Information Security News
Jump List files are another type of files that are actually OLE files. They can contain useful data for forensic investigations. There are a couple of tools that can extract information from these files.
Here you can see oledump analyzing an automatic Jump List file:
The stream DestList contains the Jump List data:
There are several sites on the Internet explaining the format of this data, like this one. I used this information to code a plugin for Jump List files:
The plugin takes an option (-f) to condense the information to filenames:
Please post a comment if you have another Jump List tool to share.
Spyware service provider Hacking Team orchestrated the hijacking of IP addresses it didn't own to help Italian police regain control over several computers that were being monitored in an investigation, e-sent among company employees showed.
Over a six day period in August 2013, Italian Web host Aruba S.p.A. fraudulently announced its ownership of 256 IP addresses into the global routing system known as border gateway protocol, the messages document. Aruba's move came under the direction of Hacking Team and the Special Operations Group of the Italian National Military Police, which was using Hacking Team's Remote Control System malware to monitor the computers of unidentified targets. The hijacking came after the IP addresses became unreachable under its rightful owner Santrex, the "bullet-proof" Web hosting provider that catered to criminals and went out of business in October 2013, according to KrebsOnSecurity.
It's not clear from the e-mails, but they appear to suggest Hacking Team and the Italian police were also relying on Santrex. The emails were included in some 400 gigabytes of proprietary data taken during last weekend's breach of Hacking Team and then made public on the Internet.
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.