Advertisement
 
Blogs
Subscribe to Forensic Magazine

The Lead

We often hear about the impact of cyber crime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice.

A Busy Week for Ne'er-Do-Well News

June 29, 2015 | by Brian Krebs | Comments

We often hear about the impact of cyber crime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice.

TOPICS:
View Sample

SUBSCRIBE TO FREE
Forensic Magazine
EMAIL NEWSLETTER

The majority of activities related to credit card fraud are made in the underground forums and specialized hidden services in the deep web. These environments allow the streamlining of illegal activities related to the commercialization of stolen credit a

Card Fraud in the Deep Web

June 22, 2015 11:07 am | by Pierluigi Paganini | Comments

The majority of activities related to credit card fraud are made in the underground forums and specialized hidden services in the deep web. These environments allow the streamlining of illegal activities related to the commercialization of stolen credit and debit cards and related data.

TOPICS:
Current concern among forensic scientists is the "fragmentation" of cases. What this means is different exhibits from a case are sent to different laboratories and no one forensic scientist maintains an overview of what is happening.

Fragmentation of Cases May Mean Missing Part of the Puzzle

June 19, 2015 2:42 pm | by Dr. Tom Bassindale | Comments

Current concern among forensic scientists is the "fragmentation" of cases. What this means is different exhibits from a case are sent to different laboratories and no one forensic scientist maintains an overview of what is happening.

TOPICS:
The "Dark Web" may be close to becoming a household name. After the conviction of Ross Ulbricht, the owner of the drug marketplace Silk Road, and a stream of articles claiming that the Islamic State is using secret websites to plan out attacks, this hidde

The Dark Web as You Know It is a Myth

June 18, 2015 10:40 am | by Joseph Cox | Comments

The "Dark Web" may be close to becoming a household name. After the conviction of Ross Ulbricht, the owner of the drug marketplace Silk Road, and a stream of articles claiming that the Islamic State is using secret websites to plan out attacks, this hidden part of the Internet is being talked about more than ever. But for the most part, the story you’ve been sold about the dark web is a myth.

TOPICS:
Advertisement
A database supposedly from a sample of information stolen in the much publicized hack at the Office of Personnel Management (OPM) has been making the rounds in the cybercrime underground, with some ne’er-do-wells even offering to sell it as part of a larg

OPM's Database for Sale? Nope, It Came From Another US .Gov

June 18, 2015 9:50 am | by Brian Krebs | Comments

A database supposedly from a sample of information stolen in the much publicized hack at the Office of Personnel Management (OPM) has been making the rounds in the cybercrime underground, with some ne’er-do-wells even offering to sell it as part of a larger package.

TOPICS:
Many web application firewalls do block odd user agents. However, decent vulnerability scanners will try to evade these simple protections by trying to emulate the user agent string of commonly used browsers. To figure out if I can distinguish bad from go

Odd HTTP User Agents

June 17, 2015 8:22 am | by Johannes Ullrich | Comments

Many web application firewalls do block odd user agents. However, decent vulnerability scanners will try to evade these simple protections by trying to emulate the user agent string of commonly used browsers. To figure out if I can distinguish bad from good, I compared some of the logs from our honeypots to logs from a normal web server.

TOPICS:

5 Reasons the MI6 Story is a Lie

June 15, 2015 12:48 pm | by Graham Cluley | Comments

Human rights activist and former ambassador Craig Murray doesn't believe the story published this weekend in the UK's Sunday Times. After his own website suffered a denial-of-service attack, he has granted permission for other sites to carry his article in full.

TOPICS:
Imagine if an authoritarian state had a tool to get private information about users visiting certain websites, including real names, mail addresses, sex, birthdays, phone numbers, etc. Imagine that even users that run TOR or VPN connections to bypass the

Watering Holes Exploiting JSONP Hijacking to Track Users in China

June 15, 2015 11:59 am | by Jaime Blasco | Comments

Imagine if an authoritarian state had a tool to get private information about users visiting certain websites, including real names, mail addresses, sex, birthdays, phone numbers, etc. Imagine that even users that run TOR or VPN connections to bypass the tools that the authoritarian government uses to block and monitor these websites were exposed to this technique.

TOPICS:
A year ago, Cesar Cerrudo flew to Washington, strolled over to Capitol Hill and pulled out his laptop. Then he began to hack the city’s traffic system. The traffic lights — like so many he had tested before in Manhattan and elsewhere — were wide open to a

Traffic Hacking: Caution Light is On

June 12, 2015 10:28 am | by Nicole Perlroth | Comments

A year ago, Cesar Cerrudo flew to Washington, strolled over to Capitol Hill and pulled out his laptop. Then he began to hack the city’s traffic system. The traffic lights — like so many he had tested before in Manhattan and elsewhere — were wide open to attack.

TOPICS:
Advertisement
Through all my high school and college math classes, my teachers always taught me to step back after a problem was completed and ask if the answer made sense. What did this mean? It meant don't just punch numbers into the calculator, write the answer, and

Does it make sense?

June 12, 2015 8:49 am | by Mari DeGrazia | Comments

Through all my high school and college math classes, my teachers always taught me to step back after a problem was completed and ask if the answer made sense. What did this mean? It meant don't just punch numbers into the calculator, write the answer, and move on. It meant step back, review the problem, consider all the known information and ask, "Does the answer I came up with make sense?"

TOPICS:
Recent attacks have raised some interesting points for discussion. What would a foreign intelligence service do with huge swathes of PII? Cyber criminals would of course sell this information, soon after obtaining it, on the black market. However, informa

Big Data Techniques, a Driving Force Behind a Large-Scale Cyberespionage Program?

June 11, 2015 10:50 am | by Tom Williams | Comments

Recent attacks have raised some interesting points for discussion. What would a foreign intelligence service do with huge swathes of PII? Cyber criminals would of course sell this information, soon after obtaining it, on the black market. However, information relating to all of the above breaches is yet to appear in criminal forums; further indicating that a foreign intelligence service is linked to these attacks.

TOPICS:
Law enforcement agencies may have been pushing recently for tech firms to “prevent encryption," but it seems that technically-minded folks inside the US federal government are big fans of it.

All US .gov Websites Ordered to be HTTPS-Only by the End of Next Year

June 11, 2015 10:19 am | by Graham Cluley | Comments

Law enforcement agencies may have been pushing recently for tech firms to “prevent encryption," but it seems that technically-minded folks inside the US federal government are big fans of it.

TOPICS:
A MS Office (2007) document is comprised of a group of files zipped together into one archive file. Pictures are stored in a "media" subfolder and are linked to the document via relationships declared in various XML files.

Extracting Pictures from MS Office (2007)

June 5, 2015 10:26 am | by Cheeky4n6Monkey | Comments

A MS Office (2007) document is comprised of a group of files zipped together into one archive file. Pictures are stored in a "media" subfolder and are linked to the document via relationships declared in various XML files.

TOPICS:
In the history of cyber crime, some of the worst offenders, the biggest breaches, and the baddest malware have come from Russia. Yet Russian cyber crooks aren't always so sophisticated, and their targets are not always governments and big businesses - as

Twin Brothers Accused of Leading Phishing Gang Busted by Russian Police

June 4, 2015 9:49 am | by John Zorabedian | Comments

In the history of cyber crime, some of the worst offenders, the biggest breaches, and the baddest malware have come from Russia. Yet Russian cyber crooks aren't always so sophisticated, and their targets are not always governments and big businesses - as often as not their victims are fellow Russians.

TOPICS:
David Cowen is teaching the Windows Forensics Course in SANS Minneapolis in July 2015. SANS interviewed David so you can get to know him a bit better -- he is one of the best in the industry. A leader. An astonishing analyst and visionary. He is SANS' cur

DFIR Hero - David Cowen Interview

June 3, 2015 9:34 am | by Rob Lee | Comments

David Cowen is teaching the Windows Forensics Course in SANS Minneapolis in July 2015. SANS interviewed David so you can get to know him a bit better - he is one of the best in the industry. A leader. An astonishing analyst and visionary. He is SANS' current DFIR Hero.

TOPICS:
When identity thieves filed a phony $7,7700 tax refund request in the name of Joe Garrett, Alabama’s deputy tax commissioner, they didn’t get all of the money they requested. A portion of the cash went to more than a half dozen U.S. companies that each gr

Phony Tax Refunds: A Cash Cow for Everyone

June 2, 2015 9:45 am | by Brian Krebs | Comments

When identity thieves filed a phony $7,7700 tax refund request in the name of Joe Garrett, Alabama’s deputy tax commissioner, they didn’t get all of the money they requested. A portion of the cash went to more than a half dozen U.S. companies that each grab a slice of the fraudulent refund.

TOPICS:

Pages

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading