Coming apart at the SIEMs…

by

Security Information and Event Management (SIEM) systems are all the rage at the moment – and with good cause.

As you are all aware, one item of data does not a case make, it is the combination & correlation between _all_ of the data that creates “evidence” – and here in the SIEM we are seeing the very thinnest separation between forensics and security – if we look at it today it is security, if we look at it tomorrow, it’s forensics.

An SIEM (oft pronounced “seem” – although mostly I like to spell out my TLAs ESS-AYE-EEE-EMM [ with a few notable exceptions … raid, scuzzy, wizzywig … but I suspect that shows my age more than anything else ! ] ) is a centralised system that collects information from other systems in the network. This information is typically – but not exclusively – collected from some, or all, of the normal logging of the system…

Read More

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
Rich Frawley, Director of Training at ADF Solutions, presents on the main features of DEI PRO for investigating computer and mobile devices from collection to reporting within the forensic software tool.

Rich Frawley, Director of Training at ADF Solutions, presents on the main features of DEI PRO for investigating computer and mobile devices from collection to reporting within the forensic software tool.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_xVfiOJm_tCk

Intro To DEI PRO: Assessing All Devices In A Timely Manner

Forensic Focus 28th September 2023 11:00 am

Ryan joins Si and Desi to discuss his research into SS7 hacking and cell phone tracking. As someone passionate about radio technology, Ryan became interested in cell networking and eventually discovered he could intercept calls and texts by building fake cell towers. He learned that phone users have virtually no ability to opt out of their locations and identifiers being commercially available via simple API calls. Ryan hopes to put this knowledge to good use by developing a system to warn domestic abuse shelters if an offender's phone is near by tracking SS7 data. During the technical discussion, Ryan demonstrates querying an API with his own phone number to retrieve subscriber data and location. The hosts consider how individuals could possibly protect themselves from SS7 exploits, such as avoiding SMS authentication. They also discuss Ryan's other projects exploring radio hacking tools and a magazine shining light on digital counterculture topics. 00:00 - Introducing Ryan 01:30 - What is SS7? 05:00 - SS7 attacks 08:05 - Research pathway 14:50 - Ryan's talk at BSides 16:20 - Using data to combat domestic abuse 30:00 - Protection from tracking 36:30 - Ryan's projects 44:15 - HVCK Magazine

Ryan joins Si and Desi to discuss his research into SS7 hacking and cell phone tracking. As someone passionate about radio technology, Ryan became interested in cell networking and eventually discovered he could intercept calls and texts by building fake cell towers. He learned that phone users have virtually no ability to opt out of their locations and identifiers being commercially available via simple API calls. Ryan hopes to put this knowledge to good use by developing a system to warn domestic abuse shelters if an offender's phone is near by tracking SS7 data.

During the technical discussion, Ryan demonstrates querying an API with his own phone number to retrieve subscriber data and location. The hosts consider how individuals could possibly protect themselves from SS7 exploits, such as avoiding SMS authentication. They also discuss Ryan's other projects exploring radio hacking tools and a magazine shining light on digital counterculture topics.

00:00 - Introducing Ryan

01:30 - What is SS7?

05:00 - SS7 attacks

08:05 - Research pathway

14:50 - Ryan's talk at BSides

16:20 - Using data to combat domestic abuse

30:00 - Protection from tracking

36:30 - Ryan's projects

44:15 - HVCK Magazine

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_quPJpAjyDZA

Cell Phone Tracking And SS7 - Hacking Security Vulnerabilities To Save Lives

Forensic Focus 25th September 2023 10:29 am

Ryan from Oxygen Forensics discusses how to use Oxygen's Android agent to collect Google Chrome data as a third party app on Android devices.

Ryan from Oxygen Forensics discusses how to use Oxygen's Android agent to collect Google Chrome data as a third party app on Android devices.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_gNyq_7llqLA

Extracting Google Chrome Using Android Agent

Forensic Focus 22nd September 2023 3:07 pm

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Register For The Webinar: The Complete Workflow For Video Analysis In Amped FIVE
News

Register For The Webinar: The Complete Workflow For Video Analysis In Amped FIVE

ByAmpedSoftwareOct 3, 2023
Forensic Data Collections 2.0 – A Selection Of Trusted Digital Forensics Content
Reviews

Forensic Data Collections 2.0 – A Selection Of Trusted Digital Forensics Content

ByForensic FocusOct 2, 2023
Forensic Focus Digest, September 29 2023
News

Forensic Focus Digest, September 29 2023

ByForensic FocusSep 29, 2023
Digital Forensics Round-Up, September 28 2023
News

Digital Forensics Round-Up, September 28 2023

ByForensic FocusSep 28, 2023
Advance Your Investigations With ADF Solutions’ Enhanced Screen Recording And Streamlined Features
News

Advance Your Investigations With ADF Solutions’ Enhanced Screen Recording And Streamlined Features

ByadfsolutionsSep 28, 2023
Intro To DEI PRO: Assessing All Devices In A Timely Manner
Webinars

Intro To DEI PRO: Assessing All Devices In A Timely Manner

ByadfsolutionsSep 28, 2023