Chinese Spies Took the NSA's Hacking Tools and Used Them For Attacks

According to Symantec, Chinese spy group had been using NSA malware for over a year before the Shadow Brokers leaked the same exploits online, exposing them to the whole world.  The group became well known after US authorities charged three hackers in late 2017.  The US alleged that a cyber-security company, Boyusec, was acting as a front for the Chinese Ministry of State Security and had hacked western companies such as Moody's Analytics, Siemens, and Trimble. 

Android Malware - Our Test

Android is a widely used mobile operating system.  It is awesome, open, and therefore vulnerable.  Several apps in the Google Play store have been found to contain malware.  Additionally, there are many websites where users can download apps for free.  Some websites even allow users to share paid apps with other users for free, generally including malware at no extra charge.  So, we decided to go ahead and run some tests to see what happens when we run an infected Android app.  We were mostly interested in seeing some of the traffic generated so that we could see the risk.

CFAA Hacking case example

In a Virginia computer forensics case, the court had the opportunity to examine the standard to determine whether to grant a preliminary injunction in the case.  In order to prove that a website was hacked, computer forensics techniques are frequently applied.  This post explains the standard that the court used for granting a preliminary injunction under the Computer Fraud and Abuse Act.  This was Physicians Interactive v. Lathiam,

Spoliation - The Destruction of Evidence

Computer forensics involves the recovery and analysis of digital evidence. As such, a computer forensics expert frequently encounters cases involving the concealment or destruction of evidence. We previously discussed issues related to the destruction of evidence and spoliation and used as example the Virginia computer forensics case of Trigon v. U.S.

Chesterfield Virginia Computer Forensics Expert

AVM Technology is a leading company providing computer forensics services in Richmond, Virginia. An important judicial jurisdiction in the Richmond area is Chesterfield County.  In Chesterfield, VA, civil and criminal cases involving the interpretation of digital evidence are heard daily in the Chesterfield courts.  Some useful information to have is the contact information for the courts in Chesterfield Virginia, where these cases involving computer forensics are sometimes heard.  We often assist attorneys as computer forensics consultants or expert witnesses at trial.

Richmond VA Computer Forensics

We are a team of highly trained and experienced Richmond, VA computer forensics and Information Technology professionals offering computer forensics expertise, e-discovery services and consultation, and, when necessary, expert testimony at trial. We offer computer forensics services throughout the Greater Richmond area, including Richmond City, Petersburg, Hopewell, Colonial Heights, Caroline, Charles City, Chesterfield, Cumberland, Dinwiddie, Goochland, Hanover, Henrico, King and Queen County, King William, Louisa County, New Kent,

Testing a Write Blocking Device

Computer Forensics Expert Note: A computer forensics examiner or computer forensics expert, particularly in States such as Virginia, where courts are very strict about the required procedures to be followed by a Virginia computer forensics expert, must be comfortable with the use of write blocking devices.  The non-use or improper use of these may cause the digital evidence to not be admissible.

BIOS limitations issues during computer forensic examintations

Computer Forensics Expert Note: Sometimes, while performing a computer forensics analysis, BIOS limitations may limit the computer forensics examiners ability to make a bootable bitstream copy.  Additionally, these BIOS limitations may make it impossible to be able to access all the partitions on the drive.  To minimize these problems, the computer forensics examiner must make sure to: