Cellphone Forensics: A Discussion on the Means of iPhone Data Extraction


SalvationDATA Blog

In the former issues of Technical Insights, data recovery experts from the Key Laboratory of Sichuan Province(Subsidiary of SalvationDATA) explained their researches on extraction of cellphone audio files, the recovery of SQLite database files, the writing of forensic scripts for cellphone apps, and the mining of data through defensive cellphone apps etc. The focus of this issue is the various means of data extraction from iPhones (either jail-broken or not) that can give access to all types of data, including texts, images, audios and videos.

With the continuous development of mobile communication technology, cellphones has become an indispensable tool for interpersonal communication and almost everyone carries one or more cellphones. A great deal of information recorded by cellphone apps, chats and locations for example, would probably become the key for investigators to crack cases. Cellphone data extraction, therefore, bares great importance.

To provide support for data extraction from Android…

View original post 669 more words

WannaCry Ransomware Infected Files Can be Recovered?


SalvationDATA Blog

What’s WannaCry Ransomware Attack?

You must have heard either from the news or friends that over hundreds of thousand of computers were hit globally by the ransomware cyberattack called “WannaCry”, which the group behind the attached claimed was via a vulnerability stolen from the United States National Security Agency. And China is among the worst hit countries.

The WannaCry ransomware, as its name suggests, is a kind of virus that hold files on one’s computer hostage until the user pays the amount asked for decrypting files encrypted by hackers. While we’re shocked about how hackers can carry out an attack of such a large scale, we’re also pondering how it is possible.

It takes advantage of the vulnerability in older Microsoft Windows operating systems as some users are reluctant to install the latest security update, which leaves computers vulnerable for any attack.

How Can You Get Your Files Back?

Although…

View original post 339 more words

Check Patch Status of ‘WannaCrypt’ / ‘WannaCry’ using PowerShell


Kloud Blog

A short but sweet blog today, mindful that today most Australians will be coming back to work after the ‘WannaCrypt’ attack that was reported in the media on Friday.

I would like to just point out the work of Kieran Walsh – he’s done the ‘hard yards’ of extracting all of the Knowledge Base (KB) article numbers that you need to be searching for, to determine your patching status of Microsoft Security Bulletin MS17-010  (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx).  Microsoft’s detailed blog about the ‘WannaCrypt ransomware’ can be found here: https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/

If you don’t have an Enterprise patch deployment tool such as SCCM or WSUS (there are many many others), Kieran’s script executes a simple ‘Get-Hotfix’ PowerShell command remotely against a Windows Server or workstation, and uses all the computer objects in Active Directory as a reference.  I personally haven’t run this yet, so please test this first against a test AD if you have one.  The ‘Get-Hotfix’ command…

View original post 404 more words

Renault-Nissan resumes work in nearly all plants after ransomware attack


Renault-Nissan said on Monday that output had returned to normal at nearly all its plants, after a global cyber attack caused widespread disruption including stoppages at several of the auto alliance’s sites. Renault and its Japanese partner are the only major car manufacturers so far to have reported production problems resulting from Friday’s WannaCry ransomware […]

via Renault-Nissan resumes work in nearly all plants after ransomware attack — News

WASHINGTON: #WannaCry’ ransomware attack hit a ‘limited number’ of US companies representing many different branches of economy over the weekend DHS reports #AceNewsDesk reports – @AceNewsServices


Ace News Services

#AceNewsReport – May.17: But NOW there is a bigger problem: Remember that “kill switch” which shut down the WannCry ransomware? Well according to a number of experts in the field it’s been removed on a NEW thus it can no longer be debilitated as before #AceNewsDesk

Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch
Published on May 13, 2017 at 12:57PM An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. “I can confirm we’ve had versions without the kill switch domain connect since yesterday,” Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday

Another researcher confirmed they have seen samples of the malware without the kill-switch.

EDITOR: Thanks for following…

View original post 45 more words

China’s Gruesome Dog Meat Festival Has Been Canceled, Say Activists


Could the barbarity be at an end? It just might according to jubilant animal rights activists, who say this year’s Yulin dog meat festival — where 2,000 to 3,000 canines are rounded up, forced into cramped cages, bludgeoned to death and eaten — has been canceled by authorities in the southern Chinese city. Citing local…

via China’s Gruesome Dog Meat Festival Has Been Canceled, Say Activists — TIME

What’s Your VR Game Plan?


Retail Technology Insider

VirtualReality (VR) is set to be one of the most excitement developments for retailers, globally so what are you going to do about it?

People are going to spend a fortune on VR in coming years. Fact.

IHS Market reckons users will spend around $7.9b on headsets alone, and $3.3 on VR entertainment by 2020!

Right now the idea of wearing a ski-mask-esque pair of Goggles isn’t exactly appealing to most shoppers but in the safe confines of homes or with others, in-store, it becomes less frightening.

VR is also new to most people, so many haven’t got a clue what they do with said goggles, or know how they work, so the education piece still needs sorting.

VR has the potential to magically take customers anywhere, and amaze them.


It can engage and wow like nothing before it, but applications needs to be thought throughif you don’t want your…

View original post 336 more words