Advertisement
 
Blogs
Subscribe to Forensic Magazine

The Lead

Although the cybercrime game is dominated by organized criminals - according to IBM X-Force, 80 percent of cyber attacks are driven by highly organized crime rings - there are one-man operations getting a piece of the action, too.

Profile of a Cybercrime Petty Thief

May 27, 2015 | by Sara Peters | Comments

Although the cybercrime game is dominated by organized criminals - according to IBM X-Force, 80 percent of cyber attacks are driven by highly organized crime rings - there are one-man operations getting a piece of the action, too.

TOPICS:
View Sample

SUBSCRIBE TO FREE
Forensic Magazine
EMAIL NEWSLETTER

If you send a specific string of symbols and Arabic characters to another iPhone user, you can really ruin their day.

Watch Out! This Boobytrapped Text Message Will Turn Off Your iPhone

May 28, 2015 11:39 am | by Graham Cluley | Comments

If you send a specific string of symbols and Arabic characters to another iPhone user, you can really ruin their day.

TOPICS:
When it comes to reporting on breaches involving customer accounts at major brands, the news media overall deserves an F-minus.

Starbucks Hacked? No, But You Might Be

May 20, 2015 8:32 am | by Brian Krebs | Comments

When it comes to reporting on breaches involving customer accounts at major brands, the news media overall deserves an F-minus.

TOPICS:
A recent article brought to mind some thoughts that have been percolating for quite a while. Sometime last year I believe Dave Aitel coined the term Stunt Hacking, which I think is a pretty good way to describe it.

Calling Stunt Hacking What It Is

May 20, 2015 8:31 am | by Valsmith | Comments

A recent article brought to mind some thoughts that have been percolating for quite a while. Sometime last year I believe Dave Aitel coined the term Stunt Hacking, which I think is a pretty good way to describe it.

TOPICS:
Advertisement
A group of Islamic State (IS) militants from Russia's North Caucasus region are using the popular Russian QIWI wallet electronic payment system to raise money online.

IS Militants Use Popular Russian Web Payment System to Raise Cash

May 19, 2015 11:33 am | by Joanna Paraszczuk | Comments

A group of Islamic State (IS) militants from Russia's North Caucasus region are using the popular Russian QIWI wallet electronic payment system to raise money online.

TOPICS:
There is a lot of documentation around the different phases of the IR cycle. We talk a lot about preparation, identification, containment, eradication, recovery and lessons learned. Lets face it, dealing with intrusions can be very fast paced with a lot o

IR Do's and Don'ts

May 18, 2015 12:17 pm | by jackcr | Comments

There is a lot of documentation around the different phases of the IR cycle. We talk a lot about preparation, identification, containment, eradication, recovery and lessons learned. Lets face it, dealing with intrusions can be very fast paced with a lot of activity all usually happening at the same time. You can often be in more than one of the above phases and likely will need to repeat a few as well.

TOPICS:
Have you found yourself looking at a potential security event and wishing there was more context? Being able to run queries on certain security event indicators can go a long way in providing context to what you are seeing.

Introducing the Active Threat Search

May 12, 2015 12:39 pm | by Corey Harrell | Comments

Have you found yourself looking at a potential security event and wishing there was more context? Being able to run queries on certain security event indicators can go a long way in providing context to what you are seeing.

TOPICS:
A Melbourne, AU mother, mistakenly believing that a guy was photographing her kids in a shopping centre, snapped a photo of him as he was "taking off" (also known as simply leaving a Target store). She posted the photo to Facebook with her description of

'Creep' Shamed on Facebook Was Actually Man Taking Selfie With Darth Vader

May 11, 2015 1:23 pm | by Lisa Vaas | Comments

A Melbourne, AU mother, mistakenly believing that a guy was photographing her kids in a shopping centre, snapped a photo of him as he was "taking off" (also known as simply leaving a Target store). She posted the photo to Facebook with her description of the encounter with the "creep," saying that he'd been reported to management and police and that he'd be charged if he turned out to be a registered sex offender.

TOPICS:
This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recen

Deconstructing the 2014 Sally Beauty Breach

May 8, 2015 11:46 am | by Brian Krebs | Comments

This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recently had an opportunity to interview a former Sally Beauty IT technician who provided a first-hand look at how the first breach in 2014 breach went down.

TOPICS:
Advertisement
The Greek word steganos means hidden, and malware loves to hide stuff sneakily. For the bad guys, this is a marriage made in heaven.

Steganography and Malware: Why and How

May 7, 2015 9:46 am | by David Sancho | Comments

The Greek word steganos means hidden, and malware loves to hide stuff sneakily. For the bad guys, this is a marriage made in heaven. 

TOPICS:
My favorite story of forensics malfeasance emerged from the North Carolina state crime lab a few years ago. That story really hammers home the incentive problems in U.S. crime labs.

How to Reform Forensics

May 7, 2015 8:13 am | by Radley Balko | Comments

My favorite story of forensics malfeasance emerged from the North Carolina state crime lab a few years ago. That story really hammers home the incentive problems in U.S. crime labs.

TOPICS:
From an incident response point of view, one of the best strategies to find malware on a suspicious system is to search for suspicious entries which start with the system. In the good old days, you had to check for 2-3 locations to cover 99% of the infect

Many Ways of Malware Persistence

May 6, 2015 11:29 am | by Editor | Comments

From an incident response point of view, one of the best strategies to find malware on a suspicious system is to search for suspicious entries which start with the system. In the good old days, you had to check for 2-3 locations to cover 99% of the infections. Nowadays, there are thousand ways a malware can start.

TOPICS:
Wherever I get vmdk files, I take a deep breath and wonder what issues might pop up with them. I recently received some vmkd files and when I viewed one of these in FTK Imager (and some other mainstream forensic tools), it showed up as the dreaded "unreco

Dealing With Compressed vmdk Files

May 5, 2015 12:27 pm | by Mari DeGrazia | Comments

Wherever I get vmdk files, I take a deep breath and wonder what issues might pop up with them. I recently received some vmkd files and when I viewed one of these in FTK Imager (and some other mainstream forensic tools), it showed up as the dreaded "unrecognized file system."

TOPICS:
Royal Canadian Mounted Police have arrested a 27-year-old woman who allegedly installed malware on people's computers, and allegedly eavesdropped on private conversations and spooked her victims by talking to them through their infected computers' speaker

Woman Arrested After Hijacking PCs, Showing Hardcore Porn to Victims

May 1, 2015 10:37 am | by Lisa Vaas | Comments

Royal Canadian Mounted Police have arrested a 27-year-old woman who allegedly installed malware on people's computers, and allegedly eavesdropped on private conversations and spooked her victims by talking to them through their infected computers' speakers.

TOPICS:
Researchers at the University of Washington examined a product that came out of their own university's research - a teleoperated, robotic surgery system called the Raven II - and found that, like just about anything, it's susceptible to cyber security thr

Remotely Operated Surgery Robot Easy to eHijack, Researchers Find

April 30, 2015 1:02 pm | by Lisa Vaas | Comments

Researchers at the University of Washington examined a product that came out of their own university's research - a teleoperated, robotic surgery system called the Raven II - and found that, like just about anything, it's susceptible to cyber security threats, including being forced to ignore or override surgeon's commands.

TOPICS:
Usually when I create a timeline, it's because I have something specific that I'm looking for that can be shown through a timeline; in short, I won't create a timeline (even a micro-timeline) without a reason to do so.

Timeline Analysis Process

April 30, 2015 11:36 am | by Harlan Carvey | Comments

Usually when I create a timeline, it's because I have something specific that I'm looking for that can be shown through a timeline; in short, I won't create a timeline (even a micro-timeline) without a reason to do so.

TOPICS:

Pages

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading