forensics


Mozilla Releases Open Source Masche Forensics Tool

Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event. The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running processes without causing any problems with the machine. […]


Forensic analysis of a number of Flame malware toolkit command-and-control servers revealed an additional three unidentified pieces of malicious code are under the control of the attackers, including one in the wild. Researchers at Kaspersky Lab, Symantec, CERT-Bund/BSI, and the International Telecommunication Union’s Impact Alliance said today they also pinpointed the first work done on the Flame espionage campaign was carried out in 2006, much earlier than the 2010 date development was initially thought to have begun.

Calling it a form of “electronic civil disobedience,” hacktivist group Anonymous took aim at a special agent from the California Department of Justice on Friday. The group spilled 38,000 e-mails containing “computer forensics techniques, investigation protocols as well as highly embarrassing personal information,” according to a press release on Pastebin.

The investor services company told Threatpost that an investigation has determined that data stolen by a rogue employee didn’t contain shareholder data. However, the company still hasn’t retrieved two USB drives containing company email and documents that outline some of Computershare’s closely held business plans.

Microsoft has announced plans to give away free versions of its COFEE (Computer Online Forensic Evidence Extractor) utility to help law enforcement agencies in cyber-crime investigations. COFEE uses digital forensic technologies to help investigators gather evidence of live computer activity at the scene of a crime, regardless of technical expertise.

From The New York Times (John Markoff)

The small cadre of experts who spend their time doing the meticulous, painstaking work of tracing cyber attacks is increasingly relying on a combination of advanced technical tools and old-fashioned intelligence-gathering techniques to track down the people and organizations responsible for the attacks. These investigators for years have been relying almost exclusively on custom software programs to do their work, but the changing nature and increased sophistication of the attacks has forced a change in these tactics.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.