Advertisement
 
Blogs
Subscribe to Forensic Magazine

The Lead

The Verizon Data Breach Report has consistently said, over the years, passwords are a big part of breach compromises. Dr. Lori Cranor, and her team, at CMU has done extensive research on how to choose the best password policies verses usability. What abou

A Threat Intelligence Script for Qualitative Analysis of Passwords Artifacts

July 31, 2015 | by John Franolich | Comments

The Verizon Data Breach Report has consistently said, over the years, passwords are a big part of breach compromises. Dr. Lori Cranor, and her team, at CMU has done extensive research on how to choose the best password policies verses usability. What about passwords leaked in the organization you are defending? 

TOPICS:
View Sample

SUBSCRIBE TO FREE
Forensic Magazine
EMAIL NEWSLETTER

Some strains of Bartalex malware, a macro-based malware that first surfaced earlier this year, have recently been spotted dropping Pony loader malware and the Dyre banking Trojan.

Bartalex Variants Spotted Dropping Pony, Dyre Malware

July 24, 2015 12:25 pm | by Chris Brook | Comments

Some strains of Bartalex malware, a macro-based malware that first surfaced earlier this year, have recently been spotted dropping Pony loader malware and the Dyre banking Trojan.

TOPICS:
While the practice of bite mark matching has been roundly criticized by the scientific community for lacking any of the basic principles of the scientific method, some critics of bite mark evidence were concerned that the subcommittees under NIST that wer

Obama Official Calls for the 'Eradication' of Bite Mark Evidence

July 23, 2015 2:42 pm | by Radley Balko | Comments

While the practice of bite mark matching has been roundly criticized by the scientific community for lacking any of the basic principles of the scientific method, some critics of bite mark evidence were concerned that the subcommittees under NIST that were charged with looking into the field had been stacked with bite mark analysts and their allies. But this week, the fate of bite mark evidence took a much different turn.

TOPICS:
America has been abuzz about the new revelations about OPM’s incredible loss of personal data — it’s being called a “hack,” the “biggest cyberattack in U.S. history.” Yet despite calls for retaliation and questions about whether this is a new high-water m

The OPM Cyber Blunder is America's Fault, Not China's

July 23, 2015 11:53 am | by Matthew Hipple | Comments

America has been abuzz about the new revelations about OPM’s incredible loss of personal data — it’s being called a “hack,” the “biggest cyber attack in U.S. history.” Yet despite calls for retaliation and questions about whether this is a new high-water mark in “cyberwar,” the “OPM Hack” seems to have not been a real hack — let alone a cyber attack.

TOPICS:
Advertisement
The FBI has once again launched its harpoons into the Deep Web, piercing the anonymizing layers of Tor to drag out the identities of two New York men who were indicted earlier this month on charges of possessing child abuse images.

FBI Again Thwarts Tor to Unmask Visitors to a Dark Web Child Sex Abuse Site

July 22, 2015 11:43 am | by Lisa Vaas | Comments

The FBI has once again launched its harpoons into the Deep Web, piercing the anonymizing layers of Tor to drag out the identities of two New York men who were indicted earlier this month on charges of possessing child abuse images.

TOPICS:
Big-three credit bureau Experian is the target of a class-action lawsuit just filed in California. The suit alleges that Experian negligently violated consumer protection laws when it failed to detect for nearly 10 months that a customer of its data broke

Experian Hit With Class Action Over ID Theft Service

July 22, 2015 11:22 am | by Brian Krebs | Comments

Big-three credit bureau Experian is the target of a class-action lawsuit just filed in California. The suit alleges that Experian negligently violated consumer protection laws when it failed to detect for nearly 10 months that a customer of its data broker subsidiary was a scammer who ran a criminal service that resold consumer data to identity thieves.

TOPICS:
Gone are the days when hackers only used American-made tools written only in English. Recently, native language tools and exploits started gaining momentum in the ever growing sphere of multinational cyber crime.

The Multinationalism of Malware Forensics

July 21, 2015 8:56 am | by Paul Kubler | Comments

Gone are the days when hackers only used American-made tools written only in English. Recently, native language tools and exploits started gaining momentum in the ever growing sphere of multinational cyber crime.

TOPICS:
Can specialized intrusion technology be reasonably controlled in terms of who has access to it? Can international agreements on export controls that were created to limit land-mines and nuclear bombs be applied successfully to digital warfare? Would these

Speak Up for Internet Security

July 17, 2015 11:03 am | by Katie Moussouris | Comments

Can specialized intrusion technology be reasonably controlled in terms of who has access to it? Can international agreements on export controls that were created to limit land-mines and nuclear bombs be applied successfully to digital warfare? Would these regulations really be able to curb human rights abuses?

TOPICS:
By now, many KrebsOnSecurity readers have seen stories about the coordinated global law enforcement takedown of Darkode.me, an English-language cybercrime forum. This post is an attempt to distill several years’ worth of lurking on this forum into a narra

The Darkode Cybercrime Forum, Up Close

July 16, 2015 10:37 am | by Brain Krebs | Comments

By now, many KrebsOnSecurity readers have seen stories about the coordinated global law enforcement takedown of Darkode.me, an English-language cybercrime forum. This post is an attempt to distill several years’ worth of lurking on this forum into a narrative that hopefully sheds light on the individuals apprehended in this sting and the cybercrime forum scene in general.

TOPICS:
Advertisement
In the face of mounting cyber crime, hacktivism and espionage, network defenders need to transform their tactical IR groups into full-scale cyberintelligence teams.

The End of Whack-a-Mole: From Incident Response to Strategic Intelligence

July 16, 2015 8:19 am | by Rick Howard | Comments

In the face of mounting cyber crime, hacktivism and espionage, network defenders need to transform their tactical IR groups into full-scale cyberintelligence teams.

TOPICS:
Threat feeds in the industry are a valuable way to gather information regarding adversaries and their capabilities and infrastructure. Threat feeds are usually not intelligence though.

Data, Information and Intelligence: Why Your Threat Feed is Likely Not Threat Intelligence

July 14, 2015 10:13 am | by Robert M. Lee | Comments

Threat feeds in the industry are a valuable way to gather information regarding adversaries and their capabilities and infrastructure. Threat feeds are usually not intelligence though. 

TOPICS:
For the third time in a week, researchers have discovered a zero-day vulnerability in Adobe’s Flash Player browser plugin. Like the previous two discoveries, this one came to light only after hackers dumped online huge troves of documents stolen from Hack

Third Hacking Team Flash Zero-Day Found

July 14, 2015 10:04 am | by Brian Krebs | Comments

For the third time in a week, researchers have discovered a zero-day vulnerability in Adobe’s Flash Player browser plugin. Like the previous two discoveries, this one came to light only after hackers dumped online huge troves of documents stolen from Hacking Team — an Italian security firm that sells software exploits to governments around the world.

TOPICS:
When it comes to iOS, public reports to-date have claimed that the Hacking Team spyware can only infect jailbroken iOS devices. In an effort to educate iOS users about the potential risks, we did some additional research and determined this is not the cas

Jailbreaking Not a Requirement for Infecting iPhones With Hacking Team Spyware

July 13, 2015 11:41 am | by David Richardson | Comments

When it comes to iOS, public reports to-date have claimed that the Hacking Team spyware can only infect jailbroken iOS devices. In an effort to educate iOS users about the potential risks, we did some additional research and determined this is not the case.

TOPICS:
Security researchers the world over have been digging through the massive HackingTeam dump for the past five days, and what we’ve found has been surprising. I’ve heard this situation called many things, and there’s one description that I can definitely ag

Government Grade Malware: a Look at HackingTeam's RAT

July 13, 2015 11:25 am | by Nick Cano | Comments

Security researchers the world over have been digging through the massive HackingTeam dump for the past five days, and what we’ve found has been surprising. I’ve heard this situation called many things, and there’s one description that I can definitely agree with: it’s like Christmas for hackers.

TOPICS:
So far, the cybersecurity war has been a lopsided rout. And it’s the bad guys who are on an epic winning streak.

How the Audacious Pentagon Agency That Invented the Internet is Now Trying to Save It

July 10, 2015 8:14 am | by Christian Davenport | Comments

So far, the cybersecurity war has been a lopsided rout. And it’s the bad guys who are on an epic winning streak.

TOPICS:
While much attention has been paid to the very public attacks on government agencies, particularly the breach at the Office of Personnel Management, less has been made of the whereabouts of the exfiltrated data. So how easy is it for John Doe to get his h

Government Credentials Show Up on Paste Sites

July 7, 2015 11:40 am | by Brian Robinson | Comments

While much attention has been paid to the very public attacks on government agencies, particularly the breach at the Office of Personnel Management, less has been made of the whereabouts of the exfiltrated data. So how easy is it for John Doe to get his hands on the information let loose in these attacks? Extremely, it seems, according to one recent report.

TOPICS:

Pages

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading