Latest News & Events

24 September 2016

PCI DSS v3.2

With zero day vulnerabilities popping up all the time, it’s been constantly a challenge for small to midsize businesses to catch-up. Whether a business takes payments through credit cards or not, there are regulations and standards that need to be followed. If credit cards are accepted, an external vulnerability scan is one of the requirements by the PCI DSS v3.2 mandated by the Payment Card Security Standard Counsel PCI SSC. It's been a challenge lately for organizations to have a passing vulnerability scan each quarter by an approved scanning vendor. In most cases we have seen either information security team not capable to carry out the daily vulnerability management tasks. In other cases, the business has to deal with deprecation of technology whether it’s migration of SSL v3 to TLS v1.2 or older versions of hashing function such as SHA1. Small to midsize businesses will need to ensure that their InfoSec personnel are knowledgeable in vulnerability management and the PCI ASV program.

18 September 2016

Forensic tool updates

Blacklight 2016 R2 now available

As technology moves as a rapid pace, so do the tools that are available to forensic examiners. Blackbag’s Blacklight specializes in Mac OS X operating systems and has just released 2016 R2. R2 now offers improvements in the extraction of data from Offline Maps as well as Additional Windows Email parsing and analysis, Android 6.0 Marshmallow Support. Visit Blackbag technologies website for more info >

Pokemon Go Data Parsing

Oxygen Forensics has added the extraction of GPS data from the Pokemon Go application. Visit Oxygen Forensics website for more info >

UFED Touch2

Cellebrite has announced the UFED Touch2 which extracts data from mobile devices up to 3 times faster than the UFED Touch. Visit Cellebrite website for more info >

EnCase Forensic 8

Guidance Software released EnCase version 8. After the controversial EnCase version 7 didn’t sit well with forensic examiners, Guidance made great improvements and brought back some of the well-liked features of version 6 while keeping some of the new functionality of version 7. Visit Guidance Software website for more info >

8 September 2016

Whaling

It’s a well-working social engineering scam. It is simple. Employee receives urgent email from CEO to wire funds to a certain account. It looks legitimate, the tone of the email mimics the CEO’s. There is knowledge of the inner workings of the organization. By the time it is discovered, the funds disappear in China. Visit source website for more info >