Advertisement
 
Computer Forensics
Subscribe to Computer Forensics

The Lead

Digital forensics isn't only about fancy tools and technologies that aid investigators in their work. It's as much about ingenuity and creativity as technology, and requires a unique array of skill: the technical savvy of a science- club geek married with

Computer Forensic Investigations Require Planning and Investment

May 22, 2015 10:40 am | by Daintry Duffy, CSO | News | Comments

Digital forensics isn't only about fancy tools and technologies that aid investigators in their work. It's as much about ingenuity and creativity as technology, and requires a unique array of skill: the technical savvy of a science- club geek married with the curiosity that marks a seasoned detective.

US State Dept. Employee Faces Cyber Stalking, Hacking Charges

May 22, 2015 9:19 am | by Jeff Martin, Associated Press | News | Comments

A U.S. State Department employee is accused of sending threatening emails to college-aged women...

HTTPS-Crippling Attack Threatens Tens of Thousands of Web and Mail Servers

May 21, 2015 2:09 pm | by Dan Goodin, Ars Technica | News | Comments

Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet...

Talking Insider Data Theft With Jonathan Grier

May 21, 2015 1:11 pm | by Ernie Austin, Associate Editor | Articles | Comments

If a thief tries to break into a house he’s going to leave broken windows, explains digital...

From a forensic perspective, the Recycle Bin can be a “gold mine” for gathering probative evidence which can be extremely valuable for investigative purposes. There are many forensic tools available that are designed to recover deleted files from the Recy

Sanitizing Your Recycle Bin

May 21, 2015 10:01 am | Articles | Comments

From a forensic perspective, the Recycle Bin can be a “gold mine” for gathering probative evidence which can be extremely valuable for investigative purposes. There are many forensic tools available that are designed to recover deleted files from the Recycle Bin.

Rombertik, the information-stealing malware that was recently analyzed by Cisco researchers and which apparently tries to prevent researchers from doing so by rewriting the computer's Master Boot Record, is actually a newer version of an underground crime

Rombertik's Disk Wiping Mechanism is Aimed at Pirates, Not Researchers

May 20, 2015 11:06 am | by Zeljka Zorz, Help Net Security | News | Comments

Rombertik, the information-stealing malware that was recently analyzed by Cisco researchers and which apparently tries to prevent researchers from doing so by rewriting the computer's Master Boot Record, is actually a newer version of an underground crimeware kit known as Carbon FormGrabber (or Carbon Grabber), Symantec researchers have found.

John Bambenek, a handler for the Internet Storm Center at the SANS Institute continues his discusion of takedowns with DFI News/Forensic Magazine. In part 2, Bambenek give us more details of his work disrupting criminal networks. He tells us how he avoids

The Cybercriminal Takedown: Part 2 With John Bambenek

May 20, 2015 9:00 am | by Ernie Austin, Associate Editor | Articles | Comments

John Bambenek, a handler for the Internet Storm Center at the SANS Institute continues his discusion of takedowns with DFI News/Forensic Magazine. In part 2, Bambenek give us more details of his work disrupting criminal networks. He tells us how he avoids the risk of destroying information both for the victims and for law enforcement trying to obtain evidence.

Advertisement
A recent article brought to mind some thoughts that have been percolating for quite a while. Sometime last year I believe Dave Aitel coined the term Stunt Hacking, which I think is a pretty good way to describe it.

Calling Stunt Hacking What It Is

May 20, 2015 8:31 am | by Valsmith | Blogs | Comments

A recent article brought to mind some thoughts that have been percolating for quite a while. Sometime last year I believe Dave Aitel coined the term Stunt Hacking, which I think is a pretty good way to describe it.

New research data shows that the rate of new malware variants released by malicious attackers continues to break records.

Every 4 Seconds New Malware is Born

May 19, 2015 10:49 am | by Ericka Chickowski, Dark Reading | News | Comments

New research data shows that the rate of new malware variants released by malicious attackers continues to break records.

The obvious path to acquire a Windows PC has always been “pull the plug, take the disk out, connect to an imaging device and collect evidence." Sound familiar? Well, in today’s connected world things do not work quite like that. In this article, we will h

Acquiring Windows PCs

May 19, 2015 9:07 am | by Oleg Afonin, Danil Nikolaev and Yuri Gubanov, Belkasoft | Belkasoft | Articles | Comments

The obvious path to acquire a Windows PC has always been “pull the plug, take the disk out, connect to an imaging device and collect evidence." Sound familiar? Well, in today’s connected world things do not work quite like that. In this article, we will have a look at measure the investigator has to take before taking the disk out, even before pulling the plug.

There is a lot of documentation around the different phases of the IR cycle. We talk a lot about preparation, identification, containment, eradication, recovery and lessons learned. Lets face it, dealing with intrusions can be very fast paced with a lot o

IR Do's and Don'ts

May 18, 2015 12:17 pm | by jackcr | Blogs | Comments

There is a lot of documentation around the different phases of the IR cycle. We talk a lot about preparation, identification, containment, eradication, recovery and lessons learned. Lets face it, dealing with intrusions can be very fast paced with a lot of activity all usually happening at the same time. You can often be in more than one of the above phases and likely will need to repeat a few as well.

This year, digital forensic practitioners gather at Ceasar's Palace in Las Vegas to expand their expertise at the Computer and Enterprise Investigations Conference (CEIC) 2015, May 18-21. For those who don't want to gamble with their organization's securi

On the Road to Vegas ... CEIC 2015 That Is

May 15, 2015 1:32 pm | by Ernie Austin, Associate Editor | Articles | Comments

This year, digital forensic practitioners gather at Ceasar's Palace in Las Vegas to expand their expertise at the Computer and Enterprise Investigations Conference (CEIC) 2015, May 18-21. For those who don't want to gamble with their organization's security in today's threat landscape, CEIC offers hands-on training labs, classrooms and presentations from some of the most well-known experts in their fields. 

Advertisement
Quantum mechanics is now being used to construct a new generation of computers that can solve the most complex scientific problems — and unlock every digital vault in the world. These will perform in seconds computations that would have taken conventional

Quantum Computing Will Make Encryption Obsolete

May 14, 2015 4:02 pm | by Vivek Wadhwa, The Washington Post | News | Comments

Quantum mechanics is now being used to construct a new generation of computers that can solve the most complex scientific problems — and unlock every digital vault in the world. These will perform in seconds computations that would have taken conventional computers millions of years. As do all advancing technologies, they will also create new nightmares. The most worrisome development will be in cryptography.

Top-level domains are becoming a favorite tool of cyber criminals looking to promote unwanted, fraudulent advertising and phishing campaigns.

New Domains Revitalize Phishing Campaigns

May 14, 2015 9:56 am | by Charlie Osborne, ZDNet | News | Comments

Top-level domains are becoming a favorite tool of cyber criminals looking to promote unwanted, fraudulent advertising and phishing campaigns.

Ukraine is turning to an unlikely partner in its struggle to defend itself against Russian cyber warfare: Romania. The eastern European country known more for economic disarray than technological prowess has become one of the leading nations in Europe in

Romania Helps Ukraine Fight Russian Hacking

May 13, 2015 1:44 pm | by Alizon Mutler, Associated Press | News | Comments

Ukraine is turning to an unlikely partner in its struggle to defend itself against Russian cyber warfare: Romania. The eastern European country known more for economic disarray than technological prowess has become one of the leading nations in Europe in the fight against hacking.

Is it possible to eradicate the workings of cyber criminals? Takedown experts would say, yes. One of those experts, John Bambenek, tells DFI News how he disrupts criminal malware networks.

Internet Takedowns and Incident Response: Q&A With John Bambenek

May 13, 2015 12:30 pm | by Ernie Austin, Associate Editor | Articles | Comments

Is it possible to eradicate the workings of cyber criminals? Takedown experts would say, yes. One of those experts, John Bambenek, tells DFI News how he disrupts criminal malware networks.

Hedge funds are increasingly targeted by cyber extortionists, John Carlin, US Assistant Attorney General for National Security, has warned the audience at the SALT hedge fund conference held last week in Las Vegas.

Cyber Extortionists are Hitting Hedge Funds

May 12, 2015 1:13 pm | by Zeljka Zorz, Help Net Security | News | Comments

Hedge funds are increasingly targeted by cyber extortionists, John Carlin, US Assistant Attorney General for National Security, has warned the audience at the SALT hedge fund conference held last week in Las Vegas.

Advertisement
Have you found yourself looking at a potential security event and wishing there was more context? Being able to run queries on certain security event indicators can go a long way in providing context to what you are seeing.

Introducing the Active Threat Search

May 12, 2015 12:39 pm | by Corey Harrell | Blogs | Comments

Have you found yourself looking at a potential security event and wishing there was more context? Being able to run queries on certain security event indicators can go a long way in providing context to what you are seeing.

The cryptography used in the Open Smart Grid Protocol (OSGP), one of the most widely used smart meter and smart grid device networking standards, can be easily cracked, researchers have found.

Flawed Crypto Endangers Millions of Smart Grid Devices

May 11, 2015 12:43 pm | by Zeljka Zorz, Help Net Security | News | Comments

The cryptography used in the Open Smart Grid Protocol (OSGP), one of the most widely used smart meter and smart grid device networking standards, can be easily cracked, researchers have found.

This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recen

Deconstructing the 2014 Sally Beauty Breach

May 8, 2015 11:46 am | by Brian Krebs | Blogs | Comments

This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recently had an opportunity to interview a former Sally Beauty IT technician who provided a first-hand look at how the first breach in 2014 breach went down.

When Iran hacked the Navy-Marine Corps Intranet in fall 2013, it shook up the sea services’ approach to cybersecurity. Thanks to that new vigilance, their networks have fended off every subsequent attack, the head of Navy Cyber Command said recently.

Navy, Marine Cyber Fought Off All Net Attackers Since 2013

May 8, 2015 10:37 am | by Sydney J. Freedberg, Jr., Breaking Defense | News | Comments

When Iran hacked the Navy-Marine Corps Intranet in fall 2013, it shook up the sea services’ approach to cybersecurity. Thanks to that new vigilance, their networks have fended off every subsequent attack, the head of Navy Cyber Command said recently.

SAP is run by over 250,000 customers worldwide, including 98 percent of the 100 most valued brands. Despite housing an organization’s most valuable and sensitive information, SAP systems are not protected from cyber threats by traditional security approac

Top Cyber Attack Vectors for Critical SAP Systems

May 7, 2015 10:27 am | by Zeljka Zorn, Help Net Security | News | Comments

SAP is run by over 250,000 customers worldwide, including 98 percent of the 100 most valued brands. Despite housing an organization’s most valuable and sensitive information, SAP systems are not protected from cyber threats by traditional security approaches.

Cloud providers, mobile device manufacturers, private citizens, and a bipartisan Congressional committee are lining up on the opposite side.

Law Enforcement Finding Few Allies On Encryption

May 7, 2015 10:09 am | by Sara Peters | News | Comments

Cloud providers, mobile device manufacturers, private citizens, and a bipartisan Congressional committee are lining up on the opposite side.

The Greek word steganos means hidden, and malware loves to hide stuff sneakily. For the bad guys, this is a marriage made in heaven.

Steganography and Malware: Why and How

May 7, 2015 9:46 am | by David Sancho | Blogs | Comments

The Greek word steganos means hidden, and malware loves to hide stuff sneakily. For the bad guys, this is a marriage made in heaven. 

The US Navy is reportedly looking for a new server supplier for some of its guided missile cruisers and destroyers due to security concerns around Lenovo’s recent purchase of IBM’s x86 server division.

US Navy Looks to Dump Lenovo Servers on Security Concerns - Report

May 7, 2015 9:45 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

The US Navy is reportedly looking for a new server supplier for some of its guided missile cruisers and destroyers due to security concerns around Lenovo’s recent purchase of IBM’s x86 server division.

Unfortunately, many companies have entered the cloud without first checking the weather. Cloud services have skyrocketed primarily because they’re cheaper and more convenient than the alternative. What happens if the cloud gets stormy, you suffer a breach

Legal Issues with Cloud Forensics

May 7, 2015 9:33 am | by David Wilson | Articles | Comments

Unfortunately, many companies have entered the cloud without first checking the weather. Cloud services have skyrocketed primarily because they’re cheaper and more convenient than the alternative. What happens if the cloud gets stormy, you suffer a breach, and you find yourself in the position of having to conduct digital forensics? What now?

The US Internet Revenue Service has launched a new unit dedicated to tackling the rising rate of identity theft through hacking.

IRS Sets Up Dedicated Cybercrime Unit to Combat Identity Theft

May 6, 2015 12:59 pm | by Charlie Osborne | News | Comments

The US Internet Revenue Service has launched a new unit dedicated to tackling the rising rate of identity theft through hacking.

Spear phishing and its evolutions like the watering hole attack represent one of the most insidious attack techniques adopted by the majority of threat actors in cyberspace.

Spearphishing: A New Weapon in Cyber Terrorism

May 6, 2015 12:45 pm | by Pierluigi Paganini, Infosec Institute | News | Comments

Spear phishing and its evolutions like the watering hole attack represent one of the most insidious attack techniques adopted by the majority of threat actors in cyberspace.

Digital forensic investigators can now extract information from a Sony PlayStation 4 console using a method developed by researchers in Australia.

PlayStation 4 Digital Traces Not Found in the Device

May 6, 2015 12:36 pm | by Ernie Austin, Newsletter Editor | Articles | Comments

Digital forensic investigators can now extract information from a Sony PlayStation 4 console using a method developed by researchers in Australia. That research explored the Web browsing and communication features of game consoles, which could be sources of evidence in criminal cases.

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading