Advertisement
 
Network Forensics
Subscribe to Network Forensics

The Lead

Taiwan wants to join a major anti-hacking drill conducted by the United States to strengthen cyber security ties with its staunchest ally, its vice premier said on Monday, a move which would help safeguard against constant targeting by hackers in rival Ch

Taiwan Wants Stronger Cyber Ties with US to Counter China Threat

March 30, 2015 1:17 pm | by Michael Gold and J.R. Wu, Reuters | News | Comments

Taiwan wants to join a major anti-hacking drill conducted by the United States to strengthen cyber security ties with its staunchest ally, its vice premier said on Monday, a move which would help safeguard against constant targeting by hackers in rival China.

 

DDoS Attack Targets GitHub Anti-Censorship

March 30, 2015 12:31 pm | by Ernie Austin, Associate Editor | News | Comments

On Friday, GitHub, the open-source software code collaboration site, said they were experiencing...

New Threat Intelligence Report Skewers Industry Confusion, Charlatans

March 30, 2015 11:27 am | by Violet Blue, ZD Net | News | Comments

In the young, billion-dollar growth sector of threat intel, vendors are falling over themselves...

One in Every 3 Top Websites is Compromised and Dangerous

March 27, 2015 11:13 am | by Tara Seals, Infosecurity Magazine | News | Comments

The Web is a more dangerous place than most people may think. With more than one billion...

View Sample

SUBSCRIBE TO FREE Forensic Magazine EMAIL NEWSLETTER

In the years since the 9/11 attacks, the world has averaged about two-dozen shooting   wars ongoing at any given time. Most have taken the form of armed insurgencies,   suggesting that a fresh new "greening" of guerrilla warfare is under way. During   thi

The Three Faces of Cyber War

March 27, 2015 9:54 am | by John Arquila | Blogs | Comments

In the years since the 9/11 attacks, the world has averaged about two-dozen shooting wars ongoing at any given time. Most have taken the form of armed insurgencies, suggesting that a fresh new "greening" of guerrilla warfare is under way. During this same period, cyber wars have been fewer in number, but have reflected greater diversity. Perhaps the best way to portray the cyberwar spectrum is by grouping these conflicts by type.

Mathematicians have designed an encryption code capable of fending off the phenomenal hacking power of a quantum computer. Using high-level number theory and cryptography, the researchers reworked an infamous old cipher called the knapsack code to create

Mathematicians Redesign Encrytion Code to Thwart Cyber Attacks

March 27, 2015 8:27 am | by Rebecca Phillips, Washington State University | News | Comments

Mathematicians have designed an encryption code capable of fending off the phenomenal hacking power of a quantum computer. Using high-level number theory and cryptography, the researchers reworked an infamous old cipher called the knapsack code to create an online security system better prepared for future demands.

U.S. intelligence agencies in June will stop bulk collection of data documenting calls by U.S. telephone subscribers, unless Congress extends a law authorizing the spying, U.S. officials said.

US to Stop Collecting Bulk Phone Data if Congress Lets Law Expire

March 25, 2015 12:14 pm | by Mark Hosenball, Reuters | News | Comments

U.S. intelligence agencies in June will stop bulk collection of data documenting calls by U.S. telephone subscribers, unless Congress extends a law authorizing the spying, U.S. officials said.

Advertisement
Crime Attorney Arkady Bukh thinks that because of the US-led sanctions on Russia, there may be more hackers showing up. These are seven of the Russian Hackers that have already infiltrated US computer systems and have been caught.

7 Russian Hackers to Soon Appear in Court

March 25, 2015 11:38 am | by Ernie Austin, Newsletter Editor | Articles | Comments

Crime Attorney Arkady Bukh thinks that because of the US-led sanctions on Russia, there may be more hackers showing up. These are seven of the Russian Hackers that have already infiltrated US computer systems and have been caught.

StubHub brokers the buying and selling of tickets to sporting events, music concerts, theater shows and more. The crooks, it seems, made their money by buying tickets fraudulently via compromised StubHub accounts, and then sending those tickets to scalper

Alleged StubHub Cyberscalper Will be Extradited to the US

March 24, 2015 12:26 pm | by Paul Ducklin | Blogs | Comments

StubHub brokers the buying and selling of tickets to sporting events, music concerts, theater shows and more. The crooks, it seems, made their money by buying tickets fraudulently via compromised StubHub accounts, and then sending those tickets to scalpers who sold them "on the ground" shortly before each event was due to start.

New data shows prevalence of often-undetectable DDoS attacks aimed at quietly wreaking havoc on the network while performing data exfiltration and other attacks.

When DDoS Isn't All About Massive Disruption

March 24, 2015 11:26 am | by Kelly Jackson Higgins | Blogs | Comments

New data shows prevalence of often-undetectable DDoS attacks aimed at quietly wreaking havoc on the network while performing data exfiltration and other attacks.  

Talyor Swift joins Harvard and Microsoft in buying up domain names that have their names ending in .adult and .porn.

Taylor Swift's Premptive Strike at Porn

March 24, 2015 9:43 am | by Ernie Austin, Associate Editor | News | Comments

Talyor Swift joins Harvard and Microsoft in buying up domain names that have their names ending in .adult and .porn.

Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site.

WordPress Plugin Used by Millions Sports Critical Site-Hijacking Flaw

March 23, 2015 12:37 pm | by Zeljka Zorn, Help Net Security | News | Comments

Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site.

Advertisement
China's Defense Ministry has denied that it had anything to do with a cyber attack on Register.com, a unit of Web.com, following a report in the Financial Times that the FBI was looking into the Chinese military's involvement.

Chinese Military Denies Role in Reported US Hacking

March 23, 2015 12:24 pm | by Reuters | News | Comments

China's Defense Ministry has denied that it had anything to do with a cyber attack on Register.com, a unit of Web.com, following a report in the Financial Times that the FBI was looking into the Chinese military's involvement.  

A New York City Police Department (NYPD) auxiliary deputy inspector was arrested recently for trying to hack into restricted law enforcement databases.

NYPD Officer Arrested for Hacking, Fraud Scheme

March 20, 2015 11:40 am | by Ernie Austin, Associate Editor | News | Comments

A New York City Police Department (NYPD) auxiliary deputy inspector was arrested recently for trying to hack into restricted law enforcement databases.

Rocket Kitten, the cyberattack group that recently launched an email malware campaign against European and Israeli targets, has delivered a new state-sponsored attack, according the a report by Trend Micro.

Rocket Kitten GHOLE Attack Returns With Keyloggers

March 20, 2015 11:03 am | by Ernie Austin, Associate Editor | Articles | Comments

Rocket Kitten, the cyberattack group that recently launched an email malware campaign against European and Israeli targets, has delivered a new state-sponsored attack, according the a report by Trend Micro.

A while back, I tweeted, saying that "threat intel has it's own order of volatility." That tweet got one RT and 2 favorites, and at the time, not much of a response beyond that. Along the way, someone did disagree with me on that, stating that rather than

Perspectives on Threat Intel

March 20, 2015 8:23 am | by Harlan Carvey | Blogs | Comments

A while back, I tweeted, saying that "threat intel has it's own order of volatility." That tweet got one RT and 2 favorites, and at the time, not much of a response beyond that. Along the way, someone did disagree with me on that, stating that rather than an "order of volatility," threat intel instead has a "shelf life."

Target has proposed to pay $10 million to settle a class-action lawsuit brought against the retailer following a massive data breach in 2013. Individuals affected by the breach could get up to a maximum of $10,000, the proposal says.

Target Proposes to Pay $10M to Settle Data Breach Lawsuit

March 19, 2015 11:22 am | by Michelle Chapman, Associated Press | News | Comments

Target has proposed to pay $10 million to settle a class-action lawsuit brought against the retailer following a massive data breach in 2013. Individuals affected by the breach could get up to a maximum of $10,000, the proposal says.

Advertisement
In the 18 months since the Silk Road online black market for narcotics was taken down by a swarm of three-letter agencies, a site known as Evolution has taken its place at the top of the dark web drug trade. Now Evolution, too, has suddenly dropped off th

The Dark Web's Top Drug Market, Evolution, Just Vanished

March 18, 2015 11:26 am | by Andy Greenberg, Wired | News | Comments

In the 18 months since the Silk Road online black market for narcotics was taken down by a swarm of three-letter agencies, a site known as Evolution has taken its place at the top of the dark web drug trade. Now Evolution, too, has suddenly dropped off the face of the internet. But unlike its Silk Road predecessor, there’s no indication that law enforcement took down the newer black market.

Forrester's 2015 "Planning for Failure" shows that breaches are as unavoidable as bad weather, but hits a sour note when it characterizes enterprise organizations as unprepared.

Breach Best Practices: It's Time for Incident Response to Grow Up

March 17, 2015 10:04 am | by Violet Blue | Blogs | Comments

Forrester's 2015 "Planning for Failure" shows that breaches are as unavoidable as bad weather, but hits a sour note when it characterizes enterprise organizations as unprepared.

If we want security to keep pace with technological innovations by criminals, we need to ensure that we have a variety of effective tools to combat evolving cyber threats like these. One powerful tool that the DOJ has used to disrupt botnets and free vict

DOJ Trying to Assure Court Authority to Shut Down Botnets

March 17, 2015 8:23 am | by Leslie R. Caldwell, DOJ | Blogs | Comments

If we want security to keep pace with technological innovations by criminals, we need to ensure that we have a variety of effective tools to combat evolving cyber threats like these. One powerful tool that the DOJ has used to disrupt botnets and free victim computers from criminal malware is the civil injunction process.

Ernie Austin

Incident Response is Not New

March 16, 2015 9:28 am | by Ernie Austin, Associate Editor | Blogs | Comments

The Financial Industry Regulatory Authority (FINRA) seems to have just discovered that something needs to be done after a cybersecurity breech, according to Reuters.

If anyone had forgotten the sheer scale of the dark-web drug trade, German police just offered a helpful reminder. They’ve seized more than a third of a ton of narcotics from a single online drug seller—a haul that, despite its size, represents an insigni

German Police Just Made Gigantic Dark-Web Drug Bust

March 13, 2015 11:01 am | by Andy Greenberg, Wired | News | Comments

If anyone had forgotten the sheer scale of the dark-web drug trade, German police just offered a helpful reminder. They’ve seized more than a third of a ton of narcotics from a single online drug seller—a haul that, despite its size, represents an insignificant dent in the burgeoning digital narcotics market known as Evolution.

Cryptography Services, a team of consultants from several security research firms,   have announced that they have been tasked with auditing OpenSSL, the popular and   widely used open-source implementation of the SSL and TLS protocols.

Core Infrastructure Initiative Kickstarts OpenSSL Audit

March 11, 2015 9:44 am | by Zeljka Zorn, Help Net Security | News | Comments

Cryptography Services, a team of consultants from several security research firms, have announced that they have been tasked with auditing OpenSSL, the popular and widely used open-source implementation of the SSL and TLS protocols.

Users of an email service backed by the German government will soon be able to rely on strong encryption of the kind that used to be the preserve of geeks and hackers, officials have said.

German Government Backs End-to-End Encryption for Email

March 10, 2015 10:17 am | by Frank Jordans, Associated Press | News | Comments

Users of an email service backed by the German government will soon be able to rely on strong encryption of the kind that used to be the preserve of geeks and hackers, officials have said.

How can organizations provide actionable threat intelligence in an effective and efficient manner?

Best Sources of Actionable Threat Intelligence

March 9, 2015 10:47 am | by (ISC)2 Government Advisory Board Executive Writers Bureau, Dan Waddell | News | Comments

How can organizations provide actionable threat intelligence in an effective and efficient manner? 

Two Vietnamese citizens and a Canadian have been charged with running a massive cyberfraud ring that stole 1 billion email addresses, then sent spam offering knockoff software products, the U.S. Department of Justice has said.

Three Charged for Stealing 1B Email Addresses

March 9, 2015 10:26 am | News | Comments

Two Vietnamese citizens and a Canadian have been charged with running a massive cyberfraud ring that stole 1 billion email addresses, then sent spam offering knockoff software products, the U.S. Department of Justice has said.

Cyber attacks on U.S. weapons programs and manufacturers are a "pervasive" problem that requires greater attention, the top U.S. arms buyer said recently, saying that he would add cybersecurity to the Pentagon's guidelines for buying weapons.

Pentagon to Focus More on Hack-Proofing Weapons

March 6, 2015 1:50 pm | by Adrea Shalal, Reuters | News | Comments

Cyber attacks on U.S. weapons programs and manufacturers are a "pervasive" problem that requires greater attention, the top U.S. arms buyer said recently, saying that he would add cybersecurity to the Pentagon's guidelines for buying weapons.

The computer server that transmitted and received Hillary Clinton's emails — on a private account she used exclusively for official business when she was secretary of state — traced back to an Internet service registered to her family's home in Chappaqua,

Clinton Ran Homebrew Computer System for Official Emails

March 4, 2015 12:40 pm | by Jack Gillum and Ted Bridis, Associated Press | News | Comments

The computer server that transmitted and received Hillary Clinton's emails — on a private account she used exclusively for official business when she was secretary of state — traced back to an Internet service registered to her family's home in Chappaqua, New York, according to Internet records reviewed by The Associated Press.

A recently released report by the US Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration (FAA) still needs to quash significant security control weaknesses that threaten the agency’s ability to

US Air Traffic Control System is Riddled With Vulnerabilities

March 4, 2015 11:09 am | by Zeljka Zorn, Help Net Security | News | Comments

A recently released report by the US Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration still needs to quash significant security control weaknesses that threaten the agency’s ability to ensure the safe and uninterrupted operation of the national airspace system.

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading