BLOG

A Bluetooth attack just announced last month found vulnerabilities in most major operating systems: Windows, iOS, Android, Linux… This leads to a series of worrisome questions. They are amplified by stories from my friends who have used Bluetooth hacks to turn on a cellphone microphone and listen in to nearby conversations. Are they listening to my Bluetooth phone conversation right now? Does this mean the end-of-life as in our interconnected world? Is my strategic boardroom

Read More

WannaCry news Over the last few days a WannaCry worm/ransomware attack has swept across the planet resulting in headlines.  Forensics of the worm which spreads a ransomware payload is being meshed with political news. It’s likely that the key worm concepts came from stolen and leaked US Government cyber tools.  Here are some observations from the eSleuth crew. An early and accurate analysis from Jake Williams of Rendition Infosec was presented in a SANS webinar — on the same day

Read More

A new accounts payable employee receives an spoofed email from the company president. Send a $20K direct deposit to this bank account… do it right away!  The true crime story is that this is an ongoing fraud effort. Our recent spoofed email cases include: $18K in Kirkland, $20K in Woodinville, $250K in downtown Seattle, $500K in West Seattle. Spoofed emails are so realistic and well timed that they really seem genuine. They include real names and

Read More

The anniversary of the Japanese attack on Pearl Harbor is always a time for reflection. Some reflections are personal. For baby-boomers it was common to know survivors of the attack. My connection was via an uncle who served on the USS Argonne with the Commander Pacific Fleet. He had eyewitness accounts of heroic actions by sailors and marines who reacted to the surprise attack on December 7, 1941. Years later I briefly worked just across

Read More

In the current political focus it is not helpful to have another harangue from an opinion shaper. This blog includes just my personal experiences — and the role of computer forensics. Remember the ’70s? Seattle had become the bomb capital of the US. The government was the focus of much of the hate. I recall a coworker at UW who summed this mood up pretty well. His philosophy was that there is no good in

Read More

Last week a long-time client called to ask for quick cyber risk assessment. No threat of violence — but they wanted to know if their (very good) network security would effectively defend them against a known (very aggressive) cyber threat. An immediate opinion was needed. I was faced with the problem that decision makers live with especially in high-threat or violent situations. Few problems in management are purely quantitative. Even the formulas that are used

Read More

Software from Redmond, Washington always seems newsworthy. This software project was going well and beginning to get national attention. One day the focus turned inward, however. During a test of the project, the boss discovered that the new software was providing links to pornography on the Internet. Ouch! He made solving this problem a high priority and called to provide a forensic investigation of the issue. The investigation Computer forensic imaging and analysis of a server

Read More

The tough job in risk assessment is separating the goofiness of ordinary life from factors that might indicate potential violence. Assessment isn’t prediction — but both have similar uncertainties. In a world with lots of physical variables, each represented by a known stochastic process the job is lots easier. A numerical simulation of the collection, such as a monte carlo analysis, can give credible results. It is even possible with data from trusted opinion polls,

Read More

Two former spooks met for a gourmet lunch on the side of an extinct volcano. Sounds interesting… and it was. I was with Patrick Wardle, Director of R&D for synack.com. His company has taken an effective new approach to discovering network vulnerabilities for their clients. We talked a bit about how the landscape of computer security has been changing. 2016 is shaping up to become the year of Ransomware. With a more Macs being used

Read More

Tomorrow is Memorial Day in the US. Just a few weeks ago Liberation Day, Bevrijdingsdag, was remembered in the Netherlands. They recognize the sacrifice of foreign soldiers who defeated the German occupiers in World War II. Near Maastricht, 8,301 American soldiers are buried. They fell in “Operation Market Garden” in the battles to liberate Holland in the fall winter of 1944. Every one of the men buried in the cemetery, as well as those in

Read More