Newsletter 48 – Settembre 2016
Transcript
Newsletter 48 – Settembre 2016
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 48 - Settembre 2016 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Papers/Tutorials 4 - Tools 5 - Conferences e Call for Papers 6 - Links =============================== NEWS =============================== Consumatore risarcito (dopo hacking) da PosteItaliane http://www.federconsveneto.it/public/?doc=1557 Pokemon Go, allarme per la privacy. "Spia tutti i dati dello smartphone" http://www.quotidiano.net/cronaca/pokemon-go-allarme-per-la-privacy-spia-tutti-i -dati-dello-smartphone-1.2448649 BEREC launches Net Neutrality Guidelines http://berec.europa.eu/eng/news_and_publications/whats_new/3958-berec-launches-n et-neutrality-guidelines Sophisticated, persistent mobile attack against high-value targets on iOS https://blog.lookout.com/blog/2016/08/25/trident-pegasus/ Second Web App Security Report by Acunetix shows 55% of websites have severe vulnerabilities (& rising) https://www.acunetix.com/blog/news/web-app-security-report-2016/ Hackers stole account details for over 60 million dropbox users http://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts https://www.troyhunt.com/the-dropbox-hack-is-real/ iCloud photo library: all your photos are belong to us http://blog.elcomsoft.com/2016/08/icloud-photo-library-all-your-photos-are-belon g-to-us/ LinkedIn leaked passwords (in 2012) https://haveibeenpwned.com/ Dropbox hack leads to leaking of 68m user passwords on the internet https://www.theguardian.com/technology/2016/aug/31/dropbox-hack-passwords-68m-da ta-breach Relaxing privacy vow, WhatsApp will share some data with Facebook (didn’t you see it coming?) http://www.nytimes.com/2016/08/26/technology/relaxing-privacy-vow-whatsapp-to-sh are-some-data-with-facebook.html Hacker shows us how to unlock a laptop using an NSA-like tool http://motherboard.vice.com/read/hacker-unlock-a-laptop-nsa-tool-slotscreamer Apple must pay Ireland $14.5 billion in taxes, rules European Commission http://arstechnica.com/tech-policy/2016/08/apple-must-pay-ireland-13-billion-eur os-in-taxes-says-brussels/ http://arstechnica.com/tech-policy/2016/09/tim-cook-slams-eu-apple-case-total-po litical-crap/ [ITA] http://www.ilsole24ore.com/art/finanza-e-mercati/2016-08-30/su-apple-arriva-scur e-bruxelles-l-accordo-tasse-irlanda-105530.shtml Ethereum executes Blockchain Hard Fork to return DAO funds http://www.coindesk.com/ethereum-executes-blockchain-hard-fork-return-dao-invest or-funds/ =============================== LEGGI, DOTTRINA, GIURISPRUDENZA =============================== Database of electronic signature legislation http://193.62.18.232/dbtw-wpd/textbase/esiglaws.htm. =============================== PAPERS/TUTORIALS =============================== Incident Response for Android and iOS https://www.nowsecure.com/resources/mobile-incident-response/en/ =============================== TOOLS =============================== Tools and other stuff (with new hardware tools) http://www.dfir.training/ Security issues in the new version of Bitcoin Core: https://bitcoin.org/en/alert/2016-08-17-binary-safety =============================== CONFERENCES & CFP =============================== 1-4 settembre, Venezia: Hacker ESC, dodicesima edizione https://www.endsummercamp.org 7 settembre, Milano: The Internet of Broken Things https://www.facebook.com/events/1743322472613111/ 2 ottobre: CFP for DFRWS 2017 https://www.dfrws.org/conferences/dfrws-eu-2017 3 ottobre: CFP for FTC PrivacyCON https://www.ftc.gov/privacycon-call-for-presentations 5 ottobre, Verona: Security summit Verona https://www.securitysummit.it/verona-2016 3-15 ottobre: DFIRPrague Summit Date: October 9, 2016 Training Course Dates: October 3-15, 2016 https://www.sans.org/event/dfir-prague-2016 12 ottobre, Londra: The Cyber Security for Defence seminar http://events.theiet.org/cyber-defence/venue.cfm =============================== LINKS =============================== BLOGS & PORTALS http://www.forensicblog.org http://www.forensicfocus.com/computer-forensics-blog http://articles.forensicfocus.com/ http://computer-forensics.sans.org/blog http://computer.forensikblog.de/en/ http://windowsir.blogspot.com http://www.forensickb.com http://www.forensicinnovations.com/blog http://forensicsfromthesausagefactory.blogspot.com/ http://ericjhuber.blogspot.com/ http://consoleforensics.com/ http://www.forensicphotoshop.blogspot.com/ http://forensicmethods.com/ http://blog.digital-forensics.it/ http://f-interviews.com/ http://www.techandlaw.net/ http://xwaysclips.blogspot.it/ http://justaskweg.com/ http://memoryforensics.blogspot.it/ https://www.privacyinternational.org/ http://volatility-labs.blogspot.it/ https://blog.gdatasoftware.com/ [ITA] http://www.siig.it/ [ITA] http://pierluigiperri.com/ [ITA] http://blog.cesaregallotti.it [ITA] http://mattiaep.blogspot.it [ITA] http://www.studioag.pro PODCASTS http://www.cybercrime101.com http://cyberspeak.libsyn.com http://forensic4cast.com/ WIKIS http://www.forensicswiki.org http://www.forensicwiki.com http://www.forensicswiki.org/wiki/Scheduled_Training_Courses http://www.forensicswiki.org/index.php?title=Upcoming_events http://cyber.law.harvard.edu/cybersecurity/Cybersecurity_Annotated_Bibliogra phy TOOLS http://www.opensourceforensics.org/ http://www.cftt.nist.gov/ http://computercrimeinfo.com/info.html http://www.mikesforensictools.co.uk/software.html https://code.google.com/p/regripper/ http://www.mobileforensicscentral.com/mfc/ http://forensiccontrol.com/resources/free-software/ http://winfe.wordpress.com/ GOOGLE DIGITAL FORENSICS SEARCH http://www.google.com/cse/home?cx=011905220571137173365:7eskxxzhjj8 =============================== Newsletter a cura del Consiglio dell’Associazione DFA - Digital Forensics Alumni. INFORMATIVA AI SENSI DELL’ART. 13 DEL D.LGS. 196/2003 Digital Forensics Alumni in qualità di titolare del trattamento dei dati personali, informa che i dati conferiti, verranno utilizzati esclusivamente per lo scopo di gestione del servizio newsletter. Il trattamento avverrà sia su supporto cartaceo che avvalendosi di strumenti elettronici. I dati non verranno in nessun modo diffusi né comunicati ad alcuni terzi. I diritti di cui all’art. 7 del D.Lgs. 196/2003 (aggiornamento, cancellazione,ecc.), potranno essere esercitati rivolgendosi all’Associazione scrivendo all’indirizzo di posta elettronica [email protected]. Al sito www.perfezionisti.it è accessibile la versione più estesa della presente Informativa. ===============================