NYC4SEC - Meet-up Group

Next Meet-up Information - November 17th, 7pm
http//www.nyc4sec.info/calendar/15416096/

Title
Thanksgiving Meet-up Let's carve some data!

When
Wednesday, November 17, 2010 700 PM

Where
John Jay College of Criminal Justice
899 Tenth Avenue
New York, NY 10019
John Jay Room 610T

Details

Gobble. Gobble. Thanksgiving is just around the corner and what a better pun to shoe horn into the topic discussion but carving…data!

Digital storage devices can hold data. Lots. One of the more common file types are images and as the saying goes, a picture is worth a thousand words. But there is more than just the image itself and many investigations will require you to recover the picture and all associated information about the pictures to correlate with other system artifacts.

There are exciting new techniques and technology that can allow you to carve the picture data from allocated and un-allocated space to recover the image. But what you get back is more than just the carved meat but all the fixin's about the picture that can make a case.

This month our speaker is Professor Nasir Memon who will be giving a presentation on this topic.

Photo Forensics There is More to a Picture Than Meets the Eye

When presented with a device full of active or deleted data – what do you know about the images? Can you recover them all? Can you tell which camera they are taken with? Can you tell if they are manipulated? Can you find from the Internet all other pictures taken from the same camera? Forensics professionals all over the world are increasingly encountering such questions.

Given the ease by which digital images can be created, altered, and manipulated with no obvious traces, digital image forensics has emerged as a research field with important implications for ensuring digital image credibility. This presentation provides an overview of recent developments in the field, focusing on three problems.

First, collecting image evidence and reconstructing them from fragments, with or without missing pieces. This involves sophisticated file carving technology.

Second, attributing the image to a source, be it a camera, a scanner, or a graphically generated picture. The process entails associating the image with a class of sources with common characteristics (device model) or matching the image to an individual source device, for example a specific camera.

Third, attesting to the integrity of image data. This involves image forgery detection to determine whether an image has undergone modification or processing after being initially captured.

So please join us on Wednesday, November 17th, 700pm at John Jay College of Criminal Justice, 899 Tenth Avenue (59th St. and 10th Ave.) in Room 610T for this exciting meet-up.

Biography Nasir Memon is a Professor in the computer science department at the Polytechnic Institute of New York University, New York. He is the director of the Information Systems and Internet Security (ISIS) lab at Polytechnic http//isis.poly.edu…

Prof. Memon got his BE in Chemical Engineering and MS in Math from BITS, Pilani, India, 1981. He got his MS in Computer Science (1989) and PhD in Computer Science (1992) from the University of Nebraska, Lincoln.

Prof. Memon's research interests include Digital Forensics, Data Compression, Computer and Network Security and Multimedia Computing and Security. He has published more than 200 articles in journals and conference proceedings and holds 4 patents in image compression and security with six more pending application. He has won several awards including the NSF CAREER award and the Jacobs Excellence in Education award. He has been a PI or Co-PI on research and education grants exceeding 12 million dollars. He has appeared on NBC nightly news as an expert on steganography and his research has been featured in NY Times, MIT Review, Wired.Com, New Science Magazine etc.

He is currently the Editor-in-Chief of the IEEE Transactions on Information Security and Forensics. He was an associate editor for IEEE Transactions on Image Processing, the Journal of Electronic Imaging, the ACM Multimedia Systems Journal, the LNCS Transaction on Data Hiding, IEEE Security and Privacy Magazine, IEEE Signal Processing Magazine and the International Journal on Network Security.

Prof. Memon is the co-founder of Digital Assembly (http//www.digital-assembly.com/) and Vivic Networks, two early stage start-ups in Polytechnic's BEST incubator.

Next Meet-up Information - November 17th, 7pm
http//www.nyc4sec.info/calendar/15416096/

I wrote an overview here NYC4SEC Meetup Advanced Photo Forensics. Had a great time, very educational, can't wait for the next one!

Thanks Geoff! So happy that the info sec and forensic community has got behind the group.

Would love to see more people on the board join us when in town or if you live in the area.

Next Meet-up Tomorrow (I know late notice boo me)

Lightgrep - Fast Keyword Searching for Forensics

Wed - 1/19/2011 - 700 PM

John Jay College-Criminal Justice
899 Tenth Avenue
10th Ave btwn 58th and 59th Streets

Dislike waiting 5 days for your keyword search to complete? Been brought to tears by thousands of keywords? Lost faith in your forensics tools when they didn't find all the hits they should have? Come to this talk to see the first public demonstration of Lightgrep, a new regular expressions search tool designed specifically for forensics.

Search is a fundamental part of forensics, useful not only for discovering relevant documents and snippets of text, but also artifacts, files in unallocated space, and file signature analysis. We will discuss the basic principles behind how a grep search works, why it's important to consider how multiple keywords are handled, and how to validate a search tool's results. Finally, we'll show Lightgrep, a tool that allows for fast searching for thousands of keywords, with full EnCase integration.

Please join us on Wednesday, January 19th, 700pm at John Jay College of Criminal Justice, 899 Tenth Avenue (59th St. and 10th Ave.) in Room 610T for this exciting meet-up.

Jon Stewart is a software developer and co-founder of Lightbox Technologies, Inc. Prior to Lightbox, Jon was a senior developer and consultant with Guidance Software, where he worked heavily on the EnScript programming language and created EnCase eDiscovery. Jon lives in Arlington, VA and blogs regularly about EnScript, programming, and forensics at http//codeslack.blogspot.com/

Ah! too short!

I will be in NJ for some work tomorrow. I could have gone over and listen to this.

Next Meet-up Wednesday, February 16, 2011 at 700 PM - Please join us open to all.

Data Breach Notifications - Who You Gonna Call?

If you are a member of the infosec and digital investigation community you already know that there is a ton of personal information about all of us stored on other peoples networks and computer systems. But what happens when someone or a group gains access to this information? What can be taken? What are the notification responsibilities of the organization? What alphabet soup agency do you call? Every day we see new data breaches and it is imperative that there are response plans in place that allow for the proper notification of the right people and meet the various regulations and take the steps to protect individual privacy.

Breach notification requirements also have been mandated by numerous federal financial regulators, the Department of Health and Human Services, and the Department of Veterans Affairs. In addition, these requirements have been incorporated into self-regulatory schemes such as the PCI DSS. As a result, most U.S. businesses are now subject to some form of an information security breach notification requirement.

Boris Segalis, Partner at InfoLawGroup, will address the various breach notification mandates as well as the practical implications of compliance with the breach laws. We will also discuss several actual breaches (including how they occurred and their consequences) as well as state and federal enforcement actions that agencies have brought in connection with information security breaches.

Join us on February, 16th, 700pm at John Jay College of Criminal Justice, 899 Tenth Avenue (59th St. and 10th Ave.) in Room 610T for this exciting meet-up.

BioBoris Segalis is a Partner at InfoLawGroup LLP. He counsels clients regarding a broad range of privacy, information security and information management issues arising in connection with information security breaches and state and federal agency breach investigations; financial services and transactions; online data collection; e-commerce; marketing, including behavioral tracking and analysis, and mobile campaigns; product development; mergers, acquisitions and corporate restructuring; outsourcing transactions; payment card systems; employee monitoring and internal investigations; government programs; cross-border data transfers; global data protection compliance initiatives; e-discovery; and strategic management of personal information assets, including privacy assessments.

Mr. Segalis advises clients on compliance with

* The Gramm-Leach-Bliley Act (GLBA) (including Privacy and Security Rules, and the Interagency Guidance)
* The Fair Credit Reporting Act (FCRA) (including the Affiliate Sharing and Marketing Rules, and the Red Flags Rule)
* State financial privacy laws (including the laws of California and Vermont)
* State information security breach notification laws, SSN and driver's license number protection laws, online privacy laws, and information security laws and regulations
* Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
* FTC and FCC telemarketing regulations and FTC behavioral marketing guidelines
* Mobile Marketing Association and Direction Marketing Association guidelines
* Payment Card Industry Data Security Standard (PCI DSS)
* The Privacy Act (including OMB guidance), and the Federal Information Security Management Act (FISMA) and NIST information security regulations implementing FINRA
* The Privacy Rights Act
* Communications monitoring laws and regulations (including the Wiretap Act and the Stored
* Communications Act, FINRA Rules and state common laws regarding privacy)
* Cross-border data transfer requirements (including the U.S. Department of Commerce Safe Harbor framework, Binding Corporate Rules and Model Clauses)
* Privacy and information security requirements worldwide (in cooperation with a network of privacy counsel in over 70 countries)

In addition he has advised and represented top Fortune firms on a wide variety of data breach and security issues and been published in several legal and technical resources.

Again, sorry for the late notice!

Tomorrow, 8/25/11, is a NYC4SEC meet-up with Larry Pesce
http//www.nyc4sec.info/events/29869461/

NYC4SEC meetings are starting up again! Come join us for the next one with Larry Pesce at Pace University.

Bio

Larry Pesce is the Manager for Information Services Security and Disaster Recovery with NWN Corporation in Waltham, MA. In the last 13 years in the computer industry, Larry has become a jack of all trades; PC repair, Network Engineering, Web Design, Non-Linear Audio and Video production and Computer Security.

Larry diverts a significant portion of his attention co-hosting the PaulDotCom Security Weekly podcast at http//pauldotcom.com

Larry will be teaching SANS SEC 617 the week of August 22, 2011. While in town Larry will be giving us some infosec goodness on not one but TWO topics you don't want to miss stalking via geolcation and what happens when research kicks you in the teeth.

More details to follow on specific room location for the NYC4SEC Meet-up but please RSVP for Thursday, August 25th @ 7pm.

In the NYC area? Can't get enough DF/IR and infosec during the work/school day? Then we have the support group for you!

This Wed 10/19/11 is another NYC4SEC Meet-up.
======
Hello all. This week is Meet-up week for NYC4SEC. We are back at John Jay College-Criminal Justice this Fall and our first meet-up will be a roundtable discussion. Same format as in the past; we will have some current topics and spend about 20 minutes on each. Please start submitting topic ideas digital forensic, cyber crime, infosec or related topics are eligible. A lot of interesting things have happened over the summer in these topic areas so please feel free to suggestion the stories that you want to have a group discussion upon.

This is also a great opportunity for you to network with your peers and get to know those in the community a bit better. Please free to bring business cards and other areas of work to promote such as your blog, pod cast, research papers, etc.

Please check us the http//www.nyc4sec.info site for full details and to RSVP.

Please come join us Wednesday October 19th 700pm at John Jay College of Criminal Justice, 899 Tenth Avenue (59th St. and 10th Ave.) in Room 610T for this exciting meet-up.

Upcoming meet-up - look at me actually giving enough notice, go figure.

The Advanced Persistent Threat or How I Learned to Stop Worrying and Love DF/IR with Eric Huber

http//www.nyc4sec.info/events/39565022/

This month's NYC4SEC meet-up we will be covering the often talked about but not always well communicated topic of…..The Advanced Persistent Threat (APT) - for those playing at home start your dramatic music now. Highly publicized events such as Operation Aurora and Shady RAT have introduced the concept of Advanced Persistent Threat (APT) into the consciousness of information security practitioners everywhere. Unfortunately, the term APT has been widely misunderstood and misused by vendors, journalists, and security experts. This session will answer questions such as who APT really is, why you should care, and what you can do about it.

The talk will be given by our one of our own NYC4SEC members Eric Huber. Eric is an internationally respected and recognized leader in the field of cyber investigations, information assurance, and incident response who leads a cyber investigations team for a Fortune 100 company. His areas of knowledge include detecting, responding, and remediating external threats such as advanced persistent threat by nation-state actors, the investigation of a broad range of complex internal incidents such as intellectual property theft, fraud, workplace violence, and misuse of corporate resources. He has successfully led and conducted many high-profile and cross-border investigations. Eric is a recognized authority, author, and speaker on areas including cybercrime, digital forensics, advanced persistent threat, and incident response. He is an instructor for the SANS Institute where he is part of the digital forensics instruction team teaching cyber investigations to individuals, corporations, and governments. He created the widely read and award-winning A Fistful of Dongles blog where he writes about information security, cyber investigations, and digital forensics and is a frequent panelist on the award-winning Forensic 4cast podcast.

So please join us on Wednesday November, 16th, 700pm at John Jay College of Criminal Justice, 899 Tenth Avenue (59th St. and 10th Ave.) in Room 630T for this exciting meet-up.

Jamie - sorry for the somewhat shameless bump….

But tonights NYC4SEC presentation on APT by Eric Huber is gearing up to be a big turn out and wanted to give people an opportunity to come and meet people in the digital forensic, incident response and information security community. In addition to the presenter, the folks in attendance are some of the more active people in the community on message boards, news groups, Twitter, publishing, teaching, etc. so please come to network with your peers.