SANS Digital Forensics and Incident Response Blog: Author - datasecurityblog

Why I Chose Not To Post My Interview With The Twitter Attacker

by Ira Victor

The blogosphere was atweet this weekend with news of a DarkWeb attack on Twitter users. As co-host of the Data Security Podcast, I believe I was the first to contact the man who claims to be the creator of the attack.

We thought better of using his voice on our podcast, though, when we realized he's only 17 years old. That makes him too young to consent legally to a globally-distributed interview. He may also be too immature to be a reliable source. The jury's out on that.

At this point, we've decided to sit on the tape, even though the young man's identity and his claims of responsibility for the Twitter hack have been widely

...


Nevada bill would make some security research a felony

by Ira Victor

The 75th Session of Nevada Legislature is taking up a new bill - SB125 - that, if enacted into law as introduced to committee, could make it illegal for information security researchers to do work that shows the vulnerabilities in many types of RFID systems. There are important security research, criminal issues, and some forensic matters related to this bill.

The bill would make it a class C felony (up to 5 years in prison, up to a $10,000 fine) to skim personally identifiable information (PII) from another person's RFID enabled ID or other document, without that person's prior knowledge.


P2P Usage Leads To Presidential Security Breach

by Ira Victor

Pittsburgh TV Station WPXI is reporting that Security Company Tiversa discovered engineering and communications information about the Marine One Chopper fleet on an Iranian Computer system. Marine One is a critical transportation asset for the President of the United States.

Bob Boback, CEO Tiversa, said, that he found the entire blueprints and avionics package for the famous chopper on an Iranian system. The company traced the file back to it's original source, which appears to be a defense contractor in Bethesda, MD.

How did secret Marine One information end up in Iran? According to Mr. Boback, it appears that the defense contractor had a


Is MSFT Serious About It's $250k Conficker Reward?

by Ira Victor

A few days ago, Microsoft made a big announcement about a $250,000 bounty to help catch the creators the Conficker Worm. I covered that bounty story in Data Security Podcast Episode #40. The only problem: Microsoft apparently didn't tell anyone WHO to contact if you are a successful bounty hunter and have quality information from your investigation or incident response process.

According to the Microsoft's

...