Target has their own forensic lab to investigate shoplifters
https://thehorizonsun.com/features/2024/04/11/the-target-forensics-lab/
#HackerNews #Target #Forensics #Shoplifting #Retail #Security #Investigation
Claudius Link
boosted
I don't usually post work or business related things on here, as it's my outlet for therapeutic shitposting BUT that said, I was reminded yesterday that 2025 marked the 10th year in business for my little venture, Secure Being, an #infosec consultancy focused on issues that impact real people.
I originally set it up with two goals - 1) manage book related things, and 2) as I became more leadershippy™️ in my day job, I wanted to have the opportunity to stay hands-on, and still engage in pen-testing and forensics and all the good stuff I love.
I don't aggressively advertise the company, it's a word of mouth type thing really, I have a regular core of customers at this point, who keep me busy - but of course, always happy to add new ones.
This last year was probably the most fun I've had with it though, I done infosec work for a professional sports arena, a brand new model of jet aircraft and its avionics, and I've had about 6 or so critical findings on various products that have caused me to stop testing, and get immediate fixes in place - as the issues discovered were extremely risky to, not just businesses, but actual human people too - which of course was the main focus.
So yeah, here's to another 10 years! And if you are ever in the market for a pentester, forensicator, or anything else really - give us a look!
Cheers!
I don't usually post work or business related things on here, as it's my outlet for therapeutic shitposting BUT that said, I was reminded yesterday that 2025 marked the 10th year in business for my little venture, Secure Being, an #infosec consultancy focused on issues that impact real people.
I originally set it up with two goals - 1) manage book related things, and 2) as I became more leadershippy™️ in my day job, I wanted to have the opportunity to stay hands-on, and still engage in pen-testing and forensics and all the good stuff I love.
I don't aggressively advertise the company, it's a word of mouth type thing really, I have a regular core of customers at this point, who keep me busy - but of course, always happy to add new ones.
This last year was probably the most fun I've had with it though, I done infosec work for a professional sports arena, a brand new model of jet aircraft and its avionics, and I've had about 6 or so critical findings on various products that have caused me to stop testing, and get immediate fixes in place - as the issues discovered were extremely risky to, not just businesses, but actual human people too - which of course was the main focus.
So yeah, here's to another 10 years! And if you are ever in the market for a pentester, forensicator, or anything else really - give us a look!
Cheers!
Jimmie Duncan spent 27 years on death row, convicted in part based on evidence experts now consider to be junk science.
But even after the overturning of his murder conviction and his release on bail, Louisiana still wants to execute him.
https://www.propublica.org/article/jimmie-duncan-louisiana-death-row-inmate-released?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon-post
YunoHost :disability_flag:
boosted
Great news!! A much waited Android forensics app was just released in beta version: Bugbane allows self-analyzing our devices for indicators of malwares such as Pegasus or the Cellebrite's ones, using Amnesty International's Mobile Verification Toolkit directly on the phone. Consider sending your feedback to the team!
https://osservatorionessuno.org/blog/2025/09/bugbane-simplifying-consensual-android-forensics/
#bugbane #forensics #infosec#android#MVT #phonesecurity #pegasus #cellebrite
Great news!! A much waited Android forensics app was just released in beta version: Bugbane allows self-analyzing our devices for indicators of malwares such as Pegasus or the Cellebrite's ones, using Amnesty International's Mobile Verification Toolkit directly on the phone. Consider sending your feedback to the team!
https://osservatorionessuno.org/blog/2025/09/bugbane-simplifying-consensual-android-forensics/
#bugbane #forensics #infosec#android#MVT #phonesecurity #pegasus #cellebrite
Angela Antunovic
boosted
In her report, Dr Kirsty Wright described the management of the lab as "one of the greatest failures of a justice system in the world", and recommended the Queensland government outsource testing. https://www.abc.net.au/news/2025-08-10/forensic-science-queensland-dna-lab-saga-shandee-blackburn/105624650https://www.abc.net.au/news/2025-08-05/queensland-forensics-lab-dna-bungle-budowle-report/105614062https://www.abc.net.au/news/2025-08-04/dna-report-dr-kirsty-wright-forensic-sciences-queensland/105609328 #biotech #forensics #qldpol #auslaw
In her report, Dr Kirsty Wright described the management of the lab as "one of the greatest failures of a justice system in the world", and recommended the Queensland government outsource testing. https://www.abc.net.au/news/2025-08-10/forensic-science-queensland-dna-lab-saga-shandee-blackburn/105624650https://www.abc.net.au/news/2025-08-05/queensland-forensics-lab-dna-bungle-budowle-report/105614062https://www.abc.net.au/news/2025-08-04/dna-report-dr-kirsty-wright-forensic-sciences-queensland/105609328 #biotech #forensics #qldpol #auslaw
Update 3: You can find my PostMortem here: https://infosec.exchange/@masek/114721620930871030
Update 2: As far as I can tell, the servers that caused the leak belonged to the DOJ in Montana. We reached them in two ways:
- Through this post we got contact to the vendor of the software. With the Serial# (in the extraction reports) they could identify whom to call.
- A friend had a contact in one of the affected police department and they reached out to the DOJ.
Thanks to this community I was also able to get a contact within the FBI. Furthermore some media contacted me and a lot of Mastodon users provided me with additional contacts.
Event though I contacted the AG in Monatana and one PD, no one has reached out to me from the DOJ side.
Update 1: Leak is closed. Will write more tomorrow. Thank you to everyone who helped.
Phone forensics
Usually law enforcement is very secretive about them analyzing the phones of suspects.
But a forensic lab in #montana is extremely transparent about it. They put the dump of every phone on a public share. Everyone with Internet access can access those dumps.
While I am usually a proponent of government transparency, this takes it a bit too far even for my taste.
Every phone dump is one directory and some case names can be easily connected to crime & death headline news in the U.S.
So for one case I am pretty sure, that I can even say which Sheriff is responsible for that one of the investigations.
I sent that Sheriff an email, i sent him a text message and I even spoke on his voicebox. I even sent him the extraction report from Graykey.
It is really frustrating that I get no response at all. The leak is still open.
The security researcher that found the leak also tried some contacts but had as little success as I do.
I personally believe that this leaks even constitutes a federal crime. Some cases have names ending on CSAM. The security researcher stayed away from any of those and I did not access the files on that server at all.
So does anybody know someone within the #fbi that would give a shit about that. I am getting very tired.