When the company Enron declared bankruptcy in December 2001, hundreds of employees were left jobless while some executives seemed to benefit from the company’s collapse. The United States Congress decided to investigate after hearing allegations of corporate misconduct. Much of Congress’ investigation relied on computer files as evidence. A specialized detective force began to search …
News & Events
News tagged "Metasploit Anti-Forensics Project"
Vincent Liu will be featured in “The Rise of Antiforensics” in CSO magazine. Forensic investigations start at the end. Think of it: You wouldn’t start using science and technology to establish facts (that’s the dictionary definition of forensics) unless you had some reason to establish facts in the first place. But …
Vincent Liu will be featured in CIO Magazine – How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab. Forensic investigations start at the end. Think of it: You wouldn’t start using science and technology to establish facts (that’s the dictionary definition of forensics) unless you had some reason to establish facts …
Vincent Liu will be presenting the latest in anti-forensics techniques at the Arizona High Technology Crime Investigation Association (HTCIA), June 14 in Phoenix, AZ
Vincent Liu and Patrick Stach will be presenting “Defeating Forensic Analysis” at the Computer and Enterprise Investigations Conference 2006, May 4 at the Hyatt Regency Lake Las Vegas in Las Vegas, NV.
Vincent Liu and Francis Brown will be presenting “Bleeding-Edge Anti-Forensics” at InfoSecWorld 2006, April 4 in Orlando, FL.
Vincent Liu authors Digital Evidence: Challenging the Presumption of Reliability in the 2006-Volume 1 issue of the Journal of Digital Forensic Practice. There is a general tendency among courts to presume that forensic software reliably yields accurate digital evidence. As a judicial construct, this presumption is unjustified in that it is not tailored …
PGP Desktop includes a Wipe Free Space utility that claims to eliminate data in all the free space on your hard drive including the the little areas after the end of existing files which may still have old data left behind. In short, the utility claims to wipe file slack space, the unused space in a disk cluster. The software does not work as advertised. It does not clean slack space.
Windows file time stamps can be set to extremely low values via the NtSetInformationFile() system call. The Windows API does not properly translate the low 64-bit time values stored on disk into human readable format, and displays no information instead. Although this is not a security vulnerability in itself, it adversely affects third-party applications that rely upon the Windows API to perform the translation.
Vincent Liu will be presenting “The Metasploit Anti-Forensics Project” at Microsoft BlueHat v2, October 13 at Microsoft in Redmond, WA.
Vincent Liu will be presenting “The Metasploit Anti-Forensics Project” at Toorcon 7, September 16 at the San Diego Convention Center in San Diego, CA.
Vincent Liu will be presenting Catch Me If You Can: Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch at Black Hat USA 2005, July 27 at Caesar’s Palace in Las Vegas, NV.