eForensics OPEN - THE UNHACKABLE CLOUD

Dear Readers,

We present you with a new open issue of eForensics Magazine. We are really proud of the material we managed to gather in this publication and we hope you will enjoy reading it as much as we enjoyed putting it together for you.

For starters, we would like to introduce you to Bruce Khavar, the  the CEO and President of Cyber Advanced Technology. He in turn would like to talk to you about his new, game-changing project.

Then we will take a long and deep dive into more technical articles. First up we have Monnappa K A with his article on malicious Excel spreadsheet, then Israel Torres with a basic malware analysis tutorial, a preview from Wolf Halton’s upcoming book - a chapter on  phishing in Windows using Social Engineering Toolkit and Backdoor Factory on Kali Linux 2.0, and finally we top it off with a guide to e-mail forensics written by Sundar Narayan.

Next, for something slightly different, we present two articles: in the first one, Brian Wilson will tell you why exactly companies should consider certifying all their employees in cybersecurity; then Matthew Cook will take you to the world of video game fraud.

We close the magazine with a review by Bob Monroe and two of our interviews - some of you may have even seen them on our blog. If you haven’t now’s your chance to read them - but check out our blog anyway, we have plenty more waiting for you there!

We would also love it if you joined us on social media - we’re on Twitter, Facebook and LinkedIn. Our LinkedIn group recently hit a 1,000 members and we want to take this opportunity to thank you all again for your continuous support for the Magazine. We wouldn’t be here if it wasn’t for you!

Enjoy your reading,
eForensics Magazine
Editorial Team

TABLE OF CONTENT

The Unhackable Cloud - Interview with Bruce Khavar, the CEO and President Cyber Advanced Technology Inc.
by Marta Sienicka, Marta Strzelec

We have talked with Bruce Khavar, the CEO and President of Cyber Advanced Technology, Inc. (CAT, Inc.). Armed with his signature OT-OCN technology, Bruce is raising the standard for cyber security from anti-hacking defenses to unhackable solutions. In this interview we discussed his new, exciting project, a evolutionary and revolutionary cyber security architecture and the change it will bring to our understanding of security. He told us all about the project itself, its Secret Sauce, and exactly how (un)hackable it is.

Analysis of Malicious Excel Spreadsheet
by Monnappa K A

Malicious Office documents are often used in targeted attacks against individuals or organizations. Attackers embed malicious code into documents - Excel spreadsheets or Adobe Acrobat PDF files. This article contains the analysis details of the malicious spreadsheet that delivered malware to its victim in a spear phishing campaign.

Basic Malware Analysis using Kali
by Israel Torres

Case Study - basic malware analysis in Kali Linux performed on a suspicious document.

Phishing Windows With the Social Engineering Toolkit and Backdoor Factory on Kali Linux 2.0
by Wolf Halton, CBA

This article is a preview of a soon-­to-­be-­released Packt Publishing book by Wolf Halton and Bo Weaver about cracking Windows with Kali Linux.

A Practitioner's Guide to Forensic Email Reviews
by Sundar Narayanan

While a lot has been said about the approach towards handling emails as a source of evidence in forensic reviews, the approach towards using them as a tool to profile a subject is emerging at a snail’s pace. In this article, we will examine the context, approach, and practical reasons regarding such an approach for forensic email reviews.

The Rationale for Company-wide Cybersecurity Certification
by Brian Wilson, Senior Instructional Designer at Logical Operations

When it comes to costly security breaches, the most frequent cause is not technology, but people. While rapid changes in technology have contributed to the challenges of cybersecurity, the most critical flaws in your organization’s security may be surprisingly low tech — such as someone leaving a door unlocked, leaving sensitive information posted on a sticky note, naively forwarding sensitive information, or clicking a malicious link in an email message. This article discusses the reasons that speak for introducing a company-wide cybersecurity certification.

Virtual Worlds: The Next Frontier For Online Fraud
by Matthew Cook, Co-founder of Panopticon Labs

Every day, gamers from around the world - from dedicated, hard-core players who invest weeks or months in their characters, to casual players of Facebook - face organized teams of professional fraudsters and cheaters. In this article, Matthew Cook, Co-Founder of video game security company Panopticon Laboratories, will discuss the results of an 18 month-long effort to interview game publishers, developers, and operators about why the game industry has come under fire from hackers and fraudsters, and what they estimate the problem is costing them.

Review: Sain Smart DS 202 Pocket Oscilloscope
by Bob Monroe

Interview with Abdeslam Afras, Vice President of International Markets, AccessData
by Marta Strzelec, Marta Ziemianowicz

Being safe online is just as important as being safe walking down the street – Interview with Heather Dahl , Co-founder of The Cynja LLC
by Marta Ziemianowicz