Although the cybercrime game is dominated by organized criminals - according to IBM X-Force, 80 percent of cyber attacks are driven by highly organized crime rings - there are one-man operations getting a piece of the action, too.
If there’s one lesson to be gained from all the security breaches and revelations of major bugs...
Coaches and athletes both gather intelligence against their upcoming opponent by watching game...
If you send a specific string of symbols and Arabic characters to another iPhone user, you can really ruin their day.
When it comes to reporting on breaches involving customer accounts at major brands, the news media overall deserves an F-minus.
A recent article brought to mind some thoughts that have been percolating for quite a while. Sometime last year I believe Dave Aitel coined the term Stunt Hacking, which I think is a pretty good way to describe it.
A group of Islamic State (IS) militants from Russia's North Caucasus region are using the popular Russian QIWI wallet electronic payment system to raise money online.
There is a lot of documentation around the different phases of the IR cycle. We talk a lot about preparation, identification, containment, eradication, recovery and lessons learned. Lets face it, dealing with intrusions can be very fast paced with a lot of activity all usually happening at the same time. You can often be in more than one of the above phases and likely will need to repeat a few as well.
Have you found yourself looking at a potential security event and wishing there was more context? Being able to run queries on certain security event indicators can go a long way in providing context to what you are seeing.
A Melbourne, AU mother, mistakenly believing that a guy was photographing her kids in a shopping centre, snapped a photo of him as he was "taking off" (also known as simply leaving a Target store). She posted the photo to Facebook with her description of the encounter with the "creep," saying that he'd been reported to management and police and that he'd be charged if he turned out to be a registered sex offender.
This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recently had an opportunity to interview a former Sally Beauty IT technician who provided a first-hand look at how the first breach in 2014 breach went down.
The Greek word steganos means hidden, and malware loves to hide stuff sneakily. For the bad guys, this is a marriage made in heaven.
My favorite story of forensics malfeasance emerged from the North Carolina state crime lab a few years ago. That story really hammers home the incentive problems in U.S. crime labs.
From an incident response point of view, one of the best strategies to find malware on a suspicious system is to search for suspicious entries which start with the system. In the good old days, you had to check for 2-3 locations to cover 99% of the infections. Nowadays, there are thousand ways a malware can start.
Wherever I get vmdk files, I take a deep breath and wonder what issues might pop up with them. I recently received some vmkd files and when I viewed one of these in FTK Imager (and some other mainstream forensic tools), it showed up as the dreaded "unrecognized file system."
Royal Canadian Mounted Police have arrested a 27-year-old woman who allegedly installed malware on people's computers, and allegedly eavesdropped on private conversations and spooked her victims by talking to them through their infected computers' speakers.
Researchers at the University of Washington examined a product that came out of their own university's research - a teleoperated, robotic surgery system called the Raven II - and found that, like just about anything, it's susceptible to cyber security threats, including being forced to ignore or override surgeon's commands.
Usually when I create a timeline, it's because I have something specific that I'm looking for that can be shown through a timeline; in short, I won't create a timeline (even a micro-timeline) without a reason to do so.