Posts

Monstroid2 is a premium multipurpose WordPress theme powered by Twitter Bootstrap and Cherry Framework, a secure modular open-source framework for developing themes and plugins. It is the successor to the Monstroid theme which had become a talk of the town within few months of its launch. Monstroid2 has new and powerful features. It also includes a powerful live theme customizer and page builder tool. The theme has been developed by a firm called Jetimpex. Like StudioPress, Elegant Themes, Jetimpex is one of the top WP development companies. JI has launched 100+ templates for WordPress, Joomla, Prestashop on TemplateMonster, a marketplace for webmasters and developers. It has also published several plain HTML templates. Monstroid is Jetimpex’s best-selling WP theme. ...

Malicious code detection is an ongoing obfuscation-deobfuscation game because of the nature of the malware or goals of the attacker. Detection of malicious executables known to an investigator is usually performed using signature-based techniques. In their forensic research article, Rozenberg, Guides, Elovici and Fledel (2010) made the point that obfuscated or encrypted files could not easily be detected this way. Instead they recommended a behavioral approach to real time detection. As hackers continue to find new and more advanced techniques to encrypt and hide malicious code, security personnel will have to continue to upgrade their skills and toolsets used in investigations, resulting in an ongoing obfuscation-deobfuscation game. ...

Remote Access Trojans have become a serious security concern as hackers have developed more sophisticated code that can be installed and hidden on a target system, unknown to the user. According to UMUC (n.d.) Remote Access Trojans are a form of backdoor that can provide unauthorized access and use of digital assets on a victim’s computer system. It essentially masquerades as a legitimate application. They allow hackers to perform a number of malicious tasks such as stealing information from a system, or installing other malicious software. ...

Starting a new blog is easy but making it popular is difficult. People find blogging as one of the easiest ways to make money online. Well, making money through a blog is not a piece of cake. Only websites getting decent traffic generate revenue for their owners. A successful blogger is one who earns enough money only to feed his family and pay internet and web hosting bills. Frankly speaking, the website’s fate depends on the traffic. If a site is getting traffic, it will make money for the owner. If it hardly gets visitors, it is of no use to the owner. ...

Testifying and writing a report are both essential ingredients to a successful digital forensics investigation. Digital forensics personnel will potentially spend months of time working with complex data and processes. The delivery and result of this work is reflected in the forensics report and then ultimately testified in court. Cohen (2012) discussed the report as integral to the overall investigation. Evidence, analysis, interpretation, and attribution, must ultimately be presented in the form of expert reports, depositions, and testimony. The report will present the data captured during the investigation in a way that can be communicated with other people. In addition to this, it serves as a living record that will be referenced and updated throughout the investigation. ...

The terms risk, vulnerability and threat are often confusing and sometime interchangeable leading to a lack of understanding when presenting evidence. Risks are usually based on a probability that a threat of some kind will exploit a vulnerability or weakness in a system or network. In recent years risks have been taken more seriously with many businesses that conduct online activities. Vulnerabilities as mentioned above are typically weaknesses that can be exploited by an attacker. This can include anything from poorly configured software and firewalls to badly written pieces of code that can affect secrecy, integrity and control of data and functionality within a system. Bergeron et al. (2001). ...

If your site is getting good traffic, and if a new version of the plugin you’re using has been launched, you’ll have the following two questions in the mind: Will the plugin break your site? Is the plugin worth installing? Even though the plugins are thoroughly tested before launch, it may have some bugs. If you install the update, your site may crash or it may add HTML code which may affect your site’s ranking in Google or Bing. ...

Attachment page is the built-in feature of WordPress. When these pages are not handled correctly by the website owner, Google and other search engines will index them. WordPress attachments are thin pages that don’t add any value to a blog. These pages should be used only on personal or photography blogs wherein you want the visitors to comment on the pictures, videos, and other media files. WordPress doesn’t provide an option to turn off or disable these pages. However, you can use third-party plugins to manage them. ...

Over the last few months my team has been developing microsites to accompany our main website. The requirements for these sites included having their own domain, theme and separate content. After reviewing options in Drupal 7, I decided the best approach given our situation was to use the Domain Access Module. The Domain Access Module provides a very solid and powerful framework for developing additional sites within your existing Drupal CMS, but it can also be somewhat complicated to setup for any given use case. I have documented some of the lessons learned over the last few months as we implemented Domain Access in our own project. ...

The term ‘Steganography’ refers to ‘covered writing’ and encompasses methods of transmitting secret messages through innocuous cover carriers in a manner that their existence is undetectable. Johnson & Jojodia (1998). For years hackers have been finding more innovative ways of hiding data within existing systems usually for the purpose of transporting it to a target destination. The term ‘carrier’ often refers to a type of common file that covert information can be embedded in unknowingly to anyone else. Kessler (2007) discusses the fact that any form of digital information can be stored inside many types of carrier files, including image, audio, video and executable files. Digital forensics tools can be used to scan carriers to determine whether or not suspicious information lies underneath the surface. ...