now browsing by tag


Computer Forensic Analyst

Source: National Cyber Security – Produced By Gregory Evans

Taxation & Finance, State – Albany, NY
Bachelor of Science Degree in Computer Forensics, Computer Science, or related field AND a minimum of (24) months of satisfactory experience performing the duties of a Computer Forensic Analyst 3 or its equivalent in another computer forensic environment; AND possession of a Computer Forensics certification such as EnCE, CFCE, ACE or similar certification. Certification may be substituted with a minimum of (160) hours of Computer Forensics training with computer forensic tools such as Encase, Access Data FTK and ASR SMART OR a professional certification such as the Certified Computer Forensics Examiner, Certified Computer Examiner, GIAC Certified Forensic Examiner or GIAC Certified Computer Analyst; AND verifiable training with computer forensics tools such as Encase, Access Data FTK and ASR SMART; AND significant Computer Forensics casework experience and experience testifying before a court of law or administrative hearing as a Computer Forensics expert. Candidates must be able to obtain and maintain a professional certification such as the Certified Computer Forensics Examiner, Certified Computer Examiner, GIAC Certified Forensic Examiner or GIAC Certified Computer Analyst within one year of appointment to this level. 

Substitution: (4) years of work-related experience in the field of Computer Forensics may be substituted for the required Bachelor’s Degree. 

The duties that the incumbent of the vacancy will be expected to perform. Duties Description 
Under the general direction of the Director, the Computer Forensic Analyst 4 performs the following duties: 

• In accordance with Department policy, rules and regulations, office guidelines and industry standards, conducts data acquisition and archival; hardware, software and tool testing and validation; and physical examinations of computers, electronic devices and various Department computer network systems. 

• Copies data from multiple operating systems and mobile computing devices. Prepares copied data for archiving into digital media. Verifies the integrity of the forensic copies to be used for analysis. 

• Conducts physical examinations of computer and other electronic computing devices by inspecting the hardware peripherals in devices submitted as evidence. Document the physical condition of evidence computers and devices. 

• Disassemble and reassemble various types of electronic data or communication devices. 

• Test and validate computer hardware, software and forensic analytical tools using established procedures and guidelines. 

• Prepare and submit required documentation for admittance into evidence in court proceedings. 

• Perform computer hardware, software, network and internet related research to troubleshoot and maintain computer forensic laboratory equipment and network. 

• Assist in the review and preparation of evidence. Prepare computer and multimedia digital evidence for court presentations. 

• Testifies in court and other proceedings regarding casework involving routine laboratory processes such as acquisition, archival and analysis. 

• Examine computers and other electronic storage devices submitted as evidence. Analyze data by using computer forensic utilities and analytical techniques. 

• Prepare comprehensive analysis reports to be used in the course of investigations and entered into evidence during court proceedings. 

• Research industry standards and assist Department Investigators in developing procedures for the various stages of computer forensic processes, such as acquisition, archival and analysis of data. 

• Properly maintains the chain of custody and meets evidence handling requirements. 

• Provide technical assistance to Department Investigators during extraction of multimedia digital evidence from computer networks and other technical forensic processes in the field. 

• Recommends changes in operating procedures, equipment, and personnel. 

• Assists with the implementation of hardware and software, as well as modifications to the laboratory equipment and network as requested by management. 

• Analyzes the most complex cases which may involve multiple operating systems and mobile computing devices. 

• Testifies in court or other adverse proceedings regarding the validity of analysis performed by lower-level Computer Forensic Analysts; the processes used, and the relation of evidence to the overall investigation. 

• Advise Department Investigators of possible alternative methods of analysis that would increase accuracy, efficiency and timeliness. 

• Review examinations and analyses completed by staff. 

Additional comments regarding the vacancy. Additional Comments This is a newly classified position and jurisdictional class assignment (non-competitive) is still pending approval. As such, the incumbent will serve temporary in the position until the jurisdictional class is approved. At that time, the incumbent’s status can be changed to permanent. 

Work hours to be determined.

The post Computer Forensic Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Two #Women #Charged With #Hacking Bucks #Computer #Systems

A Bucks student and her cohort were arrested and charged with hacking the college’s computer system to alter her grades and the grades of other students in a microbiology course.
The two women arrested were Aleisha Morosco, a 30-year-old part-time student, and Kelly Margaret Marryott, a 37-year-old employed at a medical office.

Bucks officials have suspected since July that someone had been meddling with students’ grades, and once it was reported to the police, the suspicion was confirmed.

Police said Marryott used the personal information of a Bucks faculty member she gained from her employment at a medical office. From there Morosco allegedly hacked the school’s computer network to change her own grade and the grades of other students.

Stephanie H. Shanblatt, president of Bucks County Community College, released the following statement about the incident:
“Dear Colleagues: Last week, the Newtown Township Police arrested two women in connection with an attempt to change grades at the college last summer. I wanted to assure you that this was an isolated incident. When the college discovered the problem, we reported it to Newtown Township Police and worked cooperatively with law enforcement to resolve the case. Bucks takes the integrity of our data systems very seriously. All of the grades altered in the breach were restored to their correct level. I would like to thank the Newtown Township Police Department for their professionalism in bringing this investigation to its appropriate conclusion. In addition, our gratitude goes out to the Office of Security and Safety, Information Technology, and Online Learning for their prompt attention to this matter.”

Both women have been charged with unlawful use of computer, computer crimes, computer trespass, identity theft, and criminal conspiracy.

Computer trespassing is a very serious crime. PhiladelphiaCriminal- states that “If you are indicted on federal computer crime charges, you can face being sent to a federal prison for years.” The two women were arraigned before District Judge Mick Petrucci and released on $40,000 unsecured bail.

View full post on National Cyber Security Ventures

Computer #Hackers are #Trying to Get Into Your #Wallet

Computer #Hackers are #Trying to Get Into Your #WalletA warning for when you open that next email, it could be hackers trying to get into your wallet. One Bowling Green woman didn’t want to take any chances when she received an email demanding thousands of dollars from someone she’s never met. WNKY News’ Cecilia Herrell found out what you can do to avoid […] View full post on | Can You Be Hacked?

Computer #hacking #investigation #leads to #huge #cache of #child porn

Source: National Cyber Security – Produced By Gregory Evans

A Parkville man was sentenced Wednesday to federal prison after pleading guilty to computer hacking and child pornography charges.

Jacob Raines, 38, was sentenced in U.S. District Court in Kansas City to six years in prison.

Raines pleaded guilty in May to charges of computer intrusion and using a computer to view child pornography over the internet.

The computer intrusion charge involved Raines using a remote server to copy proprietary source code files and file folders from his former employer.

When serving a search warrant in that case, investigators found thousands of sexually explicit images and videos of children, including toddlers and infants.

His attorney on Wednesday argued for a sentence of four years in prison, while prosecutors asked for seven years.

The post Computer #hacking #investigation #leads to #huge #cache of #child porn appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ukrainian #hackers blamed for #computer problems that crashed #multimillion #dollar art #sale

Source: National Cyber Security – Produced By Gregory Evans

An auction house is blaming a paid, deliberate attack that originated from Ukraine for a computer meltdown that shelved a multimillion dollar sale of artwork on Tuesday night.

Scores of people had gathered at Chifley Tower in Sydney’s CBD for an art auction hosted by online start-up Fine Art Bourse, created by Tim Goodman, a former chairman of Sotheby’s, and Adrian Newstead, the founder of Cooee Art.

Buyers were competing for more than 80 artworks, including Emily Kame Kngwarreye’s Earth’s Creation I, which was expected to fetch at least $2 million.

But the auction was postponed after what was described as “an unusually high surge of traffic” overloaded the auction site’s server, which is based in Hong Kong.

William Ehmcke, a director of the online auction house, said in a statement on Thursday that the timing and size of the attack suggested it was paid and deliberate.

“There is also evidence that the auction platform database was hacked, just prior to the auction launch, to further disrupt the sale process,” he said. “All client data has now been removed from the FAB (Fine Art Bourse) database.”

Mr Goodman said: “Someone out there does not want us to succeed.”

The post Ukrainian #hackers blamed for #computer problems that crashed #multimillion #dollar art #sale appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Obtained #Access to #NSA Employee’s Home #Computer, #Kaspersky Lab Reveals

Source: National Cyber Security – Produced By Gregory Evans

Kaspersky Lab has updated its investigation on the hacking of a home computer used by an NSA employee.

MOSCOW (Sputnik) — Kaspersky IT security company has announced that access to information on the home computer of the employee of the US National Security Agency (NSA) could have been obtained by an unknown number of hackers.

According to the Kaspersky Lab probe that is linked to media reports about the company’s software allegedly having been used to search and download classified information from the home computer of a NSA employee, the user’s computer was infected with Mokes backdoor, a malware that allows the hackers to obtain access to a device.

“The malware… was a full blown backdoor which may have allowed third parties access to the user’s machine,” the Kaspersky Lab has stated.

However, it is possible that Mokes was not the only malware that infected the computer in question, the company said, adding that while Kaspersky software on the computer was enabled, it reported 121 alarms on different types of malware.

“The interesting thing about this malware is that it was available for purchase on Russian underground forums in 2011. Also noteworthy is that the command-and-control servers of this malware were registered to a (presumably) Chinese entity going by the name ‘Zhou Lou’ during the period of September to November 2014,” the statement explained.

Allegations Against Kaspersky Lab

The internal investigation by Kaspersky Lab was launched after The Wall Street Journal reported in October that a group of hackers allegedly working for the Russian officials had stolen classified data through the National Security Agency (NSA) contractor, which used antivirus software made by the Russian software producer.

Shortly later, the New York Times reported that Israeli intelligence services have hacked into the network of Kaspersky, and warned their US colleagues that the Russian government was allegedly using Kaspersky software to gain access to computers around the world, including in several US government agencies.

Both reports came a month after the US Department of Homeland Security ordered state agencies and departments to stop using Kaspersky Lab software within the next 90  days, with the company’s CEO Eugene Kaspersky refuting all the allegations spread by the media regarding the Russian cybersecurity company’s involvement in spying on US users through its products and calling such claims groundless and paranoiac.

When commenting on the situation in an interview to Die Zeit newspaper, Eugene Kaspersky has, “There is a feeling that we just had been doing our job better than others, that we had been protecting our clients better than others … Probably, someone in the United States is very unhappy about it.”

Most recently, Wikileaks has revealed that the CIA had written a code to “impersonate” Russia-based Kaspersky Lab, which had been used at least three times.

READ MORE: WikiLeaks: CIA Wrote Code to ‘Impersonate’ Russia-Based Kaspersky Lab

Kaspersky Lab is one of the largest private cybersecurity companies in the world, with its technologies protecting over 400 million users and 270,000 corporate clients.

The post Hackers Obtained #Access to #NSA Employee’s Home #Computer, #Kaspersky Lab Reveals appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Women #allegedly #hack #college #computer system to change #grades

Source: National Cyber Security – Produced By Gregory Evans

The Bucks County District Attorney’s office said Aleisha Morosco tried multiple times to change her microbiology grade.

After several failed attempts, she enlisted a friend’s help, orchestrating a security breach at Bucks County Community College.

Authorities said while working at a medical office affiliated with Penn Medicine, Kelly Marryott accessed a faculty member’s personal information and leaked it to her friend, Aleisha Morosco.

Desperate to change her grade, Morosco then used the stolen data to gain unauthorized access to BCCC’s computer system. Officials said while inside the system, Morosco changed not just her grade, but several other student’s grades in her microbiology class.

“The investigators were able to find out the IP address used to access the professor’s account and change the grades,” said Jovin Jose, ADA Bucks County. “That same IP address was used by one of the charged defendants.”

The electronic footprint led investigators to Morosco and to her 37-year-old friend, Marryott.

“They got his personal information, and shouldn’t have obtained the use for that purpose,” said Jose. “We intend to prove at trial that they accessed his information to change grades, which is a crime.”

Bucks County Community College issued this response to Action News:

“BCCC takes the integrity of its data systems very seriously, and all of it the grades altered in the breach were restored to their correct level.”

Students on campus are stunned a classmate would go to these lengths to change a grade.

“It’s crazy. You deserve the grade you get,” said Emily Bombino. “And if you have an issue talk to your professor. Don’t go around changing, stealing his information.”

Both women face felony counts of unlawful computer use and identity theft. A court date is tentatively set for December.

The post Women #allegedly #hack #college #computer system to change #grades appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Computer System Administrator

Source: National Cyber Security – Produced By Gregory Evans

Job Description

Provide configuring management support, connectivity to networks, performance monitoring, and maintenance on computer systems. Responsible for computer, peripheral, and software purchasing requirements, maintaining computer lists (asset tracking and turn in), troubleshooting and resolving issues, and completing necessary DOD documentation, such as Certificates of Networthiness (CONs) or Risk Management Framework (RMF) and other documentation for multiple instrumentation sections. Operations will include patching and updating of standalone computers, maintain a secure computing environment according to YPG regulations, and work closely with YPG Cyber Security Office to solve problems unique to the YPG test environment. Build and repair CAT5 Ethernet cables. Perform other duties as assigned.
Pay Rate: DOE

Shifts/Hours: Vary by mission requirements.

Minimum Qualifications:

• Must be a US citizen and not hold multiple citizenships.
• Must possess a valid driver’s license, without special restrictions.
• Must possess a high school diploma or equivalent.
• Must possess or be able to obtain a security clearance prior to employment and maintain security clearance for the duration of employment.
• Must be able to work all shifts, weekends, holidays and overtime as needed, sometimes on short notice, to support test missions.
• Must have dependable transportation and a dependable means of communication.
• Must be able speak, write, read, and understand English.
• Must have a well-mannered customer service attitude.
• Must be willing to cross-train in other areas.
• Must use “down-time” effectively to the benefit of test, self, and company.
• Must be punctual, responsible, and dependable.
• Must demonstrate motivation, initiative, and reliability.
• Must be adaptable, flexible, and able to adjust to new or changing instructions.
• Must have a demonstrated ability to follow instructions and company policy.
• Must be able to deliver quality products to the customer and be responsive to their needs.
• Must be safety and security conscious, complying with rules and policies.
• Must be able to work both as part of a team and independently.
• Must have an Associate’s Degree/Military training AND two years of related experience, OR Bachelor’s Degree from an accredited institution AND one year related experience.
• Must possess industry certifications within 6 months to meet DoD Directive 8570.01 training requirements, as required, such as CompTIA Security+ and Microsoft OS certification.
• Experience in computer performance monitoring and troubleshooting
• Individual must demonstrate motivation, timeliness, and initiative.
• Effective interpersonal and organizational skills, along with sound written and verbal communication skills are required. Attention to detail is a must.
• Must be able to work with minimum supervision.
• Must work well with others and demonstrate good customer service attributes.
• Must be proficient in Microsoft Office applications.

Physical Requirements:

• Must pass a pre-employment drug screening and physical and periodic retests.
• Must be able to wear appropriate Personal Protective Equipment (PPE) for work tasks assigned.
• Must be capable of working in extreme weather conditions including summer temperatures peaking around 120 degrees Fahrenheit.
• Must meet the physical requirements necessary to perform operations outlined, performed, and stated in the SOPs for the Instrumentation Data section.
• Must be able to climb up and down stairs or elevated platforms without assistance.
• Must be able to work indoors and outdoors in a desert environment.
• Must be able to lift 50 lbs unassisted.

Additional Desirable Qualifications:

• Experience with Windows and Unix/Linux operating systems.
• Experience with DOD’s Risk Management Framework (RMF).
• Experience with Microsoft Client OS Registry.
• Experience with Group Policy Objects.
• Experience with instrumentation.
• DoD Network experience.
• Associate’s or Bachelor’s degree in Computer Science, Computer Information Systems, or technical discipline from an Accreditation Board for Engineering and Technology (ABET) accredited college or university.

Closing Date: Open until filled.
Other Job Information (if applicable)
•TRAX International, Test Services Division, participates in E-Verify.
•TRAX is an Equal Opportunity Employer – Minorities/Females/Veterans/Disability.
•TRAX Test Services promotes a drug/alcohol free work environment through the use of mandatory pre-employment drug testing and on-going random drug testing, as per applicable State Laws.
•Must be able to obtain a security clearance prior to employment and maintain security clearance for the duration of employment.
•TRAX Test Services also encompasses four subcontracts to include: VETS,WESTECH, SPIRAL and MIRATEK. All positions with TRAX can always be transferred to one of the four subcontracts.

The post Computer System Administrator appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Computer Network Defense Engineer

Computer Network Defense EngineerSource: National Cyber Security – Produced By Gregory Evans PSI Pax is currently recruiting for a Computer Network Defense Engineer to support our government customer in Indianapolis, IN.   The Computer Network Defense Engineer must be an IT Security professional with a strong background in engineering, implementing, and supporting security infrastructure to include web proxy/content filter, IPS/IDS, SIEM, firewall and […] View full post on | Can You Be Hacked?

Basic #Payment #cash raises #computer #hacker #threat

Source: National Cyber Security – Produced By Gregory Evans

Basic #Payment #cash raises #computer #hacker #threat

EASY access to information about Scottish farmers’ Basic Payments has made them prime targets for cyber crime, the Scottish Business Resilience Centre has warned.

At the end of October, payments worth £254million were issued to farmers and crofters across the country, and SBRC advised farmers to be “extra vigilant” regarding their internet safety, including being aware of suspicious emails or phone calls.

Chief ‘ethical hacker’ with the SBRC, Gerry Grant, said: “I know how vital these payments are to the livelihood of farmers and crofters. This makes it even more important that they’re fully aware that it can make them an easy target for criminals to try and scam them.

“Criminals can easily work out an accurate estimation of what a farmer is likely to receive in CAP payments and armed with this information, they can try and steal the money. They can send various emails to try and get passwords for bank accounts or even try and trick unsuspecting farmers into making payments to the wrong account.”

The types of emails and calls farmers may receive will generally consist of them being asked to take urgent action regarding their finances/bank accounts. SBRC said that any unusual emails or phone calls should be investigated fully, and the contact details should be verified before any action is taken.

Things to look out for include:

• Emails from suppliers asking for funds to be transferred to a different bank account;

• Emails claiming that there is a problem with an account;

• Phone calls from banks saying that there appears to be unusual activity on their account.

The post Basic #Payment #cash raises #computer #hacker #threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures