SENSEI ENTERPRISES, INC.

Call Us at 703.359.0700 or Toll Free 877.978.3440

Click Here For Live Support Make A Payment
Cyber Incident Hotline
Call Us at 703.359.0700 or Toll Free 877.978.3440

New Mexico House Passes Bill to Stop Police from Erasing Evidence

Russell Contreras of the AP reports that the New Mexico House has passed a bill to stop the erasure of evidence in police custody. The bill is aimed at fixing a bill passed in 2019 that requires law enforcement to wipe out some digital evidence. If the bill is signed into law, it would stop law enforcement from having to destroy seized electronic evidence that is obtained through a search warrant but not the target of an investigation. The bill, having passed in the House, is in the hands of Gov. Michelle Grisham, who is expected to sign the bill into law, where it would take effect immediately.

Under the current law, law enforcement has to wipe specific evidence after 30 days. The new bill allows for police to seal the seized evidence and then obtain a court order to use the evidence in another unrelated investigation.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Superior Court Judge Charged with Computer Trespass in Georgia

This month the trial of Judge Kathryn Schrader has gotten underway in what the Atlanta Journal-Constitution is calling a hacking case. Hacking may not be the most appropriate description of a situation where one simply provides access to a system, nonetheless, Gwinnett County Georgia has indicted one of its own County Judges with a charge of felony computer trespass. The charge stems from an alleged incident in which Schrader hired a private investigator to look into what she felt may have been a conspiracy against her in the county superior court. 

The investigation into Schrader’s potential wrongdoing started last year when another individual, Ed Kramer, was arrested on an unrelated charge. Kramer is not a stranger to the Gwinnet County court system, having been indicted with and eventually pleading guilty to three counts of child molestation there in 2013. It was, however, his arrest in 2019 that began Schrader’s legal trouble. After allegedly taking photos of a 7-year-old child without permission, police arrested Kramer and searched his electronic devices for evidence of the covertly taken photos. During this search they also discovered a file bearing Schrader’s name on his computer.

Things unraveled from there with two private investigators and Kramer, their part time computer analyst, also being charged in the matter after it was determined that they may have all been involved in monitoring the County Court network traffic.

Incidents such as documents mysteriously printing in her chambers, apparent access by others in the court to personal files and suspicions that a county prosecutor may have been able to login to her terminal all led her to believe her work computer may have been hacked. When county IT staff’s efforts to remedy these concerns failed to satisfy Judge Schrader, she took it upon herself to hire the private investigator to monitor activity on her work system. The PI installed monitoring software on the county computer and hired Kramer to analyze the monitoring logs. The PIs and Kramer have all reportedly agreed to deals with the prosecutors to avoid trial which include testifying in the case against Schrader. The trial is ongoing and it would seem certain that there will be some interesting digital evidence introduced as the case progresses.       

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Digital Evidence Coming to Forefront in Disappearance of 5 year old

A disappearance that led to an Amber Alert in the Jacksonville Florida area has unfortunately progressed to an investigation into the death of 5 year old Taylor Williams. The young girl’s mother, Brianna Williams, has become a person of interest in the case after reportedly attempting suicide by overdose after her daughter’s body was located in rural Alabama.

Discovery material filed in the matter has provided some insight in the ongoing investigation. There appears to be a wide variety of digital evidence including cellphone records and web browser search history. Prosecutors have also issued subpoenas for data from cloud sources including a Google account, Apple’s iCloud and even Match.com.

With all of these different sources of information, the government’s forensic investigators may be able to put together a detailed record of activity and potentially even GPS coordinates for the devices involved. Williams is currently charged with two counts of child neglect and providing false information to law enforcement. She has pled not guilty to all counts.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Data from Damaged Mobile Phones: NIST Tests

The National Institute of Standards and Technology (NIST), recently released an article examining the methods that can pull data from damaged mobile phones. The two methods the NIST researches use to extract the data of interest are called Chip-off and JTAG.

The Chip-off and JTAG methods of pulling data of a phones involve connecting directly to specific data chips on the circuit board. These methods may be useful when the device in question no longer powers on or damage to the data port has occurred.

The work being performed by NIST will advance the way digital forensic labs address future examinations by pinpointing the best tools for the job. By finding the most effective method to extract the data, time and money will ultimately be saved.

Digital forensic expert Rick Ayers commented on the study by saying “Many labs have an overwhelming workload, and some of these tools are very expensive. To be able to look at a report and say, this tool will work better than that one for a particular case — that can be big advantage.”

Additionally, NIST has JTAG and chip off reports available to view on the Department of Homeland Security website.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Evidence Tossed in Murder Case

Dale Ellis of the Arkansas Democrat Gazette, writes that prosecutors in the murder trial of Tony Warren suffered a setback when the Circuit Judge tossed out a key piece of evidence. Warren, 21, was charged in April of 2019 for the shooting death of Clifton McDowell, 24 at the intersection of Iris Street and Howard Drive in Pine Bluff, AK. Warren was originally arrested on drug and firearm charges during a traffic stop in April where police found 21 grams of marijuana, a Springfield Armory semi-automatic handgun, a box of .45 ACP ammunition, digital scales, and a cellphone. Warren was then charged three days later in connection to the death of McDowell.

Counsel for Warren, Megan Wilson-Lowman, argued in a suppression hearing on January 7, 2020 to suppress evidence taken from the cellphone. Arguing that the search warrant policed used to collect incriminating information from the cellphone was too broadly written. Wilson-Lowman disputed that the warrant appeared to allow for the police to search for drug related activity when the police were actually searching for information relating to the shooting death of McDowell.

Evidence obtained from the cellphone indicated that Warren was around the area that the shooting took place, when he had originally claimed to be in Little Rock when the shooting took place. Circuit Judge Alex Guynn ruled that the search warrant was “overly broad” and that the search of the cellphone did not return any evidence that was cited in the search warrant.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Impeachment Case Results in Interesting iPhone Forensics Development

Technology news websites Gizmodo and Motherboard by Vice recently reported on the FBI’s ability to extract data from Lev Parnas’s Apple iPhone without having access to the device’s password. This accomplishment is most noteworthy because Parnas’s device is an Apple iPhone 11, one of Apple’s newest models, which would be running a relatively up-to-date version of Apple’s notoriously secure operating system iOS. Reports indicate the mobile phone forensics company Cellebrite was involved in the phone’s unlock.

It’s not clear if the device was unlocked by technicians from Cellebrite or if it simply provided the hardware or software means for the FBI to unlock the device. Currently, the forensic solutions offered by Cellebrite to digital forensic practitioners in the public sector do not provide this ability. As of this post, digital forensic consultants cannot unlock an Apple iPhone 11 without the password. It is also interesting to consider that while the FBI was apparently able to circumvent the password on this device the FBI, as well other government agencies, continue to pressure Apple to enable backdoor access into its devices and iCloud backups for law enforcement. 

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Duo Arrested Due to Evidence Found on Cellphones

Don Reid of The Daily Reporter reports that two Branch County (MI) men were arrested after evidence to plan and commit crimes was discovered on their cellphones. In response to a break in on January 12 at the America’s Best Car Wash, Quincy Police officer Estrada noticed that the door had been forced open. Through the use of a K-9 unit, the police were able to locate a parked car where Joshua Montgomery and Ray Hyde were found. Police discovered each man possessed a glass pipe which tested positive for meth. The car belonging to Montgomery was searched and additional drug paraphernalia was found as well as a bag containing 6.4 grams of meth. Montgomery admitted to selling meth and originally denied knowledge of the break in. Police seized the phones of both men on the scene. Analysis of the devices turned up evidence in text messages of the two planning several break ins to take money from businesses. A computer was also examined in the case where evidence was found that there were plans to travel to Battle Creek, MI to pick up drugs.

Montgomery was charged with possession with intent to deliver and using a computer to commit the felony, which both carry a term of 20-years. Additionally, he was charged with using a computer device to plan break-ins, conspiracy to break and enter a building, possession of burglary tools, and breaking into the car wash, all the charges carrying terms of 10-years. Prior convictions on Montgomery’s record could lead to a term of life in prison.

Hyde was charged with possession of meth, using a computer device to plan break-ins, conspiracy to break and enter a building, possession of burglary tools, and breaking in to the car wash, all which carry 10-year terms. Hyde was also charged as a habitual offender due to prior convictions of child abuse and possession of a firearm in commission of a felony, doubling his penalty.

Bond for both men was set at $100,000 each.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Digital Forensic Examiners Called in to Assist Iowa City

The city of West Des Moines Iowa has been experiencing serious issues with its servers and network recently. Reports indicate these issues are the result of an attack specifically designed to damage civic operations.  When the attack was first discovered, reports say that staff immediately shut down the network. This undoubtedly caused significant headaches for not only city employees but also citizens, vendors and contractors. With the network shut down, computer forensic investigators and cyber security experts were called in to investigate the attack. Law enforcement and the FBI have also been notified. While the network is reported to be back up and running now, it seems to be operating at a diminished capacity as a press report indicates “email may not be working consistently for all city staff or elected officials.”   

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Travelex Hit with Ransomware Attack

Currency exchange company Travelex has recently fallen victim to a ransomware attack demanding a payment of 3 million dollars. Visitors of Travelex.com are greeted with a press release detailing the attack, alongside the steps the company is taking to get back up and running.

According to The Guardian, the hackers responsible for the attack are threatening to release personal information belonging to Travelex customers. This information is said to include social security numbers, dates of birth, and payment information.

The attack occurred on December 31st, when Travelex discovered certain data from their systems had been accessed and ultimately encrypted. Upon discovery of the intrusion, Travelex took all their systems offline to prevent further unauthorized access. There is currently no evidence suggesting the encryption or exfiltration of customer data, however the situation is currently still under review. Travelex has hired a forensic team to assess the current extent of the virus and assist in getting their systems up and running.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Judge Orders Forensic Examination of Laptop in Florida Case

According to CloudNine, a Florida judge has issued a motion for inspection of a laptop belonging to a group of defendants for the second time. The defendants objected to the initial request, but were met with the same outcome as the judge held that a forensic examination was warranted.

The case, HealthPlan Servs Inc. v Dixit et al, involves copyright infringement and a breach of contract. Initially, the court required the defendants to turn over the hard drives in question to their attorneys and have the plaintiff designate an expert to examine them. When the defendants objected to the request for a forensic examination, the plaintiff contended the defense lacked an adequate reason to avoid an expert selection, and the refusal might constitutea way to cover up possible evidence spoliation.

The judge ordered that the laptop be examined in order to obtain specific metadata information from files of interest, citing that the metadata would not be available if provided in a PDF format.

Email: sensei@senseient.com   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Call us at 703.359.0700 or toll free 877.978.3440
ccemsce mcitp ccnp cissp

See all certifications »

© 2020 SENSEI ENTERPRISES, INC. | 3975 UNIVERSITY DRIVE, SUITE 225, FAIRFAX, VA 22030 | LICENSED SECURITY SERVICES BUSINESS (DCJS# 11-6444)

| Privacy Policy |