Sophos Points Cyber Crime on IMF to RSA Security Breach

A security expert at Sophos has claimed the recent cyber crime that hit security firm RSA may have been linked to the latest attack against the International Monetary Fund (IMF).

Late last week, the IMF admitted to an attack that compromised some of its systems and exposed internal data to unauthorized parties. The inter-governmental group that oversees the global financial system deemed the attack to be serious enough to have prompted the World Bank to cut its computer connection with the IMF.

Dropbox Forensics Tool

Dropbox Reader is a set of Python scripts for forensic investigators. The scripts provide investigators with information about a particular Dropbox user's account and activities, such as the registration e-mail, Dropbox identifier and most recently changed files.

Dropbox Reader was created by Cybermarshal, the computer forensics wing of ATC-NY.

Here's a list and description of the tools from the product website:

Microsoft warns of emerging phone scam

A Microsoft survey that looks at an emerging form of internet security scam costs victims on average $875 (U.S.), it has been revealed.

The scam

The criminals pose as computer security engineers and call their victims at home to tell them they are at risk of a computer security threat.

The unsuspecting victim is told they are being provided with a free security check and add authenticity by claiming to represent legitimate companies (more often than not, Microsoft). They will also use telephone directories to refer to their victims by name.

Two Forensic Cases Solved with Belkasoft Evidence Center Software

Case 1: Unauthorized Money Transfers
Group-IB, a leading commercial investigator in Russia, was approached by a major bank. The bank’s managers detected unauthorized money transfer activities going on in their system. Apparently, the bank’s money transfer system has been exploited from outside. A hard drive image and firewall logs were analyzed in the lab, revealing the computer in question was accessed remotely. In order to discover additional evidence, the lab investigated Web browser logs and user profiles; no suspicious activity was discovered.

Odyssey Research in Ithaca receives $775K grant

he National Institute of Justice has awarded four grants totaling $775,000 to Odyssey Research Associates in Ithaca under the Electronic Crime and Digital Evidence Recovery Program. These funds will enable Odyssey Research to improve the tools and technology needed to retrieve forensic evidence in an accurate, accessible and efficient manner, U.S. Sen. Charles E. Schumer, D-N.Y, announced Monday in a news release.

Simple things lawyers can do, or don’t do, to protect information

Everyone does it. After a long day, you forgot to do one simple thing that could compromise confidential information: You forgot to turn off your office computer! Though it’s common sense, there are a number of things lawyers routinely do or don’t do that could lead to problems down the road, according to computer forensic, legal technology, and information security experts John Simek and attorney Sharon Nelson.
Technology blunders: Simple things lawyers can do, or don’t do, to protect information

Proxy logs helped FBI track and arrest LulzSec member

The logs maintained by, in addition to other evidence, has led to the arrest of another LulzSec member in Arizona, The Tech Herald has learned. Cody Kretsinger, 23, allegedly used the anonymity service during his role in the attack on Sony Pictures.

Subscribe to WestNet - IT Network Security, PCI QSA, Compliance Specialists in Los Angeles RSS