Published: Thu, 16 Mar 2017 00:17:09 +0000
Last Build Date: Thu, 16 Mar 2017 00:34:53 +0000Copyright: fairuse
Thu, 16 Mar 2017 00:17:09 +0000
HackerNinjaScissors -- With Bret Padres. www.crypsisgroup.com
Today we talk with Lauren Pearce - a member of the IR team and a malware analyst for Los Alamos National Labs. Lauren shares with us her journey to become a malware analyst and talks about the importance of flailing and mentorship.
I have a few free tickets to give out, so let me know if you want free tickets to the 2017 Incident Response Forum on April 4th, 2017, at the Mayflower Hotel in Washington DC.
More info here -> incidentresponseforum.com and use Speak100 for $100 off the ticket price.
Crypsis is hiring talented IR consultants!! Apply on our website: www.crypsisgroup.com
Sat, 04 Feb 2017 08:52:51 +0000
New show in the Feed!
HackerNinjaScissors -- With Bret Padres. www.crypsisgroup.com
New CyberSpeak Podcast reboot in the works. In the mean time check out this new show.
In the inaugural show of HackerNinjaScissors, Bret Padres interviews Robert M Lee.
Robert M. Lee is the CEO and Founder of the critical infrastructure cyber security company Dragos where he has a passion for control system traffic analysis, digital forensics, and threat intelligence research. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode’s Influencers, awarded EnergySec’s Cyber Security Professional of the Year (2015), and inducted into Forbes’ 30 under 30 for Enterprise Technology (2016).
Links mentioned in the show:
Sun, 30 Aug 2015 21:43:31 +0000
CyberSpeak is BACK and we hope to publish a monthly podcast (more if I'm lucky).
This episode on CyberSpeak we briefly discuss possible implications to U.S. forensicators with the release of the Ashley Madison database (hopefully not). We also have a great interview with Yogesh Khatri, an assistant professor at Champlain College and a security researcher about the SRUM or System Resourse Usage Monitor forensic artifact. Website of the week: Has your email been Pwned? Check it out here -> Have I Been Pwned
Mon, 18 Feb 2013 00:13:00 +0000
This episode of CyberSpeak we conduct recon on Mark Spencer and his new Windows registry analysis tool Registry Recon. Mark is the President of Arsenal Consulting. This new registry tool could change the way we analyze the Windows registry. No longer will you be satisfied just looking st the current/active registry.
Sat, 02 Feb 2013 23:48:00 +0000
Happy 2013! I'm back and going to try to start getting some more shows out for you. This show we talk to James Wiebe, Director of Foensic Business Devleopment at WiebeTech about solid state hard drives, his research and the forensic implications. Email me at cyberspeak at gmail dot com if you have some suggestions for future show topics you want to hear.
Tue, 08 May 2012 00:30:00 +0000
This episode we discuss running AV and malware detection software on your forensic workstation and have an interview with Corey Harrell and discuss analyzing Volume Shadow Copies.
Thu, 01 Dec 2011 11:57:00 +0000
This special episode of CyberSpeak is an interview with Ken Privette with NUIX about their new tool release this morning called Proof Finder. They are releasing 1,000 copies for $100 each of this new tool. Go get a copy before they are all gone at www.prooffinder.com. This special limited edition tool is limited to 10G of data. What does 10G of data look like, Nuix says it is an average of 241,165 Emails or 20333 Documents or 7069 Spreadsheets or 25514 Images. It can ingest all major forensic images (E01, DD, etc)
Listen to the show for more details. 100% of all sales go to charity "Room to Read", an organization that works in collaboration with communities and local governments in developing countries to develop literacy skills and a habit of reading among primary school children, and support girls to complete secondary school with the life skills they’ll need to succeed in school and beyond.
ALERT-Download and install on the computer you want it registered to. Initial installation will lock it to that computer.
Mon, 26 Sep 2011 00:36:00 +0000
This week on CyberSpeak I interview Andrew Case, one of the developers of Registry Decoder, a National Institute of Justice sponsored application. Find it at www.registrydecoder.com
Mon, 29 Aug 2011 00:25:50 +0000
This week on CyberSpeak, a quick thanks to everyone for pitching in on the ForensicsWiki - I saw over 100 new entries on everything from Sticky notes, mounting images, jump lists to people's BIOS. Jim Emailed asking who the mystery voice was in out CyberSpeak Sweepers - Karl over from CyberCon Security Solutions said wrote in to say he just ran across this site today and thought it might be a great resource for the listeners. It is not focused on Cyber Security but the concepts are the similar to help prepare for trial. LAW 101: LEGAL GUIDE FOR THE FORENSIC EXPERT. Shout out to Charles. Finally, Loren Wrote in and said during the interview, Keith Jones mentioned preparing for court by asking others for their opinions. Are there any ramifications of bringing others into the case like that?
In the News, Google, The Company with the motto - DO NO EVIL - agreed to forfeit $500 million to the U.S. Government for allowing -- and assisting in many case -- online Canadian pharmacies to place AdWords ads targeting customers in the United States resulting in the unlawful importation of controlled and non-controlled prescription drugs into the United States.
This weeks interview is with Chris Pogue, Mr. Sniper Forensics!
Thanks to Dan Website of the week is Workflowy https://workflowy.com/
Sun, 21 Aug 2011 21:25:44 +0000CYBERSPEAK Notes - Aug 21st, 2011 Administrative I attended a nice Apple Forensic Event this week in Reston VA - Saw a lot of friends and had a good time. Ryan gave a great presentation on Apple forensics. Ryan runs the AppleExaminer.com Paraben's Forensic Innovation Conference PFIC is fast approaching and you know, it's becoming one of the the must attend conference each year for digital forensic and eDiscovery professionals. This year, there are seven pre-conference bootcamps that are included in your conference registration fee of $399.00. You can attend any single bootcamp and then the rest of the conference tracks and labs for this rate. This is all being brought to you by our friends over at the Paraben Corporation (Amber Schroader). You can register by heading over to pfic-conference.com http://www.forensicswiki.org - We all should go check this site out, sign up for an account and start contributing. This is the way we can all give back to the community. Write a How-To or something to give back to the forensic community. Listener Email - Richardo from Navada Concerned about those performing collateral duty of doing digital forensic examinations. Frustrated to read article after article in digital forensic publications that cover the deconstruction of a complicated piece of malware. he would rather have articles that rehashed digital forensic basics and covered free automated/low cost tools that help me do my job efficiently and reliably. News- London Police are using Flicker to allow the public to help identify people involved in the looting following riots in London. http://www.flickr.com/photos/metropolitanpolice/sets/72157627267892973/ http://thenextweb.com/uk/2011/08/09/police-use-flickr-to-identify-london-riot-suspects/ INTERVIEW - Welcome back to the show Drew Fahey, VP of Products at Blackbag Technologies. Web Sites of the Week- http://www.forensicswiki.org http://t.co/vEmtzCA - A guide to FaceBook Security KEEP THE EMAILS COMING to CyberSpeak@gmail.com[...]
Mon, 15 Aug 2011 00:12:00 +0000This week on CyberSpeak, Luby and Jared Save the GMail Planet, Detective Garcia uncovers Fraud on Sesame Street. Congrats to the Secret Service and FBI on a great investigation of a 26 year old Brooklyn man who plead guilty in U.S. District Court in Alexandria, VA for his role in managing a credit card fraud operation that operated throughout the East Coast of the United States. California Prosecutors will not file charges against Gizmodo for its purchase of an iPhone 4 prototype (boo). Interview this week is Keith Jones, Co-Owner and Senior Partner at Jones Dykstra and Associates Inc., about the do's and don'ts of testifying. Tech topic, MoonSol's Dumpit released for FREE. Perfect for imaging RAM on 32 or 64 bit Windows System. It just does not get any easier than this-Check it out. Web pick of the week is http://Infosecupdate.com. KEEP THE EMAILS COMING! [...]
Mon, 08 Aug 2011 10:23:56 +0000
Chris Hanesn caught cheating...on his mistress Launch of the CDFS www.cdfs.org, DFirst starts this week and more.
Mon, 18 Jul 2011 03:54:00 +0000
A quick show with George Starcher discussing his experience with password cracking using Access Data’s DNA and Amazon’s Elastic Compute Cloud. Check out his video tutorials at https://www.georgestarcher.com/?tag=amazon-ec2. We also discussed his Crowbar tool, https://www.georgestarcher.com/?page_id=256,
Sun, 26 Jun 2011 22:59:00 +0000
This week on CyberSpeak, a listener alerted me to my faux pas with the names on the Casey Anthony case, the two that testified about computer forensics were Sandy and Kevin (not Steve) and of all things, I called the Bresident of Access Data Brian Carrier instead of Brian Karney. Sorry guys!
This weeks interview of Josh Goldfoot, an attorney and author of the recent paper titled ”The Physical Computer and the Fourth Amendment” published in the Berkley Journal of Criminal Law. This paper discusses how the forth amendment applies to computer forensics and how we may be hurting ourselves by using certain words and explanations.
Web site of the week is a neat little web browsing and twitter application called A+ that give you your feeds on the left and browser on the right. Click on any twitter message the web page they linked to shoes up in your browser window automatically. Check it out at http://www.aplus-app.com
Sun, 19 Jun 2011 21:42:00 +0000This week (OK, this quarter) on CyberSpeak, FTK 4 coming out using Postgres database rather than Oracle. During listener email we discuss if special language is needed for search warrants when collecting volatile data, imaging RAM or conducting on scene triage. Imaging SSD drives using the WinFE boot disk solution ( http://winfe.wordpress.com) and a shout out to Sandy and Steve for their great testimony in the Casey Anthony trial. Check it out at on Day 24 segment 4-6. In the news, A computer repairman was arrested for allegedly planting spyware on dozens of computers he fixed and remotely taking hundreds of photos of women in their homes partially clothed or naked. If you see the message "You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor." DONT take your laptop into the shower. Check it out at http://latimesblogs.latimes.com/lanow/2011/06/computer-repairman-arrested-for-allegedly-taking-hundreds-of-nude-pictures-of-women-remotely.html I got fooled into readng an article because of a Miss-leading article about Seals using forensic tools on Osama Bin Ladin's compters. http://www.1105newsletters.com/t.do?id=7979845:3405472 Interview this week is with Mike and Mike about Carbon Black. An absolutly MUST read article "The Physical Computer and the Fourth Amendment" by Josh Goldfoot. Awesome document that is Brilliantly referenced. It is a long read but a MUST read. We will discuss next week. Read up before next podcast (who thought you would get Home Work from CyberSpeak?). Website of the week: Steve Gibson’s password checker – how long would it take to crack your password and the best HTML5 webpage I have seen. Check out this personalized music video staring any address you tell it to. http://TheWildernessDowntown.com I will be teaching another SANS 408 Forensics-Windows in Depth VLIVE course starting Tuesday August 23rd (Every Tuesday and Thursday Night for 3 hours a night) DONT FORGET TO USE OUR DISCOUNT CODE OF COINS-OC for 10% off. But wait, sign up before this week, before June 22, you can get a 16 gig iPad2. The codes are 0526_iPad2BLK (for a black iPad) or 0526_iPad2WHT (for white) [...]
Tue, 05 Apr 2011 21:54:00 +0000
Interview with Scott Moulton, leading forensic authority on Solid State Drive Forensics
Sun, 16 Jan 2011 15:16:00 +0000FREE 16Gig IPADs for everyone!!! Have I got a deal for you. Have you experienced a feeling of inadequacy? Feel like you're not in the "In Crowd"? When sitting at a Starbucks, on the metro or just lounging around the house, do you feel like you could be so much more productive but something's missing. Don't despair, SANS is coming to the rescue. That's right, book your SANS 408, 414, 560 Class or ANY 4-5-or 6 Day course offered via ONDEMAND now through February 2, and receive a FREE 16GB WiFi enabled iPad(TM). I am teaching SANS FOR408: Computer Forensic Essentials vLive! course starts March 1 and meets Tue/Thu evenings http://www.sans.org/info/66203. So what do you call yourself? A computer/Digital Evidence forensic technician A computer/Digital Evidence forensic examiner A computer/Digital Evidence forensic analyst A computer/Digital Evidence forensic expert We need to define these terms. Paraben has released a new version of P2 Commander. Version 1.7 now supports Mac file format as well as vmWare and VirtualPC images. Users will notice an increase in the speed of processing evidence in v1.7. visit www.paraben.com Mark Wade is a Digital Forensic Analyst with Harris Corporation (Crucial Security Programs), performing digital forensics for a Federal Law Enforcement agency as a government contractor. permits law enforcement officers, approximately 90 minutes after lawfully arresting a suspect and transporting him to a detention facility, to conduct a warrantless search of the text message folder of a cell phone they take from his person after the arrest. http://www.courtinfo.ca.gov/opinions/documents/S166600.PDF Web site of the week is www.passpack.com - Free Online password manager for groups [...]
Tue, 16 Nov 2010 04:04:00 +0000
Last show for two weeks. I'm traveling to Bangkok and Singapore. See you in 2 weeks. Send me Email.
Sun, 07 Nov 2010 18:25:00 +0000
This week we have interview with Kristinn Gudjonsson, developer of Log2TimeLine. Kristinn gives us an update on what is on the road ahead for Log2TimeLine. In Listener Email Joe from Northeast Wisconsin Technical College wrote in to say that blanking the password or even cracking the password is possible without the LiveView LE version. Luby Wrote in to tell how much he enjoyed SANS 508 and learning about SuperTimelines. Luby also explains how open wireless access points can eliminate the threat of Firesheep. We also give Luby a “special ringtone” for his wife’s phone. In News we talk about an iPhone bug and an vulnerability to PayPal’s app that could cost you money. In Legal News, 2 cases send criminals to jail. Tech Topics cover Windows LNK files and the Web Site of the Week is a Qwiki
Sun, 31 Oct 2010 23:19:00 +0000
This week on CyberSpeak we have listener email, an interview with Raphael Bousquet, CTO and Co-Founder of ADF Solutions , Web site of the week is a real productivity app called Rescuetime. P.S. Sorry for the slight audio problem, I accidentally turned up my gain knob on my mixer. George did his usual magic to fix it. One, last thing, Rob lee and SANS provided a 50% discount code for LOCAL LAW ENFORCEMENT ONLY, good on any SANS training class. Listen to the show for the code....and no, they do verify so ONLY Local LE can use it.
Sun, 24 Oct 2010 21:37:00 +0000
This week on CyberSpeak, I discuss the leak of another 400,000 classified military documents by Wikileaks. I also discuss listener email where we have comments about Mount Image Pro's Virtual Forensic Computer (VCF) and what it does that FTK Imager and Live View do not do. This weeks interview is with Sean Morrisey, the Managing Director of Katana Forensics, maker of the iPhone Forensic Software called Katana. Also discuss Katana's new Hammerhead program to monitor blackberry phones. Also, this week I briefly discuss the forensic implications of the new Mac Book Airs. I also talk about Eddie Sheehy's article on DFI News web site titled 5 Ways to Increase Efficiency of Digital Forensics . I also give out a 50% discount code to SANS training classes. My web pick of the week is Team Viewer. This is a web site that will help you control computers across the network when you are helping friends or giving presentations.
Sun, 17 Oct 2010 09:30:27 +0000
Hey Gang, we are back. Thank you for your patience. Bret and I have both been traveling so much and been so busy but we are back and it feels good. Now, fire up those email clients and send us emails about what you want to hear about, who you want interviewed and what technology you want to know more about. We live off YOUR emails so what are you waiting for.
This week, I discuss Access Data's two new products. Web sites of the week include www.pipl.com and www.peekyou.com. Check them out if you are looking for info on someone.
Sun, 23 May 2010 09:00:00 +0000PURCHASERS OF THE CYBERSPEAK IPHONE APP - CHECK OUT THE EXTRAS BUTTON FOR SPECIAL BONUS CONTENT THIS WEEK!!! LET ME KNOW WHAT YOU THINK.
Mon, 19 Apr 2010 01:26:00 +0000In this weeks show we have an interview with NICK FERNEAU, developer of Skypx, a free utility that recovers Skype artifacts from RAM images, a discussion about the possibility of a surgical imaging rather than whole disk imaging, British spies have reportedly discovered FEMALE suicide bombers are being fitted with exploding breast implants and Reintoxication. Web Sites of the week have an email tracking theme with www.readnotify.com; www.bigstring.com; www.spypig.com and www.spokeo.com
Sun, 04 Apr 2010 15:46:00 +0000Listener Email - Thanks to all for the great feedback on the Internet Predator Tracker interview. Also, Timothy, who clearly does not know us because he started his email "Hello GENTLEMEN". Just kidding, keep the emails coming.News and CommentaryAaron sent us an interesting link to an article from the Times Argus discussing forensics and the backlog.Bret and I discuss a really interesting ruling from the Canadian courts on computer forensics. This is a long read but some very interesting reading. Check it out here.Exclusive InterviewToday we have an interview with Kristtinn G who works for a company called Skigner in ICELAND and in Kristinn in collaboration with Rob Lee, or friend from SANS and former OSI colleague created a wonderful new tool called Log2Timeline. You don't want to miss that interview because if you are not using Log2Timeline you are missing the boat in forensic analysis of Windows based systems. Legal NewsWell, look above about the Canadian Court Ruling on computer forensics. We think that is enough legal today.Website of the WeekOvie recommends taking a look at the new Microsoft MESH (https://www.mesh.com) to help sync all your files across all operating systems ANDOvie took the no texting while driving Oprah Pledge and challenges YOU ALL to take it too. Check it out here and save a life. Bret recommends this website to test your browser performance.[...]
Mon, 22 Mar 2010 18:36:00 +0000Ovie's SANS Forensic 408 class is coming up in Nashville, TN on May 3-7. If you're staying at the Marriott be sure you use the CyberSpeak Discount, COINS-OC.
Thu, 04 Mar 2010 07:19:00 +0000- Bret talks about his new toys
Mon, 22 Feb 2010 06:24:58 +0000- Check out our iPhone App on the Apple App Store.
Sun, 07 Feb 2010 17:24:00 +0000Listener Email
Sun, 31 Jan 2010 17:52:00 +0000DoD CyberCrime Conference was last week in St Louis MO and was their biggest event ever with over 1100 attendees, 175 presentations and 15 simultaneous tracks. Check out the SANS website (http://www.sans.org/) for the SANS 2010 Orlando coming up March 6-15.
Sun, 24 Jan 2010 12:57:00 +0000This week on CyberSpeak, Bret or Ovie are both regretful that they are not going to the DoD CyberCrime Conference. CyberSpeak is not on STITCHER. Now you can listen to the latest show, on demand from your cell phone. You can also go directly there by going to this link http://stitcher.com/listen.php?fid=11119 Bret and Ovie briefly discuss Apple's big announcement, everyone is thinking it is the ipad/slate. Bret says he don not know exactly what it is but he is getting one....with his wife's permission.
Sun, 17 Jan 2010 18:48:00 +0000Listener Email
Sat, 02 Jan 2010 20:02:00 +0000Thanks for all the Decaf feedback
Sun, 20 Dec 2009 16:25:00 +0000Listener Email
Thu, 17 Dec 2009 18:04:00 +0000Full interview of Developer of Decaf
Sun, 13 Dec 2009 14:04:00 +0000Only 9 shopping days until Christmas!!. In today's show Ovie lets slip details from his latest incident response job, Bret interviews Simson Garfinkel, and lots of great forensics talk. And at the end, Ovie tells you how you can save your marriage! Website of the Week Ovie: http://www.familylife.com - Check out great holiday romance ideas Bret: Check out the Digital Forensics wave on Google Wave, search for "with:public forensics"
Sun, 06 Dec 2009 14:53:00 +0000Show Notes for December 6th 2009, we have a great show for you today. Today we have an interview with Brian Karney the COO of AccessData. Brian talks with us about FTK 3.0 and support for Helix.
Tue, 01 Dec 2009 14:08:00 +0000CYBERSPEAK Notes - November 29, 2009 This week in Listener Email, we talk about an alternative way our friends in DOD can listen to the show - Just call (510) 495-6339 and you will hear the latest podcast over the phone. Twitter as a life line for information during Ft Hood shooting, more on Internet connected jury members and online recon when choosing juries. In the news we discuss Virus planting porn and there is nothing wrong with working with defense. This weeks Interview with Drew Fahey - formerly from e-Fense, maker of Helix, now with BLACKBOX. **************Web Sites of the Week: Ovie: http://sixminutes.dlugan.com - A great public speaking website Bret: www.lala.com - listen to any song full length...one time Â
Mon, 23 Nov 2009 15:22:00 +0000Show Notes Here Soon..
Sun, 15 Nov 2009 02:00:00 +0000Welcome to CyberSpeak, your computer forensics, computer security, and computer crime podcast. I am Ovie Carroll, and I am Bret Padres, today is November 14st 2009, and we have a great show for you today. We have a short show for you this week. Ovie's on vacation but we are trying not to miss another week so we thought we would bring you a shorter show rather than missing a week.
Sun, 08 Nov 2009 13:47:00 +0000
Today on Cyberspeak we have an interview with Matt Shannon from f-Response about the new, soon to be released Tactical edition of f-Response. Ovieâs on Google Wave - but no one else is. Listeners email, Windows 7 sold over 200% more in first week of sales than Vista. Sofoâs lab says you still need to run anti-virus on Windows 7. Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that "The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3." Firefox 3.6 Beta (for Mac Win & Lin) is out for those who like living on the edge and for those forensic examiners that like testing new versions to identify . Forensic Evidence Secures Death Penalty-Gang Members use Social Networking Too. IC3 reports increase in compromise of user's online banking credentials target commercial bank accounts
The Personal Data Privacy and Security Act was approved by the Senate Judiciary Committee by a vote of 15-5 The bill would required notifications of not just individuals affected by a data breach, but also, in some cases, credit reporting agencies and the U.S. Secret Service (not FBI). It would establish a new Office of Federal Identity Protection within the FTC. Let's get ready to Rumble earns 400 million in IP revenue.
Web Sites of the Week:
Sun, 01 Nov 2009 17:16:00 +0000Today Ovie and Bret talk about SANS What Works in Incident Detection, SSD Drives, Data Breach Notification Laws, Rob Lee in Computer World, Tips for the Courtroom, Interview of Joseph Mykytyn from Sky Catcher Solutions, and Linux Boot Disk Forensics Research. Web Sites of the Week: http://www.zdziarski.com/projects/amberalert/ http://ceevee.com/ http://www.bing-vs-google.com/
Sun, 25 Oct 2009 12:35:00 +0000We're BAAAACCCKKK! After a summer hiatus we are back in the studio again. Catch up on what we have been doing while we were gone, why Bret did this podcast in the nude, how Bret used F-Response to boot a LiveView image across the network, FTK 3.0, some iPhone apps, and web sites of the week. We missed you and glad to be back. Send us email at cyberspeak at gmail dot com. SPECIAL THANKS to George Starcher for doing our audio!!!
Mon, 07 Sep 2009 19:06:00 +0000Our live show from SANS What works in Incident Response and Forensics 2009 if here!!! Lost in a freak Snow Leopard accident involving several rolls of duct tape and a back of Frito's - it has be resurrected! Audio quality still sketchy but it is here.
Fri, 03 Jul 2009 15:19:00 +0000BACK!!!
Sun, 26 Apr 2009 06:29:00 +0000
This week on CyberSpeak,
Autographed Washington Wizards Basketball for sale to support charity
Samaritans Feet, www.samaritansfeet.org, SANS Forensic Summit Discount
CodeCYBERSPEAK10, new EnScripts at 42LLC http://42llc.net/index.php?option=com_myblog&Itemid=39, Digital Forensic Challenge www.dfrws.org, discussions about the 2009 Cyber Security Act, Philly RCFL gets ASCLAD, Ft Smith Police Dept overwhelmed with Child Porn cases, Ikena's new video forensics software http://www.matek.co.uk/#/ikena/4532507196, and web picks are:
http://www.google.com/insights/search/#http://www.msisac.org/dashboard/Show Notes... Hey Ovie... Show notes got wasted fixing the feed.. I think they were messing it up somehow... Good news.. Feed Fixed... Bad news... Notes are gone.. :(
Sun, 22 Mar 2009 18:11:00 +0000Welcome to CyberSpeak, your computer forensics, computer security, and computer crime podcast. I am Ovie Carroll, and I am Bret Padres, today is March 22, 2009
Sun, 15 Mar 2009 14:34:00 +0000Show notes for March 15, 2009
Mon, 02 Mar 2009 05:36:00 +0000
Welcome back to CyberSpeak. Bret and Ovie are back in the country. This show we have an interview with the developers of Highlighter, a new log analysis tool, Jed Mitten - Senior Consultant and Jason Luttgens - Principal Consultant from Mandiant. Check out this free tool at www.mandiant.com/software/highlighter.htm. Also, check out the Mandiant blog for some other tools. In listener email we discuss U3 thumb drives and encryption and schools doing data recovery without a private investigatorÃs license. Helix pro is being released and the Polytechnic University in Brooklyn has discovered a digital fingerprint that will allow you to tie a digital image to a specific made and model of camera. Web picks are www.tineye.com and www.spokeo.com .
Wed, 31 Dec 2008 20:00:00 +0000Show notes for January 4, 2009
Sat, 27 Dec 2008 15:52:00 +0000This is a reposting of the Dec 21, 2008 show to fix the audio levels. Many thanks to George Starcher!!! Ovie goofed up the levels.
Sat, 15 Nov 2008 16:06:00 +0000"Dude, where's my Podcast?!"
Sat, 25 Oct 2008 11:38:00 +0000This week Ovie and Bret talk about the SANS What Works in Forensics and Incident Response Summit. We also cover memory imaging with MDD and Volatility. Website of the week 123people.com.
Sun, 28 Sep 2008 19:25:00 +0000
Today, Kevin Mandia is on the show talking about the State of the Incident Response, CyberSpeak Listeners get big discount to SANS Forensic Summit (CODE: Cyberspeak10), Ovie and Bret discuss listener email, PC Magazine's Cybercrime hall of fame hackers, Shawn Henry gets a promotion as the new FBI AD Cyber-Division and legalalities of boarder searches. Web site picks of the week are http://vajachoice.com/index1.html and http://privnote.com
Sun, 07 Sep 2008 07:49:00 +0000This week, Bret and Ovie talk with Jesse Kornblum about...Fun tricks with computer memory. In listener email we hear about a 2 year old April Fools joke that is still fooling people, we discuss how a Texas law requiring private investigator licenses could be putting geek squad and other innocent people in violation of the law. Help is on the way as FBI opens a new RCFL in Houston. In tech topics we discuss an information leakage paper on TrueCrypt. Keep those emails coming at cyberspeak *at* gmail.com.
Sat, 02 Aug 2008 21:36:00 +0000Today Ovie and Bret clean out the mail bag! We talk about free forensic tools, the stimulus check, Gadget Track, bypassing the BIOS, imaging RAM and www.getmooh.com.
Sat, 19 Jul 2008 13:03:00 +0000Bret and Ovie are back! (Yeah, Bret and Ovie - Not Ovie and Bret) :) Today they talk about low cost forensic imaging, hacking the London Tube, American Boat Co v. Unknown Sunken Barget I & II, modify your Macbook Air DVD drive, the Eye-Fi card, Gadget Track, Tripit, and Glassdoor.
Sun, 29 Jun 2008 16:54:00 +0000
week we discuss Brets new Kendle, Ovieâs new neat receipts and givce a
secret to listen to podcasts twice as fast as before. The episode focused on forensic news and legal decisions of interest, specifically a APC pirate being convicted, a study that reports 68 percent of all internet-based malware was now being hosted on legitimate sites, Bot-herder Greg King is found guilty on two counts for launching a DDOS against Castel Cops, and Perdue offering Mac Forensics training for 100 law enforcement. In legal news, we discuss Reasonable expectation of privacy and an allegation a warrant did not have probable cause for a computer search. Web sites of the week included www.zinio.com and http://fedorahosted.org/liveusb-creator.
Fri, 20 Jun 2008 03:43:00 +0000This is a repost to fix bad audio file.
Happy Fathers Day! This week we discuss Brets new Kendle, Ovieâs new neat receipts and givce a secret to listen to podcasts twice as fast as before. The episode focused on forensic news and legal decisions of interest, specifically a APC pirate being convicted, a study that reports 68 percent of all internet-based malware was now being hosted on legitimate sites, Bot-herder Greg King is found guilty on two counts for launching a DDOS against Castel Cops, and Perdue offering Mac Forensics training for 100 law enforcement. In legal news, we discuss Reasonable expectation of privacy and an allegation a warrant did not have probable cause for a computer search. Web sites of the week included www.zinio.com and http://fedorahosted.org/liveusb-creator.
Sun, 01 Jun 2008 16:25:00 +0000
Memorial Day Posdcast and interview tih Mark McKinnon from Red Wolf Computer Forensics about his CSC Parser. It can be downloaded from here http://redwolfcomputerforensics.com/downloads/CSC_Parser.zip . Also check out his blog at http://cfed-ttf.blogspot.com
Mon, 12 May 2008 10:42:00 +0000This week, Bret and Ovie interview Al Lewis from Subrosasoft http://www.macforensicslab.com about the Mac Lockpick. We discuss the new Mac lockpick that can be preconfigured to collect volatile data on Windows, Mac and Linux System. This is the first cross platform utility we have seen. Web sites of the week include www.flyclear.com - use refer a friend code: DSCAM1127098
Sun, 27 Apr 2008 16:57:00 +0000
This week, Ovie's back from SANS, Bret's on his way back to Kuwait. This week Ovie and Bret answer some great listener email. Imaging an Apple XRaid, Google getting into the game of image recognition to help identify people exploiting children, Andrew sent in a website with a great collection of file signatures, and Web Sites of the week are Netflix Thief Caught in the Act and http://www.southparkstudios.com/ and Windows Live Mesh
Sun, 13 Apr 2008 14:42:00 +0000Bret and Ovie discuss Didier's email and the possibility of web browser prefetching links in an FBI sting operation. Michael helps clarify the OLD phpBB vulnerability, the UK's founding forensic father escapes a jail sentence for fraud and Kerry sent in a list of hundreds of forensic PDF files and makes sure we knew about Quickview Plus (we also suggest Thumbs plus for reviewing large number of graphics). Symantec Corporation released their comprehensive security report on the malware industry and Microsoft turns out to be the Best at patching vulnerabilities the quickest. The full report is available here. Bret and Ovie discuss Skype and the technical data points of interest when conducting forensics. Web sites of the week include Teleflip and Twitter as we are now trying to tweetâ.erâtwitter. Follow Bret and Ovie.
Tue, 01 Apr 2008 21:50:00 +0000Bret and Ovie discuss a listeners question about a sting operation to lure people wanting to look at child porn to click on a fake web link and get busted for âattempted possession of child pornâ?. What do you think? Fair or Unfair? We think it is NOT entrapment but could be too close to the line. Itâs Miller Time after hacking an Apple in 2 minutes and Vista proves more secure than apple in CanSecWest. The government can now wiretap for a week before submitting a request to wiretap suspected terrorist. The King of Spam gets 26 years in jail. A new vulnerability affecting PHPbb sites, 30 months in prison for spoofing telephone numbers and placing phony emergency calls to manipulate police SWAT teams, Websites of the week include Stuff White People Like, and A special tech tip - append â&fmt=6â? (NO QUOTES) to the URL of your You Tube Video for better resolution.
Tue, 01 Apr 2008 17:50:00 +0000Bret and Ovie discuss a listeners question about a sting operation to lure people wanting to look at child porn to click on a fake web link and get busted for âattempted possession of child pornâ?. What do you think? Fair or Unfair? We think it is NOT entrapment but could be too close to the line. Itâs Miller Time after hacking an Apple in 2 minutes and Vista proves more secure than apple in CanSecWest. The government can now wiretap for a week before submitting a request to wiretap suspected terrorist. The King of Spam gets 26 years in jail. A new vulnerability affecting PHPbb sites, 30 months in prison for spoofing telephone numbers and placing phony emergency calls to manipulate police SWAT teams, Websites of the week include Stuff White People Like, and A special tech tip - append â&fmt=6â? (NO QUOTES) to the URL of your You Tube Video for better resolution.
Mon, 24 Mar 2008 16:21:00 +0000This week Ovie talks about Samaritans Feet in South East DC, calendar syncing problems, Plaxo suggested by two listeners. A programming mistake leads to a G-Archiver reveationâand 1700 other peopleâs passwords. Ovie and Bret discuss WiebeTechâs fantastic new forensic combo dock. Web site of the week is Programmers Notepad
Mon, 10 Mar 2008 09:50:00 +0000Today Bret and Ovie talk with Dr. Simson Garfinkel about the Advanced Forensic Format (AFF). We also cover listener feedback and a Judge raps forensic expert for delaying child-porn cases. LINKS: www.afflib.org www.alberteinstein.info/ google.com/calendar We apologize for some of the audio quality during the interview with Dr. Garfinkel. Thanks again for listening!!! Spread the word!
Mon, 18 Feb 2008 16:52:00 +0000Show notes soon
Sun, 10 Feb 2008 14:43:00 +0000
This week on Cyberspeak, Ovieâs Invisible Shield came in for his blackberry and he loves it. We discuss US v Boucher and the Fifth Amendment protection not to be compelled to disclose passwords. For some great reading on the issue, check out Susan Brennerâs blog post. Department of Defense considers cutting off all non-official Internet access. We discuss whole disk encryption and new advertised features in True Crypt V5. We discuss Nuix, a new forensic utility with special application for analysis of emails. Do you encrypt you forensic images before transport? Ovieâs Web site pick of the week is http://www.bureauofcommunication.com/compose/apology and Bretâs is Hackers Diet.
Tue, 15 Jan 2008 15:50:00 +0000Happy New Year...Today Bret and Ovie talk about 2008 Predictions. We also talk about Bret breaking his IPhone, Black Hat DC, Mac World 2008, security vulnerabilities in the new Boeing 787, Bill Gates retirement video, www.cybercrime.gov, very quick way to wipe a hard drive with badblocks, private investigator story in the news again, search of computer in tax fraud investigation was ruled valid, Alienware 30 inch curved monitor, and Ovie saves the world with invisibleshield.
Fri, 21 Dec 2007 15:35:00 +0000
Elitist iPhone news, Drive Eraser and Drive Eraser PRO, Florida State Troopers need your help, SANS Top-20 2007 Security Risks (2007 Annual Update), Trojan infected hard drives phoning home to China, One Laptop per Child Extended, Web Picks: http://Everyscape.com and http://elfyourself.com. Merry Christmas!!
Sun, 11 Nov 2007 21:00:00 +0000
This week we show you how you can donate a laptop to a child in an under privileged country and get 12 months free -Mobile WiFi hotspot access, apple will not take your cash, apple is so secure they are turning off their firewall and the CEO of IronKey talks about the security features of their IronKey thumb drive. Web pick of the week is Display Fusion.
Sun, 14 Oct 2007 19:10:00 +0000
This week on CyberSpeak we discuss the Techno Forensics Conference Oct 29-31, Guidance Softwareâs policy on replacing dongles, Vista Recycle bin forensics, ways to securely wipe unallocated or free space, and the first class action law suit against Apples for bricking the iPhone. This weeks tech segment is all about Windows Mail, Vistaâs replacement to Outlook Express. Bretâs web picks of the week are a great list of security tools, an iPod toilet roll holder and a cool Rube Goldberg Machine. Ovieâs web site of the week gives you a way to listen to the latest CyberSpeak podcast without an Internet connection. Just call (214) 283-8997 and you can listen from anywhere.
Tue, 02 Oct 2007 17:39:00 +0000
This week apple deals another blow to their sorry customers, Bret still loves Steve Jobs, Kevin Manson donates a laptop and Jushu Technology, a Chinese company loses their mind and offers a convicted virus writer a job. A listener sends an email link to an article about Apple feeling bad about ripping off their customers and offers a $7000 rebate for Lisa customers. Ovie and Bret discuss forensics issues about the Vista Recycle Bin. Web sites of the week include a link to the Department of Justice Computer Forensic Methodology Flow Chart, a US Sentencing calculator web site and an iPhone hacking web site.
Sun, 23 Sep 2007 18:56:00 +0000We are back!!! Thanks to all that wrote in concerned about our wellbeing. Todays show we discuss listener email, ABC News report on how Dateline NBCâs âTo Catch a Predatorâ? is making it difficult for law enforcement to prosecute child predators because they are using illegal techniques to initiate sexual talk with predators. Iam wants us to start an IRC chat channel, Andre started a Google Computer Crime web page. In the News, Forensics Expert Shows Cell Phone Evidence in Rape Case, Bret is quoted in Federal Computer Weekly article, Ovie and Bret discuss the recent news coverage on police use of stun guns. Didier Stevens released his new version 2.3.0 of his UserAssist tool. We discuss WiebeTechâs new âHot Plugâ? device that allows investigators to seize and transport a running computer without having to shut it down. Also discuss is WiebeTechâs new RTX 400 and 600 portable storage devices. Bretâs web sites of the week was an iPhone site, http://ibypass.net/ and 35 absolutely essential Mac applications and Ovieâs pick was a web site that analyzes EULAâs. KEEP THOSE EMAILS COMING TO CyberSpeak at Gmail dot Com.[...]
Sun, 23 Sep 2007 14:56:00 +0000We are back!!! Thanks to all that wrote in concerned about our wellbeing. Todays show we discuss listener email, ABC News report on how Dateline NBCâs âTo Catch a Predatorâ? is making it difficult for law enforcement to prosecute child predators because they are using illegal techniques to initiate sexual talk with predators. Iam wants us to start an IRC chat channel, Andre started a Google Computer Crime web page. In the News, Forensics Expert Shows Cell Phone Evidence in Rape Case, Bret is quoted in Federal Computer Weekly article, Ovie and Bret discuss the recent news coverage on police use of stun guns. Didier Stevens released his new version 2.3.0 of his UserAssist tool. We discuss WiebeTechâs new âHot Plugâ? device that allows investigators to seize and transport a running computer without having to shut it down. Also discuss is WiebeTechâs new RTX 400 and 600 portable storage devices. Bretâs web sites of the week was an iPhone site, http://ibypass.net/ and 35 absolutely essential Mac applications and Ovieâs pick was a web site that analyzes EULAâs. KEEP THOSE EMAILS COMING TO CyberSpeak at Gmail dot Com.[...]
Sun, 16 Sep 2007 08:15:00 +0000The DEFCON SHOW!! Wow... Bet you didn't think it was ever going to happen... Its here... Thanks Geoff for getting this out... I am posting this from my hotel room in Texas.. Thanks again to everyone for hanging in there... Bret
Mon, 30 Jul 2007 16:54:00 +0000Show notes will follow. We are off to Defcon!!
Sun, 22 Jul 2007 16:33:00 +0000Today Ovie talks with Didier Stevens about is UserAssist registry parser. Also, Bret and Ovie talk about the IPHONE! In addition they talk about Deep Freeze, Vista Forensics, HogFly's blog forensic blog, NAMBLA convention, The Unofficial Apple Webblog, shadowserver.org, myfirstmac.com, energyfiend.com, and streetviewR.com.
Fri, 13 Jul 2007 18:54:00 +0000Finally...it's here...the July 1st show!!!
Mon, 25 Jun 2007 17:34:00 +0000
This weeks show Bret and Ovie discuss the Pentagonâs Confirmation of Hacked Email System , an e-mail scam that includes a Hit-Man Threat, and Microsoftâs new Groove collaboration application. Ovie test and reports the forensic results of surfing the web with Safariâs Private Browser and answer a question from the episode 72 of the Paul Dot Com show.
Ovies web sites of the week - Instant Domain Search and
Graffiti and Bretâs pick was http://www.plinko.net/404/links.asp?type=cat&key=16
Sun, 17 Jun 2007 14:51:00 +0000In todayâs show, Ovie and Bret discuss listener email, discuss hard drive write blocks and imaging devices, sleuthkit V2.09 is out, Safari for Windows is but you better patch quickly, In the news, the first spammer sentenced under CAN-SPAM act, VA budgets 20 million for credit protection for its victims, Secret Service agent spins a tale but surveillance video unravels her story, and Japanese police learn a lesson in security. The Slurper aggregates 6 unsecure WiFi access points and web sites of the week: Drobo robotic storage, Cheapest Gas, and Vehicle crash test site.[...]
Tue, 12 Jun 2007 01:42:00 +0000Listener email, an interview with Paul Ohm, Associate Professor, University of Colorado Law School about his friends of the court brief. New cell phone forensics document released and web sites of the week, www.1-click.jp, Wii have a problem, securityanalogies, and Google Street View
Tue, 05 Jun 2007 16:01:00 +0000Today Ovie and Bret talk about listener email. They talk about portable monster power strip, freenigma GPG for webmail, sandboxie, VFC for booting from encase files, radiation proof underwear, wiping data, network visualization tool Eve, Mac forensics class at phoenixdatagroup.com, upside down and fuzy neighbor wireless Internet access, tubesnow, fuelcostcalculator.com, and key-port.com.
Sun, 20 May 2007 22:36:00 +0000In todays show Bret talks about selling his Vette on CraigsList. Ovie wins the lottery (ok he didn't). We get some great listener analogies. Ovie and Bret bust the hard drive wiping myth. New Vista attacks, man could get 10 years for lying about background, Cybersleuth named best of 2007, one in 10 web pages have malicious code, visual periodic table, and TouchGraph.
Sun, 13 May 2007 17:18:00 +0000Today we have an interview of Russell Yawn,Chief Investigator, Office of Prosecutorial Services for the State of Alabama and panel mamber for the National Computer Forensics Institute. Also, check out Mount image Pro's new Virtual Forensic Computer that gives you the ability to virtually boot EnCase, DD, and Smart images. Sorry for any hissing sound on Ovie's side, we are exchanging a defective mixer
Sun, 29 Apr 2007 16:51:00 +0000Man!!!Busy week...Show notes may not make it...But at least the show got posted!!!
Sun, 22 Apr 2007 05:22:00 +0000Bret and Ovie talk to Jesse Kornblum, Pricipal Computer Forensic Engineer, ManTech International, about Forensicswiki.org. Ovie talks about analogies (tastes like butter.) Listener email. If you have a question for Kevin Mitnick send it to cyberspeak.gmail.com. Bret and Ovie talk about Vmware differences, Vmware Ace, Virb.com, get your freedns here, and create timelines with timelines.
Sun, 15 Apr 2007 13:28:00 +0000
Ovie is in the dog house, Bret lets listeners off on the April Fools Joke -- Forensicator Pro --Gotcha!!! Vonage gets a reprieve and can still recruit customers, federal appeals court rules no reasonable expectation of privacy on personal computer at work. Be nice to your sister and don't offer her up for sexual favors on craigslist. Tell it to the Bank says UK Fraud Act which requires victims to stop reporting online fraud to police. Interview with Jim Christy, Defense Cyber Crime Center Director of Futures Exploration and Bret talked about an investigation solved by tracking down the USB drive. web site picks: Trace from www.x-ways.com . Stop by MultimediaForensics for full show notes.
Sun, 01 Apr 2007 14:25:00 +0000Today Bret and Ovie talk with Kevin Smith from LTU Technologies about Image-Seeker. They also talk about listener email, rainbowcrack-online.com, TOR not really broken, Bret loves Twitchy, virustotal.com, and GParted-Clonezilla-LiveCD.
Sun, 25 Mar 2007 18:51:00 +0000Our first Live Show at ShmooCon2007!!!
Sun, 18 Mar 2007 18:05:00 +0000Today Bret and Ovie talk with Tony Hogeveen, Sales Director for Deepspar Data Recovery Systems. Bret and Ovie also talk about the Linksys CIT-400, the Jawbone bluetooth headset (hey what kinda show is this anyway), ShmooCon 2007 meetup, listener email, RFID Powder, DHS launches national center for computer forensics training, Information Week story on Vista being banned, Congressman Ed Markey asks for FTC investigation, Nirsoft USB utility, Max OS X Security Part 1, and a Mac forensics mailing list.
Sun, 11 Mar 2007 18:29:00 +0000Ovie flys solo today. On todays show Bret and Ovie interview Trevor Fairchild. Complete show notes as soon as Ovie gets around to it.
Sun, 04 Mar 2007 14:55:00 +0000Technical problems on my end have prevented us from recording the show this week. We should be back up and running for next weeks show. In the mean time check out our recording of the press conference at Blackhat about the IOActive RFID talk that never was (Warning: Audio quality of the recording is not good.)
Mon, 26 Feb 2007 18:17:00 +0000Today Ovie and Bret talk with Mark Menz from MyKey Technology Inc. We also drop in on Jeff Moss as he prepares for Black Hat Federal.
Tue, 20 Feb 2007 02:42:00 +0000Today, in an extended show, Bret and Ovie talk with Phil Zimmermann, creator of PGP encryption software. Phil talks about his new Zfone project. Bret and Ovie also talk about a UK teacher who is fired for showing porn to students, steps of a forensic exam, new Microsoft Word vulnerability, Shaw Carpenter gets 4.3 million for wrongful termination, a man sentenced for stealing data from the American College of Physicians, another laptop missing; this time from St. Marys Hospital emergency care center, Belgian court upheld ruling that prohibits Google from using snippets of headlines, TubeSock, Mac Media Center Project, Ext2 in Windows, Metalosis Maligna, and online presentations.
Sun, 11 Feb 2007 16:19:00 +0000Today we talk with Scott Moulton from Forensic Strategy Services. Scott talks about advanced hard drive recovery topics. In addition, Bret and Ovie talk about detection of full disk encryption with ZeroView, Danny Garcia didn't hack the SuperBowl, MySpace worm creator sentenced to probation, three men who used internet chat room to hatch a plot to rape, decode your printers secret code, paypal security key, google.com/searchhistory, www.freewareosx.com, and www.xslimmer.com.
Sun, 28 Jan 2007 12:16:00 +0000Ovie is back!! Today Ovie and Bret talk with Jesse Kornblum, Principal Computer Forensics Engineer at ManTech about his Buffalo paper on memory analysis. Also they talk about listener email, fletc legal division podcasts, stego, the million dollar paranormal challenge, why blurring data can be bad, and see who is stealing your laptop at slappingturtle.com.
Wed, 17 Jan 2007 16:21:00 +0000Today Bret talks with Chad McMillan, Principal Security Engineer and Mandiant. Chad talks about his new entropy tool for malware detection. Bret also talks about listener feedback, ShmooCon, Blackhat Federal, ESETs NOD32, flash drives for laptops, Jim Christy in WIRED Magazine, malware trends, canadian coins with RFID chips, iDefense annouced they will pay 800 for each remotely exploitable flaw in Vista and IE, and Delicious Monster.
Sun, 07 Jan 2007 15:38:00 +0000Today, Bret talks with Jamie Butler, Principal Software Engineer at Mandiant. Jamie is the co-author of Rootkits: Subverting the Windows Kernel. He talks with Bret about the state of rootkit technology. Bret also talks about a man who stumbles into an online law enforcement training class and ends up with an indictment, mapsexoffenders.com, wireless forensics, remote control plane to capture images for Google Earth, DesktopTwo, and a neat code repository website. Bret also talks about his lovely wife Jill buying him a Canon Rebel XTI and Lego Mindstorms NXT for christmas!Also Congratulations to Ken Pryor for his "Where's Ovie" submission. He will be receiving a "one of a kind" autographed CyberSpeak mousepad. Thanks Ken!!I had a REAL OVIE SIGHTING the other day. Hmmmmm...is he coming back soon!?!?!?!We are light on mail this week...send us your ideas, thoughts, praise, scorn, or whatever. CYBERSPEAK at GMAIL dot COM[...]