A round-up of this week’s digital forensics news and views:
iOS 17- The “Forever” Setting That Isn’t… Or Is It?
Digital forensics expert Heather Barnhart reveals a significant change in iOS 17’s message retention tracking mechanism. The update shifts from using ‘KeepMessageForDays’ to ‘SSKeepMessages’ in the com.apple.MobileSMS.plist file, crucial for forensic analysis of iOS devices. Barnhart emphasizes the importance of understanding these changes for accurate data interpretation and highlights the need for continuous validation in digital forensics, especially when examining message retention settings across different iOS versions.
Opinion: This should be America’s next step to stay ahead of ruthless cybercriminals
Cybersecurity experts Frank Cilluffo and Joshua Whitman propose a new strategy to combat the rising threat of cybercrime. In response to the proliferation of cybercrime safe havens, they suggest the United States should lead efforts to designate nations as “state sponsors of cybercrime,” similar to designations for state sponsors of terrorism. This approach aims to hold countries accountable for harboring cybercriminal organizations and would enable coordinated sanctions and penalties against nations providing safe harbor to hackers.
Black Hat USA 2024: vehicle head unit can spy on you, researchers reveal
At Black Hat USA 2024, Cisco Talos researchers demonstrated that Android-based infotainment systems in vehicles, used by major automakers like Ford, GM, and Honda, can be exploited to steal sensitive user data. Researcher Dan Mazzella highlighted the ease with which attackers could extract information such as GPS coordinates, text messages, and contacts from these systems, raising significant privacy concerns. The study warns of potential attack vectors, including infected USB drives and Bluetooth exploits, particularly in rental cars, where the risk of compromised head units is heightened.
UN cybercrime treaty passes in unanimous vote
The United Nations has unanimously passed its first global cybercrime treaty, marking a significant step toward establishing a worldwide legal framework for combating cybercrime and enabling data access. Despite support from Russia, which had previously raised concerns, the treaty has faced criticism from human rights organizations and tech companies for its provisions allowing cross-border access to electronic evidence, which they argue could increase surveillance and misuse of digital investigation powers. The treaty, which follows three years of negotiations, will move to the UN General Assembly for final approval later this year.
‘A battle of experts’: Karen Read case spotlights murky realities of digital forensics
The Karen Read trial has spotlighted the evolving and contentious field of digital forensics, where evidence from cellphones and computers, unlike the clean-cut portrayals in TV crime dramas, often presents complex and conflicting interpretations. In the trial, discrepancies over digital evidence—such as the timing of a Google search and phone movement data—led to a mistrial, highlighting how advancing technology and the “battle of experts” can muddy legal proceedings. As digital forensics continues to evolve, legal experts emphasize the need for rigorous scrutiny of both the science and the credibility of expert witnesses, amid growing concerns over the reliability of such evidence.
WPC urges mechanism to combat cybercrime against women
The Women Parliamentary Caucus (WPC) in Pakistan convened a significant meeting on Thursday, led by Secretary Dr. Shahida Rehmani, where members proposed establishing a comprehensive mechanism to combat cybercrime against women. Dr. Rehmani condemned slander against women and emphasized the need for robust protections against online harassment. The session also highlighted the challenges faced by women in minority communities and stressed the importance of targeted interventions in maternal health and youth clinics. The caucus agreed on the importance of collaborating with male legislators to advance legislation addressing women’s issues across the country.
AI Model Achieves 98% Accuracy in Collecting Threat Intelligence From Dark Web Forums
Researchers from the Université de Montréal and Flare Systems have demonstrated that large language models (LLMs) can achieve 98% accuracy in extracting critical cyber threat intelligence (CTI) from dark web forums, according to a recent study. Utilizing OpenAI’s GPT-3.5-turbo, the system analyzed discussions from prominent cybercrime forums like XSS, Exploit.in, and RAMP, accurately identifying key variables such as targeted organizations and exploitable vulnerabilities. The study highlights the potential for LLMs to enhance cybersecurity efforts by effectively replacing first-level threat analysts, though further refinement is needed to optimize the technology for real-time, actionable insights.
Read More (Cyber Security News)