Sep 26, 2017
Posted in Encryption, Information Security
Hello everyone.
I am back with some more email security!
Today I’d like to talk about SMTP Authentication.
Some people may never have heard of this concept or may have simply ignored it as it seemingly may not feel that important.
However, in certain situations one may need to make use of SMTP Auth for email.
SMTP Authentication
SMTP Authentication – Outgoing Emails
As shown above in the diagram.
SMTP Auth is fairly simply to use for all incoming or outgoing emails.
Essentially, a machine has to authenticate with the central mail server.
The authentication can be done in various ways.
You can normally query LDAP, Active Directory, or some other identity management system as well as store the credentials on the mail server (not recommended).
How Does It Work?
(more…)
Jan 13, 2017
Posted in Breaches, News
Cellebrite Systems Breeched
Cellebrite (https://cellebrite.com) is an Israeli company that specializes in mobile forensics.
They have created a well known product that is called Universal Forensic Extraction Device (UFED). This tool basically can extract data from most mobile devices. They are able to also unlock mobile devices with a passcode. I have used a much older version of this tool in the past. You may see the catch the details in my Research Project here –> https://www.stealthbay.com/hardening-mobile-phone-devices/
What was taken
Based off a popular website called “Motherboard” who first posted about this breech. Cellebrite has lost over 900GB worth of data. Now, that is a lot of information and data that was taken. My assumption is that a lot of the data is related to tools and software made use of for forensic investigations. (more…)