If you are visually impaired or blind, you can visit the PDF version by Pressing CONTROL + ALT + 4
You need a JavaScript-enabled browser to view this Publication
Please follow these steps to view the Publication:
Enable JavaScript in your browser
Refresh this page
Best regards
Zmags
The Quarterly Magazine for Digital Forensics Practitioners
AN IPOD NANO IN THIS
WIN!
ISSUE'S COMPETITION
ISSUE 16
AUGUST 2013
INSIDE
/ Using Google Earth
/ Utilising REP Data
/ Social Network
StegANOGRAPHY
/ THE History
of Malware
VM INTROSPECTION
Unearthing and profiling sophisticated x64 bit kernel mode 16
“bootkits” that continue to leverage holes on Windows 7
9 772042 061004
Issue 16 / £14.99 TR Media
/ REGULARS / INTRODUCING / FROM THE LAB / Book Reviews
NEWS, 360, irq, A Fresh Look at Creating New Frontiers CUDA Programming &
LEGAL & more… Cryptography For Live Forensics Silence on the Wir
The Quarterly Magazine for Digital Forensics Prac
EDITORIAL O
CONTENTS / DIGITAL FORENSICS MAGAZINE
/ NEWS NEWS The `Cyber-Attack' threat to Londo
Stevenson Universirty offering free forensics MOO
/ FEATURE FIVE TIPS FOR USING GOOGLE EARTH IN
/ FEATURE Moving temp
Adding Picture Edit Box / Google Earth Default
/ FEATURE Picture before
Zooming Into Pictures You may have noticed
/ FEATURE Adding HTM
/ FEATURE GOOGLE DESKTOP FORENSICS, PART 2 Digit
Figure 1. Misleading “No Desktop Results” Message
/ FEATURE / Hash Functions Hash functions are pr
/ Windows EFS Encrypting File System (EFS) is a f
/ LEGAL EDITORIAL LEGAL EDITORIAL Patent Trol
/ LEGAL FEATURE A NEW APPROACH TO CYBERCRIME
/ Draft Guidance from the EP/LIBE On 03 June 2013
vulnerabilities, due to their increased dependenc
approach against Cybercrime. Any need for EU acti
/ LEGAL NEWS ALERT LEGAL NEWS ALERT Crime does
/ FEATURE SOCIAL NETWORKING STEGANOGRAPHY OPPO
Facebook Badoo Google+ Compressed image
/ FEATURE Facebook and added Bob as a member
Facebook Google+ Features Tools us
/ FEATURE another technique to assure secret
/ FEATURE UTILISING REPUTATION DATA TO INCREAS
simulated OS is analysed for changes that could i
/ FEATURE all malware share, network communic
/ Linux tools Grep – a command-line utility for s
/ FEATURE information can then be used to loo
/ MEET THE PROFESSIONALS MEET THE DF PROFESSIO
What are your main areas of interest and research
/ FEATURE IPHONE BACK-UP FILES A viable source
kept to a minimum by excluding data that is non-e
/ FEATURE Information that can be found
sufficient format that can be interpreted or utili
/ FEATURE would be a simple process and is li
Digital ForensicS / magazine BACK ISSUES
/ LETTERS 360° HYour chance to have your say…
“Oh no, the suspect ran CCleaner to get rid of th
/ FROM THE LAB VM INTROSPECTION: CREATING NEW
No LAVA Event
/ FROM THE LAB The event trace immediatel
In our example the first thing that the Gapz d
/ FROM THE LAB Sample File System Activit
/ FEATURE HISTORY OF MALWARE In the past three
of the omega sign that it wrote in certain condit
/ FEATURE One-half or Slovak bomber was
Happy99 was the first mail virus. It spread
hosts. It could spread to Windows 95, 98, Me, NT
/ FEATURE malware needed to crash the LSAS se
the victim. It used an exploit in the browser to
/ FEATURE a Siemens Step 7 controller, and th
/ NEXT ISSUE COMING SOON… A round-up of feat
/ FEATURE DIGITAL FORENSICS CAPABILITY WORKSHO
/ FEATURE Challenge Solution (%age Sugges
/ REvidence Source Categories & State of the
/ COMPETITION COMPETITION / This issue we have
/ COMPETITION WINNERS SARC WINNERS! StegAlyze
/ FEATURE A FRESH LOOK AT CRYPTOGRAPHY Are we
/ FEATURE Figure 1. The S
Figure 3. Setting or Selecting a Simple Passphras
/ FEATURE those involved in the cryptographic
/ BOOK REVIEWS BOOK REVIEWS CUDA Programming
Silence on the Wire Author: Michael Zalewski Pub
/ COLUMN IRQ Facebook Follies Fby Angus Marshall