Advertisement
 
Blogs
Subscribe to Forensic Magazine

The Lead

More and more cybercrime surveys are mislabeled as studies, security company PR gets reported as news, reliable stats on cybercrime are elusive, and it's almost impossible to tell realistic threats from headline trends.

'Sanity Check' Your Cybercrime Statistics

September 3, 2015 | by Violet Blue | Comments

More and more cybercrime surveys are mislabeled as studies, security company PR gets reported as news, reliable stats on cybercrime are elusive, and it's almost impossible to tell realistic threats from headline trends.

TOPICS:
View Sample

SUBSCRIBE TO FREE
Forensic Magazine
EMAIL NEWSLETTER

In-flight security made quite a lot of headlines earlier this summer, but this time at unusual angle. Aviation has always been focused on safety and had remained the most secure industry that ever existed. However, the buzz was about another aspect of sec

Hacking an Aircraft: Is It Already Real?

August 27, 2015 8:17 am | by Ilja Shatilin | Comments

In-flight security made quite a lot of headlines earlier this summer, but this time at unusual angle. Aviation has always been focused on safety and had remained the most secure industry that ever existed. However, the buzz was about another aspect of security — the one quite surprising for an average passenger and quite expected for an IT specialist.

TOPICS:
Last week, we saw the group behind a significant amount of Angler exploit kit (EK) switch to Neutrino EK. We didn't know if the change was permanent, and I also noted that criminal groups using EKs have quickly changed tactics in the past. This week, the

Actor That Tried Neutrino Exploit Kit Now Back to Angler

August 26, 2015 12:27 pm | by Brad Duncan | Comments

Last week, we saw the group behind a significant amount of Angler exploit kit (EK) switch to Neutrino EK. We didn't know if the change was permanent, and I also noted that criminal groups using EKs have quickly changed tactics in the past. This week, the group is back to Angler EK.

TOPICS:
Hacked online cheating service AshleyMadison.com is portraying itself as a victim of malicious cyber criminals, but leaked emails from the company’s CEO suggests that AshleyMadison’s top leadership hacked into a competing dating service in 2012.

Leaked AshleyMadison Emails Suggest Execs Hacked Competitors

August 25, 2015 10:08 am | by Brian Krebs | Comments

Hacked online cheating service AshleyMadison.com is portraying itself as a victim of malicious cyber criminals, but leaked emails from the company’s CEO suggests that AshleyMadison’s top leadership hacked into a competing dating service in 2012.

TOPICS:
Advertisement
It appears the origial intention of the Ashely Madison hackers was to expose what they   see as fraud perpetrated on the users of the Ashley Madison website -- not a moral   crusade.  But they might just end up making a lot of money for class-action lawye

Ashley Madison Hackers Making Money for Lawyers

August 24, 2015 12:11 pm | by Ernie Austin, Associate Editor | Comments

It appears the original intention of the Ashley Madison hackers was to expose what they see as fraud perpetrated on the users of the Ashley Madison website - not a moral crusade. But they might just end up making a lot of money for class-action lawyers.

TOPICS:
Authorities across the United States this week arrested dozens of gang members who stand accused of making millions of dollars stealing consumer identities in order to file fraudulent tax refund requests with the Internal Revenue Service (IRS). The arrest

Street Gangs, Tax Fraud and 'Drop Hoes'

August 21, 2015 9:51 am | by Brian Krebs | Comments

Authorities across the United States this week arrested dozens of gang members who stand accused of making millions of dollars stealing consumer identities in order to file fraudulent tax refund requests with the Internal Revenue Service (IRS). The arrests highlight the dramatic shift in gang activity in recent years from high-risk drug dealing to identity fraud — a far less risky yet equally lucrative crime.

TOPICS:
The criminal justice system has a problem, and its name is forensics. This was the message I heard at the Forensic Science Research Evaluation Workshop held at the AAAS headquarters in Washington, D.C.

Can We Trust Crime Forensics?

August 20, 2015 2:51 pm | by Michael Shermer | Comments

The criminal justice system has a problem, and its name is forensics. This was the message I heard at the Forensic Science Research Evaluation Workshop held at the AAAS headquarters in Washington, D.C. 

TOPICS:
Why would Pawn Storm, the long-running cyber-espionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Or

Pawn Storm's Domestic Spying Campaign Revealed; Ukraine and US Top Global Targets

August 19, 2015 10:51 am | by Feike Hacquebord | Comments

Why would Pawn Storm, the long-running cyberespionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What is their connection to other targets?

TOPICS:
Remember those cracked Uber accounts that were selling for as little as $1 on the dark web a few months ago? Well, welcome to the Midsummer Madness Sale: prices have been slashed, and now, they're going for the low, low price of only 40 cents!

Cracked Uber Accounts Tumble to 40 Cents on the Dark Web

August 18, 2015 9:46 am | by Lisa Vaas | Comments

Remember those cracked Uber accounts that were selling for as little as $1 on the dark web a few months ago? Well, welcome to the Midsummer Madness Sale: prices have been slashed, and now, they're going for the low, low price of only 40 cents!

TOPICS:
Advertisement
Today, we’ll look at the stranger-than-fiction true tale of an American firm that lost $197,000 in a 2013 cyberheist, only to later recover most of the money after allegedly plying Chinese authorities with a carton of cigarettes and a hefty bounty for the

Cyberheist Victim Trades Smokes for Cash

August 17, 2015 10:26 am | by Brian Krebs | Comments

Today, we’ll look at the stranger-than-fiction true tale of an American firm that lost $197,000 in a 2013 cyberheist, only to later recover most of the money after allegedly plying Chinese authorities with a carton of cigarettes and a hefty bounty for their trouble.

TOPICS:
The NSA is backing The University of Alabama in Huntsville (UAH) with a one-year, $299,622 grant, the aim of which is to build a lightweight virtualization architecture that can be used to build cybersecurity into IoT systems.

NSA is Funding a 'Safer' Internet of Things

August 12, 2015 10:08 am | by Lisa Vaas, Naked Security | Comments

The National Security Agency (NSA) is paying to build backdoor security into the Internet of Things (IoT). (Granted, it's not like we can presume that the NSA wouldn't build in backdoors, given the history of backdoors in iPhones, iPads, and routers, et al. But as Naked Security's Mark Stockley pointed out at the time, why would the NSA bother to build in backdoors when so many IoT devices are wide open anyway?)

TOPICS:
I’ve been doing a lot of reverse engineering and very often there’s this common thing coming up: I would really like to have a tool for this because I need to look at this particular API, or look at what would happen if I do this vs that, etc. It’s quite

Reverse Engineering with JavaScript

August 10, 2015 4:17 pm | by Ole André Vadla Ravnås | Comments

I’ve been doing a lot of reverse engineering and very often there’s this common thing coming up: I would really like to have a tool for this because I need to look at this particular API, or look at what would happen if I do this vs that, etc. It’s quite a lot of work to build a tool from scratch, and existing tools aren’t really suitable for the iterative reversing kind of use-case.

TOPICS:
Law enforcement agents in recent years have been crawling all over the Dark Web to track down its seediest denizens: terrorists, paedophiles, gun-runners, drug dealers, sex traffickers and other serious criminals. From an outsider's perspective, law enfor

Law Enforcement is Learning to Navigate the Dark Web

August 7, 2015 12:16 pm | by Lisa Vaas | Comments

Law enforcement agents in recent years have been crawling all over the Dark Web to track down its seediest denizens: terrorists, pedophiles, gun-runners, drug dealers, sex traffickers and other serious criminals. From an outsider's perspective, law enforcement agencies' efforts seem to be paying off.

TOPICS:
Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. But imagine how riskier it is if a hacker can do all this remote

The GasPot Experiment: Hackers Target Gas Tanks

August 7, 2015 9:40 am | by Trend Micro | Comments

Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. But imagine how riskier it is if a hacker can do all this remotely, especially now that a number of fuel companies worldwide use Internet-connected systems to monitor their tanks.

TOPICS:
For nearly a week, Yahoo sustained a malvertising attack that seems to point to further security concerns with Adobe's Flash platform.

Yahoo Malvertising Attack Points to More Flash Problems

August 6, 2015 9:46 am | by Larry Loeb | Comments

For nearly a week, Yahoo sustained a malvertising attack that seems to point to further security concerns with Adobe's Flash platform.

TOPICS:
Hardly a week goes by without a news story about state-sponsored Chinese cyberspies breaking into Fortune 500 companies to steal intellectual property, personal data and other invaluable assets. Now, researchers say they’ve unearthed evidence that some of

Chinese VPN Service as Attack Platform?

August 5, 2015 10:46 am | by Brian Krebs | Comments

Hardly a week goes by without a news story about state-sponsored Chinese cyberspies breaking into Fortune 500 companies to steal intellectual property, personal data and other invaluable assets. Now, researchers say they’ve unearthed evidence that some of the same Chinese hackers also have been selling access to compromised computers within those companies to help perpetuate future breaches.

TOPICS:

Pages

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading