Advertisement
 
Computer Forensics
Subscribe to Computer Forensics

The Lead

In June 2014, a Russian soldier  posted on a social-media site a photo of himself standing in front of a military convoy against a nondescript background of hills, fields and scattered houses. It probably never occurred to him that such an innocuous image

Digital Investigators Try to Disperse Fog of War in Ukraine

July 2, 2015 4:15 pm | by Dmitry Volchek, Radio Free Europe/Radio Liberty | News | Comments

In June 2014, a Russian soldier  posted on a social-media site a photo of himself standing in front of a military convoy against a nondescript background of hills, fields and scattered houses. It probably never occurred to him that such an innocuous image could become part of an increasingly detailed case being assembled in a bid to prove the Russian government has been lying when it denies militarily involvement in eastern Ukraine.

US Army Seeks Leap-Ahead Cyber Defense Tech

July 2, 2015 3:26 pm | by Joe Gould, Defense News | News | Comments

The U.S. Army is seeking to equip its cyber warriors with cutting-edge networking hardware, and...

Computer Forensics to Examine Son’s Claims That It was Dad’s Child Porn, Not His

July 2, 2015 8:11 am | by David Kravets, Ars Technica | News | Comments

A Virginia man serving 10 years for possessing child pornography says the images found on...

Hundreds of Dark Web Sites Cloned and 'Booby Trapped'

July 2, 2015 8:10 am | by Mark Stockley | Blogs | Comments

The founder of one of the Dark Web's fledgling search engines is warning Tor users about the...

Cyberspace is being accepted throughout the U.S. Army as a warfighting domain. However, many soldiers outside of the U.S. Army Signal Corps do not grasp the concept of cyberspace as an operational realm. Empowering them with that understanding is essentia

Understanding Digital and Cyber Topography is Critical to Successful Military Operations

July 2, 2015 8:10 am | by Capt. Ryan Robinson, SIGNAL | News | Comments

Cyberspace is being accepted throughout the U.S. Army as a warfighting domain. However, many soldiers outside of the U.S. Army Signal Corps do not grasp the concept of cyberspace as an operational realm. Empowering them with that understanding is essential to operational success.

I want to talk about a vulnerability disclosure trend that I have recently noticed – a trend that I believe may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their comp

Why Vulnerability Disclosure Shouldn't be a Marketing Tool

July 2, 2015 8:09 am | by Brian Honan | Blogs | Comments

I want to talk about a vulnerability disclosure trend that I have recently noticed – a trend that I believe may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.

MIT researchers have presented a new system that repairs dangerous software bugs by automatically importing functionality from other, more secure applications. Remarkably, the system, dubbed CodePhage, doesn’t require access to the source code of the appl

Bug Repair System Imports From Other Programs

July 1, 2015 10:47 am | by Larry Hardesty, MIT | News | Comments

MIT researchers have presented a new system that repairs dangerous software bugs by automatically importing functionality from other, more secure applications. Remarkably, the system, dubbed CodePhage, doesn’t require access to the source code of the applications whose functionality it’s borrowing.

Advertisement
The cryptography behind bitcoin solved a paradoxical problem: a currency with no regulator, that nonetheless can’t be counterfeited. Now a similar mix of math and code promises to pull off another seemingly magical feat by allowing anyone to share their d

MIT's Bitcoin-Inspired 'Enigma' Lets Computers Mine Encrypted Data

June 30, 2015 11:41 am | by Andy Greenberg, Wired | News | Comments

The cryptography behind bitcoin solved a paradoxical problem: a currency with no regulator, that nonetheless can’t be counterfeited. Now a similar mix of math and code promises to pull off another seemingly magical feat by allowing anyone to share their data with the cloud and nonetheless keep it entirely private.

“Lone wolf” terrorism is often cited as the biggest terrorist threat today. The problem with this label is none of the assailants act alone. They all belong to virtual wolf packs.

There's No Such Thing As a Lone Wolf in Cyber Space

June 30, 2015 11:01 am | by Gabriel Weimann | Blogs | Comments

“Lone wolf” terrorism is often cited as the biggest terrorist threat today. The problem with this label is none of the assailants act alone. They all belong to virtual wolf packs.

Looking to bolster how it handles off-the-field incidents, the NFL is adding a new position: Director of Digital Forensic Investigations.

NFL Hiring a New Director of Digital Forensic Investigations

June 30, 2015 9:55 am | by Darren Rovell, ESPN | News | Comments

Looking to bolster how it handles off-the-field incidents, the NFL is adding a new position: Director of Digital Forensic Investigations.

Following two cyber attacks on Penn State University’s College of Liberal Arts, the   university is resetting passwords on its college-issued accounts, but school   officials said they believe no personal identifiable information, such as Social   Securit

Penn State Says It Was Victim of Cyber Attack

June 29, 2015 12:06 pm | by Madasyn Czebiniak, Pittsburgh Post-Gazette | News | Comments

Following two cyber attacks on Penn State University’s College of Liberal Arts, the university is resetting passwords on its college-issued accounts, but school officials said they believe no personal identifiable information, such as Social Security numbers, or research data has been compromised.

Recently discovered malware which uses digital steganography to hide itself in .PNG files has been overwhelmingly targeted at US healthcare providers, according to Trend Micro.

Stealthy Stegoloader Trojan in US Healthcare Blitz

June 29, 2015 11:45 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Recently discovered malware which uses digital steganography to hide itself in .PNG files has been overwhelmingly targeted at US healthcare providers, according to Trend Micro.

Advertisement
In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for generating random numbers, a crucial element in protecting private messages and other t

NIST Revises Key Computer Security Publication on Random Number Generation

June 29, 2015 8:14 am | by NIST | News | Comments

In response to public concerns about cryptographic security, the National Institute of Standards and Technology has formally revised its recommended methods for generating random numbers, a crucial element in protecting private messages and other types of electronic data.

European police agencies have announced a "joint international strike against cyber crime," reporting that after a two-year investigation, they have disrupted a botnet gang that used and sold banking malware and cybercrime services that targeted victims a

Europol Targets Ukrainian Botnet Gang

June 26, 2015 10:03 am | by Mathew J. Schwartz, Gov Info Security | News | Comments

European police agencies have announced a "joint international strike against cyber crime," reporting that after a two-year investigation, they have disrupted a botnet gang that used and sold banking malware and cybercrime services that targeted victims and banks around the world.

Recently, Nextgov reported that the National Archives and Records Administration (NARA) found "indicators of compromise" similar to the breach at the Office of Personnel Management. But, the signs of intrusion turned out not to be so similar after all.

NARA Compromise Not Like the Others

June 25, 2015 11:57 am | by Ernie Austin, Associate Editor | Articles | Comments

Recently, Nextgov reported that the National Archives and Records Administration (NARA) found "indicators of compromise" similar to the breach at the Office of Personnel Management. But, the signs of intrusion turned out not to be so similar after all.

Malware that encrypts all of a victim's files and holds them for ransom - what's commonly called crypto-ransomware or cryptoware - continues to be hugely successful in making money for the criminal gangs who perpetuate it.

CryptoWall Ransomware Cost US Victims at Least $18M, FBI Says

June 25, 2015 10:13 am | by John Zorabedian | Blogs | Comments

Malware that encrypts all of a victim's files and holds them for ransom - what's commonly called crypto-ransomware or cryptoware - continues to be hugely successful in making money for the criminal gangs who perpetuate it.

Finger-pointing burst into the open on Capitol Hill Wednesday over blame for hacking into the U.S. government's personnel records, which the chairman of a House oversight committee said might affect as many as 32 million current and former employees and o

Finger-Pointing Starting in Blame for Government Hack

June 25, 2015 9:44 am | by Alicia A. Caldwell, Associated Press | News | Comments

Finger-pointing burst into the open on Capitol Hill Wednesday over blame for hacking into the U.S. government's personnel records, which the chairman of a House oversight committee said might affect as many as 32 million current and former employees and others.

Advertisement
When handling a large-scale intrusion, incident responders often struggle with obtaining and organizing the intelligence related to the actions taken by the intruder and the targeted organization. Examining all aspects of the event and communicating with

Report Template for Threat Intelligence and Incident Response

June 24, 2015 10:56 am | by Lenny Zeltser | Blogs | Comments

When handling a large-scale intrusion, incident responders often struggle with obtaining and organizing the intelligence related to the actions taken by the intruder and the targeted organization. Examining all aspects of the event and communicating with internal and external constituents is quite a challenge in such strenuous circumstances.

Adobe users have been urged to patch a newly-released critical vulnerability in Flash Player, after researchers warned it is being exploited in the wild by sophisticated Chinese hacking group APT3.

Adobe Patches Critical Flash Flaw Exploited by APT3

June 24, 2015 10:41 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Adobe users have been urged to patch a newly-released critical vulnerability in Flash Player, after researchers warned it is being exploited in the wild by sophisticated Chinese hacking group APT3.

Financial services organizations - traditionally some of the best-fortified against cyber attacks - see three times as many attack attempts by cyber criminals than other industries do, a new study by Raytheon/Websense shows.

Banks Targeted By Hackers Three Times More Than Other Sectors

June 24, 2015 10:20 am | by Kelly Jackson Higgins, Dark Reading | News | Comments

Financial services organizations - traditionally some of the best-fortified against cyber attacks - see three times as many attack attempts by cyber criminals than other industries do, a new study by Raytheon/Websense shows.

U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter.

SEC Hunts Hackers Who Stole Corporate Emails to Trade Stocks

June 24, 2015 10:00 am | by Sarah N. Lynch and Joseph Menn, Reuters | News | Comments

U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter.

A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled gem servers, Trustwave researchers have discovered.

RubyGems Vulnerability Can Lead to Installation of Malicious Apps

June 23, 2015 10:48 am | by Zeljka Zorz, Help Net Security | News | Comments

A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled gem servers, Trustwave researchers have discovered.

If you're familiar with the environment, and aware of your surroundings while performing DFIR work, and know what should be there, you know what to look for, as well as what data sources to go to if you're looking for suspicious activity. It's all about k

Hunting, and Knowing What to Hunt For

June 23, 2015 10:11 am | by Harlan Carvey | Blogs | Comments

If you're familiar with the environment, and aware of your surroundings while performing DFIR work, and know what should be there, you know what to look for, as well as what data sources to go to if you're looking for suspicious activity. It's all about knowing what to hunt for when you're hunting. 

It's easy to assume that hackers work way above our pay grade. Electronic intruders must be able to exploit vulnerabilities in the software we use because they're evil geniuses, right? That may be the case in some very sophisticated attacks, experts say,

Programmers Could be Copying Security Flaws Into Software

June 23, 2015 9:55 am | by Laura Hautala, CNET | News | Comments

It's easy to assume that hackers work way above our pay grade. Electronic intruders must be able to exploit vulnerabilities in the software we use because they're evil geniuses, right? That may be the case in some very sophisticated attacks, experts say, but in others, not so much.

While China’s aggressive hacking operations are certain to continue, experts say the mammoth data breach at the Office of Personnel Management is a watershed event that will allow Beijing to move from broad reconnaissance to narrowly tailored snooping.

China's Hackers Got What They Came For

June 22, 2015 11:51 am | by Cory Bennett, The Hill | News | Comments

While China’s aggressive hacking operations are certain to continue, experts say the mammoth data breach at the Office of Personnel Management is a watershed event that will allow Beijing to move from broad reconnaissance to narrowly tailored snooping.

Security researchers have many names for the hacking group that is one of the suspects for the cyber attack on the U.S. government's Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers a

Hunt for Deep Panda Intensifies in Trenches of US-China Cyber War

June 22, 2015 10:52 am | by Jeremy Wagstaff, Reuters | News | Comments

Security researchers have many names for the hacking group that is one of the suspects for the cyber attack on the U.S. government's Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew, and Myers' team is one of the few who has watched it mid-assault — and eventually repulsed it.

The Electronic Frontier Foundation has released their latest attempt to fill in where privacy protection laws have fallen short.

Which Tech Companies Have Five-Star Privacy?

June 19, 2015 11:37 am | by Ernie Austin, Associate Editor | Articles | Comments

The Electronic Frontier Foundation, the non-profit defender of digital rights, has released their latest attempt to fill in where privacy protection laws have fallen short.

Researchers have uncovered huge holes in the application sandboxes protecting Apple's OS X and iOS operating systems, a discovery that allows them to create apps that pilfer iCloud, Gmail and banking passwords and can also siphon data from 1Password, Ever

Serious OS X and iOS Flaws Let Hackers Steal Keychain, 1Password Contents

June 18, 2015 10:27 am | by Dan Goodin, Ars Technica | News | Comments

Researchers have uncovered huge holes in the application sandboxes protecting Apple's OS X and iOS operating systems, a discovery that allows them to create apps that pilfer iCloud, Gmail and banking passwords and can also siphon data from 1Password, Evernote and other apps.

Democrats and Republicans on the House Oversight and Government Reform Committee were united Tuesday in heaping scorn upon the leaders of the Office of Personnel Management, the agency whose data was breached last year in two massive cyberattacks only rec

Officials Say Security Lapses Left System Open to Hackers

June 17, 2015 10:43 am | by Ken Dilanian, Associated Press | News | Comments

Democrats and Republicans on the House Oversight and Government Reform Committee were united Tuesday in heaping scorn upon the leaders of the Office of Personnel Management, the agency whose data was breached last year in two massive cyber attacks only recently revealed.

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading