Research Project – Android Mobile Forensics

Mobile Devices

Today is more of a Throwback Thursday moment that I’d like to share with everyone regarding mobile devices.

So in 2015 in order to Graduate from the B.tech Forensics – Computer Crime program.
We had a year long research project that was conducted by each student.

My focus was on Mobile forensics and particularly on Android devices.

This was a field that was slightly newer to me, but I felt mobile security will play a huge role in the future. We use our mobile devices for just about everything, and this means future cyber attacks will start to hit mobile devices.

Also, at the same time, I was very curious as to what type of information mobile devices hold and contain about us. I hope my research brings out some answers for many people while at the same time posing further questions to explore.

I’ve decided to attach a PDF of my Android Forensics project.
(more…)

Russia claims they can now collect crypto keys?

Russia and the Encrypted World

So in top news many have probably already heard of Russia claiming or at least pushing to break encryption.
The initiative is to push for a wide ranging surveillance law, which would allow them access to a whole heck lot of information.

The law calls for metadata and content to be stored for at least six months, plus access to encrypted services.
This means that they also want access to decrypt Whatsapp conversations/chats, Viber & Skype calls… etc… etc…

So how do they go about this now? (more…)

TeamViewer Breach?

Teamviewer is a fairly popular application used to gain remote access to machines.

Many use it to help other users troubleshoot their computer issues.
I personally avoid these types of applications as there are added security risks and concerns.

Teamviewer went down about a month ago which impacted every Teamviewer user on a global scale.
Many people at that time thought Teamviewer had been breached or hacked.

I was alerted about the issue through a friend the same day.
The twitter feed for teamviewer was hit hard by angry users. And as I started to noticed right away many businesses rely heavily on TeamViewer to run their day to day operations. (more…)

SSL Cert Options

SSL Certificates

To Start off, I am going to break this post into many parts.
This will be part 1

So lately, I have been looking at different SSL Cert options that are out there for your applications and machines.

Let’s face it unless you’re a small to large business you may not see a huge investment with SSL certs.

Personally, I think  it’s a general good practice most people should adopt it for everything.
I’ve seen some people complain that adding a layer of SSL decreases server performance.

In my opinion most machines these days are fairly powerful.
Or, at least powerful enough to take on something like SSL, so I don’t see that as a very valid excuse at all.

The main reason people may not wish to make use of SSL is due to the costs, or the lack of knowledge on how to properly make use of one.

And, my hope is to find a reliable SSL Cert CA, that also is reasonably priced and affordable for the average blog poster.

I found an interesting website that actually did an analysis on this issue awhile back.

(more…)

Have you been pwned?

Leaked passwords

Hi Everyone,

Today’s post is related to data breaches and an interesting website idea that has turned up on the Internet.

So a fellow co-worker alerted me on a website that he had recently found.

We know breaches are taking place all the time in fact there is one taking place right this very moment.
And, in the next minute, the next hour and so forth…….

Many of these breaches are not disclosed and that might be because many organizations are not yet aware of being breached.
I’ve read about banks and other organizations learning years later about being breeched.
And, some organizations may never know at all depending on how sophisticated their infrastructure set-up may be.

It looks like someone finally has come out with an interesting plan for end users. 

(more…)