Jon Rose will be presenting “Application Security Vulnerabilities in Publicly Available Source Code” at the kick-off Phoenix OWASP chapter meeting, November 9 in Phoenix, AZ.
News & Events
Vincent Liu will be leading the “Consulting Services Roundtable” discussion and will be a panel member on the “Industry Experts Panel for Application Security” at SPICON 2006.
Vincent Liu will be presenting the latest in anti-forensics techniques at the Arizona High Technology Crime Investigation Association (HTCIA), June 14 in Phoenix, AZ
Vincent Liu and Patrick Stach will be presenting “Defeating Forensic Analysis” at the Computer and Enterprise Investigations Conference 2006, May 4 at the Hyatt Regency Lake Las Vegas in Las Vegas, NV.
Vincent Liu and Francis Brown will be presenting “Bleeding-Edge Anti-Forensics” at InfoSecWorld 2006, April 4 in Orlando, FL.
Vincent Liu authors Digital Evidence: Challenging the Presumption of Reliability in the 2006-Volume 1 issue of the Journal of Digital Forensic Practice. There is a general tendency among courts to presume that forensic software reliably yields accurate digital evidence. As a judicial construct, this presumption is unjustified in that it is not tailored …
PGP Desktop includes a Wipe Free Space utility that claims to eliminate data in all the free space on your hard drive including the the little areas after the end of existing files which may still have old data left behind. In short, the utility claims to wipe file slack space, the unused space in a disk cluster. The software does not work as advertised. It does not clean slack space.
Windows file time stamps can be set to extremely low values via the NtSetInformationFile() system call. The Windows API does not properly translate the low 64-bit time values stored on disk into human readable format, and displays no information instead. Although this is not a security vulnerability in itself, it adversely affects third-party applications that rely upon the Windows API to perform the translation.
Vincent Liu will be presenting “The Metasploit Anti-Forensics Project” at Microsoft BlueHat v2, October 13 at Microsoft in Redmond, WA.
Vincent Liu will be presenting “The Metasploit Anti-Forensics Project” at Toorcon 7, September 16 at the San Diego Convention Center in San Diego, CA.
Vincent Liu will be presenting Catch Me If You Can: Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch at Black Hat USA 2005, July 27 at Caesar’s Palace in Las Vegas, NV.