We often hear about the impact of cyber crime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice.
Malware that encrypts all of a victim's files and holds them for ransom - what's commonly called...
When handling a large-scale intrusion, incident responders often struggle with obtaining and...
The majority of activities related to credit card fraud are made in the underground forums and specialized hidden services in the deep web. These environments allow the streamlining of illegal activities related to the commercialization of stolen credit and debit cards and related data.
Current concern among forensic scientists is the "fragmentation" of cases. What this means is different exhibits from a case are sent to different laboratories and no one forensic scientist maintains an overview of what is happening.
The "Dark Web" may be close to becoming a household name. After the conviction of Ross Ulbricht, the owner of the drug marketplace Silk Road, and a stream of articles claiming that the Islamic State is using secret websites to plan out attacks, this hidden part of the Internet is being talked about more than ever. But for the most part, the story you’ve been sold about the dark web is a myth.
A database supposedly from a sample of information stolen in the much publicized hack at the Office of Personnel Management (OPM) has been making the rounds in the cybercrime underground, with some ne’er-do-wells even offering to sell it as part of a larger package.
Many web application firewalls do block odd user agents. However, decent vulnerability scanners will try to evade these simple protections by trying to emulate the user agent string of commonly used browsers. To figure out if I can distinguish bad from good, I compared some of the logs from our honeypots to logs from a normal web server.
Human rights activist and former ambassador Craig Murray doesn't believe the story published this weekend in the UK's Sunday Times. After his own website suffered a denial-of-service attack, he has granted permission for other sites to carry his article in full.
Imagine if an authoritarian state had a tool to get private information about users visiting certain websites, including real names, mail addresses, sex, birthdays, phone numbers, etc. Imagine that even users that run TOR or VPN connections to bypass the tools that the authoritarian government uses to block and monitor these websites were exposed to this technique.
A year ago, Cesar Cerrudo flew to Washington, strolled over to Capitol Hill and pulled out his laptop. Then he began to hack the city’s traffic system. The traffic lights — like so many he had tested before in Manhattan and elsewhere — were wide open to attack.
Through all my high school and college math classes, my teachers always taught me to step back after a problem was completed and ask if the answer made sense. What did this mean? It meant don't just punch numbers into the calculator, write the answer, and move on. It meant step back, review the problem, consider all the known information and ask, "Does the answer I came up with make sense?"
Recent attacks have raised some interesting points for discussion. What would a foreign intelligence service do with huge swathes of PII? Cyber criminals would of course sell this information, soon after obtaining it, on the black market. However, information relating to all of the above breaches is yet to appear in criminal forums; further indicating that a foreign intelligence service is linked to these attacks.
Law enforcement agencies may have been pushing recently for tech firms to “prevent encryption," but it seems that technically-minded folks inside the US federal government are big fans of it.
A MS Office (2007) document is comprised of a group of files zipped together into one archive file. Pictures are stored in a "media" subfolder and are linked to the document via relationships declared in various XML files.
In the history of cyber crime, some of the worst offenders, the biggest breaches, and the baddest malware have come from Russia. Yet Russian cyber crooks aren't always so sophisticated, and their targets are not always governments and big businesses - as often as not their victims are fellow Russians.
David Cowen is teaching the Windows Forensics Course in SANS Minneapolis in July 2015. SANS interviewed David so you can get to know him a bit better - he is one of the best in the industry. A leader. An astonishing analyst and visionary. He is SANS' current DFIR Hero.
When identity thieves filed a phony $7,7700 tax refund request in the name of Joe Garrett, Alabama’s deputy tax commissioner, they didn’t get all of the money they requested. A portion of the cash went to more than a half dozen U.S. companies that each grab a slice of the fraudulent refund.