Digital forensics isn't only about fancy tools and technologies that aid investigators in their work. It's as much about ingenuity and creativity as technology, and requires a unique array of skill: the technical savvy of a science- club geek married with the curiosity that marks a seasoned detective.
A U.S. State Department employee is accused of sending threatening emails to college-aged women...
Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet...
From a forensic perspective, the Recycle Bin can be a “gold mine” for gathering probative evidence which can be extremely valuable for investigative purposes. There are many forensic tools available that are designed to recover deleted files from the Recycle Bin.
Rombertik, the information-stealing malware that was recently analyzed by Cisco researchers and which apparently tries to prevent researchers from doing so by rewriting the computer's Master Boot Record, is actually a newer version of an underground crimeware kit known as Carbon FormGrabber (or Carbon Grabber), Symantec researchers have found.
John Bambenek, a handler for the Internet Storm Center at the SANS Institute continues his discusion of takedowns with DFI News/Forensic Magazine. In part 2, Bambenek give us more details of his work disrupting criminal networks. He tells us how he avoids the risk of destroying information both for the victims and for law enforcement trying to obtain evidence.
A recent article brought to mind some thoughts that have been percolating for quite a while. Sometime last year I believe Dave Aitel coined the term Stunt Hacking, which I think is a pretty good way to describe it.
New research data shows that the rate of new malware variants released by malicious attackers continues to break records.
The obvious path to acquire a Windows PC has always been “pull the plug, take the disk out, connect to an imaging device and collect evidence." Sound familiar? Well, in today’s connected world things do not work quite like that. In this article, we will have a look at measure the investigator has to take before taking the disk out, even before pulling the plug.
There is a lot of documentation around the different phases of the IR cycle. We talk a lot about preparation, identification, containment, eradication, recovery and lessons learned. Lets face it, dealing with intrusions can be very fast paced with a lot of activity all usually happening at the same time. You can often be in more than one of the above phases and likely will need to repeat a few as well.
This year, digital forensic practitioners gather at Ceasar's Palace in Las Vegas to expand their expertise at the Computer and Enterprise Investigations Conference (CEIC) 2015, May 18-21. For those who don't want to gamble with their organization's security in today's threat landscape, CEIC offers hands-on training labs, classrooms and presentations from some of the most well-known experts in their fields.
Quantum mechanics is now being used to construct a new generation of computers that can solve the most complex scientific problems — and unlock every digital vault in the world. These will perform in seconds computations that would have taken conventional computers millions of years. As do all advancing technologies, they will also create new nightmares. The most worrisome development will be in cryptography.
Top-level domains are becoming a favorite tool of cyber criminals looking to promote unwanted, fraudulent advertising and phishing campaigns.
Ukraine is turning to an unlikely partner in its struggle to defend itself against Russian cyber warfare: Romania. The eastern European country known more for economic disarray than technological prowess has become one of the leading nations in Europe in the fight against hacking.
Is it possible to eradicate the workings of cyber criminals? Takedown experts would say, yes. One of those experts, John Bambenek, tells DFI News how he disrupts criminal malware networks.
Hedge funds are increasingly targeted by cyber extortionists, John Carlin, US Assistant Attorney General for National Security, has warned the audience at the SALT hedge fund conference held last week in Las Vegas.
Have you found yourself looking at a potential security event and wishing there was more context? Being able to run queries on certain security event indicators can go a long way in providing context to what you are seeing.
The cryptography used in the Open Smart Grid Protocol (OSGP), one of the most widely used smart meter and smart grid device networking standards, can be easily cracked, researchers have found.
This week, nationwide beauty products chain Sally Beauty disclosed that, for the second time in a year, it was investigating reports that hackers had broken into its networks and stolen customer credit card data. That investigation is ongoing, but I recently had an opportunity to interview a former Sally Beauty IT technician who provided a first-hand look at how the first breach in 2014 breach went down.
When Iran hacked the Navy-Marine Corps Intranet in fall 2013, it shook up the sea services’ approach to cybersecurity. Thanks to that new vigilance, their networks have fended off every subsequent attack, the head of Navy Cyber Command said recently.
SAP is run by over 250,000 customers worldwide, including 98 percent of the 100 most valued brands. Despite housing an organization’s most valuable and sensitive information, SAP systems are not protected from cyber threats by traditional security approaches.
Cloud providers, mobile device manufacturers, private citizens, and a bipartisan Congressional committee are lining up on the opposite side.
The Greek word steganos means hidden, and malware loves to hide stuff sneakily. For the bad guys, this is a marriage made in heaven.
The US Navy is reportedly looking for a new server supplier for some of its guided missile cruisers and destroyers due to security concerns around Lenovo’s recent purchase of IBM’s x86 server division.
Unfortunately, many companies have entered the cloud without first checking the weather. Cloud services have skyrocketed primarily because they’re cheaper and more convenient than the alternative. What happens if the cloud gets stormy, you suffer a breach, and you find yourself in the position of having to conduct digital forensics? What now?
The US Internet Revenue Service has launched a new unit dedicated to tackling the rising rate of identity theft through hacking.
Spear phishing and its evolutions like the watering hole attack represent one of the most insidious attack techniques adopted by the majority of threat actors in cyberspace.
Digital forensic investigators can now extract information from a Sony PlayStation 4 console using a method developed by researchers in Australia. That research explored the Web browsing and communication features of game consoles, which could be sources of evidence in criminal cases.
- Page 1