EFORENSICS COMPUTER 1/2013 FREE TEASER

Dear Readers,

We would like to present you with the latest issue of eForensics Computer Magazine!

Taking advantage of its publication, I would like to welcome a number of our new readers who have joined us lately. It’s not easy to become a forensics expert, but our community is growing stronger and the interest in digital forensics is more and more visible. We hope to help cyber security communities develop their techinques that make our computers safe and secure in the modern, industrial world.

In the opening article, antimalware expert Kevin McAleavey provides us with the inner secrets of malware analysis. This is a long, detailed and interesting article that I would gladly recommend. Since the malware can not only threaten the process of conducting investigations, it can also threaten the evidence obtained from those investigations itself. Evidence tainted by unknown and undetected malware has acquitted those prosecuted, and investigations of malware attacks have failed because of the inability to locate the direct evidence of an attack.

Your travel through the world of malware continues with our expert Ram Shmider who takes a differen approach to the subject. To start your malware analysis journey you need to keep in mind that the files or machine you are working on are infected with real live malware. As your anti-malware tools might not be able to detect and stop this malware, it’s important to learn basic steps that a malware analyst would take when interacting with the infected environment. Our expert leads how to set your own isolated lab for tests up.

We received a lot of your requests about publishing more articles touching upon Linux. We respond to your request with the article of Alexey Lyashko who leads you further with subject of malware; presenting Emulation of Win32 Environment for Malware Research on a Linux Machine. He explains why Linux may be a powerful utility for unpacking and decrypting protected malicious executable files, taking memory dumps, etc. You will extend your knowledge of how processes are created and managed in both Linux and Windows operating systems. All this is the tip of the iceberg. In fact, the deeper you delve, the more you achieve.

In the next set of articles we chaange the subject and our dear friend and contributor, Colin Renouf, explains how to reverse engineer complex enterprise Java applications. He looks at the tools and techniques, and then applies them to understanding how a common enterprise level application server works – allowing us to relate the applications running upon it to the application server itself and the platform on which it runs.

In the last two articles we cover more theoretical subjects. As well as identifying direct evidence of a crime, digital forensics can be used to identify sources, for example, in copyright cases. According to Jason Pfoutz, intellectual property problems can become a major threat to security. Do you think that everything should be free or maybe individuals should get what they paid for? The answer may seem to be simple but in reality it’s not.

In the last article our expert, Elias Psyllos, poses a question whether Certified Forensic Examiner help should be used every time in any electronic discovery matter. Whenever a matter that requires the collection or preservation of Electronically Stored Information arises, the first thought of most companies is to have their internal IT department involved. The author explains the risks involved while performing self-collection.

I would like to thank you for all support and feedback that we receive from you in your messages. As it’s the first issue in 2013, we would like to ask you for a feedback concerning our work. We would be more than pleased if you could respond to these questions: Are we on the right track? What are your expectations towards the magazine? Which topics are you most interested in? We are here for you and as we repeat, the everyday reader’s opinion is the most valuable for us. It is You who creates eForensics!