Recently, attackers allegedly associated with the fame-seeking group Lizard Squad briefly...
Visa will begin asking card holders to opt in to a new service in April 2015 which it says could...
Ross Ulbricht received a fair trial. The investigation, and the quality of Joshua Dratel,...
I can honestly say that the most common question I am asked by examiners, investigators, students and even my neighbors is, "which phone is the most secure?" Some want to secure their own device, and others, like myself, want to prove everyone in DFIR wrong by cracking into the toughest and most secure devices.
We are bored with e-discovery. It hasn’t gone away, as some foolishly imagined it might. Most have endured rather than embraced e-discovery. The level of discourse about sources and process isn’t much higher than it was a decade ago despite the ascendency of social networking, cloud computing and mobile devices.
But there's a more interesting angle to zoom in on, namely, "What is it about SIM cards that made this possible?"
The Deep Web, the bit of the World Wide Web that's not indexed by search engines like Google and Bing, is of intense interest to people who want to avoid government spies and law enforcement.
Scam artists stole billions of dollars last year from the U.S. Treasury by filing phony federal tax refund requests on millions of Americans. But as Uncle Sam has made this type of fraud harder for thieves to profit from, the crooks have massively shifted their focus to conducting refund fraud at the state level.
Microsoft recently released an update (KB 3004375) that allows certain versions the Windows OS to record command line options, if Process Tracking is enabled, in the Windows Event Log. Microsoft also recently upgraded Sysmon to version 2.0, with some interesting new capabilities.
A recent Duo Tech Talk featured Ivan Leichtling of Yelp, the company behind the website and mobile app that publishes crowd-sourced reviews about local businesses. Ivan lead a talk at Duo on OSXCollector, an open source forensic evidence collection and analysis toolkit for OS X developed in-house at Yelp.
Process hollowing (a.k.a. process replacement) is a technique malware uses to overwrite a running process with a malicious code. To me it's the technical equivalent of those alien body snatchers. This post explores process hollowing techniques using the Cuckoo Sandbox.
Members of a Senate committee, at a February 4 hearing, received anecdotal evidence of how the National Institute of Standards and Technology's cybersecurity framework is helping businesses with risk management.
Overall, cookies are a satisfactory way to handle tracking online. They're simple, reliable, useful, proven, easy to understand, easy for vendors to implement, and easy for users to control. And that's exactly why people who are really serious about tracking you online don't rely on cookies.
The U.S. Army has released to open source an internal forensics analysis framework that the Army Research Lab has been using for some time.
According to a recent alert from the FBI, cyber thieves stole nearly $215 million from businesses in the last 14 months using a scam that starts when business executives or employees have their email accounts hijacked.
Researchers find more than 5,000 US gas stations' automated tank gauges unprotected on the public Internet and open to hackers.
Prolific researcher Kafeine today called for Windows users to disable Adobe Flash Player in the wake of his discovery of an exploit for a previously unknown Flash flaw being packaged with a notorious crimeware kit.
Almost once a week, I receive an email from a reader who has suffered credit card fraud and is seeking help figuring out which hacked merchant was responsible. I generally reply that this is a fruitless pursuit, and instead encourage readers to keep a close eye on their card statements and report any fraud.