Are you Shellshock’d? {bashbug}

By: Kyle Cavalieri

Are-You-Shell-Shocked-DIGITS-LLCOn September 25, 2014, a new vulnerability that affects most versions of Linux and Unix operating systems, which includes Mac OS X, was discovered. According to security researchers, given the reach of the Bash itself and combined with the sheer volume of devices and application that rely on the Bash, Shellshock is likely going to be larger than the Heartbleed vulnerability that was identified earlier this year. If Shellshock is exploited successfully, the vulnerability could allow an attacker to gain control over a targeted computer.

Bash is a common component of Unix and Linux systems and is commonly referred to as ‘shell.’ Bash acts as a mechanism for the user to instruct the operating system what to do. The vulnerability lies in the fact that an attacker can imbed malicious code into application code that require Bash to execute. At this time, the most critically vulnerable systems are Web servers running the aforementioned OS’s. Although, non-Web servers are also vulnerable, specific conditions need to be in place in order for an attacker to gain control. Imbedded systems that are running Bash that are Internet facing, such as surveillance systems, routers, conferencing and IP based phone systems may also be vulnerable and should be inspected appropriately.

Once the targeted system has been exploited, the attacker can extract password lists off the system and use those passwords to move laterally within the network to gain access to other systems with the company’s production environment.

Due to the wide spread nature of this vulnerability, cyber security companies, like DIGITS LLC, are able to detect whether your systems are currently vulnerable to this latest threat. Contact a cyber security specialist today for more information.

www.digitsllc.com

DIGITS LLC

Internet Security with Computer Forensic Expert

Recently DIGITS LLC‘s Director of Computer Forensics and Investigations was featured on WIVB, Buffalo’s Channel 4 News, about the topic of Internet viruses.  Kyle Cavalieri is an expert in Cyber Security and offered his opinion about these Internet viruses that could put anyone connected into the web in a bad situation. Check out the video below for more information on how to stay secure from this ‘ransomware’ Internet virus.

Panelist Discussion “The Virtual Reality of White Collar Crime”

On December 12, 2013 infoTech Niagara will be hosting a panelist discussion, at the Buffalo Niagara Marriott, on the topic of “The Virtual Reality of White Collar Crime”.  Breakfast will be provided at 7:30 a.m. and the discussion will last until 10:00 a.m.

Panel of experts include:

Dennis C. VaccoB. Kevin Burke, JrMichael McCartney

  • Michael G. McCartney, President & CEO, DIGITS LLC


When:
 Thursday, December 12

Where: Buffalo Niagara Marriott, 1340 Millersport Highway, Amherst, NY 14221

Time:  7:30 a.m. registration & full breakfast buffet; 8:15 a.m. – 9:45 a.m. presentation

Cost:  $20 ITN members; $40 non members

Click here to register for The Virtual Reality of White Collar Crime panelist seminar

Vulnerability Assessment in Response to Cyber Attacks

Vulnerability Assessment - web

DIGITS LLC offers a complete suite of vulnerability assessment services that enable companies to identify critical security threats.

DIGITS LLC’s President and CEO, Michael McCartney, explains that “Congressman Chris Collins, Chairman of the Small Business Subcommittee on Health and Technology, outlined statistics that show that nearly 60 percent of small businesses will close within months after a cyber-attack. A recent report shows nearly 20 percent of all cyber-attacks are targeting small firms with less than 250 employees.”

In response to this alarming trend, DIGITS LLC released a complete suite of vulnerability assessment services that assist companies to identify critical security threats that may expose their data to an unauthorized third party.

McCartney continues to explain “Many companies are poorly equipped to take on the task of identifying their infrastructure pain-points and therefore, find themselves at a high risk for cyber-attacks and data breach.”

DIGITS LLC’s experts leverage their decades of information technology, computer security and investigative experience to assist their clients in identifying security vulnerabilities and help them develop a road map for remediating those threats.  DIGITS LLC provides a 3rd party security assessment and validation that follows a proven methodology and leverages industry best practices.  These types of assessments also reduce unauthorized access, data exfiltration and data manipulation as well as assist companies to comply with regulations such as PCI DSS, HIPAA / HITECH and NIST.

Examples of the services provided include: External Network Perimeter Vulnerability Assessment, Internal Network Vulnerability Assessment, Active Directory Reviews, WLAN Assessments, VoIP Assessments, OS Patch Management Assessment, Device Configuration Management Review, and Source Code Review of Company Developed Applications.

Additional information about DIGITS LLC’s Vulnerability Assessment Services can be found at http://www.digitsllc.com/vulnerability-assessment.

Computer Forensics with NYSSCPA’s & The Bar Association of Erie County

Bar Association of Erie County

NYSSCPA

BUFFALO CHAPTER OF NYSSCPA’S IN COOPERATION WITH THE BAR ASSOCIATION OF ERIE COUNTY PRESENTS:

Computer Forensics

With: Michael McCartney, President/CEO, DIGITS LLC

 2 CPE credits – Course Code: 29015402

Thursday, October 24, 2013

3:30 pm ~ presentation

5:30 pm ~ cocktails

$40 – per person includes 2 drinks and hors d’oeuvres.

Location:

Salvatore’s Italian Gardens
6461 Transit Rd  Depew, NY 14043

 Learn about:

  • Different ways your client data can be stolen
  • Do and don’ts if your data files are stolen
  • Case studies of companies without proper systems and technologies
  • Implementation of proactive computer forensic techniques

For additional information about this presentation, please contact Todd M. Zgoda, CPA at (716) 759-8358.

For questions about DIGITS LLC hosting a Lunch & Learn presentation for your organization, please contact Kelly Merz at 877-216-2511, ext. 5. or visit www.digitsllc.com for more information.

Digital Forensic Articles

DIGITS LLC was founded in 2006 to fill the need in the legal and corporate communities for highly skilled digital forensics, proactive cyber security services, corporate computer investigations, cyber security incident response and advisory services, eDiscovery and litigation support services, and general digital forensic consulting needs.

In conjunction to our services, the principles of DIGITS LLC have authored many articles about the digital forensic industry.  Click the link below to read articles in which DIGITS LLC has been published in various media sources.

DIGITS LLC Articles in the News

DIGITS LLC

www.digitsllc.com

DIGITS to Speak at Homeland Security Management Institute Cyber Conference

We are excited to have Michael McCartney, President/CEO of DIGITS LLC, presenting at the HSMI Cyber Conference on Wednesday, July 31, 2013! The conference will be held at the Public Safety Training Facility, 1190 Scottsville Road, Rochester, New York 14624 in room 117.  Find the conference agenda below.  For any questions, please contact:

Sheila Manns: 585.753.3921, email: smanns@monroecc.edu
Glenn Greibus: (Day of Conference): Cell 585.721.7071, email: ggreibus@monroecc.edu

Homeland Security Management Institute

AGENDA
8:15 – 9:00
Registration and Continental Breakfast
9:00 – 9:15
Welcome……………..……………………….……………………………………….John J. Perrone Jr.
Director
Homeland Security Management Institute
Opening Remarks……………..……………….…………………………………………….Todd Oldham
Vice President
Economic Dev. & Innovative Workforce Svc.
9:15 – 10:15
…………….…………….………………………………………………………………….…Edward Suk
Executive Director
National Center for Missing & Exploited Children
10:15– 10:30
Break
10:30 – 11:15
…………….…………….………………………………………………………………….…Edward Suk
Executive Director
National Center for Missing &Exploited Children
11:15 – 12:15
…………….…………….……………………………………………………………Michael McCartney
President/CEO
DIGITS LLC
12:15 – 1:30
Lunch
1:30– 2:45
……………………………………………………………………………………………SA Kevin Parker
FBI Buffalo Division/Rochester RA
2:45 – 3:00
Break
3:00 – 4:00
………………………………………………………………………………………………..Ryan Peck
Assured Information Security
4:00
Closing Remarks John J. Perrone Jr.
Director, Homeland Security Management Institute

DIGITS LLC

www.digitsllc.com

Mobile Forensics & Data Breach Repercussions

Buffalo Law Journal

DIGITS LLC, Digital Forensics Investigators, were featured twice this this weeks publication of the Buffalo Law Journal and Buffalo Business First.  Articles featured include:

DIGITS LLC fills the need in the legal and corporate communities for highly skilled digital forensics, proactive cyber security services, corporate computer investigations, cyber security incident response and advisory services, eDiscovery and litigation support services, and general digital forensic consulting needs.

Click the links below to read each of these articles from the source:

DIGITS LLC

www.digitsllc.com

Who’s Who in WNY Technology 2013

Michael McCartneyMicheal McCartney, President/CEO of DIGITS LLC, was featured in Buffalo Business First’s Who’s Who in WNY Technology 2013.

Company expertise: Digital forensics, proactive digital forensics, corporate computer investigations, cyber security incident response, cyber security advisory services, eDiscovery and litigation support services.

Buffalo Business First Who’s Who in WNY Technology 2013 – http://bizj.us/sgo03/i/17

DIGITS LLC Digital Forensic Solutions

www.digitsllc.com

DIGITS & Harter Secrest & Emery featured on Greater Rochester Enterprise Podcast

Eyes on the Feature, Greater Rochester Economy, WHAM 1180

DIGITS LLC and Harter Secrest & Emery were featured on WHAM 1180’s “Eyes on the Feature” of the Greater Rochester Economy.  Jeff Calabrese, Partner of Harter Secrest & Emery, and Michael McCartney, President/CEO of Digits, discuss non-compete clauses and why it is important for businesses to have them.

Click on each of the links below to listen to each of the segments on non-compete clauses.

Importance of Non-Compete Clauses – 10:35
3 Main Categories of Non-Compete Disputes – 6:29
What Your Computer Usage Could Say About You – 14:38
What to Look For When Recruiting a New Employee – 7:29

DIGITS LLC

www.digitsllc.com