHHUB

As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

Large Language Model (LLM) and it’s Geospatial Applications

Rohit Gautam

Data structures and Algorithms in Python.pdf

TIPNGVN2

National Security Agency - NSA mobile device best practices

Quotidiano Piemontese

Recently uploaded (20)

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Securing your Kubernetes cluster_ a step-by-step guide to success !

Mind map of terminologies used in context of Generative AI

Full-RAG: A modern architecture for hyper-personalization

20240607 QFM018 Elixir Reading List May 2024

Climate Impact of Software Testing at Nordic Testing Days

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

Removing Uninteresting Bytes in Software Fuzzing

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI

20240605 QFM017 Machine Intelligence Reading List May 2024

20240609 QFM020 Irresponsible AI Reading List May 2024

Essentials of Automations: The Art of Triggers and Actions in FME

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Large Language Model (LLM) and it’s Geospatial Applications

Data structures and Algorithms in Python.pdf

National Security Agency - NSA mobile device best practices

Mobile Forensics and Cybersecurity

2. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. About Us TCDI founded in 1988 Microsoft Certified Partner since 2003 Services include: ◦ Digital forensics ◦ Cybersecurity ◦ eDiscovery Minority owned enterprise

3. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Over 40 certifications Published author Licensed private investigator 18 years in cybersecurity Specializations include: Risk management Governance and compliance Security strategy GIAC Certified Forensic Examiner AccessData Certified Examiner Licensed private investigator Specializations include: Forensic analysis Forensic investigation Incident response TREVOR TUCKER DIGITAL FORENSIC ANALYST ERIC VANDERBURG VICE PRESIDENT, CYBERSECURITY

5. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Reasons for Phone Collection Theft of Intellectual Property Divorce Wrongful Termination Sexual Harassment Workers Compensation Tracking Location Traffic Incidents Child custody

6. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Who’s Phone is it? Company Issued • Legal rights to phone and contents • Easier to access and analyze • Prevent data loss or destruction Personal (BYOD) • May require subpoena • May lack direct access to phone

9. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. What Can Be Collected Contacts & Call Logs Text Messages / Chats Voice Mails Emails Geo Tags / Location Information Passwords Installed Applications Media (Pictures, Video & Audio) Internet Activity Social Media

16. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Mobile in the Enterprise 93% have mobile devices connecting to their corporate networks 67% allow personal devices to connect to corporate networks 66% say careless employees greater security risk than cybercriminals *Statistics from the checkpoint mobile security survey 93% mobile devices Careless employees Cyber criminals

17. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Mobile risks Loss or Theft • Data breach • Compromised credentials Data Leakage • Mobile phone cameras • Email • Keylogging • Entry point to the enterprise Compromised Device • Malicious app • Jailbroken device • Hijacked authenticator • Camera/mic monitoring

18. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Controlling Mobile Risk Mobile Device Management ◦Remote wipe ◦Updates ◦Application whitelisting Policy ◦BYOD ◦Mobile device ◦Acceptable use

22. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Why Digital Forensics? Reasons to use Digital Forensics ◦ Internal Company Investigations ◦ Alleged criminal activity ◦ IP Theft Investigations ◦ Civil or Regulatory Preservation ◦ Recovery of Accidentally or Intentionally Deleted Data ◦ Deleted is not necessarily deleted ◦ Recovery from Improper shutdowns

23. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Digital Forensics Process Case Assessment & Planning Maintaining Chain of Custody Record Evidence Information Imaging & Data Collection Analysis Exports and Reporting Expert Testimony

24. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Cybersecurity Vulnerability Assessment Vulnerability Scanning Penetration Testing Incident Response Security Management Event Monitoring Malware Protection Security Awareness Training Governance, Risk, & Compliance (GRC) Cybersecurity Assessment CSO on Demand

25. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Cybersecurity Demonstrate security values for stakeholders and customers Validate security controls Meet compliance objectives Protect sensitive corporate and customer data Gain peace of mind

Mobile Forensics and Cybersecurity

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Mobile Forensics and Cybersecurity

Similar to Mobile Forensics and Cybersecurity (20)

More from Eric Vanderburg

More from Eric Vanderburg (20)

Recently uploaded

Recently uploaded (20)

Mobile Forensics and Cybersecurity