Testing Password Encryption Strength

Testing the Password Encryption Strength of NT LAN Manager and LAN Manager Hash Security risks associated with weak user-created passwords are well documented. In 2009, for example, cyber security provider Imperva analyzed more than 32 million passwords that were released in a 2009 data breach. More than 50% of the passwords involved poor user password […]

NPR’s Marketplace – Your Boss May Know You Want to Quit Before You Do

Honored to be interviewed on NPR’s Marketplace on how forensic evidence can identify key employees who are planning to quit after receiving their bonuses (and maybe taking secrets).  We see a big spike in trade secret theft during the bonus season – but interestingly the taking can start months in advance when the star salesperson or software […]

Using iOS Backup Files to Obtain Text Messages from Apple Devices

In several forensic investigation cases, Kivu has analyzed iOS backup files as a method of obtaining evidence of text messages or other data from an iOS device, usually when an iOS device is not readily available or as a means of cross-correlating evidence. These backups are often made to the custodian’s computer when they connect […]

Good Data Quality is Better Security

Data quality is not a glamourous subject. It is not the type of topic that headlines a conference or becomes front-page news. It is more typically suited for help guides and reference manuals that few individuals relish reading. However, organizations that acknowledge the importance of data quality and have strong data quality programs significantly reduce […]

HIPAA Data Leakage – Is Your Protected Health Information Secure?

The misnomer of HIPAA compliant software is prevalent in the health care industry. Too often, HIPAA-regulated entities rely on vendor controls and claims of compliance as a substitute for their own HIPAA security programs. While the vendor software itself may meet the requirements of HIPAA compliance for the discrete functions it performs, the truth of […]

Hidden data: hidden threat

Some of the worst and most costly data breaches occur because an organisation doesn’t know what and how much data they have stored, says Winston Krone Managing Director, Kivu Consulting. In many cases, businesses have simply been unaware that they hold sensitive data such as healthcare or financial information, and “…haven’t purged data, they haven’t […]

Five Things Hackers Don’t Want SMB’s to Know

#1. Anti-virus programs are generally ineffective #2. Your firewall faces the wrong way #3. You are the weakest link in the Cloud #4. Advising your employees not to open emails from “strangers” is counter-productive #5. Encrypting your company’s portable devices isn’t enough Many small-to-medium (SMB) sized businesses believe that they aren’t important or large enough […]

Collecting Forensic Data from Apple Devices

Kivu’s digital forensic professionals are seeing an ever-increasing number of Apple devices being used within organizations. Our forensic professionals have extensive Apple experience and have provided expert testimony on a number of legal cases involving Apple devices. The Challenges of Collecting Data Mac computers are known for having a secure delete function built into the […]